-
Investing in People: How Cyber Security Training Can Protect Your Business And Build A Culture Of Security
Effective cybersecurity training is vital for building a culture of security within an organization. By providing employees with the knowledge and skills they need to identify and respond to potential cyber threats, organizations can create a workforce that is alert, vigilant, and proactive in its approach to cybersecurity. When all employees are committed to protecting…
-
Protecting against Blind SQLi: Time Delay and Conditional Error Attacks, Part 2
Blind SQL Injection with time delay is a type of attack that is used to extract information from a database by injecting malicious code into an application’s input fields. Unlike traditional SQL Injection attacks, the results of the attack are not immediately visible. Instead, the attacker uses a time delay to confirm the success of…
-
How the VMWare ESXi Ransomware is Targeting Unpatched Systems
The recent wave of ransomware attacks targeting the old vulnerability in VMware ESXi (CVE-2021-21974) has sent shockwaves through the cybersecurity community. This bug, which has been publicly known for two years now, lies in the OpenSLP implementation in ESXi hypervisors, making it a prime target for attackers who can exploit it to gain remote code…
-
Cold River’s Cyber Warfare Tactics in the Midst of Escalating Tensions Between Russia and Ukraine
The National Cyber Security Centre (NCSC), part of Britain’s GCHQ intelligence agency, has issued an advisory warning of an ongoing cyber espionage campaign conducted by a Russia-based hacking group called Cold River. The group has targeted various sectors including government, politics, academia, defense, journalism, and activism, by using fake email addresses and social media profiles…
-
Exploring the Potential Cybersecurity Risks and Benefits of ChatGPT
ChatGPT is a chatbot developed by OpenAI that is based on a large language model and has been fine-tuned for dialogue. It has the ability to have a meaningful conversation with humans and provide more refined output based on user corrections or requests, but it has also raised concerns about its potential to be used…
-
The Azov ransomware: a virus spreading across the internet to “bring attention to Ukraine”
A virus with alleged political motives has been infecting and wiping data from computers across the world.
-
MITRE ATT&CK – resources beyond common vulnerabilities and exposures
MITRE ATT&CK available resources for the cybersecurity community beyond common vulnerabilities and exposures
-
Hydra Brute Force Password Cracker Overview via TryHackMe
Hydra is used to brute force passwords. The goal is to crack a password by using a long list of potential passwords.