Ankit Anubhav

@ankit_anubhav

Voice of IoT Security & awareness. I make the world of IoT a safer place. Principal Security Researcher Ex- / Ex-

Russian Federation  
ankitanubhav.com
Geregistreerd in oktober 2009
145 foto's en video's Foto's en video's

Tweets

Je hebt @ankit_anubhav geblokkeerd

Weet je zeker dat je deze Tweets wilt bekijken? @ankit_anubhav wordt niet gedeblokkeerd door Tweets te bekijken.

  1. Vastgemaakte Tweet
    19 sep. 2017

    There is a reason we chose to be on the challenging side and became whitehat. Let us never forget our motives.

    2 antwoorden 11 retweets 28 vind-ik-leuks
    Ongedaan maken
  2. heeft geretweet
    28 jun.

    🆕 BLOG: & deep dive in-the-wild Exploit Kit miner activity, exploring some lesser-known methods: 1⃣ RIG Exploit Kit + various exploits 2⃣ NSIS Loader + 's PROPagate process injection 3⃣ Several anti-analysis techniques

    , en
    4 antwoorden 53 retweets 91 vind-ik-leuks
    Deze collectie tonen
    Deze collectie tonen
    Ongedaan maken
  3. 28 jun.

    It is good that most of the infosec is on Twitter and not Facebook, and I dont miss out a lot by not having a Facebook account.

    Deze Tweet is niet beschikbaar.
    1 antwoord 1 retweet 8 vind-ik-leuks
    Ongedaan maken
  4. 27 jun.

    full BBC article here

    1 retweet
    Deze collectie tonen
    Deze collectie tonen
    Ongedaan maken
  5. 27 jun.

    Wow, this is another level of security fail. People getting CCTV feeds of other cameras instead of their own. "The BBC first learned of the problem on Saturday, when a member of its staff began receiving motion-triggered video clips from an unknown family's kitchen."

    Great to meet the manager and share our concerns that remote access CCTV system is giving us images from his cameras in place of our own. Bizarre to be able to take a selfie using someone else's CCTV camera
    1 antwoord 2 retweets 1 vind-ik-leuk
    Deze collectie tonen
    Deze collectie tonen
    Ongedaan maken
  6. 27 jun.

    I wasted all day trying to fix my , bricked my router and IPTV connection in frustration and now I see this. :/

    1 retweet
    Ongedaan maken
  7. 27 jun.

    Windows 98 system proudly running with SMB exposed as seen on Shodan. One needs special level of courage to do this!

    3 antwoorden 1 retweet 11 vind-ik-leuks
    Ongedaan maken
  8. heeft geretweet
    27 jun.
    Als antwoord op

    Some great, and terrifying, research by which it would have been remiss of me to omit.

    Was going through the book "Cyber Wars: Hacks that Shocked the Business World" and observed some of my research mentioned here. Thanks for covering ! One can get the book on Amazon here -
    1 retweet 3 vind-ik-leuks
    Ongedaan maken
  9. 27 jun.

    Was going through the book "Cyber Wars: Hacks that Shocked the Business World" and observed some of my research mentioned here. Thanks for covering ! One can get the book on Amazon here -

    1 antwoord 2 retweets 5 vind-ik-leuks
    Ongedaan maken
  10. heeft geretweet
    27 jun.

    DoS attacks are targetting . We have seen some SYN-ACK in our network telescope (SYN FLOOD). DDoSMon shows that NTP and CLDAP were also used for the amplified DRDoS. Good luck with the mitigation guys.

    Our network has been under sustained attack this morning. We are working with our upstream providers to mitigate the attack. Emails are delayed but will not be lost. Thank you for your patience.
    10 retweets 11 vind-ik-leuks
    Ongedaan maken
  11. 26 jun.

    I love how the fact how infosec is debating about while and don't give a damn about it and are posting screenshots of desktops of cyber criminals and scammers xD

    3 antwoorden 11 retweets 48 vind-ik-leuks
    Ongedaan maken
  12. 26 jun.

    Some IoT exploits are so basic that even tweet length is too big for them. CVE-2017-7577 [ UC-HTTPd Path Traversal vulnerability in multiple XiongMai cameras] is : "GET /../../../../../etc/passwd" . Yes, that's all. Already seen on honeypot logs.

    1 antwoord 17 retweets 40 vind-ik-leuks
    Ongedaan maken
  13. 25 jun.

    Sandbox Party! Following dork will give you cuckoo sandboxes which one can use to analyze malware. NOTE : Using a sandbox without notifying the user is still unethical (probably illegal). Better to check with owner before you use them!

    1 antwoord 7 retweets 22 vind-ik-leuks
    Ongedaan maken
  14. heeft geretweet
    21 jun.

    I have created a collection of IDA/radare2 signatures for uClibc version often used in MIRAI based malwares. I hope they are usefull to someone :D

    1 antwoord 19 retweets 36 vind-ik-leuks
    Ongedaan maken
  15. 19 jun.

    How to take care of your sister who hasn't prepared well for her exam? Ask botnet operators to DDoS IP of the school so the online exam server breaks down. Well that's a caring brother, but DDoS is still illegal. To study and pass exams might be a better way.

    1 antwoord 6 retweets 13 vind-ik-leuks
    Ongedaan maken
  16. 18 jun.

    Lol. Hakai C2 server is also hosting my Twitter profile picture now. Thanks for notifying

    1 antwoord 1 retweet 16 vind-ik-leuks
    Ongedaan maken
  17. 18 jun.

    Hakai trolling researchers. The C2 hakaiboatnet(.)pw says "If you are a researcher, visit /hacker page." When you visit it, you get "/youcantfindmybinsyoufu*kingb*tch" instead of the binary payloads :(

    2 antwoorden 20 retweets 36 vind-ik-leuks
    Ongedaan maken
  18. 17 jun.

    And now when I google port 8584 I get more articles related to the crypto hack, due to cross reporting. Poor port 8584 is that person who gets indicted in a crime someone else did lol. (2/2)

    This is incorrect (probably typo) . The port exploited here is 8545 and not the one mentioned in this article. Being a blog author myself, I am last to criticize writings, but such wrong information can lead to people searching/investigating on wrong ports. (1/2)
    4 retweets 7 vind-ik-leuks
    Ongedaan maken
  19. 17 jun.

    This is incorrect (probably typo) . The port exploited here is 8545 and not the one mentioned in this article. Being a blog author myself, I am last to criticize writings, but such wrong information can lead to people searching/investigating on wrong ports. (1/2)

    Hackers Steal Over $20 Million of Ethereum After Exploiting Port 8584
    1 antwoord 11 retweets 29 vind-ik-leuks
    Ongedaan maken
  20. 15 jun.

    This is also independently observed by who have promised to publish a blog on this. Looking forward to it. Also observed by GPON Party bug is over as stated before [ ] , hence attackers had to move to something new. (2/2)

    GPON party is over as seen in our tracking graph. If you are a script kiddie and want to use leaked CVE-2018-10561 , you are not going to pull high number of devices in your bot anymore. ( Unless you use another GPON bug) . People already exploited everything they could.
    1 antwoord 2 retweets 3 vind-ik-leuks
    Deze collectie tonen
    Deze collectie tonen
    Ongedaan maken
  21. 15 jun.

    Seeing fresh attacks of EDB-ID: 44760 (DLink). The exploit is 'GET /login.cgi?cli="Do whatever you want" Interestingly the IP 185 62 190. 91 involved in this exploit was seen exploiting the GPON party bug too (CVE-2018-10561). User agent is also same "Hello world" ! (1/2)

    1 antwoord 13 retweets 24 vind-ik-leuks
    Deze collectie tonen
    Deze collectie tonen
    Ongedaan maken

@ankit_anubhav heeft nog niet getweet.

Het laden lijkt wat langer te duren.

Twitter is mogelijk overbelast of ondervindt een tijdelijke onderbreking. Probeer het opnieuw of bekijk de Twitter-status voor meer informatie.

    Je bent misschien ook geïnteresseerd in

    ·