🤖 US to Blacklist Sophgo After Chip Found in #Huawei #AI Processor

https://undercodenews.com/us-to-blacklist-sophgo-after-chip-found-in-huawei-ai-processor/

@Undercode_News

📱 The #Microsoft 365 App Gets a #Copilot-Centric Makeover

https://undercodenews.com/the-microsoft-365-app-gets-a-copilot-centric-makeover/

@Undercode_News

📚 Level Up Your Tech Skills: Free IT Training for Nigerians by the Government

https://undercodenews.com/level-up-your-tech-skills-free-it-training-for-nigerians-by-the-government/

@Undercode_News

🎮 Streamlining Success: 21 #Digital Marketing Strategies to Automate Repetitive Tasks

https://undercodenews.com/streamlining-success-21-digital-marketing-strategies-to-automate-repetitive-tasks/

@Undercode_News

🔐 20-Year Prison Sentence for Romanian Hacker Involved in NetWalker #Ransomware Attacks

https://undercodenews.com/20-year-prison-sentence-for-romanian-hacker-involved-in-netwalker-ransomware-attacks/

@Undercode_News

🖥️ #YouTube to Crack Down on Clickbait in India: A Step Towards a More Trustworthy Platform

https://undercodenews.com/youtube-to-crack-down-on-clickbait-in-india-a-step-towards-a-more-trustworthy-platform/

@Undercode_News

🦑[𝐅𝐑𝐄𝐄 𝐑𝐄𝐒𝐎𝐔𝐑𝐂𝐄𝐒 - 𝐀𝐂𝐓𝐈𝐕𝐄 𝐃𝐈𝐑𝐄𝐂𝐓𝐎𝐑𝐘 𝐏𝐄𝐍𝐓𝐄𝐒𝐓]

Whether you are preparing for a certification or need to sharpen your skills for your pentests.

🤓Here is a list of resources 🤓:

𝐍𝐞𝐞𝐝 𝐭𝐨 𝐩𝐫𝐚𝐜𝐭𝐢𝐜𝐞?
👉Set up and AD home lab with this blog post from spookysec:
https://lnkd.in/d-Dt7PBA

👉You also have a script here to set up a Vulnerable AD lab by WazeHell
https://lnkd.in/dyZS6WWr

👉 Check out the dedicated section on Active Directory of PenTips
https://lnkd.in/dhTP_eyt

👉Here is a collection of various common attack scenarios on Microsoft Azure Active Directory by Cloud-Architekt:
https://lnkd.in/dnFfRRMM

👉Julien Provenzano ☁️ shared a great document full of resources here:
https://lnkd.in/d-skx-R3

👉Finally here is an Active Directory Exploitation Cheat Sheet by Integration-IT
https://lnkd.in/dBijrUjT

Resources Credit : Gabrielle
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 SOC Architectures & Frameworks: Key to Cybersecurity! 🚨
As cyber threats grow, choosing the right Security Operations Center (SOC) and framework is crucial. Here’s a quick guide:
SOC Architectures:
Centralized SOC: One location, best for large organizations.
Decentralized SOC: Multiple locations, ideal for global companies.
Virtual SOC: Cloud-based, cost-effective for SMBs.
Hybrid SOC: Combines all models, offering flexibility.
Popular Frameworks:
NIST CSF: Risk-based, customizable.
MITRE ATT&CK: Helps improve threat detection.
ISO 27001: Compliance-focused, globally recognized.
CIS Controls: Simple, prioritized security controls.
Key Considerations: Budget, company size, risk level, and compliance needs. Make the right choice to protect your organization!

Ref: in pdf
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

𝐋𝐀𝐁 15 𝐏𝐫𝐚𝐜𝐭𝐢𝐜𝐚𝐥 𝐌𝐚𝐥𝐰𝐚𝐫𝐞 𝐀𝐧𝐚𝐥𝐲𝐬𝐢𝐬: 𝐃𝐢𝐬𝐜𝐨𝐯𝐞𝐫 𝐀𝐧𝐭𝐢-𝐃𝐢𝐬𝐚𝐬𝐬𝐞𝐦𝐛𝐥𝐲 𝐓𝐞𝐜𝐡𝐧𝐢𝐪𝐮𝐞𝐬

🦑Webshell Testing for Defenders 💡

Having automated tools to spin up web servers isn’t just convenient—it’s a game-changer for defenders. Here's why:

🔍 Detection Opportunities:
Use these servers to validate analytic coverage for:

🗂 File modifications (webshell uploads)
⚙️ Process executions (commands from shells)
🎯 Suspicious behaviors triggered by shells

💻 How to Use:

1️⃣ Deploy your favorite tools (Sysmon, EDR, XDR, etc.)
2️⃣ Grab a webshell of choice, upload it, and start testing!
3️⃣Observe logs, alerts, and behaviors to identify gaps in your coverage.

🔥 Tools for Testing:

➡️ Apache Builder: https://github.com/MHaggis/notes/tree/master/utilities/ApachePHPBuild
➡️ IIS Builder: https://github.com/MHaggis/notes/tree/master/utilities/IISBuilder

Ref: Michael H.Michael H.
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

FusionCharts Targeted by #Ransomware Group

https://undercodenews.com/fusioncharts-targeted-by-ransomware-group/

@Undercode_News

🛡️ Enhanced Browser Security: #Microsoft Edge Tackles Scareware with #AI

https://undercodenews.com/enhanced-browser-security-microsoft-edge-tackles-scareware-with-ai/

@Undercode_News

Killsec #Ransomware Targets Allied Packing And Rubber Inc

https://undercodenews.com/killsec-ransomware-targets-allied-packing-and-rubber-inc/

@Undercode_News

🔋 Killsec #Ransomware Targets Abrasive Supply Corporation

https://undercodenews.com/killsec-ransomware-targets-abrasive-supply-corporation/

@Undercode_News

#Ransomware Group killsec Targets Albert Paper Company

https://undercodenews.com/ransomware-group-killsec-targets-albert-paper-company/

@Undercode_News

Killsec #Ransomware Targets Avana Electrotek

https://undercodenews.com/killsec-ransomware-targets-avana-electrotek/

@Undercode_News

Killsec #Ransomware Targets Badger Popcorn and Albert Paper Company

https://undercodenews.com/killsec-ransomware-targets-badger-popcorn-and-albert-paper-company/

@Undercode_News

🚨 Hundreds of SocialStream Accounts Breached Due to #Account Takeover Vulnerability

https://undercodenews.com/hundreds-of-socialstream-accounts-breached-due-to-account-takeover-vulnerability/

@Undercode_News

🦑 Zero Trust Security: The Future of Cyber Defense 🔒

In today’s rapidly evolving digital landscape, protecting organizational assets requires a fundamental shift in how we approach security. Zero Trust Security has emerged as a game-changing framework designed to minimize risks and protect against sophisticated cyber threats.

Here’s a quick Zero Trust Security Cheatsheet to break it down:

📌 What is Zero Trust?
It’s a security model based on the principle of "Never Trust, Always Verify." Every user, device, and application must continuously prove their identity and intent, regardless of whether they are inside or outside the network.

📌 Key Pillars of Zero Trust:

1️⃣ Authentication Types:
🔻 Single-Factor Authentication (SFA): Basic, but less secure.
🔻 Multi-Factor Authentication (MFA): A core requirement for enhanced security.

2️⃣ Verticals Leveraging Zero Trust:
🔻 Banking & Financial Services
🔻 Government & Defense
🔻 IT & Healthcare
🔻 Retail, E-commerce, and more.

3️⃣ Top Technologies and Applications:
🔻 Technologies: Microsegmentation, Zero Trust Network Access (ZTNA), MFA, Secure Access Service Edge (SASE).
🔻 Applications: AI-powered analytics, Identity & Access Management (IAM), Endpoint Security, and Network Access Control (NAC).

4️⃣ Core Security Areas:
🔻 Application Security: Safeguarding web apps and APIs with tools like WAF and runtime protection.
🔻 Cloud Security: Using CASB, CIAM, and CDLP to monitor cloud environments.
🔻 IoT Security: Securing IoT devices with firewalls and device management.
🔻 Data Security: Preventing breaches with DLP, encryption, and data masking.
🔻 Network Security: Employing IDS, IPS, and segmentation to protect networks.

Ref: Fadi Kazdar
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁