EtherHiding and ClickFix: new mask of social engineering campaign

Sneaky 2FA: exposing a new AiTM Phishing-as-a-Service

In this blog post, learn about Sneaky 2FA, a new Adversary-in-the-Middle (AiTM) phishing kit targeting Microsoft 365 accounts.

A Blog with NoName

Further Insight into the Hacktivist Operation Targeting NATO and Affiliated Nations Key Findings NoName057(16) is a pro-Russian hacktivist operator / group, which has claimed responsibility for repeated Distributed Denial of Service (DDoS) attacks against entities in perceived anti-Russian countries since March 2022. NoName057(16) back-end infrastructure is hosted in Russia and likely operated by individual(s) with experience in systems design / maintenance. DDoS attack targeting instructions in

Microsoft Sentinel Analytic Rules

Exploring ZIP Mark-of-the-Web Bypass Vulnerability (CVE-2022-41049)

Windows ZIP extraction bug (CVE-2022-41049) lets attackers craft ZIP files, which evade warnings on attempts to execute packaged files, even if ZIP file was downloaded from the Internet.

Eight Mastodon apps for iPhone

An in-depth comparative review of eight Mastodon apps for iPhone: Fedi, Mast, Mastodon, Mercury, Metatext, tooot, Toot! and Tootle.

Disposable Root Servers

We love to research, explore, play and tinker. This journey almost always starts on a Linux Root Shell. Let this be the start of your journey. Use SSH and connect: ssh [email protected] # Password is 'segfault' Every SSH connection spawns a new Root...

wiki:faqs [Infosec.Exchange Wiki]