Summary: The video discusses the insights shared by Edna Johnson, a cybersecurity engineer and community volunteer, on their journey into the cybersecurity field, their experience with various organizations and events, and advice for newcomers in the industry. Edna emphasizes the importance of volunteering and participating in the community, highlights their recent achievements, and discusses the evolution of cybersecurity practices, particularly in threat hunting and detection engineering.…
Read More Tag: THREAT HUNTING
Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More
Summary: Attackers are increasingly exploiting vulnerabilities before defenses are ready, utilizing trusted security tools for malicious activities. This week’s highlights include a critical Windows zero-day vulnerability and various malware exploitation incidents, emphasizing the urgency of proactive security measures. Organizations must strengthen their defenses against the evolving threat landscape, as attackers continuously adapt their tactics.…
Read More
This strategic estimate and countermeasure plan addresses the escalating threat posed by Chinese cyber operations targeting critical infrastructure, particularly in the U.S., Europe, and Asia-Pacific regions. It emphasizes the need for coordinated resilience across government and private sectors and highlights specific recommendations for fortifying defenses against cyber intrusions, including the development of offensive strategies and enhanced international collaboration.…
Read More 
The article examines the sophisticated cyber espionage group known as BlackTech, believed to be state-sponsored by the People’s Republic of China. Since at least 2010, they have targeted critical sectors across East Asia and the US, employing advanced tactics, techniques, and procedures (TTPs) to infiltrate networks and steal valuable information.…
Read More Courses to become a “Zero to Hero” in Cyber Security without marketing , you will have to:
study a lot (we are talking about a “Hero” right?)study “non-technical” and “unconventional” things (Quality = Hard Skills + Soft Skills)study the same thing more than once (Learn = Repeat + Repeat + Repeat)Good point:
The only investment is your time, everything is “on the line”, “free”, “no cost”.…
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Read More General • Servers • Vulnerabilities • Exploits • Attack surface • Code • Email addresses • Domains • URLs • DNS • Certificates • WiFi networks • Device Info • Credentials • Leaks • Hidden Services • Social Networks • Phone numbers • Images • Threat Intelligence • Web History • Files • Surveillance cameras • Crypto • People
General Search EnginesGoogleBingYahoo!YandexAskBaiduSearXNGEXALeadDuckDuckGoSwisscowsNaverAOLBraveYepGibiruKagiStractServersShodan – Search Engine for the Internet of EverythingCensys Search – Search Engine for every server on the Internet to reduce exposure and improve securityOnyphe.io …
Summary: The Cybersecurity and Infrastructure Security Agency (CISA) plans to significantly reduce its workforce by cutting approximately 1,300 employees in response to heightened scrutiny from the White House. The agency’s budget cuts, which include slashing half of its full-time staff and additional contractors, are linked to criticism over its perceived role in censoring conservative viewpoints.…
Read More 
The cryptocurrency community is under increasing attack from threat actors using malicious packages to compromise legitimate software. A recent campaign involved the pdf-to-office package, which was designed to inject malicious code into crypto wallets like Atomic Wallet and Exodus, enabling attackers to redirect funds to their own addresses.…
Read More 
Summary: French cybersecurity startup Qevlar AI has secured million in its latest funding round, bringing its total investment to million. The funds will be used to enhance product development and expand internationally. Qevlar’s platform utilizes AI to automate incident analysis, improving the efficiency of security operations centers (SOCs).…
Read More 
Summary: This article explores the transformative power of Agentic AI in Security Operations Centers (SOCs), emphasizing its autonomy compared to traditional Assistant AI tools. It highlights how Agentic AI automates critical triage and investigation tasks, reducing analyst fatigue while improving operational efficiency and cost-effectiveness. The article also offers key considerations for evaluating Agentic AI solutions to enhance security operations.…
Read More Summary: The video discusses a live training session for the Just Hacking community, highlighting new courses and features, including VPN support for accessing a new lab environment. The session introduces a special guest, Anton, who presents the “Constructing Defense” course, focusing on teaching cybersecurity principles through real-world scenarios and hands-on lab exercises.…
Read More 
Summary: A series of cyberattacks have targeted some of Australia’s largest superannuation funds, compromising over 20,000 member accounts, with significant impacts reported by AustralianSuper and Australian Retirement Trust. In response, affected organizations have implemented immediate protective measures and are working closely with national authorities to secure member information.…
Read More 
This article provides an in-depth exploration of EncryptHub, a rising cybercriminal, detailing his background, mistakes in operational security (OPSEC), and reliance on AI tools like ChatGPT in his malicious activities. The story reflects the duality of EncryptHub’s aspirations as a legitimate security researcher and his descent into cybercrime.…
Read More 
OUTLAW is a persistent, auto-propagating coinminer that utilizes simple techniques such as SSH brute-forcing and modification of commodity miners for infection and persistence. By deploying a honeypot, researchers gained insights into how OUTLAW operates, revealing the malware’s ability to maintain control and expand its botnet with basic tactics.…
Read More 
In recent spear-phishing attempts, the Konni APT has impersonated South Korean government entities such as the National Human Rights Commission and the National Police Agency to instigate fear of human rights violations and hacking incidents. The attacks utilize deception tactics to install malicious files, notably LNK shortcuts and AutoIT scripts.…
Read More Summary: The video discusses an interview with Rob Allen, Chief Product Officer at ThreatLocker, focusing on the integration of AI in security products and the challenges in the cybersecurity landscape. It addresses recent vulnerabilities in Microsoft systems and various security updates required to enhance protection against potential attacks.…
Read More 
As the tax season approaches in the U.S., Microsoft has noted an increase in phishing campaigns using tax-related themes to steal sensitive information and deploy malware. These campaigns exploit various techniques, including URL shorteners, QR codes, and legitimate file-hosting services to evade detection. The reported threats include credential theft linked to platforms like RaccoonO365 and various malware types such as Remcos and Latrodectus.…
Read More 
This content explores the significance of Cyber Threat Intelligence (CTI) in improving organizational security and understanding the threat landscape. It delves into the motivations of various types of threat actors, their tactics, and how to effectively mitigate risks. The goal is to provide a comprehensive guide that enhances awareness and proactive measures against cyber threats.…
Read More 
The article discusses a sophisticated ransomware attack involving Qilin ransomware, which utilizes the technique of bring-your-own-vulnerable-driver (BYOVD) to bypass traditional Endpoint Detection and Response (EDR) measures. The analysis uncovers the exploitation of a lesser-known driver, TPwSav.sys, in the context of a ransomware-as-a-service model. It emphasizes the vulnerabilities exploited, the attack chain, and the retaliation measures taken by Blackpoint’s Security Operations Center (SOC).…
Read More 
Summary: Many organizations face significant gaps between their expected and actual security control effectiveness, often realizing these deficiencies only after a breach occurs. Current traditional testing methods are inadequate for truly validating security measures, leading to blind spots that may not be uncovered until it’s too late.…
Read More