This is going to be my first blog entry that has nothing to do with any TryHackMe, HackTheBox, CyberDefenders, or Security Blue Team write-ups or walkthroughs. Since my interest in cyber security began, I have always been enamored with the Red Team side of it. But, as I became sucked deeper into the Red Team …
Category Archives: Real-life cybersecurity stuff
Well-Crafted Spear-Phishing Caught by our SEG
One or more employees of a Healthcare System had their email account(s) taken over by malicious user(s). An email was sent to some of our employees, luckily our SEG positively identified the email as a spear-phishing attempt. The malicious emails were automatically quarantined, but I went ahead and looked it up anyway as I was …
Continue reading “Well-Crafted Spear-Phishing Caught by our SEG”
Informational: Phishing Attempt Uncovered on 8/18/2020
Below is the phishing email’s message body: 2. The “CLICK HERE” is the phishing link that takes you to a spoofed Microsoft Office login page: The real destination URL of the “CLICK HERE” link The spoofed Microsoft Office login page 3. Sender information: 4. The originating location of the email is Los Angeles, CA: Update …
Continue reading “Informational: Phishing Attempt Uncovered on 8/18/2020”
Real World “Credential-Stealing” Phishing Email SEG-Missed
We have heard it many times that Email Phishing and Social Engineering are the hardest threat vectors to remediate. Or should I say, there is no perfect solution against them since they target end users and their security awareness. Not even the cybersecurity training firm giant, SANS, is exempted to falling victim to a phishing …
Continue reading “Real World “Credential-Stealing” Phishing Email SEG-Missed”
N00b_H@ck3r 