This article seeks to provide an in-depth exploration of the applications of cryptography in the context of cybersecurity. We'll cover a variety of complex and essential topics, including symmetric and asymmetric key cryptography, encryption algorithms, authentication protocols, digital signatures, and key management. In addition, we will examine practical use cases where encryption plays a critical role in mitigating cyberthreats, such as man-in-the-middle attacks, data tampering, and identity theft, and the contradictions with GDPR and LGPD regulations that have angered governments and law enforcement.
1 min read
Don’t try to master it all – just try to understand how to NOT be the low hanging fruit - Interview with Christopher Hadnagy, CEO of Social-Engineer, LLC.
Dear Readers, today we would like to introduce to you Christopher Hadnagy, Chief Human Hacker and CEO of Social-Engineer, LLC. We …
8 min read
The Human Element: an Analysis of the Relationships Between Social Engineering and Ransomware Attacks
To understand how the human element is exploited, this article aims to present an overview of ransomware and social engineering, discussing their relationship and focusing on how the human factor can be used as an agent to exploit becoming an attack vector.
18 min read
ARRR-Ransomware for macOS be-out there ‘laddies’, and we are going to find it! Join me as we embark on a wild adventure to sail the deepest and darkest seas on the hunt for macOS ransomware. BONUS: We’ve added a surprise for the latest ransomware for macOS, which occurred during the preliminary writing of this article.
27 min read
In this article, sensory-based deception attacks that hinder drone forensic investigations will be discussed. Sensory-based deception attacks on drones are attacks that manipulate a drone's behavior by feeding deceptive sensory information. Sensory-based deception attacks can pose a severe challenge for drone forensic investigations.
7 min read
Unmanned aerial vehicles (UAVs), commonly known as drones, have revolutionized various industries, and one of their critical applications is remote video identification. This technology enables real-time monitoring of distant locations, providing invaluable assistance in fields such as law enforcement, disaster response, and infrastructure inspection. However, as the use of drones for remote video identification grows, the importance of drone cybersecurity becomes increasingly paramount. We examine drone cybersecurity in the context of remote video identification in this article, supported by recent news items and statistics.
6 min read
Enter a short description of the course.
"Micro-drone Warfare: Cybersecurity Implications and Countermeasures" is an advanced course designed for digital forensics professionals seeking to understand the cybersecurity challenges posed by the increasing use of micro-drones in modern warfare. The course provides an in-depth exploration of micro-drone technologies, their role in cyber threats, and the countermeasures necessary to mitigate these threats. Learners will delve into the various types and capabilities of micro-drones, their communication and networking technologies, and the associated cybersecurity vulnerabilities. The course covers risk assessment and threat modeling for micro-drone systems, analysis of real-world micro-drone warfare scenarios, and the development of defense strategies against potential cyber attacks. Additionally, the course addresses the legal and policy frameworks governing micro-drone warfare cybersecurity, including ethical considerations, privacy implications, and international regulations. The course is led by Rhonda Johnson, a seasoned educator and Ph.D. student specializing in Cybersecurity. Prior knowledge of computer networks, cybersecurity principles, operating systems, basic electronics, and wireless communication is recommended. The course employs tools such as Drone Simulators and Drone Performance Evaluation Tools for practical learning.
The course is intended for individuals from the IT industry as well as those outside of it who have some knowledge of cybersecurity. Basic concepts of cybersecurity are required. During the course, participants will acquire skills related to: Understanding digital forensics, including its scope, relevance in investigations, and legal and ethical considerations. Concepts of data integrity and its significance in digital forensics. They will learn about various threats to data integrity and techniques for ensuring its preservation throughout the forensic process. Principles of evidence handling, including chain of custody, documentation, and the importance of maintaining the integrity of evidence. Legal and ethical considerations related to digital evidence handling. This includes understanding privacy and confidentiality considerations and the role of expert witness testimony in courtroom presentations. Data acquisition techniques for different types of digital devices. They will learn about disk imaging, integrity verification, and the use of hash functions in maintaining data integrity. Techniques for analyzing and examining digital evidence, including file system analysis, data recovery, reconstruction techniques, and metadata analysis. The course also includes practical application of various tools and technologies used in digital forensics, such as Autopsy, The Sleuth Kit (TSK), Volatility, Plaso, Wireshark, Bulk Extractor, OSForensics, and Autopsy Browser. At the end of the course, a final exam is planned consisting of multiple-choice questions on the concepts and fundamentals arising from the course outcomes, along with practical tasks.
eForensics Course for eWarfare: Investigations, Threat Detection and Reconnaissance in the Electromagnetic Spectrum (W59)
eForensics for eWarfare: Investigations, Threat Detection, and Reconnaissance in the Electromagnetic Spectrum" is an innovative course designed to introduce learners to the application of digital forensics tools and techniques in electronic warfare. It aims to deepen participants' understanding of electronic warfare, its history, military applications, and how digital forensics is applied in warfare and intelligence. The course also focuses on the significance of electronic warfare in today's world, discussing potential threats and how to mitigate them. COURSE STRUCTURE: This course is structured into several key modules, each focusing on a specific aspect of electronic warfare. The modules are: Introduction to Electronic Warfare Notable Milestones in the Development of Electronic Warfare A Look at Air Force Radar Systems Military Application of Digital Forensics Investigating Incidents on Critical Infrastructure: Industrial Control Systems (ICS) Each module ends with a multiple-choice quiz to ensure understanding, with a pass mark of 75%. EQUIPMENT & PREREQUISITES: To participate, students will need a PC, tablet, or smartphone with an internet connection. Basic knowledge of information systems, cybersecurity, and digital forensics is recommended. ABOUT THE LECTURER: This course is led by an experienced lecturer from the Cyber Security Department of the Air Force Institute of Technology (AFIT), Kaduna. With a background in both training and consulting, the lecturer has considerable expertise in a range of relevant areas, including information and physical management, security, assurance, and control. Furthermore, he has authored numerous articles in well-established journals, including eForensics Magazine and the ISACA Journal, and has led training workshops on digital forensics and eDiscovery.