16255
@cissp International channel 4 Transmission Knowledge In the Field of Cyber Security with a Focus on the Content of the CISSP-ISC2 Course - - - - - - - - - - +also group: https://t.me/cisspgroup ————————— @alirezaghahrood
#DiyakoSecureBow
————————————
MLSecOps
Whitepaper
Principles for the security of machine learning Aug 2022.
-Business Secure Continuity-
2024.01.24
——————————————————
#cybersecurity #AI #ML
#BusinessSecureContinuity
Malware analysis
1. A lightweight method to detect potential iOS malware🤓
https://securelist.com/shutdown-log-lightweight-ios-malware-detection-method/111734
2. Industry-Specific Ransomware Trends 2023🥶
https://blog.checkpoint.com/research/check-point-research-2023-the-year-of-mega-ransomware-attacks-with-unprecedented-impact-on-global-organizations
Analytics
Advanced threat predictions for 2024💀
https://securelist.com/kaspersky-security-bulletin-apt-predictions-2024/111048
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.20
https://www.linkedin.com/posts/alirezaghahrood_malware-analysis-1-a-lightweight-method-activity-7154331132652597249-13dH?utm_source=share&utm_medium=member_ios
Thank you Mohsen Houshmand Sarvestani for reviewing my Cybersecurity service. It was great working with you. To learn more about my work, visit my Service Page.
Special Thanks Bro
For many years, we have worked in the expert body of both employers and companies that provide services, products and solutions for cyber security and related technologies. We have a good understanding of problems, challenges, shortcomings, etc Taken from the opinions of real and legal customers That It consists of national, organizational, extensive collaborations and cross-border and international projects.
The approach to cyber security needs is based on standards, requirements, risks, non-conformities in a balance of budget, human power and organizational culture. With the help of cycle We carry out needs assessment, research and development, design, implementation, audit, optimization(FineTune), hardening, operation and customized training with an eye on maturity. Ask the team for feedback from customers who have trusted us and are our most valuable asset + output and effectiveness.
✌🏼🙏❤️👍🏽
cryptography
National Security Agency (NSA) Military Cryptanalytics"
Part III by Lambros D.Callimahos, 2021.
/channel/cissp/7385
/channel/CISOasaService/14858
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.19
Thank you Sophia Alikhani for reviewing my Corporate Training service. It was great working with you. To learn more about my work, visit my Service Page.
Special Thanks Ms
For many years, we have worked in the expert body of both employers and companies that provide services, products and solutions for cyber security and related technologies. We have a good understanding of problems, challenges, shortcomings, etc Taken from the opinions of real and legal customers That It consists of national, organizational, extensive collaborations and cross-border and international projects.
The approach to cyber security needs is based on standards, requirements, risks, non-conformities in a balance of budget, human power and organizational culture. With the help of cycle We carry out needs assessment, research and development, design, implementation, audit, optimization(FineTune), hardening, operation and customized training with an eye on maturity. Ask the team for feedback from customers who have trusted us and are our most valuable asset + output and effectiveness.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.18
https://www.linkedin.com/posts/alirezaghahrood_thank-you-sophia-alikhani-for-reviewing-my-activity-7153660303958814720-hkUS?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
———————————
WHEN THE LIGHTS
WENT OUT
A COMPREHENSIVE REVIEW OF THE 2015 ATTACKS ON UKRAINIAN CRITICAL INFRASTRUC
-Business Secure Continuity-
2024.01.13
——————————————————
#cybersecurity #cyberattack #malwareanalysis #operationaltechnology #OT
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_ukraine-report-20232015-attack-ot-activity-7151787545461170176-xN26?utm_source=share&utm_medium=member_ios
The diversity of talent in cybersecurity, which is what makes the field so refreshingly different from many others, is also one of the critical factors that stifles its evolution.
https://www.linkedin.com/posts/alirezaghahrood_the-diversity-of-talent-in-cybersecurity-activity-7151176698082779136-Ydrr?utm_source=share&utm_medium=member_ios
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.11
Thank you Hoda Taheri for reviewing my Cybersecurity service. It was great working with you. To learn more about my work, visit my Service Page.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.07
https://www.linkedin.com/posts/alirezaghahrood_thank-you-hoda-taheri-for-reviewing-my-cybersecurity-activity-7149687471713222656-V2r6?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
———————————
Infographics
"API Pentesting Mindmap":
Recon+Attacking+GraphQL Attacking
-Business Secure Continuity-
2024.01.06
——————————————————
#cybersecurity #apigateway #pentesting #offensivesecurity
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_api-pentesting-map-2024-activity-7149317714614894593-Ub5_?utm_source=share&utm_medium=member_ios
I am happy to announce that I have recently received my
Network Security ,…Voice Badge🏅.
I hope to experience more success in this field and share it with others.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.03
#DiyakoSecureBow
———————————
A Comparative Study of Interdisciplinary Cybersecurity
Education
Executive Summary
Since 2014, the William and Flora Hewlett Foundation Cyber Initiative has allocated grants to support interdisciplinary cybersecurity education at universities across the United States, as part of a broader goal to develop a field of cyber policy experts and institutions that can “an- ticipate, analyze, and address [cybersecurity] risks thoughtfully and systematically.”1 This paper presents a comparative study of the interdisciplinary cybersecurity education landscape to guide educational institutions in developing and creating cybersecurity programs. We compiled publicly available information about a selection of 17 interdisciplinary cybersecurity degree pro- grams, with a focus on masters programs offered by Hewlett grantees. We then supplemented our data collection with two focus group meetings with representatives from the programs studied, as well as from recent Hewlett grantees.2
Programs in the study depicted a range of models for interdisciplinary cybersecurity education and a variety of approaches for cultivating diverse and interdisciplinary thinking in the field. These models include dual-degree programs and curriculum requirements that span multiple schools and disciplines, and that are designed to foster cross-disciplinary thinking and develop student competency in both technical and policy-oriented domains.
The study revealed a variety of important insights for university leaders to consider as they create or evolve their interdisciplinary cybersecurity programs:
Special Thanks
CLTC
Center for Long-Term Cybersecurity
University of California, Berkeley
And✌🏼❤️😇
L I S A H O Project Lead
Academic Director
- Masters in Information and Cybersecurity, UC Berkeley
S A H A R R A B I E I Lead Researcher
Masters Student
- Cybersecurity and Information, UC Berkeley
DRAKE WHITE Researcher
Masters Student
- Information Management and Systems, UC Berkeley
https://lnkd.in/e5WhgqpU
-Business Secure Continuity-
1402.10.09
——————————————————
#cybersecurity #berkeley #mitreattack
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_cyber-security-education-2023-activity-7146749253992812544-d8zL?utm_source=share&utm_medium=member_ios
Let's go to the specialized analysis of a series of malware:
Malware analysis
1. Qilin Ransomware
https://lnkd.in/eCgeYhwY
2. The csharp-streamer RAT
https://lnkd.in/eQrTj6YF
Let's go to the techniques of resistance and security (Hardening) against attacks and abuses(Exploit):
Exploitation Mitigations
Knowledge base of exploit mitigations for various OS, architectures, applications and versions
https://lnkd.in/duccdB5
And
🚨 New Linux Trojan Alert!
Meet "Krasue," a stealthy remote access trojan targeting Thai telecom companies. Krasue relies on a rootkit derived from open-source projects to maintain persistence.
Learn more:
https://lnkd.in/eqmkDg97
https://lnkd.in/e9WjWR3d
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.10.06
https://www.linkedin.com/posts/alirezaghahrood_lets-go-to-the-specialized-analysis-of-a-activity-7145807195257933824-5kF9?utm_source=share&utm_medium=member_ios
Thank you Rezvan Barzegar for reviewing my Cybersecurity service. It was great working with you. To learn more about my work, visit my Service Page.
Special Thanks Ms
✌🏼🙏❤️👍🏽
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.10.06
https://www.linkedin.com/posts/alirezaghahrood_thank-you-rezvan-barzegar-for-reviewing-my-activity-7145696390680125440-5EGe?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
———————————
To learn more about how to adopt and accelerate AI in a safe way, click the link the description
Special Thanks
Holistic AI
-Business Secure Continuity-
1402.10.06
——————————————————
#cybersecurity #gdprcompliance #artificialintelligence #machinelearningalgorithms
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_ai-regulations-2024-activity-7145513879857463296-qZt_?utm_source=share&utm_medium=member_ios
https://www.linkedin.com/company/diyako-secure-bow/
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.10.05
We wrapped ourselves in ourselves, like closing a cocoon. Will we become butterflies? 🫥
Anyway,
More Zero-Days !!!
✅ Citrix fixes critical RCE flaws (CVE-2023-6548, CVE-2023-6549) exploited in wild.
✅ VMware Aria Automation bug (CVE-2023-34063) allows attacker control.
✅ Atlassian issues fixes for 24+ flaws, including RCE.
Patch, Update ASAP:
https://thehackernews.com/2024/01/citrix-vmware-and-atlassian-hit-with.html
DFIR
Infographics
"Log Sources v.1.1", 12.2023.
https://github.com/Neo23x0/Talks
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.21
https://www.linkedin.com/posts/alirezaghahrood_we-wrapped-ourselves-in-ourselves-like-closing-activity-7154703304084594688-XZZB?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Tech book
Software Testing Automation: Testability Evaluation, Refactoring, Test Data Generation and Fault Localization 2023.👇🏻
/channel/CISOasaService/14860
/channel/cissp/7387
Cyber Education
The materials of the "Hypervisor 101 in Rust" class held at Global Cybersecurity Camp 2023 Singapore
https://github.com/tandasat/Hypervisor-101-in-Rust
-Business Secure Continuity-
2024.01.20
——————————————————
#cybersecurity #cyberattack #fuzzing #softwaretester
#BusinessSecureContinuity
cryptography
National Security Agency (NSA) Military Cryptanalytics"
Part III by Lambros D.Callimahos, 2021.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.19
Thank you Mohsen Azarnejad for reviewing my Cybersecurity service. It was great working with you. To learn more about my work, visit my Service Page.
Special Thanks Dear Bro
For many years, we have worked in the expert body of both employers and companies that provide services, products and solutions for cyber security and related technologies. We have a good understanding of problems, challenges, shortcomings, etc Taken from the opinions of real and legal customers That It consists of national, organizational, extensive collaborations and cross-border and international projects.
The approach to cyber security needs is based on standards, requirements, risks, non-conformities in a balance of budget, human power and organizational culture. With the help of cycle We carry out needs assessment, research and development, design, implementation, audit, optimization(FineTune), hardening, operation and customized training with an eye on maturity. Ask the team for feedback from customers who have trusted us and are our most valuable asset + output and effectiveness.
سال هاست در بدنه كارشناسي هم كارفرمايان و هم شركت هاي ارائه دهنده خدمات، سرويس ها ، محصولات و راهكارهاي امنيت سايبري و فناوري هاي وابسته كار كرده ايم
به مشكلات، چالش ها، كاستي ها، … اشراف مناسبي داريم
برگرفته از نظرات مشتريان حقيقي و حقوقي
كه
مشتمل از همكاري هاي ملي، سازماني، گسترده و پروژه هاي فرا مرزي و بين المللي هست
رويكرد به نياز هاي امنيت سايبري را صر ف استاندارد ها، الزامات، ريسك ها، عدم انطباق ها در تعادلي از بودجه، نيروي انساني و فرهنگ سازماني
به كمك چرخه
نيازسنجي، تحقيق و توسعه بروز، طراحي، استقرار، مميزي، بهينه سازي ، امن سازي، راهبري ، آموزش هاي سفارشي سازي شده با نگاه به بلوغ انجام مي دهيم.
بازخورد تيم را از مشترياني كه اعتماد كرده اند و دارايي به شدت مهم ما هستند، بپرسيد
+ خروجي و اثر بخشي
✌🏼🙏❤️👍🏽
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.15
https://www.linkedin.com/posts/alirezaghahrood_thank-you-mohsen-azarnejad-for-reviewing-activity-7152445907219668992-Cxqh?utm_source=share&utm_medium=member_ios
T H R E AT H U N T I N G P L AY B OO K
LEARN HOW TO EMBRACE A PROACTIVE SECURITY POSTUR
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.13
https://www.linkedin.com/posts/alirezaghahrood_threat-hunting-playbook-2023-activity-7151784348835348480-clQY?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
———————————
Executive Dashboard
InitialAccessBrokers
-Business Secure Continuity-
2024.01.10
——————————————————
#cybersecurity #cloud
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_diyakosecurebow-cybersecurity-cloud-activity-7150738302193537026-2Hr-?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
———————————
Hardening
Office 365 Secure Configuration Framework Feb.2024
-Business Secure Continuity-
2024.01.09
——————————————————
#cybersecurity #office365 #hardening
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_office365-sec-config-2024-activity-7150322827877949441-R52P?utm_source=share&utm_medium=member_ios
Check out this job at Diyako Secure Bow:
https://www.linkedin.com/jobs/view/3800192325
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.06
exploit
Analytics
Top 10 Vulnerabilities of 2023:
1. CVE-2023-34362: MOVEit Vulnerability
2. CVE-2023-23397: MS Outlook PE
3. CVE-2023-43641: 1-Click RCE on GNOME
4. CVE-2023-28252: Windows CLFS PE
5. CVE-2023-2868: Barracuda ESG CI
6. CVE-2023-26360: Adobe ColdFusion
7. CVE-2023-4966: Citrix Bleed
8. CVE-2023-22952: SugarCRM RCE
9. CVE-2023-24880: Win Smart Screen Bypass
https://www.vicarius.io/vsociety/posts/windows-smartscreen-security-feature-bypass-cve-2023-24880
10. CVE-2022-42475:
FortiOS heap-based buffer overflow in sslvpnd
https://bishopfox.com/blog/exploit-cve-2022-42475
https://github.com/scrt/cve-2022-42475
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.06
Malware analysis
Ransomware and Extortion Report 2023.
Special Thanks
Palo Alto Networks
Palo Alto Networks Education Services
And
Unit42✌🏼❤️😇🙏
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.02
Happy New Year 2024: New Year is celebrated on January 1 of every year. As 2023 comes to an end, we welcome 2024 with pomp. Globally, people celebrate the day by visiting loved ones, exchanging gifts, cooking a fest for loved ones, attending events or parties, countdowns with friends, kissing their partner when the clock strikes 12, watching fireworks, and more. Additionally, New Year is the time to make resolutions that help people grow physically and mentally. You can also celebrate the day by sending heartfelt messages and wishes to your loved ones on January 1, 2024.
❤️😇✌🏼
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.01
Threat Research
Blue Team Techniques
1. Sensor Mappings to ATT&CK - collection of resources to assist cyber defenders with understanding which sensors/events can help detect real-world adversary behaviors in their environments
https://github.com/center-for-threat-informed-defense/sensor-mappings-to-attack
2. Early Detection of Malicious Stockpiled Domains
https://unit42.paloaltonetworks.com/detecting-malicious-stockpiled-domains
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.10.06
Thank you Hassan Abdi for reviewing my Cybersecurity service. It was great working with you. To learn more about my work, visit my Service Page.
Special Thanks Bro
✌🏼🙏❤️👍🏽
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.10.06
https://www.linkedin.com/posts/alirezaghahrood_fthank-you-hassan-abdi-for-reviewing-my-cybersecurity-activity-7145696258911870976-wMua?utm_source=share&utm_medium=member_ios
I will be attending Intersec, the world's leading trade fair for safety, security & fire protection taking place from 16 – 18 January 2024. Register today and join me at the show. #intersecexpo
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.10.05
https://www.linkedin.com/posts/alirezaghahrood_ive-registered-to-visit-intersec-2024-register-activity-7145501607357546497-lChU?utm_source=share&utm_medium=member_ios
info
Events
TOP-20 Leading Cybersecurity Conferences in 2024:
1. IEEE S&P
45th IEEE Symposium (May 20-23):
https://www.ieee-security.org/TC/SP2024
European (July 8-12):
https://www.ieee-security.org/TC/EuroSP2024/accepted_and_awards.html
2. ENISA Cybersecurity Standardisation Conference (Mar 05)
https://www.enisa.europa.eu/events/cybersecurity_standardisation_2024
3. USENIX Security Symposium (Aug 14-16)
https://www.usenix.org/conference/usenixsecurity24
4. NDSS Symposium (26 Feb. - 01 Mar.)
https://www.internetsociety.org/events/ndss/2024
5. ESORICS (European Symposium on Research in Computer Security, Sept. 16-20)
https://www.esorics2024.org
6. Nullcon Berlin (March 11-13)
https://nullcon.net/berlin-2024
7. International Conference on Cybersecurity and Common Problems (ICCCP, Jan. 18-19)
https://waset.org/cybersecurity-and-common-problems-conference-in-january-2024-in-sydney
8. Pwn2Own Miami (Feb.14-16)
https://www.zerodayinitiative.com/Pwn2OwnMiami2024Rules.html
9. International Conference on Cybersecurity and Hacking (ICCH 2024, Jan. 11-12)
https://waset.org/cybersecurity-and-hacking-conference-in-january-2024-in-tokyo
10. RSA Conference 2024 (May 6-9)
https://www.rsaconference.com/usa
11. JSAC 2024 (Jan. 25-26)
https://jsac.jpcert.or.jp
12. SANS 2024 Cyber Security Training (Mar 24-29)
https://www.sans.org/cyber-security-training-events/2024
13. 45th IEEE Symposium on Security and Privacy (May 20-23)
https://sp2024.ieee-security.org
14. National Cyber Summit (Sep. 24-26)
https://www.nationalcybersummit.com
15. ACM WiSec 2024 (May 27-30)
https://wisec2024.kaist.ac.kr
16. Zer0Con 2024 (April 4-5)
https://zer0con.org/?ref=infosec-conferences.com
17. DEF CON 32 (Aug. 10-13)
https://defcon.org
18. Black Hat 2024
Spring Trainings (Mar. 12-15):
https://www.blackhat.com/tr-24
USA (Aug. 3-8):
https://www.blackhat.com/upcoming.html#usa
Asia (Apr. 16-19):
https://www.blackhat.com/upcoming.html#asia
Europe (Dec. 4-7):
https://www.blackhat.com/upcoming.html#europe
19. BSides SF 2024 (May 4-5)
https://bsidessf.org/cfp
20. European Interdisciplinary Cybersecurity Conference (EICC, June 5-6)
https://www.fvv.um.si/eicc2024
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.10.05