Email spoofing is a form of cyber attack in which a hacker sends an email that has been manipulated to […]
Email spoofing is a form of cyber attack in which a hacker sends an email that has been manipulated to […]
In computer security, challenge-response authentication is a set of protocols used to protect digital assets and services from unauthorized users, […]
We’ve been offering our Security Onion documentation in book form on Amazon for a few years and it’s now been […]
Researchers warn of rising macOS-targeted attacks as hackers exploit fake updates to bypass security. FrigidStealer malware highlights growing enterprise risks.
Social engineering is an attack vector that relies heavily on human interaction and often involves psychological manipulation of people into […]
Cisco’s 2025 EMEA Cybersecurity Defender of the Year award goes to the team at SAP Enterprise Cloud Services, who raised the bar for overall security posture.
In mid-2019, the e-commerce website Storenvy suffered a data breach that exposed millions of customer records. A portion of the breached records were subsequently posted to a hacking forum with cracked password hashes, whilst the entire corpus of 23M rows was put up for sale. The data contained 11M unique email addresses alongside usernames, IP addresses, the user’s city, gender date of birth and original salted SHA-1 password hash.
Connected devices make up one of the largest attack surfaces on the modern Internet. Billions of devices, many with little to no consideration given to their secure operation, controlling everything from sewage treatment systems to safety-critical vehicle functions. As a result, security research on the low-level firmware that control these devices has become more important than ever. But how is a research to get access to closed-source firmware for proprietary hardware to begin with? One method that we have been using for some ongoing research is intercepting firmware from updater apps that use Bluetooth to perform over-the-air updates.
We recently released Security Onion 2.4.120: https://blog.securityonion.net/2025/02/security-onion-24120-now-available.html In that blog post, we mentioned that Security Onion 2.4.120 includes a new […]
A denial-of-service (DoS) attack is a security threat that occurs when an attacker makes it impossible for legitimate users to […]