CVE Disruption Threatens Foundations of Defensive Security
https://www.darkreading.com/vulnerabilities-threats/cve-disruption-threatens-foundations-defensive-security

#Infosec #Security #Cybersecurity #CeptBiro #CVEDisruption #DefensiveSecurity

The Silent Superpower – Cybercrime in 2025
https://youtu.be/Kq5KaE1wAkU #cybersecurity #cybercrime #ransomware #malware #riskmanagement #defensivesecurity

🚨 Giveaway Alert: 3 LetsDefend VIP+ Vouchers for 1 Month Access! 🚨

We’re giving away 3 LetsDefend VIP+ vouchers for a free 1-month subscription on 02/01.

What You Need to Do:

1️⃣ Join our Discord Community (https://buff.ly/3Cfy9rT).

#CyberSecurity #BlueTeam #CyberTraining #InfoSec #DefensiveSecurity #ThreatHunting #SOCAnalyst #CyberDefense #SecurityAwareness #BlueTeamTraining

Joomla Web Services WITHOUT Super User. Least Privilege Principle. One of the fundamentals of Information Security.
https://apiadept.com/technical/joomla-web-services-without-super-user
#acl #cybersecurity #blueteam #defensivesecurity #leastprivilegeprinciple #defenseindepth #joomla #developer

@lerg @jerry
Listening to this week's #DefensiveSecurity podcast.
EDIT: After seeing the post, I'm guessing it was last week's podcast. 😅

Re: the discussion around the CI/CD hack, Francois Proulx and @becojo delivered a presentation on this very thing at @NorthSec earlier this year: https://nsec.io/session/2024-under-the-radar-how-we-found-0-days-in-the-build-pipeline-of-oss-packages.html

From my own discussions with the two of them it sounded like that kind of compromise will leak any secrets exposed to the build processes, and some of that depends on what security features are enabled on a given repository.

Interesting to see that being exploited in the wild.

Listening to @jerry on the most recent #DefensiveSecurity podcast. Specifically the point about how nobody really paid attention to border firewalls and then suddenly they did.

My pentest experience has mostly revealed an ugly truth: 99% of the time, any given piece of software which doesn't have a ton of CVEs reported for it isn't because it's secure, it's because nobody's looked.

Better education is key but I see a lot of colleges and universities taking the completely ass backwards approach. Instead of teaching every single developer how to securely code, they've spun up Cyber programs to chase those dollars. From an academic perspective it's a completely disappointing letdown.

It took until the Second Edition, but now the audiobook version of The Defensive Security Handbook has been released!!

Share with your friends, your co-workers, your leadership, family that you kind of like, etc

https://www.audible.com/pd/Defensive-Security-Handbook-2nd-Edition-Audiobook/B0DNRDYVK6?source_code=ASSORAP0511160006&share_location=pdp

#newrelease #secondedition #defensivesecurity #infosec #audiobook #cybersecurity

Free Defensive Security Interview Questions [Part 2] | Cyber Security Interview Questions

WATCH here - https://youtu.be/b4yNVYlolwc?si=0XvL0695NrgT1JAt

#cybersecurity #infosectrain #learntorise #defensivesecurity #interviewquestions

Free Defensive Security Interview Questions [Part 3] | Cyber Security Interview Questions
Watch Now - https://youtu.be/Ulqc_fiG_rU?si=id8C9dxd13QaO7aD

#defensivesecurity #interviewquestions #cybersecurity #infosectrain

Riding the AI Waves: The Rise of Artificial Intelligence to Combat Cyber Threats
https://thehackernews.com/2024/01/riding-ai-waves-rise-of-artificial.html #cybersecurity #AI #defensivesecurity

SliverC2 Test + old code which still working...
this C# code was for 2019-2020 and i talked about that in my ebook "Bypassing AVs by C#.NET Programming v1.0" (Published in 2016 up to 2020 , free) but code still working on Windows Defender with (update 2023/08/28) , a little bit code changed by me which you can see in video , VirtualProtectEx added for changing RWX to X...

but in this new test, as you can see "Sliver-C2" (which i still think is much better than CobaltStrike) changed X Protection Mode to RW "in-Memory" by itself (not by my code), yeah Sliver-c2 done it and this will help you as penteser/redteamer to bypass almost all Avs and you as Blue teamer should learn how Attackers will bypass your defensive tools by these Simple/Advanced techniques... these things are very important for Defenders and in my new ebook "Bypassing AVs By C# Programming v2.0" , i will talk about these things to defenders/blue teamers also #redteamers and #pentesters or #SecurityResearchers etc.

btw this code is old and available in my github for ebook v1.0
also you can see Cobaltstrike test video here: https://lnkd.in/eCyxjN6m

#blueteam #pentester #redteam #offensivesecurity #defensivesecurity #ebook #av #protectionmode #inmemory #sliverc2

Cobalt Strike, a Defender’s Guide: https://thedfirreport.com/2021/08/29/cobalt-strike-a-defenders-guide/

#cobaltstrike #defensivesecurity

New update of code ETWPM2Monitor2.1 now is ready after days working on this (some bugs fixed) and i will publish this new ver soon [after some little bit new codes ;D] it almost is ready , as you can see Ekko detected via Extended Memory Scanners ... & all these logs will save in windows event log too and will add to System/Detection logs Tab ....

this tool created in 2021 and after 2 years now its better than before but still has some bugs ;D , it better than before because of some external code and Memory Scanners which made by others, so i should say thanks to all Blue team Developers and Red-team Developers to help me to make this project ETWPM2Monitor2.1 ...

Note: New Memory Scanner [Hunt-Sleeping-Beacons] Added to my #blueteam tools "#ETWPM2Monitor2" v2.1 and test was good but it still needs some new codes to be better than this and code almost is ready now my Tool have new #memoryscanner which is for #detecting #Sleepmasking and #Delay of codes for #Beacons etc.

this tool really needed something like this to cover gap for detection... this new scanner will scan processes every 60sec but in the future i will add some smarter code for this to detect processes better than this and ... so in this case this New Scanner was working independently and even without starting ETWProcessMon2.exe this scanner will work in ETWPM2Monitor2.1, as you know ETWPM2Monitor2.1 needs to work with #ETW #events via [running ETWProcessMon2.exe] etc.

#blueteam #pentesting #pentest #redteam #defender #defensivesecurity #defensive #defensive #defensivetools #monitoring #huntbeacons #beacons #cobaltstrike #soc #threatdetection #threathunting

#KubeCon #KubeConEU

attending

🛡 Kubernetes Defensive Monitoring with Prometheus - David de Torres Huerta & Mirco De Zorzi, Sysdig

#monitoring #devsecops #defensivesecurity

#Kali #Linux 2023.1 Release ( #KaliPurple & Python Changes) | Kali Linux Blog

Over the years, we have perfected what we have specialized in, offensive #security. We are now starting to branch into a new area, defensive security! We are doing an initial technical preview pre-launch of “Kali Purple”. This is still in its infancy and is going to need time to mature.
#DefensiveSecurity

https://www.kali.org/blog/kali-linux-2023-1-release/

The Locksmith Active Directory (AD) Certificate Services (CS) remediation tool has been updated: https://github.com/TrimarcJake/Locksmith

New features:
- Support for Restricted Admin Mode. If RAM is detected, Locksmith will ask to be re-run using the -Credential switch.
- If the AD Powershell module is not installed on Win 10/11, Locksmith will attempt to install it for you.
Note: previously only available on server-class OSes.
- New functions for checking user type and elevation status.
- Auto-generated snippets for ownership issues (a subset of ESC4/ESC5).
- Support for non-English Active Directory environments!

Next planned updates:
- Add individual CA Hosts to $SafeUsers using SIDs.
- Perform additional environment checks before attempting to run.
- Rename modes to something that makes sense.

#IAM #IdentitySecurity #CertificateServices #ActiveDirectory #ActiveDirectoryCertificateServices #ADCS #PKI #Locksmith #OpenSource #DefensiveSecurity #DefensiveSecurityTooling #Pizza

@jerry @lerg Great to hear you guys finally doing another #DefensiveSecurity Podcast :) Thanks, it was a fun listen, and I hope you can keep it up !!

Hey folks, I need some SOC people to talk to to validate an idea I have. hmu @sifex (Twitter @sifex)

@northsh

#blueteam #soc #security #defensivesecurity

Intro to Defensive Security
I have just completed this room!
Check it out
https://tryhackme.com/room/defensivesecurity #tryhackme #security #defensive security #incident response #threat intelligence #malware analysis #DFIR #SOC #SIEM #Security Operations Center #defensivesecurity via @realtryhackme

Hey folks - patch Tuesday once again. Remember, InfoSec starts with you. Microsoft released this month's patch set. This one fixes a total of 49 vulnerabilities - six of which are classified as Critical. Check out the below site for additional details.

#InfoSec #Cyber #CyberSecurity #CyberDefense #DefensiveCyber #DefensiveSecurity

https://www.bleepingcomputer.com/news/microsoft/microsoft-december-2022-patch-tuesday-fixes-2-zero-days-49-flaws/