Alireza Gharib Blog Security, Linux, and DevOps

January 9, 2025

How to Defend Against the Three Most Dangerous Cybersecurity Attacks

There are a lot of different hacking techniques to be aware of. At the time of publication, the MITRE ATT&CK framework identified some 236 hacking techniques across 14 different categories. Luckily, you don’t need to understand all these tactics to stay safe. Many are close variations of the same basic approach. The best cybersecurity tools…

#attack, #go, #hack, #tech, #un
January 9, 2025

Securing AWS Lambda | How Misconfigurations Can Lead to Lateral Movement

Learn how several misconfigurations and user-defined code issues in AWS Lambda could lead to potential credential theft and lateral movement. As serverless computing continues to revolutionize the cloud landscape, AWS Lambda has emerged as a pivotal service, offering a Function-as-a-Service (FaaS) model that allows developers to focus solely on code while AWS manages the underlying…

#attack, #author, #ict, #malicious, #secure
January 9, 2025

Why security teams rely on Microsoft Defender Experts for XDR for managed detection and response

The expanding attack surface is creating more opportunities for exploitation and adding to the pressure on security leaders and teams. Increasingly, organizations are investing in managed detection and response services (MDR) to bolster their security operations center (SOC) and meet the challenge. Demand is growing rapidly: according to Frost & Sullivan, the market for MDR…

#attack, #azure, #cyberattack, #linkedin, #tech
January 9, 2025

LABScon24 Replay | The Ransomware Trust Paradox

Max Smeets explores how ransomware groups leverage public reporting and why we must disrupt the trust dynamic between threat actors and victims. In his Keynote talk at LABScon 24, Max Smeets explores how ransomware operators build a unique relationship between themselves and their victims. In contrast to most other threat actors, ransomware operators rely on…

#attack, #author, #ict, #military, #national-security
January 9, 2025

LABScon24 Replay | Let Them Eat Cake: “Secure by Upgrade” Software is a National Security Threat

Kymberlee Price reveals the technical chaos facing SMBs as they struggle with solutions aimed at bigger fish in the face of expanding crimeware. Ransomware is doing more to change the security landscape than the last 20 years of Secure Development Lifecycle, DevSecOps, Zero Days, Breaches, or any corporate memo. Pair this with predatory pricing models…

#author, #bug, #ict, #investigation, #tech
January 9, 2025

Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels

Threat actors abused Visual Studio Code and Microsoft Azure infrastructure to target large business-to-business IT service providers in Southern Europe. Executive Summary From late June to mid-July 2024, a suspected China-nexus threat actor targeted large business-to-business IT service providers in Southern Europe, an activity cluster that we dubbed ‘Operation Digital Eye’. The intrusions could have…

#author, #browser, #tech
January 9, 2025

38C3: It’s TOSLINK, Over Long Distance Fibre

If you’ve owned a CD player or other piece of consumer digital audio gear manufactured since the 1980s, the chances are it has a TOSLINK port on the back. This is a fairly simple interface that sends I2S digital audio data down a short length of optical fibre, and it’s designed to run between something…

#data, #tech, #ui, #un
January 9, 2025

FLOSS Weekly Episode 815: You Win Some, You Lose Some

This week, Jonathan Bennett and Randal chat with Matija Šuklje about Open Source and the Law! How do Open Source projects handle liability, what should a Contributor License Agreement (CLA) look like, and where can an individual or project turn for legal help? https://matija.suklje.name/ https://openchainproject.org https://matija.suklje.name/fiduciary-license-agreement-20 Did you know you can watch the live recording…

#tech, #un
January 9, 2025

LABScon24 Replay | PKfail: Supply-Chain Failures in Secure Boot Key Management

Binarly’s Alex Matrosov and Fabio Pagani present PKfail, a firmware supply-chain security issue affecting major device vendors and hundreds of device models. Modern computing heavily relies on establishing and maintaining trust, which begins with trusted foundations and extends through operating systems and applications in a chain-like manner. This ensures that end users can confidently rely…

#attack, #author, #bypass, #secure, #tech
January 9, 2025

Running AI Locally Without Spending All Day on Setup

There are many AI models out there that you can play with from companies like OpenAI, Google, and a host of others. But when you use them, you get the experience they want, and you run it on their computer. There are a variety of reasons you might not like this. You may not want…

#data, #hack, #remote, #un, #windows