Posts

Introduction More blue-team challenges. Hell yeah! Today I’ll be going through the Mr Phisher room from TryHackMe. Uncover the flag in the email attachment! I received a suspicious email with a very weird-looking attachment. It keeps on asking me to “enable macros”. What are those? Interesting hook. Macros are often used in phishing documents to run unintended code. Marcos are usually disabled by default because they’ve been used maliciously so often. They are useful if you have some big crazy excel sheet that runs calculations, for example. On the more malicious side of things; I’ve seen some documents that will just have an image showing some generic looking windows error message (Like the 365 error messages) saying something like “Error: Please allow Macros to access this document.”. Y’know, normal things like that (Which you should never do.). ...

Introduction Just like my last two posts, today I’ll be going through Tata’s job simulation, also available through theforage.com. Where the Mastercard simulator focused on Phishing, and the Deloitte one had a focus on network logs, this simulator is more focused on Identity and Access Management. I’ve not heard of Tata before. After a quick search I found out they’re an Indian multinational. They look like a Tesla competitor based on how their EVs look. What the company does doesn’t really matter. A phishing email is a phishing email at the end of the day. We’ll not be looking at Phishing today though (Unfortunately), time to delve into IAM. ...

Extract insight from a set of flagged artefacts, and distil the information into usable threat intelligence. Back to TryHackMe once again! This time I’ll be focusing on a Blue-Team heavy challenge room - Invite Only. I’ve been trying to target more threat-hunting and defensive challenges lately, so this should be fun! As per the description of the room above it doesn’t seem like we’ll need to be doing any red-team activities, so this should be fairly straightforward! ...

Introduction If you’ve read my last post you’ll know I found a free, self-paced training resource that let you get some experience without needing to leave the house. It turns out that MasterCard has a similar virtual experience available!. These virtual experiences are all run through a platform called theforage.com which seems to offer quite a few of these. Task one: Design a phishing email simulation Here’s the task overview of this task: ...

Introduction Riding off of the high of recently passing my SC-200 I decided to find some free, self-paced training resources while I decide what exam I’ll go for next. Having a quick look around on LinkedIn I stumbled across Deloitte’s Cyber Job Simulator. From the overview of the course: A risk-free way to experience work on the job with us at Deloitte Australia. Practise your skills with example tasks and build your confidence to ace your applications. ...