Network Security Channel

مجموعه خوبی از چک لیست های مقاوم سازی شما هم می‌توانید در غنی کردن آن سهیم باشید https://github.com/decalage2/awesome-security-hardening @Engineer_Computer

تحقيقاتي که آشکار می‌سازد به احتمال زیاد سازمان NSA در تلاش برای ضعیف سازی و گذاشتن درب پشتی در استاندارد رمزنگاری پسا کوانتومی است . https://blog.cr.yp.to/20231003-countcorrectly.html https://www.newscientist.com/article/2396510-mathematician-warns-us-spies-may-be-weakening-next-gen-encryption/ @Engineer_Computer

توصیه هایی از ISC2 برای آزمون https://www.isc2.org/Insights/2023/10/Exam-Prep-Hacked-Study-Tips-and-Tricks-that-Really-Work @Engineer_Computer

Inside the Mind of a Hacker: 2023 Edition گزارش مفيد و جذاب Bugcrowd, one of the world's largest crowdsourced security platforms managing many bug bounty and vulnerability disclosure programs, analyzed 1000 survey responses from hackers on it's platform. These responses, combined with millions of proprietary data points on vulnerabilities collected across thousands of programs, were used to create this year's "Inside the Mind of a Hacker" report. Interesting stats include: ➡️ 5% of hackers are under 18, and only 10% over the age of 35 ➡️ 93% of hackers are fluent in at least two languages ➡️ India and Bangladesh are the top 2 countries where hackers live ➡️ 96% are male ➡️ 77% of hackers report working in IT or cybersecurity ➡️ 75% of hackers identify non-financial factors as their main motivators ➡️ 91% of hackers expect AI to amplify the value of their work ➡️ 72% of hackers doubt AI will ever match their human creativity Download report https://www.bugcrowd.com/blog/inside-the-mind-of-a-hacker-2023-edi @Engineer_Computer

🔑 Default password-free sign-ins for everyone. Google introduces passkeys for all users, simplifying your online security. Learn all about it: https://thehackernews.com/2023/10/google-adopts-passkeys-as-default-sign.html 🛑 A critical flaw (CVE-2023-22515) in Atlassian Confluence is being exploited by a nation-state actor, Storm-0062. Read: https://thehackernews.com/2023/10/microsoft-warns-of-nation-state-hackers.html Upgrade to the latest versions ASAP to safeguard your data and systems. @Engineer_Computer

Blue Team Techniques 1. Scanner for CVE-2023-22515 - Broken Access Control Vulnerability in Atlassian Confluence https://github.com/ErikWynter/CVE-2023-22515-Scan 2. Scanner for CMS Joomla CVE-2023-23752 https://github.com/z3n70/CVE-2023-23752 @Engineer_Computer

🔒 Hackers are exploiting the CVE-2023-3519 vulnerability in Citrix NetScaler devices for credential harvesting attacks. Patch your systems ASAP! Read more: https://thehackernews.com/2023/10/citrix-devices-under-attack-netscaler.html 🚨 Heads up, Linux users! A new critical vulnerability in the libcue library exposes GNOME Linux systems to remote code execution (RCE) attacks. Read details of CVE-2023-43641 here: https://thehackernews.com/2023/10/libcue-library-flaw-opens-gnome-linux.html @Engineer_Computer

⚡️ Gaza-based hacker group Storm-1133 targets Israeli energy, defense, and telecom. Microsoft's report exposes tactics, including employing LinkedIn fakes & dynamic C2 infra on Google Drive. Read: https://thehackernews.com/2023/10/gaza-linked-cyber-threat-actor-targets.html 🔐 Multiple high-severity vulnerabilities discovered in ConnectedIO's 3G/4G routers and cloud platform could let hackers execute malicious code and access sensitive data. Get the details: https://thehackernews.com/2023/10/high-severity-flaws-in-connectedios.html @Engineer_Computer

🔒Worried about AI-related threats? Join our panel discussion with cybersecurity experts: - David Primor, Founder & CEO of Cynomi - Elad Schulman, Founder & CEO of Lasso Security ... and learn practical security policies and practices to shield your clients. https://thehacker.news/ai-llm-threats?source=social @Engineer_Computer

Inside the Mind of a Hacker: 2023 Edition گزارش مفيد و جذاب Bugcrowd, one of the world's largest crowdsourced security platforms managing many bug bounty and vulnerability disclosure programs, analyzed 1000 survey responses from hackers on it's platform. These responses, combined with millions of proprietary data points on vulnerabilities collected across thousands of programs, were used to create this year's "Inside the Mind of a Hacker" report. Interesting stats include: ➡️ 5% of hackers are under 18, and only 10% over the age of 35 ➡️ 93% of hackers are fluent in at least two languages ➡️ India and Bangladesh are the top 2 countries where hackers live ➡️ 96% are male ➡️ 77% of hackers report working in IT or cybersecurity ➡️ 75% of hackers identify non-financial factors as their main motivators ➡️ 91% of hackers expect AI to amplify the value of their work ➡️ 72% of hackers doubt AI will ever match their human creativity Download report https://www.bugcrowd.com/blog/inside-the-mind-of-a-hacker-2023-edi @Engineer_Computer

tools Threat Research Python Scripts to Exploit or Discover Network vulnerabilities and misconfiguration https://github.com/aaaalmassri/Network_Hacking_Scripts @Engineer_Computer

exploit 1. CVE-2023-5074: D-Link D-View Authentication Bypass https://github.com/codeb0ss/CVE-2023-5074-PoC 2. CVE-2023-38139: Windows Kernel Refcount Overflow/UaF https://packetstormsecurity.com/files/174849/Microsoft-Windows-Kernel-Refcount-Overflow-Use-After-Free.html @Engineer_Computer

DFIR Incident Response: IR on Microsoft Security Incidents (KQL edition) https://kqlquery.com/posts/kql-incident-response @Engineer_Computer

As LotL Attacks Evolve, So Must Defenses An LotL phishing attack's initial goal is a credential harvesting page where threat actors will steal a user's email address and password. Once logged in, they do reconnaissance within the organization (including looking through that person's inbox for opportunities to commit a business email compromise attack). For example, if the target is in finance, the threat actor may initiate a wire transfer or reroute invoicing traffic. If the target is not high value, threat actors will pivot and attack that user's contacts to conduct a CHA or distribute malware by replying to legitimate conversations in the inbox. @Engineer_Computer

Ransomware and Data Breaches: Impacts Continue to Grow Louder I often get asked these questions (and more), and the answers can take months or years to be released after an event. In some instances, the specific details remain hidden from public view — concealed inside the databases of cyber insurance companies or classified files guarded by three-letter government agencies. @Engineer_Computer

United Airlines Says the Outage That Held Up Departing Flights Was Not a Cybersecurity Issue By late afternoon Tuesday on the East Coast, United had canceled only seven flights, well below its average of about 16 per day over the busy Labor Day weekend, according to figures from tracking service FlightAware. However, more than 350 United flights were delayed — 13% of the carrier’s schedule, far more than rivals American, Delta and Southwest — on a day that many holiday vacationers were expected to fly home. @Engineer_Computer

GhostSec Leaks Source Code of Alleged Iranian Surveillance Tool Behnama in particular is not just a tool, but "a powerful instrument of surveillance" that is used by the Iranian government, law enforcement agencies, and military personnel, GhostSec said, noting that its intention of exposing FANAP is "in the interests of the Iranian people, but also in the interests of protecting the privacy of each and every one of us." @Engineer_Computer

Hackers Target High-Privileged Okta Accounts via Help Desk The hackers then access compromised accounts using anonymizing proxy services and an IP and device not previously associated with the user account "to abuse legitimate identity federation features that enabled them to impersonate users within the compromised organization," according to the post. @Engineer_Computer