Tag Archives: hack

security

Post exploitation tools: Lazagne

lasagnaOften, after a compromise of a machine, red teams / adversaries search for certificates or credentials to hop to other machines, often referred to as “lateral movement”. When doing so, many use Mimikatz, a tool that extracts credentials, PIN codes and kerberos tickets from memory. There are countless blog articles about how to detect it, and hide it from AV, etc.

But another nifty tool, that many don’t know about is Lazagne. It searches for credentials in files and registry. Not just your windows credentials, but things you save in your browsers, mail clients, FTP clients, keyrings etc.

uae

UAE Banks hit by ATM fraudsters

Multiple banks issues SMS messages and emails for UAE customers to change their PIN codes. Some banks even disabled international ATM cash withdrawal (which would suck if you’re on a holiday and need cash).

So, if you are living in the UAE; it never hurts to change your pin. Which is something you should do on a regular basis anyways.

security uae

Dubai jails yahoo email account hacker

An Egyptian secretary guessed the password of a yahoo account of an Emirati UN employee, and was sentenced to three months in jail and deportation.

The “hacker” emailed the victim that he broke into her email account, and was going to release pictures and “other secrets” of her, according to GulfNews.

Not the cybercrime caliber of russian extremist webmasters being “accidentially” executed, but still.