Today I was analyzing some Matrix collected phishing kits and this struck me. First of all for the continuous duplication of code, there are ten files with practically the same code with minor changes, he could have made a function… but unfortunately he is an idiot and so I come to the climax of the … Continue reading Script kiddie in action
PostNL phishing kit (with video tutorial)
I recently came across this kit that targets PostNL customers. The kit is currently still online. Technically it's not that great, the usual crap written badly in PHP; what I found funny was the "license". Пользовательское соглашение: Блокировка на все RU машины (RU header). Продукт поставляется "как есть", функционал в описании к продукту. Автор не … Continue reading PostNL phishing kit (with video tutorial)
Tale of a scam
This morning I dedicated half an hour to understand something better about a scam that I had understood to be a scam without ever having seen it in action. I'll start with a shortened link I received. A page opens with the graphics of a well-known Italian newspaper (La Repubblica) presenting a series of articles … Continue reading Tale of a scam
Finally online!
After months of development and testing, a new, futuristic and indispensable feature has finally gone online! I put a page online to get your public IP 🙂 I know there are millions of them, but all those who know returned the information I needed (my IP) along with a hundred other useless things. This page … Continue reading Finally online!
From Russia with love
A few months ago I was informed of an investigation into a type of fraud that sees some infrastructure based in Russia at the center of attention. I was contacted because Matrix had reported a domain that was later used for fraud. This is the report: https://urlscan.io/result/37dd713d-0cfe-4fd4-a377-1f154ecd2f4f/ This is the full article on Qurium: https://www.qurium.org/alerts/deep-fake-video-of-maria-ressa-connected-to-cyberscam-network-in-russia … Continue reading From Russia with love
Slack is great if you use it well
I have been using Slack for many years and in many projects I have been able to appreciate its features. It is a very powerful tool that unfortunately has a weak point: the user 😦 Most people I know use it like Whatsapp or Sykpe. Failure to use the “threat” feature turns Slack channels into … Continue reading Slack is great if you use it well
Setup ESPHome
In the previous post we saw how to connect our ESP2282 board via USB to our WSL. In this post we see how to use ESPHome into our WSL. If everything worked we will have the following configuration. As you can see we have the "ttyUSB0" device, this represents our board. First we install the … Continue reading Setup ESPHome
Connect USB device to WSL
I decided to check out ESPHome. This is a very interesting project and I think I will write something about it here in the future too. For now, however, I thought I'd write a first quick post on how to connect a USB device to WSL. In fact, my workstation is a Windows 11 machine … Continue reading Connect USB device to WSL
Phishing attack against Wio
To be honest I didn't know this bank. Today Matrix identified these two threats and so I did a little research into who they are. It is a bank based in the United Arab Emirates. Looking at the wio.io website the first thing that struck me was that in the management section they don't have … Continue reading Phishing attack against Wio
Phishing attack against Facebook users
This morning Matrix located a file containing Facebook user credentials stolen using a phishing attack. The malicious site is "ab-portalwiedza.xyz". 16 hours after the report of the attack, the site is still online even if the file containing the credentials is no longer visible, I imagine because the criminal changed its name. The site presents … Continue reading Phishing attack against Facebook users
Emiliano Carlesi's blog 
You must be logged in to post a comment.