More results...
Privilege escalation is a commonly employed attack vector in the Windows operating system environment. Attackers often leverage offensive tools such as Meterpreter, CobaltStrike, or Potato tools to execute code such as “NT AUTHORITY\SYSTEM.”…
In the current world of cybersecurity, security threats are evolving at a rapid pace, as there are always new problems to deal with. Among the ever-evolving threats, SMS Bomber attacks are one of the modern attacks in the current threat landscape that …
In this Android penetration testing cheatsheet, we will provide you with a list of the…
Android Penetration Testing Cheatsheet: The Ultimate Guide on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses.
It’s not possible to live without the Internet in these modern days, and there’s no doubt about that. But have you wondered how much speed you’re getting so that you get know if you need to upgrade your Internet plan or not? Many tools are available to…
The business benefits of developing an information security strategy and accompanying security architecture/design include: Being proactive, taking the lead in this area – more puppeteer than puppet; Designing a framework or structure to support t…
Prompted by some valuable customer feedback earlier this week, I’ve been thinking about how best to update the SecAware policy template on software/systems development. The customer is apparently seeking guidance on integrating infosec into the develop…
Following its exit from the EU, the UK is having to pick up on various important matters that were previously covered by EU laws and regulations. One such issue is to be addressed through a new law on online safety.”Online safety: what’s that?” I hear …
Compliance is a concern that pops up repeatedly on the ISO27k Forum, just this morning for instance. Intrigued by ISO 27001 Annex A control A.18.1.1 “Identification of applicable legislation and contractual requirements”, members generally ask wh…
Control 5.9 in ISO/IEC 27002:2022 recommends an inventory of information assets that should be “accurate, up to date, consistent and aligned with other inventories”. Fair enough, but what are ‘information assets’? What, exactly, are we suppo…
Inspired by an exchange on the ISO27k Forum yesterday morning, I wrote and published a simple 2-page exemptions policy template for SecAware. In essence, after explaining what ‘exemptions’ are, the policy requires that they are authorised after du…