Posts

These arent the rclones youve been looking for...

Image
I recently came across an interesting technique used by many different ransomware groups that is used for data exfiltration. In this current age of ransomware, it is becoming more common to see double and sometimes triple extortion, where they are exfiltrating the data out before encrypting so as to have some leverage should the company not decide to pay up. One such tool being used is called Rclone https://rclone.org/ What is interesting about this tool, it's a self contained executable and doesnt have to be installed on Windows. You simply download the zip file, unzip it and you can start using it. Its strength lies in being able to communicate and upload to a large number of cloud storages via command line. A list of all the ones they currently support is found here: https://rclone.org/docs/ One of the ones I tested recently was its connection to Mega.io. If a company isnt blocking outbound to these cloud storages, they run the risk of easy data exfil via this tool. To set it

Retro (Pop Pop Pop Another Server Drop)

Welcome to another entry into our Pop Pop Pop Another Server Drop series. Today we will be popping Try Hack Me's Retro challenge. This will go over basic scanning and enumeration, RDP, and post exploitation. Enjoy

Put A Sock In It (Intel Bytes)

Image
Welcome to another video in our Intel Bytes series, where I go over cyber threat intel, osint and privacy topics. Todays lesson is in the creation of covert accounts, otherwise known as Sock Puppets.

Shodan (Intel Bytes)

Image
Welcome to another video in our Intel Bytes series, where I go over cyber threat intel, OSINT and privacy topics. Todays video is about Shodan, the awesome security researchers favorite search tool. We go over different operators that can be used to fine tune your search as well as some of the top voted search items. Enjoy, and if you dig the videos, please consider subscribing to my YouTube channel.

Don't Be A Dork (Intel Bytes)

Image
Welcome to another video in our IntelBytes series, where I go over various cyber threat intel, osint and privacy topics. In todays video we go over a technique called Google Dorking. This is where we use Google's almighty indexing power to gather intel that some admins may not realize is viewable in public. Enjoy!

Kaseya and REvil (Intel Bytes)

Image
Welcome to another episode of Intel Bytes, where I talk about cyber threat intel, osint, privacy and the like. Todays topic will cover the latest MSP ransomware against Kaseya VSA's. I go over some basics of the attack and ransomware in general and talk about some prevention methods. Enjoy

Tor the Dark Web (Intel Bytes)

Image
Welcome to another video in the Intel Bytes series, where I talk about current cyber threat intel, OSINT and privacy nuggets of goodness. Todays episode is on the use of Tor and using it to traverse the "Dark Web". Enjoy!