Mustafa Adam Qamar El-Din’s Post

Cyber security is the right place to be to speak about: Continious improvement … Constantly faced to challenging attacks … and needs to be 100% ready and pro active to ensure protection..

Cybersecurity Day 7: Zero-Day Vulnerabilities —The Race Against Time Imagine a locked door to your house, and only you have the key. But one day, someone finds a secret way in—before you even realize the vulnerability exists. That’s a zero-day vulnerability in a nutshell. What Are Zero-Day Vulnerabilities? These are undiscovered weaknesses in software or systems that attackers exploit before developers have a chance to fix them. The term "zero-day" reflects the lack of warning or response time. How Are They Exploited? Hackers craft zero-day exploits to: Steal sensitive data. Install malware. Hijack systems entirely. These exploits often sell on the dark web for millions, making them a prized tool for cybercriminals and even state-sponsored actors. How Can You Stay Safe? Update, Update, Update: Enable automatic updates to stay ahead of potential fixes. Zero Trust Framework: Limit system access, assuming no one is inherently trustworthy. Threat Intelligence: Use tools like SIEM and XDR to detect suspicious activity early. Backup Strategy: Regularly back up your data—just in case. Fun Fact: Google’s Project Zero is a team of elite hackers dedicated to finding zero-day vulnerabilities before the bad guys do. What are your thoughts on zero-day attacks? Have you encountered one, or do you know someone who has? Let’s discuss! #CyberSecurity #ZeroDay #DataProtection #InfoSec #ThreatIntelligence #CyberAwareness #Technology #SecurityInnovation

How to Use Medusa for Fast, Multi-Protocol Brute-Force Attacks – Security Tutorial As a pentester (a fancy term for an ethical hacker), you will often attack systems the same way a malicious hacker does. But your goal will be to find weaknesses – so teams can work to address them. One such system is password-based authentication. B... Read mode on following blog post!

Google Mandiant analysts have identified a concerning increase in threat actors' skills to find and exploit zero-day vulnerabilities. In 2023, an astonishing 70.3% of the 138 vulnerabilities actively exploited were zero-days, marking a significant shift from the previous 4:6 ratio of n-days to zero-days to an alarming 3:7. 🚨 Moreover, the time taken to exploit these vulnerabilities has dropped to just 5 days, down from 63 days in 2018-2019. This emphasizes the urgency for organizations to implement strong security measures, such as network segmentation and real-time detection, to combat emerging threats. 🛡️ With 56 vendors impacted by actively exploited flaws in 2023, it’s clear that the threat landscape is evolving rapidly. Stay vigilant and prioritize urgent patching to protect your systems! 🔐 Read more 🔎>> Link in the comments  #Cybersecurity #ZeroDays #ThreatIntelligence #Google #VulnerabilityManagement 

Is sharing the tools you developed as an Offensive Security Professional Ethical? One way to showcase your expertise is to share your work online: → Tools you have been working one → PoC → Exploits you developed → Or any of your other crafts. That definitely will show people what you have been working on and what you are good at. However, there is one problem with sharing your tools in public: The Security community is not the only one you are helping. By making the tools public, you share it to help the community but it can also end in malicious hands. So I would say there is also an ethic issue here. A disclaimer stating that the tools are just for educational purpose only won’t be enough. I came across an interesting quote the other day: “When you pray, God is not the only one who is listening”. Same goes for the Offensive Security Tools you put up out there. You may have a good intention to help but that tool can definitely be used to cause harm to others by malicious people I am sure that many hackers, bug hunters, and security researchers don’t have malicious intent when they share their hard work. However, this is a double-edged sword. How does one share their work then: → You can showcase maybe results or part of the process you did to get the result. → a snippet or a functionality of the tool (not the entire tools) → invite only to access the research/tool → closed or private community → on-demand demo I have seen pretty good conferences and demo without giving up any source code. Just to showcase the work and what has been done. Thought on this?

🔥 𝗧𝗵𝗲 𝗗𝗮𝗿𝗸 𝗦𝗶𝗱𝗲 𝗼𝗳 𝗭𝗲𝗿𝗼-𝗗𝗮𝘆 𝗘𝘅𝗽𝗹𝗼𝗶𝘁𝘀 🔥 🚨 𝗪𝗵𝗮𝘁 𝗶𝘀 𝗮 𝗭𝗲𝗿𝗼-𝗗𝗮𝘆 𝗩𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝘆?  It’s a flaw in software or hardware that is discovered before the vendor knows about it, leaving millions of systems exposed until a patch is released. Hackers can exploit these vulnerabilities in real-time, with no defense in place until a fix is deployed. 𝙎𝙘𝙖𝙧𝙮, 𝙧𝙞𝙜𝙝𝙩? 💻 𝗪𝗵𝘆 𝗔𝗿𝗲 𝗧𝗵𝗲𝘆 𝗦𝗼 𝗗𝗮𝗻𝗴𝗲𝗿𝗼𝘂𝘀?  Zero-day exploits give hackers a head start before defenses can be built. They can infiltrate even the most secure environments, leading to catastrophic data breaches, system crashes, and total control over your network. 🔧 𝗛𝗼𝘄 𝗛𝗮𝗰𝗸𝗲𝗿𝘀 𝗗𝗲𝘃𝗲𝗹𝗼𝗽 𝗭𝗲𝗿𝗼-𝗗𝗮𝘆 𝗘𝘅𝗽𝗹𝗼𝗶𝘁𝘀 Advanced hackers reverse-engineer software to find hidden flaws or weaknesses.  These vulnerabilities are then packaged into weaponized exploits and sold on the dark web, sometimes for millions! 💡 𝗪𝗵𝗮𝘁 𝗖𝗮𝗻 𝗘𝘁𝗵𝗶𝗰𝗮𝗹 𝗛𝗮𝗰𝗸𝗲𝗿𝘀 𝗗𝗼?  Ethical hackers, or white-hat hackers, are on a mission to find these flaws before the bad guys do. 𝙐𝙨𝙞𝙣𝙜 𝙩𝙚𝙘𝙝𝙣𝙞𝙦𝙪𝙚𝙨 𝙡𝙞𝙠𝙚 𝙛𝙪𝙯𝙯𝙞𝙣𝙜, 𝙨𝙩𝙖𝙩𝙞𝙘 𝙖𝙣𝙖𝙡𝙮𝙨𝙞𝙨, 𝙖𝙣𝙙 𝙢𝙖𝙣𝙪𝙖𝙡 𝙘𝙤𝙙𝙚 𝙧𝙚𝙫𝙞𝙚𝙬, they identify and report vulnerabilities to software vendors to keep systems safe. 🔐 𝗦𝘁𝗮𝘆 𝗔𝗵𝗲𝗮𝗱 𝘄𝗶𝘁𝗵 𝗧𝗵𝗲𝘀𝗲 𝗦𝘁𝗲𝗽𝘀: • Regular Patching - Always update software and hardware to mitigate potential zero-days. • Bug Bounty Programs - Participate in or launch bug bounties to help identify vulnerabilities early. • Advanced Network Monitoring - Use AI-based detection systems to monitor unusual network behaviors. 𝗔𝗿𝗲 𝘆𝗼𝘂 𝗿𝗲𝗮𝗱𝘆 𝘁𝗼 𝘁𝗮𝗸𝗲 𝘆𝗼𝘂𝗿 𝗵𝗮𝗰𝗸𝗶𝗻𝗴 𝘀𝗸𝗶𝗹𝗹𝘀 𝘁𝗼 𝘁𝗵𝗲 𝗻𝗲𝘅𝘁 𝗹𝗲𝘃𝗲𝗹? Explore more about 𝙯𝙚𝙧𝙤-𝙙𝙖𝙮 𝙝𝙪𝙣𝙩𝙞𝙣𝙜 and how ethical hackers help protect the internet from unseen threats! #ZeroDayExploit #CyberSecurity #EthicalHacking #BugBounty #AdvancedHacking #CyberThreats

Offensive Security vs. Defensive Security I recently heard about the terms Offensive Security and Defensive Security. I started to search for the meaning of these terms, and I'd like to share what I've learned with those of you who are new to these topics. So, let's discuss each topic in a simple and clear manner. When it comes to security, there are two different approaches that organizations take: Offensive Security and Defensive Security. Defensive Security is all about protecting your systems and data from attacks. This involves measures like strengthening firewalls to block incoming threats, using encryption to secure data, and creating backups for worst-case scenarios. The goal of Defensive Security is to make it as difficult as possible for attackers to breach your defenses. Offensive Security, on the other hand, involves breaking into computer systems, exploiting software bugs, and finding loopholes in applications to gain unauthorized access. To beat a hacker, you need to think like a hacker, finding vulnerabilities and recommending patches before a cybercriminal does. Q&A Time Which of the following options better represents the process where you simulate a hacker's actions to find vulnerabilities in a system? Offensive Security Defensive Security What is your opinion, guys? Leave a comment below. #CyberSecurity#OffensiveSecurity#DefensiveSecurity#InfoSec#TechTalk#Learning

One of the best daily newsletters to stay on top of security. Short, sweet and to the point. https://lnkd.in/dutVjmtB Here is today's as an example. = Security observations = None in particular. = Vulnerabilities = [2024-11-12] FortiOS - SSLVPN session hijacking using SAML authentication - Fortinet disclosed a critical vulnerability (CVE-2023-50176, CVSS 7.1) in FortiOS SSLVPN on November 12, 2024. This flaw allows attackers to hijack active VPN sessions if the victim uses SAML authentication and interacts with a malicious link, potentially distributed via email. While no public exploits or active exploitation have been reported, Fortinet recommends immediate updates to secure devices. Affected versions are patched in FortiOS 7.4.4, 7.2.8, and 7.0.14, which have been available prior to the public disclosure. https://lnkd.in/daaBn4wU https://lnkd.in/dfEuxDkz [2024-11-14] Critical Vulnerabilities Disclosed in Rockwell FactoryTalk Updater: Mitigation Required -- Rockwell Automation has identified critical vulnerabilities in its FactoryTalk Updater software, including insecure storage of sensitive information (CVE-2024-10943, CVSS 9.1), improper input validation (CVE-2024-10944, CVSS 8.4), and flawed security checks allowing local privilege escalation (CVE-2024-10945, CVSS 7.3). Exploitation risks include authentication bypass, remote code execution, and local privilege escalation. Affected versions include FactoryTalk Updater-Web Client 4.00.00 and all versions of its Client and Agent. https://lnkd.in/dW9HyU9F [2024-11-14] CISA warns of more Palo Alto Networks vulnerabilities exploited in the wild -- The Cybersecurity and Infrastructure Security Agency (CISA) added two vulnerabilities related to Palo Alto Networks Expedition to its Known Exploited Vulnerabilities Catalog: CVE-2024-9463 (OS Command Injection) and CVE-2024-9465 (SQL Injection). The vulnerability potentially allows attackers to access sensitive data like usernames, passwords, and firewall configurations. The issues are resolved in Expedition version 1.2.96 or later. Organizations are advised to update, restrict network access, and rotate credentials to mitigate risks. Further guidance is available from CISA and Palo Alto Networks. https://lnkd.in/djyghzV9 [2024-11-14] Active exploitation of previously reported Palo Alto Management Interface vulnerability -- Palo Alto Networks report that the previously published (see mnemonic daily newsletter 11th of November) PAN-OS RCE vulnerability now has been observed exploited in the wild. As previously, recommendations are to ensure management interface access is correctly configured according to best practices and only accessible from trusted internal IPs. https://lnkd.in/dT9V6USC

How quickly should vulnerabilities be remediated? 48 hours? 14 days? 31 days? What's the risk of not remediating vulnerabilities fast enough? Google has recently released their latest Time to Exploit (TTE) Trends Report (https://lnkd.in/gB6nxjjD). The report details Mandiant's analysis of 138 vulnerabilities that were disclosed in 2023. Whilst this information could be considered old (analysing the exploitation of vulnerabilities from potentially over 20 months ago), trends can be extrapolated and we can draw conclusions of what is likely happening today. My key takeaway from this is that the TTE for new vulnerabilities has dropped dramatically from 32 days to 5 days. This is partially because adversaries are getting better at developing exploits for known vulnerabilities, but also because of an increase in adversaries exploiting 0days. To reduce this risk, its important to implement automated patch management. Which I know is a thing that is easier said than done. It's almost near on impossible to implement automated patch management for all of your applications and operating systems, therefore implement it in prioritised areas (assets exposed to the internet, browsers, office productivity suites, etc). Additionally, implementing compensating controls to add additional barriers for exploitation or which identify a successful exploitation are another recommendation. This could include things like endpoint protection, web application firewalls for web applications or endpoint protection and application control to reduce the chance that malicious code is able to run after a successful exploitation. Time is of the essence, and these strategies can make all the difference in staying one step ahead of attackers. #CyberSecurity #CloudSecurity #ThreatIntelligence #PatchManagement #GoogleCloud

🔥 𝗧𝗵𝗲 𝗗𝗮𝗿𝗸 𝗦𝗶𝗱𝗲 𝗼𝗳 𝗭𝗲𝗿𝗼-𝗗𝗮𝘆 𝗘𝘅𝗽𝗹𝗼𝗶𝘁𝘀 🔥 🚨 𝗪𝗵𝗮𝘁 𝗶𝘀 𝗮 𝗭𝗲𝗿𝗼-𝗗𝗮𝘆 𝗩𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝘆?  It’s a flaw in software or hardware that is discovered before the vendor knows about it, leaving millions of systems exposed until a patch is released. Hackers can exploit these vulnerabilities in real-time, with no defense in place until a fix is deployed. 𝙎𝙘𝙖𝙧𝙮, 𝙧𝙞𝙜𝙝𝙩? 💻 𝗪𝗵𝘆 𝗔𝗿𝗲 𝗧𝗵𝗲𝘆 𝗦𝗼 𝗗𝗮𝗻𝗴𝗲𝗿𝗼𝘂𝘀?  Zero-day exploits give hackers a head start before defenses can be built. They can infiltrate even the most secure environments, leading to catastrophic data breaches, system crashes, and total control over your network. 🔧 𝗛𝗼𝘄 𝗛𝗮𝗰𝗸𝗲𝗿𝘀 𝗗𝗲𝘃𝗲𝗹𝗼𝗽 𝗭𝗲𝗿𝗼-𝗗𝗮𝘆 𝗘𝘅𝗽𝗹𝗼𝗶𝘁𝘀 Advanced hackers reverse-engineer software to find hidden flaws or weaknesses.  These vulnerabilities are then packaged into weaponized exploits and sold on the dark web, sometimes for millions! 💡 𝗪𝗵𝗮𝘁 𝗖𝗮𝗻 𝗘𝘁𝗵𝗶𝗰𝗮𝗹 𝗛𝗮𝗰𝗸𝗲𝗿𝘀 𝗗𝗼?  Ethical hackers, or white-hat hackers, are on a mission to find these flaws before the bad guys do. 𝙐𝙨𝙞𝙣𝙜 𝙩𝙚𝙘𝙝𝙣𝙞𝙦𝙪𝙚𝙨 𝙡𝙞𝙠𝙚 𝙛𝙪𝙯𝙯𝙞𝙣𝙜, 𝙨𝙩𝙖𝙩𝙞𝙘 𝙖𝙣𝙖𝙡𝙮𝙨𝙞𝙨, 𝙖𝙣𝙙 𝙢𝙖𝙣𝙪𝙖𝙡 𝙘𝙤𝙙𝙚 𝙧𝙚𝙫𝙞𝙚𝙬, they identify and report vulnerabilities to software vendors to keep systems safe. 🔐 𝗦𝘁𝗮𝘆 𝗔𝗵𝗲𝗮𝗱 𝘄𝗶𝘁𝗵 𝗧𝗵𝗲𝘀𝗲 𝗦𝘁𝗲𝗽𝘀: • Regular Patching - Always update software and hardware to mitigate potential zero-days. • Bug Bounty Programs - Participate in or launch bug bounties to help identify vulnerabilities early. • Advanced Network Monitoring - Use AI-based detection systems to monitor unusual network behaviors. 𝗔𝗿𝗲 𝘆𝗼𝘂 𝗿𝗲𝗮𝗱𝘆 𝘁𝗼 𝘁𝗮𝗸𝗲 𝘆𝗼𝘂𝗿 𝗵𝗮𝗰𝗸𝗶𝗻𝗴 𝘀𝗸𝗶𝗹𝗹𝘀 𝘁𝗼 𝘁𝗵𝗲 𝗻𝗲𝘅𝘁 𝗹𝗲𝘃𝗲𝗹? Explore more about 𝙯𝙚𝙧𝙤-𝙙𝙖𝙮 𝙝𝙪𝙣𝙩𝙞𝙣𝙜 and how ethical hackers help protect the internet from unseen threats! #ZeroDayExploit #CyberSecurity #EthicalHacking #BugBounty #AdvancedHacking #CyberThreats