Daniel Bretschneider

@[email protected]
37 Followers
143 Following
67 Posts
#ITSecurity & #Privacy | IT-InfoSec @Frequentis | Private Account
Websitehttps://www.bretschneider.cc/
Email[email protected]
Twitterhttps://x.com/jeromeium
LinkedInhttps://www.linkedin.com/in/daniel-bretschneider-193162220/
Daniel BretschneiderDec 18, 2023
Eva WolfangelDec 18, 2023
Hello everyone, I am researching about Operation #Triangulation and I heard that there are victims outside of #Kaspersky. I would really love to know more and ideally hear from them. Could you help me spread the word? People can contact me via Signal, Threema or Matrix (-> bio). I promise of course confidentiality. I don't mention their names, if they don't want me to etc. Right now for me it is about getting an idea of the target and scope of the attack.
Thanks for your support!
#cybersecurity
Daniel BretschneiderJun 6, 2023
BleepingComputerJun 6, 2023

Outlook.com is suffering a series of outages today after being down multiple times yesterday, with hacktivists known as Anonymous Sudan claiming to perform DDoS attacks on the service.

https://www.bleepingcomputer.com/news/microsoft/outlookcom-hit-by-outages-as-hacktivists-claim-ddos-attacks/

Outlook.com hit by outages as hacktivists claim DDoS attacks

Outlook.com is suffering a series of outages today after being down multiple times yesterday, with hacktivists known as Anonymous Sudan claiming to perform DDoS attacks on the service.

BleepingComputer
Daniel BretschneiderJun 6, 2023
BleepingComputerJun 5, 2023

Cybersecurity firm Kaspersky has released a tool to detect if Apple iPhones and other iOS devices are infected with a new 'Triangulation' malware.

https://www.bleepingcomputer.com/news/security/new-tool-scans-iphones-for-triangulation-malware-infection/

New tool scans iPhones for 'Triangulation' malware infection

Cybersecurity firm Kaspersky has released a tool to detect if Apple iPhones and other iOS devices are infected with a new 'Triangulation' malware.

BleepingComputer
Daniel BretschneiderJun 6, 2023

Concerning Operation #Triangulation: Although the #security #review of the newly found #triangle #spyware is still running, #kaspersky created a python script that checks if your #apple device is compromised. triangle_check can be installed via #pip.

https://github.com/KasperskyLab/triangle_check

GitHub - KasperskyLab/triangle_check

Contribute to KasperskyLab/triangle_check development by creating an account on GitHub.

GitHub
Daniel BretschneiderJun 6, 2023

#iMessage is again target of a massive wave of zero-click #exploits. Once (or still) used by #pegasus iMessage is now under attack by russian threat actors. I recommend to update to #iOS 16.5 and deactivate iMessage in your settings.

https://www.bleepingcomputer.com/news/security/russia-says-us-hacked-thousands-of-iphones-in-ios-zero-click-attacks/

Russia says US hacked thousands of iPhones in iOS zero-click attacks

Russian cybersecurity firm Kaspersky says some iPhones on its network were hacked using an iOS vulnerability that installed malware via iMessage zero-click exploits. Russia blames these attacks on US intelligence agencies.

BleepingComputer
Daniel BretschneiderJun 4, 2023
Mittels #smishing versuchen Betrüger:innen über SMS Empfänger:innen sensible Daten zu entlocken, sowie sie zum Folgen von Links zu bringen. Anbei zwei Beispiele, sowie eine Meldung des Kriminalreferats zu einer gängigen Masche v.A. im Großraum Linz.
https://polizei.gv.at/ooe/presse/aussendungen/presse.aspx?prid=52756E75767144743666343D&pro=0
Presseaussendungen LPD Oberösterreich

Daniel BretschneiderJun 4, 2023

If you're into #osint then I would strongly advise to take a look at the most atypical guide to OSINT. A repository intended for bored professionals...
#infosec

https://github.com/OffcierCia/non-typical-OSINT-guide

GitHub - OffcierCia/non-typical-OSINT-guide: The most unusual OSINT guide you've ever seen. The repository is intended for bored professionals only. PRs are welcome!

The most unusual OSINT guide you've ever seen. The repository is intended for bored professionals only. PRs are welcome! - GitHub - OffcierCia/non-typical-OSINT-guide: The most unusual OSINT g...

GitHub
Daniel BretschneiderJun 4, 2023
#spiderfoot is an open source intelligence (#OSINT) automation tool, which comes with an embedded #webserver making #reconnaissance easy. This tool helps you gather information on usernames, email/IP addresses, phone numbers and even #bitcoin addresses...
https://github.com/smicallef/spiderfoot
GitHub - smicallef/spiderfoot: SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface. - smicallef/spiderfoot

GitHub
Daniel BretschneiderJun 4, 2023

Another #opensource #vulnerability scanner for #webservers and #cgi is #nikto. It scans for dangerous files, outdated server software and performs other checks against security #threats.

https://www.kali.org/tools/nikto/

nikto | Kali Linux Tools

Nikto Usage Example - Nikto v2.1.6 --------------------------------------------------------------------------- + Target IP: 192.168.0.102 + Target Hostname: 192.168.0.102 + Target Port: 80 + Start Time: 2018-03-23 10:49:04 (GMT0) --------------------------------------------------------------------------- + Server: Apache/2.2.22 (Ubuntu) + Server leaks inodes via ETags, header found with file /, inode: 287, size: 11832, mtime: Fri Feb 2 15:27:56 2018 + The anti-clickjacking X-Frame-Options header is not present.

Kali Linux
Daniel BretschneiderJun 4, 2023

If you're responsible for one or many websites, it's sometimes recommended to do some security testing. A perfect tool especially for #wordpress sites is #wpscan. It's a free, for non-commercial use, #security/#vulnerability scanner written in #ruby.

https://t.co/zZ0QhpCnIM

WPScan User Documentation

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected] - wpscanteam/wpscan

GitHub