Forwarded from Sys-Admin InfoSec
🚀 Open SysConf'23 - Run of the day на 16 Сентября 🐴
Да пребудет с тобой Сила - тому кто стремиться давать знания и знать больше 🙌
Регистрируйся на трансляцию прямо сейчас и стань частью уникальной встречи
📢 . Целый день, где:
✨
✨
Alpha-расписание докладов:
🔸 https://sysconf.io/ru/#schedule
Не упусти возможность для личного и профессионального роста!
Ждем именно тебя🔥
Да пребудет с тобой Сила - тому кто стремиться давать знания и знать больше 🙌
Регистрируйся на трансляцию прямо сейчас и стань частью уникальной встречи
✨
9:15-10:00: Начнем со встречи с участниками и регистрации ✨
19:00-19:20: Окончание трансформации сознания, после совместного общенияAlpha-расписание докладов:
Не упусти возможность для личного и профессионального роста!
Ждем именно тебя
Please open Telegram to view this post
VIEW IN TELEGRAM
Youtube
- YouTube
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
New Attack Vector In The Cloud: Attackers caught exploiting Object Storage Services
MinIO under attack 🔫
— https://www.securityjoes.com/post/new-attack-vector-in-the-cloud-attackers-caught-exploiting-object-storage-services
MinIO under attack 🔫
— https://www.securityjoes.com/post/new-attack-vector-in-the-cloud-attackers-caught-exploiting-object-storage-services
VMWare Aria Operations For Networks Static SSH Key RCE
CVE-2023-34039 Exploit:
— https://summoning.team/blog/vmware-vrealize-network-insight-rce-cve-2023-34039/
CVE-2023-34039 Exploit:
— https://summoning.team/blog/vmware-vrealize-network-insight-rce-cve-2023-34039/
Summoning Team
VMWare Aria Operations for Networks Static SSH key RCE
VMWare Aria Operations for Networks Static SSH key RCE (CVE-2023-34039)
6 free resources for getting started in cybersecurity
https://www.helpnetsecurity.com/2023/09/05/free-resources-getting-started-in-cybersecurity/
https://www.helpnetsecurity.com/2023/09/05/free-resources-getting-started-in-cybersecurity/
Help Net Security
6 free resources for getting started in cybersecurity
Cybersecurity is not just a career field on the rise - it's a calling that's increasingly vital to the infrastructure of our world. But stepping into the
Exposing_and_Addressing_Security_Vulnerabilities_in_Browser_Text.pdf
1.2 MB
Exposing and Addressing Security Vulnerabilities in Browser Text Input Fields
TLP CLEAR -DDOS Mitigations Guidance_508c.pdf
464.4 KB
DDoS mitigation guidance from CISA
AppSec_Interview_QA.pdf
199.9 KB
Application Security Questions and Answers
Improving the stealthiness of memory injections techniques
— https://www.naksyn.com/edr%20evasion/2023/06/01/improving-the-stealthiness-of-memory-injections.html
— https://www.naksyn.com/edr%20evasion/2023/06/01/improving-the-stealthiness-of-memory-injections.html
Naksyn’s blog
Improving the stealthiness of memory injections techniques
A journey in improving Module Stomping and Module Overloading injection technique, ending up evading Moneta and PE-Sieve
Threat Actors Target MSSQL Servers in...
https://www.securonix.com/blog/securonix-threat-labs-security-advisory-threat-actors-target-mssql-servers-in-dbjammer-to-deliver-freeworld-ransomware/
https://www.securonix.com/blog/securonix-threat-labs-security-advisory-threat-actors-target-mssql-servers-in-dbjammer-to-deliver-freeworld-ransomware/
Securonix
Securonix Threat Labs Security Advisory: Threat Actors Target MSSQL Servers in DB#JAMMER to Deliver FreeWorld Ransomware
Socomec MOD3GP-SY-120K
Successful exploitation of these vulnerabilities could allow an attacker to execute malicious Javanoscript code, obtain sensitive information, or steal session cookies.
https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03
Successful exploitation of these vulnerabilities could allow an attacker to execute malicious Javanoscript code, obtain sensitive information, or steal session cookies.
https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03
Technical Analysis of HijackLoader
A new evasive malware downloader with a modular architecture:
— The loader is being leveraged to drop numerous malware families, including Danabot, SystemBC, and RedLine Stealer, amplifying its potential threat.
— HijackLoader utilizes syscalls to evade monitoring from security solutions, detects specific processes based on an embedded blocklist, and delays code execution at different stages.
— The malware uses embedded modules that facilitate flexible code injection and execution - a feature uncommon among traditional loaders..:
— https://www.zscaler.com/blogs/security-research/technical-analysis-hijackloader
A new evasive malware downloader with a modular architecture:
— The loader is being leveraged to drop numerous malware families, including Danabot, SystemBC, and RedLine Stealer, amplifying its potential threat.
— HijackLoader utilizes syscalls to evade monitoring from security solutions, detects specific processes based on an embedded blocklist, and delays code execution at different stages.
— The malware uses embedded modules that facilitate flexible code injection and execution - a feature uncommon among traditional loaders..:
— https://www.zscaler.com/blogs/security-research/technical-analysis-hijackloader
Zscaler
HijackLoader | ThreatLabz
HijackLoader | Learn its tactics, evasion techniques, and modular architecture in our in-depth analysis.
Bypassing Windows Defender And Ppl Protection With Pplblade To Dump Lsass Without Detection
— https://tacticaladversary.io/adversary-tactics/bypass-defender-and-ppl-protection-to-dump-lsass/
— https://tacticaladversary.io/adversary-tactics/bypass-defender-and-ppl-protection-to-dump-lsass/
tacticaladversary.io
Bypassing Windows Defender and PPL Protection to dump LSASS without Detection | Adversary Tactics and Tradecraft | Tactical Adversary
Bypassing Windows Defender and PPL Protection with PPLBlade to dump LSASS without Detection.
Forwarded from Sys-Admin InfoSec
🚀 Присоединяйся к Open SysConf в эту субботу, как все будет
Уверен - будет позитивно и полезно.
🔹 Кто удаленно - Присоединяйся онлайн, будь вместе с нами.
🔹 Кто оффлайн - Встретимся в офисе команды Kolesa Team.
Начнем с базовых вещей, продолжим в low level практике, закончим на ноте размышлений - доклады и расписание.
Соберутся специалисты и уверен - хорошие люди из Алматы, Астаны, других городов РК, соседних государств. Встреча обещает пройти в многостороннем общении, обновлении круга знакомств и новых знаний 🤜🤛
Бери хорошее настроение, желание развития, открывай глаза, настораживай уши, готовь голосовой аппарат и уверенность в том, что все будет хорошо! Be connected on Open SysConf.io🐴
Всем Peace ✌️
Уверен - будет позитивно и полезно.
Начнем с базовых вещей, продолжим в low level практике, закончим на ноте размышлений - доклады и расписание.
Соберутся специалисты и уверен - хорошие люди из Алматы, Астаны, других городов РК, соседних государств. Встреча обещает пройти в многостороннем общении, обновлении круга знакомств и новых знаний 🤜🤛
Бери хорошее настроение, желание развития, открывай глаза, настораживай уши, готовь голосовой аппарат и уверенность в том, что все будет хорошо! Be connected on Open SysConf.io
Всем Peace ✌️
Please open Telegram to view this post
VIEW IN TELEGRAM
Youtube
- YouTube
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
Critical CVE-2023-4863: Heap buffer overflow in WebP in Chrome
Need to path:
— https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html
Need to path:
— https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html
Chrome Releases
Stable Channel Update for Desktop
The Stable and Extended stable channels has been updated to 116.0.5845.187 for Mac and Linux and 116.0.5845.187/.188 for Windows, which will...
Бэкдор во Free Download Manager — возможная атака на Linux через цепочку поставок
— https://securelist.ru/backdoored-free-download-manager-linux-malware/107924/
Title in En: Backdoor in Free Download Manager - Possible Supply Chain Attack on Linux
— https://securelist.ru/backdoored-free-download-manager-linux-malware/107924/
Title in En: Backdoor in Free Download Manager - Possible Supply Chain Attack on Linux
securelist.ru
Зараженный Free Download Manager распространяет бэкдор для Linux
Исследователи «Лаборатории Касперского» проанализировали бэкдор для Linux, распространявшийся с бесплатным ПО Free Download Manager и остававшийся незамеченным в течение не менее трех лет.
Container Security Checklist: From the image to the workload
— https://github.com/krol3/container-security-checklist
— https://github.com/krol3/container-security-checklist
GitHub
GitHub - krol3/container-security-checklist: Checklist for container security - devsecops practices
Checklist for container security - devsecops practices - krol3/container-security-checklist
Malware and Reverse Engineering Complete Collection by Joas
Big collection with - Anonymizers, Honeypots, Open Source TI, Detection and Classification, Online Scanners and Sandboxes and more and more 🙂
🔹 https://github.com/CyberSecurityUP/Awesome-Malware-and-Reverse-Engineering
Big collection with - Anonymizers, Honeypots, Open Source TI, Detection and Classification, Online Scanners and Sandboxes and more and more 🙂
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - CyberSecurityUP/Awesome-Malware-and-Reverse-Engineering
Contribute to CyberSecurityUP/Awesome-Malware-and-Reverse-Engineering development by creating an account on GitHub.