Cryptography: Concepts and Examples

Cryptography involves many topics and theories. This article covers topics including Symmetric Encryption Algorithms (also known as block ciphers), Hash Functions, Message Authentication Code (MAC), Authenticated Encryption (AE), Modes of Operation, Common Cryptography Terms, Cryptographic Applications, Approval Status, Random Number Generators, Seeds and XOR Calculation. Keyless Algorithms Keyless algorithms do not use a secret key … Read more

Vulnerability Management with Nmap and Netdiscover

Nmap is a network scanning tool often used for vulnerability management. It can discover hosts and services on subnets accessible by the scanner. Through Nmap, vulnerability researchers and auditors can assess system vulnerabilities within a corporate environment and formulate remediation plans. This article looks at Nmap commands and explains their usages and differences.

Threat Management: Concepts and Examples

Threat Management helps organizations manage risks and comply with industrial standards and regulations. It includes identifying threats, formulating strategies and developing mitigation measures. Various frameworks and standards are designed for managing an organization’s security posture. This article discusses threat management concepts and provides examples of their applications. Zero-day Zero-day vulnerabilities refer to software flaws unknown … Read more

PSA: Cyber Scams Originated from Slave Compounds

The media in Taiwan and Hong Kong has recently been widely reporting the cyber-scam operations and modern slavery situations occurring in Cambodia and Myanmar as more survivors come forward to share their horrifying experiences. However, the topic is still under-reported outside the Chinese media and deserves more worldwide attention. Situation Trafficked into Scam Compounds It has been reported … Read more

How to Protect and Encrypt Files using VeraCrypt

Using VeraCrypt, you can easily protect important files. This open-source software allows you to protect your files with passwords. You can create an encrypted file container with a password of your choice, save confidential files in it, and access the files later by decrypting the container. This article provides a step-by-step guide on creating an … Read more

Configure Cloudflare Zero Trust for Web Applications

Attackers often target the login page of a web application. Security mechanisms such as Two-Factor Authentication (2FA), Rate Limitation, and Web Application Firewall (WAF) are adopted to mitigate the security risks. Cloudflare Zero Trust (a.k.a. Cloudflare Access) is a security model which offers the ability to verify user identity for accessing web applications. You can … Read more

Cryptography Basics: Encryption and Hashing

Cryptography can be separated into major categories including Asymmetric Encryption, Symmetric Encryption and Hashes. The article explains the categories with related examples and screen captures. Asymmetric and symmetric encryption Asymmetric encryption In terms of asymmetric encryption, different keys are used for encryption and decryption. The public key can be revealed to everyone. Therefore, it is … Read more

Security Basics: Configure Cloudflare CDN

Websites are frequently targeted by hackers as they can be accessed by anyone on the Internet. Looking at the access logs of a web server, it is not unusual to discover that bad actors attempted to make multiple HTTP POST requests with query strings. Attackers may try to access your admin panel through brute force … Read more