How does Pegasus inject malware into a user's mobile phone?
Prior to 2019, one of the methods used by Pegasus to penetrate mobile phones was through a WhatsApp video missed call. It seems WhatsApp fixed that vulnerability.
But now we have learnt that Pegasus is using Apple's messaging application, iMessage, available on iPhones, to inject malware in mobile phones. What Pegasus Spyware seems to be doing is that it's sending a properly drafted message on the phone embedded with a malware. The owner of the mobile phone doesn't even need to click on the message to activate the malware. Even if the victim deletes the message from iMessage, the malware would still penetrate the phone. It seems to me that iMessage has a similar bug that WhatsApp had earlier.
@geekcode
Prior to 2019, one of the methods used by Pegasus to penetrate mobile phones was through a WhatsApp video missed call. It seems WhatsApp fixed that vulnerability.
But now we have learnt that Pegasus is using Apple's messaging application, iMessage, available on iPhones, to inject malware in mobile phones. What Pegasus Spyware seems to be doing is that it's sending a properly drafted message on the phone embedded with a malware. The owner of the mobile phone doesn't even need to click on the message to activate the malware. Even if the victim deletes the message from iMessage, the malware would still penetrate the phone. It seems to me that iMessage has a similar bug that WhatsApp had earlier.
@geekcode
What is CHFI (Cyber Hacking Forensic investigator)
Computer Hacking Forensic Investigator certification validates that you have the knowledge and skills to detect hacking attacks, to properly obtain evidence needed to report the crime and prosecute the cybercriminal, and to conduct an analysis that enables you to prevent future attacks.
CHFI presents a methodological approach to computer forensics including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence.
@geekcode
Computer Hacking Forensic Investigator certification validates that you have the knowledge and skills to detect hacking attacks, to properly obtain evidence needed to report the crime and prosecute the cybercriminal, and to conduct an analysis that enables you to prevent future attacks.
CHFI presents a methodological approach to computer forensics including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence.
@geekcode
Scope of Cyber Forensics?
Cyber Forensics courses are gaining increasing popularity among students. This is due to the rapid growth in incidents of online and mobile phone frauds.
Objectives form the basis of cyber forensics course:
๐Knowledge of the approach and methods of cyber crime investigations
๐Understanding the defensive measures of damage control in response to cyber attacks
๐Knowledge of the proactive methods of avoiding cyber crimes
๐Recognizing the clues to identify and prevent potential cyber attacks
๐Learning the various types of risks involved in computerized and networking operations.
Join & share our channel
@geekcode
Cyber Forensics courses are gaining increasing popularity among students. This is due to the rapid growth in incidents of online and mobile phone frauds.
Objectives form the basis of cyber forensics course:
๐Knowledge of the approach and methods of cyber crime investigations
๐Understanding the defensive measures of damage control in response to cyber attacks
๐Knowledge of the proactive methods of avoiding cyber crimes
๐Recognizing the clues to identify and prevent potential cyber attacks
๐Learning the various types of risks involved in computerized and networking operations.
Join & share our channel
@geekcode
If you guys want cyber forensic courses checkout our resource channel
https://t.me/joinchat/RbqYHjjg67Yac19x
@geekcode
https://t.me/joinchat/RbqYHjjg67Yac19x
@geekcode
What is SMB?
SMB (Server Message Block) Protocol - is a client-server communication protocol used for sharing access to files, printers, serial ports and other resources on a network.
Servers make file systems and other resources (printers, named pipes, APIs) available to clients on the network. Client computers may have their own hard disks, but they also want access to the shared file systems and printers on the servers.
The SMB protocol is known as a response-request protocol, meaning that it transmits multiple messages between the client and server to establish a connection. Clients connect to servers using TCP/IP (actually NetBIOS over TCP/IP, NetBEUI or IPX/SPX.
@geekcode
SMB (Server Message Block) Protocol - is a client-server communication protocol used for sharing access to files, printers, serial ports and other resources on a network.
Servers make file systems and other resources (printers, named pipes, APIs) available to clients on the network. Client computers may have their own hard disks, but they also want access to the shared file systems and printers on the servers.
The SMB protocol is known as a response-request protocol, meaning that it transmits multiple messages between the client and server to establish a connection. Clients connect to servers using TCP/IP (actually NetBIOS over TCP/IP, NetBEUI or IPX/SPX.
@geekcode
#bugbounty
Bug Bounty Stories #1: Tale of CSP bypass in an electron app!
https://securitygoat.medium.com/bug-bounty-stories-1-tale-of-csp-bypass-in-an-electron-app-f669f6ecefc9
@geekcode
Bug Bounty Stories #1: Tale of CSP bypass in an electron app!
https://securitygoat.medium.com/bug-bounty-stories-1-tale-of-csp-bypass-in-an-electron-app-f669f6ecefc9
@geekcode
Medium
Bug Bounty Stories #1: Tale of CSP bypass in an electron app!
Talking of a bug I found a long time back which led to the bypassing of CSP in an electron app :)
What is Telnet?
Telnet is an application protocol which allows you, with the use of a telnet client, to connect to and execute commands on a remote machine thatโs hosting a telnet server.
The telnet client will establish a connection with the server. The client will then become a virtual terminal- allowing you to interact with the remote host.
Telnet sends all messages in clear text and has no specific security mechanisms. Thus, in many applications and services, Telnet has been replaced by SSH in most implementations.
~ @geekcode
Telnet is an application protocol which allows you, with the use of a telnet client, to connect to and execute commands on a remote machine thatโs hosting a telnet server.
The telnet client will establish a connection with the server. The client will then become a virtual terminal- allowing you to interact with the remote host.
Telnet sends all messages in clear text and has no specific security mechanisms. Thus, in many applications and services, Telnet has been replaced by SSH in most implementations.
~ @geekcode
Telnet Exploit?
Telnet, being a protocol and itself insecure for the reasons we talked about earlier(https://t.me/geekcode/2347). It lacks encryption, so sends all communication over plaintext, and for the most part has poor access control. There are CVEโs for Telnet client and server systems, however, so when exploiting you can check for those on:
๐https://www.cvedetails.com/
๐https://cve.mitre.org/
A CVE short for Common Vulnerabilities and Exposures is a list of publicly disclosed computer security flaws. When someone refers to a CVE, they usually mean the CVE ID number assigned to a security flaw.
However, youโre far more likely to find a misconfiguration in how telnet has been configured or is operating that will allow you to exploit it.
@geekcode
Telnet, being a protocol and itself insecure for the reasons we talked about earlier(https://t.me/geekcode/2347). It lacks encryption, so sends all communication over plaintext, and for the most part has poor access control. There are CVEโs for Telnet client and server systems, however, so when exploiting you can check for those on:
๐https://www.cvedetails.com/
๐https://cve.mitre.org/
A CVE short for Common Vulnerabilities and Exposures is a list of publicly disclosed computer security flaws. When someone refers to a CVE, they usually mean the CVE ID number assigned to a security flaw.
However, youโre far more likely to find a misconfiguration in how telnet has been configured or is operating that will allow you to exploit it.
@geekcode
Cyber criminals compromised 1 million cards
Beware! New Android Malware Hacks Thousands of Facebook Accounts
Phishing sites targeting scammers and Theives
Security matters when the network is the internet
If you want this kind of cyber security latest news join @cyberagents
By the way this is our channel #supportus
@cyberagents
@geekcode
Beware! New Android Malware Hacks Thousands of Facebook Accounts
Phishing sites targeting scammers and Theives
Security matters when the network is the internet
If you want this kind of cyber security latest news join @cyberagents
By the way this is our channel #supportus
@cyberagents
@geekcode
OTP bypass and Account takeover using response manipulation
https://infosecwriteups.com/otp-bypass-and-account-takeover-using-response-manipulation-685ad4e1ea76
@geekcode
https://infosecwriteups.com/otp-bypass-and-account-takeover-using-response-manipulation-685ad4e1ea76
@geekcode
Medium
OTP bypass and Account takeover using response manipulation
Who is Krishnadev P Melevila?