Read More
  • 4 minute read

You Can Run, But You Can’t Hide

In the past, there was a threat actor, when the barbers were fleas, and the horses were jesters. This threat actor had sent an email to top-level employees of the institutions he targeted, with an HTML file attached. When this HTML file was opened, and the link address (https://go0gle-drive[.]blogspot[.]com) followed,…
Read More
0
0
0
0
0
Read More
  • 3 minute read

Combatting SIM Swapping

In today’s world, we use two-factor authentication for security when logging in to everything from our email accounts to our social media accounts, from our internet banking accounts to the accounts that hold the source code of software we develop. When we hear the term two-factor authentication, many of us…
Read More
0
0
0
0
0
Read More
  • 3 minute read

Hooking on Android

Although our topic is the Android world, when it comes to hooking, I first think of the illegal electricity that is drawn by hooking onto energy transmission lines and into homes. In the Android world, we also use a similar method when we want to dynamically analyze or intervene in…
Read More
0
0
0
0
0
Read More
  • 4 minute read

Cerberus Analysis

In February 2020, I received a SMS on my cell phone that made me quite suspicious. When I visited the https://ko[.]tc/hediyekazani web address mentioned in the message, I found that I was redirected to the http://www-bedavainternethediyeuygulama[.]com web address. A short time after receiving the SMS, when I visited the website…
Read More
0
0
0
0
0
Read More
  • 5 minute read

Who Viewed My Profile?

On September 23, 2020, while browsing cybersecurity-related news on Twitter, I noticed the hashtag #profilimekimbaktı in the trending topics. I decided to check the accounts sharing this hashtag as it raised suspicion. One of the accounts had written in their message that the Android app Web Postegro & Lili showed…
Read More
0
0
0
0
0
Read More
  • 3 minute read

Operations Security (OPSEC)

Sometimes when you follow cybersecurity experts on social media or look at cybersecurity presentations, you may come across phrases like “OPSEC FAIL.” These usually refer to significant operational errors made by APT groups and/or malware developers. For those who are curious about what operasyon güvenliği (OPSEC) is, it stands for…
Read More
0
0
0
0
0
Read More
  • 4 minute read

TLS Fingerprinting

For those of you who read my blog post on WordPress Security, you would have seen in the administrator page of my blog that there was a dictionary attack that was conducted for years (up until May 2020) from more than 20 IP addresses, and how I fought against it.…
Read More
0
0
0
0
0
Read More
  • 3 minute read

Magecart Analysis

As you may remember, in my blog post “Fighting Against Magecart” I mentioned that I would cover the analysis of malicious JavaScript code in another article. Until now, I have analyzed malicious JavaScript code many times, and about 3 years ago, I also wrote a blog post titled “Malicious JavaScript…
Read More
0
0
0
0
0