/security/ Archive

A new extortion method

I’ve been seeing reports from various people about a new type of extortion emails that are being received nowadays. The emails in question threaten the victim with exposing it to the friends and family for watching porn or doing some other potentially incorrect activity online, like downloading torrents. To draw the attention the blackmailers provide

[Script] Block bad referrers in vestaCP

One of the nastiest problems when it comes to webserver resource and bandwidth usage is represented by the bad referrers which associate with a series of artificial queries from various hostnames that spam the crap out of the webserver and statistical logs. Because the accuracy of the statistical traffic reports is highly influenced by such

[Case Study] Hacking the funnels (part 2)

I’ve already covered a lot of stuff through the previous post, however there’s some stuff left to take into consideration. Stuff that’s commercial but offered for free elsewhere. First and foremost, if you do proper research you can get paid items for free. Let’s take the Lumieres theme for example which can be obtained here

A few things about (in)security

A lot of folks have been praising a series of newly released apps and tools as well as online platforms and used words such as “secure” to describe them and reference them as bulletproof against eavesdropping. However all of them are meant to give a false feeling of security because every single app or platform is

SSH honeypot on Debian with Kippo

I had an idle cloud server from Cloudatcost.com and I decided at some point to setup a honeypot on it. So I started with SSH and found this tutorial on Kippo which is outdated and because it’s only partly useful I’ve decided to write my own installation tutorial for those willing to install Kippo on