Complete guide on cold wallets for Cryptocurrencies
Complete Guide to Cryptocurrency Wallets …
What can happen if our social media accounts, email, or other applications are stolen from us?
social media email stolen …
Actions to be taken in case of hijacking or loss of GMAIL account credentials
1. Introduction The purpose of this article is to provide recommended steps to recover a GMAIL account that may have been lost or hijacked. Although the instructions have been checked, it should be noted that ultimately the recovery or not of the account depends on the criteria or criteria of the people at Gmail who evaluate the request and the evidence provided. This means that despite following each step correctly, it is possible that the recovery request will be rejected. 2. Steps for Gmail account recovery 2.1. Factors that can facilitate recovery As indicated in the introduction, the decision to …
Securing our devices against potential espionage.
1. Introduction In this article, we will provide guidelines on how to proceed in the event that we believe or suspect that any of our devices (computer or smartphone) are compromised, meaning that unauthorized individuals have unrestricted access to the device. The goal of this article is not to show the reader how to detect if their devices or accounts have been compromised (compromised by trojans) by third parties. Broadly speaking, there are certain signs that may lead us to suspect that something unusual is happening. Instances where the battery life of our smartphone suddenly becomes much shorter than usual, …
What should we do if we become victims of ransomware?
1. What is ransomware and what impact does it have? In this article, we will explore how to proceed in the event that our systems have been compromised by ransomware, something that has become quite common in recent times. Ransomware is defined as a type of malicious program (malware) that encrypts the computer data of infected machines and demands a ransom payment, usually in cryptocurrencies (Bitcoin, Monero, etc.), in exchange for removing this restriction and restoring data access to the victim. A ransomware attack can result in significant financial losses for companies. If they don’t have recovery plans in place …
Capture The Flag (CTF) Deloitte – CyberAcademy
1. Introduction and Objectives In this article, we will provide a solution to the “Deloitte-CyberAcademy” CTF, which features a variety of challenges similar to our CTF-1. You can download the CTF-1 from the following link: This is a virtual machine with a Linux operating system (hereinafter referred to as the “victim machine”) that presents a series of challenges that need to be overcome in order to capture all the flags. To carry out ethical hacking tasks, we are situated with our attacking machine in the same network segment as the victim machine. To achieve this, we have deployed both machines …
Physical Security: Access Card Cloning with Proxmark in Red Team Operations
1. Introduction and Objectives In this article, we will explore how easy it can be to clone certain types of cards that are widely used, not only in access controls of private organizations (hotels, etc.) but also in public institutions. To achieve this, we will make use of Proxmark3, which can be acquired from its official website: In this article, we will not demonstrate how to set up the environment to be able to use Proxmark3, as there are several tutorials available on the Internet that provide clear instructions for that: Therefore, to carry out this practice, we should have …
Anonymous Connection, Information Exfiltration, and Covering Tracks in Red Team Operations (RTO)
1. Introduction and Objectives In this article, we will demonstrate how an attacker can exfiltrate a complete clone of a hard drive or a disk partition in a silent and professional manner, as should be done in a Red Team Operation (RTO). We will employ the same tactics, techniques, and procedures (TTPs) used by cybercriminal groups. We will not delve into the details of how an attacker can compromise a system at this level, as it is not the objective of this article (we have several articles on our blog that cover this topic). However, it’s important to note that …
Analysis and Reverse Engineering of a Banking Trojan Malware from the Zeus Family
1. Introduction and Objectives In this article, we will demonstrate how to conduct a reverse engineering analysis of a banking trojan from the Zeus family. For our study, we have been provided with a single binary file named “fichero.bin.” You can download it from the JMSec GitHub repository: To undertake a study of this nature, you’ll need some basic knowledge of reverse engineering. 2. Setting Up the Laboratory and Description of Materials To begin the exercise, it should be noted that the analysis of the binary is conducted under the Windows 10 operating system. The following list enumerates the tools …