IT teams that access dark forums for cyber security intelligence are urged to use caution and practice transparency
While dark markets and the dark web can provide valuable information for cyber security professionals, organizations and individuals need to follow laws and regulations and maintain open lines of communication with law enforcement to avoid major investigative scrutiny.
Learn more about updates to our Threat Hunting Professional Course and Watch a Live Lab Demo
eLearnSecurity will release a new version of Threat Hunting Professionals (THPv2) during a live webinar on March 24th. During the one hour webinar, course creators Dimitrios Bougioukas and Slavi Parpulov will discuss the essentials of threat hunting and outline course updates that address the modern threat landscape.
Hisomeru’s final thoughts on Technical OSINT and gathering information in the initial penetration testing phase
If you missed missed part one or part two of our pentesting series, start there then come back to this article.
One of the most comprehensive ways to gather Technical OSINT on a penetration testing target is to use a search engine called “Shodan.”
We updated our threat hunting training course to include new hunting TTPs that address the modern cyber security threat landscape.
eLearnSecurity is proud to announce a new version of our Threat Hunting Professional (THPv2) course. THPv2, which is slated for release on March 24th, has been fully updated with new approaches to threat hunting and modern TTPs.
Finding your cyber security dream job starts with the proper training pathway.
Penetration testing is a fulfilling and lucrative position within the cyber security industry. Otherwise known as ethical hackers, pentesters work with companies to exploit weaknesses in their network, systems, and applications to ultimately create a safer online environment.
Tools of the trade for cyber security professionals
In the first article in eLearnSecurity’s introduction to pentesting methodology, Hisomeru discussed why Technical OSINT is foundational to penetration testing and introduced tools to gather information from a client. In this article, Hisomeru continues the discussion on how to collect Technical OSINT.
An Introduction to Cyber Security Methodologies
This is a new series of articles that will cover the complete penetration testing methodology based largely on case studies of previous hacks. These articles will cover initial reconnaissance, picking an attack vector, gaining a foothold, maintaining presence, lateral movement, and finally going after the prize.
Set your agenda and use RSA to advance your cyber security career
RSA is one of the largest cyber security conferences in the world, with more than 50,000 infosec professionals descending on San Francisco in late February. The agenda is overwhelming, whether this is your first trip or your tenth, with speakers, sessions, and topics covering a vast array of modern security subjects.
Today’s breaches continue to start with compromised email accounts, with monetary gain remaining the top motivation for stealing login credentials. Typically, these are opportunistic attacks, a sort of spray and pray tactic. According to ProofPoint’s report Human Factor 2019, 25% of phishing emails in 2018 were generic credential harvesting.