Blog

Ghostcat Vulnerability CVE-2020-1938 explained and exploited with Try-Hack-Me Tomghost machine

Today, I am back with an interesting blog on vulnerability named Ghostcat. The Apache Ghostcat vulnerability is an LFI (Local File Inclusion) vulnerability which is discovered by a security researcher of Chaitin Tech and came out in February 2020, while the world was gearing up for a lockdown fight up against the coronavirus. It allows

Read More

Potato:1 Vulnhub Walkthrough

   Hello, Infosec Community !! Today let’s crack the Potato:1 Machine from Vulnhub. You can download the machine from here; ( https://www.vulnhub.com/entry/potato-1,529/ ) Description Difficulty: Easy to Medium Goal: Get the root shell i.e.(root@localhost:~#) and then obtain flag under /root). We are going to follow the PTES Standards for cracking the machine. So, let’s start

Read More

Bizarro banking Trojan: Hitting 70 banks across Europe and South America

A Brazil-originated new banking trojan – Bizarro, attacked customers of 70 banks of Brazil and Europe. Kaspersky researchers[1] discovered that Bizarro is stealing online banking credentials as well as hijacking Bitcoin wallets from android mobile users. The attackers are using money mules for withdrawing funds or to transfer money, Kaspersky reports. In addition to phishing,

Read More

President Biden’s Executive order on U.S. cybersecurity.

The cyber-attack that happened on Colonial Pipeline impacted computerized equipment managing the pipeline network and stopped its operations to contain the attack. This shutdown in the pipeline of supplies rigidified the US with the rise in price and state emergencies. On the sixth day of the Colonial Pipeline shutdown, Biden signs an executive order for

Read More