Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
๐ฑ Level Up Your Workflow: #ChatGPT Mac App Gets a Boost with Voice Commands and App Integration
https://undercodenews.com/level-up-your-workflow-chatgpt-mac-app-gets-a-boost-with-voice-commands-and-app-integration/
@Undercode_News
https://undercodenews.com/level-up-your-workflow-chatgpt-mac-app-gets-a-boost-with-voice-commands-and-app-integration/
@Undercode_News
UNDERCODE NEWS
Level Up Your Workflow: ChatGPT Mac App Gets a Boost with Voice Commands and App Integration - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
#AI-First India: A Skills Revolution
https://undercodenews.com/ai-first-india-a-skills-revolution/
@Undercode_News
https://undercodenews.com/ai-first-india-a-skills-revolution/
@Undercode_News
UNDERCODE NEWS
AI-First India: A Skills Revolution - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from Exploiting Crew (Pr1vAt3)
๐ฆIAM vs. PAM: Understanding the Key Differences ๐
In todayโs rapidly evolving cybersecurity landscape, managing access and securing sensitive data is more critical than ever. Two foundational tools in this effort are Identity and Access Management (IAM) and Privileged Access Management (PAM). While both are essential, they serve distinct purposes:
๐ Identity and Access Management (IAM)
๐ป Focus: Managing identities and access rights for all users.
๐ป Scope: Broader, covering employees, contractors, partners, and even devices.
๐ป Key Functions: Authentication, Single Sign-On (SSO), user provisioning/de-provisioning, governance, and compliance reporting.
๐ป Goal: Streamlining access across the IT ecosystem while improving operational efficiency and ensuring compliance.
๐ Privileged Access Management (PAM)
๐ป Focus: Securing and controlling access to privileged accounts with elevated permissions.
๐ป Scope: Narrower, targeting administrators, IT staff, service accounts, and third-party vendors.
๐ป Key Functions: Credential vaulting, session monitoring, least privilege enforcement, and just-in-time access.
๐ป Goal: Protecting critical systems and sensitive data from breaches or abuse of high-risk accounts.
Implementing both IAM and PAM creates a layered security approach. IAM ensures proper access for all users, while PAM locks down high-risk areas, minimizing vulnerabilities and adhering to the Zero Trust framework.
๐ This visual summary (attached) simplifies the key differences and highlights how these tools work together to strengthen cybersecurity.
Ref: Fadi Kazdar
@UndercodeCommunity
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
In todayโs rapidly evolving cybersecurity landscape, managing access and securing sensitive data is more critical than ever. Two foundational tools in this effort are Identity and Access Management (IAM) and Privileged Access Management (PAM). While both are essential, they serve distinct purposes:
๐ Identity and Access Management (IAM)
๐ป Focus: Managing identities and access rights for all users.
๐ป Scope: Broader, covering employees, contractors, partners, and even devices.
๐ป Key Functions: Authentication, Single Sign-On (SSO), user provisioning/de-provisioning, governance, and compliance reporting.
๐ป Goal: Streamlining access across the IT ecosystem while improving operational efficiency and ensuring compliance.
๐ Privileged Access Management (PAM)
๐ป Focus: Securing and controlling access to privileged accounts with elevated permissions.
๐ป Scope: Narrower, targeting administrators, IT staff, service accounts, and third-party vendors.
๐ป Key Functions: Credential vaulting, session monitoring, least privilege enforcement, and just-in-time access.
๐ป Goal: Protecting critical systems and sensitive data from breaches or abuse of high-risk accounts.
Implementing both IAM and PAM creates a layered security approach. IAM ensures proper access for all users, while PAM locks down high-risk areas, minimizing vulnerabilities and adhering to the Zero Trust framework.
๐ This visual summary (attached) simplifies the key differences and highlights how these tools work together to strengthen cybersecurity.
Ref: Fadi Kazdar
@UndercodeCommunity
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
โก๏ธ Rida Nigeria Shakes Up Ride-Hailing with Unique Negotiation Feature and App Upgrade
https://undercodenews.com/rida-nigeria-shakes-up-ride-hailing-with-unique-negotiation-feature-and-app-upgrade/
@Undercode_News
https://undercodenews.com/rida-nigeria-shakes-up-ride-hailing-with-unique-negotiation-feature-and-app-upgrade/
@Undercode_News
UNDERCODE NEWS
Rida Nigeria Shakes Up Ride-Hailing with Unique Negotiation Feature and App Upgrade - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
๐ฑ NetApp's India Innovation Hub: Revolutionizing Data Storage and #AI
https://undercodenews.com/netapps-india-innovation-hub-revolutionizing-data-storage-and-ai/
@Undercode_News
https://undercodenews.com/netapps-india-innovation-hub-revolutionizing-data-storage-and-ai/
@Undercode_News
UNDERCODE NEWS
NetApp's India Innovation Hub: Revolutionizing Data Storage and AI - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
๐ Equal: Revolutionizing Data Sharing for a Better India
https://undercodenews.com/equal-revolutionizing-data-sharing-for-a-better-india/
@Undercode_News
https://undercodenews.com/equal-revolutionizing-data-sharing-for-a-better-india/
@Undercode_News
UNDERCODE NEWS
Equal: Revolutionizing Data Sharing for a Better India - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
โก๏ธ #AI: The New Frontier for Business and Innovation
https://undercodenews.com/ai-the-new-frontier-for-business-and-innovation/
@Undercode_News
https://undercodenews.com/ai-the-new-frontier-for-business-and-innovation/
@Undercode_News
UNDERCODE NEWS
AI: The New Frontier for Business and Innovation - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
๐ค Dependabot and npm 6 End-of-Life
https://undercodenews.com/dependabot-and-npm-6-end-of-life/
@Undercode_News
https://undercodenews.com/dependabot-and-npm-6-end-of-life/
@Undercode_News
UNDERCODE NEWS
Dependabot and npm 6 End-of-Life - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
#Amazon Pushes Back Return-to-Office Mandate Due to Space Constraints
https://undercodenews.com/amazon-pushes-back-return-to-office-mandate-due-to-space-constraints/
@Undercode_News
https://undercodenews.com/amazon-pushes-back-return-to-office-mandate-due-to-space-constraints/
@Undercode_News
UNDERCODE NEWS
Amazon Pushes Back Return-to-Office Mandate Due to Space Constraints - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from Exploiting Crew (Pr1vAt3)
๐ฆUnderstanding Modern Cybersecurity Tools: EDR, XDR, SOAR, SIEM, and Integrated Solutions ๐จ
Navigating the world of cybersecurity solutions can be complex. Each tool serves a unique purpose, but understanding their differences is crucial for building an effective security strategy. Here's a quick comparison:
โ EDR (Endpoint Detection and Response): Focuses on endpoint security by detecting/responding to threats on devices like laptops and servers. Great for organizations with endpoint-centric threats.
โ XDR (Extended Detection and Response): Expands visibility across endpoints, networks, and cloud environments, providing unified threat detection across domains.
โ SOAR (Security Orchestration, Automation, and Response): Automates and streamlines incident response processes, saving time and improving efficiency.
โ SIEM (Security Information and Event Management): Offers centralized log management and real-time monitoring for identifying and correlating security events.
โ Integrated Solution (EDR + XDR + SOAR + SIEM): Combines the strengths of all these tools for holistic threat detection, response, and seamless integration.
Ref: Fadi Kazdar
@UndercodeCommunity
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
Navigating the world of cybersecurity solutions can be complex. Each tool serves a unique purpose, but understanding their differences is crucial for building an effective security strategy. Here's a quick comparison:
โ EDR (Endpoint Detection and Response): Focuses on endpoint security by detecting/responding to threats on devices like laptops and servers. Great for organizations with endpoint-centric threats.
โ XDR (Extended Detection and Response): Expands visibility across endpoints, networks, and cloud environments, providing unified threat detection across domains.
โ SOAR (Security Orchestration, Automation, and Response): Automates and streamlines incident response processes, saving time and improving efficiency.
โ SIEM (Security Information and Event Management): Offers centralized log management and real-time monitoring for identifying and correlating security events.
โ Integrated Solution (EDR + XDR + SOAR + SIEM): Combines the strengths of all these tools for holistic threat detection, response, and seamless integration.
Ref: Fadi Kazdar
@UndercodeCommunity
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
Forwarded from Exploiting Crew (Pr1vAt3)
๐ฆ๐๐๐ ๐๐๐ Testing Method
While "DOM Invader" is not a new feature of Burp, I feel that alot of people don't use it enough (or are not aware of it)
It works by submiting a random string generated by Burp (named "canary") in existing input fields or URL parameters
Then "DOM Invader" will check how your input is processed, providing you with necessary context and sanitization details.
1. Start Burp Browser
2. Turn on the DOM Invader
3. Copy and Paste the canary in the target input field or URL parameter
4. Check the DOM Invader tab for "Interesting sinks"
5. Craft the payload or use the "Exploit" option to automate
Ref: Andrei Agape
@UndercodeCommunity
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
While "DOM Invader" is not a new feature of Burp, I feel that alot of people don't use it enough (or are not aware of it)
It works by submiting a random string generated by Burp (named "canary") in existing input fields or URL parameters
Then "DOM Invader" will check how your input is processed, providing you with necessary context and sanitization details.
1. Start Burp Browser
2. Turn on the DOM Invader
3. Copy and Paste the canary in the target input field or URL parameter
4. Check the DOM Invader tab for "Interesting sinks"
5. Craft the payload or use the "Exploit" option to automate
Ref: Andrei Agape
@UndercodeCommunity
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
Forwarded from Exploiting Crew (Pr1vAt3)
๐ฆMalwares Detection bypass:
๐ด๐๐๐๐๐๐๐ ๐บ๐๐๐๐๐๐๐๐๐ ๐ฌ๐๐๐๐๐๐๐๐ ๐ฏ๐๐๐ ๐๐๐๐ ๐ก
In malware analysis, one common anti-disassembly technique is ๐๐ญ๐ซ๐ฎ๐๐ญ๐ฎ๐ซ๐๐ ๐๐ฑ๐๐๐ฉ๐ญ๐ข๐จ๐ง ๐๐๐ง๐๐ฅ๐ข๐ง๐ (๐๐๐) manipulation.
SEH is a mechanism in Windows for managing exceptions, but it can also be exploited to confuse disassemblers and debuggers. By injecting fake exception records into the SEH chain, attackers can redirect program flow, making it difficult for static analysis tools to follow the actual execution path. This redirection not only complicates reverse engineering but also disrupts debugging processes, forcing tools to misinterpret or skip over key code sections.
Ref: Ait Ichou Mustapha
@UndercodeCommunity
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ด๐๐๐๐๐๐๐ ๐บ๐๐๐๐๐๐๐๐๐ ๐ฌ๐๐๐๐๐๐๐๐ ๐ฏ๐๐๐ ๐๐๐๐ ๐ก
In malware analysis, one common anti-disassembly technique is ๐๐ญ๐ซ๐ฎ๐๐ญ๐ฎ๐ซ๐๐ ๐๐ฑ๐๐๐ฉ๐ญ๐ข๐จ๐ง ๐๐๐ง๐๐ฅ๐ข๐ง๐ (๐๐๐) manipulation.
SEH is a mechanism in Windows for managing exceptions, but it can also be exploited to confuse disassemblers and debuggers. By injecting fake exception records into the SEH chain, attackers can redirect program flow, making it difficult for static analysis tools to follow the actual execution path. This redirection not only complicates reverse engineering but also disrupts debugging processes, forcing tools to misinterpret or skip over key code sections.
Ref: Ait Ichou Mustapha
@UndercodeCommunity
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Level Up Your Free Fire MAX Experience with Exclusive Redeem Codes
https://undercodenews.com/level-up-your-free-fire-max-experience-with-exclusive-redeem-codes/
@Undercode_News
https://undercodenews.com/level-up-your-free-fire-max-experience-with-exclusive-redeem-codes/
@Undercode_News
UNDERCODE NEWS
Level Up Your Free Fire MAX Experience with Exclusive Redeem Codes! - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Pocket: Your Affordable #AI Assistant for Recording, Transcribing, and Organizing Conversations
https://undercodenews.com/pocket-your-affordable-ai-assistant-for-recording-transcribing-and-organizing-conversations/
@Undercode_News
https://undercodenews.com/pocket-your-affordable-ai-assistant-for-recording-transcribing-and-organizing-conversations/
@Undercode_News
UNDERCODE NEWS
Pocket: Your Affordable AI Assistant for Recording, Transcribing, and Organizing Conversations - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
โ ๏ธ Understanding Cookie Consent Notices: A Breakdown
https://undercodenews.com/understanding-cookie-consent-notices-a-breakdown/
@Undercode_News
https://undercodenews.com/understanding-cookie-consent-notices-a-breakdown/
@Undercode_News
UNDERCODE NEWS
Understanding Cookie Consent Notices: A Breakdown - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
๐ Interlock #Ransomware Targets City of Noblesville
https://undercodenews.com/interlock-ransomware-targets-city-of-noblesville/
@Undercode_News
https://undercodenews.com/interlock-ransomware-targets-city-of-noblesville/
@Undercode_News
UNDERCODE NEWS
Interlock Ransomware Targets City of Noblesville - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
โก๏ธ New #Ransomware Attack: Kairos Targets Australian Physiotherapy Clinic
https://undercodenews.com/new-ransomware-attack-kairos-targets-australian-physiotherapy-clinic/
@Undercode_News
https://undercodenews.com/new-ransomware-attack-kairos-targets-australian-physiotherapy-clinic/
@Undercode_News
UNDERCODE NEWS
New Ransomware Attack: Kairos Targets Australian Physiotherapy Clinic - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
โก๏ธ New #Ransomware Attack: APT73 Targets Federal Bank of India
https://undercodenews.com/new-ransomware-attack-apt73-targets-federal-bank-of-india/
@Undercode_News
https://undercodenews.com/new-ransomware-attack-apt73-targets-federal-bank-of-india/
@Undercode_News
UNDERCODE NEWS
New Ransomware Attack: APT73 Targets Federal Bank of India - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andโฆ