In July 2021, the online Indonesian watch store, Jam Tangan (AKA Machtwatch), suffered a data breach that exposed over 400k customer records which were subsequently posted to a popular hacking forum. The data included email and IP addresses, names, phone numbers, physical addresses and passwords stored as either unsalted MD5 or bcrypt hashes.
Syslog-ng stands out as an essential log management tool in Linux environments. Its advanced functionalities, coupled with extensive configurational options and robust integration capabilities with SIEM systems, make it an indispensable asset in effective log management and cybersecurity operations.
In November 2023, the kitchen management application KitchenPal suffered a data breach that exposed 146k lines of data. When contacted about the incident, KitchenPal advised the corpus of data came from a staging environment, although acknowledged it contained a small number of users for debugging purposes and included passwords that could not be used. Impacted data included almost 100k email addresses, names, geolocations and incomplete data on dates of birth, genders, height and weight, social media profile identifiers and bcrypt password hashes.
Rootkits are an ongoing problem in cybersecurity, particularly within the Linux ecosystem. These surreptitious entities pose a considerable threat by affording unauthorised access and perpetuating control over compromised systems. In this comprehensive exploration, we will delve into the intricacies of Linux rootkits, unravelling their nature, the diverse types they encompass, their intricate construction techniques, and their historical evolution.
The ss command is a versatile and powerful tool for incident responders. Its ability to provide detailed socket information, coupled with advanced filtering and process association capabilities, makes it essential for modern network traffic analysis and incident investigation
What is a possession factor? The possession factor, in a security context, is a category of user authentication credentials based […]
In approximately 2013, the maker of the Draw Something game OMGPOP suffered a data breach. Formerly known as i’minlikewithyou or iilwy and later purchased by Zynga, the breach exposed over 7M email address and plain text password pairs which were later leaked in 2019.
The increase in threat activity requires an informed and proactive response from cybersecurity professionals. It is important that we understand the attacker behaviors and are able to take the right measures to detect and respond. This post includes a summary of the key findings from the reports and how it can impact you as a cybersecurity professional.
As ICS risk grows, so too must the skills of the ICS cyber defender.
The SANS Security Awareness Professional (SSAP) is the world’s leading industry-recognized credential that signifies that the holder has the knowledge and expertise to build, maintain and measure a mature security awareness program.