What can happen if our social media accounts, email, or other applications are stolen from us?
social media email stolen …
Actions to be taken in case of hijacking or loss of GMAIL account credentials
1. Introduction The purpose of this article is to provide recommended steps to recover a GMAIL account that may have been lost or hijacked. Although the instructions have been checked, it should be noted that ultimately the recovery or not of the account depends on the criteria or criteria of the people at Gmail who evaluate the request and the evidence provided. This means that despite following each step correctly, it is possible that the recovery request will be rejected. 2. Steps for Gmail account recovery 2.1. Factors that can facilitate recovery As indicated in the introduction, the decision to …
Securing our devices against potential espionage.
1. Introduction In this article, we will provide guidelines on how to proceed in the event that we believe or suspect that any of our devices (computer or smartphone) are compromised, meaning that unauthorized individuals have unrestricted access to the device. The goal of this article is not to show the reader how to detect if their devices or accounts have been compromised (compromised by trojans) by third parties. Broadly speaking, there are certain signs that may lead us to suspect that something unusual is happening. Instances where the battery life of our smartphone suddenly becomes much shorter than usual, …
What should we do if we become victims of ransomware?
1. What is ransomware and what impact does it have? In this article, we will explore how to proceed in the event that our systems have been compromised by ransomware, something that has become quite common in recent times. Ransomware is defined as a type of malicious program (malware) that encrypts the computer data of infected machines and demands a ransom payment, usually in cryptocurrencies (Bitcoin, Monero, etc.), in exchange for removing this restriction and restoring data access to the victim. A ransomware attack can result in significant financial losses for companies. If they don’t have recovery plans in place …
Capture The Flag (CTF) Deloitte – CyberAcademy
1. Introduction and Objectives In this article, we will provide a solution to the “Deloitte-CyberAcademy” CTF, which features a variety of challenges similar to our CTF-1. You can download the CTF-1 from the following link: This is a virtual machine with a Linux operating system (hereinafter referred to as the “victim machine”) that presents a series of challenges that need to be overcome in order to capture all the flags. To carry out ethical hacking tasks, we are situated with our attacking machine in the same network segment as the victim machine. To achieve this, we have deployed both machines …
Publishing a website or files on the Deep Web using a Raspberry Pi anonymously (OnionShare).
1. Introduction and Objectives In this article, we will demonstrate how one can publish a website or a file-sharing space on the Deep Web (TOR network) using a Raspberry Pi, ensuring both security and anonymity. Throughout the project, we will encounter challenges that we must mitigate to the best of our ability while upholding the principles of security and anonymity. The main objective is to show readers how straightforward it is today for someone with basic systems knowledge to set up their own anonymous infrastructure for sharing information. Additionally, we will outline the measures to be taken in order to …
Attack Using BadUSB Devices or Rubber Ducky
1. Introduction and Objectives In this article, we will conduct a practical study on how an organization can be compromised using a BadUSB device, whether it’s inserted into a computer by an attacker with physical access to the victim’s system or by an unsuspecting user who falls victim to deception. We will get straight to the point without spending time on explanations about the technical features of these types of hardware or preparing Arduino IDE, as this information is readily available in numerous articles from other cybersecurity companies. In this article, our focus will be on programming a BadUSB using …
Capture The Flag CTF 2 Jaymon Security – Pentesting
1. Introduction and Objectives In this article, we will provide a solution to the second CTF (2.0) proposed by JAYMON SECURITY, which you can download from their website through the following link: This article simulates the execution of an ethical hacking audit, also known as a Pentest, on a Windows operating system machine belonging to the education department of a university (hereinafter referred to as the “business organization”), where an exam platform is located. To carry out the tasks of ethical hacking, we are situated with our attacking machine in the internal network segment of the business organization. Within this …
How to Create a Script for SQL Injection Testing
1. Introduction and Objectives In this article, we will briefly explain what a attack of this nature entails, and then we will demonstrate how to create a small script that automates certain SQL injection tests. To achieve this, you will need to have a basic understanding of databases and web programming. We will be using Kali Linux as the attacking machine. 2. What does a SQL injection (SQLi) attack consist of? A SQL injection attack essentially involves injecting malicious SQL code through a form with unsanitized input fields. Insufficient data sanitization leads to a vulnerability, and if this form connects …
Latest News
