The internet has been aflame with discussions around three leaks of internal information from APT groups attributed with the Islamic Republic of Iran. One of these leaks was written up by the security firm ClearSky and details what appears to be an offensive…

I just recently joined a startup and have been a part of their InfoSec team. Recently this thought popped up in my mind that I should…

This article is being re-published originally written by me one year back.

We used to think of Telegram as a reliable and secure transmission medium for messages of any sort. But under the hood, it has a rather…

Twitter: @s4tan Sojobo GitHub project: https://github.com/enkomio/Sojobo Sojobo is a new binary analysis framework written in .NET and b...

0 votes and 5 comments so far on Reddit

Conducting a thorough forensic investigation of compromised machines is integral to incident response. However, it can be a challenging task because it requires the device to be in the corporate network and for additional software to be deployed, or for SecOps…

Linux systems running LXD are vulnerable to privilege escalation via multiple attack paths, two of which are published in my “lxd_root” GitHub repository. This blog will go into the details of what I think is a very interesting path - abusing relayed UNIX…

Information released publicly by NCC Group's Cyber Defence team - nccgroup/Cyber-Defence

Introduction Recently, I installed Malwarebytes on my machine. I played around with it for a little and I noticed that something was off with the scanning of files on disk. Naturally, it tempted me into digging further to identify the root cause but I had…

I lost north of $100,000 last Wednesday. It evaporated over a 24 hour timespan in a “SIM port attack” that drained my Coinbase account.

We used to think of Telegram as a reliable and secure transmission medium for messages of any sort. But under the hood, it has a rather common combination of a-...

How to defend against this denial of service attack which can be used to deactivate firewalls from a number of vendors, for less than five dollars.

Have a checklist of tasks you perform every penetration test, such as SSH bruteforcing or port mapping? Automate it with Python and Metasploit! Unfortunately, there hasn’t been a working, full-featured Python library for making these tasks easy for many years…

Advanced Indicator of Compromise (IOC) extractor. Contribute to InQuest/python-iocextract development by creating an account on GitHub.

TL;DR: starting February 2020, DNS servers that don’t support DNS both over UDP and TCP may stop working. Bangkok, in general, is a strange place to stay. Of c...

A few years ago I discovered a technique to call functions in JavaScript without parentheses using onerror and the throw statement. It works by setting the onerror handler to the function you want to

The Air Force has reportedly seized an attorney's computer and phone as part of an investigation into whether the Navy improperly spied on defense attorneys.