EvilGinx – how to simulate a Man in the Middle attack?

EvilGinx – how to simulate a Man in the Middle attack?
Phishing has become the most popular vector of attack.Many attackers use the man-in-the-middle technique. This means that the attacker mediates the communication between the user and the server. This tactic, allows the attacker to bypass 2FA authentication with an app, SMS or one-time code. There is software available on the market to simulate such an attack.. One…

Ideas for unique gifts related to cyber security – part 1

Christmas is getting closer and closer, and if you want to surprise your loved ones with something unconventional, practical and…. secure, I've prepared a list of cyber security inspirations. These ideas are unusual, but sure to be appreciated by technology fans and privacy-minded individuals. 1. Hardware U2F/FIDO2 key - YubiKey For whom? For anyone who uses online…

How to use Microsoft Secure Score to assess Office 365 security?

Microsoft Secure Score is a tool developed by Microsoft and designed to help organizations assess and improve the level of security in the Office 365 environment. It is an indicator of the level of security of our tenant and can be considered as a guide that indicates the actions to be taken to improve security. What is…

How to check if a link is safe? Practical tips

Every day, we receive countless emails and browse many websites – this has become a norm. However, with this convenience also comes risk. Links can lead to malicious websites, viruses, or even phishing attempts. So, how can you check if a link you're about to click is safe? In this article, we'll discuss several practical steps to…

What are penetration tests?

What are penetration tests?
The fact is that we are increasingly dependent on systems. The threats associated with cyberattacks are becoming more real. For both companies and public institutions, one of the key elements of data and IT system protection is penetration testing, also known as “pentests.” What lies behind this term, how does such a process work, and why is…

How to secure your IoT devices: 6 practical Steps

How to secure your IoT devices: 6 practical Steps
IoT (Internet of Things) devices bring incredible convenience and functionality, but they also come with risks since they are connected to the Internet, which opens the door to potential threats. To protect your data, privacy, and devices, it is essential to understand and implement the following steps that will help you secure your assets. 1. Change default…

Is a VPN in a company enough security?

Is a VPN in a company enough security?
In today's world, where cyber threats are becoming more complex and widespread, many companies have or are just deciding to implement a VPN as a key component of their security strategy. A VPN offers a number of benefits, such as encryption of data between a company and an employee or between company branches and anonymity on the…

How to secure KeePass with YubiKey

How to secure KeePass with YubiKey
Obecnie mamy coraz więcej kont w serwisach internetowych. Nie sposób zapamiętać hasła do wszystkich kont, w szczególności jeśli chcemy aby nasze hasła były odpowiednio długie, losowe i unikalne. Tutaj z pomocą przychodzą nam menadżery haseł. Jakiś czas temu napisałem wpis why and how to use KeePass. The password database file is, of course, password-protected using strong encryption,…

10 steps to have better secured email mailbox

Email is today’s essential work tool. It’s hard to imagine life without email. We use it both at work and in our personal lives. However, this fact also poses a threat to us. The number of email-related scams continues to rise, which means that if we don’t take additional steps to secure ourselves, we’ll be at risk.…