offgridtech.xyz

A Blog about IT, Security, Cloud and Off-Grid Technologies.

Category: Cyber Security

  • SQL Injections Part 2: A Threat-Informed Defense

    SQL Injections Part 2: A Threat-Informed Defense In the first part of this series, I delved into the mechanics of SQL injections, using the OWASP Juice Shop—an intentionally vulnerable web app—to demonstrate how such attacks are executed. That discussion laid the groundwork for understanding both the execution and impact of SQL injections. Now, I turn…

  • SQL Injections Part 1: Exposing Vulnerabilities with OWASP Juice Shop

    In the complex fabric of web security, understanding the threat landscape is paramount. This series embarks on a detailed exploration of SQL injections, a notorious and enduring threat within the cybersecurity arena. Part 1 of this series focuses on exposing the vulnerabilities that make SQL injections not only possible but also dangerously effective. Through a…

  • Enhancing Endpoint Security with Wazuh and VirusTotal Integration

    In todays digital age, cyber threats are continually evolving, Endpoint Detection and Response (EDR) has emerged as a cornerstone of cybersecurity strategies. EDR solutions are crucial for monitoring, detecting, and responding to threats on endpoints, offering unparalleled visibility into the security state of each device within an organization. These solutions not only alert security teams…

  • Prepare for a Home Invasion

    The surge in car thefts across our nation has been alarming, and as a Canadian deeply concerned about this trend, I’ve delved into the tactics used by these modern-day thieves. One method that caught my attention is the CAN BUS (Controller Area Network) injection attack. This technique involves accessing a car’s CAN system and using…

  • Secure Remote Management in AWS: A Beginner’s Guide to AWS Systems Manager

    Introduction Cloud hosting has shifted remote management from a luxury to a necessity, given the physical distance from data centers. Traditional remote management tools, such as Remote Desktop (RDP) for Windows users and Secure Shell (SSH) for those on Unix-like systems, along with the strategic use of Bastion hosts for enhanced security, form the backbone…

  • Securing My Blog: A Deep Dive into AWS WAF and Security Groups

    A Little Blog with Big Security As the proud owner of a modestly-sized blog – let’s just say it’s more of a cozy corner of the internet rather than a sprawling digital estate – ensuring its security is still top of the shelf. You might remember my previous post about the highly available architecture of…

  • Digital Reconnaissance: A Military Approach to Cybersecurity

    Let’s Conduct a Recce Recce, pronounced like “recky,” is the Canadian Armed Forces’ abbreviation for reconnaissance. It’s a crucial step in battle procedure and it is aimed at gathering intelligence about a specific target. As a former CAF communication specialist, I’ve planned communication requirements for such activities. Understanding the dynamic nature of recce operations is…

  • The Cybersecurity Maze: Securing WordPress on AWS

    In my previous blog, I explored setting up WordPress on an EC2 instance, a great introduction to AWS cloud services. Despite its popularity, WordPress is often targeted by cyber threats. To bolster security, I’m working on a more secure, scalable, and reliable setup in AWS, incorporating AWS RDS, ACM and AWS ALB. Additionally, I intend…