Let's learn about Security via these 500 free blog posts. They are ordered by HackerNoon reader engagement data. Visit the Learn Repo or LearnRepo.com to find the most read blog posts about any technology.
According to technologists, "Privacy is a myth." but "Security is non-negotiable."
1. Why Would an NFT Marketplace Freeze an Account?
“I have been hacked. All my apes gone. This just sold please help me.”
2. How do You Hack Whatsapp Chats? - 7 Vulnerabilities Explained
You can Hack WhatsApp chats by syncing the web version of the app, exporting chat logs, using POCWAPP, WhatsAPP Scan Pro, spoofing, and spy apps.
3. How to Hack TikTok Accounts : 5 Common Vulnerabilities
As TikTok has become a popular platform, it has also become an easy target for hackers. These are the 5 common vulnerabilities that can be used to hack TikTok.
4. How to Hack Bluetooth Devices: 5 Common Vulnerabilities
This article discusses the five common vulnerabilities (BlueBorne, Bluesnarfing, Bluejacking, BIAS & Bluebugging) that allow hackers to hack Bluetooth devices.
5. How to Avoid Credit Card Skimming: 5 Tips to Keep Your Information Safe
Credit card skimming occurs when someone places an electronic device on or near a credit card reader. This device captures and stores your credit card details.
6. The Easiest Way to Access the Dark Web on an iPhone
Learn how to access the dark web on your iPhone with these simple steps. Stay anonymous and protect your privacy while browsing the hidden web.
7. Yes, Your Browser is Snitching: JavaScript Can Detect VPNs and Incognito Mode
Detect VPNs, proxies, Tor, and incognito users using JavaScript. Enhance fraud prevention and geo-restrictions with hybrid detection.
8. Amway: Pyramid Scheme or Legitimate Business Opportunity?
Amway is a real business with a bad reputation. If you know anyone involved in the company, or you're thinking of joining yourself, make sure to read this post.
9. How to Access the Dark Web: Methods for Android and PC
Explore the depths of the Dark Web safely. Learn how to use Tor, understand its risks, and access it securely on Android and PC.
10. How to Hack Facebook Messenger: 6 Methods and Vulnerabilities
Spyier, keylogging, and hacking using cookies are some of the most common ways Facebook Messenger accounts get hacked.
11. Explain Like I’m 5: Zero Knowledge Proof (Halloween Edition)
<em>Explaining crypto is hard, explaining crypto in simple words is harder. Explaining Zero Knowledge Proof to a child? Easy! So here you go — ZKP explained with some Halloween candy.</em>
12. Top 5 Solutions to the KYC Problem for Crypto or NFT Projects
The future of KYC/AML in the crypto world is looking bright. With projects implementing KYC solutions, we see a move toward a regulated and compliant industry.
13. Signal Amplification Relay Attack (SARA)
During “Hacker Week” in Las Vegas, thousands of information security professionals that include actual hackers, converge. It is best to be alert since there are bad actors who have rogue intentions. Finding victims can be easy when there is no awareness of the imminent threats. With that said, car hacking has become more commonplace in recent years, due to the increased integration with electronic systems that include the car’s own lock system. With keyless entry systems, it uses wireless or radio signals to unlock the car. These signals can in turn be intercepted and used to break into the car and even start it. One such technique is called SARA or Signal Amplification Relay Attack.
14. How to Hack Wifi Like a Pro Hacker
In this article of mine, I am going to discuss the best ways you can hack any wifi networks and what to do after hacking wifi, and how you can prevent it.
15. Solving the Dreadful Certificate Issues in Python Requests Module
Solve the dreadful certificate issues in Python requests module.
16. We reverse engineered 16k apps, here’s what we found
In Nov’16, we created an online tool to reverse engineer any android app to look for secrets.
17. How to Make a Malicious USB Device and Have Some Harmless Fun
Make an inexpensive BadUSB from an old USB drive and learn about Windows shortcut files and how malicious actors are using .lnk files to spread malware.
18. Uber & Thycotic: Are Password Vaults a Huge Security Vulnerability?
The Uber hack showed that password vaults come with a security risk. Still, if set up correctly they improve security for companies.
19. Cryptographic Hashing
<strong>What is hashing?</strong>
20. Using Session Cookies Vs. JWT for Authentication
HTTP is a stateless protocol and is used to transmit data. It enables the communication between the client side and the server side. It was originally established to build a connection between web browsers and web servers.
21. Craig Wright is Satoshi Nakamoto
Explore the compelling case for Craig Wright as Bitcoin's Satoshi Nakamoto, analyzing his script expertise, digital cash experience, and trial victories.
22. How to Hack Android Pattern Lock Without Any Software
In today's digital era, smartphones have become an essential part of our daily lives, serving as a gateway to our personal and professional information. As these devices store a wealth of sensitive data, ensuring their security is of paramount importance. One of the most common ways to secure a smartphone is by using a pattern lock.
23. PSA: LastPass Does Not Encrypt Everything In Your Vault
As a software engineer and long time LastPass user, I’ve always been an advocate of password managers. With data breaches becoming more and more common these days, it’s critical that we take steps to protect ourselves online. However, over the past year LastPass has made some decisions that have made me question their motives and ultimately has recently caused them to lose my business.
24. An Intro to Resiliency, DHT, and Autonomous Economic Agents
According to the paper published by Lokman Rahmani et al., the S/Kademlia distributed hash table (DHT) used by the ACN is resilient against malicious attacks.
25. Using SuperTokens in a VueJS App With Your Own UI
Learn how to build your own login UI with SuperTokens in your VueJS application.
26. How to Create a Cold Storage Crypto Wallet with a USB Memory Stick
This article shows you how to create a basic and secure cold wallet using a USB drive and tails OS. I will show you the differences between cold-hot wallets.
27. How to Add a Porn Filter to Your Home Network
It is easy for children to to come across NSFW content on the internet. Using OpenDNS you can easily set up a family filter on your WiFi router to avoid this.
28. How To Implement Google Authenticator Two Factor Auth in JavaScript
Google Authenticator is something that many of us use all the time but how many of us really understand how it works under the hood?
29. How to Create a Random Password Generator Using Python
Create a random password generator using Python by generating a combination of letters, numbers, and symbols as characters scrambled together
30. Developing AI Security Systems With Edge Biometrics
Let’s speak about usage of edge AI devices for office entrance security system development with the help of face and voice recognition.
31. 5 Best Cybersecurity Books for Beginners
These are the five cybersecurity books that you should start with if you are considering a career within the industry.
32. You Probably Don't Need OAuth2/OpenID Connect: Here's Why
And the great news is, if the need for OAuth2 and OpenID Connect arises, you can use Ory again to add these on top!
33. OAuth 2.0 for Dummies
OAuth 2.0 is the industry-standard protocol for authorization.
34. The 8 Most Dangerous Cash App Scams (with Screenshots)
If you're a Cash App user, here are the eight most dangerous scams to look out for.
35. Here's What No One Tells You About Launching a Crypto Startup
Trust is the deciding factor for the success of your startup in the crypto industry.
[36. With Cyber Threats on the Rise,
Nero Consulting Encourages Businesses to Keep Their Guard Up](https://hackernoon.com/with-cyber-threats-on-the-rise-nero-consulting-encourages-businesses-to-keep-their-guard-up)
Nero Consulting CEO Anthony Oren has watched countless companies suffer from the lack of preventative measures to secure their systems.
37. How to Track an IP Address from an Email: Gmail, Outlook, Apple Mail?
Have you ever wanted to find out the IP address of an email's sender? it is possible to find out the IP address of an email's sender with a few simple steps.
38. "Quantum Lock" And The Future of Application Security
Quantum technology and its research are believed to revolutionize this decade. Lots of efforts are taken by different organizations to address the current landscape of quantum technologies, identify challenges and opportunities, leverage and collaborate with existing initiatives, and engage the quantum community at large. It is believed that Stevens’ Prototype ‘Quantum Lock’ May Foreshadow the Next Super-Secure Applications. Stevens Institute of Technology is a private institution that was founded in 1870. Innovation and entrepreneurship are stressed at Stevens Institute of Technology, a research-intensive school primarily known for its engineering, science, and management programs. Stevens’ proof-of-concept demonstration successfully leverages quantum properties to secure the Internet of Things.
39. Man In The Middle Attack Using Bettercap Framework
Man-in-the-middle attack (MITM) is an attack where the attacker secretly relays and possibly alters the communications between two devices who believe that they are directly communicating with each other. In order to perform man in the middle attack, we need to be in the same network as our victim because we have to fool these two devices. Now lets initiate the attack by running our tools which is bettercap. To run bettercap we can simply open up terminal and type bettercap -iface [your network interface which connected to the network]. To know which network interface is used we can simply type ifconfig and here is what it shows us.
40. How to Install WordPress on Linux Server: A Step by Step Guide
In this guide, you’ll learn the essential steps to get WordPress up and running on your Linux environment...
41. Strengthening Cybersecurity: Breaking Down inDrive’s Bug Bounty Program
Learn how inDrive's bug bounty program strengthens cybersecurity by collaborating with white hat hackers to detect vulnerabilities and optimize security process
42. Risk DAO Conducts Technology Risk Assessment on Aurigami Finance
Aurigami conducted a risk analysis of the protocol's risk parameters in an effort to reduce technological risks and improve capital efficiency.
43. Is There Such a Thing As Bug-free Software?
We strive for perfection and get frustrated when we don’t get something right from the start. Maybe we simply need to change our attitude, aiming for excellence rather than perfection. This goes for apps as well. You are probably asking yourself: Why does software have bugs? Is it possible to develop a 100% bug free software?
44. How to Improve the Security of API Keys
As a developer, API Keys are typically issued to you to identify the project you are working on and to enforce rate and access limits on proper API usage. These API keys are typically just static secrets baked into your app or web page, and they are pretty easy to steal but painful to replace. You can do better.
45. Top-6 Best Anonymous Browsers Or Why Privacy Matters
“Aren’t all browsers anonymous?”
46. First experiences with React Native: bridging an iOS native module for app authentication
Photo by Liu Zai Hou on Unsplash
47. The 6 Challenges You're Likely to Face Building Your Crypto Exchange
Crypto is reshaping the paradigm of ownership, finance, and governance. But it operates in a low-trust environment with no established models for success.
48. How to Use AES-256 Cipher: Python Cryptography Examples
Need to encrypt some text with a password or private key in Python? You certainly came to the right place. AES-256 is a solid symmetric cipher that is commonly used to encrypt data for oneself. In other words, the same person who is encrypting the data is typically decrypting it as well (think password manager).
49. Setting Up a Tor Hidden Service [A How-To Guide]
I'm gonna out on a limb here and assume that you know the basics of how a web server works when you clicked on the title of this post. Basic knowledge of vim would be helpful too.
50. What Is a CA Bundle in SSL and Why Is It Important?
Don't know what a CA bundle is? Discover how to use its powerful SSL encryption for secure web server-browser communication, why it's important, and more!
51. Picking the low hanging passwords
According to a not-at-all recent report by Keeper, there’s a 50/50 chance that any user account can be accessed with one of the 25 most common passwords.
52. How the Geek Squad Scam Works (Don't Fall for This)
Got an email from Geek Squad that looks fishy? Here's what to do.
53. Steganography: How Hackers Hide Malware in Images
Image steganography is a technique that attackers use to hide a secret piece of text, malware, or code inside of an image. This technique is difficult to detect
54. How Hackers Attack Subdomains and How to Protect Them
In this detailed guide, you will find what dangers exposed subdomains hide, how perpetrators can use them, how to find subdomains, and how to defend them.
55. How to Spy on a Cell Phone Privately
If you want to spy on someone's cell phone without them knowing, look out for in-demand programs offering a free trial period. Learn more about spying apps.
56. Fortinet FortiGate-VM: Enterprise-class Security for Applications and Workloads Running on AWS
Meet Fortinet FortiGate: AI-Powered Firewall Ranked by Gartner in the Leader’s Quadrant 13 Years in a Row.
57. What to Do if Your MetaMask Wallet Gets Hacked? (Tips That Work)
If you realize that hackers have gained access to your Metamask account or suspect attempts to hack into it, your response must be rapid.
58. All the Methods You Can Use to Hack into a Website
In this article, we are looking into various basic methods of hacking into a user's web account and the website's database itself by using some basic methods.
59. Getting Started With Digital Forensics Using the Sleuth Kit
Based on an Interpol review due to the popularity of IoT devices and an increase in cyber attacks, the digital forensics market is expected to grow to USD 9.68 billion by 2022
60. Harnessing the Power of ChatGPT for OSINT: A Practical Guide to Your AI OSINT Assistant
If you're like most security practitioners, you're always on the lookout for new tools and techniques to help you gather intelligence. ChatGPT is one of those n
61. Investigating Internet Freedom: Unseen Aspects of Our Online Existence
Join award-winning journalist Nicole Scott in her latest video series, exploring digital democracy and our collective role in shaping the online world.
62. Compromised Private Keys: Primary Targets and Upcoming Solutions
Compromised private keys can cause serious losses at all levels of DeFi and for all kinds of users. Hackless aims to mitigate this growing concern.
63. Hacking Solidity: Contracts Using tx.origin for Authorization Are Vulnerable To Phishing
Contracts that use the tx.origin to authorize users are vulnerable to phishing attacks.
64. Deciphering Digital Trails: Ashton Forbes on the new MH370 Internet Investigation
Exclusive interview with Ashton Forbes on MH370 mystery. Dive into the digital quest of MH370x and discover new insights into the enduring aviation enigma
65. How an 18-Year-Old Teen Breached Uber Without Hacking a Single System
A comprehensive coverage of how an 18-year-old teen breached Uber databases without hacking into the company's servers or seeing them.
66. How to Rescue Funds From Hacked Crypto Wallets
Another milestone for Hackless, as we recently opened private access to Wallet Rescue.
67. Zero Knowledge Proof based Gradient Aggregation for Federated Learning: Methodology
zkFL leverages zero-knowledge proofs (ZKPs) to tackle the issue of a malicious aggregator during the training model aggregation process.
68. Ten Hacker-Proof Steps to Secure Your Crypto Assets
The purpose of this post is to help you understand — in 10 steps — how you can reduce, to the minimum, the chances of an attacker gaining access to your private passwords. Furthermore, you will learn how to store your keys and never lose access to your wallet(s) regardless of situation.
69. How to Keep Your Seed Phrase Safe?
In this post, I will cover several ways how you can store a backup copy of your BIP39 seed phrase. Seed phrase is a group of words of different length, compiled from private or extended private BIP44 HD key for more convenient storage. See example of a seed phrase below:
70. Authentication and Authorization with bcrypt In Rails
Introduction
71. Cloud Phishing: New Tricks and the Crown Jewel
Cloud Computing gives phishers a new playground. This article is about Cloud Phishing — whether using the Cloud to do it or targeting the Cloud.
72. Security Best Practices for Removable Media and Devices
Removable media, like USB flash drives, are commonly used today. The uses of these devices increases the risk of data loss, data exposure, and network attacks.
73. My SIM swap attack: How I almost lost $71K, and how to prevent it

74. Using Hashcat Tool for Microsoft Active Directory Password Analysis and Cracking
Let's conduct a penetration testing on a file with a detailed study analysis of system passwords as part of an ethical hacking engagement.
75. The Ultimate Guide to Mastering Nmap and Netcat
Dive into network security with our guide on Nmap & Netcat. Learn their uses, commands, installation, troubleshooting, and ethical practices.
76. Netizens, 2023 is the Year to Up-skill in Cybersecurity
Stay ahead of the curve in 2023 with these essential cybersecurity courses by EC-Council.
77. Mobile Application Security: Best Practices for App Developers
The success of an app highly depends on its security. Users want safe app environments where they can interact with each other. Therefore, developers need to deliver digital solutions with app security in mind.
78. Top Resources to Learn Ethical Hacking
In this article, I will list the best resources all over the internet which will help you to be a hacker yourself.
79. How to use Azure Functions Core Tools to create a local.settings.json file and run Functions locally
We use Azure Function Core Tools to create a local.settings.json file and import our Function settings to that file so we can run our Functions locally.
80. How to Crack a Password Using Hashcat
In this article, I discuss the best ways to crack passwords.
81. How To Turn Off Chrome Search Suggestions
Simple methods to disable Google chrome Search history suggestions on the URL bar.
82. How to Securely Host Node-RED in Cloud (For Free), and Safely Expose it to the Internet over HTTPS
Node-RED bridges the finest pieces and abridges backyard to market delivery. This article intends to teach readers to host a secure & highly available Node-RED instance. For a couple of weeks, I worked on a project where I need to secure my Node-RED. By going through the blogs and post, everything seems very scattered on the internet and haven't found any article with end-to-end Node-RED execution as a secured frontend client accessible on the web. Thus thought to share my experience with you.
83. How to customize your hacking set-up for the most affordable price
This article discusses the most affordable hacking setup at the least expensive price point possible. As a beginner, you don't need much of a really powerful PC
84. What is Everything-as-Code? Examining the Explosion of "as Code" Buzzwords
If you’re confused when you read about “[some software term] as code” or “everything as code,” all you really need to know is that we’re talking about automation: The thing we use to do tedious tasks for us, or orchestrate tasks when they become too large and complex for manual methods.
85. 10 Features of a Secure Website
Website security is a primary consideration in web development but it is often not taken seriously by a lot of website owners. If you have built a secure website, then you must have sought out the services of a security expert who spots areas of weaknesses in your system and also carry out routine maintenance checks for new flaws and vulnerabilities. These are the minimum requirements for any safe website and I have grouped them into 10 must-have features for your website.
86. How to fix Security Vulnerabilities in NPM Dependencies in 3 Minutes
Hola people!!! 🥑
87. Is Cyber Security Hard? How to Find Your Way in
Cybersecurity is a broad, changing, challenging and complex field. To get into it, go beyond application forms with the tips described here.
88. What Role do DeviceCheck and SafetyNet play in App Authentication?
Both iOS and Android provide built-in device-level checks which can help prevent mobile application abuse. On iOS, DeviceCheck provides a way to associate a few pieces of information per app with each device, On Android, SafetyNet device attestation attempts to ensure that a device is running in a safe environment. These are useful capabilities, but they are only a small part of an in-depth mobile app and API protection scheme.
89. 2 Million Fitbit Accounts Were Exposed by Cybercriminals
A user on a well-known hacker community has leaked the emails and passwords of 1,999,999 users of the widely used health and fitness platform Fitbit, famous for its gadgets like smartwatches, and innovative fitness apps that track your training and sleeping patterns (among other things). The platform was recently acquired by Google LLC in a $2.1 billion USD deal.
90. Exploiting EIP-7702 Delegation in the Ethernaut Cashback Challenge — A Step-by-Step Writeup
How to exploit EIP-7702 delegation flaws: A deep dive into the Ethernaut Cashback challenge with bytecode hacks and storage attacks
91. Faster, Stronger, and 100% More Custom: A Grand Tour of Linux Kernels
Take a deep dive into the world of alternative Linux kernels that offer specialized performance, new features, and additional security.
92. What to Do When Your Hulu or Netflix Account Gets Hacked
Streaming service accounts get compromised all the time either due to data breaches, credential stuffing attacks from leaked databases, or simply because of users employing weak passwords.
93. A Guide to Password Hashing: How to Keep your Database Safe
Hashing algorithms are one-way functions. They take any string and turn it into a fixed-length “fingerprint” that is unable to be reversed. This means that if your data in your database is compromised, the hacker cannot get the user’s passwords if they were hashed well because at no point were they ever stored on the drive without being in their hashed form.
94. Is it Safe to Store Credit Card Information on Google Chrome?
Do not store your credit card information on Google Chrome! This article discusses why it's not safe to store your credit card information on Google chrome.
95. Best Physical Security Practices for Your Server Room
Your server room hosts your most important assets, so it deserves proper protection. Here are four physical security strategies to keep your server room secure.
96. The NuID Ecosystem: An Improved Identity Layer Putting Identity Ownership In Users’ Hands
The internet grew without an identity layer, meaning it grew without a reliable way of knowing or verifying who you were connecting to which can be dangerous.
97. Why We Rewrote Ockam in Rust
In the early days of Ockam we were developing a C library. Here's the story of why we decided to abandon tens of thousands of lines of C and rewrite in Rust
98. The Ultimate Security Guide for Cryptocurrency Investors

99. Catch Your Hacker: Use Honeypot Tools to Capture Hackers Red Handed
The number of security breaches and cybercrimes is increasing rapidly. With more and more approaches being transferred online, hackers have found their way of hacking into a system and corrupting the information or stealing data to turn it into profits. As the technology keeps on changing, the hacking attempts are also becoming smart and upgraded to ensure hackers are never caught in action.
100. PlayerUnknown’s Battlegrounds Main Menu Is Vulnerable to Hacking
<strong>Update: </strong>This security hole has been plugged. See my <a href="https://medium.com/@fsufitch/pubg-main-menu-hack-its-fixed-cbad28c706fa" target="_blank">next post</a> for details.
101. How to Build A Passwordless Authentication with Email and JWT
In this quick article, you'll see how to prevent one of the OWASP Top 10 security issues for websites: authentication that hasn't been implemented correctly.
102. Hashing Passwords In Python: Bcrypt Tutorial with Examples
Building a from-scratch server or using a lightweight framework is empowering. With that power comes responsibility, specifically the responsibility to securely store user’s passwords.
103. ISO/IEC 27035: The Incident Security Incident Management Guide
We will learn about the security incident phases, security incidents response planning (IRP), and Incident Response Team Structures.
104. Public Key Cryptography: RSA keys
I bet you created at least once an RSA key pair, usually because you needed to connect to GitHub and you wanted to avoid typing your password every time. You diligently followed the documentation on how to create SSH keys and after a couple of minutes your setup was complete.
105. BIP 32 Watch-Only Wallets
Bitcoin improvement proposal 32 is, in my opinion, one of the most important BIPs we have. (Thanks Peter Wuille!) BIP 32 gave us Hierarchical Deterministic Wallets. That is, the ability to create a tree of keys from a single seed.
106. Using the Common Vulnerability Scoring System
The common vulnerability scoring system (CVSS) is a way to assign scores to vulnerabilities on the basis of their principal characteristics.
107. 10 security tips for frontend developers
Web security is a topic that is often overlooked by frontend developers. When we assess the quality of the website, we often look at metrics like performance, SEO-friendliness, and accessibility, while the website’s capacity to withstand malicious attacks often falls under the radar. And even though the sensitive user data is stored server-side and significant measures must be taken by backend developers to protect the servers, in the end, the responsibility for securing that data is shared between both backend and frontend. While sensitive data may be safely locked in a backend warehouse, the frontend holds the keys to its front door, and stealing them is often the easiest way to gain access.
108. How to Hack Text Messages via SMS Tracker Apps
SMS tracker apps come with a wide range of valuable features, and they are usually quick and easy to install.
109. From Data to Decisions: Harnessing Open Banking for Enhanced Business Performance
Explore the transformative power of open banking and how it enhances business performance by leveraging shared customer data through secure APIs. Learn how open
110. New Generation OSINT Framework
This is an introductory article regarding on of the newest OSINT platform ThreatCops and its various interesting features and perks for identity protection.
111. LocalBitcoins Review: I'm Not the Only One Who's Been Scammed
This isn’t a review, and — as much as I wish it was — it’s not a promotion either. It’s a firsthand account… a testament to the continual negative impact of frauds in the crypto space. I wrote this article to make the community aware that LocalBitcoins doesn’t consider to accept moral responsibility when users get scammed on the platform.
112. How $100M Got Stolen From DeFi in 2021: Price Oracle Manipulation And Flash Loan Attacks Explained
The world witnessed some of the massive DeFi hacks in 2021 on some of the most renowned protocols like bZx, Cheese Bank, Harvest Finance, Value Defi, etc.
113. Top 25 Nginx Tips and Tricks From Practical Experience
I will try to talk about how Nginx works and some tips and tricks from practical experience.
114. How to Hack a Windows Machine Like a Pro Hacker
In this article, we are going to discuss how we can hack into a windows 10 operating system using some really cool tricks and some highly advanced hardware.
115. DevSecOps Introduction: Clear Instructions on How to Build a DevSecOps Pipeline in AWS [Part 1]
DevSecOps is the new buzz and definitely a potential candidate to scare people in the ever-changing software industry. When I heard the term for the first time, my inner voice said it out loud, "When just this Happened, and why SEC is sandwich between them ?". Later on, to look cool, I started adding DevSecOps on my profile, but the dire consequence was a complete disappointment. DevSecOps isn't just restricted to understand security by heart & fit it with DevOps. A good analogy would be not to imagine your ex with someone, especially with your girlfriend/wife. It is all about "Shift left on Security" i.e. to introduce security as early as possible in the SDLC. Though I am not going to bore you with the definitions and concepts as I am a practical person. Thus, my objective here is to demonstrate how DevSecOps works in reality. The following series split into two parts (refer below) with very simple and clear instructions to provision a CI/CD pipeline adhering to DevSecOps principles in AWS. Everything covered from scratch you won't face any difficulty understanding. In case of any clarification, drop me a note on LinkedIn. Feel free to explore them with ease, skip to the one which is relevant to you.
116. What is the Difference between Telnet and SSH?
Telnet and SSH are network protocols used to manage and access devices remotely. SSH is more secure and preferred because it encrypts data sent over the network
117. How to Run Reverse Shell for Hacking in Linux
A reverse shell is a hacking vulnerability that the hacker executes .php codes or an executable file in which he gets access to the shell of the target system.
118. Ockam Routing: Building End-to-End Channels
Learn how to create secure channels over multi-hop, multi-protocol routes which can span various network topologies and transport protocols.
119. Aptible Enclave: Elevating Data Security in DevOps Environments
Aptible Enclave fortifies data security in DevOps with its secure infrastructure for database management.
120. Things You Must Know About git-crypt To Successfully Protect Your Secret Data
Many software projects use secrets - usually, keys to external APIs or credentials to access an external resource such as a database. Your application needs these keys at runtime, so you need to be able to provide them when you deploy your application, or as a step in preparing your deployment environment.
121. The Dangers of SVG Files: A Lesser-Known Vector for XSS Attacks
One lesser-known vector for XSS attacks is the SVG image format. SVGs support JavaScript using the <script> tag, which can be exploited by attackers.
122. What Is White-Box Cryptography?
White-box cryptography combines methods of encryption and obfuscation to embed secret keys within application code. The goal is to combine code and keys in such a way that the two are indistinguishable to an attacker, and the new "white-box" program can be safely run in an insecure environment.
123. Implementing 2FA: How Time-Based One-Time Password Actually Works [With Python Examples]
If you care about your security on the web, you probably use a Two-Factor authentication (2FA) method to protect your accounts. There are various 2FA methods available out there, a combination of password + fingerprint, for example, is one of them. However, since not so many people have a fingerprint reader available all the time, one of the most popular 2FA methods today is to use an authenticator app on your cellphone to generate a temporary password that expires within a minute or even less. But, how does this temporary password, called Time-Based One-Time Password (TOTP) works, and how can I implement that on my own service?
124. The Dangers of DeepFake Technology: Exploring the Potential Risks of AI-Generated Videos and Images
As much as there may be some positives to deepfake technology, the negatives easily overwhelm the positives in our growing society.
125. The Biggest Problems with WhatsApp's Privacy Practices
A new report now claims that Whatsapp messages are not end-to-end encrypted.
126. 5 Budget Christmas Presents for the Cybersecurity Pro You Know (And 5 Hacker ‘Luxury’ Items)
You know how it goes. You're desperately trying to think of a good present for the hacker in your life. This list will give you the inspiration you need.
127. Apache Web Server Hardening: How To Protect Your Server From Attacks
he web server has a crucial role in web-based applications. Since most of us leave it to the default configuration, it can leak sensitive data regarding the web server.
128. What is Broken Access Control and Why Should You Care?
With broken access control being one of the most prevalent weaknesses for web applications, it’s important to not only understand it, but to prevent it also.
129. 8 Must-Have Security Tools for Developers
Today, the network perimeter is dead, and attackers have direct access to applications - only a click away from an organization’s sensitive data.
130. Why Crypto Custodians Are Still A Weak Link
Using Natural Language data streams fed into NTerminal to detect security vulnerabilities, fraud, withdrawal problems
131. Cryptology Vs. Cryptography Vs. Cryptanalysis - Get your Vocabulary Right!
Many new developers are jumping right into coding (usually for those fat paychecks) without learning much about the history of Computer Science. People regarded Alan Turing as the father of Computer Science. He was first a cryptologist and mathematician. Then, he pioneered the field of CS in order to solve cryptological problems.
132. How to Build a Smooth Authentication Flow System with Firebase
This tutorial involves going through a step-by-step guide on how to set up the Firebase authentication service, and then a walk-through of how to implement it.
133. What are the Primary Security Architectures in use Today?
In my latest article about “The Rise Of Zero Trust Architecture”, I wrote about the broad and rapid adoption of this relatively new concept in the world of cybersecurity. However, there are still several other security architectures which are in use today:
134. HMAC and MAC Explained: How To Build Secure Authentication With JWTs
HMACs and MACs are authentication codes and are often the backbone of JWT authentication systems. Let's take a look at how they work!
135. Micro-DevOps With Systemd: Supercharge Any Ordinary Linux Server
Read about how systemd can help make Linux workloads resilient, secure, and easy to manage without the overhead of a container orchestrator.
136. How to Deactivate or Delete a Facebook Account, Page, or Group
How to deactivate or delete a Facebook user account, page, and group. You can do this by going to Settings and following simple steps mentioned in this guide.
137. Telegram Bots: How They Are Used
Telegram bots have a variety of functions; they range from setting notifications to website monitoring. Find out more about how these bots are being used here.
138. Command and Control Frameworks in a Nutshell
A glimpse over Command and Control attacks and frameworks, how they happen, and how they can affect our daily lives.
139. Setting Up AWS SecurityHub With Terraform in a Minute
A simple example of setting up SecurityHub at the Organization level with Terraform.
140. The Five Linux Distros Hackers Prefer
These are the Linux distros recommended by hackers
141. How to Black Out Text in a PDF with Photoshop or for Free in Canva
Here's how to black out and blur out text in both Photoshop and Canva so your sensitive information stays safe.
142. How to Use Gulp to Protect Your Code
In this post, we'll show you how to protect your code with Jscrambler while using Gulp with a guide on how to set it all up to streamline the process.
143. How to Implement QA Testing in a Confidential and Secure Manner
‘Privacy’ and ‘Confidentiality’ are often used interchangeably but they are not the same.
144. "Embeddings Aren't Human Readable" And Other Nonsense
The research and breakthroughs in embedding inversion attacks make it clear that embeddings are, in fact, reversible back into forms that are fully human readab
145. Building Reproducible, Verifiable Binaries with Golang
A quick and easy way to compile reproducible binaries with Golang.
146. The Biggest NFT Rug Pulls in History: How to Identify Crypto Scams
Fraud in the NFT-sphere. How it works and how to protect yourself from scams. Let's talk about the main red flags that will help identify rug pull.
147. How Nexera ID is Bringing Privacy and Security to DeFi
AllianceBlock is helping to close the gap between decentralised finance and traditional finance by solving problems in both areas and bringing them closer.
148. No Sandwich, Please! - Popular DeFi Attack Strategy Analysis
A recent CipherTrace study paints a sad picture: even though crypto users’ losses from criminal attacks have dramatically fallen by 57% in 2020 to $1.9 billion (compared to $4.5 billion in 2019), fraud within the DeFi space continues to grow, leaving more users deceived.
149. How To Decode Django Sessions in PostgreSQL
When solving a problem that requires you to link a user's session data to their actual user object, Postgres comes in handy.
150. How to Prevent Juice Jacking
Juice jacking occurs when a hacker has infected a USB port with some form of malware or other harmful software.
151. How to Exploit Prototype Pollution?
Prototype Pollution is a JavaScript related vulnerability. This article explains how it works and how to exploit it bypassing security checks of the app.
152. 5 Negative Behavioral Effects of Cyber Security on Organization
The effect of individual behavior on cyber-security is essential to the safety and protection of information or data in corporate organizations, government, financial institutions, and all other organizations you can imagine. The risk of breaching has a negative effect and has severe consequences.
153. How to Set Up Portable VirtualBox With Kali Linux
This a short tutorial on setting up Portable Virtualbox with Kali Linux.
154. What is a Social Recovery Wallet?
How do we prevent users' funds from being lost or stolen?
155. Ethereum, You Are A Centralized Cryptocurrency. Stop Telling Us That You Aren't
When looking at Ethereum, there are some good things I can say about it and some bad. Ethereum did early stage investors in their ICO right, in the fact that the 2014 ICO price was $0.30.
156. Uncover the Best Privacy Coins in 2021
Cryptocurrencies have emerged as a reliable tool allowing online users to control their own money without the participation of outsiders.
157. What Is The Best Private Encrypted Messenger! [10 Messengers Evaluated]
Updated 01/13/2020
158. How to Create a Personal Residential Proxy to Bypass Geo Restrictions
By setting up a peer-to-peer(P2P) VPN and connecting my laptop and desktop to it, I was able to route the traffic of my laptop in India to my desktop in the US.
159. Explore How to Effectively Use JWT With FastAPI
Develop and test JWT with FastAPI
160. Multi-Cloud DevOps: Strategies for Seamless Cross-Platform Deployment
Learn how to navigate the complexities of multiple cloud environments and optimize your development process for enhanced collaboration and scalability.
161. Connecting to Schlage's New WiFi Locks Is Not Easy
I like Schlage’s smartlocks, and have used them for years. Built by a company with a long history of making reasonably secure, reliable locks, I’ve used several of their Z-Wave locks over the years, but Z-Wave is…Z-Wave. Proprietary until recently, a PIA to troubleshoot, and while the technology held a lot of promise on paper, in reality it’s been the cause for many a swear word to erupt from my mouth (I realize this is partially due to the controllers I’ve used over the years).
162. Migrating from Pod Security Policies: A Comprehensive Guide
Transition to PSA: Migrate from Pod Security Policies (PSP) to native Pod Security Admission (PSA) in Kubernetes for enhanced security.
163. How I Created a Zero Trust Overlay Network in my Home
Enabling a secure home automation experience, by creating a zero trust overlay network to access #HomeAssistant.
164. Decentralized Identity (DID) and KYC in Blockchain Gambling: Privacy vs. Compliance
Explore how Decentralized Identity (DID) reshapes KYC in blockchain gambling - using ZKPs, verifiable credentials, and real-world pilots to balance privacy.
165. How to Build-in Security as a SaaS Feature: A Guide

166. Private Networks: How Tailscale Works
People often ask us for an overview of how Tailscale works. We’ve been putting off answering that, because we kept changing it! But now things have started to settle down.
167. On Multichain and Interoperability with Maciej Baj and Jacobi Kowalewski
In this Slogging AMA, we welcome Maciej Baj and Jacob Kowalewski from t3rn, a smart contracts platform.
168. Imagine Yourself Being A Hacker [Beginner's Guide]
Make no mistake, the knowledge of hacking is different from a hacker. A hacker is a person, not the skill. And the use of any knowledge is a personal choice and that choice isn’t universal. The same way some politicians are corrupt, some hackers are corrupt. The same way some politicians are good, some hackers are good also. You may be a Satoshi Nakamoto or an Albert Gonzalez, it is your choice. There is nothing wrong with the hacker knowledge. It is all about you. What You’ll Learn
169. What to Expect When Expecting (to Work with a Crypto Recovery Expert)
The crypto industry isn't known for its customer support. But that doesn't mean it's nonexistent. Recovery experts can help, but how do you know if its legit?
170. Decentralized VPN: The Evolution of Tor?
VPN vs Tor vs dVPN - What are the real differences?
171. Deep Dive into SSL certificates
A deep dive discussion on SSL certificate
172. NodeJS Security Headers: 101
When we talk about security wrt any web application its a multiple dimensional thing it will involve a number of different aspects:
173. Do You Need to Hire a Fraud Specialist?
Learn why fraud prevention & cybersecurity matter, the role of a fraud specialist, challenges for business analysts transitioning, and need for SQL skills.
174. The Trouble with FIPS
FIPS 140 sets the standard for cryptography used in the United States, but it's got problems. Because of FIPS, we all have problems.
175. OWASP Top 14 Security Practices For Software Developers
★ The objective of this guide is to provide a comprehensive review of the security principles with limited scope in terms of information. The primary goal of the software developing team is to use the available information resource to provide and build secure applications for your business and software operations. It could be obtained through the industry-standard implementation of security controls.
176. Docker is dead. Long live the Unikernel.
As the cloud-native ecosystem evolves, it is beginning to appear as if a challenger to containerization has emerged. In this blog post, I'm going to dive into what unikernels are, and why I think they will be the most likely candidate to replace container-based infrastructure.
177. Is 128 Bit Encryption Enough?
There are a lot of cloud services that tout encryption strength as a measure of how well they guard your data. It is quoted in bits, which is the
size of the key. So you see services quoting 128 bit, 256 bit or even
2048 bit.
178. Top 10 Best Private Encrypted Messengers Designed For Security Nuts
Being concerned with the security of online communication and information exchange is absolutely OK. It is a reflection of the fact that you
are aware of global surveillance happening every second of our presence online. Our online activities are monitored, intercepted, collected, and stored. And now imagine that what you know is only the small fraction of what is really happening with our information.
179. Should Regulators License Blockchain Oracles?
Blockchain oracles, or off-chain data providers, are key players in the blockchain ecosystem - wielding as much if not more power than miners and protocols developers. Often misunderstood and overlooked, they suffer from constant misuse and security vulnerabilities. Licensing and endorsing professional oracles is key to improving the overall health of the blockchain ecosystem.
180. OWASP Top 10 .NET Protection: A Guide (Part 1)
The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.
In this article, I want to cover the first part of the TOP 10 vulnerabilities and how to protect against them using .NET.
181. Should You Disable Autofill? - Here's How to Protect Your Passwords
Password managers are beneficial to have but the autofill feature can be exploited by hackers. You should disable autofill on your browser to protect your data.
182. Security Considerations in Golang
Golang recently turned 10 and the success this language has created over the last 10 years is overwhelming. Today, many of the most popular DevOps tools are now written in Go. This proves that Go is a language that has a great future in the DevOps industry. It is meant for cloud network infrastructure practitioners - this was one of the primary goals of the Go creators. As a result, Every major cloud provider today has turned to Go for their core cloud infrastructure, to name some - Docker, Kubernetes, Istio, Etcd, Prometheus, and Terraform.
183. The Best Car Anti-Theft Devices to Fight a New Age of Thieves
Older car anti-theft devices do not take long to be disabled. It is safer to use the kill switch, CarGPS tracking, Geofencing Trackers, AirTag and SmartTag,
184. 9 Essential Factors to Consider Before You Install A Security System
In the US, a burglary happens every 23 seconds on average. This number is even higher in developing countries.
185. How Does the Government Access Your Data?
It’s Not (Exactly) 1984, but Big Brother Is Certainly Watching!
186. How RAT Mutants, in Python, Steal Data and Evade Detection
Even though malicious Python packages are found every day by our security researchers, a new type of malware we call RAT mutants is catching our attention.
187. An Intro to Zero Trust Architecture
Zero Trust isn’t a new concept. It was first presented in 2009 by John Kindervag, a former principal analyst at Forrester Research.
188. Ethereum 2.0 vs Bitcoin Cash vs Algorand: A Comparison of Upcoming Features
The year 2020 has witnessed a significant growth and adoption for cryptocurrency projects, moving past the hype and shady get rich quick projects.
189. 10 IEO Initial Exchange Offering Agencies to follow
Many of us expected STOs to became the crypto trend of 2018, but it didn’t happen. This was partly due to the very stringent regulations on securities and partly because participating in an STO requires more technical skills and financial acumen than the average crypto investor has. Instead, a completely new and very promising model has emerged – initial exchange offerings (IEOs).
190. Build Your Bug Bounty: Smart Contract Pentesting Overview
This guide, written by whitehat Lucash-dev for Immunefi, will help you set up a local environment, reproduce DeFi exploits. Join Immunefi bug bounty platform!
191. How to Spoof Your GPS Location on iPhone
Learn how to easily fake your iPhone's GPS location without jailbreaking! Follow this step-by-step guide to spoof your GPS location on any iOS device.
192. Adversarial Machine Learning and Its Role in Fooling AI
shortly after the launch of Face ID, researchers from Vietnam breached it by a 3D face mask. Such attacks against ML-based AI systems come under adversarial machine learning.
193. SQL Injections: Beginners Guide
The basics of how to test and protect your application
194. How to Protect Yourself by Removing Geolocation Data from your Photos
Geolocation data is stored in each photo we take on our phones. This article discusses why it is used and more importantly, how to remove this data.
195. Security in The Sea of Decentralized Finance
How do you avoid losing funds due to your own negligence.
196. Overloaded "Online vs Offline" in EMV Card Processing
When EMV card processing is discussed, one confusing usage of terminology is Online vs Offline. They mean different things in different context.
197. Video Chatting Might Lead You to Identity Theft and Scams
One might think that the internet was designed for the consumer to remain anonymous and share their ideas without any censorship. But it isn’t the case anymore, especially since the abrupt commercialization of the technology and the rise of social media, which has paved the way for big corporations and regimes to take note of user data and activity, like never before.
198. End-to-End Encryption Basics
Imagine, you are messaging your business partner about a super secret idea, it is worth $ 1m, will you trust the messaging application not to read your super secret conversation? No, right. No one will, still people across the world use whatsapp for such sensitive messaging (although I prefer telegram for my secret conversations). Well, turns out, it is because most messaging apps(including whatsapp) use a technique called End to End Encryption, which doesn’t allow these messaging services or their employees to read your conversations with your contacts. But how does this works, well, that is what we will try to understand here.
199. Deciphering Pesticide Resistance in the Digital Currency Space
Uncontrolled use of deanonymizing technologies, such as blockchain forensics and darknet monitoring tools can threaten long-term security and safety of digital ecosystems.
200. ERC20 Infinite Approval: A Battle Between Convenience and Security
In order to save money and time, many users choose infinite approval when needed. As a result, they do not know the day when they suddenly find that their token has been transferred away.
201. Pros and Cons of Cybersecurity Automation
As tech develops, automation is becoming the standard. But can automation be applied to cybersecurity successfully, or is a human touch still needed?
202. Launching DDos Attacks Using Various Programs and Methods
DDoS attack or Distributed Denial of Service attack is an attack aiming to destroy the service of a website by crashing its server by sending a lot of packets and requests to the server. The hackers usually use tools like the low orbit ion cannon, ping of death, SYN flood, HTTP flood & more.
203. How to Harden K8S: Based On the Recent Updated NSA's Kubernetes Hardening Guide
Recently, NSA updated the Kubernetes Hardening Guide, and thus I would like to share these great resources with you and other best practices on K8S security.
204. Working with Salesforce APIs? Of CORS!
In this post, we’ll take a closer look at how Cross-Origin Resource Sharing,/CORS, operates. By working with a small Node.js app that interacts with salesforce.
205. SaaS Apps Are Less Compliant Than You Think: An Analysis of The Top 1,000 SaaS Apps
Today’s IT and operations professionals might find themselves feeling like the opposite of Spiderman. With great responsibility comes … no power? The stakes are higher than ever to ensure that their organizations are protected from a security and compliance perspective, but new survey data from Blissfully shows that the most popular SaaS applications are less compliant than you’d think.
206. Disinformation-as-a-Service: Content Marketing’s Evil Twin
Are you tired of all the BS out there on the internet? It's about to get A LOT worse. Dirt-cheap disinformation-as-a-Service campaigns are a thing now.
207. Network Security: Things Most People Don’t Think About
There are a lot of things most people do not think about that can dramatically increase the level of security on a network
208. Deploying AES Encryption On Cryptool 2.1
The AES encryption algorithm is a block cipher consist of a block length of 128 bits that uses the same encryption key to perform several rounds of encryption.
209. Using Open Source AWS Amplify JS with Cognito to Secure Angular Apps
This article shows how to set up the Cognito UserPools JWT authentication flow and how it will integrate with an Angular Web Application.
210. How to Build a Self-Hosted Password Vault: A Step-by-Step Guide
It can be risky to self-host a password vault if a user lacks full security competence and exposes the vault to the internet.
211. Homomorphic Encryption: Introduction And Use Cases
Organizations nowadays are storing and performing computation of the data on the cloud instead of handling themselves. Cloud Service Providers (CSPs) provide these services at an affordable cost and low maintenance. But to ensure compliance and retain privacy, organizations need to transfer the data in an encrypted format, which does ensure the confidentiality of the data. However, once the data reaches the cloud, the CSP has to decrypt the data to perform operation or computation.
212. Watch Out! Fake Tether in Circulation!
In our big Facebook group a few hours ago a member wrote that 34’000€ disappeared from his Atomic Wallet. What happened?
213. Is Incognito Mode as Safe as You Think?
Browsing in incognito mode may seem like a good idea, but it is not as safe as you think. It still has certain limitations that can put your privacy at risk.
214. How To Debug JSON Web Tokens (JWTs)
So many modern web applications, both client-side and server-side, use JSON Web Tokens (JWTs) for authentication, and this is an excellent approach. However when things don't work, it can be tricky to work out why. This post aims to give you some tactics for understanding and correcting problems with JWTs. If you're just getting started, check out the documentation on working with JWTs and our APIs first.
215. Prevent Reverse Tabnabbing Attacks With Proper noopener, noreferrer, and nofollow Attribution
Now and then, when you click on a link on a website, the link will be opened in a new tab, but the old tab will also be redirected to some other phishing website where it asks you to login or starts downloading some malware to your device. In this blog post, I will explain how something like this is achieved, and how to easily prevent this from happening in your own websites.
216. How to Make Requests Over Tor Browser Using Python
To make requests over Tor using Python3, we are going to be utilizing a Python controller library for Tor called Stem.
217. Automatically Scan Your Project Dependencies for Vulnerabilities Using Docker, Jenkins (Part 2/2)
The OWASP Dependency-Check tool is a popular tool to check dependencies. We will discuss how we can run it standalone or integrate it into CI/CD Pipeline.
218. WTF is a Bitcoin Mixing Service and Why Do You Need One?
Cryptocurrency has two opposing features to provide its worth and inability to falsify. Anonymity of Bitcoin has pulled masses of people to cryptocurrency blockchain. They have felt more freely with their finance.
219. 5 Best Anonymous Browsers: How To Stay Protected Online
In 2019 our devices know us better than close friends and relatives. Browsers, messengers, social media trackers analyse the actions you do online and your interactions with content to expand their manipulation. The history of browsing is used to target ads and create more triggering banners for you exclusively. These technological advancements might look smart and comfortable, but the invasion of privacy has gone too far.
220. 5 CSRF Vulnerabilities Known For Highest Bounty Rewards
If you don’t know, a bug bounty program is a modern strategy to encourage the public to find and report bugs or vulnerabilities in software — especially the security bugs that may be misused by cybercriminals. Most of the big technology companies like Facebook, Google, and Microsoft employ bug bounties.
221. Penetration Testing And Vulnerability Scanning
Dive into the realm of cybersecurity with our in-depth exploration of vulnerability scanning and penetration testing. Uncover the nuances, security issues, and
222. An Introduction to Key Derivation Functions: Argon2, Scrypt, and PBKDF2
A key derivation function, or KDF, derives one or many secret keys from a secret value. Therefore, If you've ever needed to store a password in a database or create a private key from a password, you may have used a KDF.
223. Tier 1 Smart Contract Auditors: Hacken, Hashlock, Cyfrin, CertiK, OpenZeppelin, SolidProof
Established crypto auditors help secure the industry by validating smart contracts and development teams.
224. Why You Should Avoid Using Public WiFi
Why You Should Avoid Using Public WiFi
225. Exploring Cross-Site Scripting (XSS): Risks, Vulnerabilities, and Prevention Measures
Cross-site scripting (XSS) is a common web security issue that can expose your web application and its users to various attacks. In this article, you will learn
226. How to Solve the Common Problems of Embedded Firmware
Firmware is an integral part of any embedded system. A device is more than a combination of components. Without instructions, the microcontrollers do not “know” how to manage the peripherals. But embedded firmware development is not an easy task. It involves not only coding but a lot of testing and debugging as well. Today, we are going to talk about the common challenges of embedded firmware programming and their solutions.
227. 51 Stories To Learn About Cybersecurity Skills
Learn everything you need to know about Cybersecurity Skills via these 51 free HackerNoon stories.
228. What is SIM Swapping and How Do You Prevent It?
This post covers how to prevent SIM swapping and all of the aspects that make up this insidious cybercrime.
229. Auth0 vs Okta vs Cognito vs SuperTokens Compared (2022)
An in depth review of Auth0 alternatives for 2022: Auth0 vs Okta vs Cognito vs SuperTokens
230. When Did Cyber Security Start?
Cybersecurity began between 1970 and 1972 with the publications of the Ware and Anderson reports. The Ware Report set out a number of different security control
231. Security Best Practices for Node.js Apps

Node.js Security Guide
232. Worried About Your Crypto's Custody? Outsource Everything Except Key Management
A year into my stint at the Bank of France, I was still struggling to understand why they employ cryptographers. One day, I saw them huddled around a white board for a few hours and struck up a conversation. They walked me through their highly sophisticated key management solution that included everything from certificate signing mechanisms to deep traffic inspection contraptions. Baffled by the complexity of it all, I resorted to my go-to cryptographer question - "So, where are the keys?". The key storage, as it turned out, was outsourced to "a cool startup here in Paris.”
233. YARA Rules in a Nutshell
YARA rules can be used to help researchers identify and classify malware samples. They are beneficial for reverse engineering or during an incident response.
234. Analyzing the 12/31/2022 Slack Security Incident
On December 31, 2022, Slack reported a security breach that affected some of its customers.
235. A Deep Dive Into AWS Key Management Service (KMS)
AWS KMS Security and Key Management
236. 5 Notorious Paypal Invoice Scams & How to Avoid Them
Five examples of what a Paypal invoice scam is, why it works and how to avoid geting scammed by one.
237. 7 Ways to Secure Your Social Media Accounts
In the world today, cybersecurity attacks happen every 39 seconds. 300,000 new malware is created every day; our beloved Facebook is attacked 100k+ a day; and, just very recently had a massive security breach.
238. Secure Rendering: A New Browser Standard for User Privacy
I've been having conversations with some browser vendors about improving security for both users and enterprises. This article is an attempt to quickly summarize the why and what and aid in the guide of developing such a standard.
239. Top 7 Kubernetes Security Practices Everyone Should Follow
Kubernetes is the Greek word for helmsman or pilot. It is now accelerating the digital transformation at firms by helping them transition away from legacy technology and embrace cloud-native software development. The recent KubeCon event had a gathering of more than 12,000 developers and executives from around the world in San Diego. Every company wants to take advantage of Kubernetes and its ability to automatically deploy, manage, and scale software workloads in the cloud.
240. How To Store Encrypted Data Collected By Your Web Application With PHP7 and LibSodium
Reasonable security through architecture
241. Store API Credentials Safely: Obfuscation Before Encryption is Key
How to keep API secrets and keep peace of mind.
242. Integrating DAST Into Your CI/CD Pipeline: Benefits and Implementation
This article highlights the value of integrating DAST into your CI/CD pipeline, exploring how it can significantly enhance your application's security posture.
243. How to Build a Scalable Tech Stack for a Growing SaaS Product
In this article, I describe the main technical components of a SaaS product, and best practices around each one of them.
244. Vulnerability Management: Identify, Classify, Remediate, and Mitigate
1.Vulnerability Management:
245. Podman CLI Guide for Docker Users
Podman is the command-line interface tool that lets you interact with Libpod, a library for running and managing OCI-based containers. It is important to note that Podman doesn't depend on a daemon, and it doesn't require root privileges.
246. A Comprehensive Guide to OpenAPI Specification
OpenAPI Specification (formerly Swagger Specification) is an API description format for REST APIs. An OpenAPI file allows you to describe your entire API.
247. How to Secure Your Laravel Application
Nowadays, the tools we use to browse the internet require us to follow security standards. Otherwise, they tend to flag our web applications/sites as insecure.
248. Sigma Protocols for the Working Programmer
Intro to sigma protocols which enable private authentication and transaction signing via Fiat-Shamir heuristic. Core technology behind Ergo blockchain security
249. Your USB Gadget Could Be Weaponized
Cybersecurity experts have been warning us for years about using USB devices. We look at how an ordinary USB-powered device can be easily weaponized.
250. So, Like, What is an API Key Really? And How Does it Provide Security?
An API key is a secret code that gets you inside. Yeah it does!
251. How to Solve the Frontrunning Vulnerability in Smart Contracts
This blog post describes the frontrunning vulnerability in Solidity smart contracts and how this can be prevented. Read on to find out more…
252. Signal Vs. WhatsApp Vs. Utopia: Who Is The Obvious Winner?
The 21st century is the age of technology and the Internet. Today, the whole world is online. We are increasingly moving all our business to the Internet space. It is the place where we work, communicate, order food, pay for purchases, watch movies and listen to music.
253. Companies Pay Big Money to Have the Location Data From Your Phone
Companies that you likely have never heard of are hawking access to the location history on your mobile phone.
254. Time Bombs Inside Software: 0-Day Log4Shell is Just the Tip of The Iceberg
CVE 2021–45046, says the fix to address CVE-2021–44228 in Apache Log4j 2.15.0 was "incomplete in certain non-default configurations."
255. How To Setup Environmental Variables In A Rails Application
Security is and will always be a very big deal, this is largely true in all spheres of life but more-so in software development. One costly mistake can leave you vulnerable to stolen API Keys and Secrets, we wouldn't want that now, would we?
256. 3 Reasons to Use a Private Browser and Where to Find One
Three reasons why you beed a private browser for safe and secure browsing, regardless of what you're doing online.
257. How to Shorten URLs Without Tracking With The Markup's Smol Links
Instead, we found an existing privacy-minded URL shortener called Shlink, built a custom WordPress plugin on top of it called Smol Links...
258. The Impact of Biometric Recognition Failures on Security
Discover how failures in biometric recognition methods can impact security in with examples of false acceptance and rejection in biometric verification.
259. Data Leak of $1B “Tech Unicorn” Gorillas Shows How Far Venture Capital Has Fallen
VC money is spilling out onto the streets, and despite millions of dollars of investment tech companies still neglect their security.
260. LastPass Confirms Hackers Stole Encrypted Password Vaults... Four Months Ago
A password vault leak had happened four months ago and LastPass is only telling you that now.
261. Blockchain Influencers to Follow in 2021
There are several options for crypto security. If you hold any cryptocurrencies, you will need a wallet to store your assets. This covers crypto security tips.
262. Is it Safe to Connect to Public WiFi?
Public WiFi is not as safe as you think. This article discusses some of the security risks with public WiFi and what you can do to stay safe on the public WiFi.
263. Using Cerbos to Navigate User Permissions
Cerbos is an open-source decoupled access control for your software making user permissions and authorization simple to implement and manage.
264. Simple Introduction to Google Identity Services
This was an introductory article to give general idea of Google Identity Services. Google docs are confusing and messy. So I have given you direct links. Enjoy!
265. Modernizing Secrets Scanning: Part 1–the Problem
Today I'd like to share some new approaches to secret search at the scanner level.
266. How Can Password-Free Identity Verification Safeguard User Privacy?
Traditional identity verification methods usually have security risks. Unlike these methods, FIDO-based identity verification is much safer and convenient.
267. How Do I Adopt a 'Zero Trust' Framework?
With increased attack surfaces caused by businesses migrating to the cloud and remote workers, Zero Trust has become cybersecurity's most valuable thing.
268. Decentralized web / dWeb - what is it?
envisioning a web that revolves around the user, not the server and not the Blockchain
269. Challenges of Working With Cryptography APIs in NodeJS
One of the main reasons that lead to insecure NodeJS applications is insecure or bad usage of cryptography APIs. Developers who are not very familiar with such APIs and the underlying crypto concepts often struggle to choose secure configuration options or to even get their code up and running.
270. Cracking The HMAC Message Authentication System In Cryptography
★ HMAC, a popular authentication mechanism used for authenticating a message using cryptographic hash functions.
271. Do Notepad++ Plugins Expose Users to Cyber Threats?
Does Notepad++ make it easier for hackers to invade systems? Get to know how you can protect yourself while using Notepad++
272. Facial Recognition Login: Is This The New Security Standard?
Facial recognition could help your business enhance security standards 10X. We explore the business challenges the technology can solve.Thirty thousand. That’s the number of infrared dots used by the latest standard today to create a map of your face for authentication and enable you to securely access your device. The process is as simple as it can get - look right into the camera and the facial login system does the rest. Today, facial recognition login isn’t restricted to unlocking phones, tagging people on social media or scanning crowds for security threats. It’s made its way into gaming, grocery stores, airports and payment platforms. Facial recognition login software and biometric technology are making inroads into building robust security platforms - with a system that’s designed to prevent spoofing by masks or photos. It’s permeated into security and law enforcement, even making paperless travel a reality.
273. The Vulnerabilities of NFC Payments Need to be Addressed
Even though NFC appears to be so easy and convenient, it is not without its vulnerabilities, especially in regards to security.
274. What is Cyber Grooming?
Cyber grooming is one of the most dangerous types of cyber crimes since the victims are teenagers and young kids.
275. 5 Tips to Prevent Hackers From Stealing Your Crypto Assets
With the continuing rise of cybercrime and targeting private computers, tablets, and phones, the question is not if but when you will be hacked. So, better safe than sorry, make sure your crypto assets are safe and secure even if your device is breached by sticking to the following tips.
276. Custom HTTP Request Signing: A Detailed Guide to Writing a Burp Suite Extension
In this article, I'll walk you through how to reverse-engineer Javascript code and show you how to write my Burp Suite extension in practice.
277. The Do’s and Don’ts of Writing Crypto Code
<em>Writing cryptographic software or adding encryption to an app is an undertaking with numerous pitfalls for a first-timer. And for those already experienced in dealing with crypto matters, simple carelessness or self-assurance can lead to catastrophic results.</em>
278. Top Benefits of Incorporating Machine Learning Into Business Processes

Machine learning and Artificial Intelligence have created a lot of buzz in the business sector. Marketers and business analysts are curious to know about the benefits and the applications of machine learning in business.
279. The Collaboration Tools that Support on-premise Deployment
Read this blog to discover the relevance of the On-Premise deployment model, as well as collaboration tools like Troop Messenger, AnyDesk, etc. that support it.
280. What happened After I Scanned 2.6 Million Domains for Exposed .DS_Store Files

281. What an IP Address Can Reveal About You
Is it possible to trace an IP ? To what extent does it reveal your physical location? How to prevent your IP from being tracked? Let's learn more about IP.
282. The Top Essential Skills for JavaScript Developers
JavaScript reigns supreme. The flexible programming language is currently ranked as the most commonly used programming language in the world by GitHub. It is also instrumental in web development--an estimated 95% of websites utilize the language in some way.
283. The “Connection Not Private” Warning Explained
Each time you visit a website, your web browser (e.g., Chrome, Safari, or Firefox) first checks for the existence of one of two digital certificates
284. Defining the Difference Between EPP, EDR, MDR & XDR
Before going into details about the pros and cons of EPP, EDR and XDR, I want to set the common field and introduce the basics about their differences.
285. How to Share Google Docs Securely with a Google Apps Script
Add Additional Data Protections to G Suite with the Virtru SDK
286. Quantum Computation and Its Possible Effects on Society
This paper will discuss what quantum computation is and the effects it can have on the way our society works.
287. Mastering CI/CD Security: A Step-by-Step Guide for Beginners and Beyond
Master CI/CD: A Beginner's Guide simplifies CI/CD through imaginative storytelling with superhero robots securing a spaceship.
288. Cryptography Trends and News for 2020
Quantum Computing
289. Top 5 Internet Browsers for Privacy and Security in 2021
Here are some popular and exciting browsers that provide a high level of services for such users including Chrome, Tor, GoLogin, and more.
290. JSON Web Token: How To Secure Your Data With JWT
A JSON Web Token (JWT) is an open standard (RFC 7519) that defines a way for securely transferring information between two parties. It can be used for an authentication system. As this information is digitally signed, it can be verified and trusted.
291. How to Tell if Your Twitter Has Been Hacked
Twitter is a popular social media platform used to interact with other users via tweets. These four indicators will help tell if your Twitter has been hacked.
292. The Zomato API Bug That Turns Phone Numbers Into Location Intel
By uploading a phone number, bad actors can extract a user’’ restaurant recommendation history and restaurant coordinates.
293. Log4J Vulnerability: A Legacy of Cybersecurity from Java to Blockchain and Minecraft
The who, what, where, why, and how to fix the Log4j vulnerability.
294. How to Build a Secure REST API with OpenID Connect
In this article, we’ll take a look at building a secured REST API by integrating with Okta as the identity provider via OpenID Connect (OIDC). This article is based on the DZone article Building a Java REST API with Quarkus, which explains how to create a Java REST API with Quarkus and Okta. We will be implementing a similar scenario here by using Ballerinalang, and show how it’s simpler and more straightforward to implement compared to our Java counterpart.
295. Secure Coding Practices Every Developer Should Know
This introductory article will help you to understand the best security standards and secure coding practices.
296. Several Social Engineering Tricks
The article is intended for white hats, professional pentesters, and heads of information security departments (CISO). Today, I want to share several methods of social engineering that can be used in targeted attacks, that is, in cases where a specific victim (person or company) is selected.
297. Using OSINT for Maritime Intelligence
According to Naval Dome, the maritime industry has seen a 900% increase in cyber-attacks since 2017
298. 7 Ways To Protect Your Personal Information on the Internet
In this day and age, it seems like everything takes place online. From your shopping expenditures to most of your communications, the internet has truly become a part of every part of our daily lives. And while there are several benefits to the ease and immediacy of the digital age, there are also several security breaches that can arise when living a life online. Check out these few key "Dos and Don'ts" to ensure your time on the internet is safe and secure.
299. Five Questions to Ask Yourself Before Creating a Web Project
Web projects can fail for many reasons. In this article I will share my experience that will help you solve some of them.
300. 7 Ways to Prevent and Mitigate Malware Attacks
Knowing how to prevent malware attacks or mitigate those that are already on your devices is crucial. Here are seven effective tips you need to adopt to secure
301. How to Stay Healthy As a Programmer: Common Issues, and Tools to Help You Avoid Them
Programmers spend most of their time in front of the computer screen, mostly sitting. While their brain is actively working, their body does not. Even worse, IT emergencies happen quite often, and engineers usually have to monitor systems or code instant fixes far outside regular working hours. All these factors may cause any number of health issues, all of which every IT professional should be aware of.
302. The 5 Things Businesses Need to Know to Stop Online Fraud!
The 5 Things Businesses Need to Know to Stop Online Fraud!
303. 10 Cybersecurity Books Every Business Owner Should Read
Last year, according to MarketWatch.com, data breaches increased by 17%, which makes understanding cybersecurity an absolute must for all of us.
304. 4 DeFi Security Risks Explained: Understanding Common Vulnerabilities
Vulnerabilities in DeFi contracts led to 44 separate incidents of eye watering losses in 2022. Read about the top four classes of vulnerabilities.
305. The Three Components of Social Engineering Attacks
What Is a Social Engineering Attack?
306. Did the FBI Hack the Bitcoin?
What are the two things that gangsters and business owners have in common? Fear of being caught by the IRS or police for doing something “wrong”. “Big money loves silence,” as they say, and if you attract too much attention from authorities then eventually it could affect your job. Just look at what happened to Al Capone and The Wolf of Wall Street.
307. Your Wi-Fi Cameras may be getting Attacked
Your Wi-Fi security cameras are probably not secure. See how we disable our camera network with a simple DoS attack.
308. Keeping SSH Connection Alive for Longer Durations
SSH connection gets terminated if the server(or client, in some cases) is idle for a certain period of time. It can be fixed by a simple trick.
309. The Importance of IoT Security
Let's look at why security is very important for IoT devices
310. DevSecOps Introduction: Clear Instructions on How to Build a DevSecOps Pipeline in AWS [Part 2]
Welcome to second part of the DevSecOps series. In the second part, we will turn ON/OFF the inbuilt led of ESP32 using AWS Device Shadow Service. Before starting, let's do a recap, in Part 1 we have connected the ESP32 MCU with AWS and able to publish Messages to IoT Core. The following series split into two parts (refer below) with very simple and clear instructions to provision a CI/CD pipeline adhering to DevSecOps principles in AWS. Everything covered from scratch you won't face any difficulty understanding. In case of any clarification, drop me a note on LinkedIn. Feel free to explore them with ease, skip to the one which is relevant to you.
311. Homomorphic Encryption — for Web Apps 🤔 (Part 1)
Where Do I Start?
312. Top 6 Multi-Cloud Security Threats to Be Aware of in 2024
If you’re operating within a multi-cloud environment, here are a few security vulnerabilities you need to be aware of in 2024.
313. How to Authenticate REST Services with OAuth2
There are a few dependencies and considerations one should account for when getting a system with REST services authenticated with an OAuth2 Client for Java
314. DevSecOps Principles and Key Steps for Securing the CI/CD Pipeline
This article will discuss the fundamental principles of DevSecOps and provide key steps for securing your organization’s CI/CD Pipeline.
315. Demystifying SSH Key Types: From RSA to Ed25519
Explore SSH key types—RSA, DSA, ECDSA, Ed25519—and learn their pros and cons, best‑practice generation commands, and how to choose the right key for your needs.
316. New Kids On The Block: Understanding Cold Boot Attacks
In computer security, a cold boot attack is a type of side-channel attack in which an attacker with physical access to a computer performs a memory dump of a c
317. How SuperTokens' Pre Built UI Can Be Used With VueJS
Protect your VueJs app with SuperTokens by easily adding authentication with pre-built and session management to your project right out of the box easily.
318. Rails Security: Eliminating CSRF and XSS Vulnerabilities
“…3,813 breaches were reported through June 30, 2019,
exposing over 4.1 billion records. Compared to the midyear of 2018, the number of reported breaches was up 54% and the number of exposed records was up 52%”. - Source, RiskBasedSecurity
319. What Is Passwordless Authentication and How Does It Work? The Magic of FIDO2 and U2F Standards
Logging into a website or service using the traditional username and password combination isn’t the best or safest way of going about it anymore.
320. How You Can Evaluate the Security of Your NPM Package Dependencies
Imagine that you've been working on a node.js project for a few years now. You started or joined it when you were younger. The code works, you can vouch for that it’s good and secure for yourself and your team. But how do you validate all those NPM modules that saved you so much time and effort over the years? It works, nobody has hacked you yet, so why should you bother?
321. What Does a Decentralized VPN Look Like?
As far as the Internet is concerned one of the most significant hot-button issues has got to be the issue of privacy and restrictions. Currently, everyone seems to have an opinion over the prospect of providing restrictions and keeping other people from having access to some portions of the Internet-technology which, ideally, should have been for us all.
322. How to Use AWS Lambda Authorizer for Flexible and Scalable Web Service Authorization
On one of the projects I worked on, there were 8 services that used Auth0 for front-end authentication and a rotated static token for back-end authentication.
323. Securing your NodeJs Express Application — Part 1
Review common mistakes and vulnerabilities in JavaScript like command injection and see how to secure NodeJs and express using npm packages like hpp and helmet
324. Know how to Fix NET: ERR_CERTIFICATE_TRANSPARENCY_REQUIRED Error
What is Certificate Transparency Required Error?
325. How 5 Massive Data Breaches Could Have Been Prevented
One of the biggest losses for companies? Inadequate cybersecurity.
326. How Employees Can Help Prevent Cybersecurity Threats
Employees need to be aware of the significance of cyber security because cyber dangers have persisted since the creation of the internet.
327. How to Go Passwordless with idemeum JavaScript SDK
One SDK, 10 minutes of your time, and you can bootstrap passwordless auth for your single-page app. With one SDK, you get all the flows: one-click, WebAuthn, an
328. AWS Credentials, Stored Safer
By default the aws cli stored key id and secret in plaintext in a well known location. What could go wrong?!?
329. Overriding the SuperTokens APIs for Custom Usecases
In this blog we discuss how to customize the auth APIs provided by SuperTokens using its “Override” feature"
330. An Intro to API Gateways for ChatGPT Plugins
OpenAI has recently launched a new version of ChatGPT which now allows plugins inside ChatGPT. These plugins can be added directly to the chatbot, providing it with access to a wide range of knowledge and information from its third-party partners through the APIs. ChatGPT plugins can extend its functionality and enhance its capabilities to access up-to-date information such as research travel costs, find out discount information, or help you book flights and order food. You can also build your own plugin that allows ChatGPT to call your API data intelligently.
331. How To Create Secure Registration Flow with PHP and Password Hashing
Building a secure user registration form with PHP seems like a scary task. How do I protect myself from MySQL injection and other methods of hacking. Surprisingly, with only a few steps and precautions, you can greatly reduce the chance of success for attacks.
332. A Brief History in Authentication
Photo Credits: Edward Tin
333. TLS/SSL Decryption: A Pillar of the Zero Trust Model
TLS/SSL Decryption is a central pillar to the Zero Trust Security Model as it helps prevent the blind spots created by encryption.
334. Beyond Localhost: Security, Authentication, and Real-World Sources
Secure your video streaming pipeline with JWT authentication, connect real IP cameras, and deploy production-ready MediaMTX with FFmpeg. Part 2 tutorial.
335. GoDaddy Hit with Widespread Redirect Hack
Over the last few days, website owners, specifically those hosting on GoDaddy, have been experiencing strange redirects to various websites.
336. Everything You Need to Know About Content Security Policy (CSP)
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks including XSS and data injection attacks.
337. Connecting an Apigee Edge API Proxy with Auth0 Platform
In the step by step tutorial learn how to use external OAuth for authentication & Access token created by the external system to secure APIGEE edge
338. Solving the Integer Overflow/Underflow Vulnerability in Smart Contracts
This blog post describes the integer overflow/underflow vulnerability in Ethereum smart contracts and how it can be fixed. Read on to know more…
339. Could the Blockchain Provide True Anonymity?
Is blockchain truly that anonymous as many of its early enthusiasts believed? Well, it doesn't take a security specialist to know that it's not. So the real question here is: what can be done to provide more anonymity and thus better protect the privacy of the blockchain users? I asked BlockHunters CEO Kamil Górski. His company specializes in blockchain security.
340. State of API Security: API Security Best Practices
The word is out about the state of API security as organizations around the world are finally waking up to the potential of Application Programming Interfaces (APIs) transforming business models and directly generating revenues.
341. Why You Should Use IAM Policies to Enforce MFA on AWS
In my past life, I was an auditor and performed hundreds of cybersecurity
readiness assessments. These were sometimes called “gap analysis” and
the essential purpose of these assessments were to provide organizations with the answers to the test for their upcoming official assessment.
342. 8 Benefits of Computer Vision in the Security Industry
AI has revolutionized the physical security industry with computer vision. Here are eight of the most significant benefits.
343. Ransomware-as-a-Service: SaaS' Evil Twin
This article will educate you about RaaS groups and protective measures against ransomware attacks.
344. Biting Back Against Phishers
How one company learned to deal with Phishing attempts that tried to compromise their cybersecurity system and how they learned to fight back against them.
345. 7 Security Mistakes Others Made So You (Probably) Shouldn’t
Explore 7 security mistakes others have made. Learn lessons from them and improve your software security now.
346. A Tale of Two LLMs: Open Source vs the US Military's LLM Trials
This article explores the security posture of open-source LLM projects and the US military's trials of classified LLMs, prominent in the world of AI.
347. Mapping Risk to Cyber Threats, and Adopt Zero Trust by NIST's CSF
NIST's CSF can be a valuable tool for organizations to improve their security maturity. I will take further steps to align CSF to be more understandable.
348. Static Code Analysis for Infrastructure as Code Using Azure DevOps Pipelines
This article explains how to set up static code analysis for infrastructure as code using Azure DevOps pipelines.
349. The Blockchain is a Broken Chain After-all
There are several security issues affecting blockchain. To have a wider adoption, the community must address these issues by implementing appropriate controls
350. How Secure Is BeReal?
BeReal is becoming increasingly popular — but it gives some security experts pause. Here's why.
351. Crypto Wallet Security 101
As a 101 guide, I will explain the common reasons for the sudden disappearance of cryptocurrency inside the wallet.
352. An Essential Guide to Angular User Login and Registration (Cookies and JWT)
In this guide, we will design and implement a complete solution for user authentication including user login, registration, and account confirmation.
353. How to Protect Folders And Files in Windows using Passwords
Sometimes, we need to apply a bit of extra protection to the data on our computers. We might want to protect our tax records from prying eyes, or lock away business plans from our competitors. Or we might just want to ensure that any children with access to our device can't access inappropriate content.
354. How After 400 Hours, Lifting 2MB Limit Drastically Increased Sales
In 2007 a software engineer started to build an online video tutorial site. He had to figure out how to upload tutorials and how to enable people to watch them.
355. How to Pick a Lock for Beginners: The Tech and Tools of the Trade
Lock picking is surprisingly easy, only requiring some basic knowledge of how locks work and how to manipulate them. Read more for the basics.
356. Moving to Capability-Based Security with Flow: A Critical Evolution in Blockchain Security
A walk through of capability-access control, part of the Flow blockchain, which facilitates selective access to resources, decentralizing large attack vectors.
357. Corporate Hacking: How It Happens and How to Protect Your Business
In this article, we’re going to take a look at some of the most common ways that companies get hacked as well as some of the most famous examples.
358. WhatsApp Alternative Messengers: What to Choose for Security
Today there exist a lot of alternatives to WhatsApp, which -- just between us girls -- are really the main focus of this article.
359. Does The Best Secure Email Really Exist?
In case you are not in raptures when corporations persistently feed you with targeted advertising and 'bad guys' gain access to your private data, probably you need to replace your email service to more secure analogue with reliable encryption.
360. Why The Rubber Duck is The Ultimate Hacker Gadget
The idea of rubber duck debugging is straightforward. When you are struggling with a problem, you simply ask the duck.
361. Secure Sessions in JavaScript: Forking Express-Session to Improve Security
If you ever made a webapp in JS, chances are you used Express as a web framework, Passport for user authentication and express-session to maintain users logged in. This article focuses on sessions and how we forked express-session to make it more secure.
362. A Guide to the Best VPN For Your PS5
Don’t freak out, but the moment we have all been waiting for so long has finally arrived. PlayStation 5 is here and ready to be played.
363. Is Complexity the Enemy of Security?
We've all heard the cybersecurity mantra "complexity is the enemy of security." But is it true?
364. Site Reliability Engineering with Amazon Web Services
The top AWS tools for SRE Adoption: CloudWatch, CloudTrail, Elastic Load Balancers, Health Checks, GuardDuty, and infrastructure security.
365. How to Protect Your Smart Vehicle from Cyberattacks
Smart vehicles make driving a thrill! However, they are vulnerable to cyberattacks. Making smart security choices keeps you safe and your connected ride secure.
366. Network Scanner Working and Implementation
In this blog, we will see how a network mapper works and how we can implement these network security tools in Python for our cybersecurity related projects
367. 8 Sources of Cyber Threat & Domain Intelligence for Enterprise Security
The cyber threat intelligence market is expected to keep growing with new and improved commercial security products and managed security services. As part of these offerings, comprehensive and accurate threat intelligence sources such as domain intelligence are essential in facilitating threat detection, correlation, mitigation, and response.
368. Why Private Search Engines Are The Future...
Private search engines aren't just for people wearing tinfoil hats anymore. Over the years these search engines have improved their search results and added new features to make the experience better for their users.
369. So, You Want to Be a Hacker?
Explore cybersecurity through Capture The Flag competitions! This article invites beginners to a thrilling CTF event, offering a hands-on way to learn hacking!
370. How Hackers Host C2 Servers on Google Infrastructure (Google Sheets & Drive)
A guide on how to use Google Workspace's Drive and Sheets (formerly G-Suite) to communicate and exfiltrate information natively Drive and Sheets.
371. Web3, Good Hygiene, and the Need for End to End Security
Having a smart contract audit is a lot like washing your hands– do it only once, and be prepared for the consequences.
372. Everyday Use of Internet Of Things (IoT)
Internet of Things (IoT) is the inter-connectivity of computing devices that are embedded in everyday objects, enabling them to send and receive data. It is simply defined as an extension of internet connectivity introduced into physical devices and everyday objects. These physical devices range from ordinary household objects to sophisticated industrial tools.
373. Blockchain in terms of philosophy: From Plato to Foucault
Explore the philosophical roots of blockchain concepts in parallel with ones in the history of thought, tracing them from Plato to Foucault.
374. The CRITICAL Log4j Java Vulnerability: How to Detect and Mitigate It
CVE-2021–44228 (Log4Shell) is an unauthenticated Remote Code Execution(RCE) vulnerability & 0-day exploit which allows an attacker to take over a system
375. 7 Most Common Zelle Scams to Watch Out For and How They Work
A list of the most common Zelle scams on the internet.
376. Dungeons and Disaster Recovery: Tabletop Exercises for IT Training
Tabletop scenarios are a great, and under-used tool for training and preparing for crises. They're engaging, easy to use, and budget-friendly.
377. Secure Your Next.js Apps with Jscrambler
In this article, we’ll look at how you can integrate Jscrambler into your Next.js app development workflow.
378. HackerOne Finds Massive Security Failure In PayPal’s Login Compartment
In today’s highly digitized environment, the capabilities to change our lives for the better are virtually endless. The cooperation of humans and technology - be it hardware of software - has made our lives easier and more productive.
379. Mastodon: What You Need to Know About Its Privacy and Security
We wanted to share what we’ve learned about the privacy, security, and culture of this platform as we parse these dynamics ourselves in real time.
380. CSMA is More Than XDR — An Introduction to Cybersecurity Mesh Architecture
Just consider how many service providers and models are in the picture. Therefore, it is time for a new and better approach — Cybersecurity Mesh Architecture.
381. Proxy Servers for Your Data Science Project: A Comprehensive Guide
A data-driven intro to proxies in the context of web scraping.
382. Using AWS Macie To Classify Databases
I'll show how to use Macie to scan any database, inclusive on-premises, to discover sensitive data on tables.
383. What Is the Vulnerability Rating Taxonomy (VRT)?
Developed and open-sourced by Bugcrowd, it’s a system designed to address the inherent shortcomings of CVSS ratings when viewed in isolation.
384. What Is Risk Management And How To Integrate It Into SDLC: Best Explanation Ever
This article describes the primary concepts associated with organizing and managing the system-related information security risk in organizations.
385. A Comprehensive Guide to Penetration Testing
We'll go through the Top 5 Pen Testing Firms in this blog article, as well as what makes them special.
386. 7 Ways How Hackers Crack Your Passwords
DISCLAIMER: The article is intended to be used and must be used for informational purposes only.
387. XDR and its Components Explained — Open XDR vs. Native XDR
Companies have a few options for extended detection and response (XDR) products. But in general, there are primarily two types of XDR —Open and Native.
388. Yes! OpenTelemetry is a Critical Part of Securing Your Systems
OpenTelemetry (OTel) is an open-source standard used in the collection, instrumentation, and export of telemetry data from distributed systems.
389. How to Be Careful When Sharing WiFi Password With QR Code
Share your QR code of your network carefully, mistakes can lead to disaster
390. Why Webhook Security Matters
Webhooks are a very powerful tool, and when used correctly are also very secure. Svix automatically takes care of these security aspects for you, and offers eas
391. The SOcial LInked Data (SOLID) Project of Tim Berners Lee: An Organizational Take
The web is more a social creation than a technical one. I designed it for a social effect—to help people work together―and not as a technical toy.
Tim Berners-Lee, Weaving the Web, 1999
392. The Cybersecurity Writing Contest 2022: Round 2 Results Announced!
Hackers, the Round 2 Results for the Cybersecurity Writing Contest by Twingate and HackerNoon are here!
393. How to Keep Your Mobile Devices Secure
Our phones are our lifelines. They hold our prized possessions such as photos, music, and texts from our loved ones. So, why wouldn’t we do everything we can to
394. Is Your AI-Generated Code Really Secure?
AI-generated code is leading cause for top 10 vulnerabilities and nearly 40% of code has security bugs.
395. In Layman's Terms, What is the Difference Between Node and Deno?
Worried that dinosaur or sock shaped "deno" is going to kill our favorite Node? Let me help you to get out of this dilemma.
396. Modernizing Secrets Scanning: Part 2–the Semantic Eureka
In the previous part, we examined different types of secrets, understood the core problems, and hit a dead end. Now we are going to make a breakthrough!
397. How to Securely Log Users Out of iOS Apps with Inactivity Timeout
Many apps have a feature that automatically logs you out after a certain period of inactivity. Some apps log you out based on API inactivity, while others imple
398. Connect EC2 Remote Nodes from Ansible Control Node by retrieving secrets from SSM Parameter Store
Ansible Provides features like Ansibles Vault, Filters & etc. to encrypt Sensitive data like Private Key or Password which primarily use to SSH/WinRM to the rem
399. Where Do Hackers Live: A Deep Dive into My Website's Security Logs
I was casually doing a security audit on my blog recently and decided to look a little deeper into my security logs. With a bit of Linux command line kung fu, some Golang, and Google sheets, I was able to get a pretty good idea of where the attacks are coming from.
400. Digital Identity Verification Trends for 2023
As the world becomes increasingly digital, the need for secure and efficient digital identity verification has never been greater.
401. What Does the Future Hold for Cloud Security?
Cloud security is something that every business needs to take seriously. In fact, ignoring cloud security could prove to be a fatal move for many organizations.
402. GitHub Free Security For Repositories Tools Roundup

403. Can Blockchain Solve Open Bank Issues?
According to Tearsheet:
404. It's Raining Cyber Attacks: Cybersecurity in the Cloud
With the latest news and advancements in the cybersecurity world, we will see how these new rules impact modern cloud applications.
405. Sharing Your WiFi Password: The Hidden Consequences
People tend to ask for WiFi passwords when they enter a space they will stay for a while. The same people expect the host to provide it, no questions asked. The
406. How to Combat Cyber Security Threats and Attacks
Progress in complex technology can result in the ‘progress’ of complex threats.
407. Hidden Cameras in Hotels and Rented Houses: How to Find Out if Someone Is Spying on You
Beware of the possible presence of hidden cameras in hotels and rental homes. Let's go into the details and see how to find out if someone spies on us.
408. Blind Attacks: Understanding CSRF (Cross Site Request Forgery)
This article contains complete (and step-by-step) information about CSRF attacks.
409. What is Customer Identity and Access Management (CIAM) and What Are its Benefits
Today's online space is all about identity and at the core of it lies customer identity and access management or CIAM.
410. Vibe Coding Is an Addiction
AI coding tools like Claude Code and Cursor have made building so easy that the act itself becomes addictive. Here's how to recognize the dopamine loop.
411. Exposing Secrets on GitHub: What to Do After Leaking Credentials and API Keys
As a developer, if you have discovered that you have just exposed a sensitive file or secrets to a public git repository, there are some very important steps to follow.
412. Building a Login Screen With React and Bootstrap
Build an elegant login screen super fast using React and Bootstrap
413. How to Choose the Right Messenger
One of the most common questions users have when it comes to privacy is about messaging services. It seems almost all of them mention some level of privacy or encryption to entice the user to sign up for their service, but how can you be sure you’re using the most secure, privacy respecting platform?
414. Designing a URL Shortener in Deno
In this article, we’re going to learn the basics of Deno, like how to run a program and embrace security.
415. How To Build JWT's in Go
Go is becoming very popular for backend web development, and JWT's are one of the most popular ways to handle authentication on API requests. In this article, we are going to go over the basics of JWT's and how to implement a secure authentication strategy in Go!
416. Futurism in Africa: Creating New Realities With The Power of Technology
How should we use technology for our benefit? What are the risks, and how do we manage them in the Gambia?
417. The Log4j Bug Can't Hurt WordPress - But There's an Ongoing Attack That Can
On December 10th, the studio behind the ever-popular sandbox game Minecraft published a blog post detailing a bug it identified in Log4j.
418. 5 DevOps Security Challenges in 2020
In the beginning, a single developer worked on 100% of the code base that lived on their machine. Inevitably, at some point, they wanted to share their code, or back it up, or even create a simulated testing environment. On that day, they began the process of moving from Dev to DevOps. Since then, the world has changed drastically.
419. Check Point Security Breach: A Leading Cybersecurity Company Has Been Breached
Check Point, which bills itself as the leader in cybersecurity solutions, has been breached. Data records of over 5k ZoneAlarm forum users have been hacked.
420. What the Heck Is Envelope Encryption in Cloud Security?
If you are going deep into cloud security you may have seen the term “Envelope encryption”. Let’s explain the concept and why it is useful.
421. Protecting Your Supabase App With SuperTokens Authentication
Learn reasons why you should choose SuperTokens as your auth provider and why it pairs so well with Supabase in protecting you and your online infrastructure
422. Cybersecurity Stocks Drop as Anthropic Launches Claude Code Security Tool
Cybersecurity stocks fell after AI company Anthropic unveiled Claude Code Security
423. How to Securely Host Node-RED in Cloud (For Free), and Safely Expose it to the Internet over HTTPS
Node-RED bridges the finest pieces and abridges backyard to market delivery. This article intends to teach readers to host a secure & highly available Node-RED instance. For a couple of weeks, I worked on a project where I need to secure my Node-RED.
424. 100 Days of AI, Day 17: The Different Ways Security Attacks are Created Using LLMs
This post covers different security attacks possible using LLMs and how developers are adapting to them.
425. What the Log4j Incident Means for Open Source and the Entire Internet
We will see the real fallout of Log4Shell in the upcoming weeks and months as right now servers worldwide are being scanned and prodded for this vulnerability.
426. How To Harden Your Docker Containers Using Seccomp Security Profile
Secure Computing Mode, also known as Seccomp, is a Linux kernel feature that improves several security features to help run Docker in a more secure environment.
427. How to Use React.JS in a Secure Way
It’s easier to find a remedy and defend against the known enemy if you know the most prevalent React vulnerabilities.
428. Clickjacking Attacks: What Are They and How to Prevent Them
Clickjacking refers to any attack where is user is tricked into clicking any unexpected web element unintentionally. It is a malicious practice in which the attacker tricks a user to click on another webpage who actually clicks on another page. This technique is mostly used for websites or web pages by overlaying malicious content over a trusted webpage or by placing a transparent element or an entire page over a visible one.
429. DeFi Exploits and Bridge Attacks Emerge as the Top Deterrents to Wider Crypto-Adoption
Blockchain is a very secure technology in theory but it hasn't enjoyed great PR recently. There's always news of a hack which begs to differ with the technology
430. 8 Crucial Tips for Hardening PostgreSQL 14.4 servers in 2022
As of July 13th, 2022, there are 135 security flaws reported to the CVE database. Here are 8 essential measures you can take to protect your PostgreSQL server.
431. Cyber Security vs Information Security
Both cyber and information security are linked by the core discipline of security, and overlap between the two but we need to recognise the difference.
432. Key Questions to Ask your DevOps Teams About Containers and Kubernetes
DevOps teams are responsible for balancing two important forces
in their organizations’ software development efforts: shorter delivery cycle
times for applications that continue to increase in size and diversity.
433. How I Learned To Stop Judging People for Falling Into Cybersecurity Traps
It’s all too easy to feel superior to the rest of the world when you work in IT day in and day out. And it’s easy to judge “the common people” for falling victim to cybersecurity scams that your highly trained BS radars would flag in a hot second.
434. How Does One Audit DeFi Platforms?
The safety of users' funds in DeFi isn't guaranteed by monetary authorities.
435. Experts Warn: Amidst Budget Cuts, The Pandemic Calls for Stepping Up Security Efforts
These unprecedented times have pushed us to adapt distinctive lifestyles contrary to what we’ve been used to for a millenia. Industries like finance, law, banking and the public sector where culture has traditionally frowned upon working-from-home, are compelled to succumb to such mandates out of necessity. As much rampant the unfortunate layoffs, hiring freezes, and budget cuts across travel and hospitality industries are, data breaches have been on a steady rise. And this is an important observation that we can’t afford to overlook.
436. A New LinkedIn Vulnerability Exposes Jobseekers to Phishing Attacks
The latest LinkedIn vulnerability can be exploited by con artists for massive phishing attacks, identity theft, and employment-related scams.
437. WormGPT - The Newly Discovered Generative AI Tool for Cybercriminals
Writing about how a cybersecurity firm recently discovered new cybercrime tools based on AI!
438. 10 Best Practices for Securing Your API
This is a brief blog on the Top 10 API security practices that can help users to keep their API safe from cyber attacks.
439. The Cybersecurity Writing Contest by Twingate and HackerNoon
Yasssss The Cybersecurity Writing Contest is here! HackerNoon is excited to host the contest in collaboration with Twingate!
440. How to Protect Yourself Inside the Metaverse: Do NOT Fall Victim to Virtual Maniacs
Crimes will continue.
441. After scanning over a million apps — 3 things Mobile App Devs need to know about App Security
Hackers might not attack you. Bots will.
442. Decentralized Storage: Confronting the Challenges
Decentralized storage is still far from mature. Three key obstacles - technical, regulatory and adoption - currently stand in its way.
443. Why You Should Implement Zero Trust Security for Your Remote Workforce
The recent mass shift to remote work will likely have lasting effects on how businesses run. Companies will sustain a work-from-home model, at least partially, so security professionals must adapt to this new workflow. One of the best ways to ensure remote team security is with a zero-trust model.
444. 5 Reasons to Put Your Crypto Addresses under Real-Time Monitoring
If you are fairly consistent in your daily routine, customization features of real-time transaction monitoring services can act as an extra pair of hands. 👆Pic credit: PARSIQ.
445. Hashing, Salting, and Verifying Passwords in NodeJS, Python, Golang, and Java
How to hash and salt passwords in different languages and why it's important to do so
446. The Importance of Message Authentication Code in SSL/TLS
Transport Layer Security, better known as SSL/TLS, is an encryption protocol designed to offer secure communications over the internet to improve user privacy.
447. Five Guidelines for Robust Logging
This article describes best practices for standardized logging from the point of view of performance, debuggability, and security.
448. The Hermit Spyware: How to Protect Yourself From It
Hermit Spyware is an advanced spyware designed to target iOS and Android mobile devices.
449. 93 Stories To Learn About Networking
Learn everything you need to know about Networking via these 93 free HackerNoon stories.
450. What Is a JSON Web Token (JWT)?
JWTs or JSON Web Tokens are most commonly used to identify an authenticated user. They are issued by an authentication server and are consumed by the client-ser
451. Malicious Artificial Intelligence Enables Deepfake Kidnapping Scam
Fake kidnapping scam victim Jennifer DeStefano gave a testimony before the US Senate on artificial intelligence.
452. Handling Sensitive Data: A Primer
Properly securing sensitive customer data is more important than ever.
453. The Hidden Security Risks of QR Codes
In our current contactless society, QR codes are having a day in the sun. Many restaurants are now letting customers scan QR codes at the table to access digital menus. Some restaurant owners say digital menus may be around long past the current pandemic. But as QR codes are gaining wider adoption, it's important to understand the security risks.
454. Tor Vs. VPN: Which is Better
What is Tor
455. Revoking Access to JWT tokens with a Blacklist/Deny List
Learn how to maintain a JWT blacklist / deny list using an in-memory data cache.
456. WireGuard Protocol and NordLynx, or why your VPN got a lot faster recently?
Several years ago, a casual Internet user asked about VPNs would most likely scratch his or her head in uncertainty. Sure, VPNs have been around since Microsoft developed the PPTP protocol in 1996 and granted employees a somewhat safe remote access to confidential business resources on distant databases. But in 1996 there was a total amount of 36 million Internet users, and cybersecurity was an oblique idea for most of them.
457. OWASP Top Ten Security Vulnerabilities To Look After
About OWASP:The Open Web Application Security Project (OWASP) is a non-profit entity and an open internet community particularly dedicated to advocate organizations with cost-effective approaches in secure code development, secure code review, test, and maintain develop applications. The OWASP apply people, process, and technology pattern on existing and raising issues with the secure application development with OWASP provided libraries, security tools, and industry-standard materials. To ensures the project’s long-term success associated people in your organization with OWASP is a volunteer, including the OWASP board, chapter leaders, project leaders, and project members.
458. How to Make Your WordPress Site Safe and Fast With Amazon Cloudfront
How to make your WordPress site safe and fast by using Amazon CloudFront to keep your site private and harder for malicious actors to access and tamper with.
459. Uncover Some of the Best Practices For Secret Management
Secrets are digital credentials used for authentication and authorization.
460. Understanding Chrome V8 — Chapter 2: Hello World
Welcome to other chapters of Let’s Understand Chrome V8
461. Pysa: A Tool to Prevent Security Vulnerabilities in Python

462. Cross-Site Request Forgery (CSRF) Attacks: An Emerging Threat to Browser Security
CSRF attacks accounted for almost 5% of all application layer attacks in 2022 - a statistic that is rising every year.
463. How AI Solves SCADA System Questions Around Remote Security
Security is a massive global industry and it is extremely diverse. Whether it is the protection of prize racehorses, or guarding utility infrastructures, the ‘threatscape’ is increasingly complex and requires a convergence of cybersecurity and the more traditional, physical forms of preventing theft and other forms of criminal activity.
464. A Simplified Guide to TLS Certificates 📝
Learn how digital certificates ensure secure internet communication. Understand Certificate Authorities, certificate verification, and TLS certificate types.
465. Common Attack Vectors that Authentication Services are Faced With
Hacking user accounts on many websites is still easier than it could and should be. This blog post helps you secure your application against identity theft.
466. ZKPs and Quantum Computing: Formidable Allies for Lightyear Innovations
Zero-knowledge proofs (ZKPs) and quantum computing are excellent technologies that can be optimized to accelerate technological advancement in the shortest time
467. Build your own User-friendly Cross-platform Password Manager
I use a local password manager on my computer: I just stick with a password, which is the only password I memorize.
468. Authorization With User Roles (RBAC)
Authorization is all about answering the question “Is this user allowed to do a certain operation?”. In this post we go over how you can implement RBAC
469. Combating Crypto Breaches: Smart Cybersecurity Practices You Should Know
Investing in crypto requires strong defenses against security breaches. These tactics can help keep your funds safe.
470. Adding Encryption to a Fast Database, Without Compromise
This article will be of particular interest to people who are curious about how powerful encryption can be implemented in high performance systems. It is also for people who just want to know a bit more about how strong encryption works and how all the pieces fit together.
471. Understanding The SEC's New Cybersecurity Rules: Impact on Public Companies & Practical Responses
Understand the SEC's new cybersecurity rules for public companies, and key tools (SIEM, logging, monitoring) for compliance in incident detection and response.
472. From Passwords to Passwordless Authentication
Passwordless authentication is gradually replacing the password-based authentication practice. The CIA triad of Cybersecurity is changing rapidly. Learn how.
473. 10 VPNs for Netflix That Actually Work: Unlock Any Series
Explore top VPNs for Netflix, understand their pricing and features, and learn how to set up a VPN for seamless streaming in this guide.
474. How Organizations Can Build Trust And Security Through Digital Identities
Exploring how we can solve the issue of trust by securely identifying people online, while providing digital convenience and a seamless customer experience.
475. What is Purple Teaming in Cybersecurity?
Purple teaming is maximizes the effectiveness of the Red and Blue team. It is a function that encourages the two teams to work together, exchange information.
476. An Introduction to Server Side Template Injection Bugs
Server Side Template Injection (SSTI) bugs are a less commonly known type of vulnerability in web application security. Although these bugs are rare, they can h
477. I Hacked An Android App To Get A Free Haircut
Android apps are mainly composed of a bunch of binaries bundled together, built from compiled Kotlin or Java code. The original source code can be easily reconstructed by several light-weight tools, found on the top of a google search page.
478. Smart Contracts Will Change the World: Here's Why
Ethereum was launched in 2014 being the first blockchain with smart contracts. This changed the crypto industry forever. Let me explain why.
479. Automatically Scan Your Project Dependencies for Vulnerabilities Using Docker, Jenkins (Part 1/2)
Find out how to automatically check your software projects for potential vulnerabilities caused by 3rd party code.
480. Where You Can Go In The Aftermath Of The LoRaWAN Hack
By JP Norair
481. About History and Irony of Logging (in)
The story of event logging begins at sea and is related to navigation. One of the important aspects of navigation is <a href="https://en.wikipedia.org/wiki/Dead_reckoning" target="_blank">dead reckoning</a>: estimating your current position based on course, speed and time from a known, observed point. In the end of 15th century, speed at sea was measured with a small wooden log. A so-called ‘Dutchman’s Log’ was dropped overboard from the bow of the ship and the navigator measured the time elapsing before it passed the stern.
482. Have Your Privacy Cake on Android and Eat it Too
How to set up your Android phone to provide ultimate privacy while also letting you use the latest applications.
483. Hacking Unikernels Through Process Injection [A Step by Step Guide]
A lot of people have this mistaken notion that unikernels have this 'unhackable' characteristic about them. This is untrue. They absolutely are hackable depending on what is deployed and how they are configured.
484. Web3 Security in 2023: A Billion Dollar Problem
The world of DeFi & Web3 evolve rapidly, but security flaws come with it. This article is about Web3 security in 2022/23 through Cyvers Security Report.
485. 6 Signs of an Office Phishing Attack
When it comes to phishing attacks, bait often comes in the form of a compelling email. Therefore, anti-phishing awareness is vital, both at home and at the office.
486. IPFS – The New Internet's Protocol
IPFS can be seen as a new decentralized Internet infrastructure on which various applications can be built in a secure & resilient way.
487. Replicated Security and Why it Matters for Cosmos
RS is a shared security system that allows a larger chain, known as the provider chain, to provide security to a smaller chain, known as the consumer chain.
488. What is a Man In The Middle Attack? Eavesdropping at its best.
MitM attacks are the type of attacks where the attacker eavesdrop between two consequently communicating hosts by putting himself in between the point of data transmission. This allows the attacker to “Listen” to what the hosts are communicating and “Read” them. The Attacker here could gather the data, alter it and send the manipulated data to the receiver and vice versa.
489. Great Methods To Create A Password File To Prevent Brute-Force Attacks
Brute-forcing a really important method that a hacker or a pentester must be aware of and he will use in various places.
490. Securing Java Applications in the Cloud: Best Practices and Tools
In this article, we will focus on Java and discuss various good practices and tools that enable us to secure Java applications in the Cloud.
491. Software Developers' Top 12 Secure Software Development Lifecycle (SSDL) practices by Microsoft
Microsoft Secure (SDL) practice focused more on the reliability part of the software, security vulnerabilities, threat modeling, compliance, reporting, IRP.
492. Biometric Data and Privacy: Here’s What You Need to Know
Biometrics are metrics that can be used to identify a person. This article discusses biometric data and its privacy concerns & how to protect biometric data.
493. Data-Driven Advertising and Its Impact On Our Privacy-Driven World
Do we actually need so much data to do effective marketing?
494. If You Wanna BYOD, You Gotta Get with Cybersecurity
This article brings your attention to the sensitivity of Bringing Your Own Devices to work.
495. How Axon Body-Worn Cameras Prevented These Men From Going to Prison
Explore the impact of Axon body-worn cameras in exposing police misconduct and aiding justice in the story of Nick Patterson's peaceful protest
496. Nullmail: Privacy-First Disposable Email That Actually Works
Nullmail is a privacy-first disposable email service that creates instant temporary inboxes without tracking or signups.
497. The Collector's Guide to Avoid Insidious NFT Scams
Even the savviest people can be scammed. Learn the anatomy of an NFT scam and how you can protect yourself and the community from scams and scammers.
498. How to Hack Ethically
Ethical hacking's main goal is to find a system's flaws or vulnerabilities and secure it against hackers.
499. How to Set Up SSH Login Notifications with IP geolocation
Server admins commonly use SSH to login to Linux servers. It is also good to setup SSH notification with IP geolocation for better security.
500. What Qualifies You To Be A Cybersecurity Professional?
Data breaches and ransomware attacks are getting more common. If you want to get in on this industry as a cybersecurity professional, you need qualifications.
Thank you for checking out the 500 most read blog posts about Security on HackerNoon.
Visit the /Learn Repo to find the most read blog posts about any technology.
