Cyber Essentials - Why? and How?
What is the Cyber Essentials Scheme? Cyber Essentials is a government-backed scheme to improve the cyber security stance of businesses. The idea behind the scheme is to raise the bar of business in the UK concerning their approach and readiness for cyber incidents. It is also now a requirement when bidding for government contracts. Should I Obtain Cyber Essentials? The short answer is yes. Cyber Essentials helps any business improve its security stance and put in place a framework that makes it easier for a business to stay secure while also providing tips and advice on how to do so....
Reporting: Our First Public Dashboard
Edit We have recently chosen to stop running our honeypots and have deemed the short-term project a success. We gathered a wealth of information and plan to produce a length post breaking down this information and presenting our findings in one final state. Because of this, we have also chosen to remove our dashboard page - but the raw JSON data will remain on GitHub. Introduction Since starting HackYour.Tech, we have been working on a fun project in the background, specifically a network of various systems and stacks to help us collect, gather and process data from various aspects....
CVE-2024-3094: XZ Utils Backdoor Leads to SSH Compromise
Introduction On March 29th, 2024, a backdoor in a popular package called XZ Utils was identified/announced. In true fashion, the cyber security industry was thrown into panic on a Friday. Not only was it a Friday, but it was a bank holiday Friday for some… so we had an extra treat! In this post, we hope to give a brief overview of the CVE, the affected component, a high-level brief of the outcome of the CVE and some guidance on identifying and fixing a vulnerable system....
Password Managers and Two Factor Authentication
Introduction Good security practice for individuals is still something that most people don’t do, sometimes because people see it as too much additional effort or because people don’t realise the importance of cyber security and what consequences can come from a lack of it. In this post, we’ll look at the importance of a specific good practice that everyone should follow, specifically the use of password managers. Not only does this help secure a user’s online accounts at home, but also an important step that businesses should be taking to ensure their employee’s weak passwords are not a threat to their business....
HTTPS. What? Why? When?
Introduction As with all Cyber Security blogs, it’s an unwritten rule and requirement to have a post about HTTPS… so here we go. In the ever-evolving landscape of the internet, you may have encountered the term “HTTPS” while browsing the web. But what exactly is HTTPS, and why does it matter? And more importantly, when should you prioritize its implementation? There are thousands of resources online telling you, the daily user, that “HTTPS is important”....
Hello World
What is HackYour.Tech? HackYour.Tech is a new Cyber Security focused blog run by two techs currently working for a large consultancy firm. Our daily focus covers a wide range of areas, such as DevSecOps, Penetration Testing, Network Administration and a lot of code. Why Are We Doing This? At the heart of our mission, and the reason for creating this blog, is the development of projects tailored to enhance the technical capacities of smaller businesses while also raising awareness about critical security concerns during solution deployment....