Research
"TEEREX: Discovery and Exploitation of Memory Corruption Vulnerabilities in SGX Enclaves", 2020.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.11

Whitepaper
Intel Converged Security and Management Engine (CSME) Security Whitepaper, 2020.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.11

Research
"Obfuscated Access and Search Patterns in Searchable Encryption", 2021.
]-> Code to run the evaluation:
https://github.com/simon-oya/NDSS21-osse-evaluation


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.11

Tech book
"Securing Remote Access in Palo Alto Networks: Practical techniques to enable and protect remote users, improve your security posture, and troubleshoot next-generation firewalls", 2021.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.11

Blue Team Techniques
"IT Service Management and Infosec: Collaborate for Mutual Success", 2021


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.11

Take part in the RangeForce Persistence Challenge July 21 - August 8!

Later this month, we’ll be running exclusive cyber range exercises for members of the RangeForce Community Edition.

Compete for a chance to win prizes while sharpening your cybersecurity skills. Stay tuned for more details about the challenge.

Not yet a member of our free Community Edition? Join now: https://hubs.ly/H0R31lS0


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.11

وقتي مي‌گوييد به نام خدا،
نشانه آن اين است که خدا با شما باشد.
اگر نيست و حضورش در کارتان آشکار نيست،
پس هنوز به واقع نگفته‌ايد به اسم خدا.

اگر خدا با انسان باشد، نشانه‌ ها دارد.
نشانه حضور خدا چيست؟
نور است، شفا و برکت است، قدرت و توفيق است
بخشش و محبت است، حمايتي عظيم و پشتيباني شديد، قبول نکردن ظلم، چاپلوسی نکردن، بی منت بخشیدن...


پ ن:
گویند مردی از گرسنگی رو به مرگ بود. شیطان برای او غذایی آورد، به شرط آنکه ایمانش را به او بفروشد. مرد پس از سیری، از فروختن ایمان خود ابا کرد و گفت:
آنچه در گرسنگی فروختم، موهوم و معدومی بیش نبود، چرا که: آدم گرسنه دین و ایمان ندارد!


-گرگ گرسنه چو یافت گوشت، نپرسد
کاین شتر صالح است یا خرِ دجال-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.11

-😂🤣-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.11

ديشب خواب ديدم رفتم واكس بركت بزنم🤓، اشتباهي بهم انسولين زدند! يعني مسولين حتي تو خواب هم نميتونن يه كار درست بكنن🥸


-😂🤣-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.11

Encryption speed comparative table for some ransomware


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.12

Cloud Security
AWS Security Reference Architecture:
A guide to designing with AWS security services (.pdf)
]-> https://docs.aws.amazon.com/prescriptive-guidance/latest/security-reference-architecture/welcome.html
]-> Example solutions demonstrating how to implement the AWS Security Reference Architecture using AWS Control Tower, AWS Landing Zone, and CloudFormation:
https://github.com/aws-samples/aws-security-reference-architecture-examples


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.12

Malware analysis
1. IndigoZebra APT continues to attack Central Asia with evolving tools
https://research.checkpoint.com/2021/indigozebra-apt-continues-to-attack-central-asia-with-evolving-tools
2. Shelob Moonlight - Spinning a Larger Web
From IcedID to CONTI, a Trojan and Ransomware collaboration
https://www.cynet.com/attack-techniques-hands-on/shelob-moonlight-spinning-a-larger-web/?utm_content=171192942&utm_medium=social&utm_source=linkedin&hss_channel=lcp-9363621

Threat Research
1. The Complicated History of a Simple Linux Kernel API
https://grsecurity.net/complicated_history_simple_linux_kernel_api
2. Exploiting Insecure Deserialization Vulnerabilities Found in the Wild
https://macrosec.tech/index.php/2021/06/22/exploiting-insecure-deserialization-vulnerabilities-found-in-the-wild

exploit
CVE-2020-24511:
Improper isolation of shared resources in some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access (PoC)
https://github.com/AlAIAL90/CVE-2020-24511


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.12

⚡ Widespread supply-chain #ransomware attack hit hundreds of businesses overnight after REvil cybercriminals compromised Kaseya's IT management software and sent malicious updates to nearly 40 managed service providers (MSPs) worldwide.

Read: https://thehackernews.com/2021/07/kaseya-revil-ransomware-attack.html


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.12

Research
"On Using Application-Layer Middlebox Protocols for Peeking Behind NAT Gateways", 2020.
]-> Auxiliary material (UPnP IGD honeypot implementation + UPnP Checker):
https://github.com/RUB-SysSec/MiddleboxProtocolStudy


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.12

Whitepaper
"Linux Kernel Release Signing. Security Assessment", 2021.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.12

exploit
C# code for Transferring Backdoor Payloads by DNS Traffic (A - PTR Records) and Bypassing Anti-viruses😊
https://github.com/DamonMohammadbagher/NativePayload_DNS2

Offensive security
1. How Gopher works in escalating SSRFs
https://infosecwriteups.com/how-gopher-works-in-escalating-ssrfs-ce6e5459b630
]-> Tool:
https://github.com/tarunkant/Gopherus
2. 1-click meterpreter exploit chain with BeEF and AV/AMSI bypass
https://medium.com/@bluedenkare/1-click-meterpreter-exploit-chain-with-beef-and-av-amsi-bypass-96b0eb61f1b6

WLAN Security
Hacking the Dlink DIR-615
https://noob3xploiter.medium.com/hacking-the-dlink-dir-615-for-fun-and-no-profit-a2f1689f9920

Threat Research
1. Diavol Ransomware🥸
https://www.fortinet.com/blog/threat-research/diavol-new-ransomware-used-by-wizard-spider?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortinet%2Fblog%2Fthreat-research+%28Fortinet+Threat+Research+Blog%29
2. Backdoored Client from Mongolian CA MonPass
https://decoded.avast.io/luigicamastra/backdoored-client-from-mongolian-ca-monpass


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.12

#جذب #استخدام

٣ نفر كارشناس سرويس دسك- هلپ دسك
براي بانك ايران زمين- استخدام در شركت خصوصي ذينفع خود بانك

رنج حقوق ٥ -7 م ت

ارسال رزومه مرتبط و به روز به آي دي واتس اپ
0912.1964383


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.12

مشابه اين كسي محتواي آموزشي در دسترس دارد!؟
https://archive.nullcon.net/website/goa-14/training/penetration-testing-smartgrid-and-scada.php


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.12

Start by going to www.microsoft.com/learning and follow the screen shots below. 

https://lnkd.in/dczfFwg


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.12

SC-900: Microsoft Security, Compliance, and Identity Fundamentals Microsoft Official Practice Test

https://lnkd.in/d62RhNW


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.12

گاهی آدم باید اونقدر خوب باشه که ببخشه، اما اونقدر احمق نباشه که دوباره اعتماد کنه!


-🤲🏻-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.12