Russian Threat Actors

Hello World! Short and sweet here. With tensions between NATO and Russia rising, multiple agencies have put out advisories to keep your eyes peeled for cyber threats out of Russia. I would encourage anyone involved in security currently to view the tactics, techniques and procedures of these actors. Here’s a good report from CISA aboutContinue reading “Russian Threat Actors”

2021 – A Year in review.

Hello World! As the year of 2021 now comes to a complete closure, the effects of the new year festivities subside and teams, students and professionals sit back down in the office full time. Another year of what will surely be packed with many surprises awaits us… 2021 like 2020 was marred by the effectsContinue reading “2021 – A Year in review.”

REvil on the run!

Hello World! Ransomware hackers and affiliates of the REvil (Ransomware Evil), also known as Sodinokibi are on the run from the feds this week, one can suspect that the US authorities have it out for them as this is not the first occasion of direct engagement against this threat actor (TA). If you follow theContinue reading “REvil on the run!”

Undetected Brute force attacks in Microsoft Azure AD.

Hello World! Recently Security Researchers have released a PoC (proof-of-concept) exploit that allows for username enumeration and password brute-forcing on vulnerable Microsoft Azure servers, more specifically Azure active directory. Is is able to do this by taking advantage of weaknesses that lie within the Autologon mechanism. Let’s do a quick breakdown on some of theseContinue reading “Undetected Brute force attacks in Microsoft Azure AD.”

Operation Layover – Attack campaign against Aviation sector uncovered.

Hello World! I wanted to take a look at a recent phishing campaign that was uncovered after being active for roughly two years, interesting for me as I have studied Aviation operations in the past and have good knowledge of their procedures and practices. So let’s see what we know about this threat actor… TheyContinue reading “Operation Layover – Attack campaign against Aviation sector uncovered.”

Massive Ransom… Contingency planning – Food for Thought #3

Hello World! If you thought I would be talking about the Kaseya supply chain attack, well… If you haven’t read about it yet do a quick google but there is enough already out there about it. I wanted to talk about contingency plans, well, one particular contingency plan that I feel might be overlooked. I’mContinue reading “Massive Ransom… Contingency planning – Food for Thought #3”

Android apps caught stealing Facebook Passwords. Removed from Play store.

Hello World! Google have recently announced they have removed 9 apps which were harvesting users Facebook credentials, estimating it to affect 5.8 million users. The list of apps are as follows – PIP Photo (>5,000,000 installs) Processing Photo (>500,000 installs) Rubbish Cleaner (>100,000 installs) Horoscope Daily (>100,000 installs) Inwell Fitness (>100,000 installs) App Lock KeepContinue reading “Android apps caught stealing Facebook Passwords. Removed from Play store.”

Crypto waning in an open-source, eco friendly world.

Hello world! Nothing particularly important to mention today, Google has patched yet another 0-day vulnerability in their Chrome browsers, so updating your browser is an important thing to do. However crypto prices and “hype” will be todays topic, as they are increasingly in decline. Law enforcement are able to track much of the crypto-currency obtainedContinue reading “Crypto waning in an open-source, eco friendly world.”