Adam Ziaja - IT Security Consultant

Security research and articles on the company's techblog:

BadWPAD and spear-phishing using Battle.net Desktop App (English)
Spear-phishing campaign tricks users to transfer money (TTPs & IOC) (English)
Black Kingdom ransomware (TTPs & IOC) (English)
Kinsing cryptocurrency mining malware (TTPs & IOC) (English)
Sodinokibi / REvil / Maze ransomware (TTPs & IOC) (English)
DNS for red team purposes (English)
Deceiving blue teams using anti-forensic techniques (English)
Bypassing LLMNR/NBT-NS honeypot (English)
Internal domain name collision (English)
CVE-2019-10677 Multiple Cross-Site Scripting (XSS) in the web interface of DASAN Zhone ZNID (English)
Threat hunting using DNS firewalls and data enrichment (English)
BadWPAD wpad.software case and DNS threat hunting (English)
Sinkholing BadWPAD infrastructure - wpad.pl / wpadblocking.com case (part 4) (English)
Typosquatting in wpadblocking.com / wpadblock.com case (part 3) (English)
BadWPAD and wpad.pl / wpadblocking.com case (part 2) (English)
BadWPAD, DNS suffix and wpad.pl / wpadblocking.com case (English)
DNS based threat hunting and DoH (DNS over HTTPS) (English)
Czytanie karty płatniczej NFC (Polish)
Praktyczna analiza powłamaniowa. Aplikacja webowa w środowisku Linux (Polish)
Zatruwanie odpowiedzi LLMNR – Responder, llmnr_response (Polish)

Publications (Polish)

2016_bezprzewodowe_niebezpieczenstwo-adam_ziaja-maciej_grela.pptx (6.04 MB)
2016_bezprzewodowe_niebezpieczenstwo-adam_ziaja-maciej_grela.pdf (4.56 MB)
2015_praktyczne_ataki_na_aplikacje_webowe-adam_ziaja.pptx (2.63 MB)
2014_cyberprzestepczosc_20-adam_ziaja.pptx (5.45 MB)
2014_cyberprzestepczosc_20-adam_ziaja.pdf (2.69 MB)
2014_bezpieczenstwo_aplikacji_webowych-adam_ziaja.pdf (458.1 KB)
2008_niebezpieczny_livebox_02-adam_ziaja.jpg (1.12 MB)
2008_niebezpieczny_livebox_01-adam_ziaja.jpg (1.17 MB)

This work is licensed under a Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) License.

Copyright © 2008-2024 Adam Ziaja. All rights reserved.