• Metasploit: Find security issues, verify vulnerability mitigations & manage security assessments with Metasploit. Get the worlds best penetration testing software now.
• NFOHump: Offers up-to-date .NFO files and reviews on the latest pirate software releases.
• Exploit DB: An archive of exploits and vulnerable software by Offensive Security. The site collects exploits from submissions and mailing lists and concentrates them in a single database.
• Black Hat: The Black Hat Briefings have become the biggest and the most important security conference series in the world by sticking to our core value: serving the information security community by delivering timely, actionable security information in a friendly, vendor-neutral environment.
• HackRead: HackRead is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance, and Hacking News with full-scale reviews on Social Media Platforms.
• Offensive Security Training: Developers of Kali Linux and Exploit DB, and the creators of the Metasploit Unleashed and Penetration Testing with Kali Linux course.
• SecurityFocus: Provides security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.
• Packet Storm: Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers.
• DEFCON: Information about the largest annual hacker convention in the US, including past speeches, video, archives, and updates on the next upcoming show as well as links and other details.
• KitPloit: Leading source of Security Tools, Hacking Tools, CyberSecurity and Network Security.
• Hakin9: E-magazine offering in-depth looks at both attack and defense techniques and concentrates on difficult technical issues.
• Hack Forums: Emphasis on white hat, with categories for hacking, coding and computer security.
• Hacked Gadgets: A resource for DIY project documentation as well as general gadget and technology news.
• SecTools.Org: List of 75 security tools based on a 2003 vote by hackers.
• Makezine: Magazine that celebrates your right to tweak, hack, and bend any technology to your own will.
• The Hacker News: The Hacker News — most trusted and widely-acknowledged online cyber security news magazine with in-depth technical coverage for cybersecurity.
• Phrack Magazine: Digital hacking magazine.

Negative SEO with Satisfaction Guaranteed
http://www.blackhat.to

hi there

After checking your website SEO metrics and ranks, we determined
that you can get a real boost in ranks and visibility by using
aour 49 usd / Economy Plan:
https://www.hilkom-digital.com/product/economy-seo-plan/

cheap and effective SEO plan
onpage SEO included

thank you
Mike

What is DoS Attack?

DOS is an attack used to deny legitimate users access to a resource such as accessing a website, network, emails, etc. or making it extremely slow. DoS is the acronym for Denial of Service. This type of attack is usually implemented by hitting the target resource such as a web server with too many requests at the same time. This results in the server failing to respond to all the requests. The effect of this can either be crashing the servers or slowing them down.

Cutting off some business from the internet can lead to significant loss of business or money. The internet and computer networks power a lot of businesses. Some organizations such as payment gateways, e-commerce sites entirely depend on the internet to do business.

In this tutorial, we will introduce you to what denial of service attack is, how it is performed and how you can protect against such attacks.

Topics covered in this tutorial

• Types of Dos Attacks
• How DoS attacks work
• DoS attack tools
• DoS Protection: Prevent an attack
• Hacking Activity: Ping of Death
• Hacking Activity: Launch a DOS attack

Types of Dos Attacks

There are two types of Dos attacks namely;

• DoS– this type of attack is performed by a single host
• Distributed DoS– this type of attack is performed by a number of compromised machines that all target the same victim. It floods the network with data packets.

How DoS attacks work

Let's look at how DoS attacks are performed and the techniques used. We will look at five common types of attacks.

Ping of Death

The ping command is usually used to test the availability of a network resource. It works by sending small data packets to the network resource. The ping of death takes advantage of this and sends data packets above the maximum limit (65,536 bytes) that TCP/IP allows. TCP/IP fragmentation breaks the packets into small chunks that are sent to the server. Since the sent data packages are larger than what the server can handle, the server can freeze, reboot, or crash.

Smurf

This type of attack uses large amounts of Internet Control Message Protocol (ICMP) ping traffic target at an Internet Broadcast Address. The reply IP address is spoofed to that of the intended victim. All the replies are sent to the victim instead of the IP used for the pings. Since a single Internet Broadcast Address can support a maximum of 255 hosts, a smurf attack amplifies a single ping 255 times.  The effect of this is slowing down the network to a point where it is impossible to use it.

Buffer overflow

A buffer is a temporal storage location in RAM that is used to hold data so that the CPU can manipulate it before writing it back to the disc. Buffers have a size limit. This type of attack loads the buffer with more data that it can hold. This causes the buffer to overflow and corrupt the data it holds. An example of a buffer overflow is sending emails with file names that have 256 characters.

Teardrop

This type of attack uses larger data packets. TCP/IP breaks them into fragments that are assembled on the receiving host. The attacker manipulates the packets as they are sent so that they overlap each other. This can cause the intended victim to crash as it tries to re-assemble the packets.

SYN attack

SYN is a short form for Synchronize. This type of attack takes advantage of the three-way handshake to establish communication using TCP. SYN attack works by flooding the victim with incomplete SYN messages. This causes the victim machine to allocate memory resources that are never used and deny access to legitimate users.

DoS attack tools

The following are some of the tools that can be used to perform DoS attacks.

• Nemesy– this tool can be used to generate random packets. It works on windows. This tool can be downloaded from http://packetstormsecurity.com/files/25599/nemesy13.zip.html . Due to the nature of the program, if you have an antivirus, it will most likely be detected as a virus.
• Land and LaTierra– this tool can be used for IP spoofing and opening TCP connections
• Blast– this tool can be downloaded from http://www.opencomm.co.uk/products/blast/features.php
• Panther- this tool can be used to flood a victim's network with UDP packets.
• Botnets– these are multitudes of compromised computers on the Internet that can be used to perform a distributed denial of service attack.

DoS Protection: Prevent an attack

An organization can adopt the following policy to protect itself against Denial of Service attacks.

• Attacks such as SYN flooding take advantage of bugs in the operating system. Installing security patches can help reduce the chances of such attacks.
• Intrusion detection systems can also be used to identify and even stop illegal activities
• Firewalls can be used to stop simple DoS attacks by blocking all traffic coming from an attacker by identifying his IP.
• Routers can be configured via the Access Control List to limit access to the network and drop suspected illegal traffic.

Hacking Activity: Ping of Death

We will assume you are using Windows for this exercise. We will also assume that you have at least two computers that are on the same network. DOS attacks are illegal on networks that you are not authorized to do so. This is why you will need to setup your own network for this exercise.

Open the command prompt on the target computer

Enter the command ipconfig. You will get results similar to the ones shown below

For this example, we are using Mobile Broadband connection details. Take note of the IP address. Note: for this example to be more effective, and you must use a LAN network.

 Switch to the computer that you want to use for the attack and open the command prompt

We will ping our victim computer with infinite data packets of 65500

Enter the following command

ping 10.128.131.108 –t |65500

HERE,

• "ping" sends the data packets to the victim
• "10.128.131.108" is the IP address of the victim
• "-t" means the data packets should be sent until the program is stopped
• "-l" specifies the data load to be sent to the victim

You will get results similar to the ones shown below

Flooding the target computer with data packets doesn't have much effect on the victim. In order for the attack to be more effective, you should attack the target computer with pings from more than one computer.

The above attack can be used to attacker routers, web servers etc.

If you want to see the effects of the attack on the target computer, you can open the task manager and view the network activities.

• Right click on the taskbar
• Select start task manager
• Click on the network tab
• You will get results similar to the following

If the attack is successful, you should be able to see increased network activities.

Hacking Activity: Launch a DOS attack

In this practical scenario, we are going to use Nemesy to generate data packets and flood the target computer, router or server.

As stated above, Nemesy will be detected as an illegal program by your anti-virus. You will have to disable the anti-virus for this exercise.

• Download Nemesy from http://packetstormsecurity.com/files/25599/nemesy13.zip.html
• Unzip it and run the program Nemesy.exe
• You will get the following interface

Enter the target IP address, in this example; we have used the target IP we used in the above example.

HERE,

• 0 as the number of packets means infinity. You can set it to the desired number if you do not want to send, infinity data packets
• The size field specifies the data bytes to be sent and the delay specifies the time interval in milliseconds.

Click on send button

You should be able to see the following results

The title bar will show you the number of packets sent

Click on halt button to stop the program from sending data packets.

You can monitor the task manager of the target computer to see the network activities.

Summary

• A denial of service attack's intent is to deny legitimate users access to a resource such as a network, server etc.
• There are two types of attacks, denial of service and distributed denial of service.
• A denial of service attack can be carried out using SYN Flooding, Ping of Death, Teardrop, Smurf or buffer overflow
• Security patches for operating systems, router configuration, firewalls and intrusion detection systems can be used to protect against denial of service attacks.

More info

1. Hacking Hardware
2. Pentestmonkey Sql Injection
3. Pentest Meaning
4. How To Pentest A Website With Kali
5. Hacking Games
6. Pentest Kit

• you are a huge fan of Hacktivity
• you bought this badge around a year ago
• you are just interested in hacker conference badge hacking. 

• a computer with USB port and macOS, Linux or Windows. You can use other OS as well, but this guide covers these
• USB mini cable to connect the badge to the computer
• the Hacktivity badge from 2018

Let's get started

Linux

[267300.206966] usb 2-2.2: new full-speed USB device number 14 using uhci_hcd
[267300.326484] usb 2-2.2: New USB device found, idVendor=0403, idProduct=6001
[267300.326486] usb 2-2.2: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[267300.326487] usb 2-2.2: Product: FT232R USB UART
[267300.326488] usb 2-2.2: Manufacturer: FTDI
[267300.326489] usb 2-2.2: SerialNumber: AC01U4XN
[267300.558684] usbcore: registered new interface driver usbserial_generic
[267300.558692] usbserial: USB Serial support registered for generic
[267300.639673] usbcore: registered new interface driver ftdi_sio
[267300.639684] usbserial: USB Serial support registered for FTDI USB Serial Device
[267300.639713] ftdi_sio 2-2.2:1.0: FTDI USB Serial Device converter detected
[267300.639741] usb 2-2.2: Detected FT232RL
[267300.643235] usb 2-2.2: FTDI USB Serial Device converter now attached to ttyUSB0

macOS

# ioreg -p IOUSB -w0 -l

+-o FT232R USB UART@14100000  <class AppleUSBDevice, id 0x100005465, registered, matched, active, busy 0 (712 ms), retain 20>
    |   {
    |     "sessionID" = 71217335583342
    |     "iManufacturer" = 1
    |     "bNumConfigurations" = 1
    |     "idProduct" = 24577
    |     "bcdDevice" = 1536
    |     "Bus Power Available" = 250
    |     "USB Address" = 2
    |     "bMaxPacketSize0" = 8
    |     "iProduct" = 2
    |     "iSerialNumber" = 3
    |     "bDeviceClass" = 0
    |     "Built-In" = No
    |     "locationID" = 336592896
    |     "bDeviceSubClass" = 0
    |     "bcdUSB" = 512
    |     "USB Product Name" = "FT232R USB UART"
    |     "PortNum" = 1
    |     "non-removable" = "no"
    |     "IOCFPlugInTypes" = {"9dc7b780-9ec0-11d4-a54f-000a27052861"="IOUSBFamily.kext/Contents/PlugIns/IOUSBLib.bundle"}
    |     "bDeviceProtocol" = 0
    |     "IOUserClientClass" = "IOUSBDeviceUserClientV2"
    |     "IOPowerManagement" = {"DevicePowerState"=0,"CurrentPowerState"=3,"CapabilityFlags"=65536,"MaxPowerState"=4,"DriverPowerState"=3}
    |     "kUSBCurrentConfiguration" = 1
    |     "Device Speed" = 1
    |     "USB Vendor Name" = "FTDI"
    |     "idVendor" = 1027
    |     "IOGeneralInterest" = "IOCommand is not serializable"
    |     "USB Serial Number" = "AC01U4XN"
    |     "IOClassNameOverride" = "IOUSBDevice"
    |   } 

The most important information you get is the USB serial number - AC01U4XN in my case.
Another way to get this information is

# system_profiler SPUSBDataType

which will give back something similar to:

FT232R USB UART:

          Product ID: 0x6001
          Vendor ID: 0x0403  (Future Technology Devices International Limited)
          Version: 6.00
          Serial Number: AC01U4XN
          Speed: Up to 12 Mb/sec
          Manufacturer: FTDI
          Location ID: 0x14100000 / 2
          Current Available (mA): 500
          Current Required (mA): 90
          Extra Operating Current (mA): 0

The serial number you got is the same.

What you are trying to achieve here is to connect to the device, but in order to connect to it, you have to know where the device in the /dev folder is mapped to. A quick and dirty solution is to list all devices under /dev when the device is disconnected, once when it is connected, and diff the outputs. For example, the following should do the job:

ls -lha /dev/tty* > plugged.txt
ls -lha /dev/tty* > np.txt
vimdiff plugged.txt np.txt

The result should be obvious, /dev/tty.usbserial-AC01U4XN is the new device in case macOS. In the case of Linux, it was /dev/ttyUSB0.

Linux users, read it from here. macOS users, please continue reading

Now you can use either the built-in screen command or minicom to get data out from the badge. Usually, you need three information in order to communicate with a badge. Path on /dev (you already got that), speed in baud, and the async config parameters. Either you can guess the speed or you can Google that for the specific device. Standard baud rates include 110, 300, 600, 1200, 2400, 4800, 9600, 14400, 19200, 38400, 57600, 115200, 128000 and 256000 bits per second. I usually found 1200, 9600 and 115200 a common choice, but that is just me.
Regarding the async config parameters, the default is that 8 bits are used, there is no parity bit, and 1 stop bit is used. The short abbreviation for this is 8n1. In the next example, you will use the screen command. By default, it uses 8n1, but it is called cs8 to confuse the beginners.

If you type:
# screen /dev/tty.usbserial-AC01U4XN 9600
or
# screen /dev/ttyUSB0 9600
and wait for minutes and nothing happens, it is because the badge already tried to communicate via the USB port, but no-one was listening there. Disconnect the badge from the computer, connect again, and type the screen command above to connect. If you are quick enough you can see that the amber LED will stop blinking and your screen command is greeted with some interesting information. By quick enough I mean ˜90 seconds, as it takes the device 1.5 minutes to boot the OS and the CTF app.

Windows

When you connect the device to Windows, you will be greeted with a pop-up.

Just click on the popup and you will see the COM port number the device is connected to:

In this case, it is connected to COM3. So let's fire up our favorite putty.exe, select Serial, choose COM3, add speed 9600, and you are ready to go!

You might check the end of the macOS section in case you can't see anything. Timing is everything.

The CTF

Welcome to the Hacktivity 2018 badge challenge!

This challenge consists of several tasks with one or more levels of
difficulty. They are all connected in some way or another to HW RE
and there's no competition, the whole purpose is to learn things.

Note: we recommend turning on local echo in your terminal!
Also, feel free to ask for hints at the Hackcenter!

Choose your destiny below:

  1. Visual HW debugging
  2. Reverse engineering
  3. RF hacking
  4. Crypto protection

Enter the number of the challenge you're interested in and press [

Related word

• Hacking Bluetooth
• Hacking Link
• Hacker Language
• Hackerx
• Hacking Quotes
• Pentest Standard
• Pentest+ Vs Oscp
• Pentest Azure
• Hacking 3Ds
• Pentest Cyber Security
• Hacking Growth
• Hacker Google
• Pentest Questions
• Pentest Network

Top 5 Best TV Series Based On Hacking & Technology 2018

Top 5 Best TV Series Based On Hacking And Technology 2018

Well, if you are a tech fanatic then you will love watching TV shows which are based on hacking and technology. If you are a tech geek, then you will know that hacking stuff in movies/serials always generates glamor and mystery and adds that special oomph factor to the movie or Tv SHOW.

However, there are not much movies/ or TV serials made on hacking and technology. Technology is rapidly becoming the key point in human lives. The previous year we have seen how hackers had made their marks on giant companies. So, in this article, we are going to discuss top TV shows which have to hack as the central theme. So, have a look at the list.

#1 Mr. Robot

Mr. Robot: Best TV Series Based On Hacking & Technology 2018

Well, the reason why I listed Mr. Robot on the top is because this show has millions of followers and this is the first show that portrays an elite hacker. The elite hacker group uses computers, smartphones and many other technologies to penetrate secure network to take down evil corporation while being anonymous. The show displays the life of a young programmer named Elliot who works as a cyber-security engineer and a vigilante hacker by night.

#2 Silicon Valley

Silicon Valley

This TV series displays the tech and hacking with a bit of comic touch. The series shows the competition between techies in the high-tech gold rush of modern Silicon Valley. What's more interesting is the people who are more qualified are least successful whereas underdogs are making it big. This show is running successfully for three years now.

Read more;- How To Hack Any Game On Your Android Smartphones

#3 The IT Crowd

The IT Crowd

The IT Crowd is very popular series and is running successfully for eight years from 2006 to 2013. It is not like Mr.Robot it has its moments of hacks. The series shows the comedic adventures of a rag-tag group of technical support workers at a large corporation.

#4 Person Of Interest

Person Of Interest

It is one of the best TV series made till now. You will get to see the humor, twists, and lots of other things. In this show and intelligent programmer built and AI (Artificial intelligence) that helps to stop the crimes in the city. The show will definitely give you chills.

Read more;- Top 5 Free Online Courses To Learn Artificial Intelligence

#5 Chuck

Chuck: Best TV Series Based On Hacking & Technology 2018

The TV series was somehow popular and ran from 2007 to 2013. The show shows the character of a young hacker and nerd who accidentally downloads US Govt, secrets into his brain and there is where the story starts CIA and NSA agents protect him and at the same time exploit him.

Continue reading

• Pentesting
• Pentest Open Source
• Hacker Google
• Pentestbox
• Pentest Hardware
• Pentest Services
• Hacking Groups
• Hacking Vpn
• Hacker News
• Pentest Windows
• Pentest Magazine
• What Hacking Is
• Pentest Dns
• Hacking Jacket
• Pentest Process
• Rapid7 Pentest

What is Password Cracking?

Password cracking is the process of attempting to gain Unauthorized access to restricted systems using common passwords or algorithms that guess passwords. In other words, it's an art of obtaining the correct password that gives access to a system protected by an authentication method.

Password cracking employs a number of techniques to achieve its goals. The cracking process can involve either comparing stored passwords against word list or use algorithms to generate passwords that match

In this Tutorial, we will introduce you to the common password cracking techniques and the countermeasures you can implement to protect systems against such attacks.

Topics covered in this tutorial

• What is password strength?
• Password cracking techniques
• Password Cracking Tools
• Password Cracking Counter Measures
• Hacking Assignment: Hack Now!

What is password strength?

Password strength is the measure of a password's efficiency to resist password cracking attacks. The strength of a password is determined by;

• Length: the number of characters the password contains.
• Complexity: does it use a combination of letters, numbers, and symbol?
• Unpredictability: is it something that can be guessed easily by an attacker?

Let's now look at a practical example. We will use three passwords namely

1.  password

2.  password1

3.  #password1$

 For this example, we will use the password strength indicator of Cpanel when creating passwords. The images below show the password strengths of each of the above-listed passwords.

Note: the password used is password the strength is 1, and it's very weak.

Note: the password used is password1 the strength is 28, and it's still weak.

Note: The password used is #password1$ the strength is 60 and it's strong.

The higher the strength number, better the password.

Let's suppose that we have to store our above passwords using md5 encryption. We will use an online md5 hash generator to convert our passwords into md5 hashes.

 The table below shows the password hashes

 We will now use http://www.md5this.com/ to crack the above hashes. The images below show the password cracking results for the above passwords.

As you can see from the above results, we managed to crack the first and second passwords that had lower strength numbers. We didn't manage to crack the third password which was longer, complex and unpredictable. It had a higher strength number.

Password cracking techniques

There are a number of techniques that can be used to crack passwords. We will describe the most commonly used ones below;

• Dictionary attack– This method involves the use of a wordlist to compare against user passwords.
• Brute force attack– This method is similar to the dictionary attack. Brute force attacks use algorithms that combine alpha-numeric characters and symbols to come up with passwords for the attack. For example, a password of the value "password" can also be tried as p@$$word using the brute force attack.
• Rainbow table attack– This method uses pre-computed hashes. Let's assume that we have a database which stores passwords as md5 hashes. We can create another database that has md5 hashes of commonly used passwords. We can then compare the password hash we have against the stored hashes in the database. If a match is found, then we have the password.
• Guess– As the name suggests, this method involves guessing. Passwords such as qwerty, password, admin, etc. are commonly used or set as default passwords. If they have not been changed or if the user is careless when selecting passwords, then they can be easily compromised.
• Spidering– Most organizations use passwords that contain company information. This information can be found on company websites, social media such as facebook, twitter, etc. Spidering gathers information from these sources to come up with word lists. The word list is then used to perform dictionary and brute force attacks.

Spidering sample dictionary attack wordlist

1976 <founder birth year>

smith jones <founder name>

acme <company name/initials>

built|to|last <words in company vision/mission>

golfing|chess|soccer <founders hobbies

Password cracking tool

These are software programs that are used to crack user passwords. We already looked at a similar tool in the above example on password strengths. The website www.md5this.com uses a rainbow table to crack passwords. We will now look at some of the commonly used tools

John the Ripper

John the Ripper uses the command prompt to crack passwords. This makes it suitable for advanced users who are comfortable working with commands. It uses to wordlist to crack passwords. The program is free, but the word list has to be bought. It has free alternative word lists that you can use. Visit the product website http://www.openwall.com/john/ for more information and how to use it.

Cain & Abel

Cain & Abel runs on windows. It is used to recover passwords for user accounts, recovery of Microsoft Access passwords; networking sniffing, etc. Unlike John the Ripper, Cain & Abel uses a graphic user interface. It is very common among newbies and script kiddies because of its simplicity of use. Visit the product website http://www.softpedia.com/get/Security/Decrypting-Decoding/Cain-and-Abel.shtml for more information and how to use it.

Ophcrack

Ophcrack is a cross-platform Windows password cracker that uses rainbow tables to crack passwords. It runs on Windows, Linux and Mac OS. It also has a module for brute force attacks among other features. Visit the product website http://ophcrack.sourceforge.net/  for more information and how to use it.

Password Cracking Counter Measures

• An organization can use the following methods to reduce the chances of the passwords been cracked
• Avoid short and easily predicable passwords
• Avoid using passwords with predictable patterns such as 11552266.
• Passwords stored in the database must always be encrypted. For md5 encryptions, its better to salt the password hashes before storing them. Salting involves adding some word to the provided password before creating the hash.
• Most registration systems have password strength indicators, organizations must adopt policies that favor high password strength numbers.

Hacking Activity: Hack Now!

In this practical scenario, we are going to crack Windows account with a simple password. Windows uses NTLM hashes to encrypt passwords. We will use the NTLM cracker tool in Cain and Abel to do that.

Cain and Abel cracker can be used to crack passwords using;

• Dictionary attack
• Brute force
• Cryptanalysis

We will use the dictionary attack in this example. You will need to download the dictionary attack wordlist here 10k-Most-Common.zip

For this demonstration, we have created an account called Accounts with the password qwerty on Windows 7.

Password cracking steps

• Open Cain and Abel, you will get the following main screen

• Make sure the cracker tab is selected as shown above
• Click on the Add button on the toolbar.

• The following dialog window will appear

• The local user accounts will be displayed as follows. Note the results shown will be of the user accounts on your local machine.

• Right click on the account you want to crack. For this tutorial, we will use Accounts as the user account.

• The following screen will appear

• Right click on the dictionary section and select Add to list menu as shown above
• Browse to the 10k most common.txt file that you just downloaded

• Click on start button
• If the user used a simple password like qwerty, then you should be able to get the following results.

• Note: the time taken to crack the password depends on the password strength, complexity and processing power of your machine.
• If the password is not cracked using a dictionary attack, you can try brute force or cryptanalysis attacks.

Summary

• Password cracking is the art of recovering stored or transmitted passwords.
• Password strength is determined by the length, complexity, and unpredictability of a password value.
• Common password techniques include dictionary attacks, brute force, rainbow tables, spidering and cracking.
• Password cracking tools simplify the process of cracking passwords.

Related word

1. Pentest Smtp
2. Pentest Process
3. Hacker Forum
4. Hacker Language
5. Pentest Owasp Top 10
6. Pentest Ios
7. Hacking Typer
8. Hacking Forums
9. Hacker Attack

PDF is safe to open

Image stolen from Kaspersky

Java is secure

Stay away from rogue websites and you will be safe

Don't use open WiFi

The password policy nightmare

Sites with a padlock are safe

We tell people for years that the communication with HTTPS sites are safe, and you can be sure it is HTTPS by finding a randomly changing padlock icon somewhere next to the URL. What people hear is that sites with padlocks are safe. Whatever that means. The same goes for WiFi - a network with a padlock is safe.

Use Linux, it is free from malware

For years people told to Windows users that only if they would use Linux they won't have so much malware. Thanks to Android, now everyone in the world can enjoy malware on his/her Linux machine.

OSX is free from malware

It is true that there is significantly less malware on OSX than on Windows, but this is an "economical" question rather than a "security" one. The more people use OSX, the better target it will become. Some people even believe they are safe from phishing because they are using a Mac!

Updated AV + firewall makes me 100% safe

How to backup data

Disconnect your computer from the Internet when not used

Use (free) VPN to protect your anonimity

The corporate "security tips" myth

Use robots.txt to hide secret information on public websites

Use WAF, IDS, IPS, Nextgen APT detection hibber-gibber and you will be safe

Conclusion

Continue reading

1. Pentest Devices
2. Pentest Keys
3. Hacking Simulator
4. Pentest Ubuntu
5. Pentest Usb
6. Hacker
7. Pentest Dns
8. Hackintosh
9. Pentest Security
10. Hacking
11. Hacking Programs
12. Pentest Linux
13. Pentest Website
14. Hacking Attack
15. Pentest Standard
16. Hackintosh
17. Hacking Hardware
18. Pentest Wordpress
19. Hackerrank
20. Pentestgeek