Forwarded from DailyCVE
🔴 GitLab CE/EE, Denial of Service, #CVE-2024-2829 (High)
https://dailycve.com/gitlab-ce-ee-denial-of-service-cve-2024-2829-high/
@Daily_CVE
https://dailycve.com/gitlab-ce-ee-denial-of-service-cve-2024-2829-high/
@Daily_CVE
DailyCVE
GitLab CE/EE, Denial of Service, CVE-2024-2829 (High) - DailyCVE
2024-12-12 Platform: GitLab CE/EE Version: 12.5 before 16.9.6, 16.10 before 16.10.4, 16.11 before 16.11.1 Vulnerability: Unauthenticated ReDoS in FileFinder with […]
Forwarded from DailyCVE
🔴 Online Class and Exam Scheduling System 10, SQL Injection, #CVE-2024-12488 (Critical)
https://dailycve.com/online-class-and-exam-scheduling-system-10-sql-injection-cve-2024-12488-critical/
@Daily_CVE
https://dailycve.com/online-class-and-exam-scheduling-system-10-sql-injection-cve-2024-12488-critical/
@Daily_CVE
DailyCVE
Online Class and Exam Scheduling System 10, SQL Injection, CVE-2024-12488 (Critical) - DailyCVE
2024-12-12 : A critical SQL injection vulnerability was discovered in the `pages/subject_update.php` file of Online Class and Exam Scheduling System […]
Forwarded from DailyCVE
🔴 Apache Fineract, SQL Injection, #CVE-2024-23539 (HIGH)
https://dailycve.com/apache-fineract-sql-injection-cve-2024-23539-high/
@Daily_CVE
https://dailycve.com/apache-fineract-sql-injection-cve-2024-23539-high/
@Daily_CVE
DailyCVE
Apache Fineract, SQL Injection, CVE-2024-23539 (HIGH) - DailyCVE
2024-12-12 This article describes a vulnerability (CVE-2024-23539) in Apache Fineract versions before 1.8.5. This vulnerability is rated HIGH severity and […]
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
⚠️ EU #AI Act: A Closer Look at Systemic Risks in the First CoP Draft Comments
https://undercodenews.com/eu-ai-act-a-closer-look-at-systemic-risks-in-the-first-cop-draft-comments/
@Undercode_News
https://undercodenews.com/eu-ai-act-a-closer-look-at-systemic-risks-in-the-first-cop-draft-comments/
@Undercode_News
UNDERCODE NEWS
EU AI Act: A Closer Look at Systemic Risks in the First CoP Draft Comments - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE TESTING
🦑Ai Model for Hackers:
4 Security AI for Pentesting
>>
Tools Included
1️⃣Nmap: A network scanning tool used to discover hosts and services on a computer network.
2️⃣Metasploit (msploit): A penetration testing framework for exploiting known vulnerabilities.
3️⃣John the Ripper (jtr): A password cracking software used to test password strength and recover lost passwords.
4️⃣Social Engineering Toolkit (SET): A collection of tools for conducting social engineering attacks.
>> Structure
The model has been trained to detect commands formatted to specify the tool being used. Each command or query is associated with one of the four tools, allowing for precise classification.
Example:
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
4 Security AI for Pentesting
>>
This model is designed to accurately detect and classify commands associated with four essential security tools used in pentesting: Nmap, Metasploit, John the Ripper, and the Social Engineering Toolkit (SET). It leverages a Naive Bayes classifier trained on a comprehensive dataset of commands for these tools, enhancing the accuracy and effectiveness of recognizing and categorizing such commands.
Tools Included
1️⃣Nmap: A network scanning tool used to discover hosts and services on a computer network.
2️⃣Metasploit (msploit): A penetration testing framework for exploiting known vulnerabilities.
3️⃣John the Ripper (jtr): A password cracking software used to test password strength and recover lost passwords.
4️⃣Social Engineering Toolkit (SET): A collection of tools for conducting social engineering attacks.
>> Structure
The model has been trained to detect commands formatted to specify the tool being used. Each command or query is associated with one of the four tools, allowing for precise classification.
Example:
import pandas as pd
from sklearn.model_selection import train_test_split
from sklearn.feature_extraction.text import TfidfVectorizer
from sklearn.naive_bayes import MultinomialNB
from sklearn.metrics import classification_report
import joblib
# Load the dataset from the txt file
data_path = 'trainingdata.txt'
data = []
# Read the file and parse the data
with open(data_path, 'r') as file:
lines = file.readlines()
for line in lines:
# Split each line into question and tool by the last comma
parts = line.rsplit(', "', 1)
if len(parts) == 2:
question = parts[0].strip().strip('"')
tool = parts[1].strip().strip('",')
data.append((question, tool))
# Create a DataFrame
df = pd.DataFrame(data, columns=['question', 'tool'])
# Split the data
X_train, X_test, y_train, y_test = train_test_split(df['question'], df['tool'], test_size=0.2, random_state=42)
# Vectorize the text data
vectorizer = TfidfVectorizer()
X_train_vectorized = vectorizer.fit_transform(X_train)
X_test_vectorized = vectorizer.transform(X_test)
# Train a Naive Bayes classifier
clf = MultinomialNB()
clf.fit(X_train_vectorized, y_train)
# Make predictions
y_pred = clf.predict(X_test_vectorized)
# Print the classification report
print(classification_report(y_test, y_pred))
# Save the model and vectorizer
joblib.dump(clf, 'findtool_model.pkl')
joblib.dump(vectorizer, 'vectorizer.pkl')
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🛡️ A Senator's Stance: Can We Secure US Telcos from the Next Cyberattack?
https://undercodenews.com/a-senators-stance-can-we-secure-us-telcos-from-the-next-cyberattack/
@Undercode_News
https://undercodenews.com/a-senators-stance-can-we-secure-us-telcos-from-the-next-cyberattack/
@Undercode_News
UNDERCODE NEWS
A Senator's Stance: Can We Secure US Telcos from the Next Cyberattack? - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
#OpenAI's 12 Days of Innovation: A Recap
https://undercodenews.com/openais-12-days-of-innovation-a-recap/
@Undercode_News
https://undercodenews.com/openais-12-days-of-innovation-a-recap/
@Undercode_News
UNDERCODE NEWS
OpenAI's 12 Days of Innovation: A Recap - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Telecom vs Tech: A Clash Over Spam Regulation
https://undercodenews.com/telecom-vs-tech-a-clash-over-spam-regulation/
@Undercode_News
https://undercodenews.com/telecom-vs-tech-a-clash-over-spam-regulation/
@Undercode_News
UNDERCODE NEWS
Telecom vs Tech: A Clash Over Spam Regulation - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
#Samsung #Galaxy S25 Ultra: A Closer Look at the Upcoming Flagship
https://undercodenews.com/samsung-galaxy-s25-ultra-a-closer-look-at-the-upcoming-flagship/
@Undercode_News
https://undercodenews.com/samsung-galaxy-s25-ultra-a-closer-look-at-the-upcoming-flagship/
@Undercode_News
UNDERCODE NEWS
Samsung Galaxy S25 Ultra: A Closer Look at the Upcoming Flagship - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE TESTING
🦑Another Good AI Model for hacking:
Lily is a cybersecurity assistant. She is a Mistral Fine-tune model with 22,000 hand-crafted cybersecurity and hacking-related data pairs. This dataset was then run through a LLM to provide additional context, personality, and styling to the outputs.
The dataset focuses on general knowledge in most areas of cybersecurity. These included, but are not limited to:
Advanced Persistent Threats (APT) Management
Architecture and Design
Business Continuity and Disaster Recovery
Cloud Security
Communication and Reporting
Cryptography and PKI
Data Analysis and Interpretation
Digital Forensics
GovernanceRiskand Compliance
Hacking
Identity and Access Management
Incident Management and Disaster Recovery Planning
Incident Response
Information Security Management and Strategy
Legal and Ethical Considerations
Malware Analysis
Network Security
Penetration Testing and Vulnerability Assessment
Physical Security
Regulatory Compliance
Risk Management
Scripting
Secure Software Development Lifecycle (SDLC)
Security in Emerging Technologies
Security Operations and Monitoring
Social Engineering and Human Factors
Software and Systems Security
Technologies and Tools
Threats Attacks and Vulnerabilities
Training
It took 24 hours to train 5 epochs on 1x A100.
Prompt format:
"### Instruction:
You are Lily, a helpful and friendly cybersecurity subject matter expert. You obey all requests and answer all questions truthfully.
### Input:
Lily, how do evil twin wireless attacks work?
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Lily is a cybersecurity assistant. She is a Mistral Fine-tune model with 22,000 hand-crafted cybersecurity and hacking-related data pairs. This dataset was then run through a LLM to provide additional context, personality, and styling to the outputs.
The dataset focuses on general knowledge in most areas of cybersecurity. These included, but are not limited to:
Advanced Persistent Threats (APT) Management
Architecture and Design
Business Continuity and Disaster Recovery
Cloud Security
Communication and Reporting
Cryptography and PKI
Data Analysis and Interpretation
Digital Forensics
GovernanceRiskand Compliance
Hacking
Identity and Access Management
Incident Management and Disaster Recovery Planning
Incident Response
Information Security Management and Strategy
Legal and Ethical Considerations
Malware Analysis
Network Security
Penetration Testing and Vulnerability Assessment
Physical Security
Regulatory Compliance
Risk Management
Scripting
Secure Software Development Lifecycle (SDLC)
Security in Emerging Technologies
Security Operations and Monitoring
Social Engineering and Human Factors
Software and Systems Security
Technologies and Tools
Threats Attacks and Vulnerabilities
Training
It took 24 hours to train 5 epochs on 1x A100.
Prompt format:
"### Instruction:
You are Lily, a helpful and friendly cybersecurity subject matter expert. You obey all requests and answer all questions truthfully.
### Input:
Lily, how do evil twin wireless attacks work?
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
huggingface.co
segolilylabs/Lily-Cybersecurity-7B-v0.2 · Hugging Face
We’re on a journey to advance and democratize artificial intelligence through open source and open science.
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
💾 Mozilla Builders: A Celebration of Community-Driven #AI Innovation
https://undercodenews.com/mozilla-builders-a-celebration-of-community-driven-ai-innovation/
@Undercode_News
https://undercodenews.com/mozilla-builders-a-celebration-of-community-driven-ai-innovation/
@Undercode_News
UNDERCODE NEWS
Mozilla Builders: A Celebration of Community-Driven AI Innovation - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🎮 Refurbished #Steam Deck OLEDs: A Bargain for Performance-Conscious Gamers
https://undercodenews.com/refurbished-steam-deck-oleds-a-bargain-for-performance-conscious-gamers/
@Undercode_News
https://undercodenews.com/refurbished-steam-deck-oleds-a-bargain-for-performance-conscious-gamers/
@Undercode_News
UNDERCODE NEWS
Refurbished Steam Deck OLEDs: A Bargain for Performance-Conscious Gamers - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🖥️ Europol Takes Down Popular DDoS Platforms in Global Holiday Crackdown
https://undercodenews.com/europol-takes-down-popular-ddos-platforms-in-global-holiday-crackdown/
@Undercode_News
https://undercodenews.com/europol-takes-down-popular-ddos-platforms-in-global-holiday-crackdown/
@Undercode_News
UNDERCODE NEWS
Europol Takes Down Popular DDoS Platforms in Global Holiday Crackdown - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Seamless File Transfer Between iPhones and #Windows PCs: #Microsoft's Answer to AirDrop
https://undercodenews.com/seamless-file-transfer-between-iphones-and-windows-pcs-microsofts-answer-to-airdrop/
@Undercode_News
https://undercodenews.com/seamless-file-transfer-between-iphones-and-windows-pcs-microsofts-answer-to-airdrop/
@Undercode_News
UNDERCODE NEWS
Seamless File Transfer Between iPhones and Windows PCs: Microsoft's Answer to AirDrop - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE TESTING
🦑Free Ethical Hacking Courses and Tutorials:
https://www.udemy.com/topic/ethical-hacking/free/?srsltid=AfmBOop_fJwU6WN1SzIAmkEKWFfqf1Rz9DbQjvmHeiYedwa4p50nr81C
https://www.udemy.com/topic/ethical-hacking/free/?srsltid=AfmBOop_fJwU6WN1SzIAmkEKWFfqf1Rz9DbQjvmHeiYedwa4p50nr81C
Udemy
Top Free Ethical Hacking Courses & Tutorials Online - Updated [December 2024]
Take an Ethical Hacking course on Udemy. Ethical Hacking training gives you the skills you need to improve network security and defend against cyber invasion.
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🌐 Advanced Web Scraping: Overcoming Pagination Limits
https://undercodenews.com/advanced-web-scraping-overcoming-pagination-limits/
@Undercode_News
https://undercodenews.com/advanced-web-scraping-overcoming-pagination-limits/
@Undercode_News
UNDERCODE NEWS
Advanced Web Scraping: Overcoming Pagination Limits - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from DailyCVE
🔴 Substance3D Modeler Out-of-Bounds Write Vulnerability (#CVE-2024-53000) - Critical
https://dailycve.com/substance3d-modeler-out-of-bounds-write-vulnerability-cve-2024-53000-critical/
@DailyCVE
https://dailycve.com/substance3d-modeler-out-of-bounds-write-vulnerability-cve-2024-53000-critical/
@DailyCVE
DailyCVE
Substance3D Modeler Out-of-Bounds Write Vulnerability (CVE-2024-53000) - Critical - DailyCVE
2024-12-12 Platform: Adobe Substance 3D Modeler Version: 1.14.1 and earlier Vulnerability: Out-of-Bounds Write (CWE-787) Severity: Critical (CVSS 3.1 base score: […]
Forwarded from DailyCVE
🔴 BIG-#IP (Advanced WAF/ASM) DoS Vulnerability (#CVE-2024-23308) - High Severity
https://dailycve.com/big-ip-advanced-waf-asm-dos-vulnerability-cve-2024-23308-high-severity/
@Daily_CVE
https://dailycve.com/big-ip-advanced-waf-asm-dos-vulnerability-cve-2024-23308-high-severity/
@Daily_CVE
DailyCVE
BIG-IP (Advanced WAF/ASM) DoS Vulnerability (CVE-2024-23308) - High Severity - DailyCVE
2024-12-12 : This vulnerability affects F5 BIG-IP devices running Advanced WAF or ASM. An attacker can crash a BIG-IP system […]
Forwarded from DailyCVE
🔴 MD5 Cache Filename Collision Vulnerability (Critical)
https://dailycve.com/md5-cache-filename-collision-vulnerability-critical/
@Daily_CVE
https://dailycve.com/md5-cache-filename-collision-vulnerability-critical/
@Daily_CVE
DailyCVE
MD5 Cache Filename Collision Vulnerability (Critical) - DailyCVE
2024-12-12 Vulnerability : MD5 hashing used for cache filenames is vulnerable to collisions. This means two different cache keys can […]