What is NTP Enumeration?

What is NTP Enumeration? – Network Time Protocol (NTP) is designed to synchronize clocks of networked computers. It uses UDP port 123 as its primary means of communication, NTP can maintain time to within 10 milliseconds(1/100 seconds) over the public Internet. It can achieve accuracies of 200 microseconds or better in local area networks under ideal conditions. Arracker queries NTP server to gather valuable information such as: List of host connected to NTP server Clients IP addresses in a network, their system names and OSs Internal IPs can also be…

Read More

What is LDAP Enumeration?

What is LDAP Enumeration? – Lightweight Directory Access Protocol (LDAP) is an Internet Protocol for accessing distributed directory services. Directory services may provide any organized set of records, often in a hierarchical and logical structure, such as a corporate email directory. A client strats a LDAP session by connecting to a Directory System Agent (DSA) on TCP port 389 and then sends an Operation request to the DSA. Information is transmitted between the client and the server using Basic Encoding Rules (BER). Attackers queries LDAP service to gather information such…

Read More

Top Five Footprinting Tool?

Top Five Footprinting Tool? – Attackers are aided in footprinting with the help of various tools. Many organizations offer tools that make information gathering an easy task. This section describes tools intended for obtaining information from various sources. Footprinting tools are used to collect basic information about the target systems in order to exploit them. Information collected by the footprinting tools contain target’s IP location information, routing information, business information, address, phone number and social security number, details about a source of an email and a file, DNS information, domain…

Read More

Hackers Accidentally Expose Passwords Stolen From Businesses On the Internet

A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and steal credentials belonging to over a thousand corporate employees. The cyber offensive is said to have originated in August last year, with the attacks aimed specifically at energy and construction companies, said researchers from Check Point Research today in a joint analysis in partnership with industrial cybersecurity firm Otorio. Although phishing campaigns engineered for credential theft are among the most prevalent reasons for data breaches, what makes this operation…

Read More

Google Details Patched Bugs in Signal, FB Messenger, JioChat Apps

In January 2019, a critical flaw was reported in Apple’s FaceTime group chats feature that made it possible for users to initiate a FaceTime video call and eavesdrop on targets by adding their own number as a third person in a group chat even before the person on the other end accepted the incoming call. The vulnerability was deemed so severe that the iPhone maker removed the FaceTime group chats feature altogether before the issue was resolved in a subsequent iOS update. Since then, a number of similar shortcomings have…

Read More

What is Traceroot?

What is Traceroot? – Traceroute programs works on the concept of ICMP protocol and used the TTL field in the Header of ICMP packets to discover the routers on the path to a target host. What is Traceroot? Finding the route of the target host on the network is neccessary to test against to test against man-in-the-middle attacks and other related attacks. Most operating systems come with a Traceroute utility to perform the task. It traces the path or route through which the target host packets travel in the network.…

Read More

WhatsApp Delays Controversial ‘Data-Sharing’ Privacy Policy Update By 3 Months

WhatsApp said on Friday that it wouldn’t enforce its recently announced controversial data sharing policy update until May 15. Originally set to go into effect next month on February 8, the three-month delay comes following “a lot of misinformation” about a revision to its privacy policy that allows WhatsApp to share data with Facebook, sparking widespread concerns about the exact kind of information that will be shared under the incoming terms. The Facebook-owned company has since repeatedly clarified that the update does not expand its ability to share personal user…

Read More

Authorities Take Down World’s Largest Illegal Dark Web Marketplace

Europol on Tuesday said it shut down DarkMarket, the world’s largest online marketplace for illicit goods, as part of an international operation involving Germany, Australia, Denmark, Moldova, Ukraine, the U.K.’s National Crime Agency (NCA), and the U.S. Federal Bureau of Investigation (FBI). At the time of closure, DarkMarket is believed to have had 500,000 users and more than 2,400 vendors, with over 320,000 transactions resulting in the transfer of more than 4,650 bitcoin and 12,800 monero — a sum total of €140 million ($170 million). The illegal internet market specialized…

Read More

What Is DNS Foorprinting?

What Is DNS Foorprinting? – Attackers can gather DNS information to determine key hosts in the network and can perform social engineering attacks. What Is DNS Foorprinting? Extracting DNS Information DNS footprinting, namely Domain Name System footprinting, reveals information about DNS zone data. DNS zone data include DNS domain names, computer names, IP addresses, and much more about a particular network. An attacker uses DNS information to determine key hosts in the network, and then performs social engineering attacks to gather even more information. DNS footprinting helps in determining following…

Read More

Researchers Disclose Undocumented Chinese Malware Used in Recent Attacks

Cybersecurity researchers have disclosed a series of attacks by a threat actor of Chinese origin that has targeted organizations in Russia and Hong Kong with malware — including a previously undocumented backdoor. Attributing the campaign to Winnti (or APT41), Positive Technologies dated the first attack to May 12, 2020, when the APT used LNK shortcuts to extract and run the malware payload. A second attack detected on May 30 used a malicious RAR archive file consisting of shortcuts to two bait PDF documents claimed to be a curriculum vitae and…

Read More