Security for Newbie
Investigate the cause of a cyber attack through log files
This time, I received a request to analyze log files to find the cause of an attack on a company’s website using WordPress. Website was attacked by hackers and data was deleted. Below is an image of “one corner” of the log file. In this investigation, I used SublimeText 3 and Google :v Initially, I…
[Shodan] – Search engines serve security, or the evil eye?
Shodan ( https://www.shodan.io/ ) is a search engine designed by web developer John Matherly ( http://twitter.com/achillean ). Shodan is a much different search engine than content search engines like Google, Yahoo, or Bing. Shodan is a search engine to find online devices on the internet such as: computers, servers, webcams, routers… It works by scanning all devices on the…
Cyber security & frequently asked questions
Cyber security is one of the important issues for units operating on digital platforms. In this article, VSEC will provide you with frequently asked questions when you are new to the field of Information Security. 1. Why do hackers hack? – Cyber security is the activity of protecting computers, servers, mobile devices, electronic systems, networks,…
Improper permission management leads to privilege escalation in Chamilo LMS
Introduction: On April 22, 2020, I wanted to find a CVE for myself and after some searching, I chose Chamilo LMS. This is the second vulnerability I found in Chamilo LMS 1.11.10. I had high hopes for this vulnerability to be given a high score, but the outcome was that Chamilo didn’t know how to…
The main reasons causing security risks
On a summer day at the end of April 2017, Mr. Truong Duc Luong, Director of VSEC, had a talk on the current hot topic of information security risks at a small conference organized by VSEC in Hanoi, Vietnam. The conference covered many aspects that information security risks could be caused on servers as well…
MIPS Assembly Language (P2)
Gone is the one… the autumn coat is folded Still hiding a bit of golden sunlight in the flap My sorrow growing on branches as leaves Not fall off quickly but wait for another autumn Hello everyone, it’s me again, an amateur entering the field. Lately, due to being swamped with company projects, I haven’t…
MIPS Assembly Language (P1)
First of all, I’d like to warmly welcome all of you who found out about my blog to read what I write here (^∀^●)ノシ. You might wonder why I’m writing about this MIPS assembly language, as it’s not exactly a new topic and I’m writing about it again 🙁. The reason here…
$4,000 salary is not difficult if you have these 5 important cybersecurity certifications
Up to now, cybersecurity has been globally recognized as a “hot” major in the field of information technology and has attracted a lot of attention from youngsters as well as domestic and international corporations. Besides, the salary of a cybersecurity staff can rise up to tens of thousands of dollars. Having certified can contribute to…
Which type of Network Security Operation and Monitoring Center is suitable for the Banking – Finance sector?
The Security Operations Center – SOC – assumes the role of detecting and handling attacks in the fastest way to reduce risks to the enterprise’s information technology system. Especially for Banking and Finance units, which are the top targets of hackers. Depending on the size of the IT system, and human resources, which models of…
How did I pass the OSCP certificate?
Hi, it’s time we meet again, I make a new blog at the end of the month. This time the theme will be a little different. Basically at the beginning of this June, after a year of so-called temporary graduation, I took the first security exam in my life, which was OSCP, and fortunately, without…