Graph-CTI-annual-report1403.pdf
16.2 MB
توصیه میکنیم حتما زمان بزارید و این گزارش رو بخونید.
"این مستند شامل بررسی دوساله حملات به زیرساختهای فناوری کشور از ابتدای ۱۴۰۲ تا اسفند ۱۴۰۳ است و توسط تیم CTI گراف تهیه شده است."
@graph_inc_ir
#report #iran #attack
@GoSecurity
"این مستند شامل بررسی دوساله حملات به زیرساختهای فناوری کشور از ابتدای ۱۴۰۲ تا اسفند ۱۴۰۳ است و توسط تیم CTI گراف تهیه شده است."
@graph_inc_ir
#report #iran #attack
@GoSecurity
Linux Detection Engineering - A primer on persistence mechanisms
50 min read
@GoSecurity
https://www.elastic.co/security-labs/primer-on-persistence-mechanisms
50 min read
@GoSecurity
https://www.elastic.co/security-labs/primer-on-persistence-mechanisms
www.elastic.co
Linux Detection Engineering - A primer on persistence mechanisms — Elastic Security Labs
In this second part of the Linux Detection Engineering series, we map multiple Linux persistence mechanisms to the MITRE ATT&CK framework, explain how they work, and how to detect them.
Linux_Device_Driver_Development_Everything_you_need_to_start_with.pdf
5.4 MB
Linux Device Driver Development
Everything you need to start with device driver
development for Linux kernel and embedded Linux
Everything you need to start with device driver
development for Linux kernel and embedded Linux
Zorin Os the best alternative to Win10-11
Kernel: Linux
Distribution of Ubuntu
https://github.com/ZorinOS
Kernel: Linux
Distribution of Ubuntu
https://github.com/ZorinOS
Iranian hackers targeted over 100 govt orgs with Phoenix backdoor
State-sponsored Iranian hacker group MuddyWater has targeted more than 100 government entities in attacks that deployed version 4 of the Phoenix backdoor. [...]
@GoSecurity
https://www.bleepingcomputer.com/news/security/iranian-hackers-targeted-over-100-govt-orgs-with-phoenix-backdoor/
State-sponsored Iranian hacker group MuddyWater has targeted more than 100 government entities in attacks that deployed version 4 of the Phoenix backdoor. [...]
@GoSecurity
https://www.bleepingcomputer.com/news/security/iranian-hackers-targeted-over-100-govt-orgs-with-phoenix-backdoor/
BleepingComputer
Iranian hackers targeted over 100 govt orgs with Phoenix backdoor
State-sponsored Iranian hacker group MuddyWater has targeted more than 100 government entities in attacks that deployed version 4 of the Phoenix backdoor.
Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover
After Microsoft patched Yuval Gordon’s BadSuccessor privilege escalation technique, BadSuccessor returned with another blog from Yuval, briefly mentioning to the community that attackers can still abuse dMSAs to take over any object where we have a write primitive. This mention did not gather significant attention from the community, leaving an operational gap for dMSA related tooling and attention. This blog dives into why dMSA abuse is still a problem, the release of a new Beacon object file (BOF) labeled BadTakeover, plus additions to SharpSuccessor, all to show that BadSuccessor’s impact as a technique (not a vulnerability) will still hold a lasting effect.
@GoSecurity
https://github.com/logangoins/BadTakeover-BOF
https://specterops.io/blog/2025/10/20/the-near-return-of-the-king-account-takeover-using-the-badsuccessor-technique/
After Microsoft patched Yuval Gordon’s BadSuccessor privilege escalation technique, BadSuccessor returned with another blog from Yuval, briefly mentioning to the community that attackers can still abuse dMSAs to take over any object where we have a write primitive. This mention did not gather significant attention from the community, leaving an operational gap for dMSA related tooling and attention. This blog dives into why dMSA abuse is still a problem, the release of a new Beacon object file (BOF) labeled BadTakeover, plus additions to SharpSuccessor, all to show that BadSuccessor’s impact as a technique (not a vulnerability) will still hold a lasting effect.
@GoSecurity
https://github.com/logangoins/BadTakeover-BOF
https://specterops.io/blog/2025/10/20/the-near-return-of-the-king-account-takeover-using-the-badsuccessor-technique/
GitHub
GitHub - logangoins/BadTakeover-BOF: Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover
Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover - logangoins/BadTakeover-BOF
👍1
Why nested deserialization is STILL harmful – Magento RCE (CVE-2025-54236) › Searchlight Cyber
@GoSecurity
https://slcyber.io/assetnote-security-research-center/why-nested-deserialization-is-still-harmful-magento-rce-cve-2025-54236/
@GoSecurity
https://slcyber.io/assetnote-security-research-center/why-nested-deserialization-is-still-harmful-magento-rce-cve-2025-54236/
Searchlight Cyber
Why nested deserialization is harmful: Magento RCE (CVE-2025-54236)
Magento is still one of the most popular e-commerce solutions in use on the internet, estimated to be running on more than 130,000 websites. It is also offered as an enterprise offering by Adobe under the name Adobe Commerce, which receives automatic patching.…
هکرها برای ۷۳ آسیبپذیری زیرودی در مسابقه Pwn2Own ایرلند، ۱٬۰۲۴٬۷۵۰ دلار کسب کردند
مسابقه هک Pwn2Own ایرلند ۲۰۲۵ با جمعآوری جوایز نقدی به مبلغ ۱٬۰۲۴٬۷۵۰ دلار توسط پژوهشگران امنیتی پس از بهرهبرداری از ۷۳ آسیبپذیری صفر روزه به پایان رسید.
@GoSecurity
https://www.bleepingcomputer.com/news/security/hackers-earn-1-024-750-for-73-zero-days-at-pwn2own-ireland/
مسابقه هک Pwn2Own ایرلند ۲۰۲۵ با جمعآوری جوایز نقدی به مبلغ ۱٬۰۲۴٬۷۵۰ دلار توسط پژوهشگران امنیتی پس از بهرهبرداری از ۷۳ آسیبپذیری صفر روزه به پایان رسید.
@GoSecurity
https://www.bleepingcomputer.com/news/security/hackers-earn-1-024-750-for-73-zero-days-at-pwn2own-ireland/
BleepingComputer
Hackers earn $1,024,750 for 73 zero-days at Pwn2Own Ireland
The Pwn2Own Ireland 2025 hacking competition has ended with security researchers collecting $1,024,750 in cash awards after exploiting 73 zero-day vulnerabilities.
CVE-2022-4445
The FL3R FeelBox WordPress plugin through 8.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.
@GoSecurity
The FL3R FeelBox WordPress plugin through 8.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.
@GoSecurity
WPScan
FL3R FeelBox <= 8.1 - Unauthenticated SQLi
See details on FL3R FeelBox <= 8.1 - Unauthenticated SQLi CVE 2022-4445. View the latest Plugin Vulnerabilities on WPScan.