🦑Deep Fake Guides :

1. Focus on AI/ML Vulnerabilities
Deepfakes heavily rely on machine learning and AI, so learning about common vulnerabilities in AI models is key:

Data Poisoning: Deepfake models can be affected by poisoned datasets. Understanding this type of vulnerability will help you test AI systems more effectively.
Adversarial Attacks: These attacks manipulate the input data to trick AI systems. Learn how to craft inputs that could trick facial recognition or voice recognition systems used in secure authentication.
2. Automate Deepfake Detection
Automating the process of detecting deepfakes can be a valuable skill in bug bounty programs:

Use Existing Detection Tools: Tools like Deepware Scanner or Microsoft Video Authenticator can help detect deepfakes. Set up scripts to automatically analyze videos or images for authenticity.
API Integration: If you’re testing a service that involves user-uploaded media (e.g., social media platforms or login systems using facial recognition), integrate deepfake detection APIs into your testing workflow.
3. Understand How Deepfakes Impact Authentication Systems
Facial recognition and voice authentication systems are vulnerable to deepfake attacks. Here’s how to test them:

Test for Vulnerabilities: Try bypassing authentication systems that use facial or voice recognition with deepfake technologies. Report any weaknesses you find (e.g., systems that don’t use multi-factor authentication).
Biometric Spoofing: Deepfakes can spoof biometric data. Ensure the systems you test require additional authentication factors beyond just a face or voice (e.g., PIN, password, or device-based verification).
4. Social Engineering and Phishing Defense
Deepfakes can be used for social engineering and phishing:

Impersonation of Executives or Employees: Attackers could use deepfake videos or audio to impersonate high-level individuals and manipulate employees. Test systems for susceptibility to such attacks.
Deepfake Phishing Campaigns: Look for vulnerabilities in email or messaging platforms where attackers might insert deepfake videos or audios as part of phishing campaigns.
5. Analyze Media Content on Websites
Look for websites that rely on user-generated content (UGC) such as images and videos:

Media Validation: Test media validation processes to see if they’re susceptible to deepfakes. If a platform doesn't have strong checks in place, this could be a bug you can report.
Metadata Inspection: Learn how to inspect metadata of images and videos. A deepfake might not leave obvious artifacts but might have inconsistencies in metadata (e.g., creation date, editing software).
6. Perform Threat Modelling
Understanding the threats posed by deepfakes in the context of a system’s security is crucial:

Threat Intelligence: Study how attackers could exploit deepfake technology in a targeted way. Develop models to anticipate attack vectors in your bug bounty research.
Look for AI Training Data Exposure: If AI models are trained with insecure or easily accessible datasets, they may be more susceptible to deepfake manipulation. Test for data security flaws in model training pipelines.
7. Stay Updated on Deepfake Trends
Deepfake technology is rapidly evolving. To stay ahead, you need to keep up with the latest developments:

Follow AI and Security Blogs: Subscribe to AI and cybersecurity blogs or research papers to learn about new vulnerabilities, detection methods, and deepfake advancements.
Monitor Deepfake News: Stay informed about deepfake-related incidents. Understanding how attackers are using deepfakes in real-world situations can give you insights into the kinds of vulnerabilities you might find.
8. Learn from Real-World Deepfake Cases
Study real-world cases where deepfakes were used for malicious purposes to understand how they were detected or prevented:

Famous Deepfake Scandals: Look at how governments and companies responded to deepfake incidents, such as the use of deepfakes in disinformation campaigns or political manipulation.
Bug Reports and Security Audits: Explore past bug bounty reports related to deepfakes or AI systems. Learning from these cases will sharpen your skills in identifying similar vulnerabilities.
9. Report Findings Responsibly
If you find vulnerabilities related to deepfakes in a bug bounty program, be sure to:

Provide Detailed Evidence: Document your findings with clear, reproducible steps. For example, if a facial recognition system can be bypassed with a deepfake, include details on how the attack works.
Ethical Considerations: Always follow ethical guidelines. Do not exploit deepfake vulnerabilities maliciously—use them solely to improve security.

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Search for Leaked Zoom Meeting Links via Wayback Machine

1. Target URL:

Use Wayback Machine to search for archived Zoom meeting links of the target, e.g., target.zoom.us.



2. Wayback Machine URL:

Visit archive links like:

https://web(.)archive(.)org/web/*/https://target(.)zoom(.)us/*




3. Find Meeting Links:

Look for URLs with meeting IDs and passwords, such as: http://target(.)zoom(.)us/j/3122529044?pwd=xxxxxx



4. Check Activity:

If the link contains pwd=xxxx, test if it is still active.

Active links grant access to private meetings.




Risk: This can expose sensitive company information, leading to significant security breaches.

You can also find a shared link to the recorded video to demonstrate greater impact.

Risks Highlighted in the Report:

1. Unauthorized Access:

Leaked Zoom links allow attackers to join private LinkedIn meetings without authorization.

2. Anonymity of Attackers:

The anonymity option in Zoom enables malicious actors to participate undetected.

3. Sensitive Information Exposure:

Attackers can gain access to confidential LinkedIn discussions and sensitive data.

4. Impersonation Threat:

Malicious actors can impersonate LinkedIn for phishing, fraudulent recruitment, or advertising scams.

5. Content Hijacking:

Attackers with knowledge of meeting times can claim host privileges and disrupt meetings by sharing obscene or inappropriate content.

6. Scalability of Attack:

LinkedIn’s enterprise Zoom plan allows attackers to add numerous unauthorized participants, amplifying the potential damage.

7. Reputational & Financial Damage:

Breach of internal meetings can harm LinkedIn’s reputation and result in financial exploitation.

https://x.com/MrRajputHacker/status/1879423022769336570?t=57L3i_dLYPUbH2Mgagohbw&s=19
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🔵 Search for Leaked #Zoom Meeting Links via Wayback Machine

https://dailycve.com/search-for-leaked-zoom-meeting-links-via-wayback-machine/

@Daily_CVE

🚨 Fortinet Faces Critical Zero-Day Vulnerability in FortiGate Firewalls: What You Need to Know

https://undercodenews.com/fortinet-faces-critical-zero-day-vulnerability-in-fortigate-firewalls-what-you-need-to-know/

@Undercode_News

⚡️ #WhatsApp Beta for #iOS 2511072: A Fresh Look with New Default Icons

https://undercodenews.com/whatsapp-beta-for-ios-2511072-a-fresh-look-with-new-default-icons/

@Undercode_News

⚡️ New Features in #Chrome's Latest #Update

https://undercodenews.com/new-features-in-chromes-latest-update/

@Undercode_News

🦑More Free Cybersecurity Certificates

added to

https://undercodenews.com/top-2025-free-certified-cybersecurity-courses-recommended-by-undercode/

🦑Disabling EDRs by File Rename Junctions (Crowdstrike)

PendingFileRenameOperations allows applications to create file rename operations by creating a registry entry under the HKLM\SYSTEM\CurrentControlSet\Control\Session Manager. Initially I attempted to create this entry, pointing it towards the EDR binary as such in PowerShell, based on the StackOverflow thread.

➡️ Powershell start :

new-ItemProperty -path "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager" -Name "PendingFileRenameOperations" -Value $($((Get-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager" -Name PendingFileRenameOperations -ErrorAction SilentlyContinue).PendingFileRenameOperations) + "\??\C:\Program Files\<EDR_PATH>.exe`0`0") -type MultiString -Force | Out-Null

➡️ Powershell end.

⚠️ This works for AVs/EDRs without anti-tampering. Security products with anti-tampering can use [CmRegisterCallbackEx](https://lnkd.in/dmCGSwnX) to monitor and block registry operations from the kernel. A kernel driver could block registry keys from being created if they referenced their core services.

Using a reparse point (junction) - kudos again to sixtyvividtails - we can create a junction from: C:\program-files -> C:\Program Files\

And yet again we can create our PendingFileRenameOperations, pointing the key at the EDR binary pathed through our junction, something that most EDRs do not check. All of this of course requires Admin privileges. On the next reboot, any core EDR binaries will be renamed to "", in turn being deleted.

Ref: Simon Ngoy
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

⚠️ The Future of Enterprise #AI: Navigating Risks with #Cisco #AI Defense

https://undercodenews.com/the-future-of-enterprise-ai-navigating-risks-with-cisco-ai-defense/

@Undercode_News

The Rising Tide of #Crypto Crime: How Cybercriminals Stole 1 Billion in 2024

https://undercodenews.com/the-rising-tide-of-crypto-crime-how-cybercriminals-stole-1-billion-in-2024/

@Undercode_News

📊 #Nvidia to Build One of Israel’s Largest #AI Data Centers: A Game-Changer for #AI Innovation

https://undercodenews.com/nvidia-to-build-one-of-israels-largest-ai-data-centers-a-game-changer-for-ai-innovation/

@Undercode_News

Bridging the Gender Pay Gap in Israeli High-Tech: A Call for Equality

https://undercodenews.com/bridging-the-gender-pay-gap-in-israeli-high-tech-a-call-for-equality/

@Undercode_News

☁️ The Future of Computing: Why Edge Computing is Taking Center Stage

https://undercodenews.com/the-future-of-computing-why-edge-computing-is-taking-center-stage/

@Undercode_News

🛡️ Qbiq Secures 6M Series A Funding to Revolutionize Architectural Planning with #AI

https://undercodenews.com/qbiq-secures-6m-series-a-funding-to-revolutionize-architectural-planning-with-ai/

@Undercode_News

⚠️ Momentick Secures Million to Revolutionize Insurance with Emissions Risk Management

https://undercodenews.com/momentick-secures-million-to-revolutionize-insurance-with-emissions-risk-management/

@Undercode_News

🛡️ Israel Races to Secure #AI Chips Ahead of US Export Restrictions

https://undercodenews.com/israel-races-to-secure-ai-chips-ahead-of-us-export-restrictions/

@Undercode_News

Israel’s #AI Revolution: How the Startup Nation is Poised to Lead the Next Tech Wave

https://undercodenews.com/israels-ai-revolution-how-the-startup-nation-is-poised-to-lead-the-next-tech-wave/

@Undercode_News

Israel’s Deep Tech Boom: A Global Magnet for Innovation and Investment

https://undercodenews.com/israels-deep-tech-boom-a-global-magnet-for-innovation-and-investment/

@Undercode_News