Missed PTP Cyber Fest 2025? Here’s what happened…

It was two days of hands-on activities, conversations, and an incredible effort that raised over £27,000 for NSPCC with Cyber House Party! 🎉

📌We’ve wrapped up the highlights here: https://www.pentestpartners.com/security-blog/ptp-cyber-fest-2025-more-than-just-another-conference/

A huge thank you to everyone who joined us!

The speakers, the volunteers, our partners RiverSafe Ltd, Retail & Hospitality ISAC, Auto-ISAC, Aviation ISAC, and every attendee who got stuck in and helped shape the event into something truly special.

#CyberFest2025 #CyberSecurity #InfosecCommunity #CyberHouseParty

Some heroes fly. Some heroes fight.
But the real heroes?

👨‍💻 Stop cyberattacks.
🔒 Protect sensitive data.
💻 Reset your password when you forget it… again.

Shoutout to cybersecurity heroes! 🛡️

🔗 https://techgeeksapparel.com/not-all-heroes-wear-capes-cybersecurity-shirt/
#CyberHeroes #NotAllHeroesWearCapes #InfosecCommunity #HackerLife

Does anyone know how booting Linux in FIPS mode gains any use or security from the `.vmlinuz.hmac` file? The interweb has no info at all.

It's a basic SHA of the vmlinuz file, but it has no way to verify authenticity or integrity of the hash, and is distributed with the thing it supposedly verifies. How does that have any purpose?

#cybersecurity #security #infosec #InfosecCommunity #askInfosec

CISO Dallas 2025 https://www.semanarioregionaldenoticias.com/event/ciso-dallas-2025/ #CISODallas #CISODallas2025
#CybersecurityLeadership
#CyberRiskManagement
#AIinCybersecurity
#GRC
#IncidentResponse
#CyberDefense
#CISOEvent
#CyberSecurityStrategy
#InfoSecCommunity
#CyberResilience
#CrossFunctionalCollaboration
#SecurityInnovation

🦩 Flamingo flaps and pirouettes into 2025

Hey infosec flock! Your favorite pink security bird here, ready to dance into the New Year! 🎉

While you're popping champagne, I'm popping shells (responsibly in my homelab, of course! 😉). Here's to:

- Fresh API keys 🔑
- Clean logs 📝
- Zero incidents 🛡️
- And plenty of uptime for all your cloud experiments! ⛅

Remember friends: Just like how I backup my precious conference badge collection, don't forget to start your year with fresh backups!

Pro-tip from this security flamingo: New Year is perfect for password updates! (Though between us birds, I hear passphrases are where it's at - much easier to type with these feathers! 🪶)

Wishing my entire #infosec community a safe, secure, and hack-tastic 2025! May your packets be clean and your firewalls stay strong! 💪

Gracefully dances away to check on my homelab

#InfosecCommunity #HappyNewYear #SecurityFlamingo #BSidesChicago #HomelabLife @rnbwkat

💗 Flamingo leg wiggle Hello Security Fam!

It's your favorite pink party bird @sashatheflamingo here, standing tall (on one leg, as we do) with some post-BSidesChicago reflections!

You know what's better than a flamingo pool party? Seeing how our BSides magic is still spreading its wings! While this week might have brought some stormy weather, I'm still riding high on our conference success:

- Watching our flock grow stronger and support each other
- Seeing first-time speakers soar to new heights
- Spotting BSides swag in the wild (almost as fabulous as my feathers!)
- All your heartwarming messages about the impact of our gathering

And hold onto your feathers, because 2025 is going to be EXTRA FLAMAZING!
🎉 We're doubling the fun with TWO FULL DAYS:

Day 1: Workshop Wonderland 🛠️
Day 2: Main Conference Magic 🎤

Remember, like any good flamingo knows - we're strongest when we stand together (even if sometimes it's on one leg). 💖
Keep that BSides spirit flying high! ✨

Gracefully dances away to plan next year's shenanigans

#BSidesChicago #InfoSecCommunity #CyberSecurity #BSidesChicago2025 #FlamingoPower #SashaTheFlamingo

🏆 MASSIVE shoutout to our absolutely PHENOMENAL CTF team!

Y'all brought the HEAT this year! Watching you create those mind-bending challenges, mentor students from UIUC and Texas A&M, and keep that room PACKED and BUZZING all day was nothing short of spectacular!

The energy in that CTF room was ELECTRIC - every solve, every lightbulb moment, every victory cheer just showed how much impact you're having on our community.

To see students and seasoned pros alike diving deep into your challenges, learning, growing, and having an absolute blast? That's what #BSidesChicago is all about!

Thank you for pouring your expertise, creativity, and passion into making our #CTF an unforgettable experience yet again! 🔥

#BSidesCHI #BsidesChicago #InfosecCommunity #ThisIsHowYouMentor

(Rumor has it some of those robot flamingos tried to solve the CTF too... 🦩) @sashatheflamingo

What an INCREDIBLE #BSidesChicago2024 #BSidesChicago

I'm still buzzing from all the amazing energy and community spirit we saw yesterday!!

The talks were phenomenal - from first-time speakers bringing fresh perspectives to industry veterans dropping knowledge bombs. Our Career Village was packed with meaningful conversations and real opportunities (those resume reviews were 🔥).

And that @LockEx team? Absolute legends! They kept the picks clicking and the knowledge flowing all day long!

Don't even get me started on the Great Flamingo Hunt! Watching everyone - from seasoned hackers to newcomers - getting excited about finding flamingos (and hunting down our volunteers who might be hiding them 😂) brought such joy to the event.

None of this would have been possible without our AMAZING volunteer team. They poured their hearts into making this conference special, and it showed in every detail.

To everyone who attended, spoke, volunteered, or supported #BSidesCHI in any way - THANK YOU! You've helped create something truly special in the Chicago infosec community.

(And yes, those robot flamingos are probably already planning next year's con...)

#InfosecCommunity #ConferenceLife #ProudOrganizer @sashatheflamingo

💼 How do you balance flexibility and security in user access?

The combination of Privilege Bracketing and the Principle of Least Privilege is a powerful defense that reduces your attack surface and minimizes the risk of data breaches. 🚨

By granting temporary access and revoking it after task completion, these techniques keep sensitive data secure.

🔐 How does your organization handle temporary access?

Read more about how you can implement these strategies: https://guardiansofcyber.com/cybersecurity-news/privilege-bracketing-cybersecurity/

#Cybersecurity #GuardiansOfCyber #Infosec #DataProtection #InfoSecCommunity #SecurityTips #AccessControl #POLP #PrivilegeBracketing #DataSecurity

The clock is ticking—Bsides PDX kicks off this Friday. Thanks to our sponsors for their support. Their contributions allow us to bring together students, hackers, and security professionals.
@Hacker0x01

#BsidesPDX #InfosecCommunity #Cybersecurity

The clock is ticking—Bsides PDX kicks off this Friday. Thanks to our sponsors for their support. Their contributions allow us to bring together students, hackers, and security professionals.
@Hacker0x01
#BsidesPDX #InfosecCommunity #Cybersecurity

¡Pronto empezaremos a anunciar a nuestros espectaculares patrocinadores para esta edición de #bsidescdmx24!

¿Quieres ser parte y apoyar a la comunidad en México? ¡Aún hay espacio! https://bsidescdmx.org/sponsors/
.
.
.
#infosecconference #callforsubmissions #SecurityBSides #cdmx #callforwOrkshops #cybersecurity #CallForPapers #CEP #Infosec #callforspeakers #cyber #CEW #infosecurity #callforsponsors #infoseccommunity #hacking #cybersecuritytraining #cybersecuritynevws #Hackers #hack

¿Tienes algo que compartir con la comunidad de infosec en México?, ¿qué esperas? Queda un mes para meter tu #cfp a #bsidescdmx24

https://t.ly/nVLhC
.
.
.
#infosecconference #callforsubmissions #SecurityBSides #cdmx #callforworkshops #cybersecurity #CallForPapers #CFP #Infosec #callforspeakers #cyber #CFW #infosecurity #callforsponsors #hackerspace #callforsponsorship #securitytalks #infoseccommunity #hacking #cybersecuritytraining #cybersecuritynews #Hackers #hack

Hey #InfoSec peeps: what #hids / host-based intrusion detection systems do you all suggest these days? I interested in covering #Windows, #macOS, & #Linux.
[ #InfosecCommunity #security #infosecurity ]

"⚠️ Windows SmartScreen Bypass Alert: CVE-2024-21351 Unveiled 🔓"

A new vulnerability, CVE-2024-21351, exposes a security feature bypass in Windows SmartScreen, enabling attackers to execute arbitrary code by tricking users into opening a malicious file. This flaw, with a CVSS score of 7.6, follows the previously patched CVE-2023-36025, indicating a method to circumvent Microsoft's efforts in securing its SmartScreen feature. Attackers exploit this vulnerability actively in the wild, despite Microsoft's release of an official fix.

Technical breakdown: CVE-2024-21351 allows code injection into SmartScreen, bypassing protections and potentially leading to data exposure or system unavailability. Cybersecurity professionals must understand the attack vector, which requires social engineering to convince a user to open a malicious file.

Tags: #CyberSecurity #WindowsSecurity #CVE2024-21351 #SmartScreenBypass #Vulnerability #PatchNow #InfoSecCommunity #ThreatIntelligence 🛡️💻🔧

Mitre CVE Summary: CVE-2024-21351

"🚨 #FortinetFlaw Alert! RCE Vulnerability in SSL VPN - Act Now! 🚨"

Fortinet's SSL VPN is in the spotlight due to a newly discovered RCE vulnerability, potentially exploited in recent attacks due to the existence of an exploit being publicly available. Identified as CVE-2022-40684 (FG-IR-24-015) (Critical/9.8 rating), this flaw allows unauthenticated attackers to execute arbitrary code. Upgrading to version 6.2.16, 6.4.15, 7.0.14, 7.2.7 or 7.4.3 eliminates this vulnerability. Security researchers urge immediate patching as exploits are likely circulating. 🛡️💻🔐

#CyberSecurity #RCE #Fortinet #Vulnerability #PatchNow #InfoSec #SSLVPN #Exploit

Source: BleepingComputer, Tenable

Tags: #CVE2022-40684 #FORTIOS #SecurityUpdate #Mitigation #InfoSecCommunity #CyberThreats #FGIR24015

"🚨 2x High Alert: Ivanti's CVE-2024-21888 - Privilege Escalation Vulnerability AND CVE-2024-21893 - Server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure🚨"

A high-severity vulnerability, CVE-2024-21888, has been identified in Ivanti Connect Secure & Ivanti Policy Secure (versions 9.x, 22.x). This vulnerability permits privilege escalation, allowing a user to gain administrative privileges.

And also a high vulnerability, named CVE-2024-21893, has been discovered in Ivanti Connect Secure and Policy Secure up to versions 9.1R18/22.6R2. This vulnerability affects the SAML component and can be exploited remotely. It allows an attacker to manipulate unknown input, leading to a server-side request forgery issue. There is no publicly available exploit.

A patch has been released to address this vulnerability. Admins are advised to apply patches ASAP and consider a factory reset of devices as an extra precaution.

Tags: #CyberSecurity #VulnerabilityAlert #Ivanti #CVE202421888 #CVE2024221893 #PrivilegeEscalation #PatchManagement #InfosecCommunity #SystemAdmins 🔐💻🛡️

Source: Ivanti's Forums Tenable

"🚨 Akira Ransomware Strikes! Bucks County's Emergency Services Crippled 🚨"

Bucks County's emergency dispatch system faced a severe cyberattack, which is now traced back to the notorious Akira ransomware gang. This attack resulted in significant operational disruptions, forcing emergency services to revert to manual methods. As a sophisticated group known for targeting governments and businesses globally, Akira's modus operandi includes charging exorbitant ransoms for releasing hijacked data. The county, in collaboration with federal agencies, continues to investigate, maintaining operational 9-1-1 services despite the challenges.

Source: Hayden Mitman via nbcphiladelphia.com

Tags: #CyberAttack #Ransomware #EmergencyServices #AkiraRansomware #BucksCounty #Cybersecurity #InfoSec 🚒🔒💻

Additional insights from Sophos News highlight the Akira ransomware gang's techniques, including exploiting Remote Desktop Protocol (RDP) for lateral movement and utilizing tools like Advanced IP Scanner for network reconnaissance. They're known for persistence tactics, such as creating user accounts and modifying registry keys for sustained access. Defense evasion strategies include uninstalling security tools and manipulating Windows Defender settings. For command-and-control, AnyDesk and bespoke Trojans are employed for remote network access.

This deep dive into Akira's tactics emphasizes the need for robust cybersecurity measures in critical infrastructure sectors.

Source: Sophos News

Tags: #Cybersecurity #APT #RansomwareTactics #Sophos #InfoSecCommunity #NetworkSecurity 🛡️💡💻

"⚠️ Chae$ 4.1: Taunting direct message to researchers at Morphisec within the source code. ⚠️"

The original Chae$ malware was identified in September 2023, and its latest version, dubbed Chae$ 4.1, employs advanced code polymorphism to bypass antivirus detection. It also includes a direct message to Morphisec researchers thanking them for their effort and hoping not to disappoint.

That's got to sting...

🛡️💻🔒

Source: Hackread by Deeba Ahmed

Tags: #CyberSecurity #MalwareAlert #Chae$Malware #Morphisec #AdvancedThreats #InfoSecCommunity #DriverScam #DataProtection #UserAwareness 🚨🌍💡

"DarkGate Malware Unleashed: A New Threat in the Cybersecurity Arena 🚨"

The Splunk Threat Research Team has recently conducted an in-depth analysis of DarkGate malware, uncovering its utilization of the AutoIt scripting language for malicious purposes. This malware is notorious for its sophisticated evasion techniques and persistence, posing a significant threat. DarkGate employs multi-stage payloads and leverages obfuscated AutoIt scripts, making it difficult to detect through traditional methods. It is capable of exfiltrating sensitive data and establishing command-and-control communications, underscoring the need for vigilant detection strategies.

The key tactics and techniques of DarkGate include keylogging, remote connections, registry persistence, browser information theft, and C2 communication. One of its attack vectors involves the use of malicious PDF files that trigger the download of a .MSI file containing the DarkGate payload, demonstrating the complex strategies employed by adversaries.

For threat emulation and testing, the team recommends employing an Atomic Test focused on AutoIt3 execution (as per the MITRE ATT&CK technique T1059). Security teams are advised to concentrate on endpoint telemetry sources such as Process Execution & Command Line Logging, Windows Security Event Logs, and PowerShell Script Block Logging for effective detection.

Special commendations to authors Teoderick Contreras and Michael Haag, and the entire Splunk Threat Research Team, for their comprehensive analysis.

Tags: #DarkGate #AutoIt #MalwareAnalysis #CyberSecurity #ThreatIntelligence #MITREATTACK #InfoSecCommunity #SplunkResearch

Blog Splunk Threat Research Team