16255
@cissp International channel 4 Transmission Knowledge In the Field of Cyber Security with a Focus on the Content of the CISSP-ISC2 Course - - - - - - - - - - +also group: https://t.me/cisspgroup ————————— @alirezaghahrood
🚨 Heads up, WordPress admins!
A critical SQL injection flaw in the LayerSlider plugin (CVE-2024-2879) could lead to sensitive data leaks. If you haven't updated, make sure to install version 7.10.1 or latest.
Find details:
https://thehackernews.com/2024/04/critical-security-flaw-found-in-popular.html
Anyway
Vulnerability Management process:
1. Tool spots a vulnerability
2. Correctly Assign the Vulnerability to the proper Developer Organization
3. Validate the vulnerability isn’t a false positive
4. Prioritize the vulnerability according to a risk score / patching timeline
5. Identify if there is an existing patch/work around
6. Determine amount of time and resources to patch
7. Create a patch/fix on a developer laptop
8. Test patch/fix
9. Deploy to Quality Assurance Environment
10. Perform Regression Testing
11. Create a Change Ticket
12 Pass a Change Approval Process
13. Schedule a Change Release
14. Deploy Fix into Production
15. Validate Success of Fix or Roll Back
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.04.04
https://www.linkedin.com/posts/alirezaghahrood_heads-up-wordpress-admins-a-critical-activity-7181546900301496322-2075?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Analytics
We’re All in this Together:
A Year in Review of Zero-Days Exploited In-the-Wild in 2023", March 2024.
This report presents a combined look at what Google knows about zero-day exploitation, bringing together analysis from TAG and Mandiant holistically for the first time. The goal of this report is not to detail each individual exploit or exploitation incident, but look for trends, gaps, lessons learned, and successes across the year as a whole. As always, research in this space is dynamic and the numbers may adjust due to the ongoing discovery of past incidents through digital forensic investigations.
We’re excited to bring together a broader look at this space with the integration of Mandiant into Google. The report leverages TAG and Mandiant original research, combined with breach investigation findings and reporting from reliable open sources. The numbers presented here reflect our joint understanding, deduplicating how our teams separately may have tracked exploited vulnerabilities in years past. As a result, discerning readers may notice a difference between our numbers here and in prior years’ reporting
Special Thanks❤️😇👍🏽🙏
Mandiant (now part of Google Cloud)
Google
-Business Secure Continuity-
2024.04.03
——————————————————
#Cybersecurity #cloud #google #mandiant
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_year-review-2023-google-security-activity-7181149672256724992-9Fdl?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Tech book
Introduction to Kubernetes Networking and Security 2024.
Special Thanks❤️😇👍🏽🙏
Tigera
https://www.tigera.io
-Business Secure Continuity-
2024.04.01
——————————————————
#Cybersecurity #cloud #kubernetes
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_kubernetes-security-2024-activity-7180543419528691713-gtwr?utm_source=share&utm_medium=member_ios
hardening
Windows 10/11 Hardening Script
https://github.com/ZephrFish/WindowsHardeningScript
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.03.28
https://www.linkedin.com/posts/alirezaghahrood_hardening-windows-1011-hardening-script-activity-7179022123380727808-lbNa?utm_source=share&utm_medium=member_ios
Is your cybersecurity strategy evolving? Traditional perimeter defenses are no longer enough. Discover how focusing on privileged users can transform your security posture.
Dive deeper into the shift ➜
https://thehackernews.com/2024/02/superusers-need-super-protection-how-to.html
Tech book
Windows Security Internals with PowerShell 2024.
/channel/CISOasaService/14994
Tech book
Practical Hardware Pentesting:
A guide to attacking embedded systems and protecting them against the most common hardware attacks.
https://github.com/PacktPublishing/Practical-Hardware-Pentesting
/channel/CISOasaService/14995
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.03.27
Tech book
Windows Security Internals with PowerShell 2024.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.03.27
#DiyakoSecureBow
————————————
Infographics
Ransomware Ecosystem Map, v.26, 2024.
https://lnkd.in/eSsDkqng
-Business Secure Continuity-
2024.03.25
——————————————————
#malware #Ransomware #Threat #Cybersecurity
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_ransomware-ecosystem-2024-activity-7177903280621035520-m2W2?utm_source=share&utm_medium=member_ios
exploit
1.CVE-2023-48788:
Fortinet FortiClient EMS SQL Injection
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive
2.VM Escape Exploit for Parallels Desktop Hypervisor:
https://zerodayengineering.com/research/pwn2own-2021-vm-escape.html
PoC: https://github.com/badd1e/Pwn/tree/main/prl_pwn_v1.1
3. CVE-2024-2432:
Palo Alto GlobalProtect EoP
https://github.com/Hagrid29/CVE-2024-2432-PaloAlto-GlobalProtect-EoP
Sec code review
Dangling Pointer Guide
https://chromium.googlesource.com/chromium/src/+/refs/heads/main/docs/dangling_ptr_guide.md
Dangling Pointer Detector:
https://chromium.googlesource.com/chromium/src/+/refs/heads/main/docs/dangling_ptr.md
*منم آن شهری که یادش رفته
کسی را ندارم♩♬ دلش میخواهد عرق سرمست ولی نا ندارد♩♬
اگر شب تبر میزند نیوفتاده ام.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.03.24
Research
OpenVPN is Open to VPN Fingerprinting 2024.
Network traffic classification library:
https://lnkd.in/d7rErkTQ
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.03.23
https://www.linkedin.com/posts/alirezaghahrood_vpn-clear-exchange-2024-activity-7177295194122293248-7Jbd?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Analytics
Threat Research
Threat Detection Report: Techniques, Trends, Takeaways 2024.
Special Thanks🙏❤️😇
Red Canary
-Business Secure Continuity-
2024.03.16
——————————————————
#cybersecurity #Vulnerability
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_threat-detection-report-2024-activity-7174625222535331840-kJTR?utm_source=share&utm_medium=member_ios
⚠️ Vulnerability Alert: Fortinet warns of a severe SQL Injection vulnerability (CVE-2023-48788) in FortiClientEMS allowing unauthenticated attackers to execute code remotely.
Details:
https://thehackernews.com/2024/03/fortinet-warns-of-severe-sqli.html
Check if your versions are affected and upgrade ASAP!
🥶https://www.fortiguard.com/psirt/FG-IR-24-013
Analytics
Red Team Tactics
Top 10 Blockchain Hacking Techniques 2023
https://blog.openzeppelin.com/top-10-blockchain-hacking-techniques-of-2023
Blue Team Techniques
Microsoft Entra ID: The Complete Guide
To Conditional Access Policies
https://www.rezonate.io/blog/microsoft-entra-id-the-complete-guide-to-conditional-access-policies
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.03.15
https://www.linkedin.com/posts/alirezaghahrood_vulnerability-alert-fortinet-warns-of-activity-7174341133844574209-7mj8?utm_source=share&utm_medium=member_ios
Tech book
Azure Security 2024.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.02.12
Tech book
Cloud and Edge Networking 2023.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.02.12
#DiyakoSecureBow
———————————
SCADA Security
Mode Matters: Monitoring PLCs for Detecting Potential ICS/OT Incidents 2024
-Business Secure Continuity-
2024.02.008
——————————————————
#plcprogramming #otsecurity
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_detecting-ics-incidents-2024-activity-7171863795022061572-2EmN?utm_source=share&utm_medium=member_ios
Malware analysis
1. Scam .pdf files
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/rise-in-deceptive-pdf-the-gateway-to-malicious-payloads
2. ComPromptMized: Unleashing 0-click Worms that Target GenAI-Powered Applications
https://sites.google.com/view/compromptmized
3. Malicious traffic detection system
https://github.com/stamparm/maltrail
4. CryptoChameleon: New Phishing Tactics Exhibited in FCC-Targeted Attack
https://www.lookout.com/threat-intelligence/article/cryptochameleon-fcc-phishing-kit
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.02.05
https://www.linkedin.com/posts/alirezaghahrood_malware-analysis-1-scam-pdf-files-https-activity-7170644257706307585-Ttf1?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Google observed 97 zero-day vulnerabilities exploited in-the-wild in 2023, over 50 percent more than 2022 (62 vulnerabilities), but shy of the record 106 vulnerabilities exploited in 2021.
These numbers reflect the combined analysis of Google’s Threat Analysis Group (TAG) and Mandiant, brought together holistically for the first time.
We split the vulnerabilities we reviewed into two
main categories: end user platforms and products (e.g. mobile devices, operating systems, browsers, and other applications) and enterprise-focused technologies such as security software and appliance
Special Thanks❤️😇👍🏽🙏
Mandiant (now part of Google Cloud)
Google
Google Cloud
-Business Secure Continuity-
2024.04.04
——————————————————
#Cybersecurity #cloud #google #mandiant
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_year-review-2023-google-security-activity-7181528756056899585-x8P3?utm_source=share&utm_medium=member_ios
Threat_Research
The Art of Cross-Languages: Weblogic Serialization Vulnerability and IIOP Protocol
https://github.com/gobysec/Weblogic/blob/main/Weblogic_Serialization_Vulnerability_and_IIOP_Protocol_en_US.md
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.04.02
Developing an Enterprise IPv6 Security Strategy
Part 1 ,2- Baseline Analysis of IPv4 Network Security
https://insinuator.net/2015/12/developing-an-enterprise-ipv6-security-strategy-part-1-baseline-analysis-of-ipv4-network-security
https://insinuator.net/2015/12/developing-an-enterprise-ipv6-security-strategy-part-2-network-isolation-on-the-routing-layer
Malware_analysis
DinodasRAT Linux implant
https://securelist.com/dinodasrat-linux-implant/112284
😇
https://soundcloud.com/khruangbin/khruangbin-a-love
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.03.31
#DiyakoSecureBow
————————————
Offensive Security
Spoofed Emails: An Analysis of the Issues Hindering a Larger Deployment of DMARC 2024.
-Business Secure Continuity-
2024.03.27
——————————————————
#spoof #threats #Vulnerability
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_spoofed-emails-2024-activity-7178628056138268672-179S?utm_source=share&utm_medium=member_ios
Tech book
Practical Hardware Pentesting:
A guide to attacking embedded systems and protecting them against the most common hardware attacks.
https://github.com/PacktPublishing/Practical-Hardware-Pentesting
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.03.27
#DiyakoSecureBow
————————————
Analytics
MLSecOps
Why Red Teams
Play a Central Role in Helping Organizations Secure AI Systems 2023
Special Thanks❤️🙏😇
Google
-Business Secure Continuity-
2024.03.26
——————————————————
#google #offensive #Redteam #vulnerability
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_redteam-google-2023-activity-7178258114717118464-KOzN?utm_source=share&utm_medium=member_ios
Definitive guide to ransomware:
In some extreme cases, attackers demanded
that victims pay as much as USD 80 million to
have data released.
Ransomware is an online attack perpetrated by cybercriminals or
nation state-sponsored groups who demand a monetary ransom
to release a hold on encrypted or stolen data. Increasingly,
ransomware attacks result in crisis-level operational impact
to critical infrastructure and commercial organizations, while
criminals threaten to publicly release or destroy data if prompt
payment isn’t made.
In the past decade, ransomware attacks have evolved from
a consumer-level nuisance of fake antivirus products to
sophisticated malware with advanced encryption capabilities
that now primarily target public and private-sector organizations.
Robustly applied threat intelligence can help identify industries
and geographies considered a primary target at any given time,
but no individual or organization is immune to attack.
Special Thanks ✌ 🙏 ❤️ 😊
IBM Security
IBM
IBM iX
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.03.24
https://www.linkedin.com/posts/alirezaghahrood_definitive-guide-2-ransomware-2023-by-ibm-activity-7177544689112260608-xQ41?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
KEY FINDINGS FROM THE SURVEY INCLUDE:
VPN Vulnerabilities and Cybersecurity Impacts: Despite their critical role, VPNs pose security risks, with 88% of organizations expressing a slight to extreme concern
that VPNs may jeopardize their environment’s security. Furthermore, 45% of organizations confirmed experiencing at least one attack that exploited VPN vulnerabilities in the last 12 months - one in three became victim of VPN-related ransomware attacks. The increasing threat of cyberattackers exploiting VPN vulnerabilities underscores the urgent need to address the security of current VPN architectures.
VPN Use and User Experience: VPNs have a broad spectrum of use, with 84% of respondents identifying remote employee access as their primary application. However, users reported a less than optimal experience, with a majority of users dissatisfied with their VPN experience (72%), highlighting
the need for more user-friendly and reliable remote access solutions in the digital workplace.
Special Thanks🙏❤️😇
Zscaler
-Business Secure Continuity-
2024.03.203
——————————————————
#vpn #risk #Cybersecurity
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_vpn-risk-report-2023-activity-7177299139129393152-Bv0z?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
Analytics
The Future of Application Security 2024
Special Thanks🙏❤️😇
Checkmarx
-Business Secure Continuity-
2024.03.20
——————————————————
#applicationsecurity #Cybersecurity
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_appsec-report-2024-activity-7176164532287881222-3vr0?utm_source=share&utm_medium=member_ios
Tech book
Okta Administration Up and Running: Drive operational excellence with IAM solutions for on-premises and cloud apps 2023.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.03.15
Tech book
Hacker: Hack The System 2024.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.02.12
Tech book
Hard Real-Time Computing Systems: Predictable Scheduling Algorithms and Applications. Fourth Edition 2024.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.02.12
Mental Models for Cyber Defense
- Part 1 of 3 -
Attack Surface Management is a PRIORITY:
https://JymCheong.hacklido.com/d/100-mental-models-for-cyber-defense-part-1-of-3-attack-surface-management-is-a-priority
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.02.06
https://www.linkedin.com/posts/alirezaghahrood_mental-models-for-cyber-defense-part-1-activity-7171039338699321346-pa6b?utm_source=share&utm_medium=member_ios
Analytics
Threat Research
The 2024 Crypto Crime Report:
The latest trends in ransomware, scams, hacking and more Feb. 2024.
Special Thanks😍👍🏽😇🙏
Chainalysis
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.02.04
https://www.linkedin.com/posts/alirezaghahrood_crypto-crime-rep-2024-activity-7170278035965755392-gg5D?utm_source=share&utm_medium=member_ios