-
How to Manage Your Passwords Using Bitwarden
In this day and age, password attacks are a popular attack vector that has been leveraged by attackers to gain unauthorised access to user accounts, resulting in data breaches. The root cause of this is the use of weak passwords that are easy to remember. Compounded with password reuse, attackers...
-
An Overview of the Apache Zero-Day Vulnerability (CVE-2021-41773)
Apache recently released patches for a zero-day vulnerability affecting versions 2.4.49 (CVE-2021-41773) and 2.4.50 (CVE-2021-42013) of its web server on both Windows and Linux servers. The zero-day vulnerability was a directory traversal that could allow an attacker to access arbitrary files on the web server. Directory traversal (also known as...
-
Identify Vulnerabilities in Your WordPress Site Using WPScan Plugin
WordPress is the most popular content management system and according to W3Techs, powers close to 43% of all websites on the internet. One of the reasons for WordPress's popularity is that it supports customisations through the use of themes and plugins. However, each theme and plugin that is installed has...
-
An Introduction to Firewalls and Their Use in Cyber Defence
A firewall is a security control that uses rules to control inbound and outbound network traffic. A firewall can either be host-based or network-based. A host-based firewall is available as software on a system such as Windows Firewall and iptables on Linux. On the other hand, a network firewall is...
-
Enumerating Internal Network Processes Using net-enum-listeners
One of the areas to focus on after getting an initial foothold on a machine is enumerating ports that are only accessible internally. Each port has a corresponding process that uses it. Important processes to focus on are those that are running as SYSTEM or as a privileged user, which...