Category: Interesting Stuff

How to Execute the Bybit .5B ETH Heist – An Attack Path for Offensive Security Operations in AWS
On February 21st, a significant cryptocurrency theft occurred involving Bybit, where hackers from the Lazarus Group infiltrated a supplier’s system to redirect 401,000 Ethereum coins worth approximately .5 billion. The attack exemplifies a supply chain vulnerability that permitted hackers to exploit AWS services while leaving the Bybit system itself secure.…
Read More
Mastering iOS Pentesting with otool
This article explores how otool can be utilized for security analysis of iOS applications. It provides a comprehensive checklist for conducting security checks on iOS binaries to identify vulnerabilities and potential exploits, including inspections of libraries, protections, and system calls. Affected: iOS applications

Keypoints :

otool is a command-line utility for macOS/iOS, helpful in reverse engineering.…
Read More
Decrypting Zoom Team Chat: Forensic Analysis of Encrypted Chat Databases
This article delves into the complexities of analyzing Zoom Team Chat artifacts within a digital forensic framework, highlighting the challenges posed by data encryption and the necessity for both local and server-side keys. The forensic analysis focuses on user activity tracking through various applications, culminating in the extraction of crucial communication data from Zoom Team Chat.…
Read More
90-Day Cybersecurity Study Plan

📚Day 1-7: Network+Watch videos from Professor Messer’s N10-008 Playlist: https://youtube.com/playlist?list=PLG49S3nxzAnlCJiCrOYuRYb6cne864a7G

📚Day 8-14: Security+Watch videos from Professor Messer’s SYO-601 Playlist: https://youtube.com/playlist?list=PLG49S3nxzAnkL2ulFS3132mOVKuzzBxA8Complete any related practice questions or exercises

📚Day 15-28: LinuxFollow the tutorials on Ryan’s Tutorials: https://ryanstutorials.net/linuxtutorial/Take the Linux course on EdX: https://edx.org/learn/linuxRead through the Linux Documentation Project (LDP): http://tldp.org…

Read More

🔻 CORE

Cisco Network Essentials – https://www.netacad.com/courses/networking/networking-essentialsPalo Alto – https://www.paloaltonetworks.com/cyberpedia/free-cybersecurity-education-coursesAWS Cloud – https://explore.skillbuilder.aws/learn/signinAzure Cloud – https://learn.microsoft.com/en-us/training/azure/GCP Cloud – https://cloud.google.com/training

🔻 Fundamentals

SANS Aces – https://www.sans.org/cyberaces/ISC(2) Certified in Cyber – https://www.isc2.org/Certifications/CCCoursera – https://www.coursera.org/learn/foundations-cybersecurityEC-Council – https://www.eccouncil.org/cybersecurity-exchange/cyber-novice/free-cybersecurity-courses-beginners/Cyber Security – https://www.classcentral.com/course/swayam-cyber-security-13978Cisco Cyber Induction – https://www.netacad.com/courses/cybersecurity/introduction-cybersecurity…
Read More
How to Choose the Correct Severity or CVSS Score for a Bug: A Practical Guide
A thorough understanding of CVSS (Common Vulnerability Scoring System) is crucial for bug bounty hunters when determining the severity of vulnerabilities they encounter. By accurately scoring vulnerabilities, hunters can effectively communicate the urgency of issues to development teams. The severity levels inform teams on how to prioritize remediation efforts.…
Read More
Patching is Not Enough: Why You Must Search for Hidden Intrusions
Organizations often fail to investigate after patching zero-day vulnerabilities, leading to undetected compromises. A proactive approach involving compromise assessments is critical to uncover potential breaches. Affected: VMware ESXi, cybersecurity sector

Keypoints :

Patching alone does not confirm if systems have been breached. Recent zero-day vulnerabilities in VMware ESXi (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226) have been exploited.…
Read More
Zero-Day Exploits: How They Work and Why They Are So Dangerous
This article explores zero-day vulnerabilities, which are unknown software flaws that can be exploited by cybercriminals before any patch is available, leading to significant security risks. The piece highlights recent cases of zero-day attacks such as WannaCry and recent patches from Apple, emphasizing the need for robust defenses and responsible disclosure practices to protect against such threats.…
Read More
Mind Games: How Social Engineering Tactics Have Evolved
Social engineering exploits human behavior in cybersecurity, evolving from classic scams like the “Nigerian Prince” to sophisticated AI-driven techniques. This article discusses various social engineering tactics, their evolution, notable attacks, and preventive measures organizations can implement to mitigate risks. Affected: organizations, financial institutions, cybersecurity sector

Keypoints :

Social engineering blends cybersecurity and psychology to exploit human behavior.…
Read More
Threat Intelligence: A Deep Dive into Cyber Kill Chains, Diamond Models, and the Zero-Day Crisis
The recent VMware zero-day vulnerability (CVE-2023–20867) has made numerous organizations—including cloud providers and financial institutions—vulnerable to serious attacks such as data theft and ransomware. This incident highlights the importance of cybersecurity frameworks like the Cyber Kill Chain and Diamond Model for developing effective defenses against increasingly sophisticated threats.…
Read More
Exploring Meterpreter: My Hack The Box Challenge Experience
This article details a step-by-step approach to utilizing Meterpreter in a Hack The Box challenge, demonstrating how to scan a target, exploit a vulnerability in the FortiLogger service, and perform post-exploitation actions to extract sensitive data. Affected: FortiLogger, Microsoft Windows

Keypoints :

Meterpreter is a powerful post-exploitation tool for interacting with compromised systems.…
Read More
Redelegate – VulnLab | ForceChangePassword, GenericAll, and Constrained Delegation
In this article, the author, known as Maverick, provides a detailed walkthrough of exploiting an Active Directory machine, showcasing various techniques such as DACL abuse and constrained delegation. Maverick employs tools like Nmap to identify vulnerabilities and FTP to download sensitive files, ultimately leading to privilege escalation through clever password management and attack vectors.…
Read More
How I Hacked a Fake DMart Website and Took It Down!
This article describes the discovery and takedown of a fraudulent DMart giveaway website disguised as a legitimate promotional offer. The site was designed to collect personal user information under false pretenses. The author, a cybersecurity researcher, explores the security vulnerabilities, executes a Server-Side Template Injection (SSTI) exploit for remote code execution, and ultimately removes the scam.…
Read More
Large Ransomware Models: Hijacking LRMs With Chain-of-Thought Reasoning
This article explores the methods of exploiting large reasoning models (LRMs) to produce malicious code, specifically focusing on ransomware development. Utilizing the research from Duke’s Center for Computational Evolutionary Intelligence, the author reflects on the challenges of bypassing the ethical safeguards of LRMs while aiming to further understand and counteract ransomware threats.…
Read More
Extracting Forensic Evidence from Smartwatch Data: A CID Hackathon Experience
Smartwatches are emerging as crucial forensic tools in crime investigations, capable of providing valuable data on GPS movements, communications, and transactions. The recent CID Hackathon highlighted the process of extracting and analyzing this data to support law enforcement in solving crimes. Affected: law enforcement, forensic investigations

Keypoints :

Smartwatches can provide a wealth of forensic data beyond health metrics.…
Read More
Exploiting Android Zygote Injection CVE-2024-31317
This article discusses the Android Zygote Injection vulnerability (CVE-2024–31317) that allows attackers to perform system-wide code execution and privilege escalation on devices running Android 11 or older. The Zygote process, which forks applications, becomes a target due to a flaw in how commands are processed, allowing malicious inputs to result in unauthorized system privileges.…
Read More