Many assume that “cyber” is a portmanteau derived from other words, but it’s not. Here’s a look at where the word cyber came from, the evolution of its usage, and a glimpse at the debate among the technical community on what it means and how to phrase it.
Email is such a seamless part of everyday life that it is easy to take for granted just how vulnerable anyone can be to a well-crafted effort to steal your identity or confidential financial information. One of the most effective methods used by hackers is phishing, which entails trying to trick you into clicking on a link or attachment in an email.
We look at five of the worst cybersecurity breaches of all time. There are many ways to rank the largest cybersecurity breaches. We chose to highlight those that affected the most records, triggered the highest dollar impact, was repeated, was an inside job, and the most egregious.
Certifications can be the most cost-effective way to boost your credentials no matter where you are in your career. Some cybersecurity certifications are fairly straightforward, but others can provide you with a real challenge.We ranked the seven hardest cybersecurity certifications based on required experience, exam duration, exam requirements, and prerequisites needed to earn the certificate as well as the pay it can offer.
Penetration testing – sometimes called white-hat hacking – is how companies manage risk, increase business continuity, and protect clients from data breaches. In highly regulated industries such as healthcare, banking, and service industries, it also helps companies stay compliant. SOC 2, HIPAA, and PCI DSS are three of the main regulations that require penetration testing.
Cybersecurity is one of the fastest growing career fields in the United States (and really, around the world). If you’re looking at making it your career, you need to know what cybersecurity jobs are the hottest up-and-comers in 2018.We created a point system in which we assigned value to each job based on pay, growth rate, career options, coolness factor, and experience required. Here are our topic picks.
When it comes to the numbers of women in cybersecurity, we’ve got good news and bad news.The good news is that women are well represented in on-screen hacker dramas. Nomi in Sense8, Chen Lien in Blackhat, and Lisbeth Salandar in The Girl with the Dragon Tattoo all portray tech-savvy female hackers to their legions of fans around the world.
One of today’s most in-demand and lucrative fields, cybersecurity (or infosec, as it’s sometimes called) can let you protect key data, undermine international espionage, catch cyber criminals, and stay on the front lines of technology. Plus, you can earn a top-performer’s salary and enjoy a range of interesting career opportunities. Let’s take a look at what cybersecurity is, the state of the infosec job market, cybersecurity across industries, careers in the field, and educational opportunities to help you get started.
In this blog post, we won’t be discussing theory or implementation details of Public Key Encryption. Rather, we are going to look at it from a practical perspective by answering the question, “How can I tell if someone is spying, or trying to spy, on my web browsing?”
The purpose of this blog is to demonstrate how to brute force a login page using Burp Suite. There are other brute force tools such as Hydra and Ncrack. Although both are great tools, Burp Suite is more suitable for brute forcing a web application login page, whereas Hydra and Ncrack are more suitable for other protocols such as SSH and RDP.
If you are anything like myself and my co-workers at Alpine Security, you’re obsessed with Cybersecurity and the impact of poor implementations. If you’re not like us, good for you! But there are still some things you ought to be aware of to help you protect your data, especially when traveling.
Everyone knows that they need to improve the current state of their cybersecurity measures, but to many people this task is a daunting one. “Where do I start? What should I focus on first? What security measures will have the greatest impact on the security of my computer systems and network?” Don’t worry, the Center for Internet Security can answer all these questions, and help guide you to a more secure infrastructure.
Flying taxis are soon to become reality. Dubai started testing taxi drones last year. The Volocopter is supposed to provide transportation for two passengers for up to 30-minute trips. The Volocopter and other flying taxis are supposed to publicly launch within five years. What are the cybersecurity risks associated with autonomous flying vehicles?
Since entering the IT field later in my career-life, I noticed an on-going debate amongst cybersecurity professionals: to cert or not to cert. There seems to be those (like myself) that push the obtainment of a certificate(s). On the flip side, there are those that tend to lump certificates into the “not-needed” category. Mostly, the argument is “learn it yourself”. This is especially true among “hackers”. I say “hackers” because the term hacker is actually a misnomer, and can be its own topic. The bigger picture considers whether a certificate outweighs a degree program.
This blog demonstrates how to download PowerShell Empire, a post-exploitation tool, in Kali Linux, create a script, make a connection back to your machine from the victim machine without Windows Defender blocking it, elevate privileges, and extract password hashes using Mimikatz. It is a versatile and useful tool that every penetration tester should have in their arsenal.
The IoT, as it is called, is a growing part of our lives and is something we all need to be aware of. Just last year (2017) there were reportedly 20 billion connected devices all around us. Every year, the number of IoT devices is rapidly growing. Although IoT devices make our lives easier, these devices are not safe from cyberattacks.
Offline Password Cracking is an attempt to recover one or more passwords from a password storage file that has been recovered from a target system. Typically, this would be the Security Account Manager (SAM) file on Windows, or the /etc/shadow file on Linux. In most cases, Offline Password Cracking will require that an attacker has already attained administrator / root level privileges on the system to get to the storage mechanism.
Questions about Alpine Security?
Contact us for more information.