Aprendamos Juntos !!
Credential harvesting is one of the techniques used by attackers to gain credentials of users. The user will be presented an impersonated site with a form accepting user inputs [email address, username, password, SSN, credit card number, CVV, etc.]. Because of unawareness, the user fails to validate the authenticity of the web page presented to... Continue Reading →
As discussed in the previous post, the basic malware analysis method is Static Analysis. We would be talking about Static Analysis in deep and would be performing different steps on a live sample. Before we start analyzing the malware samples, it would be better than we understand what kind of information can be extracted during... Continue Reading →
Malware is becoming a hot topic considering recent cyber attacks. If we want to define Malware, we can simply say any software which is having malicious intent.Mal(icious) + (Soft)ware = Malware As mentioned above, we can think what kind of malicious intent a person can have. Considering Information Security, we focus on triad which describes... Continue Reading →
Cryptocurrency has been a popular word which stormed the internet after a jump in values of different cryptocurrencies. A sudden jump in worth invited many people to consider investing in cryptocurrencies. Let's build on basics before jumping to the darker side of cryptocurrency mining activities. The below snapshot shows the trend of cryptocurrency keyword over Google... Continue Reading →
I bet, all of you would have come across phishing email with MS-Word or MS-Excel as an attachment. The content of the document will be gibberish prompting you to enable the macros included in the attached document. This technique was used by Locky Ransomware to make a way to our computers. We will discuss the same in... Continue Reading →
WannaCry was one of the deadliest ransomware attacks happened on the computer systems. If we look at Google Trends, we can see the same appearing in the worldwide trend result. It is time to take a deep dive to understand the subject. WannaCry can be defined as a ransomware class of worm malware. Let's break... Continue Reading →
This is the second phase in Penetration Testing after reconnaissance phase. This is a pre-attack phase that helps in identifying hosts which are running with exploitable services and exposed critical data. The main idea is behind this phase is to determine vulnerabilities which can enable us with the access of the system. There are challenges... Continue Reading →
This is the very first step in the penetration testing process. This involves gathering information and intelligence which can be utilised in further steps of pen testing. The data collected are correlated and helps in setting up a better plan for attacking or evaluating assigned systems/applications. This can be carried out in two modes which... Continue Reading →
Penetration Testing (PenTest) is one of the most crucial processes followed by almost all organizations to unearth any hidden vulnerabilities either present in the systems or applications. It involves breaking the system and reporting any issues found to concerned operation team to fix. This helps organizations to enhance their security posture and reduce the attack... Continue Reading →
Hey All, Hope all of you are doing well !! Since a few weeks, I was thinking to start a blog where I can share my learning with my peers so that we can make a better ecosystem for knowledge sharing. I have planned to invite my fellow colleagues who can contribute to this endeavour... Continue Reading →
You must be logged in to post a comment.