If your super new to Hacking and want to learn how to get started ? Just sign up to Tryhackme and keep working on from fundamentals hands on

https://tryhackme.com/signup?referrer=1ccc5534746cbb252bb294b80df1ce7c7ebe2037


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

https://www.xmind.net/m/8Hkymg/


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

[#PacktPub] Microsoft Azure Administrator – Exam Guide AZ-103

WARNING — Microsoft's emergency patch update for the PrintNightmare RCE exploit fails to fully address the Windows vulnerability & can be bypassed in certain scenarios, allowing attackers to execute arbitrary code on infected systems.

Details: https://thehackernews.com/2021/07/microsofts-emergency-patch-fails-to.html


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

Phishing links (T1566.002) are still one of the most used initial access techniques. A long time ago, I wrote a blog about how to analyze URLs that users click inside the Outlook app with Sysmon.
Hunting Phishing URLs in Emails with Sysmon
Being an important attack vector, phishing emails are hard to detect. Thanks to Microsoft Sysmon, we can track or detect…
mergene.medium.com
In this post, I’ll explain how to extract those URLs with KQL and perform threat hunting. Since the new attacks are evolved and a phishing link can be inside a PDF or a Word file, I’ll cover Office, PDF, and other apps as well.

https://posts.bluraven.io/hunting-for-phishing-links-using-sysmon-and-kql-e87d1118ce5e


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

SideCopy cyber-espionage APT group—potentially linked to Pakistan—has been observed increasingly targeting Indian government personnel with as many as 4 new custom remote-access #malware.
Details: https://thehackernews.com/2021/07/sidecopy-hackers-target-indian.html

Cybersecurity researchers uncovered a new ongoing cyberespionage campaign targeting corporate networks with malware in Spanish-speaking countries, specifically Venezuela, to spy on their victims.

How to Mitigate Microsoft Print Spooler Vulnerability – PrintNightmare (CVE-2021-34527)
https://thehackernews.com/2021/07/how-to-mitigate-microsoft-print-spooler.html
Read: https://thehackernews.com/2021/07/experts-uncover-malware-attacks.html


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

“Security and development teams need to discuss standards for languages and frameworks to make sure risk is acceptable before deployment.”


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

امنيت انفرادي نيست، تيم محور است.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

مركز عمليات امنيت شما در چه وضعيتي هست!؟اصلا كمكي به تداوم امن كسب و كار شما داشته!؟آيا پيش نياز هاي آن را در نظر گرفتيد!؟الان كه اين مركز در سازمان شما وجود دارد،نسبت به قبل چه متريك هاي اثر بخشي را ميتوانيد مديريت كنيد!؟


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

“Today, organizations can build in security as an integrated part of the migration to IaaS services, optimizing security processes so they can be extended to work seamlessly across both local and external services.”


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

WATCH OUT!

Hackers have been found to use a new technique to completely disable macro security warnings in Office files—without requiring user interaction—and infect victims' computers with malware.

Read: https://thehackernews.com/2021/07/hackers-use-new-trick-to-disable-macro.html


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18

Red Team Tactics
1. Open-Source PE Packer
https://iwantmore.pizza/posts/PEzor4.html
]-> https://github.com/phra/PEzor
2. XNU IPC - Mach messages
https://dmcyk.xyz/post/xnu_ipc_i_mach_messages
3. Avoiding Fork&Run .NET Execution With InlineExecute-Assembly
https://securityintelligence.com/posts/net-execution-inlineexecute-assembly
]-> Beacon Object File PoC:
https://github.com/xforcered/InlineExecute-Assembly

Blue Team Techniques
API Security Need to Know:
Top 5 Authentication Pitfalls
https://www.cequence.ai/blog/api-security-need-to-know-top-5-authentication-pitfalls

Threat Research
CVE-2021-28474:
SharePoint RCE via Server-Side Control Interpretation Conflict
https://www.zerodayinitiative.com/blog/2021/7/7/cve-2021-28474-sharepoint-remote-code-execution-via-server-side-control-interpretation-conflict

Cloud Security
REST API Fuzz Testing (RAFT):
Source code for self-hosted service developed for Azure, including the API, orchestration engine, and default set of security tools (including MSR's RESTler), that enables developers to embed security tooling into their CI/CD workflows
https://github.com/microsoft/rest-api-fuzz-testing


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18

ما برق نداریم یکی‌تون تلوزیون رو روشن کنه ببینه صداوسیما در مورد مزیت‌های رفتن برق داره چی میگه؟


-😨-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18

https://github.com/cado-security/DFIR_Resources_REvil_Kaseya/


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18

WLAN Security
1. Reverse Engineering WiFi Driver on RISC-V BL602
https://lupyuen.github.io/articles/wifi
2. Dumping and extracting the SpaceX Starlink User Terminal firmware
https://www.esat.kuleuven.be/cosic/blog/dumping-and-extracting-the-spacex-starlink-user-terminal-firmware

Malware analysis
1. A machine learning approach to inferring the maliciousness of unknown IP addresses, autonomous systems, and ISPs👍🏽
https://ai.sophos.com/2021/05/10/using-ai-to-detect-malicious-ip-addresses-clusters
2. WildPressure macOS Trojan
https://securelist.com/wildpressure-targets-macos/103072


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18

براي هر هدفي برنامه لازمه +همت و پشتكار+علاقه بولد👍🏽✌🏼


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18

قيمت هاي پرت كم نيست در حوزه امنيت اما،
ا م ا
اگر قيمت رو پايين دادن بدونيم كيفيت هم در قسمت اعظم اين كيس ها سقوط كرده😀

براي هر موضوعي ميتوان قيمت مشخص و حدودي معقول با برآورد كارشناس نفر ساعت و تخصصي بودن موضوع تخمين زد.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18

كلي انرژي رفت و برگشت براتون آرزو ميكنم، اونم با كليد واژه هاي محبوب شما
كه حال ادم و ميسازه، 😁✌🏼دم و بازدم'


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18

حمله سايبري به وب سرويس… راه آهن كشور
و يكرسي impact
روي يكسري fcp ها مثل پارس انلاين، هاي وب و….
فارغ از صحت اين موضوع كه معمولا گم ميشه در گزارشات و مرور زمان، فاكتور مهم داشتن برنامه مناسب براي برخورد با اين حملات، مديريت حادثه، ايزوله سازي، بررسي و جرم يابي ،
گزارش rca😊 و لسن لرن ميباشد
و پيشنهاد مي شود در مسير امن
مثل ساختار
Isac
اين يادگيري به اشتراك گذاشته شود !

فقط هي اين خبر رو كپي پبست نكنيم😊
كه اخ هك!هيچ كمكي به امنيت دارايي هاي كشور نميكند!


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18

اگر آنچه را که من درباره قدرتِ بخشش‌کردن می‌دانم، می‌دانستی،
حتی وعده ی غذایی را بدون آنکه آن را به‌نحوی با دیگران ‌اشتراک‌بگذاری رها نمی‌کردی.


- خداوند شبان من است-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18

OSCE³ Study Guide by Joas
OSWE, OSEP, OSED
كامل و جامع😏

https://github.com/CyberSecurityUP/OSCE-Complete-Guide


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.19