Famous Deepfake Scandals: Look at how governments and companies responded to deepfake incidents, such as the use of deepfakes in disinformation campaigns or political manipulation.
Bug Reports and Security Audits: Explore past bug bounty reports related to deepfakes or AI systems. Learning from these cases will sharpen your skills in identifying similar vulnerabilities.
9. Report Findings Responsibly
If you find vulnerabilities related to deepfakes in a bug bounty program, be sure to:

Provide Detailed Evidence: Document your findings with clear, reproducible steps. For example, if a facial recognition system can be bypassed with a deepfake, include details on how the attack works.
Ethical Considerations: Always follow ethical guidelines. Do not exploit deepfake vulnerabilities maliciously—use them solely to improve security.

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Search for Leaked Zoom Meeting Links via Wayback Machine

1. Target URL:

Use Wayback Machine to search for archived Zoom meeting links of the target, e.g., target.zoom.us.



2. Wayback Machine URL:

Visit archive links like:

https://web(.)archive(.)org/web/*/https://target(.)zoom(.)us/*




3. Find Meeting Links:

Look for URLs with meeting IDs and passwords, such as: http://target(.)zoom(.)us/j/3122529044?pwd=xxxxxx



4. Check Activity:

If the link contains pwd=xxxx, test if it is still active.

Active links grant access to private meetings.




Risk: This can expose sensitive company information, leading to significant security breaches.

You can also find a shared link to the recorded video to demonstrate greater impact.

Risks Highlighted in the Report:

1. Unauthorized Access:

Leaked Zoom links allow attackers to join private LinkedIn meetings without authorization.

2. Anonymity of Attackers:

The anonymity option in Zoom enables malicious actors to participate undetected.

3. Sensitive Information Exposure:

Attackers can gain access to confidential LinkedIn discussions and sensitive data.

4. Impersonation Threat:

Malicious actors can impersonate LinkedIn for phishing, fraudulent recruitment, or advertising scams.

5. Content Hijacking:

Attackers with knowledge of meeting times can claim host privileges and disrupt meetings by sharing obscene or inappropriate content.

6. Scalability of Attack:

LinkedIn’s enterprise Zoom plan allows attackers to add numerous unauthorized participants, amplifying the potential damage.

7. Reputational & Financial Damage:

Breach of internal meetings can harm LinkedIn’s reputation and result in financial exploitation.

https://x.com/MrRajputHacker/status/1879423022769336570?t=57L3i_dLYPUbH2Mgagohbw&s=19
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🔵 Search for Leaked #Zoom Meeting Links via Wayback Machine

https://dailycve.com/search-for-leaked-zoom-meeting-links-via-wayback-machine/

@Daily_CVE

🚨 Fortinet Faces Critical Zero-Day Vulnerability in FortiGate Firewalls: What You Need to Know

https://undercodenews.com/fortinet-faces-critical-zero-day-vulnerability-in-fortigate-firewalls-what-you-need-to-know/

@Undercode_News

⚡️ #WhatsApp Beta for #iOS 2511072: A Fresh Look with New Default Icons

https://undercodenews.com/whatsapp-beta-for-ios-2511072-a-fresh-look-with-new-default-icons/

@Undercode_News

⚡️ New Features in #Chrome's Latest #Update

https://undercodenews.com/new-features-in-chromes-latest-update/

@Undercode_News

🦑More Free Cybersecurity Certificates

added to

https://undercodenews.com/top-2025-free-certified-cybersecurity-courses-recommended-by-undercode/

🦑Disabling EDRs by File Rename Junctions (Crowdstrike)

PendingFileRenameOperations allows applications to create file rename operations by creating a registry entry under the HKLM\SYSTEM\CurrentControlSet\Control\Session Manager. Initially I attempted to create this entry, pointing it towards the EDR binary as such in PowerShell, based on the StackOverflow thread.

➡️ Powershell start :

new-ItemProperty -path "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager" -Name "PendingFileRenameOperations" -Value $($((Get-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager" -Name PendingFileRenameOperations -ErrorAction SilentlyContinue).PendingFileRenameOperations) + "\??\C:\Program Files\<EDR_PATH>.exe`0`0") -type MultiString -Force | Out-Null

➡️ Powershell end.

⚠️ This works for AVs/EDRs without anti-tampering. Security products with anti-tampering can use [CmRegisterCallbackEx](https://lnkd.in/dmCGSwnX) to monitor and block registry operations from the kernel. A kernel driver could block registry keys from being created if they referenced their core services.

Using a reparse point (junction) - kudos again to sixtyvividtails - we can create a junction from: C:\program-files -> C:\Program Files\

And yet again we can create our PendingFileRenameOperations, pointing the key at the EDR binary pathed through our junction, something that most EDRs do not check. All of this of course requires Admin privileges. On the next reboot, any core EDR binaries will be renamed to "", in turn being deleted.

Ref: Simon Ngoy
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

⚠️ The Future of Enterprise #AI: Navigating Risks with #Cisco #AI Defense

https://undercodenews.com/the-future-of-enterprise-ai-navigating-risks-with-cisco-ai-defense/

@Undercode_News

The Rising Tide of #Crypto Crime: How Cybercriminals Stole 1 Billion in 2024

https://undercodenews.com/the-rising-tide-of-crypto-crime-how-cybercriminals-stole-1-billion-in-2024/

@Undercode_News

📊 #Nvidia to Build One of Israel’s Largest #AI Data Centers: A Game-Changer for #AI Innovation

https://undercodenews.com/nvidia-to-build-one-of-israels-largest-ai-data-centers-a-game-changer-for-ai-innovation/

@Undercode_News

Bridging the Gender Pay Gap in Israeli High-Tech: A Call for Equality

https://undercodenews.com/bridging-the-gender-pay-gap-in-israeli-high-tech-a-call-for-equality/

@Undercode_News

☁️ The Future of Computing: Why Edge Computing is Taking Center Stage

https://undercodenews.com/the-future-of-computing-why-edge-computing-is-taking-center-stage/

@Undercode_News

🛡️ Qbiq Secures 6M Series A Funding to Revolutionize Architectural Planning with #AI

https://undercodenews.com/qbiq-secures-6m-series-a-funding-to-revolutionize-architectural-planning-with-ai/

@Undercode_News

⚠️ Momentick Secures Million to Revolutionize Insurance with Emissions Risk Management

https://undercodenews.com/momentick-secures-million-to-revolutionize-insurance-with-emissions-risk-management/

@Undercode_News

🛡️ Israel Races to Secure #AI Chips Ahead of US Export Restrictions

https://undercodenews.com/israel-races-to-secure-ai-chips-ahead-of-us-export-restrictions/

@Undercode_News

Israel’s #AI Revolution: How the Startup Nation is Poised to Lead the Next Tech Wave

https://undercodenews.com/israels-ai-revolution-how-the-startup-nation-is-poised-to-lead-the-next-tech-wave/

@Undercode_News

Israel’s Deep Tech Boom: A Global Magnet for Innovation and Investment

https://undercodenews.com/israels-deep-tech-boom-a-global-magnet-for-innovation-and-investment/

@Undercode_News

⚡️ #Windows 10 #Update KB5048239 Stuck in Installation Loop? Here’s What Happened and How #Microsoft Fixed It

https://undercodenews.com/windows-10-update-kb5048239-stuck-in-installation-loop-heres-what-happened-and-how-microsoft-fixed-it/

@Undercode_News

⚡️ Japan’s New Supercomputer Miyabi Revolutionizes Disaster Prediction and Scientific Research

https://undercodenews.com/japans-new-supercomputer-miyabi-revolutionizes-disaster-prediction-and-scientific-research/

@Undercode_News