A brute force attack (exhaustive search) is a cryptographic hack that relies on guessing possible combinations of a targeted password until the correct password is discovered. This attack uses trial-and-error to guess login info, encryption keys, or find a hidden web page. Brute force attacks don’t employ an intellectual strategy. These attacks simply try using [...]
We recently had a post about the dark web that mentioned the Tor project. Tor is free and open-source software for enabling anonymous communication. The name derived from the acronym for the original software project name "The Onion Router". Tor was originally developed by the US Navy in the mid-1990s. Today, most of the funding [...]
If a hacker can determine what type of operating system a targeted computer is running, he or she can work to exploit the vulnerabilities present in that operating system. OS Fingerprinting is used by security professionals and hackers for mapping remote networks and determining which vulnerabilities might be present to exploit. In fact, it is [...]
Buffers are memory storage regions that temporarily hold data while it is being transferred from one location to another. These buffers typically live in RAM memory. Most modern hard drives take advantage of buffering to efficiently access data. Buffer is also widely used in online video streaming and buffers are frequently used in online video [...]
Data loss refers to an event in which important data is lost to the enterprise, such as in a ransomware attack. Data loss prevention (DLP) focuses on preventing illicit transfer of data outside organizational boundaries. Data loss prevention is a set of tools and processes used to ensure that sensitive data is not lost, misused, [...]
The dark web is a part of the internet (or a small part of the deep web) that isn't indexed by search engines. The dark web contains a large amount of illegal and criminal content (from various aspects). Online marketplaces for drugs, exchanges for stolen data, and other illegal activities get most of the attention. [...]
Zero-day is a flaw in software, hardware or firmware that it has the potential to be exploited by cybercriminals. In other words, zero-day is a vulnerability in a system or device that has been disclosed but is not yet patched. A zero day exploit is a cyber-attack that occurs on the same day a weakness [...]
A penetration test (pen test or pentest and or ethical hacking) is a simulated cyber-attack against a computer system to check for exploitable vulnerabilities. You should not be confused it with a vulnerability assessment. Source: en.wikipedia.org In fact, this test simulates a real-world attack to determine how any defenses will fare and the possible magnitude [...]
In this post, we'll take a look at ManageEngine ADAudit to help you understand the different aspects of this network product. You can use ManageEngine ADAudit to ensure critical resources in the network like the Domain Controllers are audited, monitored and reported with the entire information on AD objects (like Users, Groups, GPOs, Computers, OUs, etc.). [...]