2022-10-13-csiac-dod-cybersecurity-policy-chart.pdf
855.2 KB
DoD Security Chart
Я не люблю, когда наполовину, или когда прервали разговор.
Я не люблю, когда стреляют в спину, я также против выстрелов в упор.
Я не люблю себя, когда я трушу. Досадно мне, когда невинных бьют.
Я не люблю, когда мне лезут в душу, тем более, когда в нее плюют...
Я не люблю, когда стреляют в спину, я также против выстрелов в упор.
Я не люблю себя, когда я трушу. Досадно мне, когда невинных бьют.
Я не люблю, когда мне лезут в душу, тем более, когда в нее плюют...
CISA Stakeholder-Specific Vulnerability Categorization Guide
https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf
https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf
Configuring private vulnerability reporting for a repository
https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository
https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository
GitHub Docs
Configuring private vulnerability reporting for a repository - GitHub Docs
Owners and administrators of public repositories can allow security researchers to report vulnerabilities securely in the repository by enabling private vulnerability reporting.
How to speed up Ansible
https://www.toptechskills.com/ansible-tutorials-courses/speed-up-ansible-playbooks-pipelining-mitogen/
https://www.toptechskills.com/ansible-tutorials-courses/speed-up-ansible-playbooks-pipelining-mitogen/
TopTechSkills.com
How to Speed Up Your Ansible Playbooks Over 600%
Can Mitogen really give a 7x speed increase, and is it any faster than good ol' pipelining? Let's put these questions to the test.
Csi_software_memory_safety.pdf
316.2 KB
NSA Guidance on How to Protect Against Software Memory Safety Issues
SharpGmailC2
Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol
https://github.com/reveng007/SharpGmailC2
Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol
https://github.com/reveng007/SharpGmailC2
GitHub
GitHub - reveng007/SharpGmailC2: Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read…
Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol - reveng007/SharpGmailC2
Phishing campaigns continue to grow more common globally, with over one million attacks observed in Q2 2022
They offer an easy and attractive way for cybercriminals to generate revenue, steal credentials and spread malware. Many sophisticated phishing kits have been developed. Some of these are sold on underground forums using a Malware-as-a-Service model, while others are used exclusively by a single threat actor group. Some cybercriminals also offer lead generation services, selling packages of clicks to fraudulent sites...
https://www.cyjax.com/app/uploads/2022/11/Fangxiao-a-Chinese-threat-actor.pdf
They offer an easy and attractive way for cybercriminals to generate revenue, steal credentials and spread malware. Many sophisticated phishing kits have been developed. Some of these are sold on underground forums using a Malware-as-a-Service model, while others are used exclusively by a single threat actor group. Some cybercriminals also offer lead generation services, selling packages of clicks to fraudulent sites...
https://www.cyjax.com/app/uploads/2022/11/Fangxiao-a-Chinese-threat-actor.pdf
Stealing passwords from infosec Mastodon - without bypassing CSP
https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp
https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp
PortSwigger Research
Stealing passwords from infosec Mastodon - without bypassing CSP
The story of how I could steal credentials on Infosec Mastodon with a HTML injection vulnerability, without needing to bypass CSP. Everybody on our Twitter feed seemed to be jumping ship to the infose
Build Apps in Deno with Frameworks such as React, Vue, Express, and more.
https://deno.com/blog/frameworks-with-npm
https://deno.com/blog/frameworks-with-npm
Deno
Build Apps in Deno with Frameworks such as React, Vue, Express, and more. | Deno
Getting started with web frameworks in npm and Deno.
Build and Deploy a Node.js Microservices Application
https://dev.to/pavanbelagatti/build-and-deploy-a-nodejs-microservices-application-2966
https://dev.to/pavanbelagatti/build-and-deploy-a-nodejs-microservices-application-2966
DEV Community
Build and Deploy a Node.js Microservices Application
When it comes to modern software development, microservices are one of the hottest trends. These...