The Hacker Secret #2: The Dynamite of Next Generation (Y) Attack focus on client-side exploitation with Software bugs, latest windows vulnerabilities, etc...
Technical guidance to prevent wanna cry ransomware attackAvanzo net
Along with the rise of Ransomware attacks around the world named WannaCry or WannaCrypt, a
new variant malware that is believed to be developed using NSA's exploit tools to attack computers with
Microsoft Windows operating system, ISACA ID tries to help provide preventive guidance to avoid those
malware attacks.
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeSysfore Technologies
WannaCry, Wanna Decryptor, WannaCrypt – whatever it's referred to as, is by and large the same bitcoin-demanding beast. In this article, we explain
everything we know about the ransomware that has been raking havoc globally and how you can safeguard yourself against this threat
A presentation on how macros work in Microsoft Word and how they can be used to create malware that can alter settings including a demonstration on how to design a macro to change the default template in Word. The Malware was designed in Windows XP using Microsoft Office 2003. Macros used include AutoOpen, AutoClose, and AutoExec.
Technical guidance to prevent wanna cry ransomware attackAvanzo net
Along with the rise of Ransomware attacks around the world named WannaCry or WannaCrypt, a
new variant malware that is believed to be developed using NSA's exploit tools to attack computers with
Microsoft Windows operating system, ISACA ID tries to help provide preventive guidance to avoid those
malware attacks.
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeSysfore Technologies
WannaCry, Wanna Decryptor, WannaCrypt – whatever it's referred to as, is by and large the same bitcoin-demanding beast. In this article, we explain
everything we know about the ransomware that has been raking havoc globally and how you can safeguard yourself against this threat
A presentation on how macros work in Microsoft Word and how they can be used to create malware that can alter settings including a demonstration on how to design a macro to change the default template in Word. The Malware was designed in Windows XP using Microsoft Office 2003. Macros used include AutoOpen, AutoClose, and AutoExec.
New microsoft application security problemJohn Davis
A zero-day attack on Microsoft XP has been discovered, emphasising the need for businesses to be using the latest software to prevent data loss. http://www.storetec.net/news-blog/new-microsoft-application-security-problem.
New microsoft application security problemJohn Davis
A zero-day attack on Microsoft XP has been discovered, emphasising the need for businesses to be using the latest software to prevent data loss. http://www.storetec.net/news-blog/new-microsoft-application-security-problem.
ProxyLogon - MS Exchange Server Vulnerabilities - JS Edited.pptxSecPod
On December 10, 2020, Orange Tsai, a Taiwanese security researcher, discovered a pre-authentication proxy vulnerability (CVE-2021-26855) in Microsoft Exchange Servers that allows a remote actor to bypass authentication and receive admin server privileges.
On March 2, Microsoft released critical security updates for four crucial zero-day vulnerabilities discovered in Exchange Servers. Within one week, at least 30,000 U.S. organizations and hundreds of thousands of organizations worldwide had fallen victim to an automated campaign run by HAFNIUM that provides the attackers with remote control over the affected systems.
In this session of SecPod Labs Intelligence Series, Veerendra GG and Pooja Shetty, will discuss:
1. What is Proxyogon Vulnerability and how can it impact your security
2. What made ProxyLogon so contagious and spread like a wildfire
3. Steps you can take to remediate the risk of being attacked
This article is all about "STUXNET", the first weapon built entirely out of code.
It gives a brief insight of what is it all about. A new world of computer programming where you can make deadly weapons with codes. Read the complete article to know more about it.
For my presentation on this article visit : http://www.slideshare.net/hardeep4u/stuxnet-more-then-a-virus
Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3IJERA Editor
Linux Operating System is being reverenced by many professionals because of its versatile nature. As many network security professionals ,particularly those of ethical hackers use linux in an extensive way, did we ever observe how and why the number of hackers were enhancing day to day. Not only professionals ,every one are unleashing their hacking potentials with the help of Backtrack5R3 operating system which is a comprehensive tool kit for security auditing. This paper emphasizes on the so called SET (Social Engineering Toolkit).In a pen-testing scenario, alongside uncovering vulnerabilities in the hardware and software systems and exploiting them ,the most effective of all is penetrating the human mind to extract the desire information. Such devious technics are known as social engineering ,and computer based software tools to facilitate this form the basis of Social Engineering Toolkit
Given at TRISC 2010, Grapevine, Texas.
http://www.trisc.org/speakers/aditya_sood/#p
The talk sheds light on the new trends of web based malware. Technology and Insecurity goes hand in hand. With the advent of new attacks and techniques the distribution of malware through web has been increased tremendously. Browser based exploits mainly Internet Explorer have given a birth to new world of malware infection. The attackers spread malware elegantly by exploiting the vulnerabilities and drive by downloads. The infection strategies opted by attackers like malware distribution through IFRAME injections and Search Engine Optimization. In order to understand the intrinsic behavior of these web based malware a typical analysis is required to understand the logic concept working behind these web based malwares. It is necessary to dissect these malwares from bottom to top in order to control the devastating behavior. The talk will cover structured methodologies and demonstrate the static, dynamic and behavioral analysis of web malware including PCAP analytics. Demonstrations will prove the fact and necessity of web malware analysis.
Reducing attack surface on ICS with Windows native solutionsJan Seidl
Presentation given at 4SICS conference in Stockholm, Sweden about using Windows built-in solutions like Software Restriciton Policies/App Locker, EMET and other minor things.
Earlier this year, during a security sweep, Kaspersky Lab detected a cyber intrusion affecting several of its internal systems. Following this finding, we launched a large-scale investigation, which led to the discovery of a new malware platform from one of the most skilled, mysterious and
powerful groups in the APT world – Duqu. The Duqu threat actor went dark in 2012 and was believed to have stopped working on this project - until now. Our technical analysis
indicates the new round of attacks include an updated version of the infamous 2011 Duqu malware, sometimes referred to as the step-brother of Stuxnet. We named this
new malware and its associated platform “Duqu 2.0”.
Victims of Duqu 2.0 have been found in several places, including western countries, the Middle East and Asia. The actor appears to compromise both final and utilitarian targets, which allow them to improve their cyber capabilities. Most notably, some of the new 2014-2015 infections are linked to the P5+1 events and venues related to the negotiations with Iran about a nuclear deal. The threat actor behind Duqu appears to have launched attacks at the venues for some of these high level talks.
In addition to the P5+1 events, the Duqu 2.0 group has launched a similar attack in relation to the 70th anniversary event of the liberation of Auschwitz-Birkenau.
In the case of Kaspersky Lab, the attack took advantage of a zero-day (CVE-2015-2360) in the WindowsKernel, patched by Microsoft on June 9 2015 and possibly up to two other, currently patched vulnerabilities, which were zeroday at that time.
UEFI Firmware Rootkits: Myths and RealitySally Feller
Earlier this month, we teased a proof of concept for UEFI ransomware which was presented at RSA Conference 2017. The HackingTeam, Snowden, Shadow Brokers, and Vault7 leaks have revealed that UEFI/BIOS implants aren't just a theoretical concept but have actually been weaponized by nation states to conduct cyber espionage. Physical access requirements are a thing of the past, these low level implants can be installed remotely by exploiting vulnerabilities in the underlying UEFI system.
Today at BlackHat Asia 2017, we are disclosing two vulnerabilities in two different models of the GIGABYTE BRIX platform:
GB-BSi7H-6500 – firmware version: vF6 (2016/05/18)
GB-BXi7-5775 – firmware version: vF2 (2016/07/19)
Similar to The Dynamite of Next Generation (Y) Attack (20)
Due to the fast-growing on mobile application trends along with business competition, the lack of security concern on mobile development become critical issues which may lead to reputation damage, financial loss and non-compliance (e.g. Privacy and Cybersecurity laws). It's time to focus on Mobile Defense-in-Dev(Depth) !!
The talk will provide the real-world case-studies on mobile application threats in conjunction with the cybersecurity risk mitigation using Secure development standard and guideline which should be integrated into the development process.
The session will provide the risk of insecure mobile application development in various types with demonstration; Client-side, Communication channel and Server side. The presentation includes case study of insecure development practice which lead attacker to abuse the vulnerable application (e.g. Coin/Gem cheating on gaming app, Bypassing security control on client-side and server-side).
TL;DR
Motivation
Dynamic binary instrumentation
FRIDA
DBI without rooting / jailbreaking
Unleash the power of Frida
Case study for runtime exploitation
Countermeasure
References
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
13. Web BrowserVulnerabilities
Google Chrome still secure !!
IE / Firefox / Safari still PWNED !!
ActiveX Control and JavaApplet stillTOP Hit for Attack!!
Web BrowserToolbar coming with other software
Using Heap Spraying via JavaScript
Focus on Client-Side Exploitation
14. Web BrowserVulnerabilities - IE
IE DHTML Behaviours User After Free
IETabular Data Control ActiveX Memory Corruption
IEWinhlp32.exe MsgBox Code Execution
Zero-Day: IE 6/7/8 CSS SetUserClip Memory Corruption
(mshtml.dll) – No DEP/ASLR
24. MS Shortcut (LNK) Exploit
MSWindows Shell CouldAllow Remote Code Execution
Use DLL HijackingTechniques for exploitation
Affect every release of theWindows NT kernel (2000,XP,Server 2003,Vista,Server
2008,7)
Patch release MS10-046 on August 24 2010
Attack Layer 8 – Client-Side Exploitation
New Generation ofTargetedAttacks – StuxnetWorm
StuxnetWorm – First Attack SCADA System and Iran nuclear reactor via USB
and Fileshares with Zero-dayWindows vulnerabilities
Stuxnet abused Auto-Run feature to spread (Just open it)
25. StuxnetWorms
MS Server Service Code Execution MS08-067 (Conficker
worms)
MS SMBv2 Remote Code Execution MS09-050
MS Shortcut (LNK)Vulnerability MS10-046
MS Print Spooler Service Code Execution MS10-061
MS Local Ring0 Kernel Exploit MS10-015
MS Keyboard Layout File MS10-073
Zero Day – MSTask Scheduler
26. Latest Zero Day – MS Local Kernel Exploit
(Win32k.sys)
MSWindows Local Kernel Exploit
Zero Day until Now !! – Still No Patch…
Affect every release of theWindows NT kernel (2000,XP,Server
2003,Vista,Server 2008,7)
Elevate Privilege from USER to SYSTEM
The Exploit takes advantage of a bug inWin32k.sys
Bypass User Account Control (UAC)
GetThe Hell
Outta Here !!