A Handy Guide for Choosing a Managed Detection & Response (MDR) Service

~ Dade Murphy ~ Leave a comment

The Hacker News-- Every company needs help with cybersecurity. No CISO ever said, "I have everything I need and am fully confident that our organization is fully protected against breaches." This is especially true for small and mid-sized enterprises that don't have the luxury of enormous cybersecurity budgets and a deep bench of cybersecurity experts. … Continue reading A Handy Guide for Choosing a Managed Detection & Response (MDR) Service

GHunt – Investigate Google Accounts With Emai

~ Dade Murphy ~ Leave a comment

KitPloit - PenTest Tools!-- GHunt is an OSINT tool to extract a lot of informations of someone's Google Account email. It can currently extract : Owner's name Last time the profile was edited Google ID If the account is an Hangouts Bot Activated Google services (Youtube, Photos, Maps, News360, Hangouts, etc.) Possible Youtube channel Possible … Continue reading GHunt – Investigate Google Accounts With Emai

ALERT! Hackers targeting IoT devices with a new P2P botnet malware

~ Dade Murphy ~ Leave a comment

The Hacker News-- Cybersecurity researchers have taken the wraps off a new botnet hijacking Internet-connected smart devices in the wild to perform nefarious tasks, mostly DDoS attacks, and illicit cryptocurrency coin mining. Discovered by Qihoo 360's Netlab security team, the HEH Botnet — written in Go language and armed with a proprietary peer-to-peer (P2P) protocol, spreads via … Continue reading ALERT! Hackers targeting IoT devices with a new P2P botnet malware

TryHackMe: The Impossible Challenge Write-up

~ Dade Murphy ~ Leave a comment

InfoSec Write-ups - Medium-- TryHackme: The Impossible Challenge Write-upUnicode Steganography with Zero-Width CharactersHi everyone !Room: The Impossible ChallengeDifficulty: MediumThe name already suggests it is bit tough and time-consuming challenge for me based on cryptography/stenography. So let’s hunt for flag….When you enter the room it looks all normal and from here trouble begins..Challenge includes a password-protected zip file named … Continue reading TryHackMe: The Impossible Challenge Write-up

Offering Users More For Their Activity – Similar Items Upon Checkout

~ Dade Murphy ~ Leave a comment

KitPloit - PenTest Tools!-- The shopping isn't finished once you've purchased your item. If you've ever done shopping online, then you know all about being presented with related items to the one you just purchased. This feature is common for online retail websites and quite useful for both the consumer and the producers. If the … Continue reading Offering Users More For Their Activity – Similar Items Upon Checkout

Lockphish – The First Tool For Phishing Attacks On The Lock Screen, Designed To Grab Windows Credentials, Android PIN And iPhone Passcode

~ Dade Murphy ~ Leave a comment

KitPloit - PenTest Tools!-- Lockphish it's the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link.LockPhish Tutorial: https://www.kalilinux.in/2020/05/lockphish.htmlAuthor: The Linux Choice (Who deleted his GitHub repository)Twitter: https://twitter.com/linux_choice Features:Lockscreen phishing page for Windows, Android and iPhoneAuto detect devicePort Forwarding by NgrokIP … Continue reading Lockphish – The First Tool For Phishing Attacks On The Lock Screen, Designed To Grab Windows Credentials, Android PIN And iPhone Passcode

Release the Kraken: Fileless APT attack abuses Windows Error Reporting service

~ Dade Murphy ~ Leave a comment

Malwarebytes Labs-- This blog post was authored by Hossein Jazi and Jérôme Segura. On September 17th, we discovered a new attack called Kraken that injected its payload into the Windows Error Reporting (WER) service as a defense evasion mechanism. That reporting service, WerFault.exe, is usually invoked when an error related to the operating system, Windows … Continue reading Release the Kraken: Fileless APT attack abuses Windows Error Reporting service