In June 2023 China made a typically bombastic announcement: operators of short-distance ad hoc networks must ensure they run according to proper socialist principles, and ensure all users divulge their real-world identities.β¦
Is anyone else competing in the 2024 Collegiate Cyber Defense Competition? Our regionals are coming up.
Looking for advice from those that have competed in the past. What kind of environment can I anticipate to encounter? Iβm in no means in a position to win the competition, our University is fielding 2 teams and I am on the alternate team. Our main team, comprised of past CCDC participants, seems to know exactly whatβs going to happen, have plenty of GitHub repos at their disposal, while we are kind of scratching our heads.
Iβm an old head with plenty of knowledge on the CISCO stack, but the captains all say this is irrelevant to the competition now. Itβs kind of discouraging talking about how we used to hop VLANs using 802 Q Double Encapsulation, capturing, spoofing in hex, and flooding ARP replies for ARP cache poisoning, when these current students have never even used the Cisco iOS CLI, and then additionally to be told that my skills and knowledge are archaic thinking. How can transform/evolve my thinking to be effective in this competition?
Introducing Scanme, a Go Package for Effortless Network Scanning β³
Are you passionate about network exploration and security? Say hello to Scanme! π What is Scanme? Scanme is a straightforward Go package designed to simplify network scanning processes using SYN (stealth) scans. This tool allows you to effortlessly scan a single IP address for open ports and delve deeper into the realm of network scanning techniques. Scanme stands out by providing an automated solution for fast and efficient scans across all 65535 TCP ports! π
Two zero-day bugs in Ivanti products were likely under attack by cyberspies as early as December, according to Mandiant's threat intel team.β¦
Criminals are exploiting a Windows Defender SmartScreen bypass vulnerability to infect PCs with Phemedrone Stealer, a malware strain that scans machines for sensitive information β passwords, cookies, authentication tokens, you name it β to grab and leak.β¦
Security experts claim ransomware criminals have got their hands on a functional exploit for a nearly year-old critical Microsoft SharePoint vulnerability that was this week added to the US's must-patch list.β¦
The criminal thought to be behind a multimillion-dollar cryptojacking scheme is in custody following a Europol-led investigation.β¦
Webinar Remote working has rapidly become the norm for many organizations and isn't ever going away. But it still needs to be secure if it's to be a success.β¦
This post covers the use of internal proxy techniques and some employment considerations.
The popularity of Github has made it too big to block, which is a boon to dissidents ducking government censors but a problem for internet security.β¦
Food delivery company HelloFresh is nursing a Β£140,000 ($178k) fine by Britainβs data privacy watchdog after a probe found it had dispatched upwards of a staggering 79 million spam email and one million texts in just seven months.β¦
On Call Welcome once more, dear reader, to On Call, The Register's weekly reader-contributed column detailing the delights and dangers of working in tech support.β¦
CES Despite all the buzz around internet-connected smart cars at this year's CES in Las Vegas, most folks don't want vehicle manufacturers sharing their personal data with third parties β and even say they'd consider buying an older or dumber car to protect their privacy and security.β¦
eBay will pay $3 million to settle criminal charges that its security team stalked and harassed a Massachusetts couple in retaliation for their website's critical coverage of the online tat bazaar.β¦
Google-owned security house Mandiant's investigation into how its X account was taken over to push cryptocurrency scams concludes the "likely" cause was a successful brute-force password attack.β¦
Security experts believe Chinese nation-state attackers are actively exploiting two zero-day vulnerabilities in security products made by Ivanti.β¦