Collaborate Disseminate
Social media influencer Rossi Lorathio Adams II was sentenced to 14 years in federal prison for plotting an Internet domain hijacking at gunpoint and an armed home invasion with his cousin Sherman Hopkins, Jr. […] Continue reading Domain Takeover at Gunpoint Gets Influencer 14 Years in Jail
As an admin one gets tasked with configuring [Microsoft Windows 10] computers so that auditing is enabled and captures all events as required by some list that’s already defined and handed down.
There are dozens of other th… Continue reading saving entire Windows event log for auditing & preserve digital evidence
Hypothetical Situation:
The company Blue hires the company Red to do a Red Team engagement on Blue. Here, I’ll be discussing only the physical part of the engagement, not social and cyber.
Red successfully infiltrates Blue … Continue reading What can a victim company do when it’s hard to differentiate between a Physical Pentest from a Criminal Physical Penetration
Let’s assume the customer (target) wants to have a full physical pentest done.
(I’m a student and have 0 exp in actual Pentesting and Red Teaming
Properties of topic:
Cars (in the car park)
Personal laptops
Phones
Physica… Continue reading Can employees’ personal properties be part of the scope? [on hold]
A Russian man who helped create a hacking tool capable of extracting funds from victims’ bank accounts will spend four years behind bars, a punishment that fell short of the five years for which federal prosecutors had asked. A judge in the U.S. Southern District of New York handed down the 48-month prison sentence, including time served, to Stanislav Lisov for his role in deploying the NeverQuest malware. Lisov admitted he profited $885,000 from NeverQuest, while government investigators said the hacking technique had been used to try to steal a total of $4.4 million from international banks. Five years would have been the maximum allowed under the terms of a plea deal Lisov struck with the Department of Justice early this year. “He is happy,” Lisov’s attorney, Arkady Bukh, told CyberScoop, calling the sentence a “great victory.” NeverQuest quickly became a favorite hacking tool for financial scammers after its debut in 2013. Thieves […]
The post NeverQuest banking malware administrator sentenced to 4 years appeared first on CyberScoop.
Continue reading NeverQuest banking malware administrator sentenced to 4 years
State-sponsored cyberattacks against just one victim nation at a time could soon provoke a global response, if a growing number of officials around the world have their way. As the Pentagon has experimented with new authorities allowing U.S. Cyber Command to be more offensive in cyberspace, key officials have suggested there is a groundswell of support for multi-nation countermeasures in the digital age. Thomas Wingfield, the incoming deputy assistant secretary of Defense for cyber policy, told CyberScoop that alliances could be a more successful way to deter hackers and strike back when they infiltrate sensitive networks. “I think that’s a more effective way to solve the problem, and I think that is the general [direction] of international law,” said Wingfield, who is still employed at National Defense University. “But I would also say we’re not there yet and states are in the process of moving international law in that direction.” For months now, the U.S. […]
The post Pentagon’s next cyber policy guru predicts more collective responses in cyberspace appeared first on CyberScoop.
Continue reading Pentagon’s next cyber policy guru predicts more collective responses in cyberspace
As a court weighs the proposed class action settlement stemming from Equifax’s 2017 data breach, an independent legal watchdog is saying the agreement fails to treat victims equally. The nonprofit Center for Class Action Fairness, which advocates on behalf of consumers involved in class action suits, said in a court filing Tuesday the Equifax settlement — which proponents value at $700 million — “flunks” federal requirements for fairness and adequacy. This is the same agreement that Equifax said would include up to $425 million for customers who were affected by the data breach, which compromised information about 147 million Americans. After suggesting individual customers could be paid up t o $125 under certain conditions or accept free credit monitoring, Equifax introduced new requirements forcing Americans to prove they had credit monitoring in place at the time of the breach, otherwise they would be paid nothing. The terms of the deal could result in […]
The post Consumer watchdog says Equifax settlement ‘flunks’ fairness test appeared first on CyberScoop.
Continue reading Consumer watchdog says Equifax settlement ‘flunks’ fairness test
A previous question of mine lead to this discussion which mentioned the subject of Document forgery.
I’ve seen many people (in videos) forge IDs and employee badges for such engagements so that seems fine as a test. However,… Continue reading Should I present forged documents in a Penetration Test/Red team engagement?
If I want to access the Galaxy Store on a Samsung Galaxy phone I have to agree to a set of terms (Legal information). These terms are excerpted below:
All content made available to you by the Samsung Galaxy Store is subj… Continue reading Why does Samsung access my contacts and storage if I use their store?
I know there are laws which require all data to be encrypted in transit and at rest. It makes sense for browser to server connections but,
Does data flow within a VPC, lets say a kubernetes cluster needs to be encrypted too… Continue reading Does data inside a VPC needs to be encrypted in trasit too? [on hold]