fa
Feedback
InfoSecTube

InfoSecTube

رفتن به کانال در Telegram

Subscribe to this channel if… you enjoy fun and educational videos about technology & CyberSecurity & ... YouTube Channel: http://youtube.com/c/InfoSecTube Contact: t.me/InfoSecTube?direct @InfoSecTube_Bot

نمایش بیشتر
1 729
مشترکین
+124 ساعت
+17 روز
+1630 روز

در حال بارگیری داده...

جذب مشترکین
ژوئیه '26
ژوئیه '26
+12
در 0 کانال‌ها
ژوئن '26
+38
در 0 کانال‌ها
Get PRO
مه '26
+24
در 0 کانال‌ها
Get PRO
آوریل '26
+15
در 0 کانال‌ها
Get PRO
مارس '26
+17
در 0 کانال‌ها
Get PRO
فوریه '26
+31
در 0 کانال‌ها
Get PRO
ژانویه '26
+17
در 0 کانال‌ها
Get PRO
دسامبر '25
+37
در 0 کانال‌ها
Get PRO
نوامبر '25
+39
در 0 کانال‌ها
Get PRO
اکتبر '25
+12
در 0 کانال‌ها
Get PRO
سپتامبر '25
+16
در 0 کانال‌ها
Get PRO
اوت '25
+28
در 0 کانال‌ها
Get PRO
ژوئیه '25
+21
در 0 کانال‌ها
Get PRO
ژوئن '25
+18
در 0 کانال‌ها
Get PRO
مه '25
+24
در 0 کانال‌ها
Get PRO
آوریل '25
+12
در 0 کانال‌ها
Get PRO
مارس '25
+14
در 0 کانال‌ها
Get PRO
فوریه '25
+14
در 0 کانال‌ها
Get PRO
ژانویه '25
+14
در 0 کانال‌ها
Get PRO
دسامبر '24
+29
در 0 کانال‌ها
Get PRO
نوامبر '24
+42
در 0 کانال‌ها
Get PRO
اکتبر '24
+60
در 1 کانال‌ها
Get PRO
سپتامبر '24
+27
در 0 کانال‌ها
Get PRO
اوت '24
+44
در 0 کانال‌ها
Get PRO
ژوئیه '24
+19
در 0 کانال‌ها
Get PRO
ژوئن '24
+34
در 0 کانال‌ها
Get PRO
مه '24
+35
در 0 کانال‌ها
Get PRO
آوریل '24
+42
در 1 کانال‌ها
Get PRO
مارس '24
+54
در 3 کانال‌ها
Get PRO
فوریه '24
+71
در 0 کانال‌ها
Get PRO
ژانویه '24
+81
در 0 کانال‌ها
Get PRO
دسامبر '23
+69
در 0 کانال‌ها
Get PRO
نوامبر '23
+24
در 0 کانال‌ها
Get PRO
اکتبر '23
+33
در 0 کانال‌ها
Get PRO
سپتامبر '23
+71
در 0 کانال‌ها
Get PRO
اوت '23
+42
در 0 کانال‌ها
Get PRO
ژوئیه '23
+24
در 0 کانال‌ها
Get PRO
ژوئن '23
+26
در 0 کانال‌ها
Get PRO
مه '23
+26
در 0 کانال‌ها
Get PRO
آوریل '23
+22
در 0 کانال‌ها
Get PRO
مارس '23
+27
در 0 کانال‌ها
Get PRO
فوریه '23
+23
در 0 کانال‌ها
Get PRO
ژانویه '23
+27
در 0 کانال‌ها
Get PRO
دسامبر '22
+34
در 0 کانال‌ها
Get PRO
نوامبر '22
+111
در 0 کانال‌ها
Get PRO
اکتبر '22
+41
در 0 کانال‌ها
Get PRO
سپتامبر '22
+51
در 0 کانال‌ها
Get PRO
اوت '22
+58
در 0 کانال‌ها
Get PRO
ژوئیه '22
+45
در 0 کانال‌ها
Get PRO
ژوئن '22
+51
در 0 کانال‌ها
Get PRO
مه '22
+22
در 0 کانال‌ها
Get PRO
آوریل '22
+37
در 0 کانال‌ها
Get PRO
مارس '22
+12
در 0 کانال‌ها
Get PRO
فوریه '22
+29
در 0 کانال‌ها
Get PRO
ژانویه '22
+23
در 0 کانال‌ها
Get PRO
دسامبر '21
+28
در 0 کانال‌ها
Get PRO
نوامبر '21
+22
در 0 کانال‌ها
Get PRO
اکتبر '21
+35
در 0 کانال‌ها
Get PRO
سپتامبر '21
+36
در 0 کانال‌ها
Get PRO
اوت '21
+73
در 0 کانال‌ها
Get PRO
ژوئیه '21
+36
در 0 کانال‌ها
Get PRO
ژوئن '21
+24
در 0 کانال‌ها
Get PRO
مه '21
+26
در 0 کانال‌ها
Get PRO
آوریل '21
+30
در 0 کانال‌ها
Get PRO
مارس '21
+62
در 0 کانال‌ها
Get PRO
فوریه '21
+39
در 0 کانال‌ها
Get PRO
ژانویه '21
+60
در 0 کانال‌ها
Get PRO
دسامبر '20
+867
در 0 کانال‌ها
تاریخ
رشد مشترکین
اشارات
کانال‌ها
11 ژوئیه+1
10 ژوئیه+1
09 ژوئیه+1
08 ژوئیه+2
07 ژوئیه+2
06 ژوئیه0
05 ژوئیه+1
04 ژوئیه+2
03 ژوئیه0
02 ژوئیه+2
01 ژوئیه0
پست‌های کانال
🎯 What is a Supply Chain Attack? A Supply Chain Attack compromises a trusted vendor or library to reach the actual target. SolarWinds hit 18,000+ orgs. MOVEit hit 2,500+. Log4Shell hit millions of Java apps. One vendor = thousands of victims. 🔍 How it works: 1. Attacker compromises a trusted vendor 2. Injects malicious code into a legitimate update 3. Victim installs "trusted" software 4. Backdoor deployed → lateral movement 5. Cascade effect across all customers Common Attack Surfaces: - Software vendors (SolarWinds, Kaseya) - Open source libraries (npm, PyPI, Maven) - CI/CD pipelines (Codecov) - Container images (3CX) - MSPs and IT providers Famous Cases: - SolarWinds (2020) — 18,000+ orgs - MOVEit (2023) — 2,500+ orgs - Log4Shell (2021) — millions of Java apps - Kaseya (2021) — 1,500+ MSPs ⚠️ Why dangerous: - Bypasses defenses (trusted software) - Massive blast radius - Hard to detect - 10x cost vs direct attack 💡 Defense: - SBOM — know your dependencies - SLSA — secure build framework - Sigstore — sign and verify packages - SCA tools — Snyk, Dependabot - Vendor audits — SOC 2, SIG - Zero Trust — assume compromise - Network segmentation 💡 Bottom line: You are only as secure as your weakest vendor. Every modern app has hundreds of dependencies. Verify everything. #SupplyChainAttack #CyberSecurity #InfoSec #SBOM #ZeroTrust #InfoSecTube 🎯@InfoSecTube 📌YouTube channel 🎁Boost Us

2
- Email security gateway — block malicious links - Web proxy / TLS inspection — analyze traffic - DNS sinkholing — block C2 callbacks - Behavioral detection — exploit kit behaviors - HIPS / System call filtering — block shellcode - Memory protections: - MFA on email — prevent account-driven downloads - Backup strategy — 3-2-1 immutable backups - Incident response plan — exploit detected, isolate fast - Honeypot / canary — detect early intrusion ⚠️ Critical Insight: Exploit kits now target browsers directly (no plugins). Chrome, Edge, Firefox, Safari have all had 0-day chains. Patching within 14 days is the absolute minimum. Browser isolation is the gold standard for high-risk users. Ad blockers eliminate 80%+ of risk from legitimate sites. 🚨 The 2024 Reality: Exploit kits target unpatched browsers and Office (per Microsoft 2024). Malvertising is the #1 drive-by vector (50%+ of attacks). Mobile drive-by is rising (targeting Chrome on Android). WebAssembly cryptominers are extremely common. Compromised ad networks (Taboola, Outbrain) deliver malware. Supply chain watering holes (CDN compromise) hit thousands of sites at once. ⚠️ The Truth: Just visiting a site is dangerous in 2024. Watering-hole attacks, malvertising, and supply chain compromises (CDN, plugin) affect legitimate sites daily. Browser isolation + ad blocker + patches + EDR is the modern minimum. Zero-trust browsing is the future. #DriveBy #Malvertising #ExploitKit #CyberSecurity #InfoSec #BrowserSecurity #InfoSecTube 🎯@InfoSecTube 📌YouTube channel 🎁Boost Us
152
3
🎯 What is a Drive-By Download Attack? A Drive-By Download Attack infects a victim's device with malware without any user action — no clicks, no file execution, just visiting a website. Modern versions leverage 0-day browser exploits, malicious ads (malvertising), compromised CDNs, and watering-hole attacks. They target unpatched browsers, plugins, and OS components. This is the #1 malware delivery method for ransomware, RATs, and cryptominers. 🔍 How it works: 1. 🎯 Attacker compromises website or injects malicious ad 2. 🌐 Victim visits legitimate (or spoofed) site 3. 💥 Exploit kit profiles browser/plugins/OS version 4. 💉 Delivers targeted exploit (Flash, Java, browser, OS) 5. 📥 Downloads and executes malware silently 6. 🕵️ Persistence established — RAT, ransomware, miner Attack Chain: Compromised Site / Malvertising ↓ Exploit Kit Landing Page (RIG, Magnitude, Fallout, Spelevo, etc.) ↓ Browser/Plugin Fingerprinting ↓ Vulnerability Selection (CVE-2024-...) ↓ Exploit Delivery (JavaScript, Flash, browser) ↓ Payload Drop (PE, HTA, MSI, JS) ↓ Execution / Persistence / C2 Common Exploit Kit Tactics: Tactic | Mechanism Browser exploits | Chrome, Firefox, Edge, Safari 0-days Plugin exploits | Flash (legacy), Java (legacy), Office OS exploits | Win32k, PrintNightmare, kernel bugs Office exploits | Macros, OLE, equation editor, Follina Media exploits | Codec vulnerabilities, image parsers Font exploits | GDI+, Win32k font rendering Browser extensions | Malicious ad blockers, VPNs, AI tools WebAssembly | WASM cryptominers, obfuscation Service workers | Persistent cache, push notifications Exploit Kit History: Kit | Era | Notable Blackhole | 2010-2013 | Most popular ever Phoenix | 2013-2014 | EKE lead Angler | 2013-2016 | Pioneered 0-days Neutrino | 2013-2017 | Cheap, effective Magnitude | 2014-2018 | Asian markets RIG | 2014-2022 | Long-running Fallout | 2018-2020 | Modern era Spelevo | 2019-2020 | Banking focus Cobalt Strike | Still active | Adversary simulation Underminer | 2019-2021 | Hidden Bee KaiXin | 2018-2020 | Asia-Pacific Disdain | 2020+ | Modern EK PS5Bot/PS5Miner | 2020+ | Gaming focus Famous Real-World Cases: - Yahoo (2013-2014) — malvertising on Yahoo.com - Spotify (2016) — malvertising redirect - The New York Times (2009) — malvertising via NYTimes.com - BBC (2010) — fake BBC banner ads - MSN.com (2018) — malvertising on MSN - Equifax-like watering hole (2017) — watering hole, A9 - Darkhotel — hotel Wi-Fi watering hole in Asia - Hacking Team (2015) — watering hole via Flash 0-day - Voatz (2019) — election voting app breach - CCleaner (2017) — supply chain compromise - HandBrake mirror (2017) — 3-day supply chain breach - ASUS Live Update (2018) — supply chain — 1M+ victims - Apple Xcode* (2015 — XcodeGhost) — iOS malware ⚠️ Why it's dangerous: – Zero user action — just visit the site – Trust exploitation — victims browse legitimate sites – Massive reach — millions of daily visitors – Persistence — survives browser close – Drops ransomware/RATs — full compromise – Hard to detect — looks like normal browsing 💡 Defense Tips: - Keep browsers patched — auto-update enabled: - Keep OS patched — Monthly Patch Tuesday: - Uninstall legacy plugins: - Browser isolation — sandbox rendering: - Reputation-based URL filtering: - Ad blockers — reduce malvertising: - Script blockers — control JavaScript: - EDR with browser exploit detection: - DNS-layer security: - Network protection / NGFW: - Email link sandboxing — before click: - Application allowlisting: - Browser sandbox — Chrome, Edge sandbox: - Disabling risky features: - Site isolation — Chromium feature: - MITRE ATT&CK coverage: - Patch management — within 14 days of CVEs - Virtual patching — WAF / IPS for unpatched systems - Threat intelligence — known exploit kit TTP - Security awareness training — recognize malicious redirects - Disable autorun for removable media - Restricted browsing on critical systems - Network segmentation — browsing in DMZ - Vulnerability management program — proactive - Browser hardening baselines:
119
4
iPad Pro M5 11" & Apple Pencil Pro Unboxing Link 🎯@InfoSecTube 📌YouTube channel 🎁Boost Us
255
5
🎯 What is Front-Running? Front-Running in blockchain is when a malicious actor observes a pending transaction in the mempool and pays higher gas fees to get their own transaction processed first. It's the on-chain version of insider trading, where attackers exploit the transparent nature of public blockchains to profit from others' trades. This is particularly rampant in DeFi, NFT launches, and MEV (Maximal Extractable Value) extraction. 🔍 How it works: 1. 📝 User submits a transaction (e.g., large swap on Uniswap). 2. 👀 Transaction sits in the mempool (waiting area, public). 3. 🤖 Bots scan the mempool for profitable opportunities. 4. 🔍 Bot finds a large buy order → price will go up. 5. ⛽ Bot submits same transaction with higher gas. 6. 🏃 Bot's transaction is processed first. 7. 📈 Bot buys before the user's transaction. 8. 📊 User's transaction executes → price rises. 9. 💰 Bot immediately sells → takes the profit. 10. 💸 User gets worse price (slippage). Common Attack Types: • Displacement — replace victim's transaction • Insertion — sandwich victim's tx with buy/sell • Suppression — block victim's transaction • Replay — copy profitable transactions • Time-bandit — rewrite recent blocks • Back-running — profit from same block MEV (Maximal Extractable Value): MEV refers to the maximum value a miner/validator/sequencer can extract by reordering, inserting, or censoring transactions within blocks. It's a multi-billion dollar industry: • Arbitrage — DEX price differences • Liquidations — protocol liquidations • Sandwich attacks — front-run + back-run • NFT sniping — rare NFT mint snipes • Uncle-bandit attacks — competing for blocks Real Examples: • Mev3th.eth (2024) — millions in MEV extracted • Sandwich bots* — billions yearly • Flashbots* — formalized MEV extraction • Bancor attack (2022) — $23M front-run vulnerability • PancakeSwap sniper bots — hundreds daily • NFT mint snipes — millions in gas wars ⚠️ Why it's dangerous: – Users get worse prices (slippage) – Funds extracted from regular traders – Network congestion (gas wars) – Reduces DeFi fairness – Ethereum gas price spikes – Centralization of validators 💡 Defense Tips: – Private mempools — Flashbots Protect, MEV-Blocker – Slippage limits — set tight tolerance – Commit-reveal schemes — hide trade details – Batch auctions — CoW Protocol, MEV-resistant DEXes • Threshold encryption — encrypt transactions before inclusion • Use MEV-aware RPC endpoints — Flashbots • Submarine sends — delayed transaction reveal • Randomized gas fees — less predictable ordering • L2 solutions — different sequencing models • Use limit orders — avoid market orders • Avoid large visible trades — split into smaller orders • Time-sensitive transactions — off-peak hours • Trusted oracles — reduce front-running opportunities • Slippage protection — DEX aggregators • MEV-Share — users capture their MEV #FrontRunning #MEV #DeFi #Web3 #CryptoSecurity #Blockchain #InfoSec #SandwichAttack #InfoSecTube #Web3Security 🎯@InfoSecTube 📌YouTube channel 🎁Boost Us
245
6
📝 #مقاله یک روش برای generative future video modeling معرفی می‌کند؛ یعنی مدلی که با دیدن چند فریم گذشته، چند آینده محتمل را پیش‌بینی کند. ایده اصلی این است که به‌جای نمایش هر فریم با تعداد زیادی توکن فضایی، تغییر بین دو فریم پیاپی را فقط با یک توکن دلتا نمایش بدهیم. این توکن‌ساز DeltaTok نام دارد و مدل نهایی DeltaWorld است. 🤖🎬 مدل‌های پیش‌بینی آینده معمولاً دو مشکل دارند: یا discriminative هستند و فقط یک آینده میانگین‌شده تولید می‌کنند، یا اگر مولد باشند، مثل diffusion یا autoregressive video models، بسیار پرهزینه‌اند و برای هر نمونه آینده به چندین forward pass نیاز دارند. مقاله می‌گوید در کاربردهایی مثل خودرو خودران 🚗، یک پیش‌بینی واحد کافی نیست، چون آینده چندین حالت ممکن دارد. ایده DeltaTok به‌جای فشرده‌کردن کل فریم، فقط تفاوت ویژگی‌های دو فریم پیاپی را فشرده می‌کند. فریم‌ها ابتدا با یک Vision Foundation Model مثل DINOv3 به فضای feature تبدیل می‌شوند؛ سپس DeltaTok از ویژگی‌های فریم قبلی و فعلی، یک delta token می‌سازد که نشان می‌دهد چگونه باید ویژگی‌های فریم قبلی به فریم فعلی تبدیل شوند. دیکودر هم با گرفتن فریم قبلی و همین توکن، ویژگی‌های فریم جدید را بازسازی می‌کند. 🔍🔄 اگر پیش‌بینی در فضای feature انجام شود و فقط تغییر بین فریم‌ها مدل شود، یک توکن برای هر فریم می‌تواند کافی باشد. نتیجه، مدلی است که چند آینده محتمل تولید می‌کند، اما بسیار سبک‌تر و سریع‌تر از world modelهای مولد رایج است. ⚡️✨ 🔸 A Frame is Worth One Token: Efficient Generative World Modeling with Delta Tokens #مدلهای_بنیادی #مدل_مولد #هوش_مصنوعی #بینایی_مدل_بنیادی #پردازش_تصویر #پردازش_فیلم 🎯@InfoSecTube 📌YouTube channel 🎁Boost Us
221
7
🎯 What is an Oracle Manipulation Attack? An Oracle Manipulation Attack is a DeFi exploit where attackers manipulate the price data that smart contracts rely on. Oracles feed external data (like token prices) into blockchains — and when these oracles are compromised or manipulated, attackers can trick protocols into valuing assets incorrectly to drain millions in funds. 🔍 How it works: 1. 📊 The DeFi protocol relies on an oracle for token prices:• Chainlink (most secure) • Uniswap TWAP (time-weighted average price) • Custom oracles (vulnerable) 2. 🔍 Attacker identifies a manipulation vector:• Low liquidity pools (easy to move price) • Single-source oracles • Spot price oracles (no TWAP) • Flash loan accessible pools 3. 💰 Attacker takes a flash loan (no collateral needed). 4. 🏊 They dump massive amounts of tokens into a low-liquidity pool:• Pool reserves get skewed • Price calculation returns inflated value 5. 🏦 They deposit the now-inflated "valuable" tokens as collateral. 6. 💸 They borrow the maximum amount against inflated collateral. 7. 💵 They repay the flash loan with profits, pocketing the difference. Types of Oracle Attacks: • Spot price manipulation — manipulate immediate price • TWAP manipulation — manipulate over time (harder) • Multi-pool manipulation — use cross-pool relationships • Liquidity pool drain — remove liquidity to skew price • Chainlink delay — exploit heartbeat delays Real Examples: • Cream Finance (2021) — $130M via price oracle manipulation • Harvest Finance (2020) — $24M flash loan oracle attack • bZx Protocol (2020) — $1M oracle manipulation • Mango Markets (2022) — $114M via price manipulation • Inverse Finance (2022) — $15M oracle exploit ⚠️ Why it's dangerous: – Can drain entire protocols in one transaction – Hard to detect in real-time – Exploits fundamental DeFi assumption (price truth) – Devastating financial impact 💡 Defense Tips: – Use Chainlink oracles — decentralized, multi-source – Implement TWAP — time-weighted average prices – Circuit breakers — pause on extreme price moves • Multiple oracle sources — don't rely on one feed • Liquidity checks — require minimum pool depth • Sanity checks — reject prices outside reasonable bounds • Manipulation-resistant design — avoid spot price usage • Time-lock large operations — delays allow detection • Monitor on-chain metrics — alert on suspicious activity • Decentralized oracle networks — multiple independent reporters #CryptoSecurity #OracleManipulation #DeFi #FlashLoan #PriceOracle #BlockchainHacks #Ethereum #InfoSec #InfoSecTube #Web3Security 🎯@InfoSecTube 📌YouTube channel 🎁Boost Us
207
8
🎯 What is a Man-in-the-Middle (MITM) Attack? A Man-in-the-Middle (MITM) Attack is a network security attack where attackers secretly intercept and relay communications between two parties who believe they're communicating directly. This allows them to eavesdrop, steal data, or manipulate transactions in real-time. 🔍 How it works: 1. 🎣 The attacker positions themselves between the victim and the target:• ARP spoofing — sends fake ARP messages to link attacker MAC to victim IP • DNS poisoning — redirects domain to attacker-controlled IP • WiFi eavesdropping — creates malicious hotspots • SSL stripping — downgrades HTTPS to HTTP 2. 🔓 The victim connects through the attacker's device. 3. 📡 All traffic flows through the attacker:• Eavesdropping — reading unencrypted traffic • Data theft — extracting credentials, session tokens • Modification — altering transaction data • Injection — adding malicious code to responses 4. 💰 The attacker can:• Steal banking credentials • Hijack sessions • Modify payments • Inject malware Types: • ARP Poisoning — mapping attacker's MAC to victim's IP • SSL Stripping — forcing HTTP instead of HTTPS • WiFi Evil Twin — fake access points • DNS Hijacking — poisoned DNS responses • HTTPS Spoofing — fake certificates Real Examples: • Firesheep (2010) — session hijacking on public WiFi • DigiNotar (2011) — fake SSL certificates • Superfish (2015) — pre-installed root certificates ⚠️ Why it's dangerous: – Silent interception – Bypasses encryption if improperly implemented – Enables credential theft – Financial fraud vector 💡 Defense Tips: – Use HTTPS — always verify certificates – HSTS — HTTP Strict Transport Security – Certificate pinning — validate specific certs – VPN on public WiFi — encrypt all traffic – DNSSEC — prevent DNS spoofing – ARP spoofing detection — use detection tools – Don't use public WiFi for sensitive transactions #NetworkSecurity #MITM #CyberAttack #ArpPoisoning #InfoSec #InfoSecTube #Web3Security 🎯@InfoSecTube 📌YouTube channel 🎁Boost Us
226
9
🎯 What is an Overlay Attack (Android)? An Overlay Attack is a type of Android malware that displays fake screens on top of legitimate apps to trick users into granting permissions or entering sensitive data. It's a classic mobile banking trojan technique. 🔍 How it works: 1. 📱 The victim installs a malicious app (often from third-party stores or phishing links). 2. 🛡 The malware requests SYSTEM_ALERT_WINDOW permission (or uses accessibility services). 3. 🎭 When the victim opens a target app (banking, crypto, social media), the malware:• Detects the app launch • Overlays a fake login screen on top • Disguises itself to look exactly like the real app 4. ⌨️ The user enters credentials or card details into the fake overlay. 5. 💰 The attacker captures the data and either:• Uses it to hijack the account • Sells it on dark web markets • Sends the victim to the real app (so they don't suspect anything) Real Examples: • BankBot trojan (2017) — targeted 400+ banking apps • Anatsa (2022) — overlays for banking apps, stealing credentials and SMS • Flyper — used overlay to bypass 2FA ⚠️ Why it's dangerous: – Hard to detect — looks exactly like the real app – Works even on updated Android versions – Can overlay any app, not just banking 💡 Defense Tips: – Only install apps from Google Play Store (check reviews, permissions) – Review app permissions — deny SYSTEM_ALERT_WINDOW to unknown apps – Use a mobile security/antivirus solution – Enable Google Play Protect – Be skeptical of apps asking for Accessibility Services – Check URLs carefully — real banks use official domains #AndroidSecurity #MobileSecurity #OverlayAttack #Malware #BankingTrojan #InfoSec #InfoSecTube #Web3Security 🎯@InfoSecTube 📌YouTube channel 🎁Boost Us
249
10
🎯 What is Oracle Manipulation? Oracle Manipulation is an attack where attackers exploit price oracles — the data feeds that smart contracts rely on to get external information (like asset prices). By feeding false data, they trick protocols into making wrong decisions. 🔍 How it works: 1. 📡 DeFi protocols need external data (prices, exchange rates) — they rely on oracles. 2. 🎭 An attacker manipulates the price on the source (e.g., a DEX) used by the oracle. 3. 📊 The oracle reports the manipulated price to the protocol. 4. 💰 The protocol acts on false data — enabling:• Liquidations: Trigger liquidations that shouldn't happen • Borrowing abuse: Take out more loans than collateral allows • Arbitrage: Profit from fake price differences Common Oracle Types: • Spot price oracles: Use DEX pair prices (vulnerable to manipulation) • TWAP (Time-Weighted Average Price): More resistant — averages over time • Chainlink: Decentralized, harder to manipulate • Centralized APIs: Single point of failure Real Example (Harvest Finance, 2020): Attackers manipulated the USDC/USDT curve to trick the oracle, draining $33M from the protocol. ⚠️ Why it's dangerous: – Oracles are a single point of failure – Many protocols still use spot prices 💡 Defense Tips: – Use TWAP oracles instead of spot prices – Implement multi-oracle aggregation (Chainlink, Band Protocol) – Add price deviation thresholds — pause if prices move too fast – Use decay functions to smooth out sudden spikes #CryptoSecurity #OracleManipulation #DeFi #SmartContracts #Ethereum #InfoSec #InfoSecTube #Web3Security 🎯@InfoSecTube 📌YouTube channel 🎁Boost Us
204
11
🎯 What is Front-Running? Front-Running is a practice where someone exploits advance knowledge of pending transactions to profit at the expense of the original trader. It's especially common in DeFi and crypto markets. 🔍 How it works: 1. 👀 A trader submits a transaction (e.g., swap on a DEX). 2. 🔍 A miner, bot, or validator sees the pending transaction in the mempool. 3. 💰 They submit their own transaction with a higher gas fee to get mined first. 4. 📈 The attacker's transaction moves the market price before the victim's transaction executes. 5. 💸 The attacker profits from the price movement; the victim gets worse execution. Variants: • Gas front-running: Bumping gas fees to jump the queue • Sandwich attacks: Placing orders both before AND after the victim's trade • Oracle front-running: Manipulating price oracles before executing trades Result? 🚨 The victim gets slippage; the attacker guaranteed-profit at someone else's expense. ⚠️ Common In: DEXs (Uniswap, PancakeSwap), NFT mints, liquidations 💡 Defense Tips: – Use protected RPC mempools (e.g., Flashbots Protect) – Set strict slippage limits – Use batch auctions or MEV-resistant AMM designs – Submit transactions privately (via cryptographic batching) #CryptoSecurity #DeFi #FrontRunning #MEV #SandwichAttack #Ethereum #InfoSec #InfoSecTube #Web3Security 🎯@InfoSecTube 📌YouTube channel 🎁Boost Us
227
12
Here's your new quiz: 🎯 What is a Flash Loan Attack? A Flash Loan Attack is a type of DeFi exploit that allows attackers to borrow massive amounts of cryptocurrency without collateral — as long as the loan is repaid within a single blockchain transaction. 🔍 How it works: 1. 👀 The attacker identifies a vulnerable DeFi protocol (price oracle manipulation, arbitrage opportunity, etc.). 2. 💰 They take out a flash loan — borrowing millions in tokens instantly. 3. 🎯 Using the borrowed funds, they manipulate prices or exploit the protocol's logic (e.g., draining liquidity, manipulating an oracle). 4. 💸 They profit from the exploit. 5. 🔄 The loan is repaid in the same transaction — the blockchain treats it as if it never happened. Result? 🚨 The attacker walks away with massive profits while the protocol suffers losses. ⚠️ Famous Example: The Cream Finance hack (2021) — attackers used flash loans to manipulate price oracles and stole $130 million. 💡 Defense Tips: – Use Time-Weighted Average Price (TWAP) oracles instead of spot prices – Implement proper collateralization ratios – Add delays between large price updates – Use decentralized oracles (e.g., Chainlink) #CryptoSecurity #DeFi #BlockchainHacks #FlashLoans #MEV #Ethereum #InfoSec #InfoSecTube #Web3Security 🎯@InfoSecTube 📌YouTube channel 🎁Boost Us
267
13
Here's your new quiz: 🎯 What is a Flash Loan Attack? A Flash Loan Attack is a type of DeFi exploit that allows attackers to borrow massive amounts of cryptocurrency without collateral — as long as the loan is repaid within a single blockchain transaction. 🔍 How it works: 1. 👀 The attacker identifies a vulnerable DeFi protocol (price oracle manipulation, arbitrage opportunity, etc.). 2. 💰 They take out a flash loan — borrowing millions in tokens instantly. 3. 🎯 Using the borrowed funds, they manipulate prices or exploit the protocol's logic (e.g., draining liquidity, manipulating an oracle). 4. 💸 They profit from the exploit. 5. 🔄 The loan is repaid in the same transaction — the blockchain treats it as if it never happened. Result? 🚨 The attacker walks away with massive profits while the protocol suffers losses. ⚠️ Famous Example: The Cream Finance hack (2021) — attackers used flash loans to manipulate price oracles and stole $130 million. 💡 Defense Tips: – Use Time-Weighted Average Price (TWAP) oracles instead of spot prices – Implement proper collateralization ratios – Add delays between large price updates – Use decentralized oracles (e.g., Chainlink) #CryptoSecurity #DeFi #BlockchainHacks #FlashLoans #MEV #Ethereum #InfoSec #InfoSecTube #Web3Security 🎯@InfoSecTube 📌YouTube channel 🎁Boost Us
1
14
🛡️ What is a Reentrancy Attack? A Reentrancy Attack is one of the most famous and dangerous smart contract vulnerabilities. It happens when a contract calls an external contract before finishing its own execution, allowing the external contract to "re-enter" and drain funds. 🔍 How it works: 1. 👀 The attacker calls a function in a vulnerable contract (e.g., withdraw()). 2. 💸 The vulnerable contract sends funds to the attacker's address. 3. 🔄 The attacker's contract has a fallback() function that immediately calls withdraw() again before the first transaction finishes. 4. 🔄 This repeats until the contract is drained. Result? 🚨 The attacker can withdraw more funds than they actually deposited, often draining the entire contract. ⚠️ Famous Example: The DAO Hack (2016) — attackers exploited a reentrancy bug to steal ~$60 million worth of ETH. 💡 Defense Tips: – Use the Checks-Effects-Interactions pattern – Implement reentrancy guards (e.g., OpenZeppelin's ReentrancyGuard) – Use pull over push payment patterns #CryptoSecurity #DeFi #BlockchainHacks #SmartContracts #Ethereum #InfoSec #InfoSecTube #Web3Security 🎯@InfoSecTube 📌YouTube channel 🎁Boost Us I've set up your daily quiz skill and reminder for 9:00 AM Toronto time. I'll generate a new one every day! 🔒 Want me to add an image to the post? You'll need to top up credits first (/credits) for image generation.
257
15
Here's your first quiz — ready to post: 🛡️ What is a Reentrancy Attack? A Reentrancy Attack is one of the most famous and dangerous smart contract vulnerabilities. It happens when a contract calls an external contract before finishing its own execution, allowing the external contract to "re-enter" and drain funds. 🔍 How it works: 1. 👀 The attacker calls a function in a vulnerable contract (e.g., withdraw()). 2. 💸 The vulnerable contract sends funds to the attacker's address. 3. 🔄 The attacker's contract has a fallback() function that immediately calls withdraw() again before the first transaction finishes. 4. 🔄 This repeats until the contract is drained. Result? 🚨 The attacker can withdraw more funds than they actually deposited, often draining the entire contract. ⚠️ Famous Example: The DAO Hack (2016) — attackers exploited a reentrancy bug to steal ~$60 million worth of ETH. 💡 Defense Tips: – Use the Checks-Effects-Interactions pattern – Implement reentrancy guards (e.g., OpenZeppelin's ReentrancyGuard) – Use pull over push payment patterns #CryptoSecurity #DeFi #BlockchainHacks #SmartContracts #Ethereum #InfoSec #InfoSecTube #Web3Security 🎯@InfoSecTube 📌YouTube channel 🎁Boost Us Daily quiz is set for 9:00 AM Toronto time. 🔒
0
16
🚨 A third Linux kernel local-root flaw has been disclosed: Fragnesia. 🚨 Like Copy Fail & Dirty Frag, Fragnesia gives root on all major distributions. Every supported AlmaLinux release is affected. 🎯@InfoSecTube 📌YouTube channel 🎁Boost Us
308
17
New Video is uploaded! 🎬 Please subscribe to the YouTube channel to find the video and get notified for all! 🔔👇 🔗 [The Dark Side of BitLocker: TPM Exploits, Downgrade Attacks & CVE-2-2025-48804](https://www.youtube.com/watch?v=1dn6iLO7p0c) 🎯 [@InfoSecTube](https://t.me/InfoSecTube) 📌 [YouTube channel](https://www.youtube.com/@InfoSecTube?sub_confirmation=1) 🎁 [Boost Us](https://t.me/boost/infosectube)
378
18
The 4-Byte Flaw That Grants ROOT: Copy Fail CVE | InfoSecTube #CopyFail #CVE-2026-31431 Link: https://youtu.be/y26XHCMVDb4 🎯@InfoSecTube 📌YouTube channel 🎁Boost Us
332
19
‏🚨 فوری: اگر از آیفون استفاده می‌کنید، همین حالا دستگاه‌تان را آپدیت کنید گزارش‌های اخیر نشان می‌دهد که FBI توانسته پیام‌های حذف‌شده از اپلیکیشن رمزگذاری‌شده Signal را بازیابی کند—نه با شکستن رمزنگاری، بلکه از طریق یک ضعف در سیستم iOS. آیفون‌ها گاهی پیش‌نمایش اعلان‌ها (متن پیام روی لاک‌اسکرین) را ذخیره می‌کنند. این داده‌ها حتی پس از حذف یا ناپدید شدن پیام‌ها در یک دیتابیس داخلی باقی می‌ماندند. محققان با ابزارهای forensic به این دیتابیس دسترسی پیدا کردند و محتوای پیام‌ها را از همان پیش‌نمایش‌ها استخراج کردند—نه از خود Signal. 🍎 واکنش اپل: اپل نسخه iOS 26.4.2 را منتشر کرده که: ۱-ذخیره نادرست اعلان‌ها را متوقف می‌کند ۲-حذف خودکار داده‌های حساس را بهبود می‌دهد
0
20
تمام کسایی که با اینترنت پرو وصل شدن، اومدن واسه ما دارن صحبت از این می‌کنن که لازم داشتیم و مجبور بودیم. دیجیاتو توی یک یادد+1
تمام کسایی که با اینترنت پرو وصل شدن، اومدن واسه ما دارن صحبت از این می‌کنن که لازم داشتیم و مجبور بودیم. دیجیاتو توی یک یادداشتی جوابشون رو به خوبی داده. ولی واقعا این نیست ارزش ما، شما بیکار بشینی خونه شرف داره به این که با منت و اینقدر گرون اینترنت بخری، تازه رو اونم محدودیت باشه. یه بارم گفتم، این قطار به همه میرسه، همه بالاخره اینترنت پرو یه جوری گیرشون میاد، ولی این چیزیه که میخوایم؟ دو ماه پیش همه دنبال آزادی بودن، حالا پی اینترنت، در آینده هم پی آب و غذا، ما داریم وارونه پیشرفت می‌کنیم... خلاصه که با همین شرایط اگر پیش بره، باید روی اقتصاد دیجیتال یه قلم قرمز بگیریم. من روز‌های سیاهی برای این جامعه می‌بینم. @DevTwitter
0