Methodology-based scams Target-Based Scams Platform-Based Scams Online The fraudulent activities take place across online platforms. Travel Fake vacation packages which offer hidden fees or non-existent accommodations. Utility Impersonating utility companies to demand immediate payment or threaten w…
Category: Interesting Stuff
For CISA, understanding adversary behavior is often the first step in protecting networks and data. The success network defenders have in detecting and mitigating cyberattacks depends on this understanding. The MITRE ATT&CK® framework is a globally accessible knowledge base of adversary tac…
OVERVIEW: REMOTE ACCESS SOFTWARE Remote access software and tools comprise a broad array of capabilities used to maintain and improve IT, operational technology (OT), and industrial control systems (ICS) services; they allow a proactive and flexible approach for organizations to remotely oversee net…
In this report, we will analyze the MATANBUCHUS loader, a C++ malware, to determine its function and capabilities: API Hashing Stack Strings Checks number of running process PEB Traversal Anti-Sandbox techniques We’ll start with resolving APIs and decoding the strings, then proceed through the loade…
A bug bounty program is essentially a legalized hacking arrangement where organizations offer rewards to ethical hackers (also called bug bounty hunters) for discovering and reporting vulnerabilities in their software, systems, or websites. Here’s a deeper dive into how bug bounties work: Benefits f…
Microsoft 365 (formerly Office 365) is Microsoft’s cloud-based suite of productivity tools, which includes email, collaboration platforms, and office applications. All are integrated with Entra ID (referred to as Azure AD in this post) for identity and access management. M365’s centra…
The digital device that we use the most in our daily lives is mobile phone. It is used in a wide range of daily activities such as communication, searching, shopping, making payment, verifying identity, and investing. Some people do not own personal computers, but almost everyone these days have mobile phones….
The COM Hijacking technique is often utilized by threat actors and various malware families to achieve both persistence and privilege escalation in target systems. It relies on manipulating Component Object Model (COM), exploiting the core architecture of Windows that enables com…
The New Technology File System (NTFS) is a file system developed and introduced by Microsoft in 1995, It was produced to overcome some limitations and offer new features. Hard-links Improved performance, reliability, and disk space utilization Security access control lists File system journaling Her…
https://web-check.xyz/ Supported Checks IP Info SSL Chain DNS Records Cookies Crawl Rules Headers Quality Metrics Server Location Associated Hosts Redirect Chain TXT Records Server Status Open Ports Traceroute Carbon Footprint Server Info Whois Lookup Domain Info DNS Security Extensions Site Feature…
https://www.shadowstackre.com/ – Committed to delivering high quality malware intelligence and services to the cybersecurity community. Open this link : https://github.com/ShadowStackRe/intel/tree/master/rules/yara Example :YARA to detect Cactus Ransomwarestrings:$strReadMe = “cAcTuS.readme.txt” wid…
The basic idea revolves around gafAsyncKeyState (gaf = global af?), which is an undocumented kernel structure in win32kbase.sys used by NtUserGetAsyncKeyState (this structure exists up to Windows 10 – more on that at the end or in the talk linked above). By first locati…
10. can I speak to your manager? hacking root EPP servers to take control of zones In tenth place, we have a beautiful insight into some overlooked and incredibly valuable attack-surface. In can I speak to your manager? hacking root EPP servers to take control of zones, Sam Curry, Brett Buerhau…
APIs (Application Programming Interfaces) have become integral components of modern software systems, facilitating communication and interaction between various applications and services. However, they also represent a significant attack surface, susceptible to a variety of malicious activities. Thi…
iPurpleTeam, has developed the following framework considering various components that are required to safeguard that rules will be developed in an threat aligned and reliable manner. https://github.com/netbiosX/iPurpleTeam/blob/main/Detection-Engineering/Detection-Rules-Development-Framework.md Rul…