There are generally three different ways to approach hacking a target: Hacking the encryption (cryptography) This is very difficult, and time/computing power-intensive, as the algorithms we use are generally very hard to crack. Quantum computing, if cheaply and easily available, could present issues, but right now isn't at a…
Phishing simulation programs, when well designed, can be an effective way to help educate employees about the importance of information security and phishing attacks. However, they also run the risk of alienating employees who feel as though the security team is out to get them or that their employer is…
Phishing simulation programs, when well designed, can be an effective way to help educate employees about the importance of information security and phishing attacks. However, they also run the risk of alienating employees who feel as though the security team is out to get them or that their employer is…
A sock puppet is a fake account which can be used to hide the true identity of the owner for operational security reasons (used by both attackers and security researchers). Developing a convincing persona is key to the success of your sock puppet. Your goal is to create a very…
A sock puppet is a fake account which can be used to hide the true identity of the owner for operational security reasons (used by both attackers and security researchers). They can either be used for passive recon, active engagement, or honeypots. Passive recon sock puppets are often used by…
Ping and traceroute are common commands used for trouble shooting network problems. Ping is a simple command that can test the reachability of a device on the network. Traceroute is a command used to 'trace' the route that a packet takes when traveling to its destination. It's useful for tracing…
A botnet is a collection of internet connected devices (anything from PCs to IoT devices) which are infected by the same malware. A hacker uses the malware the botnet is infected with to control it and launch botnet attacks. The attacks are more effective when launched using hundreds, or thousands,…
What is a SIM swap? SIM swapping is when a hacker convinces your cell phone carrier to switch your phone number to a different SIM - one that they own. This is a relatively normal thing for a retail employee to do, which means that someone asking for a swap…
