What are the types of consensus algorithms in blockchain?
🔺Proof of Work (POW)
🔺Proof of Stake (POS)
🔺Practical Byzantine Fault Tolerance (PBFT)

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🚧What do you mean by brute force in the context of Cyber Security?

A brute force attack is a cryptographic assault that uses a trial-and-error approach to guess all potential combinations until the correct data is discovered. This exploit is commonly used by cybercriminals to gain personal information such as passwords, login credentials, encryption keys, and PINs. It is very easy for hackers to implement this.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🖥 سری ویدیو های آموزشی Node.Js
👨‍💻مدرس : میثم منصف

🔹آشنایی مقدماتی با nodejs
⛓https://youtu.be/Vjb6l8xNRAQ
🔹آشنایی با معماری نود جی اس(Node.js)
⛓https://youtu.be/guOhZ20ZGwg
🔹نصب محیط برنامه نویسی نود جی اس
⛓https://youtu.be/6n3ebW3z0rc
🔹نصب نود جی اس روی لینوکس
⛓https://youtu.be/f_fgncga6qQ
🔹راه اندازی phpstorm و Nodemon
⛓https://youtu.be/Fb6t4GeYbHM
🔹متغییر ها در نود جی اس
⛓https://youtu.be/-XxYjeFCRqA
🔹توابع در نود جی اس
⛓https://youtu.be/0yRI2rcAMdc
🔹تعیین سطح دسترسی و محدوده در نود جی اس
⛓https://youtu.be/Xy1P58RXWKY
🔹آشنایی با لاگ در نود جی اس
⛓https://youtu.be/xo4IFyoLs4U
🔹آشنایی با Async در نود جی اس
⛓https://youtu.be/-697ez4e6vw

🔝 @InfoSecTube
🖥 🖥 youtube
🍁 instagram.com/info_sec_tube

🚀How can you avoid a brute force attack?

Brute Force attack can also be avoided by the following methods:-

Limit the number of failed login attempts.
By altering the sshd_config file, you can make the root user unreachable via SSH.
Instead of using the default port, change it in your sshd config file.
Make use of Captcha.
Limit logins to a certain IP address or range of IP addresses.
Authentication using two factors
URLs for logging in that are unique
Keep an eye on the server logs.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

📌وبسایت‌هایی برای دریافت رایگان کتاب و مقالهٔ انگلیسی
📥دریافت کتاب:
اول، بر اساس موضوعی که در نظر دارید، کتاب دلخواه‌تان را با استفاده از کلیدواژه‌های مناسب، در یکی از بانک‌های اطلاعاتیِ کتاب، مانند وبسایت‌های زیر جست‌وجو کنید:

1️⃣ آمازون‌‌ (amazon.com)
2️⃣ انتشارات دانشگاه آکسفورد (global.oup.com)
3️⃣ انتشارات دانشگاه کمبریج (cambridge.org)
4️⃣ انتشارات وایلی (wiley.com)

وقتی کتاب دلخواه را یافتید، عنوان آن را در یکی از وبسایت‌های زیر جست‌وجو و PDF آن را دریافت کنید.
🌐 www.b-ok.org
🌐 www.bookfi.net

📥دریافت مقاله:
اول، بر اساس موضوعی که در نظر دارید، با استفاده از کلیدواژه‌های مناسب، مقالهٔ دلخواه را در یکی از بانک‌های اطلاعاتیِ مقالات علمی، مانند وبسایت‌های زیر پیدا کنید:

1️⃣ امِرآلد (emeraldinsight.com)
2️⃣ ساینس‌دایرکت (sciencedirect.com)
3️⃣ جی‌استور (jstor.org)
4️⃣ اشپرینگر (springer.com)
5️⃣ پابمد (ncbi.nlm.nih.gov/pubmed)

سپس عنوان مقاله، یا DOI مقاله، یا نشانیِ صفحه‌ای را که مقاله در آن است، در وبسایت sci-hub.tw وارد کنید یا فقط عنوان مقاله را در وبسایت booksc.org وارد کنید و PDF مقاله را بگیرید.
🌐 https://sci-hub.tw
🌐 https://booksc.org


🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

What is a smart contract security audit?

A smart contract security audit is a detailed review of the code in a project’s smart contracts. These are important to safeguard funds invested through them. As all transactions on the blockchain are final and immutable, funds cannot be retrieved should they be stolen.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

Differentiate between Information protection and information assurance.

💥Information protection protects data from unauthorized access by utilizing encryption, security software, and other methods.

🔥Information Assurance ensures the data's integrity by maintaining its availability, authentication, and secrecy, among other things.


🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🖥 سری ویدیو های امنیت بلاکچین و قراردادهای هوشمند

🖥BSCS:Blockchain & Smart Contract Security - Distributed ledger technology (DLT)

👨‍💻مدرس : saeid ghasemshirazi
🧬لینک ویدیو:
⛓https://youtu.be/FSc860DW9CU

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

Which is faster public or private blockchain?

Private blockchains can process transactions in real-time, unlike public blockchains where consensus-building can take time. This is because a private blockchain has a more centralized network than a public blockchain, where the decision-making is much faster.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🔥What do you mean by Network Sniffing?

Sniffing is a technique for evaluating data packets delivered across a network. This can be accomplished through the use of specialized software or hardware. Sniffing can be used for a variety of purposes, including:

Capture confidential information, such as a password.
Listen in on chat messaging
Over a network, keep an eye on a data package.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

What do you mean by System Hardening?

In general, system hardening refers to a set of tools and procedures for managing vulnerabilities in an organization's systems, applications, firmware, and other components.
The goal of system hardening is to lower security risks by lowering potential attacks and compressing the system's attack surface.
The many types of system hardening are as follows:

Hardening of databases
Hardening of the operating system
Hardening of the application
Hardening the server
Hardening the network


🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

What is the difference between Hyperledger and blockchain?
🔸Blockchain is a technology based on immutable records called blocks. It uses cryptography to secure these blocks in a decentralized manner.

🔸Hyperledger is an open-source platform that allows people to develop Blockchain applications privately.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

Persian :
برای اولین بار فایل کامل ایمیل های لیک شده پتروشیمی خلیج فارس برای روزنامه نگاران و محققان و مردم ایران

English :

For the first time, the complete file of leaked Persian Gulf Petrochemical emails for journalists, researchers and the people of Iran

password:OpIran

https://mega.nz/file/EBIi0a4Y#PfBS1tdaAfmwEYFyzL4sN317NPtNglTNh2dwqMW0pX4


🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🖥 سری ویدیو های امنیت بلاکچین و قراردادهای هوشمند

🖥BSCS:Blockchain & Smart Contract Security - Smart Contracts


👨‍💻مدرس : saeid ghasemshirazi
🧬لینک ویدیو:
⛓https://youtu.be/D5I1NcTWQtk

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🏹The three stages of building a machine learning model are:

🏹Model Building
Choose a suitable algorithm for the model and train it according to the requirement
🏹Model Testing
Check the accuracy of the model through the test data
🏹Applying the Model
Make the required changes after testing and use the final model for real-time projects

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🛎What do you mean by Domain Name System (DNS) Attack?

DNS hijacking is a sort of cyberattack in which cyber thieves utilize weaknesses in the Domain Name System to redirect users to malicious websites and steal data from targeted machines. Because the DNS system is such an important part of the internet infrastructure, it poses a serious cybersecurity risk.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🔥Clustering?

Clustering problems involve data to be divided into subsets. These subsets, also called clusters, contain data that are similar to each other. Different clusters reveal different details about the objects, unlike classification or regression.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🔺What is Cross-Validation?

🔸Cross-Validation in Machine Learning is a statistical resampling technique that uses different parts of the dataset to train and test a machine learning algorithm on different iterations. The aim of cross-validation is to test the model’s ability to predict a new set of data that was not used to train the model. Cross-validation avoids the overfitting of data.

🔺K-Fold Cross Validation is the most popular resampling technique that divides the whole dataset into K sets of equal sizes.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🪡Differentiate between spear phishing and phishing?

Spear phishing is a type of phishing assault that targets a small number of high-value targets, usually just one. Phishing usually entails sending a bulk email or message to a big group of people. It implies that spear-phishing will be much more personalized and perhaps more well-researched (for the individual), whereas phishing will be more like a real fishing trip where whoever eats the hook is caught.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

✳️What do you mean by Active reconnaissance?

Active reconnaissance is a type of computer assault in which an intruder interacts with the target system in order to gather information about weaknesses.
Port scanning is commonly used by attackers to detect vulnerable ports, after which they exploit the vulnerabilities of services linked with open ports.
This could be done using automatic scanning or manual testing with tools like ping, traceroute, and netcat, among others. This sort of recon necessitates interaction between the attacker and the victim. This recon is faster and more precise, but it generates far more noise. Because the attacker must engage with the target in order to obtain information, the recon is more likely to be detected by a firewall or other network security device.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

What do you mean by Authenticode?

Authenticode is a technology that identifies the publisher of Authenticode sign software. It allows users to ensure that the software is genuine and not contain any malicious program.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube