16255
@cissp International channel 4 Transmission Knowledge In the Field of Cyber Security with a Focus on the Content of the CISSP-ISC2 Course - - - - - - - - - - +also group: https://t.me/cisspgroup ————————— @alirezaghahrood
#DiyakoSecureBow
————————————
Analytics
Rapid7 Attack Intelligence Report 2024.
Big Picture:
Threat Climate Change
Over the last several years, Rapid7 researchers have regularly published in-depth analyses of significant vulnerabilities and major cyber incidents, prioritizing attack vectors that have threatened many organizations globally. In 2020, amid what was then considered to be an “outbreak” of critical vulnerability exploitation, our research team began tracking widely exploited CVEs separately from CVEs used in limited, targeted attacks, which were often conducted by a single
threat actor.
Rapid7’s inaugural vulnerability intelligence report included just over a dozen of these “widespread threats,” meaning vulnerabilities with many attackers and a large vulnerable target population. At the time, this elevated risk climate was novel, compelling, even alarming.
Special Thanks❤️😇👍🏽🙏
Rapid7
IntSights, a Rapid7 company
-Secure Business Continuity-
2024.06.01
——————————————————
#CyberSecurity #Vulnerability #Intelligence #Report
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_rapid7-ai-report-2024-activity-7202417859828834304-GvrR?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Iran turning to cyber-enabled influence operations for greater effect
01010111 01101000 01101001 01101100 01100101 00100000 01110011 01100101 01100101 01101011 01101001 01101110 01100111 00100000 01101110 01100101 01110111 00100000 01100011 01111001 01100010 01100101 01110010 01100001 01110100 01110100 01100001 01100011 01101011 00100000 01100011 01100001 01110000 01100001 01100010 01101001 01101100 01101001 01110100
Special Thanks❤️😇👍🏽🙏
Microsoft Security
Microsoft Threat Intelligence
Microsoft Research
Microsoft
-Secure Business Continuity-
2024.05.23
——————————————————
#CyberSecurity #APT #Attack #Threats
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_iran-turing-2-cyber-enable-2023-activity-7199283708179177472-6xZO?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Whitepaper
Blue Team Techniques
Network Traffic & Flow Analysis 2023.
Special Thanks❤️😇👍🏽🙏
-Secure Business Continuity-
2024.05.22
——————————————————
#CyberSecurity #Netflow #Analysis #Threats
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_net-traffic-flow-analysis-2023-activity-7198946694128898048-AwtJ?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
How to Support Cybersecurity Teams and Improve Outcomes:
Supporting cybersecurity teams minimizes risk, maximizes potential, and promotes organization-wide
stability. Here are three ways every company can pursue that now.
#1 Recruit and Retain Top Talent
#2 Adopt Automation Technologies
#3 Equip Everyone to Play a Part
…and much more
Special Thanks❤️😇👍🏽🙏
Cyber Defense Magazine
-Secure Business Continuity-
2024.05.16
——————————————————
#CyberSecurity #threats #CISO #Management
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_cyber-sec-mag-2024-activity-7196768475237781504-Oqf1?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Exploring Infostealer Malware Techniques on
Automotive Head Units
Accepted: 01/30/2024
Automotive vehicles have become exponentially more computerized in the last decade, and automakers continue to add new functionality and integrations to these systems. While most research focuses on the safety features of autonomous and semi-autonomous vehicle capabilities, there is little research regarding the data collected by these systems and whether this data is of interest to threat actors. By exploring exposed data, pivot points, and user impact, automakers and drivers can benefit from understanding how they can better protect themselves from unwanted data exposure and potential malware. The research conducted focuses on threat modeling a sampled Android-based infotainment system, ascertaining what data could be of interest to a financially motivated threat actor, and identifying techniques to demonstrate impact.
Special Thanks❤️😇👍🏽🙏
Daniel Mazzella, dmazzella5@gmail.com
And Lee Crognale
-Secure Business Continuity-
2024.05.13
——————————————————
#CyberSecurity #Malware #Threat #TTPs #MitreAttack
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_malware-techniques-2024-activity-7195838321183408128-3bhA?utm_source=share&utm_medium=member_ios
I challenge this perspective and advocate for a paradigm shift. As security professionals, we should conceptualize our role as akin to completing laps on a track, each lap aimed at leaving the environment marginally more secure than before.
Critics have accused me of inconsistency and of shirking responsibility in the realm of information security, suggesting that I defer tasks to others and fail to assertively advocate for specific security measures. However, in the absence of robust executive sponsorship, navigating the landscape requires finesse. To advance security initiatives without unwavering leadership support, one must adopt the role of a consultant within the organization, offering guidance that others may choose to heed or disregard.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.05.09
https://www.linkedin.com/posts/alirezaghahrood_i-challenge-this-perspective-and-advocate-activity-7194142395402260480-MPDH?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Research
IDPFilter: Mitigating Interdependent Privacy Issues in Third-Party Apps 2024.
https://github.com/shuai20/IDP_Filter
Special Thanks❤️😇👍🏽🙏
Shuaishuai Liu1 and Gergely Bicz ́ok12
1 CrySyS Lab, Dept. of Networked Systems and Services, Budapest Univ. of Technology and Economics, Hungary {sliu,biczok}@crysys.hu
2 HUN-REN-BME Information Systems Research Group
-Secure Business Continuity-
2024.05.05
——————————————————
#CyberSecurity #Trend #Leakage
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_idp-text-filter-2024-activity-7192918415047610369-r_1d?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Research
Hardware Security
High-Resolution Control-Flow Attacks Exploiting the Conditional Branch Predictor 2024.
https://pathfinder.cpusec.org
Special Thanks❤️😇👍🏽🙏
Hosein Yavarzadeh UC San Diego, USA
Christina Garman Purdue University, USA
Daniel Moghimi Google, USA
Archit Agarwal UC San Diego, USA
Daniel Genkin Georgia Tech, USA
Deian Stefan UC San Diego, USA
Dean Tullsen UC San Diego, USA
Max Christman UNC Chapel Hill, USA
Andrew Kwong UNC Chapel Hill, USA
Kazem Taram Purdue University, USA
-Secure Business Continuity-
2024.05.05
——————————————————
#CyberSecurity #Exploiting #ThreatModel #AttackPrimitives
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_pathfinder-2024-activity-7192658854566912001-Mgdo?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Whitepaper
OWASP Firmware Security Testing Methodology 2024.
Special Thanks❤️😇👍🏽🙏
OWASP® Foundation
Cisco Meraki
Cisco Security
Cisco
-Secure Business Continuity-
2024.05.03
——————————————————
#CyberSecurity #Cisco #Meraki #ApplicationSecurity
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_owasp-firmware-security-2024-activity-7192059960682242052-PAbG?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
ULTIMATE GUIDE TO:
Cybersecurity Risk Managemen Next Generation 2024
WHAT IS CYBERSECURITY RISK MANAGEMENT?
Cybersecurity risk management is the process of determining the risks that your organization is likely to face and then prioritizing and selecting the security control technologies, best practices, and policies to reduce or mitigate these risks.
Special Thanks❤️😇👍🏽🙏
Bugcrowd
-Secure Business Continuity-
2024.05.01
——————————————————
#RiskManagement #ISO27001 #CIS #NIST #ASM
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_cyber-security-mgmt-2024-activity-7191263706901602304-S0ym?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Turning EDRs to malicious
wipers using 0-day exploits:
Lessons Learned
A wiper is more dangerous if it uses
a trusted entity on the system for
deletion, especially a security control.
Having security controls does not
mean you are secure.
Security controls might be a preferred
target for attackers due to their very
high privileges and are most trust l
Special Thanks❤️😇👍🏽🙏
SafeBreach
Or Yair
-Secure Business Continuity-
2024.04.29
——————————————————
#CyberSecurity #EDR #Exploit #Wipers
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_bypass-avedr-wiper-2024-activity-7190575563584008192-X3C9?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
DevSecOps Playbook:
A step-by-step guide to implementing a DevSecOps program
Special Thanks❤️😇👍🏽🙏
Paul McCarty
-Secure Business Continuity-
2024.04.27
——————————————————
#CyberSecurity #OWASP #applicationSecurity
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_owasp-devsecops-2024-activity-7189829766269583360-Y9zy?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Threat intelligence:
Eyes on the ene
Special Thanks❤️😇👍🏽🙏
AuditBoard
CyberRisk Alliance Alliance
-Secure Business Continuity-
2024.04.25
——————————————————
#CyberSecurity #Threat #Alliance #Risk
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_threat-intelligence-2024-activity-7189186838543089664-G8l_?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Malware analysis
Voice Phishing Syndicates Unmasked: An In-Depth Investigation and Exposure 2024.
Special Thanks❤️😇👍🏽🙏
BlackHat
-Secure Business Continuity-
2024.04.23
——————————————————
#CyberSecurity #VoIP #Exploit #Phishing
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_voice-phishing-2024-activity-7188394361255034880-NQ-x?utm_source=share&utm_medium=member_ios
Tech book
Cloud Security
Kubernetes Security and Observability 2022
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.04.21
#DiyakoSecureBow
————————————
Analytics
Threat Research
CrowdStrike 2024 Global Threat Report
Special Thanks❤️😇👍🏽🙏
CrowdStrike
-Secure Business Continuity-
2024.05.30
——————————————————
#CyberSecurity #APT #Attack #Report
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_crowdstrike-gtt-2024-activity-7201965330171105282-m2Ke?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Among all cyber threats, ransomware groups continue to evolve into formidable adversaries, causing significant financial and operational disruptions.
This Ransomware Threat Landscape: Ransomware Resurgence 2023 report examines the evolving landscape of ransomware attacks from April 1, 2022, to March 31, 2023. The analysis includes 2,708 ransomware victims whose names were publicized by ransomware groups on their underground blogs. The report delves into the targeted industries, countries, and ransomware groups involved in these attacks, as well as the victims' Ransomware Susceptibility IndexTM (RSITM) values.
Although the overall number of ransomware attacks did not increase significantly until 2023, a resurgence in February and March 2023 was observed, with new ransomware gangs emerging and established players executing mass-ransomware attacks. The top targeted industries during this period were Manufacturing, Professional, Scientific, and Technical Services, and Educational Services. The United States remained the top targeted country, followed by the UK, Germany, Canada, and France.
Special Thanks❤️😇👍🏽🙏
blackkite.com
-Secure Business Continuity-
2024.05.22
——————————————————
#CyberSecurity #Malware #Ransomware #Threats
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_ransomware-report-2023-activity-7198981795260837889-LYe4?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Gartner Israel Briefing:
What you Need to Know about GenAI
and Security September 202
Special Thanks❤️😇👍🏽🙏
Gartner
-Secure Business Continuity-
2024.05.18
——————————————————
#CyberSecurity #benchmark #AI #Threats
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_gartner-ai-security2023-activity-7197808761971863552-oyV5?utm_source=share&utm_medium=member_ios
I am thrilled to announce that I have successfully passed the Certified Information Security Manager (CISM) exam from ❤️ISACA once again 2020-2027. I want to express my gratitude to the 😇ISACA team for their exceptional resources and guidance throughout my journey.
The CISM exam covers various aspects of building a Cyber Security Management Program including strategy, management, design, architecture, monitoring, risk, compliance, secure coding, leadership, development, training, policy-making, audit, evaluation, security-oriented controls, research, and development.
I would like to extend special thanks to my professional clients🙏 for their trust in my consulting and management of cyber security programs.
Also, 2 my colleagues (Diyako Secure Bow) 🤝for working collaboratively to provide technology edge and customized services to our customers.
Also,2 my contacts/followers✌️👌 for their support, positive energy, and expert feedback.
Lastly,2 My Lovely Family😘😍
I look forward to continuing to raise Cyber Security awareness and encourage everyone to stay up-to-date on defense tactics for a secure tomorrow.
#isaca #cism #cybersecurity #securitymanagement #riskmanagement #cybersecurityawareness
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.05.15
https://www.linkedin.com/posts/alirezaghahrood_cism-2020-2027-activity-7196438029123645440-cRbx?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
2023 State Of Ransomware In Education.
84% increase in known attacks over 6-month
Special Thanks❤️😇👍🏽🙏
Threat Intelligence Lab
-Secure Business Continuity-
2024.05.12
——————————————————
#CyberSecurity #Ransomware #Leakage #Threat
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_state-of-ransomware-2023-activity-7195336246406086658-x6AM?utm_source=share&utm_medium=member_ios
Whitepaper
Red Team Tactics
Credential Dumping Fake Services 2023.
Analytics
Infographics
Blue Team Techniques
1. The C2 Matrix, ver. 2024
https://lnkd.in/dVQkEXGX
https://lnkd.in/d8uB_K2p
2. Windows EDR Telemetry 2024
Comparison Table
https://lnkd.in/dWsEgbMi
https://lnkd.in/dNK3vCV7
And Special Thanks 🙏😇❤️👍🏽
Hacking Articles
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.05.06
https://www.linkedin.com/posts/alirezaghahrood_creddump-fake-services-2023-activity-7193103108837720064-nVZD?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Mobile Security
SS7 Attacker Heaven turns into Riot: How to make Nation-State and Intelligence Attackers’ lives much harder on mobile networks 2019.
SS7/Diameter firewall:
https://github.com/P1sec/SigFW
Problem Statement
The international SS7 network has been standardized and built in the past as a trusted network with only trusted partners. The network itself and by design does not authenticate and authorize the peers in the network and also does not encrypt the signaling communication. The exposure of these networks comes from the design and the architecture requirement of roaming architecture in past architecture releases.
Additionally we should not expect that the SS7 network will be phased out soon. The voice could be replaced by VoLTE (4G) with IMS home routed architecture, but such deployment requires VoLTE capable devices and VoLTE networks with the similar radio coverage compared to 2G, 3G. So before some operator decides to shut-down both 2G and 3G network, all the home subscribers should be VoLTE enabled. And the operator should also consider inbound-roamers.
In the LTE the Diameter protocol has replaced the SS7 signaling. However, similar issues are still present. Lack of authentication and no encryption of the signaling communication.
Special Thanks❤️😇👍🏽🙏
BlackHat
BlackHat Lab
Conference Presentation 2017
Martin Káčer, Philippe Langlois
-Secure Business Continuity-
2024.05.05
——————————————————
#CyberSecurity #API #Firewall #Honeypot #Mobile
#Vulnerability #Threat
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_ss7-sec-activity-7192648834928283648-N5Wv?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Threat Research
Muddling Meerkat: The Great Firewall Manipulator 2024
This paper introduces a perplexing actor, Muddling Meerkat, who appears to be a People’s Republic of China (PRC) nation state actor. Muddling Meerkat conducts active operations through DNS by creating large volumes of widely distributed queries that are subsequently
propagated through the internet using open DNS resolvers. Their operations intertwine with two topics tightly connected with China and Chinese actors: the Chinese Great Firewall (GFW) and Slow Drip, or random prefix, distributed denial-of-service (DDoS) attacks. While Muddling Meerkat’s operations look at first glance like DNS DDoS attacks, it seems unlikely that denial of service is their goal, at least in the near term.
Muddling Meerkat operations are long-running — apparently starting in October 2019 – and demonstrate a high degree of expertise in DNS.
Muddling Meerkat’s operations are complex. Indeed, they are so convoluted, one might assume that Muddling Meerkat presents no threat. But in cybersecurity, especially in the complex world of DNS, we should think strategically. In February 2024, the U.S. Cybersecurity
and Infrastructure Security Agency (CISA) and several international partners issued an advisory saying, “In recent years, the U.S. has seen a strategic shift in PRC cyber threat activity from a focus on espionage to pre-positioning for possible disruptive cyber attacks
against U.S. critical infrastructure.”
While that specific advisory focused on “living off the
land” techniques used by the actor Volt Typhoon, the message that “PRC cyber actors blend in with normal system and network activities, avoid identification by network defenses, and limit the amount of activity that is captured in common logging configurations” is eerily
similar to how well-hidden Muddling Meerkat remains.
Special Thanks❤️😇👍🏽🙏
Infoblox
-Secure Business Continuity-
2024.05.02
——————————————————
#Threat #CyberSecurity
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_the-great-firewall-manipulator-2024-activity-7191748506187902977-l-7C?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
MLSecOps
AI and Strategic Decision-Making:
Communicating trust and uncertainty in AI-enriched intelligence April 2024.
Special Thanks❤️😇👍🏽🙏
Megan Hughes, Richard J. Carter, Amy Harland and Alexander Babuta
Centre for Emerging Technology and Security (CETaS)
-Secure Business Continuity-
2024.04.30
——————————————————
#AI #ML #CyberSecurity #Intelligence
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_ai-strategic-decision-making-2024-activity-7190934144103698432-a5GB?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
2023 Outlook: What Trends are on the Near Horizon in Cybersecurity?
Special Thanks❤️😇👍🏽🙏
Omdia Service Provider Transformation
-Secure Business Continuity-
2024.04.28
——————————————————
#CyberSecurity #RBVM #IDR
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_cyber-security-outlook-2022-2024-activity-7190194436981592064-1S1o?utm_source=share&utm_medium=member_ios
Lost revenue, angry customers, regulatory fines… cyberattacks have far-reaching consequences.
👉 Projected costs to hit $10.5 trillion by 2025
👉 88% of breaches due to human error 🤓
https://thehackernews.com/2024/04/unmasking-true-cost-of-cyberattacks.html
Anyway
The Word Pilots' Day 26 April was selected by the International Federation of Air Line Pilots' Associations 2013 as a day that saw a prominent figure in aviation history, Fesa Evrensev taking to the sky 4 the first time
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.04.7
https://www.linkedin.com/posts/alirezaghahrood_lost-revenue-angry-customers-regulatory-activity-7189411954933829632-EsC8?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Whitepaper
Blue Team Techniques
Active Directory: Tactical Containment to Curb Domain Dominance 2024.
Special Thanks❤️😇👍🏽🙏
Chris Tierney
Russell Eubanks
-Secure Business Continuity-
2024.04.24
——————————————————
#CyberSecurity #ActiveDirectory #Microsoft #ACL
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_ad-domain-sec-2024-activity-7188784637677092864-Lumt?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
exploit
Unveiling the Cracks in Virtualization, Mastering the Host System - VMware Workstation Escape 2024.
Special Thanks❤️😇👍🏽🙏
BlackHat
-Secure Business Continuity-
2024.04.22
——————————————————
#CyberSecurity #Vmware #Exploit
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_vmware-escape-exploit-2024-activity-7188066648619175936-DALU?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
———————————
ABSTRACT:
Internet of Things (IoT) devices are gaining more and more importance in our daily lives. Through their deep integration they pose a potential risk for the user’s privacy. In this thesis, I use reverse engineering methods to analyze the security of the Xioami IoT ecosystem and its devices. I implement a tool to emulate the Xiaomi cloud and analyze the cloud protocol. I use different, some unconventional, methods to extract the device firmware and get privileged access on the devices. The evaluation shows that, even though Xiaomi is a large IoT company, their cloud protocol and Software Development Kit (SDK) have serious flaws. Also, the actual vendors of the devices do not put much effort into device security. A slightly positive aspect of this is the fact that users can use the flaws to get full control over their own devices.
Special Thanks
Technische Universität Darmstadt Department of Computer Science Secure Mobile Networking Lab
Technische Universität Darmstadt
🙏😇❤️👍🏽
-Secure Business Continuity-
2024.0420
——————————————————
#cybersecurity #Iot #Privacy #vulnerability
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_security-analysis-iot-ecosystem-2024-activity-7187306502112636929-FlF3?utm_source=share&utm_medium=member_ios