At that time, the login credentials were stolen from the computer of an employee of IT service provider Spectos, which offers software to monitor and improve service quality. It is linked to Samsung’s German ticket system at samsung-shop.spectos.com. Apparently, the compromised credentials had not been updated for years.
Category: CyberPatriot
Misconfig Mapper: Open-source tool to uncover security misconfigurations – Help Net Security
Misconfig Mapper is an open-source CLI tool built in Golang that discovers and enumerates instances of services used within your organization. It performs large-scale detection and misconfiguration assessments, leveraging customizable templates with detection and misconfiguration fingerprints to identify potential security risks in widely used third-party software and services.
I Started Playing CTFs and They Are My New Hobby
At its core, a CTF is both a learning tool and a game, making it a fun and interactive way to dive into cybersecurity, whether you’re a beginner or a seasoned professional. CTFs usually come in three categories: Jeopardy-style, Attack-defense, and Mixed or King of the Hill.
JPCERT shares Windows Event Log tips to detect ransomware attacks
The investigation strategy proposed by JPCERT/CC covers four types of Windows Event Logs: Application, Security, System, and Setup logs.
Top 10 Open-Source Intelligence Tools (OSINT)
OSINT tools help access, collate, and organize relevant data based on queries within the various tools. Organizations wanting to develop an OSINT practice should consider what approach they should take when leveraging these tools.