Data Loss Prevention What is Data Loss Prevention? Data Loss Prevention (DLP) is a strategy for preventing data exfiltration and destruction. Examples of data include financial information, customer data, trade secrets, and other confidential information that could harm a company or its customers if exposed. Common causes of data loss include: Human error- accidental deletion of sensitive files, misconfiguring security settings, or being the victim of a social engineering attack. Insider threats- unauthorized saving and distribution of sensitive files by those with access to corporate systems....

Hi guys, I made a mistake. In my frustration trying to debug my C program, I inadvertently deleted all the files within my /usr/include folder. I didn’t realize at the time that this was a very important folder! As explained here, it stores the Linux kernel’s libc header files! Rookie mistake, but luckily for us, there’s ways to fix it. If your /usr/include folder is also looking more empty than the shelves during COVID, I come bearing the solution....

Why Create a Cloud Server? As many security-conscious people are aware, saving something in the cloud really means saving it on somebody else’s computer. When using cloud services, you don’t own the data that you upload, nor do you own the program that you’re using. Additionally, it is within the cloud service provider’s rights to delete your data or remove your access to it if they had technical issues, went bankrupt, or you missed a bill....

DNS Cache Poisoning on Home Lab Walkthrough https://www.okta.com/sites/default/files/media/image/2021-04/DNSPoisoning.png Overview In this article, I will be walking you through a common method of implementing DNS cache poisoning on a network. I’ll illustrate my process with screenshots, commands, and explanations. You are welcome to follow along and gain hands-on experience with DNS spoofing to further reinforce the knowledge that you already have. Intended Audience This is intended for a more technical audience. If you’re a beginner, I recommend looking for a more comprehensive tutorial to walk you through all the terminology and commands....

Wait, you can do that? The answer is a resounding “yes”. And I’m not the only one who got my OSCP at the age of 16. Meet Mihai, Vanshal, Grant, and this person from Reddit. Admittedly, the number of us is few and far between when compared to the typical demographic of OSCP test-takers. To add to this, I’m a woman and I haven’t seen any other women my age do this....

https://images.pexels.com/photos/3760778/pexels-photo-3760778.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=1 If you’re anything like me, you discovered Impacket, either through a course, Ippsec, or your own research, and you look at the scripts. Your grin turns into horror as you realize the sheer amount of scripts that end with “exec”. They all give you remote access but when do you use which one!? Don’t worry, I have your back. Let’s break them down. PsExec PsExec works by writing a randomly-named binary to the ADMIN$ SMB share (hence why you require write access to that share in order to use it)....

If your VPN log looks something like this: I’m here to help. During my time working through the PEN-200 labs, I’ve faced the constant struggle of losing connection to the host every few minutes to seconds. I tried to troubleshoot this “Inactivity Timeout” error with an Offsec employee for 3 hours to no avail. Finally, I figured out the solution and I am here to share it with those of you who have the same struggle....

The Pen-200 is the prerequisite course for the OSCP exam. As such, the writeups for the labs are incredibly difficult to find. As someone who has relied heavily on the accessibility of HTB walkthroughs, I’ve never been in an environment where I wasn’t one Google search away from figuring out the next step in solving a box. Needless to say, 0xdf couldn’t help me much with the Pen-200 labs. The Pen-200 labs were a struggle not because I was incompetent, but because I didn’t have enough practice reaching dead ends....

An 18-year-old hacker gained admin access to Uber on September 15, 2022. These are the steps that the hacker took: The hacker obtained an Uber employee’s phone number. He directed the employee to a phishing site that looked like an Uber login page. The employee logged in and the hacker gained his credentials. The hacker tried to get around the MFA by doing a Multi-Factor Authentication Fatigue attack. This attack consists of spamming MFA requests to the employee until he gets annoyed enough to allow the login attempt to go through....

Introduction This article contains information that I have gathered as I’ve done research on incident response. This aims to be actionable for red teamers to know what to look out for and for blue teamers to aid in the creation of an effective incident response plan. Key Roles the CISO ensures cyberattacks are promptly investigated. coordinating efforts of incident response during a cyberattack. investigating which data may have been stolen....

Foreword To avoid detection, it is best to use tools that are native to the victim’s computer. FTP with Windows Host While having a shell on the Windows machine, start an FTP server on your host machine. Follow these steps if you don’t already have FTP server installed: sudo apt-get install vsftpd sudo service vsftpd start service vsftpd status #status should be active To check if your server is working, type ftp localhost....

How Does Antivirus Software Actually Work? Antivirus software acts as a defense from trojans, viruses, ransomware, spyware, adware, and much more. There are 3 main ways that it detects malware: signature-based detection, heuristic-based detection, and anomaly-based detection. Signature-Based Detection The scanner will search for specific strings in a program and check for them in a database of known viruses. The strings are often the payload of the malicious code. If the signatures match, the activity is flagged for suspicious activity....

When first learning Kerberos, it can feel like you’re being chased by the three-headed dog. Not to fear, however, because today I’ll be explaining a high-level overview of Kerberos authentication. Kerberos was designed to provide secure authentication to services over a potentially insecure network. It is used by many organizations to implement single sign-on (SSO). Kerberos Terminology In order to understand the step-by-step explanation, it is important to have a basic understanding of the various components of Kerberos....

Introduction Hey everyone! This is a write-up of how I was able to pwn the Mustacchio machine. I hope you enjoy! Notes: This was done on a Kali Linux machine so the commands might be slightly different if you are on Windows Enumeration To begin, I scanned for open ports using RustScan. RustScan, for those who have never heard of it, is essentially a much faster version of Nmap. You can use Nmap if you prefer....