Red Team Tactics
Conduct Lateral Movement Attack By Leveraging Unfiltered Services Display Name To Smuggle Binaries As Chunks Into The Target Machine
https://github.com/lawrenceamer/TChopper
Threat Research
Mistune - iOS RCE vulnerabilities that have been hiding for a decade
https://blog.chichou.me/mistune
Malware analysis
1. Multi Perimeter Device Exploit Mirai Version Hunting
For Sonicwall, DLink, Cisco and more
https://isc.sans.edu/forums/diary/Multi+Perimeter+Device+Exploit+Mirai+Version+Hunting+For+Sonicwall+DLink+Cisco+and+more/27528
2. Stealing tokens, emails, files and more in Microsoft Teams through malicious tabs
https://medium.com/tenable-techblog/stealing-tokens-emails-files-and-more-in-microsoft-teams-through-malicious-tabs-a7e5ff07b138
Analytics
Attribution of the ColunmTK Campaign against Air India
to APT41
https://blog.group-ib.com/colunmtk_apt41
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
Conduct Lateral Movement Attack By Leveraging Unfiltered Services Display Name To Smuggle Binaries As Chunks Into The Target Machine
https://github.com/lawrenceamer/TChopper
Threat Research
Mistune - iOS RCE vulnerabilities that have been hiding for a decade
https://blog.chichou.me/mistune
Malware analysis
1. Multi Perimeter Device Exploit Mirai Version Hunting
For Sonicwall, DLink, Cisco and more
https://isc.sans.edu/forums/diary/Multi+Perimeter+Device+Exploit+Mirai+Version+Hunting+For+Sonicwall+DLink+Cisco+and+more/27528
2. Stealing tokens, emails, files and more in Microsoft Teams through malicious tabs
https://medium.com/tenable-techblog/stealing-tokens-emails-files-and-more-in-microsoft-teams-through-malicious-tabs-a7e5ff07b138
Analytics
Attribution of the ColunmTK Campaign against Air India
to APT41
https://blog.group-ib.com/colunmtk_apt41
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
GitHub
GitHub - zux0x3a/TChopper: conduct lateral movement attack by leveraging unfiltered services display name to smuggle binaries as…
conduct lateral movement attack by leveraging unfiltered services display name to smuggle binaries as chunks into the target machine - GitHub - zux0x3a/TChopper: conduct lateral movement attack b...
امنيت در اينترنت 😁معنا ندارد حتي با استفاده از …
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
Claroty CTD automatically identifies exact-match vulnerabilities in OT assets and creates context-rich tickets within SOAR solutions, enabling effective and efficient prioritization and remediation
https://claroty.com/security-orchestration-automation-response/
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
https://claroty.com/security-orchestration-automation-response/
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
Claroty
Technology Alliance Partners
Claroty’s Technology Alliance Program (CTAP) partners each play an important role in the security ecosystem. Together, we work to deliver a complement of solutions that solve our customers’ most pressing security problems.
This is a comprehensive toolkit for establishing and developing Information Sharing and Analysis Centres, or ISACs. It includes activities, documents and tools, everything you need to set up and run an ISAC. The toolkit is divided into 4 different phases corresponding to the development of the ISAC. Each phase contains different topics for developing the organisation in that particular phase.
The topics have been classified into "New" for ISACs starting from scratch and "Established" for already established ISACs taking the next step in their maturity process. The ones concerning mainly new ISACs are marked with an "N" and the ones concerning established ISACs are marked with an "E
https://www.enisa.europa.eu/topics/national-cyber-security-strategies/information-sharing/isacs-toolkit/view
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
The topics have been classified into "New" for ISACs starting from scratch and "Established" for already established ISACs taking the next step in their maturity process. The ones concerning mainly new ISACs are marked with an "N" and the ones concerning established ISACs are marked with an "E
https://www.enisa.europa.eu/topics/national-cyber-security-strategies/information-sharing/isacs-toolkit/view
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
platform.
A threat intelligence platform for sharing, storing and correlating Indicators of Compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or even counter-terrorism information. Discover how MISP is used today in multiple organisations. Not only to store, share, collaborate on cyber security indicators, malware analysis, but also to use the IoCs and information to detect and prevent attacks, frauds or threats against ICT infrastructures, organisations or people
https://www.misp-project.org/features.html
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
A threat intelligence platform for sharing, storing and correlating Indicators of Compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or even counter-terrorism information. Discover how MISP is used today in multiple organisations. Not only to store, share, collaborate on cyber security indicators, malware analysis, but also to use the IoCs and information to detect and prevent attacks, frauds or threats against ICT infrastructures, organisations or people
https://www.misp-project.org/features.html
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
MISP Open Source Threat Intelligence Platform & Open Standards For Threat Information Sharing
MISP features and functionalities
MISP Threat Intelligence & Sharing
Which 9 industries are most (and least) hardened against attack and why
Best practices for making the attackers’ jobs harder
The most common types of vulnerabilities per industry
How to be a Guardian of Trust for your business
Download the Report
The 2020 Trust Report
How different industries and sectors of the economy measure up when it comes to security preparedness
How to benchmark your industry against others using the Attacker Resistance Score Metric
Why organizations with a continuous approach to testing have up a 23% higher ARS metric than periodic testing
How industries are finding and closing vulnerabilities faster and reducing their remediation time by 73%
https://www.synack.com/
https://www.synack.com/trust-report/
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
Best practices for making the attackers’ jobs harder
The most common types of vulnerabilities per industry
How to be a Guardian of Trust for your business
Download the Report
The 2020 Trust Report
How different industries and sectors of the economy measure up when it comes to security preparedness
How to benchmark your industry against others using the Attacker Resistance Score Metric
Why organizations with a continuous approach to testing have up a 23% higher ARS metric than periodic testing
How industries are finding and closing vulnerabilities faster and reducing their remediation time by 73%
https://www.synack.com/
https://www.synack.com/trust-report/
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
Synack
Resource Hub
Check out the Synack Resource Hub for the latest company events, news and research.
https://www.malwarearchaeology.com/
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
Malware Archaeology
Malware Discovery and Analysis, Consulting, Training and resources to help in Malware Management
This “Windows Sysmon Logging Cheat Sheet” is intended to help you understand where Microsoft’s FREE Sysinternals Sysmon agent can supplement and enhance your Windows Logging, NOT replace it. Sysmon can provide more information than standard default Windows logs provide. Sysmon is great to collect data you need for Incident Response, malware labs, high security situations, your own personal systems, or just improve the existing log data you are collecting with more details.
https://static1.squarespace.com/static/552092d5e4b0661088167e5c/t/5eb3687f39d69d48c403a42a/1588816000014/Windows+Sysmon+Logging+Cheat+Sheet_Jan_2020.pdf
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
https://static1.squarespace.com/static/552092d5e4b0661088167e5c/t/5eb3687f39d69d48c403a42a/1588816000014/Windows+Sysmon+Logging+Cheat+Sheet_Jan_2020.pdf
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
Security Company Names
اينم بيزينسي هست😁
The Cyber Security Company Names you choose will be front and center on business cards, websites, and advertisements. It will be everybody’s first impression of your business. By thoughtfully choosing a premium business name, you are giving your business the best chance at success
https://www.nameestate.com/business/cyber-security-company-names/
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
اينم بيزينسي هست😁
The Cyber Security Company Names you choose will be front and center on business cards, websites, and advertisements. It will be everybody’s first impression of your business. By thoughtfully choosing a premium business name, you are giving your business the best chance at success
https://www.nameestate.com/business/cyber-security-company-names/
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
سود دهي استارت آپ هاي امنيت محور و ترنول مالي درخور
https://angel.co/cyber-security
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
https://angel.co/cyber-security
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
CSIRT TOOLS KIT
Computer Security Incident Response Teams (CSIRTs) are responsible for receiving and reviewing incident reports, and responding to them as appropriate. These services are normally performed for a defined constituency such as a corporation, institution, educational or government network, region or country, or a paid client. CSIRT services generally fall into three categories - reactive (e.g vulnerability alerts, incident handling); proactive (e.g. intrusion detection, auditing and information dissemination); and security quality management (e.g. risk analysis, disaster recovery planning, and education and training)
Incident handling information
IntelMQ is a solution for CERTs for collecting and processing security feeds, pastebins, tweets and log files using a message queuing protocol.
Security Incident Response Platform
The Hive is a scalable, open source and free Security Incident Response Platform designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner.
Network forensics
NfSen allows you to keep all the convenient advantages of the command line using nfdump directly and gives you also a graphical overview over your netflow data.
Operational intelligence
Use Elastic to search, monitor, analyze and visualize machine data.
The Open Source Security Platform
Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.
Lightweight shipper for network data
Packetbeat is a lightweight network packet analyzer that sends data from your hosts and containers to Logstash or Elasticsearch.
Next tools in progress….
More tools will be added soon
https://csirt-kit.org/
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
Computer Security Incident Response Teams (CSIRTs) are responsible for receiving and reviewing incident reports, and responding to them as appropriate. These services are normally performed for a defined constituency such as a corporation, institution, educational or government network, region or country, or a paid client. CSIRT services generally fall into three categories - reactive (e.g vulnerability alerts, incident handling); proactive (e.g. intrusion detection, auditing and information dissemination); and security quality management (e.g. risk analysis, disaster recovery planning, and education and training)
Incident handling information
IntelMQ is a solution for CERTs for collecting and processing security feeds, pastebins, tweets and log files using a message queuing protocol.
Security Incident Response Platform
The Hive is a scalable, open source and free Security Incident Response Platform designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner.
Network forensics
NfSen allows you to keep all the convenient advantages of the command line using nfdump directly and gives you also a graphical overview over your netflow data.
Operational intelligence
Use Elastic to search, monitor, analyze and visualize machine data.
The Open Source Security Platform
Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.
Lightweight shipper for network data
Packetbeat is a lightweight network packet analyzer that sends data from your hosts and containers to Logstash or Elasticsearch.
Next tools in progress….
More tools will be added soon
https://csirt-kit.org/
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
The “SPEED” SIEM Use Case Framework
SimPle and EffectivE Detection
http://correlatedsecurity.com/content/images/2020/04/SPEED%20Use%20Case%20Framework%20v1.1.pdf
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
SimPle and EffectivE Detection
http://correlatedsecurity.com/content/images/2020/04/SPEED%20Use%20Case%20Framework%20v1.1.pdf
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
Microsoft Windows 11 Leaked
Build 21996.1
Download
magnet:?xt=urn:btih:209922c98ec03a2cbf0eebe631f9c1d577795645&dn=21996.1.210529-1541.co_release_CLIENT_CONSUMER_x64FRE_en-us.iso
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
Build 21996.1
Download
magnet:?xt=urn:btih:209922c98ec03a2cbf0eebe631f9c1d577795645&dn=21996.1.210529-1541.co_release_CLIENT_CONSUMER_x64FRE_en-us.iso
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
XDA Developers
Windows 11 has leaked: Here’s a sneak peek before next week’s launch!
The first leaked build of Windows 11 is here, and we went hands-on with it to see everything that's new in the next-gen OS.
New research finds that ransomware attackers are increasingly shifting from using emails as an intrusion route to purchasing access from other cybercriminal enterprises that have already infiltrated major targets.
Read: https://thehackernews.com/2021/06/ransomware-attackers-partnering-with.html
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
Read: https://thehackernews.com/2021/06/ransomware-attackers-partnering-with.html
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
The Hacker News
Ransomware Attackers Partnering With Cybercrime Groups to Hack High-Profile Targets
Cybercriminal groups partner with ransomware attack groups to hack high-profile targets.
Blue Team Techniques
1. Identify the attack paths in BloodHound breaking your AD tiering😁
https://github.com/improsec/ImproHound
2. Process Ghosting - New Executable Image Spoofing Attack
https://www.elastic.co/blog/process-ghosting-a-new-executable-image-tampering-attack
]-> https://github.com/hasherezade/process_ghosting
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
1. Identify the attack paths in BloodHound breaking your AD tiering😁
https://github.com/improsec/ImproHound
2. Process Ghosting - New Executable Image Spoofing Attack
https://www.elastic.co/blog/process-ghosting-a-new-executable-image-tampering-attack
]-> https://github.com/hasherezade/process_ghosting
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
GitHub
GitHub - improsec/ImproHound: Identify the attack paths in BloodHound breaking your AD tiering
Identify the attack paths in BloodHound breaking your AD tiering - improsec/ImproHound
Mitre Att&ck Matrix
Community Threats
https://github.com/scythe-io/community-threats
https://github.com/threat-punter/community-contributions
https://github.com/MISP/MISP
https://github.com/MISP/threat-actor-intelligence-server
https://github.com/MISP/misp-galaxy
https://github.com/mitre/cti
https://gist.github.com/MSAdministrator/5d152ef57e4021c4ffa242aa02e0fb37
https://github.com/Azure/Azure-Sentinel
Tools and Plugin - Free and Commercial
https://github.com/guardicore/monkey
https://github.com/center-for-threat-informed-defense/caldera_pathfinder
https://github.com/mitre/emu
https://www.scythe.io/adversary-emulation
https://github.com/redcanaryco/invoke-atomicredteam
https://github.com/uber-common/metta
https://github.com/NextronSystems/APTSimulator
https://github.com/endgameinc/RTA
https://www.encripto.no/en/downloads-2/tools/
https://github.com/TryCatchHCF/DumpsterFire
https://github.com/jymcheong/AutoTTP
https://mitre.github.io/unfetter/
https://github.com/fugawi/mate
https://github.com/praetorian-inc/purple-team-attack-automation
https://github.com/splunk/attack_range
https://github.com/Telefonica/ATTPwn
https://github.com/mvelazc0/PurpleSharp
https://github.com/timfrazier1/AdversarySimulation
https://github.com/redhuntlabs/RedHunt-OS
https://github.com/Cyb3rWard0g/Invoke-ATTACKAPI
https://github.com/SadProcessor/SomeStuff/blob/master/PoSh_ATTCK.ps1
https://github.com/OTRF/ATTACK-Python-Client
https://github.com/JimmyAstle/Atomic-Parser
https://www.cobaltstrike.com/
https://www.immunityinc.com/services/adversary-simulation.html
https://www.safebreach.com/SafeBreach-Labs-Presenting-New-Hacking-Techniques-and-Adversary-Simulation
https://simspace.com/products-components/
https://attackiq.com/platform/#how-firedrill-works
https://www.picussecurity.com/offensive-manager.html
https://docs.microsoft.com/pt-br/microsoft-365/security/office-365-security/attack-simulator?view=o365-worldwide
https://tearsecurity.com/index.html
https://www.xmcyber.com/why-haxm/
TTPs Creator
https://mitre-attack.github.io/attack-navigator
https://exploitpack.com/
https://www.metasploit.com/
https://i.blackhat.com/USA-19/Wednesday/us-19-Nickels-MITRE-ATTACK-The-Play-At-Home-Edition.pdf
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
Community Threats
https://github.com/scythe-io/community-threats
https://github.com/threat-punter/community-contributions
https://github.com/MISP/MISP
https://github.com/MISP/threat-actor-intelligence-server
https://github.com/MISP/misp-galaxy
https://github.com/mitre/cti
https://gist.github.com/MSAdministrator/5d152ef57e4021c4ffa242aa02e0fb37
https://github.com/Azure/Azure-Sentinel
Tools and Plugin - Free and Commercial
https://github.com/guardicore/monkey
https://github.com/center-for-threat-informed-defense/caldera_pathfinder
https://github.com/mitre/emu
https://www.scythe.io/adversary-emulation
https://github.com/redcanaryco/invoke-atomicredteam
https://github.com/uber-common/metta
https://github.com/NextronSystems/APTSimulator
https://github.com/endgameinc/RTA
https://www.encripto.no/en/downloads-2/tools/
https://github.com/TryCatchHCF/DumpsterFire
https://github.com/jymcheong/AutoTTP
https://mitre.github.io/unfetter/
https://github.com/fugawi/mate
https://github.com/praetorian-inc/purple-team-attack-automation
https://github.com/splunk/attack_range
https://github.com/Telefonica/ATTPwn
https://github.com/mvelazc0/PurpleSharp
https://github.com/timfrazier1/AdversarySimulation
https://github.com/redhuntlabs/RedHunt-OS
https://github.com/Cyb3rWard0g/Invoke-ATTACKAPI
https://github.com/SadProcessor/SomeStuff/blob/master/PoSh_ATTCK.ps1
https://github.com/OTRF/ATTACK-Python-Client
https://github.com/JimmyAstle/Atomic-Parser
https://www.cobaltstrike.com/
https://www.immunityinc.com/services/adversary-simulation.html
https://www.safebreach.com/SafeBreach-Labs-Presenting-New-Hacking-Techniques-and-Adversary-Simulation
https://simspace.com/products-components/
https://attackiq.com/platform/#how-firedrill-works
https://www.picussecurity.com/offensive-manager.html
https://docs.microsoft.com/pt-br/microsoft-365/security/office-365-security/attack-simulator?view=o365-worldwide
https://tearsecurity.com/index.html
https://www.xmcyber.com/why-haxm/
TTPs Creator
https://mitre-attack.github.io/attack-navigator
https://exploitpack.com/
https://www.metasploit.com/
https://i.blackhat.com/USA-19/Wednesday/us-19-Nickels-MITRE-ATTACK-The-Play-At-Home-Edition.pdf
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.26
cybersecurity_insights_report.pdf
5.7 MB
Analytics
#5G_Network_Security
AT&T Cybersecurity Insights Report:
"5G and the Journey to the Edge", 2021.
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.27
#5G_Network_Security
AT&T Cybersecurity Insights Report:
"5G and the Journey to the Edge", 2021.
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.27
What they see:
CISO , Senior this, Senior that, …
What they don’t see:
The struggle. The figuring it out.
It took me over 15 years to be where I am today. And I feel like I‘ve just started. So much more to learn and grow. So much more to come.
It has not been easy.
And it will probably never be easy.
So if you‘re looking for a career in cybersecurity or any other field -
Please know that everyone is struggling.
Everyone is figuring it out.
And that‘s okay. 🙂
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.27
CISO , Senior this, Senior that, …
What they don’t see:
The struggle. The figuring it out.
It took me over 15 years to be where I am today. And I feel like I‘ve just started. So much more to learn and grow. So much more to come.
It has not been easy.
And it will probably never be easy.
So if you‘re looking for a career in cybersecurity or any other field -
Please know that everyone is struggling.
Everyone is figuring it out.
And that‘s okay. 🙂
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.27
Malware analysis
1. Guide to a new Fivehands ransomware variant
https://research.nccgroup.com/2021/06/15/handy-guide-to-a-new-fivehands-ransomware-variant
2. Hades Ransomware Operators Use Distinctive Tactics and Infrastructure
https://www.secureworks.com/blog/hades-ransomware-operators-use-distinctive-tactics-and-infrastructure
Threat Research
EIP Stack Group OpENer information disclosure vulnerability (PoC for CVE-2021- 21777)
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1234
// information disclosure vulnerability in EIP Stack Group OpENer’s Ethernet/IP UDP handler
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.27
1. Guide to a new Fivehands ransomware variant
https://research.nccgroup.com/2021/06/15/handy-guide-to-a-new-fivehands-ransomware-variant
2. Hades Ransomware Operators Use Distinctive Tactics and Infrastructure
https://www.secureworks.com/blog/hades-ransomware-operators-use-distinctive-tactics-and-infrastructure
Threat Research
EIP Stack Group OpENer information disclosure vulnerability (PoC for CVE-2021- 21777)
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1234
// information disclosure vulnerability in EIP Stack Group OpENer’s Ethernet/IP UDP handler
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.27
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
making_visibility_definable_measurable.pdf
2.4 MB
Whitepaper
A SANS 2021 Report:
"Making Visibility Definable and Measurable", 2021.
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.27
A SANS 2021 Report:
"Making Visibility Definable and Measurable", 2021.
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.27
Telegram and Psiphon VPN users in #Iran are being targeted by new spyware from Ferocious Kitten—a covert surveillance APT group that's been in play for six years.
Details: https://thehackernews.com/2021/06/a-new-spyware-is-targeting-telegram-and.html
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.27
Details: https://thehackernews.com/2021/06/a-new-spyware-is-targeting-telegram-and.html
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.27
The Hacker News
A New Spyware is Targeting Telegram and Psiphon VPN Users in Iran
A spyware in a 6-year-old Ferocious Kitten covert surveillance campaign now targets Telegram and Psiphon VPN users in Iran.