🚨 Cisco issued an alert about a new zero-day vulnerability in IOS XE (CVE-2023-20273). Attackers are actively exploiting it to install a malicious Lua-based implant on vulnerable devices.
Learn more: https://thehackernews.com/2023/10/cisco-zero-day-exploited-to-implant.html
@Engineer_Computer
Learn more: https://thehackernews.com/2023/10/cisco-zero-day-exploited-to-implant.html
@Engineer_Computer
Malware analysis
1. LummaStealer Malware
https://blogs.vmware.com/security/2023/10/an-ilummanation-on-lummastealer.html
2. Munchkin malware utility
https://unit42.paloaltonetworks.com/blackcat-ransomware-releases-new-utility-munchkin
3. Analysis of Hospitality Phishing Campaign
https://www.akamai.com/blog/security-research/2023/oct/hospitality-phishing-campaign-DNS-analysis-global-threat
@Engineer_Computer
1. LummaStealer Malware
https://blogs.vmware.com/security/2023/10/an-ilummanation-on-lummastealer.html
2. Munchkin malware utility
https://unit42.paloaltonetworks.com/blackcat-ransomware-releases-new-utility-munchkin
3. Analysis of Hospitality Phishing Campaign
https://www.akamai.com/blog/security-research/2023/oct/hospitality-phishing-campaign-DNS-analysis-global-threat
@Engineer_Computer
VMware Security Blog
An iLUMMAnation on LummaStealer
Contributors: Chris Wagner and Nikki Benoit Executive Summary LummaStealer is a Malware-as-a-Service (MaaS) that is available on the dark web. MAAS models have substantially reduced the barrier to entry in the realm of big game hunting. Instead of executing…
exploit
1. CVE-2023-34051:
VMware Aria Operations for Logs - authentication bypass
https://github.com/horizon3ai/CVE-2023-34051
2. CVE-2023-28432:
MinIO information disclosure
https://github.com/yTxZx/CVE-2023-28432
@Engineer_Computer
1. CVE-2023-34051:
VMware Aria Operations for Logs - authentication bypass
https://github.com/horizon3ai/CVE-2023-34051
2. CVE-2023-28432:
MinIO information disclosure
https://github.com/yTxZx/CVE-2023-28432
@Engineer_Computer
GitHub
GitHub - horizon3ai/CVE-2023-34051: VMware Aria Operations for Logs CVE-2023-34051
VMware Aria Operations for Logs CVE-2023-34051. Contribute to horizon3ai/CVE-2023-34051 development by creating an account on GitHub.
👍1
Threat_Research
Understanding DNS Tunneling Traffic in the Wild
https://unit42.paloaltonetworks.com/dns-tunneling-in-the-wild
@Engineer_Computer
Understanding DNS Tunneling Traffic in the Wild
https://unit42.paloaltonetworks.com/dns-tunneling-in-the-wild
@Engineer_Computer
Unit 42
Understanding DNS Tunneling Traffic in the Wild
We present our findings on DNS tunneling techniques found in the wild, using extensive data on why this method is selected for malware campaigns.
#github #chatgpt #usefull_links
تو این ریپو که دایما اپدیت میشه وب سایت های معرفی می کنه که به شما دسترسی چت جی پی تی بدون هیچ دردسری میده مناسبه کسانی که ...
https://github.com/LiLittleCat/awesome-free-chatgpt
@Engineer_Computer
تو این ریپو که دایما اپدیت میشه وب سایت های معرفی می کنه که به شما دسترسی چت جی پی تی بدون هیچ دردسری میده مناسبه کسانی که ...
https://github.com/LiLittleCat/awesome-free-chatgpt
@Engineer_Computer
GitHub
GitHub - LiLittleCat/awesome-free-chatgpt: 🆓免费的 ChatGPT 镜像网站列表,持续更新。List of free ChatGPT mirror sites, continuously updated.
🆓免费的 ChatGPT 镜像网站列表,持续更新。List of free ChatGPT mirror sites, continuously updated. - GitHub - LiLittleCat/awesome-free-chatgpt: 🆓免费的 ChatGPT 镜像网站列表,持续更新。List of free ChatGPT mirror sites, continuou...
Detect WS_FTP Server Exploitation with Splunk Attack Range
recently disclosed CVE-2023-40044, which targets Progress Software WS_FTP Server Ad Hoc module, highlights the importance of providing detection developer environments where they can replicate, validate, and produce data of ongoing exploitations campaigns with the purpose of developing detections to protect their organizations.
https://www.splunk.com/en_us/blog/security/detect-ws-ftp-server-exploitation-with-splunk-attack-range.html
@Engineer_Computer
recently disclosed CVE-2023-40044, which targets Progress Software WS_FTP Server Ad Hoc module, highlights the importance of providing detection developer environments where they can replicate, validate, and produce data of ongoing exploitations campaigns with the purpose of developing detections to protect their organizations.
https://www.splunk.com/en_us/blog/security/detect-ws-ftp-server-exploitation-with-splunk-attack-range.html
@Engineer_Computer
Splunk
Detect WS_FTP Server Exploitation with Splunk Attack Range | Splunk
The Splunk Threat Research Team shares how they used Splunk Attack Range to develop detection content related to CVE-2023-40044.
ابزار مستند سازی در مدیریت حادثه
https://github.com/cyb3rfox/Aurora-Incident-Response
@Engineer_Computer
https://github.com/cyb3rfox/Aurora-Incident-Response
@Engineer_Computer
خیلی ساده می تونید یاد بگیرید با پایتون بدافزار بسازید!!!!
#malware #pythonic_malware
https://www.youtube.com/watch?v=UtMMjXOlRQc
@Engineer_Computer
#malware #pythonic_malware
https://www.youtube.com/watch?v=UtMMjXOlRQc
@Engineer_Computer
YouTube
i created malware with Python (it's SCARY easy!!)
Create your Python Malware lab: https://ntck.co/linode (you get a $100 Credit good for 60 days as a new user!)
We are going to write our very own malware in Python!! It’s actually scary easy to do and it will give you a peek behind the curtain of how bad…
We are going to write our very own malware in Python!! It’s actually scary easy to do and it will give you a peek behind the curtain of how bad…
گروه APT ایرانی ردپاهایشان در هک زیرساخت های دولتی و نظامی کشورهای خاورمیانه مشاهده شده است و به خاطر استفاده از تکنیکها و ابزارهای مشابه شناخته شده هستند
عربستان،قطر،کویت،امارات،عمان،عراق،اردن و اسراییل تارگت ها بودند 🤔
https://therecord.media/iranian-hackers-spy-on-governments-military-middle-east
@Engineer_Computer
عربستان،قطر،کویت،امارات،عمان،عراق،اردن و اسراییل تارگت ها بودند 🤔
https://therecord.media/iranian-hackers-spy-on-governments-military-middle-east
@Engineer_Computer
therecord.media
Iranian hackers caught spying on governments and military in Middle East
An Iranian nation-state threat actor is targeting high-profile organizations in the Middle East in an ongoing espionage campaign, according to a new report.
آشنایی با امنیت تطبیقی
بخشی از مدل زیرو تراست
https://www.citrix.com/solutions/secure-access/what-is-adaptive-security.html
@Engineer_Computer
بخشی از مدل زیرو تراست
https://www.citrix.com/solutions/secure-access/what-is-adaptive-security.html
@Engineer_Computer
Citrix.com
What is Adaptive Security? - Citrix
Adaptive security is a security approach that’s used to respond to potential cyberthreats in real-time by continually monitoring user sessions.