Skip to content
PwnDefend
  • Base
  • Comms Room
    • Customer Feedback
    • Company Information
    • Security Management
  • Services
    • Consulting Services
      • Enterprise Security Posture Assessment
      • Cyber Security Assurance & Security Testing Services
      • IT Security Healthchecks
      • Active Directory Assessment Services
      • Managed Remediation Services
    • Emergency Cyber Incident Response Support
    • Our Success Stories
    • Partner Services
  • Blog
  • Privacy
Threat Intel

Active Cybercrime Groups

Ransomware this, ransomware that! The problem is, you can be tired of the subject but that doesn’t mean the threat has gone away! So what are the currently active ransomware groups posting victims?

Well here’s a list of currently active group (Both Ransomware and Marketplaces) names who have ONLINE “DARK WEB” (TOR) hidden services online and who are posting victims or are markets:

Read more “Active Cybercrime Groups” →
Education

How would I apply to the role of “Head…

I was pottering about (not like a wizard, more like a cold infected zombie!) and an email hit my mailbox with the “Head of Cyber Architecture” at BA. I have no intention of applying but I thought.. I wonder if this is a good exercise to show people how I would go about the exercise? Well to even begin this I need to write down some notes. So I guess here we go… how far I get into this “fantast football” style scenario who knows, but hopefully it will show some people how I might do things! First up let’s look at the raw requirement:

Read more “How would I apply to the role of “Head of Cyber Architecture”” →
Threat Intel

ESXiargs Summary 09-02-2023 10:03

What do we know?

Adversary: Unknown, likely Criminal Actor/s

Initial Access Vector: Unknown/Unproven

Impact: ~3K+ Hosts have had Remote Code Execute and their ESXi logon pages changed (plus had encryption routines run to encrypt virtual machines, with varying success). A Second encryption routine has been deployed to some hosts; the threat actor is expanding/changing capabilities.

Risk: Further impact, Additional Threat Actors Exploit the vulnerability

Read more “ESXiargs Summary 09-02-2023 10:03” →
Education

How to get some OPSEC with Kali?

There are major questions that must be answered here!

  1. How do we change the hostname in KALI Linux?
  2. How do we change the default TTL to look like a Windows Machine?
  3. How do we pretend to be a SAMSUNG device/How do we change our MAC address?
Read more “How to get some OPSEC with Kali?” →
Getting into Cyber

How to get into Cyber? It’s EASY!

Quick, I’ll tell you a little secret… to get into CYBER you must first follow this guide:

Now if you are going to GET INTO CYBER you need to have a range of things:

  • Computer Hacking Skills
  • Num-chuk Skills

Right ok, so let’s get some Hacking Skills!

Head over to KALI LINUX and download KALI

Read more “How to get into Cyber? It’s EASY!” →
Hacking

CrackMapExec (CME) on Windows

Ok this is going to be really short post, but expect more later! Did you ever want to run CME but you were stuck on a Windows machine? Well don’t worry you can! How do we do this?

First we download CME

https://github.com/Porchetta-Industries/CrackMapExec/releases/download/v5.4.0/cme-windows-latest-3.10.1.zip

Extract the zip file

Make sure you have python3 installed!

Read more “CrackMapExec (CME) on Windows” →
Guides

Ransomware + Mega = Mega Cyber Pain

Did you ever read about ransomware actors? They often use mega upload to exfiltrate data! So I figured, why would we not detect this with MDE?

I mean sure we should probably block this with a custom indicator using Web Content Filtering and sure it would probably get blocked by Protective DNS but let’s say for whatever reason you don’t have those in place, let’s look at a really simple query to find mega connections in MDE:

Read more “Ransomware + Mega = Mega Cyber Pain” →
Defence

Threat hunting with some funny results!

You never know what you will find when you go hunting! So here’s a quick tale of an explore I did using Advanced Hunting!

I went hunting here in Advanced Hunting:

Read more “Threat hunting with some funny results!” →
Threat Intel

Simulating Human Operated Discovery

Did you want to check out some of your detections? This isn’t everything of course but it’s a simple batch file to simulate a range of enumeration techniques used by actors like CONTI or LOCKBIT affiliates/operators:

Read more “Simulating Human Operated Discovery” →
Leadership

It’s 2023 and people’s passwords are still really really…

If you work in marketing you are probably walking around telling everyone that we all live in a ZERO trust era, that PASSWORDS are DEAD! Ransomware is DEAD and AI is the FUTURE and we should be doing that NOW!

Meanwhile back on CYBER PLANET EARTH, most organisation do NOT have or need AI, they use passwords and well they passwords they use are shockingly bad! Howe do I know this? I do password audits and security testing, but I also look at breach data! (and we have other people publish password audit reports etc.)

Read more “It’s 2023 and people’s passwords are still really really bad!” →

Posts navigation

1 2 3 4 … 15

Recent Posts

  • Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2023-23397)
  • The Long Game: Persistent Hash Theft
  • The Hacker on a Train
  • Adopting an Attacker Mindset to Defend Healthcare
  • Caught: A Hacker Adventure

Recent Comments

No comments to show.

Archives

  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • March 2020
  • February 2020
  • January 2020
  • October 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018

Categories

  • Architecture
  • Breach
  • Company News
  • CTF
  • Defence
  • Defense
  • Education
  • Fiction
  • Getting into Cyber
  • Guides
  • Hacking
  • IOT
  • Leadership
  • News
  • OSINT
  • Reviews
  • Strategy
  • Threat Intel
  • Uncategorized
  • Vulnerabilities
Copyright (c) Xservus Limited