تلفيقي از دوره هاي اكفا و بما: (آگاهي رساني امنيت اطلاعات و بنيان مديريت امنيت اطلاعات با رويكرد ضد جاسوسي) مشتمل از؛
-آشنایی با سیاست های جاسوسی و ضد حفاظت
-آموزش راههای جلوگیری از تخلیه اطلاعات مهم
-راههای شناسایی و مقابله با ترفندهای تخلیه اطلاعاتی، توسط سایتها و فضای مجازی
-جلوگیری از سوء استفاده از فلش مموری
-استفاده درست و بی خطر از اینترنت
...

در قوه قضاييه/ نظامي
طهران ايران

آذر ٩٨-
٢٤ ساعت براي بيش از ١٥٠ نفر


- بروز باشيد-


آگاهي رساني امنيت سايبري

@CisoasaService

98.09.03

سوال، بدون سابقه كار چجوري شاغل شويم وقتي همه از ما سابقه كار ميخوان!؟( در حوزه فناورانه و امنيت)

١-روي مفاهيم بصورت عميق مسلط بشويم
٢-موارد مد نظر براي تخصص عملياتي مثل محتواي دوره ccna r-s , mcse 2012/16/19, Ceh v10 ec council و ساير رو بصورت شبيه سازي شده روي لپ تاپ و سيستم خانگي كار كنيم و مسلط براي مثال اگه تصور داريم كه دوره ceh v10 رو چه بصورت خودخوان خوانديم و يا در موسسه اي دوره ديديم حتما بايد وقتي يك سامانه تحت وب را به ما ميدهند بتوانيم با ابزارهاي كرك، متن باز و ... در اختيار، ارزيابي امنيتي در حد متوسط را انجام بدهيم و كار خود را پرزنت كنيم!
٣-براي هر كاري كه مرتبط با دانش ماست اقدام به ارسال رزومه كنيم
٤-حتما روز مصاحبه با تيپ حرفه اي و سر تايم حاضر شيم
و
٥-رزومه درست صادقانه و معقول حرفه اي بنويسيم، كمي خلاق باشيم، مواردي كه مسلط هستيم رو در رزومه پرزنت بديم توانمندي هايمان را! نه افراط نه تفريط!


- بروز باشيد-


آگاهي رساني امنيت سايبري

@CisoasaService

98.09.03

- بروز باشيد-


آگاهي رساني امنيت سايبري

@CisoasaService

98.09.03

- بروز باشيد-


آگاهي رساني امنيت سايبري

@CisoasaService

98.09.03

شفاف سازي رود مپ تخصصي امنيت بصورت خودخوان!
آينده شغلي.... ، آگاهي رساني امنيت
با رويكرد آگاه سازي همراه با مصاديق
و تكنيك هاي مصون بودن از هك!

تماس براي كسب اطلاعات بيشتر با موسسه ويستا:
0098 21 88554213
+98 21 8855 7032
+98 21 8855 4217
+98 21 8855 4963


- بروز باشيد -


آگاهي رساني امنيت سايبري

@CisoasaServie

98.09.03

مدرس دوره
MCSA 2016
براي يك سازمان خارج از تهران
به مدت ٦ روز - ٤٨ ساعت
براي گروه ١
همچنين ٦ روز مجزا - ٤٨ ساعت براي گروه ٢

همچنين همين دوره
يك بوت كمپ ٦ روزه در تهران
براي يك سازمان
٤٨ ساعته

شروع از اواخر آذرماه

لطفا مدرسين مسلط و داراي سابقه
رزومه بروز و مرتبط همراه با متن اين آگهي رو به آي دي
@alirezaghahrood
ارسال نماييد.


- بروز باشيد -


آگاهي رساني امنيت سايبري

@CisoasaService

98.09.04

Publishing - SSCP Certification (Systems Security Certified Practitioner) .rar with you.

Click the link below to download this file.

https://easyupload.io/syxkaf


دانلود محتواي آموزشي بروز دوره SSCP - ISC2


لينك دو هفته اعتبار دارد.

پسورد فايل:
@cisoasaservice


- بروز باشيد -


آگاهي رساني امنيت سايبري

@CisoasaService

98.09.04

پيرو حاشيه ها و شو آف، توهم ات، نشر اكاذيب يك شخص...
يك بار عليه من يك بار عليه ايمان
دوبار عليه من يك بار عليه ايمان
يك بار عليه اين موسسه يك بار عليه محمد يك بار عليه فرهاد اين بار عليه موسسه موفق ديگه!
تتلو هاي حوزه رو بشناسيم،

تصوير كامنت يك مخاطب!👍🏽


- صرفا جهت پايش!


آگاهي رساني امنيت سايبري

@CisoasaService

98.09.04

✅وزیر ارتباطات در گفتگو با ایسنا از برگزاری جلسات با سازمان نظام صنفی رایانه ای سخن گفت: «جبران خسارات شرکت‌ها با مصوبات دولت قابل پیگیری است»

🔺آذری جهرمی درباره خسارات وارده به شرکت‌های استارت‌آپی و امکان جبران آن گفت: برآوردهای تقریبی در سطح جامعه منعکس شده اما ما هنوز برآورد دقیقی نداریم. باید جلساتی با اتحادیه کسب و کارهای نوپا و نظام صنفی رایانه‌ای برگزار کنیم و برآوردهای دقیق استخراج شود. جبران خسارات شرکت‌ها با مصوبات دولت قابل پیگیری است اما مهم این است که بتوان نحوه برآورد خسارت را استخراج کرد.»

🔺آذری جهرمی در خصوص این که مشترکینی که بسته‌های مدت‌دار مثلا یک هفته‌ای خریداری کرده‌اند و در زمان قطع اینترنت قادر به مصرف بسته خود نشده‌اند، گفت: به اپراتورها ابلاغ کرده‌ایم که مدت زمان قطعی اینترنت را به مدت اعتبار بسته‌ها اضافه کنند.
@TICTguild
🔺او درباره حقوقی که از مشترکین در مدت قطع اینترنت تضییع شده نیز گفت:« پیشنهادهایی برای اقدامات جبرانی داریم که هنوز نهایی نشده است و به محض نهایی شدن، اطلاع‌رسانی خواهیم کرد.»

شرح کامل خبر

some ways enterprises can detect security incidents:

1.Unusual behavior from privileged user accounts.
Any anomalies in the behavior of a privileged user account can indicate that someone is using it to gain a foothold into a company's network.

2.Unauthorized insiders trying to access servers and data.
Warning signs include unauthorized users attempting to access servers and data, requesting access to data that isn't related to their jobs, logging in at abnormal times from unusual locations or logging in from multiple locations in a short time frame.

3.Anomalies in outbound network traffic.
It's not just traffic that comes into a network that organizations should worry about. This could include insiders uploading large files to personal cloud applications; downloading large files to external storage devices, such as USB flash drives; or sending large numbers of email messages with attachments outside the company.

4.Traffic sent to or from unknown locations.
For a company that only operates in one country, any traffic sent to other countries could indicate malicious activity. Administrators should investigate

5.Excessive consumption.
An increase in the performance of server memory or hard drives may mean an attacker is accessing them illegally.

6.Changes in configuration.
Changes that haven't been approved, including reconfiguration of services, installation of startup programs or fw changes, are a sign of possible malicious activity. The same is true of scheduled tasks that have been added.

7.Hidden files.
These can be considered suspicious because of their file names, sizes or locations, which indicate the data or logs may have been leaked.

8.Unexpected changes.
These include user account lockouts, password changes or sudden changes in group memberships.

9.Abnormal browsing behavior.
This could be unexpected redirects, changes in the browser configuration or repeated pop-ups.

10.Suspicious registry entries.
This happens mostly when malware infects Windows systems. It's one of the main ways malware ensures it remains in the infected system

, ...

https://nitroflare.com/view/E090135C14376EB/eLearningSecurity_PTP-20190531T222419Z-002.zip

C-pentest/advance

Risk vector:

1.External/removable media. The attack is executed from removable media -- e.g., CD, flash drive or a peripheral device.

2.Attrition. This type of attack uses brute force to compromise, degrade or destroy networks, systems or services.

3.Web. The attack is executed from a website or web-based application.

4.Email. The attack is executed via an email msg attach.A hacker entices the recipient to either click on a link that takes him to an infected website or to open an infected attachment.

5.Improper usage. This type of incident stems from the violation of an organization's acceptable-use policies by an authorized user.

6.Drive-by downloads. A user views a website that triggers a malware download; this can happen without the user's knowledge. Drive-by downloads, which take advantage of vulnerabilities in web browsers, inject malicious code using JavaScript and other browsing features.

7.Ad-based malware (malvertising). The attack is executed via malware embed on websites. Merely viewing a malicious ad could inject malicious code into an unsecured device. In addition, malicious ads can also be embedded directly into otherwise trusted apps and served via them.

8.Mouse hovering. This takes advantage of vulnerabilities in well-known software, such as PowerPoint. When a user hovers over a link -rather than clicking on it -to see where it goes, shell scripts can be launched automatically. Mouse hovering takes advantage of system flaws that make it possible to launch programs based on innocent actions of the user.

9.Scareware. This persuades a user to purchase and download unwanted and potentially dangerous software by scaring him. Scareware tricks a user into thinking that his computer has a virus, then recommends that he download and pay for fake antivirus software to remove the virus. However, if the user downloads the software and allows the program to execute, his systems will be infected with malware.

...

Chain in Cyber attacks

Lockheed Martin

1.Reconnaissance (identify the targets). The threat actor assesses the targets from outside the organization to identify the targets that will enable him to meet his objectives. The goal of the attacker is to find information systems with few protections or with vulnerabilities that he can exploit to access the target system.

2.Weaponization (prepare the operation). During this stage, the attacker creates malware designed specifically for the vulnerabilities discovered during the reconnaissance phase. Based on the intelligence gathered in that phase, the attacker customizes his tool set to meet the specific requirements of the target network.

3.Delivery (launch the operation). The attacker sends the malware to the target by any intrusion method, such as a phishing email, a man-in-the-middle attack or a watering hole attack.

4.Exploitation (gain access to victim). The threat actor exploits a vulnerability to gain access to the target's network.

5.Installation (establish beachhead at the victim). Once the hacker has infiltrated the network, he installs a persistent backdoor or implant to maintain access for an extended period of time.

6.Command and control (remotely control the implants). The malware opens a command channel, enabling the attacker to remotely manipulate the target's systems and devices through the network. The hacker can then take over the control of the entire affected systems from its administrator.

7.Actions on objectives (achieve the mission's goals). What happens next, now that the attacker has the command and control of the target's system, is entirely up to the attacker, who may corrupt or steal data, destroy systems or demand ransom, among other things.

The NCSC defines a cyber incident as a breach of a system's security policy in order to affect its integrity or availability and/or the unauthorised access or attempted access to a system or systems; in line with the Computer Misuse Act (1990)

10 incident in yr co:

1. Unauthorized attempts to access systems or data
To prevent a threat actor from gaining access to systems or data using an authorized user's account, 2f- This requires a user to provide a second piece of identifying information in addition to a password. Additionally, encrypt sensitive corporate data at rest or as it travels over a network using suitable software or hardware technology. That way, attackers won't be able to access confidential data.

2. Privilege escalation attack
An attacker who attempts to gain unauthorized access to an organization's network may then try to obtain higher-level privileges using what's known as a privilege escalation exploit. Successful privilege escalation attacks grant threat actors privileges that normal users don't have.
Typically, privilege escalation occurs when the threat actor takes advantage of a bug, configuration oversight and programming errors, or any vulnerability in an application or system to gain elevated access to protected data.
This usually occurs after a hacker has already compromised a network by gaining access to a low-level user account and is looking to gain higher-level privileges -- i.e., full access to an enterprise's IT system -- either to study the system further or perform an attack.
To decrease the risk of privilege escalation, organizations should look for and remediate security weak spots in their IT environments on a regular basis. They should also follow the principle of least privilege -- that is, limit the access rights for users to the bare minimum permissions they need to do their jobs -- and implement security monitoring. Organizations should also evaluate the risks to their sensitive data and take the necessary steps to secure that data.

3. Insider threat
This is a malicious or accidental threat to an organization's security or data typically attributed to employees, former employees or third parties, including contractors, temporary workers or customers.
To detect and prevent insider threats, implement spyware scanning programs, antivirus programs, firewalls and a rigorous data backup and archiving routine. In addition, train employees and contractors on security awareness before allowing them to access the corporate network. Implement employee monitoring software to reduce the risk of data breaches and the theft of intellectual property by identifying careless, disgruntled or malicious insiders.

4. Phishing attack
In a Phishing attack, an attacker masquerades as a reputable entity or person in an email or other communication channel. The attacker uses phishing emails to distribute malicious links or attachments that can perform a variety of functions, including extracting login credentials or account information from victims. A more targeted type of phishing attack known as spear phishing occurs when the attacker invests time researching the victim to pull off an even more successful attack.
Effective defense against phishing attacks start awareness to identify phishing messages. In addition, a gateway email filter can trap many mass-targeted phishing emails and reduce the number of phishing emails that reach users' inboxes.

5. Malware attack
This is a broad term for different types of malware that are installed on an enterprise's system. Malware includes Trojans, worms, ransomware, adware, spyware and various types of viruses. Some malware is inadvertently installed when an employee clicks on an ad, visits an infected website or installs freeware or other software.
Signs of malware include unusual system activity, such as a sudden loss of disk space; unusually slow speeds; repeated crashes or freezes; an increase in unwanted internet activity; and pop-up advertisements.

Hackin9


https://mega.nz/?fbclid=IwAR1JMQQggsnGsJSBEO6kIuBTglcI9kAV1OFU7Ry07rd_uBnKj_ShGhvTm7g#F!otxk2AaI!OqSzJJk-M-aSYWTQ9O7Gtg

https://drive.google.com/drive/folders/1x1z_qAA7ZsyeG_pAZTZSjOFunaxvpg-E

All security books, CISSP, CISM, CISA and Cloud etc

Video Courses


Jason Dion - Sec+ Udemy Course
https://mega.nz/#F!DnZWBCYb!vAjXcKf90Pn3w5y4iPrdxg

CBT Nuggets Sec+
https://mega.nz/#F!ezYD3AYT!Jq9LbN6xtRNhAEcwO7eAAg

Mike Chapple Sec+
https://mega.nz/#F!rrQwwSbC!5p1iPrU2MdBwp2O3IRdbaA

How to Spot Phishing Sites in 4 Simple Steps

1. Examine the connection type:
All you have to do is click on the URL in the address bar and check whether the site has an “HTTP” or “HTTPS” tag. The “https” tag is what you should be aiming for if you’re on a page that requires to enter any confidential information.

2. Run a quick check on SSL certificate:
You can check the validity and issuer of SSL certificate by clicking on the padlock icon in the address bar. This will show you whether the certificate is valid and the name of the issuer.
However, keep in mind that scammers who go a long way to appear legitimate are capable of forging permits and tax forms required by certificate providers. On top of that, there is software that can enable them to get their hands on free SSL certificates.

3. Examine the URL:
The usual address looks like this:
https:// (security protocol) www (subdomain) brand name (domain) com (domain extension)

4. Inspect website content:
If a single webpage you landed on seems suspicious, a good way to identify a phishing site is to simply take a look at the entire website.
Some of the red flags include low-resolution photos, bad grammar, empty pages, excessive advertising, and clickbait headlines.

حرفه اي، مد و .... نيست
حرفه اي به ذهن و عمله،

براي يكي از مدرسين ناب و موفق حوزه امنيت نفوذي و دوره هاي SANS
آقاي حسيني و تيم اشون بهترين هارو آرزو ميكنم👌🏽🙏👍🏽


- بروز باشيد -


آگاهي رساني امنيت سايبري

@CisoasaService

98.09.04