Our Principal Software Engineer, Jonathan Erb, recently dove deep into an innovative R&D project aimed at enhancing threatER's automated threat intelligence enforcement platform. While we're proud of our ability to block all known threats using extensive threat intelligence, the journey behind the scenes is equally fascinating. He tackled a complex challenge: creating a packet inspection framework for Linux that operates transparently and efficiently, without disrupting existing network configurations. Through extensive research, he discovered that leveraging eBPF and Netfilter could be the key to achieving this goal. Check out his blog post to learn more about his process and what he was able to solve that strengthened threatER's platform and further secured our customers. Read the full post in the first comment below. #Cybersecurity #Innovation #threatER #ResearchAndDevelopment #NetworkSecurity
threatER的动态
最相关的动态
-
In the face of #Canada’s proposed ban on Flipper Zero, we stand with the security and pen-testing communities in addressing the root cause of vulnerabilities, not the tools that expose them. Flipper Zero is a powerful device for good, shining a light on outdated systems that need urgent updates. Allthenticate has proudly supported the community by giving away Flipper Zeros in the past, and we understand the importance of such tools in advancing security research and education. We encourage a deeper dialogue to ensure that measures taken truly enhance security and innovation. Let's not stifle progress by banning the very tools that help make technology safer for everyone. Read more about Flipper’s response via BleepingComputer here: https://lnkd.in/g-crxQQG #SecurityResearch #FlipperZero #InnovationNotBan #AllthenticateSupports
-
-
Researchers from the Graz University of Technology have discovered a cross-cache attack named SLUBStick, which boasts a 99% success rate in converting limited heap vulnerabilities into arbitrary memory read-and-write capabilities. . Demonstrated on Linux kernel versions 5.9 and 6.2, SLUBStick works with modern kernel defenses like SMEP, SMAP, and KASLR active. . The attack exploits heap vulnerabilities to manipulate memory allocation and utilizes a timing side channel for precise memory chunk control. . This allows privilege escalation and container escapes even with state-of-the-art defenses. ---- Details of the attack will be presented at the Usenix Security Symposium, with the technical paper available for further insights at https://lnkd.in/gzTGv88u . . . . #avmconsulting #LinuxKernel #SLUBStick #CyberSecurity #Vulnerability #PrivilegeEscalation #ContainerEscape #KernelSecurity #HeapExploitation #TechResearch #CyberAttack #SecurityConference #UsenixSecurity #SMEP #SMAP #KASLR #MemoryManagement #TechNews #GrazUniversity #LinuxSecurity #Infosec
-
-
Researchers from the Graz University of Technology have discovered a cross-cache attack named SLUBStick, which boasts a 99% success rate in converting limited heap vulnerabilities into arbitrary memory read-and-write capabilities. . Demonstrated on Linux kernel versions 5.9 and 6.2, SLUBStick works with modern kernel defenses like SMEP, SMAP, and KASLR active. . The attack exploits heap vulnerabilities to manipulate memory allocation and utilizes a timing side channel for precise memory chunk control. . This allows privilege escalation and container escapes even with state-of-the-art defenses. ---- Details of the attack will be presented at the Usenix Security Symposium, with the technical paper available for further insights at https://lnkd.in/gVcwBsgk . . . . #avmconsulting #LinuxKernel #SLUBStick #CyberSecurity #Vulnerability #PrivilegeEscalation #ContainerEscape #KernelSecurity #HeapExploitation #TechResearch #CyberAttack #SecurityConference #UsenixSecurity #SMEP #SMAP #KASLR #MemoryManagement #TechNews #GrazUniversity #LinuxSecurity #Infosec
-
-
Do you know that a single piece of code shook the internet? The Morris Worm, released on November 2, 1988, was one of the first worms to spread across the internet, bringing thousands of computers to a standstill. It was created by Robert Tappan Morris, a graduate student at Cornell University, this worm was intended as an experiment to understand the size of the internet. However, a bug in its code caused it to replicate uncontrollably, leading to widespread disruption. #cybersecurity #techhistory #Morrisworm #techfacts #Trycle #accessiblelearning #empoweryouth #EducationToEmployment #RuralEmpowerment #SemiUrbanOpportunities #TalentRecruitment #EducationInclusion #skilldevelopment #Technicaleducation
-
CTO @ ATOMOS. Video technology, leadership, emerging tech, innovation, pragmatic software engineering, machine learning, computer vision
Recent attempts to introduce malicious backdoors via social engineering attacks on low level open source packages are all the more scary when you consider the classic xkcd comic. Something most would consider esoteric (eg an xz compression library) can be a dependency of hundreds of projects & transitively into many more and ultimately be a massive security issue. https://lnkd.in/ecKYEvux #opensource #security
-
-
Researcher(Cyber Security) at IIT Bombay | Ex-Intern @NCIIPC (NTRO) | Ex-NCC Cadet | FOSS Enthusiast
Understanding DKOM and Rootkits (I tried to explain in layman's terms) The concept behind DKOM (Direct Kernel Object Manipulation) is to directly modify the objects that the operating system (OS) kernel uses for system maintenance and bookkeeping. In the kernel, there are structures that hold data, such as the list of running processes. In the kernel, running processes are managed using a doubly linked listdefined by EPROCESS blocks. Each EPROCESS block has two pointers: NEXT and BACK. These pointers link the processes in a sequence. When a rootkit is running, it will have its own EPROCESS block. The rootkit can modify the NEXT and BACK pointers of this block, effectively altering its position in the list. By doing so, the rootkit can hide its presence. For instance, in the Task Manager, you won't see the rootkit process, as the entire system will be unaware of it. This manipulation allows rootkits to hide processes, drivers, network ports, and more. #CyberSecurity #MalwareAnalysis #DKOM #Rootkits #KernelSecurity #DigitalForensics #SystemSecurity #ProcessHiding
-
-
?? Day 8: Cracking Open the Vault - Conquering "0day" CTF with Shellshock and Dirty COW! ?????? Today's exploration of the "0day" CTF was a masterclass in leveraging timeless vulnerabilities to breach the fortress. ?? Nmap painted a canvas with just two strokes ports 80 and 22. Undeterred, Nikto uncovered a hidden directory concealing the coveted vulnerability, Shellshock (CVE-2014-6271). ???? Exploiting Shellshock, I orchestrated a symphony leading to a harmonious reverse shell, securing initial access. As I delved deeper, Linpeas emerged as the trusted ally, automating the search for privilege escalation opportunities. The verdict: an aging Linux version susceptible to the infamous Dirty COW (CVE-2016-5195). ?? The Dirty COW payload was unleashed, orchestrating an elegant dance that granted root privileges—the key to the kingdom #CTF #Cybersecurity #EthicalHacking #InfoSec #Shellshock #DirtyCOW #LearningJourney #ResponsibleHacking
-
-
#TechNews ?? Ubuntu 'command-not-found' Tool Could Trick Users into Installing Rogue Packages Cybersecurity researchers have found that it's possible for threat actors to exploit a well-known utility called command-not-found to recommend their own rogue packages and compromise systems running Ubuntu operating system. TECPACT TECHNOLOGY IMPACT - Tecpact provides Smart, cutting-edge IT technology solutions for organizations of all sizes. From developing unique strategies to delivering the products, services and expertise, we help businesses run more efficiently and adopt solutions for future. ? Learn More For any query : ??[email protected] ?? www.tecpact.com.np #Tecpact #TecpactTechnologyImpact #ITtechnologySolutions #Licensing #ITSecurity #CloudAndDCsolutions #TechnologyServices #AnnualMaintenanceContract #FacilityManagementServices #OnDemandServices #troubleshooting #deploymentservices #design #installationservices #serviceprovider #ITcompany
-
-
Cyber Security | Aspiring Penetration Tester | Learner | IT Support Professional | Ethical Hacker
Hacking: The Art of Exploitation by JonErickson Being able to reduce the number of punchcards needed for a program showed an artistic mastery over the computer, which was admired and appreciated by those who understood it. Analogously, a block of wood might solve the problem of supporting a vase, but a nicely crafted table built using refined techniques sure looks a lot better. The early hackers were transforming programming from an engineering task into an art form, which, like many forms of art, could only be appreciated by those who got it and would be misunderstood by those who didn't. #cybersecurity #ethicalhacking #infosec #penetrationtest #ITsecurity #pratikdhabi #wscubetech
-
-
The NVD is Back... ish?#cybersecurity The National Vulnerability Database (NVD) is alive again, folks! But hold the champagne corks - it's more like a shambling zombie than a superhero. ?? Here's the deal: Funding's back, a contractor's on board, but don't expect a complete overhaul. We're talking "back to normal" by September, which sounds suspiciously like...well, normal. What does this mean for you? Keep patching those vulnerabilities, because the NVD's still catching its breath. Multiple vulnerability intel sources are still your best bet. Anyone else hoping for a NVD 2.0? Let's discuss in the comments! https://lnkd.in/dmF5V_Em #NVD #CVEs #OpenSource
-
https://www.threater.com/blog/transparent-packet-inspection-with-netfilter-and-ebpf/