فریم ورک برای عمق بخشیدن به نفوذ بدون نیاز به نصب ابزار - اجرا در حافظه
@Engineer_Computer
Command Execution over Named-Pipes (SMB)
https://github.com/Leo4j/Amnesiac
@Engineer_Computer
Command Execution over Named-Pipes (SMB)
https://github.com/Leo4j/Amnesiac
GitHub
GitHub - Leo4j/Amnesiac: Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral…
Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments - Leo4j/Amnesiac
معماران امنیت بخوانند
@Engineer_Computer
Threat Modeling is critical to achieving design goals for system security and data privacy.
This document provides a catalog of capabilities to help you cultivate value from your Threat Modeling practice.
https://www.threatmodelingmanifesto.org/capabilities/
@Engineer_Computer
Threat Modeling is critical to achieving design goals for system security and data privacy.
This document provides a catalog of capabilities to help you cultivate value from your Threat Modeling practice.
https://www.threatmodelingmanifesto.org/capabilities/
www.threatmodelingmanifesto.org
Threat Modeling Capabilities
Documents a catalog of capabilities to help you cultivate value from your Threat Modeling practice.
تحلیل یه نفوذ با فالکن MDR
@Engineer_Computer
هدف: آشنایی با روش تحلیل
ایده برای تولید محصول
https://www.crowdstrike.com/blog/falcon-complete-thwarts-vanguard-panda-tradecraft/
@Engineer_Computer
هدف: آشنایی با روش تحلیل
ایده برای تولید محصول
https://www.crowdstrike.com/blog/falcon-complete-thwarts-vanguard-panda-tradecraft/
CrowdStrike.com
Business as Usual: Falcon Complete MDR Thwarts Novel VANGUARD PANDA (Volt Typhoon) Tradecraft
Read this blog post to learn how Falcon Complete detected and thwarted VANGUARD PANDA (Volt Typhoon) tradecraft.
https://techcommunity.microsoft.com/t5/windows-events/what-s-new-in-active-directory/ev-p/3971596
@Engineer_Computer
@Engineer_Computer
TECHCOMMUNITY.MICROSOFT.COM
What's new in Active Directory | Microsoft Technical Takeoff
Lean in as software developers from the Active Directory software engineering team dive into the latest improvements in Active Directory. We'll cover key...
Secure Coding Guidelines for Application Development.pdf
394 KB
راهنمایی های کلی برای کد نویسی امن
@Engineer_Computer
@Engineer_Computer
🔥2
CVE-2024-20674
Windows Kerberos Security Feature Bypass Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20674
https://nvd.nist.gov/vuln/detail/CVE-2024-20674
سیستم عامل های آسیب پذیر:
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
@Engineer_Computer
Windows Kerberos Security Feature Bypass Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20674
https://nvd.nist.gov/vuln/detail/CVE-2024-20674
سیستم عامل های آسیب پذیر:
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
@Engineer_Computer
IT Engineer with UAE experience.
The ideal candidate will possess the following skills and knowledge:
Key Requirements:
Helpdesk experience
Network expertise (switching, Firewall)
Active Directory proficiency
MS Azure knowledge
Clouding knowledge
Candidates with a valid driving license will be given more preference.
if you meet the above criteria please send your updated resume with your notice period, expected salary, and subject as IT Engineer to HR@dxcontracting.ae
@Engineer_Computer
The ideal candidate will possess the following skills and knowledge:
Key Requirements:
Helpdesk experience
Network expertise (switching, Firewall)
Active Directory proficiency
MS Azure knowledge
Clouding knowledge
Candidates with a valid driving license will be given more preference.
if you meet the above criteria please send your updated resume with your notice period, expected salary, and subject as IT Engineer to HR@dxcontracting.ae
@Engineer_Computer
اکانت شما در گوگل ؛ قابل دسترسی است.
آسیب پذیری که فعلا راهکار فنی ندارد.
اما راهکار موقت را در لینک زیر بخوانید .
@Engineer_Computer
https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2024/01/info-stealers-can-steal-cookies-for-permanent-access-to-your-google-account/amp
آسیب پذیری که فعلا راهکار فنی ندارد.
اما راهکار موقت را در لینک زیر بخوانید .
@Engineer_Computer
https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2024/01/info-stealers-can-steal-cookies-for-permanent-access-to-your-google-account/amp
Malwarebytes
Info-stealers can steal cookies for permanent access to your Google account
Several info-stealers have incorporated an exploit that allows them to gain permanent access to your Google account
تحلیلی از سوء استفاده از سایتهای مجاز در حوزه ذخیره سازی برای گسترش بدافزارها
@Engineer_Computer
https://www.cybereason.com/blog/research/the-hole-in-the-bucket-attackers-abuse-bitbucket-to-deliver-an-arsenal-of-malware
@Engineer_Computer
https://www.cybereason.com/blog/research/the-hole-in-the-bucket-attackers-abuse-bitbucket-to-deliver-an-arsenal-of-malware
Cybereason
The Hole in the Bucket: Attackers Abuse Bitbucket to Deliver an Arsenal of Malware
Cybereason is following an active campaign to deliver multiple different types of malware to victims all over the world. This attack is able to steal data, mine for cryptocurrency, and in specific cases deliver ransomware.
کپی کردن کارتهای RFID
@Engineer_Computer
https://covertaccessteam.substack.com/p/rfid-sleight-of-hand-covert-cloning
@Engineer_Computer
https://covertaccessteam.substack.com/p/rfid-sleight-of-hand-covert-cloning
Substack
RFID Sleight of Hand: Covert Cloning Techniques
On linkedin the other day I posted a video showing how an RFID card could be cloned without having a reader (eg I-copy,flipper,etc) directly on the card or using a long range reader somewhere offscreen.
❤1
استفاده NSA از هوش مصنوعی برای کشف حملات پیچیده که با روشهای معمول قابل کشف نیستند
@Engineer_Computer
https://industrialcyber.co/critical-infrastructure/senior-us-cybersecurity-official-reveals-use-of-ai-to-counter-hackers-targeting-critical-infrastructure/
@Engineer_Computer
https://industrialcyber.co/critical-infrastructure/senior-us-cybersecurity-official-reveals-use-of-ai-to-counter-hackers-targeting-critical-infrastructure/
Industrial Cyber
Senior US cybersecurity official reveals use of AI to counter hackers targeting critical infrastructure
US cybersecurity official reveals the use of AI to counter hackers targeting critical infrastructure, as cyber expertise is in short supply.
👏1
I have published 'tRPC Security Research: Hunting for Vulnerabilities in Modern APIs'. In this write-up, I examine tRPC and discuss methods for conducting reconnaissance to identify and uncover vulnerabilities within this API style.
https://medium.com/@LogicalHunter/trpc-security-research-hunting-for-vulnerabilities-in-modern-apis-b0d38e06fa71
@Engineer_Computer
https://medium.com/@LogicalHunter/trpc-security-research-hunting-for-vulnerabilities-in-modern-apis-b0d38e06fa71
@Engineer_Computer
Medium
tRPC Security Research: Hunting for Vulnerabilities in Modern APIs
In this write-up, I want to discuss my research on tRPC. Initially, we will review the concepts of tRPC before proceeding to analyse the…
🔥1
اکانت شما در گوگل ؛ قابل دسترسی است.
آسیب پذیری که فعلا راهکار فنی ندارد.
اما راهکار موقت را در لینک زیر بخوانید .
@Engineer_Computer
https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2024/01/info-stealers-can-steal-cookies-for-permanent-access-to-your-google-account/amp
آسیب پذیری که فعلا راهکار فنی ندارد.
اما راهکار موقت را در لینک زیر بخوانید .
@Engineer_Computer
https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2024/01/info-stealers-can-steal-cookies-for-permanent-access-to-your-google-account/amp
Malwarebytes
Info-stealers can steal cookies for permanent access to your Google account
Several info-stealers have incorporated an exploit that allows them to gain permanent access to your Google account
❤1
تحلیلی از سوء استفاده از سایتهای مجاز در حوزه ذخیره سازی برای گسترش بدافزارها
@Engineer_Computer
https://www.cybereason.com/blog/research/the-hole-in-the-bucket-attackers-abuse-bitbucket-to-deliver-an-arsenal-of-malware
@Engineer_Computer
https://www.cybereason.com/blog/research/the-hole-in-the-bucket-attackers-abuse-bitbucket-to-deliver-an-arsenal-of-malware
Cybereason
The Hole in the Bucket: Attackers Abuse Bitbucket to Deliver an Arsenal of Malware
Cybereason is following an active campaign to deliver multiple different types of malware to victims all over the world. This attack is able to steal data, mine for cryptocurrency, and in specific cases deliver ransomware.
❤1
کپی کردن کارتهای RFID
@Engineer_Computer
https://covertaccessteam.substack.com/p/rfid-sleight-of-hand-covert-cloning
@Engineer_Computer
https://covertaccessteam.substack.com/p/rfid-sleight-of-hand-covert-cloning
Substack
RFID Sleight of Hand: Covert Cloning Techniques
On linkedin the other day I posted a video showing how an RFID card could be cloned without having a reader (eg I-copy,flipper,etc) directly on the card or using a long range reader somewhere offscreen.
❤1
استفاده NSA از هوش مصنوعی برای کشف حملات پیچیده که با روشهای معمول قابل کشف نیستند
@Engineer_Computer
https://industrialcyber.co/critical-infrastructure/senior-us-cybersecurity-official-reveals-use-of-ai-to-counter-hackers-targeting-critical-infrastructure/
@Engineer_Computer
https://industrialcyber.co/critical-infrastructure/senior-us-cybersecurity-official-reveals-use-of-ai-to-counter-hackers-targeting-critical-infrastructure/
Industrial Cyber
Senior US cybersecurity official reveals use of AI to counter hackers targeting critical infrastructure
US cybersecurity official reveals the use of AI to counter hackers targeting critical infrastructure, as cyber expertise is in short supply.
👍2
هشدار شرکت Juniper درخصوص کشف آسیب پذیری بحرانی محصولات این شرکت
🔴شرکت Juniper اقدام به ارائه بهروزرسانیهای امنیتی فوری و مهمی کرده است تا یک آسیبپذیری مهم اجرای کد از راه دور (RCE) را در فایروالهای سری SRX و سوئیچهای سری EX خود رفع کند.
🔴این آسیبپذیری که در رابطهای پیکربندی J-Web دستگاهها یافت شده و با شناسه CVE-2024-21591 شناخته میشود، درصورتیکه Exploit شود میتواند دسترسی Root را در اختیار هکرها قرار دهد.
🔴نسخه های آسیب پذیر عبارتند از:
🟡Junos OS versions earlier than 20.4R3-S9
🟡Junos OS 21.2 versions earlier than 21.2R3-S7
🟡Junos OS 21.3 versions earlier than 21.3R3-S5
🟡Junos OS 21.4 versions earlier than 21.4R3-S5
🟡Junos OS 22.1 versions earlier than 22.1R3-S4
🟡Junos OS 22.2 versions earlier than 22.2R3-S3
🟡Junos OS 22.3 versions earlier than 22.3R3-S2
🟡Junos OS 22.4 versions earlier than 22.4R2-S2, 22.4R3
🟡The bug has been addressed in Junos OS 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S3, 22.3R3-S2, 22.4R2-S2, 22.4R3, 23.2R1-S1, 23.2R2, 23.4R1, and all subsequent releases.
🔴به Adminها توصیه شده که فورا نسبت به ارتقا به آخرین نسخه اقدام کرده و یا J-Web interface را غیرفعال کنند.
@Engineer_Computer
🔴شرکت Juniper اقدام به ارائه بهروزرسانیهای امنیتی فوری و مهمی کرده است تا یک آسیبپذیری مهم اجرای کد از راه دور (RCE) را در فایروالهای سری SRX و سوئیچهای سری EX خود رفع کند.
🔴این آسیبپذیری که در رابطهای پیکربندی J-Web دستگاهها یافت شده و با شناسه CVE-2024-21591 شناخته میشود، درصورتیکه Exploit شود میتواند دسترسی Root را در اختیار هکرها قرار دهد.
🔴نسخه های آسیب پذیر عبارتند از:
🟡Junos OS versions earlier than 20.4R3-S9
🟡Junos OS 21.2 versions earlier than 21.2R3-S7
🟡Junos OS 21.3 versions earlier than 21.3R3-S5
🟡Junos OS 21.4 versions earlier than 21.4R3-S5
🟡Junos OS 22.1 versions earlier than 22.1R3-S4
🟡Junos OS 22.2 versions earlier than 22.2R3-S3
🟡Junos OS 22.3 versions earlier than 22.3R3-S2
🟡Junos OS 22.4 versions earlier than 22.4R2-S2, 22.4R3
🟡The bug has been addressed in Junos OS 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S3, 22.3R3-S2, 22.4R2-S2, 22.4R3, 23.2R1-S1, 23.2R2, 23.4R1, and all subsequent releases.
🔴به Adminها توصیه شده که فورا نسبت به ارتقا به آخرین نسخه اقدام کرده و یا J-Web interface را غیرفعال کنند.
@Engineer_Computer
Black Hat USA 2023 | Briefings Schedule
Link : https://www.blackhat.com/us-23/briefings/schedule/
@Engineer_Computer
Link : https://www.blackhat.com/us-23/briefings/schedule/
@Engineer_Computer