Collaborate Disseminate
Top 10 Passwords hackers use to breach RDP revealed! Weak credentials cause successful cyberattacks- check if yours is on the list and secure your system now. Continue reading Top 10 Passwords Hackers Use to Breach RDP – Is Yours at Risk?
I’m trying to think of a way to create the most hacker-proof login system that I can only get into.
Currently my login page only consists of a password box and a button to submit data. Its run on an https url I never disclose to the public… Continue reading Most hacker-proof login page
(found on reddit)
[translation: the website is programmed to reject the login if it is the correct password and if it is the first login attempt]
Assume that the scheme is to reject the first correct login attempt – because otherwise it d… Continue reading Is it viable to defend against brute force attacks by rejecting correct passwords?
I’m designing a service to store secrets without relying on traditional mail-password system.
I will describe this service to give a bit more context for my questions, at the end.
secret The payload we want to store (encrypted) for the us… Continue reading Deriving multiple hashes from a single password for different use cases
Kaspersky experts analyzed the Mercedes-Benz head unit, its IPC protocols and firmware, and found new vulnerabilities via physical access. Continue reading Mercedes-Benz Head Unit security research report
Forest Blizzard, a threat group associated with Russia’s GRU military intelligence service, repeatedly breached a US-based organization via compromised computer systems of nearby firms, which they leveraged to authenticate to the target’s e… Continue reading Faraway Russian hackers breached US organization via Wi-Fi
I was informed by an entity that their hospital information system relies on Active Directory (AD) for user authentication, with AD configured to detect brute-force login attempts. However, the administrator mentioned that the application … Continue reading Can brute-force login attacks bypass AD protections if an application’s internal brute-force defense is not enforced? [closed]
As part of my project, I am trying to brute force a security code for an app using "Forgot my password" option. I understand that I can brute force username and password using Hydra. However, it looks like I cannot use hydra for … Continue reading How to brute force security code or One Time Password
Threat actors have been leveraging zero and n-day vulnerabilities in Cisco security appliances (CVE-2024-20481), Microsoft Sharepoint (CVE-2024-38094), and Google’s Chrome browser (CVE-2024-4947). CVE-2024-20481 (Cisco ASA/FTD) In the past few da… Continue reading Exploited: Cisco, SharePoint, Chrome vulnerabilities
Iranian hackers are targeting critical infrastructure organizations with brute force tactics. This article explores their techniques, including MFA… Continue reading Iranian Hackers Target Microsoft 365, Citrix Systems with MFA Push Bombing