Offensive Security Certified Professional Experience / OSCP Review
Today I would like to share my experience with OSCP from the guys at Offensive Security. Why OSCP? There are now so many certifications in the field of information security that it is difficult to choose one. For me, criteria are the deciding factor in certifications: Learn new Apply knowledge (i.e. no multiple choice tests) […]
Detect phishing emails
Almost every day, users become victims of so-called phishing emails. Therefore, in this short post, I would like to point out the details that can be paid attention to in order to identify malicious emails. Of course, this is not a protection against spear phishing emails as used by professional hackers or penetration testers. I […]
Deceptive security: antivirus and firewall
We are safe because we have a virus scanner and a firewall! This statement is often the first to fall and should therefore be finally put right đŸ˜‰ #1 Firewall A firewall prevents connections to unwanted services (actually ports, but we’ll get to that in a moment). This is done by blocking/closing ports which are […]
30 minutes to a secure WordPress blog
WordPress is still the tool of choice, especially for newbies, to quickly create a respectable website. All nice KlickiBunti, so without expertise đŸ˜‰ Unfortunately, #InfoSec almost always falls by the wayside and the “admins” wonder about the new Russian language packs and additional AdminAccounts. Securing a WordPress website is not rocket science, so in the […]
How to remember passwords?
The best security measures are useless if weak credentials are chosen. This raises two essential questions, which I would like to explain below. What is a bad password, anyway? How can I create and remember strong passwords? There are two main ways of attack to guess into credentials. BruteForce All combinations are tried through. Depending […]
