GitLab users, beware! Security updates released to address critical vulnerabilities (CVE-2023-7028 and CVE-2023-5356).
One of these could allow account takeover without user interaction.
https://thehackernews.com/2024/01/urgent-gitlab-releases-patch-for.html?m=1
One of these could allow account takeover without user interaction.
https://thehackernews.com/2024/01/urgent-gitlab-releases-patch-for.html?m=1
Forwarded from Peneter Tools
https://www.mdsec.co.uk/2024/01/cve-2024-20656-local-privilege-escalation-in-vsstandardcollectorservice150-service/
poc:
https://github.com/Wh04m1001/CVE-2024-20656
poc:
https://github.com/Wh04m1001/CVE-2024-20656
MDSec
CVE-2024-20656 - Local Privilege Escalation in the VSStandardCollectorService150 Service - MDSec
Overview Visual Studio is a complex and powerful IDE developed by Microsoft and comes with a lot of features that can be interesting from a red team perspective. During this...
Juniper warns of critical RCE bug in its firewalls and switches
https://www.bleepingcomputer.com/news/security/juniper-warns-of-critical-rce-bug-in-its-firewalls-and-switches/
https://www.bleepingcomputer.com/news/security/juniper-warns-of-critical-rce-bug-in-its-firewalls-and-switches/
Gitlab account takeover
https://news.1rj.ru/str/learnpentest/766
https://news.1rj.ru/str/learnpentest/766
Telegram
SoheilSec
GitLab users, beware! Security updates released to address critical vulnerabilities (CVE-2023-7028 and CVE-2023-5356).
One of these could allow account takeover without user interaction.
https://thehackernews.com/2024/01/urgent-gitlab-releases-patch-for.html?m=1
One of these could allow account takeover without user interaction.
https://thehackernews.com/2024/01/urgent-gitlab-releases-patch-for.html?m=1
Atlassian warns of critical RCE flaw in older Confluence versions
https://www.bleepingcomputer.com/news/security/atlassian-warns-of-critical-rce-flaw-in-older-confluence-versions/
https://www.bleepingcomputer.com/news/security/atlassian-warns-of-critical-rce-flaw-in-older-confluence-versions/
لیست تاپ 10 c2 هایی که به صورت دیفالت استفاده میشوند مشخص نیست TA یا Red teamer
https://blog.shodan.io/deep-dive-malware-hunter/
اگر میخوایند دید بگیرید c2 ها چطوری میشه شناسایی کرد
https://howto.thec2matrix.com/detection/ja3-ja3s-hashes
https://howto.thec2matrix.com/detection/jarm
https://blog.shodan.io/deep-dive-malware-hunter/
اگر میخوایند دید بگیرید c2 ها چطوری میشه شناسایی کرد
https://howto.thec2matrix.com/detection/ja3-ja3s-hashes
https://howto.thec2matrix.com/detection/jarm
وبسایت tweetfeed.live دوباره قابل دسترس شد و کلیه IOC که در تویتتر به اشتراک گذاشته میشود از طریق این سایت قابل دسترس همچنین با opencti سازگار است.
https://tweetfeed.live/
https://tweetfeed.live/
لیست ابزارهای امنیت تهاجمی و تدافعی لینوکسی
پ.ن : تو مصاحبه ها از این ابزارها خیلی سوال میشه
پ.ن : تو مصاحبه ها از این ابزارها خیلی سوال میشه
مایکروسافت دوباره مورد نفوذ قرار گرفت 6 ماه پیش توسط APT چینی و اکنون APT روسی
نفوذ در نوامبر 2023 صورت گرفته
شناسایی در 12 ژانویه 2024
نحوه نفوذ بروت فورس روی اکانتهای قدیمی که به ایمیلها دسترسی داشت
پ.ن: سازمانهای تو ایران همینن کارمند میره ولی اکانت و دسترسیش هست
https://thehackernews.com/2024/01/microsofts-top-execs-emails-breached-in.html?m=1
نفوذ در نوامبر 2023 صورت گرفته
شناسایی در 12 ژانویه 2024
نحوه نفوذ بروت فورس روی اکانتهای قدیمی که به ایمیلها دسترسی داشت
پ.ن: سازمانهای تو ایران همینن کارمند میره ولی اکانت و دسترسیش هست
https://thehackernews.com/2024/01/microsofts-top-execs-emails-breached-in.html?m=1
گروه های APT چینی حداقل از ۲۰۲۱ به vcenterها کل دنیا دسترسی داشتند🤔
https://www.bleepingcomputer.com/news/security/chinese-hackers-exploit-vmware-bug-as-zero-day-for-two-years/
https://www.bleepingcomputer.com/news/security/chinese-hackers-exploit-vmware-bug-as-zero-day-for-two-years/
BleepingComputer
Chinese hackers exploit VMware bug as zero-day for two years
A Chinese hacking group has been exploiting a critical vCenter Server vulnerability (CVE-2023-34048) as a zero-day since at least late 2021.
Analysis_of_2023_Global_CTI_Reports.pdf
6.6 MB
ThreatScape: Analysis of 2023 Global CTI reports by ctm360
ابزارهای اوسینت + هوش تهدید:
https://start.me/p/DPYPMz/the-ultimate-osint-collection
https://start.me/p/wMrA5z/cyber-threat-intelligence
https://blog.peneter.com/cti-1/
https://www.soheilsec.com/%d9%88%d8%b1%d9%88%d8%af-%d8%a8%d9%87-%d8%af%d9%86%db%8c%d8%a7%db%8c-%d9%87%d9%88%d8%b4-%d8%aa%d9%87%d8%af%db%8c%d8%af-%d8%b3%d8%a7%db%8c%d8%a8%d8%b1%db%8c-cyber-threat-intelligence/
پ.ن : اوسینت تکنیک بدست آوردن اطلاعات خام از سطوح مختلف وب هست و اطلاعاتی که به امنیت سازمان میتونه کمک بکنه هوش تهدید هست
https://start.me/p/DPYPMz/the-ultimate-osint-collection
https://start.me/p/wMrA5z/cyber-threat-intelligence
https://blog.peneter.com/cti-1/
https://www.soheilsec.com/%d9%88%d8%b1%d9%88%d8%af-%d8%a8%d9%87-%d8%af%d9%86%db%8c%d8%a7%db%8c-%d9%87%d9%88%d8%b4-%d8%aa%d9%87%d8%af%db%8c%d8%af-%d8%b3%d8%a7%db%8c%d8%a8%d8%b1%db%8c-cyber-threat-intelligence/
پ.ن : اوسینت تکنیک بدست آوردن اطلاعات خام از سطوح مختلف وب هست و اطلاعاتی که به امنیت سازمان میتونه کمک بکنه هوش تهدید هست
Start.me
The Ultimate OSINT Collection - Start.me
A collection of the very best OSINT related materials, resources, trainings, guides, sites, tool collections, and more.
گنجشک درنده(اسرائیل) از 2021 تا الان
2021: Train Chaos
2021: Gas Station Paralysis
2022: Steel Mill Meltdown
2023: Gas Station Paralysis, Redux
https://www.wired.com/story/predatory-sparrow-cyberattack-timeline/
2021: Train Chaos
2021: Gas Station Paralysis
2022: Steel Mill Meltdown
2023: Gas Station Paralysis, Redux
https://www.wired.com/story/predatory-sparrow-cyberattack-timeline/
WIRED
How a Group of Israel-Linked Hackers Has Pushed the Limits of Cyberwar
From repeatedly crippling thousands of gas stations to setting a steel mill on fire, Predatory Sparrow’s offensive hacking has now targeted Iranians with some of history's most aggressive cyberattacks.