Chat GPT Alternatives

OpenAI’s Chat GPT offers the reality of high-performing AI chatbots. The purpose of these chatbots is to communicate with users in a conversational manner. And being open source, users can suggest any improvements. As a result, this technology has taken the internet by storm. Millions of users are using it, but there have been some issues with this chatbot. Particularly when Chat GPT is at capacity and users cannot access it.Therefore it’s good to know about some quality Chat GPT alternatives. Here are some options that can help you to level up with AI more easily if Chat GPT is not working for you. Some are more complex, and others far...

Read More

What is Phishing and key points to remember

What is phishingPhishing is a type of online scam in which attackers send fraudulent emails or create fake websites with the intention of tricking individuals into divulging sensitive information such as login credentials, credit card numbers, and other financial information. The attackers often pose as trusted organizations or individuals and use various tactics to persuade the victim to click on a link or download an attachment. The link or attachment may contain malware that can infect the victim's device or redirect the victim to a fake website where they are prompted to enter their personal information.Phishing attacks can be difficult to...

Read More

How to become a successfull cyber security engineer from cyber security analyst

Here are some steps you can take to become a successful cyber security engineer from a cyber security analyst:Build your technical skills: As a cyber security analyst, you may already have a strong foundation in cyber security technologies and practices. However, to become a cyber security engineer, you should aim to expand your technical skillset and knowledge in areas such as network security, security architecture, and system design.Gain practical experience: Hands-on experience is crucial in the field of cyber security. Consider volunteering for security-related projects or internships to gain practical experience and build your portfolio.Pursue...

Read More

What are the key tools to know for cyber security engineering role

Here are some key tools that are commonly used in cyber security engineering roles:Network monitoring tools: These tools allow security engineers to monitor network traffic and identify unusual activity or potential threats. Examples include Wireshark, Splunk, and SolarWinds.Vulnerability scanners: These tools scan systems and networks for known vulnerabilities and provide recommendations for remediation. Examples include Nessus, Qualys, and Rapid7.Security information and event management (SIEM) systems: These systems collect and analyze security-related data from various sources to identify potential threats and provide alerts. Examples include...

Read More

Cyber incident in medibank

The Medibank Group detected unusual activity on its network.In response to this event,  as per Medibank they took immediate steps to contain the incident, and engaged specialised cyber security firms.At this stage there is no evidence that any sensitive data, including customer data, has been accessed.As part of response to this incident, #Medibank will be isolating and removing access to some customer-facing systems to reduce the likelihood of damage to systems or data loss.As Medibank continue to investigate this incident, their priorities are to ensure the ongoing security of customers, our employees, and stakeholder information, and...

Read More

Zero-day Vulnerabilities in Microsoft Exchange Server.

Microsoft has released Customer Guidance for Reported #zeroday #Vulnerabilities in #Microsoft #Exchange Server. According to the blog post, “Microsoft is aware of limited targeted attacks using the two vulnerabilities to get into users’ systems.” The two vulnerabilities are CVE-2022-41040 and CVE-2022-41082, affecting on-premises Microsoft #Exchange Server 2013, 2016, and 2019. Note: Microsoft Exchange Online is not affected.  An attacker could exploit these vulnerabilities to take control of an affected system. The current Exchange Server #mitigation is to add a blocking rule in “IIS Manager -> Default Web Site -> URL...

Read More

Optus data breach: what to do if you think you're at risk

On 22 September 2022, Optus published an article on its website, advising customers of a Cyberattack which may have resulted in unauthorised access to current and former customers’ information.Optus has advised the information potentially exposed may include customers’ names, dates of  birth, phone numbers, email addresses, and, for a subset of customers, addresses, and ID document numbers such as driver license or passport numbers. Payment detail and account  passwords have not been compromised. Optus has advised that customers that had the most fields exposed would be contacted first over  the next few days. It is likely that if you are not contacted by Optus in the next few days, that you  are not in this cohort of individuals.Please note that notification...

Read More

Optus Telecom company got hacked

 Now our own #Optus  got hacked. #optus is investigating the possible unauthorised access of current and former customers’ information. Upon discovering this, Optus immediately shut down the attack. Optus is working with the Australian Cyber Security Centre to mitigate any risks to customers. Optus has also notified the Australian Federal Police, the Office of the Australian Information Commissioner and key regulators. Up to 3 million users have had all their data stolen, including passport numbers and birth dates. Information which may have been exposed includes customers’ names, dates of birth, phone numbers, email addresses, and,...

Read More

Uber Got Hacked badly.

#Uber got hacked. The hack was successful because of  #socialengineering so be carefull when you receive #email or message check it out before clicking any link or giving away your login info etc. Secondly change your Uber password, these are the two key takeway. Now to the technical stuff,  The hacker claim they Social Engineered an employee then found admin credentials in a powershell script on a network share. As the hacker says "One of the powershell scripts contained the username and password for a admin user in Thycotic (PAM) Using this i was able to extract secrets for all services, DA, DUO, Onelogin, AWS, GSuite" Attacker basically...

Read More

Evil PLC Attack: Using a Controller as Predator Rather than Prey

Team82 has developed a novel attack that weaponizes programmable logic controllers (PLCs) in order to exploit engineering workstations and further invade #OT and enterprise networks. They’re calling this the Evil #PLC Attack.  The attack targets engineers working every day on industrial networks, configuring and troubleshooting #PLCs to ensure the safety and reliability of processes across critical industries such as utilities, electricity, water and wastewater, heavy industry, manufacturing, and automotive, among others. The Evil #plc  Attack research resulted in working proof-of-concept exploits against seven market-leading automation...

Read More

Google Hacking :-

Basic Operators:- 1) And (+) :- This operator is used to include multiple terms in a query which is to be searched in google. example:- if we type "hacker+yahoo+science" in google search box and click search, it will reveal the results something which are related to all the three words simultaneously i.e. hacker, yahoo and science. 2 ) OR (|) :- The OR operator, represented by symbol( | ) or simply the word OR in uppercase letters, instructs google to locate either one term or another term in a query. 3) NOT :- It is opposite of AND operator, a NOT operator excludes a word from search. example:- If we want to search websites containing the...

Read More

DNS Logs Anomaly Hunting Checklist for Security and SOC Analyst

  DNS Logs Anomaly Hunting Checklist for SOC Analyst    • Check for the hosts with a high volume of uncommon record types (TXT, NULL, CNAME, etc.)  • Command and control channels may utilize specific DNS records such as ( TXT and CNAME requests ) to execute malware.  • Explore Top Level Domains, TLDs (.xyz, .me, .biz, etc ), and TLDs for geographical regions in which your organization does not regularly operate.  • The proliferation of TLDs has made it easier for attackers to continually add new domains to their infrastructure to evade threat intel lists, as well as register doppelganger domains...

Read More

Kerberoasting Attack and Detection

Kerberoasting is a common attack used by malicious actors once access is gained to a organization's internal network and a domain account is compromised. Kerberoasting allows an attacker to elevate their privileges by gaining access to passwords for service accounts on the domain.    Key Points • Using Kerberoasting  attacker extracts service account credential hashes from Active Directory for offline cracking by exploiting a combination of weak encryption and poor service account password.  Kerberoasting is effective because an attacker does not require domain administrator credentials to pull off this attack...

Read More

Hacking , ATT&CK phase , kill chain and incident response phases

There are some common steps used by industry and most commons in Cyber field are listed below. HACKING Methodology (Steps) Footprinting (whois,nslookup) » Scanning (Nmap,fping) » Enumeration (dumpACL, showmount, Iegion, rpcinfo » Gaining Access(Tcpdump) »Escalating Privilege(John the ripper, getadmin) »Pilfering (Rhosts. userdata, configtile. registry) » Covering Tracks (zap, rootkits) »Creating Backdoors (corn, at, startup folder, keylogger, rdp) »Denial Of Service (synk4, ping Of death).  MITRE ATT&CK:Reconnaissance» Resource Development » Initial Access» Execution » Persistence » Privilege Escalation » Defense Evasion» Credential Access » Discovery » Lateral Movement » Collection »Command and Control...

Read More

Web shells Detectting and Hardening servers against webshell

web shells and its Challenges in detecting Web shells can be built using any of several languages that are popular with web applications. Within each language, there are several means of executing arbitrary commands and there are multiple means for arbitrary attacker input. Attackers can also hide instructions in the user agent string or any of the parameters that get passed during a web server/client exchange. When analyzing script, it is important to leverage contextual clues. For example, a scheduled task called “Update Google” that downloads and runs code from a suspicious website should be inspected more closely. With web...

Read More