Open Source Intelligence (OSINT) is a valuable tool for gathering information about individuals, organizations, and events from publicly available sources. One of the most popular OSINT techniques is web scraping, which involves automatically extracting data from websites. In this article, I will explain what web scraping is, how it works,Continue Reading
Cybersecurity is one of the most important issues facing businesses today. With the rise of data breaches and other cyber attacks, it is more important than ever to protect your business from these threats. One way to do this is by implementing a security operation center (SOC). A SOC isContinue Reading
Kali is the best known red teaming and pentest Linux distribution for many years. It has hundreds of pentesting tools as the rewrite of BackTrack. In years, with the complexity of attacks, organizations created their own red and blue teams in the organization. And because of the different approaches ofContinue Reading
Cobalt Strike is a legitimate, commercial penetration testing tool mostly used by red teams and for security trainings. However, it is widely used as cracked by threat actors for intrusion and lateral movement in their victims’ networks. Google Cloud has released some open source YARA rules for detecting Cobalt StrikeContinue Reading
About twenty years ago, antivirus, IPS and firewall were managed by security teams – mostly organizations had only one information security team, and the most important thing was getting up to date IPS signatures and antivirus database. But, SOCs are growing year by year because of new attack techniques andContinue Reading
Parrot TDS (Traffic Direction System) has infected various web servers hosting more than 16,500 websites, ranging from adult content sites, personal websites, university sites, and local government sites. The situation discovered by Avast and is currently being used to run a campaign called FakeUpdate that distributes the NetSupport Remote AccessContinue Reading
Last week, Meta announced that they developed a web browser add-on – Code Verify – to verify the code being served to browser. As the reason of developing this extension, more and more people are using WhatsApp Web day by day after introduced multi-device capability last year. The company thinksContinue Reading
Russian troops entered Ukraine, the whole world is watching this situation with surprise and sadness. Before the invasion, numerous Ukrainian organizations getting hit with a sophisticated new disk-wiping malware. Mandiant is tracking this threat as ‘NEARMISS’ and ESET is tracking as ‘HermeticWiper’ and they reported that they found traces ofContinue Reading
Decryption keys for Egregor, Sekhmet and Maze shared by someone claiming to be the developer of all three malware. The keys were published in BleepingComputer forum. As stated in the forum post, this was a planned leak and is not related to the recent law enforcement against attackers. Again, accordingContinue Reading
AT&T Alien Labs last week announced that the source code of BotenaGo malware has been published in GitHub. BotenaGo was discovered and named in November 2021 by Alien Labs again, and according to the post of Alien Labs, the source code of this malware has been published on 16th ofContinue Reading