Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Hacker Interviews – CtrlSec

Are you searching for a hacker that attacks ISIS online propaganda every day? CtrlSec is the right person. Enjoy the interview! Did you participate in several hacking campaigns? could you tell me more about you? I actually just had some experience with web design, I decided to start doing something with ISIS when me and a group of other people […]

Hacker Interviews – CtrlSec

Are you searching for a hacker that attacks ISIS online propaganda every day? CtrlSec is the right person. Enjoy the interview!

CtrlSec

Did you participate in several hacking campaigns? could you tell me more about you?

I actually just had some experience with web design, I decided to start doing something with ISIS when me and a group of other people from Anonymous (we’re not officially anons just hunters) and started learning more technical details by talking to people that knew a lot more than me.

Could you tell me which his your technical background and when you started hacking? Which are your motivations?

My motivation is all the damage ISIS does to the general public, not just the killings but the fear they spread. Our main focus is to try to limit the propaganda spread to avoid creating worries in the general public so people can live without fear of beeing attacked everywhere.

When I started hacking my background was just basic programming, after that I realized that more was needed so, I studied networking and security.

My motives, well that’s a bit complicated since my basic objective is to fight against government corruption, denial of privacy and police brutality. some may take it as political but it’s Activism. in my case Hacktivism.

What was your greatest hacking challenge? 

Not a very technical aspect more on a social engineering level when I managed to make Junaid Hussain (Tr1ck) so mad that he threw out the NYC threat to scare me.

Which was your latest hack? Can you describe me it?

Actually, I don’t remember, it’s been going on a lot with the accounts lately so right now that is our focus. We flag ISIS accounts so other people can report them, we make it possible for everyone who wants to fight ISIS and make a change without actually picking up arms and go to the front line.

What are the 4 tools that cannot be missed in the hacker’s arsenal and why?

Portscan – an application designed to discover open ports on the device you scan. A vulnerability scanner – a program that lets you search for

A vulnerability scanner – a program that lets you search for vulnerabilities in computers, networks, application etc. Network mapper – used to discover hosts and services on

Network mapper – used to discover hosts and services in computer networks and create a “map” of the network. sniffer – Is a packet analyzer that

Sniffer – Is a packet analyzer that lets you monitor and intercept packets on networks.

Which are the most interesting hacking communities on the web today, why?

We’re only working on ISIS so we’re not much out there in communities else than twitter.

Did you participate in hacking attacks against the IS propaganda online? When? How?

That’s our main focus, we attack their propaganda every day but we do what we need to get it completely offline.

Where do you find IS people to hack? How do you choose your targets?

Well if we got a shot on their hackers or their main propagandists we show no mercy. We have been tracking ISIS accounts online for 2 years now and we got a well-trained team that makes sure as few as possible mistakes go thru our bots.

We often hear about cyber weapons and cyber attacks against critical infrastructure. Do you believe it is real the risk of a major and lethal cyber attack against a critical infrastructure?

I believe there is a risk, but if it happens it is just proving that the operators in those facilities don’t know their job good enough to be working with critical infrastructure. Imagine if an ISIS hacker got their hands on the US nuclear codes, that would be pretty critical.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – CtrlSec, Hacking)