In April, LinkedIn is the latest victim of a massive data breach, and data of over 500 million of its users have been scraped from the platform and posted online for sale. The dataset includes sensitive information like email addresses, phone numbers, workplace information, full names, account IDs, links to their social media accounts, and gender details. The breached data is reportedly being sold by TomLiner hacker on a security forum. The hacker is asking for money in exchange for the breached data. …


An antivirus is an essential software in our Windows machine, and we are mostly relying on this. The purpose of AV is to detect known viruses or malware from the system. Which AV is best is not part of this article, but how can we detect the malware without AV is the discussion topic of this article.

This is not very advanced level hunting, but this will help you clean your system with known malware missed by AV. We will use the Windows Sysinternals toolset for this, which is totally free from Microsoft.

What is the Windows Sysinternal toolset?

Windows…


From last few days, I received multiple suspicious emails regarding my Paypal account. In this article, I will tell you some basic steps to identify these types of suspicious emails. Below the snap of a suspicious email that I received regarding my PayPal account and we will investigate this email.

In IT terms these emails are called Phishing emails and purpose of these emails to get the personal information of victims say username of your finical account, password of your finical account, date of birth and many other Personal Identify Information (PII).

Let’s start:

1: The subject of the email…


PowerShell is a very well know and important component of Windows. Recently I performed a Threat scan with Symantec Diagnostic Tool and detected High-Risk alert in my Windows 10 machine regarding PowerShell Execution Policy.

The Alert triggered regarding the malicious PowerShell key in my system and I should remove this.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell\”ExecutionPolicy”

The path of this regkey looks like legitimate and before taking any action blindly on AV result, let’s ask google on this issue.

What is PowerShell Execution Policy and Why we use this?

PowerShell’s execution policy is a safety feature that controls the conditions under which PowerShell loads configuration…

Sajid Kiani

I am Security Reacher. I am not pro writer. You can catch me on Twitter @_sajidkiani or LinkedIn “sajidkiani”.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store