Items Tagged with "Hacking"


85ebad98d8a178be8baf16929526446e

The Bloody Battle of Website Defacement: “ISIS” Hackers vs. WordPress

March 13, 2015 Added by:Nimrod Luria

Eliminating defacement attacks on a WordPress site is extremely difficult because of the vulnerable nature of the platform. Administrators should continuously check for the appearance of unknown files and directories and monitor them for changes.

Comments  (3)

6d117b57d55f63febe392e40a478011f

Hacking Your Way Through Airports and Hotels

November 16, 2013 Added by:Anthony M. Freed

Want to know how to hack travelers and hotel networks in a matter of minutes? On a recent trip, Nabil Ouchn (@toolswatch) decided to do some some security analysis with a piece of hardware called the PwnPad – a penetration testing tablet – and a few other tools to see what kind of mischief he could get into.

Comments  (3)

7ddc1f3000a13e4dfec28074e9e7b658

How The NSA Deploys Malware: An In-Depth Look at the New Revelations

October 08, 2013 Added by:Electronic Frontier Foundation

The template for attacking people with malware used by the NSA is in widespread use by criminals and fraudsters, as well as foreign intelligence agencies, so it's important to understand and defend against this threat to avoid being a victim to the plethora of attackers out there.

Comments  (0)

Ffc4103a877b409fd8d6da8f854f617e

Pentagon Ups Cyber Espionage Accusations Against China

May 07, 2013 Added by:InfosecIsland News

A new report from the Pentagon marked the most explicit statement yet from the United States that it believes China's cyber spying is focused on the US government, as well as American corporations.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Brian Honan on Hacking Senior Management

March 28, 2013 Added by:Tripwire Inc

What are security professionals doing wrong that they can’t connect and communicate with their businesses’ senior management, asked Brian Honan, Principal of BH Consulting in our conversation at the 2013 RSA Conference in San Francisco.

Comments  (4)

66aba1b1a2bccb57f2459a04e2e49b0e

Chinese Whispers, Chinese Lies: Analyzing Mandiant's APT1 Report

March 25, 2013 Added by:Oliver Rochford

The foremost problem with the Mandiant report is that it relies on a view of China and the Chinese Cyber-Operations that has very little to do with situational conditions on the ground.

Comments  (0)

Da3ca2c61c4790bcbd81ebf28318d10a

APT1: The Good, The Bad, and The Ugly

February 21, 2013 Added by:Krypt3ia

I believe that Mandiant published the APT1 report primarily as a means of advertising and not much else. There is talk of the release being given the tacit nod by the government to push through the idea that there is a problem and that China is robbing us blind.

Comments  (3)

7e364bbac217114a59e547b354e7f7ad

Don’t Be Caught Playing the Fool (A Lesson in Why Change Control is Important)

January 03, 2013 Added by:Gary McCully

This is a real world story around the dangers of not following proper change control processes when placing new systems in production. In this blog I will discuss how one person’s actions could have resulted in an attacker gaining complete access to the organization’s internal network. I am hoping this example will cause organizations to take their change control processes a little more seriou...

Comments  (0)

71d85bb5d111973cb65dfee3d2a7e6c9

Refresher Series - Capturing and cracking SMB hashes with Cain and Half-LM rainbow tables.

December 20, 2012 Added by:f8lerror

On to the fun stuff, to capture a hash we want to use the Metasploit capture SMB auxiliary module, which is located in auxiliary/server/capture/smb. Leave the default settings with the exception of the CAINPWFILE. Set this to output the file where ever you like...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

How to turn any phone into a spy device with hardware hack

December 02, 2012 Added by:Pierluigi Paganini

Researcher Atul Alex has presented at the last edition of yhe International Malware Conference (MalCon) how it is possible to attack every mobile device with special hardware designed by using common electronic components...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Defending Your Digital Domain Redux: Take 2

November 21, 2012 Added by:Rafal Los

I'll start with I'm not an expert on 'cyber warfare' or a lawyer offering legal advice, in fact I'd simply rather not touch that whole angle at all. I'm much more comfortable addressing this issue as it came up today from a more sensible perspective. What follows in this post is an editorial opinion...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Post Exploitation Command Lists: Request to Edit

November 07, 2012 Added by:Rob Fuller

If you would like to contribute, please shoot me a tweet, a email, a... anything and I will gladly add you to the permissions to edit. Honestly it just became so overwhelming that every time I thought to add something I would cringe away because I know I'd spend most of time fixing them...

Comments  (0)

71d85bb5d111973cb65dfee3d2a7e6c9

Getting System the Lazy Way

October 31, 2012 Added by:f8lerror

We know all that many users are local administrators. We also know we can send or drop binaries to these users and they will run whatever we want them to. The problem lies in when they run the binary if they don’t run it as admin we may not be able to get system level access. To be honest that is the level I want...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Free Shells with Plink and Pageant

October 21, 2012 Added by:Rob Fuller

Watching Egypt’s talk at DEFCON 20 he mentioned the ability to jump on on a system when pageant (puTTY’s ssh-agent equivalent) is running. So I wanted to figure out the best way to get this going. Here is what I came up with...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

The New Social Engineering Toolkit vs Windows 7 and 8

October 08, 2012 Added by:Dan Dieterle

Cyber genius David Kennedy (aka The Mad Hugger) and his rockstar team have done it again. Just when you thought your Anti-Virus was safe, the TrustedSec team has shown once again that pinning all your corporate security hope on AV protection alone is not a good strategy...

Comments  (1)

D8853ae281be8cfdfa18ab73608e8c3f

Completely In-memory Mimikatz with Metasploit

October 07, 2012 Added by:Rob Fuller

For mimikatz to automatically send commands require double quotes in the command line arguments, so we use single quotes in meterpreter to encircle the execute arguments (-a). Running first "sekurlsa::logonPasswords full" then 'exit' to auto-exit mimikatz console...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »