Author: Varrick
-
Generating and detecting phishing domains with IDN homograph attacks
Internationalized Domain Names are domain names with Unicode characters from a wide number of languages which make the Internet more accessible for non-English speakers. These domain names can be abused for phishing by impersonating other websites or brands by using Unicode characters that resemble Latin letters.
-
What’s in a name (Part 2): Linking different scam series using OSINT
In this post, we build on the findings from the previous post and show how to link the “1st Mall” scam series to other scam series using OSINT.
-
What’s in a name (Part 1): Using OSINT to hunt for malicious APKs used in scams
Hunting for scams and malicious APKs using OSINT. Scams have been a hot topic in Singapore for a fair bit and it is no wonder why. According to the Singapore Police Force Annual Scams and Cybercrime Brief 2022, victims of scams lost a total of S$660.7 million in 2022 alone, up from S$632 million in…
-
SEC504: Hacker Tools, Techniques, and Incident Handling + GCIH Exam review (2023)
A 2023 review on the SANS SEC504: Hacker Tools, Techniques, and Incident Handling + GCIH Exam: what to expect and how to ace the GCIH exam. I recently had the privilege to take the SANS SEC504: Hacker Tools, Techniques, and Incident Handling (SEC504) OnDemand training course taught by SANS Fellow and Course Author Joshua Wright.…
-
Hello, World!
Welcome to my blog! My name is Varrick, a passionate cybersecurity enthusiast. Join me in my misadventures as I try to learn more about cybersecurity! To provide more context, I spend most of my free time pursuing techncial certifications and developing simple scripts to automate mundane tasks. As time goes on, I find it easy…