N4Telecom Targeted by APT73 #Ransomware Group

https://undercodenews.com/n4telecom-targeted-by-apt73-ransomware-group/

@Undercode_News

🟠 SimpleXLSX, Cross-site Scripting, #CVE-2024-XXXX (Moderate)

https://dailycve.com/simplexlsx-cross-site-scripting-cve-2024-xxxx-moderate/

@Daily_CVE

🌐 BSNL Boosts Connectivity in Puducherry with Free Wi-Fi Roaming, Intranet TV

https://undercodenews.com/bsnl-boosts-connectivity-in-puducherry-with-free-wi-fi-roaming-intranet-tv/

@Undercode_News

📱 End of the Road for #WhatsApp on Older #Android Phones

https://undercodenews.com/end-of-the-road-for-whatsapp-on-older-android-phones/

@Undercode_News

⚡️ #Windows 10 Gets a #Windows 11 Makeover: Subtle Upgrades and a Push Towards the Future

https://undercodenews.com/windows-10-gets-a-windows-11-makeover-subtle-upgrades-and-a-push-towards-the-future/

@Undercode_News

🦑𝐁𝐮𝐢𝐥𝐝𝐢𝐧𝐠 𝐒𝐎𝐂 𝐇𝐨𝐦𝐞 𝐋𝐚𝐛 :
A Security Operations Center (SOC) is vital for any organization. In this project, I designed and deployed a fully functional SOC home lab using open-source tools: Wazuh, ELK Stack, TheHive, and Cortex.

𝐎𝐛𝐣𝐞𝐜𝐭𝐢𝐯𝐞𝐬 :
Ensure proactive monitoring and efficient incident management.
Simulate attack scenarios to test detection and response capabilities.

𝐓𝐡𝐞 𝐖𝐨𝐫𝐤𝐟𝐥𝐨𝐰 :
Wazuh Agents: Collect security data from various systems (Linux and Windows) and send it to the Wazuh Manager.

Wazuh (SIEM): Transfers data via Filebeat to Elasticsearch for storage and analysis.

Kibana: Visualizes data through dashboards with the Wazuh plugin for real-time monitoring.

TheHive (Incident Management Platform): Manages incidents using data from the Wazuh Manager.

Cortex (Automated Analysis Engine): Automates analyses and integrates with VirusTotal for suspicious file evaluation.

SOC Analyst: Utilizes these tools collectively to monitor systems, analyze incidents, and respond effectively to security threats.

𝐓𝐞𝐬𝐭𝐢𝐧𝐠 𝐚𝐧𝐝 𝐑𝐞𝐬𝐮𝐥𝐭𝐬 :
To validate the lab's performance, I executed multiple attack scenarios to ensure the tools could detect, analyze, and respond effectively. Example scenarios include:
+ Malware detection: Identifying malicious files and responding appropriately.
+ SQL injection attack detection: Detecting and mitigating database attack attempts.

Thank you Mohamed Benkhirat for you nice content.


@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Cactus #Ransomware Targets awimccom

https://undercodenews.com/cactus-ransomware-targets-awimccom/

@Undercode_News

🔒 Lockbit3 #Ransomware Targets Marmon-Herrington

https://undercodenews.com/lockbit3-ransomware-targets-marmon-herrington/

@Undercode_News

🟠 Solana SPL Token Swap, Unsound Usages of Type Casting (Moderate)

https://dailycve.com/solana-spl-token-swap-unsound-usages-of-type-casting-moderate/

@DailyCVE

🟠 KVM, Undefined Behavior, #CVE-2024-XXX (Moderate)

https://dailycve.com/kvm-undefined-behavior-cve-2024-xxx-moderate/

@Daily_CVE

A Wave of Strikes: #Amazon, Starbucks, and the Fight for Union Recognition

https://undercodenews.com/a-wave-of-strikes-amazon-starbucks-and-the-fight-for-union-recognition/

@Undercode_News

Ultramarine #Linux 40: A Refined and Elegant #Fedora Spin

https://undercodenews.com/ultramarine-linux-40-a-refined-and-elegant-fedora-spin/

@Undercode_News

Full Speed Ahead: Self-Driving Cars Poised for Explosive Growth Under Trump

https://undercodenews.com/full-speed-ahead-self-driving-cars-poised-for-explosive-growth-under-trump/

@Undercode_News

#Ransomware Group Ransomhub Targets Semfincom

https://undercodenews.com/ransomware-group-ransomhub-targets-semfincom/

@Undercode_News