After writing about malware ads using the Google Bard lure, now there is another malware ad that is slightly different, both in terms of the lure and the malware being delivered. This ad promotes a custom Windows taskbar to make it look more attractive. However, the file downloaded is actually malware and there is no custom taskbar installation as advertised. So what does the downloaded file install? Of course, malware. Below is roughly what the installer does.
Understanding What a Dictionary Attack Is A dictionary attack is one of the common techniques used in hacking or pentesting. This attack uses a collection of commonly used passwords (wordlists) or passwords that have been leaked on the internet, such as rockyou.txt, ignis, and others.
The difference between a brute force attack and a dictionary attack lies in the use of a wordlist. A brute force attack attempts all possible character combinations, which usually takes much longer. A dictionary …
Last June, on the 14th to be exact, I was scrolling Facebook and found an interesting ad about Google’s AI called Bard. What made it even more interesting was the comment section, so I immediately checked the comments.
Why were all the commenters verified blue check accounts? Why were Indonesian politicians commenting on it? What does politics have to do with Google Bard? The comments also showed mostly positive sentiment.
The internet has become an important part of daily life. Most commonly, it is used as a source of information and entertainment. However, unwise and improper use of the internet can endanger data security and privacy. Below are several steps you can follow to stay safe while browsing the internet:
Add Web Protection Install the Malwarebytes Browser Guard extension in your browser. With this extension, Malwarebytes will block access when you accidentally open a suspicious website or a site …
Ransomware Ransomware is a type of malware (malicious software) that encrypts victims’ files, causing them to lose access to their data. The malware will decrypt the files if the ransom has been paid by the victim, but there is no guarantee that all data will be restored. If the victim refuses to pay, some ransomware variants will expose the victim’s files to the internet. Ransomware spreads through fake installers, phishing, exploit kits, remote desktop access, and other methods.
As we know, DNS or Domain Name Server is a service responsible for translating domain names into IP addresses so users do not need to remember complicated IP addresses one by one. Therefore, DNS is a crucial service and must be configured properly. Otherwise, it may cause a domain to become difficult or even impossible for users to access.
For example, some time ago a colleague complained to the infrastructure team because they could not access monev.spbe.go.id. Long story short, I asked the …
In this digital era, protecting personal data is becoming increasingly important, especially in Indonesia. Many internet users still use weak passwords, which can easily be exploited by cybercriminals. If you are looking for information about downloading Indonesian password wordlists, this article will discuss it, including their usage, risks, and how to protect yourself.
What Is a Password Wordlist? A password wordlist is a collection of passwords commonly used by internet users. This list is …
We often find ourselves needing to work quickly when dealing with the terminal. This is already helped by bash-completion, which allows us to type commands automatically by pressing the [TAB] key twice. However, in general the terminal also has shortcuts that help us work with Linux more easily and quickly. Below is a list of common terminal shortcuts. This list was taken from Hack The Box Academy.
Auto Completion
[TAB] - Initiates command auto completion.
Let’s get straight to the point: this machine is hard, period. When the labs were first launched there were three machines: Zombie, Hellbound, and Anonymouz. In my opinion this one is quite difficult, probably due to my lack of experience in exploitation and intuition. Until the time this write-up was written, the author still hadn’t obtained the root user flag and was stuck at www-data. Fortunately, the user flag is readable by www-data, so it can still be submitted.
Retas.io is a company from PT. Solusi Siber Teknologi that offers various security services ranging from Vulnerability Assessment, Penetration Testing, to other specialized IT and security-related needs.
Recently retas.io launched a new product called retas labs which is intended to help new players entering the Infosec world. These labs are somewhat similar to Hack The Box. By using a VPN we are required to solve challenges using our IT knowledge and skills. Not only that, they also plan to …
