All about SSL certificates

You may have heard something about SSL certificates while building and operating a website, but you haven't dared to look into the matter in detail until now. But believe me, it's not as complicated as it sounds. What is this certificate? An SSL certificate is a digital signature for a…

Continue ReadingAll about SSL certificates

CAUTION, it’s a trap: What is Social Engineering?

What is social engineering, and how did that come into existence? Social engineering or "human attack" is a set of psychological and sociological techniques, approaches and methods that make it possible to obtain confidential information. "Hi! I ended up in a difficult situation. Can you borrow 50 euros?" Have you…

Continue ReadingCAUTION, it’s a trap: What is Social Engineering?

Securing Files & Directories using ACLs in Linux

Our top priority is to secure and protect data from unauthorized access. We are all aware of the permissions we set using some handy Linux commands like chmod, chown & chgrp. However, these default permissions sets have some limitations and at times do not work to meet our requirements. For…

Continue ReadingSecuring Files & Directories using ACLs in Linux

Mitigate attacks with iptables, fail2ban and ipset

In this short article, we will describe useful steps to prevent attacks and other malicious attempts like DDOS attacks and various Nmap scans. Assuming we do the configuration on a Debian-based system. First of all, we need to install the necessary tools apt-get install ipset iptables-persistent fail2ban Let's start adding…

Continue ReadingMitigate attacks with iptables, fail2ban and ipset

Security exercises: how to shield your organization from phishing

If you have received emails about fabulous winnings or have received calls from suspicious bank employees to find out the code from a text message, know this: this is phishing, an attempt to steal your data or money through malicious links. It can affect both individuals and large companies and…

Continue ReadingSecurity exercises: how to shield your organization from phishing