Email is one of the most widely used communication methods, but it is also vulnerable to attacks such as spoofing, phishing, and spam. Therefore, implementing SPF, DKIM, and DMARC is very important to improve the security of the email we own. The following is a configuration guide for SPF, DKIM, and DMARC to improve email security.
Sender Policy Framework (SPF) What is SPF? Sender Policy Framework or SPF is an email authentication mechanism that allows a domain to determine which servers are …
What is mshta.exe? mshta.exe is a Windows file system utility used to run Microsoft HTML Application (.HTA) files. This program allows the execution of VBScript or JScript-based scripts, making it a useful tool for administrators but also a tool that is often abused by threat actors.
Why is mshta.exe often used by Threat Actors? Threat Actors frequently abuse mshta.exe to execute malicious code in order to avoid detection by antivirus or other security solutions (EDR). Some reasons why mshta.exe …
As we know, DNS is a service responsible for converting hostnames into IP addresses. It sounds simple, but some people do not realize that this DNS service can also cause security vulnerabilities. The following are several events I have experienced related to DNS and its security. Keep in mind this does not cover all vulnerabilities that exist in DNS, such as DNS Spoofing, DNS Amplification, DNS Hijacking, DNS Rebinding Attack, and other attacks, only several events that I have personally …
The Beginning This December I received a notification from a Facebook group that I follow. In the post (now deleted), there was a screenshot like the image above, complete with the caption: “Is this dangerous or not? Why does the captcha look strange?”
In the comments, the Thread Starter added another screenshot containing text that had to be pasted into the run.exe program as shown below
It is very clear that this is malware. mshta is a built-in Windows file whose function is to …
Phishing is an attack carried out by obtaining someone’s personal information through deception. This attack is usually performed by sending fake emails containing links to fraudulent websites that resemble legitimate ones. The goal of this attack is to steal personal information such as usernames, passwords, and credit card details.
How Phishing Works Illustration of a Phishing Attack Phishing attacks usually begin with the distribution of fake emails or social media ads such as those on …
Information
Challenges Information This is a write-up of the Surabaya Hacker Link challenge for the Underground machine. This machine was built using one of the vulnerable web applications that SHL commonly uses during demo sessions, with several vulnerabilities patched to make the challenge slightly more interesting.
Challenges On the Surabaya Hacker Link forum there is information about a new challenge replacing Heaven challenges (the Heaven VM write-up can be found here). The information on …
Preamble Some time ago, there was a bit of discussion at the office regarding a new policy from the DKI Jakarta Provincial Government about deactivating Jakarta ID cards for residents who are no longer domiciled in Jakarta. Several colleagues were affected, so others who still had Jakarta ID cards immediately checked their NIK status.
However, as we know, many people have had bad experiences accessing digital government services, ranging from slow loading to being completely inaccessible. My …
Goodbye Disqus, Hello Giscus After using Disqus for a long time as a comment platform, also known as Comment-as-a-service, this website has finally switched to giscus after considering another similar platform that also uses GitHub, namely utterances.
Starting When I first built this website, I was confused about which comment system to use. Since this site is an SSG (Static Site Generator) and does not have a database connection, using a third party comment platform was the best option. In …
As a Cybersecurity worker, we must stay up-to-date with any news, alerts, advisories and others also in the IT field everything is new and growing so fast, especially in cybersecurity
To fill this gap I use a RSS aggregator to send the latest update from my favorite blog/news to notify me
If you join SHL Discord you’ll be familiar with feeds and feeds-ransom text channel, this is how I configure it
You may have just clicked on a Phishing Ad I am tired of the ads that appear while watching reels on Facebook. Besides malware ads and online gambling ads, there are also many phishing ads targeting games like Free Fire and Mobile Legends, as well as ads inviting users to join 18+ groups. These ads are designed to steal social media account credentials and can seriously harm users.
Phishing, or password fishing, is a method widely used by threat actors to obtain access or credentials to services …
