This is why you don’t accept free USB sticks

USB sticks can have more than bad stuff on the flash portion of the drive, the firmware can be tweaked to emulate a keyboard as a Hardware Input Device (HID). Wonderhowto.com has a walkthrough showing how easy it is. Hackaday has a great explanation of why plugging random USB devices into your computer can lead […]

Rapid7 on Implementing a Phishing Awareness Program

Via Whiteboard Wednesday: How to Implement A Phishing Awareness Training Plan in 5 Steps: In this tutorial you’ll learn: Where to start when implementing a phishing awareness training program Which aspects of phishing warrant user training How to conduct phishing simulation tests What an ongoing training program looks like How to baseline and measure training […]

GhostInTheNet – protects Linux from MITM/DOS/scan

Full details at: https://www.kitploit.com/2017/12/ghostinthenet-ultimate-network.html How it works The basic and primary network protocol is ARP for IPv4 and NDP (ICMPv6) for IPv6, located in the link and network layer, provides main connectivity in a LAN. Despite its utility and simplicity, it has numerous vulnerabilities that can lead to a MITM attack and leak of confidentiality. Patching of such […]