Hacking
Hacking | News, how-tos, features, reviews, and videos
DOJ: Good faith security research won’t be charged under Computer Fraud and Abuse Act
The U.S. Department of Justice revises its policy regarding charging violations of the CFAA. Good faith security research will no longer be charged.
Karakurt data thieves linked to larger Conti hacking group
Data theft group has apparent ties to another, more prolific hacking crew, according to cybersecurity firm Tetra Defense.
Take LAPSUS$ teens seriously
After the Okta breach, LAPSUS$ is already back making trouble using low-tech techniques with a high rate of success.
Zoom’s bug bounty ROI clear as program pays $1.8 million to fix over 400 bugs
The firm’s CISO reflects on bug bounty ROI and selling the concept to senior leadership.
What is a botnet? When infected devices attack
A botnet is a collection of internet-connected devices that an attacker has compromised to launch DDoS attacks, spread phishing spam, mine bitcoin, and more.
What is ethical hacking? Getting paid to break into computers
Learn the ethical hacking certifications, training, and experience you need to land a job testing an organization's defenses.
Man-in-the-middle (MitM) attack definition and examples
A man-in-the-middle (MitM) attack is a type of cyberattack in which communications between two parties is intercepted, often to steal login credentials or personal information, spy on victims, sabotage communications, or corrupt data....
Rash of hacktivism incidents accompany Russia’s invasion of Ukraine
Some in the cybersecurity community say actions on behalf of Ukraine help even the odds, while others warn that unauthorized hacking could interfere with government cyber operations.
FBI's warning about Iranian firm highlights common cyberattack tactics
One known tactic is conducting reconnaissance on potential targets, then working to identify entry points including vulnerable software or systems.
6 ways hackers hide their tracks
From trusted pentesting tools to LOLBINs, attackers abuse trusted platforms and protocols to evade security controls.
8 top ethical hacking certifications employers value
If you're looking for a job as a penetration tester, these certs will help you demonstrate your hacking skills and your commitment to the field.
11 penetration testing tools the pros use
Automated and open source tools can help you conduct web application, network, and database penetration tests.
Apache Log4j vulnerability actively exploited, impacting millions of Java-based apps
The vulnerability affects not only Java-based applications and services that use the library directly, but also many other popular Java components and development frameworks that rely on it.
10 essential skills and traits of ethical hackers
Learn just what it takes to snag this demanding and rewarding job.
3 cyber mercenaries: An insider threat case study
Three US nationals, working as cyber mercenaries on behalf of the United Arab Emirates, have accepted a deferred plea agreement for exploiting U.S. entities using U.S.-controlled technologies.
MITRE ATT&CK framework: Understanding attack methods
The MITRE ATT&CK framework is a living, growing document of threat tactics and techniques that have been observed from millions of attacks on enterprise networks.
Rainbow tables explained: How they work and why they're (mostly) obsolete
Rainbow tables are password cracking tools with origins dating back to research from the early 1980s. Here's how they work, why attacks are easy to prevent, and how they compare to modern password cracking.
video
What is cryptojacking? Why criminals love this con
Cryptojacking is the unauthorized use of someone else’s computer to mine cryptocurrency. Hackers do this by either getting the victim to click on a malicious link in an email that loads cryptomining code on the computer or by...