500 Blog Posts To Learn About Cybersecurity

Let's learn about Cybersecurity via these 500 free blog posts. They are ordered by HackerNoon reader engagement data. Visit the Learn Repo or LearnRepo.com to find the most read blog posts about any technology.

Hacking is not a crime! Or is it? Well, it depends on which hat you are wearing. Find all about Offense-Defense dilemmas, theories, and practicals here!

1. How to Hack Facebook Accounts: 5 Common Vulnerabilities in 2023

There are 5 common vulnerabilities that attackers can exploit to hack Facebook accounts. They include weak passwords, phishing, remote loggers, MITM, and DoS.

2. How to Hack Instagram: 5 Common Vulnerabilities

There are 5 common methods attackers may use to hack Instagram accounts such as weak passwords, phishing email, OS vulnerabilities & zero day vulnerabilities.

3. 4 Signs Your Instagram Has Been Hacked (and What to Do)

How can you tell if your Instagram has been hacked and what can you do about it? Find out the signs of hacked Instagram accounts and how they affect businesses

4. 3 Flipper Zero Hacks to Wow Your Friends (and How They Work)

It is theoretically possible to use these Flipper Zero hacks for nefarious purposes, including the tricks in this article. But you know…don’t do that.

5. How to Hack TikTok Accounts : 5 Common Vulnerabilities

As TikTok has become a popular platform, it has also become an easy target for hackers. These are the 5 common vulnerabilities that can be used to hack TikTok.

6. How to Build a 2FA Application in Python

Sometimes the best way to learn how to code something is by looking at an example, so we’ve created a sample application on GitHub.

7. How to Hack Bluetooth Devices: 5 Common Vulnerabilities

This article discusses the five common vulnerabilities (BlueBorne, Bluesnarfing, Bluejacking, BIAS & Bluebugging) that allow hackers to hack Bluetooth devices.

8. How to Avoid Credit Card Skimming: 5 Tips to Keep Your Information Safe

Credit card skimming occurs when someone places an electronic device on or near a credit card reader. This device captures and stores your credit card details.

9. Android Devices in Enterprise Mobility — Navigating Key Risks

Mobile phones have always been a staple of corporate communication. In the early days, companies would provide mobile devices to their employees.

10. The Easiest Way to Access the Dark Web on an iPhone

Learn how to access the dark web on your iPhone with these simple steps. Stay anonymous and protect your privacy while browsing the hidden web.

11. What Is FraudGPT?

Hackers have their own version of ChatGPT: a chatbot that can help with malware and phishing called FraudGPT. Here's everything you need to know.

12. I hacked 40,000 passwords with Python. Yours might've been one of them.

Remember the good old days when you were passing love notes to your crush across the classroom?

13. How to Hack Android Phones

There's a big difference between hackers (people who like to experiment with computer systems to make them do unintended things) and attackers .

14. How to Hack Facebook Messenger: 6 Methods and Vulnerabilities

Spyier, keylogging, and hacking using cookies are some of the most common ways Facebook Messenger accounts get hacked.

15. Part 2: How to stop me harvesting credit card numbers and passwords from your site

I wrote a post recently describing how I distributed malicious code that gathers credit card numbers and passwords from thousands of sites in a way that’s quite difficult to detect.

16. How to Make a Malicious USB Device and Have Some Harmless Fun

Make an inexpensive BadUSB from an old USB drive and learn about Windows shortcut files and how malicious actors are using .lnk files to spread malware.

17. 6 Domain Name Registration Drivers in Q2 2022

WhoisXML API researchers identified six notable domain registration drivers for Q2 2022. Check an overview of the key findings and takeaways.

18. Uber & Thycotic: Are Password Vaults a Huge Security Vulnerability?

The Uber hack showed that password vaults come with a security risk. Still, if set up correctly they improve security for companies.

19. How Snapchat Accounts Get Hacked: 5 Indicators of Compromise

Vulnerabilities and social engineering methods may allow attackers to hack Snapchat accounts quite easily.

20. How to Get a Reverse Shell on macOS Using A Flipper Zero as a BadUSB

Using a Flipper Zero as an ethical pentesting device to establish a reverse shell on a macOS computer.

21. Cross-Site Scripting (XSS) Vulnerabilities: Testing Strategies and Examples

Cross-Site Scripting (XSS) Vulnerabilities: Testing Strategies and Examples. Stored XSS, DOM-based XSS, Self-XSS, Reflected XSS, Prevention Techniques

22. How to Create a Random Password Generator Using Python

Create a random password generator using Python by generating a combination of letters, numbers, and symbols as characters scrambled together

23. Defending Your Web App: A Guide to Rate Limiting and Brute Force Attack Prevention

Web app security - testing web applications: Rate Limits and X-Forwarded-For header, Brute Force attacks, and Restoring original visitor IPs

24. Intro to Digital Fingerprints: Understanding, Manipulating, and Defending Against Online Tracking

Digital fingerprinting, identifying users by hardware params. Learn about parameters, manipulation, fingerprint spoofing, online privacy, bot detection systems

25. 5 Best Cybersecurity Books for Beginners

These are the five cybersecurity books that you should start with if you are considering a career within the industry.

26. Exploiting the proftpd Linux Server

Did you ever wonder how a hacker can compromise a system? This Behind the Scenes (BTS) walkthrough takes us through a possible scenario using a known exploit.

27. Cybersecurity Essentials: Practical Web App Security Testing Tips for QA Engineers

Cybersecurity for QA - web app security: XSS, Header Injections, CSRF, RCE, Command Injection, Web Parameter Tampering, CORS, Content Security Policy (CSP)

28. You Probably Don't Need OAuth2/OpenID Connect: Here's Why

And the great news is, if the need for OAuth2 and OpenID Connect arises, you can use Ory again to add these on top!

29. The Infamous Hacker Bjorka's Top 7 Leaks that Shocked the Public

In addition to sharing personal data of essential people in Indonesia, Bjorka also studied death cases such as Munir and Brigadier J. Who was Bjorka?

30. Cybersecurity Tips: Vulnerability Scanners Essentials

Cybersecurity Vulnerability Scanners Essentials, OWASP ZAP, Burp Suite, Nessus, Sn1per, Metasploit, SQLMap.

[31. With Cyber Threats on the Rise,

Nero Consulting Encourages Businesses to Keep Their Guard Up](https://hackernoon.com/with-cyber-threats-on-the-rise-nero-consulting-encourages-businesses-to-keep-their-guard-up) Nero Consulting CEO Anthony Oren has watched countless companies suffer from the lack of preventative measures to secure their systems.

32. How Digital Products Protect Users From Disaster

How digital products protect their users in the era of rising cyber attacks and use privacy and security features to stand out from the competition.

33. Domain Fronting 101: What is Domain Fronting and How Does it Work?

Domain fronting is one technique that hackers use to bypass internet censorship. This method is used to access restricted sites that would typically be blocked.

34. The Nigerian Prince Email and the History of Social Engineering Techniques

This is the origin of one of the most famous online scams in internet history: the Nigerian Prince email.

35. Windows Sticky Keys Exploit: The War Veteran That Never Dies

Did you ever hear of Sticky Keys Exploit? You probably did, since it has been known for ages. It was used as an exploit many times, fought in many windows versions, and it has never been killed. That’s why I’m calling it the “War Veteran”, although it never retired…

36. Proxies, VPNs: Your Online Privacy, Anonymity and More

VPN and proxy in detail. Explore VPNs and proxies for online privacy. Learn about HTTP, HTTPS, SOCKS, SSL, and TLS, masking IP addresses and encrypting data.

37. CSI Linux: Linux Distribution for Cyber and OSINT Investigation

CSI Linux is an OS designed for cybersecurity and cyber investigations, offering tools for digital forensics, OSINT, malware analysis, and more.

38. Risk DAO Conducts Technology Risk Assessment on Aurigami Finance

Aurigami conducted a risk analysis of the protocol's risk parameters in an effort to reduce technological risks and improve capital efficiency.

39. 5 Best Free Proxy Servers To Visit Sites Anonymously In 2020

A proxy server will assist you to mask your identity on the web. Perhaps you wish to access suspicious websites, bypass net censorship in your country or on your office/school network having a proxy website among your reach is very important.

40. How to Protect your ERP System Against Cyber Attacks

How to protect your ERP system against cyber attacks?

41. How Can I Tell if My Steam Account Has Been Hacked? (and How to Recover It)

his time, I would like to focus on Steam account security, which has recently gotten some attention in the community after waves of phishing attacks.

42. An Anti-Sandwich Tool for Ethereum and BSC - With 10,000 $HKLS Airdrop Pool for Beta Users

DeFi security provider, Hackless, is introducing a new tool that helps fight sandwich attacks on BNB Chain and Ethereum. Try safe swaps with AntiSandwich

43. The Most Common Photos Used by Catfish Scammers: Fake Love Costs Real Money

The girl you think is into you is a catfish scammer, and this post will prove it.

44. ATPC Cyber Forum To Focus On Next Generation Cybersecurity And Artificial Intelligence Issues

This event will feature leading cyber experts from the financial services sector, Federal agencies, the White House, and Congress to focus on pressing cybersecu

45. How Twitter Can Satisfy Elon Musk's Request for Fake Account Clarity

Twitter claims that less than 5% of users are fake. Is Elon Musk right to be skeptical? Until a proper test is run, nobody truly knows how bad the situation is.

46. IT Audit | Step-by-Step Guide

In 2020, an IT audit is important for all organizations. It provides insights into the business’ IT infrastructure and how it can be improved.

47. How to Detect Malicious JavaScript Code

JavaScript is a powerful tool that has changed the way we interact with websites and different apps.

48. How to Map Your Home Networks Using NMAP

Here's to learning basics of networking and an awesome tool called NMAP

49. How the Geek Squad Scam Works (Don't Fall for This)

Got an email from Geek Squad that looks fishy? Here's what to do.

50. Steganography: How Hackers Hide Malware in Images

Image steganography is a technique that attackers use to hide a secret piece of text, malware, or code inside of an image. This technique is difficult to detect

51. How Hackers Attack Subdomains and How to Protect Them

In this detailed guide, you will find what dangers exposed subdomains hide, how perpetrators can use them, how to find subdomains, and how to defend them.

52. [CTF Series #1] The Reverse Engineering Challenge

Objective:

53. A Shapeshifter Under the Hoodie: The Face of Modern Cybercrime

The face of modern cybercrime is not the stereotype of a hacker. It's a mirror, reflecting the people close to you. And the perpetrator could be anyone.

54. All the Methods You Can Use to Hack into a Website

In this article, we are looking into various basic methods of hacking into a user's web account and the website's database itself by using some basic methods.

55. The Dating App Breach That Turned Into a Biometric Black Mirror Episode

Tea's Firebase misconfiguration exposed 1.1M sensitive messages.

56. Harnessing the Power of ChatGPT for OSINT: A Practical Guide to Your AI OSINT Assistant

If you're like most security practitioners, you're always on the lookout for new tools and techniques to help you gather intelligence. ChatGPT is one of those n

57. Cybersecurity in Web3: How to Jump on the Bandwagon Safely

The article addresses common cybersecurity vulnerabilities identified during smart contract audits, social engineering's role in web3-related cyber fraud, etc.

58. You are Not Learning Alone: a Structured Guide for Cybersecurity Beginners

Embark on your cybersecurity journey with this comprehensive guide. From leveraging practical-led training and exploring free tools to finding a mentor online.

59. Why You Should Protect Your Cell Phone Number and How to Do It

With only your cell phone number hackers become you!

60. Inside a Hacker's Backpack: Gadgets, Tips, and Tricks for Hackers

Not ever hack job requires just a laptop and some software to gain privileges into a system. Sometimes, something extra is required to make the job very easy

61. How an 18-Year-Old Teen Breached Uber Without Hacking a Single System

A comprehensive coverage of how an 18-year-old teen breached Uber databases without hacking into the company's servers or seeing them.

62. How to Rescue Funds From Hacked Crypto Wallets

Another milestone for Hackless, as we recently opened private access to Wallet Rescue.

63. Delete These Apps to Speed and Space up Your Phone

Smartphones, the smart technology at our fingertips has geared our lifestyles to optimal levels.

64. How to Hack Your Alexa using a Voice Command-SQL Injection

Based on your previous coverage of similar topics, we thought you may be interested in this recently discovered voice activation device hack, and a new technique we call Voice-Command SQL Injection.

65. 6 Major SCADA Attacks That Happened And Their Consequences

Here we will look at the top SCADA attacks that have happened in the past.

66. How to Detect if an iOS Device is Jailbroken

Thanks to the mobile era we have mobile apps for everything these days. Every business from a barber shop to huge retailers has apps so that they can be closer to their customers. On one hand, we really leverage this convenience but on the other hand, there are risks of exposing a lot of confidential information while using these apps. And it becomes very vital when dealing with payments and other sensitive information.

67. How to Reverse Engineer a Drone With Wireshark Using Packet Dissection

A cybersecurity research article diving into reverse engineering DJI drone communication protocol systems using Wireshark

68. Installing Shadowsocks-rust: a Secure, Open-source Proxy Server, Better Than VPN

Explore how to tunnel OpenVPN through Shadowsocks to bypass VPN blocks using DPI. An insightful guide to enhancing your online privacy and unrestricted access.

69. 3 Types of Anomalies in Anomaly Detection

An Introduction to Anomaly Detection and Its Importance in Machine Learning

70. Cloud Phishing: New Tricks and the Crown Jewel

Cloud Computing gives phishers a new playground. This article is about Cloud Phishing — whether using the Cloud to do it or targeting the Cloud.

71. Scanning 2.6 Million Domains for Exposed .Env Files

A software developer scanned 2.6 million domains for exposed.env files.

72. Using Hashcat Tool for Microsoft Active Directory Password Analysis and Cracking

Let's conduct a penetration testing on a file with a detailed study analysis of system passwords as part of an ethical hacking engagement.

73. How to Create Your Own Dark Website (.onion) on Linux

As we know dark websites use .onion for their domain extension.

74. The Ultimate Guide to Mastering Nmap and Netcat

Dive into network security with our guide on Nmap & Netcat. Learn their uses, commands, installation, troubleshooting, and ethical practices.

75. Netizens, 2023 is the Year to Up-skill in Cybersecurity

Stay ahead of the curve in 2023 with these essential cybersecurity courses by EC-Council.

76. 5 Best Browser Extensions For Protecting Your Privacy Online

It is essential for every internet user to comprehend the importance of browser security capabilities to assure they browse the internet safely. Protecting your browser might mean limited functionality of some web sites, but it’ll shield your most sensitive information as well.

77. Top Resources to Learn Ethical Hacking

In this article, I will list the best resources all over the internet which will help you to be a hacker yourself.

78. The Sneaky Way Web Browsers Are Identifying You (Even When You Turn Off Cookies)

A guide on browser fingerprinting, how it identifies us, fingerprint testing, and what techniques we can use to ensure our browsing is kept anonymous.

79. How To Remove a Rootkit

Companies—and even the government—collect the information they need online. And this is where the risk to privacy and cybersecurity arises.

80. Ockam launches Orchestrator for Enterprise-grade Trust of Data-in-Motion

Ockam launches Ockam Orchestrator, a fully-managed cloud service that Enterprise developers need to build trust between applications.

81. Secure Your Metamask Wallet By Following These 10 Steps

So it's important to take extra precautions when it comes to securing your MetaMask wallet. Here are some tips on how to do just that.

82. How to Crack a Password Using Hashcat

In this article, I discuss the best ways to crack passwords.

83. How To Find Out If A Hacker Has Attacked You

Computer crimes are all those online attacks carried out by a hacker whose purpose is to breach a computer system in order to gain financial gain in some way

84. How to customize your hacking set-up for the most affordable price

This article discusses the most affordable hacking setup at the least expensive price point possible. As a beginner, you don't need much of a really powerful PC

85. Bad Actors Are Joining the AI Revolution: Here’s What We’ve Found in the Wild

Follow security researchers as they uncover malicious packages on open-source registries, trace bad actors to Discord, and unveil AI-assisted code.

86. How to Encrypt a PDF Using Python

Encryption is a way of encoding human-readable data with encrypted code that enables the use of a password to view the source and data stored.

87. A CTO’s Reflection of the 2023 RSA Conference

Ockam's CTO reflects on his experience at the RSA conference, and how our current approach to cybersecurity is untenable

88. Facts You Probably Didn't Know About The Dark Web

The dark web refers to encrypted online content that is not indexed by conventional search engines. Sometimes, the dark web is also called the dark net.

89. How to Move End-to-end Encrypted Data Through Kafka

The Confluent add-on for Ockam Orchestrator enables tamper-proof and end-to-end encrypted message streams through Confluent Cloud, with zero-code changes.

90. Why Governments Use Mass Surveillance⁠—And What To Do About It

“I’m not a terrorist, why should I be worried about my data being monitored?”

91. Is Cyber Security Hard? How to Find Your Way in

Cybersecurity is a broad, changing, challenging and complex field. To get into it, go beyond application forms with the tips described here.

92. 5 Common Identity and Access Management Security Risks

IAM ensures that employees have the necessary permissions to perform their jobs. Read on to learn about the 5 common IAM security risks & how to mitigate them.

93. A Guide to Password Hashing: How to Keep your Database Safe

Hashing algorithms are one-way functions. They take any string and turn it into a fixed-length “fingerprint” that is unable to be reversed. This means that if your data in your database is compromised, the hacker cannot get the user’s passwords if they were hashed well because at no point were they ever stored on the drive without being in their hashed form.

94. Is it Safe to Store Credit Card Information on Google Chrome?

Do not store your credit card information on Google Chrome! This article discusses why it's not safe to store your credit card information on Google chrome.

95. Best Physical Security Practices for Your Server Room

Your server room hosts your most important assets, so it deserves proper protection. Here are four physical security strategies to keep your server room secure.

96. Why Everyone is Panic-Buying Mac Minis for OpenClaw / Moltbot / Clawdbot?

the reality is more nuanced than the hype suggests.

97. The NuID Ecosystem: An Improved Identity Layer Putting Identity Ownership In Users’ Hands

The internet grew without an identity layer, meaning it grew without a reliable way of knowing or verifying who you were connecting to which can be dangerous.

98. The Ultimate Security Guide for Cryptocurrency Investors

99. 5 Low-Cost Cybersecurity Measures SMBs Can’t Afford to Not Implement

A successful cyber attack can be devastating; many cybersecurity measures that can help SMBs can be implemented at surprisingly little cost.

100. PlayerUnknown’s Battlegrounds Main Menu Is Vulnerable to Hacking

<strong>Update: </strong>This security hole has been plugged. See my <a href="https://medium.com/@fsufitch/pubg-main-menu-hack-its-fixed-cbad28c706fa" target="_blank">next post</a> for details.

101. Inside the Secrets of Physical Penetration Testing

Not every pen tester hacks computers — physical pen testers use people skills, social engineering, and other physical methods to gain access. Here's how.

102. How Secure Is Remote Desktop Protocol (RDP)?

Have you ever used a remote desktop? It probably wasn't as secure as you thought.

103. ISO/IEC 27035: The Incident Security Incident Management Guide

We will learn about the security incident phases, security incidents response planning (IRP), and Incident Response Team Structures.

104. AI Agents Are Growing Up - And They Need Zero-Trust Parenting

AI is evolving fast, but security isn’t keeping up. Discover why zero-trust architecture is critical for safe, scalable AI agent deployment.

105. Using the Common Vulnerability Scoring System

The common vulnerability scoring system (CVSS) is a way to assign scores to vulnerabilities on the basis of their principal characteristics.

106. How Facebook tracks you on Android (even if you don't have a Facebook account)

Suppose you’ve picked up an Android phone on the street and you saw the 4 apps above. Can you guess the profile of the phone user?

107. Anyone Can Be a Victim to a Phishing Scam. Here’s My Story.

Got a call from 888-373-1969 claiming to be the Chase fraud department? Trust but verify should be your principle to avoid phishing scam!

108. EC-Council Introduces AI-Powered Ethical Hacking against Cybercrime

CEH v13 certification equips cybersecurity professionals with essential AI skills to prepare them for a new era of cybercrime

109. JA3 and JA3S in Security Monitoring of SSL Communication

JA3 and JA3S are TLS fingerprinting methods that may be useful in security monitoring to detect and prevent against malicious activity within encrypted traffic.

110. How to Protect Your Netflix Account from Getting Hacked

Netflix accounts getting hacked are the least bit of anyone’s concern. Not because it doesn’t mean anything to us, but we anticipate little harm from it. After all, what more can a hacker do than to watch a few titles, get to see their favorite shows or movies? But that’s not always the case. We have left this issue unsupervised for far too long, and there is harm more significant than we give credit for.

111. Microsoft's Forced Updates: A Critique of the Global IT Outage

A global IT outage caused by a flawed CrowdStrike update on Microsoft Windows reveals vulnerabilities in digital infrastructure, urging better update and cybers

112. Hunting Pedophiles On The Dark Web: How I Started Doing It

It started when I was 17, a high school senior about to graduate, wondering what career path I wanted to take. At the time I was doing three IT courses, so naturally going to University for Cybersecurity made sense.

113. The Authorization Gap No One Wants to Talk About: Why Your API Is Probably Leaking Right Now

Broken Object Level Authorization (BOLA) is eating the API economy from the inside out.

114. Is WhatsApp Safe?

WhatsApp is the most popular messenger owned by Facebook. According to the official stats, the number of WhatsApp active users has reached 1 billion in 2020. Just imagine, approximately 65 million messages are sent via this social app daily.  Since the app is so popular, it’s very attractive for hackers. In this article, I’ll tell you about the major WhatsApp security threats, which will help you protect your chats and shared media from hackers, WhatsApp spy apps, and keylogging software.

115. How to Hack a Windows Machine Like a Pro Hacker

In this article, we are going to discuss how we can hack into a windows 10 operating system using some really cool tricks and some highly advanced hardware.

116. What is the Difference between Telnet and SSH?

Telnet and SSH are network protocols used to manage and access devices remotely. SSH is more secure and preferred because it encrypts data sent over the network

117. Multichain Hack and Its Consequences

Details of Multichain hack and how it affected Fantom chain

118. How to Run Reverse Shell for Hacking in Linux

A reverse shell is a hacking vulnerability that the hacker executes .php codes or an executable file in which he gets access to the shell of the target system.

119. Ockam Routing: Building End-to-End Channels

Learn how to create secure channels over multi-hop, multi-protocol routes which can span various network topologies and transport protocols.

120. How My Mother Got Hacked by a Phishing Attack

My mom got hacked and probably your mom too. How a social engineering attack works on vulnerable users.

121. Cracking the SANS GSEC Certification

The SANS GIAC Security Essentials (GSEC) certification is for anyone working in the field of Information Security.

122. What's wrong with stickers in Telegram? Deanonymize anonymous channels in two clicks

Did you know that Telegram stickers can give you away? In this article, I will teach you how to deanonymize anonymous channel authors using a module for Maltego

123. Every Truth (And Lie) Told in Netflix's 'Zero Day,' Ranked

Is Netflix’s 'Zero Day' realistic? A malware researcher breaks down 3 real cyber threats and 3 myths, separating cybersecurity fact from fiction.

124. TLS Cipher Suites: Which Ones to Let Go in 2023?

What cipher suites are appropriate to include in TLS configuration, and which ones should be removed to enhance its security?

125. The Dangers of SVG Files: A Lesser-Known Vector for XSS Attacks

One lesser-known vector for XSS attacks is the SVG image format. SVGs support JavaScript using the <script> tag, which can be exploited by attackers.

126. 5 Ways to Protect Your Facebook Account from Getting Hacked

If you're wondering how to stop Facebook hackers, here are 5 easy ways to do so. This guide is beginner-friendly and all discussed methods are free.

127. Ockam and Redpanda Team Up: Launching the World's First Zero-Trust Streaming Data Platform

Ockam teamed up with Redpanda to launch Redpanda Connect with Ockam: the first zero-trust streaming data platform.

128. Finding Digital Crimes by Exploring Master File Table (MFT) Records

To explore the MFT records, learn how to locate date and time values in the metadata of a file we create.

129. Risk Assessment Vs Vulnerability Assessment: Which Assessment Should You Conduct?

In this blog, we will discuss the different aspects of risk assessment and vulnerability assessment.

130. Sektor7 - Malware Development Essentials Course Criticism: Proving an Alternative.

Honest critique on RED TEAM's content, format, and price with alternative, quality resources shared for comprehensive learning

131. The Dangers of DeepFake Technology: Exploring the Potential Risks of AI-Generated Videos and Images

As much as there may be some positives to deepfake technology, the negatives easily overwhelm the positives in our growing society.

132. Hiding Your API Credentials Client Side Using a Proxy Server in React

When you're writing client-side code to make API requests, you might need a Proxy Server to hide your API Credentials. Let's see how to do this for React apps.

133. A Guide to Multi-Party Computation (MPC)

A look at blockchain security innovations for safe and efficient wallets, with a hands-on Python demo.

134. What is Broken Access Control and Why Should You Care?

With broken access control being one of the most prevalent weaknesses for web applications, it’s important to not only understand it, but to prevent it also.

135. AI-Powered Healthcare: Bridging the Personnel Gap

The healthcare industry has been grappling with a severe shortage of personnel...

136. Life360 Potentially Leaves Its Users’ Sensitive Data at Risk

The family safety app Life360 doesn’t have some standard guardrails to prevent a hacker from taking over an account and accessing sensitive information.

137. Root Cause Analysis: How to Get to the Heart of a Breach

Root cause analysis allows businesses to identify the primary cause behind a data breach to prevent it from happening again. Here's how to conduct an RCA.

138. What are File Permissions and Why do they Matter?

Each and every file on a computer has what we call file permissions. These are attributes of the file that determine who has permission to access that file and what they can do to that file.

To understand what file permissions are we first need to determine what exactly a file is.

139. What are the Primary Security Architectures in use Today?

In my latest article about “The Rise Of Zero Trust Architecture”, I wrote about the broad and rapid adoption of this relatively new concept in the world of cybersecurity. However, there are still several other security architectures which are in use today:

140. Delete Your Old Tweets: 90% of Employers Consider Your Social Media Activity When Hiring

A survey shows that 90% of employers consider your social media activity when hiring and a whopping 79% of HR have rejected a candidate because of social media.

141. Free VPNs vs Paid VPNs: What Are You Actually Paying For?

Free VPNs aren't free.

142. How I Accepted a OSINT Geolocation Challenge, and Won

Using OSINT Geolocation tools to locate a physical location from a photograph.

143. You're Never Fully Protected Using iMessage

This time, I would like to take a closer look at another popular messaging platform — Apple iMessage.

144. A Quick Guide to Burner Emails

Discover the benefits of burner emails for enhanced privacy and security. Learn about use cases, best online safety practices, and the EmailOnDeck extension.

145. I Tried Hacking a Bluetooth Speaker - Here's What Happened Next

In this article, we’ll attempt to hack a Bluetooth speaker using my knowledge of CyberSecurity.

146. EC-Council to Combat AI Chasm: Free Cyber AI Toolkit for Certified Members

EC-Council introduces a first-of-its-kind Cyber AI Toolkit free for all of its certified members.

147. Command and Control Frameworks in a Nutshell

A glimpse over Command and Control attacks and frameworks, how they happen, and how they can affect our daily lives.

148. "Embeddings Aren't Human Readable" And Other Nonsense

The research and breakthroughs in embedding inversion attacks make it clear that embeddings are, in fact, reversible back into forms that are fully human readab

149. ClickFix Attacks Are Targeting VC and Fintech Talent with New Multi-Stage Loader Techniques

New ClickFix attacks target crypto pros via fake LinkedIn job offers. Learn how multi-stage loaders steal assets and how to protect yourself from these threats.

150. How Biometrics Reshape Payments Worldwide

The applications for biometric recognition are numerous, but in this article, I’ll specifically look into one—bio-acquiring, or biometrics-enabled payments.

151. Never Rely on UUID for Authentication: Generation Vulnerabilities and Best Practices

The risks and best practices of using UUIDs for authentication, uncovering vulnerabilities, and secure implementation strategies.

152. How to Implement JSON Web Token (JWT) in Java Spring Boot

JSON Web Token or JWT has been popular as a way to communicate securely between services.

153. The Lowdown on Udacity's Intro to Cybersecurity Nanodegree

This online Nanodegree program with provide you with a strong foundation in cybersecurity skills and workplace-relevant knowledge.

154. What Is the GIAC Penetration Tester (GPEN) Certification?

You need to ensure your resources are put to the best use. With that in mind, it is important to know more about what the GIAC Penetration Tester Certification

155. How to Prevent Juice Jacking

Juice jacking occurs when a hacker has infected a USB port with some form of malware or other harmful software.

156. 5 Negative Behavioral Effects of Cyber Security on Organization

The effect of individual behavior on cyber-security is essential to the safety and protection of information or data in corporate organizations, government, financial institutions, and all other organizations you can imagine. The risk of breaching has a negative effect and has severe consequences.

157. How I Solved the Passman CTF Challenge with GPT-4

Discover how Chat GPT-4, an AI chatbot, helped crack the Passman challenge in Hack The Box's Cyber Apocalypse event. Ethical hacking meets AI power!

158. How to Set Up Portable VirtualBox With Kali Linux

This a short tutorial on setting up Portable Virtualbox with Kali Linux.

159. Jailbreaking an iPhone: Everything You Need to Know

Do you want more control of your iPhone? Then Jailbreak it. This is everything you need to know to jailbreak your device and the security risks you may face.

160. Semantic Data Extraction, Red Teaming, Guardrails, and Shadow AI, Oh My! AI’s Role in Security

Generative AI boosts efficiency but introduces security risks like shadow AI, vulnerabilities, and data leaks. Learn how AI can secure AI-driven development.

161. Identity and Access Management - IGA, IAM, and PAM Explained

Identity is becoming less of a tool and more of a strategic framework to secure digital assets and protect data privacy.

162. DNS Queries Explained

DNS is a topic often considered difficult to understand, but the basic workings are actually not hard to grasp. The first fundamental point to grasp is that every domain in existence is linked to an Internet Protocol (IP) address.

163. What is Credit Card Skimming and How Do You Prevent it?

This story describes what credit card skimming is and how to prevent it.

164. Deepfake Phishing Grew by 3,000% in 2023 — And It's Just Beginning

Deepfake phishing attempts are growing at an alarming rate, with no sign of slowing down. Here's how you can defend against deepfake phishing attacks.

165. Phishing 101: A Beginner's Guide on Phishing Attacks

You receive an email asking for your bank details or credit card information. It's urgent, but read this so that you do not become a victim of phishing.

166. AI Apocalypse: What Happens When Artificial Intelligence Goes Rogue?

Artificial intelligence is rapidly becoming an integral part of modern society. This article addresses growing concerns about what happens when AI malfunctions.

167. Seven things that slow down your VPN and What You Can Do About It

Those accustomed to Virtual Private Networks probably know what a painful experience is slow connection speed. Paradoxically, VPNs are the #1 go-to software when talking about torrenting (where speed matters a lot), yet, due to their technicality, some sort of a speed drop is inevitable.

168. How Much Does the CEH Exam Cost?

EC-Council’s Certified Ethical Hacker (CEH) is one of the most established and recognized offensive security certifications. The certification is ANSI-accredited and DoDD 8140-approved because of which the certification in highly valued by security professionals from both the public and private sectors. Since CEH is the gold standard for validating offensive security skills, the CEH certification cost is around $1,199 and the cost to retake the exam is $450.  This article will cover the various processes you have to go through to earn this certification as well as the associated costs.

169. How to Build-in Security as a SaaS Feature: A Guide

170. What is a Self Destruct Attack in Smart Contracts and How to Prevent Them? 🚨🛡️

Uncover smart contract vulnerabilities like self-destruct attacks & how to fortify against them. Dive into security measures for safer blockchain code!

171. Black Hat Hacking Forums Get Hacked: Possibly a LulzSec Attack

Presently, the world of black hat forums appears to be engulfed in a series of cyberattacks. According to a Telegram channel, on 18th June 2019 it was reported that three leading black hat hacking forums were reportedly exploited, affecting an aggregate of over 260,000 hackers. From the disclosed data, it appears as though the creator of the aforementioned Telegram Channel has access to certain Ukrainian police files which may have led to the leak.

172. It's in Your Memory! Memory Forensics in Android

The numerous fascinating concepts I have learned in past several weeks, needed to be captured. One of them has been memory forensics.

173. 12 Red Flags to Look Out For to Avoid Getting Scammed on Facebook Marketplace

We have put together this guide to help you avoid getting scammed. There are several red flags buyers and sellers should be mindful of when shopping.

174. AppSec: SecDevOps or DevSecOps? Do We Need to Choose? Guide to the What and the Why

The talks emerging around DevSecOps and SecDevOps, define and differentiate the other. While the overall goal may be the same, they are different in practice.

175. Do You Need to Hire a Fraud Specialist?

Learn why fraud prevention & cybersecurity matter, the role of a fraud specialist, challenges for business analysts transitioning, and need for SQL skills.

176. Crypto Wallets Exposed "Mnemonic Phrase Vulnerabilities" (4 Already Fixed)

MetaMask and Phantom said today that they had patched a security flaw that could, in some cases, allow attackers to obtain mnemonic phrases.

177. It’s time for cybersecurity degree programs to get more hands-on

Too often, employers find that recent college grads with cybersecurity and IT degrees lack practical skills. It's time to make the curriculum more hands-on.

178. How To Analyse and Visualize DMARC Reports using Open-Source Tools

Sending mail might sound easy, but to avoid getting your mail caught in spam filters, and to prevent others from sending spoofed email in your name, you need to employ different preventive methods. One such method is DMARC, which allows domain administrators to apply policies with regard to email authentication. You also have the possibility to get reports sent to you with the results of the applied policy.

179. OWASP Top 14 Security Practices For Software Developers

★ The objective of this guide is to provide a comprehensive review of the security principles with limited scope in terms of information. The primary goal of the software developing team is to use the available information resource to provide and build secure applications for your business and software operations. It could be obtained through the industry-standard implementation of security controls.

180. Adversarial Machine Learning: A Beginner’s Guide to Adversarial Attacks and Defenses

Learn what's adversarial machine learning, how adversarial attacks work, and ways to defend them.

181. Sia Proposes ‘Supreme Privacy’ Framework to Address Cloud Data Access Vulnerabilities

Sia offers Supreme Privacy, a model where your data is encrypted, sharded, and stored in such a way that no one but you can access it.

182. Data Breach: What Tesla’s Biggest Insider Threat in 2023 Can Teach Us Going Into 2024

While the leak is interesting in itself, in this article, we are going to look at the role of fostering loyal employees.

183. 7 Steps to a Winning Cloud Migration Strategy

Cloud computing has revolutionized IT since the 2000’s, and this revolution is far from over. Formerly, organizations would host their data on-premise as that was the only option available, but with the advancement in technology, and fast-changing business demands, cloud-based solutions started turning out to be a more flexible and powerful option for organizations. There is a mass migration underway to adopt cloud infrastructure and avoid the hassles and operational costs of managing infrastructure in-house.

184. OWASP Top 10 .NET Protection: A Guide (Part 1)

The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.

In this article, I want to cover the first part of the TOP 10 vulnerabilities and how to protect against them using .NET.

185. Should You Disable Autofill? - Here's How to Protect Your Passwords

Password managers are beneficial to have but the autofill feature can be exploited by hackers. You should disable autofill on your browser to protect your data.

186. Why Startups aren't Using Ethereum

This interview talks about the rising ethereum transaction fees, cross-fi staking and cybersecurity for blockchain startups.

187. 9 Essential Factors to Consider Before You Install A Security System

In the US, a burglary happens every 23 seconds on average. This number is even higher in developing countries.

188. What is URL Masking and How Does It Work?

Be careful of the latest engineering technique called "URL Masking", it's quite dangerous.

189. Satellite OSINT: Space-Based Intelligence in Aerospace Cybersecurity

Employ a cybersecurity technique known as OSINT to perform reconnaissance on satellites to retrieve useful telemetry data.

190. Why Hackers Aren't Stopped by Account Lockouts

If you mess up your password three times, you may be locked out for several minutes. Why doesn't that stop hackers trying to guess passwords?

191. How RAT Mutants, in Python, Steal Data and Evade Detection

Even though malicious Python packages are found every day by our security researchers, a new type of malware we call RAT mutants is catching our attention.

192. Network Security 101: Everything You Need to Know

Network Security is Vital. Its purpose is to prevent unauthorized users from accessing an organization's network and devices. It is intended to keep data safe.

193. An Intro to Zero Trust Architecture

Zero Trust isn’t a new concept. It was first presented in 2009 by John Kindervag, a former principal analyst at Forrester Research.

194. What Are the Legal Implications of Paying Ransomware Demands?

Can you get in trouble for paying the ransom during a ransomware attack? Here are all the legal implications of a cyberattack.

195. Adversarial Machine Learning and Its Role in Fooling AI

shortly after the launch of Face ID, researchers from Vietnam breached it by a 3D face mask. Such attacks against ML-based AI systems come under adversarial machine learning.

196. How Do Cyber Criminals Launder Money?

After cyber criminals steal or extort money, how do they actually spend it? Here are the ways these criminals clean dirty money.

197. Video Chatting Might Lead You to Identity Theft and Scams

One might think that the internet was designed for the consumer to remain anonymous and share their ideas without any censorship. But it isn’t the case anymore, especially since the abrupt commercialization of the technology and the rise of social media, which has paved the way for big corporations and regimes to take note of user data and activity, like never before.

198. Business Pros Underestimate AI Risks Compared to Tech Teams, Social Links Study Shows

Business Professionals Are Half as Concerned as Technical Teams About AI-Driven Threats, Social Links Report Reveals

199. How to Protect Yourself From Sim Swap Attacks

If they can get Jack Dorsey they can get you… learn the simple ways to protect yourself against Sim Swapping Attacks.

200. How online players can secure their privacy while gaming & streaming?

Ever wondered what would happen if someone ransacks your Steam account and leaves the inventory empty?

201. How Cybercriminals Are Weaponizing Sound Waves

Cyberattacks aren't just phishing and ransomware; now, cybercriminals are even using sound waves to hijack a device. Here's how it works.

202. How to Protect Your Kindle From Hackers

On August 6, 2021, findings of a security flaw in Amazon’s Kindle e-reader were disclosed by Slava Makkaeveev, a researcher from Check Point. You can patch it.

203. Criminal IP: Enhancing Security Solutions Through AWS Marketplace Integration

The interconnected tokens of AWS and Criminal IP seamlessly exchange information, allowing users to leverage both platforms' strengths without encountering dat

204. How Hackers Bypass Multifactor Authentication

As strong as multifactor authentication is, it's not perfect. Here's how hackers are bypassing MFA — and what you can do about it.

205. What is a DNS Attack and How Can You Protect Against It?

DNS is a protocol that translates human-friendly URLs into IP addresses and a DNS attack is when a hacker exploits vulnerabilities in the DNS service itself.

206. Pros and Cons of Cybersecurity Automation

As tech develops, automation is becoming the standard. But can automation be applied to cybersecurity successfully, or is a human touch still needed?

207. Launching DDos Attacks Using Various Programs and Methods

DDoS attack or Distributed Denial of Service attack is an attack aiming to destroy the service of a website by crashing its server by sending a lot of packets and requests to the server. The hackers usually use tools like the low orbit ion cannon, ping of death, SYN flood, HTTP flood & more.

208. Untangling - IAM Policy, S3 Bucket Policy & S3 ACL

Demystify AWS IAM, S3 Bucket policy and Access Control Lists. Learn to configure these from scratch

209. How to Harden K8S: Based On the Recent Updated NSA's Kubernetes Hardening Guide

Recently, NSA updated the Kubernetes Hardening Guide, and thus I would like to share these great resources with you and other best practices on K8S security.

210. Working with Salesforce APIs? Of CORS!

In this post, we’ll take a closer look at how Cross-Origin Resource Sharing,/CORS, operates. By working with a small Node.js app that interacts with salesforce.

211. A Comprehensive Guide to UAV Digital Forensics With DJI Drones

Drone digital forensics is used to investigate UAV crime scenarios. This article researches the best forensics techniques for DJI drones.

212. 5 Popular Hacker Hardware Tools in 2022

A look at some of the hardware tools that hackers use to access and corrupt your computer.

213. My Experience With LLama2 Both as a Developer and a Hacker

Unleash the Power of LLama2: Elevate your AI experience with HackBot! 🚀 Dive into a world where cutting-edge technology meets cybersecurity analysis.

214. Disinformation-as-a-Service: Content Marketing’s Evil Twin

Are you tired of all the BS out there on the internet? It's about to get A LOT worse. Dirt-cheap disinformation-as-a-Service campaigns are a thing now.

215. 5 Top Tech Careers to Consider Studying Towards in 2021

Gain entry into IT with knowledge of data science, engineering, cloud computing, cybersecurity, or devops.

216. Network Security: Things Most People Don’t Think About

There are a lot of things most people do not think about that can dramatically increase the level of security on a network

217. $275M Research: How was KuCoin, One of the Largest Crypto Exchanges, Hacked?

Over the last couple weeks, the hottest crypto market topic was the KuCoin Hack. Hacken Group, the major cryptocurrency exchanges auditor, highly values the need for user awareness of the threats. The issue of preventing such situations is of greater importance at the moment. Therefore, we present the research that was carried out by Hacken specialists. Read the recommendations on what to pay attention to and what to do to avoid such attacks.

218. Using Open Source AWS Amplify JS with Cognito to Secure Angular Apps

This article shows how to set up the Cognito UserPools JWT authentication flow and how it will integrate with an Angular Web Application.

219. How to Build a Self-Hosted Password Vault: A Step-by-Step Guide

It can be risky to self-host a password vault if a user lacks full security competence and exposes the vault to the internet.

220. Ethical Hackers Reveal How to Break Into Any Mobile Device (Legally!)

A comprehensive guide to mobile penetration testing (pentesting) by Sekurno. Learn essential techniques, tools, and best practices to secure mobile apps

221. How to Hide Credentials in Spring Boot

Use env properties in spring boot to add the environment variables.

222. A Beginner’s Guide to Web3.0 Security

This article is a comprehensive guide to understanding and preventing Web 3.0 security threats, including common threats and preventative measures.

223. How to Protect Your Facebook Account From Being Hacked

6 ways to protect your Facebook account from being hacked, including how to protect your password, the best privacy settings, and social engineering protection.

224. Are VPNs Really Safe?

Virtual Private Network (VPN) cloaks your online identity, and shielding your data from prying eyes.

225. 20 Data Security Risks Your Company Could Face in 2020

Today, data security is top of mind for companies, consumers, and regulatory bodies. After years of unfettered participation in the data-driven digital age that was defined by an “anything goes” ethos and a “move fast and break things” mentality, this shifting sentiment is both drastic and welcome.

226. 9 PWA Security Practices to Safeguard From Cyber Threats

Learn how to safeguard your Progressive Web App against cyber threats by implementing security best practices.

227. MrPhish Tool Simplifies Phishing Simulations for Ethical Hackers Using Termux

MrPhish is a Bash-based script designed for phishing social media accounts using port forwarding and OTP bypass controls in Termux.

228. How to Use Zero Trust Framework for API Security

This post is an introduction to how to map the requirements of API Security, from Defense-in-Depth to Zero Trust Model.

229. Security Considerations in IaaS Deployments

Explore crucial security considerations for safeguarding your cloud infrastructure in IaaS deployments.

230. Netwalker Ransomware: Everything You Need to Know to Stay Safe

Ransomware analysis and knowing how Netwalker works are essential for understanding vulnerable points and protecting yourself against Netwalker attacks

231. Penetration Testing And Vulnerability Scanning

Dive into the realm of cybersecurity with our in-depth exploration of vulnerability scanning and penetration testing. Uncover the nuances, security issues, and

232. Tier 1 Smart Contract Auditors: Hacken, Hashlock, Cyfrin, CertiK, OpenZeppelin, SolidProof

Established crypto auditors help secure the industry by validating smart contracts and development teams.

233. The Stupidest Requests on the Dark Web Come from Regular People

As someone who’s spent time digging through dark web marketplaces, forums, and Telegram groups, I’ve seen it all. Here’s what no one tells you.

234. Why You Should Avoid Using Public WiFi

Why You Should Avoid Using Public WiFi

235. What is the Difference Between Antivirus and Anti-malware?

Anti-malware software defends against new malware you may encounter while antivirus software scans for known viruses and searches for any known threats.

236. A New Era in Cybersecurity: Don Delvy's Smartsatellite "Deus Botrus" Redefines Defense, Networking

Don Delvy's groundbreaking solution, the DEFENSE-BASED SMARTSATELLITE is poised to neutralize events like hypersonic threats while securing digital comms.

237. Exploring Cross-Site Scripting (XSS): Risks, Vulnerabilities, and Prevention Measures

Cross-site scripting (XSS) is a common web security issue that can expose your web application and its users to various attacks. In this article, you will learn

238. 51 Stories To Learn About Cybersecurity Skills

Learn everything you need to know about Cybersecurity Skills via these 51 free HackerNoon stories.

239. Severe Truth About Serverless Security and Ways to Mitigate Major Risks

Going serverless is like outsourcing routine tasks to remote pro teams. You get a shorter time to market, lower cost, and better scalability. You focus on features that make your users happy instead of managing a complex infrastructure. You can be more creative and innovative, as a third-party vendor will save you from all the boring tasks.

240. My Wireless Router is Better than Yours

In other posts I have covered the step-by-step process on how to uncover a hidden SSID, both by just listening to the network channel, or by causing a de-authentication attack. In those articles I assumed that you already had a wireless USB adapter capable of going into monitor mode and also capable of injecting packets.

241. UX Considerations for Better Multi-Factor Authentication

The success of online safety protocols depends on user experience. Here's how to optimize multi-factor authentication for effortless UX.

242. When Did Cyber Security Start?

Cybersecurity began between 1970 and 1972 with the publications of the Ware and Anderson reports. The Ware Report set out a number of different security control

243. How Free Streaming Websites Could Harm Your Online Security

Learn how free streaming and online free movies websites could negatively affect your security

244. Basics of Machine Learning and its capabilities in Cybersecurity

The article explores Machine Learning's vital role in cybersecurity, addressing evolving digital threats. It covers ML's types, iterative process, feature engi

245. A Detailed Guide on Quantum Cryptography with Pros and Cons

Is quantum cryptography the next best thing to AES Symmetric Encryption? Let’s find out. Read through a detailed excerpt of how quantum is used in cryptography

246. YARA Rules in a Nutshell

YARA rules can be used to help researchers identify and classify malware samples. They are beneficial for reverse engineering or during an incident response.

247. Is the Metaverse Ready for Cyberattacks?

The metaverse is the next generation of the Internet. But is the metaverse prepared for cyber attacks? Because it will ultimately face cybersecurity incidents.

248. Expert: Facebook, IG App Can Steal Secrets, and Users Can't Turn It Off!

Felix Krause, a former Google engineer who studies privacy, said in a blog post on the 10th that Facebook and Instagram apps track users' browsing behaviors.

249. Analyzing the 12/31/2022 Slack Security Incident

On December 31, 2022, Slack reported a security breach that affected some of its customers.

250. 75% Of Companies Are Banning the Use of ChatGPT: What Happened?

Explore the rising concerns over data leaks with ChatGPT. From potential risks around user data privacy to high-profile incidents involving tech giants.

251. We Need to Talk About Nigeria and Cybersecurity

Keeping information secured and protecting the integrity of data over the internet is now becoming a huge and complex task, due to the increasing number of threats to the information security.

252. SecurityMetrics Announces Suite of CMMC Solutions for Defense Contractors of All Sizes

SecurityMetrics announces new CMMC tool for compliance and validation, helping primes and subcontracts streamline the CMMC process.

253. Apple vs. Microsoft: Who Offers Better Security?

Apple vs Microsoft, which one offers better security between? In this article you will get a detailed explanation how much security each of them have to offer.

254. Scan Kubernetes RBAC with Kubescape and Kubiscan

Exploring Kubernetes ecosystem tools like Kubiscan and Kubescape to scan and evaluate RBAC model of GKE cluster.

255. Everyone’s ‘Ditching’ the Cloud—But Here’s Why That’s a Lie

Cloud security booms to $156.25B by 2032 despite on-prem shifts. Hybrid & multi-cloud demand soars, quantum threats loom—your expertise is still key!

256. Myths and Misconceptions About Private Browsing

Many people who use private browsing incorrectly believe they're protected. Private Browsing doesn't make you anonymous.

257. VPN Leaks that Threaten Your Online Privacy Daily

According to research by GlobalWebIndex, in 2018, around 25% of Internet users have used a VPN service. There are several reasons for this spike in popularity, which you can read about in my previous article. One of the main reasons is the ability to bypass geo-blocks and gain access to, for example, a full Netflix library.

258. 5 Notorious Paypal Invoice Scams & How to Avoid Them

Five examples of what a Paypal invoice scam is, why it works and how to avoid geting scammed by one.

259. The Noonification: The Metaverse is a Sh*tshow (11/2/2022)

11/2/2022: Top 5 stories on the Hackernoon homepage!

260. AI Security Posture Management (AISPM): How to Handle AI Agent Security

Explore how to secure AI agents, protect against prompt injections, and manage cascading AI interactions with AI Security Posture Management (AISPM).

261. 7 Ways to Secure Your Social Media Accounts

In the world today, cybersecurity attacks happen every 39 seconds. 300,000 new malware is created every day; our beloved Facebook is attacked 100k+ a day; and, just very recently had a massive security breach.

[262. CyberSec Games Part I:

Backdoors & Breaches](https://hackernoon.com/cybersec-games-part-i-backdoors-and-breaches-96393b0z) Backdoors & Breaches is an Incident Response Card Game that contains 52 unique cards to help you conduct incident response tabletop exercises and learn attack tactics, tools, and methods.

263. Programming a Keylogger in Python

A keylogger is a tool designed to record every keystroke on a system for later retrieval. Its purpose is to allow the user to gain access to confidential info.

264. Protect Angular Code Against Theft and Reverse-Engineering

In this step-by-step guide, you'll learn how to protect your Angular code from being stolen or reverse-engineered, by leveraging the power of Jscrambler.

265. Shrouded Horizons: My Passage to the Dark Web Marketplaces

An account of visiting the Dark Web Marketplaces for the first time.

266. Why Cybersecurity for Solar Is Crucial — And Difficult

A successful cyberattack targeting solar infrastructure could adversely impact convenience, safety and national security. Here's how to defend solar equipment.

267. How do Hackers Hide Themselves? - A Guide to Staying Anonymous Online

The world has always been fascinated with Hackers. In this video, we’ll learn about how they hide themselves online.

268. The Security Issues in Using Public Wi-Fi  —  “Honeypots” And “Pineapples”

It is a warm and sunny afternoon on a weekend. This is a good time to head to a cafe to chill for a bit with a coffee and pastry. It is also perfect for some web surfing using the free Wi-Fi service. The next thing you would need to know is the Wi-Fi access point (i.e. hotspot) and password. Now you are all set and connect to the Internet. For the average user this is fine, but for cybersecurity experts there is a risk to using free Wi-Fi services.

269. How to Perform a Rogue Raspberry Pi Exploit

How a $20 Raspberry Pi can be used as pentest tool and what to look out for to protect your network.

270. How WordPress Sites Get Hacked: 5 Common Vulnerabilities & How to Prevent Them

WordPress is a popular platform that many use to create their own webpage. Due to its popularity, there is a higher chance of attackers hacking WordPress sites.

271. Children Should Begin Learning Cybersecurity the Moment They Switch On Their First Tablet

Guide on teaching cybersecurity to kids, highlighting crucial steps from their first tablet use, with age-appropriate tips for digital safety.

272. The Dark Side of AI: How Prompt Hacking Can Sabotage Your AI Systems

Protect your AI systems to prevent LLMs prompt hacking & safeguard your data. Learn the risks, impacts, and prevention strategies against this emerging threat.

273. Integrating DAST Into Your CI/CD Pipeline: Benefits and Implementation

This article highlights the value of integrating DAST into your CI/CD pipeline, exploring how it can significantly enhance your application's security posture.

274. AI-Powered Cybersecurity: Top Use Cases in 2023

AI made its mark on the cybersecurity sector in 2020, with a value exceeding $10 billion.

275. Maliciously Manipulate Storage Variables in Solidity [A How-To Guide]

Smart contracts, in general, offer the ability to determine factors and expectations set out by the contract. In the field of programming, factors and expectations can be described as ‘variables’ and ‘conditions’ within the actual code.

276. How to Reduce Your Chances of Being a Victim of Identity Theft

The major causes of identity theft, along with some simple steps you can take to lower your risk of exposure dramatically.

277. Password Security And Thoughts On Authentication Methods

We use passwords to access personal information and user accounts. With so many applications requiring passwords (e.g. online banking, shopping and social media just to name a few), it can be hard to track and at worst remember. Some applications require users to change their passwords every so often, and that can lead to users forgetting them or getting careless by writing down their password on a piece of paper. That piece of paper can later be misplaced which can lead to worse things. The problem with requiring frequent password changes and applying complexity to passwords is that it can become more complicated for users.

278. A Comprehensive Guide to OpenAPI Specification

OpenAPI Specification (formerly Swagger Specification) is an API description format for REST APIs. An OpenAPI file allows you to describe your entire API.

279. Your USB Gadget Could Be Weaponized

Cybersecurity experts have been warning us for years about using USB devices. We look at how an ordinary USB-powered device can be easily weaponized.

280. How to Spot Honeypot Crypto Scams

Honeypot Crypto Scam is very common in blockchain industry. Tips are here to avoid such scams and save your money.

281. Red Team Phishing Simulations: Using Evilginx2 and GoPhish

I'd like to share my experiences using evilginx2 and gophish for red teaming phishing simulations.

282. A Beginner's Guide on Ransomware: How To Identify and Prevent Attacks

Ransomware is a different kind of malware. Find out how to identify and prevent its attacks that encrypt your files and demand a paid ransome for data access.

283. Time Bombs Inside Software: 0-Day Log4Shell is Just the Tip of The Iceberg

CVE 2021–45046, says the fix to address CVE-2021–44228 in Apache Log4j 2.15.0 was "incomplete in certain non-default configurations."

284. The Impact of Biometric Recognition Failures on Security

Discover how failures in biometric recognition methods can impact security in with examples of false acceptance and rejection in biometric verification.

285. LastPass Confirms Hackers Stole Encrypted Password Vaults... Four Months Ago

A password vault leak had happened four months ago and LastPass is only telling you that now.

286. The Rising Issue of Zombie APIs and Your Increased Attack Surface

Zombie APIs expand your attack surface. Learn how to identify and manage these hidden threats to secure your infrastructure and protect sensitive data.

287. A Guide to Understanding the Job Roles & Selecting Your Career in Cybersecurity

This article covers the top 20 job roles available in the Cyber Security domain along with the job description in a simplified way.

288. Modernizing Secrets Scanning: Part 1–the Problem

Today I'd like to share some new approaches to secret search at the scanner level.

289. 7 Ways to Protect Your Router From Hackers

Since we are in the modern technological era, the internet has become an indispensable tool in our modern-day life. As we speak, we need it to communicate, work online, learn online and even do business online. When it comes to internet connectivity, there are many ways to get internet in your home. One of the best ways to access the internet at home or workplace is by investing in a router. With this device in place, you will be able to create a home network that can be used by wireless devices such as smart TVs, home appliances, IP cameras, and so much more.

290. How CEH is Closing the Cybersecurity Talent Gap in the United States

CEH is helping supply a market-ready cybersecurity workforce across sectors like defense, finance, healthcare, and cloud computing

291. AI's Dark Side: OnlyFake's $15 Toolkit for Crafting Cryptocurrency Heist-Ready Identities

AI's Dark Side: OnlyFake's $15 Toolkit for Crafting Cryptocurrency Heist-Ready Identities

292. Motor Vehicle Hacking: How Cybercriminals Hack Your Car

Any system in a smart vehicle connecting to the Internet, fleet management software, or an EV charging network is a potential entry point for hackers.

293. How Can Password-Free Identity Verification Safeguard User Privacy?

Traditional identity verification methods usually have security risks. Unlike these methods, FIDO-based identity verification is much safer and convenient.

294. 7 Sneaky Ways Hackers Are Using Machine Learning to Steal Your Data

Machine learning is famous for its ability to analyze large data sets and identify patterns. It is basically a subset of artificial intelligence. Machine learning uses algorithms that leverages previous data-sets and statistical analysis to make assumptions and pass on judgments about behavior. The best part, software or computers powered by machine learning algorithms can perform functions that they have not been programmed to perform.

295. How To Start A Career in Cyber Security?

As we move forward into the age of technology, and as business people, there is one that should always remember. That thing is simply this; the more advanced technology gets, the more danger there is when it comes to cyber threats.

296. 10 Emerging Technologies to Look out for in 2021

Let's talk about the top 10 growing tech of 2021. All the technologies hold tremendous potential and offer promising career opportunities.

297. How Do I Adopt a 'Zero Trust' Framework?

With increased attack surfaces caused by businesses migrating to the cloud and remote workers, Zero Trust has become cybersecurity's most valuable thing.

298. The Basics of Hacking [An Introduction]

Today we will begin our journey into the basics of hacking. Let’s not waste any time.

299. Do Notepad++ Plugins Expose Users to Cyber Threats?

Does Notepad++ make it easier for hackers to invade systems? Get to know how you can protect yourself while using Notepad++

300. Facial Recognition Login: Is This The New Security Standard?

Facial recognition could help your business enhance security standards 10X. We explore the business challenges the technology can solve.Thirty thousand. That’s the number of infrared dots used by the latest standard today to create a map of your face for authentication and enable you to securely access your device. The process is as simple as it can get - look right into the camera and the facial login system does the rest. Today, facial recognition login isn’t restricted to unlocking phones, tagging people on social media or scanning crowds for security threats. It’s made its way into gaming, grocery stores, airports and payment platforms. Facial recognition login software and biometric technology are making inroads into building robust security platforms - with a system that’s designed to prevent spoofing by masks or photos. It’s permeated into security and law enforcement, even making paperless travel a reality.

301. 5 Most Common Phone Scams: How to Spot Them and Protect Yourself

Phone scams, aka Vishing, is an easy and popular method hackers use to trick people into giving out their personal information. These are a few common scams

302. Your Water Supply is Under Cyber Attack

Water sector cyberattacks have become increasingly common. What is causing the rise in attacks, and what steps are being taken to resolve the issue?

303. The Vulnerabilities of NFC Payments Need to be Addressed

Even though NFC appears to be so easy and convenient, it is not without its vulnerabilities, especially in regards to security.

304. Is That Utility Bill Legit? How to Identify a Utilities Scam

Have you received an unusual or suspicious utility bill? Here's how to tell if it's a scam.

305. What is Cyber Grooming?

Cyber grooming is one of the most dangerous types of cyber crimes since the victims are teenagers and young kids.

306. 5 Tips to Prevent Hackers From Stealing Your Crypto Assets

With the continuing rise of cybercrime and targeting private computers, tablets, and phones, the question is not if but when you will be hacked. So, better safe than sorry, make sure your crypto assets are safe and secure even if your device is breached by sticking to the following tips.

307. Women in Cybersecurity with SheSec Pakistan on The HackerNoon Podcast

Misbah Fatima (Head of Security) and Farza Ashraf (Security Analyst) from Idenfo and SheSec Pakistan talk about how we can increase the number of women in STEM.

308. Custom HTTP Request Signing: A Detailed Guide to Writing a Burp Suite Extension

In this article, I'll walk you through how to reverse-engineer Javascript code and show you how to write my Burp Suite extension in practice.

309. 8 Ways Crypto Wallets Can be Hacked

Today there are a lot of ways how to hack a cryptocurrency wallet. I discuss 8 vulnerabilities for your cryptocurrencies in the wallet and how to protect them.

310. AI Agents Could Be Running Your Security Operations Center (SOC) To Prevent Attacks

As our reliance on AI-enabled hyper-automation increases, we will leverage human expertise to design robust Workflows capable of managing repetitive tasks.

311. How to Avoid the Cyber Security Risks that Affect Social Media

From data loss or account hacking to the loss of your hard work, being aware of threats is the first step in preventing falling victim to cyber crimes.

312. How Secure are the Top Frameworks for Development?

If you've seen headlines like "Top Frameworks", have you wondered why they are considered the best? Are cyber security vulnerabilities considered in this case?

313. Do NOT Leave GraphQL Exposed Online

In this post, I’d like to share my unpopular opinion on what GraphQL is really meant to be.

314. What happened After I Scanned 2.6 Million Domains for Exposed .DS_Store Files

315. 9 Things Hollywood Gets Wrong About Hacking

Movie hacking ≠ reality: Real cyberattacks rely on phishing, not fast code. Moonlock, MacPaw’s cybersecurity division, reveals how films get it wrong.

316. Is TikTok a Security Risk for Businesses?

Possible security and ethical concerns on TikTok raise questions about whether businesses should be using the platform.

317. The “Connection Not Private” Warning Explained

Each time you visit a website, your web browser (e.g., Chrome, Safari, or Firefox) first checks for the existence of one of two digital certificates

318. Defining the Difference Between EPP, EDR, MDR & XDR

Before going into details about the pros and cons of EPP, EDR and XDR, I want to set the common field and introduce the basics about their differences.

319. The Importance for Cyber Security in Investment Banking Industry

Today, finding the best investments takes more than looking for market leaders. The investors today look for companies that has secure systems apart from profit generation, huge market share, strong growth potential, or a reasonable valuation. cybersecurity is a crucial growth-oriented strategy for their portfolio.

320. Cerber Ransomware Explained: How to Protect, Detect, and Recover

This blog post covers Cerber ransomware, infection methods, the working principle, how to remove Cerber ransomware, and how to protect against Cerber.

321. How to Deploy & Monitor Honeypots on GCP with Kibana [Tutorial]

One of my favourite areas of cybersecurity is SIEM (Security Incident Event Management). In 2017 I wrote a post on how I got a role in cyber security, one of my recommendations was using the Elastic Stack as a SIEM as a start-off point for those looking to understand log analysis and how to investigate incidents. But one of the main gripes people had was, where can they get data to work on in their home environments. This post will focus on setting up a honeypot that already utilises the ELK Stack…

322. How to Tell if Your Twitter Has Been Hacked

Twitter is a popular social media platform used to interact with other users via tweets. These four indicators will help tell if your Twitter has been hacked.

323. The Zomato API Bug That Turns Phone Numbers Into Location Intel

By uploading a phone number, bad actors can extract a user’’ restaurant recommendation history and restaurant coordinates.

324. Log4J Vulnerability: A Legacy of Cybersecurity from Java to Blockchain and Minecraft

The who, what, where, why, and how to fix the Log4j vulnerability.

325. The Rise of Business VPNs and SASE: Securing the Evolving Enterprise Landscape

As businesses increasingly rely on cloud-based resources and remote workforces, the need for robust security solutions grows.

326. Secure Coding Practices Every Developer Should Know

This introductory article will help you to understand the best security standards and secure coding practices.

327. Don’t Let Fraud Cost Your Business

We’ve all probably received a badly worded email in the past promising us a great fortune or claiming we are winners of a prize draw we didn’t enter.

328. The Rise Of AI & Cyber Security - 8 Must Try Tools In 2022

Know How AI-based cybersecurity tools can provide up to date knowledge of global and industry specific threats to help make critical prioritization decisions

329. Why 25% of Bitcoin Supply Faces Quantum Threat and What QANplatform Is Doing About It

QANplatform's QAN XLINK passes Hacken security audit, offering quantum-resistant protection for 25% of Bitcoin supply vulnerable to future attacks.

330. 7 Ways to Prevent and Mitigate Malware Attacks

Knowing how to prevent malware attacks or mitigate those that are already on your devices is crucial. Here are seven effective tips you need to adopt to secure

331. Cybersecurity Risks Worth Considering in Online Trading

As online trading platforms grow in popularity, hackers increase their attacks. Here are the cybersecurity risks in online trading.

332. The 5 Things Businesses Need to Know to Stop Online Fraud!

The 5 Things Businesses Need to Know to Stop Online Fraud!

333. True Hackers and the Monsters we Invent

Common misconceptions about hacking that makes you vulnerable and how to avoid them.

334. 10 Cybersecurity Books Every Business Owner Should Read

Last year, according to MarketWatch.com, data breaches increased by 17%, which makes understanding cybersecurity an absolute must for all of us.

335. 4 DeFi Security Risks Explained: Understanding Common Vulnerabilities

Vulnerabilities in DeFi contracts led to 44 separate incidents of eye watering losses in 2022. Read about the top four classes of vulnerabilities.

336. Everything You Need to Know About a White Hat Hacker

White hat hackers find and exploit vulnerabilities within a company's network or system with the intention to provide remediation steps to mitigate these risks.

337. Advanced Heuristics to Detect Zero-Day Attacks

Zero-Day Attacks are becoming increasingly common and widespread in the world of cybersecurity. Heuristics detection may help to detect such vulnerabilities.

338. Your Wi-Fi Cameras may be getting Attacked

Your Wi-Fi security cameras are probably not secure. See how we disable our camera network with a simple DoS attack.

339. Why Phishing is Still the Most Successful Hacking Technique

The reality of this situation is, no one can stop phishing completely. For sure, there are multiple steps a company can use anti-phishing protection.

340. When AI Goes Rogue - The Curious Case of Microsoft's Bing Chat

Generative conversational AI like ChatGPT can create innovative opportunities. However, as in the case of Bing Chat, it also can behave erratically.

341. How to Use ChatGPT for Malware Analysis

How exactly is AI useful in addressing malware attacks? Let’s focus on three tasks that can be greatly facilitated with the help of an AI assistant.

342. The Importance of IoT Security

Let's look at why security is very important for IoT devices

343. Homomorphic Encryption — for Web Apps 🤔 (Part 1)

Where Do I Start?

344. 6 GitHub Repos for DevSecOps in 2024

These are the essential building blocks and tidbits that can help you arrange for a DevSec Ops experiment or build out your own program.

345. Web Tracking Revealed: What You Need to Know

Web tracking is where website trackers and organizations monitor users’ behavior online, what they do online, learn which pages they visit, and more.

346. DevSecOps Principles and Key Steps for Securing the CI/CD Pipeline

This article will discuss the fundamental principles of DevSecOps and provide key steps for securing your organization’s CI/CD Pipeline.

347. Best Domain and Brand Monitoring Tools in the Market Today: A Quick Guide

Brand and domain strategy and protection go hand in hand, as your domain is an integral part of your business identity. Brand abuse is not limited to selling counterfeit goods and copyright infringement, however.

348. A Deep Dive Into Market-Leading Blockchain Analytic Solutions

Explore the pros and cons of industry-leading blockchain analytic tools, examining how each solution handles data across the blockchain network.

349. Securing the Internet of Things: Addressing the Growing Threat of Botnets and Cyber Attacks

Internet of things devices has improved our lives tremendously both in our homes and businesses. However, these devices come with some security vulnerabilities.

350. Cybersecurity + Biomimicry: Why, What, and How We Could Learn from Nature

Biomimicry is a powerful approach that allows to solve the problems of cybersecurity by looking at it through the lens of nature.

351. How Will The World End? Top 4 Cyber Apocalypse Scenarios

Take a look at a few of the cyber security scenarios which could lead to the end of the world, in true science fiction cinematic fashion.

352. What Is Passwordless Authentication and How Does It Work? The Magic of FIDO2 and U2F Standards

Logging into a website or service using the traditional username and password combination isn’t the best or safest way of going about it anymore.

353. How You Can Evaluate the Security of Your NPM Package Dependencies

Imagine that you've been working on a node.js project for a few years now. You started or joined it when you were younger. The code works, you can vouch for that it’s good and secure for yourself and your team. But how do you validate all those NPM modules that saved you so much time and effort over the years? It works, nobody has hacked you yet, so why should you bother?

354. “Hackers for Hire” Is a Rising Industry That Demands Ethical Considerations

The cost of hiring a hacker can go up to thousands of dollars for a well-executed hack. White hat hackers from freelancing sites like Fiverr or Upwork can probe

355. Beyond Encryption: The Expanding Role of VPNs in Cybersecurity

Discover the multifaceted role of Virtual Private Networks (VPNs) beyond encryption.

356. How 5 Massive Data Breaches Could Have Been Prevented

One of the biggest losses for companies? Inadequate cybersecurity.

357. 5 Most Vulnerable Industries for Data Breaches in 2018

In February 2018, the Under Armour hack turned out to be one of the biggest data breaches in history, affecting over 150,000,000 users. The sheer number of victims made it, at the time, a record-breaking data theft, but what's really disturbing about this incident?

358. How Employees Can Help Prevent Cybersecurity Threats

Employees need to be aware of the significance of cyber security because cyber dangers have persisted since the creation of the internet.

359. MCP Is Dead. The CLI Is Winning the AI Agent Stack

Why developers are ditching bloated agent protocols and turning to the CLI as the most practical foundation for building AI agents in 2026.

360. The Hidden Pitfalls of APIs: XSS Attacks in Single Page Applications (SPA)

In our digital city, Cross-Site Scripting (XSS) lurks like a shadowy corner. This sly security flaw can manipulate APIs, turning them into unwitting tools for

361. The Basics of Hacking: Part 2

Let’s rock and roll. Below we have a C-program designed to accept and print command line arguments:

362. SIM Swap Fraud Prevention and the Role Mobile Network Operators Play

SIM swap fraud prevention is something everyone should know about to fight identity theft. This article will define SIM swapping and how to prevent it.

363. Everything You Need to Know About Content Security Policy (CSP)

Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks including XSS and data injection attacks.

364. 8 Benefits of Computer Vision in the Security Industry

AI has revolutionized the physical security industry with computer vision. Here are eight of the most significant benefits.

365. Ransomware-as-a-Service: SaaS' Evil Twin

This article will educate you about RaaS groups and protective measures against ransomware attacks.

366. Biting Back Against Phishers

How one company learned to deal with Phishing attempts that tried to compromise their cybersecurity system and how they learned to fight back against them.

367. GitHACK! We are the vulnerability

Github has been hacked. The affected computers cloned the affected repositories. How much is it Github's fault? How can we protect ourselves from this?

368. A Tale of Two LLMs: Open Source vs the US Military's LLM Trials

This article explores the security posture of open-source LLM projects and the US military's trials of classified LLMs, prominent in the world of AI.

369. Mapping Risk to Cyber Threats, and Adopt Zero Trust by NIST's CSF

NIST's CSF can be a valuable tool for organizations to improve their security maturity. I will take further steps to align CSF to be more understandable.

370. The Blockchain is a Broken Chain After-all

There are several security issues affecting blockchain. To have a wider adoption, the community must address these issues by implementing appropriate controls

371. How Secure Is BeReal?

BeReal is becoming increasingly popular — but it gives some security experts pause. Here's why.

372. Crypto Wallet Security 101

As a 101 guide, I will explain the common reasons for the sudden disappearance of cryptocurrency inside the wallet.

373. Security Alert: Identifying Malicious Extensions in Microsoft's VSCode Marketplace

Microsoft vscode remove several extension after finding out, they were using malware to stole user information and credentials such as discord and google chrome

374. Protecting Your React.js Source Code with Jscrambler

In this step-by-step guide, you'll learn how to protect your React.js application with Jscrambler to prevent code theft and reverse engineering.

375. Corporate Hacking: How It Happens and How to Protect Your Business

In this article, we’re going to take a look at some of the most common ways that companies get hacked as well as some of the most famous examples.

376. Why The Rubber Duck is The Ultimate Hacker Gadget

The idea of rubber duck debugging is straightforward. When you are struggling with a problem, you simply ask the duck.

377. Secure Sessions in JavaScript: Forking Express-Session to Improve Security

If you ever made a webapp in JS, chances are you used Express as a web framework, Passport for user authentication and express-session to maintain users logged in. This article focuses on sessions and how we forked express-session to make it more secure.

378. Is AI Eavesdropping on You?: Defend Your Passwords From AI Keystroke Pattern Detection

To protect your web application from sound-based attacks or similar side-channel attacks, it is essential to have a multi-layered approach.

379. Is Complexity the Enemy of Security?

We've all heard the cybersecurity mantra "complexity is the enemy of security." But is it true?

380. The Telemetry Trap: Why Developer Metrics Corrode the Systems They Claim to Measure

66% of developers do not trust the productivity metrics applied to their work.

381. How Did Lendf.Me Lose $25 Million to A Reentrancy Attack? [An Analysis]

DeFi or decentralized finance is a growing sector in the blockchain and cryptocurrency space that defines an ecosystem of decentralized applications providing financial services with no governing authority.

382. How to Protect Your Smart Vehicle from Cyberattacks

Smart vehicles make driving a thrill! However, they are vulnerable to cyberattacks. Making smart security choices keeps you safe and your connected ride secure.

383. Network Scanner Working and Implementation

In this blog, we will see how a network mapper works and how we can implement these network security tools in Python for our cybersecurity related projects

384. 8 Sources of Cyber Threat & Domain Intelligence for Enterprise Security

The cyber threat intelligence market is expected to keep growing with new and improved commercial security products and managed security services. As part of these offerings, comprehensive and accurate threat intelligence sources such as domain intelligence are essential in facilitating threat detection, correlation, mitigation, and response.

385. A Former Hacker’s 10 Tips on Staying Safe Online

While in prison, Hiếu wrote an online security guide for the average internet user.

386. Gathering Threat Intelligence to Strengthen Security

Nour Fateen, a Sales Engineering Manager at Recorded Future, talks to Amy about threat intelligence. They chat about the Threat Intelligence Lifecycle and more.

387. A Guide to Conducting Privacy Risk Assessments

Let’s dive into the details of what a privacy risk assessment is, why it can benefit businesses, and how to conduct one.

388. Threshold Signatures: Their Potential in Blockchain Security and Practical Applications

This article describes why people need the threshold signature, and what inspiring properties it may bring

389. So, You Want to Be a Hacker?

Explore cybersecurity through Capture The Flag competitions! This article invites beginners to a thrilling CTF event, offering a hands-on way to learn hacking!

390. I Built an AI Copilot That Thinks in Exploits, Not Prompts

The story of how the AI pentesting assistant, RAWPA, evolved from a static toolkit into a dynamic, learning system.

391. How to Secure Video Streaming Against Cyberattacks

Follow these guidelines to defend video streaming platforms and their users against common cyberattacks.

392. Protect Yourself From Identity Theft By Using Zero-Knowledge Proof, Solidity, and Ethereum

Blockchain technology, specifically Zero-Knowledge Proof (ZKP), Solidity, and Ethereum can provide a secure and efficient solution to prevent identity theft.

393. How the Quantum Computer will Change our Lives

The countdown has now begun. For some it will take 15 years, for others it will only take 10, but the quantum computer is a near reality and is likely to bring about a huge change in the history of mankind.

394. The Basics of Hacking: Part 3

So we’ve all compiled programs before, but do you know how your computer divided up and saved the different parts of the program? Be patient, this kind of overwhelmed me at first. Let’s jump in.

395. Cosmic Rays vs. Code: How a Solar Flare Knocked the Digital Brains Out of 6,000 Airbus Jets

A single 'bit blip' from a solar flare exposed a critical flaw in the Airbus A320's ELAC L104 software, causing a global safety crisis.

396. How to Get a Job in Cybersecurity 

Good mentors, and a willingness to take opportunities that come up (and abandon those that aren't working out) can take you a long way in a career.

397. How Hackers Host C2 Servers on Google Infrastructure (Google Sheets & Drive)

A guide on how to use Google Workspace's Drive and Sheets (formerly G-Suite) to communicate and exfiltrate information natively Drive and Sheets.

398. Kubernetes vs Docker: Differences Explained

Learn about Docker and Kubernetes container solutions, and discover the differences between Kubernetes and Docker to choose the one that best suits your needs.

399. 10 Common Scams Targeting Healthcare Workers

With AI and telehealth advances come additional ways for scammers to target healthcare workers. Here are the most common scams.

400. Setting Up Pi Zero for Pi-Fi Hacking

Learn how to set up a headless Raspberry Pi Zero W with SSH and Wi-Fi, and access it remotely using your phone and mobile hotspot. Step-by-step guide.

401. What is BGP Hijacking and How Do You Prevent It?

BGP, which stands for Border Gateway Protocol, is a path vector routing protocol that is used to connect external organizations to each other.

402. Meet Sekurno: HackerNoon Company of the Week

This week, we present HackerNoon business blogging partner Sekurno: A proactive cybersecurity consultancy that goes beyond the norm.

403. The CRITICAL Log4j Java Vulnerability: How to Detect and Mitigate It

CVE-2021–44228 (Log4Shell) is an unauthenticated Remote Code Execution(RCE) vulnerability & 0-day exploit which allows an attacker to take over a system

404. 7 Most Common Zelle Scams to Watch Out For and How They Work

A list of the most common Zelle scams on the internet.

405. Hack Your App Before Hackers Do: 2025's Mobile Pentesting Playbook

Mobile apps are omnipresent—from social media and enterprise to payment wallets. But most are still open to attack.

406. Why Network Security is an Integral Part of Any Internet-Connected Business

Network security is vital for any internet-connected company. Without it, hackers can steal all the data the business has. Bad network security causes problems

407. HackerOne Finds Massive Security Failure In PayPal’s Login Compartment

In today’s highly digitized environment, the capabilities to change our lives for the better are virtually endless. The cooperation of humans and technology - be it hardware of software - has made our lives easier and more productive.

408. CSMA is More Than XDR — An Introduction to Cybersecurity Mesh Architecture

Just consider how many service providers and models are in the picture. Therefore, it is time for a new and better approach — Cybersecurity Mesh Architecture.

409. 10 Common Java Vulnerabilities Every Security Engineer Should Know

This article covers the most common security vulnerabilities for Java programming

410. Denial-of-Service Attacks: A Technical Odyssey from Past to Quantum Future

In the intricate realm of cybersecurity, the saga of denial-of-service (DoS) attacks unfolds across the annals of computing history.

411. Do Honeypots Still Matter?

In cybersecurity, honeypots are systems or environments designed to lure attackers. The roots of the honeypot idea go much deeper than digital security though.

412. Protect Your Crypto Wallets With InfoSec - The Three-Tier Wallet System and Crypto-Hygiene

Securing your wallets is essential when protecting digital assets against cyberattacks. Let me share how to use cybersecurity skills to boost crypto-security!

413. The Cyber Risks of Electric Vehicles

With the increase in the popularity of electric vehicles, it is essential to be aware of the potential cyber security risks associated with using them.

414. No System is Safe

A collection of dialogues and explanations from the movie whoami that give an insight into the world of hacking and cybersecurity.

415. A Beginner's Guide to Technical Email Security Controls: Understanding SPF, DKIM, and DMARC

It wouldn’t be technology without even more acronyms! In today’s version of Buzzword Soup, let’s take a look at SPF, DKIM, and DMARC, and how they may help stop the phishing scourge plaguing our inbox!

416. What Is the Vulnerability Rating Taxonomy (VRT)?

Developed and open-sourced by Bugcrowd, it’s a system designed to address the inherent shortcomings of CVSS ratings when viewed in isolation.

417. A Comprehensive Guide to Penetration Testing

We'll go through the Top 5 Pen Testing Firms in this blog article, as well as what makes them special.

418. JavaScript Libraries for Implementing Trendy Technologies in Web Apps in 2024

In this article, you will get acquainted with JavaScript libraries that can help you implement trendy functionalities into your web project.

419. The Noonification: 6 Best SQL Programming Books Ranked by Reviews (12/17/2022)

12/17/2022: Top 5 stories on the Hackernoon homepage!

420. Are Cybersecurity Careers Future Proof?

Are the cybersecurity careers of tomorrow still going to be there in the face of relentless automation?

421. XDR and its Components Explained — Open XDR vs. Native XDR

Companies have a few options for extended detection and response (XDR) products. But in general, there are primarily two types of XDR —Open and Native.

422. Best Practices for Key Security for Your Crypto Wallets

Cryptographic keys are a requirement for any security system. They manage everything, including data encryption and decryption as well as user authentication.

423. How AI is Changing the Cybersecurity Landscape

Read about how AI can be used in Cybersecurity and if it will affect the jobs of cybersecurity personnel.

424. How to Be Careful When Sharing WiFi Password With QR Code

Share your QR code of your network carefully, mistakes can lead to disaster

425. Shortage of Cyber Security Professionals Will Create a Staggering 3.5 Million Unfilled Jobs by 2021

Cyber security issues are becoming more prominent every day, so much so that it's questioning the existence of many startups and small-to-mid scale businesses. Recent trends indicate that cyber security attacks have been at an all-time rise.

426. The Cybersecurity Writing Contest 2022: Round 2 Results Announced!

Hackers, the Round 2 Results for the Cybersecurity Writing Contest by Twingate and HackerNoon are here!

427. How to Keep Your Mobile Devices Secure

Our phones are our lifelines. They hold our prized possessions such as photos, music, and texts from our loved ones. So, why wouldn’t we do everything we can to

428. Your Resident McAfee Engineer on Cybersecurity, AI, and Career Growth

Hey! I'm a Software Dev Engineer at McAfee Enterprise; nominated for four 2021 Noonies by writing about Authentication, Remote work, Covid, and Remote Teams.

429. Modernizing Secrets Scanning: Part 2–the Semantic Eureka

In the previous part, we examined different types of secrets, understood the core problems, and hit a dead end. Now we are going to make a breakthrough!

430. Where Do Hackers Live: A Deep Dive into My Website's Security Logs

I was casually doing a security audit on my blog recently and decided to look a little deeper into my security logs. With a bit of Linux command line kung fu, some Golang, and Google sheets, I was able to get a pretty good idea of where the attacks are coming from.

431. The Fundamentals of RF and Encryption for Cybersecurity Analysts

Learn the fundamentals of RF, signal analysis, antenna design, and encryption for a career in cybersecurity. Discover key concepts and tools in this beginner's

432. Why Your Data has Most Likely Been Stolen and What Can You Do About It

I used to consider myself pretty knowledgable about the cyber-world, but then I started learning about cyber-security and reading reports by companies like Shape Security, IBM and Snyk.

433. 5 Crypto-Stealing Malware Threats: How to Stay Safe and Aware

As the crypto landscape continues to grow, staying informed about potential risks is vital to protect oneself from falling victim to these insidious attacks.

434. Is Cyber Security a Good Career Choice in 2024?

Is cyber security a good career choice? This is the widely asked questions these days. Explore this article to learn more about Cybersecurity career.

435. Creating Consciousness in Virtual Worlds

With advances in AI, it’s becoming possible to create NPCs that are more believable than ever before. What happens when they question their reality?

436. What Does the Future Hold for Cloud Security?

Cloud security is something that every business needs to take seriously. In fact, ignoring cloud security could prove to be a fatal move for many organizations.

437. A tale of Red Team Operation (RTO) to hack a company remotely & pivot across the Cloud assets

Pulse VPN exploitation chained with other vulnerabilities during an ongoing Red Team Operation to hack the company remotely. By Dhanesh Dodia - HeyDanny

438. GitHub Free Security For Repositories Tools Roundup

439. Enter the Cybersecurity, Finance, and Linux Writing Contests: NOW OPEN.

Good contests come in threes.

440. Think Your System’s Safe? These Free Tools Will Prove You Wrong

Learn how to perform a basic vulnerability scan using free tools like Nmap & Nikto. A simple step-by-step guide to find and fix security flaws.

441. Validating a User Phone Number With SMS on Auth0 Using ZENVIA

Application example using Angular where a simple WEB application will be implemented to validate the user phone by SMS in the authentication.

442. Chrome Password Manager Betrayed My Trust 13 Years Ago. I Never Forgot

Chrome's broken trust led to Neulock: a password manager built on user control, not encryption & blind faith. Learn the 3 security principles behind it.

443. Living With the Lethal Trifecta: How to Run OpenClaw Securely

I run a personal AI agent with access to my health, calendar, and Telegram. Here are security principles that keep the blast radius small.

444. Enhancing Password Security and Recovery with Next.js 14 and NextAuth.js

Learn to set up a secure and user-friendly system for password recovery in Next.js, complete with token verification and email notifications.

445. Unlocking IaC Part 2: Setting Up Terraform on Windows for AWS

Learn how to set up Terraform on Windows for cybersecurity professionals. Discover the prerequisites and get ready to deploy your first Terraform script.

446. Rust in Linux: A Powerful Tool—But How Do We Strike the Right Balance?

This article explores how Rust can be integrated into the Linux kernel without compromising long-term adaptability.

447. Unlocking the Power of Expert Red Teams: How to use Atomic Red Team (ART) to Think Like an Attacker

448. Fake TikTok Doctors (and Other Deepfake Health Scams)

Have you ever seen a doctor on TikTok promoting sketchy products? It may have been a deepfake. Here are all the details on deepfake health scams.

449. Anonymity 3.0: Do We Have a Chance with Web3?

In the digital era, the volume of data generated online keeps on growing. Users leave their information on nearly every site. Will Web3 change this?

450. It's Raining Cyber Attacks: Cybersecurity in the Cloud

With the latest news and advancements in the cybersecurity world, we will see how these new rules impact modern cloud applications.

451. Apple's iOS 17.2 Update Brings a Much-Needed Security Improvement to iMessage

In this post, I’ll talk about why this added security matters, what these two new features actually do, and how you can opt into higher levels of security

452. Fake Websites, Fake Companies, Fake Everything: What Can We Do to Protect Ourselves?

Malware protection should act the same way, as a set of shields that protect the entire browser from any type of malware, not just traditional threats.

453. Homomorphic Encryption — for Web Apps 🧐 (Part 2)

In case you missed the previous article (Part 1), I gave a very brief introduction on Homomorphic Encryption (HE), talked about Microsoft SEAL’s library, and outlined some of the pain points of learning to use it.

454. How to Combat Cyber Security Threats and Attacks

Progress in complex technology can result in the ‘progress’ of complex threats.

455. Understanding JWTs from Beginning to End

In this article, we will explore mainly JWT and JWS. In addition, we'll also go through JWE, JWA, and JWK quickly.

456. Building a Serverless Intrusion Detection System on AWS

By leveraging AWS’s serverless stack and a dash of machine learning, you can create a lightweight Intrusion detection system.

457. Remembering and Honoring the Cybersecurity Pioneer John McAfee

One Year Later - Why Does It Still Matter?

458. GitGuardian Reports an 81% Surge of AI-Service Leaks as 29M Secrets Hit Public GitHub

In 2025, Developer Commits Using Claude Code Show 3.2% Secret Leak Rate vs. 1.5% Baseline. The Human Factor Remains Critical

459. My friends bet me I couldn't make cybersecurity sexy. Here it goes...

You know what’s really sexy?

460. How to Break Into Cybersecurity Without a Degree or a Million-Dollar Lab

In this blog, we will outline the step-by-step journey to establish a successful cybersecurity career—from the fundamentals to becoming an expert.

461. How Weak Social Media Passwords Can Be Cracked with SocialBox in Termux

Learn how weak social media passwords can be cracked and why social media cybersecurity matters. Stay safe online.

462. How to Explain the Internet to Your Kids

There is only one way to explain the dangers of the Internet to children: to be there with them. Talk about the good and the bad that that the internet offers.

463. Blind Attacks: Understanding CSRF (Cross Site Request Forgery)

This article contains complete (and step-by-step) information about CSRF attacks.

464. Why Ledger's Latest Data Breach Exposes the Hidden Risks of Third-Party Dependencies

Ledger data breach via Global-e exposes customer info. No crypto stolen, but phishing attempts surge. Third-party risks examined.

465. What is Customer Identity and Access Management (CIAM) and What Are its Benefits

Today's online space is all about identity and at the core of it lies customer identity and access management or CIAM.

466. How to Choose the Right Messenger

One of the most common questions users have when it comes to privacy is about messaging services. It seems almost all of them mention some level of privacy or encryption to entice the user to sign up for their service, but how can you be sure you’re using the most secure, privacy respecting platform?

467. From Chaos to Quality: A Framework for AI-Assisted Development

How I turned AI coding from chaos to production-ready: DevFlow adds security reviews, quality gates, and audit trails to Claude Code, Cursor, Gemini.

468. HMAC & Message Authentication Codes  -  Why Using Hashing Alone is NOT Enough for Data Integrity 😼

In cryptography, a key needs to be random so that attackers can’t detect any patterns, because patterns make it easier for hackers to figure out the key.

469. From Breach to Fallout: The Story of the 2014 Sony Hack

Delve into the gripping account of the Sony Hack 2014, exploring the cyber attack's journey from initial breach to widespread fallout.

470. How To Integrate Security Testing Into Your Software Development Life Cycle

471. The Log4j Bug Can't Hurt WordPress - But There's an Ongoing Attack That Can

On December 10th, the studio behind the ever-popular sandbox game Minecraft published a blog post detailing a bug it identified in Log4j.

472. The Cybersecurity Value Chain: How 25 Companies Fill 72 Foundational Roles

The Cybersecurity Value Chain maps 72 foundational roles across identity, network, cloud, data, and security operations — filled by just 25 companies.

473. Is There a Place for Trust in Crypto? Taking a Tour of Popular Scams

For the last few years, the crypto market has become full of scam schemes undermining users’ trust.

474. Best Practices for Web Developers to Protect Against Browser Vulnerabilities

Discover how to secure your web applications against browser vulnerabilities with this comprehensive guide for web developers

475. Some of the Most Common Security Vulnerabilities and Fixes

So, which security vulnerability types may be exposing your system to cyberthreats at this very moment? How do vulnerabilities appear? And how can we mitigate?

476. Hacked: MetaMask User Lost US$81,000 In ETH

Crypto investor Jonny Reid shared his experience of stealing encrypted assets in his MetaMask wallet on Twitter. He is still unable to find the hack.

477. Check Point Security Breach: A Leading Cybersecurity Company Has Been Breached

Check Point, which bills itself as the leader in cybersecurity solutions, has been breached. Data records of over 5k ZoneAlarm forum users have been hacked.

478. VPN And Cybersecurity Threats: How to be Safe Online

Virtual Private Network (VPN) is a useful tool for accessing the web anonymously. It is steadily developing as an essential component of reducing the risks we are exposed to when going online. In fact, the impending growth of the VPN market, with the projected value set at $54 billion by 2024, demonstrates the potential of the industry.

479. What do we expect in innovation and technology by 2020

With the beginning of a new decade, many users set expectations for the new year. But what are the novelties that will be in technology and innovation

480. Cybersecurity Stocks Drop as Anthropic Launches Claude Code Security Tool

Cybersecurity stocks fell after AI company Anthropic unveiled Claude Code Security

481. Qualitative vs. Quantitative Analysis for Cybersecurity

Learning where an organization’s most significant vulnerabilities lie is the first step to addressing those risks to stay safe.

482. 5 Promising Use Cases for Verifiable Credentials

Verifiable credentials, which provide a system for provable electronic facts and documentation through cryptography and public keys, can seem like an abstract concept. We’re so used to seeing our credentials printed out – the driver’s license, the passport, the insurance card – that sticking codified IDs on a thumb drive or online seems odd and unnecessary. And as anyone who has used a cryptocurrency wallet can attest, the early forms of such decentralized IDs are hardly user friendly.

483. Rethinking Remote Access: Why you should Replace Your VPN with a Network as a Service

With the rise of the mobile workforce and cloud transformation, the traditional network we once knew can no longer be trusted. Employees now work remotely from home, cafes, as well as around the world and companies are moving to cloud infrastructure such as AWS, Google Cloud, Azure.

484. Attacks Over The Air — Phreaking HTML Injection

A particular webpage was tracking digital radio chatter and it would display a running log of what its station was hearing.

485. 8 Crucial Tips for Hardening PostgreSQL 14.4 servers in 2022

As of July 13th, 2022, there are 135 security flaws reported to the CVE database. Here are 8 essential measures you can take to protect your PostgreSQL server.

486. Cloud Security Observability: Get Set, Go!

The cloud security observability approach involves applying the observability concepts to cloud security operations to gain insights into the health of an app.

487. Defend your Node.js Apps With Jscrambler

This tutorial will explain how to integrate Jscrambler seamlessly into the build process of a typical Node.js app in just a few minutes.

488. Phishing Campaigns Became a Lot More Sinister in 2024

In the second half of 2024, phishing attacks surged by 202% with users receiving at least one advanced phishing message capable of evading security defenses.

489. How I Learned To Stop Judging People for Falling Into Cybersecurity Traps

It’s all too easy to feel superior to the rest of the world when you work in IT day in and day out. And it’s easy to judge “the common people” for falling victim to cybersecurity scams that your highly trained BS radars would flag in a hot second.

490. The First Autonomous AI Cyber Attack Exposed

This article examines the first large‑scale AI‑autonomous cyberattack (GTG‑1002), where an LLM hijacked via MCP became a self‑directed espionage engine.

491. Is Mythos Really The Internet's Greatest Cybersecurity Risk? Or Just an Anthropic Product Launch?

Anthropic's Claude Mythos found thousands of zero-days, escaped a sandbox & exhibited covert reasoning. Project Glasswing gives only 40 companies early access.

492. Safeguarding Your Passwords from Cracking: Understanding the Math Concepts

Passwords that seem safe to us are vulnerable to math-based hacking. This is why using concepts like Password Space may be able to make more secure passwords.

493. Building the Network for the WFH Future

A look at building the network of the future for the flexible work revolution

494. A New LinkedIn Vulnerability Exposes Jobseekers to Phishing Attacks

The latest LinkedIn vulnerability can be exploited by con artists for massive phishing attacks, identity theft, and employment-related scams.

495. WormGPT - The Newly Discovered Generative AI Tool for Cybercriminals

Writing about how a cybersecurity firm recently discovered new cybercrime tools based on AI!

496. 10 Best Practices for Securing Your API

This is a brief blog on the Top 10 API security practices that can help users to keep their API safe from cyber attacks.

497. The Cybersecurity Writing Contest by Twingate and HackerNoon

Yasssss The Cybersecurity Writing Contest is here! HackerNoon is excited to host the contest in collaboration with Twingate!

498. What will IBM's Acquisition of Randori Mean for Cybersecurity?

IBM announced plans to acquire a leading attack surface management provider and offensive security company Randori.

499. IP Geolocation in Cybersecurity Investigations

In a world where illegal activities increasingly take place through digital means, cyber perpetrators often remain steps ahead in sophistication compared to those who are chasing after them.

500. How Hackers use Online Job Postings to Infiltrate Organizations

There’s a lot of talk in the cybersecurity industry about the jobs threat, meaning the gap in qualified professionals to fill the number of open positions in the industry. But, have you thought about the other jobs threat to consider – the online job postings themselves?

Thank you for checking out the 500 most read blog posts about Cybersecurity on HackerNoon.

Visit the /Learn Repo to find the most read blog posts about any technology.