SecOps

How to Disable IP Autoconfiguration

If DHCP service is enabled and DHCP server is temporarily or permanently unavailable, TCP/IP assigns a class B IP address from 169.254.0.0 to 169.254.255.255 to the machine. This function in Windows is called “Automatic Private…

Verify Your WhatsApp Code

Last week, Meta announced that they developed a web browser add-on – Code Verify – to verify the code being served to browser. As the reason of developing this extension, more and more people are…

Carbon Black Critical Bug

VMware Carbon Black has published an update to resolve critical authentication bypass vulnerability on Carbon Black App Control product. App Control is a solution to lock down critical systems and servers to prevent unwanted changes…

Prometei Exploits MS Exchange Vulnerabilities

A new malicious called Prometei has been determined, that including Exchange servers have ProxyLogon vulnerability to cryptocurrency network. Prometei is a modular malicious code and has different features like credential dumping, usage of the system…

OpenVAS Vulnerability Scanner

OpenVAS is a preinstalled vulnerability tool in both Kali and Parrot. It is completely free and even if it is preinstalled in these OSs, you need to do something before you use it. First, you…

A Quick Guide for Ransomware Protection

Unfortunately, ransomware problem is growing every day, although a lot of cases we hear and tens of articles and webinars are published about it. In this post, I try to explain the Protection processes against…

wget with Powershell

 function global:wget($Address, [switch]$NoCache){ $client = New-Object Net.WebClient $proxy = New-object System.Net.WebProxy “10.0.0.10:8080” $proxy.Credentials = New-Object System.Net.NetworkCredential (“DOMAIN\user”, “password”) $client.proxy=$proxy$Client.Headers.Add(“user-agent”, “Windows Powershell WebClient Header”) if ($NoCache) {# doesn’t use the cache at all$client.CachePolicy = New-Object Net.Cache.RequestCachePolicy([Net.Cache.RequestCacheLevel]::NoCacheNoStore)}$client.DownloadString($Address)}wget -Address “http://www.be4sec.com” -NoCache

FireEye NX SmartVision SC Killswitch

SmartVision is the lateral movement detection module of the network security product (NX) of FireEye. There are too many documents and descriptions about it on FireEye’s website, so I will not touch on it here.…

An Information Security Blog

%d bloggers like this: