SEARCH KEYWORD -- SERVICE DISCOVERY


  IT System Cyber Attack Case Study 01: Malicious Macro and Backdoor Trojan Attack on IT-Network

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop showcasing a practical demonstration of a red team attacker implementing an IT system/network attack via a Malicious Macro MS-Office-Word file (CVE-2015-1641) and phishing email generation program to penetrate multiple layers of firewall defenses and implant a backdoor trojan into the railway system's OT network. Related Links: GitHub Project Link , LinkedIn Post Link Attacker Vector: Malicious Macro ...

       2024-08-03 08:21:49

  Nokia is still alive and lives a good life indeed

1 Do you believe that Nokia, which you thought had gone bankrupt, not only survived but is still one of the world's most profitable technology companies, making trillions of dollars in profit every year? In 2022, Nokia's annual revenue reached 24.9 billion euros. Its net profit of 4.25 billion euros also hit a new high in nearly a decade. Moreover, as early as 2017, it quietly returned to the Fortune Global 500. In the telecommunications field, it is the world's third-largest telecommunications...

   5G,APPLE,NOKIA     2023-03-11 22:49:36

  Python Deserialization Attack Introduction: How to Build a Python Pickle Bomb

This article introduces an old and classic unsecured Python data serialization feature (the pickle library) and demonstrates how a red team attacker can exploit it to create a malicious binary or text data file that executes remote code or commands upon deserialization. The following attack flow diagram illustrates this process: We will follow 3 steps with the program code to show how Deserialization Attacks Work:   [ Step1 ] Crafting Malicious Data: An attacker crafts a malicious payloa...

       2024-07-07 03:08:22

  Popular Golang JSON libraries evaluation

JSON (Javascript Object Notation), a prevailing data exchange format, is widely used in various platforms and languages. Golang, of course, will never miss the support for JSON. And with its own standard library, such as those interfaces like the REST API from the API Service in Kubernetes, it can easily process JSON. Although Go’s library works great, we can still seek those open-source JSON libs in Github to maximize our efficiency. Then the features, performance, applicability of these ...

   FASTJSON,JSON LIB,JSON LIB COMPARISON,GO-JSON     2021-12-11 23:13:23

  SIEM Big Data Visualization [03]:Graph-Based SIEM Log Analysis Dashboard

Program Design Purpose: The purpose of this program is to develop a Graph-Based SIEM (System Information and Event Management) dashboard that visualizes network communication patterns by processing and analyzing logs from IDS, firewalls, host computers, and other security devices. This dashboard will help security analysts quickly identify and investigate potential threats by using a Cytoscape-style Node-Edge graph for intuitive data representation. The program is an angular plug in which can i...

       2024-10-26 04:31:11

  IoT System Cyber Attack Case Study 02: Python Deserialization Attack and Library Hijacking Attack

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop that demonstrates how a red team attacker can permanently compromise a people detection radar IoT device. The attack path is achieved through a series of attacks, including traffic eavesdropping, data deserialization attacks, web shell attacks, remote command/code execution, and Python library hijacking attacks. This case study is intended for IoT and data security professional training, aiming to ill...

       2024-07-14 01:40:09

  Power Grid Simulation System 02 : FDI Power Outage Attack Case Study

We are excited to share that the Power Grid Simulation System we developed was used as part of one red team's targeted critical infrastructure system the international cyber exercise Crossed Swords 2024 which conducted in December 2024. In this article, we will introduce one power outage attack case study which use the Power Grid Simulation System as the demo platform for OT cyber security workshop. Project Design Purpose: This case study demonstrates using the Power Grid Simulation System as a...

       2025-01-11 07:35:45

  Top 25 Must Have Wordpress Plugins for 2016

There are nearby 30 thousand WordPress plug-ins available in the market. But you must know the plug-ins, that are worthy for you according to your business & requirements. Here is the list of top 25 WordPress plug-ins according to me & my team that may helpful for you.   1. WordPress SEO by Yoast - Best SEO plugin:   Yoast SEO, previously known as a WordPress SEO by Yoast, specially used to boost search engine traffic on your WordPress website. Just install this plug-in and be...

   WORDPRESS PLUGIN DEVELOPMENT,MUST HAVE WORDPRESS PLUGINS,BEST WORDPRESS PLUGINS FOR WEBSITE,WORDPRES     2016-03-10 05:04:26

  How to check a port is taken by which program on Linux

Lots of you may have encountered some error message stating that the port has been taken by another program while trying to start a program on Linux. And you would want to know which program takes the port you want to use. This post will provide some feasible ways to check out which program is taking a specific port. lsof -i:[port] lsof is the command to list open files on Linux. And if you know more about Linux you should get to know everything on Linux is a file even including networ...

   LINUX,PORT,NETSTAT,LSOF     2018-08-12 04:27:57

  Baidu is in a deadly crisis

In past few days, there was some news about Baidu(China's Google) which put this search engine giant in China in a devastating position. The news is about that the owners of a Tieba(Similar to Google Group) were replaced by a sponsored organization without notifying the original owners. This irritated the original owners of the Tieba and also the public. People are complaining that Baidu is doing something ridiculous and evil. The name of the Tieba group which was sold by Ba...

   BAIDU,NEWS,CHINA     2016-01-13 07:56:17

RECENT