github-actions-goat: GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment
π£digicat
This is a crazy cool project. Thanks for passing along
π€RoseSec_
π@malwr
π£digicat
This is a crazy cool project. Thanks for passing along
π€RoseSec_
π@malwr
GitHub
GitHub - step-security/github-actions-goat: GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment
GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment - step-security/github-actions-goat
π1
What's a good route to take for a end goal of a job in the federal government?
Currently in a part-time mail clerk contractor job with the IRS and doing a Bachelor degree in digital forensics. I want to gain some experience in digital forensics before I graduate college but don't know what is the better option.
Should I:
1. Stay in my current job and get an internship or volunteer in digital forensics in a police department or PI firm
2. I heard TSA is in the security space so I thought about trying to get a TCO job till I graduate and then pursue full time digital forensics government job
3. stay in my current job and find an internship in digital forensics with the federal, state or local government that may eventually turn into a permanent position when using USAJobs pathways program (if doing federal internship)
4. Do option 3 but without my current job and just the internship(s) at a government organization
5. What other options should I consider?
I am looking into a career at IRS Criminal Investigations, FBI, Secret Service, Homeland Security or other digital forensics type agency after I graduate.
π£blandsauce203
Good thing you have a clearance - hold onto it. You'll need high-level SANS certs. Where I worked, they used EnCASE. I got a big book and a trial version, and learned as much as I could.
The clearance and the certs were very important. They let seats sit for years if people didn't have those things. They didn't care. Experience was big too. Even though I had a Masters in Cyber, and a CISSP, the fact that I had ZERO forensics experience was what I kept hearing. And I was the Sys Admin for all of the forensics guys.
So, get some experience - and learn about EnCase...
π€cabell88
Hack the Pentagon
π€pah2602
First of all, take a look at the requirements for getting any level of security clearance. If you already have a clean record, keep it that way.
There is always a shortage of people who have a security clearance, there are lots of federal jobs, including contractors, that require a security clearance.
π€bughousenut
π@malwr
Currently in a part-time mail clerk contractor job with the IRS and doing a Bachelor degree in digital forensics. I want to gain some experience in digital forensics before I graduate college but don't know what is the better option.
Should I:
1. Stay in my current job and get an internship or volunteer in digital forensics in a police department or PI firm
2. I heard TSA is in the security space so I thought about trying to get a TCO job till I graduate and then pursue full time digital forensics government job
3. stay in my current job and find an internship in digital forensics with the federal, state or local government that may eventually turn into a permanent position when using USAJobs pathways program (if doing federal internship)
4. Do option 3 but without my current job and just the internship(s) at a government organization
5. What other options should I consider?
I am looking into a career at IRS Criminal Investigations, FBI, Secret Service, Homeland Security or other digital forensics type agency after I graduate.
π£blandsauce203
Good thing you have a clearance - hold onto it. You'll need high-level SANS certs. Where I worked, they used EnCASE. I got a big book and a trial version, and learned as much as I could.
The clearance and the certs were very important. They let seats sit for years if people didn't have those things. They didn't care. Experience was big too. Even though I had a Masters in Cyber, and a CISSP, the fact that I had ZERO forensics experience was what I kept hearing. And I was the Sys Admin for all of the forensics guys.
So, get some experience - and learn about EnCase...
π€cabell88
Hack the Pentagon
π€pah2602
First of all, take a look at the requirements for getting any level of security clearance. If you already have a clean record, keep it that way.
There is always a shortage of people who have a security clearance, there are lots of federal jobs, including contractors, that require a security clearance.
π€bughousenut
π@malwr
Reddit
[deleted by user] : r/computerforensics
61K subscribers in the computerforensics community. Dedicated to the branch of forensic science encompassing the recovery and investigation ofβ¦
How I discovered the underground world of credit card network exploitation
π£jnazario
Fun fact PCI-DSS compliance is a never ending game of cat and mouse. Sometime in 2007 two employees from a mag stripe reader company in the UK, defected and took with them the encryption keys, that company made nearly all the mag stripe readers on the planet. Thus ending point of swipe protection for every mag stripe card forever.
Since then there have been various pass the buck maneuvers to try and place responsibility and blame for security flaws in the processing credit cards around the world. The visa council ultimately blames who ever is at the "point of swipe" as the man culprit and holder of liabilities for processing security. This means that a majority of retail companies are held liable for fraudulent/erroneous charges.
If a company receives an audit for such activity it is normally handed out to a vendor to check compliance. Used to be Security Metrix that handled a lot of visa's audits. The fine use to be $15,000 for the infraction and $5,000 for each actionable fault found on the network of the company in question with no cap on the amount of infractions a company could rack up.
There is a phone book sized PCI-DSS compliance manual that contains unrealistic protocols. In fact most retail businesses would never pass the entire process. Visa knows this and I have been personally told that they only look for an attempt to be compliant and punishing companies that are not capable of feigning security attempts.
The whole thing is a BS game of cat and mouse.
π€CEHParrot
π@malwr
π£jnazario
Fun fact PCI-DSS compliance is a never ending game of cat and mouse. Sometime in 2007 two employees from a mag stripe reader company in the UK, defected and took with them the encryption keys, that company made nearly all the mag stripe readers on the planet. Thus ending point of swipe protection for every mag stripe card forever.
Since then there have been various pass the buck maneuvers to try and place responsibility and blame for security flaws in the processing credit cards around the world. The visa council ultimately blames who ever is at the "point of swipe" as the man culprit and holder of liabilities for processing security. This means that a majority of retail companies are held liable for fraudulent/erroneous charges.
If a company receives an audit for such activity it is normally handed out to a vendor to check compliance. Used to be Security Metrix that handled a lot of visa's audits. The fine use to be $15,000 for the infraction and $5,000 for each actionable fault found on the network of the company in question with no cap on the amount of infractions a company could rack up.
There is a phone book sized PCI-DSS compliance manual that contains unrealistic protocols. In fact most retail businesses would never pass the entire process. Visa knows this and I have been personally told that they only look for an attempt to be compliant and punishing companies that are not capable of feigning security attempts.
The whole thing is a BS game of cat and mouse.
π€CEHParrot
π@malwr
Piotrmierzejewski
How I discovered the underground world of credit card network exploitation - Piotr Mierzejewski
Join me on a journey that led me to the core of online credit card fraud
Living Off the Land: Reverse Engineering Methodology + Tips & Tricks (Cmdl32 Case Study)
π£elliotkillick
Excellent post.
π€LostInTheTrees
π@malwr
π£elliotkillick
Excellent post.
π€LostInTheTrees
π@malwr
Elliot on Security
Elliot on Security - Living Off the Land: Reverse Engineering Methodology + Tips & Tricks (Cmdl32 Case Study)
Gain the reverse engineering proficiency needed to find new (undiscovered) living off the land programs in Windows as they exist right now. Plus, how this one went under the radar for over a decade!
Exploiting a Flaw in Bitmap Handling in Windows User-Mode Printer Drivers
π£RedmondSecGnome
π@malwr
π£RedmondSecGnome
π@malwr
Zero Day Initiative
Zero Day Initiative β Exploiting a Flaw in Bitmap Handling in Windows User-Mode Printer Drivers
In this guest blog from researcher Marcin WiΔ
zowski, he details CVE-2023-21822 β a Use-After-Free (UAF) in win32kfull that could lead to a privilege escalation. The bug was reported through the ZDI program and later patched by Microsoft. Marcin hasβ¦
Reverse Engineering a Neural Network's Clever Solution to Binary Addition
π£unireaxert
And here I was hoping for some carry lookahead solution. I guess I was still thinking in binary.
π€henke37
> It's an exciting prospect to be sure, but my excitement is somewhat dulled because I was immediately reminded of The Bitter Lesson
I tend to agree with that ending, these kinds of attempts at "interpreting" what a neural network learns in a way that makes sense to us will only get us so far.
Just accept it as a black box. All we need to do is formulate an adequate loss function, feed the network massive amounts of data, and let the model "learn" on its own how to approximate a solution. Thanks to Moore's law, it tends to eventually work even for very complex problems once we reach a level of computational resources that can handle the task.
These meta searching/optimization algorithms are good enough as a general solution, no need to waste time coming up with "special" methods that rely on field-specific human knowledge.
π€amroamroamro
π@malwr
π£unireaxert
And here I was hoping for some carry lookahead solution. I guess I was still thinking in binary.
π€henke37
> It's an exciting prospect to be sure, but my excitement is somewhat dulled because I was immediately reminded of The Bitter Lesson
I tend to agree with that ending, these kinds of attempts at "interpreting" what a neural network learns in a way that makes sense to us will only get us so far.
Just accept it as a black box. All we need to do is formulate an adequate loss function, feed the network massive amounts of data, and let the model "learn" on its own how to approximate a solution. Thanks to Moore's law, it tends to eventually work even for very complex problems once we reach a level of computational resources that can handle the task.
These meta searching/optimization algorithms are good enough as a general solution, no need to waste time coming up with "special" methods that rely on field-specific human knowledge.
π€amroamroamro
π@malwr
Casey Primozic's Blog
Reverse Engineering a Neural Network's Clever Solution to Binary Addition
While training small neural networks to perform binary addition, a surprising solution emerged that allows the network to solve the problem very effectively. This post explores the mechanism behind that solution and how it relates to analog electronics.
x86 prefixes and escape opcodes flowchart (WIP)
π£simon_o
REX2 has been introduced recently
π€igor_sk
REX(1-byteprefix
missing a ) there
π€zid
Perhaps this helps getting a better grasp on how x86 instructions work.
Note that it's still work-in-progress.
π€simon_o
π@malwr
π£simon_o
REX2 has been introduced recently
π€igor_sk
REX(1-byteprefix
missing a ) there
π€zid
Perhaps this helps getting a better grasp on how x86 instructions work.
Note that it's still work-in-progress.
π€simon_o
π@malwr
soc.me
x86 prefixes and escape opcodes flowchart
start here | v ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ...
ModelScan: Open Source Protection Against Model Serialization Attacks - Support for Pickle, H5, and SavedModel formats.
π£wolfticketsai
I lead product at Protect AI and we just released ModelScan. It is open source project that scans models to determine if they contain unsafe code. It is the first model scanning tool to support multiple model formats. ModelScan currently supports: H5, Pickle, and SavedModel formats. This protects you when using PyTorch, TensorFlow, Keras, Sklearn, XGBoost, with more on the way.
This attack surface is incredibly easy to target and this tool can be loaded locally and scans your models quickly to check for any unsafe code before you use them.
Happy to answer any questions!
π€wolfticketsai
π@malwr
π£wolfticketsai
I lead product at Protect AI and we just released ModelScan. It is open source project that scans models to determine if they contain unsafe code. It is the first model scanning tool to support multiple model formats. ModelScan currently supports: H5, Pickle, and SavedModel formats. This protects you when using PyTorch, TensorFlow, Keras, Sklearn, XGBoost, with more on the way.
This attack surface is incredibly easy to target and this tool can be loaded locally and scans your models quickly to check for any unsafe code before you use them.
Happy to answer any questions!
π€wolfticketsai
π@malwr
Protectai
Announcing ModelScan: Open Source Protection Against Model Serialization Attacks
We are thrilled to announce: ModelScan. An open source project that scans models to determine if they contain unsafe code.
[Article] Some university researchers trained a machine learning model that can predict your password with an accuracy of 95% based on the sound of your keyboard strokes.
I've always noticed that my full name has a unique pattern of sound when clicking the keyboard strokes while typing it. I could also recognize which of my passwords I typed judging only by the sound of the keystrokes. This might be very dangerous!
Here's the article.
π£_iamhamza_
Cool hax, bro
π€dnc_1981
Not with new "Infinitely Variable Click" keyboards that randomly cycle from Gateron Greens to Cherry Reds to MX Blacks and everything in between! Confuse the FUCK out of your fingers but protect against this very specific edge case! DOD approved. $10,000 per unit.
π€zyzzogeton
Trained on MacBook Pro, good luck with thousands of various mechanical keys and keyboards!
π€boopboopboopers
π@malwr
I've always noticed that my full name has a unique pattern of sound when clicking the keyboard strokes while typing it. I could also recognize which of my passwords I typed judging only by the sound of the keystrokes. This might be very dangerous!
Here's the article.
π£_iamhamza_
Cool hax, bro
π€dnc_1981
Not with new "Infinitely Variable Click" keyboards that randomly cycle from Gateron Greens to Cherry Reds to MX Blacks and everything in between! Confuse the FUCK out of your fingers but protect against this very specific edge case! DOD approved. $10,000 per unit.
π€zyzzogeton
Trained on MacBook Pro, good luck with thousands of various mechanical keys and keyboards!
π€boopboopboopers
π@malwr
BleepingComputer
New acoustic attack steals data from keystrokes with 95% accuracy
A team of researchers from British universities has trained a deep learning model that can steal data from keyboard keystrokes recorded using a microphone with an accuracy of 95%.
Unauthenticated Log Injection In Splunk SOAR - can inject ANSI (American National Standards Institute) escape codes into Splunk log files that, when a vulnerable terminal application reads them, can potentially result in malicious code execution in the vulnerable application
π£digicat
π@malwr
π£digicat
π@malwr
Splunk Vulnerability Disclosure
Unauthenticated Log Injection In Splunk SOAR
In Splunk SOAR versions lower than 6.1.0, a maliciously crafted request to web endpoint through Splunk SOAR can inject ANSI (American National Standards Institute) escape codes into Splunk log files that, when a vulnerable terminal application reads themβ¦