Adobe Magneto: una pericolosa minaccia RCE per i siti di e-commerce
Gli specialisti di Sicurezza Informatica hanno avvertito che gli #hacker stanno già sfruttando una nuova #vulnerabilità in #Magento (CVE-2024-20720) e l'utilizzatore per implementare una #backdoor persistente sui siti di e-commerce.
🔍 Beginner-Friendly Reverse Engineering Training – Starts February 10th!
In the week of February 10-17, I'll give a remote, beginner-friendly reverse engineering course in cooperation with @ringzer0 This online class is a comprehensive journey into binary program analysis, starting from the absolute basics of reverse engineering, progressing through data type reconstruction, and extending to C++ reverse engineering, malware analysis, and automation techniques.
Key Learning Objectives:
🚀 From Basics to Advanced: Learn reversing from scratch and understand the layers between machine code and high-level languages.
🛠️ Tool Mastery: Become proficient in using IDA, Ghidra, and GDB.
🧩 Code/Data Reconstruction: Learn to reconstruct complex code and data structures from machine code, up to reconstructing C++ class hierarchies.
🕵️ Malware Analysis: Gain strategies for analyzing complex binaries, such as nation-state malware samples.
✋ Hands-On Experience: Practical sessions to strengthen your reverse engineering skills.
Who Should Attend?
Ideal for cybersecurity experts, malware analysts, and forensic specialists looking to delve into reverse engineering and low-level program analysis.
ChatGPT sotto Chiave: Microsoft Impone il Divieto ai suoi impiegati per problemi di sicurezza
Microsoft ha deciso di vietare temporaneamente ai suoi dipendenti l’accesso a #ChatGPT, il noto prodotto di OpenAI, citando preoccupazioni legate alla sicurezza e ai #dati.Tale divieto, comunicato tramite un avviso su un sito Web interno, ha destato l’attenzione degli osservatori.
📚New Blog!
The 2nd part of my "Corporate #OSINT for #SocialEngineering" article is now published.
This blog focuses on the physical perimeter of an organization.
It discusses some of the OSINT techniques used in the planning and preparation of in-person, social engineering attacks.
As security professionals, the goal is to proactively follow the same process a threat actor would to identify information that exposes potential vulnerabilities in our organization’s physical perimeter, and to manage those vulnerabilities.
My hope is that you'll proactively test those resources.
Need more help in getting the full picture on the information that is available about the physical perimeter of your organization? Feel free to reach out!
It appears that the ALPHV ransomware group is behind MGM Resorts' cyberattack on Monday. The way they reportedly gained initial access is by looking into the MGM employees on LinkedIn, picking one, and then calling the Help Desk.
The ALPHV group is said to be "extremely skilled at social engineering".
Yet finding information on an organization's employees on LinkedIn & and then using it in a vishing attack, often impersonating that individual, is a frequent and rather standard practice in #vishing attacks.
I have seen first-hand that there is a need to improve in a few areas:
🔹 Few organizations are prepared to handle phone-based social engineering. Most companies focus almost entirely on #phishing attack simulations.
That allows blind spots and a lack of processes/preparedness in too many other areas like vishing, social media and SMS-based attacks among other things.
🔹 Having a proper identity verification process in place and training your employees to stick with it often mitigates a lot of vishing/impersonation attacks.
Yet in most cases, there is either a lack of verification process or the employees are not aware of it (they sometimes get trained on it once during onboarding, and then forget all about it).
🔹 Understanding that social engineering is not limited to email attacks. It is a serious threat, and it requires working on a comprehensive social engineering prevention protocol.
We are still waiting for more information on the exact methodology. But it won't be the last time we hear of a similar attack scenario.
il jailbreak per le Tesla è servito! L’hack sblocca tutte le funzioni a pagamento e fornisce l’accesso root
I veicoli elettrici #Tesla sono famosi per il loro #approccio immediato alla fornitura di opzioni premium.
Gli acquirenti possono acquistare immediatamente una versione “a pagamento” dell’auto e godere di tutte le funzionalità aggiuntive, oppure possono acquistare una versione base per se stessi, ma #sbloccare molte #funzionalità del #pacchetto premium come parte di un normale abbonamento a pagamento.
Germany's domestic intelligence apparatus (BfV), South Korea's National Intelligence Service (NIS) and the U.S. National Security Agency (NSA) warn about cyber attacks mounted by a threat actor tracked as Kimsuky, using #socialengineering and #malware to target think tanks, academia, and news media sectors.
"Kimsuky has been observed leveraging open source information ( #OSINT ) to identify potential targets of interest and subsequently craft their online personas to appear more legitimate by creating email addresses that resemble email addresses of real individuals they seek to impersonate.
The adoption of spoofed identities is a tactic embraced by other state-sponsored groups and is seen as a ploy to gain trust and build rapport with the victims. The adversary is also known to compromise the email accounts of the impersonated individuals to concoct convincing email messages.
#Kimsuky actors tailor their themes to their target's interests and will update their content to reflect current events discussed among the community of North Korea watchers.
Besides using multiple personas to communicate with a target, the electronic missives come with bearing with password-protected malicious documents, either attached directly or hosted on Google Drive or Microsoft OneDrive."