Examination of a “Drive-by-Download” Many Security Professionals Get this Wrong – It’s a type of Social Engineering

https://amzn.to/3n0lcqx Basic Definition: Drive-by downloads are a type of social engineering which happens when visiting a website and you are prompted for a download without initiating it, when viewing an e-mail message with software that allows javascript to run, by clicking on a deceptive pop-up window that prompts you to install the latest version of flash … Read more

Mafiaboy DDoS IRC botnet takes down eBay/ETRADE/Amazon and Yahoo at the same time – RATE THIS ATTACK

DDoS was a lot easier back in those days, I remember one of the attacks launched at an IRC user that lived in Romania that always made me laugh, instead of just DoS’n the user they DDoS’d the uplink that provided bandwidth to the entire country – YES – they took a country offline with … Read more

So you want a job as a Network Security Analyst? Network Intrusion Detection Practice

Network security analysis takes a lot of experience, the best way you can get real world experience is by setting up your own testing environment lab. Download WireShark and TCPDUMP – these tools will be used to monitor live traffic you will generate. Make sure you have some type of Virtual Machine software and here … Read more

Similarities and Differences in the terms Phishing, Malvertising, Spam and Malware E-mails

What is Phishing? What are malvertising, spam e-mail and malware e-mail campaigns?  These terms have started to become intertwined and used interchangeably which generally means that there is a lack of understanding in the IT community which is typical. Over time laziness and improper training has a way of bending security definitions into bundles. A great example … Read more

*FOR RESEARCH* How Easy is it to find Webshells and basically have Root/Admin or User Level Access without “Hacking” Anything – PART 2

Sure enough, wevbshells were just as easy to find as DoS scripts on hacked webservers, the most common webshell that I found was the C99 or C999 or R57 (Modified by everyone) but the code is the same, I located 54 of those, 21 had full root access meaning people are still running apache as … Read more