The Black and White (Hat) of Ethical Hacking

When it comes to cyber security the online world is populated by people of different color, be it, white, black or those who lurk in the grey area. The perception is that there is a group of characters whose actions are benevolent, and so are described as White Hat hackers, white being benign in nat[...]

How to Really Surf the Internet Anonymously?

Most people who surf the internet have no idea how unprotected their personal details and data really are. By simply visiting different websites, a user exposes his/her information to them, and allows them to potentially track down their physical location. They can also identify details about the de[...]

How do I know if I need a Website Security Audit?

The importance of Web Penetration Testing Almost every day we hear news about how a certain company had its information leaked due to a hacking activity. These incidents are rarely foreseeable and cause substantial damage to the company. Not only do they cost money, they can sometimes damage the rep[...]

The Benefits of Website Penetration Testing

What is Penetration Testing? This is a method used to assess how secure a website or network is, by simulating an attack on it. The test comprehensively reveals the vulnerabilities and the strengths of the website or network. This allows the owner to efficiently utilize security resources in the are[...]

How to find PHP shells

We often get tasked with forensic investigations on compromised Linux web servers. Here are a few basic tasks/commands you can perform to help with the start of investigations: 1) Audit log files / web and system logs to see if you can establish how the hack happened. 2) ls -la check for new files /[...]

Shellshock strikes

Attacks on websites and servers using the new Shellshock bug has been spotted by security analysts. Sservers worldwide use software vulnerable to the bug, which lets attackers execute commands on that system. Thousands of servers have been compromised via Shellshock and some have been used to bombar[...]

Cryptolocker Decrypted

Finally the infamous ransomware Cryptolocker has been cracked by the smart folk at FireEye and FoxIT. Previously unwilling victims of the randomware Cryptolocker had been forced to pay up before their encryption key was destroyed. The ransomware worked by encrypting users documents and would only al[...]

To Tor or Not To Tor

Ever since September 2002, Tor has been a popular free piece of software to help / enable online anonymity, and resist filtering from restrictive governments or ISPs. The Tor network consist of over five thousand relays to help conceal users locations or online activity from anyone wishing to snoop.[...]

Heartbleed Website Checker

The heartbleed SSL flaw was released online last week, causing many of you to worry about accounts you hold online at various websites. Many exploits are now in the wild, so it is advisable that you check the websites you use frequently to see if they are secure or have been patched, before logging [...]

Securing Websites

Below is a brief overview of steps you can take to help secure your website online. Security Audit Systems offer full website penetration testing services to help secure websites that you operate. The Basics Step 1) Know your web application/website – One of the most important fundamental step[...]