How it all started What if I told you that the machines with 99 percentage fail chance wouldn’t do it… but a human with 1
Category: Ethical Hacking
WinRAR RCE Vulnerability Spotlight: APT29’s Zero-Day Tactics
In early September 2023, APT29, a group affiliated with Russia’s SVR, targeted multiple embassy offices using a WinRAR vulnerability. Their cyberespionage aims hinted at geopolitical motives. Exploiting CVE-2023-38831, the attackers executed a phishing campaign using a deceitful PDF, demonstrating the critical role of cybersecurity awareness and regular software updates in preventing such attacks.
Trench Tales: The College Account Takeover That Never Happened
A story of mass-discovery of LDAP Anonymous Binding leading to the account takeover of all members of a college. Explore the methodology, the challenges and the discoveries of this research project.
Secure Your Mobile World: A Guide for Cyber Security Awareness Month
October marks Cyber Security Awareness Month, a time when individuals and organizations around the globe come together to raise awareness about the importance of staying safe and secure in the digital world. In the era of smartphones and mobile applications, it’s crucial to pay special attention to the security of our mobile devices.
Remote Code Execution – Basics
In this blog post you will learn how to identify basic Remote Code Execution vulnerabilities and how to exploit them.Caution: Some payloads discussed here can
Command and Control Frameworks: Metasploit and Havoc
1. Overview In this blog post we will be talking about Command and Control (C&C or C2) Servers and Metasploit’s and Havoc’s role in a
Security Café 