Evgeny Belenky

73 Flips | 1 Magazine | 25 Following | 18 Followers | @EvgenyBelen2016 | Director of Community @Peerlyst

How to be a GREAT Cybersecurity Recruiter

To be clear, I am not, nor have I ever been a cybersecurity recruiter. I’m not even saying I have what it takes to <i>be</i> one. What I’m saying is that, …

Uncertainties around WannaCry and the initial infection

There are some uncertainties still around how WannaCry spread on the Internet. I just gave this as a reply in another thread, but I thought this …

Spearphishing

Security deals summary - May 2017

I was asked by some of our members to give highlights of recent deals in security. I'm going to try and post an update once a month with new …

Chinese state-sponsored hacking groups rotate "target regions" when the heat is on

For the first time ever, four different and separate sources agree independently that the attribution of APT3 (aka Gothic Panda‍, Buckeye‍, UPS Team‍ …

Industry outlook question: SIEM and automatic pentesting tools

Hello,<p>I need some clarifications about the following subject:<p>It seems like a modern good SIEM software provides a built-in vulnerability scanning for …

Information Security

Transferring Backdoor Payloads by DNS AAAA records and IPv6 Address

<i>Transferring Backdoor Payloads by DNS AAAA records and IPv6 Address</i><p>in this article i want to explain how can use IPv6 Address (AAAA) records in DNS …

Talks to watch at RSA Conference USA 2017 if you are blue team

These are the talks that I hope get recorded and published because I'd like to see them. They are the most relevant talks for blue teamers‍ and …

Information Security

List of existing Peerlyst meetups & call for volunteer Peerlyst Ambassadors to organize meetups

We're announcing a call for volunteers‍ - we would like Peerlyst community members to volunteer to initiate and arrange local Infosec meetups.<p><b>List of</b> …

The complete security calendar

We're building the complete security calendar<p>We're building an extensive crowd-sourced calendar of all the security events worldwide.<p>The calendar …

In Cybersecurity? Remove "No" From Your Vocabulary!

In the vast majority of organisations for whom I've provided guidance, the security departments are seen as something to work <i>around</i>, not alongside. …

Information Security

Mobile Fraud and Ad Fraud Case File

A new variant of the advanced android HummingBad malware has spread to apps in the google play store, security researchers have found. Dubbed …

Apps

Configuring & using DANE TLSA records

I just finished helping another client configure DANE TLSA records for their services (https|smtp|imap), in order to increase the security for …

Information Security

Free Training: Threat Landscape - IoT, Cloud, and Mobile

We are so glad to present to you a training course, offered for free exclusively to Peerlyst users.<p>Chris Romeo‍ and his team at Security Journey …

Information Security

Top 5 Highest Paying Cyber Security Certifications for 2017 - What do you think about this list ?

<b>CISM(CERTIFIED INFORMATION SECURITY MANAGER)</b><p><b>Skills Gained</b><p>Ability to quickly identify potential security issues, design effective prevention and …

200 million data enrichment records up for sale on the Darknet

Full data enrichment profiles for more than 200 million people have been placed up for sale on the Darknet. The person offering the files claims the …

Find posts on more than 10,000 security expertise. Security resources, security blogs, security discussions, security Q&A, security reviews. Posts about IOT, Appsec, firewalls, offense, exploitation, network security, SIEM, Cryptography, Identity access management, database monitoring, Cloud security, forensics, incident response, WAF, Risk, compliance, GRC, Mobile security, Vulnerability scanners, National security, healthcare security, privacy, OSINT, hardware security

Update 20.4.2018: Videos and slides from all talks are being added to the abstract post links which you can find below. Agenda (April 16th - April …

Information Security

Passed CCSP, Tips for Passing

A few weeks ago, I was lucky enough to have passed the new certified cloud security professional‍ (CCSP‍) exam from ISC². A few days later, I was …

Information Security

Could you really make more than $1m USD/year as a pentester???

This post is inspired by a question I saw posted over on LinkedIn. This individual had been told by the owner of a consulting firm that the firm's …

Information Gathering And Scanning in Penetration testing

Continuing from our previous few discussions about Metasploit and its architecture, in this chapter we will shift our focus towards information …

Resource: Security Monitoring and Attack Detection with ElasticSearch, Logstash and Kibana

<b>#Security #Monitoring and #Attack #Detection with #ElasticSearch, #Logstash and #Kibana - #ELK Stack applied Architecture experiences and opinions</b> …

SplunkConf 2016: Using Splunk to hunt for malicious PowerShell usage by Ryan Chapman & Lisa Tawfall

This presentation is a must-watch for all Splunk‍ security folks out there. They use Splunk‍ to do proactive threat hunting‍ looking for malicious …

Quantum Computing and Cybersecurity

<i>It is almost as if the greater the number of cybersecurity products that flood onto the market, the more intense the increase in cybercrime and</i> …

Setting up your Metasploit Environment

In this post, we will continue from our previous discussion where we talked about the basics of metasploit and its modular architecture. Here we will …

Essentials of Cyber Security - Getting the basics right

<b>Starting at the beginning: Why you should have a security program (David Froud‍)</b><p><b>Driving effective security with metrics (Anthony Noblett CISSP, CISA,</b> …

Metasploit Quick Tips for Security Professionals

This is the first introductory post to a series of articles that will be focused on metasploit and penetration testing. The contents that I will be …

Information Security

Cybercrime Report Template

In this blog post I'll be contributing a template or form, made as simple as possible, to enable you to report cybercrime in a more efficient way. …

Information Security

Threat Modeling for Mobile Applications

<b>The purpose of this article</b> is to provide security guidance in the development of mobile applications. The following application threat-model (ATM) …

Information Security