MangaDex, a place where people can read manga comics, has suffered a cyber attack, designed to cause disruption and is down until further notice. They have planned to rewrite full code for security and will use ethical hackers to do testing.
In the attack, bad actors gained admin account access by using old session tokens leaked earlier. Coders responded by clearing all sessions globally and doing source code review. But during that time, same bad actors accessed site’s dev account and stole latest source code. The attackers updated sites git repo claiming to have fixed 2 of 3 CVEs in site but site’s dev aren’t trusting the claims without verifying.
The full extent of attack is unknown and site advised users to change passwords of accounts that share MangaDex account password.
Sierra Wireless is a Canadian wireless communications equipment company, specializing in IoT. It suffered a ransomware attack in March which led to severe impact on its production environment. The ransomware name or cause of attack haven’t been disclosed. They are currently working with cybersecurity companies like KPMG, Blake, Graydon LLP and Cassels to analyze the incident, harden the system and find the malicious actors responsible.
For now, it has recovered the production environment and is working towards fixing internal networks. The impact was limited due to proper network segregation, hence customer section was safe and only affected one were company’s systems. Due to this, no patches or security updates are needed for its customer products.
Another day, another breach, this time its with an Indian Online Share/Stock Trading app Upstox, leading to exposure of sensitive information of 25 lakh users. The actual date of breach is unclear yet but researcher Rajshekhar Rajaharia was first to report it on 11 April, which included things like name, DoB, bank info, email address and 56 million KYC records. It mainly happened due to a misconfigured AWS server. This is not a new news as many companies, Indian and MNC, have been experiencing increased cyber attacks.
Company has informed that they have hardened their systems and that no money has been moved from any user. Users can reset their passwords, enable MFA (if available), suspect each mail as phishing attempt as a precaution.
Welcome back guys, today lets talk on emails. We can all agree that almost everyone in this digital age has atleast1 email address and how tightly its integrated into our lives be it confidential conversations, device backups, history/private details mine, and what not. So compromising 1 email can give us almost everything about a user and his life. Hence as a white hat its our duty to assess email aspect of security when assessing other aspects of an organization.
The art of gathering info from free and open sources and making a connection between them. OSINT includes a variety of…
firmadyne(firmware Analysis toolkit) , firmware-mod-kit(unsquashfs_all.sh, binwalk, dd )
— — — — — — — — — — — — — — — — — — — — — — — —
What is a firmware?
Firmware is a piece of code residing on a non-volatile section of a device allowing and enabling the device to perform different tasks required for the functioning of device.
It consists of various components like :
● File system
● Additional resources
Exploiting firmware allows us to sometimes get juicy information like ssh login creds…
Hello guys,in this article I’ve listed a collection of cheatsheets for digital forensics. It covering forensics topics for smartphone , memory , network , linux and windows OS.
These cheatsheets will help digital forensics investigators to speed up their work process by giving them all commands and essential information at one place rather than trying to google each and every topic every-time.
This is the link to my github repository:
Please Note: I have not actually created these pdfs, I've just compiled them at one location so people can refer to them easily and quickly.
This is a sample forensic report of Volatile Memory using the tool “FTK Imager Lite by AccessData”. This procedure is used by investigating agencies to log each step in evidence acquisition process, and the report is presented in the court for the hearing.
Scope of Work
On Feb 14, 2019, Mr Gaitonde contacted us to investigate his Desktop computer running Windows 10 Home Version 1803,which belonged to one of his employees. Integrity and accessibility of data acquired was of primacy. He is also requesting a report for possible criminal charges & civil litigation.
In a reputed Organization, a system…
ExifTool is developed by Phil Harvey. It is a platform-independent Perl library coupled with a full-featured command-line implementation for reading, writing and manipulating the metadata across a broad range of files, particularly the images. This metadata may comprise a bunch of information such as the camera make, file type, permissions, file size etc. , though it further offers more details about the photograph. ExifTool probably gives us the simplest way to extract metadata from files, as it is free and an open-source program.
ExifTool is CLI based and its inconvenient to use CLI for doing the job when there’s a…