Today I am going to do a quick demonstration of how to easily install a suite of security testing tools from Kali Linux onto a Ubuntu machine. For a bit of background information, Kali Linux is a distribution derived from Debian. Its sole purpose is to provide a suite of tools for penetration testing (pentesting) and forensics. It is provided by Offensive Security, an organization dedicated to providing security training. There is a very long list of tools available for Kali. Such tools include (but are not limited to) forensics, vulnerability checks, access checks, and stress testing.

The latest attack of a worldwide malware, the already famous WannCrypt, has not only made clear the security of hundreds of companies in the world but also how much we sometimes get involved in handling the terminology of these threats. Is a virus the same as a malware? And what is a ransomware and how is it different from other threats?

​In this time where everybody is attempting to ensure their information and protection, we hear a considerable measure about the TOR network. Some sing acclaim while others think of it as an apparatus for crooks. ​In this article, we give you the working standards of TOR by portraying likewise its preferences and drawbacks.

Security is a major concern when designing web apps. And I am not talking about DDOS protection, using a strong password or 2 step verification. I am talking about the biggest threat to a web app. It is known as CSRF short for Cross Site Resource Forgery.

Have you ever wondered whether Linux is strong enough to secure your system? This is a frequently asked question especially for those starting out with Linux. The answer is yes. But the second consideration here narrows down to, what is your experience level with Linux if you can configure some of its firewalls or just the capability to use these firewalls which sometimes can be a nut to crack.

SSH is a famous way to connect to remote machines securely and easily. You can use SSH to connect to your cloud server/VM or a friend’s PC or almost anyone remotely to perform certain activities you want. For instance, I use SSH to connect to my Google Cloud Console so that I can manage my VM via my terminal rather than opening an ssh connection in the browser. Your reason can be different but in the end the goal is to connect to a remote machine locally.

Imagine this scenario: you have files on your computer that you would much rather keep safe. Such files could contain sensitive data such as passwords and bank details. Keeping them on your computer is a convenient solution; however, if your computer was hacked or stolen, someone could easily access your files if your drive wasn’t encrypted. Passwords to unlock your PC are no object to someone who knows what they are doing, especially passwords that are ridiculously weak.

The beginning of the year 2018 brought new challenges in the form of Spectre and Meltdown vulnerabilities in most of the processor architectures.  In layman terms, both of these vulnerabilities allow hackers to steal sensitive data like passwords.  This vulnerability is applicable to Intel, AMD, and ARM. This means the problem is universal as it affects almost all devices ranging from embedded devices, smartphones, desktops, and servers to supercomputers.

​Everyone is talking about Meltdown and Spectre, the two security flaws found in Intel, AMD(less vulnerable) and ARM CPUs. Using the flaws attackers can read system memory which may have your passwords and other sensitive information. The worst part of it is that most systems are affected by it. So you're most likely affected by these flaws. Let's see how much an Internet surfer like you is affected by Meltdown.

Today Google security blog has posted about the two vulnerabilities that put virtually many computers, phones, laptops using Intel, AMD and ARM CPUs at risk. Using the two major flaws hackers can gain read access to the system memory that may include sensitive data including passwords, encryption keys etc.