🔒 #Ransomware Group Flocker Targets KS CORP

https://undercodenews.com/ransomware-group-flocker-targets-ks-corp/

@Undercode_News

OnePlus 13R Confirmed with Snapdragon 8 Gen 3 Ahead of India Launch

https://undercodenews.com/oneplus-13r-confirmed-with-snapdragon-8-gen-3-ahead-of-india-launch/

@Undercode_News

🦑🎄CyberAdvent Day 21: pyDescribeSDDL - Simplify Windows SDDL Analysis

🔐 Ever struggled with decoding SDDL strings during audits or pentests? With pyDescribeSDDL, you can transform Security Descriptor Definition Language (SDDL) strings into readable insights effortlessly!

🛠 What is pyDescribeSDDL?
pyDescribeSDDL is a Python tool designed to parse and describe the contents of SDDL strings, making it easier to analyze Access Control Entries (ACEs), Access Control Lists (ACLs), and associated SIDs and GUIDs.

🔑 Key Features
1️⃣ Human-readable summaries: Use the --summary option to output clear and concise access information.
2️⃣ ACE Parsing: Supports detailed analysis of all major ACE types
3️⃣ SID Resolution: Automatically resolve well-known SIDs to their human-readable names.
4️⃣ GUID Parsing: Decode well-known GUIDs for easier interpretation.

📂 Check out pyDescribeSDDL here: https://github.com/p0dalirius/pyDescribeSDDL

Ref: Rémi Gascou (Podalirius)Rémi Gascou
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🎮 #Amazon Prime Video: New Rules Limit TV Streaming to Two Devices

https://undercodenews.com/amazon-prime-video-new-rules-limit-tv-streaming-to-two-devices/

@Undercode_News

📱 The Lava Blaze Duo 5G: A Dual-Screen Smartphone Arrives in India

https://undercodenews.com/the-lava-blaze-duo-5g-a-dual-screen-smartphone-arrives-in-india/

@Undercode_News

🦑Web Vulnerability Resource - XSS

Unferstanding XSS Attack
https://lnkd.in/dg9THu25

XSS Filter Evasion by johnermac
https://lnkd.in/dk_gpSRP

Payloads XSs Evasion by citybasebrooks
https://lnkd.in/d4YQjBxE

XSS Resource by BruteLogic
https://lnkd.in/dcVG-RSX

XSS Challegens
https://lnkd.in/dhcbNe6d
https://lnkd.in/dif8SVjK

How to Find XSS by HackerOne
https://lnkd.in/dvqNm5bT

Learning about Cross Site Scripting (XSS)
https://lnkd.in/dYETX2VV

XSS CheatSheet by Portswigger Labs
https://lnkd.in/dAxxwj4

Hacktivity XSS by HackerOne
https://lnkd.in/dNNM86wx

XSS Explained by NahamSec
https://lnkd.in/dJiTs2td

XSS Stored, Blind, Reflected and DOM by InsiderPhD
https://lnkd.in/d9KzwBfd

Web Hacking Beyond Alert by Wild West
https://lnkd.in/djbgjFS8

XSS Tools
XSSTRIKE https://lnkd.in/dJkuhQ4X
Dalfox https://lnkd.in/dp_UnjGM
XSSMap https://lnkd.in/dgfqdEhj
FinDOM XSS https://lnkd.in/dffQm67D

Ref: Joas A SantosJoas A Santos
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

📊 Automating #CrowdStrike RFM Reporting with #AI in Tines

https://undercodenews.com/automating-crowdstrike-rfm-reporting-with-ai-in-tines/

@Undercode_News

🤖 US to Blacklist Sophgo After Chip Found in #Huawei #AI Processor

https://undercodenews.com/us-to-blacklist-sophgo-after-chip-found-in-huawei-ai-processor/

@Undercode_News

📱 The #Microsoft 365 App Gets a #Copilot-Centric Makeover

https://undercodenews.com/the-microsoft-365-app-gets-a-copilot-centric-makeover/

@Undercode_News

📚 Level Up Your Tech Skills: Free IT Training for Nigerians by the Government

https://undercodenews.com/level-up-your-tech-skills-free-it-training-for-nigerians-by-the-government/

@Undercode_News

🎮 Streamlining Success: 21 #Digital Marketing Strategies to Automate Repetitive Tasks

https://undercodenews.com/streamlining-success-21-digital-marketing-strategies-to-automate-repetitive-tasks/

@Undercode_News

🔐 20-Year Prison Sentence for Romanian Hacker Involved in NetWalker #Ransomware Attacks

https://undercodenews.com/20-year-prison-sentence-for-romanian-hacker-involved-in-netwalker-ransomware-attacks/

@Undercode_News

🖥️ #YouTube to Crack Down on Clickbait in India: A Step Towards a More Trustworthy Platform

https://undercodenews.com/youtube-to-crack-down-on-clickbait-in-india-a-step-towards-a-more-trustworthy-platform/

@Undercode_News

🦑[𝐅𝐑𝐄𝐄 𝐑𝐄𝐒𝐎𝐔𝐑𝐂𝐄𝐒 - 𝐀𝐂𝐓𝐈𝐕𝐄 𝐃𝐈𝐑𝐄𝐂𝐓𝐎𝐑𝐘 𝐏𝐄𝐍𝐓𝐄𝐒𝐓]

Whether you are preparing for a certification or need to sharpen your skills for your pentests.

🤓Here is a list of resources 🤓:

𝐍𝐞𝐞𝐝 𝐭𝐨 𝐩𝐫𝐚𝐜𝐭𝐢𝐜𝐞?
👉Set up and AD home lab with this blog post from spookysec:
https://lnkd.in/d-Dt7PBA

👉You also have a script here to set up a Vulnerable AD lab by WazeHell
https://lnkd.in/dyZS6WWr

👉 Check out the dedicated section on Active Directory of PenTips
https://lnkd.in/dhTP_eyt

👉Here is a collection of various common attack scenarios on Microsoft Azure Active Directory by Cloud-Architekt:
https://lnkd.in/dnFfRRMM

👉Julien Provenzano ☁️ shared a great document full of resources here:
https://lnkd.in/d-skx-R3

👉Finally here is an Active Directory Exploitation Cheat Sheet by Integration-IT
https://lnkd.in/dBijrUjT

Resources Credit : Gabrielle
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 SOC Architectures & Frameworks: Key to Cybersecurity! 🚨
As cyber threats grow, choosing the right Security Operations Center (SOC) and framework is crucial. Here’s a quick guide:
SOC Architectures:
Centralized SOC: One location, best for large organizations.
Decentralized SOC: Multiple locations, ideal for global companies.
Virtual SOC: Cloud-based, cost-effective for SMBs.
Hybrid SOC: Combines all models, offering flexibility.
Popular Frameworks:
NIST CSF: Risk-based, customizable.
MITRE ATT&CK: Helps improve threat detection.
ISO 27001: Compliance-focused, globally recognized.
CIS Controls: Simple, prioritized security controls.
Key Considerations: Budget, company size, risk level, and compliance needs. Make the right choice to protect your organization!

Ref: in pdf
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

𝐋𝐀𝐁 15 𝐏𝐫𝐚𝐜𝐭𝐢𝐜𝐚𝐥 𝐌𝐚𝐥𝐰𝐚𝐫𝐞 𝐀𝐧𝐚𝐥𝐲𝐬𝐢𝐬: 𝐃𝐢𝐬𝐜𝐨𝐯𝐞𝐫 𝐀𝐧𝐭𝐢-𝐃𝐢𝐬𝐚𝐬𝐬𝐞𝐦𝐛𝐥𝐲 𝐓𝐞𝐜𝐡𝐧𝐢𝐪𝐮𝐞𝐬

🦑Webshell Testing for Defenders 💡

Having automated tools to spin up web servers isn’t just convenient—it’s a game-changer for defenders. Here's why:

🔍 Detection Opportunities:
Use these servers to validate analytic coverage for:

🗂 File modifications (webshell uploads)
⚙️ Process executions (commands from shells)
🎯 Suspicious behaviors triggered by shells

💻 How to Use:

1️⃣ Deploy your favorite tools (Sysmon, EDR, XDR, etc.)
2️⃣ Grab a webshell of choice, upload it, and start testing!
3️⃣Observe logs, alerts, and behaviors to identify gaps in your coverage.

🔥 Tools for Testing:

➡️ Apache Builder: https://github.com/MHaggis/notes/tree/master/utilities/ApachePHPBuild
➡️ IIS Builder: https://github.com/MHaggis/notes/tree/master/utilities/IISBuilder

Ref: Michael H.Michael H.
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

FusionCharts Targeted by #Ransomware Group

https://undercodenews.com/fusioncharts-targeted-by-ransomware-group/

@Undercode_News

🛡️ Enhanced Browser Security: #Microsoft Edge Tackles Scareware with #AI

https://undercodenews.com/enhanced-browser-security-microsoft-edge-tackles-scareware-with-ai/

@Undercode_News

Killsec #Ransomware Targets Allied Packing And Rubber Inc

https://undercodenews.com/killsec-ransomware-targets-allied-packing-and-rubber-inc/

@Undercode_News

🔋 Killsec #Ransomware Targets Abrasive Supply Corporation

https://undercodenews.com/killsec-ransomware-targets-abrasive-supply-corporation/

@Undercode_News