InfoSecTube
رفتن به کانال در Telegram
Subscribe to this channel if… you enjoy fun and educational videos about technology & CyberSecurity & ... YouTube Channel: http://youtube.com/c/InfoSecTube Contact: t.me/InfoSecTube?direct @InfoSecTube_Bot
نمایش بیشتر1 729
مشترکین
+124 ساعت
+17 روز
+1630 روز
در حال بارگیری داده...
کانالهای مشابه
ابر برچسبها
اشارات ورودی و خروجی
---
---
---
---
---
---
جذب مشترکین
ژوئیه '26
ژوئیه '26
+12
در 0 کانالها
ژوئن '26
+38
در 0 کانالها
Get PRO
مه '26
+24
در 0 کانالها
Get PRO
آوریل '26
+15
در 0 کانالها
Get PRO
مارس '26
+17
در 0 کانالها
Get PRO
فوریه '26
+31
در 0 کانالها
Get PRO
ژانویه '26
+17
در 0 کانالها
Get PRO
دسامبر '25
+37
در 0 کانالها
Get PRO
نوامبر '25
+39
در 0 کانالها
Get PRO
اکتبر '25
+12
در 0 کانالها
Get PRO
سپتامبر '25
+16
در 0 کانالها
Get PRO
اوت '25
+28
در 0 کانالها
Get PRO
ژوئیه '25
+21
در 0 کانالها
Get PRO
ژوئن '25
+18
در 0 کانالها
Get PRO
مه '25
+24
در 0 کانالها
Get PRO
آوریل '25
+12
در 0 کانالها
Get PRO
مارس '25
+14
در 0 کانالها
Get PRO
فوریه '25
+14
در 0 کانالها
Get PRO
ژانویه '25
+14
در 0 کانالها
Get PRO
دسامبر '24
+29
در 0 کانالها
Get PRO
نوامبر '24
+42
در 0 کانالها
Get PRO
اکتبر '24
+60
در 1 کانالها
Get PRO
سپتامبر '24
+27
در 0 کانالها
Get PRO
اوت '24
+44
در 0 کانالها
Get PRO
ژوئیه '24
+19
در 0 کانالها
Get PRO
ژوئن '24
+34
در 0 کانالها
Get PRO
مه '24
+35
در 0 کانالها
Get PRO
آوریل '24
+42
در 1 کانالها
Get PRO
مارس '24
+54
در 3 کانالها
Get PRO
فوریه '24
+71
در 0 کانالها
Get PRO
ژانویه '24
+81
در 0 کانالها
Get PRO
دسامبر '23
+69
در 0 کانالها
Get PRO
نوامبر '23
+24
در 0 کانالها
Get PRO
اکتبر '23
+33
در 0 کانالها
Get PRO
سپتامبر '23
+71
در 0 کانالها
Get PRO
اوت '23
+42
در 0 کانالها
Get PRO
ژوئیه '23
+24
در 0 کانالها
Get PRO
ژوئن '23
+26
در 0 کانالها
Get PRO
مه '23
+26
در 0 کانالها
Get PRO
آوریل '23
+22
در 0 کانالها
Get PRO
مارس '23
+27
در 0 کانالها
Get PRO
فوریه '23
+23
در 0 کانالها
Get PRO
ژانویه '23
+27
در 0 کانالها
Get PRO
دسامبر '22
+34
در 0 کانالها
Get PRO
نوامبر '22
+111
در 0 کانالها
Get PRO
اکتبر '22
+41
در 0 کانالها
Get PRO
سپتامبر '22
+51
در 0 کانالها
Get PRO
اوت '22
+58
در 0 کانالها
Get PRO
ژوئیه '22
+45
در 0 کانالها
Get PRO
ژوئن '22
+51
در 0 کانالها
Get PRO
مه '22
+22
در 0 کانالها
Get PRO
آوریل '22
+37
در 0 کانالها
Get PRO
مارس '22
+12
در 0 کانالها
Get PRO
فوریه '22
+29
در 0 کانالها
Get PRO
ژانویه '22
+23
در 0 کانالها
Get PRO
دسامبر '21
+28
در 0 کانالها
Get PRO
نوامبر '21
+22
در 0 کانالها
Get PRO
اکتبر '21
+35
در 0 کانالها
Get PRO
سپتامبر '21
+36
در 0 کانالها
Get PRO
اوت '21
+73
در 0 کانالها
Get PRO
ژوئیه '21
+36
در 0 کانالها
Get PRO
ژوئن '21
+24
در 0 کانالها
Get PRO
مه '21
+26
در 0 کانالها
Get PRO
آوریل '21
+30
در 0 کانالها
Get PRO
مارس '21
+62
در 0 کانالها
Get PRO
فوریه '21
+39
در 0 کانالها
Get PRO
ژانویه '21
+60
در 0 کانالها
Get PRO
دسامبر '20
+867
در 0 کانالها
| تاریخ | رشد مشترکین | اشارات | کانالها | |
| 11 ژوئیه | +1 | |||
| 10 ژوئیه | +1 | |||
| 09 ژوئیه | +1 | |||
| 08 ژوئیه | +2 | |||
| 07 ژوئیه | +2 | |||
| 06 ژوئیه | 0 | |||
| 05 ژوئیه | +1 | |||
| 04 ژوئیه | +2 | |||
| 03 ژوئیه | 0 | |||
| 02 ژوئیه | +2 | |||
| 01 ژوئیه | 0 |
پستهای کانال
🎯 What is a Supply Chain Attack?
A Supply Chain Attack compromises a trusted vendor or library to reach the actual target. SolarWinds hit 18,000+ orgs. MOVEit hit 2,500+. Log4Shell hit millions of Java apps. One vendor = thousands of victims.
🔍 How it works:
1. Attacker compromises a trusted vendor
2. Injects malicious code into a legitimate update
3. Victim installs "trusted" software
4. Backdoor deployed → lateral movement
5. Cascade effect across all customers
Common Attack Surfaces:
- Software vendors (SolarWinds, Kaseya)
- Open source libraries (npm, PyPI, Maven)
- CI/CD pipelines (Codecov)
- Container images (3CX)
- MSPs and IT providers
Famous Cases:
- SolarWinds (2020) — 18,000+ orgs
- MOVEit (2023) — 2,500+ orgs
- Log4Shell (2021) — millions of Java apps
- Kaseya (2021) — 1,500+ MSPs
⚠️ Why dangerous:
- Bypasses defenses (trusted software)
- Massive blast radius
- Hard to detect
- 10x cost vs direct attack
💡 Defense:
- SBOM — know your dependencies
- SLSA — secure build framework
- Sigstore — sign and verify packages
- SCA tools — Snyk, Dependabot
- Vendor audits — SOC 2, SIG
- Zero Trust — assume compromise
- Network segmentation
💡 Bottom line: You are only as secure as your weakest vendor. Every modern app has hundreds of dependencies. Verify everything.
#SupplyChainAttack #CyberSecurity #InfoSec #SBOM #ZeroTrust #InfoSecTube
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
| 2 | - Email security gateway — block malicious links
- Web proxy / TLS inspection — analyze traffic
- DNS sinkholing — block C2 callbacks
- Behavioral detection — exploit kit behaviors
- HIPS / System call filtering — block shellcode
- Memory protections:
- MFA on email — prevent account-driven downloads
- Backup strategy — 3-2-1 immutable backups
- Incident response plan — exploit detected, isolate fast
- Honeypot / canary — detect early intrusion
⚠️ Critical Insight:
Exploit kits now target browsers directly (no plugins). Chrome, Edge, Firefox, Safari have all had 0-day chains. Patching within 14 days is the absolute minimum. Browser isolation is the gold standard for high-risk users. Ad blockers eliminate 80%+ of risk from legitimate sites.
🚨 The 2024 Reality:
Exploit kits target unpatched browsers and Office (per Microsoft 2024). Malvertising is the #1 drive-by vector (50%+ of attacks). Mobile drive-by is rising (targeting Chrome on Android). WebAssembly cryptominers are extremely common. Compromised ad networks (Taboola, Outbrain) deliver malware. Supply chain watering holes (CDN compromise) hit thousands of sites at once.
⚠️ The Truth:
Just visiting a site is dangerous in 2024. Watering-hole attacks, malvertising, and supply chain compromises (CDN, plugin) affect legitimate sites daily. Browser isolation + ad blocker + patches + EDR is the modern minimum. Zero-trust browsing is the future.
#DriveBy #Malvertising #ExploitKit #CyberSecurity #InfoSec #BrowserSecurity #InfoSecTube
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us | 152 |
| 3 | 🎯 What is a Drive-By Download Attack?
A Drive-By Download Attack infects a victim's device with malware without any user action — no clicks, no file execution, just visiting a website. Modern versions leverage 0-day browser exploits, malicious ads (malvertising), compromised CDNs, and watering-hole attacks. They target unpatched browsers, plugins, and OS components. This is the #1 malware delivery method for ransomware, RATs, and cryptominers.
🔍 How it works:
1. 🎯 Attacker compromises website or injects malicious ad
2. 🌐 Victim visits legitimate (or spoofed) site
3. 💥 Exploit kit profiles browser/plugins/OS version
4. 💉 Delivers targeted exploit (Flash, Java, browser, OS)
5. 📥 Downloads and executes malware silently
6. 🕵️ Persistence established — RAT, ransomware, miner
Attack Chain:
Compromised Site / Malvertising
↓
Exploit Kit Landing Page (RIG, Magnitude, Fallout, Spelevo, etc.)
↓
Browser/Plugin Fingerprinting
↓
Vulnerability Selection (CVE-2024-...)
↓
Exploit Delivery (JavaScript, Flash, browser)
↓
Payload Drop (PE, HTA, MSI, JS)
↓
Execution / Persistence / C2
Common Exploit Kit Tactics:
Tactic | Mechanism
Browser exploits | Chrome, Firefox, Edge, Safari 0-days
Plugin exploits | Flash (legacy), Java (legacy), Office
OS exploits | Win32k, PrintNightmare, kernel bugs
Office exploits | Macros, OLE, equation editor, Follina
Media exploits | Codec vulnerabilities, image parsers
Font exploits | GDI+, Win32k font rendering
Browser extensions | Malicious ad blockers, VPNs, AI tools
WebAssembly | WASM cryptominers, obfuscation
Service workers | Persistent cache, push notifications
Exploit Kit History:
Kit | Era | Notable
Blackhole | 2010-2013 | Most popular ever
Phoenix | 2013-2014 | EKE lead
Angler | 2013-2016 | Pioneered 0-days
Neutrino | 2013-2017 | Cheap, effective
Magnitude | 2014-2018 | Asian markets
RIG | 2014-2022 | Long-running
Fallout | 2018-2020 | Modern era
Spelevo | 2019-2020 | Banking focus
Cobalt Strike | Still active | Adversary simulation
Underminer | 2019-2021 | Hidden Bee
KaiXin | 2018-2020 | Asia-Pacific
Disdain | 2020+ | Modern EK
PS5Bot/PS5Miner | 2020+ | Gaming focus
Famous Real-World Cases:
- Yahoo (2013-2014) — malvertising on Yahoo.com
- Spotify (2016) — malvertising redirect
- The New York Times (2009) — malvertising via NYTimes.com
- BBC (2010) — fake BBC banner ads
- MSN.com (2018) — malvertising on MSN
- Equifax-like watering hole (2017) — watering hole, A9
- Darkhotel — hotel Wi-Fi watering hole in Asia
- Hacking Team (2015) — watering hole via Flash 0-day
- Voatz (2019) — election voting app breach
- CCleaner (2017) — supply chain compromise
- HandBrake mirror (2017) — 3-day supply chain breach
- ASUS Live Update (2018) — supply chain — 1M+ victims
- Apple Xcode* (2015 — XcodeGhost) — iOS malware
⚠️ Why it's dangerous:
– Zero user action — just visit the site
– Trust exploitation — victims browse legitimate sites
– Massive reach — millions of daily visitors
– Persistence — survives browser close
– Drops ransomware/RATs — full compromise
– Hard to detect — looks like normal browsing
💡 Defense Tips:
- Keep browsers patched — auto-update enabled:
- Keep OS patched — Monthly Patch Tuesday:
- Uninstall legacy plugins:
- Browser isolation — sandbox rendering:
- Reputation-based URL filtering:
- Ad blockers — reduce malvertising:
- Script blockers — control JavaScript:
- EDR with browser exploit detection:
- DNS-layer security:
- Network protection / NGFW:
- Email link sandboxing — before click:
- Application allowlisting:
- Browser sandbox — Chrome, Edge sandbox:
- Disabling risky features:
- Site isolation — Chromium feature:
- MITRE ATT&CK coverage:
- Patch management — within 14 days of CVEs
- Virtual patching — WAF / IPS for unpatched systems
- Threat intelligence — known exploit kit TTP
- Security awareness training — recognize malicious redirects
- Disable autorun for removable media
- Restricted browsing on critical systems
- Network segmentation — browsing in DMZ
- Vulnerability management program — proactive
- Browser hardening baselines: | 119 |
| 4 | iPad Pro M5 11" & Apple Pencil Pro Unboxing
Link
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us | 255 |
| 5 | 🎯 What is Front-Running?
Front-Running in blockchain is when a malicious actor observes a pending transaction in the mempool and pays higher gas fees to get their own transaction processed first. It's the on-chain version of insider trading, where attackers exploit the transparent nature of public blockchains to profit from others' trades. This is particularly rampant in DeFi, NFT launches, and MEV (Maximal Extractable Value) extraction.
🔍 How it works:
1. 📝 User submits a transaction (e.g., large swap on Uniswap).
2. 👀 Transaction sits in the mempool (waiting area, public).
3. 🤖 Bots scan the mempool for profitable opportunities.
4. 🔍 Bot finds a large buy order → price will go up.
5. ⛽ Bot submits same transaction with higher gas.
6. 🏃 Bot's transaction is processed first.
7. 📈 Bot buys before the user's transaction.
8. 📊 User's transaction executes → price rises.
9. 💰 Bot immediately sells → takes the profit.
10. 💸 User gets worse price (slippage).
Common Attack Types:
• Displacement — replace victim's transaction
• Insertion — sandwich victim's tx with buy/sell
• Suppression — block victim's transaction
• Replay — copy profitable transactions
• Time-bandit — rewrite recent blocks
• Back-running — profit from same block
MEV (Maximal Extractable Value):
MEV refers to the maximum value a miner/validator/sequencer can extract by reordering, inserting, or censoring transactions within blocks. It's a multi-billion dollar industry:
• Arbitrage — DEX price differences
• Liquidations — protocol liquidations
• Sandwich attacks — front-run + back-run
• NFT sniping — rare NFT mint snipes
• Uncle-bandit attacks — competing for blocks
Real Examples:
• Mev3th.eth (2024) — millions in MEV extracted
• Sandwich bots* — billions yearly
• Flashbots* — formalized MEV extraction
• Bancor attack (2022) — $23M front-run vulnerability
• PancakeSwap sniper bots — hundreds daily
• NFT mint snipes — millions in gas wars
⚠️ Why it's dangerous:
– Users get worse prices (slippage)
– Funds extracted from regular traders
– Network congestion (gas wars)
– Reduces DeFi fairness
– Ethereum gas price spikes
– Centralization of validators
💡 Defense Tips:
– Private mempools — Flashbots Protect, MEV-Blocker
– Slippage limits — set tight tolerance
– Commit-reveal schemes — hide trade details
– Batch auctions — CoW Protocol, MEV-resistant DEXes
• Threshold encryption — encrypt transactions before inclusion
• Use MEV-aware RPC endpoints — Flashbots
• Submarine sends — delayed transaction reveal
• Randomized gas fees — less predictable ordering
• L2 solutions — different sequencing models
• Use limit orders — avoid market orders
• Avoid large visible trades — split into smaller orders
• Time-sensitive transactions — off-peak hours
• Trusted oracles — reduce front-running opportunities
• Slippage protection — DEX aggregators
• MEV-Share — users capture their MEV
#FrontRunning #MEV #DeFi #Web3 #CryptoSecurity #Blockchain #InfoSec #SandwichAttack #InfoSecTube #Web3Security
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us | 245 |
| 6 | 📝 #مقاله یک روش برای generative future video modeling معرفی میکند؛ یعنی مدلی که با دیدن چند فریم گذشته، چند آینده محتمل را پیشبینی کند. ایده اصلی این است که بهجای نمایش هر فریم با تعداد زیادی توکن فضایی، تغییر بین دو فریم پیاپی را فقط با یک توکن دلتا نمایش بدهیم. این توکنساز DeltaTok نام دارد و مدل نهایی DeltaWorld است. 🤖🎬
مدلهای پیشبینی آینده معمولاً دو مشکل دارند: یا discriminative هستند و فقط یک آینده میانگینشده تولید میکنند، یا اگر مولد باشند، مثل diffusion یا autoregressive video models، بسیار پرهزینهاند و برای هر نمونه آینده به چندین forward pass نیاز دارند. مقاله میگوید در کاربردهایی مثل خودرو خودران 🚗، یک پیشبینی واحد کافی نیست، چون آینده چندین حالت ممکن دارد.
ایده DeltaTok بهجای فشردهکردن کل فریم، فقط تفاوت ویژگیهای دو فریم پیاپی را فشرده میکند. فریمها ابتدا با یک Vision Foundation Model مثل DINOv3 به فضای feature تبدیل میشوند؛ سپس DeltaTok از ویژگیهای فریم قبلی و فعلی، یک delta token میسازد که نشان میدهد چگونه باید ویژگیهای فریم قبلی به فریم فعلی تبدیل شوند. دیکودر هم با گرفتن فریم قبلی و همین توکن، ویژگیهای فریم جدید را بازسازی میکند. 🔍🔄
اگر پیشبینی در فضای feature انجام شود و فقط تغییر بین فریمها مدل شود، یک توکن برای هر فریم میتواند کافی باشد. نتیجه، مدلی است که چند آینده محتمل تولید میکند، اما بسیار سبکتر و سریعتر از world modelهای مولد رایج است. ⚡️✨
🔸 A Frame is Worth One Token: Efficient Generative World Modeling with Delta Tokens
#مدلهای_بنیادی #مدل_مولد #هوش_مصنوعی #بینایی_مدل_بنیادی #پردازش_تصویر #پردازش_فیلم
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us | 221 |
| 7 | 🎯 What is an Oracle Manipulation Attack?
An Oracle Manipulation Attack is a DeFi exploit where attackers manipulate the price data that smart contracts rely on. Oracles feed external data (like token prices) into blockchains — and when these oracles are compromised or manipulated, attackers can trick protocols into valuing assets incorrectly to drain millions in funds.
🔍 How it works:
1. 📊 The DeFi protocol relies on an oracle for token prices:• Chainlink (most secure)
• Uniswap TWAP (time-weighted average price)
• Custom oracles (vulnerable)
2. 🔍 Attacker identifies a manipulation vector:• Low liquidity pools (easy to move price)
• Single-source oracles
• Spot price oracles (no TWAP)
• Flash loan accessible pools
3. 💰 Attacker takes a flash loan (no collateral needed).
4. 🏊 They dump massive amounts of tokens into a low-liquidity pool:• Pool reserves get skewed
• Price calculation returns inflated value
5. 🏦 They deposit the now-inflated "valuable" tokens as collateral.
6. 💸 They borrow the maximum amount against inflated collateral.
7. 💵 They repay the flash loan with profits, pocketing the difference.
Types of Oracle Attacks:
• Spot price manipulation — manipulate immediate price
• TWAP manipulation — manipulate over time (harder)
• Multi-pool manipulation — use cross-pool relationships
• Liquidity pool drain — remove liquidity to skew price
• Chainlink delay — exploit heartbeat delays
Real Examples:
• Cream Finance (2021) — $130M via price oracle manipulation
• Harvest Finance (2020) — $24M flash loan oracle attack
• bZx Protocol (2020) — $1M oracle manipulation
• Mango Markets (2022) — $114M via price manipulation
• Inverse Finance (2022) — $15M oracle exploit
⚠️ Why it's dangerous:
– Can drain entire protocols in one transaction
– Hard to detect in real-time
– Exploits fundamental DeFi assumption (price truth)
– Devastating financial impact
💡 Defense Tips:
– Use Chainlink oracles — decentralized, multi-source
– Implement TWAP — time-weighted average prices
– Circuit breakers — pause on extreme price moves
• Multiple oracle sources — don't rely on one feed
• Liquidity checks — require minimum pool depth
• Sanity checks — reject prices outside reasonable bounds
• Manipulation-resistant design — avoid spot price usage
• Time-lock large operations — delays allow detection
• Monitor on-chain metrics — alert on suspicious activity
• Decentralized oracle networks — multiple independent reporters
#CryptoSecurity #OracleManipulation #DeFi #FlashLoan #PriceOracle #BlockchainHacks #Ethereum #InfoSec #InfoSecTube #Web3Security
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us | 207 |
| 8 | 🎯 What is a Man-in-the-Middle (MITM) Attack?
A Man-in-the-Middle (MITM) Attack is a network security attack where attackers secretly intercept and relay communications between two parties who believe they're communicating directly. This allows them to eavesdrop, steal data, or manipulate transactions in real-time.
🔍 How it works:
1. 🎣 The attacker positions themselves between the victim and the target:• ARP spoofing — sends fake ARP messages to link attacker MAC to victim IP
• DNS poisoning — redirects domain to attacker-controlled IP
• WiFi eavesdropping — creates malicious hotspots
• SSL stripping — downgrades HTTPS to HTTP
2. 🔓 The victim connects through the attacker's device.
3. 📡 All traffic flows through the attacker:• Eavesdropping — reading unencrypted traffic
• Data theft — extracting credentials, session tokens
• Modification — altering transaction data
• Injection — adding malicious code to responses
4. 💰 The attacker can:• Steal banking credentials
• Hijack sessions
• Modify payments
• Inject malware
Types:
• ARP Poisoning — mapping attacker's MAC to victim's IP
• SSL Stripping — forcing HTTP instead of HTTPS
• WiFi Evil Twin — fake access points
• DNS Hijacking — poisoned DNS responses
• HTTPS Spoofing — fake certificates
Real Examples:
• Firesheep (2010) — session hijacking on public WiFi
• DigiNotar (2011) — fake SSL certificates
• Superfish (2015) — pre-installed root certificates
⚠️ Why it's dangerous:
– Silent interception
– Bypasses encryption if improperly implemented
– Enables credential theft
– Financial fraud vector
💡 Defense Tips:
– Use HTTPS — always verify certificates
– HSTS — HTTP Strict Transport Security
– Certificate pinning — validate specific certs
– VPN on public WiFi — encrypt all traffic
– DNSSEC — prevent DNS spoofing
– ARP spoofing detection — use detection tools
– Don't use public WiFi for sensitive transactions
#NetworkSecurity #MITM #CyberAttack #ArpPoisoning #InfoSec #InfoSecTube #Web3Security
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us | 226 |
| 9 | 🎯 What is an Overlay Attack (Android)?
An Overlay Attack is a type of Android malware that displays fake screens on top of legitimate apps to trick users into granting permissions or entering sensitive data. It's a classic mobile banking trojan technique.
🔍 How it works:
1. 📱 The victim installs a malicious app (often from third-party stores or phishing links).
2. 🛡 The malware requests SYSTEM_ALERT_WINDOW permission (or uses accessibility services).
3. 🎭 When the victim opens a target app (banking, crypto, social media), the malware:• Detects the app launch
• Overlays a fake login screen on top
• Disguises itself to look exactly like the real app
4. ⌨️ The user enters credentials or card details into the fake overlay.
5. 💰 The attacker captures the data and either:• Uses it to hijack the account
• Sells it on dark web markets
• Sends the victim to the real app (so they don't suspect anything)
Real Examples:
• BankBot trojan (2017) — targeted 400+ banking apps
• Anatsa (2022) — overlays for banking apps, stealing credentials and SMS
• Flyper — used overlay to bypass 2FA
⚠️ Why it's dangerous:
– Hard to detect — looks exactly like the real app
– Works even on updated Android versions
– Can overlay any app, not just banking
💡 Defense Tips:
– Only install apps from Google Play Store (check reviews, permissions)
– Review app permissions — deny SYSTEM_ALERT_WINDOW to unknown apps
– Use a mobile security/antivirus solution
– Enable Google Play Protect
– Be skeptical of apps asking for Accessibility Services
– Check URLs carefully — real banks use official domains
#AndroidSecurity #MobileSecurity #OverlayAttack #Malware #BankingTrojan #InfoSec #InfoSecTube #Web3Security
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us | 249 |
| 10 | 🎯 What is Oracle Manipulation?
Oracle Manipulation is an attack where attackers exploit price oracles — the data feeds that smart contracts rely on to get external information (like asset prices). By feeding false data, they trick protocols into making wrong decisions.
🔍 How it works:
1. 📡 DeFi protocols need external data (prices, exchange rates) — they rely on oracles.
2. 🎭 An attacker manipulates the price on the source (e.g., a DEX) used by the oracle.
3. 📊 The oracle reports the manipulated price to the protocol.
4. 💰 The protocol acts on false data — enabling:• Liquidations: Trigger liquidations that shouldn't happen
• Borrowing abuse: Take out more loans than collateral allows
• Arbitrage: Profit from fake price differences
Common Oracle Types:
• Spot price oracles: Use DEX pair prices (vulnerable to manipulation)
• TWAP (Time-Weighted Average Price): More resistant — averages over time
• Chainlink: Decentralized, harder to manipulate
• Centralized APIs: Single point of failure
Real Example (Harvest Finance, 2020):
Attackers manipulated the USDC/USDT curve to trick the oracle, draining $33M from the protocol.
⚠️ Why it's dangerous:
– Oracles are a single point of failure
– Many protocols still use spot prices
💡 Defense Tips:
– Use TWAP oracles instead of spot prices
– Implement multi-oracle aggregation (Chainlink, Band Protocol)
– Add price deviation thresholds — pause if prices move too fast
– Use decay functions to smooth out sudden spikes
#CryptoSecurity #OracleManipulation #DeFi #SmartContracts #Ethereum #InfoSec #InfoSecTube #Web3Security
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us | 204 |
| 11 | 🎯 What is Front-Running?
Front-Running is a practice where someone exploits advance knowledge of pending transactions to profit at the expense of the original trader. It's especially common in DeFi and crypto markets.
🔍 How it works:
1. 👀 A trader submits a transaction (e.g., swap on a DEX).
2. 🔍 A miner, bot, or validator sees the pending transaction in the mempool.
3. 💰 They submit their own transaction with a higher gas fee to get mined first.
4. 📈 The attacker's transaction moves the market price before the victim's transaction executes.
5. 💸 The attacker profits from the price movement; the victim gets worse execution.
Variants:
• Gas front-running: Bumping gas fees to jump the queue
• Sandwich attacks: Placing orders both before AND after the victim's trade
• Oracle front-running: Manipulating price oracles before executing trades
Result?
🚨 The victim gets slippage; the attacker guaranteed-profit at someone else's expense.
⚠️ Common In: DEXs (Uniswap, PancakeSwap), NFT mints, liquidations
💡 Defense Tips:
– Use protected RPC mempools (e.g., Flashbots Protect)
– Set strict slippage limits
– Use batch auctions or MEV-resistant AMM designs
– Submit transactions privately (via cryptographic batching)
#CryptoSecurity #DeFi #FrontRunning #MEV #SandwichAttack #Ethereum #InfoSec #InfoSecTube #Web3Security
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us | 227 |
| 12 | Here's your new quiz:
🎯 What is a Flash Loan Attack?
A Flash Loan Attack is a type of DeFi exploit that allows attackers to borrow massive amounts of cryptocurrency without collateral — as long as the loan is repaid within a single blockchain transaction.
🔍 How it works:
1. 👀 The attacker identifies a vulnerable DeFi protocol (price oracle manipulation, arbitrage opportunity, etc.).
2. 💰 They take out a flash loan — borrowing millions in tokens instantly.
3. 🎯 Using the borrowed funds, they manipulate prices or exploit the protocol's logic (e.g., draining liquidity, manipulating an oracle).
4. 💸 They profit from the exploit.
5. 🔄 The loan is repaid in the same transaction — the blockchain treats it as if it never happened.
Result?
🚨 The attacker walks away with massive profits while the protocol suffers losses.
⚠️ Famous Example: The Cream Finance hack (2021) — attackers used flash loans to manipulate price oracles and stole $130 million.
💡 Defense Tips:
– Use Time-Weighted Average Price (TWAP) oracles instead of spot prices
– Implement proper collateralization ratios
– Add delays between large price updates
– Use decentralized oracles (e.g., Chainlink)
#CryptoSecurity #DeFi #BlockchainHacks #FlashLoans #MEV #Ethereum #InfoSec #InfoSecTube #Web3Security
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us | 267 |
| 13 | Here's your new quiz:
🎯 What is a Flash Loan Attack?
A Flash Loan Attack is a type of DeFi exploit that allows attackers to borrow massive amounts of cryptocurrency without collateral — as long as the loan is repaid within a single blockchain transaction.
🔍 How it works:
1. 👀 The attacker identifies a vulnerable DeFi protocol (price oracle manipulation, arbitrage opportunity, etc.).
2. 💰 They take out a flash loan — borrowing millions in tokens instantly.
3. 🎯 Using the borrowed funds, they manipulate prices or exploit the protocol's logic (e.g., draining liquidity, manipulating an oracle).
4. 💸 They profit from the exploit.
5. 🔄 The loan is repaid in the same transaction — the blockchain treats it as if it never happened.
Result?
🚨 The attacker walks away with massive profits while the protocol suffers losses.
⚠️ Famous Example: The Cream Finance hack (2021) — attackers used flash loans to manipulate price oracles and stole $130 million.
💡 Defense Tips:
– Use Time-Weighted Average Price (TWAP) oracles instead of spot prices
– Implement proper collateralization ratios
– Add delays between large price updates
– Use decentralized oracles (e.g., Chainlink)
#CryptoSecurity #DeFi #BlockchainHacks #FlashLoans #MEV #Ethereum #InfoSec #InfoSecTube #Web3Security
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us | 1 |
| 14 | 🛡️ What is a Reentrancy Attack?
A Reentrancy Attack is one of the most famous and dangerous smart contract vulnerabilities. It happens when a contract calls an external contract before finishing its own execution, allowing the external contract to "re-enter" and drain funds.
🔍 How it works:
1. 👀 The attacker calls a function in a vulnerable contract (e.g., withdraw()).
2. 💸 The vulnerable contract sends funds to the attacker's address.
3. 🔄 The attacker's contract has a fallback() function that immediately calls withdraw() again before the first transaction finishes.
4. 🔄 This repeats until the contract is drained.
Result?
🚨 The attacker can withdraw more funds than they actually deposited, often draining the entire contract.
⚠️ Famous Example: The DAO Hack (2016) — attackers exploited a reentrancy bug to steal ~$60 million worth of ETH.
💡 Defense Tips:
– Use the Checks-Effects-Interactions pattern
– Implement reentrancy guards (e.g., OpenZeppelin's ReentrancyGuard)
– Use pull over push payment patterns
#CryptoSecurity #DeFi #BlockchainHacks #SmartContracts #Ethereum #InfoSec #InfoSecTube #Web3Security
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
I've set up your daily quiz skill and reminder for 9:00 AM Toronto time. I'll generate a new one every day! 🔒
Want me to add an image to the post? You'll need to top up credits first (/credits) for image generation. | 257 |
| 15 | Here's your first quiz — ready to post:
🛡️ What is a Reentrancy Attack?
A Reentrancy Attack is one of the most famous and dangerous smart contract vulnerabilities. It happens when a contract calls an external contract before finishing its own execution, allowing the external contract to "re-enter" and drain funds.
🔍 How it works:
1. 👀 The attacker calls a function in a vulnerable contract (e.g., withdraw()).
2. 💸 The vulnerable contract sends funds to the attacker's address.
3. 🔄 The attacker's contract has a fallback() function that immediately calls withdraw() again before the first transaction finishes.
4. 🔄 This repeats until the contract is drained.
Result?
🚨 The attacker can withdraw more funds than they actually deposited, often draining the entire contract.
⚠️ Famous Example: The DAO Hack (2016) — attackers exploited a reentrancy bug to steal ~$60 million worth of ETH.
💡 Defense Tips:
– Use the Checks-Effects-Interactions pattern
– Implement reentrancy guards (e.g., OpenZeppelin's ReentrancyGuard)
– Use pull over push payment patterns
#CryptoSecurity #DeFi #BlockchainHacks #SmartContracts #Ethereum #InfoSec #InfoSecTube #Web3Security
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
Daily quiz is set for 9:00 AM Toronto time. 🔒 | 0 |
| 16 | 🚨 A third Linux kernel local-root flaw has been disclosed: Fragnesia. 🚨
Like Copy Fail & Dirty Frag, Fragnesia gives root on all major distributions. Every supported AlmaLinux release is affected.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us | 308 |
| 17 | New Video is uploaded! 🎬 Please subscribe to the YouTube channel to find the video and get notified for all! 🔔👇
🔗 [The Dark Side of BitLocker: TPM Exploits, Downgrade Attacks & CVE-2-2025-48804](https://www.youtube.com/watch?v=1dn6iLO7p0c)
🎯 [@InfoSecTube](https://t.me/InfoSecTube) 📌 [YouTube channel](https://www.youtube.com/@InfoSecTube?sub_confirmation=1) 🎁 [Boost Us](https://t.me/boost/infosectube) | 378 |
| 18 | The 4-Byte Flaw That Grants ROOT: Copy Fail CVE | InfoSecTube #CopyFail #CVE-2026-31431
Link:
https://youtu.be/y26XHCMVDb4
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us | 332 |
| 19 | 🚨 فوری: اگر از آیفون استفاده میکنید، همین حالا دستگاهتان را آپدیت کنید
گزارشهای اخیر نشان میدهد که FBI توانسته پیامهای حذفشده از اپلیکیشن رمزگذاریشده Signal را بازیابی کند—نه با شکستن رمزنگاری، بلکه از طریق یک ضعف در سیستم iOS.
آیفونها گاهی پیشنمایش اعلانها (متن پیام روی لاکاسکرین) را ذخیره میکنند. این دادهها حتی پس از حذف یا ناپدید شدن پیامها در یک دیتابیس داخلی باقی میماندند.
محققان با ابزارهای forensic به این دیتابیس دسترسی پیدا کردند و محتوای پیامها را از همان پیشنمایشها استخراج کردند—نه از خود Signal.
🍎 واکنش اپل:
اپل نسخه iOS 26.4.2 را منتشر کرده که:
۱-ذخیره نادرست اعلانها را متوقف میکند
۲-حذف خودکار دادههای حساس را بهبود میدهد | 0 |
| 20 | تمام کسایی که با اینترنت پرو وصل شدن، اومدن واسه ما دارن صحبت از این میکنن که لازم داشتیم و مجبور بودیم.
دیجیاتو توی یک یادداشتی جوابشون رو به خوبی داده.
ولی واقعا این نیست ارزش ما، شما بیکار بشینی خونه شرف داره به این که با منت و اینقدر گرون اینترنت بخری، تازه رو اونم محدودیت باشه.
یه بارم گفتم، این قطار به همه میرسه، همه بالاخره اینترنت پرو یه جوری گیرشون میاد،
ولی این چیزیه که میخوایم؟
دو ماه پیش همه دنبال آزادی بودن، حالا پی اینترنت، در آینده هم پی آب و غذا، ما داریم وارونه پیشرفت میکنیم...
خلاصه که با همین شرایط اگر پیش بره، باید روی اقتصاد دیجیتال یه قلم قرمز بگیریم. من روزهای سیاهی برای این جامعه میبینم.
@DevTwitter | 0 |
