Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Your #Instagram Profile: A #Digital Business Card
https://undercodenews.com/your-instagram-profile-a-digital-business-card/
@Undercode_News
https://undercodenews.com/your-instagram-profile-a-digital-business-card/
@Undercode_News
UNDERCODE NEWS
Your Instagram Profile: A Digital Business Card - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Interpol Calls for a More Humane Term for Romance Scams
https://undercodenews.com/interpol-calls-for-a-more-humane-term-for-romance-scams/
@Undercode_News
https://undercodenews.com/interpol-calls-for-a-more-humane-term-for-romance-scams/
@Undercode_News
UNDERCODE NEWS
Interpol Calls for a More Humane Term for Romance Scams - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from Exploiting Crew (Pr1vAt3)
π¦AI-SOC. Radiant Security AI.
I have had many conversations (and still have) about Security for AI, especially about how AI-SOC can affect and help the SOC team and processes. At the same time, We have been (xTriage) running Radiant Security AI as AI-SOC (and more) for over a year, and the results arrived on time with HUGH successes!
During the AI-SOC journey with Radiant Security AI, we found many advantages about it. Below are some of them (in a nutshell):
1οΈβ£ Proactive Threat Hunting: AI-SOC leverages real-time data analysis and threat intelligence to proactively detect emerging threats, even before they appear in known threat databases.
2οΈβ£ Precision in Incident Detection: AI models analyze massive datasets and correlate events across multiple layers (network, endpoints, cloud, identities), reducing detection blind spots.
3οΈβ£ Scalability: AI-SOC can handle the massive influx of security alerts and scale effortlessly with an organization's growth without requiring linear increases in human resources.
4οΈβ£ Behavioral Anomaly Detection: AI identifies subtle deviations from normal behavior patterns that traditional systems often overlook, ensuring early detection of insider threats and zero-day exploits.
5οΈβ£ Hyperautomation: Combining AI with SOAR platforms enables faster and smarter incident response. Automated workflows triage and contain incidents without waiting for human intervention.
6οΈβ£ Continuous Learning and Adaptation: AI algorithms evolve with each new threat encountered, continuously improving their accuracy and relevance in detecting sophisticated attacks.
7οΈβ£ Enhanced Collaboration: AI-SOC tools facilitate collaboration across security tiers (T1-T3), presenting data and insights in clear, actionable formats tailored to the expertise level of the analyst.
8οΈβ£ Integrated Multi-Vendor Ecosystem: With support for seamless integration into existing ecosystems (e.g., XDR tools, SIEMs, SOAR), AI-SOC ensures minimal workflow disruption.
9οΈβ£ Reduction in False Positives: By understanding context and correlating events, AI dramatically reduces false positives, allowing analysts to focus on genuine threats.
π Cost Efficiency: By automating repetitive tasks and reducing the need for manual intervention, AI-SOC optimizes resource utilization and lowers the overall cost of operations.
In the end, T1/T2 is not chasing after massive FPs or useless alerts - They are now doing advanced tasks.
Ref: Elli Shlomo
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
I have had many conversations (and still have) about Security for AI, especially about how AI-SOC can affect and help the SOC team and processes. At the same time, We have been (xTriage) running Radiant Security AI as AI-SOC (and more) for over a year, and the results arrived on time with HUGH successes!
During the AI-SOC journey with Radiant Security AI, we found many advantages about it. Below are some of them (in a nutshell):
1οΈβ£ Proactive Threat Hunting: AI-SOC leverages real-time data analysis and threat intelligence to proactively detect emerging threats, even before they appear in known threat databases.
2οΈβ£ Precision in Incident Detection: AI models analyze massive datasets and correlate events across multiple layers (network, endpoints, cloud, identities), reducing detection blind spots.
3οΈβ£ Scalability: AI-SOC can handle the massive influx of security alerts and scale effortlessly with an organization's growth without requiring linear increases in human resources.
4οΈβ£ Behavioral Anomaly Detection: AI identifies subtle deviations from normal behavior patterns that traditional systems often overlook, ensuring early detection of insider threats and zero-day exploits.
5οΈβ£ Hyperautomation: Combining AI with SOAR platforms enables faster and smarter incident response. Automated workflows triage and contain incidents without waiting for human intervention.
6οΈβ£ Continuous Learning and Adaptation: AI algorithms evolve with each new threat encountered, continuously improving their accuracy and relevance in detecting sophisticated attacks.
7οΈβ£ Enhanced Collaboration: AI-SOC tools facilitate collaboration across security tiers (T1-T3), presenting data and insights in clear, actionable formats tailored to the expertise level of the analyst.
8οΈβ£ Integrated Multi-Vendor Ecosystem: With support for seamless integration into existing ecosystems (e.g., XDR tools, SIEMs, SOAR), AI-SOC ensures minimal workflow disruption.
9οΈβ£ Reduction in False Positives: By understanding context and correlating events, AI dramatically reduces false positives, allowing analysts to focus on genuine threats.
π Cost Efficiency: By automating repetitive tasks and reducing the need for manual intervention, AI-SOC optimizes resource utilization and lowers the overall cost of operations.
In the end, T1/T2 is not chasing after massive FPs or useless alerts - They are now doing advanced tasks.
Ref: Elli Shlomo
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
#TikTok's Fate in the Hands of Supreme Court: A Ban or a Reprieve?
https://undercodenews.com/tiktoks-fate-in-the-hands-of-supreme-court-a-ban-or-a-reprieve/
@Undercode_News
https://undercodenews.com/tiktoks-fate-in-the-hands-of-supreme-court-a-ban-or-a-reprieve/
@Undercode_News
UNDERCODE NEWS
TikTok's Fate in the Hands of Supreme Court: A Ban or a Reprieve? - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from DailyCVE
π openCart, Server-Side Template Injection (SSTI), GHSA-xrh7-2gfq-4rcq (Moderate)
https://dailycve.com/opencart-server-side-template-injection-ssti-ghsa-xrh7-2gfq-4rcq-moderate/
@DailyCVE
https://dailycve.com/opencart-server-side-template-injection-ssti-ghsa-xrh7-2gfq-4rcq-moderate/
@DailyCVE
DailyCVE
openCart, Server-Side Template Injection (SSTI), GHSA-xrh7-2gfq-4rcq (Moderate) - DailyCVE
2024-12-19 : This advisory, originally published on the GitHub Advisory Database, has been withdrawn due to being a duplicate of [β¦]
Forwarded from DailyCVE
π΄ golangorg/x/net/#html: Non-linear Parsing Vulnerability (#CVE-TBD) - Critical
https://dailycve.com/golangorg-x-net-html-non-linear-parsing-vulnerability-cve-tbd-critical/
@Daily_CVE
https://dailycve.com/golangorg-x-net-html-non-linear-parsing-vulnerability-cve-tbd-critical/
@Daily_CVE
DailyCVE
golangorg/x/net/html: Non-linear Parsing Vulnerability (CVE-TBD) - Critical - DailyCVE
2024-12-19 What Undercode Says: A critical vulnerability (CVE-TBD) has been identified in the golang.org/x/net/html package. An attacker can exploit this [β¦]
Forwarded from UNDERCODE NEWS (UNDERCODER)
Whatsapp (Meta) server is down
Forwarded from Exploiting Crew (Pr1vAt3)
π¦Another Red Team Pack:
πππ ππππ¦ ππ¨π¨π₯π¬ π₯
π΄ RECONNAISSANCE:
- RustScan ==> https://lnkd.in/ebvRfBNy
- NmapAutomator ==> https://lnkd.in/gu5wxzf6
- AutoRecon ==> https://lnkd.in/g3DeG6YT
- Amass ==> https://lnkd.in/e7V569N5
- CloudEnum ==> https://lnkd.in/ePHDeGZv
- Recon-NG ==> https://lnkd.in/edwaXFjS
- AttackSurfaceMapper ==> https://lnkd.in/ebbcj6Rm
- DNSDumpster ==> https://dnsdumpster.com/
π΄ INITIAL ACCESS:
- SprayingToolKit ==> https://lnkd.in/eBSAPz5z
- o365Recon ==> https://lnkd.in/eJwCx-Ga
- Psudohash ==> https://lnkd.in/gcaxV6fR
- CredMaster ==> https://lnkd.in/gtMEDVuS
- DomainPasswordSpray ==> https://lnkd.in/guWj4TYv
- TheSprayer ==> https://lnkd.in/gZVuQYiv
- TREVORspray ==> https://lnkd.in/gHgcbjgV
π΄ DELIVERY:
- o365AttackToolKit ==> https://lnkd.in/etCCYi8y
- EvilGinx2 ==> https://lnkd.in/eRDPvwUg
- GoPhish ==> https://lnkd.in/ea26dfNg
- PwnAuth ==> https://lnkd.in/eqecM7de
- Modlishka ==> https://lnkd.in/eds-dR5C
π΄ COMMAND AND CONTROL:
- PoshC2 ==> https://lnkd.in/eqSJUDji
- Sliver ==> https://lnkd.in/ewN9Nday
- SILENTTRINITY ==> https://lnkd.in/eeZGbYMs
- Empire ==> https://lnkd.in/egAPa8gY
- AzureC2Relay ==> https://lnkd.in/efmh2t3g
- Havoc C2 ==> https://lnkd.in/gEFp2iym
- Mythic C2 ==> https://lnkd.in/gnCGwfWk
π΄ CREDENTIAL DUMPING:
- MimiKatz ==> https://lnkd.in/etEGfvJK
- HekaTomb ==> https://lnkd.in/eJx5Ugu5
- SharpLAPS ==> https://lnkd.in/eA28n9FT
- Net-GPPPassword ==> https://lnkd.in/e3CTez5A
- PyPyKatz ==> https://lnkd.in/eeb5b6Tz
π΄ PRIVILEGE ESCALATION:
- SharpUp ==> https://lnkd.in/etR2Pe_n
- MultiPotato ==> https://lnkd.in/eq53PXcJ
- PEASS ==> https://lnkd.in/eWA66akh
- Watson ==> https://lnkd.in/eZfYMSMX
- Bat-Potato ==> https://lnkd.in/gjziyG8q
π΄ DEFENSE EVASION:
- Villain ==> https://lnkd.in/gquyGFm5
- EDRSandBlast ==> https://lnkd.in/e8g8zYFT
- SPAWN - Cobalt Strike BOF ==> https://lnkd.in/e223PbqZ
- NetLoader ==> https://lnkd.in/ef5wCD4y
- KillDefenderBOF ==> https://lnkd.in/eVd54HUp
- ThreatCheck ==> https://lnkd.in/eHvSPakR
- Freeze ==> https://lnkd.in/eNUh3zCi
- GadgetToJScript ==> https://lnkd.in/egPQBBXJ
π΄ PERSISTENCE:
- SharPyShell ==> https://lnkd.in/eXm8h8Bj
- SharpStay ==> https://lnkd.in/erRbeFMj
- SharpEventPersist ==> https://lnkd.in/e_kJFNiB
π΄ LATERAL MOVEMENT:
- SCShell ==> https://lnkd.in/e256fC8B
- MoveKit ==> https://lnkd.in/eR-NUu_U
- ImPacket ==> https://lnkd.in/euG4hTTs
π΄ EXFILTRATION:
- SharpExfiltrate ==> https://lnkd.in/eGC4BKRN
- DNSExfiltrator ==> https://lnkd.in/epJ-s6gp
- Egress-Assess ==> https://lnkd.in/eXGFPQRJ
Ref: Adnan Alam
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
πππ ππππ¦ ππ¨π¨π₯π¬ π₯
π΄ RECONNAISSANCE:
- RustScan ==> https://lnkd.in/ebvRfBNy
- NmapAutomator ==> https://lnkd.in/gu5wxzf6
- AutoRecon ==> https://lnkd.in/g3DeG6YT
- Amass ==> https://lnkd.in/e7V569N5
- CloudEnum ==> https://lnkd.in/ePHDeGZv
- Recon-NG ==> https://lnkd.in/edwaXFjS
- AttackSurfaceMapper ==> https://lnkd.in/ebbcj6Rm
- DNSDumpster ==> https://dnsdumpster.com/
π΄ INITIAL ACCESS:
- SprayingToolKit ==> https://lnkd.in/eBSAPz5z
- o365Recon ==> https://lnkd.in/eJwCx-Ga
- Psudohash ==> https://lnkd.in/gcaxV6fR
- CredMaster ==> https://lnkd.in/gtMEDVuS
- DomainPasswordSpray ==> https://lnkd.in/guWj4TYv
- TheSprayer ==> https://lnkd.in/gZVuQYiv
- TREVORspray ==> https://lnkd.in/gHgcbjgV
π΄ DELIVERY:
- o365AttackToolKit ==> https://lnkd.in/etCCYi8y
- EvilGinx2 ==> https://lnkd.in/eRDPvwUg
- GoPhish ==> https://lnkd.in/ea26dfNg
- PwnAuth ==> https://lnkd.in/eqecM7de
- Modlishka ==> https://lnkd.in/eds-dR5C
π΄ COMMAND AND CONTROL:
- PoshC2 ==> https://lnkd.in/eqSJUDji
- Sliver ==> https://lnkd.in/ewN9Nday
- SILENTTRINITY ==> https://lnkd.in/eeZGbYMs
- Empire ==> https://lnkd.in/egAPa8gY
- AzureC2Relay ==> https://lnkd.in/efmh2t3g
- Havoc C2 ==> https://lnkd.in/gEFp2iym
- Mythic C2 ==> https://lnkd.in/gnCGwfWk
π΄ CREDENTIAL DUMPING:
- MimiKatz ==> https://lnkd.in/etEGfvJK
- HekaTomb ==> https://lnkd.in/eJx5Ugu5
- SharpLAPS ==> https://lnkd.in/eA28n9FT
- Net-GPPPassword ==> https://lnkd.in/e3CTez5A
- PyPyKatz ==> https://lnkd.in/eeb5b6Tz
π΄ PRIVILEGE ESCALATION:
- SharpUp ==> https://lnkd.in/etR2Pe_n
- MultiPotato ==> https://lnkd.in/eq53PXcJ
- PEASS ==> https://lnkd.in/eWA66akh
- Watson ==> https://lnkd.in/eZfYMSMX
- Bat-Potato ==> https://lnkd.in/gjziyG8q
π΄ DEFENSE EVASION:
- Villain ==> https://lnkd.in/gquyGFm5
- EDRSandBlast ==> https://lnkd.in/e8g8zYFT
- SPAWN - Cobalt Strike BOF ==> https://lnkd.in/e223PbqZ
- NetLoader ==> https://lnkd.in/ef5wCD4y
- KillDefenderBOF ==> https://lnkd.in/eVd54HUp
- ThreatCheck ==> https://lnkd.in/eHvSPakR
- Freeze ==> https://lnkd.in/eNUh3zCi
- GadgetToJScript ==> https://lnkd.in/egPQBBXJ
π΄ PERSISTENCE:
- SharPyShell ==> https://lnkd.in/eXm8h8Bj
- SharpStay ==> https://lnkd.in/erRbeFMj
- SharpEventPersist ==> https://lnkd.in/e_kJFNiB
π΄ LATERAL MOVEMENT:
- SCShell ==> https://lnkd.in/e256fC8B
- MoveKit ==> https://lnkd.in/eR-NUu_U
- ImPacket ==> https://lnkd.in/euG4hTTs
π΄ EXFILTRATION:
- SharpExfiltrate ==> https://lnkd.in/eGC4BKRN
- DNSExfiltrator ==> https://lnkd.in/epJ-s6gp
- Egress-Assess ==> https://lnkd.in/eXGFPQRJ
Ref: Adnan Alam
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
lnkd.in
LinkedIn
This link will take you to a page thatβs not on LinkedIn
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π APT29's Sophisticated Cyberattacks: A Deep Dive
https://undercodenews.com/apt29s-sophisticated-cyberattacks-a-deep-dive/
@Undercode_News
https://undercodenews.com/apt29s-sophisticated-cyberattacks-a-deep-dive/
@Undercode_News
UNDERCODE NEWS
APT29's Sophisticated Cyberattacks: A Deep Dive - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
β οΈ #WhatsApp Beta Gets a Star: Marking Important Channel Updates
https://undercodenews.com/whatsapp-beta-gets-a-star-marking-important-channel-updates/
@Undercode_News
https://undercodenews.com/whatsapp-beta-gets-a-star-marking-important-channel-updates/
@Undercode_News
UNDERCODE NEWS
WhatsApp Beta Gets a Star: Marking Important Channel Updates - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π CodeQL Enhances Dependency Scanning for Private Registries
https://undercodenews.com/codeql-enhances-dependency-scanning-for-private-registries/
@Undercode_News
https://undercodenews.com/codeql-enhances-dependency-scanning-for-private-registries/
@Undercode_News
UNDERCODE NEWS
CodeQL Enhances Dependency Scanning for Private Registries - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π Social Media Standoff: X Exits Brazil in Fight Over Misinformation
https://undercodenews.com/social-media-standoff-x-exits-brazil-in-fight-over-misinformation/
@Undercode_News
https://undercodenews.com/social-media-standoff-x-exits-brazil-in-fight-over-misinformation/
@Undercode_News
UNDERCODE NEWS
Social Media Standoff: X Exits Brazil in Fight Over Misinformation - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
#ChatGPT: A Voice-Enabled #AI Assistant
https://undercodenews.com/chatgpt-a-voice-enabled-ai-assistant/
@Undercode_News
https://undercodenews.com/chatgpt-a-voice-enabled-ai-assistant/
@Undercode_News
UNDERCODE NEWS
ChatGPT: A Voice-Enabled AI Assistant - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π¨ India Faces a Cyber Threat Surge: A Deep Dive into the Rising API Attacks
https://undercodenews.com/india-faces-a-cyber-threat-surge-a-deep-dive-into-the-rising-api-attacks/
@Undercode_News
https://undercodenews.com/india-faces-a-cyber-threat-surge-a-deep-dive-into-the-rising-api-attacks/
@Undercode_News
UNDERCODE NEWS
India Faces a Cyber Threat Surge: A Deep Dive into the Rising API Attacks - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π± #Microsoft's Decade-Long Pursuit of #Apple Search: A Twist of Fate
https://undercodenews.com/microsofts-decade-long-pursuit-of-apple-search-a-twist-of-fate/
@Undercode_News
https://undercodenews.com/microsofts-decade-long-pursuit-of-apple-search-a-twist-of-fate/
@Undercode_News
UNDERCODE NEWS
Microsoft's Decade-Long Pursuit of Apple Search: A Twist of Fate - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
β‘οΈ #Galaxy Tab S10 FE: A Potential Upgrade on the Horizon
https://undercodenews.com/galaxy-tab-s10-fe-a-potential-upgrade-on-the-horizon/
@Undercode_News
https://undercodenews.com/galaxy-tab-s10-fe-a-potential-upgrade-on-the-horizon/
@Undercode_News
UNDERCODE NEWS
Galaxy Tab S10 FE: A Potential Upgrade on the Horizon - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from Exploiting Crew (Pr1vAt3)
π¦Understanding the Network Protocol Stack Simplified π οΈ
Networking is the backbone of modern communication, but the variety of protocols can feel overwhelming. Here's a clean breakdown of the Network Protocol Stack, from physical data transmission to application-level interactions:
πͺ Application Layer (L5-L7)
Where user-facing magic happens! Think web browsing, secure communication, and directory services (e.g., HTTP, TLS, DNS).
π¦ Transport Layer (L4)
Handles data delivery, reliable (TCP) or quick (UDP). New protocols like QUIC ensure modern needs are met.
π₯ Network Layer (L3)
Focuses on routing and addressing, whether through IPv4 or IPv6, with security layers like IPsec keeping it safe.
π© Data Link Layer (L2)
Close to hardware , responsible for switching, VLANs, and WiFi connectivity.
Ref: Fadi Kazdar
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Networking is the backbone of modern communication, but the variety of protocols can feel overwhelming. Here's a clean breakdown of the Network Protocol Stack, from physical data transmission to application-level interactions:
πͺ Application Layer (L5-L7)
Where user-facing magic happens! Think web browsing, secure communication, and directory services (e.g., HTTP, TLS, DNS).
π¦ Transport Layer (L4)
Handles data delivery, reliable (TCP) or quick (UDP). New protocols like QUIC ensure modern needs are met.
π₯ Network Layer (L3)
Focuses on routing and addressing, whether through IPv4 or IPv6, with security layers like IPsec keeping it safe.
π© Data Link Layer (L2)
Close to hardware , responsible for switching, VLANs, and WiFi connectivity.
Ref: Fadi Kazdar
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
#Sony Celebrates 30 Years with a Massive Giveaway
https://undercodenews.com/sony-celebrates-30-years-with-a-massive-giveaway/
@Undercode_News
https://undercodenews.com/sony-celebrates-30-years-with-a-massive-giveaway/
@Undercode_News
UNDERCODE NEWS
Sony Celebrates 30 Years with a Massive Giveaway - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦