D-Link no solucionará una falla crítica que afecta a 60.000 dispositivos NAS antiguos
https://blog.segu-info.com.ar/2024/11/d-link-no-solucionara-una-falla-critica.html

Ocultar malware en ZIP/RAR "rotos"
https://blog.segu-info.com.ar/2024/11/ocultar-malware-en-ziprar-rotos.html

Brecha masiva: filtran datos de empleados de Amazon, McDonald's, HSBC, HP y potencialmente otras 1.000 empresas
https://blog.segu-info.com.ar/2024/11/brecha-masiva-filtran-datos-de.html

Arghhhhhhh, como había hecho para vivir sin esto!!!

😍https://roadmap.sh/

No confío en los proveedores de VPN ¿Why?
https://blog.segu-info.com.ar/2024/11/no-confio-en-los-proveedores-de-vpn-why.html

#Curso de #ciberseguridad para principiantes (y para todos)😎
Apurate, los suelen cerrar rápido.

📌 Core:
Cisco Network Essentials - http://lnkd.in/eMXxFBPN
Palo Alto - http://lnkd.in/ebz4VZmQ
AWS Cloud - http://lnkd.in/e_auX7VE
Azure Cloud - http://lnkd.in/eCq_dvDq
GCP Cloud - http://lnkd.in/eDNWnVsD

📌 Fundamentals:
SANS Aces - http://lnkd.in/eNCPrtdd
ISC(2) Certified in Cyber - http://lnkd.in/e6jB_6af
Coursera - http://lnkd.in/ePMNVDm5
EC-Council - http://lnkd.in/ewiVUkYt
Cyber Security - http://lnkd.in/eueCSF6A
Cisco Cyber Induction - http://lnkd.in/e8C3jacc
Cisco Cyber Essentials - http://lnkd.in/eTQNsbyF
Cisco Network Essentials - http://lnkd.in/eMXxFBPN
Palo Alto - http://lnkd.in/ebz4VZmQ
Fortinet NSE - http://lnkd.in/es3c_Q6E

📌 Penetration Testing:
TCM-Security - http://lnkd.in/eJQKmhnt
PortSwigger Web Hacking - http://lnkd.in/eEa-fNfu
CodeRed Hacking Essentials - http://lnkd.in/eJbyZp_9
RedTeaming - http://lnkd.in/et_T2DEa
METASPLOIT UNLEASHED - http://lnkd.in/eJFcNSsz
Hacker101 - http://lnkd.in/eJK5xp2A

📌 Vulnerability Management:
Qualys - http://lnkd.in/eDWu2zyT
Tenable (Intro) - http://lnkd.in/eQW2Zjjj
Class Central - http://lnkd.in/eWbmXfRU

📌 SIEM:
Splunk - http://lnkd.in/e5ZVAEuF
QRadar - http://lnkd.in/ebjbyq_x
Elastic - http://lnkd.in/e-jXsnVs
XPERT - http://lnkd.in/eYR7r3uD

📌 Engineering:
Oxford - http://lnkd.in/eJHp7Dp2
IoT Privacy - http://lnkd.in/eN5xDUed

Actualización de Exchange agrega advertencia para emails con suplantación de identidad
https://blog.segu-info.com.ar/2024/11/actualizacion-de-exchange-agrega.html

Actualizaciones de seguridad de noviembre para todas las empresas
https://blog.segu-info.com.ar/2024/11/actualizaciones-de-seguridad-de.html

Actualizaciones de seguridad de noviembre para todas las empresas
https://blog.segu-info.com.ar/2024/11/actualizaciones-de-seguridad-de.html

Entrenamientos GRATUITO de Microsoft para luego certificar:

🔗https://learn.microsoft.com/en-us/training/paths/get-started-data-engineering/
🔗https://learn.microsoft.com/en-us/training/paths/explore-azure-machine-learning-workspace/
🔗https://learn.microsoft.com/en-us/training/paths/work-data-azure-machine-learning/
🔗https://learn.microsoft.com/en-us/training/paths/automate-machine-learning-model-selection-azure-machine-learning/

Vulnerabilidad crítica en Laravel permite escalamiento de privilegios
https://blog.segu-info.com.ar/2024/11/vulnerabilidad-critica-en-laravel.html

NSO Group utiliza Zero-Days de WhatsApp para instalar Pegasus y espionaje
https://blog.segu-info.com.ar/2024/11/nso-group-utiliza-zero-days-de-whatsapp.html

Hoy en AR es feriado😎, qué mejor que practicar un poco de #OSINT con todo esto!🤓🍻

🔗https://osintframework.com/
🔗https://bellingcat.gitbook.io/toolkit
🔗https://achirou.com/category/osint/
🔗https://cybdetective.com/osintmap/
🔗https://inteltechniques.com/tools/
🔗https://intelx.io/tools
🔗https://map.malfrats.industries/
🔗https://metaosint.github.io/
🔗https://ohshint.gitbook.io/oh-shint-its-a-blog/osint-web-resources
🔗https://one-plus.github.io/
🔗https://rr.reuser.biz/#company%20informationInternational
🔗https://start.me/p/DPYPMz/the-ultimate-osint-collection
🔗https://wiki.theosintion.com/
🔗https://www.aware-online.com/osint-tools/
🔗https://www.journaliststoolbox.org/
🔗https://www.osintcombine.com/tools
🔗https://www.osintdojo.com/resources/
🔗https://www.osintessentials.com/
🔗https://www.osinttechniques.com/osint-tools.html
🔗https://www.toddington.com/resources/free-osint-resources-open-source-intelligence-search-tools-research-tools-online-investigation/
🔗https://www.uk-osint.net/index.htm
🔗https://start.me/p/wMkNoN/osint-fuentes-abiertas-ciberinteligencia

Zero-Day en FortiClient permite robo de credenciales de VPN
https://blog.segu-info.com.ar/2024/11/zero-day-en-forticlient-permite-robo-de.html

📌 #OCSP Official Documentation

🔗https://offensive-security.com/offsec/oscp-exam-structure/
🔗https://offensive-security.com/metasploit-unleashed/
🔗https://help.offensive-security.com/hc/en-us
🔗https://help.offensive-security.com/hc/en-us/articles/360050473812
🔗https://offensive-security.com/documentation/penetration-testing-with-kali.pdf
🔗https://forums.offensive-security.com

📌 OCSP Tools and Resources

🔗https://falconspy.medium.com/unofficial-oscp-approved-tools-b2b4e889e707
🔗https://reddit.com/r/oscp/comments/if1q5v/ive_made_a_list_of_reddit_topics_that_you_should/
🔗https://github.com/Tib3rius/AutoRecon
🔗https://hackingarticles.in/comprehensive-guide-to-autorecon/
🔗https://github.com/21y4d/nmapAutomator
🔗https://github.com/codingo/Reconnoitre

📌OSCP Guides

🔗https://johnstawinski.com/2022/10/09/oscp-2023-study-guide-new-exam-format
🔗https://johnjhacking.com/blog/oscp-reborn-2023/
🔗https://sgtdede.gitbook.io/hacking/oscp-2022/guide-en
🔗https://netsecfocus.com/oscp/2021/05/06/The_Journey_to_Try_Harder-_TJnull-s_Preparation_Guide_for_PEN-200_PWK_OSCP_2.0.html
🔗https://hxrrvs.gitbook.io/oscp/
🔗https://ninjasec.medium.com/efficiently-utilizing-autorecon-for-oscp-and-beyond-74c93a273a36
🔗https://github.com/Shiva108/CTF-notes/tree/master/OSCP-Materials-master
🔗https://github.com/Shiva108/CTF-notes/tree/master/Notes%20VA
🔗https://github.com/Shiva108/CTF-notes/tree/master/Everything-OSCP
🔗https://github.com/Shiva108/CTF-notes/blob/master/enum_oscp.html
🔗https://github.com/Shiva108/CTF-notes/blob/master/how-to-oscp-final.md
🔗https://github.com/Shiva108/CTF-notes/blob/master/Kali%20Linux%20Offensive%20Security%20Certified%20Professional%20Playbook.html
🔗https://avasdream.engineer/assets/OSCP-Methodology.png
🔗https://kali.training/lessons/introduction/
🔗https://netsecfocus.com/oscp/2019/03/29/The_Journey_to_Try_Harder-_TJNulls_Preparation_Guide_for_PWK_OSCP.html
🔗https://tripwire.com/state-of-security/security-awareness/oscp-journey/
🔗https://411hall.github.io/OSCP-Preparation/
🔗https://scund00r.com/all/oscp/2018/02/25/passing-oscp.html
🔗https://abatchy.com/2017/03/how-to-prepare-for-pwkoscp-noob
🔗https://niiconsulting.com/checkmate/2017/06/a-detail-guide-on-oscp-preparation-from-newbie-to-oscp/
🔗https://johnjhacking.com/blog/the-oscp-preperation-guide-2020/
🔗https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-1-is-oscp-for-you-b57cbcce7440
🔗https://sushant747.gitbooks.io/total-oscp-guide/content/
🔗https://rana-khalil.gitbook.io/hack-the-box-oscp-preparation/my-oscp-journey-a-review

📌 OCSP Essential Videos and Courses

🔗TryHackMe Pentesting Course -https://tryhackme.com/path/outline/pentesting
🔗TryHackMe Buffer Overflow Prep -https://tryhackme.com/room/bufferoverflowprep
🔗Cyber Mentor: Buffer overflow - https://tcm-sec.com/buffer-overflows-made-easy/
🔗Tiberius' Priv Esc Courses - https://udemy.com/course/linux-privilege-escalation/
🔗TJNull's OSCP Prep - https://youtube.com/playlist?list=PLidcsTyj9JXK-fnabFLVEvHinQ14Jy5tf
🔗Tiberius Buffer overflow - https://youtube.com/watch?v=1X2JGF_9JGM
🔗Conda's OSCP Prep - https://youtube.com/playlist?list=PLDrNMcTNhhYqZU1ySROli7Oc08mxe1tZR

📌 OCSP Practice Box List

🔗TJNull's List - https://docs.google.com/spreadsheets/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/edit#gid=1839402159
🔗HackTheBox List -https://docs.google.com/spreadsheets/d/1PVH3athOru-rHirsy30R1r8692R6J44W7uuHTrquqnk/edit#gid=1638926857https://hyd3.home.blog/2020/06/22/oscp-prep-hackthebox-list/
🔗NoobSec List - https://docs.google.com/spreadsheets/d/1PVH3athOru-rHirsy30R1r8692R6J44W7uuHTrquqnk/edit#gid=1638926857
🔗OSCP-like Boxes -https://nopresearcher.github.io/OSCP-Like-Boxes/

Referencias en Twitter: @s0cm0nkeysec @harshleenchawl2