Skip to content
PwnDefend
  • Base
  • Comms Room
    • Customer Feedback
    • Company Information
    • Security Management
  • Services
    • Consulting Services
      • Enterprise Security Posture Assessment
      • Cyber Security Assurance & Security Testing Services
      • IT Security Healthchecks
      • Active Directory Assessment Services
      • Managed Remediation Services
    • Emergency Cyber Incident Response Support
    • Our Success Stories
    • Partner Services
  • Blog
  • Privacy
Guides

Cyber Threat Intelligence Resources

There are so many lists of “tools” of “free resources” for “cyber” etc. Well I don’t want to make a list of stuff for social media, this isn’t the TOP x tools, this is simply some resources that I use on a regular basis that should give people a fairly good idea of where to start looking. Cyber sleuthing is a mixture of:

  • HUMINT
  • OSINT
  • CSINT
  • RUMINT
  • SIGINT
  • SOCMINT
Read more “Cyber Threat Intelligence Resources” →
Threat Intel

The RoyalMail Ransomware Saga

Last update we had was when LockBit released a transcript of a chat alleged to be between LockBit and the RoyalMail ransomware negotiator.

Thanks to Domonic far tagging me, we can see an update has occurred on the LB site:

Read more “The RoyalMail Ransomware Saga” →
Education

Am I a criminal or am I a cybersecurity…

Whilst the common person will largely link the words “hacker/hackers” to criminal the reality is hackers are scientists/artists/creators/ComputerOperators and the choice of being a criminal or not is down to actions and consequences. So the debate about if you identify as “hacker” does that make you a criminal, well it’s nonsense isn’t it. I could call myself a pony but it won’t make me one, much like I could call myself a criminal and I could be entirely law abiding.

Read more “Am I a criminal or am I a cybersecurity crime fighter?” →
Vulnerabilities

CVE-2022-39952 Fortinet Global Exposure

There appears to be a new RCE out for Fortinet devices as per this post (it’s against FortiNAC as far I am aware so this is probably a much smaller exposure footprint than all fortinet devices):

https://www.fortiguard.com/psirt/FG-IR-22-300

There’s also this in FortiWeb (and well they released 40 odd fixes to various bits)

https://www.fortiguard.com/psirt/FG-IR-21-186

When we consider security edge devices and the risks these may pose to organizations and society as a whole it’s important to understand that these are no trivial matter. These are “security” appliances that are there to protect your organizations, to provide remote access as well as protect network egress etc.

Fortinet are not the only vendor to suffer from these types of vulnerability (Remote Code Execution – RCE) however there do appear to have been quite a few of these when looking historically.

Read more “CVE-2022-39952 Fortinet Global Exposure” →
Threat Intel

Pro Russian Hacktivist Groups

Cyberwarfare in Ukraine was hyped as a MASSIVE thing, yet largely it’s been more bark and bite, but perhaps people need to understand that you can’t just “CYBER” a remote network, and even if you could, let’s say you get RCE on 30 networks in a country, so what? There needs to be value, purpose and something that will support other objectives, this isn’t a CTF.

  • Espionage (Collection/CNE)
  • Information Warfare (PsyOps)
  • Computer Network Attacks/Operations (CNA/CNO)
Read more “Pro Russian Hacktivist Groups” →
Education

Is my house spying on me?

Do you ever get the feeing you are being watched? What about listening to it? Do you ever talk about a subject and then see it appear in adverts despite never using a computer to search for it?

Well don’t worry there’s lots of reasons as to why this can occur, and whilst you might want to think someone is spying on you, the truth is they probably aren’t looking for you, but they might be harvesting your data.

Read more “Is my house spying on me?” →
Threat Intel

Active Cybercrime Groups

Ransomware this, ransomware that! The problem is, you can be tired of the subject but that doesn’t mean the threat has gone away! So what are the currently active ransomware groups posting victims?

Well here’s a list of currently active group (Both Ransomware and Marketplaces) names who have ONLINE “DARK WEB” (TOR) hidden services online and who are posting victims or are markets:

Read more “Active Cybercrime Groups” →
Education

Lockbit 3.0 and Royal Mail – Chats Published

The loss of availability Ransomware causes is enough to make your day/week/s bad, the loss of data, bad month/quarter or longer.

Lockbit posted “Royal Mail need new negotiator.” Followed by “ALL AVAILABLE DATA PUBLISHED !”

What we actually found is that they published the chat history:

Read more “Lockbit 3.0 and Royal Mail – Chats Published” →
Threat Intel

ESXiargs Summary 09-02-2023 10:03

What do we know?

Adversary: Unknown, likely Criminal Actor/s

Initial Access Vector: Unknown/Unproven

Impact: ~3K+ Hosts have had Remote Code Execute and their ESXi logon pages changed (plus had encryption routines run to encrypt virtual machines, with varying success). A Second encryption routine has been deployed to some hosts; the threat actor is expanding/changing capabilities.

Risk: Further impact, Additional Threat Actors Exploit the vulnerability

Read more “ESXiargs Summary 09-02-2023 10:03” →
Getting into Cyber

How to get into Cyber? It’s EASY!

Quick, I’ll tell you a little secret… to get into CYBER you must first follow this guide:

Now if you are going to GET INTO CYBER you need to have a range of things:

  • Computer Hacking Skills
  • Num-chuk Skills

Right ok, so let’s get some Hacking Skills!

Head over to KALI LINUX and download KALI

Read more “How to get into Cyber? It’s EASY!” →

Posts navigation

1 2 3 4 … 12

Recent Posts

  • Protective DNS (PDNS) by NCSC UK adds UK schools
  • Cisco IOS XE Incident Update
  • No one is responsible for your OWN Cyber Defences other than you! 
  • The Manual Version 2.0
  • Cyber Security for PC Gamers

Recent Comments

  1. The Week in Ransomware – May 26th 2023 – Cities Under Attack - Shackle Media on The Manual Version 2.0
  2. The Week in Ransomware – May 26th 2023 – Cities Under Attack – Source: www.bleepingcomputer.com - CISO2CISO.COM & CYBER SECURITY GROUP on The Manual Version 2.0
  3. The Week in Ransomware - Might twenty sixth 2023 - Computer Depot | Best & Reliable Computer Repair - O'Fallon on The Manual Version 2.0
  4. The Week in Ransomware - Could twenty sixth 2023 - Anedejo on The Manual Version 2.0
  5. The Week in Ransomware - May 26th 2023 - Tech World4uu on The Manual Version 2.0

Archives

  • November 2023
  • October 2023
  • August 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • March 2020
  • February 2020
  • January 2020
  • October 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018

Categories

  • Architecture
  • Breach
  • Company News
  • CTF
  • Defence
  • Defense
  • Education
  • Fiction
  • Getting into Cyber
  • Guides
  • Hacking
  • IOT
  • Leadership
  • News
  • OSINT
  • Reviews
  • Strategy
  • Threat Intel
  • Uncategorized
  • Vulnerabilities
Copyright (c) Xservus Limited