The SSH (Secure Shell) protocol allows an ability to remotely, and securely, access hosts. SSH has various options for authenticating to a host including — password authentication, public-key authentication, and host-based authentication. Before we get into all of that, let’s generate an SSH keypair. Generating an SSH Keypair Most Linux OS’s have a built-in command,…
Phishing and e-mail in general continue to be the most targeted attack vector according to Cloudflare’s 2023 Phishing Report. With e-mail service being the live blood of communication for most organizations, the security of such a service is paramount. Hardening e-mail infrastructure and services is one piece to the puzzle, and most services provide integrated…
Your website is an extension of your business, and your domain name represents that online presence by providing your visitors with an easy way to connect with your business whenever they want. Domain impersonation attacks have been around for a long time, but have seen a resurgence as of late as discussed in Forta’s 2023…
SpiderFoot is a Open Source Intelligence (OSINT) tool that combines the power of many Internet API’s to gather intelligence on Names, E-mail Addresses, Domains, IP Addresses, and more. This article will help you get setup with a local installation of SpiderFoot using Docker, guide you through the initial setup and configuration, and walk through some…
Every couple of years a new or evolving technology bring about a whole new set of buzzwords that are often misunderstood by the general public. First, we saw the advent of the “cloud”, which is still not very well understood by most. We followed that up with Machine Learning (M.L.), and today we are constantly…
With the recent news of 3CX supply chain attacks I think it’s important to understand what, exactly, a supply chain attack is, and how you and/or your organization can help to reduce the risk and impact of a supply chain attack. What Is a Supply Chain? It may seem rudimentary, but let’s define what we’re…
