Tutorials – Cyber Security

28May By JuriNo Comments

Applications, Tutorials

Malicious Disk Image Files

Cyber criminals have been taking advantage of built-in Windows capabilities to mount disk image files once they are opened by the end user. There are multiple disk image file formats, but we have seen ISO and IMG files being abused the most. A disk image is essentially a virtual copy of a physical disk that houses all of the files and requires that it be mounted in order to access its contents. The advantages of using disk images, combined with the easy access to purchasing RATs, make this a preferred and effective method for cyber criminals. In this blog, I dissect a campaign that uses this method to compromise a system, providing insight into what the CrowdStrike FalconComplete team has observed since 2019. I will also provide step-by-step remediation along with recommendations for ho...

IP Tables

Name iptables - administration tool for IPv4 packet filtering and NAT Synopsis iptables [-t table] -[AD] chain rule-specification [options] iptables [-t table] -I chain [rulenum] rule-specification [options] iptables [-t table] -R chain rulenum rule-specification [options] iptables [-t table] -D chain rulenum [options] iptables [-t table] -[LFZ] [chain] [options] iptables [-t table] -N chain iptables [-t table] -X [chain] iptables [-t table] -P chain target [options] iptables [-t table] -E old-chain-name new-chain-name Description Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. Several different tables may be defined. Each table contains a number of built-in chains and may also contain user-defined chains. Each cha...

Apache Web Server Hardening and Security Guide

A practical guide to secure and harden Apache HTTP Server. The Web Server is a crucial part of web-based applications. Apache Web Server is often placed at the edge of the network hence it becomes one of the most vulnerable services to attack. Having default configuration supply much sensitive information which may help hacker to prepare for an attack the applications. The majority of web application attacks are through XSS, Info Leakage, Session Management and SQL Injection attacks which are due to weak programming code and failure to sanitize web application infrastructure. Interesting research by Positive Technologies reveals, 52% of the scanned application had high vulnerabilities. In this article, I will talk about some of the best practices to secure Apache HT...