π A surge in cyber attacks: Is critical infrastructure safe?
π https://hacklido.com/blog/923-a-surge-in-cyber-attacks-is-critical-infrastructure-safe
π https://hacklido.com/blog/923-a-surge-in-cyber-attacks-is-critical-infrastructure-safe
HACKLIDO
A surge in cyber attacks: Is critical infrastructure safe?
According to data from Check Point Research, Q2 2024 saw a 30% surge in cyber attacks worldwide. And itβs reflected in the headlines: UK telecoms company...
βοΈ CyberWeekly 12' Oct | Issue #9
βοΈ Internet Archive breach exposed 31M users' data, Microsoft Patch Tuesday fixed critical flaws, Firefox zero-day patched, OpenAI blocked AI misuse, education cyber threats rise.
π https://hacklido.substack.com/p/cyberweekly-12-oct-issue-9
βοΈ Internet Archive breach exposed 31M users' data, Microsoft Patch Tuesday fixed critical flaws, Firefox zero-day patched, OpenAI blocked AI misuse, education cyber threats rise.
π https://hacklido.substack.com/p/cyberweekly-12-oct-issue-9
βοΈ CyberWeekly 19' Oct | Issue #10
βοΈ Apple and Google propose shorter SSL/TLS certificate lifecycles, CISA warns of SolarWinds vulnerabilities, Iranian cyber threats targeting critical infrastructure, and post-quantum cryptography.
π https://hacklido.substack.com/p/cyberweekly-19-oct-issue-10
βοΈ Apple and Google propose shorter SSL/TLS certificate lifecycles, CISA warns of SolarWinds vulnerabilities, Iranian cyber threats targeting critical infrastructure, and post-quantum cryptography.
π https://hacklido.substack.com/p/cyberweekly-19-oct-issue-10
π Security Training and Freelancers
π https://hacklido.com/blog/884-security-training-and-freelancers
π https://hacklido.com/blog/884-security-training-and-freelancers
HACKLIDO
Security Training and Freelancers
Weβve all been there. The request pops up in your work inbox β complete your cybersecurity awareness course now. You put it off for a few days, but ultima...
π Pentesting Active Directory - Series @hacklido
Β» #1 - Active directory and familiarize with itβs components like trees, forest and trust relations
Β» #2 - Authentication, Authorization, Access Control, Users, KRGBT, Golden ticket attack and more
Β» #3 - reconnaissance & Enumeration in AD - Using AD Module, Bloodhound, PowerView & Adalanche
Β» #4 - LLMNR Poisoning
Β» #5 - Lateral movement, privilege escalation and some amazing tools that you can add to your arsenal
Β» #6 - Domain persistence and cross forest attacks
π Save it to read later
π Link to collection: https://hacklido.com/lists/6
Β» #1 - Active directory and familiarize with itβs components like trees, forest and trust relations
Β» #2 - Authentication, Authorization, Access Control, Users, KRGBT, Golden ticket attack and more
Β» #3 - reconnaissance & Enumeration in AD - Using AD Module, Bloodhound, PowerView & Adalanche
Β» #4 - LLMNR Poisoning
Β» #5 - Lateral movement, privilege escalation and some amazing tools that you can add to your arsenal
Β» #6 - Domain persistence and cross forest attacks
π Save it to read later
π Link to collection: https://hacklido.com/lists/6
π Essential Security Practices for Node.js Web Applications
π https://hacklido.com/blog/936-essential-security-practices-for-nodejs-web-applications
π https://hacklido.com/blog/936-essential-security-practices-for-nodejs-web-applications
HACKLIDO
Essential Security Practices for Node.js Web Applications
1. Implementing SSL/TLS Security Securing data transmission between clients and servers is crucial, particularly when handling sensitive information. HTT...
π Breaking Down the ISC2 2024 Cybersecurity Workforce Study: Key Insights and Career Tips
π https://hacklido.com/blog/942-breaking-down-the-isc2-2024-cybersecurity-workforce-study-key-insights-and-career-tips
π https://hacklido.com/blog/942-breaking-down-the-isc2-2024-cybersecurity-workforce-study-key-insights-and-career-tips
HACKLIDO
Breaking Down the ISC2 2024 Cybersecurity Workforce Study: Key Insights and Career Tips
ISC2 just dropped 2024 ISC2 Cybersecurity Workforce Study report and after reading it here are my thoughts: As organizations continue to battle escalatin...
βοΈ CyberWeekly 09' Nov | Issue #11
βοΈ Interpol's crackdown on cybercrime, Google Cloud MFA requirement, Germany's protection for researchers, Snowflake hacking arrests, Cisco vulnerability fixes.
π https://hacklido.substack.com/p/cyberweekly-09-nov-issue-11
βοΈ Interpol's crackdown on cybercrime, Google Cloud MFA requirement, Germany's protection for researchers, Snowflake hacking arrests, Cisco vulnerability fixes.
π https://hacklido.substack.com/p/cyberweekly-09-nov-issue-11
π Pwn College β Talking to Web Walkthrough
π https://hacklido.com/blog/945-pwn-college-talking-to-web-walkthrough-by-karthikeyan-nagaraj
π https://hacklido.com/blog/945-pwn-college-talking-to-web-walkthrough-by-karthikeyan-nagaraj
HACKLIDO
Pwn College β Talking to Web Walkthrough
Sending requests to a Web server via Curl, Netcat, and Python to Access Sensitive files and data | 2024 Note: The below notes were taken while I was solvi...
π SUID Exploits Uncovered: A Step-by-Step Privilege Escalation Guide
π https://hacklido.com/blog/946-suid-exploits-uncovered-a-step-by-step-privilege-escalation-guide
π https://hacklido.com/blog/946-suid-exploits-uncovered-a-step-by-step-privilege-escalation-guide
HACKLIDO
SUID Exploits Uncovered: A Step-by-Step Privilege Escalation Guide
How to Read Sensitive Files with SUID set on the Commands and How to Escalate Privilege Introduction to Pwn College pwn.college is an online platform that...
π CyberWeekly 23' Nov | Issue #12
βοΈ AI fuzzing, OSS-Fuzz, open-source bugs, ransomware recovery, cybersecurity, CISA audit, D-Link flaws, EOL routers, Ubuntu need restart, privilege escalation, Linux security, patching, healthcare IT.
π https://hacklido.substack.com/p/cyberweekly-23-nov-issue-12
βοΈ AI fuzzing, OSS-Fuzz, open-source bugs, ransomware recovery, cybersecurity, CISA audit, D-Link flaws, EOL routers, Ubuntu need restart, privilege escalation, Linux security, patching, healthcare IT.
π https://hacklido.substack.com/p/cyberweekly-23-nov-issue-12
π CyberWeekly 01' Dec | Issue #13
βοΈ TL;DR: Russian hackers leveraged unsecured nearby Wi-Fi to breach networks, bypassing MFA protections. Another campaign exploited an old Avast driver to disable endpoint security tools through a BYOVD attack. DEF CON volunteers teamed up with U.S. water utilities to strengthen cybersecurity for under-resourced critical infrastructure. Meanwhile, SCOTUS allowed a class-action lawsuit against Meta to proceed, stemming from the Cambridge Analytica data scandal. Lastly, a Microsoft 365 outage disrupted services like Teams, Exchange, and SharePoint, prompting calls for stronger contingency planning and SLA reviews.
π https://hacklido.substack.com/p/cyberweekly-01-dec-issue-13
βοΈ TL;DR: Russian hackers leveraged unsecured nearby Wi-Fi to breach networks, bypassing MFA protections. Another campaign exploited an old Avast driver to disable endpoint security tools through a BYOVD attack. DEF CON volunteers teamed up with U.S. water utilities to strengthen cybersecurity for under-resourced critical infrastructure. Meanwhile, SCOTUS allowed a class-action lawsuit against Meta to proceed, stemming from the Cambridge Analytica data scandal. Lastly, a Microsoft 365 outage disrupted services like Teams, Exchange, and SharePoint, prompting calls for stronger contingency planning and SLA reviews.
π https://hacklido.substack.com/p/cyberweekly-01-dec-issue-13
π CyberWeekly 07' Dec | Issue #14
π https://hacklido.substack.com/p/cyberweekly-07-dec-issue-14
βοΈ Deloitte hack, Brain Cipher ransomware, encrypted messaging, Cisco vulnerability, Veeam flaws, cybersecurity news, OT IoT risks, legacy systems security, ransomware threats, data breach
π https://hacklido.substack.com/p/cyberweekly-07-dec-issue-14
βοΈ Deloitte hack, Brain Cipher ransomware, encrypted messaging, Cisco vulnerability, Veeam flaws, cybersecurity news, OT IoT risks, legacy systems security, ransomware threats, data breach
π TryhackMe Advent of Cyber 2024 - Day 1
π https://hacklido.com/blog/955-tryhackme-advent-of-cyber-2024-day-1
π https://hacklido.com/blog/955-tryhackme-advent-of-cyber-2024-day-1
HACKLIDO
TryhackMe Advent of Cyber 2024 - Day 1
TryHackMe Advent of Cyber 2024 - Day 1: Maybe SOC-mas Music Doesnβt Come from a Store? π Welcome to the first day of the TryHackMe Advent of Cyber 2024! Ev...