Cybersecurity has a many free resources, you them before you spend money

You can use free resources to increase your knowledge and value. Cybersecurity offers a lot of free (or affordable) resources. Here, I talk about the red and blue part but do not forget, Cybersecurity is much more than that. On the red side, we have countless options in different fields. The following picture shows a selection,…
https://www.cyberhuntingguide.net/free-resources.html


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.19

https://github.com/splunk/security_content/releases/tag/v3.24.0


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.19

#cve #windows #spooler #rce

PrintNightmare (CVE-2021-1675): Remote code execution in Windows Spooler Service

Source :
https://github.com/afwu/PrintNightmare


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.19

How To Download The Windows 11 Beta Now
https://www.techadvisor.com/how-to/windows/windows-11-beta-3806180/


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.19

https://start.me/p/ADwq1n/getting-started-in-information-security
😁كلي منبع


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.19

https://www.netacad.com/courses/networking/networking-essentials

Get free certificate by cisco for networking👆👆


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.19

https://www.netacad.com/courses/iot/introduction-iot

Get free certificate by cisco for iot
👆👆


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.19

Threat Research
1. Global Phishing Campaign Targets Energy Sector and its Suppliers😄
https://www.intezer.com/blog/research/global-phishing-campaign-targets-energy-sector-and-its-suppliers
2. Tracking Cobalt Strike: A Trend Micro Vision One Investigation👍🏽
https://www.trendmicro.com/en_us/research/21/g/tracking_cobalt_strike_a_vision_one_investigation.html

Red Team Tactics
1. Code Injection, Inject malicious payload via pagetables pml4😄
https://github.com/kkent030315/PageTableInjection
2. VBA Stomping - Advanced Maldoc Techniques
https://medium.com/walmartglobaltech/vba-stomping-advanced-maldoc-techniques-612c484ab278

Code Property Graph (CPG) frontend for binary applications and libraries
https://github.com/joernio/ghidra2cpg

Malware analysis
Hackers Use New Trick to Disable Macro Security Warnings in Malicious Office Files😎
https://thehackernews.com/2021/07/hackers-use-new-trick-to-disable-macro.html?m=1

CVE-2021-35368:
CRS Request Body Bypass
https://coreruleset.org/20210630/cve-2021-35368-crs-request-body-bypass


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.20

ديروز يه ٢ ساعتي از ١٠-١٢ دور خودم ميچرخيدم حدفاصل جردن- بهرامي - وليعصر
اينقد صحنه خوبه و بد ديدم😄سرگرم بودم اخر سر جا پارك گيرم نيومد😾تو ماشين نشستم يه ٢ ساعتي روي مستند فرآيند هاي امنيت و راهبرد آن كار كردن 😁نداريد!؟خوب كپي پيست مثل همه مستندات ISMS نيست كه😏
تا الان روي نهايي سازي درفت ١.٤ اش در حال گل بازي بودم از NIST سر ميخوردم تو سازمان استانداردiso از اونجا تاب روي الزامات😁
يك طرفم سند استراتژيك جامع و چابك امنيت سايبري حوزه IT

كم كم آمدم بخوابم، اين تصوير رو ديدم
اصلا خواستم مستنداتي كه كلمه به كلمه اش و چند ماهي هست درگير اشم بند بند آتيش بزنم از اين اوضاع نا به سامان

مارا چه شده است.
جز بي كفايتي موردي هست!؟


پ ن: صف ایرانیان در مرز ارمنستان و ميبيني! سر ميشم! به قول شمس تبریزی مورد علاقم:

«شناخت این قوم دشوارتر است از شناخت حق»


Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.20

[#PacktPub] VMware vSphere 6.7 Cookbook - Fourth Edition

Research
"SEVerity: Code Injection Attacks against Encrypted Virtual Machines", 2021.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.20

Offensive security
"FUSE: Finding File Upload Bugs via Penetration Testing", 2020.
]-> A penetration testing tool for finding file upload bugs:
https://github.com/WSP-LAB/FUSE


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.20

Research
"Evaluation of Cache Attacks on Arm Processors and Secure Caches", 2021.

// This work shows for the first time a systematic, large-scale analysis of Arm devices and the detailed results of attacks the processors are vulnerable to


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.20

Tech book
Red Team Tactics
"Launching Exploits: One Small Vulnerability for a Company, one Giant Heap for Port Bind", 2020.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.20

Research
"Manipulating the Byzantine: Optimizing Model Poisoning Attacks and Defenses for Federated Learning", 2021.
]-> Code:
https://github.com/vrt1shjwlkr/NDSS21-Model-Poisoning


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.20

Malware analysis
GotYou.exe (Evasive btc miner) Analysis Paper


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.20

Whitepaper
"InSideCopy: How this APT continues to evolve its arsenal", 2021.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.20

https://www.splunk.com/en_us/blog/security/i-pity-the-spool-detecting-printnightmare-cve-2021-34527.html


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.20

بعد از یک حمله سایبری
لسن لرن دارید؟

قبل از حملات آیا ترند های حملات را با یکدیگر شخصی - حقوقی - سازمانی - تیمی
...
به اشتراک میگذارید؟

Information Sharing
Every organization has its own information about attacks. After all, attackers are very busy, and organizations around the world are defending themselves against various threat groups. In the process, the organizations catch some attacks in their logs, either because they were blocking and logging or because the attacker got in and left artifacts behind. Organizations may get breached and then have to launch an investigation, which may require the help of an external party to handle the incident investigation and guide the remediation activities.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.20

1.
Indicate steps required to protect against a ransomware attack.
Build Protections
Protection vs. Remediation
Threat-Informed Email Protection
Security Awareness and Training
2.
Select an appropriate remediation strategy for after an attack.
Remediation Plan
Backup Strategy
Network Segmentation
Isolation and Containment
Regulatory Concerns
3.
Recognize external entities required for planning and response.
Cyber Insurance
Ransomware Negotiation
Effective Communications


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.20