In the realm of cybersecurity, staying ahead of threats is paramount. Today, let's explore the dynamic duo of Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) in the visual realm. 🌐✨

👁️‍🗨️ Intrusion Detection System (IDS): Think of IDS as the vigilant watchtower of your digital infrastructure. It diligently monitors network and system activities, raising an alert when suspicious behavior is detected. 🚨

🛡️ Intrusion Prevention System (IPS): Now, meet the proactive guardian – IPS. Not content with just raising the alarm, IPS takes it a step further by actively blocking potential threats. It's the digital shield that fortifies your defenses. 💪🔒

🔄 Balancing Act: The key lies in striking the right balance between detection and prevention. While IDS provides valuable insights, IPS adds an extra layer of defense, actively thwarting threats in real-time. Together, they create a robust security ecosystem. 🌐🤝

@OUPNarith

𝐂𝐘𝐁𝐄𝐑 𝐒𝐄𝐂𝐔𝐑𝐈𝐓𝐘 𝐎𝐏𝐄𝐍 𝐒𝐎𝐔𝐑𝐂𝐄 𝐓𝐎𝐎𝐋𝐒

🎯 1. Zeek: https://zeek.org/ Network Security Monitoring
🎯 2. ClamAV: https://www.clamav.net/ Antivirus
🎯 3. OpenVAS: https://www.openvas.org/ Vulnerability Scanner
🎯 4. TheHive: https://lnkd.in/e7aVCRUZ Incident Response
🎯 5. PFSense: https://www.pfsense.org/ Security appliance (firewall/VPN/router)
🎯 6. Elastic: https://www.elastic.co/de/ Analytics
🎯 7. Osquery: https://www.osquery.io/ Endpoint visibility
🎯 8. Arkime: https://arkime.com/ Packet capture and search
🎯 9. Wazuh: https://wazuh.com/ XDR and SIEM
🎯 10. Alien Vault Ossim: https://lnkd.in/eShQt29h SIEM
🎯 11. Velociraptor: https://lnkd.in/eYehEaNa Forensic and IR
🎯 12. MISP project: https://lnkd.in/emaSrT57 Information sharing and Threat Intelligence
🎯 13. Kali: https://www.kali.org/ Security OS
🎯 14. Parrot: https://www.parrotsec.org/ Security OS
🎯 15. OpenIAM: https://www.openiam.com/ IAM
🎯 16. Yara: https://lnkd.in/eEJegEak Patterns
🎯 17. Wireguard: https://www.wireguard.com/ VPN
🎯 18. OSSEC: https://www.ossec.net/ HIDS
🎯 19. Suricata: https://suricata.io/ IDS/IPS
🎯 20. Shuffler: https://shuffler.io/ SOAR
🎯 21. Phish Report: https://phish.report/ Anti Phishing
🎯 22. Graylog: https://lnkd.in/eAFuUmuw Logmanagement
🎯 23. Trivy: https://lnkd.in/e7JxXStY DevOps/IaC Scanning
🎯 24. OpenEDR: https://openedr.com/ EDR
🎯 25. Metasploit: https://lnkd.in/e4ECX-py Pentest
🎯 26. NMAP: https://nmap.org/ Old but gold

JOIN: https://t.me/OUPNarith

Credits: Seyed Arshia Ahmadi

@OUPNarith

Blackjack hackers linked to Ukraine’s SBU breached computer systems at a Moscow-based M9 internet provider in retaliation for a Russian cyberattack on Ukrainian Kyivstar, deleting 20 terrabytes of data and leaving some Moscow residents without internet.

https://www.reuters.com/technology/cybersecurity/hackers-hit-moscow-internet-provider-response-kyivstar-cyber-attack-source-2024-01-09/

@OUPNarith

Don't burn your energy to things which are beyond your control.

@OUPNarith

WEF The Global Risks Report 2024 - 19th Edition

1. Misinformation and Disinformation
2. Extreme weather events
3. Social Polarisation
4. Cyber insecurity
5. Interstate armed conflict
6. Lack of economic opportunity
7. Inflation
8. Involuntary migration
9. Economic downturn
10. Pollution

@OUPNarith

The visualization of the MGM Resorts Cyber Attack.

The MGM Resorts Cyber Attack was a complex and sophisticated attack that involved multiple techniques. The attackers employed a series of tactics, starting with scanning LinkedIn to identify MGM employees likely to have privileged access, particularly to Okta, a critical identity management service. Next, they used impersonation techniques to deceive the IT help desk vendor, who believed they were dealing with a privileged MGM user. As a result, the help desk was tricked into resetting Multi-Factor Authentication (MFA) for a privileged user, giving the attackers access to Okta.

With privileged access, the attackers were able to compromise more administrative accounts and move laterally through the MGM network. They gained control over Domain Admins on the domain controllers, implemented org-to-org authentication using inbound federation, and the new Identity Provider (IdP) gained full access to MGM's authorization systems. Through the IdP, the attackers obtained Global Admin rights in Azure.

The attackers also employed an extensive system of encryption and ransomware. Around 100 ESXi servers were encrypted, disrupting critical applications, while critical systems were locked down with ransomware, and files were exfiltrated. The impact of the attack was significant and required an extensive response effort to contain and remediate.

Overall, the MGM Resorts cyber attack was a highly coordinated and sophisticated attack that employed a wide range of techniques to bypass security measures and gain access to sensitive systems. The attack serves as a reminder of the importance of maintaining strong security protocols and staying vigilant against the ever-evolving threat landscape.

Credit: Reco.ai

@OUPNarith

Exploring Software Testing Approaches: White-Box vs. Black-Box vs. Grey-Box

In the dynamic realm of software development, quality assurance plays a pivotal role in ensuring robust, reliable applications. Let's delve into three prominent testing approaches and understand how they shape the software testing landscape.

@OUPNarith

ទម្លាប់ ៧ យ៉ាង​របស់​បុគ្គលដែលមានប្រសិទ្ធភាពខ្ពស់​ l សង្ខេប l 7 Habits l

១. ទម្លាប់បុរេសកម្ម
២. ទម្លាប់គិតមុនគូ
៣.ទម្លាប់​ធ្វើរឿងសំខាន់មុន​
៤. ទម្លាប់​គិតឈ្នះ-ឈ្នះ
៥. ទម្លាប់​រៀនយល់ពីគេ មុនឲ្យគេ​យល់ពីយើង​
៦. ទម្លាប់​សហកម្ម​​
៧. ទម្លាប់​សំលៀងខ្លួនឲ្យកាន់តែ​ល្អ​

Source: Author's Own

@OUPNarith

Chinese state-sponsored hackers are targeting old vulnerabilities in Cisco routers in new attacks apparently aimed at government entities in the US, UK, and Australia, cybersecurity firm SecurityScorecard reports.

As part of the observed attacks, the adversaries exploited CVE-2019-1653 and CVE-2019-1652, two critical-severity bugs in discontinued Cisco small business RV320/325 VPN routers, which have been targeted by Chinese hackers before and are also featured in CISA’s KEV catalog.

https://www-securityweek-com.cdn.ampproject.org/c/s/www.securityweek.com/china-linked-volt-typhoon-hackers-possibly-targeting-australian-uk-governments/amp/

@OUPNarith

The Ministry of Industry, Science, Technology & Innovation (MISTI) has just released the report on ‘Blockchain Technology Readiness for Cambodia’ with a strategic focus on Cambodia’s adoption of blockchain technology as a key development priority.

In a bold move towards a tech-driven future, the government aims to transform its industrial structure.

The nation plans to shift from labour-intensive industries to a skill-driven economy by 2025, capitalising on regional and global value chains to cultivate interconnected production clusters and bolster domestic industry competitiveness and productivity.

https://www.khmertimeskh.com/501420460/mistis-report-focuses-on-blockchain-adoption-for-cambodias-future-growth/

@OUPNarith

What Elephants Can Teach Us About Human Freedom
Don't allow failure to stop you from achieving the goals you set for yourself. Don't even call it failure like Zig Zigler says “It’s not how far you fall, but how high you bounce that counts.” Stay positive, focused and learn from your experiences to move ahead.

@OUPNarith