Как чувство осознанности может повлиять на безопасность жизни?
Мое интервью на тему кибербезопасности, как можно обезопасить себя, свое окружение, следить за собой - быть осторожным.
Отдельное спасибо хочу выразить авторам проекта Commutator Казахстан - Узлу связи между государством, бизнесом, обществом и масс-медиа и в частности Татьяне Бендзь за интересно поднятую тему.
Как вести себя с умными колонками, что делать нашим бабушкам и дедушкам в эпоху цифровизации, что такое OpenBLD.net и зачем существует этот проект.
Приятного и полезного просмотра (титры на Казахском, Русском языках присутствуют):
- https://youtu.be/MxWD1N0Bmv8?si=nSmTxUH_AAzsng-5
Детали проекта Commutator о чем он, множество других интересных интервью можно посмотреть на официальном сайте проекта:
- https://commutator.tilda.ws/
Мое интервью на тему кибербезопасности, как можно обезопасить себя, свое окружение, следить за собой - быть осторожным.
Отдельное спасибо хочу выразить авторам проекта Commutator Казахстан - Узлу связи между государством, бизнесом, обществом и масс-медиа и в частности Татьяне Бендзь за интересно поднятую тему.
Как вести себя с умными колонками, что делать нашим бабушкам и дедушкам в эпоху цифровизации, что такое OpenBLD.net и зачем существует этот проект.
Приятного и полезного просмотра (титры на Казахском, Русском языках присутствуют):
- https://youtu.be/MxWD1N0Bmv8?si=nSmTxUH_AAzsng-5
Детали проекта Commutator о чем он, множество других интересных интервью можно посмотреть на официальном сайте проекта:
- https://commutator.tilda.ws/
YouTube
Как защитить себя в интернете: кибербезопасность и искусственный интеллект (қазақша субтитрлер)
Почти 15 тысяч кибератак было зарегистрировано в казнете за первые три месяца 2024-го. За аналогичный период прошлого года их было всего 4,3 тысячи. То есть, за год количество кибератак выросло втрое. Такой статистикой недавно поделился ресурс factcheck.kz…
A technical look at a threat
actor’s ever-evolving tools and
tactics
https://blogapp.bitdefender.com/labs/content/files/2024/05/Bitdefender-Report-DeepDive-creat7721-en_EN.pdf
actor’s ever-evolving tools and
tactics
https://blogapp.bitdefender.com/labs/content/files/2024/05/Bitdefender-Report-DeepDive-creat7721-en_EN.pdf
Terraform Beginners Guide and Demos to Practice
https://github.com/venkateshk111/terraform-beginners-guide
https://github.com/venkateshk111/terraform-beginners-guide
GitHub
GitHub - venkateshk111/terraform-beginners-guide: Terraform Beginners Guide and Demos to Practice
Terraform Beginners Guide and Demos to Practice. Contribute to venkateshk111/terraform-beginners-guide development by creating an account on GitHub.
Freeway is a Python scapy-based tool for WiFi penetration that aim to help ethical hackers and pentesters develop their skills and knowledge in auditing and securing home or enterprise networks.
https://github.com/FLOCK4H/Freeway
https://github.com/FLOCK4H/Freeway
Disrupting FlyingYeti's campaign
FlyingYeti is the cryptonym given by Cloudforce One to the threat group behind this phishing campaign, which overlaps with UAC-0149 activity tracked by CERT-UA in February and April 2024.
https://blog.cloudflare.com/disrupting-flyingyeti-campaign-targeting-ukraine
FlyingYeti is the cryptonym given by Cloudforce One to the threat group behind this phishing campaign, which overlaps with UAC-0149 activity tracked by CERT-UA in February and April 2024.
https://blog.cloudflare.com/disrupting-flyingyeti-campaign-targeting-ukraine
The Cloudflare Blog
Disrupting FlyingYeti's campaign targeting Ukraine
In April and May 2024, Cloudforce One employed proactive defense measures to successfully prevent Russia-aligned threat actor FlyingYeti from launching their latest phishing campaign targeting Ukraine.
Chrome Manifest v2 RIP coming soon . Google has set the first date for getting rid of the manifest for this version.
Starting on June 3 on the Chrome Beta, Dev and Canary channels, if users still have Manifest V2 extensions installed, some will start to see a warning banner when visiting their extension management page..:
https://blog.chromium.org/2024/05/manifest-v2-phase-out-begins.html
Starting on June 3 on the Chrome Beta, Dev and Canary channels, if users still have Manifest V2 extensions installed, some will start to see a warning banner when visiting their extension management page..:
https://blog.chromium.org/2024/05/manifest-v2-phase-out-begins.html
Chromium Blog
Manifest V2 phase-out begins
Update (10/10/2024): We’ve started disabling extensions still using Manifest V2 in Chrome stable. Read more details in the MV2 support ...
Confluence Data Center and Server Remote Code Execution Vulnerability
Technical Overview:
https://blog.sonicwall.com/en-us/2024/05/confluence-data-center-and-server-remote-code-execution-vulnerability/
Technical Overview:
https://blog.sonicwall.com/en-us/2024/05/confluence-data-center-and-server-remote-code-execution-vulnerability/
Hacking Millions of Modems (and Investigating Who Hacked My Modem)
Big story with step by step examples..:
https://samcurry.net/hacking-millions-of-modems
Big story with step by step examples..:
https://samcurry.net/hacking-millions-of-modems
samcurry.net
Hacking Millions of Modems (and Investigating Who Hacked My Modem)
Two years ago, something very strange happened to me while working from my home network. I was exploiting a blind XXE vulnerability that required an external HTTP server to smuggle out files, so I spun up an AWS box and ran a simple Python webserver to receive…
Bypass Windows Defender 2024 - Windows Cyber Security
Video. The video provides a step-by-step demonstration on modifying the source code of the FilelessPELoader project, resulting in the loader being undetected by Windows Defender:
- https://youtu.be/NmB2MPAafTo?si=yEotdtVzYUmFYdC7
Video. The video provides a step-by-step demonstration on modifying the source code of the FilelessPELoader project, resulting in the loader being undetected by Windows Defender:
- https://youtu.be/NmB2MPAafTo?si=yEotdtVzYUmFYdC7
YouTube
Bypass Windows Defender 2024 - Windows Cyber Security
Be better than yesterday
In this video, we will be demonstrating how we can bypass the latest Windows Defender on a fully updated Windows 11 machine.
The video provides a step-by-step demonstration on modifying the source code of the FilelessPELoader project…
In this video, we will be demonstrating how we can bypass the latest Windows Defender on a fully updated Windows 11 machine.
The video provides a step-by-step demonstration on modifying the source code of the FilelessPELoader project…
What’s Going on With Check Point (CVE-2024-24919)?
https://www.greynoise.io/blog/whats-going-on-with-checkpoint-cve-2024-24919
https://www.greynoise.io/blog/whats-going-on-with-checkpoint-cve-2024-24919
www.greynoise.io
What’s Going on With Check Point (CVE-2024-24919)? | GreyNoise Blog
Find out more about CVE-2024-24919, a zero-day vulnerability in Check Point's Network Security gateway products that threat actors are exploiting in the wild.
Noodle RAT: Reviewing the Backdoor
https://www.trendmicro.com/en_us/research/24/f/noodle-rat-reviewing-the-new-backdoor-used-by-chinese-speaking-g.html
https://www.trendmicro.com/en_us/research/24/f/noodle-rat-reviewing-the-new-backdoor-used-by-chinese-speaking-g.html
Trend Micro
Noodle RAT Reviewing the Backdoor Used by Chinese-Speaking Groups
This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime.
/ Dipping into Danger: The WARMCOOKIE backdoor
https://www.elastic.co/security-labs/dipping-into-danger
https://www.elastic.co/security-labs/dipping-into-danger
www.elastic.co
Dipping into Danger: The WARMCOOKIE backdoor — Elastic Security Labs
Elastic Security Labs observed threat actors masquerading as recruiting firms to deploy a new malware backdoor called WARMCOOKIE. This malware has standard backdoor capabilities, including capturing screenshots, executing additional malware, and reading/writing…
Windows Wi-Fi Driver Remote Code Execution Vulnerability
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-30078
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-30078
Modern Approaches to Network Access Security-508c.pdf
503.1 KB
Modern Approaches To Network Access Security from CISA (Publication: June 18, 2024)
DejaVU - Open Source Deception Platform
Deception to detect common adversary tactics and techniques during various stages of attack lifecycle..:
https://github.com/bhdresh/Dejavu
Deception to detect common adversary tactics and techniques during various stages of attack lifecycle..:
https://github.com/bhdresh/Dejavu
GitHub
GitHub - bhdresh/Dejavu: DejaVU - Open Source Deception Framework
DejaVU - Open Source Deception Framework. Contribute to bhdresh/Dejavu development by creating an account on GitHub.
Fickle Stealer Distributed via Multiple Attack Chain
https://www.fortinet.com/blog/threat-research/fickle-stealer-distributed-via-multiple-attack-chain
https://www.fortinet.com/blog/threat-research/fickle-stealer-distributed-via-multiple-attack-chain
Fortinet Blog
Fickle Stealer Distributed via Multiple Attack Chain
FortiGuard Labs has uncovered a fresh threat, Fickle stealer, which is distributed via various strategies. Read more.…
/ Ueficanhazbufferoverflow: Widespread Impact From Vulnerability In Popular Pc And Server Firmware
https://eclypsium.com/blog/ueficanhazbufferoverflow-widespread-impact-from-vulnerability-in-popular-pc-and-server-firmware/
https://eclypsium.com/blog/ueficanhazbufferoverflow-widespread-impact-from-vulnerability-in-popular-pc-and-server-firmware/
Eclypsium | Supply Chain Security for the Modern Enterprise
UEFIcanhazbufferoverflow: Widespread Impact from Vulnerability in Popular PC and Server Firmware
Summary Eclypsium Automata, our automated binary analysis system, has identified a high impact vulnerability (CVE-2024-0762 with a reported CVSS of 7.5) in the Phoenix SecureCore UEFI firmware that runs on multiple families of Intel Core desktop and mobile…
Remote Network Latency Measurements Leak User Activity
https://snailload.com/
Paper:
https://snailload.com/snailload.pdf
https://snailload.com/
Paper:
https://snailload.com/snailload.pdf
Zyxel NAS Under Attack
The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request (CVE-2024-29973. NVD Last Modified 06/24/2024):
https://nvd.nist.gov/vuln/detail/CVE-2024-29973
Five new vulnerabilities found in Zyxel NAS devices (including code execution and privilege escalation)
Detailed research:
https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/
The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request (CVE-2024-29973. NVD Last Modified 06/24/2024):
https://nvd.nist.gov/vuln/detail/CVE-2024-29973
Five new vulnerabilities found in Zyxel NAS devices (including code execution and privilege escalation)
Detailed research:
https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/
Outpost24
Five new vulnerabilities found in Zyxel NAS devices (including code execution and privilege escalation)
How Outpost24’s vulnerability research team found five vulnerabilities in Zyxel NAS devices.