Apple Watch 487 ~ Hacked!
DOWNLOAD ->>> https://shurll.com/2t7llk
I suspect that normally isn't isn't a device itself that is hacked (Apple has pretty strong security about that unless you do something like handing over your unlocked phone to a stranger), its more an Apple ID that can be compromised. In that case:
Thank you! @tyler39 I have no profiles, and I do need to setup my VPN... But, my I phone still acts funky... It automatically switches from my apple ID profile, but other times I come in under my contact name while texting with my BFF. She's always asking how do I go from my name being displayed to my apple id? I told her it was no my doing, but Im thinking is because she might no have my apple ID which is the same as my email added into my contact. However, she says that it always happens after 5:00 her time I'm EST while shed MCT...
I keep getting creepy feelings like someone has been accessing my phone. I often find apps open. I have found emails in my spam folder that I never opened, but they had been opened and marked spammed. I know I sound like a tin foil hat wearing nut job, but I had my entire portfolio stolen from my galaxy over 2000 photos gone. Well, they are in my box account, but the Hacker changed all of my passwords, and recovery info. I also found over 100 Facebook fake profiles listed under my name... But, we all know Facebook is just a wanna be hacker training camp... All I know is that I been hacked out of social networking.
Sounds like the last 6 months for me, everything has been hacked , ruined my life, money, house, everything, and still going on and dont know for what? Looks like the smae code in your phone is also the same as mine/ Please tell me more about what happened.
Micah Hoffman: I gotta watch how I say this. (laughing )... I always like finding out things about people and systems in a legal and ethical manner. No. I mean, that was one of the things that got me into offensive security when I was doing penetration testing, web hacking was not necessarily the finding the exploit, and that would get me in executing the exploit that would get me into a system. It was, once I'm in there, what can I see that I shouldn't be able to see it. It was almost like cyber voyeuristic for systems I was paid to break into. But I really found that when I was doing those penetration tests, that the more I did reconnaissance, the more effective I was at pen testing. And I remember this one engagement where our process, when we had a web application, we were kind of hack and it was on the internet, our process was to go ahead and just do some searches, do some googling. And I remember taking the name of the site and domain, and running a Google query and getting some documents coming back. And I was like, Alright, well, let's look at this one. It was like a help doc. And I read through the help doc And literally, page two was like, Oh, so you want to get into the application. If you want to get into the application, enter your username like this. And it gave a name and a password like this. And it gave a password. I literally typed in that username and password and I was into the app. And I was like, Wow, this is so powerful. That stuff is out there and if I can find it, I can use it. And that was that was one of those aha moments for me where cybersecurity was cool., but this was exciting. And that was where I remember saying, you know, this is this is the future for me.
Micah Hoffman: Absolutely. This is something that I learned as I went through all the different stages of my work, that what we call Open-Source Intelligence. It's really a process and that process is different for each person or team that goes through it. It is something that a lot of different people in most all of the areas that touch on cyber go through, whether you're doing blue team, and you're looking up domains and IP addresses that either have been hacked or are being hacked, or you're digital forensics and incident response person, and you're dumping the usernames off of somebody's mobile device, because you need to investigate that and figure out where those usernames have been used online, or security awareness. I had a great time working with Lance Spitz and the SANS folks over in the SANS security awareness group, helping people understand why they should not be posting this or that to their social media or, or discussing things. OSINT can help show that. And then of course, for for those classic fields, like the reconnaissance stage of the penetration or red teaming cycle, all of them use open-source intelligence in some form or fashion. It might not be like going through the entire cycle, it might not be generating a report that is based upon the intelligence that you've created, but it is going through some of the stages of requirements, gathering data and then analysis in order to achieve some goal.
Micah Hoffman: I've chosen to pick certain platforms that I'm comfortable on. Everybody has their feelings about this social media site or that social media site and the information that can be gained from it. For me using Twitter, following those wonderful hashtags that are out there, like hashtag #OSINT is important, because there's so many people in the world that share great tips, techniques, videos, I was just watching a longtime friend and colleague of mine just sent and just shared, like a five part video series. And I think this speaks to the second part of your question is, is Who do you look to to learn. I recognized long ago that I cannot know everything in any discipline. I can always seek to learn from other people, whether they're more senior than me or just more junior and have a different way of looking at something. So I try to surround myself with those sources in those places that I get the most help from. So Twitter, I'm looking at that a lot, and I get a lot of my data there. But then I'm also on Reddit, I'm also on in the discord. There's a discord that that I'm in the SANS Blue Team discord, which is a free place to talk about open-source intelligence and blue teaming. And then also there's a search light discord, which is another place that has a good ratio of chatter, to really good information. And it's just a place I can drop into get what I need or perform searches to find those bits of data that is useful to me, and a great bunch of people on there, too.
Micah Hoffman: It's really neat that you mentioned this, because we got the the second part of that question. There's a lot of resources out there for new people coming in the field. I run a nonprofit organization called OSINT Curious and it's at OSINTCurious.com or OSINTcurio.us. And that organization seeks to be a conveyor of great high quality information about OSINT for free. And we were just doing a live stream the other day and somebody asked 'Well, okay, there's a lot of resources for Beginners, what about the advanced people?' So let me tell you about the beginner and then maybe we can just hit on the Advanced one as well. So for beginners, it's, I've seen a lot of people just get overwhelmed with the amount of data that's being shared. I saw this years ago in cyber, and some of the luminaries in the field made it easier by kind of summarizing all of these talks or resources. In OSINT, there's a ton of resources for beginners and a ton of basic OSINT classes that are free or very low cost. My strong suggestion is, get a Twitter account to watch what's happening. But you need a place if you're going to be getting into this or you are just getting into open-source intelligence, you need a place where you can talk and interact with people. So find a chat group, client, whatever that you're comfortable with, whether it's it's Slack, or discord, or whatever, and interact with people. There are people in these groups that will do everything from sharing videos and book references to answering questions. They have CTFs or capture the flags that they do to keep you engaged and to help you learn, they even do things like talk about dark web and other more discrete topics as well. But joining that community, where you can talk with other people is going to be much, much better in the long run than tweeting out, 'Hey, can you give me some resources', and then you going ahead and, and trying to track those down. And then for those advanced users, what we just said on the using curious webcast or stream was, was essentially go broad and go deep. So instead of just focusing on social media, just focusing on domains and IPs, branch out, find some other disciplines to get engaged with and to to look at, because once you've mastered those basics, those foundations, you now have the comfort to look at that website and look at this website or other sources for data. So go broad and go deep.
Micah Hoffman: I think my favorite is just the hashtag #OSINT. That's in my Twitter feed. I'm just constantly watching that, and across other platforms as well. But the other one is, is hashtag #OSINTCurious. That hashtag #OSINTCurious is neat. Because what I'm starting to see after the nonprofit being around for about two years, people are starting to use that but to tag interesting tools, techniques, and resources and when they need help to, they're using it as a call for help call for action. And I enjoy seeing all of the things that people are using that Osint curious hashtag with.
Micah Hoffman: I gotta watch how I say this. (laughing )... I always like finding out things about people and systems in a legal and ethical manner. No. I mean, that was one of the things that got me into offensive security when I was doing penetration testing, web hacking was not necessarily the finding the exploit, and that would get me in executing the exploit that would get me into a system. It was, once I\'m in there, what can I see that I shouldn\'t be able to see it. It was almost like cyber voyeuristic for systems I was paid to break into. But I really found that when I was doing those penetration tests, that the more I did reconnaissance, the more effective I was at pen testing. And I remember this one engagement where our process, when we had a web application, we were kind of hack and it was on the internet, our process was to go ahead and just do some searches, do some googling. And I remember taking the name of the site and domain, and running a Google query and getting some documents coming back. And I was like, Alright, well, let\'s look at this one. It was like a help doc. And I read through the help doc And literally, page two was like, Oh, so you want to get into the application. If you want to get into the application, enter your username like this. And it gave a name and a password like this. And it gave a password. I literally typed in that username and password and I was into the app. And I was like, Wow, this is so powerful. That stuff is out there and if I can find it, I can use it. And that was that was one of those aha moments for me where cybersecurity was cool., but this was exciting. And that was where I remember saying, you know, this is this is the future for me. 2b1af7f3a8