Skip to content
PwnDefend
  • Base
  • Comms Room
    • Customer Feedback
    • Company Information
    • Security Management
  • Services
    • Consulting Services
      • Enterprise Security Posture Assessment
      • Cyber Security Assurance & Security Testing Services
      • IT Security Healthchecks
      • Active Directory Assessment Services
      • Managed Remediation Services
    • Emergency Cyber Incident Response Support
    • Our Success Stories
    • Partner Services
  • Blog
  • Privacy

Blog

Snake Oil Threat Intel

DNSSEC – why not having a signed zone is…

Firstly, what is DNSSEC?

https://www.icann.org/resources/pages/dnssec-what-is-it-why-important-2019-03-05-en

Ok read all that good. What we are talking about here is signing a DNS zone to “assure” that the client is getting DNS responses from the right ZONE data. DNSSEC does not encrypt the conversation between DNS client and DNS server. It does enable the client to be able to check if the data it gets back is valid. In short what we are doing is validating that the “data” being returned is authorized and not tampered with.

Read more “DNSSEC – why not having a signed zone is almost never going to lead to you getting pwn3d” →
Education

Lockbit 3.0 and Royal Mail – Chats Published

The loss of availability Ransomware causes is enough to make your day/week/s bad, the loss of data, bad month/quarter or longer.

Lockbit posted “Royal Mail need new negotiator.” Followed by “ALL AVAILABLE DATA PUBLISHED !”

What we actually found is that they published the chat history:

Read more “Lockbit 3.0 and Royal Mail – Chats Published” →
Getting into Cyber

Why is the cybersecurity hiring process so broken?

In this blog today we look at the 6 TOP reasons why the CYBERSECURITY hiring process is largely broken and some ways we can look at addressing these:

The cybersecurity hiring process can be considered “broken” for a number of reasons, some of which include:

Read more “Why is the cybersecurity hiring process so broken?” →
Threat Intel

ESXiargs Summary 09-02-2023 10:03

What do we know?

Adversary: Unknown, likely Criminal Actor/s

Initial Access Vector: Unknown/Unproven

Impact: ~3K+ Hosts have had Remote Code Execute and their ESXi logon pages changed (plus had encryption routines run to encrypt virtual machines, with varying success). A Second encryption routine has been deployed to some hosts; the threat actor is expanding/changing capabilities.

Risk: Further impact, Additional Threat Actors Exploit the vulnerability

Read more “ESXiargs Summary 09-02-2023 10:03” →
Vulnerabilities

ESXIArgs Vulnerable ESXi Spreadsheet

I knocked this up quickly but I “think” it’s accurate. Use at own risk etc.

ESXi-RCE-Vulnerable-BuildsDownload

Let me know if you find any errors/changes required etc.

Education

How to get some OPSEC with Kali?

There are major questions that must be answered here!

  1. How do we change the hostname in KALI Linux?
  2. How do we change the default TTL to look like a Windows Machine?
  3. How do we pretend to be a SAMSUNG device/How do we change our MAC address?
Read more “How to get some OPSEC with Kali?” →
Getting into Cyber

How to get into Cyber? It’s EASY!

Quick, I’ll tell you a little secret… to get into CYBER you must first follow this guide:

Now if you are going to GET INTO CYBER you need to have a range of things:

  • Computer Hacking Skills
  • Num-chuk Skills

Right ok, so let’s get some Hacking Skills!

Head over to KALI LINUX and download KALI

Read more “How to get into Cyber? It’s EASY!” →
Threat Intel

ESXiARGS Ransomware – Global Incident

Thousands of ESXi hosts around (some of the) globe have been encrypted by cyber criminals. This post is a fast publish showing some of what has occurred, it’s impact and now includes limited remedial advice.

If you have been affected by this ransomware event there is an attempted recovery script by CISA

https://github.com/cisagov/ESXiArgs-Recover/blob/main/recover.sh

Read more “ESXiARGS Ransomware – Global Incident” →
Leadership

Why is security so hard?

  • It requires being thorough.
  • It required documenting things.
  • It requires conducting training and drills.
  • It adds what can be viewed as additional effort/cost to the primary goals (sell widgets/services/time)
  • It involves weird and wonderful ways of abusing functionality that is not always apparent or expected, thus to the typical consumers/user of a service, the idea that it might be abused actually seems very unlikely (to a criminal or security pro, the idea it will be abused seems far more likely based on threat intelligence etc.)
Read more “Why is security so hard?” →
Leadership

Virtual Desktop Infrastructure (VDI) & Cyber Essentials

Do you have a VDI solution in use at your business? Be that something like CITRIX, VMware View or Remote Desktop Services (VDI mode or Server Based Computing SBC) mode?

Well let’s consider this with regard to cyber essentials.

In a recent update post:

The January changes to the Cyber Essentials scheme reflect the changing cyber threats in today’s digital environment – Iasme

Read more “Virtual Desktop Infrastructure (VDI) & Cyber Essentials” →

Posts navigation

1 2 3 4 5 … 31

Recent Posts

  • Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2023-23397)
  • The Long Game: Persistent Hash Theft
  • The Hacker on a Train
  • Adopting an Attacker Mindset to Defend Healthcare
  • Caught: A Hacker Adventure

Recent Comments

No comments to show.

Archives

  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • March 2020
  • February 2020
  • January 2020
  • October 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018

Categories

  • Architecture
  • Breach
  • Company News
  • CTF
  • Defence
  • Defense
  • Education
  • Fiction
  • Getting into Cyber
  • Guides
  • Hacking
  • IOT
  • Leadership
  • News
  • OSINT
  • Reviews
  • Strategy
  • Threat Intel
  • Uncategorized
  • Vulnerabilities
Copyright (c) Xservus Limited