Network Security Channel

CVE-2024-21412: Water Hydra Targets Traders With Microsoft Defender SmartScreen Zero-Day https://www.trendmicro.com/en_us/research/24/b/cve202421412-water-hydra-targets-traders-with-windows-defender-s.html @Engineer_Computer

⭕️ اطلاعایه فوری! اگر مالباخته #کوروش_کمپانی هستید، شرکت جرج اینوست آمریکا برای جبران خسارت شما طرح حمایتی تهیه کرده لذا تنها طی یکماه هم جبران خسارت کنید هم سود کنید. Https://jorjinvest.com لطفا فقط مالباخته ها از این طرح استفاده کنند و دست به دست کنید برسه به دست مالباختگان واقعی. 🆔 @Webamoozir

👁‍🗨 When the hacker gets hacked 👁‍🗨 🔺 https://aceresponder.com/blog/exploiting-empire-c2-framework 🚩 https://github.com/ACE-Responder/Empire-C2-RCE-PoC @Engineer_Computer

Collection of #UAC #Bypass Techniques Weaponized as BOFs https://github.com/icyguider/UAC-BOF-Bonanza @Engineer_Computer

Simulate the behavior of AV/EDR for malware development training. https://github.com/Helixo32/CrimsonEDR/tree/main @Engineer_Computer

Remote buffer overflow over wifi_stack in wpa_supplicant binary in android 11, platform:samsung a20e, stock options so like works out of the box https://github.com/SpiralBL0CK/Remote-buffer-overflow-over-wifi_stack-in-wpa_supplicant-binary-in-android-11-platform-samsung-a20e @Engineer_Computer

With PPLDescribe, you can retrieve information about processes that are protected by PPL. The tool parses PS_PROTECTION, PS_PROTECTED_TYPE and PS_PROTECTED_SIGNER structures to retrieve the information #Credential_access https://github.com/MzHmO/PPLDescribe @Engineer_Computer

♦️ Collection of #UAC #Bypass Techniques Weaponized as BOFs 🌐 https://github.com/icyguider/UAC-BOF-Bonanza?tab=readme-ov-file 🔺 A single module which integrates all techniques has been provided to use the BOFs via the Havoc C2 Framework 🔱 https://github.com/HavocFramework/Havoc @Engineer_Computer

🔖Axiom is a dynamic infrastructure framework to efficiently work with multi-cloud environments, build and deploy repeatable infrastructure focused on offensive and defensive security. 01. The Introduction to Axiom tool 02. Axiom Bug Bounty Tool Core Functionality 03. Managing AXIOM Instances 04. Creating Custom AXIOM Modules 05. Mass Hunting For Misconfigured S3 Buckets (AXIOM) 06. Mass Cross Site Scripting Hunting (AXIOM) 07. Mass Hunting for Leaked Sensitive Documents (AXIOM) 08. Hunting Blind XSS on the Large Scale Part1 — Practical Techniques 09. Hunting Blind XSS on the Large Scale Part2 — Practical Techniques 10. Top 5 Red Flags of Bug Bounty Programs #bugbountytips #axiom #bugbounty @Engineer_Computer

🔖Who, What, Where, When, Wordlist A detailed guide on how to create wordlists for different #cybersecurity tasks in 30 slides from twitter.com/TomNomNom. 📚PDF : https://tomnomnom.com/talks/wwwww.pdf Do you want to create target specific wordlist for fuzzing backup files? you can use fback #BugBounty #BugBountyTools @Engineer_Computer

New bug bounty tools are coming. Follow me on GitHub: https://github.com/0xspidey @Engineer_Computer

🔖Google Dorks for recon

site:*.domain.*

site:domain.*

site:*.domain.com

site:*.domain.-*.*

🔎 Top Google dorks for bugbounty : Link #bugbounty #bugbountytips @Engineer_Computer

OpenAI's ChatGPT Breaches Privacy Rules, Says Italian Watchdog Italy was the first West European country to curb ChatGPT, whose rapid development has attracted attention from lawmakers and regulators. Under the EU's General Data Protection Regulation (GDPR) introduced in 2018, any company found to have broken rules faces fines of up to 4% of its global turnover. @Engineer_Computer

JetBrains Warns of New TeamCity Auth Bypass Vulnerability JetBrains strongly advises all TeamCity On-Premises users to update their servers to 2023.11.3 to eliminate the vulnerability. Tracked as CVE-2024-23917, this critical severity flaw impacts all versions of TeamCity On-Premises from 2017.1 through 2023.11.2 and can be exploited in remote code execution (RCE) attacks that don't require user interaction. @Engineer_Computer

Reports of Data Breach on Class Charts Platform Class Charts is used by more than 180,000 teachers, its website states. The company says it can “save teachers time and reduce workload with our data rich seating plans” and “improve pupil behaviour with our fast and effective behaviour management”. @Engineer_Computer

Cybersecurity Skills Gap Rises. Impacted Businesses Urged to Attract Talent With Education and Embrace AI This could also mean that more cybersecurity professionals are available for hire. But do they have the skills companies need? Among respondents to the survey, 92% reported skills gaps at their organization, a gap that includes cloud computing security. An inability to find people with the right skills, the struggle to keep employees who have those skills, and a shrinking hiring budget are the biggest causes cited for these skills gaps. Indeed, 54% of respondents said that the cybersecurity skills shortage situation has been getting worse in recent years. @Engineer_Computer

9 Best SOC Tools to Strengthen Your Security Posture This article will explore the most effective SOC solutions to help you make well-informed cybersecurity decisions and strengthen business defenses. @Engineer_Computer

از دوستان ساکن تهران کسی اگر میخواد کار شبکه و استوریج در دیتا سنتر کارآموزی کنه به این ایدی پیام بده @Developer_Network

git merge --no-ff -s recursive -X theirs master

#fun @Engineer_Computer

Cobalt Strike Profiles for EDR #Evasion https://github.com/EvilGreys/Cobalt-Strike-Profiles-for-EDR-Evasion @Engineer_Computer