Office365 Message Purge

by Vince
in Blog
Hits: 277

We are seeing a ton of email account compromises that are from known sources.  In other words, a vendor, a customer, or an acquaintance, gets compromised.  Frequently, the attacker will reply to an existing email thread from the known source  to you and they will add an attachment or a link.  In that latter scenario, the link is typically leading to a fake credentials page.  This type of attack is so common that we're seeing it several times per week.  It will only get worse. 

With the credentials attack, two-factor authentication (2fa) will typically stop this in its tracks.  You can steal credentials all day long but bypassing 2fa is a much bigger challenge.  And honestly, it's not worth it to the attacker unless the victim has been specifically targeted -- typically not the case.

Read more

Vulnhub Hemisphere: Gemini Walkthrough

by Vince
in Blog
Hits: 577

The description states:  "Difficulty: Easy, Flag: 2 (user & root), Enumeration | Web Application | Privilege Escalation"

Not a complicated box by any means but it has a couple of useful tricks that you will see from time to time in CTF's.  If those are new to you, these are skills worth learning.

First we kick off with Nmap:

Read more

Vulnhub Hemisphere: Lynx Walkthrough

by Vince
in Blog
Hits: 430

The very short description sates:  "Difficulty: Easy, Flag: 2 (user & root), Enumeration | Brute Forze"

Let's start off with the obvious, we know there's going to be brute force involved.  Let me also say that if you're going to make a vulnerable machine, don't bury the password deep into rockyou because it doesn't add value to the experience, it only prolongs the process. 

Enough said, let's kick off with Nmap:

Read more