Security – Page 6

SIGMAlarity jump. How to use Sigma rules in Timesketch

Date: 21/02/2023

Author: sUzU

Information security specialists use multiple tools to detect and track system events. In 2016, a new utility called Sigma appeared in their arsenal. Its numerous functions will save you time and make your life much easier.

Read full article →

Pivoting District: GRE Pivoting over network equipment

Date: 21/02/2023

Author: Caster

Too bad, security admins often don’t pay due attention to network equipment, which enables malefactors to hack such devices and gain control over them. What if attackers have already seized control over your peripherals? Will they be able to access the internal infrastructure?

Read full article →

First Contact: Attacks on Google Pay, Samsung Pay, and Apple Pay

Date: 13/02/2023

Author: Timur Yunusov

Electronic wallets, such as Google Pay, Samsung Pay, and Apple Pay, are considered the most advanced and secure payment tools. However, these systems are also plagued by vulnerabilities because they use technologies created thirty years ago. This article describes techniques used to hack popular electronic wallets, including the new Cryptogram Confusion attack targeting wallets and EMV/NFC cards.

Read full article →

Ethernet Abyss. Network pentesting at the data link layer

Date: 13/02/2023

Author: Caster

When you attack a network at the data link layer, you can ‘leapfrog’ over all protection mechanisms set at higher levels. This article will walk you through most of the attack vectors targeting this lowest level of the network.

Read full article →

Gateway Bleeding. Pentesting FHRP systems and hijacking network traffic

Date: 12/02/2023

Author: Caster

There are many ways to increase fault tolerance and reliability of corporate networks. Among other things, First Hop Redundancy Protocols (FHRP) are used for this purpose. In this article, I will explain how pentesters interact with FHRP in the course of network attacks.

Read full article →

Top 5 Ways to Use a VPN for Enhanced Online Privacy and Security

Date: 22/01/2023

Author: Duygu Demiroz

This is an external third-party advertising publication.

Read full article →

Challenge the Keemaker! How to bypass antiviruses and inject shellcode into KeePass memory

Date: 03/06/2022

Author: snovvcrash

Recently, I was involved with a challenging pentesting project. Using the KeeThief utility from GhostPack, I tried to extract the master password for the open-source KeePass database from the process memory. Too bad, EDR was monitoring the system and prevented me from doing this: after all, KeeThief injects shellcode into a remote process in a classical oldie-goodie way, and in 2022, such actions have no chance to go unnoticed.

Read full article →