Posts

ClickFix Attack Write Up

Image
The internet can be an interesting and dangerous place. While doing research the other day for a project, I finally encountered a site that seems to have been taken over by my malicious actors to execute a ClickFix style attack. ClickFix Social Engineering schemes have gained popularity in recent months, but this was my first time encountering one in the wild. I wanted to share a quick write-up for interested colleagues, even though its different from what I was intending to do with this page.   There are several variations on the ClickFix theme, but they all follow a similar pattern. When accessing a site, a banner of some kind prompts the user to open a run dialog on their machine and paste and obfuscated command. The commands execute a malicious payload to deliver whatever form of malware attackers wish. From this point on, the attacker can complete whatever they wish with the victim’s machine. The rest of this post is an analysis of what happened but the site that I visite...
Post a Comment
Read more

Home Lab Hardware 2.0 – New Hosts

Image
     While working on some projects in my home lab recently, I’ve begun encountering resource shortages. Many of these shortages stem from my original intention to utilize repurposed desktop hardware. Although my lab no longer uses VMware, I still utilize it for work and read content, such as William Lam’s blog . While browsing his VCF9 content, I began to notice some relatively inexpensive machines that would meet my needs by providing more CPU and RAM for my workloads. The Minisforum MS-A2 immediately came to consideration due to its 16-core/32-thread AMD processor and the ability to support up to 96GB of RAM. However, shipping is relatively delayed, and I don’t need the smallest form factor available. Further research led me to the Minisforum 795S7 , which has similar specifications but in a larger case.     The 795S7 fits exactly what I was looking for in a lab machine. The processor and RAM mentioned above enable me to reduce the required number of hosts f...
Post a Comment
Read more