XML files can incorporate inline references to other documents. Unsafe treatment of external references allows an attacker to probe your file system for sensitive information – an XML External Entity (XXE) attack.
Tag: security
EDRKillShifter
“EDRKillShifter” is a type of malware specifically designed to disable Endpoint Detection and Response (EDR) security software on a system, allowing attackers to carry out malicious activities like deploying ransomware without detection; it is considered a sophisticated tool often used by cybercriminals to evade security measures. Key points about EDRKillShifter: Function: Its primary purpose is Read More …
How to change user agent in nmap
NMAP How to change user agent You can find the default value in /usr/share/nmap/nselib/http.lua (At the beginning of the file, a couple of lines after the comments) local USER_AGENT = stdnse.get_script_args(‘http.useragent’) or “Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)” You can change the value with this line local USER_AGENT = stdnse.get_script_args(‘http.useragent’) or “Mozilla/5.0 (compatible; MSIE 9.0; Read More …
What is DTLS and where do I use it?
It’s best suited for small- to medium-sized businesses with deployments that range from tens to a few hundred computers. A provisioning package (. ppkg) is a container for a collection of configuration settings. Use the Windows Configuration Designer tool to create provisioning packages to easily configure devices running Windows client. Windows Configuration Designer is primarily Read More …
SMS Phishing or Spam
I just received an awesome SMS phishing message scam, and I wanted to share with others, to show how to spot the scam. To the right is a photo of it: First, I do read the whole message, and in the second reading that we can really pick it apart. So the message claims to Read More …
Infrastructure Attacks Are Growing
A couple of news articles caught my eye this past week that are quite interesting IMO. Ukraine’s largest mobile operator Kyivstar downed by ‘powerful’ cyberattack & Attacks on Critical Infrastructure Attributed to Insidious Taurus You have to love the names that the security companies come up with for the other nation state actors. I am Read More …
What is SEO Poisoning?
SEO Poisoning (or Search Engine Optimization Poisoning) is a type of social engineering attack that targets an unsuspecting user, or maybe someone who is in a hurry and not paying close attention. These are typically used by bad guys to fool unsuspecting users into clicking their links and going to the wrong website, or worse Read More …
Find an APT
MITRE Groups Thai CERT – Electronic Transactions Development Agency