Posts

Showing posts from 2022

Top Security Tools for AWS Cloud

AWS provides security tools designed to improve both account security and application and service security. An AWS account is an attack vector, as resources and data are accessible through the public application programming interface (API). Implementing a secure identity and access management strategy helps prevent leaking data — such as in S3 buckets — to the public. AWS’s many tools provide insights into your configured permissions and access patterns, and record all actions for compliance and audit purposes. Applications and services hosted in AWS are susceptible to different kinds of threats from the outside. Cross-site scripting (XSS), SQL injection, and brute-force attacks target public endpoints. Distributed denial-of-service (DDoS) attacks may attempt to bring down your services, potentially compromising your architecture security. Without proper management, sensitive information — such as database credentials — may leak. Therefore, it's critical that organizations migratin

Amazon-web-services – AWS S3 display file inline instead of force download

Image
For some reason files in my S3 bucket are being forced as downloads instead of displaying in-line so if I copy an image link and paste it into address bar and then navigate to displaying file or show option to downloading so in  this case you will have to make change in object metadata and add below field type in the configuration. Type- System defined Key- Content-Type Value- image/jpeg (You can select value from the drop down)

Change TimeZone in CentOS/RHEL 8/7

             Step 1- Check date and timezone           Command- date           Step 2- timedatectl list-timezones           (Select your timezone from this list and run with below command )           Step 3- timedatectl set-timezone America/Los_Angeles

Best cyber security practices for Enterprises to stay secure

In wake of the rising incidences of targeted attacks on enterprises, there is no way organizations can afford to ignore the importance of cyber security. Regardless of the size and type of enterprise, even a small data breach or cyber-attack could mean millions of dollars of loss, crippling the economy of enterprise. It is for this reason that as a thumb rule, enterprises start following these good cyber security practices, in order to be cyber secure against known and unknown threats: Invest in Security Solutions – An enterprise may be subjected to various kinds of threats and thus, to ensure enterprise-wide security, it is a good practise to invest in a variety of security solutions that cover the changing needs of an organization. Use Complex & Unique Password – As a thumb rule, enterprises must encourage employees to use strong and unique passwords and prohibit them from sharing their credentials. Invest in Training – Educate and train employees about cyber security so that the

CLOUD SECURITY

Image
  What is cloud security? Preparing your business for future success starts with switching from on-premises hardware to the cloud for your computing needs. The cloud gives you access to more applications, improves data accessibility, helps your team collaborate more effectively, and provides easier content management. Some people may have reservations about switching to the cloud due to security concerns, but a reliable cloud service provider (CSP) can put your mind at ease and keep your data safe with highly secure cloud services. Find out more about what cloud security is, the main types of cloud environments you'll need security for, the importance of cloud security, and its primary benefits. Lets understand the definition of cloud security- Cloud security, also known as cloud computing security, is a collection of security measures designed to protect cloud-based infrastructure, applications, and data. These measures ensure user and device authentication, data and resource acce

TOP 5 Phishing simulators [2022]

Image
  The title of this article was supposed to be “Top 5 Free Phishing Simulators.” However, after much searching. The final list does not include any of the fishy apps that let you create a fake website or phishing site for collecting data. I wanted to focus on tools that allow you to actually run a phishing campaign on your own i.e. create and send at least one phishing email to a real recipient. Basically, if you are looking for a free phishing simulator for your company, you are down to three choices and many more are there; 1) Open-source phishing platforms  2) Demo versions of commercial products 3) Simple tools that will allow you to craft a simple email message and send it to one or several recipients using a specified mail server 5 Simulators are ;  1.Infosec IQ 2. Gophish 3.Phishing Frenzy 4.King Phisher 5.Social-Engineer Toolkit (SET)   

How to release AWS Elastic IP || How to delete AWS NAT gateway

Image
  Please refer this video to achieve this LAB. You can refer my youtube channel for more videos.

AWS Flow Logs

Image
  VPC Flow logs Flow Logs feature can be used as a security tool to monitor the traffic that is reaching your EC2 instances. Once enabled, the feature will start  collecting IP traffic data to and from your vpc subnets, data that can be useful to detect and troubleshoot security issues such as restricted security group rule. Analyzing VPC Flow logs Data-

How to generate sshkey for EC2 Linux Instance

  If you are managing hundreds of EC2 Linux servers where you need to take ssh frequently so this is very difficult to enter machines login ssh password every time. So below solution will help you to resolve this issue. Commands- login to your main server and follow the step below. 1.ssh-keygen 2. ls -a 3. id_rsa.pub (this is key which need to copy to your destination server) 4. ssh-copy-id <destination host- admin@192.168.*.*>

SSH Error- Permission denied (publickey,gssapi-keyex,gssapi-with-mic)

  Problem-   The authenticity of host 'IP X.X.X.X' can't be established. ECDSA key fingerprint is SHA256:U8lQ0PvPeWJgvTWC+MHS2Idjt4ZxcDzoW5/7kwJ60X0. ECDSA key fingerprint is MD5:2f:73:20:11:42:5e:02:8a:65:5a:f3:e1:2c:f8:ad:57. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'host IP' (ECDSA) to the list of known hosts. Permission denied (publickey,gssapi-keyex,gssapi-with-mic). Solution- Sometimes it happens we face above issue while making SSH connection between 2 servers or hosts. Step 1- Make sure ssh server is running  Step 2- Make some configuration changes in SSHD_Config file accordingly. Goto- vi /etc/ssh/sshd_config here we need to make 3 changes 1.Uncommet line- PasswordAuthentication yes 2. Commet Line - #PasswordAuthentication no (This will be line number three) 3. Uncommet- PermitRootLogin yes Step 3- Restart service to apply these changes service sshd restart

Your organization has disabled this device. Error code 135011

Image
  Error- Something went wrong (Error while login into MS Team account) Solutions- Login into Azure admin portal-Select users-select affected user and go to devices-Selected disabled device and click on top to enable it.