Forwarded from Exploiting Crew (Pr1vAt3)
๐ฆ๐๐จ๐ฐ ๐๐จ๐๐ฌ ๐ ๐๐๐
๐ฐ๐จ๐ซ๐ค?
A Web Application Firewall (WAF) functions by monitoring and filtering HTTP/HTTPS traffic to and from web applications.
๐๐๐ฒ ๐จ๐ฉ๐๐ซ๐๐ญ๐ข๐จ๐ง๐๐ฅ ๐๐จ๐ฆ๐ฉ๐จ๐ง๐๐ง๐ญ๐ฌ ๐ข๐ง๐๐ฅ๐ฎ๐๐: -
๐๐ซ๐๐๐๐ข๐ ๐๐ง๐๐ฅ๐ฒ๐ฌ๐ข๐ฌ: It scrutinizes incoming and outgoing requests to pinpoint anomalies or potential threats.
๐๐ฎ๐ฅ๐ ๐๐ง๐๐จ๐ซ๐๐๐ฆ๐๐ง๐ญ: Predefined rulesets are applied to identify and mitigate malicious activity. Analytical techniques employed by a WAF encompass:
๐๐ฅ๐๐๐ค๐ฅ๐ข๐ฌ๐ญ๐ข๐ง๐ : This approach blocks requests from known malicious IP addresses, preventing unauthorized access.
๐๐ก๐ข๐ญ๐๐ฅ๐ข๐ฌ๐ญ๐ข๐ง๐ : Only explicitly approved requests are allowed through, enhancing security by default.
๐๐ข๐ ๐ง๐๐ญ๐ฎ๐ซ๐-๐๐๐ฌ๐๐ ๐๐๐ญ๐๐๐ญ๐ข๐จ๐ง**This method involves recognizing established attack patterns based on known signatures.
**๐๐๐ก๐๐ฏ๐ข๐จ๐ซ๐๐ฅ ๐๐ง๐๐ฅ๐ฒ๐ฌ๐ข๐ฌ: Leveraging machine learning algorithms, the WAF can identify suspicious behaviors that may deviate from normal activity. Unlike traditional antivirus solutions that rely solely on signature detection,
WAFs utilize more sophisticated detection mechanisms.
๐๐ง๐๐ ๐ญ๐ก๐ซ๐๐๐ญ๐ฌ ๐๐ซ๐ ๐๐๐ญ๐๐๐ญ๐๐, ๐ญ๐ก๐ ๐๐๐ ๐ข๐ฆ๐ฉ๐ฅ๐๐ฆ๐๐ง๐ญ๐ฌ ๐ญ๐ก๐ ๐๐จ๐ฅ๐ฅ๐จ๐ฐ๐ข๐ง๐ ๐ฆ๐๐๐ฌ๐ฎ๐ซ๐๐ฌ:
๐๐๐ช๐ฎ๐๐ฌ๐ญ ๐๐ฅ๐จ๐๐ค๐ข๐ง๐ : Directly halting any identified malicious requests.
๐๐ฏ๐๐ง๐ญ ๐๐จ๐ ๐ ๐ข๐ง๐ : Recording incidents for further investigation and analysis, facilitating continued improvement of security postures.
Image credit: Cyber Edition
Ref: Praveen Singh
@UndercodeCommunity
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
A Web Application Firewall (WAF) functions by monitoring and filtering HTTP/HTTPS traffic to and from web applications.
๐๐๐ฒ ๐จ๐ฉ๐๐ซ๐๐ญ๐ข๐จ๐ง๐๐ฅ ๐๐จ๐ฆ๐ฉ๐จ๐ง๐๐ง๐ญ๐ฌ ๐ข๐ง๐๐ฅ๐ฎ๐๐: -
๐๐ซ๐๐๐๐ข๐ ๐๐ง๐๐ฅ๐ฒ๐ฌ๐ข๐ฌ: It scrutinizes incoming and outgoing requests to pinpoint anomalies or potential threats.
๐๐ฎ๐ฅ๐ ๐๐ง๐๐จ๐ซ๐๐๐ฆ๐๐ง๐ญ: Predefined rulesets are applied to identify and mitigate malicious activity. Analytical techniques employed by a WAF encompass:
๐๐ฅ๐๐๐ค๐ฅ๐ข๐ฌ๐ญ๐ข๐ง๐ : This approach blocks requests from known malicious IP addresses, preventing unauthorized access.
๐๐ก๐ข๐ญ๐๐ฅ๐ข๐ฌ๐ญ๐ข๐ง๐ : Only explicitly approved requests are allowed through, enhancing security by default.
๐๐ข๐ ๐ง๐๐ญ๐ฎ๐ซ๐-๐๐๐ฌ๐๐ ๐๐๐ญ๐๐๐ญ๐ข๐จ๐ง**This method involves recognizing established attack patterns based on known signatures.
**๐๐๐ก๐๐ฏ๐ข๐จ๐ซ๐๐ฅ ๐๐ง๐๐ฅ๐ฒ๐ฌ๐ข๐ฌ: Leveraging machine learning algorithms, the WAF can identify suspicious behaviors that may deviate from normal activity. Unlike traditional antivirus solutions that rely solely on signature detection,
WAFs utilize more sophisticated detection mechanisms.
๐๐ง๐๐ ๐ญ๐ก๐ซ๐๐๐ญ๐ฌ ๐๐ซ๐ ๐๐๐ญ๐๐๐ญ๐๐, ๐ญ๐ก๐ ๐๐๐ ๐ข๐ฆ๐ฉ๐ฅ๐๐ฆ๐๐ง๐ญ๐ฌ ๐ญ๐ก๐ ๐๐จ๐ฅ๐ฅ๐จ๐ฐ๐ข๐ง๐ ๐ฆ๐๐๐ฌ๐ฎ๐ซ๐๐ฌ:
๐๐๐ช๐ฎ๐๐ฌ๐ญ ๐๐ฅ๐จ๐๐ค๐ข๐ง๐ : Directly halting any identified malicious requests.
๐๐ฏ๐๐ง๐ญ ๐๐จ๐ ๐ ๐ข๐ง๐ : Recording incidents for further investigation and analysis, facilitating continued improvement of security postures.
Image credit: Cyber Edition
Ref: Praveen Singh
@UndercodeCommunity
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
๐ Leaky Labels: Bypassing Traefik Proxy Leveraging cAdvisor Metrics
https://undercodenews.com/leaky-labels-bypassing-traefik-proxy-leveraging-cadvisor-metrics/
@Undercode_News
https://undercodenews.com/leaky-labels-bypassing-traefik-proxy-leveraging-cadvisor-metrics/
@Undercode_News
UNDERCODE NEWS
Leaky Labels: Bypassing Traefik Proxy Leveraging cAdvisor Metrics - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
โ ๏ธ Cloud Misconfigurations: The New Face of Cybersecurity Risk
https://undercodenews.com/cloud-misconfigurations-the-new-face-of-cybersecurity-risk/
@Undercode_News
https://undercodenews.com/cloud-misconfigurations-the-new-face-of-cybersecurity-risk/
@Undercode_News
UNDERCODE NEWS
Cloud Misconfigurations: The New Face of Cybersecurity Risk - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
๐ Chinese Spies Remain Embedded in US Telecom Networks
https://undercodenews.com/chinese-spies-remain-embedded-in-us-telecom-networks/
@Undercode_News
https://undercodenews.com/chinese-spies-remain-embedded-in-us-telecom-networks/
@Undercode_News
UNDERCODE NEWS
Chinese Spies Remain Embedded in US Telecom Networks - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
โ ๏ธ Russian Spies Target #Android Users with New Mobile #Malware
https://undercodenews.com/russian-spies-target-android-users-with-new-mobile-malware/
@Undercode_News
https://undercodenews.com/russian-spies-target-android-users-with-new-mobile-malware/
@Undercode_News
UNDERCODE NEWS
Russian Spies Target Android Users with New Mobile Malware - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE TESTING
๐ฆ Free New Threat Hunting Resources Added! ๐จ
๐ What's New?
1๏ธโฃ Advanced Threat Hunting Queries (hashtag#KQL):
- Identify and monitor vulnerable assets for Known Exploited Vulnerabilities (hashtag#KEVs) by ransomware groups.
- Attack Vector: Network | Privileges Required: None
> Download <
@UndercodeCommunity
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ What's New?
1๏ธโฃ Advanced Threat Hunting Queries (hashtag#KQL):
- Identify and monitor vulnerable assets for Known Exploited Vulnerabilities (hashtag#KEVs) by ransomware groups.
- Attack Vector: Network | Privileges Required: None
> Download <
@UndercodeCommunity
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
๐ #Viber Goes Silent in Russia: Another Casualty in the Information War
https://undercodenews.com/viber-goes-silent-in-russia-another-casualty-in-the-information-war/
@Undercode_News
https://undercodenews.com/viber-goes-silent-in-russia-another-casualty-in-the-information-war/
@Undercode_News
UNDERCODE NEWS
Viber Goes Silent in Russia: Another Casualty in the Information War - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
๐ International Space Station Bustling with Research and a Spacewalk on the Horizon
https://undercodenews.com/international-space-station-bustling-with-research-and-a-spacewalk-on-the-horizon/
@Undercode_News
https://undercodenews.com/international-space-station-bustling-with-research-and-a-spacewalk-on-the-horizon/
@Undercode_News
UNDERCODE NEWS
International Space Station Bustling with Research and a Spacewalk on the Horizon - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
๐ฎ Streamlining #GitHub Issues: Enhanced Features and Improved Workflow
https://undercodenews.com/streamlining-github-issues-enhanced-features-and-improved-workflow/
@Undercode_News
https://undercodenews.com/streamlining-github-issues-enhanced-features-and-improved-workflow/
@Undercode_News
UNDERCODE NEWS
Streamlining GitHub Issues: Enhanced Features and Improved Workflow - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from DailyCVE
๐ด #Adobe Framemaker Stack-based Buffer Overflow (#CVE-2024-53959) - Critical
https://dailycve.com/adobe-framemaker-stack-based-buffer-overflow-cve-2024-53959-critical/
@Daily_CVE
https://dailycve.com/adobe-framemaker-stack-based-buffer-overflow-cve-2024-53959-critical/
@Daily_CVE
DailyCVE
Adobe Framemaker Stack-based Buffer Overflow (CVE-2024-53959) - Critical - DailyCVE
2024-12-13 Platform: Adobe Framemaker Version: 2020.7, 2022.5 and earlier Vulnerability: Stack-based Buffer Overflow (CVE-2024-53959) Severity: Critical (CVSS: 7.8) Date: December [โฆ]
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
โก๏ธ A New #AI: #Microsoft Unveils Phi-4, a Small Language Model That Punches Above Its Weight
https://undercodenews.com/a-new-ai-microsoft-unveils-phi-4-a-small-language-model-that-punches-above-its-weight/
@Undercode_News
https://undercodenews.com/a-new-ai-microsoft-unveils-phi-4-a-small-language-model-that-punches-above-its-weight/
@Undercode_News
UNDERCODE NEWS
A New AI: Microsoft Unveils Phi-4, a Small Language Model That Punches Above Its Weight - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
๐ Latest Cyber Reports Show Iranian Hackers Target Lebanese and Israeli Telecoms with DDoS Attack
https://undercodenews.com/latest-cyber-reports-show-iranian-hackers-target-lebanese-and-israeli-telecoms-with-ddos-attack/
@Undercode_News
https://undercodenews.com/latest-cyber-reports-show-iranian-hackers-target-lebanese-and-israeli-telecoms-with-ddos-attack/
@Undercode_News
UNDERCODE NEWS
Latest Cyber Reports Show Iranian Hackers Target Lebanese and Israeli Telecoms with DDoS Attack - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from Exploiting Crew (Pr1vAt3)
๐ฆ๐๐ฒ๐๐๐ซ ๐๐๐๐ฎ๐ซ๐ข๐ญ๐ฒ ๐๐๐ซ๐๐๐ซ๐ฌ ๐๐๐ญ๐ก.
1) Security certification roadmap https://lnkd.in/ghvqfZ3z & https://lnkd.in/eFU8WC29
2) Domains of cyber security https://lnkd.in/eXsfxkTs
3) Cyber career map https://lnkd.in/evTUCgas
4) Cyber career map https://dsci.in
Suggestion on how to use these: ask yourself
๐ What domain of security interests you (offensive? Policy? Defence?),
๐ What job you want (pentester? CISO?),
๐ What certifications you might need (OSCP? CEH?)
๐ What level they are at, build up a plan of how to get there?
Thank you Katie Paxton-Fear for nice sharing.
Ref: G M Faruk Ahmed, CISSP, CISA
@UndercodeCommunity
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
1) Security certification roadmap https://lnkd.in/ghvqfZ3z & https://lnkd.in/eFU8WC29
2) Domains of cyber security https://lnkd.in/eXsfxkTs
3) Cyber career map https://lnkd.in/evTUCgas
4) Cyber career map https://dsci.in
Suggestion on how to use these: ask yourself
๐ What domain of security interests you (offensive? Policy? Defence?),
๐ What job you want (pentester? CISO?),
๐ What certifications you might need (OSCP? CEH?)
๐ What level they are at, build up a plan of how to get there?
Thank you Katie Paxton-Fear for nice sharing.
Ref: G M Faruk Ahmed, CISSP, CISA
@UndercodeCommunity
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
โก๏ธ Unleash Your #Tesla's Inner Artist: New Vinyl Wrap Service with a Broader Palette!
https://undercodenews.com/unleash-your-teslas-inner-artist-new-vinyl-wrap-service-with-a-broader-palette/
@Undercode_News
https://undercodenews.com/unleash-your-teslas-inner-artist-new-vinyl-wrap-service-with-a-broader-palette/
@Undercode_News
UNDERCODE NEWS
Unleash Your Tesla's Inner Artist: New Vinyl Wrap Service with a Broader Palette! - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
โก๏ธ Navigating the New #iOS 18 Photos App: A User's Guide
https://undercodenews.com/navigating-the-new-ios-18-photos-app-a-users-guide/
@Undercode_News
https://undercodenews.com/navigating-the-new-ios-18-photos-app-a-users-guide/
@Undercode_News
UNDERCODE NEWS
Navigating the New iOS 18 Photos App: A User's Guide - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODER
๐ฆDeepfakeOSโข, the first-of-its-kind Linux-based toolkit designed exclusively for ethical deepfake penetration testing and advancing cognitive security.
DeepfakeOSโข is a cutting-edge Linux operating system preloaded with open-source tools for ethically creating synthetic media, including video, audio, and text. As synthetic media becomes more advanced, so do the threats it poses. DeepfakeOSโข empowers security professionals and researchers to understand, test, and defend against these emerging threats by providing a comprehensive, preloaded toolkit for ethical purposes.
https://deepfakedashboard.com/deepfakeos
@UndercodeCommunity
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
DeepfakeOSโข is a cutting-edge Linux operating system preloaded with open-source tools for ethically creating synthetic media, including video, audio, and text. As synthetic media becomes more advanced, so do the threats it poses. DeepfakeOSโข empowers security professionals and researchers to understand, test, and defend against these emerging threats by providing a comprehensive, preloaded toolkit for ethical purposes.
https://deepfakedashboard.com/deepfakeos
@UndercodeCommunity
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ