Cyber Security Forum

Surprising Differences Between TLS and SSL Protocol TLS is simply a successor of SSL 3.0, TLS is a protocol which provides Data encryption and Integrity between communication channels. SSL 3.0 is served as a base for TLS 1.0. SSL OR TLS Which is good? We use to believe that TLS 1.0 is a Successor of SSL 3.0. As we know SSL3.0 are very old and recent attacks like POODLE, BEAST and other attack vectors made SSL3.0 lifeless as a security protocol. Due to POODLE attack, SSL v3 is being completely disabled on web sites around the world. Then the BEAST attack which completely break web sites running on older SSL v3.0 and TLS v1.0 protocols. Sadly still some of the websites does not use TLS, you can check your website configuration using Comodo SSL analyser. TLS Handshake Protocol When a TLS  and server first start communicating, they agree on a protocol version, select cryptographic algorithms, optionally authenticate each other, and use public-key encryption techniques to generate share...

 The OWASP Top 10 security risks point out the common vulnerabilities seen in web applications. But it does not list the set of attack vectors that WAFs (Web Application Firewalls) can simply block. This is but a myth often propagated by many a security vendor. OWASP Top 10 protection is the joint responsibility of the security vendor and the application developers. There is a lot that an effective security solution and WAF can do to secure OWASP vulnerabilities. But in some cases, the security solution may not be able to give complete coverage against it and requires the developers/ organizations to take preventive action. In this article, we help you understand how a comprehensive, intelligent, and fully managed WAF can augment OWASP Top 10 protection. A Quick Introduction to WAF WAF is the first line of defense between the web application and the web traffic, filtering out malicious requests and bad traffic at the network edge. The best WAFs are part of larger security solutions...

  A Dictionary attack is one of the ways through which the attackers try to gain access to the keys of the reign. Bad actors take advantage of people using common dictionary words as their passwords. A study has proved how the majority of people like to reuse their passwords or use common phrases that are relatively easy to remember.  Databases used in dictionary attack does not only include the common dictionary words, but also the passwords leaked in previous attacks. Dictionary Attack Using Burp Suite Tool: BurpSuite is indeed a great tool for testing vulnerability in web applications. We are here using its free-version which has limited capabilities but works well for learning! Lets began the process to brute force/dictionary attack.  So, we’ll be using VM setup, with Kali and Bee-Box as a Web Server which is the victim. The process for setting up the Burp Suite and proxy in the browser is explained here. Make sure you have set up your proxy to your localhost. STEP1:...

 Hi everyone and welcome back on this new write-up. Today, I would like to talk about a vulnerability I found on some programs that allowed me to bypass their 2FA protections. On a side note, due to the fact that the programs are private, all the informations about the websites will be redacted. That’s said, let’s start ! Introduction : As many hunters, when I start my research on a new bug bounty program, I use the application as a lambda user. This allow me to understand how the applications work and notice which features can be interesting to test. I noticed that the applications had a 2FA feature, I enabled it and I started to play with it. For those who are not familiar with the concept of 2FA (Two-factor authentication), this can be defined by: Two-factor authentication (2FA) is a way to add additional security to your account. The first “factor” is your usual password that is standard for any account. The second “factor” is a verification code retrieved from an app on a mobi...

  Hi everyone and welcome back on this new write-up. Today, I would like to talk about a vulnerability I found on some programs that allowed me to bypass their 2FA protections. On a side note, due to the fact that the programs are private, all the informations about the websites will be redacted. That’s said, let’s start ! Introduction: As many hunters, when I start my research on a new bug bounty program, I use the application as a lambda user. This allow me to understand how the applications work and notice which features can be interesting to test. I noticed that the applications had a 2FA feature, I enabled it and I started to play with it. For those who are not familiar with the concept of 2FA (Two-factor authentication), this can be defined by: Two-factor authentication  ( 2FA ) is a way to add additional security to your account. The first “factor” is your usual password that is standard for any account. The second “factor” is a verification code retrieved from an app o...

 

  Phishing investigation Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.   In SIEM investigation. Phishing mails reports us 1. Customers 2. Employees or 3. We get alert In SIEM tool.   The investigation following Firstly we requested to employee or customers to send saved email. Once we receive mail à We have to save mail   Go to properties. Copy the complete in Internet Header information Then we have Threat Intelligence tool Mx tool Box open In Header Analyzer   Then Paste   In Header analyzer part.. Need to check Following point   1. SPF : sender policy   Framework   Find the Original Sender ip address then check reputation of this from various Thr...

what are the log sources you integrated with siem tool what is dos, ddos difference b/n dos & ddos  if you dont have rule condition how you will identify ddos attack what is tcp & udp and difference explain bruteforce attack and how you will investigate  ssh telnet and dns port numbers what is the use of arp Port scanning investigation Malware investigation DDOS INVESTIGATION SQL injection Suspicious outbound connection happened wt will you see for mitigation Owasp top 10 What is threat management In mitre attack on persistence technique tell me any two subtechniques Sentinel architecture How vulnerability will come in edr? Bruteforce investigation Evenid 4791,4624,4625,4688 Port number RDP,LDAP,telnet,ssh,amb ell me about the investigation in DLP? 2. On what basis DLP tool creates a alert? 3. How are u gonna report about forensics in DLP? 4. Difference between EDR and AV? 5. Explain any two alerts investigation in SIEM? 6. Why do u use comm. prompt during malware inve...

 Introduction of cyber security 8 Types of Cyber Security Attacks, And Their Prevention Principles of  security Classification of Cyber crimes Reasons for Commission of Cyber Crimes Hackers & Types of Hackers How To prevent hacking TOP CYBER ATTACKS Virus & Worms  I N T R O D U C T I O N TO C O M P U T E R VIRUS Types of computer viruses Top 5 Sources of Computer Virus Attack Best antivirus software. introduction to WORMS Difference between viruses and worms. Networking Types of Networks What is osi model & tcp/ip model ? Network Addresses Domain Name System ports & protocols Ip Addressing Tcp 3 way handshake Ssl protocol & SSL Handshake Http & https Cryptographym & its types Encryption & descryption cyberkill chain methodology WINDOWS NETWORK & COMMANDS Firewalls & its types Introduction to dns system data loss prevention Antivirus & its types Ids/ips & its types Proxy & vpn Investigations on various attacks(malware,bru...

  What are the tools using? What is edr? What is difference between   vpn & proxy? Telenet port num & ssh port number port number for rdp What is golden ticket? Owasp top 10 vulnerabiluties Ssl handshake After ransomware came into system before encrypting attacker will do some things . what is that? What is logon number for rdp What is cyber kill chain? Can u give the example of what is the ways to delivery and explain What is mitm What is XSS ? how to prevent cross site scripting?   How do you know u r using proper sanitization? What is fileless malware & file malware? A)fileless malware is a type of malicious software that  uses legitimate programs to infect a computer . It does not rely on files and leaves no footprint, making it challenging to detect and remove. If we checked av no suspicious logs.but cnc connection happened . how to detect that. What will u see in the proxy logs?  A) Date and time. ·  ...

  Responsibility Index Phase Responsibility      Identification L1 Analyst:- GSOC Monitoring Team      Investigation  L2 Analyst:-This includes individuals from Network Team/GSOC Containment L2 Analyst: -  This includes individuals from Network Team/ Server team          Remediation L2 Analyst:-This includes Network Team/Server Team/GSOC Recovery L2 Analyst:-This includes Network Team/Server Team/GSOC Brute Force attack Procedure Identification Stage Stage Source Identification Brute Force incident is reported by  Network Team Incident/If the alert is raised by the SIEM Investigating Stage Stage Actions by Respective Team Investigation Security team checks If the Brute Force attack is identified and an alert generated via SIEM below parameters are considered for investigating: Source addresses of the attempts Firewall Action Investigating Destination on which brute force attem...