<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"><channel><title>infophreak</title><description>Cyber-security intel, research, blogs, and more! Cybersecurity learning can be tough, lonely, and often lacks community support. We&apos;re here to change that.</description><link>https://infophreak.com/</link><item><title>Halloween 2025 CTF Announcement 🎃</title><link>https://infophreak.com/halloween-2025-ctf-announcement/</link><guid isPermaLink="true">https://infophreak.com/halloween-2025-ctf-announcement/</guid><description>infophreak is hosting their 2025 Halloween CTF from October 1st to October 31st. Compete to win prizes and glory!</description><pubDate>Sat, 20 Sep 2025 13:01:53 GMT</pubDate></item><item><title>Your next cloud with Nextcloud + Backblaze</title><link>https://infophreak.com/your-next-cloud-with-nextcloud-backblaze/</link><guid isPermaLink="true">https://infophreak.com/your-next-cloud-with-nextcloud-backblaze/</guid><description>In this tutorial, I will be going over how to set up your very own Nextcloud server using Docker Compose on a public cloud provider like DigitalOcean.</description><pubDate>Thu, 18 Sep 2025 19:11:00 GMT</pubDate></item><item><title>TryHackMe Room Writeup: Sakura</title><link>https://infophreak.com/tryhackme-room-writeup-sakura/</link><guid isPermaLink="true">https://infophreak.com/tryhackme-room-writeup-sakura/</guid><description>This writeup covers the TryHackMe &quot;Sakura&quot; room, featuring an OSINT investigation into a fictitious hacker who attacked the OSINT Dojo. This room is designed to test a diverse range of OSINT techniques, including those related to image, social media, and geolocation intelligence.</description><pubDate>Thu, 04 Sep 2025 23:58:12 GMT</pubDate></item><item><title>OSINT: Tracking a Session-Hijacking Cyberattack to an Australian Carpet Company</title><link>https://infophreak.com/osint-showcase-tracking-a-session-hijacking-cyberattack-to-an-australian-carpet-company/</link><guid isPermaLink="true">https://infophreak.com/osint-showcase-tracking-a-session-hijacking-cyberattack-to-an-australian-carpet-company/</guid><description>This article covers a post-incident OSINT investigation that linked a recent business email compromise back to an Australian carpet company, due to a DNS registration mishap by the attacker. Persistence and pivoting are key for investigators!</description><pubDate>Fri, 22 Aug 2025 13:00:13 GMT</pubDate></item><item><title>What IS the Dark Web Anyway?</title><link>https://infophreak.com/what-is-the-dark-web-anyway/</link><guid isPermaLink="true">https://infophreak.com/what-is-the-dark-web-anyway/</guid><description>A bird&apos;s eye view of the Dark Web focused on the essentials. If the inner workings of the Dark Web remain a mystery to you, this post was made to change that.</description><pubDate>Tue, 19 Aug 2025 00:49:48 GMT</pubDate></item><item><title>OverTheWire Bandit Level 0-5 Walkthrough</title><link>https://infophreak.com/overthewire-bandit-level-0-5-walkthrough/</link><guid isPermaLink="true">https://infophreak.com/overthewire-bandit-level-0-5-walkthrough/</guid><description>This is the first in a series of walkthroughs for the OverTheWire Bandit wargame, a beginner-friendly cybersecurity challenge designed to help build proficiency in Linux and foundational security skills.</description><pubDate>Wed, 13 Aug 2025 18:49:42 GMT</pubDate></item><item><title>HackTheBox - Manager (Mobile) Walkthrough</title><link>https://infophreak.com/hackthebox-manager-mobile-walkthrough/</link><guid isPermaLink="true">https://infophreak.com/hackthebox-manager-mobile-walkthrough/</guid><description>A client asked me to perform security assessment on this password management application.
Can you help me?</description><pubDate>Thu, 07 Aug 2025 20:24:11 GMT</pubDate></item><item><title>TryHackMe - Basic Pentesting Writeup</title><link>https://infophreak.com/tryhackme-basic-pentesting-writeup/</link><guid isPermaLink="true">https://infophreak.com/tryhackme-basic-pentesting-writeup/</guid><description>This is a write-up of my approach to the Basic Pentesting room on TryHackMe. The room is fairly simple and focuses on testing some fundamental pentesting skills.</description><pubDate>Thu, 31 Jul 2025 01:06:40 GMT</pubDate></item><item><title>Introduction to Physical Security</title><link>https://infophreak.com/introduction-to-physical-security/</link><guid isPermaLink="true">https://infophreak.com/introduction-to-physical-security/</guid><description>Physical security is essential to any cybersecurity strategy. Without it, attackers can bypass digital defenses. This post explores how physical access controls, surveillance, and safeguards protect systems from real-world threats. </description><pubDate>Tue, 15 Jul 2025 21:21:12 GMT</pubDate></item><item><title>Simple Way to Lockdown Your Website with Cloudflare Access</title><link>https://infophreak.com/simple-way-to-lockdown-your-website-with-cloudflare-access/</link><guid isPermaLink="true">https://infophreak.com/simple-way-to-lockdown-your-website-with-cloudflare-access/</guid><description>Do you have a web application running on Docker? Maybe you found an open-source app on GitHub but aren’t quite sure how secure the application is or if it’ll even stay that way in the future. Maybe your app doesn&apos;t have features like MFA, and you don’t want to make any changes to the code...</description><pubDate>Fri, 27 Jun 2025 04:54:13 GMT</pubDate></item><item><title>Using Azure Virtual Machines as a Netcat Reverse Shell</title><link>https://infophreak.com/using-azure-virtual-machines-as-a-netcat-reverse-shell/</link><guid isPermaLink="true">https://infophreak.com/using-azure-virtual-machines-as-a-netcat-reverse-shell/</guid><description>This article demonstrates how an Azure VM can be configured as a Netcat reverse shell listener, detailing setup steps (opening ports, running nc), potential security risks, and mitigation strategies. It highlights detection methods via Azure logging and best practices to prevent misuse.</description><pubDate>Tue, 17 Jun 2025 19:21:48 GMT</pubDate></item><item><title>PortSwigger Academy - User Role Controlled by Request Parameter</title><link>https://infophreak.com/portswigger-academy-2/</link><guid isPermaLink="true">https://infophreak.com/portswigger-academy-2/</guid><description>This lab has an admin panel at /admin, which identifies administrators using a forgeable cookie.

Solve the lab by accessing the admin panel and using it to delete the user carlos.

You can log in to your own account using the following credentials: wiener:peter</description><pubDate>Mon, 09 Jun 2025 10:13:36 GMT</pubDate></item><item><title>PortSwigger Academy - Unprotected Admin Functionality</title><link>https://infophreak.com/portswigger-academy-unprotected-admin-functionality/</link><guid isPermaLink="true">https://infophreak.com/portswigger-academy-unprotected-admin-functionality/</guid><description>This lab has an unprotected admin panel.

Solve the lab by deleting the user carlos.</description><pubDate>Sat, 07 Jun 2025 16:36:20 GMT</pubDate></item><item><title>How to Set Up SonarQube and PostgreSQL Using Docker</title><link>https://infophreak.com/how-to-set-up-sonarqube-and-postgresql-using-docker/</link><guid isPermaLink="true">https://infophreak.com/how-to-set-up-sonarqube-and-postgresql-using-docker/</guid><description>SonarQube is an open-source SAST platform for continuous inspection of code quality, ensuring clean, maintainable, and reliable code. By integrating it with Docker, you can effortlessly manage its deployment, making it portable and easily scalable...</description><pubDate>Fri, 16 May 2025 11:56:11 GMT</pubDate></item><item><title>A DIGITAL EYE - Part 3 WEB OF DIGITAL EYES</title><link>https://infophreak.com/a-digital-eye-part-3-web-of-digital-eyes/</link><guid isPermaLink="true">https://infophreak.com/a-digital-eye-part-3-web-of-digital-eyes/</guid><description>In the final part of our series, we explore how public street cameras contribute to OSINT and the criminal justice system — serving as silent witnesses that offer valuable intelligence, while also raising important ethical questions about surveillance and privacy.</description><pubDate>Sun, 04 May 2025 13:00:20 GMT</pubDate></item><item><title>PortSwigger Academy - Authentication Bypass via Information Disclosure</title><link>https://infophreak.com/portswigger-academy-authentication-bypass-via-information-disclosure-2/</link><guid isPermaLink="true">https://infophreak.com/portswigger-academy-authentication-bypass-via-information-disclosure-2/</guid><description>This lab&apos;s administration interface has an authentication bypass vulnerability, but it is impractical to exploit without knowledge of a custom HTTP header used by the front-end.</description><pubDate>Sat, 12 Apr 2025 14:00:03 GMT</pubDate></item><item><title>PortSwigger Academy - Source Code Disclosure via Backup Files</title><link>https://infophreak.com/portswigger-academy-source-code-disclosure-via-backup-files-2/</link><guid isPermaLink="true">https://infophreak.com/portswigger-academy-source-code-disclosure-via-backup-files-2/</guid><description>This lab leaks its source code via backup files in a hidden directory. To solve the lab, identify and submit the database password, which is hard-coded in the leaked source code.</description><pubDate>Tue, 08 Apr 2025 16:44:31 GMT</pubDate></item><item><title>PortSwigger Academy - Information Disclosure on Debug Page</title><link>https://infophreak.com/portswigger-academy-information-disclosure-on-debug-page/</link><guid isPermaLink="true">https://infophreak.com/portswigger-academy-information-disclosure-on-debug-page/</guid><description>This lab contains a debug page that discloses sensitive information about the application. To solve the lab, obtain and submit the SECRET_KEY environment variable.</description><pubDate>Tue, 01 Apr 2025 18:33:21 GMT</pubDate></item><item><title>Setting up Outline with Docker, Digital Ocean, and Cloudflare</title><link>https://infophreak.com/setting-up-outline-with-docker-digital-ocean-and-cloudflare/</link><guid isPermaLink="true">https://infophreak.com/setting-up-outline-with-docker-digital-ocean-and-cloudflare/</guid><description>A full guide on selfhosting Outline with Docker, Digital Ocean, Cloudflare, and Discord OAuth - Blog by SH3LL</description><pubDate>Mon, 24 Mar 2025 20:40:33 GMT</pubDate></item><item><title>How To Install ADB Bootloader/Fastboot Drivers on Windows in 2025!</title><link>https://infophreak.com/how-to-install-android-bootloader-fastboot-drivers-on-windows-in-2025/</link><guid isPermaLink="true">https://infophreak.com/how-to-install-android-bootloader-fastboot-drivers-on-windows-in-2025/</guid><description>This blog serves to be an updated guide on how to install Bootloader/Fastboot drivers for your Android device. I will be using the Google drivers in this tutorial, so no suspicious downloads will be used at all in this blog!</description><pubDate>Thu, 20 Mar 2025 14:24:28 GMT</pubDate></item><item><title>Intelphreak - February 28, 2025</title><link>https://infophreak.com/intelphreak-february-28-2025/</link><guid isPermaLink="true">https://infophreak.com/intelphreak-february-28-2025/</guid><description>The Ghost/Cring Ransomware Gang&apos;s Unique Success; DMARC Required Under PCI DSS On March 31st of 2025; Apple Removes iCloud Encryption for UK; Recent High Efficacy Social Engineering Tactics; North Korean-Linked Attackers Stole $1.46 Billion in Crypto From Bybit Exchange</description><pubDate>Sat, 15 Mar 2025 05:41:20 GMT</pubDate></item><item><title>PortSwigger Academy - Information Disclosure in Version Control History</title><link>https://infophreak.com/portswigger-academy-information-disclosure-in-version-control-history-2/</link><guid isPermaLink="true">https://infophreak.com/portswigger-academy-information-disclosure-in-version-control-history-2/</guid><description>This lab discloses sensitive information via its version control history. To solve the lab, obtain the password for the administrator user then log in and delete the user carlos.</description><pubDate>Sat, 15 Mar 2025 04:31:45 GMT</pubDate></item><item><title>A DIGITAL EYE - Part 2 The Dark Side of Webcam Surveillance</title><link>https://infophreak.com/a-digital-eye-part-2-rats-and-the-realm-of-cybercrime-2/</link><guid isPermaLink="true">https://infophreak.com/a-digital-eye-part-2-rats-and-the-realm-of-cybercrime-2/</guid><description>In this blog post, we are discussing the negatives of webcam surveillance</description><pubDate>Fri, 14 Mar 2025 17:56:51 GMT</pubDate></item><item><title>New Insights on the Ghost Ransomware Gang and their Peculiar Success</title><link>https://infophreak.com/new-insights-on-the-ghost-ransomware-gang-and-their-peculiar-success/</link><guid isPermaLink="true">https://infophreak.com/new-insights-on-the-ghost-ransomware-gang-and-their-peculiar-success/</guid><description>This cyber threat intelligence investigation hunts ghosts - seeking to answer why the Ghost/Cring ransomware gang is so successful at eluding security researchers and being profitable, especially when they avoid phishing in favor of targeting known-vulnerabilities in internet-facing systems.</description><pubDate>Sun, 09 Mar 2025 21:48:21 GMT</pubDate></item><item><title>HackTheBox - APKey Walkthrough</title><link>https://infophreak.com/hackthebox-apkey-walkthrough/</link><guid isPermaLink="true">https://infophreak.com/hackthebox-apkey-walkthrough/</guid><description>This app contains some unique keys. Can you get one?</description><pubDate>Tue, 04 Mar 2025 22:09:45 GMT</pubDate></item><item><title>A Demonstration of the Potential for Modern LLM Abuse by Threat Actors</title><link>https://infophreak.com/a-demonstration-of-the-potential-for-modern-llm-abuse-by-threat-actors/</link><guid isPermaLink="true">https://infophreak.com/a-demonstration-of-the-potential-for-modern-llm-abuse-by-threat-actors/</guid><description>This article details the findings of two studies that highlight how security vulnerabilities in publicly-accessible LLMs can present a threat to public security through the proliferation of malicious knowledge, guidance in committing illegal activities, and generation of malicious content.</description><pubDate>Sat, 15 Feb 2025 16:03:01 GMT</pubDate></item><item><title>Intelphreak - February 11, 2025</title><link>https://infophreak.com/intelphreak-2-11-2025/</link><guid isPermaLink="true">https://infophreak.com/intelphreak-2-11-2025/</guid><description>Trump Disbands DHS Advisory Boards, LLM Jailbreaks Are Fueling Threats, DeepSeek Has Global Impact, Vulnerabilities in Contec Patient Monitors Allow PII Leakage &amp; RCE, Subaru STARLINK Vulnerability Allowed Unauthorized Remote Control of Vehicles, 2 Vulnerabilities in Apple Hardware</description><pubDate>Wed, 12 Feb 2025 00:37:00 GMT</pubDate></item><item><title>PortSwigger Academy - Information Disclosure in Error Messages</title><link>https://infophreak.com/portswigger-academy-information-disclosure-in-error-messages/</link><guid isPermaLink="true">https://infophreak.com/portswigger-academy-information-disclosure-in-error-messages/</guid><description>This lab&apos;s verbose error messages reveal that it is using a vulnerable version of a third-party framework. To solve the lab, obtain and submit the version number of this framework.</description><pubDate>Tue, 04 Feb 2025 14:00:29 GMT</pubDate></item><item><title>A DIGITAL EYE - Part 1 Introduction to Webcam Surveillance</title><link>https://infophreak.com/a-digital-eye-introduction-to-webcam-survelliance/</link><guid isPermaLink="true">https://infophreak.com/a-digital-eye-introduction-to-webcam-survelliance/</guid><description>In this blog post, we are discussing the importance of webcams from a  personal security standpoint</description><pubDate>Tue, 28 Jan 2025 19:44:42 GMT</pubDate></item><item><title>Intelphreak - January 22, 2025</title><link>https://infophreak.com/intelphreak-1-22-2025/</link><guid isPermaLink="true">https://infophreak.com/intelphreak-1-22-2025/</guid><description>Phishing Campaigns Target California Fires, TikTok Ban Delayed, UK Considers New Ransomware Laws, Critical MacOS Attacks &amp; Security Bypasses, Treasury Attack Attributed to Silk Typhoon, Critical Aviatrix Exploit, Expired Domains Present New Security Threats, Patch Tuesday Fixes Major Security Issues</description><pubDate>Wed, 22 Jan 2025 06:00:00 GMT</pubDate></item><item><title>Intelphreak - January 8, 2025</title><link>https://infophreak.com/intelphreak-1-8-2025/</link><guid isPermaLink="true">https://infophreak.com/intelphreak-1-8-2025/</guid><description>2024 Cybersecurity Recap, New Non-Social Engineering TTPs, Major Browser Extension Supply Chain Attack, Japan Airlines DDoS Attack, OpenAI Fined €15 Million, HHS Proposes Changes to HIPAA, Researchers Discover New Lazarus Group Malware Campaign, Chinese Nation-State Actors Breach US Treasury Data</description><pubDate>Fri, 10 Jan 2025 14:29:05 GMT</pubDate></item><item><title>2024 Recap of Cybersecurity, with Insights for the Future</title><link>https://infophreak.com/2024-recap-of-cybersecurity-with-insights-for-the-future/</link><guid isPermaLink="true">https://infophreak.com/2024-recap-of-cybersecurity-with-insights-for-the-future/</guid><description>2024 saw record-breaking breaches, an incredible AI boom, novel techniques and attack chains, and highly sophisticated cybercrime &amp; cyberwarfare operations. Cybersecurity came into the public purview due to the cascading effects of cyber incidents that affected millions of people worldwide.</description><pubDate>Tue, 07 Jan 2025 21:55:15 GMT</pubDate></item><item><title>Intelphreak - December 23, 2024</title><link>https://infophreak.com/intelphreak-12-23-2024/</link><guid isPermaLink="true">https://infophreak.com/intelphreak-12-23-2024/</guid><description>Chinese APTs Target U.S. Infrastructure; IOCONTROL Malware Hits OT, IoT, SCADA Devices; Widespread WordPress Exploitation; Prometheus Toolkit Vulnerabilities; Latest On Social Engineering; PUMAKIT Malware Targets Linux Kernels; FTC Warning On Scam Task Jobs</description><pubDate>Mon, 23 Dec 2024 12:00:26 GMT</pubDate></item><item><title>Deeper Insights into the Recent U.S. Telecom Provider Hacks, and Chinese APT Activity</title><link>https://infophreak.com/deeper-insights-into-the-recent-u-s-telecommunication-provider-hacks-and-chinese-apt-activity/</link><guid isPermaLink="true">https://infophreak.com/deeper-insights-into-the-recent-u-s-telecommunication-provider-hacks-and-chinese-apt-activity/</guid><description>This cyber threat intelligence investigation covers the who, what, why, when, and how of the recent state-sponsored Chinese cyberattacks on U.S. telecommunications providers, as well as how they fit into a broader picture of cyber-espionage that displays years of rising geopolitical tensions.</description><pubDate>Sun, 22 Dec 2024 05:39:33 GMT</pubDate></item><item><title>DOCKER GHOST CMS MARIADB 11 to MYSQL 8 MIGRATION GUIDE</title><link>https://infophreak.com/docker-ghost-cms-mariadb-11-to-mysql-8-migration-guide/</link><guid isPermaLink="true">https://infophreak.com/docker-ghost-cms-mariadb-11-to-mysql-8-migration-guide/</guid><description>Step by step guide for migrating from Mariadb 11 to MySQL8 for self-hosted Ghost CMS using docker. - Blog by SH3LL</description><pubDate>Sat, 21 Dec 2024 10:02:45 GMT</pubDate></item><item><title>Infophreak 2024 Christmas Giveaway!</title><link>https://infophreak.com/infophreak-2024-christmas-giveaway/</link><guid isPermaLink="true">https://infophreak.com/infophreak-2024-christmas-giveaway/</guid><description>We are allowing 4 lucky prize winners to choose between 1 month of Hack The Box or 1 month of TryHackMe! Entry is free and requires being a member of our Discord!</description><pubDate>Wed, 11 Dec 2024 07:07:03 GMT</pubDate></item><item><title>Discord Users Beware: Lumma Stealer Malware Lurking in Your Communities</title><link>https://infophreak.com/cosmo-whales/</link><guid isPermaLink="true">https://infophreak.com/cosmo-whales/</guid><description>Cosmo Whales is an infostealer campaign masquerading as a Web3 videogame. Threat actors have been observed in the wild distributing malware via job advertisements for a Web3 game called Cosmo Whales.</description><pubDate>Wed, 20 Nov 2024 17:02:24 GMT</pubDate></item><item><title>HackTheBoo 2024 Write-Up</title><link>https://infophreak.com/hacktheboo-2024-write-up/</link><guid isPermaLink="true">https://infophreak.com/hacktheboo-2024-write-up/</guid><description>This is a write-up for HackTheBoo 2024 that completed on October 26, 2024. The CTF event included spooky-themed Forensics, Web, Cryptography, Reverse Engineering, Pwn, and Coding challenges. </description><pubDate>Mon, 04 Nov 2024 11:00:22 GMT</pubDate></item><item><title>TryHackMe - Benign Walkthrough</title><link>https://infophreak.com/tryhackme-benign-walkthrough/</link><guid isPermaLink="true">https://infophreak.com/tryhackme-benign-walkthrough/</guid><description>We will investigate host-centric logs in this challenge room to find suspicious process execution. To learn more about Splunk and how to investigate the logs, look at the rooms splunk101 and splunk201.</description><pubDate>Tue, 24 Sep 2024 20:51:07 GMT</pubDate></item><item><title>Intelphreak - 11:30Z September 18th, 2024</title><link>https://infophreak.com/intelphreak-9-18-2024/</link><guid isPermaLink="true">https://infophreak.com/intelphreak-9-18-2024/</guid><description>TfL Cyberattack Updates, Cloudflare Outage Leaves Some Websites Inaccessible, Chinese Aerospace Firm Employee Charged for Phishing Aerospace/Military Entities, TDSSKiller Used to Disable EDRs &amp; Kawasaki Motors Europe Leak, Iran Tries to Hack Iraq, Port of Seattle Attack, New Oracle WebLogic Malware</description><pubDate>Wed, 18 Sep 2024 11:30:00 GMT</pubDate></item><item><title>Hosting SilverBullet.md read-only &amp; admin with Docker, DigitalOcean, Cloudflare, and NGINX</title><link>https://infophreak.com/hosting-silverbullet-md-read-only-admin-with-docker-digitalocean-cloudflare-and-nginx/</link><guid isPermaLink="true">https://infophreak.com/hosting-silverbullet-md-read-only-admin-with-docker-digitalocean-cloudflare-and-nginx/</guid><description>Admin and read-only SilverBullet.md setup using Docker, Cloudflare reverse proxy, a DigitalOcean droplet, and NGINX while sharing the same data source. - Blog by SH3LL</description><pubDate>Wed, 18 Sep 2024 10:48:13 GMT</pubDate></item><item><title>Setting up Ghost CMS with Docker, Digital Ocean, and Cloudflare</title><link>https://infophreak.com/setting-up-ghost-cms-with-docker-digital-ocean-and-cloudflare/</link><guid isPermaLink="true">https://infophreak.com/setting-up-ghost-cms-with-docker-digital-ocean-and-cloudflare/</guid><description>A full guide on infophreak&apos;s Ghost CMS infrastructure. - Blog by SH3LL</description><pubDate>Mon, 16 Sep 2024 23:34:39 GMT</pubDate></item><item><title>247CTF - The Encrypted Password Walkthrough</title><link>https://infophreak.com/247ctf-the-encrypted-password-walkthrough/</link><guid isPermaLink="true">https://infophreak.com/247ctf-the-encrypted-password-walkthrough/</guid><description>You won&apos;t find the admin&apos;s secret password in this binary. We even encrypted it with a secure one-time-pad. Can you still recover the password?</description><pubDate>Mon, 16 Sep 2024 07:00:17 GMT</pubDate></item><item><title>Basic Hardening of a Ubuntu DigitalOcean Droplet</title><link>https://infophreak.com/ubuntu-droplet-basic-hardening/</link><guid isPermaLink="true">https://infophreak.com/ubuntu-droplet-basic-hardening/</guid><description>Just the basics of hardening after deploying a Ubuntu droplet via DigitalOcean - Blog by SH3LL</description><pubDate>Fri, 13 Sep 2024 21:28:52 GMT</pubDate></item><item><title>How to create a new sudo user</title><link>https://infophreak.com/how-to-create-a-new-sudo-user/</link><guid isPermaLink="true">https://infophreak.com/how-to-create-a-new-sudo-user/</guid><description>Quick reference guide on creating a new sudo user - Blog by SH3LL</description><pubDate>Fri, 13 Sep 2024 21:06:27 GMT</pubDate></item><item><title>SSH user directory setup on Linux</title><link>https://infophreak.com/ssh-user-directory-setup-on-linux/</link><guid isPermaLink="true">https://infophreak.com/ssh-user-directory-setup-on-linux/</guid><description>Recommended directories, files, and permissions for each user&apos;s SSH config - Blog by SH3LL</description><pubDate>Fri, 13 Sep 2024 20:49:11 GMT</pubDate></item><item><title>Generating a modern, secure, and widely supported public/private key pair with ECDSA</title><link>https://infophreak.com/generating-a-modern-secure-and-commonly-supported-public-private-key-pair/</link><guid isPermaLink="true">https://infophreak.com/generating-a-modern-secure-and-commonly-supported-public-private-key-pair/</guid><description>Recommended steps for generating a modern, secure, and widely supported public/private key pair using ECDSA</description><pubDate>Fri, 13 Sep 2024 20:24:45 GMT</pubDate></item><item><title>Test post</title><link>https://infophreak.com/untitled-2/</link><guid isPermaLink="true">https://infophreak.com/untitled-2/</guid><pubDate>Thu, 12 Sep 2024 18:36:00 GMT</pubDate></item><item><title>Setting Up Multiple CTFd Instances with Docker, Digital Ocean, and Cloudflare</title><link>https://infophreak.com/multiple-ctfd-instances/</link><guid isPermaLink="true">https://infophreak.com/multiple-ctfd-instances/</guid><description>Our first dive into docker, challenges and lessons learned, a full guide on infophreak&apos;s CTFd infrastructure. - Blog by SH3LL</description><pubDate>Thu, 05 Sep 2024 12:17:00 GMT</pubDate></item><item><title>Intelphreak - 10:00Z September 4th, 2024</title><link>https://infophreak.com/intelphreak-9-4-2024/</link><guid isPermaLink="true">https://infophreak.com/intelphreak-9-4-2024/</guid><description>IT Outages in Netherlands, PoorTry Windows Driver Evolves, Iran-Sponsored Threat Actor Engages in Intelligence Operations on US &amp; UAE targets, FlyCASS Vulnerability Risks Security Bypass, NK Threat Actors Exploit Chrome Zero-Day, GitHub Comments Distributing Malware, Cicada3301 Targets ESXi Systems</description><pubDate>Wed, 04 Sep 2024 10:00:00 GMT</pubDate></item><item><title>Threat Intelligence vs. Threat Hunting: Distinct Roles, Unified Defense</title><link>https://infophreak.com/threat-intelligence-vs-threat-hunting-distinct-roles-unified-defense/</link><guid isPermaLink="true">https://infophreak.com/threat-intelligence-vs-threat-hunting-distinct-roles-unified-defense/</guid><description>This blog aims to provide a clear and comprehensive understanding of threat intelligence and threat hunting, their differences and how they work together.</description><pubDate>Wed, 04 Sep 2024 02:50:18 GMT</pubDate></item><item><title>Intelphreak - 4:00Z August 29th, 2024</title><link>https://infophreak.com/intelphreak-8-29-2024/</link><guid isPermaLink="true">https://infophreak.com/intelphreak-8-29-2024/</guid><description>The US Department of State &amp; US Secret Service Have Issued a Reward of Up to $2.5 Million for Information Leading to the Arrest of Volodymyr Kadariya in Any Country</description><pubDate>Thu, 29 Aug 2024 04:00:00 GMT</pubDate></item><item><title>TIS-100 | Self-Test Diagnostic</title><link>https://infophreak.com/tis-100-self-test-diagnostic/</link><guid isPermaLink="true">https://infophreak.com/tis-100-self-test-diagnostic/</guid><description>TIS-100 is an open-ended programming game by Zachtronics, the creators of SpaceChem and Infinifactory, in which you rewrite corrupted code segments to repair the TIS-100 and unlock its secrets. It’s the assembly language programming game you never asked for!</description><pubDate>Mon, 12 Aug 2024 22:59:01 GMT</pubDate></item><item><title>TryHackMe: ConvertMyVideo</title><link>https://infophreak.com/tryhackme-convertmyvideo/</link><guid isPermaLink="true">https://infophreak.com/tryhackme-convertmyvideo/</guid><description>A thorough walkthrough/writeup of ConvertMyVideo on TryHackMe. </description><pubDate>Mon, 12 Aug 2024 07:45:27 GMT</pubDate></item><item><title>Malware Report: CrowdStrike&apos;s BSOD Bug and the Rise of Fake Support Scams</title><link>https://infophreak.com/malware-report-crowdstrikes-bsod-bug-and-the-rise-of-fake-support-scams/</link><guid isPermaLink="true">https://infophreak.com/malware-report-crowdstrikes-bsod-bug-and-the-rise-of-fake-support-scams/</guid><description>In a dramatic turn of events, CrowdStrike&apos;s latest update inadvertently triggered the dreaded Blue Screen of Death (BSOD) for numerous users. As if the chaos wasn&apos;t enough, opportunistic threat actors seized the moment, posing as CrowdStrike support to distribute malware...</description><pubDate>Fri, 09 Aug 2024 17:37:08 GMT</pubDate></item><item><title>PicoCTF - Speeds and Feeds Walkthrough</title><link>https://infophreak.com/picoctf-speeds-and-feeds/</link><guid isPermaLink="true">https://infophreak.com/picoctf-speeds-and-feeds/</guid><description>There is something on my shop network running at `nc mercury.picoctf.net 16524`, but I can&apos;t tell what it is. Can you?</description><pubDate>Tue, 06 Aug 2024 17:23:35 GMT</pubDate></item><item><title>What Is: The EICAR Test File?</title><link>https://infophreak.com/what-is-the-eicar-test-file/</link><guid isPermaLink="true">https://infophreak.com/what-is-the-eicar-test-file/</guid><description>Testing and validation form a part of the life cycle of every security system in the cybersecurity world. In the ever-increasing pantheon of tools at the disposal of security researchers stands one that has grown to become a de facto standard for testing...</description><pubDate>Mon, 05 Aug 2024 17:35:21 GMT</pubDate></item><item><title>TryHackMe - Friday Overtime Walkthrough</title><link>https://infophreak.com/tryhackme-friday-overtime-walkthrough/</link><guid isPermaLink="true">https://infophreak.com/tryhackme-friday-overtime-walkthrough/</guid><description>It&apos;s a Friday evening at PandaProbe Intelligence when a notification appears on your CTI platform. While most are already looking forward to the weekend, you realize you must pull overtime because SwiftSpend Finance has opened a new ticket, raising concerns about potential malware threats. </description><pubDate>Mon, 05 Aug 2024 14:37:09 GMT</pubDate></item><item><title>Tryhackme - Searchlight IMINT Walkthrough</title><link>https://infophreak.com/tryhackme-searchlight-imint-writeup/</link><guid isPermaLink="true">https://infophreak.com/tryhackme-searchlight-imint-writeup/</guid><pubDate>Mon, 29 Jul 2024 12:17:51 GMT</pubDate></item><item><title>Malware Report: Wannacry Ransomware</title><link>https://infophreak.com/wannacry-report/</link><guid isPermaLink="true">https://infophreak.com/wannacry-report/</guid><description>Wannacry is a ransomware that utilized the EternalBlue exploit to propagate through the targets network and attacked outdated Windows computers globally in May of 2017. </description><pubDate>Mon, 29 Jul 2024 12:17:51 GMT</pubDate></item><item><title>What Is Malware Analysis?</title><link>https://infophreak.com/what-is-malware-analysis/</link><guid isPermaLink="true">https://infophreak.com/what-is-malware-analysis/</guid><description>Malware analysis is a crucial discipline within the field of cybersecurity that involves the in-depth examination of malicious software, often referred to as &quot;malware.&quot; </description><pubDate>Mon, 29 Jul 2024 12:17:51 GMT</pubDate></item><item><title>Tryhackme - Dunkle Materie Walkthrough</title><link>https://infophreak.com/tryhackme-dunkle-materie-writeup/</link><guid isPermaLink="true">https://infophreak.com/tryhackme-dunkle-materie-writeup/</guid><pubDate>Mon, 29 Jul 2024 12:17:50 GMT</pubDate></item><item><title>Tryhackme - REloaded Walkthrough</title><link>https://infophreak.com/tryhackme-reloaded-writeup/</link><guid isPermaLink="true">https://infophreak.com/tryhackme-reloaded-writeup/</guid><description>This room is dedicated for the RE challenges, each challenge has unique concepts divided in each binaries. As if now only phase 1 is added will decide about phase 2 on response. Developed by WhiteHeart and tested by IslaMukheef</description><pubDate>Mon, 29 Jul 2024 12:17:50 GMT</pubDate></item><item><title>Hackthebox - Subatomic Walkthrough</title><link>https://infophreak.com/hackthebox-subatomic-walkthrough/</link><guid isPermaLink="true">https://infophreak.com/hackthebox-subatomic-walkthrough/</guid><description>Forela is in need of your assistance. They were informed by an employee that their Discord account had been used to send a message with a link to a file they suspect is malware...</description><pubDate>Mon, 29 Jul 2024 12:17:48 GMT</pubDate></item><item><title>Intelphreak - 10:30Z July 29th, 2024</title><link>https://infophreak.com/intelphreak-7-29-2024/</link><guid isPermaLink="true">https://infophreak.com/intelphreak-7-29-2024/</guid><description>Threat Actors Use Cloud to Host Campaigns, LASC Network Compromise, E-Commerce Credit Card Skimmers, Evasive Panda Upgrades, “USDoD” CrowdStrike Breach, Videogame Used to Exfiltrate Data, Telegram Zero-Day, Selenium Grid Crypto Mining, Leidos Leak, New Report on North Korean Cyber Campaigns</description><pubDate>Mon, 29 Jul 2024 10:30:00 GMT</pubDate></item><item><title>Intelphreak - 10:30Z July 22nd, 2024</title><link>https://infophreak.com/intelphreak-7-22-2024/</link><guid isPermaLink="true">https://infophreak.com/intelphreak-7-22-2024/</guid><description>CrowdStrike Outage, Delinea Fixes Privilege Vulnerability, Malicious NPM Packages Discovered, Cisco Patches Secure Email Gateway, Rite Aid Data Breach, Ransomware Group Continues ESXi Exploitation, FIN7 Rebrands to Sell Malicious Tools, New Research on APT41, Treasury Sanctions Russian Hacktivists</description><pubDate>Mon, 22 Jul 2024 10:30:00 GMT</pubDate></item><item><title>Intelphreak - 4:00Z July 15th, 2024</title><link>https://infophreak.com/intelphreak-7-15-2024/</link><guid isPermaLink="true">https://infophreak.com/intelphreak-7-15-2024/</guid><description>Increased Hacktivisim Until 2025, NSA Release on PRC APT, AllHere Faces Financial &amp; Privacy Trouble, Shopify Data Breach Origin, Ticketmaster Leaks, RADIUS Vulnerability, Espionage Groups Using ORB Networks, OpenSSH Vulnerability Allows RCE, Research Says Attackers Exploited a Windows Zero-Day</description><pubDate>Mon, 15 Jul 2024 04:00:00 GMT</pubDate></item><item><title>Intelphreak - 12:30Z June 25th, 2024</title><link>https://infophreak.com/intelphreak-6-25-2024/</link><guid isPermaLink="true">https://infophreak.com/intelphreak-6-25-2024/</guid><description>EU Delays Vote on Surveillance Legislation, CDK Global Cyber Attacks, Espionage Actor Persists via Fortinet/Ivanti/VMWare CVEs, AI &amp; Hydrogen Firms Partner with Nuclear Energy Companies, Army Debuts New AI Program, SneakyChef Deploys SugarGh0st Malware, US Government Clamps Down on Kaspersky</description><pubDate>Tue, 25 Jun 2024 12:30:00 GMT</pubDate></item><item><title>Intelphreak - 21:00Z June 18th, 2024</title><link>https://infophreak.com/intelphreak-6-18-2024/</link><guid isPermaLink="true">https://infophreak.com/intelphreak-6-18-2024/</guid><description>Microsoft Whistleblower, Sygnia Uncovers China-Linked Threat Actor, UK Hospitals Need Trainees’ Help After Cyber Attack, Talos Intelligence Has Identified a Pakistani APT Targeting Indian Entities, VulnCheck Report Shows 90% Increase in Disclosed Exploited Vulnerabilities Since April</description><pubDate>Tue, 18 Jun 2024 21:00:00 GMT</pubDate></item><item><title>Intelphreak - 20:00Z June 10th, 2024</title><link>https://infophreak.com/intelphreak-6-10-2024/</link><guid isPermaLink="true">https://infophreak.com/intelphreak-6-10-2024/</guid><description>Microsoft Recall Will Be Opt-In, Study Shows LLMS Can Exploit “Zero-Day” Vulnerabilities, CJEU Rules Copyright Over IP Privacy, Threat Actors Potentially Compromise Snowflake, Cyber Attacks on Russia &amp; Belarus Companies, Global Operation “Endgame” Disrupts Over 100 Malicious Servers</description><pubDate>Mon, 10 Jun 2024 20:00:00 GMT</pubDate></item></channel></rss>