InfoSecTube
#Interview #Cybersecurity 🔸What Is a Firewall? How Do You Set It Up? A firewall is a hardware or software network security device that monitors inbound and outbound network traffic. Firewalls, which block the flow of traffic flagged as suspicious or malicious…
#interview #technical #network #cybersecurity
🔶 IDS vs IPS vs Firewall
The main difference being that firewall performs actions such as blocking and filtering of traffic while an IPS/IDS detects and alert a system administrator or prevent the attack as per configuration.
A firewall allows traffic based on a set of rules configured. It relies on the source, the destination addresses, and the ports. A firewall can deny any traffic that does not meet the specific criteria.
IDS is a passive device which watches packets of data traversing the network, comparing with signature patterns and setting off an alarm on detection on suspicious activity. On the contrary, IPS is an active device working in inline mode and prevent the attacks by blocking it.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔶 IDS vs IPS vs Firewall
The main difference being that firewall performs actions such as blocking and filtering of traffic while an IPS/IDS detects and alert a system administrator or prevent the attack as per configuration.
A firewall allows traffic based on a set of rules configured. It relies on the source, the destination addresses, and the ports. A firewall can deny any traffic that does not meet the specific criteria.
IDS is a passive device which watches packets of data traversing the network, comparing with signature patterns and setting off an alarm on detection on suspicious activity. On the contrary, IPS is an active device working in inline mode and prevent the attacks by blocking it.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍4
Forwarded from پویش دادخواهی آموزشی ایران
💠 کارزار لغو افزایش هزینه سرسام آور آزادسازی مدرک تحصیلی
🔺 در وزارت علوم، تحقیقات و فناوری
🔺 #استعمار_نوین_آموزشی
📄 در بخشی از این کارزار که به تفصیل، ایرادات حقوقی این مصوبه، پیامدهای ناگوار اجرای آن و تضاد منافع احتمالی پنهان در آن را شرح داده و خواستار عدم تسری جدول هزینه اعلامی به دانشجویان حال حاضر و فارغالتحصیلان گذشته شده، آمده است:
🏷 در اقتصاد بخش عمومی و حقوق عمومی میخوانیم که اصل بر این است که دولت در مال و اراده مردم دخالت نمیکند، مگر با حجت کافی. کدام حجت محکم در دست بود که دولت بتواند چنین هزینه سنگینی را برای جبران کمبودهای مالی خود در تأمین امکانات رفاهی دانشگاهها بر جوانان تحمیل کند؟ مگر مقصر ترک فعلهای صورت گرفته و فشارهای اقتصادی ناشی از آن بر دولت و کسری بودجه وزارتخانه ها مردماند که دولت برای جبران آن دست در جیب مردم کند یا مگر دانشجوی ما با پرداخت ارز خارجی، بورسیه شده است که اکنون به نرخ روز از او بازپس گرفته شود؟
✍ برای امضای این کارزار در راستای اثبات فراوانی معترضان و حساسیت و فوریت موضوع برای آنان به مسئولان بالادستی، به لینک زیر بروید:
🌐 www.karzar.net/63023
👁🗨 @azaadsazi
🔺 در وزارت علوم، تحقیقات و فناوری
🔺 #استعمار_نوین_آموزشی
📄 در بخشی از این کارزار که به تفصیل، ایرادات حقوقی این مصوبه، پیامدهای ناگوار اجرای آن و تضاد منافع احتمالی پنهان در آن را شرح داده و خواستار عدم تسری جدول هزینه اعلامی به دانشجویان حال حاضر و فارغالتحصیلان گذشته شده، آمده است:
🏷 در اقتصاد بخش عمومی و حقوق عمومی میخوانیم که اصل بر این است که دولت در مال و اراده مردم دخالت نمیکند، مگر با حجت کافی. کدام حجت محکم در دست بود که دولت بتواند چنین هزینه سنگینی را برای جبران کمبودهای مالی خود در تأمین امکانات رفاهی دانشگاهها بر جوانان تحمیل کند؟ مگر مقصر ترک فعلهای صورت گرفته و فشارهای اقتصادی ناشی از آن بر دولت و کسری بودجه وزارتخانه ها مردماند که دولت برای جبران آن دست در جیب مردم کند یا مگر دانشجوی ما با پرداخت ارز خارجی، بورسیه شده است که اکنون به نرخ روز از او بازپس گرفته شود؟
✍ برای امضای این کارزار در راستای اثبات فراوانی معترضان و حساسیت و فوریت موضوع برای آنان به مسئولان بالادستی، به لینک زیر بروید:
🌐 www.karzar.net/63023
👁🗨 @azaadsazi
👎7👍3
جدید ترین نسخه کالی 2022.4 منتشر شد .
➕Microsoft Azure ( Microsoft Azure store )
➕More Platforms ( Generic Cloud, QEMU VM image & Vagrant libvirt )
➕Social Networks ( New homes, keeping in touch & press packs )
➕Kali NetHunter Pro ( Announcing the first release of a “true” Kali Linux on the mobile phone (PinePhone / Pro)
➕kali NetHunter ( Internal Bluetooth support, kernel porting video, firmware updates & other improvements )
➕Desktop Updates ( GNOME 43 & KDE 5.26 )
➕New Tools ( As always, various new packages added )
kali.org
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
➕Microsoft Azure ( Microsoft Azure store )
➕More Platforms ( Generic Cloud, QEMU VM image & Vagrant libvirt )
➕Social Networks ( New homes, keeping in touch & press packs )
➕Kali NetHunter Pro ( Announcing the first release of a “true” Kali Linux on the mobile phone (PinePhone / Pro)
➕kali NetHunter ( Internal Bluetooth support, kernel porting video, firmware updates & other improvements )
➕Desktop Updates ( GNOME 43 & KDE 5.26 )
➕New Tools ( As always, various new packages added )
kali.org
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍3
#Interview #ai
💎Supervised Learning
In supervised learning a model makes predictions or decisions based on past or labeled data. Labeled data refers to sets of data that are given tags or labels, and thus made more meaningful.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
💎Supervised Learning
In supervised learning a model makes predictions or decisions based on past or labeled data. Labeled data refers to sets of data that are given tags or labels, and thus made more meaningful.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
#Interview #Cybersecurity
🔶What is Port Scanning?
Port Scanning is the technique used to identify open ports and service available on a host. Hackers use port scanning to find information that can be helpful to exploit vulnerabilities. Administrators use Port Scanning to verify the security policies of the network. Some of the common Port Scanning Techniques are:
Ping Scan
TCP Half-Open
TCP Connect
UDP
Stealth Scanning
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔶What is Port Scanning?
Port Scanning is the technique used to identify open ports and service available on a host. Hackers use port scanning to find information that can be helpful to exploit vulnerabilities. Administrators use Port Scanning to verify the security policies of the network. Some of the common Port Scanning Techniques are:
Ping Scan
TCP Half-Open
TCP Connect
UDP
Stealth Scanning
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍2
#Interview #Cybersecurity
🔶What is Deep Learning?
The Deep learning is a subset of machine learning that involves systems that think and learn like humans using artificial neural networks. The term ‘deep’ comes from the fact that you can have several layers of neural networks.
One of the primary differences between machine learning and deep learning is that feature engineering is done manually in machine learning. In the case of deep learning, the model consisting of neural networks will automatically determine which features to use (and which not to use).
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔶What is Deep Learning?
The Deep learning is a subset of machine learning that involves systems that think and learn like humans using artificial neural networks. The term ‘deep’ comes from the fact that you can have several layers of neural networks.
One of the primary differences between machine learning and deep learning is that feature engineering is done manually in machine learning. In the case of deep learning, the model consisting of neural networks will automatically determine which features to use (and which not to use).
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍1
#interview #cybersecurity
🔶What is the Difference Between Supervised and Unsupervised Machine Learning?
Supervised learning - This model learns from the labeled data and makes a future prediction as output
Unsupervised learning - This model uses unlabeled input data and allows the algorithm to act on that information without guidance.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔶What is the Difference Between Supervised and Unsupervised Machine Learning?
Supervised learning - This model learns from the labeled data and makes a future prediction as output
Unsupervised learning - This model uses unlabeled input data and allows the algorithm to act on that information without guidance.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍1
#Interview #Cybersecurity
🔶What is Semi-supervised Machine Learning?
Supervised learning uses data that is completely labeled, whereas unsupervised learning uses no training data.
In the case of semi-supervised learning, the training data contains a small amount of labeled data and a large amount of unlabeled data.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔶What is Semi-supervised Machine Learning?
Supervised learning uses data that is completely labeled, whereas unsupervised learning uses no training data.
In the case of semi-supervised learning, the training data contains a small amount of labeled data and a large amount of unlabeled data.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍1
#interview #cybersecurity
What is CORS (cross-origin resource sharing)?
Cross-origin resource sharing (CORS) is a browser mechanism which enables controlled access to resources located outside of a given domain. It extends and adds flexibility to the same-origin policy (). However, it also provides potential for cross-domain attacks, if a website's CORS policy is poorly configured and implemented. CORS is not a protection against cross-origin attacks such as (CSRF).
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
What is CORS (cross-origin resource sharing)?
Cross-origin resource sharing (CORS) is a browser mechanism which enables controlled access to resources located outside of a given domain. It extends and adds flexibility to the same-origin policy (). However, it also provides potential for cross-domain attacks, if a website's CORS policy is poorly configured and implemented. CORS is not a protection against cross-origin attacks such as (CSRF).
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍4👎1
#interview #cybersecurity
🔸Can You Reset a Password-Protected BIOS Configuration?
BIOS (Basic Input or Output System) is a firmware located on a memory chip, often in a computer’s motherboard or system board. A typical BIOS security feature is a user password that must be entered to boot up a device. If you wish to reset a password-protected BIOS configuration, you’ll need to turn off your device, locate a password reset jumper on the system board, remove the jumper plug from the password jumper-pins, and turn on the device without the jumper plug to clear the password. This will reset the BIOS to default factory settings.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸Can You Reset a Password-Protected BIOS Configuration?
BIOS (Basic Input or Output System) is a firmware located on a memory chip, often in a computer’s motherboard or system board. A typical BIOS security feature is a user password that must be entered to boot up a device. If you wish to reset a password-protected BIOS configuration, you’ll need to turn off your device, locate a password reset jumper on the system board, remove the jumper plug from the password jumper-pins, and turn on the device without the jumper plug to clear the password. This will reset the BIOS to default factory settings.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍3
#interview #cybersecurity
🔸What Is the Difference Between Black Box Testing and White Box Testing?
Black box testing evaluates the behavior and functionality of a software product. This testing methodology operates from an end-user perspective and requires no software engineering knowledge. Black box testers do not have information about the internal structure or design of the product. Conversely, white box testing is typically performed by developers to assess the quality of a product’s code. The tester must understand the internal operations of the product.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸What Is the Difference Between Black Box Testing and White Box Testing?
Black box testing evaluates the behavior and functionality of a software product. This testing methodology operates from an end-user perspective and requires no software engineering knowledge. Black box testers do not have information about the internal structure or design of the product. Conversely, white box testing is typically performed by developers to assess the quality of a product’s code. The tester must understand the internal operations of the product.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍3
#interview #cybersecurity
🔸What Do You Mean by Phishing? How Many Types of Phishing Are There?
🔸Phishing is a type of cyberattack in which communications that appear trustworthy contain content that installs malware on a target’s device or directs a target to a malicious website. While email phishing is perhaps most common, other types of phishing exist as well.
🔸Spear phishing pursues specific targets within an organization and uses real information to convince targets that the malicious communication is an internal request from the organization, thereby increasing the chances that the target will access the malware disguised in the communication. Whaling is a type of phishing that targets C-suite executives, and smishing is a phishing attack conducted via text or SMS. From vishing to pharming, over ten different kinds of phishing exist—and the list continues to grow.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸What Do You Mean by Phishing? How Many Types of Phishing Are There?
🔸Phishing is a type of cyberattack in which communications that appear trustworthy contain content that installs malware on a target’s device or directs a target to a malicious website. While email phishing is perhaps most common, other types of phishing exist as well.
🔸Spear phishing pursues specific targets within an organization and uses real information to convince targets that the malicious communication is an internal request from the organization, thereby increasing the chances that the target will access the malware disguised in the communication. Whaling is a type of phishing that targets C-suite executives, and smishing is a phishing attack conducted via text or SMS. From vishing to pharming, over ten different kinds of phishing exist—and the list continues to grow.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍2
#interview #cybersecurity
🔸What Is Forward Secrecy?
Forward secrecy is a feature of certain key agreement protocols that generates a unique session key for each transaction. Thanks to forward secrecy, an intruder cannot access data from more than one communication between a client and a server—even if the security of one communication is compromised.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸What Is Forward Secrecy?
Forward secrecy is a feature of certain key agreement protocols that generates a unique session key for each transaction. Thanks to forward secrecy, an intruder cannot access data from more than one communication between a client and a server—even if the security of one communication is compromised.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍2
💣 هشدار!
🔸آسیب پذیری خطرناکی در RouterOS شرکت میکروتیک امکان اجرای کدهای مخرب را برای هکر از طریق Nova Message فراهم می نماید.
🔸این آسیب پذیری با شناسه CVE-2022-45313 و درجه اهمیت حیاتی شناخته می شود که یک محقق امنیتی برای درک بهتر آن PoC نیز منتشر کرده است که در ادامه می توانید با جزئیات فنی آن بیشتر آشنا شوید.
نکته به دلیل کثرت استفاده از این این محصول لطفا سیستم عامل RouterOS آن را در اسرع وقت به نسخه پایدار 7.5 یا بالاتر به روز رسانی نمایید.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸آسیب پذیری خطرناکی در RouterOS شرکت میکروتیک امکان اجرای کدهای مخرب را برای هکر از طریق Nova Message فراهم می نماید.
🔸این آسیب پذیری با شناسه CVE-2022-45313 و درجه اهمیت حیاتی شناخته می شود که یک محقق امنیتی برای درک بهتر آن PoC نیز منتشر کرده است که در ادامه می توانید با جزئیات فنی آن بیشتر آشنا شوید.
نکته به دلیل کثرت استفاده از این این محصول لطفا سیستم عامل RouterOS آن را در اسرع وقت به نسخه پایدار 7.5 یا بالاتر به روز رسانی نمایید.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
#interview #cybersecurity
🔸What Are Spyware Attacks?
Spyware is a kind of malware that is covertly installed on a targeted device to collect private data. Spyware can infiltrate a device when a user visits a malicious website, opens an infected file attachment, or installs a program or application containing spyware. Once installed, the spyware monitors activity and captures sensitive data, later relaying this information back to third-party entities.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸What Are Spyware Attacks?
Spyware is a kind of malware that is covertly installed on a targeted device to collect private data. Spyware can infiltrate a device when a user visits a malicious website, opens an infected file attachment, or installs a program or application containing spyware. Once installed, the spyware monitors activity and captures sensitive data, later relaying this information back to third-party entities.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
#interview #cybersecurity
🔸What Is ARP Poisoning? Can You Explain With an Example?
🔸ARP poisoning is a type of cyberattack that aims to interrupt, redirect, or covertly monitor network traffic. The ARP (address resolution protocol) establishes IP-level connections to new hosts by accepting requests from new devices to join the LAN (local area network) and provides an IP address. The ARP also translates the IP address to a MAC address and sends ARP packet requests to query appropriate MAC addresses to use, which saves time for network administrators.
🔸After sending fabricated ARP packets to link an intruder’s MAC address with an IP of a device already connected to the LAN (known as ARP spoofing), a hacker can initiate ARP poisoning by changing the extant ARP table to contain falsified MAC maps. A successful ARP poisoning will link the attacker’s MAC address with the target’s LAN, rerouting incoming traffic to the attacker.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸What Is ARP Poisoning? Can You Explain With an Example?
🔸ARP poisoning is a type of cyberattack that aims to interrupt, redirect, or covertly monitor network traffic. The ARP (address resolution protocol) establishes IP-level connections to new hosts by accepting requests from new devices to join the LAN (local area network) and provides an IP address. The ARP also translates the IP address to a MAC address and sends ARP packet requests to query appropriate MAC addresses to use, which saves time for network administrators.
🔸After sending fabricated ARP packets to link an intruder’s MAC address with an IP of a device already connected to the LAN (known as ARP spoofing), a hacker can initiate ARP poisoning by changing the extant ARP table to contain falsified MAC maps. A successful ARP poisoning will link the attacker’s MAC address with the target’s LAN, rerouting incoming traffic to the attacker.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
💠 جادی رو برای گیتهاب استارز کاندید کنید
💠گیتهاب، پلتفرم توسعه نرمافزار، امسال برنامهای برگزار کرده به عنوان ستارگان گیتهاب که در اون الهامبخش ترین و تاثیرگذارترین برنامهنویسان دنیا رو با توجه به رای مردم معرفی میکنه.
💠جادی رو میتونین با نام کاربری زیر برای کاندیدا معرفی کنین
jadijadi
🔗 https://stars.github.com/nominate
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
💠گیتهاب، پلتفرم توسعه نرمافزار، امسال برنامهای برگزار کرده به عنوان ستارگان گیتهاب که در اون الهامبخش ترین و تاثیرگذارترین برنامهنویسان دنیا رو با توجه به رای مردم معرفی میکنه.
💠جادی رو میتونین با نام کاربری زیر برای کاندیدا معرفی کنین
jadijadi
🔗 https://stars.github.com/nominate
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
❤6
#interview #cybersecurity
🔸What Do You Mean by SQL Injection?
A SQL injection is a type of cyberattack that inserts malicious SQL code via input data to manipulate databases. A properly executed SQL injection can read sensitive data stored in the database, modify that data, execute administration operations, or potentially issue operating system commands. This enables attackers to manipulate data, create repudiation problems, destroy data or restrict access to it, disclose all data within the database, and make themselves administrators of the database server.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸What Do You Mean by SQL Injection?
A SQL injection is a type of cyberattack that inserts malicious SQL code via input data to manipulate databases. A properly executed SQL injection can read sensitive data stored in the database, modify that data, execute administration operations, or potentially issue operating system commands. This enables attackers to manipulate data, create repudiation problems, destroy data or restrict access to it, disclose all data within the database, and make themselves administrators of the database server.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍2
#interview #ai
🔸Unsupervised Learning
In unsupervised learning, we don't have labeled data. A model can identify patterns, anomalies, and relationships in the input data.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸Unsupervised Learning
In unsupervised learning, we don't have labeled data. A model can identify patterns, anomalies, and relationships in the input data.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
Forwarded from InfoSecTube
📽 #Tutorials #android_penetration_testing
🌐 36 -How To Hack Android Phone on Same Wifi Network With Kali
🌐 37-How to Hack any android device using AhMyth over wan
🌐 38-how to hack android phone with spynote
🌐39-how to hack android phone with droidjack over the wan
🌐40-Hack Any Android Device With FatRat Tool(bind and fud rat)
🔝 @InfoSecTube
🌐 36 -How To Hack Android Phone on Same Wifi Network With Kali
🌐 37-How to Hack any android device using AhMyth over wan
🌐 38-how to hack android phone with spynote
🌐39-how to hack android phone with droidjack over the wan
🌐40-Hack Any Android Device With FatRat Tool(bind and fud rat)
🔝 @InfoSecTube
This media is not supported in your browser
VIEW IN TELEGRAM
این کلیپ توسط همکاران دکتر قره حسنلو ایجاد شده. حاوی عکس هایی از سوابق و اقدامات ایشون.
طبق خبرها دکتر قره حسنلو به اتهام فساد فی العرض به اعدام محکوم شده اند.
روزنامه شرق: دکتر قرهحسنلو در حال کمک به مجروحان بوده/ شاهد اصلی به دادگاه دعوت نشد
#منفی_امنیت
طبق خبرها دکتر قره حسنلو به اتهام فساد فی العرض به اعدام محکوم شده اند.
روزنامه شرق: دکتر قرهحسنلو در حال کمک به مجروحان بوده/ شاهد اصلی به دادگاه دعوت نشد
#منفی_امنیت
👎9❤7