John Doe – Page 3 – WindowsTechs.com

What type of cybersecurity jobs can’t be replaced by AI? [closed]

Posted on June 1, 2020 by John Doe

It looks like AI is out to get some of us. The button pushers. One click on vulnerability scanner or zenmap etc…

I was wondering what kind to cybersecurity obs could not be easily replaced by AI.
On the top of my head, I’d say : threat … Continue reading What type of cybersecurity jobs can’t be replaced by AI? [closed]→

What is the Digests section in cryptsetup

Posted on April 10, 2020 by John Doe

If you run the command cryptsetup luksDump /dev/sda5 (change device to whatever LUKS encrypted device), you will get an output, and at the end there is a section “Digests” which contains something like this:

Digests:
0: pbkdf2
Hash:… Continue reading What is the Digests section in cryptsetup→

I found a security vulnerability in a web app developed by my university. Can it have a CVE number?

Posted on March 16, 2020 by John Doe

I found some serious vulnerabilities in my university’s infrastructure. The infrastructure is a web app built with Spring and it’s developed and used solely by the University.

Using it I can get sensitive information for all students and … Continue reading I found a security vulnerability in a web app developed by my university. Can it have a CVE number?→

Hash that outputs a 8 characters [duplicate]

Posted on March 15, 2020 by John Doe

I’m investigating a login system that exposes (probably) hashed passwords.

Password: HTSr0MF8Ou4liOCUayXHDg==

The password is stored in base64 format. When I decode it, I get random 8 chars regardless of password length.

The characters… Continue reading Hash that outputs a 8 characters [duplicate]→

How to hide the fact that a system is virtual machine from malware

Posted on March 5, 2020 by John Doe

I’ve read that many types of malware scan a system for various clues regarding virtualization software, in order to stifle forensics. Is there any way to hide the fact that a computer is a virtual machine from malware?

Continue reading How to hide the fact that a system is virtual machine from malware→

Should a DNS server restrict reverse lookups from external hosts?

Posted on January 31, 2020 by John Doe

What risks are there in allowing external clients to resolve internal IPs to their domain names? The server is used internally for clients, as well as for external clients needing to resolve a web server’s domain. Couldn’t allowing these r… Continue reading Should a DNS server restrict reverse lookups from external hosts?→

Is there any danger to downloading a malware binary, but not executing it?

Posted on January 16, 2020 by John Doe

I recently downloaded an ELF file which was discovered from an exploit attempt (wget to download this binary failed due to outgoing traffic being blocked if it isn’t whitelisted). I downloaded it into a VM in order to run some basic analys… Continue reading Is there any danger to downloading a malware binary, but not executing it?→

Is there any danger to downloading a malware binary, but not executing it?

Posted on January 16, 2020 by John Doe

Possible to detect tools like HTran from network analysis?

Posted on December 18, 2019 by John Doe

There is a publicly available tool called HTran which is widely used by criminal groups in cyberattacks to exfiltrate data. It simply relays traffic from one host to another, much like a proxy. It is typically used to relay i… Continue reading Possible to detect tools like HTran from network analysis?→

Any data on how many users change passwords after a breach notifcation?

Posted on November 22, 2019 by John Doe

Does anyone know of any study or any data whatsoever which might indicate how many users actually change their passwords after they have been notified that their credentials appeared in a breach?

Continue reading Any data on how many users change passwords after a breach notifcation?→