Found 3 bookmarks
Custom sorting
We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI
We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI
We recently performed research that started off "well-intentioned" (or as well-intentioned as we ever are) - to make vulnerabilities in WHOIS clients and how they parse responses from WHOIS servers exploitable in the real world (i.e. without needing to MITM etc). As part of our research, we discovered that a few years ago the WHOIS server for the .MOBI TLD migrated from whois.dotmobiregistry.net to whois.nic.mobi – and the dotmobiregistry.net domain had been left to expire seemingly in December 2023.
#watchtowr#EN#2024#DNS#WHOIS#domain#renes#.mobi
·labs.watchtowr.com·
We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI
Mail in the middle – a tool to automate spear phishing campaigns
Mail in the middle – a tool to automate spear phishing campaigns
The idea is simple; take advantage of the typos that people make when they enter email addresses. If we positioned ourselves in between the sender of an email (be it a person or a system) and the legitimate recipient, we may be able to capture plenty of information about the business, including personally identifiable information, email verification processes, etc. This scenario is effectively a Person-in-the-Middle (PiTM), but for email communications.
#Orange-Cyberdefence#sensepost#2024#EN#Typosquatting#tool#mail#domain
·sensepost.com·
Mail in the middle – a tool to automate spear phishing campaigns