Close

Cobalt Strike C&C and Freeworld Ransomware Doing the Rounds on Unsecured MSSQL Instances

A deadly combination, with bad actors currently targeting badly maintained/secured instances of Microsoft SQL Server (MSSQL), of which there are many in the wild. Freeworld, like most ransomware’s it is designed to encrypt a user’s files to deny them access and asks for payment in order to restore. Files are appended with “.FreeWorldEncryption“. Contact details…

Burp or OWASP Zap? Pros and Cons

Introduction Web application security is of paramount importance in today’s digital landscape, with cyber threats becoming increasingly sophisticated. To safeguard sensitive data and maintain the trust of users, developers and security professionals need effective tools for identifying and mitigating vulnerabilities. In this blog post, we’ll introduce two popular web application security testing tools for beginners:…

The log4j Question

What was it? The Log4j flaw refers to a critical security vulnerability in the Apache Log4j library, which is a widely used Java-based logging utility. The vulnerability, officially designated as CVE-2021-44228, was discovered in December 2021. It allowed attackers to execute arbitrary code remotely by exploiting the way Log4j processed user-supplied data that included specially…

Get and Install a Cheap SSL Cert

What is an SSL Cert? SSL stands for Secure Sockets Layer, a cryptographic method that was developed in the mid-90s to add a layer of encryption to web communications. You’ve probably seen that most we addresses take the form of http://website.com or https://website.com. The former is the usual, non-encrypted version and the latter is the…