#detect — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #detect, aggregated by home.social.
-
Good article on how to pick A.I. generated images, complete with lots of examples to compare.
I did so well on the quiz (picked the real photo 9 of 12 times), they said "Try talking to someone besides Siri for a while" LOL
#GenAI #generative #ArtificialIntelligence #artificial #intelligence #image #creation #tool #application #create #count #fingers #detect #examine #consider #photo #realistic #picture #blur #background #extra #kitchen #sink
https://www.pcmag.com/explainers/human-or-ai-these-7-clues-will-help-you-spot-fake-images-immediately -
Туннель в никуда: как ngrok помогает обойти периметр и как это остановить
Всем привет! Сегодня речь пойдет о распределенном обратном прокси-сервере ngrok и эксплуатации его возможностей атакующими. По данным MITRE ATT&CK инструмент используется различными APT группировками, в том числе в атаках направленных на компании в России и странах СНГ, что упоминается в Ландшафте киберугроз от команды Kaspersky Cyber Threat Intelligence и в статье [Распутываем змеиный клубок: по следам атак Shedding Zmiy в блоге Solar 4Rays]( Распутываем змеиный клубок: по следам атак Shedding Zmiy ( rt-solar.ru ) ). В данной статье мы рассмотрим примеры использования ngrok в операционных системах Windows и Linux, а также определим маркеры, по которым можно выявить его использование.
https://habr.com/ru/companies/rvision/articles/932120/
#ngrok #tunnelling #tunnel #command_and_control #siem #detect
-
Storm-0558 hacks of Microsoft Exchange
In mid-July 2023, Microsoft reported that a Chinese hacking group tracked as '#Storm0558' breached the email accounts of 25 organizations, including US and Western European government agencies, using #forged #authentication #tokens from a stolen Microsoft consumer #signing #key.
Using this stolen key, the Chinese threat actors exploited a zero-day vulnerability in the #GetAccessTokenForResource API function for Outlook Web Access in Exchange Online (#OWA) to forge authorization tokens.
These tokens allowed the threat actors to impersonate Azure accounts and access email accounts for numerous government agencies and organizations to monitor and steal email.
After these attacks, Microsoft faced a lot of criticism for not providing adequate #logging to Microsoft customers for free. Instead, Microsft required customers to purchase additional licenses to obtain logging data that could have helped detect these attacks.
After working with CISA to identify crucial logging data needed to #detect #attacks, Microsoft announced that they now offer it for free to all Microsoft customers.