by andriejsazanowicz
Steganography is the practice of concealing information within another message or physical object to avoid detection. This is well known technique used for hiding data, including text, image, video, or audio content inside another content. That hidden data is then might be easy extracted at its destination. Under Windows OS, the NTFS file system has a … Read more
During a last years according to Top 10 cyber attack analysis, the cost of cybercrimes is growing abnormally fast. The ‘bad guys’ is continuously finding a new cyberattack threats and breaches, new more sophisticated way to get inside into network infrastructure. Cybersecurity specialists, from another hand, do their best to prevent and if happens stop … Read more
CheckovĀ is a static code analysis tool for infrastructure as code (IaC) and also a software composition analysis (SCA) tool for images and open source packages. This is easy way to perform composition analysis any kind of cloud infrastructure. It supports AWS, Azure, GCP including Terraform, Terraform plan, AWS Cloudformation, Kubernetes, Helm charts, Dockerfile, Bicep, OpenAPI … Read more
A port scan attack is a common technique hackers use to discover open doors or weak points in a network. A port scan attack helps cyber criminals find open ports and figure out whether they are receiving or sending data. It is very important to detect such activity as soon as it take place and mitigate … Read more
Poisoned Pipeline Execution (PPE) is a pentesting methodology and attack vector abuses permissions against an SCM repository, in a way that causes a CI pipeline to execute malicious commands. Users that have permissions to manipulate the CI configuration files, or other files which the CI pipeline job relies on, can modify them to contain malicious … Read more