Offensive security
1. Local file inclusion discovery and exploitation tool
https://github.com/hansmach1ne/lfimap
2. Adding a native sniffer to your implants:
decomposing and recomposing PktMon
https://adepts.of0x.cc/pktmon-dissection
Blue Team Techniques
QuickSand (ver.2) document and PDF malware analysis tool
https://github.com/tylabs/quicksand
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
1. Local file inclusion discovery and exploitation tool
https://github.com/hansmach1ne/lfimap
2. Adding a native sniffer to your implants:
decomposing and recomposing PktMon
https://adepts.of0x.cc/pktmon-dissection
Blue Team Techniques
QuickSand (ver.2) document and PDF malware analysis tool
https://github.com/tylabs/quicksand
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
GitHub
GitHub - hansmach1ne/LFImap: Local File Inclusion discovery and exploitation tool
Local File Inclusion discovery and exploitation tool - hansmach1ne/LFImap
Hells_Gate.pdf
372.4 KB
Whitepaper
"Hell’s Gate", 2021.
]-> Repo:
https://github.com/am0nsec/HellsGate
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
"Hell’s Gate", 2021.
]-> Repo:
https://github.com/am0nsec/HellsGate
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
Assessment_Endpoint_Detection_Response_Systems.pdf
5.5 MB
Research
"An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors", 2021.
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
"An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors", 2021.
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
Linux_Debugging_Disassembling_Rev.pdf
3.4 MB
Tech book
"Linux Debugging, Disassembling, Reversing. Practical Foundations: Training Course", 2021.
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
"Linux Debugging, Disassembling, Reversing. Practical Foundations: Training Course", 2021.
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
Attack Mental Models and
Reference Frameworks
The following is a list of some of the most useful mental models
commonly referenced in Infosec as well as the incredibly useful
frameworks that are being developed to standardize and organize key
cyber attack and defense techniques, threat intelligence and data.
• The Lockheed Martin Cyber Kill Chain
• Incident Response Cycle (NIST SP800-61r2)
• David Bianco’s Pyramid of Pain
• The Diamond Model of Intrusion Analysis
• MITRE ATT&CK – list of attacker tactics, techniques, procedures, tools,
threat groups, mitigation and detection options, and much more!
‒ ATT&CK Navigator – Supplementary visualization tool
• MITRE Shield – Tactics, techniques, and a knowledgebase for active defense
• ATC RE&CT – A framework, collection and data
source for incident response techniques
‒ RE&CT Navigator – Supplementary visualization tool
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
Reference Frameworks
The following is a list of some of the most useful mental models
commonly referenced in Infosec as well as the incredibly useful
frameworks that are being developed to standardize and organize key
cyber attack and defense techniques, threat intelligence and data.
• The Lockheed Martin Cyber Kill Chain
• Incident Response Cycle (NIST SP800-61r2)
• David Bianco’s Pyramid of Pain
• The Diamond Model of Intrusion Analysis
• MITRE ATT&CK – list of attacker tactics, techniques, procedures, tools,
threat groups, mitigation and detection options, and much more!
‒ ATT&CK Navigator – Supplementary visualization tool
• MITRE Shield – Tactics, techniques, and a knowledgebase for active defense
• ATC RE&CT – A framework, collection and data
source for incident response techniques
‒ RE&CT Navigator – Supplementary visualization tool
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
زمانی مرکز عملیات امنیت شما یک مرکز درست درمون محسوب میشه که:
Metrics
Metrics are used in a SOC as an incredibly important feedback mechanism.
This feedback is for both the SOC to measure itself, and as a communication
mechanism between the SOC and upper management. Internal metrics tracked
and watched by those inside the SOC need to show both measurements
telling those in the SOC if things are operating in the range of “business
as usual”, as well as how improvement initiatives and projects are
progressing. External metrics must focus on giving upper management the
information it needs to make risk and budget decisions, as well as clearly
demonstrate the return on investment being produced by the security
team. This section contains concepts and assessment considerations for
your metrics. Remember, success in the SOC relies on effectiveness in
both day-to-day operational tasks as well as continuous improvement
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
Metrics
Metrics are used in a SOC as an incredibly important feedback mechanism.
This feedback is for both the SOC to measure itself, and as a communication
mechanism between the SOC and upper management. Internal metrics tracked
and watched by those inside the SOC need to show both measurements
telling those in the SOC if things are operating in the range of “business
as usual”, as well as how improvement initiatives and projects are
progressing. External metrics must focus on giving upper management the
information it needs to make risk and budget decisions, as well as clearly
demonstrate the return on investment being produced by the security
team. This section contains concepts and assessment considerations for
your metrics. Remember, success in the SOC relies on effectiveness in
both day-to-day operational tasks as well as continuous improvement
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
Open-Source Tools
While there are many commercial cyber defense tools for all purposes,
teams with constrained budgets need not worry. In the hands of a driven and
motivated team, a world-class cyber defense can still easily be crafted using the
plethora of outstanding open-source and free solutions that are now available.
Here are some SOC team favorites across various categories:
Incident Management Systems
• TheHive
• FIR
Network Security Monitoring
• IDS, network metadata
‒ Suricata: IDS, network metadata, and PCAP capable
‒ EVEbox: Alert triage
‒ Snort
‒ Zeek
• Full Packet Capture
‒ Moloch
‒ Google Stenographer
‒ Netsniff-ng
• Distributions
‒ Security Onion
‒ RockNSM
Endpoint monitoring / HIDS
• NXLog Community Edition: logging agent
• OSQuery
• OSSEC: HIDS
• Sysmon
• Wazuh: HIDS
Incident Response
• Kansa
• Velociraptor
Malware Sandbox and Malware Analysis
• Cuckoo Sandbox
• REMnux: malware analysis tools Linux distro
Threat Intelligence Platforms
• MISP
• OpenCTI
Purple Team Testing and Reporting
• Vectr
SIEM / Log Management
• Elastic Stack
‒ Elastalert: Alerting Engine
Security Orchestration Automation and Response
• NSA Walkoff
• Shuffle
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
While there are many commercial cyber defense tools for all purposes,
teams with constrained budgets need not worry. In the hands of a driven and
motivated team, a world-class cyber defense can still easily be crafted using the
plethora of outstanding open-source and free solutions that are now available.
Here are some SOC team favorites across various categories:
Incident Management Systems
• TheHive
• FIR
Network Security Monitoring
• IDS, network metadata
‒ Suricata: IDS, network metadata, and PCAP capable
‒ EVEbox: Alert triage
‒ Snort
‒ Zeek
• Full Packet Capture
‒ Moloch
‒ Google Stenographer
‒ Netsniff-ng
• Distributions
‒ Security Onion
‒ RockNSM
Endpoint monitoring / HIDS
• NXLog Community Edition: logging agent
• OSQuery
• OSSEC: HIDS
• Sysmon
• Wazuh: HIDS
Incident Response
• Kansa
• Velociraptor
Malware Sandbox and Malware Analysis
• Cuckoo Sandbox
• REMnux: malware analysis tools Linux distro
Threat Intelligence Platforms
• MISP
• OpenCTI
Purple Team Testing and Reporting
• Vectr
SIEM / Log Management
• Elastic Stack
‒ Elastalert: Alerting Engine
Security Orchestration Automation and Response
• NSA Walkoff
• Shuffle
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
Podcasts
There are many high-quality podcasts available revolving around
the different aspects of cybersecurity, and this is by no means a
complete list. But it is provided as a great place to get started.
SANS / GIAC Produced Podcasts
• BLUEPRINT – John Hubbard
• GIAC Trust Me I’m Certified – Jason Nickola
• SANS Internet Storm Center – Johannes Ullrich
General
• Beers with Talos
• Brakeing Down Security
• Cyber Security Interviews
• The CyberWire Daily
• Darknet Diaries
• Defensive Security Podcast
• Hacker Valley Studio
• FireEye State of the Hack
• Paul’s Security Weekly, Enterprise Security Weekly
• Security Now
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
There are many high-quality podcasts available revolving around
the different aspects of cybersecurity, and this is by no means a
complete list. But it is provided as a great place to get started.
SANS / GIAC Produced Podcasts
• BLUEPRINT – John Hubbard
• GIAC Trust Me I’m Certified – Jason Nickola
• SANS Internet Storm Center – Johannes Ullrich
General
• Beers with Talos
• Brakeing Down Security
• Cyber Security Interviews
• The CyberWire Daily
• Darknet Diaries
• Defensive Security Podcast
• Hacker Valley Studio
• FireEye State of the Hack
• Paul’s Security Weekly, Enterprise Security Weekly
• Security Now
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
Books
Security Operations/Reference
• Crafting the InfoSec Playbook: Security Monitoring and Incident Response
Master Plan – Jeff Bollinger, Brandon Enrich, & Matthew Valite
• MITRE Top 10 Strategies of a World Class CSOC –
MITRE/Carson Zimmerman - FREE
• Blue Team Handbook: Incident Response Edition: A Condensed Field
Guide for the Cyber Security Incident Responder – Don Murdoch
• Blue Team Handbook: SOC, SIEM, and Threat-Hunting: A Condensed Guide
for the Security Operations Team and Threat Hunter – Don Murdoch
• Blue Team Field Manual – Alan White & Ben Clark
Malware
• Practical Malware Analysis - Michael Sikorski & Andrew Honig
• Malware Data Science - Joshua Saxe & Hillary Sanders
Incident Response
• Applied Incident Response – Steve Anson
Honeypots / Active Defense
• Intrusion Detection Honeypots: Detection Through Deception – Chris Sanders
• Offensive Countermeasures: The Art of Active Defense –
John Strand, Paul Asadoorian, & Ethan Robish
Threat Intelligence
• Intelligence-Driven Incident Response: Outwitting the
Adversary – Scott J. Roberts & Rebekah Brown
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
Security Operations/Reference
• Crafting the InfoSec Playbook: Security Monitoring and Incident Response
Master Plan – Jeff Bollinger, Brandon Enrich, & Matthew Valite
• MITRE Top 10 Strategies of a World Class CSOC –
MITRE/Carson Zimmerman - FREE
• Blue Team Handbook: Incident Response Edition: A Condensed Field
Guide for the Cyber Security Incident Responder – Don Murdoch
• Blue Team Handbook: SOC, SIEM, and Threat-Hunting: A Condensed Guide
for the Security Operations Team and Threat Hunter – Don Murdoch
• Blue Team Field Manual – Alan White & Ben Clark
Malware
• Practical Malware Analysis - Michael Sikorski & Andrew Honig
• Malware Data Science - Joshua Saxe & Hillary Sanders
Incident Response
• Applied Incident Response – Steve Anson
Honeypots / Active Defense
• Intrusion Detection Honeypots: Detection Through Deception – Chris Sanders
• Offensive Countermeasures: The Art of Active Defense –
John Strand, Paul Asadoorian, & Ethan Robish
Threat Intelligence
• Intelligence-Driven Incident Response: Outwitting the
Adversary – Scott J. Roberts & Rebekah Brown
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
suggested SANS Courses
for the Blue Team
Security Operations Center Specific Analyst and Management Training
• SEC450: Blue Team Fundamentals – Security Operations and Analysis
• SEC511: Continuous Monitoring and Security Operations – GMON
• MGT551: Building and Leading Security Operations Centers
• MGT512: Security Leadership Essentials for Managers
• MGT516: Managing Security Vulnerabilities: Enterprise and Cloud
Additional Defense and Security Operations Skills and Capabilities
• SEC503: Intrusion Detection In-Depth – GCIA
• SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling – GCIH
• SEC555: SIEM with Tactical Analytics
• SEC599: Defeating Advanced Adversaries - Purple
Team Tactics & Kill Chain Defenses – GDAT
• SEC699: Purple Team Tactics - Adversary Emulation
for Breach Prevention & Detection
Architecture
• SEC488: Cloud Security Essentials
• SEC530: Defensible Security Architecture and Engineering – GDSA
Other Related Specializations
• SEC487: Open-Source Intelligence – GOSI
• FOR500: Windows Forensics – GCFE
• FOR572: Advanced Network Forensics – GNFA
• FOR578: Cyber Threat Intelligence – GCTI
• FOR610: Reverse-Engineering Malware – GREM
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
for the Blue Team
Security Operations Center Specific Analyst and Management Training
• SEC450: Blue Team Fundamentals – Security Operations and Analysis
• SEC511: Continuous Monitoring and Security Operations – GMON
• MGT551: Building and Leading Security Operations Centers
• MGT512: Security Leadership Essentials for Managers
• MGT516: Managing Security Vulnerabilities: Enterprise and Cloud
Additional Defense and Security Operations Skills and Capabilities
• SEC503: Intrusion Detection In-Depth – GCIA
• SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling – GCIH
• SEC555: SIEM with Tactical Analytics
• SEC599: Defeating Advanced Adversaries - Purple
Team Tactics & Kill Chain Defenses – GDAT
• SEC699: Purple Team Tactics - Adversary Emulation
for Breach Prevention & Detection
Architecture
• SEC488: Cloud Security Essentials
• SEC530: Defensible Security Architecture and Engineering – GDSA
Other Related Specializations
• SEC487: Open-Source Intelligence – GOSI
• FOR500: Windows Forensics – GCFE
• FOR572: Advanced Network Forensics – GNFA
• FOR578: Cyber Threat Intelligence – GCTI
• FOR610: Reverse-Engineering Malware – GREM
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
Microsoft has found a new critical zero-day RCE vulnerability (CVE-2021-35211) affecting SolarWinds Serv-U that is being actively exploited by hackers.
Details —
https://thehackernews.com/2021/07/a-new-critical-solarwinds-zero-day.html
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
Details —
https://thehackernews.com/2021/07/a-new-critical-solarwinds-zero-day.html
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
Are you agree with me about this !?
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
Malware analysis
1. Analysis for the REvil Ransomware payload found in the Kaseya incident
https://chuongdong.com/reverse%20engineering/2021/07/11/REvilRansomware
2. BIOPASS RAT:
New Malware Sniffs Victims via Live Streaming
https://www.trendmicro.com/en_us/research/21/g/biopass-rat-new-malware-sniffs-victims-via-live-streaming.html
// Hackers Spread BIOPASS Malware via Chinese Online Gambling
Offensive security
Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket
https://github.com/tothi/rbcd-attack
Threat Research
Fault Injection Attacks
Part 1 - An Introduction to Fault Injection
https://research.nccgroup.com/2021/07/07/an-introduction-to-fault-injection-part-1-3
Part 2 - Software-Based Fault Injection Countermeasures
https://research.nccgroup.com/2021/07/08/software-based-fault-injection-countermeasures-part-2-3
Blue Team Techniques
1. Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm
https://github.com/rishuranjanofficial/JWTweak
2. Runtime Security and Forensics using eBPF
https://github.com/aquasecurity/tracee
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
1. Analysis for the REvil Ransomware payload found in the Kaseya incident
https://chuongdong.com/reverse%20engineering/2021/07/11/REvilRansomware
2. BIOPASS RAT:
New Malware Sniffs Victims via Live Streaming
https://www.trendmicro.com/en_us/research/21/g/biopass-rat-new-malware-sniffs-victims-via-live-streaming.html
// Hackers Spread BIOPASS Malware via Chinese Online Gambling
Offensive security
Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket
https://github.com/tothi/rbcd-attack
Threat Research
Fault Injection Attacks
Part 1 - An Introduction to Fault Injection
https://research.nccgroup.com/2021/07/07/an-introduction-to-fault-injection-part-1-3
Part 2 - Software-Based Fault Injection Countermeasures
https://research.nccgroup.com/2021/07/08/software-based-fault-injection-countermeasures-part-2-3
Blue Team Techniques
1. Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm
https://github.com/rishuranjanofficial/JWTweak
2. Runtime Security and Forensics using eBPF
https://github.com/aquasecurity/tracee
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
#جذب #استخدام
استخدام کارشناس فني در شرکت فناوران عصر شبکه پاسارگاد
شرکت فناوران عصر شبکه پاسارگاد، جهت تکميل کادر فني خود در نظر دارد، کارشناس با سابقه در زمينه Microsoft و Virtualization استخدام نمايد، لذا از افراد واجد شرايط زير دعوت به همکاري مي نمايد.
عنوان شغلي
کارشناس شبکه:
- مسلط به راه اندازي سرویس های Microsoft و Troubleshoot کردن آنها
- آشنا به مفاهیم Network (routing, switching)
- تسلط کامل به مجازي سازي (ESXi ,vCenter ,Veeam , Horizon View VDI)
- آشنايي کامل به سرويس هاي شبکه مبتني بر سيستم عامل ويندوز (DC ,DNS ,DHCP ,WSUS ,WDS, Exchange)
- آشنا به راهکارهايVMware SRM و VMware NSX
- آشنا به راهکار Cisco virtual WLC
- آشنا به ابزارهای مدیریت پروژه مانند trello
- آشنا به راهکارهاي پشتيبان گيري و Storage (EMC Unity , HP MSA)
- تسلط کامل به رفع و حل مشکل در شرايط بحراني
- توانايي رفتن به مأموريت هاي شهرستان
از متقاضيان واجد شرايط خواهشمنديم رزومه خود را صرفا به صورت فايل PDF با درج ميزان حقوق درخواستي به آدرس ايميل cv@faspco.com ارسال نمايند
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
استخدام کارشناس فني در شرکت فناوران عصر شبکه پاسارگاد
شرکت فناوران عصر شبکه پاسارگاد، جهت تکميل کادر فني خود در نظر دارد، کارشناس با سابقه در زمينه Microsoft و Virtualization استخدام نمايد، لذا از افراد واجد شرايط زير دعوت به همکاري مي نمايد.
عنوان شغلي
کارشناس شبکه:
- مسلط به راه اندازي سرویس های Microsoft و Troubleshoot کردن آنها
- آشنا به مفاهیم Network (routing, switching)
- تسلط کامل به مجازي سازي (ESXi ,vCenter ,Veeam , Horizon View VDI)
- آشنايي کامل به سرويس هاي شبکه مبتني بر سيستم عامل ويندوز (DC ,DNS ,DHCP ,WSUS ,WDS, Exchange)
- آشنا به راهکارهايVMware SRM و VMware NSX
- آشنا به راهکار Cisco virtual WLC
- آشنا به ابزارهای مدیریت پروژه مانند trello
- آشنا به راهکارهاي پشتيبان گيري و Storage (EMC Unity , HP MSA)
- تسلط کامل به رفع و حل مشکل در شرايط بحراني
- توانايي رفتن به مأموريت هاي شهرستان
از متقاضيان واجد شرايط خواهشمنديم رزومه خود را صرفا به صورت فايل PDF با درج ميزان حقوق درخواستي به آدرس ايميل cv@faspco.com ارسال نمايند
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
About the Event 201 exercise
Event 201 was a 3.5-hour pandemic tabletop exercise that simulated a series of dramatic, scenario-based facilitated discussions, confronting difficult, true-to-life dilemmas associated with response to a hypothetical, but scientifically plausible, pandemic. 15 global business, government, and public health leaders were players in the simulation exercise that highlighted unresolved real-world policy and economic issues that could be solved with sufficient political will, financial investment, and attention now and in the future.
The exercise consisted of pre-recorded news broadcasts, live “staff” briefings, and moderated discussions on specific topics. These issues were carefully designed in a compelling narrative that educated the participants and the audience.
The Johns Hopkins Center for Health Security, World Economic Forum, and Bill & Melinda Gates Foundation jointly propose these
https://books.google.com/books?id=kruwzQEACAAJ&dq=inauthor:%22Thierry+Malleret%22&hl=fa&sa=X&ved=2ahUKEwiGgu3z5pXwAhVZUBUIHbHZAJgQ6AEwAXoECAIQAw
https://www.centerforhealthsecurity.org/event201/about
👇🏻وييس بعدي
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
Event 201 was a 3.5-hour pandemic tabletop exercise that simulated a series of dramatic, scenario-based facilitated discussions, confronting difficult, true-to-life dilemmas associated with response to a hypothetical, but scientifically plausible, pandemic. 15 global business, government, and public health leaders were players in the simulation exercise that highlighted unresolved real-world policy and economic issues that could be solved with sufficient political will, financial investment, and attention now and in the future.
The exercise consisted of pre-recorded news broadcasts, live “staff” briefings, and moderated discussions on specific topics. These issues were carefully designed in a compelling narrative that educated the participants and the audience.
The Johns Hopkins Center for Health Security, World Economic Forum, and Bill & Melinda Gates Foundation jointly propose these
https://books.google.com/books?id=kruwzQEACAAJ&dq=inauthor:%22Thierry+Malleret%22&hl=fa&sa=X&ved=2ahUKEwiGgu3z5pXwAhVZUBUIHbHZAJgQ6AEwAXoECAIQAw
https://www.centerforhealthsecurity.org/event201/about
👇🏻وييس بعدي
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
خاموشی سراسری دنیا
<unknown>
این وویس به دستم رسیده تا دقیقه ٣ کلیاتی میگه که یا ادعاست یا جدید نیست ولی بعدش یه سری رفرنس هم میده. ممنون میشم اگه قابل اعتنا بود به من هم فیدبک بدی.
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22
exploit
Xiaomi - MIUI Powerkeeper App - Arbitrary File Write Via ZipSlip (PoC)
https://bugs.chromium.org/p/apvi/issues/detail?id=50
Red Team Tactics
1. redpwnCTF 2021 Chrome Sandbox Escape Writeup
https://robertchen.cc/blog/2021/07/12/empires-and-deserts
2. A Brief Survey of Code Obfuscation Techniques
https://chris124567.github.io/2021-06-23-survey-obfuscation
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.23
Xiaomi - MIUI Powerkeeper App - Arbitrary File Write Via ZipSlip (PoC)
https://bugs.chromium.org/p/apvi/issues/detail?id=50
Red Team Tactics
1. redpwnCTF 2021 Chrome Sandbox Escape Writeup
https://robertchen.cc/blog/2021/07/12/empires-and-deserts
2. A Brief Survey of Code Obfuscation Techniques
https://chris124567.github.io/2021-06-23-survey-obfuscation
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.23
robertchen.cc
Empires and Deserts
Abusing Mojo deserialization in the Chromium sandbox.
چگونه زنده تر باشیم
مت هیگ کتابی داره به نام انسانها.
شرح داستان کتاب، طولانیه و قصد ندارم اینجا بهش اشاره کنم.
اما بخشی از کتاب برای من جذاب بود و فکر میکنم شما هم دوستش داشته باشید.
جایی که «چند توصیه برای یک انسان» رو مطرح میکنه.
چند مورد رو انتخاب کردهام و «با جملهبندی خودم» نقل میکنم:
_زندگیِ تو حدود ۲۵۰۰۰ روز باشه. مطمئن باش کاری میکنی که بعضی از اون روزها برات به یادماندنی بشن.
_ بالاخره یه روز اتفاقهای بدی برات میفته. کسی رو داشته باش که اون روز بهش تکیه کنی.
_اگر چشمت به غروب افتاد، وایسا و نگاهش کن. هیچ کار واجبتری وجود نداره.
_بالاخره یه روزی انسانها روی مریخ زندگی خواهند کرد.
اما اونجا هم هیچوقت چیزی شگفتانگیزتر از یه طلوع ابری روی زمین پیدا نمیشه.
_ چند هزار سال دیگه، اگر هنوز بشری روی زمین باشه، تقریباً هر چیزی که امروز میدونی رد شده. و حرفها و افسانههای بزرگتری، که قراره اونها هم رد بشن، جای اینا رو گرفته.
_ تو از یه قدرت خارقالعاده برخوردار هستی:
قدرت توقف زمان. این کار رو میتونی با بوسیدن یا گوش دادن به موسیقی انجام بدی.
_ حرف مغزت رو گوش بده. حرف دلت رو گوش بده. حرف شهودت رو گوش بده. اصلاً هر حرفی رو گوش بده، غیر از دستورات رو.
_ زنده باش. این وظیفهی توست.
_ هیچکس تو رو کامل نخواهد فهمید. البته این موضوع در نهایت، اهمیتی هم نداره. اما مهمه که خودت، خودت رو بفهمی و درک کنی.
_سعی کن کارهایی انجام بدی که اگر لحظهی مرگت رسید، از اینکه مرگ رو در حین انجام اون کارها تجربه میکنی شاد بشی و لبخند بزنی.
همهی این حرفها و نکتههای مت هیگ رو دوست دارم. اما نکتهی آخر خیلی وقتها ذهنم رو مشغول میکنه.
از خودم میپرسم چند ساعت از روزم به چنین کارهایی میگذره؟
چقدر احتمال داره، با قاعدهی مت هیگ، لحظهی مرگ لبخند بزنم؟
محمدرضا شعبانعلی
-واقعي-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.23
مت هیگ کتابی داره به نام انسانها.
شرح داستان کتاب، طولانیه و قصد ندارم اینجا بهش اشاره کنم.
اما بخشی از کتاب برای من جذاب بود و فکر میکنم شما هم دوستش داشته باشید.
جایی که «چند توصیه برای یک انسان» رو مطرح میکنه.
چند مورد رو انتخاب کردهام و «با جملهبندی خودم» نقل میکنم:
_زندگیِ تو حدود ۲۵۰۰۰ روز باشه. مطمئن باش کاری میکنی که بعضی از اون روزها برات به یادماندنی بشن.
_ بالاخره یه روز اتفاقهای بدی برات میفته. کسی رو داشته باش که اون روز بهش تکیه کنی.
_اگر چشمت به غروب افتاد، وایسا و نگاهش کن. هیچ کار واجبتری وجود نداره.
_بالاخره یه روزی انسانها روی مریخ زندگی خواهند کرد.
اما اونجا هم هیچوقت چیزی شگفتانگیزتر از یه طلوع ابری روی زمین پیدا نمیشه.
_ چند هزار سال دیگه، اگر هنوز بشری روی زمین باشه، تقریباً هر چیزی که امروز میدونی رد شده. و حرفها و افسانههای بزرگتری، که قراره اونها هم رد بشن، جای اینا رو گرفته.
_ تو از یه قدرت خارقالعاده برخوردار هستی:
قدرت توقف زمان. این کار رو میتونی با بوسیدن یا گوش دادن به موسیقی انجام بدی.
_ حرف مغزت رو گوش بده. حرف دلت رو گوش بده. حرف شهودت رو گوش بده. اصلاً هر حرفی رو گوش بده، غیر از دستورات رو.
_ زنده باش. این وظیفهی توست.
_ هیچکس تو رو کامل نخواهد فهمید. البته این موضوع در نهایت، اهمیتی هم نداره. اما مهمه که خودت، خودت رو بفهمی و درک کنی.
_سعی کن کارهایی انجام بدی که اگر لحظهی مرگت رسید، از اینکه مرگ رو در حین انجام اون کارها تجربه میکنی شاد بشی و لبخند بزنی.
همهی این حرفها و نکتههای مت هیگ رو دوست دارم. اما نکتهی آخر خیلی وقتها ذهنم رو مشغول میکنه.
از خودم میپرسم چند ساعت از روزم به چنین کارهایی میگذره؟
چقدر احتمال داره، با قاعدهی مت هیگ، لحظهی مرگ لبخند بزنم؟
محمدرضا شعبانعلی
-واقعي-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.23
Blueprint - Rob van Os - Maturing your Cyber Defense | 15
Blueprint • 2021-04-13
Are you a manager looking to build or improve your SOC? Are you trying to understand how to measure your SOCs maturity or use cases or your threat hunting efforts? If so, today's episode with Rob van Os is for you. In this episode, we discuss the SOC CMM for SOC maturity measurement, the magma use case framework for building and tracking SOC use cases, and the Tahiti threat hunting methodology for showing ROI on threat hunting.
https://lnkd.in/d6DFGZx
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.24
Blueprint • 2021-04-13
Are you a manager looking to build or improve your SOC? Are you trying to understand how to measure your SOCs maturity or use cases or your threat hunting efforts? If so, today's episode with Rob van Os is for you. In this episode, we discuss the SOC CMM for SOC maturity measurement, the magma use case framework for building and tracking SOC use cases, and the Tahiti threat hunting methodology for showing ROI on threat hunting.
https://lnkd.in/d6DFGZx
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.24
lnkd.in
LinkedIn
This link will take you to a page that’s not on LinkedIn
Managing & Showing Value during Red Team Engagements & Purple Team Exercises
https://lnkd.in/dMaByRa
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.23
https://lnkd.in/dMaByRa
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.23
Daily Information Security Podcast ("StormCast")
https://lnkd.in/d5gqZsf
https://lnkd.in/d5gqZsf
lnkd.in
LinkedIn
This link will take you to a page that’s not on LinkedIn