Friday, 13 December 2013

Is it a shortened link?

It is very common these days to see shortened links to be used on various social media. such as Twitter, Facebook, Instagram, Linkedin, etc. and this is mostly for convenience. 


However, from a security perspective, these links may pose a threat to the end users. There are cases where these URL shorteners services were used deceive the users and click on malicious links. Some of the most well-known URL Shortener services are the following bitly.com, goo.glow.ly, bit.do, tinyurl.com but many others exist as well. 

Some of them will try to protect you from visiting known malicious links but it is always a good thing to be able to check a shortened link (URL) yourself.

The following websites do exactly that. They will allow you to reverse the shortened URL and check where it is intended to redirect you beforehand. 
If you know of any other ones that I need to include, let me know and I will be happy to add them to the list.

Friday, 1 November 2013

Guest Speaker for Derby University (Digital Forensic Investigation Course) - Penetration Testing

I had the pleasure to be invited for the first time as a guest speaker to Derby University in order to give a talk about Penetration Testing in the real world and more specifically for the Digital Forensic Investigation course.

The talk included an introduction to the Payment Card Industry (PCI),  Payment Card Industry Data Security Standard (PCI DSS) and the Payment Card Industry Security Standards Council (PCI SSC). The participant had an opportunity to understand what is an Approved Scanning Vendor (ASV), a Qualified Security Assessor (QSA) and last but not least a PCI Forensics Investigator (PFI).

The students were introduced to penetration testing types, practices, methodologies, real stories from the industry, tools, and techniques. Black Box testing versus White Box testing was explained, the significance of white-listing was discussed and comparison of ASV, Vulnerability Assessment and Penetration Testing was given.

The second part of the talk focused on malware and included a more practical approach with a hands-on session. The talk focused on how easy could it be to create malware that is capable of evading AntiVirus detection (including reputation based detection). The students were given an executable file and a hex editor which allowed them to modify the given binary. Social engineering and spear phishing were also discussed. The purpose was to raise their awareness and allow them to understand with examples why we say there is no 100% security.

I had a wonderful day at the University, the students were very excited and I do hope they learned a lot. All the best with their course. I am looking forward to be invited again by the university in the future and have the opportunity to discuss in more detail CyberSecurity and Cyber-Threats.

Wednesday, 30 October 2013

 Journal of Information Warfare

After the 12th annual European Conference of Cyber Warfare and Security (ECCWS), used to be known as European Conference on Information Warfare and Security (ECIW) [1] held in July 2013 at the University of Jyvaskyla in Finland, the Journal of Information Warfare (JIW) [2] decided to select a few papers that stand out during the conference and invited the authors to submit an updated version of the submitted paper for the JIW (Volume 12, Issue 3). The title of the updated paper was Antivirus False-Positive Alerts, Evading Malware Detection, and Cyber-security Issues [3]. 

Monday, 9 September 2013

Access the BIOS on a Windows 8.0/8.1 Operating System

On a system with Windows 8 you can access the Unified Extensible Firmware Interface -(UEFI) or what it was used to be called BIOS screen from the new Windows 8 boot menu:

- Open Charms (Press the Windows key + C, OR swipe in from the right edge of the screen) 
- Click: Settings.
- Click: Change PC Settings.
- In "PC Settings", click: Update and Recovery
- Click: Recovery
- Under "Advanced start-up", click: "Restart now"

This action will restart your system and show the Windows 8 boot menu.

- In the boot menu, select Troubleshoot
- In the Troubleshoot menu, select Advanced options
- In the Advanced options menu, select UEFI Firmware Settings
- Click Restart to restart the system and enter UEFI (BIOS).


Monday, 3 June 2013

Wi-Fi Access Points with Adaptive Antenna Technology

This post is not an advertisement of any sort. Its just my personal experience and thoughts about Wi-Fi Access Points and their respective controllers. I have seen a number of these installations from different vendors. Some of them do not work well, they do not handle the connection from one hotspot to the next as they should, they might have weak signal or they tend to be very expensive.


I believe that if you are looking into this kind of solution you should defiantly take a look at the Ruckus products [1]. They are reasonably priced, the controller handles the connections without any problems and they seem very reliable.


[1] http://www.ruckuswireless.com/products/zoneflex-indoor

Thursday, 4 April 2013

Host Discovery; hunting for Windows XP hosts


These are a couple of quick ways to do discover the OS version of your hosts:

A) Use nmap, and run the following command. 
nmap --script smb-os-discovery -p 445 10.0.0.0/24


B) Use Metasploit, and run the following commands.
use auxiliary/scanner/smb/smb_version
set rhosts 10.0.0.0/24
run

The output will display the Operating System on each of your hosts.

As a side note, you can use
nbtscan for a quick host discovery
nbtscan-1.0.35.exe 10.0.0.1/24

or nmap 
nmap -sP -n 10.0.0.1/24

Friday, 1 March 2013

Backlight brightness of Apple Displays on a Windows PC

If you ever try to connect a Windows host to an Apple display you will most probably have a brightness problem. Despite the amount of time you spend fiddling with your graphics card settings, you will realise soon enough that the screen stays quite dark. 

The problem is not with the brightness of the colours being displayed but with the back-light illumination within the display. The Brightness Controller utility will "speak" to the screen and allow you to adjust the back-light brightness to your liking. 

Note: I am currently using it with Windows 8.1 and it works fine!
Currently supported displays:
27" Apple Thunderbolt Display 
27" Apple LED Cinema Display 
24" Apple LED Cinema Display
23" Apple Cinema Display HD (Acrylic frame)
20" Apple Cinema Display (Aluminum frame)
20" Apple Cinema Display (Acrylic frame)

In order to adjust this you will have to download this very useful utility called "Brightness Controller" from this website: http://www.holstschumacher.dk/p/brightness-controller.html