یکی از پیامدهای آلوده شدن سیستم به بدافزار (hashtag#Malware)، امکان ایجاد تغییراتی در فایلها و فولدرهای سیستم توسط کدهای مخرب است. برای تحلیل زنده (Live Analysis) سیستمهای آلوده، یک روش مؤثر صحتسنجی فایلها و فولدرها به کمک ابزارهایی مانند:
این ابزارها تغییرات ایجادشده را شناسایی میکنند و تحلیل دقیقی ارائه میدهند.
اگر دسترسی به ابزارهای تخصصی فوق وجود ندارد، ابزار داخلی Windows به نام Sigverif میتواند برای بررسی تغییرات در فایلهای سیستمی مورد استفاده قرار گیرد.
#CyberSecurity #MalwareAnalysis #FileIntegrity #ThreatDetection #WindowsTools #SystemSecurity #Sigverif #Tripwire #NetwrixAuditor #ITSecurity
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2
SOC ANALYST.pdf
2.4 MB
🌐 What is a Security Operations Center (SOC)?
A SOC is the frontline of cybersecurity, where teams monitor, detect, and respond to threats in real-time. It’s the beating heart of an organization’s defense strategy! 💻
💡 Why should you learn about SOC?
✔️ 24/7 Threat Monitoring: Stay ahead of potential breaches.
✔️ Incident Response Expertise: Act swiftly and effectively during attacks.
✔️ Proactive Defense: Mitigate risks before they escalate.
✔️ Career Growth: SOC skills are in high demand in the cybersecurity industry!
📚 Want to enhance your skills and explore the SOC framework?
#SOC #Cybersecurity #InformationSecurity #IncidentResponse #ThreatDetection #NetworkSecurity #TechCareers #CyberDefense #ITSecurity #TechCommunity
Please open Telegram to view this post
VIEW IN TELEGRAM
👍1
What We’re Looking For:
• Experience +3 years (Must)
• Network and Infrastructure
• Active Directory penetration testing.
• Advanced web penetration testing skills.
• Experienced in testing web-based APIs (i.e. REST, SOAP, GraphQL)
• Ability to perform a secure code review and a solid understanding of web app programming languages and frameworks (PHP, Java, JavaScript, Node.JS).
• Experienced in Mobile penetration testing.
• Experienced in Desktop penetration testing.
• Experienced in ATM & ITM penetration testing.
• Knowledge of vulnerability management.
• Perform vulnerability assessments/remediation consulting.
• Good time management and organizational skills to meet client deadlines.
• Ethical integrity is to be trusted with highly confidential information.
• The ability to think laterally and 'outside the box'.
• Teamwork skills, to support colleagues and share techniques.
• Exceptional analytical and problem-solving skills and the persistence to apply different techniques to get the job done.
• Good English proficiency.
• Advanced reporting skills.
• Certified in one or more:(OSWE, OSCP, CRTO, CRTE, eWPTX, eCPTX, eMAPT, eCPPT or equivalent)
Apply Here: https://www.careers-page.com/isec/job/QY753Y59
#iSec #HiringCyberSecurity #CyberSecurity
Please open Telegram to view this post
VIEW IN TELEGRAM
Manatal
Senior Cyber Security Engineer - ISEC | Career Page
Hiring Senior Cyber security Engineer Experience +3
years ( Must ) and if you submit with less than 3 years your cv will be rejected.
Qualification and skills
Network and InfrastructureActive Directory penetration testing.Advanced web penetration testing…
years ( Must ) and if you submit with less than 3 years your cv will be rejected.
Qualification and skills
Network and InfrastructureActive Directory penetration testing.Advanced web penetration testing…
❤1👍1🔥1
· Attack-Defense - https://attackdefense.com
· Alert to win - https://alf.nu/alert1
· Buffer Overflow Labs - https://github.com/CyberSecurityUP/Buffer-Overflow-Labs
· CryptoHack - https://cryptohack.org/
· CMD Challenge - https://cmdchallenge.com
· Cyberdefenders - https://cyberdefenders.org/blueteam-ctf-challenges/
· Damn Vulnerable Repository - https://encurtador.com.br/ge2Rp
· Defend The Web - https://defendtheweb.net/
· Exploitation Education - https://exploit.education
· Google CTF - https://capturetheflag.withgoogle.com/
· HackTheBox - https://www.hackthebox.com
· Hacker101 - https://ctf.hacker101.com
· Hacking-Lab - https://hacking-lab.com/
· ImmersiveLabs - https://immersivelabs.com
· Infinity Learning CWL - https://cyberwarfare.live/infinity-learning/
· LetsDefend- https://letsdefend.io/
· NewbieContest - https://www.newbiecontest.org/
· OverTheWire - https://overthewire.org
· Practical Pentest Labs - https://practicalpentestlabs.com/
· Pentestlab - https://pentesterlab.com
· Penetration Testing Practice Labs - https://www.amanhardikar.com/mindmaps/Practice.html
· PentestIT LAB - https://lab.pentestit.ru
· PicoCTF - https://picoctf.com
· PWNABLE - https://pwnable.kr/play.php
· Root-Me - https://www.root-me.org
· Red Team Exercises - https://github.com/CyberSecurityUP/Red-Team-Exercises
· Root in Jail - https://rootinjail.com
· SANS Challenger - https://www.holidayhackchallenge.com/
· SmashTheStack - https://smashthestack.org/wargames.html
· The Cryptopals Crypto Challenges - https://cryptopals.com
· Try Hack Me - https://tryhackme.com
· Vulnhub - https://www.vulnhub.com
· Vulnmachine - https://www.vulnmachines.com/
· W3Challs - https://w3challs.com
· WeChall - https://www.wechall.net
· Websploit - https://websploit.org/
· Zenk-Security - https://www.zenk-security.com/
Did I forget a lab? comment there
#ctf #pentest #redteam #blueteam #hacking #informationsecurity #cybersecurity
Please open Telegram to view this post
VIEW IN TELEGRAM
lnkd.in
LinkedIn
This link will take you to a page that’s not on LinkedIn
❤5🤩2🎉1
🔴 اون دسته از سازمان هایی که کریو کنترل استفاده میکنن حتما بخونن! دسترسی به فایروال با حملات RCE با یک کلیک در Kerio Control UTM
محققان مجموعه ای بحرانی از آسیبپذیریهای HTTP Response Splitting را در Kerio Control که یک راه حل مدیریت تهدید یکپارچه (UTM) که توسط نرمافزار GFI توسعه یافته است، شناسایی کرده اند.
این تاثیرات شدید به طور بالقوه مهاجمان را قادر میسازد تا مسائل کمشدت را در حملات اجرای فرمان از راه دور با یک کلیک یا Remote Code Execution (RCE) تشدید کنند که به سیستم فایروال دسترسی روت میدهد.
این آسیبپذیریها که به عنوان CVE-2024-52875 (یا KIS-2024-07) ردیابی میشوند، نزدیک به هفت سال در نرمافزار باقی ماندهاند و نسخه های 9.2.5 تا 9.4.5 را تحت تاثیر قرار میدهند.
ساختار Kerio Control برای محافظت از شبکه ها در سراسر جهان مورد اعتماد است. طبق داده های Censys، با حدود 20000 نمونه فعال در فضای سایبری، این آسیبپذیریها تهدیدی بزرگ برای سازمانها است.
#Cybersecurity #Cyber_Attack #Kerio_Control #RCE #Firewall #Exploit #Open_Redirect #XSS #UTM #Firmware #امنیت_سایبری #حمله_سایبری #کریو #فایروال #اکسپلویت #فریمور
🔹 Share & Support Us 🔹
📱 Channel : @Engineer_Computer
محققان مجموعه ای بحرانی از آسیبپذیریهای HTTP Response Splitting را در Kerio Control که یک راه حل مدیریت تهدید یکپارچه (UTM) که توسط نرمافزار GFI توسعه یافته است، شناسایی کرده اند.
این تاثیرات شدید به طور بالقوه مهاجمان را قادر میسازد تا مسائل کمشدت را در حملات اجرای فرمان از راه دور با یک کلیک یا Remote Code Execution (RCE) تشدید کنند که به سیستم فایروال دسترسی روت میدهد.
این آسیبپذیریها که به عنوان CVE-2024-52875 (یا KIS-2024-07) ردیابی میشوند، نزدیک به هفت سال در نرمافزار باقی ماندهاند و نسخه های 9.2.5 تا 9.4.5 را تحت تاثیر قرار میدهند.
ساختار Kerio Control برای محافظت از شبکه ها در سراسر جهان مورد اعتماد است. طبق داده های Censys، با حدود 20000 نمونه فعال در فضای سایبری، این آسیبپذیریها تهدیدی بزرگ برای سازمانها است.
#Cybersecurity #Cyber_Attack #Kerio_Control #RCE #Firewall #Exploit #Open_Redirect #XSS #UTM #Firmware #امنیت_سایبری #حمله_سایبری #کریو #فایروال #اکسپلویت #فریمور
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1🤯1😢1
Infosec Standards
NIST SP 800-63B-4:
"Digital Identity Guidelines. Authentication and Authenticator Management", August 2024.
NIST SP 800-63-4:
"Digital Identity Guidelines"
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63-4.2pd.pdf
NIST SP 800-63A-4:
"Identity Proofing and Enrollment"
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63A-4.2pd.pdf
NIST SP 800-63C-4:
"Federation and Assertions"
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63C-4.2pd.pdf
National Institute of Standards and Technology (NIST)
——————————————————
#CyberSecurity #vCISO #NIST #AAA
🔹 Share & Support Us 🔹
📱 Channel : @Engineer_Computer
NIST SP 800-63B-4:
"Digital Identity Guidelines. Authentication and Authenticator Management", August 2024.
NIST SP 800-63-4:
"Digital Identity Guidelines"
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63-4.2pd.pdf
NIST SP 800-63A-4:
"Identity Proofing and Enrollment"
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63A-4.2pd.pdf
NIST SP 800-63C-4:
"Federation and Assertions"
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63C-4.2pd.pdf
National Institute of Standards and Technology (NIST)
——————————————————
#CyberSecurity #vCISO #NIST #AAA
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2👍1🔥1
Hardening
Enhanced Visibility and Hardening Guidance for Communications Infrastructure 2024.:
Network Infrastructure Security Guide, ver.1.2
https://media.defense.gov/2022/Jun/15/2003018261/-1/-1/0/CTR_NSA_NETWORK_INFRASTRUCTURE_SECURITY_GUIDE_20220615.PDF
Cisco Guide to Securing NX-OS Devices
https://sec.cloudapps.cisco.com/security/center/resources/securing_nx_os.html
Cisco IOS XE Hardening Guide, 2024
https://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-xe-16/220270-use-cisco-ios-xe-hardening-guide.html
——————————————————
#CyberSecurity #vCISO #CISA #Hardening
#SecureBusinessContinuity
🔹 Share & Support Us 🔹
📱 Channel : @Engineer_Computer
Enhanced Visibility and Hardening Guidance for Communications Infrastructure 2024.:
Network Infrastructure Security Guide, ver.1.2
https://media.defense.gov/2022/Jun/15/2003018261/-1/-1/0/CTR_NSA_NETWORK_INFRASTRUCTURE_SECURITY_GUIDE_20220615.PDF
Cisco Guide to Securing NX-OS Devices
https://sec.cloudapps.cisco.com/security/center/resources/securing_nx_os.html
Cisco IOS XE Hardening Guide, 2024
https://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-xe-16/220270-use-cisco-ios-xe-hardening-guide.html
——————————————————
#CyberSecurity #vCISO #CISA #Hardening
#SecureBusinessContinuity
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2👍1🔥1🤩1👨💻1
1736652734844.pdf
238 KB
شبیهسازی مصاحبه برای موقعیت تحلیلگر امنیت سایبری (L1، L2، L3) از پسزمینههای مختلف تکمیل شده با نمونههای رزومه ATS
#INTERVIEW #CYBERSECURITY #ANALYST #VARIOUS #SIMULATION #SOC
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2🔥2👍1👏1🤩1🕊1
𝗙𝗮𝗸𝗲 𝗣𝗮𝘀𝘀𝗽𝗼𝗿𝘁 𝗚𝗲𝗻𝗲𝗿𝗮𝘁𝗲𝗱 𝗯𝘆 𝗖𝗵𝗮𝘁𝗚𝗣𝗧 𝗕𝘆𝗽𝗮𝘀𝘀𝗲𝘀 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 !
-
A researcher used ChatGPT-4o to generate a fake passport that successfully passed a digital KYC check.
𝗧𝗵𝗲 𝗱𝗼𝗰𝘂𝗺𝗲𝗻𝘁 𝗹𝗼𝗼𝗸𝗲𝗱 𝗻𝗲𝗮𝗿𝗹𝘆 𝗶𝗱𝗲𝗻𝘁𝗶𝗰𝗮𝗹 𝘁𝗼 𝗮 𝗿𝗲𝗮𝗹 𝗼𝗻𝗲—despite lacking a chip—and highlighted a serious weakness in systems that rely only on ID photos and selfies.
-
💳 The fake passport didn’t include a chip, of course. But for services relying on just a photo ID and a selfie, like some fintech or crypto platforms… it was enough to trick the system.
⚠️This raises major concerns about identity theft, fake accounts, and credit fraud at scale.
✅ Experts recommend using NFC-based verification and eID for stronger, hardware-level authentication.
-
#CyberSecurity #KYC #AI #Fraud #IdentityTheft #Deepfakes #ChatGPT
🔹 Share & Support Us 🔹
📱 Channel : @Engineer_Computer
-
A researcher used ChatGPT-4o to generate a fake passport that successfully passed a digital KYC check.
𝗧𝗵𝗲 𝗱𝗼𝗰𝘂𝗺𝗲𝗻𝘁 𝗹𝗼𝗼𝗸𝗲𝗱 𝗻𝗲𝗮𝗿𝗹𝘆 𝗶𝗱𝗲𝗻𝘁𝗶𝗰𝗮𝗹 𝘁𝗼 𝗮 𝗿𝗲𝗮𝗹 𝗼𝗻𝗲—despite lacking a chip—and highlighted a serious weakness in systems that rely only on ID photos and selfies.
-
💳 The fake passport didn’t include a chip, of course. But for services relying on just a photo ID and a selfie, like some fintech or crypto platforms… it was enough to trick the system.
⚠️This raises major concerns about identity theft, fake accounts, and credit fraud at scale.
✅ Experts recommend using NFC-based verification and eID for stronger, hardware-level authentication.
-
#CyberSecurity #KYC #AI #Fraud #IdentityTheft #Deepfakes #ChatGPT
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2
🚀 We’re Hiring Cybersecurity Interns! Launch Your Career with Us 🚀
Are you passionate about cybersecurity and eager to learn in a real-world environment? We’re looking for driven interns who want to grow their skills and make an impact.
What We’re Looking For:
🔹 Basic Linux skills – Comfortable using the terminal, basic shell commands, and understanding file permissions
🔹 Web security fundamentals – Awareness of OWASP Top 10, HTTP/HTTPS, and common web vulnerabilities
🔹 Networking basics – Understanding TCP/IP, DNS, ports, firewalls, and proxies
🔹 Familiarity with security tools like Nmap, Wireshark, or Burp Suite
🔹 Analytical mindset – Love solving problems and reverse-engineering challenges
🔹 Self-motivated learner – Willing to learn independently and absorb new concepts quickly
🔹 Strong communicator – Able to document findings clearly and work well in a team
Internship begins on July 1st, 2025.
Location: Remote
Duration: 3 months
Opportunity to convert to a full-time employee after successful completion of the internship.
Who Can Apply:
🎓 3rd and 4th year engineering students
🎓 Students from BSc, BCA and BBA backgrounds with computer knowledge
🎓 Freshers interested in cybersecurity
If you’re ready to step into the world of cybersecurity, develop hands-on technical skills, and collaborate with passionate professionals, we want to hear from you!
Apply now and take the first step toward your cybersecurity career.
Contact us at: one@fncyber
#Cybersecurity #Internship #Hiring #Linux #Networking #WebSecurity #CareerStart #InfoSec #JoinOurTeam #fnCyber
🔹 Share & Support Us 🔹
📱 Channel : @Engineer_Computer
Are you passionate about cybersecurity and eager to learn in a real-world environment? We’re looking for driven interns who want to grow their skills and make an impact.
What We’re Looking For:
🔹 Basic Linux skills – Comfortable using the terminal, basic shell commands, and understanding file permissions
🔹 Web security fundamentals – Awareness of OWASP Top 10, HTTP/HTTPS, and common web vulnerabilities
🔹 Networking basics – Understanding TCP/IP, DNS, ports, firewalls, and proxies
🔹 Familiarity with security tools like Nmap, Wireshark, or Burp Suite
🔹 Analytical mindset – Love solving problems and reverse-engineering challenges
🔹 Self-motivated learner – Willing to learn independently and absorb new concepts quickly
🔹 Strong communicator – Able to document findings clearly and work well in a team
Internship begins on July 1st, 2025.
Location: Remote
Duration: 3 months
Opportunity to convert to a full-time employee after successful completion of the internship.
Who Can Apply:
🎓 3rd and 4th year engineering students
🎓 Students from BSc, BCA and BBA backgrounds with computer knowledge
🎓 Freshers interested in cybersecurity
If you’re ready to step into the world of cybersecurity, develop hands-on technical skills, and collaborate with passionate professionals, we want to hear from you!
Apply now and take the first step toward your cybersecurity career.
Contact us at: one@fncyber
#Cybersecurity #Internship #Hiring #Linux #Networking #WebSecurity #CareerStart #InfoSec #JoinOurTeam #fnCyber
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1🔥1🤩1🗿1