2022_Cybercrime_and_Digital_Forensics_An_Introduction_3ed_by_Holt.pdf
69.6 MB
Cybercrime and Digital Forensics. An Introduction, Third Edition by Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar, 2022
👍4
Splunk Queries for SOC Analyst, 2023
In this document, you will find a collection of useful queries to help you identify and respond to;
🔹potential security threats,
🔹failed login attempts,
🔹privilege escalation attempts,
🔹and more.
To protect themselves, Security Operations Centers (SOCs) play a crucial role in keeping a vigilant watch and defending against malicious activities. Within the SOC, quick detection and response to potential security issues are vital, and this is where Splunk, a powerful log management and analysis tool, comes into play.
These queries are designed to become a valuable ally for SOC analysts in effectively monitoring and securing their systems.
#docs
In this document, you will find a collection of useful queries to help you identify and respond to;
🔹potential security threats,
🔹failed login attempts,
🔹privilege escalation attempts,
🔹and more.
To protect themselves, Security Operations Centers (SOCs) play a crucial role in keeping a vigilant watch and defending against malicious activities. Within the SOC, quick detection and response to potential security issues are vital, and this is where Splunk, a powerful log management and analysis tool, comes into play.
These queries are designed to become a valuable ally for SOC analysts in effectively monitoring and securing their systems.
#docs
👍3🔥2
Position-independent code, Hadess, 2023
Position-independent code (PIC) is a technique used in programming to enable executable code to run at different memory addresses without modification. PIC is often used in shared libraries and dynamically loaded code modules. The key benefit of PIC is portability - the same code can run on systems with different memory layouts.
In summary, PIC is an important technique that enables code portability across systems. By avoiding absolute addresses, global offset tables, and procedure linkage tables, the same instruction sequences can execute on systems with different memory maps. PIC is widely used for shared libraries, kernel modules, just-in-time compilers, and other situations requiring relocatable code.
The article
The e-book
#reverse
Position-independent code (PIC) is a technique used in programming to enable executable code to run at different memory addresses without modification. PIC is often used in shared libraries and dynamically loaded code modules. The key benefit of PIC is portability - the same code can run on systems with different memory layouts.
In summary, PIC is an important technique that enables code portability across systems. By avoiding absolute addresses, global offset tables, and procedure linkage tables, the same instruction sequences can execute on systems with different memory maps. PIC is widely used for shared libraries, kernel modules, just-in-time compilers, and other situations requiring relocatable code.
The article
The e-book
#reverse
👍3🔥2
image_2023-11-09_13-32-45.png
287.1 KB
Main differences between TLS 1.2 and TLS 1.3
1. TLS 1.3 is faster than TLS 1.2 because it reduces the number of round trips required during the handshake process, which reduces latency and improves performance.
2. TLS 1.3 is more secure than TLS 1.2 because it uses only secure cipher suites that support forward secrecy and authenticated encryption. It also removes some insecure features such as renegotiation, compression, and static RSA and Diffie-Hellman key exchange.
3. TLS 1.3 is more resistant to attacks than TLS 1.2 because it encrypts more of the handshake, making it harder for attackers to modify or tamper with the messages. It also introduces a new feature called 0-RTT (zero round-trip time) that allows clients to send data to servers without waiting for the handshake to complete, but with some security trade-offs.
#web
1. TLS 1.3 is faster than TLS 1.2 because it reduces the number of round trips required during the handshake process, which reduces latency and improves performance.
2. TLS 1.3 is more secure than TLS 1.2 because it uses only secure cipher suites that support forward secrecy and authenticated encryption. It also removes some insecure features such as renegotiation, compression, and static RSA and Diffie-Hellman key exchange.
3. TLS 1.3 is more resistant to attacks than TLS 1.2 because it encrypts more of the handshake, making it harder for attackers to modify or tamper with the messages. It also introduces a new feature called 0-RTT (zero round-trip time) that allows clients to send data to servers without waiting for the handshake to complete, but with some security trade-offs.
#web
👍4
Registry Attack Vectors via Hadess
The Windows Registry is a centralized configuration system that stores information necessary to configure the system for one or more users, applications, and hardware devices. The data is stored in a tree structure with nodes, and each node is called a “key.” Each key can contain both subkeys and data entries (or values).
#windows
The Windows Registry is a centralized configuration system that stores information necessary to configure the system for one or more users, applications, and hardware devices. The data is stored in a tree structure with nodes, and each node is called a “key.” Each key can contain both subkeys and data entries (or values).
#windows
👍5
Исследование уровня информационной безопасности в компаниях России за 2022 год
Традиционное исследование «СёрчИнформ» о ситуации с уровнем информационной безопасности в отечественных компаниях. В нем приняли участие ИБ-специалисты более чем из 1000 организаций России.
2022 год для России стал уникальным с точки зрения информационной безопасности: беспрецедентное ужесточение регуляторики в этой области, введение новых требований к защите данных, рост кибератак на отечественные компании, дефицит ИБ-специалистов, форсирование импортозамещения – эти и многие другие факторы сказались на разработчиках и потребителях защитных решений. Потому в исследовании сделан акцент на эти аспекты.
Источник + VC + Хабр
#analytics
Традиционное исследование «СёрчИнформ» о ситуации с уровнем информационной безопасности в отечественных компаниях. В нем приняли участие ИБ-специалисты более чем из 1000 организаций России.
2022 год для России стал уникальным с точки зрения информационной безопасности: беспрецедентное ужесточение регуляторики в этой области, введение новых требований к защите данных, рост кибератак на отечественные компании, дефицит ИБ-специалистов, форсирование импортозамещения – эти и многие другие факторы сказались на разработчиках и потребителях защитных решений. Потому в исследовании сделан акцент на эти аспекты.
Источник + VC + Хабр
#analytics
🔥4😁1
Исследование_уровня_информационной_безопасности_в_компаниях_россии.pdf
7.2 MB
Исследование уровня информационной безопасности в компаниях России за 2022 год
🔥3🤔1