This is actually an old case that went viral last year. While browsing Facebook, I frequently encountered sponsored job advertisements claiming to be from well-known companies — especially in mining, factory, and other blue-collar sectors — such as PT Epson, PT Unilever, PT Indofood, and other major corporations.
These ads direct applicants to register online by filling out personal information such as:
Full name Address Phone number National ID number And other personal details Unfortunately, …
Introduction Phishing is an attack carried out by influencing someone to provide personal or confidential information. This attack is usually conducted by sending fake emails that resemble official emails from certain companies or organizations. In a phishing attack, the attacker attempts to obtain sensitive information such as username, password, and even credit card information.
As an organization that is aware of information security, it is important for us to conduct phishing simulations …
Email is one of the most widely used communication methods, but it is also vulnerable to attacks such as spoofing, phishing, and spam. Therefore, implementing SPF, DKIM, and DMARC is very important to improve the security of the email we own. The following is a configuration guide for SPF, DKIM, and DMARC to improve email security.
Sender Policy Framework (SPF) What is SPF? Sender Policy Framework or SPF is an email authentication mechanism that allows a domain to determine which servers are …
What is mshta.exe? mshta.exe is a Windows file system utility used to run Microsoft HTML Application (.HTA) files. This program allows the execution of VBScript or JScript-based scripts, making it a useful tool for administrators but also a tool that is often abused by threat actors.
Why is mshta.exe often used by Threat Actors? Threat Actors frequently abuse mshta.exe to execute malicious code in order to avoid detection by antivirus or other security solutions (EDR). Some reasons why mshta.exe …
As we know, DNS is a service responsible for converting hostnames into IP addresses. It sounds simple, but some people do not realize that this DNS service can also cause security vulnerabilities. The following are several events I have experienced related to DNS and its security. Keep in mind this does not cover all vulnerabilities that exist in DNS, such as DNS Spoofing, DNS Amplification, DNS Hijacking, DNS Rebinding Attack, and other attacks, only several events that I have personally …
The Beginning This December I received a notification from a Facebook group that I follow. In the post (now deleted), there was a screenshot like the image above, complete with the caption: “Is this dangerous or not? Why does the captcha look strange?”
In the comments, the Thread Starter added another screenshot containing text that had to be pasted into the run.exe program as shown below
It is very clear that this is malware. mshta is a built-in Windows file whose function is to …
Phishing is an attack carried out by obtaining someone’s personal information through deception. This attack is usually performed by sending fake emails containing links to fraudulent websites that resemble legitimate ones. The goal of this attack is to steal personal information such as usernames, passwords, and credit card details.
How Phishing Works Illustration of a Phishing Attack Phishing attacks usually begin with the distribution of fake emails or social media ads such as those on …
After being busy enough that I didn’t have time to create challenges and write down how to complete these challenges on this blog, this time we will discuss a little about fail2ban and how to configure it.
Generally fail2ban is used to ban IPs that fail to authenticate up to the maximum limit stated in the configuration and this IPS is very effective in preventing attacks that will occur on the server, such as bruteforce attacks on SSH ports (22), FTP (21), SMTP (25), etc., even other …
First of all, Happy Eid al Fitr 1440 H, please forgive any mistakes. Nothing in this world is perfect, including this writing.
Since the launch of the BSSN program titled V2DP or Voluntary Vulnerability Disclosure Program, many people have asked in discussion forums and social media groups about how to properly write a bug report after discovering a vulnerability. Here are a few tips from me on how to write a good report.
In the Surabaya Hacker Link Telegram group, I and @ytyao often create challenges such as web hacking, reversing, and others. However, in a previous challenge there was a small incident, the website was hacked. Well, the website was intentionally built to be hacked, but this hacker performed a mass wipe by deleting all files and folders. From that incident I learned something new, post incident handling, or commonly called Incident Response.
