🦑Chatgpt Hack:

Official Repo of ChatGPT "DAN" (and other "Jailbreaks"):


https://github.com/0xk1h0/ChatGPT_DAN

🎮 #Windows 11 24H2: A Buggy #Update for Gamers

https://undercodenews.com/windows-11-24h2-a-buggy-update-for-gamers/

@Undercode_News

🔐 Apache Struts Flaw Under Active Attack: Urgent Patching Needed

https://undercodenews.com/apache-struts-flaw-under-active-attack-urgent-patching-needed/

@Undercode_News

Russia's Undesirable Label: A Badge of Honor for Recorded Future

https://undercodenews.com/russias-undesirable-label-a-badge-of-honor-for-recorded-future/

@Undercode_News

Hunters #Ransomware Targets Microvision

https://undercodenews.com/hunters-ransomware-targets-microvision/

@Undercode_News

Hunters #Ransomware Targets Trev Deeley Motorcycles, Another Victim Falls Prey

https://undercodenews.com/hunters-ransomware-targets-trev-deeley-motorcycles-another-victim-falls-prey/

@Undercode_News

🛡️ Pushing the Boundaries: Fitness, Fire Safety, and Life Support Advancements on the International Space Station

https://undercodenews.com/pushing-the-boundaries-fitness-fire-safety-and-life-support-advancements-on-the-international-space-station/

@Undercode_News

🦑What is Honeypot: Simplified

Follow Santosh Nandakumar for daily simplified infosec learnings.

A honeypot is a security mechanism designed to detect, deflect, or study hacking attempts by acting as a decoy system. It looks like a legitimate target but is isolated from the actual network to gather intelligence on attackers.

Example

Imagine you’re protecting a house (your network) from burglars. You set up a fake house nearby, filled with dummy valuables. Burglars are attracted to this fake house, thinking it’s the real one. You monitor their actions to learn their techniques and better secure your actual house.

Technical Example

You deploy a honeypot server within your corporate network that mimics a database server. It contains no real data but appears authentic to attackers. When an attacker tries to access it, their activities (such as IP, methods, and tools) are logged for analysis.

Types of Honeypots

1. Production Honeypot
Used to improve overall security by distracting attackers from real systems.
Example: A fake customer login page for a banking website.

2. Research Honeypot
Used for studying attack methods and gathering intelligence.
Example: A honeypot server that simulates IoT devices to study botnet attacks.

Usage

- Intrusion Detection: Identify unauthorized access attempts.

- Threat Intelligence: Understand attackers' tools, techniques, and goals.

- Deception Strategy: Divert attackers away from real resources.

- Vulnerability Testing: Study how attackers exploit weaknesses.

Benefits

1. Early Threat Detection: Identifies threats before they reach critical systems.

2. Data Collection: Offers valuable insights into attack patterns and behaviors.

3. Improved Defense: Helps in identifying security gaps and improving defenses.

4. Resource Efficiency: Reduces the workload on actual systems by diverting attacks.

5. Training Ground: Useful for security teams to practice handling real-world threats.

Limitations

1. Limited Scope: Cannot detect attacks on systems outside the honeypot.

2. Risk of Exploitation: If not properly isolated, attackers could use the honeypot to attack real systems.

3. Resource Intensive: Requires setup, monitoring, and maintenance.

Ref: Santosh Nandakumar
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Your #Instagram Profile: A #Digital Business Card

https://undercodenews.com/your-instagram-profile-a-digital-business-card/

@Undercode_News

Interpol Calls for a More Humane Term for Romance Scams

https://undercodenews.com/interpol-calls-for-a-more-humane-term-for-romance-scams/

@Undercode_News

🦑AI-SOC. Radiant Security AI.

I have had many conversations (and still have) about Security for AI, especially about how AI-SOC can affect and help the SOC team and processes. At the same time, We have been (xTriage) running Radiant Security AI as AI-SOC (and more) for over a year, and the results arrived on time with HUGH successes!

During the AI-SOC journey with Radiant Security AI, we found many advantages about it. Below are some of them (in a nutshell):

1️⃣ Proactive Threat Hunting: AI-SOC leverages real-time data analysis and threat intelligence to proactively detect emerging threats, even before they appear in known threat databases.

2️⃣ Precision in Incident Detection: AI models analyze massive datasets and correlate events across multiple layers (network, endpoints, cloud, identities), reducing detection blind spots.

3️⃣ Scalability: AI-SOC can handle the massive influx of security alerts and scale effortlessly with an organization's growth without requiring linear increases in human resources.

4️⃣ Behavioral Anomaly Detection: AI identifies subtle deviations from normal behavior patterns that traditional systems often overlook, ensuring early detection of insider threats and zero-day exploits.

5️⃣ Hyperautomation: Combining AI with SOAR platforms enables faster and smarter incident response. Automated workflows triage and contain incidents without waiting for human intervention.

6️⃣ Continuous Learning and Adaptation: AI algorithms evolve with each new threat encountered, continuously improving their accuracy and relevance in detecting sophisticated attacks.

7️⃣ Enhanced Collaboration: AI-SOC tools facilitate collaboration across security tiers (T1-T3), presenting data and insights in clear, actionable formats tailored to the expertise level of the analyst.

8️⃣ Integrated Multi-Vendor Ecosystem: With support for seamless integration into existing ecosystems (e.g., XDR tools, SIEMs, SOAR), AI-SOC ensures minimal workflow disruption.

9️⃣ Reduction in False Positives: By understanding context and correlating events, AI dramatically reduces false positives, allowing analysts to focus on genuine threats.

🔟 Cost Efficiency: By automating repetitive tasks and reducing the need for manual intervention, AI-SOC optimizes resource utilization and lowers the overall cost of operations.

In the end, T1/T2 is not chasing after massive FPs or useless alerts - They are now doing advanced tasks.

Ref: Elli Shlomo
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

#TikTok's Fate in the Hands of Supreme Court: A Ban or a Reprieve?

https://undercodenews.com/tiktoks-fate-in-the-hands-of-supreme-court-a-ban-or-a-reprieve/

@Undercode_News

🟠 openCart, Server-Side Template Injection (SSTI), GHSA-xrh7-2gfq-4rcq (Moderate)

https://dailycve.com/opencart-server-side-template-injection-ssti-ghsa-xrh7-2gfq-4rcq-moderate/

@DailyCVE

🔴 golangorg/x/net/#html: Non-linear Parsing Vulnerability (#CVE-TBD) - Critical

https://dailycve.com/golangorg-x-net-html-non-linear-parsing-vulnerability-cve-tbd-critical/

@Daily_CVE

Whatsapp (Meta) server is down

🦑Another Red Team Pack:

𝐑𝐞𝐝 𝐓𝐞𝐚𝐦 𝐓𝐨𝐨𝐥𝐬 🔥

🔴 RECONNAISSANCE:
- RustScan ==> https://lnkd.in/ebvRfBNy
- NmapAutomator ==> https://lnkd.in/gu5wxzf6
- AutoRecon ==> https://lnkd.in/g3DeG6YT
- Amass ==> https://lnkd.in/e7V569N5
- CloudEnum ==> https://lnkd.in/ePHDeGZv
- Recon-NG ==> https://lnkd.in/edwaXFjS
- AttackSurfaceMapper ==> https://lnkd.in/ebbcj6Rm
- DNSDumpster ==> https://dnsdumpster.com/

🔴 INITIAL ACCESS:
- SprayingToolKit ==> https://lnkd.in/eBSAPz5z
- o365Recon ==> https://lnkd.in/eJwCx-Ga
- Psudohash ==> https://lnkd.in/gcaxV6fR
- CredMaster ==> https://lnkd.in/gtMEDVuS
- DomainPasswordSpray ==> https://lnkd.in/guWj4TYv
- TheSprayer ==> https://lnkd.in/gZVuQYiv
- TREVORspray ==> https://lnkd.in/gHgcbjgV

🔴 DELIVERY:
- o365AttackToolKit ==> https://lnkd.in/etCCYi8y
- EvilGinx2 ==> https://lnkd.in/eRDPvwUg
- GoPhish ==> https://lnkd.in/ea26dfNg
- PwnAuth ==> https://lnkd.in/eqecM7de
- Modlishka ==> https://lnkd.in/eds-dR5C

🔴 COMMAND AND CONTROL:
- PoshC2 ==> https://lnkd.in/eqSJUDji
- Sliver ==> https://lnkd.in/ewN9Nday
- SILENTTRINITY ==> https://lnkd.in/eeZGbYMs
- Empire ==> https://lnkd.in/egAPa8gY
- AzureC2Relay ==> https://lnkd.in/efmh2t3g
- Havoc C2 ==> https://lnkd.in/gEFp2iym
- Mythic C2 ==> https://lnkd.in/gnCGwfWk

🔴 CREDENTIAL DUMPING:
- MimiKatz ==> https://lnkd.in/etEGfvJK
- HekaTomb ==> https://lnkd.in/eJx5Ugu5
- SharpLAPS ==> https://lnkd.in/eA28n9FT
- Net-GPPPassword ==> https://lnkd.in/e3CTez5A
- PyPyKatz ==> https://lnkd.in/eeb5b6Tz

🔴 PRIVILEGE ESCALATION:
- SharpUp ==> https://lnkd.in/etR2Pe_n
- MultiPotato ==> https://lnkd.in/eq53PXcJ
- PEASS ==> https://lnkd.in/eWA66akh
- Watson ==> https://lnkd.in/eZfYMSMX
- Bat-Potato ==> https://lnkd.in/gjziyG8q

🔴 DEFENSE EVASION:
- Villain ==> https://lnkd.in/gquyGFm5
- EDRSandBlast ==> https://lnkd.in/e8g8zYFT
- SPAWN - Cobalt Strike BOF ==> https://lnkd.in/e223PbqZ
- NetLoader ==> https://lnkd.in/ef5wCD4y
- KillDefenderBOF ==> https://lnkd.in/eVd54HUp
- ThreatCheck ==> https://lnkd.in/eHvSPakR
- Freeze ==> https://lnkd.in/eNUh3zCi
- GadgetToJScript ==> https://lnkd.in/egPQBBXJ

🔴 PERSISTENCE:
- SharPyShell ==> https://lnkd.in/eXm8h8Bj
- SharpStay ==> https://lnkd.in/erRbeFMj
- SharpEventPersist ==> https://lnkd.in/e_kJFNiB

🔴 LATERAL MOVEMENT:
- SCShell ==> https://lnkd.in/e256fC8B
- MoveKit ==> https://lnkd.in/eR-NUu_U
- ImPacket ==> https://lnkd.in/euG4hTTs

🔴 EXFILTRATION:
- SharpExfiltrate ==> https://lnkd.in/eGC4BKRN
- DNSExfiltrator ==> https://lnkd.in/epJ-s6gp
- Egress-Assess ==> https://lnkd.in/eXGFPQRJ

Ref: Adnan Alam
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🔐 APT29's Sophisticated Cyberattacks: A Deep Dive

https://undercodenews.com/apt29s-sophisticated-cyberattacks-a-deep-dive/

@Undercode_News