Troy Hunt

DECEMBER 3, 2023

The very next day I published a blog post about how I made it so fast to search through 154M records and thus began a now 185-post epic where I began detailing the minutiae of how I built this thing, the decisions I made about how to run it and commentary on all sorts of different breaches. And then ensured could never happen again.

Data breaches 363

Data breaches Passwords Internet Internet 363

Pentester Academy

FEBRUARY 23, 2023

For instance, government agencies or medical facilities often need immediate access to their files. cp -rf /root/Desktop/tools/html-templates/* /var/www/html/ls /var/www/html/ Modify the index.html file and paste the below code under the HTML <body> tag. <script> Originally published at [link].

Ransomware 52

Ransomware Encryption Cryptocurrency Banking 52

Duo's Security Blog

JANUARY 28, 2022

Where the Federal government goes, other parts of the private sector follow. So it was good to see that in response to last May’s Executive Order 14028 , the Office of Management and Budget (OMB) released a memo Wednesday outlining a new strategy for moving the federal government toward a zero trust cybersecurity posture.

Authentication 52

Authentication Government DNS Encryption 52

NopSec

JANUARY 31, 2024

It turns out this vulnerability seemed to impact government agencies the hardest. Someone should maybe inform our government to ditch ColdFusion? However, what if an attacker could inject server side tags into a file on the victim host, such as a log file, and tell the system to read/compile the log file?

VPN 59

VPN Government Risk Hacking 59

SecureList

DECEMBER 23, 2020

They attacked a pharmaceutical company at the end of September, and during our investigation we discovered that they had also attacked a government ministry related to the COVID-19 response. In this blog, we describe two separate incidents. In this blog, we describe two separate incidents.

Malware 76

Malware Cryptocurrency Encryption Passwords 76

Krebs on Security

JUNE 3, 2019

For almost the past month, key computer systems serving the government of Baltimore, Md. National Security Agency (NSA) and leaked online in 2017. The account also began tagging dozens of reporters and news organizations on Twitter. have been held hostage by a ransomware strain known as “ Robbinhood.”

Ransomware 189

Ransomware Accountability Malware Government 189

CyberSecurity Insiders

JUNE 24, 2021

As part of our series on Digital Identity , this blog will look back on the personal identification techniques of previous eras to show how methods of identification have developed over the course of human history. These databases were primarily used by law enforcement agencies to search unidentified palm prints against known offenders.

Computers and Electronics 115

Computers and Electronics Passwords Technology Government 115

Security Affairs

MAY 2, 2019

The group conducts operations primarily in the Middle East, targeting financial, government, energy, chemical, telecommunications and other industries. Repeated targeting of Middle Eastern financial, energy and government organisations leads FireEye to assess that those sectors are a primary concern of APT34. Source: MISP Project ).

DNS 89

DNS Computers and Electronics Penetration Testing Government 89

SecureList

APRIL 27, 2021

This resulted in the deployment of a custom backdoor, named Sunburst, on the networks of more than 18,000 SolarWinds customers, including many large corporations and government bodies, in North America, Europe, the Middle East and Asia. In November and December 2020, two public blog posts were published about this campaign.

Malware 138

Malware Spyware Government Social Engineering 138

Kali Linux

MARCH 28, 2023

It was a government contract, and he was not allowed to bring in his own laptop nor allowed to install any software on their machines. We were starting to get requests for governments, as they wanted to use our OS internally. As these are for a limited time, as well as being handmade item, do expect the price tag to match it.

InfoSec 52

InfoSec Penetration Testing Architecture Software 52

Troy Hunt

JUNE 10, 2019

Search for your account across multiple breaches [link] — Have I Been Pwned (@haveibeenpwned) December 4, 2013 I’ll save the history lesson for the years between then and today because there are presently 106 blog posts with the HIBP tag you can go and read if you’re interested, let me just talk briefly about where the service is at today.

Data breaches 279

Data breaches Passwords InfoSec Accountability 279

SecureList

NOVEMBER 14, 2022

Last June, Google’s TAG team released a blog post documenting attacks on Italian and Kazakh users that they attribute to RCS Lab, an Italian offensive software vendor. Its atomic energy agency , live television and steel industry have been targeted, among others.

Firmware 106

Firmware Surveillance Mobile Telecommunications 106