asteroza + hijack   11

Fox-IT hit by cyber attack - Fox-IT (ENG)
What a wonderfully transparent after-action review of an incident. Though changing the registrar password regularly doesn't seem like it would buy them much, as they kept their password in a vault and rarely used it (low chance of extraction/exfil), and the subtle implication the registrar got owned. Though as a mitigation to lack of 2FA, at the registrar, maybe worthwhile. But the real need is watching for abnormal events, which requires a registrar change feed or external monitoring, as you need to trigger on registrar change events or general DNS SOA changes.
DFIR  case  study  DNS  registrar  hijack  MitM  reference  information 
december 2017 by asteroza
d0z.me: The Evil URL Shortener « Spare Clock Cycles
I find this more interesting because of the properly threaded javascript worker thread setup, which is potentially usable for other, less evil purposes. Though I'm surprised some large website that has people leaving a window open all the time hasn't exploited this as a means of surreptitious heterogeneous distributed computing.
d0z.me  evil  URL  shortner  hijack  remote  DDoS  attack  botnet  HTML5  anonymous  hacking  security  privacy  iframe  threaded  javascript  worker  threads  webdev  programming  development  distributed  computing  cloud  Delicious 
december 2010 by asteroza

Copy this bookmark:



description:


tags: