Yara Tools Usage
Malware Researchers will use the tool YARA in terms of helping them to identify and classify any sample of the malware used. Normally, Malware Researchers will able to create any rules malware families depending on […]
Data Breach Assessment
What is Data Breach? Nowadays, there is a lot of Data Breach has been spread throughout the world. Data Breach severity can be considered as defined but some people will need to remember those context […]
Microsoft’s alert on Devasting Ransomware
Information on Microsoft Ransomware Lately, Microsoft team has warned the public about the “significant and growing” threat where the attacker can deliver a malicious payload to Microsoft’s User. A newly ransomware has been discovered from […]
Privileges Escalation for Linux and Windows Operating System
What is Privileges Escalation For those are not very familiar with Privilege Escalation, it is an act of exploiting vulnerabilities or bug where the attacker will take advantages of the design flaw in terms of […]
Google Dork
Google Dork can be considered as one of the traditional and old ways of extracting sensitive information from the website such as email addresses and lists, login credentials, and gain website vulnerabilities within the web […]
Let’s Encrypt revoke the certification
Due to the software bug, Let’s Encrypt will revoke around 3 millions of certification today. The software bug that been discovered on their backend’s code will impact the Certificate Authority Authorization (CAA) check that resides […]
Wireshark 3.2.2 Release
WireShark 3.2.2 has been released a few days ago which can be found over here. However, the Windows user will need to update it manually from Wireshark 3.2.1 version. What’s new and latest bug fix? […]
Active Directory Penetration Testing
Active Directory Penetration Testing normally covers exploiting misconfiguration within the Active Directory(AD). I’m still in the progress of learning Active Directory Penetration Testing so let learn together. Let recap on the objective of the Penetration […]
Ghostcat Vulnerabilities
What is Apache AJP and Ghostcat Recently, there are new vulnerabilities that been discovered by Chinese cybersecurity firm Chaitin Tech related to Apache AJP protocol. The vulnerabilities have been given codename Ghostcat (CVE-2020-1938) where it will […]
AWS Penetration Testing Review
What is AWS Penetration Testing? AWS (Amazon Web Service) Penetration Testing can also be considered as one of the areas that pentester will invest in during Red Team Activities. The finding that might catch the […]