“Companies using on-premises environments have been leveraging DevOps processes to create close coordination between the developers, who create new applications, and operations, which provides the virtual machines they run on. The cloud brings a whole host of services to automate all aspects of the infrastructure deployment and management that on-premises services are unable to match.”


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.13

EWhy a Framework?
Regardless of the existing level of operations maturity, security teams face common needs:
• Adapting to changing business demands and evolving threats
• Obtaining management support for necessary resources and changes in IT or other areas
• Demonstrating improvement and providing risk assessment and forecasting
• Reducing the burden of satisfying auditors that security operations are compliant
A security framework, with its recommended set of security processes and controls, along with a risk assessment and management approach to match the appropriate set of controls to the business and threat environment, is an efficient way to meet these needs. Using an established framework can take the guesswork out of the process for smaller organizations, while allowing larger and more mature security operations to justify their decisions and resource requests to management and auditors


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.13

1. Which of the following is concerned with policy and direction?
a) Capacity management
b) Governance
c) Service design
d) Service level management

2.Software and technology are examples of which of the four Ps?
a) Processes
b) Performance
c) Products
d) Partners

03. Who normally chairs a change advisory board (CAB)?
a) Change initiator
b) Service owner
c) Change manager
d) Business relationship manager


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.13

04. Which process will regularly analyze incident data to identify discernable trends?
a) Service level management
b) Problem management
c) Change management
d) Event management
 
05. What is the MAIN reason for a service provider to understand the five aspects of service design?
a) To prevent security breaches in mission critical services
b) To ensure a holistic, results-driven approach
c) To allow service design to cut costs
d) To prevent breaches of service level agreements (SLAs)
 
06. Which three are the characteristics of ITIL guidance that help to make it successful?
a) Prescriptive, best practice and solution specific
b) Publicly available, prescriptive and best practice
c) Vendor neutral, non-prescriptive and best practice
d) Publicly available, solution specific and vendor neutral


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.13

07. A significant, unresolved problem is likely to cause major business disruption. Where is this MOST LIKELY to be escalated to?
a) IT service continuity management
b) Availability management
c) Incident management
d) Change management
 
08. Which is the BEST description of a service request?
a) A request from a user for information, advice or for a standard change
b) Anything that the customer wants and is prepared to pay for
c) Any request or demand that is entered by a user via a self-help web-based interface
d) Any request for change (RFC) that is low-risk and which can be approved by the change manager without a change advisory board (CAB) meeting
 
09. Which is an objective of service transition?
a) To negotiate service levels for new services
b) To ensure that service changes create the expected business value
c) To reduce the impact of business critical service outages on key services
d) To plan and manage entries in the service catalogue


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.13

https://www.udemy.com/course/practical-ethical-hacking-for-beginners/?couponCode=4JULYFREE


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.13

Printnightmare All Techniques and Mitre Att&ck Map by Joas

Active Directory: https://lnkd.in/eCvqMNR

Windows Server 2016: https://lnkd.in/ePpbNZc

PoC Printnightmare: https://lnkd.in/eQB4HAS

ACLs Fix Printnightmare: https://lnkd.in/e_kr5Sz

Windows 10 PoC 1: https://lnkd.in/ejxBm-Y

Windows 10 PoC 2: https://lnkd.in/eyBYXMH

Windows 10 PoC 3: https://lnkd.in/e44Kfub

Windows Server 2019: https://lnkd.in/e3wxgyB


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.13

هرشب
بعد از خارج شدن از محل كار
زیر شانه‌های وطنم را می‌گیرم
دستش را تکیه می‌دهم
به کمرگاه صخره‌ای در کوهستان
همين حوالي
و باهم
نقشهء فرار می‌کشیم


‎-!ندارد-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.14

Tech book
"TCP/IP Protocol, for beginners:
The Ultimate Beginner's Guide to Learn TCP/IP protocol Step by Step", 2021.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.14

MTK6765 Bootrom protection and unlocked password protection
https://github.com/MTK-bypass/bypass_utility

Aggressive compile-time optimizations for JavaScript via dynamic symbolic VM execution
https://github.com/undefinedbuddy/optimizr

Threat Research👍🏽
Kaseya supply‑chain attack
https://www.welivesecurity.com/2021/07/03/kaseya-supply-chain-attack-what-we-know-so-far

Red Team Tactics
1. Inconsistent Behavior of Go's CGI and FastCGI Transport May Lead to XSS...
https://www.redteam-pentesting.de/de/advisories/rt-sa-2020-004/-inconsistent-behavior-of-gos-cgi-and-fastcgi-transport-may-lead-to-cross-site-scripting
2. IDOR (Insecure Direct Object References)
https://medium.com/@aysebilgegunduz/everything-you-need-to-know-about-idor-insecure-direct-object-references-375f83e03a87


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.14

آينده از آن، هوش مصنوعي و يادگيري ماشين هست، با توجه به حملات عجيب و غريب و زير و دي و منفي دي😜شما براي اين ترند چه طرح هاي در آتي در دستور كار داريد.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.14

در سازمان شما به ازاي هر سرويس low level design وجود خارجي دارد!؟از اهميت اين مستندات مطلع هستيد!؟
اين نوع سند ميبايست شامل ojt
و محتواي آموزش حين كار +محتواي مرتبط با طراحي، پياده سازي، راهبري، خطا يابي آن سرويس باشد.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.14

پيش نياز هاي تخصصي حوزه مد نظر خود را به درستي انتخاب كنيد، تا مسير موفقيت هموارتر و اثر بخش باشد.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.14

REvil gang exploited a zero-day vulnerability affecting VSA software in the recent massive supply-chain ransomware attack that triggered a chain of infection that compromised thousands of businesses.

Read: https://thehackernews.com/2021/07/revil-used-0-day-in-kaseya-ransomware.html

The hackers are now asking for $70 million to unlock all affected systems with a universal decryption programme.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.14

Cloud Security
How to monitor and track failed logins for your AWS Managed Microsoft AD🤪
https://aws.amazon.com/ru/blogs/security/how-to-monitor-and-track-failed-logins-for-your-aws-managed-microsoft-ad

Offensive security
1. Understanding & Detecting C2 Frameworks - DarkFinger-C2👍🏽
https://nasbench.medium.com/understanding-detecting-c2-frameworks-darkfinger-c2-539c79282a1c
2. Heap-based AMSI bypass for MS Excel VBA and others
https://codewhitesec.blogspot.com/2019/07/heap-based-amsi-bypass-in-vba.html?m=1

exploit
CVE-2021-26892:
An Authorization Bypass on the Microsoft Windows EFI System Partition
https://www.zerodayinitiative.com/blog/2021/6/30/cve-2021-26892-an-authorization-bypass-on-the-microsoft-windows-efi-system-partition

Cloud Security
Cloudquery transforms cloud infrastructure into SQL database for easy monitoring, governance and security
https://github.com/cloudquery/cloudquery?rdt_cid=3165982334197510857


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.14

Threat Hunting using DNS logs – Soc Incident Response Procedure
Read Here:

https://www-socinvestigation-com.cdn.ampproject.org/c/s/www.socinvestigation.com/threat-hunting-using-dns-logs-soc-incident-response-procedure/amp/


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.14

Application development teams need to ensure no sensitive material like encryption keys or credentials are stored in definition files, on systems that are exposed or in code that could be exposed.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.14

بخشی از خاطرات محمود ضرابی، خلبان جنگ هشت‌ساله

«داریوش عبدالعظیمی یکی از خلبانان جنگنده F-4 و از بچه‌های خالص و مخلص بود که در یکی از پروازها دچار حادثه می‌شود و بسیاری از نقاط بدنش می‌شکند و در بیمارستان نیروی هوایی بستری می‌شود. من نیز به حکم وظیفه برای احوال‌پرسی رفتم، دیدم که بدنش از گردن تا پا داخل گچ است و اتاق هم پر است از دوستانی که همگی اظهار لطف داشتند. وقتی اتاق خالی شد به من گفت: «می‌توانم چیزی بپرسم؟»

او در آن موقع سروان بود و من سرگرد بودم و مانند یاسینی و دوران خیلی به من اظهار لطف می‌کرد؛ در واقع انسان‌های مؤدبی بودند. گفت:

«من هر موقع وارد خاک عراق می‌شوم، متوجه می‌شوم.»
پرسیدم: «چه‌جوری؟»
گفت: «بلافاصله دهنم تلخ می‌شود. این موضوع را از سعید فریدونی پرسیدم، او هم همین‌طور است.»
گفتم: «داریوش من هم همین‌طور هستم.»

بعدها از یک پزشک این موضوع را پرسیدم، او گفت که این مسئله کاملا طبیعی است و وقتی آدرنالین خون شما بالا می‌رود، یک سری فعل و انفعالات در بدن رخ می‌دهد که در واقع می‌خواهد به شما هشدار بدهد که در منطقه غریبه هستید.»

:) داشتم برای کناردستی‌م این رو تعریف می‌کردم و بهش می‌گفتم یه وقت‌هایی هست هرجور خودت رو جمع می‌کنی که نترسی، به‌هم نریزی، واهمه نداشته باشی، بازم دهنت تلخه.
بازم فیزیولوژی‌ این حقیقت رو به روت میاره که:
«این موقعیت واقعاً ترسناکه، واقعاً خطر داره، حق نداری نترسی!»


‎-🤲🏻-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.14

Udemy Reverse Engineering, Debugging and Malware Analysis - 2021

ثبت نام رايگان تا ١٦ ساعت

Free Enroll Link - https://ssup.co/udemy/com/f7xZ

The analysis provides information about how the malware was able to compromise the system. With this information, network administrators are able to impose policies to mitigate the attack. If the malware was able to enter the system because of a user opening an email attachment that contains JavaScript code, the network administrator would implement the blocking of emails that contain a JavaScript attachment.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.14

Udemy Digital Forensics - Complete Digital Forensics Masterclass

ثبت نام محدود و رايگان

Free Enroll Link - https://ssup.co/udemy/com/Pizf

Digital Forensics is defined as the process of preservation, identification, extraction, and documentation of computer evidence which can be used by the court of law. It is a science of finding evidence from digital media like a computer, mobile phone, server, or network. It provides the forensic team with the best techniques and tools to solve complicated digital-related cases. Digital Forensics helps the forensic team to analyzes, inspect, identifies, and preserve the digital evidence residing on various types of electronic devices.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.14

Udemy Practical Ethical Hacking for Beginners

رايگان و محدود👍🏽
Free Enroll Link - https://ssup.co/udemy/com/m9OY

This course is for anyone interested in becoming an ethical hacker, no matter your current skill level. The curriculum is designed for absolute beginners interested in a career as a security professional, beginning with the absolute basics of penetration testing, and progressing to advanced topics and techniques. Get started today in your Ethical Hacking career.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.15