iahmad94at September 08,2017 Might be a silly question, I wonder why he's utilizing FTP instead of SFTP? Wouldn't an encrypted session be better off to stop admins and local IDS from logging and tracking exactly what he's sending back or pulling in? I guess it also depends on firewall config...
domcalderat September 09,2017 This attacker was persistent in getting everything he needed to complete the attack. The attacker had to utilize social engineering in order to get successful sphere phishing attempts. Though he had to utilize many tools for the attack success, his persistence is what ultimately got his success. I would think many people would give up but the motivation the attacker had was probably stronger than simply giving up when his attack wasn't very successful.
rbflapjackat September 09,2017 Interesting but a lot of this was beyond me. It definitely peaked my interest though to learn more about hacking and cybersecurity. Much of it looked fairly simple but would take some time and persistence. I will look into the full report that is mentioned in some of the earlier comments.
stkramergmu3at September 09,2017 This video definitely does a great job of pointing out how hacking with simple tools can be about as easy as signing up for a credit card. What I would like to know more about is the data they were after, and how successful they were in getting it. How much info can an "unsophisticated" hack really glean, and what level of defense would have prevented it? It seems like more and more, cybersecurity is becoming less about "protect everything" and more about cost/benefit.
secallahanat September 14,2017 It's interesting to get a first-hand look at spearfishing in progress. I've heard the term before, but I never really had a complete understanding. With spearfishing, hackers attempt to gain access to sensitive information, especially financial information, by sending emails from someone you know (or think you know). It was beneficial to see the process they go through to gain access to this sensitive information.