Artificial Intelligence and its impact on Cybersecurity. We’ll uncover AI’s potential to both revolutionize our cybersecurity defenses but also the associated risks it introduces. By the end, you’ll have a clearer grasp of how to harness AI’s power while mitigating its dangers.
AI is a broad field that covers a range of technologies, from machine learning to natural language processing. AI systems can analyze large amounts of data and make decisions based on that data. They can also learn from their mistakes and improve over time.
Cybersecurity isn’t just about technology – it’s fundamentally a battle of mindsets. The way we approach challenges shapes our strategies and determines our chances of success in this constantly shifting landscape. Two distinct mindsets dominate: the finite mindset and the infinite mindset.
Sosyal Mühendislik ve Siber Güvenlik Stratejileri 2024’ü cok guzel bir etkinlik ve sunum ile bitirdik izlemek icin 🙂 Sosyal mühendislik nedir ? Sosyal mühendislik, psikolojik manipülasyon kullanarak kullanıcıları güvenlik hataları yapmaları veya hassas bilgileri vermeleri için kandırmak için kullanılan bir terimdir. Saldırganlar, güven, stres ve açgözlülük gibi doğal duyguları kullanarak dikkatinizi dağıtmak ve sağlıklı düşünmenizi […]
Holistic Cybersecurity Strategy : Free Video Here is the recording from the webinar which was deleivered by EC Cuncil and EC Council University Holistic Cybersecurity Strategy : Integrating Pen Testing and Forensics for CISOs’ Decision-Making As threat landscapes evolve, holistic security strategies are essential for modern organizations to protect their data and business. At the core of […]
The world of cybersecurity is rapidly changing, and it’s important for the industry to accurately forecast the trends of the future in order to stay ahead of evolving threats in the new year. Predicting the future might seem hard and inaccurate but not Cybersecurity. Grab your drink and watch this session to have a more secure year 🙂
Cybersecurity Predictions for 2023 based on Hacking Trends of 2022 …
Hacking Trends of 2022
So, what happened last year, in summary :
Cyber Attack on Australia’s largest telco’s Telstra, Optus (and even TPG – Vodaphone)
Australia telecoms giant Optus said current and former customer data was accessed following a cyberattack on its systems. The telco giants have confirmed the attacks, about 1.2 million Optus customers were compromised. The breach affected 10 million customers, equivalent to around 40% of Australia’s population, attracted harsh criticism from the government.
The other giant Telstra were also “breached” and more then 30.000 employee details has been shared in a Hacking Forum 🙁 You can read more about it here
NewsCorp hit with cyberattack, allegedly from China
NewsCorp confirmed that their data was taken by a foreign government. Mandient is alleging China is involved. Read more about this incident here
Cash App data breach
More than 8 million users of the mobile payment application CashApp have been impacted by a data breach, according to a filing through the U.S. Securities and Exchange Commission by parent company Block Inc. Based on the filling those details has been breached : full names and brokerage account numbers as well as stock activity on Cash App .
Binance , bitcoin stolen in ‘large scale’ hack
Cryptocurrency exchange Binance has confirmed a “large scale” data breach, In a statement, the company said hackers stole API keys, two-factor codes and other information in the attack.
“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time,” the statement read. “The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed.”
“Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that,” the statement said. You can read the statement here
PressReader Suffers Cyber-Attack
World’s largest digital newspaper and magazine distributor Pressreader were a victim of a cyber breach too. Here is a summary of their statement
“Our security teams have now classified this as a cyber security incident. This situation comes as companies across North America have seen an increase in security incidents over the past several weeks.” You can read the full statement here
Samsung confirms data breach, personal customer data stolen
Samsung has confirmed it suffered a data breach which led to the personal information of customers being leaked online, In a blog post. Samsung shared that added that an “unauthorized third party” had acquired information from some of Samsung’s US systems, including names, contact information, dates of birth and product registration details. However, no credit card numbers, or social security numbers were breached. You can read the full blog post here
Uber CISO has been arrested over failure of disclose a cyber breach
Uber’s former security chief has been found guilty of not disclosing a data breach at the ridesharing giant, in what is believed to be the first time a company executive has been charged over a hack. Joe Sullivan, the former security lead at Uber, guilty on two counts in relation to the covering up of a breach of customer data in 2016.
US govt: Iranian hackers breached federal agency using Log4Shell exploit
The FBI and CISA revealed in a joint advisory published today that an unnamed Iranian-backed threat group hacked a Federal Civilian Executive Branch (FCEB) organization to deploy XMRig cryptomining malware. The attackers compromised the federal network after hacking into an unpatched VMware Horizon server using an exploit targeting the Log4Shell (CVE-2021-44228) remote code execution vulnerability. Read the details in Bleeping Computer’s web site
The North Face Credential Stuffing Attack Compromises 200,000 Accounts
The North Face suffered a credential stuffing attack that compromised over 194,905 accounts. The North Face sent out data breach notification letters and initiated password resets for impacted accounts, according to Bleeping Computer. You can read the details here
Microsoft Confirms Server Misconfiguration Led to 65,000+ Companies’ Data Leak
“This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services,” Microsoft it in this alert.
Cisco Hacked: Ransomware Gang Claims It Has 2.8GB Of Data
Cisco confirms hacking as Yanluowang ransomware group publishes a partial list of files it claims to have exfiltrated.
Okta Cyber Attack: Another Major Supply Chain Incident
On March 21st, 2022, the digital extortion group Lapsus$ claimed it had gained access to an administrative account for Okta, the identity management platform. According to Okta, thousands of organizations worldwide use its identity management platform to manage employee access to applications or devices. A breach of Okta’s systems represents a significant risk to Okta’s customers and the broader supply chain.
What is Spring4Shell?
Spring4Shell is a vulnerability in VMWare’s Spring Core Java framework – an open-source platform for developing Java applications. Spring is a highly-popular framework with 60% of Java developers depending on it for the production of their applications. Because of the framework’s dominance in the Java ecosystem, many applications could potentially be impacted by the Spring4Shell zero-day. In comparison, the Log4J framework is used by almost all Java-based web apps and cloud services, so though Spring4Shell is categorized as a critical vulnerability, it’s still significantly less dangerous than Log4Shell. The Spring4Shell vulnerability is being tracked as CVE-2022-22965.
Microsoft Digital Defense Report 2022
“Attackers are adapting and finding new ways to implement their techniques, increasing the complexity of how and where they host campaign operation infrastructure.”. Download the report here
Cyber Attacks Per Minute
Password Attacks 34.740
IoT Based Attacks 1.902
DDoS Attacks 1.095
Phishing Attacks 7
Malware Treats 18.265
Brute Force Authentication Attacks 48.706
SQL Injection Attacks 1 per 2 minutes
New threat detection 1 per 35 minutes
Supply Chain Attacks 1 every 35 minutes
Ransomware Attacks 1 Every 195 minutes
Cost of Cybersecurity Per Minute
Worldwide economic impact $1,141,553
Global cybersecurity spends $ 285,388
E-commerce payment fraud loss $38,052
Global ransomware damages $38,051
Amount lost to cryptocurrency cost $4,566
Average cost of breach $8
Average cost of a malware attack $5
Cybersecurity Highlights from 2022
There have been more than 6.3 billion attack attempts
White hat hackers earned over $19 million in bounties
You can purchase a consumer account for
Hackers create 400,000 new pieces of malware daily
$1 on the dark market
Phishing attacks make up over 80% of reported security activities.
Russian hackers can infiltrate a computer network in 18 minutes.
More than 6,000 online criminal marketplaces sell ransomware products and services.
Predictions for 2023
Web Application and API Attacks will rise
Ransomware business models will continue to evolve
Misconfiguration attacks will not go away
Supply Chain attacks will be increased
Data privacy laws are getting more strict
Cloud Attacks will not decrease
Social Engineering is also not going anywhere
APIs will cause Unforeseen Breaches
Hackers will find a way to breach MFA
Firmware attacks will be even more popular
Summary of Cyber Recommendations for 2023
Adopt Assume Breach mentality
Implement Defense in Depth
Adopt Zero Trust
Utilize AI
Build a better Cyber Reslince Program
Think like a hacker
DevSecOps will become business-critical
Use EDR where possible if not use Open EDR
Invest in Cyber Threat Intelligence
Adopt a Vulnerability management which is risk-based
This post will be in Turkish about our new “Social Engineering ” book 🙂
Türkiye Siber Güvenlik Kümelenmesi olarak bu yıl üçüncüsü düzenlen Siber Güvenlik Haftasında Sosyal Mühendislik kitabımiz ve DIFOSE hakkinda sohbet ettik, begenmeniz dileklerimizle.
Sosyal Mühendislik
Sosyal Mühendislik İnternet ve Telefon Dolandırıcılığı
Meslekleri, görevleri ve eğitimleri gereği siber güvenlik, siber saldırı ve karşı tedbirleri konularında uzman olan 3 yazarın kaleme aldığı bu eser, yazarların daha önce karşılaştıkları sorunların çözümlerinden, kendilerine gelen sorulardan ve mesleki tecrübelerinden oluşmaktadır.
Gelişen teknoloji, yaygınlaşan internet kullanımı ve haberleşme yöntemleri ile kişiler hakkında bilgi edinmek ve bu bilgileri kötüye kullanmak artık çok daha kolay bir hale gelmiştir.
Kitapta, teknolojinin sağladığı imkânları kullanarak insanları kandırmak suretiyle özel veya gizli bir bilgi, para veya başka değerli metaları haksız yere elde edenler, sosyal mühendisler ve kullandıkları teknik, taktik ve yöntemler bütün yönleriyle ele alınmıştır.
Bu kapsamda, sosyal mühendislik kavramı içerisinde yer alan tanımlamalar ve sınıflandırmalar yaşanmış örneklerle açıklanarak genel resim ortaya konulmuş, ardından bu tuzaklara düşmemizin arkasında yatan psikolojik hususlar, duygusal zekâ, beden dili ve feraset ilmi anlatılmıştır.
Kavramsal bilgilendirmeyi tamamladıktan sonra, kendimizi dolandırıcının yerine koyarak bir sosyal mühendislik saldırısı incelemeci ve öğretici bir yaklaşımla ele alınmış, açık kaynak istihbarat toplama yöntemleri, saldırıda kullanılacak bilgisayar ve diğer araçların hazırlanması, internet üzerinde bıraktığımız izler, dark net dahil internetin tüm katmanları açıklanmış ve son aşamada örnek iki sosyal mühendislik saldırı adım adım anlatılmıştır.
Bilişim teknolojisinin kullanıldığı dolandırıcılık yöntemi olan “Sosyal Mühendislik” konusu Türkiye’de ilk defa bu derecede, “geniş, detaylı ve örnekli” olarak, konun uzmanları tarafından bu kitapta anlatılmıştır.
Sosyal Mühendislik İnternet ve Telefon Dolandırıcılığı
Kitabın Konu Başlıkları
Sosyal Mühendisliğe Giriş
Sosyal Mühendislik Saldırısı Aşamaları
Bilgisayar Temelli Sosyal Mühendislik Saldırıları
Telefon Temelli Sosyal Mühendislik Saldırıları
İnsan Temelli Sosyal Mühendislik Saldırıları
İnternet – Sosyal Medya Temelli Sosyal Mühendislik Saldırıları
Endpoint detection and response or EDR solution is an endpoint security solution that monitors end-user devices to detect and respond to cyber threats, it also records and stores endpoint-system-level behaviors (logs), uses various data analytics techniques to block malicious activities and provides remediation suggestions to restore affected systems to a clean state.
EDR is essential in securing end points, but unfortunately, it’s not cheap. So, what if I tell you that EDR is now free via OpenEDR via Open-Source community.
And I am proud to announce that I have teamed up with Valentine Sirghie to create a Free Open EDR training, and certification which will award you with a Certificate.
What will you learn?
OpenEDR Fundamentals training course has 5 modules and a final exam, and the Duration is 1 hour 29 minutes
Module 0 – Welcome to OpenEDR Fundamentals Training
Module 1 – Cyber Landscape
Module 2 – EDR Fundamentals
Module 3 – Introduction to OpenEDR
Module 4 – Account Creation and Agent
Certification Exam
We’ve worked together with the OpenEDR community to bring you a world-class learning experience. At the end of the course, please complete an evaluation of today’s experience. We value your feedback! Please contact us with any additional requests for additional training or exam keys.After completing the course, you will be able to answer the below questions:
What is the current Cybersecurity landscape? What is EDR vs antivirus? The difference between Open Source EDR and Full EDR and much more…
How to complete certificate curriculum?
To acquire the OpenEDR certificate, please complete the following steps:
Log into Xcitium Academy and access the OpenEDR Fundamentals Training curriculum
If you do not have an Xcitium Academy account, click on create new account and enter your information
Complete each of the five (5) courses in the OpenEDR Fundamentals Training curriculum and successfully complete each exam in the individual courses
Once all course exams have been completed, successfully complete the OpenEDR certificate exam at the end of the curriculum
To access your new certificate, go to Training & My Achievements in the academy and click on the OpenEDR Fundamentals Training completion. This will open up a PDF copy of your certificate for printing.
OpenEDR is an Open-Source initiative started by Xcitium
We at Xcitium believe in creating an open-source cybersecurity platform where products and services can be provisioned and managed together. EDR is our starting point. Open EDR is a full blown EDR capability. It is one of the most sophisticated, effective EDR code base in the world and with the community’s help it will become even better. The Open EDR consists of the following components:
Core Library: the basic framework.
Service: service application.
Process Monitoring: components for per-process monitoring.
System Monitor: the genetic container for different kernel-mode components.
File-System Mini-Filter: the kernel component that hooks I/O requests file system.
Network Monitor: monitors processes creation/deletion using system callbacks
Low-Level Registry Monitoring Component: monitors registry access using system callbacks
Self-Protection Provider: prevents EDR components and configuration from unauthorized changes
Low-Level Process Monitoring Component: network filter for monitoring the network activity
Join the Open EDR Community
Enroll to the online forums via visiting https://www.openedr.com/
Have questions about our Open EDR open-source code? Join our open community! The community allows members to ask and respond to questions, interact with other users, and review topics related to Open EDR.
Do you want to learn the key secrets of Breach Detection? Then this free video is right for you:
Hackers will never stop their attack attempts, and organizations must be aware they could be breached any second! So, tune into this presentation to discover:
• How to best prepare against those attacks?
• What tools to leverage?
• How can your security team detect even the latest, more sophisticated foes and, most importantly, how can you respond to their attacks?
Join Dr. Erdal, corporate CISO at Comodo and president of the Global CISO Forum, to learn how you can master your breach detection learning from real-life examples.
Embrace Digital Transformation Why Dynamic Businesses Should Embrace Digital Transformation There is no “one-size-fits-all” transformation manual when it comes to changing the way we do business, and never will be. In this dynamically changing environment, hybrid multicloud architectures offer flexibility and scalability, and an answer to the challenges faced by evolving IT infrastructures in companies […]
Free Cybersecurity Training If you are student or someone with a limited budget, finding the extra money for training can be challenging. In this post I will share some of my trainings with you , which I believe it will help you Don’t forget the bookmark this page as I will continue to update is […]