Feb
17
IT teams that access dark forums for cyber security intelligence are urged to use caution and practice transparency. While dark markets and the dark web can provide valuable information for cyber security professionals, organizations and individuals need to follow laws and regulations and maintain open lines of communication with law enforcement to avoid major investigative scrutiny. Read More
Feb
05
One of the first things to consider when deploying a new firewall (and any other network device) into the network is secure administrative access. If management access is not secured properly, you can’t really use your firewall to detect and defend against vulnerability exploits that could lead to infiltration and/or the loss of sensitive data. Read More
Jan
28
  Thursday, January 28th is Data Privacy Day, the official global initiative that aims to provoke dialogue and empower people and companies to take action. Millions of people have no idea how much of their personal information is being collected, stored & shared. This Data Privacy Day, INE is encouraging people to take time to review some specific privacy settings in order to safeguard their cybersecurity. Read More
Jan
26
In the continuation of our Pentesting 101 series we dive deeper into fingerprinting. During the remainder of this series, we will display nmap screenshots. We recommend reading the command line switches here to familiarize yourself with the information before the next section of the article is released. It’s worth it to take a moment to read the command line switches on this page to familiarize yourself with the upcoming set of screenshots. Read More
Jan
05
Google and file searches on a website are good ways to accomplish manual Human OSINT. However, most penetration testers like automation. There is a tool called “Maltego” that automates many of the search processes one would use on multiple search engines and social media platforms. Maltego is an application that has many plugins that interface with APIs of various internet databases. Some of these databases are ones that previous articles have mentioned like shodan.io. These APIs can be... Read More
Dec
22
One of the most comprehensive ways to gather Technical OSINT on a penetration testing target is to use a search engine called “Shodan.” Shodan isn’t a normal search engine like Google or DuckDuckGo. What Shodan does is scan the internet for devices.  Read More
Dec
15
IT teams that access dark forums for cyber security intelligence are urged to use caution and practice transparency. While dark markets and the dark web can provide valuable information for cyber security professionals, organizations and individuals need to follow laws and regulations and maintain open lines of communication with law enforcement to avoid major investigative scrutiny. That’s what the DOJ is saying in a recently published report outlining the intricacies of accessing the Dark... Read More
Dec
07
This is a new series of articles that will cover the complete penetration testing methodology based largely on case studies of previous hacks. These articles will cover initial reconnaissance, picking an attack vector, gaining a foothold, maintaining presence, lateral movement, and finally going after the prize. A guide to Open Source Intelligence One of the main case studies these articles will borrow from is the APT1 report published by Mandiant in 2013. Though the report focuses on a... Read More
Dec
01
Phishing attacks have been a nuisance for the IT industry for a long time. As the holiday season approaches, organizations must focus their efforts on raising cyber security awareness to counter the effects of social engineering. Every day, cyber criminals find new ways to cheat individuals and businesses online. Whether it’s credential theft, ransomware or corporate espionage, new technologies make it increasingly easy for cyber criminals to disrupt our daily lives. Phishing continues to do... Read More
Nov
20
Red team tactics are at the heart of cyber security with organizations around the world offering rewarding, high-salary careers to ethical hackers who understand the importance of penetration testing. No matter where you’re at in your InfoSec journey, there’s an INE cyber security learning path for you. Here’s a look at our red team training, all included with your Cyber Security subscription. Read More

Subscribe to INE Blog Updates

New Blog Posts!