
Cyber Decade Summary Report 2010-2019
The last decade has been one of the most significant in cyber history, we have collected in our annual magazine the most important events, ones that have shaped consciousness and influenced the way we build our concept of defense ... Enjoy reading!
Read More
How I Found a New Vulnerability in a Popular Home Automation App
A technical walkthrough of the process of finding a new Directory-Traversal vulnerability and CVE.
Read More
Questions and Dilemmas in An Age Of Intensifying Cyber Attacks
The experience of an organization under ransomware attack is a jolting and high-stress event, and managing that kind of incident is a highly complex task. The potential damages to company operation can be mitigated with preparation and rehearsal.
Read More
How to Value a Business with Cybersecurity Leaders
Many companies are beginning to realize the cybersecurity impact of cyber threats as a result of rapid digitization. The modern business model requires leaders who can navigate effectively within the digital transformation, and organizations need to know how to increase their talent to serve the business value.
Read More
Lightshot Phishing Attack
Lightshot is not a malicious application, however, all screenshots that are taken by it are publicly accessible. In the following article, I will expose a new vector of Phishing attacks that targets individuals that attempt to abuse Lightshot’s known data leaks.
Read More
Social Engineering Attacks in 2020 From a SOC Perspective
“Social engineering has emerged as a serious threat in virtual communities and is an effective means to attack information systems. The services used by today’s knowledge workers prepare the ground for sophisticated social engineering attacks” - Advanced social engineering attacks (Krombholz, HobelM, Huber, Weippl 2014)
Read More
Execute Any "Evil" Powershell Code by Bypassing AMSI
Powershell can be a powerful tool during the post-exploitation phase of our engagements. Probably, one of the best advantages of Powershell is having access to awesome public scripts and tools like Empire, PowerSploit, Nishang and many others, but what if AMSI will not let us use any of these tools?
Read More
How to Improve Your WordPress Website Security
What lessons should we learn from the uPress.co.il server breach incident
Read More
Containers as Cyber Security Black Holes
A Container is not an easy thing to secure. It includes everything from the applications they hold to the infrastructure they rely on. Steps need to be taken in multiple areas and layers to ensure you are not exposing yourself. Here are some guidelines for securing a container environment.
Read More
Remote work in the age of corona – best practices for maintaining security
As the COVID-19 virus spreads around the world, governments and organizations are scrambling to respond to the challenges of maintaining business continuity, while employees are required to maintain social distancing and work remotely
Read More
Citadel Cyber Summary Report 2019 - Trends and 2020 Forecast
We are proud to present the 2019 Summary Report that reviews key events, salient trends and professional outlook for the coming year.
Read More
Problems with open-source implementation
Open-source software components are a part of practically every development team’s standard practice and most organizations’ offering to their customers throughout all industries and verticals.
Read More
Of the GDPR and the CCPA
Various Laws and regulations may apply in various places and jurisdictions. They require adjustments and protection of rights by entities operating internationally or in their local scope. Today, it’s time for privacy.
Read More