BHEH | FACTS
Obfuscated Payloads can be undetected even if you have real-time protection
Reading Time: 3 Minutes Fact: Obfuscated Payloads can be undetected even if you have real-time protection There is a certain reason why successful attacks still happen every day, even though you use various security solutions in some cases...
Not all Phishing attack types can be protected using software solutions
Reading Time: 3 Minutes Fact: Not all Phishing attack types can be protected using software solutions There are different phishing attack types and often people classify them all under one category, which is not the case in the real world....
Cyber Attacks do not discriminate when choosing victims.
Reading Time: 3 Minutes Fact: Cyber Attacks do not discriminate when choosing victims. Company Size does not matter when it comes to Cyber Criminals going after a target. The evolution of new and evolving online attacks became more...
Penetration Testing alone cannot identify the maximum number of vulnerabilities in an application.
Support our work or become a Patron and find exclusive video content available ONLY on Patreon showing you continuous techniques and methodologies in Offensive Security. Reading Time: 2 Minutes Fact: Penetration Testing alone cannot identify...
73% of Hackers said traditional Firewall and Antivirus Security is irrelevant or obsolete.
Reading Time: 2 Minutes Fact: 73% of Hackers said traditional Firewall and Antivirus Security is irrelevant or obsolete. “Humans are the most responsible for security breaches” - 80% of hackers say that for a reason. A lot of...
7 out of 10 businesses are not prepared to respond to a Cyber Attack
Reading Time: 3 Minutes Fact: 7 out of 10 businesses are not prepared to respond to a Cyber Attack. 73% of companies, based on a statistic made by Hiscox in the UK, US, Spain, Germany & Netherlands are just not prepared....
Hacking has Evolved
Reading Time: 3 Minutes Hacking has evolved into helping shape the Information Security Industry. Back in the '90s, hackers were considered criminals, no one wanted to interact with them without understanding that a...
You can’t protect what you can’t see
When it comes to advanced threat protection from a defensive perspective, you usually make sure to invest in various hardware and software solutions such as Intrusion Prevention Systems. Intrusion Detection System working proactively, analyzing the...
Manual Pentesting is more Effective than the Automated
No doubt that both methods, when it comes to performing Pentesting Infrastructure share the same purpose. There is also the need for compliance, in order to prove and make a point of how a company takes seriously their Privacy and Security. Human Vs...
90% of the hacking process involves the Reconnaissance Phase
Hacking can be summarized with one word, but the process behind it involves several phases to reach the final outcome which is a 'Successful Attack'. These Phases are a bit more complicated than just the word itself. Traditionally Hacking involves phases...
A Hacker needs only one loophole to hack any system.
Unfortunately, most companies lack the capabilities to be able to detect a coordinated attack head-on. This means usually when someone performs an incident response to start mitigating, the attacker is already well-established into the network, has several...
Not all hackers are criminals
The term ‘hacking’ generally has a negative philosophy as many people assume that all hackers are bad, and they treat them with suspicion in the belief they have criminal intentions. To most people, though, the term ‘hacker’ is associated...
Human Intelligence is the best defense against Phishing Attacks
Social Engineering is the psychological manipulation of people into performing actions or divulging confidential information. When hackers combine this method, it does not require a technical skill, but when combined with a targeted attack, it results in...
Firewalls are no longer enough
Firewalls operate by checking incoming and outgoing traffic against a set of rules. These rules might be based on metadata (e.g. port number, IP address, Protocol Type, etc..) or real data, i.e. the payload of the packet. For example: * Drop all incoming...
Your Data in the Cloud is not as secure as you think
Many companies think they can leverage their existing security mechanisms in the Cloud, however, it is an entirely different aspect and must be looked from a different perspective with privacy in mind. Before migrating to a cloud, or starting a cloud...
The Weakest Link in a Security Chain is the Human Element
Advanced technology and security practices, no matter how sophisticated, will always be constrained by the human factor. No matter how strong your: • Firewalls • Intrusion Detection Systems • Cryptography • Anti-Virus Software And the list goes on, YOU...
Two-Factor Authentication is not always Totally Secure
Two-factor authentication is an extra level of security known as multi-factor authentication. It adds an extra step to the login process. Instead of only having to enter your username and password to log into a website, with two-factor authentication...
VPN: You may not be as secure as you think you are
Premium ContentSubscribe to Patreon to watch this episode.Reading Time: 2 MinutesUsing a VPN is not 100% Secure. The reason is simple, still, security researchers, hackers, submit bug bounties, testing a lot of VPNs, by showing programming errors that...
Fact: There is no minimum threat in Cyber Security
It goes back to the root of the problem. In today's world, attacks will continue to happen, and exploits will continue to be found. A threat on the offensive side of Cyber Security, once found it cannot be categorised as a minimum. Today, behind such targeted attacks,...
Fact: There is no Operating System that is 100% Secure
There is no operating system that is 100% secure, based on 2019 stats, Android, Windows, IOS, OSX were the top used operating systems. So when hackers work with payloads, also known as "Viruses, Worms etc..", they tend to create more available ways targeting the most...