July 2024

Turning Specialized Platform Data Breaches into Defensive Insights

27 July 2024 - Posted in Leak by Jok3r

Background: Since the beginning of the internet, a variety of communities have existed, ranging from hacking and malware development groups to those involved in insider information sales and illegal [...] Read more

Mitigating the Risk: CVE-2024-39929 and Securing Exim Servers

20 July 2024 - Posted in Hardenings by Jok3r

Background: Exim is a mail transfer agent designed for Unix-like systems, providing flexible capabilities for managing your own email server. It serves as the entry point for email communication [...] Read more

The danger of leaked hash password from the perspective of defense in depth

13 July 2024 - Posted in Leak by Jok3r

Background: Before delving into the scope of leaked hashed passwords, it's important to understand the purpose of hashing. At a high level, hashing is a one-way function that transforms any input [...] Read more

RegreSSHion CVE-2024-6387 as a chunk of attack

06 July 2024 - Posted in Incident Response by Jok3r

Background: Qualys researchers have announced that a side effect, stemming from the default inclusion of OpenSSH in Ubuntu systems and widespread use in other distros, allowed them to achieve Remote [...] Read more