Fast Detection , Fast Respond
PSIRT Advisories
FortiOS - Plain-text credentials in GET request via SSL VPN web portal
Summary
A use of GET request method with sensitive query strings vulnerability [CWE-598] in the FortiOS SSL VPN component may allow an attacker to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those services (found in logs, referers, caches, etc...)
Affected Products FortiOS version 7.4.0
FortiOS version 7.2.0 through 7.2.5
FortiOS version 7.0.0 through 7.0.12
Solutions
Please upgrade to FortiOS version 7.4.1 or above
Please upgrade to FortiOS version 7.2.6 or above
Please upgrade to upcoming FortiOS version 7.0.13 or above
Timeline
2023-09-29: Initial publication
https://www.fortiguard.com/psirt/FG-IR-23-120
@Engineer_Computer
PSIRT Advisories
FortiOS - Plain-text credentials in GET request via SSL VPN web portal
Summary
A use of GET request method with sensitive query strings vulnerability [CWE-598] in the FortiOS SSL VPN component may allow an attacker to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those services (found in logs, referers, caches, etc...)
Affected Products FortiOS version 7.4.0
FortiOS version 7.2.0 through 7.2.5
FortiOS version 7.0.0 through 7.0.12
Solutions
Please upgrade to FortiOS version 7.4.1 or above
Please upgrade to FortiOS version 7.2.6 or above
Please upgrade to upcoming FortiOS version 7.0.13 or above
Timeline
2023-09-29: Initial publication
https://www.fortiguard.com/psirt/FG-IR-23-120
@Engineer_Computer
FortiGuard Labs
PSIRT | FortiGuard Labs
None
Offensive security
Red Team Tactics
A Hitch-hacker's Guide to DACL-Based Detections
Part 1A: https://trustedsec.com/blog/a-hitchhackers-guide-to-dacl-based-detections-part-1-a
Part 1B: https://trustedsec.com/blog/a-hitch-hackers-guide-to-dacl-based-detections-part-1b
Part 2: https://trustedsec.com/blog/a-hitch-hackers-guide-to-dacl-based-detections-part-2
Part 3: https://trustedsec.com/blog/a-hitch-hackers-guide-to-dacl-based-detections-part-3
@Engineer_Computer
Red Team Tactics
A Hitch-hacker's Guide to DACL-Based Detections
Part 1A: https://trustedsec.com/blog/a-hitchhackers-guide-to-dacl-based-detections-part-1-a
Part 1B: https://trustedsec.com/blog/a-hitch-hackers-guide-to-dacl-based-detections-part-1b
Part 2: https://trustedsec.com/blog/a-hitch-hackers-guide-to-dacl-based-detections-part-2
Part 3: https://trustedsec.com/blog/a-hitch-hackers-guide-to-dacl-based-detections-part-3
@Engineer_Computer
TrustedSec
A Hitch-hacker's Guide to DACL-Based Detections (Part 1A)
blue team
exploit
1. CVE-2023-20198:
Cisco ISO XE Software Web Management User Interface Vulnerability
https://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software
Checknoscript: https://github.com/Atea-Redteam/CVE-2023-20198
2. CVE-2023-36728:
Windows SQL Server Pre-Auth Overflow Read
https://v-v.space/2023/10/16/sqlserver-dos-CVE-2023-36728
3. CVE-2023-38545:
Socks5 heap buffer overflow
https://github.com/d0rb/CVE-2023-38545
@Engineer_Computer
1. CVE-2023-20198:
Cisco ISO XE Software Web Management User Interface Vulnerability
https://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software
Checknoscript: https://github.com/Atea-Redteam/CVE-2023-20198
2. CVE-2023-36728:
Windows SQL Server Pre-Auth Overflow Read
https://v-v.space/2023/10/16/sqlserver-dos-CVE-2023-36728
3. CVE-2023-38545:
Socks5 heap buffer overflow
https://github.com/d0rb/CVE-2023-38545
@Engineer_Computer
Cisco Talos Blog
Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerabilities
Cisco has identified active exploitation of two previously unknown vulnerabilities in the Web User Interface (Web UI) feature of Cisco IOS XE software — CVE-2023-20198 and CVE-2023-20273 — when exposed to the internet or untrusted networks.
Cisco_Secure_Firewall_Hardening_Guide.pdf
297.7 KB
Hardening
( امن سازي و مقاوم سازي)
Cisco Secure Firewall Management Center Hardening Guide Ver. 7.2 2023
Cisco Hardening Guides:
https://www.cisco.com/c/en/us/support/security/defense-center/products-installation-and-configuration-guides-list.html
@Engineer_Computer
( امن سازي و مقاوم سازي)
Cisco Secure Firewall Management Center Hardening Guide Ver. 7.2 2023
Cisco Hardening Guides:
https://www.cisco.com/c/en/us/support/security/defense-center/products-installation-and-configuration-guides-list.html
@Engineer_Computer
Design_Deploy_Secure_Azure.pdf
5.8 MB
Tech book
Cloud Security
Design and Deploy a Secure Azure: Environment Mapping the NIST Cybersecurity Framework to Azure Services 2023.
@Engineer_Computer
Cloud Security
Design and Deploy a Secure Azure: Environment Mapping the NIST Cybersecurity Framework to Azure Services 2023.
@Engineer_Computer
iam_sec.pdf
17.5 MB
hardening
Tech book
Cloud Security
AWS Identity and Access Management User Guide 2023.
@Engineer_Computer
Tech book
Cloud Security
AWS Identity and Access Management User Guide 2023.
@Engineer_Computer
یکی از بهترین مخازن کانتنت های اسپلانک
رایگان
This project gives you access to our repository of Analytic Stories, security guides that provide background on tactics, techniques and procedures (TTPs), mapped to the MITRE ATT&CK Framework, the Lockheed Martin Cyber Kill Chain, and CIS Controls. They include Splunk searches, machine learning algorithms and Splunk Phantom playbooks (where available)—all designed to work together to detect, investigate, and respond to threats
https://github.com/splunk/security_content
@Engineer_Computer
رایگان
This project gives you access to our repository of Analytic Stories, security guides that provide background on tactics, techniques and procedures (TTPs), mapped to the MITRE ATT&CK Framework, the Lockheed Martin Cyber Kill Chain, and CIS Controls. They include Splunk searches, machine learning algorithms and Splunk Phantom playbooks (where available)—all designed to work together to detect, investigate, and respond to threats
https://github.com/splunk/security_content
@Engineer_Computer
GitHub
GitHub - splunk/security_content: Splunk Security Content
Splunk Security Content. Contribute to splunk/security_content development by creating an account on GitHub.
۱۰ متخصص امنیت سایبری که دنبال کردن آنها در شبکه های اجتماعی توصیه میشود
https://www.techtarget.com/whatis/feature/10-cybersecurity-experts-to-follow-on-social-media
@Engineer_Computer
https://www.techtarget.com/whatis/feature/10-cybersecurity-experts-to-follow-on-social-media
@Engineer_Computer
WhatIs
10 cybersecurity experts to follow on social media
Stay at the forefront of cybersecurity and mitigate cyber-risks by following this curated list of experts on social media.
A system administration or post-exploitation noscript to automatically extract the bitlocker recovery keys from a domain
https://github.com/p0dalirius/ExtractBitlockerKeys
@Engineer_Computer
https://github.com/p0dalirius/ExtractBitlockerKeys
@Engineer_Computer
GitHub
GitHub - p0dalirius/ExtractBitlockerKeys: A system administration or post-exploitation noscript to automatically extract the bitlocker…
A system administration or post-exploitation noscript to automatically extract the bitlocker recovery keys from a domain. - p0dalirius/ExtractBitlockerKeys
این روزها که هم کاربران برای به روزرسانی مرورگرهایشان آموزش دیده اند و هم مرورگرهایی چون کروم هفته ای یکبار به روزرسانی میدهد لذا به روزرسانی امری متداول شده است ؛ هکرها تلاش دارند از طریق به روزرسانی های قلابی ، بدافزار را به قربانی برسانند .
در لینک زیر نحوه عمل ۴ گروه هکری برای توزیع بدافزار به قربانیان را میخوانیم
https://www.tomsguide.com/news/fake-chrome-updates-infecting-pcs-with-malware-what-you-need-to-know
@Engineer_Computer
در لینک زیر نحوه عمل ۴ گروه هکری برای توزیع بدافزار به قربانیان را میخوانیم
https://www.tomsguide.com/news/fake-chrome-updates-infecting-pcs-with-malware-what-you-need-to-know
@Engineer_Computer
tom's guide
Fake Chrome updates infecting PCs with malware — what you need to know
Keeping your browser up to date can be difficult, especially now that
👍3
مدیریت ریسک سایبری در انگلیس
آخرین نسخه
** بخش مرتبط با نظرات و باورها( ی غلط) در خصوص روش کمی در آنالیز ریسک جالب است
Quantifying risk allows you to be explicit about how much uncertainty you have in your analysis, by allowing you to represent the likelihood or impact of a risk occurring as a ‘distribution’ rather than a single value.
https://www.ncsc.gov.uk/collection/risk-management
@Engineer_Computer
آخرین نسخه
** بخش مرتبط با نظرات و باورها( ی غلط) در خصوص روش کمی در آنالیز ریسک جالب است
Quantifying risk allows you to be explicit about how much uncertainty you have in your analysis, by allowing you to represent the likelihood or impact of a risk occurring as a ‘distribution’ rather than a single value.
https://www.ncsc.gov.uk/collection/risk-management
@Engineer_Computer
www.ncsc.gov.uk
Risk management
How to understand and manage the cyber security risks for your organisation.
🎉2
⭕️اگر علاقه مند به نوشتن ابزار های آفنسیو هستید ابزاری برای Documents Exfiltration به زبان C و ++C نوشته شده که FUD بوده و با c2 کاستوم ارتباط میگیرد و فایل هارا منتقل میکند که
برای تمرین ابزار مناسبی هست.
https://github.com/TheD1rkMtr/DocPlz
#RedTeam #Tools
@Engineer_Computer
برای تمرین ابزار مناسبی هست.
https://github.com/TheD1rkMtr/DocPlz
#RedTeam #Tools
@Engineer_Computer
GitHub
GitHub - d1rkmtrr/DocPlz: Documents Exfiltration project for fun and educational purposes
Documents Exfiltration project for fun and educational purposes - d1rkmtrr/DocPlz
⭕️یک Stealer جالب برای Exfitrate Office Documents به زبان ++C و Python نوشته شده که با استفاده از API مربوط به Virustotal داده را استخراج کرده و به Server c2 مورد نظر منتقل میکند.
https://github.com/TheD1rkMtr/VT-stealer
#RedTeam #Tools
@Engineer_Computer
https://github.com/TheD1rkMtr/VT-stealer
#RedTeam #Tools
@Engineer_Computer