People are selling compromised credentials from organisations everywhere. How do they get them in the first place?

Seems like alot of notorious ransomware groups are essentially buying access through stolen credentials.

How are people obtaining creds though?

I’m assuming things like dictionary attacks against public facing servers are a very unlikely method. But maybe I’m wrong.

haveibeenpwned databases with cracking maybe?

Anyone with actual experience with Blackhat care to share some light?

submitted by /u/thehunter699
[link] [comments]

January 14, 2023
Read More >>

I am 24 who can’t hold down menial job and can’t do simplest of tasks with hands or intellect. Can I still succeed in hacking if I am passionate?

I am 24.

It’s a weird question. Yesterday, I wasn’t able to put shoelaces into a shoe. My kid brother who’s 9 did it easily. Despite telling me, I couldn’t do it. I can’t change my tyre despite trying. It’s like brain doesn’t work.

During job, I wasn’t able to change pins in a stapler or use coffee machine. It’s like not I don’t try but I can’t figure stuff out. I am slow and problem solving skills or imagination is non existent.

I have interest in hacking. Fascinated by reverse engineering, 0 day exploits, kernel, scripting, AI, drones, hardware, malwares and messing around with computers.

Can I be a good hacker still?

submitted by /u/piglet_2298
[link] [comments]

January 14, 2023
Read More >>

Change password with bios

​ IF you can access the bios cant you just change the user password and hack into the computer? Are computers rlly this insecure submitted by /u/idk-12345678 [link] [comments]

January 14, 2023
Read More >>

ip / geo ban

Hey i live in a country thats somehow banned on CMG ( checkmategaming) , i tried downloading NordVPN & others but they keep catching the vpn ? anyone know a way to bypass the geo-ban ? ( my country has no laws banning or restricting skilled gaming …

January 14, 2023
Read More >>

NortonLifeLock: threat actors breached Norton Password Manager accounts

Gen Digital, formerly Symantec Corporation and NortonLifeLock, warns that hackers breached Norton Password Manager accounts. Gen Digital, formerly Symantec Corporation and NortonLifeLock, informed its customers that threat actors have breached Norton Password Manager accounts in credential-stuffing attacks. The company detected an unusually large volume of failed logins to customer accounts on December 12, 2022, and […]

The post NortonLifeLock: threat actors breached Norton Password Manager accounts appeared first on Security Affairs.

January 14, 2023
Read More >>

Reverse engineering proprietary device that uses WPA

Hi

I have a device which is controlled from a smart phone application via a password-free WPA connection.

I’d like to intercept the traffic between my smart phone and the device and see if I can write an API to control the device without the developers application

The device sets up a WPA wireless network without a password and hands out a single IP – any additional connections do not receive an IP.

I was able to connect a laptop to the device and nmap it. it only has tcp/50007 open

I was considering setting up a MITM device which uses one NIC to connect to the device and another to mock the WPA connection. I should then be able to Wireshark or tcpdump the traffic to/from the device

Before I embark on building a raspberry pi with the wifi devices – is there a better way? Is there a reliable way to intercept the password-less WPA traffic directly between the application and device?

Maybe a cheap rooted android device running the app would be easiest?

submitted by /u/soberto
[link] [comments]

January 14, 2023
Read More >>

[GAME] Become a hacktivist

​ https://preview.redd.it/5y3uh04uouba1.png?width=1920&format=png&auto=webp&s=88365043447404466d60c4bef3dc20c7c9d8dd0c We are happy to announce the re-launch of C-Leak game, but this time with a simpler gameplay, smart challeng…

January 13, 2023
Read More >>