Facebook Ups Security: New Vulnerability Disclosure Policy, WhatsApp Advisory Page

~ Dade Murphy ~ Leave a comment

Latest Hacking News-- Facebook has recently taken numerous security steps toward enhancing app security. These include the launch of a dedicated advisory web Facebook Ups Security: New Vulnerability Disclosure Policy, WhatsApp Advisory Page on Latest Hacking News. View original article on Latest Hacking News

Japan, France, New Zealand Warn of Sudden Uptick in Emotet Trojan Attacks

~ Dade Murphy ~ Leave a comment

The Hacker News-- Cybersecurity agencies across Asia and Europe have issued multiple security alerts regarding the resurgence of email-based Emotet malware attacks targeting businesses in France, Japan, and New Zealand. "The emails contain malicious attachments or links that the receiver is encouraged to download," New Zealand's Computer Emergency Response Team (CERT) said. "These links and … Continue reading Japan, France, New Zealand Warn of Sudden Uptick in Emotet Trojan Attacks

Bpytop – Linux/OSX/FreeBSD Resource Monitor

~ Dade Murphy ~ Leave a comment

KitPloit - PenTest Tools!-- Resource monitor that shows usage and stats for processor, memory, disks, network and processes.Python port of bashtop.FeaturesEasy to use, with a game inspired menu system.Full mouse support, all buttons with a highlighted key is clickable and mouse scroll works in process list and menu boxes.Fast and responsive UI with UP, DOWN … Continue reading Bpytop – Linux/OSX/FreeBSD Resource Monitor

PurpleCloud – An Infrastructure As Code (IaC) Deployment Of A Small Active Directory Pentest Lab In The Cloud

~ Dade Murphy ~ Leave a comment

KitPloit - PenTest Tools!-- Pentest Cyber Range for a small Active Directory Domain. Automated templates for building your own Pentest/Red Team/Cyber Range in the Azure cloud! Purple Cloud is a small Active Directory enterprise deployment automated with Terraform / Ansible Playbook templates to be deployed in Azure. Purple Cloud also includes an adversary node implemented … Continue reading PurpleCloud – An Infrastructure As Code (IaC) Deployment Of A Small Active Directory Pentest Lab In The Cloud

TryHackMe. Breaking Into the Kenobi Machine.

~ Dade Murphy ~ Leave a comment

InfoSec Write-ups - Medium-- It’s not just a basic walkthrough but a resource to learn from.Deploy the Vulnerable MachineAt the very beginning of the penetration test, I’d like to start with two scans which I usually call basic Nmap scan and vuln scan.Basic Nmap scan:In the basic scan I usually use -sC, -sV, and -O switches.Vuln scan:Vuln scan … Continue reading TryHackMe. Breaking Into the Kenobi Machine.

How response Manipulation got me a little, but sweet Bounty

~ Dade Murphy ~ Leave a comment

InfoSec Write-ups - Medium-- So it can for youPhoto by timJ on UnsplashHi everyone, I’ve not been writing on Medium for a while(busy months here), however today I wanted to share with you how Response manipulation got me a Low severity bug, going hand in hand with a quickly earned bounty. When targeting a Website/Web App(or Both :D), … Continue reading How response Manipulation got me a little, but sweet Bounty

A week in security (August 31 – September 6)

~ Dade Murphy ~ Leave a comment

Malwarebytes Labs-- Last week on Malwarebytes Labs, we dug into security hubris on the Lock and Code podcast, explored ways in which Apple’s notarization process may not be hitting all the right notes, and detailed a new web skimmer. We also explained how to keep distance learners secure, talked about PCI DSS compliance, and revealed … Continue reading A week in security (August 31 – September 6)