GitHub - imthenachoman/How-To-Secure-A-Linux-Server: An evolving how-to guide for securing a Linux server. https://github.com/imthenachoman/How-To-Secure-A-Linux-Server
๐ฃakaclandestine
๐@malwr
๐ฃakaclandestine
๐@malwr
GitHub
GitHub - imthenachoman/How-To-Secure-A-Linux-Server: An evolving how-to guide for securing a Linux server.
An evolving how-to guide for securing a Linux server. - imthenachoman/How-To-Secure-A-Linux-Server
#Sysmon can log FileCreateStreamHash events (ZoneIdentifiers; ADS) since v11.10, which allows us to write a Sigma rule that looks for suspicious files downloaded from .zip Domains #ZipTLD
blog with explanations
https://fabian-voith.de/2020/06/25/sysmon-v11-1-reads-alternate-data-streams/
Rule
https://github.com/SigmaHQ/sigma/pull/4250/files#diff-59c47b72f788177a5a0ad98c0489cd3dfb5cddc7d61a4fb2e94dd688ec15f075
๐ฃcyb3rops
๐@malwr
blog with explanations
https://fabian-voith.de/2020/06/25/sysmon-v11-1-reads-alternate-data-streams/
Rule
https://github.com/SigmaHQ/sigma/pull/4250/files#diff-59c47b72f788177a5a0ad98c0489cd3dfb5cddc7d61a4fb2e94dd688ec15f075
๐ฃcyb3rops
๐@malwr
Team Cymru's S2 Research Team look at the QakBot infrastructure, drawing out some high-level trends and anomalies based on their ongoing tracking of the malware's command-and-control (C2) infrastructure. https://www.team-cymru.com/post/visualizing-qakbot-infrastructure
๐ฃvirusbtn
๐@malwr
๐ฃvirusbtn
๐@malwr
Security researcher @embee_research analyses the Quasar RAT C2 configuration and uses this information to pivot to additional servers utilising Shodan and Censys. https://embee-research.ghost.io/hunting-quasar-rat-shodan/
๐ฃvirusbtn
๐@malwr
๐ฃvirusbtn
๐@malwr
Thoth is now usable directly from VS Code, we just released an extension.
https://github.com/FuzzingLabs/thoth/tree/master/vscode-extension
You can generate callgraphs and run all the analyzers for both Cairo and Sierra directly from the UI.
๐ฃFuzzingLabs
๐@malwr
https://github.com/FuzzingLabs/thoth/tree/master/vscode-extension
You can generate callgraphs and run all the analyzers for both Cairo and Sierra directly from the UI.
๐ฃFuzzingLabs
๐@malwr
Insider Threat Mitigation Guide
Source: Cybersecurity & Infrastructure Security Agency
Download Link:
https://www.cisa.gov/sites/default/files/publications/Insider%20Threat%20Mitigation%20Guide_Final_508.pdf
For more unique resources and tools for the cyber community, please visit:
https://cyberstartupobservatory.com/cyber-startup-observatory-community/
#CyberSecurity #InfoSec #InformationSecurity
๐ฃJMonteagudoE
๐@malwr
Source: Cybersecurity & Infrastructure Security Agency
Download Link:
https://www.cisa.gov/sites/default/files/publications/Insider%20Threat%20Mitigation%20Guide_Final_508.pdf
For more unique resources and tools for the cyber community, please visit:
https://cyberstartupobservatory.com/cyber-startup-observatory-community/
#CyberSecurity #InfoSec #InformationSecurity
๐ฃJMonteagudoE
๐@malwr
๐ฅ1
New Strain of Sotdas Malware Discovered | Qualys Security Blog https://blog.qualys.com/vulnerabilities-threat-research/2023/05/17/new-strain-of-sotdas-malware-discovered
๐ฃCyber_O51NT
๐@malwr
๐ฃCyber_O51NT
๐@malwr
Qualys
New Strain of Sotdas Malware Discovered | Qualys
There are numerous malicious codes that are currently active on smart devices, such as Ddosf, Dofloo, Gafgyt, MrBlack, Persirai, Sotdas, Tsunami, Triddy, Mirai, Moose, and Satori, among others.
Trend Microโs Fyodor Yarochkin, Zhengyu Dong & Paul Pajares present an overview of the Lemon Groupโs use of pre-infected mobile devices and how this scheme is potentially being developed and expanded to other IoT devices. https://www.trendmicro.com/en_us/research/23/e/lemon-group-cybercriminal-businesses-built-on-preinfected-devices.html
๐ฃvirusbtn
๐@malwr
๐ฃvirusbtn
๐@malwr
Excellent series by @LordNoteworthy explaining how virtualization on x86 works
Intro to Virtualization: https://docs.saferwall.com/blog/virtualization-internals-part-1-intro-to-virtualization/
VMWare and Full Virtualization using Binary Translation: https://docs.saferwall.com/blog/virtualization-internals-part-2-vmware-and-virtualization-using-binary-translation/
Xen and Paravirtualization: https://docs.saferwall.com/blog/virtualization-internals-part-3-xen-and-paravirtualization/
QEMU: https://docs.saferwall.com/blog/virtualization-internals-part-4-qemu/
#virtualization #hacking #infotech #infosec #learning
๐ฃ0xor0ne
๐@malwr
Intro to Virtualization: https://docs.saferwall.com/blog/virtualization-internals-part-1-intro-to-virtualization/
VMWare and Full Virtualization using Binary Translation: https://docs.saferwall.com/blog/virtualization-internals-part-2-vmware-and-virtualization-using-binary-translation/
Xen and Paravirtualization: https://docs.saferwall.com/blog/virtualization-internals-part-3-xen-and-paravirtualization/
QEMU: https://docs.saferwall.com/blog/virtualization-internals-part-4-qemu/
#virtualization #hacking #infotech #infosec #learning
๐ฃ0xor0ne
๐@malwr
๐2โค1
It has shipped - #ILSpy 8 is here with record structs, required members & more language features, plus - yes - more themes! https://github.com/icsharpcode/ILSpy/releases/tag/v8.0
๐ฃilspy
๐@malwr
๐ฃilspy
๐@malwr
โค1๐1
MITRE ATT&CKยฎ- ICS Matrix
Source: MITRE ATT&CKยฎ
Available for download in Press Quality:
https://cyberstartupobservatory.com/cyber-security-frameworks/
For more unique resources and tools for the cyber community, please visit:
https://cyberstartupobservatory.com/cyber-startup-observatory-community/
#CyberSecurity #InfoSec #InformationSecurity
๐ฃJMonteagudoE
๐@malwr
Source: MITRE ATT&CKยฎ
Available for download in Press Quality:
https://cyberstartupobservatory.com/cyber-security-frameworks/
For more unique resources and tools for the cyber community, please visit:
https://cyberstartupobservatory.com/cyber-startup-observatory-community/
#CyberSecurity #InfoSec #InformationSecurity
๐ฃJMonteagudoE
๐@malwr
Study Network+ for FREE
โข Network+ Video Series: https://youtube.com/playlist?list=PLG49S3nxzAnlCJiCrOYuRYb6cne864a7G
โข Network+ Study Guide: https://howtonetwork.com/comptia-network-study-guide-free/
โข Network+ Practice Test: https://gocertify.com/quizzes/network-plus-practice-quizzes
โข Network+ Practice Labs: https://gocertify.com/labs/network-plus-practice-labs
โข Network+ Cheat Sheet: https://tutorialsweb.com/CertNotes/CompTIA-cert/Network+/netplus-1.htm
๐ฃBowTiedCyber
๐@malwr
โข Network+ Video Series: https://youtube.com/playlist?list=PLG49S3nxzAnlCJiCrOYuRYb6cne864a7G
โข Network+ Study Guide: https://howtonetwork.com/comptia-network-study-guide-free/
โข Network+ Practice Test: https://gocertify.com/quizzes/network-plus-practice-quizzes
โข Network+ Practice Labs: https://gocertify.com/labs/network-plus-practice-labs
โข Network+ Cheat Sheet: https://tutorialsweb.com/CertNotes/CompTIA-cert/Network+/netplus-1.htm
๐ฃBowTiedCyber
๐@malwr
CBT IT Certification Training
CompTIA Network+ Study Guide - Free - howtonetwork.com
Use our Free CompTIA Network+ study guide to prepare for your exam. Learn IP subnetting, virtualization, DHCP, wireless, troubleshooting and more.
Search more than 60000 undocumented Windows Kernel structures
https://www.vergiliusproject.com/
๐ฃsecurityfreax
๐@malwr
https://www.vergiliusproject.com/
๐ฃsecurityfreax
๐@malwr
Vergiliusproject
Vergilius Project
Take a look into the depths of Windows kernels and reveal more than 60000 undocumented structures.
โค1