Extracting password from data leaks dump files
Recently I’ve read about this data leak; COMB: largest breach of all time leaked online with 3.2 billion records. According to the article, it was known as “Compilation of Many…
Recently I’ve read about this data leak; COMB: largest breach of all time leaked online with 3.2 billion records. According to the article, it was known as “Compilation of Many…
Recently, we have an incident where suspicious traffic was observed related to external C2. Initial finding found that this IP 172.241.27.17 (172.241.24.0/21) resolved to atakaitechnologieshost; according to pDNS in Virustotal…
Recently I’ve observed a phishing mail as below:https://www.virustotal.com/#/file/cf027dd938f1a268f45f2ea786dc538ab47f35006fb12d0b64e0867bccf789c0/detection – clean The file seems to be clean per VT. Interestingly, on details sections, found 2 URLs under OpenXML Doc Info; section…
Recently I’ve encounter list of IPs that are related to CoinHive. So I want to check for domains that tied to these IPs. We can do that by using dig…
Recently we received an alert from our WAF related to an attack towards our environment. Further review of the alert found that the attacker is using Oracle WebLogic RCE Deserialization…
One day, we noticed strange GET request towards our JBoss server: From the request above, you’ll quickly noticed that this attack leveraging Apache Struts vulnerability from CVE-2017-5638. The request tried…
Recently, I’ve flashed my MR3020 in attempt to make my own Wifi Pineapple. But.. You know. Shit happen. :p In other word, i screwed up my MR3020 and bricked it.…
For this analysis, we’ll using Python3 that bundled with Dionaea: Running command above will open a Python console. Enter the code below line by line: It will produce test.bin file…