16444
@cissp International channel 4 Transmission Knowledge In the Field of Cyber Security with a Focus on the Content of the CISSP-ISC2 Course - - - - - - - - - - +also group: https://t.me/cisspgroup ————————— @alirezaghahrood
🕵️ Chinese state-backed hackers exploited FortiOS SSL-VPN flaws to breach a Dutch military network, deploying a stealthy backdoor called COATHANGER.
Learn more:
https://thehackernews.com/2024/02/chinese-hackers-exploited-fortigate.html
🔥 A critical vulnerability has been found in the shim bootloader, leaving millions of Linux systems vulnerable to attack.
Learn more about CVE-2023-40547: https://thehackernews.com/2024/02/critical-bootloader-vulnerability-in.html
Update your device immediately if it uses shim and Secure Boot.
🔔 URGENT: Cisco, Fortinet, and VMware have (again!) released patches for new critical vulnerabilities in their products.
Patch immediately to prevent device takeover, data theft, and operational disruption.
Learn more:
https://thehackernews.com/2024/02/critical-patches-released-for-new-flaws.html
🛑 Urgent: Patch it now - Hackers are exploiting it!
Fortinet has unveiled a critical security flaw in its SSL VPN, CVE-2024-21762, allowing hackers to execute arbitrary code.
Learn more:
https://thehackernews.com/2024/02/fortinet-warns-of-critical-fortios-ssl.html
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.02.12
https://www.linkedin.com/posts/alirezaghahrood_chinese-hackers-exploited-fortigate-flaw-activity-7162797436279754752-YVLs?utm_source=share&utm_medium=member_ios
Job description of a Senior Cyber Security Manager or CISO or V CISO :A Senior Cyber Security Manager or CISO or VCISO is responsible for safeguarding systems and networks against digital attacks and cyber threats. With extensive experience in the field of security, this individual engages in analyzing and identifying vulnerabilities, preventing cyber attacks, enhancing security measures, and providing training to employees. Additionally, they play a crucial role in responding to security incidents.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.02.08
https://www.linkedin.com/posts/alirezaghahrood_job-description-of-a-senior-cyber-security-activity-7161393984412536841-_XpH?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Techbook
Ultimate Blockchain Security Handbook: Advanced Cybersecurity Techniques and Strategies for Risk Management, Threat Modeling, Pentesting, and Smart Contract Defense for Blockchain 2023.
-Business Secure Continuity-
2024.02.07
——————————————————
#blockchaintechnology #artificialintelligence #riskmanagement #pentesting #cybersecurity
#BusinessSecureContinuity
#DiyakoSecureBow
———————————
We are very, very grateful and happy for your direct and indirect support and it is very valuable for us. 🙏❤️✌🏼😇
3/500✌🏼
-Business Secure Continuity-
2024.02.03
——————————————————
#marketanalysis #branding
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_diyakosecurebow-marketanalysis-branding-activity-7159406399746150401-aphr?utm_source=share&utm_medium=member_ios
tools
Red Team Tactics
Offensive security
Open-source toolkit for hackers and security automation
https://github.com/We5ter/Scanners-Box
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.02.02
Research
Threat Research
Blue Team Techniques
Threat Intelligence of Abused Public Post-Exploitation Frameworks 2024.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.31
https://www.linkedin.com/posts/alirezaghahrood_abuse-public-2024-activity-7158363489466564608-fTWS?utm_source=share&utm_medium=member_ios
I am happy to announce that I have recently received my
Cyber Security ,…Voice Badge🏅.
I hope to experience more success in this field and share it with others.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.27
https://www.linkedin.com/posts/alirezaghahrood_i-am-happy-to-announce-that-i-have-recently-activity-7156954875891728384-XkpT?utm_source=share&utm_medium=member_ios
Cloud Security
Lateral Movements in Kubernetes 2023.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.24
https://www.linkedin.com/posts/alirezaghahrood_lm-kubernetes-2023-activity-7155793853319438336-jRXe?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
MLSecOps
Whitepaper
Principles for the security of machine learning Aug 2022.
-Business Secure Continuity-
2024.01.24
——————————————————
#cybersecurity #AI #ML
#BusinessSecureContinuity
Malware analysis
1. A lightweight method to detect potential iOS malware🤓
https://securelist.com/shutdown-log-lightweight-ios-malware-detection-method/111734
2. Industry-Specific Ransomware Trends 2023🥶
https://blog.checkpoint.com/research/check-point-research-2023-the-year-of-mega-ransomware-attacks-with-unprecedented-impact-on-global-organizations
Analytics
Advanced threat predictions for 2024💀
https://securelist.com/kaspersky-security-bulletin-apt-predictions-2024/111048
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.20
https://www.linkedin.com/posts/alirezaghahrood_malware-analysis-1-a-lightweight-method-activity-7154331132652597249-13dH?utm_source=share&utm_medium=member_ios
Thank you Mohsen Houshmand Sarvestani for reviewing my Cybersecurity service. It was great working with you. To learn more about my work, visit my Service Page.
Special Thanks Bro
For many years, we have worked in the expert body of both employers and companies that provide services, products and solutions for cyber security and related technologies. We have a good understanding of problems, challenges, shortcomings, etc Taken from the opinions of real and legal customers That It consists of national, organizational, extensive collaborations and cross-border and international projects.
The approach to cyber security needs is based on standards, requirements, risks, non-conformities in a balance of budget, human power and organizational culture. With the help of cycle We carry out needs assessment, research and development, design, implementation, audit, optimization(FineTune), hardening, operation and customized training with an eye on maturity. Ask the team for feedback from customers who have trusted us and are our most valuable asset + output and effectiveness.
✌🏼🙏❤️👍🏽
cryptography
National Security Agency (NSA) Military Cryptanalytics"
Part III by Lambros D.Callimahos, 2021.
/channel/cissp/7385
/channel/CISOasaService/14858
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.19
Thank you Sophia Alikhani for reviewing my Corporate Training service. It was great working with you. To learn more about my work, visit my Service Page.
Special Thanks Ms
For many years, we have worked in the expert body of both employers and companies that provide services, products and solutions for cyber security and related technologies. We have a good understanding of problems, challenges, shortcomings, etc Taken from the opinions of real and legal customers That It consists of national, organizational, extensive collaborations and cross-border and international projects.
The approach to cyber security needs is based on standards, requirements, risks, non-conformities in a balance of budget, human power and organizational culture. With the help of cycle We carry out needs assessment, research and development, design, implementation, audit, optimization(FineTune), hardening, operation and customized training with an eye on maturity. Ask the team for feedback from customers who have trusted us and are our most valuable asset + output and effectiveness.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.18
https://www.linkedin.com/posts/alirezaghahrood_thank-you-sophia-alikhani-for-reviewing-my-activity-7153660303958814720-hkUS?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
———————————
WHEN THE LIGHTS
WENT OUT
A COMPREHENSIVE REVIEW OF THE 2015 ATTACKS ON UKRAINIAN CRITICAL INFRASTRUC
-Business Secure Continuity-
2024.01.13
——————————————————
#cybersecurity #cyberattack #malwareanalysis #operationaltechnology #OT
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_ukraine-report-20232015-attack-ot-activity-7151787545461170176-xN26?utm_source=share&utm_medium=member_ios
The diversity of talent in cybersecurity, which is what makes the field so refreshingly different from many others, is also one of the critical factors that stifles its evolution.
https://www.linkedin.com/posts/alirezaghahrood_the-diversity-of-talent-in-cybersecurity-activity-7151176698082779136-Ydrr?utm_source=share&utm_medium=member_ios
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.11
#DiyakoSecureBow
————————————
STATE OF CYBER AWARENESS IN THE
BOARD ROOM REPORT:
An In-Depth Analysis of the State of Cyber Awareness, Education, and Expertise of Board of Directors at S&P 500 Companies.
Cyber risk is now one of the top risk areas boards are spending time on and raising their awareness of the resiliency needs across their respective organizations and sectors. With the recent finalization of the SEC rules on cybersecurity disclosures, I am expecting the evolution to continue at a rapid rate.
Special Thanks
NightDragon
https://www.diligentinstitute.com
❤️😇✌🏼🙏
-Business Secure Continuity-
2024.02.12
——————————————————
#cyberdefense #cyberawareness #ciso
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_state-of-cyber-awareness-2024-activity-7162679237437448192-yxFk?utm_source=share&utm_medium=member_ios
Apply What You Have Learned Today: Vendors
#RSAC
Stronger Together
• Review your code to ensure it does not allow deleting or writing to privileged registry keys via registry symlink manipulation
• Always use user impersonation when accessing unprotected registry
keys or objects in general from privileged processes
• Set the correct ACL on your created registry keys
• Registry links, like other symbolic links, can pose potential security risks, underscoring the need for cautious access and appropriate
security measures to mitigate these risks
API documentation should include potential security risks to promote
secure coding practices a n d reduce the likelihood of security incident
Special Thanks
Crosspoint Labs
Bahaa Naamneh
❤️🙏😇👍🏽
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.02.07
https://www.linkedin.com/posts/alirezaghahrood_undocumented-api-2024-activity-7160852183276519424-LV6A?utm_source=share&utm_medium=member_ios
Pentesting Active Directory
a n d W i n d o w s - b a s e d I n f r a s t r u c t u r e
A comprehensive practical guide t o penetration testing
Microsoft i n f r a s t r u c t u r e😊
4 all security professionals who are fighting a good battle.
👇🏻
/channel/CISOasaService/14886
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.02.04
Analytics
State of API Security 2024:
The API Secret Sprawl
https://escape.tech/blog/how-we-discovered-over-18-000-api-secret-tokens
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.02.03
https://www.linkedin.com/posts/alirezaghahrood_state-api-sec-2024-activity-7159417737587417088-xXb0?utm_source=share&utm_medium=member_ios
🔒 Strengthening Your Cybersecurity Posture.
Did you know that less than half of cybersecurity pros have complete visibility into vulnerabilities? Regular assessments are key.
Learn more:
https://thehackernews.com/2024/01/top-security-posture-vulnerabilities.html
🚀 ANYRUN now supports Linux!
🐧 Linux faces frequent cyber threats targeting passwords, browser data, wallets, and logins. But with ANYRUN update you can:
✔️ Collect #IOCs using Ubuntu VM
✔️ Analyze Linux-based malware
Try ANYRUN free today!
https://thehackernews.co/malware-sandbox
Analytics
Threat Research😍
Intelligence Driven Threat Hunting 4 CiSO s
SentinelOne WatchTower End Of Year Report 2023.
Special Thanks
SentinelOne
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.02.01
https://www.linkedin.com/posts/alirezaghahrood_wath-tower-2023-perfecf-activity-7158673193686163456-drXS?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Cybersecurity Ecosystem
Introduction
This is an ongoing project to capture the taxonomy of the entire cybersecurity industry.
The mapping project is a combination of visuals, definitions, and examples from each area of the ecosystem. Seeing the ecosystem from multiple views is the most practical approach to grappling with the enormity of it all.
A table of contents is available to help you navigate through the mapping. It's large, and there is no way to simplify it without losing important details.
Various image formats and source files are also available at the bottom. You're welcome to use them as you please.
For more background on the thought process behind the project, check out the introductory article:
Special Thanks
Strategy of Security
https://lnkd.in/dXqGy47i
-Business Secure Continuity-
2024.01.28
——————————————————
#cybersecurity #cyberattack #threatintelligence #chiefinformationsecurityofficer
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_cyber-security-ecosystem-2024-activity-7157603600980942848-Vi-W?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
MLSecOps
Whitepaper
Principles for the security of machine learning Aug 2022.
/channel/CISOasaService/14866
/channel/cissp/7391
Special Thanks
National Cyber Security Centre
-Business Secure Continuity-
2024.01.24
——————————————————
#cybersecurity #AI #ML
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_ciso-as-a-service-activity-7155797620689383425-sb_6?utm_source=share&utm_medium=member_ios
Cloud Security
Lateral Movements in Kubernetes 2023.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.24
We wrapped ourselves in ourselves, like closing a cocoon. Will we become butterflies? 🫥
Anyway,
More Zero-Days !!!
✅ Citrix fixes critical RCE flaws (CVE-2023-6548, CVE-2023-6549) exploited in wild.
✅ VMware Aria Automation bug (CVE-2023-34063) allows attacker control.
✅ Atlassian issues fixes for 24+ flaws, including RCE.
Patch, Update ASAP:
https://thehackernews.com/2024/01/citrix-vmware-and-atlassian-hit-with.html
DFIR
Infographics
"Log Sources v.1.1", 12.2023.
https://github.com/Neo23x0/Talks
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.21
https://www.linkedin.com/posts/alirezaghahrood_we-wrapped-ourselves-in-ourselves-like-closing-activity-7154703304084594688-XZZB?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Tech book
Software Testing Automation: Testability Evaluation, Refactoring, Test Data Generation and Fault Localization 2023.👇🏻
/channel/CISOasaService/14860
/channel/cissp/7387
Cyber Education
The materials of the "Hypervisor 101 in Rust" class held at Global Cybersecurity Camp 2023 Singapore
https://github.com/tandasat/Hypervisor-101-in-Rust
-Business Secure Continuity-
2024.01.20
——————————————————
#cybersecurity #cyberattack #fuzzing #softwaretester
#BusinessSecureContinuity
cryptography
National Security Agency (NSA) Military Cryptanalytics"
Part III by Lambros D.Callimahos, 2021.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.19
Thank you Mohsen Azarnejad for reviewing my Cybersecurity service. It was great working with you. To learn more about my work, visit my Service Page.
Special Thanks Dear Bro
For many years, we have worked in the expert body of both employers and companies that provide services, products and solutions for cyber security and related technologies. We have a good understanding of problems, challenges, shortcomings, etc Taken from the opinions of real and legal customers That It consists of national, organizational, extensive collaborations and cross-border and international projects.
The approach to cyber security needs is based on standards, requirements, risks, non-conformities in a balance of budget, human power and organizational culture. With the help of cycle We carry out needs assessment, research and development, design, implementation, audit, optimization(FineTune), hardening, operation and customized training with an eye on maturity. Ask the team for feedback from customers who have trusted us and are our most valuable asset + output and effectiveness.
سال هاست در بدنه كارشناسي هم كارفرمايان و هم شركت هاي ارائه دهنده خدمات، سرويس ها ، محصولات و راهكارهاي امنيت سايبري و فناوري هاي وابسته كار كرده ايم
به مشكلات، چالش ها، كاستي ها، … اشراف مناسبي داريم
برگرفته از نظرات مشتريان حقيقي و حقوقي
كه
مشتمل از همكاري هاي ملي، سازماني، گسترده و پروژه هاي فرا مرزي و بين المللي هست
رويكرد به نياز هاي امنيت سايبري را صر ف استاندارد ها، الزامات، ريسك ها، عدم انطباق ها در تعادلي از بودجه، نيروي انساني و فرهنگ سازماني
به كمك چرخه
نيازسنجي، تحقيق و توسعه بروز، طراحي، استقرار، مميزي، بهينه سازي ، امن سازي، راهبري ، آموزش هاي سفارشي سازي شده با نگاه به بلوغ انجام مي دهيم.
بازخورد تيم را از مشترياني كه اعتماد كرده اند و دارايي به شدت مهم ما هستند، بپرسيد
+ خروجي و اثر بخشي
✌🏼🙏❤️👍🏽
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.15
https://www.linkedin.com/posts/alirezaghahrood_thank-you-mohsen-azarnejad-for-reviewing-activity-7152445907219668992-Cxqh?utm_source=share&utm_medium=member_ios
T H R E AT H U N T I N G P L AY B OO K
LEARN HOW TO EMBRACE A PROACTIVE SECURITY POSTUR
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.01.13
https://www.linkedin.com/posts/alirezaghahrood_threat-hunting-playbook-2023-activity-7151784348835348480-clQY?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
———————————
Executive Dashboard
InitialAccessBrokers
-Business Secure Continuity-
2024.01.10
——————————————————
#cybersecurity #cloud
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_diyakosecurebow-cybersecurity-cloud-activity-7150738302193537026-2Hr-?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
———————————
Hardening
Office 365 Secure Configuration Framework Feb.2024
-Business Secure Continuity-
2024.01.09
——————————————————
#cybersecurity #office365 #hardening
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_office365-sec-config-2024-activity-7150322827877949441-R52P?utm_source=share&utm_medium=member_ios