Posts

Image
On June 26, 2025 , President William Ruto signed three critical financial laws of Kenya's money matters for the next year. These are Finance Act 2025 Appropriations Act 2025 Supplementary Appropriations Act 2025 Let’s break it down. ๐Ÿ“• 1. Finance Act 2025: How the Government Plans to Get Money This law sets out how the government will collect revenue (money) from taxes, levies, and duties in the 2025/26 financial year. ๐Ÿงพ Key Tax Changes You Should Know: Per Diem (daily allowance) Tax-Free Limit Increased Previously: Ksh 2,000 per day Now: Ksh 10,000 per day Great news for civil servants and people who travel for work—more of your travel allowance is now tax-free! Employers Must Apply Tax Reliefs Automatically If you're eligible for NHIF, NSSF, insurance reliefs, etc., your employer must now apply them without you having to ask. Digital Assets Tax Removed—But... The government scrapped the controversial Digital Assets Tax (which taxed crypt...

๐Ÿ›‘ Wallet Drain via Fake Token Approvals on BNB Smart Chain: A Cautionary Tale Featuring GPTAI & SKAI

Image
Introduction The world of decentralized finance (DeFi) offers freedom, innovation, and, unfortunately, increasing sophistication in scams. A recent wave of wallet-drain attacks has surfaced involving tokens like GPTAI and SKAI on the BNB Smart Chain. Users, even those interacting through reputable platforms like 1inch Network , are losing tokens from their wallets through cleverly crafted smart contracts. This blog post exposes how these fake tokens exploit standard wallet permissions, how victims are tricked, and how you can protect yourself. ๐Ÿง  The Attack Vector: Fake Tokens with Malicious Smart Contracts Scammers are now using a new trick in their playbook: deploying legitimate-looking tokens (e.g., GPTAI , SKAI ) with malicious functions embedded in the contract code. These tokens are distributed through mass airdrops or made available on DEX aggregators like 1inch, hoping users will try to swap or sell them. Here's how the scam unfolds: ๐Ÿช‚ Step 1: Airdrop or Visibili...

SS7 Attacks - The Exploit That Can Intercept Your Calls and Texts

Image
  In an era where cybersecurity threats are constantly evolving, one of the lesser-known but dangerous vulnerabilities in the global telecom infrastructure involves a protocol called Signaling System 7 (SS7) . This system, crucial to how mobile networks communicate with each other, is vulnerable to attacks that allow hackers to intercept calls, read text messages, and track users’ locations. But what exactly is an SS7 attack, and why should you be concerned? Let’s dive into how this attack works and why it remains a significant threat today. What is SS7? SS7, or Signaling System 7, is a set of protocols used by telecommunication networks to exchange information necessary for setting up and routing phone calls, sending SMS messages, and enabling services like roaming between different networks. It acts as the backbone of global mobile communication, allowing different phone networks to communicate with each other efficiently. SS7 was designed in the 1970s, at a time when security wa...

Why an Attacker Might Use tcpwrapped

Image
  Evasion : By restricting access to a service, the attacker could make it more difficult for security tools like Nmap to identify the type of service running on the port. The result is that the service appears as tcpwrapped , giving the impression that it is well-secured or inaccessible, when in reality, it may be a malicious service that is only available to authorized users (e.g., those coming from specific IP addresses or ranges). Concealing Malicious Services : The attacker could be running a backdoor, C2 (command and control) server, or other unauthorized service while making it look like an innocuous or inaccessible port. This would make it harder for security professionals to notice or investigate that service, as it may be assumed to be a legitimate, restricted system service. Limiting Exposure : By restricting access, the attacker can limit the pool of potential investigators or defenders who could probe the port for more information. Only users with the right IP address,...

New Windows Security Flaw CVE-2024-38063

Image
A critical vulnerability, CVE-2024-38063, has been discovered in Microsoft's Windows operating system, specifically in the IPv6 TCP/IP stack. This flaw has a CVSS score of 9.8, indicating a high level of severity. It is a "zero-click" vulnerability, which means that an attacker could exploit it without any action from the user, making it extremely dangerous. Additionally, it is "wormable," so it can spread from one system to another automatically, potentially causing widespread damage. How the Vulnerability Works CVE-2024-38063 affects all Windows systems with the IPv6 protocol enabled. Attackers can exploit this flaw by sending specially crafted IPV6 packets to a target system, allowing them to execute remote code by using integer underflow to trigger a buffer overflow. This could lead to unauthorized complete control of the system. The vulnerability is particularly concerning for any Windows devices that are directly exposed to the internet. It's certainly...

Understanding Critical Subdomains in a Website, What They Are and Why They Matter

Image
SubDormains In the complex architecture of a modern website, subdomains play a crucial role in organizing content, services, and functionalities. While these subdomains are essential for seamless operation, they can also become significant security risks if not managed properly. In this article, we’ll explore the critical subdomains of a website, their purposes, and the potential risks they pose if compromised. What Are Subdomains? Subdomains are extensions of a primary domain that allow website owners to create separate sections or branches under the same domain name. For example, in the URL `blog.example.com`, "blog" is a subdomain of the primary domain "example.com." Subdomains can be used to host different parts of a website, such as a blog, e-commerce store, or admin panel. Critical Subdomains and Their Purposes Understanding the purpose of each critical subdomain is essential for both web developers and security professionals. Below, we list some of the most c...

The NIST 800 Framework - A Brief

Image
Cybersecurity is paramount for organizations across all sectors. The National Institute of Standards and Technology (NIST) has developed a comprehensive series of guidelines and recommendations to help organizations bolster their cybersecurity defenses. The NIST Special Publication 800 (NIST 800) series provides a robust framework that covers various aspects of cybersecurity, risk management, and compliance. This article delves into some key components of some NIST 800 frameworks, highlighting their importance and practical applications. NIST SP 800-53: Security and Privacy Controls for Federal Information Systems and Organizations Purpose: NIST SP 800-53 provides a detailed catalog of security and privacy controls designed to protect federal information systems and organizations. These controls are essential for safeguarding operations, assets, and individuals against a myriad of cybersecurity threats. Key Components - Control Families: The controls are organized into families, each a...