RedTeam Tactics
1. Inside the Mind of a Cyber Attacker:
from Malware creation to Data Exfiltration
https://blog.hacktivesecurity.com/index.php/2023/06/05/inside-the-mind-of-a-cyber-attacker-from-malware-creation-to-data-exfiltration-part-1
2. Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
https://github.com/ZeroMemoryEx/Terminator
3. An old Windows workstations LPE for domain environments without LDAP signing/channel binding
https://github.com/BronzeBee/DavRelayUp

@Engineer_Computer

tools
Blue Team Techniques
VMClarity - tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and security threats
https://github.com/openclarity/vmclarity

@Engineer_Computer

Full Memory Crash Dumps vs. Raw Dumps: Which Is Best for Memory Analysis for Incident Response ? - Magnet Forensics
https://www.magnetforensics.com/blog/full-memory-crash-dumps-vs-raw-dumps-which-is-best-for-memory-analysis-for-incident-response/


@Engineer_Computer

Sec code review
Source Code Audit on simplejson for Open Source Technology Improvement Fund (OSTIF): Final Report and Management Summary 2023.

@Engineer_Computer

Red Team Guide
Hi everyone! This guide is dedicated to all new and upcoming cybersecurity engineers who are seeking help and support. It's also for experienced engineers looking to sharpen their skills and for the Blue Team, who keep our environments safe from malicious actors. As someone who has faced the challenges of this field, I know how tough it can be to start from scratch and have no guidance on what to look for or how to understand a technique.
That's why I created this guide and as why I created Red Team Notes - to provide you with a roadmap for navigating the complex and ever-changing world of cybersecurity. I put a lot of effort and heart into creating this resource, using my own experiences and insights, as well as the knowledge and wisdom of others in the field. I hope it helps you as much as it has helped me. If you can support me in any way, I would deeply appreciate it.
https://www.buymeacoffee.com/dmcxblue

@Engineer_Computer

Techbook
CloudSecurity
Security as Code:
DevSecOps Patterns with AWS 2023.


-Cyber Security awareness-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.03.20
@Engineer_Computer

tools
Research
"AIBugHunter: A Practical Tool for Predicting, Classifying and Repairing Software Vulnerabilities", 2023
https://github.com/awsm-research/aibughunter

@Engineer_Computer

tools
Red Team Tactics
1. Abusing ADSI for password retrieval
https://www.tarlogic.com/blog/linked-servers-adsi-passwords
2. XAttacker Tool PRO V30 Website Vulnerability Scanner & Auto Exploiter
https://github.com/Moham3dRiahi/XAttackProV30

@Engineer_Computer

info
Common Vulnerability Scoring System (CVSS) version 4.0
]-> Guide: https://www.first.org/cvss/v4.0/user-guide
]-> Calculator: https://www.first.org/cvss/calculator/4.0
]-> Specification: https://www.first.org/cvss/v4.0/specification-document

@Engineer_Computer

Cyber risk is calculated by considering the identified security threat, its degree of vulnerability, and the likelihood of exploitation. At a high level, this can be quantified as follows:
Cyber risk = Threat x Vulnerability x Information Value

In the newly revised How to Measure Anything in Cybersecurity Risk, Second Edition, a pioneering information security professional and a leader in quantitative analysis methods delivers yet another eye-opening text applying the quantitative language of risk analysis to cybersecurity. In the book, the authors demonstrate how to quantify uncertainty and shed light on how to measure seemingly intangible goals. It's a practical guide to improving risk assessment with a straightforward and simple framework.

How to Measure Anything in Cybersecurity Risk
Second Edition
DOUGLAS W. HUBBARD
RICHARD SEIERSEN
Logo: Wiley
Copyright © 2023 by John Wiley & Sons, Inc. All rights reserved.
https://lnkd.in/euz7HM8Y

-Business Secure Continuity-
1402.03.21
#cybersecurity #job #training #help #university #future #security #business #sansinstitute #eccouncil #iso22301 #nistcybersecurityframework #isaca #cissp
#isc2 #redteam #blueteam #csirt #forensics #splunksecurity #siem #otsecurity

@Engineer_Computer

Researchers have uncovered a new flaw (CVE-2023-28299) in the Microsoft Visual Studio installer that could allow attackers to impersonate trusted publishers and distribute malicious extensions.
Read details:
https://thehackernews.com/2023/06/researchers-uncover-publisher-spoofing.html

@Engineer_Computer

⚠️ Urgent: A new critical RCE security #vulnerability (CVE-2023-27997) in FortiGate firewalls has been discovered. Update to the latest versions to secure your network against potential remote code execution.
Read details:
https://thehackernews.com/2023/06/critical-rce-flaw-discovered-in.html…

#infosec #cybersecurity

@Engineer_Computer

Hackers are actively exploiting the latest Fortinet's FortiOS and FortiProxy flaw, targeting government, manufacturing, and critical infrastructure sectors.
Learn more:
https://thehackernews.com/2023/06/critical-fortios-and-fortiproxy.html
Take immediate action and update to the latest firmware now!

@Engineer_Computer

#ProgrammingLanguage

The most common programming languages ​​since 2000


-Business Secure Continuity-
1402.03.23
#cybersecurity #job #training #university #future #security #business #sansinstitute #eccouncil #iso22301 #nistcybersecurityframework #isaca #cissp
#isc2 #redteam #blueteam #csirt #forensics #splunksecurity #siem #otsecurity
#tenable #nessus #ibm #emc #vmware #pentesting #eccouncil #sans #microsoft #cisco #ise

https://www.linkedin.com/posts/diyako-secure-bow_programminglanguage-cybersecurity-job-activity-7074428330229293056-52kk?utm_source=share&utm_medium=member_ios

@Engineer_Computer

چهارشنبه ۲۴ خرداد، ساعت ۱۹ می‌تونین از یوتیوب من «وبینار LPI در ایران» رو ببینین. گپی می‌زنیم در مورد این موسسه و سعی می‌کنیم با خبر «بالاخره بازم می‌شه تو ایران مدرک گرفت» شما رو سورپرایز (شادهول) کنیم و سوال‌ها رو جواب می‌دیم.

یوتیوب من: https://www.youtube.com/jadimirmirani
اطلاعات بیشتر:
https://gandotech.com/fa/events/%D9%88%D8%A8%DB%8C%D9%86%D8%A7%D8%B1-lpi-%D8%AF%D8%B1-%D8%A7%DB%8C%D8%B1%D8%A7%D9%86

SOC-CMM version 2.3 released!

The lastest version of the SOC-CMM (2.3) is now available for download. The most relevant changes for this version are:
- Technology section completely renewed and is now based on the visibility triad, augmented with SOAR
- Additional questions in the SOC management section on quality assurance, continuous improvement and achitecture within the SOC
- Many fixes and enhancements for guidance and question types
- Several sections simplified and optimized to provide a better assessment flow
- Navigation and calculation improvements

Download the new version today from the downloads page:
https://lnkd.in/eYmSybMJ

@Engineer_Computer

Proof of concept exploit for CVE-2023-2008, a bug in the udmabuf driver of the Linux kernel fixed in 5.19-rc4.
You can find a description of the bug and the exploitation strategy in our blog post.


@Engineer_Computer

مدل PassGPT مي تواند كلمه هاي عبور را پيدا كند.
#PassGPT
@Engineer_Computer

🕷CVE-2023-29336 : Win32k -  Privilege Escalation
POC : https://github.com/m-cetin/CVE-2023-29336
POC : https://github.com/numencyber/Vulnerability_PoC/blob/main/CVE-2023-29336/poc.cpp
Analysis : https://www.numencyber.com/cve-2023-29336-win32k-analysis/

@Engineer_Computer

Kaspersky Unified Monitoring and Analysis Platform

   کسپرسکی بالاخره محصول SIEM خودش رو در سبد فروش جهانی قرار داد و این محصول به زودی وارد بازار ایران میشه. این محصول که به KUMA معروفه در کنار قابلیت های خیره کننده ای که داره نکات کلیدی ای هم داره که فکر می کنم می تونه خودش رو به عنوان یکی از پرچم داران این حوزه معرفی کنه.  

@Engineer_Computer