Linux Tutorials

5 Additional Hardening Steps When Creating a Secure Linux Pentesting Environment

So, you have decided to install a pentesting distro to enjoy functionality that would be unavailable on a live usb. The very first question that needs to be asked is “How do I keep myself secure?” In addition to some of the more obvious features of most pentesting distributions, such as full disk encryption, macchanger and anonsurf there are some lesser known ways in which to ensure your Operational Security. In 5 easy steps we…

Continue reading

News Security Awareness

Cell interceptors detected around Washington DC

International mobile subscriber identity (IMSI) devices are used to spoof cell phone towers allowing the interception of text messages and phone calls. The most well known IMSI device is the Stingray which is what police departments use for surveillance. The existence of Stingrays was denied for years and companies that produced them are under non-disclosure agreements to protect the identity of purchasers.

Continue reading

News

150 million user records stolen from MyFitnessPal

Myfitnesspal, owned by Under Armour, is a calorie counter system that helps people lose weight. On March 25th, 2018 MyFitnessPal “became aware” that there was unauthorized acquisition of user data. Typically, “made aware” statements are indicative of a third party finding user data somewhere on the Internet but could include the result of an audit or malicious communication being detected. The user data that was obtained by the attackers include usernames, email addresses, and passwords hashed with bcrypt.…

Continue reading

Linux Tutorials

Security Onion Set Up Part 3: Configuration of Version 14.04

Before we begin configuring Security Onion, it’s a good idea to get an Oinkcode from snort.org if you’re going to use Snort. Snort can also use the Emerging Threat rulesets. There are three options available to obtain an Oinkcode. Community Edition – the rules are updated every 30 days, no support – FREE Personal – the rules are released daily, can submit false positives, home network or educational environments only – $29.99 per year Business –…

Continue reading