All Articles
Ordered by Date Received
: Year: "2021"
Month: "06"
Page:
<<
<
186 (of 221)
>
>>
Total Articles in this collection: 11,093
Navigation Help at the bottom of the page
Article: Cyber Criminals Exploit Accellion FTA for Data Theft and Extortion - published almost 4 years ago.
Content: Starting in mid-December 2020, malicious actors that Mandiant tracks as UNC2546 exploited multiple zero-day vulnerabilities in Accellion’s legacy File Transfer Appliance (FTA) to install a newly discovered web shell named DEWMODE. The motivation of UNC2546 was not immediately apparent, but starting in late January 2021, several organizations that h...
http://www.fireeye.com/blog/threat-research/2021/02/accellion-fta-exploited-for-data-theft-and-extortion.html
Published: 2021 02 22 14:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Starting in mid-December 2020, malicious actors that Mandiant tracks as UNC2546 exploited multiple zero-day vulnerabilities in Accellion’s legacy File Transfer Appliance (FTA) to install a newly discovered web shell named DEWMODE. The motivation of UNC2546 was not immediately apparent, but starting in late January 2021, several organizations that h...
http://www.fireeye.com/blog/threat-research/2021/02/accellion-fta-exploited-for-data-theft-and-extortion.html
Published: 2021 02 22 14:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Cyber Criminals Exploit Accellion FTA for Data Theft and Extortion - published almost 4 years ago. Content: Starting in mid-December 2020, malicious actors that Mandiant tracks as UNC2546 exploited multiple zero-day vulnerabilities in Accellion’s legacy File Transfer Appliance (FTA) to install a newly discovered web shell named DEWMODE. The motivation of UNC2546 was not immediately apparent, but starting in late January 2021, several organizations that h... http://www.fireeye.com/blog/threat-research/2021/02/accellion-fta-exploited-for-data-theft-and-extortion.html Published: 2021 02 22 14:00:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: So Unchill: Melting UNC2198 ICEDID to Ransomware Operations - published almost 4 years ago.
Content: Mandiant Advanced Practices (AP) closely tracks the shifting tactics, techniques, and procedures (TTPs) of financially motivated groups who severely disrupt organizations with ransomware. In May 2020, FireEye released a blog post detailing intrusion tradecraft associated with the deployment of MAZE. As of publishing this post, we track 11 disti...
http://www.fireeye.com/blog/threat-research/2021/02/melting-unc2198-icedid-to-ransomware-operations.html
Published: 2021 02 25 16:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Mandiant Advanced Practices (AP) closely tracks the shifting tactics, techniques, and procedures (TTPs) of financially motivated groups who severely disrupt organizations with ransomware. In May 2020, FireEye released a blog post detailing intrusion tradecraft associated with the deployment of MAZE. As of publishing this post, we track 11 disti...
http://www.fireeye.com/blog/threat-research/2021/02/melting-unc2198-icedid-to-ransomware-operations.html
Published: 2021 02 25 16:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: So Unchill: Melting UNC2198 ICEDID to Ransomware Operations - published almost 4 years ago. Content: Mandiant Advanced Practices (AP) closely tracks the shifting tactics, techniques, and procedures (TTPs) of financially motivated groups who severely disrupt organizations with ransomware. In May 2020, FireEye released a blog post detailing intrusion tradecraft associated with the deployment of MAZE. As of publishing this post, we track 11 disti... http://www.fireeye.com/blog/threat-research/2021/02/melting-unc2198-icedid-to-ransomware-operations.html Published: 2021 02 25 16:00:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Fuzzing Image Parsing in Windows, Part Two: Uninitialized Memory - published over 3 years ago.
Content: Continuing our discussion of image parsing vulnerabilities in Windows, we take a look at a comparatively less popular vulnerability class: uninitialized memory. In this post, we will look at Windows’ inbuilt image parsers—specifically for vulnerabilities involving the use of uninitialized memory. The Vulnerability: Uninitialized Memory In unman...
http://www.fireeye.com/blog/threat-research/2021/03/fuzzing-image-parsing-in-windows-uninitialized-memory.html
Published: 2021 03 03 19:30:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Continuing our discussion of image parsing vulnerabilities in Windows, we take a look at a comparatively less popular vulnerability class: uninitialized memory. In this post, we will look at Windows’ inbuilt image parsers—specifically for vulnerabilities involving the use of uninitialized memory. The Vulnerability: Uninitialized Memory In unman...
http://www.fireeye.com/blog/threat-research/2021/03/fuzzing-image-parsing-in-windows-uninitialized-memory.html
Published: 2021 03 03 19:30:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Fuzzing Image Parsing in Windows, Part Two: Uninitialized Memory - published over 3 years ago. Content: Continuing our discussion of image parsing vulnerabilities in Windows, we take a look at a comparatively less popular vulnerability class: uninitialized memory. In this post, we will look at Windows’ inbuilt image parsers—specifically for vulnerabilities involving the use of uninitialized memory. The Vulnerability: Uninitialized Memory In unman... http://www.fireeye.com/blog/threat-research/2021/03/fuzzing-image-parsing-in-windows-uninitialized-memory.html Published: 2021 03 03 19:30:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452 - published over 3 years ago.
Content: Executive Summary In August 2020, a U.S.-based entity uploaded a new backdoor that we have named SUNSHUTTLE to a public malware repository. SUNSHUTTLE is a second-stage backdoor written in GoLang that features some detection evasion capabilities. Mandiant observed SUNSHUTTLE at a victim compromised by UNC2452, and have indications that ...
http://www.fireeye.com/blog/threat-research/2021/03/sunshuttle-second-stage-backdoor-targeting-us-based-entity.html
Published: 2021 03 04 17:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Executive Summary In August 2020, a U.S.-based entity uploaded a new backdoor that we have named SUNSHUTTLE to a public malware repository. SUNSHUTTLE is a second-stage backdoor written in GoLang that features some detection evasion capabilities. Mandiant observed SUNSHUTTLE at a victim compromised by UNC2452, and have indications that ...
http://www.fireeye.com/blog/threat-research/2021/03/sunshuttle-second-stage-backdoor-targeting-us-based-entity.html
Published: 2021 03 04 17:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452 - published over 3 years ago. Content: Executive Summary In August 2020, a U.S.-based entity uploaded a new backdoor that we have named SUNSHUTTLE to a public malware repository. SUNSHUTTLE is a second-stage backdoor written in GoLang that features some detection evasion capabilities. Mandiant observed SUNSHUTTLE at a victim compromised by UNC2452, and have indications that ... http://www.fireeye.com/blog/threat-research/2021/03/sunshuttle-second-stage-backdoor-targeting-us-based-entity.html Published: 2021 03 04 17:00:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: Detection and Response to Exploitation of Microsoft Exchange Zero-Day Vulnerabilities - published over 3 years ago.
Content: Beginning in January 2021, Mandiant Managed Defense observed multiple instances of abuse of Microsoft Exchange Server within at least one client environment. The observed activity included creation of web shells for persistent access, remote code execution, and reconnaissance for endpoint security solutions. Our investigation revealed that the file...
http://www.fireeye.com/blog/threat-research/2021/03/detection-response-to-exploitation-of-microsoft-exchange-zero-day-vulnerabilities.html
Published: 2021 03 04 22:30:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Beginning in January 2021, Mandiant Managed Defense observed multiple instances of abuse of Microsoft Exchange Server within at least one client environment. The observed activity included creation of web shells for persistent access, remote code execution, and reconnaissance for endpoint security solutions. Our investigation revealed that the file...
http://www.fireeye.com/blog/threat-research/2021/03/detection-response-to-exploitation-of-microsoft-exchange-zero-day-vulnerabilities.html
Published: 2021 03 04 22:30:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Detection and Response to Exploitation of Microsoft Exchange Zero-Day Vulnerabilities - published over 3 years ago. Content: Beginning in January 2021, Mandiant Managed Defense observed multiple instances of abuse of Microsoft Exchange Server within at least one client environment. The observed activity included creation of web shells for persistent access, remote code execution, and reconnaissance for endpoint security solutions. Our investigation revealed that the file... http://www.fireeye.com/blog/threat-research/2021/03/detection-response-to-exploitation-of-microsoft-exchange-zero-day-vulnerabilities.html Published: 2021 03 04 22:30:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 - published almost 4 years ago.
Content: UPDATE (Mar. 18): Mandiant recently observed targeted threat actors modifying mailbox folder permissions of user mailboxes to maintain persistent access to the targeted users' email messages. This stealthy technique is not usually monitored by defenders and provides threat actors a way to access the desired email messages using any com...
http://www.fireeye.com/blog/threat-research/2021/01/remediation-and-hardening-strategies-for-microsoft-365-to-defend-against-unc2452.html
Published: 2021 01 19 14:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: UPDATE (Mar. 18): Mandiant recently observed targeted threat actors modifying mailbox folder permissions of user mailboxes to maintain persistent access to the targeted users' email messages. This stealthy technique is not usually monitored by defenders and provides threat actors a way to access the desired email messages using any com...
http://www.fireeye.com/blog/threat-research/2021/01/remediation-and-hardening-strategies-for-microsoft-365-to-defend-against-unc2452.html
Published: 2021 01 19 14:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 - published almost 4 years ago. Content: UPDATE (Mar. 18): Mandiant recently observed targeted threat actors modifying mailbox folder permissions of user mailboxes to maintain persistent access to the targeted users' email messages. This stealthy technique is not usually monitored by defenders and provides threat actors a way to access the desired email messages using any com... http://www.fireeye.com/blog/threat-research/2021/01/remediation-and-hardening-strategies-for-microsoft-365-to-defend-against-unc2452.html Published: 2021 01 19 14:00:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Monitoring ICS Cyber Operation Tools and Software Exploit Modules To Anticipate Future Threats - published over 4 years ago.
Content: There has only been a small number of broadly documented cyber attacks targeting operational technologies (OT) / industrial control systems (ICS) over the last decade. While fewer attacks is clearly a good thing, the lack of an adequate sample size to determine risk thresholds can make it difficult for defenders to understand the threat environment...
http://www.fireeye.com/blog/threat-research/2020/03/monitoring-ics-cyber-operation-tools-and-software-exploit-modules.html
Published: 2020 03 23 12:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: There has only been a small number of broadly documented cyber attacks targeting operational technologies (OT) / industrial control systems (ICS) over the last decade. While fewer attacks is clearly a good thing, the lack of an adequate sample size to determine risk thresholds can make it difficult for defenders to understand the threat environment...
http://www.fireeye.com/blog/threat-research/2020/03/monitoring-ics-cyber-operation-tools-and-software-exploit-modules.html
Published: 2020 03 23 12:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Monitoring ICS Cyber Operation Tools and Software Exploit Modules To Anticipate Future Threats - published over 4 years ago. Content: There has only been a small number of broadly documented cyber attacks targeting operational technologies (OT) / industrial control systems (ICS) over the last decade. While fewer attacks is clearly a good thing, the lack of an adequate sample size to determine risk thresholds can make it difficult for defenders to understand the threat environment... http://www.fireeye.com/blog/threat-research/2020/03/monitoring-ics-cyber-operation-tools-and-software-exploit-modules.html Published: 2020 03 23 12:00:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: Back in a Bit: Attacker Use of the Windows Background Intelligent Transfer Service - published over 3 years ago.
Content: In this blog post we will describe: How attackers use the Background Intelligent Transfer Service (BITS) Forensic techniques for detecting attacker activity with data format specifications Public release of the BitsParser tool A real-world example of malware using BITS persistenc...
http://www.fireeye.com/blog/threat-research/2021/03/attacker-use-of-windows-background-intelligent-transfer-service.html
Published: 2021 03 31 15:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: In this blog post we will describe: How attackers use the Background Intelligent Transfer Service (BITS) Forensic techniques for detecting attacker activity with data format specifications Public release of the BitsParser tool A real-world example of malware using BITS persistenc...
http://www.fireeye.com/blog/threat-research/2021/03/attacker-use-of-windows-background-intelligent-transfer-service.html
Published: 2021 03 31 15:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Back in a Bit: Attacker Use of the Windows Background Intelligent Transfer Service - published over 3 years ago. Content: In this blog post we will describe: How attackers use the Background Intelligent Transfer Service (BITS) Forensic techniques for detecting attacker activity with data format specifications Public release of the BitsParser tool A real-world example of malware using BITS persistenc... http://www.fireeye.com/blog/threat-research/2021/03/attacker-use-of-windows-background-intelligent-transfer-service.html Published: 2021 03 31 15:00:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: M-Trends 2021: A View From the Front Lines - published over 3 years ago.
Content: We are thrilled to launch M-Trends 2021, the 12th edition of our annual FireEye Mandiant publication. The past year has been unique, as we witnessed an unprecedented combination of global events. Business operations shifted in response to the worldwide pandemic and threat actors continued to escalate the sophistication and aggressiveness of th...
http://www.fireeye.com/blog/threat-research/2021/04/m-trends-2021-a-view-from-the-front-lines.html
Published: 2021 04 13 13:45:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: We are thrilled to launch M-Trends 2021, the 12th edition of our annual FireEye Mandiant publication. The past year has been unique, as we witnessed an unprecedented combination of global events. Business operations shifted in response to the worldwide pandemic and threat actors continued to escalate the sophistication and aggressiveness of th...
http://www.fireeye.com/blog/threat-research/2021/04/m-trends-2021-a-view-from-the-front-lines.html
Published: 2021 04 13 13:45:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: M-Trends 2021: A View From the Front Lines - published over 3 years ago. Content: We are thrilled to launch M-Trends 2021, the 12th edition of our annual FireEye Mandiant publication. The past year has been unique, as we witnessed an unprecedented combination of global events. Business operations shifted in response to the worldwide pandemic and threat actors continued to escalate the sophistication and aggressiveness of th... http://www.fireeye.com/blog/threat-research/2021/04/m-trends-2021-a-view-from-the-front-lines.html Published: 2021 04 13 13:45:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Hacking Operational Technology for Defense: Lessons Learned From OT Red Teaming Smart Meter Control Infrastructure - published over 3 years ago.
Content: High-profile security incidents in the past decade have brought increased scrutiny to cyber security for operational technology (OT). However, there is a continued perception across critical infrastructure organizations that OT networks are isolated from public networks—such as the Internet. In Mandiant’s experience, the concept of an ‘air gap’ sep...
http://www.fireeye.com/blog/threat-research/2021/04/hacking-operational-technology-for-defense-lessons-learned.html
Published: 2021 04 13 15:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: High-profile security incidents in the past decade have brought increased scrutiny to cyber security for operational technology (OT). However, there is a continued perception across critical infrastructure organizations that OT networks are isolated from public networks—such as the Internet. In Mandiant’s experience, the concept of an ‘air gap’ sep...
http://www.fireeye.com/blog/threat-research/2021/04/hacking-operational-technology-for-defense-lessons-learned.html
Published: 2021 04 13 15:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Hacking Operational Technology for Defense: Lessons Learned From OT Red Teaming Smart Meter Control Infrastructure - published over 3 years ago. Content: High-profile security incidents in the past decade have brought increased scrutiny to cyber security for operational technology (OT). However, there is a continued perception across critical infrastructure organizations that OT networks are isolated from public networks—such as the Internet. In Mandiant’s experience, the concept of an ‘air gap’ sep... http://www.fireeye.com/blog/threat-research/2021/04/hacking-operational-technology-for-defense-lessons-learned.html Published: 2021 04 13 15:00:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: Abusing Replication: Stealing AD FS Secrets Over the Network - published over 3 years ago.
Content: Organizations are increasingly adopting cloud-based services such as Microsoft 365 to host applications and data. Sophisticated threat actors are catching on and Mandiant has observed an increased focus on long-term persistent access to Microsoft 365 as one of their primary objectives. The focus on developing novel and hard to detect methods to ach...
http://www.fireeye.com/blog/threat-research/2021/04/abusing-replication-stealing-adfs-secrets-over-the-network.html
Published: 2021 04 27 17:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Organizations are increasingly adopting cloud-based services such as Microsoft 365 to host applications and data. Sophisticated threat actors are catching on and Mandiant has observed an increased focus on long-term persistent access to Microsoft 365 as one of their primary objectives. The focus on developing novel and hard to detect methods to ach...
http://www.fireeye.com/blog/threat-research/2021/04/abusing-replication-stealing-adfs-secrets-over-the-network.html
Published: 2021 04 27 17:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Abusing Replication: Stealing AD FS Secrets Over the Network - published over 3 years ago. Content: Organizations are increasingly adopting cloud-based services such as Microsoft 365 to host applications and data. Sophisticated threat actors are catching on and Mandiant has observed an increased focus on long-term persistent access to Microsoft 365 as one of their primary objectives. The focus on developing novel and hard to detect methods to ach... http://www.fireeye.com/blog/threat-research/2021/04/abusing-replication-stealing-adfs-secrets-over-the-network.html Published: 2021 04 27 17:00:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Ghostwriter Update: Cyber Espionage Group UNC1151 Likely Conducts Ghostwriter Influence Activity - published over 3 years ago.
Content: In July 2020, Mandiant Threat Intelligence released a public report detailing an ongoing influence campaign we named “Ghostwriter.” Ghostwriter is a cyber-enabled influence campaign which primarily targets audiences in Lithuania, Latvia and Poland and promotes narratives critical of the North Atlantic Treaty Organization’s (NATO) presence in ...
http://www.fireeye.com/blog/threat-research/2021/04/espionage-group-unc1151-likely-conducts-ghostwriter-influence-activity.html
Published: 2021 04 28 10:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: In July 2020, Mandiant Threat Intelligence released a public report detailing an ongoing influence campaign we named “Ghostwriter.” Ghostwriter is a cyber-enabled influence campaign which primarily targets audiences in Lithuania, Latvia and Poland and promotes narratives critical of the North Atlantic Treaty Organization’s (NATO) presence in ...
http://www.fireeye.com/blog/threat-research/2021/04/espionage-group-unc1151-likely-conducts-ghostwriter-influence-activity.html
Published: 2021 04 28 10:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Ghostwriter Update: Cyber Espionage Group UNC1151 Likely Conducts Ghostwriter Influence Activity - published over 3 years ago. Content: In July 2020, Mandiant Threat Intelligence released a public report detailing an ongoing influence campaign we named “Ghostwriter.” Ghostwriter is a cyber-enabled influence campaign which primarily targets audiences in Lithuania, Latvia and Poland and promotes narratives critical of the North Atlantic Treaty Organization’s (NATO) presence in ... http://www.fireeye.com/blog/threat-research/2021/04/espionage-group-unc1151-likely-conducts-ghostwriter-influence-activity.html Published: 2021 04 28 10:00:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Zero-Day Exploits in SonicWall Email Security Lead to Enterprise Compromise - published over 3 years ago.
Content: In March 2021, Mandiant Managed Defense identified three zero-day vulnerabilities in SonicWall’s Email Security (ES) product that were being exploited in the wild. These vulnerabilities were executed in conjunction to obtain administrative access and code execution on a SonicWall ES device. The adversary leveraged these vulnerabilities, with intima...
http://www.fireeye.com/blog/threat-research/2021/04/zero-day-exploits-in-sonicwall-email-security-lead-to-compromise.html
Published: 2021 04 20 21:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: In March 2021, Mandiant Managed Defense identified three zero-day vulnerabilities in SonicWall’s Email Security (ES) product that were being exploited in the wild. These vulnerabilities were executed in conjunction to obtain administrative access and code execution on a SonicWall ES device. The adversary leveraged these vulnerabilities, with intima...
http://www.fireeye.com/blog/threat-research/2021/04/zero-day-exploits-in-sonicwall-email-security-lead-to-compromise.html
Published: 2021 04 20 21:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Zero-Day Exploits in SonicWall Email Security Lead to Enterprise Compromise - published over 3 years ago. Content: In March 2021, Mandiant Managed Defense identified three zero-day vulnerabilities in SonicWall’s Email Security (ES) product that were being exploited in the wild. These vulnerabilities were executed in conjunction to obtain administrative access and code execution on a SonicWall ES device. The adversary leveraged these vulnerabilities, with intima... http://www.fireeye.com/blog/threat-research/2021/04/zero-day-exploits-in-sonicwall-email-security-lead-to-compromise.html Published: 2021 04 20 21:00:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat - published over 3 years ago.
Content: Mandiant has observed an aggressive financially motivated group, UNC2447, exploiting one SonicWall VPN zero-day vulnerability prior to a patch being available and deploying sophisticated malware previously reported by other vendors as SOMBRAT. Mandiant has linked the use of SOMBRAT to the deployment of ransomware, which has not been previously repo...
http://www.fireeye.com/blog/threat-research/2021/04/unc2447-sombrat-and-fivehands-ransomware-sophisticated-financial-threat.html
Published: 2021 04 29 21:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Mandiant has observed an aggressive financially motivated group, UNC2447, exploiting one SonicWall VPN zero-day vulnerability prior to a patch being available and deploying sophisticated malware previously reported by other vendors as SOMBRAT. Mandiant has linked the use of SOMBRAT to the deployment of ransomware, which has not been previously repo...
http://www.fireeye.com/blog/threat-research/2021/04/unc2447-sombrat-and-fivehands-ransomware-sophisticated-financial-threat.html
Published: 2021 04 29 21:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat - published over 3 years ago. Content: Mandiant has observed an aggressive financially motivated group, UNC2447, exploiting one SonicWall VPN zero-day vulnerability prior to a patch being available and deploying sophisticated malware previously reported by other vendors as SOMBRAT. Mandiant has linked the use of SOMBRAT to the deployment of ransomware, which has not been previously repo... http://www.fireeye.com/blog/threat-research/2021/04/unc2447-sombrat-and-fivehands-ransomware-sophisticated-financial-threat.html Published: 2021 04 29 21:00:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: The UNC2529 Triple Double: A Trifecta Phishing Campaign - published over 3 years ago.
Content: In December 2020, Mandiant observed a widespread, global phishing campaign targeting numerous organizations across an array of industries. Mandiant tracks this threat actor as UNC2529. Based on the considerable infrastructure employed, tailored phishing lures and the professionally coded sophistication of the malware, this threat actor appears expe...
http://www.fireeye.com/blog/threat-research/2021/05/unc2529-triple-double-trifecta-phishing-campaign.html
Published: 2021 05 04 14:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: In December 2020, Mandiant observed a widespread, global phishing campaign targeting numerous organizations across an array of industries. Mandiant tracks this threat actor as UNC2529. Based on the considerable infrastructure employed, tailored phishing lures and the professionally coded sophistication of the malware, this threat actor appears expe...
http://www.fireeye.com/blog/threat-research/2021/05/unc2529-triple-double-trifecta-phishing-campaign.html
Published: 2021 05 04 14:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: The UNC2529 Triple Double: A Trifecta Phishing Campaign - published over 3 years ago. Content: In December 2020, Mandiant observed a widespread, global phishing campaign targeting numerous organizations across an array of industries. Mandiant tracks this threat actor as UNC2529. Based on the considerable infrastructure employed, tailored phishing lures and the professionally coded sophistication of the malware, this threat actor appears expe... http://www.fireeye.com/blog/threat-research/2021/05/unc2529-triple-double-trifecta-phishing-campaign.html Published: 2021 05 04 14:00:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day - published over 3 years ago.
Content: Executive Summary Mandiant recently responded to multiple security incidents involving compromises of Pulse Secure VPN appliances. This blog post examines multiple, related techniques for bypassing single and multifactor authentication on Pulse Secure VPN devices, persisting across upgrades, and maintaining access through webshells. The i...
http://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html
Published: 2021 04 20 14:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Executive Summary Mandiant recently responded to multiple security incidents involving compromises of Pulse Secure VPN appliances. This blog post examines multiple, related techniques for bypassing single and multifactor authentication on Pulse Secure VPN devices, persisting across upgrades, and maintaining access through webshells. The i...
http://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html
Published: 2021 04 20 14:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day - published over 3 years ago. Content: Executive Summary Mandiant recently responded to multiple security incidents involving compromises of Pulse Secure VPN appliances. This blog post examines multiple, related techniques for bypassing single and multifactor authentication on Pulse Secure VPN devices, persisting across upgrades, and maintaining access through webshells. The i... http://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html Published: 2021 04 20 14:00:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: Shining a Light on DARKSIDE Ransomware Operations - published over 3 years ago.
Content: Update (May 14): Mandiant has observed multiple actors cite a May 13 announcement that appeared to be shared with DARKSIDE RaaS affiliates by the operators of the service. This announcement stated that they lost access to their infrastructure, including their blog, payment, and CDN servers, and would be closing their service. Decrypter...
http://www.fireeye.com/blog/threat-research/2021/05/shining-a-light-on-darkside-ransomware-operations.html
Published: 2021 05 11 21:30:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Update (May 14): Mandiant has observed multiple actors cite a May 13 announcement that appeared to be shared with DARKSIDE RaaS affiliates by the operators of the service. This announcement stated that they lost access to their infrastructure, including their blog, payment, and CDN servers, and would be closing their service. Decrypter...
http://www.fireeye.com/blog/threat-research/2021/05/shining-a-light-on-darkside-ransomware-operations.html
Published: 2021 05 11 21:30:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Shining a Light on DARKSIDE Ransomware Operations - published over 3 years ago. Content: Update (May 14): Mandiant has observed multiple actors cite a May 13 announcement that appeared to be shared with DARKSIDE RaaS affiliates by the operators of the service. This announcement stated that they lost access to their infrastructure, including their blog, payment, and CDN servers, and would be closing their service. Decrypter... http://www.fireeye.com/blog/threat-research/2021/05/shining-a-light-on-darkside-ransomware-operations.html Published: 2021 05 11 21:30:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Crimes of Opportunity: Increasing Frequency of Low Sophistication Operational Technology Compromises - published over 3 years ago.
Content: Attacks on control processes supported by operational technology (OT) are often perceived as necessarily complex. This is because disrupting or modifying a control process to cause a predictable effect is often quite difficult and can require a lot of time and resources. However, Mandiant Threat Intelligence has observed simpler attacks, where acto...
http://www.fireeye.com/blog/threat-research/2021/05/increasing-low-sophistication-operational-technology-compromises.html
Published: 2021 05 25 14:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Attacks on control processes supported by operational technology (OT) are often perceived as necessarily complex. This is because disrupting or modifying a control process to cause a predictable effect is often quite difficult and can require a lot of time and resources. However, Mandiant Threat Intelligence has observed simpler attacks, where acto...
http://www.fireeye.com/blog/threat-research/2021/05/increasing-low-sophistication-operational-technology-compromises.html
Published: 2021 05 25 14:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Crimes of Opportunity: Increasing Frequency of Low Sophistication Operational Technology Compromises - published over 3 years ago. Content: Attacks on control processes supported by operational technology (OT) are often perceived as necessarily complex. This is because disrupting or modifying a control process to cause a predictable effect is often quite difficult and can require a lot of time and resources. However, Mandiant Threat Intelligence has observed simpler attacks, where acto... http://www.fireeye.com/blog/threat-research/2021/05/increasing-low-sophistication-operational-technology-compromises.html Published: 2021 05 25 14:00:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices - published over 3 years ago.
Content: On April 20, 2021, Mandiant published detailed results of our investigations into compromised Pulse Secure devices by suspected Chinese espionage operators. This blog post is intended to provide an update on our findings, give additional recommendations to network defenders, and discuss potential implications for U.S.-China strategic relations. ...
http://www.fireeye.com/blog/threat-research/2021/05/updates-on-chinese-apt-compromising-pulse-secure-vpn-devices.html
Published: 2021 05 27 17:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: On April 20, 2021, Mandiant published detailed results of our investigations into compromised Pulse Secure devices by suspected Chinese espionage operators. This blog post is intended to provide an update on our findings, give additional recommendations to network defenders, and discuss potential implications for U.S.-China strategic relations. ...
http://www.fireeye.com/blog/threat-research/2021/05/updates-on-chinese-apt-compromising-pulse-secure-vpn-devices.html
Published: 2021 05 27 17:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices - published over 3 years ago. Content: On April 20, 2021, Mandiant published detailed results of our investigations into compromised Pulse Secure devices by suspected Chinese espionage operators. This blog post is intended to provide an update on our findings, give additional recommendations to network defenders, and discuss potential implications for U.S.-China strategic relations. ... http://www.fireeye.com/blog/threat-research/2021/05/updates-on-chinese-apt-compromising-pulse-secure-vpn-devices.html Published: 2021 05 27 17:00:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: Posh-Sysmon Module for Creating Sysmon Configuration Files - published almost 8 years ago.
Content: Why a PowerShell ModuleSysmon configuration can be complex in addition to hard to maintain by hand. For this purpose I created a module called Posh-Sysmon some time ago to aid in the creation and maintenance of configuration files. The module was initially written after the release of version 2.0 and has been maintained and expanded as new version have been ...
https://www.darkoperator.com/blog/2017/2/17/posh-sysmon-powershell-module-for-creating-sysmon-configuration-files
Published: 2017 02 20 11:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: Why a PowerShell ModuleSysmon configuration can be complex in addition to hard to maintain by hand. For this purpose I created a module called Posh-Sysmon some time ago to aid in the creation and maintenance of configuration files. The module was initially written after the release of version 2.0 and has been maintained and expanded as new version have been ...
https://www.darkoperator.com/blog/2017/2/17/posh-sysmon-powershell-module-for-creating-sysmon-configuration-files
Published: 2017 02 20 11:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Posh-Sysmon Module for Creating Sysmon Configuration Files - published almost 8 years ago. Content: Why a PowerShell ModuleSysmon configuration can be complex in addition to hard to maintain by hand. For this purpose I created a module called Posh-Sysmon some time ago to aid in the creation and maintenance of configuration files. The module was initially written after the release of version 2.0 and has been maintained and expanded as new version have been ... https://www.darkoperator.com/blog/2017/2/17/posh-sysmon-powershell-module-for-creating-sysmon-configuration-files Published: 2017 02 20 11:00:00 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Home Lab - VPN - published over 7 years ago.
Content: Since our lab is isolated from the home network behind the router we need a way to access the VM's inside from our research systems. To access the systems behind the router we can use a VPN. With VyOS we have 2 options:L2TP/IPSec - Native support on Windows and OS X. Linux client support can be tricky.OpenVPN - Requires third party client installed, works we...
https://www.darkoperator.com/blog/2017/2/5/home-lab-vpn
Published: 2017 03 09 11:50:29
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: Since our lab is isolated from the home network behind the router we need a way to access the VM's inside from our research systems. To access the systems behind the router we can use a VPN. With VyOS we have 2 options:L2TP/IPSec - Native support on Windows and OS X. Linux client support can be tricky.OpenVPN - Requires third party client installed, works we...
https://www.darkoperator.com/blog/2017/2/5/home-lab-vpn
Published: 2017 03 09 11:50:29
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Home Lab - VPN - published over 7 years ago. Content: Since our lab is isolated from the home network behind the router we need a way to access the VM's inside from our research systems. To access the systems behind the router we can use a VPN. With VyOS we have 2 options:L2TP/IPSec - Native support on Windows and OS X. Linux client support can be tricky.OpenVPN - Requires third party client installed, works we... https://www.darkoperator.com/blog/2017/2/5/home-lab-vpn Published: 2017 03 09 11:50:29 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
|
Article: How Much Your Org Reaction to a Tweet Says? - published over 7 years ago.
Content: Recently Tavis Ormandy a well known vulnerability researcher from Google made a tweet about a vulnerability he and researcher Natalie Silvanovich from Google Project Zero found on the Windows OS that could be wormable. ...
https://www.darkoperator.com/blog/2017/5/7/how-much-your-org-reaction-to-a-tweet-says
Published: 2017 05 07 21:51:27
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: Recently Tavis Ormandy a well known vulnerability researcher from Google made a tweet about a vulnerability he and researcher Natalie Silvanovich from Google Project Zero found on the Windows OS that could be wormable. ...
https://www.darkoperator.com/blog/2017/5/7/how-much-your-org-reaction-to-a-tweet-says
Published: 2017 05 07 21:51:27
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: How Much Your Org Reaction to a Tweet Says? - published over 7 years ago. Content: Recently Tavis Ormandy a well known vulnerability researcher from Google made a tweet about a vulnerability he and researcher Natalie Silvanovich from Google Project Zero found on the Windows OS that could be wormable. ... https://www.darkoperator.com/blog/2017/5/7/how-much-your-org-reaction-to-a-tweet-says Published: 2017 05 07 21:51:27 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
Article: WanaCry Shows a Operational and Human Problem - published over 7 years ago.
Content: This last couple of day the headline has been the WannaCry ransomeware worm. I have seen many discussion about the technical aspects of it, about the disclosure of the vulnerability and debates of who is at fault for its widespread effect (Microsoft, NSA, Shadow Brokers ..etc). Yet the big elephant in the room remains that this is history that will repeat it...
https://www.darkoperator.com/blog/2017/5/14/wanacry-a-operational-and-business-problem
Published: 2017 05 15 01:53:31
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: This last couple of day the headline has been the WannaCry ransomeware worm. I have seen many discussion about the technical aspects of it, about the disclosure of the vulnerability and debates of who is at fault for its widespread effect (Microsoft, NSA, Shadow Brokers ..etc). Yet the big elephant in the room remains that this is history that will repeat it...
https://www.darkoperator.com/blog/2017/5/14/wanacry-a-operational-and-business-problem
Published: 2017 05 15 01:53:31
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: WanaCry Shows a Operational and Human Problem - published over 7 years ago. Content: This last couple of day the headline has been the WannaCry ransomeware worm. I have seen many discussion about the technical aspects of it, about the disclosure of the vulnerability and debates of who is at fault for its widespread effect (Microsoft, NSA, Shadow Brokers ..etc). Yet the big elephant in the room remains that this is history that will repeat it... https://www.darkoperator.com/blog/2017/5/14/wanacry-a-operational-and-business-problem Published: 2017 05 15 01:53:31 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Basics of Tracking WMI Activity - published about 7 years ago.
Content: WMI (Windows Management Instrumentation) has been part of the Windows Operating System since since Windows 2000 when it was included in the OS. The technology has been of great value to system administrators by providing ways to pull all types of information, configure components and take action based on state of several components of the OS. Due to this fle...
https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Published: 2017 10 16 12:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: WMI (Windows Management Instrumentation) has been part of the Windows Operating System since since Windows 2000 when it was included in the OS. The technology has been of great value to system administrators by providing ways to pull all types of information, configure components and take action based on state of several components of the OS. Due to this fle...
https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Published: 2017 10 16 12:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Basics of Tracking WMI Activity - published about 7 years ago. Content: WMI (Windows Management Instrumentation) has been part of the Windows Operating System since since Windows 2000 when it was included in the OS. The technology has been of great value to system administrators by providing ways to pull all types of information, configure components and take action based on state of several components of the OS. Due to this fle... https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity Published: 2017 10 16 12:00:00 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Sysinternals Sysmon 6.10 Tracking of Permanent WMI Events - published about 7 years ago.
Content: In my previous blog post I covered how Microsoft has enhanced WMI logging in the latest versions of their client and server operating systems. WMI Permanent event logging was also added in version 6.10 specific events for logging permanent event actions. The new events are:Event ID 19: WmiEvent (WmiEventFilter activity detected). When a WMI event filter is r...
https://www.darkoperator.com/blog/2017/10/15/sysinternals-sysmon-610-tracking-of-permanent-wmi-events
Published: 2017 10 18 12:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: In my previous blog post I covered how Microsoft has enhanced WMI logging in the latest versions of their client and server operating systems. WMI Permanent event logging was also added in version 6.10 specific events for logging permanent event actions. The new events are:Event ID 19: WmiEvent (WmiEventFilter activity detected). When a WMI event filter is r...
https://www.darkoperator.com/blog/2017/10/15/sysinternals-sysmon-610-tracking-of-permanent-wmi-events
Published: 2017 10 18 12:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Sysinternals Sysmon 6.10 Tracking of Permanent WMI Events - published about 7 years ago. Content: In my previous blog post I covered how Microsoft has enhanced WMI logging in the latest versions of their client and server operating systems. WMI Permanent event logging was also added in version 6.10 specific events for logging permanent event actions. The new events are:Event ID 19: WmiEvent (WmiEventFilter activity detected). When a WMI event filter is r... https://www.darkoperator.com/blog/2017/10/15/sysinternals-sysmon-610-tracking-of-permanent-wmi-events Published: 2017 10 18 12:00:00 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
Article: Update to Pentest Metasploit Plugin - published about 7 years ago.
Content: I recently update my Metasploit Pentest Plugin . I added 2 new commands to the plugin and fixed issues when printing information as a table. The update are small ones.Lets take a look at the changes for the plugin. We can start by loading the plugin in a Metasploit Framework session.msf > load pentest ___ _ _ ___ _ ...
https://www.darkoperator.com/blog/2017/10/17/update-to-pentest-metasploit-plugin
Published: 2017 10 19 12:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: I recently update my Metasploit Pentest Plugin . I added 2 new commands to the plugin and fixed issues when printing information as a table. The update are small ones.Lets take a look at the changes for the plugin. We can start by loading the plugin in a Metasploit Framework session.msf > load pentest ___ _ _ ___ _ ...
https://www.darkoperator.com/blog/2017/10/17/update-to-pentest-metasploit-plugin
Published: 2017 10 19 12:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Update to Pentest Metasploit Plugin - published about 7 years ago. Content: I recently update my Metasploit Pentest Plugin . I added 2 new commands to the plugin and fixed issues when printing information as a table. The update are small ones.Lets take a look at the changes for the plugin. We can start by loading the plugin in a Metasploit Framework session.msf > load pentest ___ _ _ ___ _ ... https://www.darkoperator.com/blog/2017/10/17/update-to-pentest-metasploit-plugin Published: 2017 10 19 12:00:00 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Basics of The Metasploit Framework API - IRB Setup - published about 7 years ago.
Content: Those of you who have taken my "Automating Metasploit Framework" class all this material should not be new. I have decided to start making a large portion of the class available here in the blog as a series. On this post I will cover the basics of setting up IRB so we can start exploring in a general sense the Metasploit Framework API. The API is extensive a...
https://www.darkoperator.com/blog/2017/10/21/basics-of-the-metasploit-framework-irb-setup
Published: 2017 10 23 12:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: Those of you who have taken my "Automating Metasploit Framework" class all this material should not be new. I have decided to start making a large portion of the class available here in the blog as a series. On this post I will cover the basics of setting up IRB so we can start exploring in a general sense the Metasploit Framework API. The API is extensive a...
https://www.darkoperator.com/blog/2017/10/21/basics-of-the-metasploit-framework-irb-setup
Published: 2017 10 23 12:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Basics of The Metasploit Framework API - IRB Setup - published about 7 years ago. Content: Those of you who have taken my "Automating Metasploit Framework" class all this material should not be new. I have decided to start making a large portion of the class available here in the blog as a series. On this post I will cover the basics of setting up IRB so we can start exploring in a general sense the Metasploit Framework API. The API is extensive a... https://www.darkoperator.com/blog/2017/10/21/basics-of-the-metasploit-framework-irb-setup Published: 2017 10 23 12:00:00 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Switching Ruby Version in RVM for Metasploit Development - published about 7 years ago.
Content: If you have setup a development environment with RVM to do development in Metasploit Framework you are bound to encounter that the Metasploit team has changed preferred Ruby versions.carlos@ubuntu:/opt$ cd metasploit-framework/ ruby-2.4.2 is not installed. To install do: 'rvm install ruby-2.4.2' You get a useful message that mentions the RVM command you need...
https://www.darkoperator.com/blog/2017/10/22/switching-ruby-version-in-rvm-for-metasploit-development
Published: 2017 10 25 12:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: If you have setup a development environment with RVM to do development in Metasploit Framework you are bound to encounter that the Metasploit team has changed preferred Ruby versions.carlos@ubuntu:/opt$ cd metasploit-framework/ ruby-2.4.2 is not installed. To install do: 'rvm install ruby-2.4.2' You get a useful message that mentions the RVM command you need...
https://www.darkoperator.com/blog/2017/10/22/switching-ruby-version-in-rvm-for-metasploit-development
Published: 2017 10 25 12:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Switching Ruby Version in RVM for Metasploit Development - published about 7 years ago. Content: If you have setup a development environment with RVM to do development in Metasploit Framework you are bound to encounter that the Metasploit team has changed preferred Ruby versions.carlos@ubuntu:/opt$ cd metasploit-framework/ ruby-2.4.2 is not installed. To install do: 'rvm install ruby-2.4.2' You get a useful message that mentions the RVM command you need... https://www.darkoperator.com/blog/2017/10/22/switching-ruby-version-in-rvm-for-metasploit-development Published: 2017 10 25 12:00:00 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
Article: Windows Defender Exploit Guard ASR VBScript/JS Rule - published about 7 years ago.
Content: Microsoft has been adding to Windows 10 the features of the Enhanced Mitigation Experience Toolkit (EMET) in to the OS. On the 1709 release they added more features and expanded on them as part of Windows Defender Exploit Guard One of the features of great interest for me is Attack Surface Reduction. I have used this feature in EMET with great success as a m...
https://www.darkoperator.com/blog/2017/11/6/windows-defender-exploit-guard-asr-vbscriptjs-rule
Published: 2017 11 07 12:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: Microsoft has been adding to Windows 10 the features of the Enhanced Mitigation Experience Toolkit (EMET) in to the OS. On the 1709 release they added more features and expanded on them as part of Windows Defender Exploit Guard One of the features of great interest for me is Attack Surface Reduction. I have used this feature in EMET with great success as a m...
https://www.darkoperator.com/blog/2017/11/6/windows-defender-exploit-guard-asr-vbscriptjs-rule
Published: 2017 11 07 12:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Windows Defender Exploit Guard ASR VBScript/JS Rule - published about 7 years ago. Content: Microsoft has been adding to Windows 10 the features of the Enhanced Mitigation Experience Toolkit (EMET) in to the OS. On the 1709 release they added more features and expanded on them as part of Windows Defender Exploit Guard One of the features of great interest for me is Attack Surface Reduction. I have used this feature in EMET with great success as a m... https://www.darkoperator.com/blog/2017/11/6/windows-defender-exploit-guard-asr-vbscriptjs-rule Published: 2017 11 07 12:00:00 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Windows Defender Exploit Guard ASR Obfuscated Script Rule - published about 7 years ago.
Content: On this blog post I will cover my testing of the Attack Surface Reduction rule for Potentially Obfuscated Scripts. This is one of the features that intrigued me the most. One obfuscates the scripts for several reasons:Bypass detection controls like AV, automatic log analysis and other controls. Hinder analysis of the script to determine its purpose and actio...
https://www.darkoperator.com/blog/2017/11/8/windows-defender-exploit-guard-asr-obfuscated-script-rule
Published: 2017 11 08 12:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: On this blog post I will cover my testing of the Attack Surface Reduction rule for Potentially Obfuscated Scripts. This is one of the features that intrigued me the most. One obfuscates the scripts for several reasons:Bypass detection controls like AV, automatic log analysis and other controls. Hinder analysis of the script to determine its purpose and actio...
https://www.darkoperator.com/blog/2017/11/8/windows-defender-exploit-guard-asr-obfuscated-script-rule
Published: 2017 11 08 12:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Windows Defender Exploit Guard ASR Obfuscated Script Rule - published about 7 years ago. Content: On this blog post I will cover my testing of the Attack Surface Reduction rule for Potentially Obfuscated Scripts. This is one of the features that intrigued me the most. One obfuscates the scripts for several reasons:Bypass detection controls like AV, automatic log analysis and other controls. Hinder analysis of the script to determine its purpose and actio... https://www.darkoperator.com/blog/2017/11/8/windows-defender-exploit-guard-asr-obfuscated-script-rule Published: 2017 11 08 12:00:00 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Windows Defender Exploit Guard ASR Rules for Office - published about 7 years ago.
Content: On this blog post I continue looking at the ASR rules, this time I'm looking at the ASR rules for Office. The ASR rules for office are:Block Office applications from creating child processesBlock Office applications from creating executable contentBlock Office applications from injecting code into other processesBlock Win32 API calls from Office macroThese ...
https://www.darkoperator.com/blog/2017/11/11/windows-defender-exploit-guard-asr-rules-for-office
Published: 2017 11 14 11:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: On this blog post I continue looking at the ASR rules, this time I'm looking at the ASR rules for Office. The ASR rules for office are:Block Office applications from creating child processesBlock Office applications from creating executable contentBlock Office applications from injecting code into other processesBlock Win32 API calls from Office macroThese ...
https://www.darkoperator.com/blog/2017/11/11/windows-defender-exploit-guard-asr-rules-for-office
Published: 2017 11 14 11:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Windows Defender Exploit Guard ASR Rules for Office - published about 7 years ago. Content: On this blog post I continue looking at the ASR rules, this time I'm looking at the ASR rules for Office. The ASR rules for office are:Block Office applications from creating child processesBlock Office applications from creating executable contentBlock Office applications from injecting code into other processesBlock Win32 API calls from Office macroThese ... https://www.darkoperator.com/blog/2017/11/11/windows-defender-exploit-guard-asr-rules-for-office Published: 2017 11 14 11:00:00 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
Article: Some Comments and Thoughts on Tradecraft - published about 7 years ago.
Content: I have been writing a series on the new Windows Defender Exploit Guard features on Attack Surface Reduction where I cover my research on it. I'm researching the controls to add the information in to my personal playbook. Surprisingly in conversations with some Red Teamers I know they dismissed the information as it is a Blue/Defense technology. These comment...
https://www.darkoperator.com/blog/2017/11/20/some-comments-and-thoughts-on-tradecraft
Published: 2017 11 20 11:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: I have been writing a series on the new Windows Defender Exploit Guard features on Attack Surface Reduction where I cover my research on it. I'm researching the controls to add the information in to my personal playbook. Surprisingly in conversations with some Red Teamers I know they dismissed the information as it is a Blue/Defense technology. These comment...
https://www.darkoperator.com/blog/2017/11/20/some-comments-and-thoughts-on-tradecraft
Published: 2017 11 20 11:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Some Comments and Thoughts on Tradecraft - published about 7 years ago. Content: I have been writing a series on the new Windows Defender Exploit Guard features on Attack Surface Reduction where I cover my research on it. I'm researching the controls to add the information in to my personal playbook. Surprisingly in conversations with some Red Teamers I know they dismissed the information as it is a Blue/Defense technology. These comment... https://www.darkoperator.com/blog/2017/11/20/some-comments-and-thoughts-on-tradecraft Published: 2017 11 20 11:00:00 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Operational Look at Sysinternals Sysmon 6.20 Update - published almost 7 years ago.
Content: Sysmon has been a game changer for many organizations allowing their teams to fine tune their detection of malicious activity when combined with tools that aggregate and correlate events. A new version of Symon was recently released. Version 6.20 fixes bugs and adds new features. Some the of the note worthy changes for me are:Enhancements in WMI Logging. Ab...
https://www.darkoperator.com/blog/2017/11/24/operational-look-at-sysinternals-sysmon-620-update
Published: 2017 11 27 11:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: Sysmon has been a game changer for many organizations allowing their teams to fine tune their detection of malicious activity when combined with tools that aggregate and correlate events. A new version of Symon was recently released. Version 6.20 fixes bugs and adds new features. Some the of the note worthy changes for me are:Enhancements in WMI Logging. Ab...
https://www.darkoperator.com/blog/2017/11/24/operational-look-at-sysinternals-sysmon-620-update
Published: 2017 11 27 11:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Operational Look at Sysinternals Sysmon 6.20 Update - published almost 7 years ago. Content: Sysmon has been a game changer for many organizations allowing their teams to fine tune their detection of malicious activity when combined with tools that aggregate and correlate events. A new version of Symon was recently released. Version 6.20 fixes bugs and adds new features. Some the of the note worthy changes for me are:Enhancements in WMI Logging. Ab... https://www.darkoperator.com/blog/2017/11/24/operational-look-at-sysinternals-sysmon-620-update Published: 2017 11 27 11:00:00 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Rebuilding My Playbook .. Knowledge Base - published almost 7 years ago.
Content: I find myself in the situation where I lost my personal playbook by user error. I accidentally deleted the VM where I ran xWiki where it was kept and did not realized the mistake until days later. Even if painful to rebuild it is a good opportunity to think on how to better organize it and put it in a more flexible format. I Initially called my collection o...
https://www.darkoperator.com/blog/2017/12/10/nmba1hrmndda8m3eo7ipoh7bxvphz4
Published: 2017 12 13 11:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: I find myself in the situation where I lost my personal playbook by user error. I accidentally deleted the VM where I ran xWiki where it was kept and did not realized the mistake until days later. Even if painful to rebuild it is a good opportunity to think on how to better organize it and put it in a more flexible format. I Initially called my collection o...
https://www.darkoperator.com/blog/2017/12/10/nmba1hrmndda8m3eo7ipoh7bxvphz4
Published: 2017 12 13 11:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Rebuilding My Playbook .. Knowledge Base - published almost 7 years ago. Content: I find myself in the situation where I lost my personal playbook by user error. I accidentally deleted the VM where I ran xWiki where it was kept and did not realized the mistake until days later. Even if painful to rebuild it is a good opportunity to think on how to better organize it and put it in a more flexible format. I Initially called my collection o... https://www.darkoperator.com/blog/2017/12/10/nmba1hrmndda8m3eo7ipoh7bxvphz4 Published: 2017 12 13 11:00:00 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
Article: Operating Offensively Against Sysmon - published about 6 years ago.
Content: Sysmon is a tool written by Mark Russinovich that I have covered in multiple blog post and even wrote a PowerShell module called Posh-Sysmon to help with the generation of configuration files for it. Its main purpose is for the tracking of potentially malicious activity on individual hosts and it is based on the same technology as Procmon. It differs from ot...
https://www.darkoperator.com/blog/2018/10/5/operating-offensively-against-sysmon
Published: 2018 10 08 10:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: Sysmon is a tool written by Mark Russinovich that I have covered in multiple blog post and even wrote a PowerShell module called Posh-Sysmon to help with the generation of configuration files for it. Its main purpose is for the tracking of potentially malicious activity on individual hosts and it is based on the same technology as Procmon. It differs from ot...
https://www.darkoperator.com/blog/2018/10/5/operating-offensively-against-sysmon
Published: 2018 10 08 10:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Operating Offensively Against Sysmon - published about 6 years ago. Content: Sysmon is a tool written by Mark Russinovich that I have covered in multiple blog post and even wrote a PowerShell module called Posh-Sysmon to help with the generation of configuration files for it. Its main purpose is for the tracking of potentially malicious activity on individual hosts and it is based on the same technology as Procmon. It differs from ot... https://www.darkoperator.com/blog/2018/10/5/operating-offensively-against-sysmon Published: 2018 10 08 10:00:00 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Being Grateful at Heilderburg - published over 5 years ago.
Content: Recently while in the bar of the Crown Plaza in Heidelberg for the Troopers conference I became aware of the number of how grateful I should be for what I have in this industry. For what I’m grateful for is not technical or recognition but of the group of people in the industry, I have the honor to call friends. I would like to share some of them in this blo...
https://www.darkoperator.com/blog/2019/3/24/being-grateful-at-heilderburg
Published: 2019 03 25 01:06:52
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: Recently while in the bar of the Crown Plaza in Heidelberg for the Troopers conference I became aware of the number of how grateful I should be for what I have in this industry. For what I’m grateful for is not technical or recognition but of the group of people in the industry, I have the honor to call friends. I would like to share some of them in this blo...
https://www.darkoperator.com/blog/2019/3/24/being-grateful-at-heilderburg
Published: 2019 03 25 01:06:52
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Being Grateful at Heilderburg - published over 5 years ago. Content: Recently while in the bar of the Crown Plaza in Heidelberg for the Troopers conference I became aware of the number of how grateful I should be for what I have in this industry. For what I’m grateful for is not technical or recognition but of the group of people in the industry, I have the honor to call friends. I would like to share some of them in this blo... https://www.darkoperator.com/blog/2019/3/24/being-grateful-at-heilderburg Published: 2019 03 25 01:06:52 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Getting DNS Client Cached Entries with CIM/WMI - published almost 5 years ago.
Content: What is DNS CacheThe DNS cache maintains a database of recent DNS resolution in memory. This allows for faster resolution of hosts that have been queried in the recent past. To keep this cache fresh and reduce the chance of stale records the time of items in the cache is of 1 day on Windows clients. The DNS Client service in Windows is the one that manages t...
https://www.darkoperator.com/blog/2020/1/14/getting-dns-client-cached-entries-with-cimwmi
Published: 2020 02 03 10:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: What is DNS CacheThe DNS cache maintains a database of recent DNS resolution in memory. This allows for faster resolution of hosts that have been queried in the recent past. To keep this cache fresh and reduce the chance of stale records the time of items in the cache is of 1 day on Windows clients. The DNS Client service in Windows is the one that manages t...
https://www.darkoperator.com/blog/2020/1/14/getting-dns-client-cached-entries-with-cimwmi
Published: 2020 02 03 10:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Getting DNS Client Cached Entries with CIM/WMI - published almost 5 years ago. Content: What is DNS CacheThe DNS cache maintains a database of recent DNS resolution in memory. This allows for faster resolution of hosts that have been queried in the recent past. To keep this cache fresh and reduce the chance of stale records the time of items in the cache is of 1 day on Windows clients. The DNS Client service in Windows is the one that manages t... https://www.darkoperator.com/blog/2020/1/14/getting-dns-client-cached-entries-with-cimwmi Published: 2020 02 03 10:00:00 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
Article: Operational Thoughts in Trying Times - published over 4 years ago.
Content: This post is as much as a reminder to myself of where I should focus on the multiple jobs I have and also share with the community are large what I consider important and key in this trying times. Last year a dinner I had a very nice conversation with my friend Ed Skoudis on security consultancies and how many operated. This conversation covered many aspect...
https://www.darkoperator.com/blog/2020/5/6/operational-thoughts-in-trying-times
Published: 2020 05 06 10:00:31
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content: This post is as much as a reminder to myself of where I should focus on the multiple jobs I have and also share with the community are large what I consider important and key in this trying times. Last year a dinner I had a very nice conversation with my friend Ed Skoudis on security consultancies and how many operated. This conversation covered many aspect...
https://www.darkoperator.com/blog/2020/5/6/operational-thoughts-in-trying-times
Published: 2020 05 06 10:00:31
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Operational Thoughts in Trying Times - published over 4 years ago. Content: This post is as much as a reminder to myself of where I should focus on the multiple jobs I have and also share with the community are large what I consider important and key in this trying times. Last year a dinner I had a very nice conversation with my friend Ed Skoudis on security consultancies and how many operated. This conversation covered many aspect... https://www.darkoperator.com/blog/2020/5/6/operational-thoughts-in-trying-times Published: 2020 05 06 10:00:31 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Beyond the Technical - Advise for those starting in Infosec - published almost 4 years ago.
Content:
https://www.darkoperator.com/blog/2020/12/28/beyond-the-technical-advise-for-those-starting-in-infosec
Published: 2020 12 28 12:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
Content:
https://www.darkoperator.com/blog/2020/12/28/beyond-the-technical-advise-for-those-starting-in-infosec
Published: 2020 12 28 12:00:00
Received: 2021 06 06 09:05:08
Feed: Blog
Source: Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Beyond the Technical - Advise for those starting in Infosec - published almost 4 years ago. Content: https://www.darkoperator.com/blog/2020/12/28/beyond-the-technical-advise-for-those-starting-in-infosec Published: 2020 12 28 12:00:00 Received: 2021 06 06 09:05:08 Feed: Blog Source: Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Dissecting Weird Packets - published over 5 years ago.
Content: I was investigating traffic in my home lab yesterday, and noticed that about 1% of the traffic was weird. Before I describe the weird, let me show you a normal frame for comparison's sake.This is a normal frame with Ethernet II encapsulation. It begins with 6 bytes of the destination MAC address, 6 bytes of the source MAC address, and 2 bytes of an Ethertype...
https://taosecurity.blogspot.com/2019/05/dissecting-weird-packets.html
Published: 2019 05 09 14:30:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: I was investigating traffic in my home lab yesterday, and noticed that about 1% of the traffic was weird. Before I describe the weird, let me show you a normal frame for comparison's sake.This is a normal frame with Ethernet II encapsulation. It begins with 6 bytes of the destination MAC address, 6 bytes of the source MAC address, and 2 bytes of an Ethertype...
https://taosecurity.blogspot.com/2019/05/dissecting-weird-packets.html
Published: 2019 05 09 14:30:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: Dissecting Weird Packets - published over 5 years ago. Content: I was investigating traffic in my home lab yesterday, and noticed that about 1% of the traffic was weird. Before I describe the weird, let me show you a normal frame for comparison's sake.This is a normal frame with Ethernet II encapsulation. It begins with 6 bytes of the destination MAC address, 6 bytes of the source MAC address, and 2 bytes of an Ethertype... https://taosecurity.blogspot.com/2019/05/dissecting-weird-packets.html Published: 2019 05 09 14:30:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
Article: Know Your Limitations - published over 5 years ago.
Content: At the end of the 1973 Clint Eastwood movie Magnum Force, after Dirty Harry watches his corrupt police captain explode in a car, he says "a man's got to know his limitations."I thought of this quote today as the debate rages about compromising municipalities and other information technology-constrained yet personal information-rich organizations.Several year...
https://taosecurity.blogspot.com/2019/05/know-your-limitations.html
Published: 2019 05 29 13:55:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: At the end of the 1973 Clint Eastwood movie Magnum Force, after Dirty Harry watches his corrupt police captain explode in a car, he says "a man's got to know his limitations."I thought of this quote today as the debate rages about compromising municipalities and other information technology-constrained yet personal information-rich organizations.Several year...
https://taosecurity.blogspot.com/2019/05/know-your-limitations.html
Published: 2019 05 29 13:55:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: Know Your Limitations - published over 5 years ago. Content: At the end of the 1973 Clint Eastwood movie Magnum Force, after Dirty Harry watches his corrupt police captain explode in a car, he says "a man's got to know his limitations."I thought of this quote today as the debate rages about compromising municipalities and other information technology-constrained yet personal information-rich organizations.Several year... https://taosecurity.blogspot.com/2019/05/know-your-limitations.html Published: 2019 05 29 13:55:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
|
Article: Reference: TaoSecurity News - published over 5 years ago.
Content: I started speaking publicly about digital security in 2000. I used to provide this information on my Web site, but since I don't keep that page up-to-date anymore, I decided to publish it here.2017 Mr. Bejtlich led a podcast titled Threat Hunting: Past, Present, and Future, in early July 2017. He interviewed four of the original six GE-CIRT ...
https://taosecurity.blogspot.com/2019/07/reference-taosecurity-news.html
Published: 2019 07 01 12:00:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: I started speaking publicly about digital security in 2000. I used to provide this information on my Web site, but since I don't keep that page up-to-date anymore, I decided to publish it here.2017 Mr. Bejtlich led a podcast titled Threat Hunting: Past, Present, and Future, in early July 2017. He interviewed four of the original six GE-CIRT ...
https://taosecurity.blogspot.com/2019/07/reference-taosecurity-news.html
Published: 2019 07 01 12:00:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: Reference: TaoSecurity News - published over 5 years ago. Content: I started speaking publicly about digital security in 2000. I used to provide this information on my Web site, but since I don't keep that page up-to-date anymore, I decided to publish it here.2017 Mr. Bejtlich led a podcast titled Threat Hunting: Past, Present, and Future, in early July 2017. He interviewed four of the original six GE-CIRT ... https://taosecurity.blogspot.com/2019/07/reference-taosecurity-news.html Published: 2019 07 01 12:00:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
|
Article: Reference: TaoSecurity Research - published over 5 years ago.
Content: I started publishing my thoughts and findings on digital security in 1999. I used to provide this information on my Web site, but since I don't keep that page up-to-date anymore, I decided to publish it here.2015 and later: Please visit Academia.edu for Mr. Bejtlich's most recent research.2014 and earlier: Seven Tips for Small Business Security, in the Huff...
https://taosecurity.blogspot.com/2019/07/reference-taosecurity-research.html
Published: 2019 07 01 12:00:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: I started publishing my thoughts and findings on digital security in 1999. I used to provide this information on my Web site, but since I don't keep that page up-to-date anymore, I decided to publish it here.2015 and later: Please visit Academia.edu for Mr. Bejtlich's most recent research.2014 and earlier: Seven Tips for Small Business Security, in the Huff...
https://taosecurity.blogspot.com/2019/07/reference-taosecurity-research.html
Published: 2019 07 01 12:00:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: Reference: TaoSecurity Research - published over 5 years ago. Content: I started publishing my thoughts and findings on digital security in 1999. I used to provide this information on my Web site, but since I don't keep that page up-to-date anymore, I decided to publish it here.2015 and later: Please visit Academia.edu for Mr. Bejtlich's most recent research.2014 and earlier: Seven Tips for Small Business Security, in the Huff... https://taosecurity.blogspot.com/2019/07/reference-taosecurity-research.html Published: 2019 07 01 12:00:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
Article: Reference: TaoSecurity Press - published over 5 years ago.
Content: I started appearing in media reports in 2000. I used to provide this information on my Web site, but since I don't keep that page up-to-date anymore, I decided to publish it here. As of 2017, Mr. Bejtlich generally declines press inquiries on cybersecurity matters, including those on background.2016Mr. Bejtlich was cited in the Forture story Meet the US's F...
https://taosecurity.blogspot.com/2019/07/reference-taosecurity-press.html
Published: 2019 07 01 12:00:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: I started appearing in media reports in 2000. I used to provide this information on my Web site, but since I don't keep that page up-to-date anymore, I decided to publish it here. As of 2017, Mr. Bejtlich generally declines press inquiries on cybersecurity matters, including those on background.2016Mr. Bejtlich was cited in the Forture story Meet the US's F...
https://taosecurity.blogspot.com/2019/07/reference-taosecurity-press.html
Published: 2019 07 01 12:00:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: Reference: TaoSecurity Press - published over 5 years ago. Content: I started appearing in media reports in 2000. I used to provide this information on my Web site, but since I don't keep that page up-to-date anymore, I decided to publish it here. As of 2017, Mr. Bejtlich generally declines press inquiries on cybersecurity matters, including those on background.2016Mr. Bejtlich was cited in the Forture story Meet the US's F... https://taosecurity.blogspot.com/2019/07/reference-taosecurity-press.html Published: 2019 07 01 12:00:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
|
Article: Happy Birthday TaoSecurity.com - published over 5 years ago.
Content: Nineteen years ago this week I registered the domain taosecurity.com:Creation Date: 2000-07-04T02:20:16ZThis was 2 1/2 years before I started blogging, so I don't have much information from that era. I did create the first taosecurity.com Web site shortly thereafter.I first started hosting it on space provided by my then-ISP, Road Runner of San Antonio, TX. ...
https://taosecurity.blogspot.com/2019/07/happy-birthday-taosecuritycom.html
Published: 2019 07 01 14:00:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: Nineteen years ago this week I registered the domain taosecurity.com:Creation Date: 2000-07-04T02:20:16ZThis was 2 1/2 years before I started blogging, so I don't have much information from that era. I did create the first taosecurity.com Web site shortly thereafter.I first started hosting it on space provided by my then-ISP, Road Runner of San Antonio, TX. ...
https://taosecurity.blogspot.com/2019/07/happy-birthday-taosecuritycom.html
Published: 2019 07 01 14:00:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: Happy Birthday TaoSecurity.com - published over 5 years ago. Content: Nineteen years ago this week I registered the domain taosecurity.com:Creation Date: 2000-07-04T02:20:16ZThis was 2 1/2 years before I started blogging, so I don't have much information from that era. I did create the first taosecurity.com Web site shortly thereafter.I first started hosting it on space provided by my then-ISP, Road Runner of San Antonio, TX. ... https://taosecurity.blogspot.com/2019/07/happy-birthday-taosecuritycom.html Published: 2019 07 01 14:00:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
|
Article: Five Thoughts on the Internet Freedom League - published about 5 years ago.
Content: In the September/October issue of Foreign Affairs magazine, Richard Clarke and Rob Knake published an article titled "The Internet Freedom League: How to Push Back Against the Authoritarian Assault on the Web," based on their recent book The Fifth Domain. The article proposes the following:The United States and its allies and partners should stop worrying ab...
https://taosecurity.blogspot.com/2019/09/five-thoughts-on-internet-freedom-league.html
Published: 2019 09 13 15:00:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: In the September/October issue of Foreign Affairs magazine, Richard Clarke and Rob Knake published an article titled "The Internet Freedom League: How to Push Back Against the Authoritarian Assault on the Web," based on their recent book The Fifth Domain. The article proposes the following:The United States and its allies and partners should stop worrying ab...
https://taosecurity.blogspot.com/2019/09/five-thoughts-on-internet-freedom-league.html
Published: 2019 09 13 15:00:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: Five Thoughts on the Internet Freedom League - published about 5 years ago. Content: In the September/October issue of Foreign Affairs magazine, Richard Clarke and Rob Knake published an article titled "The Internet Freedom League: How to Push Back Against the Authoritarian Assault on the Web," based on their recent book The Fifth Domain. The article proposes the following:The United States and its allies and partners should stop worrying ab... https://taosecurity.blogspot.com/2019/09/five-thoughts-on-internet-freedom-league.html Published: 2019 09 13 15:00:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
Article: Seven Security Strategies, Summarized - published about 5 years ago.
Content: This is the sort of story that starts as a comment on Twitter, then becomes a blog post when I realize I can't fit all the ideas into one or two Tweets. (You know how much I hate Tweet threads, and how I encourage everyone to capture deep thoughts in blog posts!)In the interest of capturing the thought, and not in the interest of thinking too deeply or compr...
https://taosecurity.blogspot.com/2019/11/seven-security-strategies-summarized.html
Published: 2019 11 06 21:10:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: This is the sort of story that starts as a comment on Twitter, then becomes a blog post when I realize I can't fit all the ideas into one or two Tweets. (You know how much I hate Tweet threads, and how I encourage everyone to capture deep thoughts in blog posts!)In the interest of capturing the thought, and not in the interest of thinking too deeply or compr...
https://taosecurity.blogspot.com/2019/11/seven-security-strategies-summarized.html
Published: 2019 11 06 21:10:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: Seven Security Strategies, Summarized - published about 5 years ago. Content: This is the sort of story that starts as a comment on Twitter, then becomes a blog post when I realize I can't fit all the ideas into one or two Tweets. (You know how much I hate Tweet threads, and how I encourage everyone to capture deep thoughts in blog posts!)In the interest of capturing the thought, and not in the interest of thinking too deeply or compr... https://taosecurity.blogspot.com/2019/11/seven-security-strategies-summarized.html Published: 2019 11 06 21:10:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
|
Article: COVID-19 Phishing Tests: WRONG - published over 4 years ago.
Content: Malware Jake Tweeted a poll last night which asked the following:"I have an interesting ethical quandary. Is it ethically okay to use COVID-19 themed phishing emails for assessments and user awareness training right now? Please read the thread before responding and RT for visibility. 1/"Ultimately he decided:"My gut feeling is to not use COVID-19 themed emai...
https://taosecurity.blogspot.com/2020/03/covid-19-phishing-tests-wrong.html
Published: 2020 03 12 13:29:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: Malware Jake Tweeted a poll last night which asked the following:"I have an interesting ethical quandary. Is it ethically okay to use COVID-19 themed phishing emails for assessments and user awareness training right now? Please read the thread before responding and RT for visibility. 1/"Ultimately he decided:"My gut feeling is to not use COVID-19 themed emai...
https://taosecurity.blogspot.com/2020/03/covid-19-phishing-tests-wrong.html
Published: 2020 03 12 13:29:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: COVID-19 Phishing Tests: WRONG - published over 4 years ago. Content: Malware Jake Tweeted a poll last night which asked the following:"I have an interesting ethical quandary. Is it ethically okay to use COVID-19 themed phishing emails for assessments and user awareness training right now? Please read the thread before responding and RT for visibility. 1/"Ultimately he decided:"My gut feeling is to not use COVID-19 themed emai... https://taosecurity.blogspot.com/2020/03/covid-19-phishing-tests-wrong.html Published: 2020 03 12 13:29:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
|
Article: When You Should Blog and When You Should Tweet - published over 4 years ago.
Content: I saw my like-minded, friend-that-I've-never-met Andrew Thompson Tweet a poll, posted above.I was about to reply with the following Tweet:"If I'm struggling to figure out how to capture a thought in just 1 Tweet, that's a sign that a blog post might be appropriate. I only use a thread, and no more than 2, and hardly ever 3 (good Lord), when I know I've got n...
https://taosecurity.blogspot.com/2020/03/when-you-should-blog-and-when-you.html
Published: 2020 03 27 12:54:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: I saw my like-minded, friend-that-I've-never-met Andrew Thompson Tweet a poll, posted above.I was about to reply with the following Tweet:"If I'm struggling to figure out how to capture a thought in just 1 Tweet, that's a sign that a blog post might be appropriate. I only use a thread, and no more than 2, and hardly ever 3 (good Lord), when I know I've got n...
https://taosecurity.blogspot.com/2020/03/when-you-should-blog-and-when-you.html
Published: 2020 03 27 12:54:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: When You Should Blog and When You Should Tweet - published over 4 years ago. Content: I saw my like-minded, friend-that-I've-never-met Andrew Thompson Tweet a poll, posted above.I was about to reply with the following Tweet:"If I'm struggling to figure out how to capture a thought in just 1 Tweet, that's a sign that a blog post might be appropriate. I only use a thread, and no more than 2, and hardly ever 3 (good Lord), when I know I've got n... https://taosecurity.blogspot.com/2020/03/when-you-should-blog-and-when-you.html Published: 2020 03 27 12:54:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
Article: Skill Levels in Digital Security - published over 4 years ago.
Content: Two posts in one day? These are certainly unusual times.I was thinking about words to describe different skill levels in digital security. Rather than invent something, I decided to review terms that have established meaning. Thanks to Google Books I found this article in a 1922 edition of the Archives of Psychology that mentioned four key terms:The novice i...
https://taosecurity.blogspot.com/2020/03/skill-levels-in-digital-security.html
Published: 2020 03 27 15:15:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: Two posts in one day? These are certainly unusual times.I was thinking about words to describe different skill levels in digital security. Rather than invent something, I decided to review terms that have established meaning. Thanks to Google Books I found this article in a 1922 edition of the Archives of Psychology that mentioned four key terms:The novice i...
https://taosecurity.blogspot.com/2020/03/skill-levels-in-digital-security.html
Published: 2020 03 27 15:15:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: Skill Levels in Digital Security - published over 4 years ago. Content: Two posts in one day? These are certainly unusual times.I was thinking about words to describe different skill levels in digital security. Rather than invent something, I decided to review terms that have established meaning. Thanks to Google Books I found this article in a 1922 edition of the Archives of Psychology that mentioned four key terms:The novice i... https://taosecurity.blogspot.com/2020/03/skill-levels-in-digital-security.html Published: 2020 03 27 15:15:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
|
Article: Seeing Book Shelves on Virtual Calls - published over 4 years ago.
Content: I have a confession... for me, the best part of virtual calls, or seeing any reporter or commentator working for home, is being able to check out their book shelves. I never use computer video, because I want to preserve the world's bandwidth. That means I don't share what my book shelves look like when I'm on a company call. Therefore, I thought I'd share m...
https://taosecurity.blogspot.com/2020/04/seeing-book-shelves-on-virtual-calls.html
Published: 2020 04 02 23:03:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: I have a confession... for me, the best part of virtual calls, or seeing any reporter or commentator working for home, is being able to check out their book shelves. I never use computer video, because I want to preserve the world's bandwidth. That means I don't share what my book shelves look like when I'm on a company call. Therefore, I thought I'd share m...
https://taosecurity.blogspot.com/2020/04/seeing-book-shelves-on-virtual-calls.html
Published: 2020 04 02 23:03:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: Seeing Book Shelves on Virtual Calls - published over 4 years ago. Content: I have a confession... for me, the best part of virtual calls, or seeing any reporter or commentator working for home, is being able to check out their book shelves. I never use computer video, because I want to preserve the world's bandwidth. That means I don't share what my book shelves look like when I'm on a company call. Therefore, I thought I'd share m... https://taosecurity.blogspot.com/2020/04/seeing-book-shelves-on-virtual-calls.html Published: 2020 04 02 23:03:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
|
Article: If You Can't Patch Your Email Server, You Should Not Be Running It - published over 4 years ago.
Content: CVE-2020-0688 Scan Results, per Rapid7tl;dr -- it's the title of the post: "If You Can't Patch Your Email Server, You Should Not Be Running It."I read a disturbing story today with the following news:"Starting March 24, Rapid7 used its Project Sonar internet-wide survey tool to discover all publicly-facing Exchange servers on the Internet and the numbers are...
https://taosecurity.blogspot.com/2020/04/if-you-cant-patch-your-email-server-you.html
Published: 2020 04 07 15:28:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: CVE-2020-0688 Scan Results, per Rapid7tl;dr -- it's the title of the post: "If You Can't Patch Your Email Server, You Should Not Be Running It."I read a disturbing story today with the following news:"Starting March 24, Rapid7 used its Project Sonar internet-wide survey tool to discover all publicly-facing Exchange servers on the Internet and the numbers are...
https://taosecurity.blogspot.com/2020/04/if-you-cant-patch-your-email-server-you.html
Published: 2020 04 07 15:28:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: If You Can't Patch Your Email Server, You Should Not Be Running It - published over 4 years ago. Content: CVE-2020-0688 Scan Results, per Rapid7tl;dr -- it's the title of the post: "If You Can't Patch Your Email Server, You Should Not Be Running It."I read a disturbing story today with the following news:"Starting March 24, Rapid7 used its Project Sonar internet-wide survey tool to discover all publicly-facing Exchange servers on the Internet and the numbers are... https://taosecurity.blogspot.com/2020/04/if-you-cant-patch-your-email-server-you.html Published: 2020 04 07 15:28:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
Article: New Book! The Best of TaoSecurity Blog, Volume 1 - published over 4 years ago.
Content: I'm very pleased to announce that I've published a new book!It's The Best of TaoSecurity Blog, Volume 1: Milestones, Philosophy and Strategy, Risk, and Advice. It's available now in the Kindle Store, and if you're a member of Kindle Unlimited, it's currently free. I may also publish a print version. If you're interested, please tell me on Twitter.The book li...
https://taosecurity.blogspot.com/2020/05/new-book-best-of-taosecurity-blog.html
Published: 2020 05 04 15:51:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: I'm very pleased to announce that I've published a new book!It's The Best of TaoSecurity Blog, Volume 1: Milestones, Philosophy and Strategy, Risk, and Advice. It's available now in the Kindle Store, and if you're a member of Kindle Unlimited, it's currently free. I may also publish a print version. If you're interested, please tell me on Twitter.The book li...
https://taosecurity.blogspot.com/2020/05/new-book-best-of-taosecurity-blog.html
Published: 2020 05 04 15:51:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: New Book! The Best of TaoSecurity Blog, Volume 1 - published over 4 years ago. Content: I'm very pleased to announce that I've published a new book!It's The Best of TaoSecurity Blog, Volume 1: Milestones, Philosophy and Strategy, Risk, and Advice. It's available now in the Kindle Store, and if you're a member of Kindle Unlimited, it's currently free. I may also publish a print version. If you're interested, please tell me on Twitter.The book li... https://taosecurity.blogspot.com/2020/05/new-book-best-of-taosecurity-blog.html Published: 2020 05 04 15:51:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
|
Article: I Did Not Write This Book - published over 4 years ago.
Content: Fake Book Someone published a "book" on Amazon and claimed that I wrote it! I had NOTHING to do with this. I am working with Amazon now to remove it, or at least remove my name. Stay away from this garbage!Update: Thankfully, within a day or so of this post, the true author of this work removed it from Amazon. It has not returned, at least as far as I have s...
https://taosecurity.blogspot.com/2020/07/i-did-not-write-this-book.html
Published: 2020 07 16 15:04:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: Fake Book Someone published a "book" on Amazon and claimed that I wrote it! I had NOTHING to do with this. I am working with Amazon now to remove it, or at least remove my name. Stay away from this garbage!Update: Thankfully, within a day or so of this post, the true author of this work removed it from Amazon. It has not returned, at least as far as I have s...
https://taosecurity.blogspot.com/2020/07/i-did-not-write-this-book.html
Published: 2020 07 16 15:04:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: I Did Not Write This Book - published over 4 years ago. Content: Fake Book Someone published a "book" on Amazon and claimed that I wrote it! I had NOTHING to do with this. I am working with Amazon now to remove it, or at least remove my name. Stay away from this garbage!Update: Thankfully, within a day or so of this post, the true author of this work removed it from Amazon. It has not returned, at least as far as I have s... https://taosecurity.blogspot.com/2020/07/i-did-not-write-this-book.html Published: 2020 07 16 15:04:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
|
Article: One Weird Trick for Reviewing Zeek Logs on the Command Line! - published over 4 years ago.
Content: Are you a network security monitoring dinosaur like me? Do you prefer to inspect your Zeek logs using the command line instead of a Web-based SIEM?If yes, try this one weird trick!I store my Zeek logs in JSON format. Sometimes I like to view the output using jq.If I need to search directories of logs for a string, like a UID, I might* use something like zgre...
https://taosecurity.blogspot.com/2020/08/one-weird-trick-for-reviewing-zeek-logs.html
Published: 2020 08 19 15:17:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: Are you a network security monitoring dinosaur like me? Do you prefer to inspect your Zeek logs using the command line instead of a Web-based SIEM?If yes, try this one weird trick!I store my Zeek logs in JSON format. Sometimes I like to view the output using jq.If I need to search directories of logs for a string, like a UID, I might* use something like zgre...
https://taosecurity.blogspot.com/2020/08/one-weird-trick-for-reviewing-zeek-logs.html
Published: 2020 08 19 15:17:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: One Weird Trick for Reviewing Zeek Logs on the Command Line! - published over 4 years ago. Content: Are you a network security monitoring dinosaur like me? Do you prefer to inspect your Zeek logs using the command line instead of a Web-based SIEM?If yes, try this one weird trick!I store my Zeek logs in JSON format. Sometimes I like to view the output using jq.If I need to search directories of logs for a string, like a UID, I might* use something like zgre... https://taosecurity.blogspot.com/2020/08/one-weird-trick-for-reviewing-zeek-logs.html Published: 2020 08 19 15:17:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
Article: New Book! The Best of TaoSecurity Blog, Volume 2 - published about 4 years ago.
Content: I published a new book!The Best of TaoSecurity Blog, Volume 2: Network Security Monitoring, Technical Notes, Research, and China and the Advanced Persistent ThreatIt's in the Kindle Store, and if you're Unlimited it's free. Print edition to follow.The book lists as having 413 pages (for the Kindle edition at least) at it's almost 95,000 words. I started wor...
https://taosecurity.blogspot.com/2020/09/new-book-best-of-taosecurity-blog.html
Published: 2020 09 01 12:30:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: I published a new book!The Best of TaoSecurity Blog, Volume 2: Network Security Monitoring, Technical Notes, Research, and China and the Advanced Persistent ThreatIt's in the Kindle Store, and if you're Unlimited it's free. Print edition to follow.The book lists as having 413 pages (for the Kindle edition at least) at it's almost 95,000 words. I started wor...
https://taosecurity.blogspot.com/2020/09/new-book-best-of-taosecurity-blog.html
Published: 2020 09 01 12:30:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: New Book! The Best of TaoSecurity Blog, Volume 2 - published about 4 years ago. Content: I published a new book!The Best of TaoSecurity Blog, Volume 2: Network Security Monitoring, Technical Notes, Research, and China and the Advanced Persistent ThreatIt's in the Kindle Store, and if you're Unlimited it's free. Print edition to follow.The book lists as having 413 pages (for the Kindle edition at least) at it's almost 95,000 words. I started wor... https://taosecurity.blogspot.com/2020/09/new-book-best-of-taosecurity-blog.html Published: 2020 09 01 12:30:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
|
Article: The FBI Intrusion Notification Program - published about 4 years ago.
Content: The FBI intrusion notification program is one of the most important developments in cyber security during the last 15 years. This program achieved mainstream recognition on 24 March 2014 when Ellen Nakashima reported on it for the Washington Post in her story U.S. notified 3,000 companies in 2013 about cyberattacks. The story noted the following:"Federal age...
https://taosecurity.blogspot.com/2020/09/the-fbi-intrusion-notification-program.html
Published: 2020 09 03 15:07:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: The FBI intrusion notification program is one of the most important developments in cyber security during the last 15 years. This program achieved mainstream recognition on 24 March 2014 when Ellen Nakashima reported on it for the Washington Post in her story U.S. notified 3,000 companies in 2013 about cyberattacks. The story noted the following:"Federal age...
https://taosecurity.blogspot.com/2020/09/the-fbi-intrusion-notification-program.html
Published: 2020 09 03 15:07:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: The FBI Intrusion Notification Program - published about 4 years ago. Content: The FBI intrusion notification program is one of the most important developments in cyber security during the last 15 years. This program achieved mainstream recognition on 24 March 2014 when Ellen Nakashima reported on it for the Washington Post in her story U.S. notified 3,000 companies in 2013 about cyberattacks. The story noted the following:"Federal age... https://taosecurity.blogspot.com/2020/09/the-fbi-intrusion-notification-program.html Published: 2020 09 03 15:07:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
|
Article: Greg Rattray Invented the Term Advanced Persistent Threat - published about 4 years ago.
Content: I was so pleased to read this Tweet yesterday from Greg Rattray:"Back in 2007, I coined the term “Advanced Persistent Threat” to characterize emerging adversaries that we needed to work with the defense industrial base to deal with... Since then both the APT term and the nature of our adversaries have evolved. What hasn’t changed is that in cyberspace, adva...
https://taosecurity.blogspot.com/2020/10/greg-rattray-invented-term-advanced.html
Published: 2020 10 10 15:30:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: I was so pleased to read this Tweet yesterday from Greg Rattray:"Back in 2007, I coined the term “Advanced Persistent Threat” to characterize emerging adversaries that we needed to work with the defense industrial base to deal with... Since then both the APT term and the nature of our adversaries have evolved. What hasn’t changed is that in cyberspace, adva...
https://taosecurity.blogspot.com/2020/10/greg-rattray-invented-term-advanced.html
Published: 2020 10 10 15:30:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: Greg Rattray Invented the Term Advanced Persistent Threat - published about 4 years ago. Content: I was so pleased to read this Tweet yesterday from Greg Rattray:"Back in 2007, I coined the term “Advanced Persistent Threat” to characterize emerging adversaries that we needed to work with the defense industrial base to deal with... Since then both the APT term and the nature of our adversaries have evolved. What hasn’t changed is that in cyberspace, adva... https://taosecurity.blogspot.com/2020/10/greg-rattray-invented-term-advanced.html Published: 2020 10 10 15:30:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
Article: MITRE ATT&CK Tactics Are Not Tactics - published about 4 years ago.
Content: Just what are "tactics"?IntroductionMITRE ATT&CK is a great resource, but something about it has bothered me since I first heard about it several years ago. It's a minor point, but I wanted to document it in case it confuses anyone else.The MITRE ATT&CK Design and Philosophy document from March 2020 says the following:At a high-level, ATT&CK is a...
https://taosecurity.blogspot.com/2020/10/mitre-att-tactics-are-not-tactics.html
Published: 2020 10 23 14:00:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: Just what are "tactics"?IntroductionMITRE ATT&CK is a great resource, but something about it has bothered me since I first heard about it several years ago. It's a minor point, but I wanted to document it in case it confuses anyone else.The MITRE ATT&CK Design and Philosophy document from March 2020 says the following:At a high-level, ATT&CK is a...
https://taosecurity.blogspot.com/2020/10/mitre-att-tactics-are-not-tactics.html
Published: 2020 10 23 14:00:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: MITRE ATT&CK Tactics Are Not Tactics - published about 4 years ago. Content: Just what are "tactics"?IntroductionMITRE ATT&CK is a great resource, but something about it has bothered me since I first heard about it several years ago. It's a minor point, but I wanted to document it in case it confuses anyone else.The MITRE ATT&CK Design and Philosophy document from March 2020 says the following:At a high-level, ATT&CK is a... https://taosecurity.blogspot.com/2020/10/mitre-att-tactics-are-not-tactics.html Published: 2020 10 23 14:00:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
|
Article: Security and the One Percent: A Thought Exercise in Estimation and Consequences - published about 4 years ago.
Content: There's a good chance that if you're reading this post, you're the member of an exclusive club. I call it the security one percent, or the security 1% or #securityonepercent on Twitter. This is shorthand for the assortment of people and organizations who have the personnel, processes, technology, and support to implement somewhat robust digital security prog...
https://taosecurity.blogspot.com/2020/10/security-and-one-percent-thought.html
Published: 2020 10 31 20:11:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: There's a good chance that if you're reading this post, you're the member of an exclusive club. I call it the security one percent, or the security 1% or #securityonepercent on Twitter. This is shorthand for the assortment of people and organizations who have the personnel, processes, technology, and support to implement somewhat robust digital security prog...
https://taosecurity.blogspot.com/2020/10/security-and-one-percent-thought.html
Published: 2020 10 31 20:11:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: Security and the One Percent: A Thought Exercise in Estimation and Consequences - published about 4 years ago. Content: There's a good chance that if you're reading this post, you're the member of an exclusive club. I call it the security one percent, or the security 1% or #securityonepercent on Twitter. This is shorthand for the assortment of people and organizations who have the personnel, processes, technology, and support to implement somewhat robust digital security prog... https://taosecurity.blogspot.com/2020/10/security-and-one-percent-thought.html Published: 2020 10 31 20:11:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
|
Article: New Book! The Best of TaoSecurity Blog, Volume 3 - published about 4 years ago.
Content: Introduction I published a new book!The Best of TaoSecurity Blog, Volume 3: Current Events, Law, Wise People, History, and Appendices is the third title in the TaoSecurity Blog series. It's in the Kindle Store, and if you have an Unlimited account, it's free. I also published a print edition, which is 485 pages. Book DescriptionThe book features the followi...
https://taosecurity.blogspot.com/2020/11/new-book-best-of-taosecurity-blog.html
Published: 2020 11 09 13:30:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: Introduction I published a new book!The Best of TaoSecurity Blog, Volume 3: Current Events, Law, Wise People, History, and Appendices is the third title in the TaoSecurity Blog series. It's in the Kindle Store, and if you have an Unlimited account, it's free. I also published a print edition, which is 485 pages. Book DescriptionThe book features the followi...
https://taosecurity.blogspot.com/2020/11/new-book-best-of-taosecurity-blog.html
Published: 2020 11 09 13:30:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: New Book! The Best of TaoSecurity Blog, Volume 3 - published about 4 years ago. Content: Introduction I published a new book!The Best of TaoSecurity Blog, Volume 3: Current Events, Law, Wise People, History, and Appendices is the third title in the TaoSecurity Blog series. It's in the Kindle Store, and if you have an Unlimited account, it's free. I also published a print edition, which is 485 pages. Book DescriptionThe book features the followi... https://taosecurity.blogspot.com/2020/11/new-book-best-of-taosecurity-blog.html Published: 2020 11 09 13:30:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
Article: Digital Offense Capabilities Are Currently Net Negative for the Security Ecosystem - published almost 4 years ago.
Content: PropositionDigital offense capabilities are currently net negative for the security ecosystem.[0]The costs of improved digital offense currently outweigh the benefits. The legitimate benefits of digital offense accrue primarily to the security one percent (#securityonepercent), and to intelligence, military, and law enforcement agencies. The derived defensiv...
https://taosecurity.blogspot.com/2021/02/digital-offense-capabilities-are.html
Published: 2021 02 18 15:30:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: PropositionDigital offense capabilities are currently net negative for the security ecosystem.[0]The costs of improved digital offense currently outweigh the benefits. The legitimate benefits of digital offense accrue primarily to the security one percent (#securityonepercent), and to intelligence, military, and law enforcement agencies. The derived defensiv...
https://taosecurity.blogspot.com/2021/02/digital-offense-capabilities-are.html
Published: 2021 02 18 15:30:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: Digital Offense Capabilities Are Currently Net Negative for the Security Ecosystem - published almost 4 years ago. Content: PropositionDigital offense capabilities are currently net negative for the security ecosystem.[0]The costs of improved digital offense currently outweigh the benefits. The legitimate benefits of digital offense accrue primarily to the security one percent (#securityonepercent), and to intelligence, military, and law enforcement agencies. The derived defensiv... https://taosecurity.blogspot.com/2021/02/digital-offense-capabilities-are.html Published: 2021 02 18 15:30:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
|
Article: The Origins of the Names TaoSecurity and the Unit Formerly Known as TAO - published over 3 years ago.
Content: What are the origins of the names TaoSecurity and the unit formerly known as TAO? IntroductionI've been reading Nicole Perlroth's new book This Is How They Tell Me the World Ends. Her discussion of the group formerly known as Tailored Access Operations, or TAO, reminded me of a controversy that arose in the 2000s. I had heard through back channels that some...
https://taosecurity.blogspot.com/2021/04/the-origins-of-names-taosecurity-and.html
Published: 2021 04 01 18:00:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: What are the origins of the names TaoSecurity and the unit formerly known as TAO? IntroductionI've been reading Nicole Perlroth's new book This Is How They Tell Me the World Ends. Her discussion of the group formerly known as Tailored Access Operations, or TAO, reminded me of a controversy that arose in the 2000s. I had heard through back channels that some...
https://taosecurity.blogspot.com/2021/04/the-origins-of-names-taosecurity-and.html
Published: 2021 04 01 18:00:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: The Origins of the Names TaoSecurity and the Unit Formerly Known as TAO - published over 3 years ago. Content: What are the origins of the names TaoSecurity and the unit formerly known as TAO? IntroductionI've been reading Nicole Perlroth's new book This Is How They Tell Me the World Ends. Her discussion of the group formerly known as Tailored Access Operations, or TAO, reminded me of a controversy that arose in the 2000s. I had heard through back channels that some... https://taosecurity.blogspot.com/2021/04/the-origins-of-names-taosecurity-and.html Published: 2021 04 01 18:00:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
|
Article: New Book! The Best of TaoSecurity Blog, Volume 4 - published over 3 years ago.
Content: I've completed the TaoSecurity Blog book series.The new book is The Best of TaoSecurity Blog, Volume 4: Beyond the Blog with Articles, Testimony, and Scholarship. It's available now for Kindle, and I'm working on the print edition. I'm running a 50% off promo on Volumes 1-3 on Kindle through midnight 20 April. Take advantage before the prices go back up.I d...
https://taosecurity.blogspot.com/2021/04/new-book-best-of-taosecurity-blog.html
Published: 2021 04 13 15:00:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Content: I've completed the TaoSecurity Blog book series.The new book is The Best of TaoSecurity Blog, Volume 4: Beyond the Blog with Articles, Testimony, and Scholarship. It's available now for Kindle, and I'm working on the print edition. I'm running a 50% off promo on Volumes 1-3 on Kindle through midnight 20 April. Take advantage before the prices go back up.I d...
https://taosecurity.blogspot.com/2021/04/new-book-best-of-taosecurity-blog.html
Published: 2021 04 13 15:00:00
Received: 2021 06 06 09:05:05
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
|
Article: New Book! The Best of TaoSecurity Blog, Volume 4 - published over 3 years ago. Content: I've completed the TaoSecurity Blog book series.The new book is The Best of TaoSecurity Blog, Volume 4: Beyond the Blog with Articles, Testimony, and Scholarship. It's available now for Kindle, and I'm working on the print edition. I'm running a 50% off promo on Volumes 1-3 on Kindle through midnight 20 April. Take advantage before the prices go back up.I d... https://taosecurity.blogspot.com/2021/04/new-book-best-of-taosecurity-blog.html Published: 2021 04 13 15:00:00 Received: 2021 06 06 09:05:05 Feed: TaoSecurity Source: TaoSecurity Category: Cyber Security Topic: Cyber Security |
Article: How To Make A Profitable Botnet - published over 11 years ago.
Content: This post is purely for educational reasons. If you follow ANY of these steps and get arrested I am not responsible. This tutorial is designed from a theoretical prospective. The world of botnets and blackhats is seriously messed up. Leave your morals at home.Budget:What's your budget? To get a botnet started you'll need a minimal of 1.5k. This will include ...
http://trojan7malware.blogspot.com/2013/08/how-to-make-profitable-botnet.html
Published: 2013 08 14 15:24:00
Received: 2021 06 06 09:05:04
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: This post is purely for educational reasons. If you follow ANY of these steps and get arrested I am not responsible. This tutorial is designed from a theoretical prospective. The world of botnets and blackhats is seriously messed up. Leave your morals at home.Budget:What's your budget? To get a botnet started you'll need a minimal of 1.5k. This will include ...
http://trojan7malware.blogspot.com/2013/08/how-to-make-profitable-botnet.html
Published: 2013 08 14 15:24:00
Received: 2021 06 06 09:05:04
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: How To Make A Profitable Botnet - published over 11 years ago. Content: This post is purely for educational reasons. If you follow ANY of these steps and get arrested I am not responsible. This tutorial is designed from a theoretical prospective. The world of botnets and blackhats is seriously messed up. Leave your morals at home.Budget:What's your budget? To get a botnet started you'll need a minimal of 1.5k. This will include ... http://trojan7malware.blogspot.com/2013/08/how-to-make-profitable-botnet.html Published: 2013 08 14 15:24:00 Received: 2021 06 06 09:05:04 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: How To Hack Any Amazon Account - published over 11 years ago.
Content: As always with any blog post on this website I'm not responsible it you get arrested.This method is incredibly easy for fast thinking,clever and experienced social engineers. It's also a good starting method.With this method you'll be able to get full access to a account. This includes the ability to see credit card details,address and order numbers.Requirem...
http://trojan7malware.blogspot.com/2013/08/how-to-hack-any-amazon-account.html
Published: 2013 08 18 23:01:00
Received: 2021 06 06 09:05:04
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: As always with any blog post on this website I'm not responsible it you get arrested.This method is incredibly easy for fast thinking,clever and experienced social engineers. It's also a good starting method.With this method you'll be able to get full access to a account. This includes the ability to see credit card details,address and order numbers.Requirem...
http://trojan7malware.blogspot.com/2013/08/how-to-hack-any-amazon-account.html
Published: 2013 08 18 23:01:00
Received: 2021 06 06 09:05:04
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: How To Hack Any Amazon Account - published over 11 years ago. Content: As always with any blog post on this website I'm not responsible it you get arrested.This method is incredibly easy for fast thinking,clever and experienced social engineers. It's also a good starting method.With this method you'll be able to get full access to a account. This includes the ability to see credit card details,address and order numbers.Requirem... http://trojan7malware.blogspot.com/2013/08/how-to-hack-any-amazon-account.html Published: 2013 08 18 23:01:00 Received: 2021 06 06 09:05:04 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: Why Small Business's Should Be Serious About Hackers - published over 11 years ago.
Content: I decided to write this blog post after I contacted a local business about a serious vulnerability (SQLi). The company is a luxury boat reseller. You simply select your boat and "checkout". The website handles Credit cards (CC) so SQLi is a incredibly dangerous vulnerability. I reported the vulnerability and I received no response. So I decided to take act...
http://trojan7malware.blogspot.com/2013/08/why-small-business-should-be-serious.html
Published: 2013 08 20 12:31:00
Received: 2021 06 06 09:05:04
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: I decided to write this blog post after I contacted a local business about a serious vulnerability (SQLi). The company is a luxury boat reseller. You simply select your boat and "checkout". The website handles Credit cards (CC) so SQLi is a incredibly dangerous vulnerability. I reported the vulnerability and I received no response. So I decided to take act...
http://trojan7malware.blogspot.com/2013/08/why-small-business-should-be-serious.html
Published: 2013 08 20 12:31:00
Received: 2021 06 06 09:05:04
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: Why Small Business's Should Be Serious About Hackers - published over 11 years ago. Content: I decided to write this blog post after I contacted a local business about a serious vulnerability (SQLi). The company is a luxury boat reseller. You simply select your boat and "checkout". The website handles Credit cards (CC) so SQLi is a incredibly dangerous vulnerability. I reported the vulnerability and I received no response. So I decided to take act... http://trojan7malware.blogspot.com/2013/08/why-small-business-should-be-serious.html Published: 2013 08 20 12:31:00 Received: 2021 06 06 09:05:04 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
Article: Why Did I Quit? - published over 11 years ago.
Content: I decided to write this post after been asked this question at least 5 times a day. I'm going to explain why,in detail I quit. What did I do?During my time as a blackhat I was part of several "gangs". My main role was social engineer/vulnerability hunter. I'd find exploits in applications like java,flash and windows and then sell/use them for my teams gains....
http://trojan7malware.blogspot.com/2013/08/why-did-i-quit.html
Published: 2013 08 24 13:34:00
Received: 2021 06 06 09:05:04
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: I decided to write this post after been asked this question at least 5 times a day. I'm going to explain why,in detail I quit. What did I do?During my time as a blackhat I was part of several "gangs". My main role was social engineer/vulnerability hunter. I'd find exploits in applications like java,flash and windows and then sell/use them for my teams gains....
http://trojan7malware.blogspot.com/2013/08/why-did-i-quit.html
Published: 2013 08 24 13:34:00
Received: 2021 06 06 09:05:04
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: Why Did I Quit? - published over 11 years ago. Content: I decided to write this post after been asked this question at least 5 times a day. I'm going to explain why,in detail I quit. What did I do?During my time as a blackhat I was part of several "gangs". My main role was social engineer/vulnerability hunter. I'd find exploits in applications like java,flash and windows and then sell/use them for my teams gains.... http://trojan7malware.blogspot.com/2013/08/why-did-i-quit.html Published: 2013 08 24 13:34:00 Received: 2021 06 06 09:05:04 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: NYT and Twitter hack wasn't that bad after all. - published about 11 years ago.
Content: Recently, the Syrian Electronic Army or SEA as they're commonly known as hijacked the DNS's of NYT and Twitter. They edited the front page of New York Times website to display a message and a image. This quickly became the top trend worldwide on twitter and everybody who's anybody knew about SEA and the hack. I'm sure many people in NYT office ran around lik...
http://trojan7malware.blogspot.com/2013/08/nyt-and-twitter-hack-wasn-that-bad.html
Published: 2013 08 28 14:55:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: Recently, the Syrian Electronic Army or SEA as they're commonly known as hijacked the DNS's of NYT and Twitter. They edited the front page of New York Times website to display a message and a image. This quickly became the top trend worldwide on twitter and everybody who's anybody knew about SEA and the hack. I'm sure many people in NYT office ran around lik...
http://trojan7malware.blogspot.com/2013/08/nyt-and-twitter-hack-wasn-that-bad.html
Published: 2013 08 28 14:55:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: NYT and Twitter hack wasn't that bad after all. - published about 11 years ago. Content: Recently, the Syrian Electronic Army or SEA as they're commonly known as hijacked the DNS's of NYT and Twitter. They edited the front page of New York Times website to display a message and a image. This quickly became the top trend worldwide on twitter and everybody who's anybody knew about SEA and the hack. I'm sure many people in NYT office ran around lik... http://trojan7malware.blogspot.com/2013/08/nyt-and-twitter-hack-wasn-that-bad.html Published: 2013 08 28 14:55:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: Android Malware Spreads Via KIK - published about 11 years ago.
Content: So. I was casually browsing twitter and spam account told me to her on kik. Me been the inquisitive person I am and with the boom in android malware (kik can run on android) I decided to see what the bot would tell me to download. (Bot telling me to download) http://imgur.com/uzMlcE3 sorry for the inappropriate language but its crucial.First time the link le...
http://trojan7malware.blogspot.com/2013/08/android-malware-spreads-via-kik.html
Published: 2013 08 28 17:55:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: So. I was casually browsing twitter and spam account told me to her on kik. Me been the inquisitive person I am and with the boom in android malware (kik can run on android) I decided to see what the bot would tell me to download. (Bot telling me to download) http://imgur.com/uzMlcE3 sorry for the inappropriate language but its crucial.First time the link le...
http://trojan7malware.blogspot.com/2013/08/android-malware-spreads-via-kik.html
Published: 2013 08 28 17:55:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: Android Malware Spreads Via KIK - published about 11 years ago. Content: So. I was casually browsing twitter and spam account told me to her on kik. Me been the inquisitive person I am and with the boom in android malware (kik can run on android) I decided to see what the bot would tell me to download. (Bot telling me to download) http://imgur.com/uzMlcE3 sorry for the inappropriate language but its crucial.First time the link le... http://trojan7malware.blogspot.com/2013/08/android-malware-spreads-via-kik.html Published: 2013 08 28 17:55:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
Article: Twitter DM spam leads to phishing page - published about 11 years ago.
Content: As I do every day I began going through the endless stream of diet,muscle,workout and drama dm's on twitter that my honeypot account gathers. I came across http://imgur.com/RYTdTRm. What does it lead too? http://imgur.com/9UNFhU3 a phishing page. Now you're hacked what happens? A lot. That's the simplest way to put it. Firstly, you spam links to a download f...
http://trojan7malware.blogspot.com/2013/09/twitter-dm-spam-leads-to-phishing-page.html
Published: 2013 09 02 11:45:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: As I do every day I began going through the endless stream of diet,muscle,workout and drama dm's on twitter that my honeypot account gathers. I came across http://imgur.com/RYTdTRm. What does it lead too? http://imgur.com/9UNFhU3 a phishing page. Now you're hacked what happens? A lot. That's the simplest way to put it. Firstly, you spam links to a download f...
http://trojan7malware.blogspot.com/2013/09/twitter-dm-spam-leads-to-phishing-page.html
Published: 2013 09 02 11:45:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: Twitter DM spam leads to phishing page - published about 11 years ago. Content: As I do every day I began going through the endless stream of diet,muscle,workout and drama dm's on twitter that my honeypot account gathers. I came across http://imgur.com/RYTdTRm. What does it lead too? http://imgur.com/9UNFhU3 a phishing page. Now you're hacked what happens? A lot. That's the simplest way to put it. Firstly, you spam links to a download f... http://trojan7malware.blogspot.com/2013/09/twitter-dm-spam-leads-to-phishing-page.html Published: 2013 09 02 11:45:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: PayPal spam leads to malware. - published about 11 years ago.
Content: "Hello customer, We have detected malicious activity attempting to hack your account. We have provided a password reset link and password security tips to aid you in account security. Please view the attached file for details on the malicious activity" File download virustotal analysis https://www.virustotal.com/en/file/00d15353a414fd233fb9f3aa1ff6fe86644c7c...
http://trojan7malware.blogspot.com/2013/09/paypal-spam-leads-to-malware.html
Published: 2013 09 06 14:30:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: "Hello customer, We have detected malicious activity attempting to hack your account. We have provided a password reset link and password security tips to aid you in account security. Please view the attached file for details on the malicious activity" File download virustotal analysis https://www.virustotal.com/en/file/00d15353a414fd233fb9f3aa1ff6fe86644c7c...
http://trojan7malware.blogspot.com/2013/09/paypal-spam-leads-to-malware.html
Published: 2013 09 06 14:30:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: PayPal spam leads to malware. - published about 11 years ago. Content: "Hello customer, We have detected malicious activity attempting to hack your account. We have provided a password reset link and password security tips to aid you in account security. Please view the attached file for details on the malicious activity" File download virustotal analysis https://www.virustotal.com/en/file/00d15353a414fd233fb9f3aa1ff6fe86644c7c... http://trojan7malware.blogspot.com/2013/09/paypal-spam-leads-to-malware.html Published: 2013 09 06 14:30:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: LoL phishing domain. - published about 11 years ago.
Content: I came across this phishing campaign in email spam. Strangely, the same email I use on a LoL account. LoL aka league of legends is a hugely popular online game with millions of players worldwide. Pictures of panel: http://imgur.com/P4aXBCS Whois of the website: http://who.is/whois/http://leagueoflegends.byethost33.com/Spam email: "Dear Player,As you're most ...
http://trojan7malware.blogspot.com/2013/09/lol-phishing-domain.html
Published: 2013 09 08 17:26:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: I came across this phishing campaign in email spam. Strangely, the same email I use on a LoL account. LoL aka league of legends is a hugely popular online game with millions of players worldwide. Pictures of panel: http://imgur.com/P4aXBCS Whois of the website: http://who.is/whois/http://leagueoflegends.byethost33.com/Spam email: "Dear Player,As you're most ...
http://trojan7malware.blogspot.com/2013/09/lol-phishing-domain.html
Published: 2013 09 08 17:26:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: LoL phishing domain. - published about 11 years ago. Content: I came across this phishing campaign in email spam. Strangely, the same email I use on a LoL account. LoL aka league of legends is a hugely popular online game with millions of players worldwide. Pictures of panel: http://imgur.com/P4aXBCS Whois of the website: http://who.is/whois/http://leagueoflegends.byethost33.com/Spam email: "Dear Player,As you're most ... http://trojan7malware.blogspot.com/2013/09/lol-phishing-domain.html Published: 2013 09 08 17:26:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
Article: Interview with The Syrian Electronic Army. - published about 11 years ago.
Content: Recently I was lucky enough to hold an interview with The Syrian Electronic Army (SEA). A Syria based pro-Assad hacktivist group. Most commonly known for spear phishing attacks against some of the west's biggest media outlets. I won't be editing the answers in anyway, shape or form. This is the SEA words in raw format. I'd like to thank SEA for agreeing to b...
http://trojan7malware.blogspot.com/2013/09/interview-with-syrian-electronic-army.html
Published: 2013 09 08 21:46:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: Recently I was lucky enough to hold an interview with The Syrian Electronic Army (SEA). A Syria based pro-Assad hacktivist group. Most commonly known for spear phishing attacks against some of the west's biggest media outlets. I won't be editing the answers in anyway, shape or form. This is the SEA words in raw format. I'd like to thank SEA for agreeing to b...
http://trojan7malware.blogspot.com/2013/09/interview-with-syrian-electronic-army.html
Published: 2013 09 08 21:46:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: Interview with The Syrian Electronic Army. - published about 11 years ago. Content: Recently I was lucky enough to hold an interview with The Syrian Electronic Army (SEA). A Syria based pro-Assad hacktivist group. Most commonly known for spear phishing attacks against some of the west's biggest media outlets. I won't be editing the answers in anyway, shape or form. This is the SEA words in raw format. I'd like to thank SEA for agreeing to b... http://trojan7malware.blogspot.com/2013/09/interview-with-syrian-electronic-army.html Published: 2013 09 08 21:46:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: Is Anti-Virus Dead? - published about 11 years ago.
Content: After seeing this debate for a while I decided to write up my view. It's hard to get your point across in 140 characters ;). My opinion:My personal opinion is that anti virus has had it's time and its now time for a new method to take the reins. Ill break down several reasons why AV (Anti virus) is dead.Bypass: It's been common knowledge for several years th...
http://trojan7malware.blogspot.com/2013/09/is-anti-virus-dead.html
Published: 2013 09 12 11:31:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: After seeing this debate for a while I decided to write up my view. It's hard to get your point across in 140 characters ;). My opinion:My personal opinion is that anti virus has had it's time and its now time for a new method to take the reins. Ill break down several reasons why AV (Anti virus) is dead.Bypass: It's been common knowledge for several years th...
http://trojan7malware.blogspot.com/2013/09/is-anti-virus-dead.html
Published: 2013 09 12 11:31:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: Is Anti-Virus Dead? - published about 11 years ago. Content: After seeing this debate for a while I decided to write up my view. It's hard to get your point across in 140 characters ;). My opinion:My personal opinion is that anti virus has had it's time and its now time for a new method to take the reins. Ill break down several reasons why AV (Anti virus) is dead.Bypass: It's been common knowledge for several years th... http://trojan7malware.blogspot.com/2013/09/is-anti-virus-dead.html Published: 2013 09 12 11:31:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: Is It Android malware? Is it Ransomware? Is it a banking Trojan? - published about 11 years ago.
Content: I recently was added to a list titled "Avast Pro Free". I decided to take a look as I knew anti virus it a common way blackhats spread malware. The account which added me (now suspended) had hxxp://thecheatplanet(dot)com/avast-keygen/ in the profiles bio. URL query gives analysis of http://urlquery.net/report.php?id=5433826 (leads to BlackHole).What's next? ...
http://trojan7malware.blogspot.com/2013/09/is-it-android-malware-is-it-ransomware.html
Published: 2013 09 16 13:51:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: I recently was added to a list titled "Avast Pro Free". I decided to take a look as I knew anti virus it a common way blackhats spread malware. The account which added me (now suspended) had hxxp://thecheatplanet(dot)com/avast-keygen/ in the profiles bio. URL query gives analysis of http://urlquery.net/report.php?id=5433826 (leads to BlackHole).What's next? ...
http://trojan7malware.blogspot.com/2013/09/is-it-android-malware-is-it-ransomware.html
Published: 2013 09 16 13:51:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: Is It Android malware? Is it Ransomware? Is it a banking Trojan? - published about 11 years ago. Content: I recently was added to a list titled "Avast Pro Free". I decided to take a look as I knew anti virus it a common way blackhats spread malware. The account which added me (now suspended) had hxxp://thecheatplanet(dot)com/avast-keygen/ in the profiles bio. URL query gives analysis of http://urlquery.net/report.php?id=5433826 (leads to BlackHole).What's next? ... http://trojan7malware.blogspot.com/2013/09/is-it-android-malware-is-it-ransomware.html Published: 2013 09 16 13:51:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
Article: The Ultimate downfall of a Zeus herder - published about 11 years ago.
Content: Thanks to @0xali for starting and finding this guy. I decided to take this a step further and compile his entire life into one blog post ;)Name:Akpobo PeterAge:27 D.O.B: Jan 1 1986 (source: naijaporntube.socialparody.com/pg/profile/bowell) <<<< porn was his downfallResidence:NigeriaSanga ota, Ogun (confirmed via Facebook GPS) P.O.B (place of birt...
http://trojan7malware.blogspot.com/2013/09/the-ultimate-downfall-of-zues-herder.html
Published: 2013 09 22 11:21:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: Thanks to @0xali for starting and finding this guy. I decided to take this a step further and compile his entire life into one blog post ;)Name:Akpobo PeterAge:27 D.O.B: Jan 1 1986 (source: naijaporntube.socialparody.com/pg/profile/bowell) <<<< porn was his downfallResidence:NigeriaSanga ota, Ogun (confirmed via Facebook GPS) P.O.B (place of birt...
http://trojan7malware.blogspot.com/2013/09/the-ultimate-downfall-of-zues-herder.html
Published: 2013 09 22 11:21:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: The Ultimate downfall of a Zeus herder - published about 11 years ago. Content: Thanks to @0xali for starting and finding this guy. I decided to take this a step further and compile his entire life into one blog post ;)Name:Akpobo PeterAge:27 D.O.B: Jan 1 1986 (source: naijaporntube.socialparody.com/pg/profile/bowell) <<<< porn was his downfallResidence:NigeriaSanga ota, Ogun (confirmed via Facebook GPS) P.O.B (place of birt... http://trojan7malware.blogspot.com/2013/09/the-ultimate-downfall-of-zues-herder.html Published: 2013 09 22 11:21:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: Spammers already exploiting government shutdown? - published about 11 years ago.
Content: Today, I was scrolling through the endless amounts of 419 and port forward scams when one email caught my attention Subject: are you affected by the shutdown? We can help. <random # number to bypass spam filters> Hello. We're a employment agency who are hiring! After the government shut down we received a huge spike in job applications. We have noticed...
http://trojan7malware.blogspot.com/2013/10/spammers-already-exploiting-government.html
Published: 2013 10 01 13:50:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: Today, I was scrolling through the endless amounts of 419 and port forward scams when one email caught my attention Subject: are you affected by the shutdown? We can help. <random # number to bypass spam filters> Hello. We're a employment agency who are hiring! After the government shut down we received a huge spike in job applications. We have noticed...
http://trojan7malware.blogspot.com/2013/10/spammers-already-exploiting-government.html
Published: 2013 10 01 13:50:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: Spammers already exploiting government shutdown? - published about 11 years ago. Content: Today, I was scrolling through the endless amounts of 419 and port forward scams when one email caught my attention Subject: are you affected by the shutdown? We can help. <random # number to bypass spam filters> Hello. We're a employment agency who are hiring! After the government shut down we received a huge spike in job applications. We have noticed... http://trojan7malware.blogspot.com/2013/10/spammers-already-exploiting-government.html Published: 2013 10 01 13:50:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: New FTP RAT - published about 11 years ago.
Content: Today I was browsing forums and I discovered a feature request/sales promotion thread.The thread was promoting a new RAT ( remote administration/access tool) using FTP ( file transfer protocol). Most RAT's require port forwarding but because this RAT uses FTP-php there is no need to port forward. Website: hxxp://swipe(dot)pw/ Will edit this post with samples...
http://trojan7malware.blogspot.com/2013/10/new-ftp-rat.html
Published: 2013 10 07 23:22:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: Today I was browsing forums and I discovered a feature request/sales promotion thread.The thread was promoting a new RAT ( remote administration/access tool) using FTP ( file transfer protocol). Most RAT's require port forwarding but because this RAT uses FTP-php there is no need to port forward. Website: hxxp://swipe(dot)pw/ Will edit this post with samples...
http://trojan7malware.blogspot.com/2013/10/new-ftp-rat.html
Published: 2013 10 07 23:22:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: New FTP RAT - published about 11 years ago. Content: Today I was browsing forums and I discovered a feature request/sales promotion thread.The thread was promoting a new RAT ( remote administration/access tool) using FTP ( file transfer protocol). Most RAT's require port forwarding but because this RAT uses FTP-php there is no need to port forward. Website: hxxp://swipe(dot)pw/ Will edit this post with samples... http://trojan7malware.blogspot.com/2013/10/new-ftp-rat.html Published: 2013 10 07 23:22:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
Article: PS4 jailbreak - published almost 11 years ago.
Content: I'm taking NO CREDIT for this jailbreak. This jailbreak was done by @reckz0r ______ _ _____ | ___ \ | | | _ | | |_/ / ___ ___ | | __ ____ | |/' | _ __ | / / _ \ / __| | |/ / |_ / | /| | | '__|| |\ \ | __/ | (__ | < / / \ |_/ / | | 2011-present\_| \_| \___| \_...
http://trojan7malware.blogspot.com/2013/12/ps4-jailbreak.html
Published: 2013 12 01 11:45:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: I'm taking NO CREDIT for this jailbreak. This jailbreak was done by @reckz0r ______ _ _____ | ___ \ | | | _ | | |_/ / ___ ___ | | __ ____ | |/' | _ __ | / / _ \ / __| | |/ / |_ / | /| | | '__|| |\ \ | __/ | (__ | < / / \ |_/ / | | 2011-present\_| \_| \___| \_...
http://trojan7malware.blogspot.com/2013/12/ps4-jailbreak.html
Published: 2013 12 01 11:45:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: PS4 jailbreak - published almost 11 years ago. Content: I'm taking NO CREDIT for this jailbreak. This jailbreak was done by @reckz0r ______ _ _____ | ___ \ | | | _ | | |_/ / ___ ___ | | __ ____ | |/' | _ __ | / / _ \ / __| | |/ / |_ / | /| | | '__|| |\ \ | __/ | (__ | < / / \ |_/ / | | 2011-present\_| \_| \___| \_... http://trojan7malware.blogspot.com/2013/12/ps4-jailbreak.html Published: 2013 12 01 11:45:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: Affiliate System Drops ZeroAccess. - published almost 11 years ago.
Content: I was recently looking around on darkode and I found this affiliate. This affiliate was recently covered by @kafeine here. I began talking to the owner/operator of this affiliate system and after a few edits to cracked Blackhole (lol) i sent him my faked stats and I was quickly accepted.Whats an affiliate?An affiliate is a system were a content owner pays pe...
http://trojan7malware.blogspot.com/2013/12/affiliate-system-drops-zeroaccess.html
Published: 2013 12 17 17:31:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: I was recently looking around on darkode and I found this affiliate. This affiliate was recently covered by @kafeine here. I began talking to the owner/operator of this affiliate system and after a few edits to cracked Blackhole (lol) i sent him my faked stats and I was quickly accepted.Whats an affiliate?An affiliate is a system were a content owner pays pe...
http://trojan7malware.blogspot.com/2013/12/affiliate-system-drops-zeroaccess.html
Published: 2013 12 17 17:31:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: Affiliate System Drops ZeroAccess. - published almost 11 years ago. Content: I was recently looking around on darkode and I found this affiliate. This affiliate was recently covered by @kafeine here. I began talking to the owner/operator of this affiliate system and after a few edits to cracked Blackhole (lol) i sent him my faked stats and I was quickly accepted.Whats an affiliate?An affiliate is a system were a content owner pays pe... http://trojan7malware.blogspot.com/2013/12/affiliate-system-drops-zeroaccess.html Published: 2013 12 17 17:31:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: Namecheap exposed: official press release - published almost 11 years ago.
Content: Official press notice regarding namecheap corruption:Legal disclaimer: any articles linked or people mentioned are in no way affiliated and or associated with this press release. The companies and or person(s) are in no way responsible for the content in this press release Recently, I noticed a spam campaign exploiting the "new friend on Facebook" email temp...
http://trojan7malware.blogspot.com/2014/01/namecheap-exposed-official-press-release.html
Published: 2014 01 16 10:36:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: Official press notice regarding namecheap corruption:Legal disclaimer: any articles linked or people mentioned are in no way affiliated and or associated with this press release. The companies and or person(s) are in no way responsible for the content in this press release Recently, I noticed a spam campaign exploiting the "new friend on Facebook" email temp...
http://trojan7malware.blogspot.com/2014/01/namecheap-exposed-official-press-release.html
Published: 2014 01 16 10:36:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: Namecheap exposed: official press release - published almost 11 years ago. Content: Official press notice regarding namecheap corruption:Legal disclaimer: any articles linked or people mentioned are in no way affiliated and or associated with this press release. The companies and or person(s) are in no way responsible for the content in this press release Recently, I noticed a spam campaign exploiting the "new friend on Facebook" email temp... http://trojan7malware.blogspot.com/2014/01/namecheap-exposed-official-press-release.html Published: 2014 01 16 10:36:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
Article: Inside A Malware Campaign - published almost 11 years ago.
Content: A while back I received some spam email with the theme of adding new friends of facebook. This is how I became aware of the campaign now known as the "Aqua VPN" campaign.World renowned and internationally respected anti virus vendor MalwareBytes also blogged about this campaign here (thanks to @paperghost)After gaining admin rights to the web panel I built a...
http://trojan7malware.blogspot.com/2014/01/inside-malware-campaign.html
Published: 2014 01 20 12:12:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: A while back I received some spam email with the theme of adding new friends of facebook. This is how I became aware of the campaign now known as the "Aqua VPN" campaign.World renowned and internationally respected anti virus vendor MalwareBytes also blogged about this campaign here (thanks to @paperghost)After gaining admin rights to the web panel I built a...
http://trojan7malware.blogspot.com/2014/01/inside-malware-campaign.html
Published: 2014 01 20 12:12:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: Inside A Malware Campaign - published almost 11 years ago. Content: A while back I received some spam email with the theme of adding new friends of facebook. This is how I became aware of the campaign now known as the "Aqua VPN" campaign.World renowned and internationally respected anti virus vendor MalwareBytes also blogged about this campaign here (thanks to @paperghost)After gaining admin rights to the web panel I built a... http://trojan7malware.blogspot.com/2014/01/inside-malware-campaign.html Published: 2014 01 20 12:12:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: Spammers Abuse KiK for Survey Revenue - published over 10 years ago.
Content: Recently I discovered a spam campaign that utilises the popular messaging service kik to monetize the spammers efforts.As you can see the message was sent by the unofficial kik account (upon creating a account you automatically add the official account) and is asking you to visit a unknown website. Two warning signs that should scream at you not to visit. So...
http://trojan7malware.blogspot.com/2014/03/spammers-abuse-kik-for-survey-revenue.html
Published: 2014 03 20 00:51:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: Recently I discovered a spam campaign that utilises the popular messaging service kik to monetize the spammers efforts.As you can see the message was sent by the unofficial kik account (upon creating a account you automatically add the official account) and is asking you to visit a unknown website. Two warning signs that should scream at you not to visit. So...
http://trojan7malware.blogspot.com/2014/03/spammers-abuse-kik-for-survey-revenue.html
Published: 2014 03 20 00:51:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: Spammers Abuse KiK for Survey Revenue - published over 10 years ago. Content: Recently I discovered a spam campaign that utilises the popular messaging service kik to monetize the spammers efforts.As you can see the message was sent by the unofficial kik account (upon creating a account you automatically add the official account) and is asking you to visit a unknown website. Two warning signs that should scream at you not to visit. So... http://trojan7malware.blogspot.com/2014/03/spammers-abuse-kik-for-survey-revenue.html Published: 2014 03 20 00:51:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: Serious Security Vulnerability in Runescape - published over 10 years ago.
Content: I recently found a serious security issue with Jagex (who owns the worlds most popular MMORP called Runescape).This security issue is caused when a customer wants to cancel their membership. Jagex asks for you to send them PLAINTEXT credit card details via EMAIL. Yes, you read correctly. Plaintext credit card information, potentially the most personal inform...
http://trojan7malware.blogspot.com/2014/04/serious-security-vulnerability-in.html
Published: 2014 04 16 11:22:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: I recently found a serious security issue with Jagex (who owns the worlds most popular MMORP called Runescape).This security issue is caused when a customer wants to cancel their membership. Jagex asks for you to send them PLAINTEXT credit card details via EMAIL. Yes, you read correctly. Plaintext credit card information, potentially the most personal inform...
http://trojan7malware.blogspot.com/2014/04/serious-security-vulnerability-in.html
Published: 2014 04 16 11:22:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: Serious Security Vulnerability in Runescape - published over 10 years ago. Content: I recently found a serious security issue with Jagex (who owns the worlds most popular MMORP called Runescape).This security issue is caused when a customer wants to cancel their membership. Jagex asks for you to send them PLAINTEXT credit card details via EMAIL. Yes, you read correctly. Plaintext credit card information, potentially the most personal inform... http://trojan7malware.blogspot.com/2014/04/serious-security-vulnerability-in.html Published: 2014 04 16 11:22:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
Article: iOS Chrome Browser Opens Doors To Call Affiliate Hackers - published about 10 years ago.
Content: First blog post in a long time, so firstly I apologise for that.I was looking for a companies contact number to report a bug to them using my phone which is when I discovered this extremely weird bug.So for my testing I have only tried on an Iphone 5 running iOS 8.0.2 only the current Chrome browser version.Exploit Landscape:Chrome includes a feature called ...
http://trojan7malware.blogspot.com/2014/10/ios-chrome-browser-opens-doors-to-call.html
Published: 2014 10 07 17:42:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: First blog post in a long time, so firstly I apologise for that.I was looking for a companies contact number to report a bug to them using my phone which is when I discovered this extremely weird bug.So for my testing I have only tried on an Iphone 5 running iOS 8.0.2 only the current Chrome browser version.Exploit Landscape:Chrome includes a feature called ...
http://trojan7malware.blogspot.com/2014/10/ios-chrome-browser-opens-doors-to-call.html
Published: 2014 10 07 17:42:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: iOS Chrome Browser Opens Doors To Call Affiliate Hackers - published about 10 years ago. Content: First blog post in a long time, so firstly I apologise for that.I was looking for a companies contact number to report a bug to them using my phone which is when I discovered this extremely weird bug.So for my testing I have only tried on an Iphone 5 running iOS 8.0.2 only the current Chrome browser version.Exploit Landscape:Chrome includes a feature called ... http://trojan7malware.blogspot.com/2014/10/ios-chrome-browser-opens-doors-to-call.html Published: 2014 10 07 17:42:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: OphionLocker. New ransomware on the scene - published almost 10 years ago.
Content: This malware was discovered by a honeypot triggered during a malvertising campaign. The campaign used the RIG exploit kit. Interesting features of this ransomware:Uses elliptic curve cryptography for the encryption of files. (I believe this is the first ransomware to use such methods)Spread using an EK all variants were FUD at time of discovery.Price can be ...
http://trojan7malware.blogspot.com/2014/12/ophionlocker-new-ransomware-on-scene.html
Published: 2014 12 09 19:46:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: This malware was discovered by a honeypot triggered during a malvertising campaign. The campaign used the RIG exploit kit. Interesting features of this ransomware:Uses elliptic curve cryptography for the encryption of files. (I believe this is the first ransomware to use such methods)Spread using an EK all variants were FUD at time of discovery.Price can be ...
http://trojan7malware.blogspot.com/2014/12/ophionlocker-new-ransomware-on-scene.html
Published: 2014 12 09 19:46:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: OphionLocker. New ransomware on the scene - published almost 10 years ago. Content: This malware was discovered by a honeypot triggered during a malvertising campaign. The campaign used the RIG exploit kit. Interesting features of this ransomware:Uses elliptic curve cryptography for the encryption of files. (I believe this is the first ransomware to use such methods)Spread using an EK all variants were FUD at time of discovery.Price can be ... http://trojan7malware.blogspot.com/2014/12/ophionlocker-new-ransomware-on-scene.html Published: 2014 12 09 19:46:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: Simple Method To Bypass Cloudflare - published about 9 years ago.
Content: I get asked this question a lot so I thought I'd finally publish my response here for the sake of everyone. Cloudflare is the name of a company who provide DDoS protection to websites. They do this by basically filtering out the attack traffic from legitimate traffic so your site remains unaffected. They do this by inserting a proxy between your website and ...
http://trojan7malware.blogspot.com/2015/10/simple-method-to-bypass-cloudflare.html
Published: 2015 10 20 16:54:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: I get asked this question a lot so I thought I'd finally publish my response here for the sake of everyone. Cloudflare is the name of a company who provide DDoS protection to websites. They do this by basically filtering out the attack traffic from legitimate traffic so your site remains unaffected. They do this by inserting a proxy between your website and ...
http://trojan7malware.blogspot.com/2015/10/simple-method-to-bypass-cloudflare.html
Published: 2015 10 20 16:54:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: Simple Method To Bypass Cloudflare - published about 9 years ago. Content: I get asked this question a lot so I thought I'd finally publish my response here for the sake of everyone. Cloudflare is the name of a company who provide DDoS protection to websites. They do this by basically filtering out the attack traffic from legitimate traffic so your site remains unaffected. They do this by inserting a proxy between your website and ... http://trojan7malware.blogspot.com/2015/10/simple-method-to-bypass-cloudflare.html Published: 2015 10 20 16:54:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
Article: Whatsapp Spam Leads To Stock Trader Scams. - published over 8 years ago.
Content: Today started with just the run of the mill spam campaigns caught by my honeypots (dick pills, dating and malware) but today I received something I haven't seen for a few weeks. Stock Traders masked as "Rich Mom's" scam system but then things got interesting.The scam originally appears as a work from home scam at the site Whois 14,profit,com. upon visiting t...
http://trojan7malware.blogspot.com/2016/03/whatsapp-spam-leads-to-stock-trader.html
Published: 2016 03 07 22:11:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
Content: Today started with just the run of the mill spam campaigns caught by my honeypots (dick pills, dating and malware) but today I received something I haven't seen for a few weeks. Stock Traders masked as "Rich Mom's" scam system but then things got interesting.The scam originally appears as a work from home scam at the site Whois 14,profit,com. upon visiting t...
http://trojan7malware.blogspot.com/2016/03/whatsapp-spam-leads-to-stock-trader.html
Published: 2016 03 07 22:11:00
Received: 2021 06 06 09:05:03
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security
|
Article: Whatsapp Spam Leads To Stock Trader Scams. - published over 8 years ago. Content: Today started with just the run of the mill spam campaigns caught by my honeypots (dick pills, dating and malware) but today I received something I haven't seen for a few weeks. Stock Traders masked as "Rich Mom's" scam system but then things got interesting.The scam originally appears as a work from home scam at the site Whois 14,profit,com. upon visiting t... http://trojan7malware.blogspot.com/2016/03/whatsapp-spam-leads-to-stock-trader.html Published: 2016 03 07 22:11:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: Post exploitation using Nishang. - published over 11 years ago.
Content: Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and post exploitation during Penetraion Tests. The scripts are written on the basis of requirement by the author during real Penetration Tests. This framework is written by Nikhil Mittal who is also author of Kautilya framework.For more info...
https://tipstrickshack.blogspot.com/2013/08/post-exploitation-using-nishang.html
Published: 2013 08 21 16:21:00
Received: 2021 06 06 09:05:03
Feed: Hacking and Tricks
Source: Hacking and Tricks
Category: Cyber Security
Topic: Cyber Security
Content: Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and post exploitation during Penetraion Tests. The scripts are written on the basis of requirement by the author during real Penetration Tests. This framework is written by Nikhil Mittal who is also author of Kautilya framework.For more info...
https://tipstrickshack.blogspot.com/2013/08/post-exploitation-using-nishang.html
Published: 2013 08 21 16:21:00
Received: 2021 06 06 09:05:03
Feed: Hacking and Tricks
Source: Hacking and Tricks
Category: Cyber Security
Topic: Cyber Security
|
Article: Post exploitation using Nishang. - published over 11 years ago. Content: Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and post exploitation during Penetraion Tests. The scripts are written on the basis of requirement by the author during real Penetration Tests. This framework is written by Nikhil Mittal who is also author of Kautilya framework.For more info... https://tipstrickshack.blogspot.com/2013/08/post-exploitation-using-nishang.html Published: 2013 08 21 16:21:00 Received: 2021 06 06 09:05:03 Feed: Hacking and Tricks Source: Hacking and Tricks Category: Cyber Security Topic: Cyber Security |
|
Article: Post exploitation & swaparoo backdoor. - published over 11 years ago.
Content: Today we are going to create valid RDP user in victim pc using two method.(1)As usual get meterpreter session of victim using metasploit.We need system privilege So use getsystem .(getsystem will work in xp. But if victim has windows 7 than you have to use bypassuac module;it will work if victim has admin provilage.But most of time detecetd by AV. So you hav...
https://tipstrickshack.blogspot.com/2013/08/post-exploitation-swaparoo-backdoor.html
Published: 2013 08 23 15:25:00
Received: 2021 06 06 09:05:03
Feed: Hacking and Tricks
Source: Hacking and Tricks
Category: Cyber Security
Topic: Cyber Security
Content: Today we are going to create valid RDP user in victim pc using two method.(1)As usual get meterpreter session of victim using metasploit.We need system privilege So use getsystem .(getsystem will work in xp. But if victim has windows 7 than you have to use bypassuac module;it will work if victim has admin provilage.But most of time detecetd by AV. So you hav...
https://tipstrickshack.blogspot.com/2013/08/post-exploitation-swaparoo-backdoor.html
Published: 2013 08 23 15:25:00
Received: 2021 06 06 09:05:03
Feed: Hacking and Tricks
Source: Hacking and Tricks
Category: Cyber Security
Topic: Cyber Security
|
Article: Post exploitation & swaparoo backdoor. - published over 11 years ago. Content: Today we are going to create valid RDP user in victim pc using two method.(1)As usual get meterpreter session of victim using metasploit.We need system privilege So use getsystem .(getsystem will work in xp. But if victim has windows 7 than you have to use bypassuac module;it will work if victim has admin provilage.But most of time detecetd by AV. So you hav... https://tipstrickshack.blogspot.com/2013/08/post-exploitation-swaparoo-backdoor.html Published: 2013 08 23 15:25:00 Received: 2021 06 06 09:05:03 Feed: Hacking and Tricks Source: Hacking and Tricks Category: Cyber Security Topic: Cyber Security |
Article: How to get plain text source from shc compiled bash script? - published over 11 years ago.
Content: Shc is used to protect your shell script from modification or inspection. If you created bash script want to distribute it , but dono`t want them to easily readble by other people , then you can use it.First we see how to compiled bash script to binary?wget http://www.datsi.fi.upm.es/~frosal/sources/shc-3.8.7.tgztar -xvzf shc-3.8.7.tgzcd shc-3.8.7make./shcYo...
https://tipstrickshack.blogspot.com/2013/08/how-to-get-plain-text-source-from-shc.html
Published: 2013 08 25 07:39:00
Received: 2021 06 06 09:05:03
Feed: Hacking and Tricks
Source: Hacking and Tricks
Category: Cyber Security
Topic: Cyber Security
Content: Shc is used to protect your shell script from modification or inspection. If you created bash script want to distribute it , but dono`t want them to easily readble by other people , then you can use it.First we see how to compiled bash script to binary?wget http://www.datsi.fi.upm.es/~frosal/sources/shc-3.8.7.tgztar -xvzf shc-3.8.7.tgzcd shc-3.8.7make./shcYo...
https://tipstrickshack.blogspot.com/2013/08/how-to-get-plain-text-source-from-shc.html
Published: 2013 08 25 07:39:00
Received: 2021 06 06 09:05:03
Feed: Hacking and Tricks
Source: Hacking and Tricks
Category: Cyber Security
Topic: Cyber Security
|
Article: How to get plain text source from shc compiled bash script? - published over 11 years ago. Content: Shc is used to protect your shell script from modification or inspection. If you created bash script want to distribute it , but dono`t want them to easily readble by other people , then you can use it.First we see how to compiled bash script to binary?wget http://www.datsi.fi.upm.es/~frosal/sources/shc-3.8.7.tgztar -xvzf shc-3.8.7.tgzcd shc-3.8.7make./shcYo... https://tipstrickshack.blogspot.com/2013/08/how-to-get-plain-text-source-from-shc.html Published: 2013 08 25 07:39:00 Received: 2021 06 06 09:05:03 Feed: Hacking and Tricks Source: Hacking and Tricks Category: Cyber Security Topic: Cyber Security |
|
Article: Exploit Oracle Endeca Server with metasploit. - published over 11 years ago.
Content: This module exploits a command injection vulnerability on the Oracle Endeca Server 7.4.0. The vulnerability exists on the createDataStore method from the controlSoapBinding web service. The vulnerable method only exists on the 7.4.0 branch and isn't available on the 7.5.5.1 branch. On the other hand, the injection has been found to be Windows specific. Thi...
https://tipstrickshack.blogspot.com/2013/08/exploit-oracle-endeca-server-with.html
Published: 2013 08 27 07:51:00
Received: 2021 06 06 09:05:03
Feed: Hacking and Tricks
Source: Hacking and Tricks
Category: Cyber Security
Topic: Cyber Security
Content: This module exploits a command injection vulnerability on the Oracle Endeca Server 7.4.0. The vulnerability exists on the createDataStore method from the controlSoapBinding web service. The vulnerable method only exists on the 7.4.0 branch and isn't available on the 7.5.5.1 branch. On the other hand, the injection has been found to be Windows specific. Thi...
https://tipstrickshack.blogspot.com/2013/08/exploit-oracle-endeca-server-with.html
Published: 2013 08 27 07:51:00
Received: 2021 06 06 09:05:03
Feed: Hacking and Tricks
Source: Hacking and Tricks
Category: Cyber Security
Topic: Cyber Security
|
Article: Exploit Oracle Endeca Server with metasploit. - published over 11 years ago. Content: This module exploits a command injection vulnerability on the Oracle Endeca Server 7.4.0. The vulnerability exists on the createDataStore method from the controlSoapBinding web service. The vulnerable method only exists on the 7.4.0 branch and isn't available on the 7.5.5.1 branch. On the other hand, the injection has been found to be Windows specific. Thi... https://tipstrickshack.blogspot.com/2013/08/exploit-oracle-endeca-server-with.html Published: 2013 08 27 07:51:00 Received: 2021 06 06 09:05:03 Feed: Hacking and Tricks Source: Hacking and Tricks Category: Cyber Security Topic: Cyber Security |
|
All Articles
Ordered by Date Received
: Year: "2021"
Month: "06"
Page:
<<
<
186 (of 221)
>
>>
Total Articles in this collection: 11,093
- "All Articles" links back to the front page, effectivly the Planet "Home Page"; shows all articles, with no selections, or groupings.
- Default date ordering is by "Received Date" (due to not all RSS feeds having a "Published Date").
- Only Published Date selections use the articles Published Date.
- The first page always shows fifty items plus from zero to up to a remaining forty-nine items, before they are commited permently to the next page.
- All subsequent pages show fifty items.
- Pagination is in reverse ordering (so that pages are permamenent links, aka "permalinks", to their content).
- "<<" moves you to the first page (aka newest articles)
- ">>" moves you to the last page (aka oldest articles)
- "<" moves you to the previous page (aka newer articles)
- ">" moves you to the next page (aka older articles)
- Return to the top of this page Go Now
