5PHInX

Nmap is short for Network Mapper. It is an open-source Linux command-line tool that is used   to scan IP addresses and ports in a network and to detect installed applications . Nmap allows network admins to find which devices are running on their network, discover open ports and services, and detect vulnerabilities Task 1 - Deploy No answer needed. Task 2 - Introduction What networking constructs are used to direct traffic to the right application on a server? Answer:  ports How many of these are available on any network-enabled computer? Answer:  65535 [Research]  How many of these are considered “well-known”? (These are the “standard” numbers mentioned in the task) Answer:  1024 Task 3 - Nmap Switches What is the first switch listed in the help menu for a ‘Syn Scan’ (more on this later!)? Answer:  -sS Which switch would you use for a “UDP scan”? Answer:  -sU If you wanted to detect which operating system the target is running on, which switch would y...

A novel hardware attack dubbed  PACMAN  has been demonstrated against Apple's M1 processor chipsets, potentially arming a malicious actor with the capability to gain arbitrary code execution on macOS systems. It leverages "speculative execution attacks to bypass an important memory protection mechanism, ARM Pointer Authentication, a security feature that is used to enforce pointer integrity," MIT researchers Joseph Ravichandran, Weon Taek Na, Jay Lang, and Mengjia Yan  said  in a new paper. What's more concerning is that "while the hardware mechanisms used by PACMAN cannot be patched with software features, memory corruption bugs can be," the researchers added. The vulnerability is rooted in pointer authentication codes ( PACs ), a line of defense introduced in arm64e architecture that aims to detect and secure against unexpected changes to  pointers  — objects that store a memory address — in memory. PACs aims to solve a common problem in software security...

Cybercriminals are impersonating popular crypto platforms such as Binance, Celo, and Trust Wallet with spoofed emails and fake login pages in an attempt to steal login details and deceptively transfer virtual funds. "As cryptocurrency and non-fungible tokens (NFTs) become more mainstream, and capture headlines for their volatility, there is a greater likelihood of more individuals falling victim to fraud attempting to exploit people for digital currencies," Proofpoint  said  in a new report. "The rise and proliferation of cryptocurrency has also provided attackers with a new method of financial extraction." The targeting of sensitive cryptocurrency data by threat actors was recently echoed by the Microsoft 365 Defender Research Team, which warned about the emerging threat of  cryware  wherein private keys, seed phrases, and wallet addresses are plundered with the goal of siphoning virtual currencies by means of fraudulent transfers. The  swift popularity of Web3...