New: friedphishAll contenthive-129948krhive-196917steemzzanhive-166405hive-183959hive-180932hive-185836hive-150122uncommonlabphotographyhive-144064hive-101145lifehive-183397bitcoinhive-145157hive-188619hive-184714krsuccesshive-193637hive-124908hive-109690hive-181136TrendingNewHotLikersbalor (40)in technology • 6 years agoGetting Code Execution on an iCloud Phishing PanelSo in my previous post I mentioned that the panel I discovered was really, really badly coded. So I decided to do a little audit of the code and find a way to gain code execution. Firstly, you…balor (40)in technology • 6 years agoA Look Inside an Apple iCloud Phishing Panel.So by sheer dumb luck today, we managed to nab a nice phishing panel and gain access to its backend literally as it got deployed to the internet. We were monitoring the Certificate Transparency…balor (40)in introduceyourself • 6 years agoA Somewhat Overdue Introduction...So I forgot to post an introduction post, due to being a bit busy posting up a bunch of content and working out some of the backend stuff for the Fried Phish Project . So I am balor, a security…balor (40)in technology • 6 years agoAn Example of a DHL Phishing Attack (Featuring: Comic Sans).So this is another really, really crude phishing kit that I have seen around the place quite a lot in the past while, targeting users of the DHL service. Effectively it seeks to jack peoples DHL…balor (40)in technology • 6 years agoAn Example of an Alibaba (and Gmail!) Phishing Attack.So this is a moderately interesting one, in that you get twice the fuckery for half the price. What appeared to be, on first glance, a phishing page targeting Alibaba users, also harvests your login…balor (40)in technology • 6 years agoAn Outlook Phishing Page Hosted on a Kenyan Government Website.So this is a curious case, while reviewing our logs of phishing sites detected, we spotted a Kenyan government domain amongst the logs, so of course we had to investigate. The phishing page we…balor (40)in technology • 6 years agoAn Example of an Ourtime.com (Dating Site) Phishing Attack.So this one is a little amusing, we came across it after updating our phishing sample collector to also search for dating-site related keywords. The kit is targeting users of "Ourtime.com", a dating…balor (40)in technology • 6 years agoAn Example of an Outlook Phishing Attack.So here we have another phishing setup we discovered as part of the "Fried Phish" project, this time targeting Spanish speaking Outlook webmail users. This one is rather crude, but the way we used…balor (40)in technology • 6 years agoAn Example of a Cox Phishing Attack.So here we have another phishing setup we discovered as part of the "Fried Phish" project, this time targeting customers of Cox Communications, an ISP and TV provider in the United States. This…balor (40)in technology • 6 years agoAn Example of a Maersk Phishing Attack.So for my first post here, as part of the "Fried Phish" project I'll give you all a look behind the scenes of a phishing campaign we came across today, while scouring the internet for evil. So we…