📊بررسی الگوهای حمله با استفاده از SIEM، Sysmon Utility و MITER ATT&CK
⛓ https://medium.com/@kelvin_ling/investigate-attack-patterns-using-siem-sysmon-utility-and-mitre-att-ck-5a569b2a9d4b
@Engineer_Computer
⛓ https://medium.com/@kelvin_ling/investigate-attack-patterns-using-siem-sysmon-utility-and-mitre-att-ck-5a569b2a9d4b
@Engineer_Computer
Medium
Investigate Attack Patterns using SIEM, Sysmon Utility and MITRE ATT&CK
In the “New Hire Old Artifacts” TryHackMe room, we can investigate a cyber incident using SIEM software — Splunk. The logs provided to…
🔐 Is Your Team ACTUALLY Ready For a Cyber Attack?
Sure you have:
— Documents and plans
— The latest security tools
— 24/7 monitoring and operations
But is that really enough in the modern world of advanced technologies?
"The Essential Cybersecurity Exercise Playbook" helps you run exercises to validate the readiness.
✔️Try it out, minimize the risk:
→ https://gumroad.com/a/989009875/feordo
@Engineer_Computer
Sure you have:
— Documents and plans
— The latest security tools
— 24/7 monitoring and operations
But is that really enough in the modern world of advanced technologies?
Don't leave it to chance.
"The Essential Cybersecurity Exercise Playbook" helps you run exercises to validate the readiness.
✔️Try it out, minimize the risk:
→ https://gumroad.com/a/989009875/feordo
@Engineer_Computer
PoC Released for SharePoint Pre-Auth RCE Chain (CVE-2023-29357 & CVE-2023-24955)
https://gist.github.com/testanull/dac6029d306147e6cc8dce9424d09868
https://securityonline.info/poc-released-for-sharepoint-pre-auth-rce-chain-cve-2023-29357-cve-2023-24955/
@Engineer_Computer
https://gist.github.com/testanull/dac6029d306147e6cc8dce9424d09868
https://securityonline.info/poc-released-for-sharepoint-pre-auth-rce-chain-cve-2023-29357-cve-2023-24955/
@Engineer_Computer
Gist
SharePoint Pre-Auth Code Injection RCE chain CVE-2023-29357 & CVE-2023-24955 PoC
SharePoint Pre-Auth Code Injection RCE chain CVE-2023-29357 & CVE-2023-24955 PoC - SharePwn_public.py
PoC Released for SharePoint Pre-Auth RCE Chain (CVE-2023-29357 & CVE-2023-24955)
https://gist.github.com/testanull/dac6029d306147e6cc8dce9424d09868
https://securityonline.info/poc-released-for-sharepoint-pre-auth-rce-chain-cve-2023-29357-cve-2023-24955/
@Engineer_Computer
https://gist.github.com/testanull/dac6029d306147e6cc8dce9424d09868
https://securityonline.info/poc-released-for-sharepoint-pre-auth-rce-chain-cve-2023-29357-cve-2023-24955/
@Engineer_Computer
Gist
SharePoint Pre-Auth Code Injection RCE chain CVE-2023-29357 & CVE-2023-24955 PoC
SharePoint Pre-Auth Code Injection RCE chain CVE-2023-29357 & CVE-2023-24955 PoC - SharePwn_public.py
روش جدید تزریق در پراسس برای دور زدن EDR
https://www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.bleepingcomputer.com/news/security/new-mockingjay-process-injection-technique-evades-edr-detection/amp/
@Engineer_Computer
https://www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.bleepingcomputer.com/news/security/new-mockingjay-process-injection-technique-evades-edr-detection/amp/
@Engineer_Computer
www-bleepingcomputer-com.cdn.ampproject.org
New Mockingjay process injection technique evades EDR detection
A new process injection technique named 'Mockingjay' could allow threat actors to bypass EDR (Endpoint Detection and Response) and other security products to stealthily execute malicious code on compromised systems.
Forwarded from Network Security Channel
PoC Released for SharePoint Pre-Auth RCE Chain (CVE-2023-29357 & CVE-2023-24955)
https://gist.github.com/testanull/dac6029d306147e6cc8dce9424d09868
https://securityonline.info/poc-released-for-sharepoint-pre-auth-rce-chain-cve-2023-29357-cve-2023-24955/
@Engineer_Computer
https://gist.github.com/testanull/dac6029d306147e6cc8dce9424d09868
https://securityonline.info/poc-released-for-sharepoint-pre-auth-rce-chain-cve-2023-29357-cve-2023-24955/
@Engineer_Computer
Gist
SharePoint Pre-Auth Code Injection RCE chain CVE-2023-29357 & CVE-2023-24955 PoC
SharePoint Pre-Auth Code Injection RCE chain CVE-2023-29357 & CVE-2023-24955 PoC - SharePwn_public.py
Forwarded from Network Security Channel
روش جدید تزریق در پراسس برای دور زدن EDR
https://www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.bleepingcomputer.com/news/security/new-mockingjay-process-injection-technique-evades-edr-detection/amp/
@Engineer_Computer
https://www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.bleepingcomputer.com/news/security/new-mockingjay-process-injection-technique-evades-edr-detection/amp/
@Engineer_Computer
www-bleepingcomputer-com.cdn.ampproject.org
New Mockingjay process injection technique evades EDR detection
A new process injection technique named 'Mockingjay' could allow threat actors to bypass EDR (Endpoint Detection and Response) and other security products to stealthily execute malicious code on compromised systems.
Common_developer_security_mistakes_in_working_with_IPG_Security.pdf
83.3 KB
💥 Common developer security mistakes in working with IPG
As a security engineer, pentester or developer you should know about common security mistakes in working with IPG that leads to serious security vulnerabilities.
#AppSec #IPG
@Engineer_Computer
As a security engineer, pentester or developer you should know about common security mistakes in working with IPG that leads to serious security vulnerabilities.
#AppSec #IPG
@Engineer_Computer
This media is not supported in your browser
VIEW IN TELEGRAM
#IRIB Unlettered #Gas Stations #Hacked
یادی کنیم از سامانه ضد نفوذ جایگاه سوخت فرصت طلبان بی سواد و صدای سیمای بی سواد تر...
@Engineer_Computer
یادی کنیم از سامانه ضد نفوذ جایگاه سوخت فرصت طلبان بی سواد و صدای سیمای بی سواد تر...
@Engineer_Computer
کدام رمزنگاری فعلا دربرابر فناوری کوانتوم مقاوم است ؟
https://medium.com/asecuritysite-when-bob-met-alice/why-is-128-bit-aes-insecure-for-a-quantum-computer-but-256-bit-is-not-814a8a9d6500
@computer_engineer2
https://medium.com/asecuritysite-when-bob-met-alice/why-is-128-bit-aes-insecure-for-a-quantum-computer-but-256-bit-is-not-814a8a9d6500
@computer_engineer2
Medium
Why is 128-bit AES Insecure for a Quantum Computer, But 256-bit Is Not?
If I have an unsorted database with 10 billion words, and I want to search for one of the words. With a normal search, it would take an…
انتقال تجربه
سریع عمل کردن بر اساس داده های موجود میتونه اینطوری باشه
پس ۴ عنصر در اینجا مهم است :
سورس داده مناسب
یوزکیس نویسی درست همراه با داشبورد های مناسب
اولویت بندی آلرت ها
هوشمندی و با سوادی عامل نظارتی انسانی
نتیجه : کاهش هزینه برای بیزنس( دقت کنید از کلمه ای فنی در این عبارت استفاده نشد )
@computer_engineer2
سریع عمل کردن بر اساس داده های موجود میتونه اینطوری باشه
پس ۴ عنصر در اینجا مهم است :
سورس داده مناسب
یوزکیس نویسی درست همراه با داشبورد های مناسب
اولویت بندی آلرت ها
هوشمندی و با سوادی عامل نظارتی انسانی
نتیجه : کاهش هزینه برای بیزنس( دقت کنید از کلمه ای فنی در این عبارت استفاده نشد )
@computer_engineer2
Cyber Security Governance Principles.pdf
14 MB
اصول حکمرانی امنیت سایبری
@computer_engineer2
@computer_engineer2