#cyberaware — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #cyberaware, aggregated by home.social.
-
CW: Human+AI
It is a sinking feeling when friends tell you they are getting spam from your address. If you have a hacked email account, check your Sent folder to see if it is a real breach or just spoofing. If it is a hack, change your password and turn on two factor authentication immediately. Stay safe out there. https://gwizit.com/go/BNZ2ZGp
#EmailSecurity #CyberAware #TechTips
Discover more: https://gwizit.com/go/BNZ2ZGp
-
🎨 Hackear es un arte y defender es una ciencia. Domina ambos con el Curso de OWASP Top 10 🔬 Sábados 18 y 25 de abril 2026. De 9 am a 12 pm. (UTC -05:00) 📲 WhatsApp: https://wa.me/51949304030 🤖 https://www.reydes.com/archivos/cursos/Curso_OWASP_Top_10.pdf #zeroday #ddos #databreach #cyberattack #cyberaware #cybersecurityawareness #owasp -
🎨 Hackear es un arte y defender es una ciencia. Domina ambos con el Curso de OWASP Top 10 🔬 Sábados 18 y 25 de abril 2026. De 9 am a 12 pm. (UTC -05:00) 📲 WhatsApp: https://wa.me/51949304030 🤖 https://www.reydes.com/archivos/cursos/Curso_OWASP_Top_10.pdf #zeroday #ddos #databreach #cyberattack #cyberaware #cybersecurityawareness #owasp -
🎨 Hackear es un arte y defender es una ciencia. Domina ambos con el Curso de OWASP Top 10 🔬 Sábados 18 y 25 de abril 2026. De 9 am a 12 pm. (UTC -05:00) 📲 WhatsApp: https://wa.me/51949304030 🤖 https://www.reydes.com/archivos/cursos/Curso_OWASP_Top_10.pdf #zeroday #ddos #databreach #cyberattack #cyberaware #cybersecurityawareness #owasp -
🎨 Hackear es un arte y defender es una ciencia. Domina ambos con el Curso de OWASP Top 10 🔬 Sábados 18 y 25 de abril 2026. De 9 am a 12 pm. (UTC -05:00) 📲 WhatsApp: https://wa.me/51949304030 🤖 https://www.reydes.com/archivos/cursos/Curso_OWASP_Top_10.pdf #zeroday #ddos #databreach #cyberattack #cyberaware #cybersecurityawareness #owasp -
🛡️ El Curso de Hacking Ético está permanente disponible en el aula virtual para acceso inmediato. 📲 WhatsApp: https://wa.me/51949304030 💻 https://www.reydes.com/e/Curso_de_Hacking_Etico #cybersecurity #infosec #security #cyberaware #dataprotection #digitalsafety #cybercrime -
🛡️ El Curso de Ciberseguridad está permanente disponible en el aula virtual para acceso inmediato. 📲 WhatsApp: https://wa.me/51949304030 💻 https://www.reydes.com/e/Curso_de_Ciberseguridad #cybersecurity #infosec #security #cyberaware #dataprotection #digitalsafety #cybercrime -
Securing the backbone of industry requires more than just standard IT knowledge—it demands specialized OT/ICS Cybersecurity expertise. 🛡️⚙️
📞 Contact Us to Enroll:
🌐 Website: www.theevolvedge.com
📧 Email: [email protected]
📱 Call: +91 9311805027 | +91 9871191929#OTCybersecurity #ICSSecurity #IndustrialCybersecurity #CriticalInfrastructure #TheEvolveEdge #CyberSecurityTraining #SCADA #InfoSec #TechTraining #InfrastructureProtection #CyberAware
-
Warum ich 1000 E-Mail-Adressen nutze - und warum Du das auch tun solltest
Die meisten Menschen nutzen eine einzige E-Mail-Adresse für alles: Online-Shops, Foren, Newsletter, Apps und soziale Netzwerke. Klingt praktisch – ist aber ein Sicherheitsproblem. Denn sobald diese Adresse in einem Datenleck landet, verbreitet sie sich unkontrolliert im Netz. Spam, Phishing und dubiose Werbung sind dann nur eine Frage der Zeit.
Ich gehe einen anderen Weg: Für jeden Dienst verwende ich eine eigene E-Mail-Adresse. Möglich macht das eine simple Technik namens Catch-All. Das Ergebnis ist überraschend effektiv: Ich erkenne sofort, woher Spam kommt, kann einzelne Adressen gezielt abschalten und behalte die Kontrolle über meinen Posteingang.
Warum dieses System funktioniert – und warum es jeder nutzen sollte – erkläre ich im Artikel. [Mehr lesen...]
#Email #Spam #Datenleck #CyberSecurity #InfoSec #Privacy #DataProtection #EmailSecurity #Phishing #CyberSecurityAwareness #ITSecurity #DataSecurity #OnlineSecurity #StaySafeOnline #CyberAware #SecurityTips #PhishingAlert #CyberDefense #InternetSecurity #DigitalSecurity #Datenschutz #CyberCrime #TechSecurity
-
Warum ich 1000 E-Mail-Adressen nutze - und warum Du das auch tun solltest
Die meisten Menschen nutzen eine einzige E-Mail-Adresse für alles: Online-Shops, Foren, Newsletter, Apps und soziale Netzwerke. Klingt praktisch – ist aber ein Sicherheitsproblem. Denn sobald diese Adresse in einem Datenleck landet, verbreitet sie sich unkontrolliert im Netz. Spam, Phishing und dubiose Werbung sind dann nur eine Frage der Zeit.
Ich gehe einen anderen Weg: Für jeden Dienst verwende ich eine eigene E-Mail-Adresse. Möglich macht das eine simple Technik namens Catch-All. Das Ergebnis ist überraschend effektiv: Ich erkenne sofort, woher Spam kommt, kann einzelne Adressen gezielt abschalten und behalte die Kontrolle über meinen Posteingang.
Warum dieses System funktioniert – und warum es jeder nutzen sollte – erkläre ich im Artikel. [Mehr lesen...]
#Email #Spam #Datenleck #CyberSecurity #InfoSec #Privacy #DataProtection #EmailSecurity #Phishing #CyberSecurityAwareness #ITSecurity #DataSecurity #OnlineSecurity #StaySafeOnline #CyberAware #SecurityTips #PhishingAlert #CyberDefense #InternetSecurity #DigitalSecurity #Datenschutz #CyberCrime #TechSecurity
-
Warum ich 1000 E-Mail-Adressen nutze - und warum Du das auch tun solltest
Die meisten Menschen nutzen eine einzige E-Mail-Adresse für alles: Online-Shops, Foren, Newsletter, Apps und soziale Netzwerke. Klingt praktisch – ist aber ein Sicherheitsproblem. Denn sobald diese Adresse in einem Datenleck landet, verbreitet sie sich unkontrolliert im Netz. Spam, Phishing und dubiose Werbung sind dann nur eine Frage der Zeit.
Ich gehe einen anderen Weg: Für jeden Dienst verwende ich eine eigene E-Mail-Adresse. Möglich macht das eine simple Technik namens Catch-All. Das Ergebnis ist überraschend effektiv: Ich erkenne sofort, woher Spam kommt, kann einzelne Adressen gezielt abschalten und behalte die Kontrolle über meinen Posteingang.
Warum dieses System funktioniert – und warum es jeder nutzen sollte – erkläre ich im Artikel. [Mehr lesen...]
#Email #Spam #Datenleck #CyberSecurity #InfoSec #Privacy #DataProtection #EmailSecurity #Phishing #CyberSecurityAwareness #ITSecurity #DataSecurity #OnlineSecurity #StaySafeOnline #CyberAware #SecurityTips #PhishingAlert #CyberDefense #InternetSecurity #DigitalSecurity #Datenschutz #CyberCrime #TechSecurity
-
Warum ich 1000 E-Mail-Adressen nutze - und warum Du das auch tun solltest
Die meisten Menschen nutzen eine einzige E-Mail-Adresse für alles: Online-Shops, Foren, Newsletter, Apps und soziale Netzwerke. Klingt praktisch – ist aber ein Sicherheitsproblem. Denn sobald diese Adresse in einem Datenleck landet, verbreitet sie sich unkontrolliert im Netz. Spam, Phishing und dubiose Werbung sind dann nur eine Frage der Zeit.
Ich gehe einen anderen Weg: Für jeden Dienst verwende ich eine eigene E-Mail-Adresse. Möglich macht das eine simple Technik namens Catch-All. Das Ergebnis ist überraschend effektiv: Ich erkenne sofort, woher Spam kommt, kann einzelne Adressen gezielt abschalten und behalte die Kontrolle über meinen Posteingang.
Warum dieses System funktioniert – und warum es jeder nutzen sollte – erkläre ich im Artikel. [Mehr lesen...]
#Email #Spam #Datenleck #CyberSecurity #InfoSec #Privacy #DataProtection #EmailSecurity #Phishing #CyberSecurityAwareness #ITSecurity #DataSecurity #OnlineSecurity #StaySafeOnline #CyberAware #SecurityTips #PhishingAlert #CyberDefense #InternetSecurity #DigitalSecurity #Datenschutz #CyberCrime #TechSecurity
-
Warum ich 1000 E-Mail-Adressen nutze - und warum Du das auch tun solltest
Die meisten Menschen nutzen eine einzige E-Mail-Adresse für alles: Online-Shops, Foren, Newsletter, Apps und soziale Netzwerke. Klingt praktisch – ist aber ein Sicherheitsproblem. Denn sobald diese Adresse in einem Datenleck landet, verbreitet sie sich unkontrolliert im Netz. Spam, Phishing und dubiose Werbung sind dann nur eine Frage der Zeit.
Ich gehe einen anderen Weg: Für jeden Dienst verwende ich eine eigene E-Mail-Adresse. Möglich macht das eine simple Technik namens Catch-All. Das Ergebnis ist überraschend effektiv: Ich erkenne sofort, woher Spam kommt, kann einzelne Adressen gezielt abschalten und behalte die Kontrolle über meinen Posteingang.
Warum dieses System funktioniert – und warum es jeder nutzen sollte – erkläre ich im Artikel. [Mehr lesen...]
#Email #Spam #Datenleck #CyberSecurity #InfoSec #Privacy #DataProtection #EmailSecurity #Phishing #CyberSecurityAwareness #ITSecurity #DataSecurity #OnlineSecurity #StaySafeOnline #CyberAware #SecurityTips #PhishingAlert #CyberDefense #InternetSecurity #DigitalSecurity #Datenschutz #CyberCrime #TechSecurity
-
Cybersecurity isn’t optional anymore. Protect your business with 2FA. #CyberAware
#cybersecurity -
Cybersecurity is no longer optional. Every day, millions of users are targeted by scams, data leaks, and online threats. You can stay safe with a few simple habits:
🔐 Use strong passwords
📱 Enable 2FA
⚠️ Avoid suspicious links
🔄 Keep devices updated
🛡️ Use a VPN on public Wi-FiRead the full beginner-friendly guide on protecting your privacy in 2026.
https://techputs.com/how-to-protect-your-privacy-in-2026/#Cybersecurity
#Privacy
#OnlineSafety
#DataSecurity
#TechNews
#InfoSec
#SecurityTips
#DigitalSafety
#CyberAware
#Tech -
Securing AI Agents: Beyond Traditional Cybersecurity
https://eproductempire.blogspot.com/2025/11/securing-ai-agents-why-traditional.html #AISecurity
#AI
#CyberSecurity
#AIAgents
#MachineLearning
#Tech
#Infosec
#ArtificialIntelligence
#CyberAware
#PromptInjection -
AI Shopping Agents: The Security Risks You Can't Ignore
https://eproductempire.blogspot.com/2025/11/the-security-implications-of-ai-agents.html#google_vignette #AISecurity
#CyberSecurity
#AI
#Privacy
#TechNews
#OnlineShopping
#FinTech
#DataPrivacy
#CyberAware
#FutureOfShopping -
AI Shopping Agents: The Security Risks You Can't Ignore
https://eproductempire.blogspot.com/2025/11/the-security-implications-of-ai-agents.html#google_vignette #AISecurity
#CyberSecurity
#AI
#Privacy
#TechNews
#OnlineShopping
#FinTech
#DataPrivacy
#CyberAware
#FutureOfShopping -
AI Shopping Agents: The Security Risks You Can't Ignore
https://eproductempire.blogspot.com/2025/11/the-security-implications-of-ai-agents.html#google_vignette #AISecurity
#CyberSecurity
#AI
#Privacy
#TechNews
#OnlineShopping
#FinTech
#DataPrivacy
#CyberAware
#FutureOfShopping -
AI Shopping Agents: The Security Risks You Can't Ignore
https://eproductempire.blogspot.com/2025/11/the-security-implications-of-ai-agents.html#google_vignette #AISecurity
#CyberSecurity
#AI
#Privacy
#TechNews
#OnlineShopping
#FinTech
#DataPrivacy
#CyberAware
#FutureOfShopping -
AI Shopping Agents: The Security Risks You Can't Ignore
https://eproductempire.blogspot.com/2025/11/the-security-implications-of-ai-agents.html#google_vignette #AISecurity
#CyberSecurity
#AI
#Privacy
#TechNews
#OnlineShopping
#FinTech
#DataPrivacy
#CyberAware
#FutureOfShopping -
It is always nice to have a returning guest: Eric O'Neill
... and Sean Martin, CISSP sneaking into the recording session too 🤣 😂
Five years ago—circa—we interviewed Eric about his book "Gray Day: My Undercover Mission to Expose America's First #Cyber Spy," and when PR contacted me to have him on for his second book "Spies Lies and Cyber Crime," I couldn't reply with anything but "Yes, tell Eric I cannot wait!"
He is a very gifted storyteller, and you need to watch or listen to this episode... then get the book, of course.
Here's the short summary. Below are the links to the full episode and the highlights reel. Enjoy!
Former FBI counterintelligence specialist Eric O'Neill, who caught the most damaging spy in US history, reveals how cybercriminals use traditional espionage techniques to attack us. In his new book "Spies Lies and Cyber Crime," he exposes the $14 trillion cybercrime industry and teaches us to recognize attacks in our Hybrid Analog Digital Society.
Full Video https://youtu.be/Ccump_5Y1CY
Highlights Reel https://youtu.be/-IvYpCbg0lY
#cybercrime Studio C60 / ITSPmagazine #CyberAwarenessMonth #infosec #cyberaware
-
🔐 Zevonix Cybersecurity Tip of the Day: Treat cybersecurity as a business investment, not a cost. #Zevonix #CyberAware #ITSecurity #SmallBizSecurity #BusinessSecurity #DigitalSafety #PalmCoastBusiness #JacksonvilleBusiness #DaytonaBusiness #StAugustineBusiness
-
🔐 Zevonix Cybersecurity Tip of the Day: Treat cybersecurity as a business investment, not a cost. #Zevonix #CyberAware #ITSecurity #SmallBizSecurity #BusinessSecurity #DigitalSafety #PalmCoastBusiness #JacksonvilleBusiness #DaytonaBusiness #StAugustineBusiness
-
The recent Microsoft Outlook outage left thousands scrambling. But it wasn’t just a fluke—recent outages from CrowdStrike, AT&T, and UK banks prove that business interruption is one of the biggest risks organizations face today.
Watch the full episode of this week’s Cyberside Chats in which @sherridavidoff and @MDurrin break down the latest Microsoft outage and share practical advice to reduce your downtime and risk!
🎧Listen here: https://www.chatcyberside.com/e/navigating-tech-turbulence-microsoft-outages-and-business-interruption-preparedness/?token=c49ed52268497cfbfb8b8974dd5e1901
🎥 Watch here: https://youtu.be/n5V2aL8XG7k#cybersecurity #cyberinsurance #businesscontinuity #CybersideChats #microsoft #microsoftoutage #cyberaware #businesscontinuityplanning #businesscontinuity #LMGsecurity
-
AI is revolutionizing work--but it's also creating new #cybersecurity risks! Watch our new video to learn about key AI-related security threats like Shadow #AI, prompt injection attacks & more. https://youtu.be/kAJvO-kfMa4
#AIThreats #AIHacking #Tech #Security #Cyberaware #cyber #CEO
-
📍Think before you post.
Photos, check-ins, and tweets can expose your location—even unintentionally.X (Twitter) and other platforms may retain geotags or infer routines. A single tagged post can reveal your home, office, or habits.
🛡 Tips:
• Disable location tagging
• Strip metadata from images
• Avoid posting in real-timePrivacy isn’t paranoia—it’s protection.
#Geoprivacy #OSINT #DigitalSafety #PrivacyTips #CyberAware #BiyteLüm -
A leaked API key at a federal agency gave unauthorized access to xAI's private models—because secrets were embedded in the code.
LMG Security's @tompohl Pohl explains how these vulnerabilities are exploited during penetration tests—and how your organization can detect them before attackers do. We'll share:
• Real-world examples
• Pen testing insights
• Actionable advice for IT leaders#Cybersecurity #CISO #Cyberaware #Cyber #Tech #RiskManagement #Infosec #AI
-
No Click. No Warning. Just a Data Leak.
Think your AI assistant is secure? Think again. The new EchoLeak exploit shows how Microsoft 365 Copilot, and tools like it, can silently expose your sensitive data without a single user interaction. No clicks. No downloads. Just a well-crafted email.
In this eye-opening blog, we break down how EchoLeak works, why prompt injection is a growing AI threat, and the 5 actions you need to take right now to protect your organization.
Read now: https://www.lmgsecurity.com/no-click-nightmare-how-echoleak-redefines-ai-data-security-threats/
#AIDataSecurity #Cyberaware #Cyber #SMB #Copilot #AI #GenAI #EchoLeak #PromptInjection #MicrosoftCopilot #Cybersecurity #CISO #ITsecurity #InfoSec #AISecurityRisks
-
Hundreds of Brother printer models are affected by a critical, unpatchable vulnerability (CVE-2024-51978) that allows attackers to generate the default admin password using the device’s serial number—information that’s easily discoverable via other flaws.
748 total models across Brother, Fujifilm, Ricoh, Toshiba, and Konica Minolta are impacted, with millions of devices at risk globally.
Attackers can:
• Gain unauthenticated admin access
• Pivot to full remote code execution
• Exfiltrate credentials for LDAP, FTP, and more
• Move laterally through your networkBrother says the vulnerability cannot be fixed in firmware and requires a change in manufacturing. For now, mitigation = change the default admin password immediately.
Our pentest team regularly highlights printer security as a critical path to system compromise—and today’s news is another example that underscores this risk. This is your reminder: Printers are not “set-and-forget” devices. Treat them like any other endpoint—monitor, patch, and lock them down.
Need help testing your network for exploitable print devices? Contact us and our pentest team can help!
Read the Dark Reading article for more details on the Brother Printers vulnerability: https://www.darkreading.com/endpoint-security/millions-brother-printers-critical-unpatchable-bug
#CyberSecurity #PenetrationTesting #Pentest #Pentesting #PrinterSecurity #BrotherPrinters #CVE202451978 #Infosec #IT #SMB #CISO #Cyberaware #DFIR #ITSecurity #ZeroTrust #PatchNow #Pentest
-
Your car knows more about you than your best friend.
Modern vehicles log your location, driving habits, voice commands, and even sync your contacts. Some send it all back to manufacturers—or worse, to third parties.
📌 Unpair your phone when renting or selling.
📌 Review your car’s data settings.
📌 Privacy isn’t just for phones. -
AI security risks are no longer hypothetical. From blackmail to shutdown resistance, high-agency AI models are pushing the limits of trust and control.
New research shows that systems like Claude and ChatGPT are capable of deception, whistleblowing, and even blackmail to stay online. These aren’t future threats—they’re happening now.
Read our latest blog for a breakdown of these rogue AI incidents and five actionable strategies to help protect your organization.
Read now: https://www.lmgsecurity.com/ai-security-risks-when-models-lie-blackmail-and-refuse-to-shut-down/
#Cybersecurity #AISecurityRisks #GenAI #AI #Cyberaware #RiskManagement #CISO #InfoSec #DFIR #ITsecurity #security #Cyber #Tech #ThreatModeling
-
🔒 Lock down your devices tight,
Enable two-factor auth with all your might.
Hackers lurking, ready to bite,
Protect your data day and night. 🔐 -
“You think it’s just a light bulb—but it’s not off. It’s watching, listening… maybe even hacking.”
LMG Security’s @tompohl revealed how $20 smart outlets and light bulbs can be exploited for WiFi cracking, evil twin attacks, and stealth monitoring—turning everyday gadgets into real-world threats.
In our latest blog, we’ll share:
▪ How attackers can exploit everyday IoT gadgets to breach your organization
▪ Advice on how to lock down your smart tech
▪ Tips on segmentation, firmware auditing, and red teamingRead the blog: https://www.lmgsecurity.com/i-have-the-power-iot-security-challenges-hidden-in-smart-bulbs-and-outlets/
#IoTSecurity #Cybersecurity #SmartDevices #LMGSecurity #Cyberaware #IoT #Cyber #Tech #CISO #IT #PenetrationTesting #RogueDevices #BSidesDesMoines #Infosec #ITsecurity
-
What Happens When AI Goes Rogue?
From blackmail to whistleblowing to strategic deception, today's AI isn't just hallucinating — it's scheming.
In our new Cyberside Chats episode, LMG Security’s @sherridavidoff and @MDurrin share new AI developments, including:
• Scheming behavior in Apollo’s LLM experiments
• Claude Opus 4 acting as a whistleblower
• AI blackmailing users to avoid shutdown
• Strategic self-preservation and resistance to being replaced
• What this means for your data integrity, confidentiality, and availability📺 Watch the video: https://youtu.be/k9h2-lEf9ZM
🎧 Listen to the podcast: https://www.chatcyberside.com/e/ai-gone-rogue-from-schemes-to-whistleblowing/?token=a0a79bc031829d23746df1392fa6122a#AIsecurity #RogueAI #ZeroTrust #Cybersecurity #CybersideChats #LMGSecurity #AIWhistleblower #AIgoals #LLM #ClaudeAI #ApolloAI #AISafety #CISO #CEO #SMB #Cyberaware #Cyber #Tech
-
Think Twice Before You Click ‘Unsubscribe’
That link at the bottom of your email might clean up your inbox—or make you a bigger target
https://www.wsj.com/tech/cybersecurity/unsubscribe-email-security-38b40abf
-
Only one week left to register for our next Cyberside Chats Live event! Join us June 11th to discuss what happens when an AI refuses to shut down—or worse, starts blackmailing users to stay online?
These aren’t science fiction scenarios. We’ll dig into two real-world incidents, including a case where OpenAI’s newest model bypassed shutdown scripts and another where Anthropic’s Claude Opus 4 generated blackmail threats in an alarming display of self-preservation.
Join us as we unpack:
▪ What “high-agency behavior” means in cutting-edge AI
▪ How API access can expose unpredictable and dangerous model actions
▪ Why these findings matter now for security teams
▪ What it all means for incident response and digital trustStick around for a live Q&A with LMG Security’s experts @sherridavidoff and @MDurrin. This session will challenge the way you think about AI risk!
Register today: https://www.lmgsecurity.com/event/cyberside-chats-live-june2025/
#CybersideChats #AIsecurity #AI #RiskManagement #DFIR #IT #Infosec #Cybersecurity #Security #CyberRisk #CISO #Cyber #Tech #CYberaware #SMB #CEO
-
Be on the lookout for any unauthorized logins or suspicious activity.
184 million logins for Instagram, Roblox, Facebook, Snapchat, and more exposed online https://www.malwarebytes.com/blog/news/2025/05/184-million-logins-for-instagram-roblox-facebook-snapchat-and-more-exposed-online
-
Almost every organization is using some type of AI, but are you securing it?
Download our free tip sheet: Adapting to AI Risks: Essential Cybersecurity Program Updates
From deepfake response plans to AI-specific access controls, this checklist helps you modernize your cybersecurity program and stay ahead of emerging threats.
Check it out: https://www.lmgsecurity.com/resources/adapting-to-ai-risks-essential-cybersecurity-program-updates/
#Cybersecurity #AIsecurity #AI #GenAI #AIgovernance #CISO #CEO #RiskManagement #Infosec #Cyberaware #Cyber #IT #Security #Cyber #Tech
-
The FBI has issued an alert about cybercriminals hijacking outdated routers to power massive proxy-for-hire networks—masking malware, fraud, and credential theft right under your nose.
Watch the full Cyberside Chats episode to hear @sherridavidoff and @MDurrin 's insights on:
🔹 The FBI’s May 2025 alert
🔹 TheMoon malware and the Faceless proxy service
🔹 What these botnets mean for your enterprise
🔹 What you need to do now to stay protected🎥 Watch the video: https://youtu.be/x_40BlvWsHk
🎧 Listen to the podcast: https://www.chatcyberside.com/e/outdated-routers-a-hidden-threat-in-your-neighborhood/?token=b0b648ff9ddf79f7cb1099945c74f7f0#Cybersecurity #RouterSecurity #ThreatIntel #Malware #CISO #CybersideChats #ProxyAbuse #TheMoonMalware #Botnets #NetworkSecurity #CISO #Cyberaware #Tech #Infosec #IT #CIO #SMB #Cyber
-
Found a guide for NetScaler (Citrix ADC) CVE-2023-3519 that explains how to validate and check for (currently) known Indicators of Compromise (IoCs) on a local CITRIX device.
The full guide including the commands, can be found here: [Checklist for Citrix ADC CVE-2023-3519](https://www.deyda.net/index.php/en/2023/07/19/checklist-for-citrix-adc-cve-2023-3519/)
Please bear in mind that this is a guide "found on the internet". Although it appears to be reliable and it was mentioned by SANS stormcast, these devices are not my specific area of expertise. Use your brain and use at your own risk...
Here are some key points from the article:
1. **Log in with nsroot or another administrative account.**
2. **Find out the time of the last update.** - This command lists the details of the files in the /var/nsinstall directory, which can help determine when the last update occurred.
```
shell ls -ll /var/nsinstall
```3. **Check whether certain files have been adjusted since the last update.** - These commands find and list files in specified directories that have been modified since the last update.
```
shell
find /netscaler/ns_gui/ -type f -name *.php -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
find /var/vpn/ -type f -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
find /var/netscaler/logon/ -type f -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
find /var/python/ -type f -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
```4. **Check for HTTP error log files.** - These commands search for .sh and .php entries in the HTTP error log files.
```
zgrep '\.sh' /var/log/httperror.log*
zgrep '\.php' /var/log/httperror.log*
```5. **Check for Shell log files.** - This command searches for entries related to '/flash/nsconfig/keys' in the shell log files.
```
grep '/flash/nsconfig/keys' /var/log/sh.log*
```6. **Check log files for known IOCs.** - This command finds and lists files with root permissions that have been modified since the last update.
```
find /var -perm -4000 -user root -not -path "/var/nslog/*" -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
```7. **Check for Nobody processes.** - This command lists processes running under the 'nobody' user that are not associated with '/bin/httpd'.
```
shell ps aux | grep nobody | grep -v '/bin/httpd'
```
#NetScaler #CitrixADC #CVE20233519 #SecurityGuide #IndicatorsOfCompromise #IoCs #InfoSec #CyberSecurity #VulnerabilityManagement #SecurityInvestigation #SysAdminTips #NetworkSecurity #CyberThreats #ITSecurity #OnlineSecurity #CyberAware #TechSafety #SecureNetworking #VulnerabilityScanning #InfoSecAwareness -
Is Microsoft Copilot AI putting your intellectual property at risk? Watch our new video to explore the privacy concerns you could face using Microsoft Copilot, including potential IP leaks, unexpected data access, and how to secure sensitive information. https://youtu.be/7LbcvIFMURE
#cyberaware #SMB #CISO #AI #GenAI #cyber #CEO #Cybersecurity #riskmanagement #Microsoft #Copilot #CopilotAI
-
🔒✨ Elevate Your Virtualization Security IQ! Discover the nuances of virtualization security, from risks to best practices. 🚀 Dive into the insights that every IT professional needs!
https://www.relianoid.com/blog/virtualization-security-issues-and-risks/
#VirtualizationSecurity #Cybersecurity #ITInfrastructure #TechInnovation #InfoSec #RiskManagement #DigitalTransformation #DataProtection #CyberAware #CloudSecurity #ITBestPractices #NetworkSecurity #Hypervisor #CyberThreats #SecureTech -
Found a guide for NetScaler (Citrix ADC) CVE-2023-3519 that explains how to validate and check for (currently) known Indicators of Compromise (IoCs) on a local CITRIX device.
The full guide including the commands, can be found here: [Checklist for Citrix ADC CVE-2023-3519](https://www.deyda.net/index.php/en/2023/07/19/checklist-for-citrix-adc-cve-2023-3519/)
Please bear in mind that this is a guide "found on the internet". Although it appears to be reliable and it was mentioned by SANS stormcast, these devices are not my specific area of expertise. Use your brain and use at your own risk...
Here are some key points from the article:
1. **Log in with nsroot or another administrative account.**
2. **Find out the time of the last update.** - This command lists the details of the files in the /var/nsinstall directory, which can help determine when the last update occurred.
```
shell ls -ll /var/nsinstall
```3. **Check whether certain files have been adjusted since the last update.** - These commands find and list files in specified directories that have been modified since the last update.
```
shell
find /netscaler/ns_gui/ -type f -name *.php -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
find /var/vpn/ -type f -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
find /var/netscaler/logon/ -type f -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
find /var/python/ -type f -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
```4. **Check for HTTP error log files.** - These commands search for .sh and .php entries in the HTTP error log files.
```
zgrep '\.sh' /var/log/httperror.log*
zgrep '\.php' /var/log/httperror.log*
```5. **Check for Shell log files.** - This command searches for entries related to '/flash/nsconfig/keys' in the shell log files.
```
grep '/flash/nsconfig/keys' /var/log/sh.log*
```6. **Check log files for known IOCs.** - This command finds and lists files with root permissions that have been modified since the last update.
```
find /var -perm -4000 -user root -not -path "/var/nslog/*" -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
```7. **Check for Nobody processes.** - This command lists processes running under the 'nobody' user that are not associated with '/bin/httpd'.
```
shell ps aux | grep nobody | grep -v '/bin/httpd'
```
#NetScaler #CitrixADC #CVE20233519 #SecurityGuide #IndicatorsOfCompromise #IoCs #InfoSec #CyberSecurity #VulnerabilityManagement #SecurityInvestigation #SysAdminTips #NetworkSecurity #CyberThreats #ITSecurity #OnlineSecurity #CyberAware #TechSafety #SecureNetworking #VulnerabilityScanning #InfoSecAwareness -
Found a guide for NetScaler (Citrix ADC) CVE-2023-3519 that explains how to validate and check for (currently) known Indicators of Compromise (IoCs) on a local CITRIX device.
The full guide including the commands, can be found here: [Checklist for Citrix ADC CVE-2023-3519](https://www.deyda.net/index.php/en/2023/07/19/checklist-for-citrix-adc-cve-2023-3519/)
Please bear in mind that this is a guide "found on the internet". Although it appears to be reliable and it was mentioned by SANS stormcast, these devices are not my specific area of expertise. Use your brain and use at your own risk...
Here are some key points from the article:
1. **Log in with nsroot or another administrative account.**
2. **Find out the time of the last update.** - This command lists the details of the files in the /var/nsinstall directory, which can help determine when the last update occurred.
```
shell ls -ll /var/nsinstall
```3. **Check whether certain files have been adjusted since the last update.** - These commands find and list files in specified directories that have been modified since the last update.
```
shell
find /netscaler/ns_gui/ -type f -name *.php -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
find /var/vpn/ -type f -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
find /var/netscaler/logon/ -type f -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
find /var/python/ -type f -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
```4. **Check for HTTP error log files.** - These commands search for .sh and .php entries in the HTTP error log files.
```
zgrep '\.sh' /var/log/httperror.log*
zgrep '\.php' /var/log/httperror.log*
```5. **Check for Shell log files.** - This command searches for entries related to '/flash/nsconfig/keys' in the shell log files.
```
grep '/flash/nsconfig/keys' /var/log/sh.log*
```6. **Check log files for known IOCs.** - This command finds and lists files with root permissions that have been modified since the last update.
```
find /var -perm -4000 -user root -not -path "/var/nslog/*" -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
```7. **Check for Nobody processes.** - This command lists processes running under the 'nobody' user that are not associated with '/bin/httpd'.
```
shell ps aux | grep nobody | grep -v '/bin/httpd'
```
#NetScaler #CitrixADC #CVE20233519 #SecurityGuide #IndicatorsOfCompromise #IoCs #InfoSec #CyberSecurity #VulnerabilityManagement #SecurityInvestigation #SysAdminTips #NetworkSecurity #CyberThreats #ITSecurity #OnlineSecurity #CyberAware #TechSafety #SecureNetworking #VulnerabilityScanning #InfoSecAwareness -
Found a guide for NetScaler (Citrix ADC) CVE-2023-3519 that explains how to validate and check for (currently) known Indicators of Compromise (IoCs) on a local CITRIX device.
The full guide including the commands, can be found here: [Checklist for Citrix ADC CVE-2023-3519](https://www.deyda.net/index.php/en/2023/07/19/checklist-for-citrix-adc-cve-2023-3519/)
Please bear in mind that this is a guide "found on the internet". Although it appears to be reliable and it was mentioned by SANS stormcast, these devices are not my specific area of expertise. Use your brain and use at your own risk...
Here are some key points from the article:
1. **Log in with nsroot or another administrative account.**
2. **Find out the time of the last update.** - This command lists the details of the files in the /var/nsinstall directory, which can help determine when the last update occurred.
```
shell ls -ll /var/nsinstall
```3. **Check whether certain files have been adjusted since the last update.** - These commands find and list files in specified directories that have been modified since the last update.
```
shell
find /netscaler/ns_gui/ -type f -name *.php -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
find /var/vpn/ -type f -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
find /var/netscaler/logon/ -type f -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
find /var/python/ -type f -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
```4. **Check for HTTP error log files.** - These commands search for .sh and .php entries in the HTTP error log files.
```
zgrep '\.sh' /var/log/httperror.log*
zgrep '\.php' /var/log/httperror.log*
```5. **Check for Shell log files.** - This command searches for entries related to '/flash/nsconfig/keys' in the shell log files.
```
grep '/flash/nsconfig/keys' /var/log/sh.log*
```6. **Check log files for known IOCs.** - This command finds and lists files with root permissions that have been modified since the last update.
```
find /var -perm -4000 -user root -not -path "/var/nslog/*" -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
```7. **Check for Nobody processes.** - This command lists processes running under the 'nobody' user that are not associated with '/bin/httpd'.
```
shell ps aux | grep nobody | grep -v '/bin/httpd'
```
#NetScaler #CitrixADC #CVE20233519 #SecurityGuide #IndicatorsOfCompromise #IoCs #InfoSec #CyberSecurity #VulnerabilityManagement #SecurityInvestigation #SysAdminTips #NetworkSecurity #CyberThreats #ITSecurity #OnlineSecurity #CyberAware #TechSafety #SecureNetworking #VulnerabilityScanning #InfoSecAwareness -
AI is fueling the next wave of #cybercrime! #Phishing attacks, fake invoices, and #BusinessEmailCompromise are now harder to spot. Watch our 8-minute video to learn about new attack tactics and defense tips. https://youtu.be/1ewEnPVzg2M
-
Congratulations to @sherridavidoff and @MDurrin for an amazing session at #RSAC! PCWorld called their session on Evil AI and hacker tools like WormGPT “a glimpse into a mirror universe” that provided an “aha” moment about how AI is already impacting cybersecurity.
In a packed room at RSA, Sherri and Matt demonstrated how rogue AI tools are already finding vulnerabilities faster than many defensive systems and how the cybersecurity community must adapt.
Read PCWorld's full article: https://ow.ly/M6gz50VMXGo
#Cybersecurity #AI #InfoSec #LMGSecurity #WormGPT #EvilAI #CISO #CEO #CyberAware #CIO #RiskManagement #AIThreats #ITsecurity #IT #Tech #Cyber
-
In my latest appearance on Counsel Cast Podcast, I dive into a critical topic: How Can Your Law Firm Stay Ahead of Digital Hackers? 🖥️🔐 We discuss everything from phishing attempts to business email compromise, and I share actionable tips to protect your law firm from becoming a target. Don't wait until it’s too late—get proactive about your firm's cybersecurity today!
Listen now for key insights and takeaways that every law firm should be thinking about.
🎧 Tune in here: https://www.youtube.com/watch?v=8splSgkbpKE
#Cybersecurity #LawFirm #DigitalPrivacy #PhishingProtection #BusinessEmailCompromise #LegalTalk #CyberThreats #DataProtection #FamilyLaw #ChicagoLawyer #JonathanSteele #CyberAware #DigitalDefense #PrivacyMatters #LawFirmSecurity
-
In my latest appearance on Counsel Cast Podcast, I dive into a critical topic: How Can Your Law Firm Stay Ahead of Digital Hackers? 🖥️🔐 We discuss everything from phishing attempts to business email compromise, and I share actionable tips to protect your law firm from becoming a target. Don't wait until it’s too late—get proactive about your firm's cybersecurity today!
Listen now for key insights and takeaways that every law firm should be thinking about.
🎧 Tune in here: https://www.youtube.com/watch?v=8splSgkbpKE
#Cybersecurity #LawFirm #DigitalPrivacy #PhishingProtection #BusinessEmailCompromise #LegalTalk #CyberThreats #DataProtection #FamilyLaw #ChicagoLawyer #JonathanSteele #CyberAware #DigitalDefense #PrivacyMatters #LawFirmSecurity