cybersecurity

cybersecurity news

WATCH: Top 5 CyberSecurity Trends To Expect In 2023

Connect
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
RiSec.n0tst3
Connect

Cybersecurity is a fast-evolving area. Here, we look at the most important trends to watch out for in 2023, including the increased threats from connected IoT devices, hybrid working and state-sponsored attacks. The top 2023 trends we cover are: * Suggest an edit to this article Cybersecurity Knowledge Base Latest Cybersecurity News Cybersecurity Academy Homepage …

WATCH: Top 5 CyberSecurity Trends To Expect In 2023 Read More »

Footprinting Firewalls

Footprinting Firewalls | Reconnaissance Tutorial [FREE COURSE CONTENT]

Just your average information security researcher from Delaware US.

In this video, you will learn how to footprint firewalls on a target. This lesson comes from Module 1, so just the start of our adventure – if you want to learn more, join the full course! Full course: hakin9 Recent Cyber Academy Posts: Recent CyberSecurity News: Suggest an edit to this article Cybersecurity Knowledge …

Footprinting Firewalls | Reconnaissance Tutorial [FREE COURSE CONTENT] Read More »

Brute-Forcing Two-Factor Authentication | Exploiting Authentication and Access Control Mechanisms with Burp Suite [FREE COURSE CONTENT]

Brute-Forcing Two-Factor Authentication | Exploiting Authentication and Access Control Mechanisms with Burp Suite [FREE COURSE CONTENT]

Just your average information security researcher from Delaware US.

In this video tutorial, you will see how to bypass multi-factor authentication with brute-force attacks. It is a part of an online course ‘Exploiting Authentication and Access Control Mechanisms with Burp Suite’ by Christian Barral López. Start now! Full course: hakin9 Recent Cyber Academy Posts: Recent CyberSecurity News: Recent Vulnerability News: Recent Data Breach News: …

Brute-Forcing Two-Factor Authentication | Exploiting Authentication and Access Control Mechanisms with Burp Suite [FREE COURSE CONTENT] Read More »

Research: Preventative Approach Could Block 90% of Cyber-attacks

Cyber Today: Crypto Winter comes for FTX, oil and gas flow control vulnerability, images hide malware in PyPI

Just your average information security researcher from Delaware US.

Crypto Winter comes for FTX Earlier this week, crypto exchange Binance signed a letter of intent to acquire its rival FTX. This comes after FTX experienced a liquidity crunch and reached out to Binance for assistance. The letter did not bind Binance to complete the acquisition. However, less than a day after signing the deal, …

Cyber Today: Crypto Winter comes for FTX, oil and gas flow control vulnerability, images hide malware in PyPI Read More »

Microsoft

Microsoft fixes Critical Bugs under attack

Just your average information security researcher from Delaware US.

November 2022 Patch Tuesday is here, with fixes for many vulnerabilities actively exploited in the wild, including CVE-2022-41091, a Windows Mark of the Web bypass flaw, and the ProxyNotShell MS Exchange vulnerabilities. Fixes to prioritize CVE-2022-41091 is a Windows zero-day vulnerability that allows attackers to bypass the Mark of the Web (MOTW) security feature. They can craft a malicious …

Microsoft fixes Critical Bugs under attack Read More »

data breach

Royal Mail customer data leak shutters online Click and Drop

Just your average information security researcher from Delaware US.

A Technical Snafu Shut Down The Uk’s Royal Mail Click And Drop Website On Tuesday After A Security “issue” Allowed Some Customers To See Others’ Order Information. The data leak started around 13:00 GMT, and according to an alert posted on Click and Drop’s status page, Royal Mail shut down the website about an hour later. In …

Royal Mail customer data leak shutters online Click and Drop Read More »

Cybersecurity

Everything you need to know about the OpenSSL 3.0.7 Patch

Just your average information security researcher from Delaware US.

Vulnerability Details The vulnerability is a buffer overflow in the X.509 certificate verification, which is the code used to validate TLS certificates. The vulnerability could potentially be exploited to allow remote code execution via a malicious TLS certificate; however, it requires that the malicious TLS certificate be signed by a trusted CA. Since certificate verification …

Everything you need to know about the OpenSSL 3.0.7 Patch Read More »

microsoft

The door is open for anyone to become a cyber defender

Just your average information security researcher from Delaware US.

Throughout Cybersecurity Awareness Month, Microsoft has highlighted the importance of cybersecurity and provided resources to help people and organizations stay safe. It’s great to have this month as a reminder, and even better if that awareness becomes a year-round endeavor. Education is really the key. With the increase of sophisticated cyber attacks, we know that the …

The door is open for anyone to become a cyber defender Read More »

security

PayPal ditches passwords, at least on Apple devices

Just your average information security researcher from Delaware US.

No more reusing, recycling passwords! PayPal has added passkeys for passwordless login to accounts across Apple devices. The PayPal passkey login option will initially be available to iPhones, iPads and Macs running iOS 16, iPadOS 16.1 or macOS Ventura. It will expand to additional platforms as other vendors add passkey support. Apple, Microsoft and Google …

PayPal ditches passwords, at least on Apple devices Read More »

infosec

Emotet Botnet Drops Malware via Self-Unlocking Password-Protected RAR Files

Just your average information security researcher from Delaware US.

A surge of malspam campaigns has been recently attributed to Emotet botnet. Taking advantage of password-protected archive files, the notorious trojan drops CoinMiner and Quasar RAT on the systems it takes over. In an attack chain detected by Trustwave SpiderLabs researchers, an invoice-themed ZIP file lure was found to contain a nested self-extracting (SFX) archive, with the first archive having …

Emotet Botnet Drops Malware via Self-Unlocking Password-Protected RAR Files Read More »