#cybertechtalk - by andriejsazanowicz

Designing Reliable Systems

January 6, 2024 by andriejsazanowicz

We already told a bit about designing reliable systems before. Today, we’ll go over how to design services to meet requirements for availability,durability, and scalability. We will also discuss how to implement fault-tolerant systems by avoiding single points of failure, correlated failures, and cascading failures. We will see how to avoid overload failures by using … Read more

TIL About Footprinting. Part 3: Username Enumeration

January 2, 2024 by andriejsazanowicz

In short, footprinting refers to the process of collecting data over time in order to make a targeted cyberattack. Footprinting involves gathering information about a target—typically related to its network infrastructure, systems, and users—without actually committing an attack. Footprinting can be performed manually or using automated tools. It may involve scanning for open ports, identifying user accounts, … Read more

TIL About Footprinting. Part 2: Website Footprinting

January 2, 2024December 29, 2023 by andriejsazanowicz

TIL About Footprinting. Part 1: DNS Footprinting

January 2, 2024December 23, 2023 by andriejsazanowicz

How to create Security Requirements

December 16, 2023 by andriejsazanowicz

Software Engineering, ensuring security from the beginning of the software development process is essential. By establishing security requirements, you safeguard the end product against potential threats. Here is a guide on creating security requirements for your software project and when this should occur. 1. Understanding the Importance of Security Requirements Security requirements define the necessary … Read more

TheHackersNews.com

Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds
A forensic analysis of a graph dataset containing transactions on the Bitcoin blockchain has revealed clusters associated with illicit activity and money laundering, including detecting criminal proceeds sent to a crypto exchange and previously unknown wallets belonging to a Russian darknet market. The findings come from Elliptic in collaboration with researchers from the&
Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers
Cybersecurity researchers have discovered a previously undocumented malware targeting Android devices that uses compromised WordPress sites as relays for its actual command-and-control (C2) servers for detection evasion. The malware, codenamed Wpeeper, is an ELF binary that leverages the HTTPS protocol to secure its C2 communications. "Wpeeper is a typical backdoor Trojan for Android
Everyone's an Expert: How to Empower Your Employees for Cybersecurity Success
There’s a natural human desire to avoid threatening scenarios. The irony, of course, is if you hope to attain any semblance of security, you’ve got to remain prepared to confront those very same threats. As a decision-maker for your organization, you know this well. But no matter how many experts or trusted cybersecurity tools your organization has a standing guard,
ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan
The authors behind the resurfaced ZLoader malware have added a feature that was originally present in the Zeus banking trojan that it's based on, indicating that it's being actively developed. "The latest version, 2.4.1.0, introduces a feature to prevent execution on machines that differ from the original infection," Zscaler ThreatLabz researcher Santiago
Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia
A former employee of the U.S. National Security Agency (NSA) has been sentenced to nearly 22 years (262 months) in prison for attempting to transfer classified documents to Russia. "This sentence should serve as a stark warning to all those entrusted with protecting national defense information that there are consequences to betraying that trust," said FBI Director Christopher Wray.

DevOps.com

The Problems With Golden Templates That No One Wants to Talk About
Golden templates make it easier to get started with IaC, but they don’t effectively fit users’ needs. Let’s fix that.
The Purpose of Life
We all have our priorities.
Snyk Adds Second ASPM Tool to Portfolio
Today, Snyk made available an edition of its application security posture management (ASPM) tool for assessing application risks that provides more context into how code has been written and its role within the application environment. Manoj Nair, chief product officer for Snyk, said Snyk AppRisk Pro leverages artificial intelligence (AI) and machine learning to provide
Spotify to Provide Opinionated Instance of Backstage IDP
Backstage helps large teams document their infrastructure and services. This extends the open source version.
Five Great DevOps Job Opportunities
Looking for a DevOps job? Look at these openings at Scientific American, HRL Laboratories, VetsEZ and more.