Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by CyberMaster

  1. Eurofins Scientific: Forensic services firm paid ransom after cyber-attack Full Story : https://www.bbc.co.uk/news/uk-48881959 So it would appear the hackers are winning in today's cyber world, but I am surprised that no one is investing in training staff how to stay safe, I am also surprised that people are not investing in betting practices and cyber equipment to prevent such attacks, it will be interesting to follow this story and see how things unfold. we know the following at least, The criminal would have needed access to the site Used social engineering to get the user to click on a link Used a zero day to get the code to execute on the PC some how so was it (1) an employee or ex employee (2) Social Engineering that could have been prevented with training (3) a zero day exploit and managed to get the code to run on the system My bet is it was probably number (2) social engineering getting a user to download a file with a payload. It amazes me how the same criminals are getting away with it, getting law enforcement agency's to pay for there own data Which asks the question, Why is there no backup's of the data that are separate from the connected drives Why is no one training staff why is no one testing the system for example create a fake situation to see how things would go in a real situation and the test against it The more you train the staff and test them on what you have trained them the wiser they become As a security researcher I test hardware and software for vulnerabilities but still find the biggest vulnerability is people.
  2. Thanks, I can only try and give my opinion and what I have found to be the case when testing and always happy to try and answer any questions.
  3. I’m a total noob - Welcome to the subject but I imagine that if your story was true, then someone with that background wouldn’t need to ask those questions on here - All questions are valid it is the only way of learning 3 years experience is not not much in comparison to 13 years I am still learning however I have learned the processes and techniques of hacking but asking someone with more experience the basic questions are sometimes the best way to go back to to make sure you have not missed anything, that was why I was asking the question. An they probably wouldn’t call themselves cybermaster... - Well to be honest my handle, Nickname what ever you want to call it is no more than a online handle like Biob. Hack5 is a good starting point so you have come to the right place to learn.
  4. Totally thanks for asking the question nice to meet you.
  5. Yes I love learning and making use of the technologies that we have available and learning how to reverse engineer products.
  6. 6 hours per day, but in the past when I was learning up-to 14 hours a day for the past 13 years I have had many opportunity's and embarked on a lot of projects including programming vb.net, EPOS (Electrical Point Of Sale Systems) computer forensics, cyber security, Networking, Server repairs and printer servicing. my day Job is a Service Desk Analyst at present.
  7. Cloud based systems where designed for convenience and backup purposes not to spy on people. Your Question Giving governments and Corporations access to untold secrets e.g engineering plans, business strategies, contact details, messages, financial information, health records? Giving governments and Corporations access to untold secrets | Government agencies already have the technology, ability and authority to find such information out if you are talking about individuals personal use government agencies would not be bothered about a picture of a persons children growing up. Corporations - I take it you mean host I.E google, One Drive (Microsoft) Drop Box, if so they are not worried about each others company's and do not have authority to look at at your information and is protected by your agreement terms and conditions of use. e.g engineering plans, business strategies, contact details, messages, financial information | Such information is uploaded by Corporations which there information is not stored publicly but privately so no other organizations would not have access to this information only the company employees who would be subject to confidentiality conditions as well. financial information | all information about financial information is available on company's house website and if you are talking about governments then you can look no further than inland revenue. I am sure each business is more concerned about making money than reading about the profits of its competitors. Corporate's do not have this type of access in a cloud based system except employees again under conditions. health records | since the government owns the information only employees and governments have access to this information no one else. Great for g’s and c’s , for a multitude of advantages over others. | Don't know what G's and C's are so can't help you there the only advantage of this I can see is marketing and sales for monitoring ones interest and push sales towards them having said that Microsoft, Google and Amazon and is already shared between them. Cloud Advantages - Easy to access anywhere with an internet connection, you are not using up backup space on a physical hard drive, in the event of a fire your information is safe, multiple people can be logged in and viewing the information at the same time. Disadvantages - it is a financial cost, it is easily social engineered, you can't access your data without an internet connection, the data is on someone else's server and your data could be lost in an unforeseen circumstances. i.e Fire, theft, mechanical failure. I hope that answers your questions.
  8. Hi KentJ, Thank you for taking the time to reply and confirming what I thought already your input is much appreciated, and will help very much in my re-search and development in security research. I will continue to invest in this area and develop new skills and develop new software. I hope I am able to learn and help others also on my journey.
  9. Hi Team, I am new Member hear and wanted to say Hi I am a security researcher and have over 3 years experience in computer security and love to learn new things and my aria of study is computer security and computer forensics and have 12 years knowledge in the computer industry anything from programming to forensics and computer security but I have one burning question: I have used the tactics of social engineering and used Kali Linux to a intermediate / advanced level and comfortable using the tools, but I have 1 question I hope someone can clear up. Can you Hack a PC over the internet without a user clicking on a link or running a virus? Get on to a domain without knowing the credentials Get Hacked if you are not even connected to the internet without physical access for the purpose of my skills and research I am unable to answer this but hoping that someone may know the answer. Thanks
  • Create New...