John works in the security team at MiddleMayhem Incorporated. The security team detected unusual network traffic to their admin portal. However, no security breaches have been confirmed. John got SIEM logs about the incident from his team. He has to analyze the attack pattern to determine how the attackers bypassed authentication, achieved remote code execution, and moved laterally across the network. Lab Information DifficultyEasyOSLinuxPoints25Created ByBTLO MiddleMayhem Website The Middlemayhem company’s website is already being bookmarked. Now, let’s go check the website. If we examine the footer, we can see that the website uses the JavaScript Framework Next.js, 15.0.0. While looking…
Author: Lipson Thomas Philip
The most all-time dangerous exploit is a zero-day vulnerability or an unexplored complex virus in cyberspace. Just like its name suggests, the scheduled tasks aim to schedule the task and run on time without any problems. What if a seemingly harmless Windows feature could be your system’s most significant security risk? Confusing, right! Why don’t we start from the beginning? Whether it’s Windows Task Scheduler, Linux cron tasks, or macOS launchd, attackers have developed innovative ways to exploit these systems. By exploiting scheduled tasks, an attacker may gain long-term access, conduct stealthy operations, and implement powerful automation. This article explores…
In today’s digital world, users rely on search engines like Google, Yahoo, or Yandex. But there are a few search engines available that are used by cybersecurity professionals, security analysts, or other IT employees. Shodan is a search engine that reveals everything connected to the Internet, from small smartwatches to large smart TVs. What is Shodan? Shodan is a search engine that finds devices connected to the Internet, and some are available openly without login credentials. Shodan was created by John Matherly in 2009. Although Shodan is an essential tool for cybersecurity experts, hackers may find it to be a…
In this era, phishing scams are widespread. Every hour, someone is scamming someone in the world. Nothing is safe, from your inbox to your phone, and even social media. Below, we’ll explore 10 common phishing scams you have probably seen before, how they work, and what red flags to watch for. The government, banks, and other agencies are spreading awareness to prevent people from falling for it, but human nature sometimes ignores this. These scammers are becoming increasingly clever and evolving with technological advancements. The Classic Email Phishing Scam This method is easy and one of the oldest ways to…
Understanding Custom Domains in Cyberattacks Hackers often register brand‑aligned or innocuous custom domains (like microsoft‑updates‑secure.com) to craft emails that appear legitimate. These domains come with new domain age, untainted reputation, and control over DNS records. Hackers can make emails appear authenticated to filters by setting SPF and DKIM, even in cases where trust has not yet been established. New registries often aren’t on block lists. That fresh status helps these domains slip through spam filters and threat intelligence checks that rely heavily on historical data. Google Workspace Trial Accounts – A Hacker’s Playground The 14-day Google Workspace trial provides attackers…
NIST Cybersecurity Framework 2.0 is a set of best practices and guidelines designed to help organisations understand, manage, and reduce their cybersecurity risk. It was created by the US National Institute of Standards and Technology (NIST). It’s a go-to framework for any-sized organisation, from small to large, without needing much technical background. For a non-technical business owner, the framework can break down a complex topic into something manageable. For example, the NIST Cybersecurity Framework 2.0 works like a GPS that provides directions to help you reach your destination. In cybersecurity, it provides a step-by-step process for the safety of data…
In an era where cyber threats are increasingly refined, phishing remains one of the most prevalent and dangerous attack vectors. Gophish is an open-source framework that enables launching phishing campaigns. This framework helps organisations assess their employee’s training effectiveness to determine if they will be successful. The purpose of these programs is to strengthen human defences by testing and training staff members on how to identify and reply to questionable emails. This framework has an MIT license, which allows users to use it for free. From setup to advanced setups, this technical guide covers every aspect of GoPhish to make…
In the digital age, users increasingly prefer to conduct various activities online, including making friends, shopping, watching movies, and banking. These online facilities offer convenience but also carry a significant risk. One of the main risks is a Phishing attack. Phishing sounds and works exactly like Fishing. But how? Fishing means catching fish. How will it be similar to Phishing? Let me explain…. In Fishing, a person goes to the river and catches fish with a fishing rod. The person will lure the fish using worms as bait attached to the fishing rod. The fish will be hooked on the…
The Cyber Kill Chain is a step-by-step process for identifying and stopping an attacker’s activity. Lockheed Martin created this framework in 2011. The steps of the Cyber Kill Chain illustrate the duration of advanced persistent threats (APTs) and the sequence of events that unfold. Typically, these types of attacks operate a combination of malware, ransomware, Trojans, spoofing, and social engineering tactics to achieve their objectives. Security teams currently utilize Cyber Kill Chain framework to map threats to specific phases, which enables them to prioritize defenses and identify vulnerabilities. In this article, we outline the framework for each step and explain…
In cybersecurity, information is essential, and nothing can be done without knowing who the target is. Reader: What kind of information are you talking about?Me: The kind you didn’t know was out there.Reader: Really? So how do I find it?Me: With Google.Reader: Just Google? That simple?Me: Not exactly. It’s called Google Dorking. What is Google Dorking really? You know about Google, a simple search engine. Am I right? You think yes, but it’s about mastering the art of search to narrow down from millions of search results to thousands. Google Dorking is also known as Google Hacking. We will utilize…