The Killer Clown (hacktoria)

February 1st 2025 | #ctf #hacktoria #osint

More >

subscribe (thm)

January 30th 2025 | #ctf #tryhackme

Can you help Hack3M reach 3M subscribers?

More >

Constellation (htb)

January 25th 2025 | #ctf #hackthebox #osint

The SOC team has recently been alerted to the potential existence of an insider threat. The suspect employee's workstation has been secured and examined. During the memory analysis, the Senior DFIR Analyst succeeded in extracting several intriguing URLs from the memory. These are now provided to you for further analysis to uncover any evidence, such as indications of data exfiltration or contact with malicious entities. Should you discover any information regarding the attacking group or individuals involved, you will collaborate closely with the threat intelligence team. Additionally, you will assist the Forensics team in creating a timeline. Warning : This Sherlock will require an element of OSINT and some answers can be found outside of the provided artifacts to complete fully.

More >

TryHack3M: Bricks Heist (thm)

January 24th 2025 | #ctf #tryhackme

"Crack the code, command the exploit! Dive into the heart of the system with just an RCE CVE as your key."

More >

trooper (thm)

January 22nd 2025 | #ctf #cti #tryhackme

Task: "Use Cyber Threat Intelligence knowledge and skills to identify a threat based on a report."

More >

MonitorsThree (htb)

December 21st 2024 | #ctf #hackthebox

Medium machine on hackthebox

More > WriteUp - SOC109 - Emotet Malware Detected

November 22nd 2024 | #en #soc

Malware was detected on endpoint RichardPRD ( Infected file is 1word.doc. VT (48/63) Maldoc with VBA code. First Seen In The Wild on 2020-06-11 at 13:11:14 UTC. IoCs relate this document to Emotet Malware.

More >

Investigation SOC235 - Atlassian Confluence Broken Access Control 0-day

December 14th 2023 | #en #soc

I have been out of the SOC almost a year now and sometimes I miss digging into alerts. I recently signed up to to play around. LetsDefend is a really cool training site with a simulated SOC environment that allows you to investigate incidents. The alerts are quite close to what you'd see in the real world. Read on for my analysis of alert SOC235.

More >

La contraseña tiene que morir

October 7th 2019 | #es #old #passwords #risk #security

Hace unos días, leí un artículo que mencionaba el resultado de un estudio sobre la seguridad de TI, concretamente, en el sector de la salud. En el mismo, se explicaba cómo los médicos alemanes tratan de forma negligente las contraseñas en sus prácticas, lo que pone en peligro la seguridad de la información de los pacientes.

More >

Seguridad decente (Parte III) – Cerrando ventanas; bajando persianas

June 3rd 2019 | #dns #es #micropatching #old #opsec #passwords

En la tercera y última entrega de esta miniserie echamos un ojo a cuatro herramientas no tan conocidas:

  • Psiphon para evitar la censura
  • KeepassXC para gestionar contraseñas
  • 0patch para parchear nuestros sistemas y aplicaciones
  • DNSCrypt para mantener privadas nuestras consultas DNS
More >

1 2 >