What can I do to protect my data and networks?
Back up your computer. Perform frequent backups of your system and other important files, and verify your backups regularly. If your computer becomes infected with ransomware, you can restore your system to its previous state using your backups.
Store your backups separately. Best practice is to store your backups on a separate device that cannot be accessed from a network, such as on an external hard drive. Once the backup is completed, make sure to disconnect the external hard drive, or separate device from the network or computer. (See the Software Engineering Instituteโs page on Ransomware).
Train your organization. Organizations should ensure that they provide cybersecurity awareness training to their personnel. Ideally, organizations will have regular, mandatory cybersecurity awareness training sessions to ensure their personnel are informed about current cybersecurity threats and threat actor techniques. To improve workforce awareness, organizations can test their personnel with phishing assessments that simulate real-world phishing emails.
For query : @geekserverbot
~ @geekcode
Back up your computer. Perform frequent backups of your system and other important files, and verify your backups regularly. If your computer becomes infected with ransomware, you can restore your system to its previous state using your backups.
Store your backups separately. Best practice is to store your backups on a separate device that cannot be accessed from a network, such as on an external hard drive. Once the backup is completed, make sure to disconnect the external hard drive, or separate device from the network or computer. (See the Software Engineering Instituteโs page on Ransomware).
Train your organization. Organizations should ensure that they provide cybersecurity awareness training to their personnel. Ideally, organizations will have regular, mandatory cybersecurity awareness training sessions to ensure their personnel are informed about current cybersecurity threats and threat actor techniques. To improve workforce awareness, organizations can test their personnel with phishing assessments that simulate real-world phishing emails.
For query : @geekserverbot
~ @geekcode
How does Pegasus inject malware into a user's mobile phone?
Prior to 2019, one of the methods used by Pegasus to penetrate mobile phones was through a WhatsApp video missed call. It seems WhatsApp fixed that vulnerability.
But now we have learnt that Pegasus is using Apple's messaging application, iMessage, available on iPhones, to inject malware in mobile phones. What Pegasus Spyware seems to be doing is that it's sending a properly drafted message on the phone embedded with a malware. The owner of the mobile phone doesn't even need to click on the message to activate the malware. Even if the victim deletes the message from iMessage, the malware would still penetrate the phone. It seems to me that iMessage has a similar bug that WhatsApp had earlier.
@geekcode
Prior to 2019, one of the methods used by Pegasus to penetrate mobile phones was through a WhatsApp video missed call. It seems WhatsApp fixed that vulnerability.
But now we have learnt that Pegasus is using Apple's messaging application, iMessage, available on iPhones, to inject malware in mobile phones. What Pegasus Spyware seems to be doing is that it's sending a properly drafted message on the phone embedded with a malware. The owner of the mobile phone doesn't even need to click on the message to activate the malware. Even if the victim deletes the message from iMessage, the malware would still penetrate the phone. It seems to me that iMessage has a similar bug that WhatsApp had earlier.
@geekcode
What is CHFI (Cyber Hacking Forensic investigator)
Computer Hacking Forensic Investigator certification validates that you have the knowledge and skills to detect hacking attacks, to properly obtain evidence needed to report the crime and prosecute the cybercriminal, and to conduct an analysis that enables you to prevent future attacks.
CHFI presents a methodological approach to computer forensics including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence.
@geekcode
Computer Hacking Forensic Investigator certification validates that you have the knowledge and skills to detect hacking attacks, to properly obtain evidence needed to report the crime and prosecute the cybercriminal, and to conduct an analysis that enables you to prevent future attacks.
CHFI presents a methodological approach to computer forensics including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence.
@geekcode
Scope of Cyber Forensics?
Cyber Forensics courses are gaining increasing popularity among students. This is due to the rapid growth in incidents of online and mobile phone frauds.
Objectives form the basis of cyber forensics course:
๐Knowledge of the approach and methods of cyber crime investigations
๐Understanding the defensive measures of damage control in response to cyber attacks
๐Knowledge of the proactive methods of avoiding cyber crimes
๐Recognizing the clues to identify and prevent potential cyber attacks
๐Learning the various types of risks involved in computerized and networking operations.
Join & share our channel
@geekcode
Cyber Forensics courses are gaining increasing popularity among students. This is due to the rapid growth in incidents of online and mobile phone frauds.
Objectives form the basis of cyber forensics course:
๐Knowledge of the approach and methods of cyber crime investigations
๐Understanding the defensive measures of damage control in response to cyber attacks
๐Knowledge of the proactive methods of avoiding cyber crimes
๐Recognizing the clues to identify and prevent potential cyber attacks
๐Learning the various types of risks involved in computerized and networking operations.
Join & share our channel
@geekcode
If you guys want cyber forensic courses checkout our resource channel
https://t.me/joinchat/RbqYHjjg67Yac19x
@geekcode
https://t.me/joinchat/RbqYHjjg67Yac19x
@geekcode
What is SMB?
SMB (Server Message Block) Protocol - is a client-server communication protocol used for sharing access to files, printers, serial ports and other resources on a network.
Servers make file systems and other resources (printers, named pipes, APIs) available to clients on the network. Client computers may have their own hard disks, but they also want access to the shared file systems and printers on the servers.
The SMB protocol is known as a response-request protocol, meaning that it transmits multiple messages between the client and server to establish a connection. Clients connect to servers using TCP/IP (actually NetBIOS over TCP/IP, NetBEUI or IPX/SPX.
@geekcode
SMB (Server Message Block) Protocol - is a client-server communication protocol used for sharing access to files, printers, serial ports and other resources on a network.
Servers make file systems and other resources (printers, named pipes, APIs) available to clients on the network. Client computers may have their own hard disks, but they also want access to the shared file systems and printers on the servers.
The SMB protocol is known as a response-request protocol, meaning that it transmits multiple messages between the client and server to establish a connection. Clients connect to servers using TCP/IP (actually NetBIOS over TCP/IP, NetBEUI or IPX/SPX.
@geekcode
#bugbounty
Bug Bounty Stories #1: Tale of CSP bypass in an electron app!
https://securitygoat.medium.com/bug-bounty-stories-1-tale-of-csp-bypass-in-an-electron-app-f669f6ecefc9
@geekcode
Bug Bounty Stories #1: Tale of CSP bypass in an electron app!
https://securitygoat.medium.com/bug-bounty-stories-1-tale-of-csp-bypass-in-an-electron-app-f669f6ecefc9
@geekcode
Medium
Bug Bounty Stories #1: Tale of CSP bypass in an electron app!
Talking of a bug I found a long time back which led to the bypassing of CSP in an electron app :)
What is Telnet?
Telnet is an application protocol which allows you, with the use of a telnet client, to connect to and execute commands on a remote machine thatโs hosting a telnet server.
The telnet client will establish a connection with the server. The client will then become a virtual terminal- allowing you to interact with the remote host.
Telnet sends all messages in clear text and has no specific security mechanisms. Thus, in many applications and services, Telnet has been replaced by SSH in most implementations.
~ @geekcode
Telnet is an application protocol which allows you, with the use of a telnet client, to connect to and execute commands on a remote machine thatโs hosting a telnet server.
The telnet client will establish a connection with the server. The client will then become a virtual terminal- allowing you to interact with the remote host.
Telnet sends all messages in clear text and has no specific security mechanisms. Thus, in many applications and services, Telnet has been replaced by SSH in most implementations.
~ @geekcode
Telnet Exploit?
Telnet, being a protocol and itself insecure for the reasons we talked about earlier(https://t.me/geekcode/2347). It lacks encryption, so sends all communication over plaintext, and for the most part has poor access control. There are CVEโs for Telnet client and server systems, however, so when exploiting you can check for those on:
๐https://www.cvedetails.com/
๐https://cve.mitre.org/
A CVE short for Common Vulnerabilities and Exposures is a list of publicly disclosed computer security flaws. When someone refers to a CVE, they usually mean the CVE ID number assigned to a security flaw.
However, youโre far more likely to find a misconfiguration in how telnet has been configured or is operating that will allow you to exploit it.
@geekcode
Telnet, being a protocol and itself insecure for the reasons we talked about earlier(https://t.me/geekcode/2347). It lacks encryption, so sends all communication over plaintext, and for the most part has poor access control. There are CVEโs for Telnet client and server systems, however, so when exploiting you can check for those on:
๐https://www.cvedetails.com/
๐https://cve.mitre.org/
A CVE short for Common Vulnerabilities and Exposures is a list of publicly disclosed computer security flaws. When someone refers to a CVE, they usually mean the CVE ID number assigned to a security flaw.
However, youโre far more likely to find a misconfiguration in how telnet has been configured or is operating that will allow you to exploit it.
@geekcode