Your cart is currently empty!
Category: Phoenix BlackOps Blog
Malicious Captcha’s to Malicious Copy Code Buttons
Malicious Captcha’s to Malicious Copy Code Buttons Malicious Captcha’s to Malicious Copy Code Buttons October 29, 2024 Malicious Captchas Russian APT 28 aka FancyBear was recently discovered to be deploying a very unique phishing scheme against local Ukrainian government workers. The technique involved copying malware to the user’s clipboard when interacting with a malicious captcha.…
Automate SSH Hardening with Ansible
Automate SSH Hardening with Ansible Automate SSH Hardening with Ansible September 28, 2024 In this lightning fast tutorial we’ll go through automating SSH server hardening using Ansible. This tutorial should work with either debain or fedora based systems, the installation process may differ based on distro. It requires that you have a remote sudo user…
First 10 Minutes on an Ubuntu Server
First 10 Minutes on an Ubuntu Server First 10 Minutes on an Ubuntu Server September 19, 2024 When you first boot up an Ubuntu server, you have to first secure it before launching your apps. In this tutorial I go through the basics of securing / hardening an Ubuntu instance. I would love to hear…
How to Setup 2FA on an SSH Server
How to Setup 2FA on an SSH Server How to Setup 2FA on an SSH Server August 22, 2024 In this tutorial we will install Google Authenticator to provide time-based 2FA as a second layer of protection on our server. I will mention that if you are using SSH keys then you are most likely…
How to Change the Default SSH Server Port on Ubuntu
How to Change the Default SSH Server Port on Ubuntu How to Change the Default SSH Server Port on Ubuntu August 22, 2024 This is a really simple and quick tutorial on how to change the default port on an SSH server to a custom port. Changing the Default SSH Server Port SSH uses port…
How to Install Wireshark on Ubuntu
How to Install Wireshark on Ubuntu How to Install Wireshark on Ubuntu August 18, 2024 In this micro-tutorial I go through installing Wireshark on Ubuntu like operating systems via both the default package manager and PPA (Personal Package Archive). Specifically I am using Linux Mint 21.2 Cinnamon. The official wireshark site is: https://www.wireshark.org/ Let’s Dive!…
Using Wazuh for File Integrity Monitoring
Using Wazuh for File Integrity Monitoring Using Wazuh for File Integrity Monitoring August 16, 2024 In this tutorial I go through Wazuh’s File Integrity Monitoring (FIM) capabilities. I will explore the FIM dashboards, experiment with modifying some files, and some minor configuration changes. The aim is that by the end of the tutorial you have…
Installing Wazuh on Ubuntu
Installing Wazuh on Ubuntu Installing Wazuh on Ubuntu August 15, 2024 In this tutorial I go through installing Wazuh, an opensource SIEM on Ubuntu. It covers installing both the Wazuh Manager and the Wazuh Agent. The official Wazuh quickstart docs can be found here: https://documentation.wazuh.com/current/quickstart.html so if you are running an OS other than Ubuntu…
Phoenix Data CS Risk Framework
Phoenix Data CS Risk Framework Phoenix Data CS Risk Framework August 14, 2024 This post outlines the Phoenix Data CS Risk Framework (current version Beta 1.2).ย It addresses data assessment, data classification, and data scoring against the CIA Triad to determine data risk. The aim of the project is to provide a streamlined framework for…
-
ICMP Flood DoS Attack Explained
ICMP Flood DoS Attack Explained ICMP Flood DoS Attack Explained August 6, 2024 What is an ICMP Flood DoS Attack? ICMP stands for Internet Control Message Protocol and serves as a means to troubleshoot network issues, network diagnostics, and so forth. When one computer sends an ICMP echo-request to another computer, the receiving computer responds…