ExtraHop’s Post

Security Alert: OpenSSH Vulnerability The latest ExtraHop Threat Briefing reveals a critical OpenSSH vulnerability called regreSSHion, allowing attackers to execute malicious commands on remote devices. It's crucial to monitor and protect your systems from this threat. 🔍 Learn more and track suspicious activity with RevealX: https://xtra.li/4eSAnvE #VTI #VirtusTechnologyIndonesia #Extrahop #CyberSecurity #OpenSSH #ThreatIntelligence #NetworkSecurity #RevealX

Nzyme: WiFi monitoring, intrusion detection and forensics r/netsec Nzyme is used to detect threats to wireless networks and belongs to the family of Wireless Intrusion Detection System (WIDS). This is probably the most interesting and polished open source WIDS project. The most important functions of Nzyme include: detection of malicious Access Points (AP); detection of known platforms used to attack wireless networks (WiFi Pineapple, Pwnagotchi, Wifiphisher); AP configuration error detection. I have just tried it on Raspberry pi 3 b+ 1GB ram and it works 💥💪✅

[CVE-2024-39950: HIGH] A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities to initiate device initialization. https://lnkd.in/ehwzKGBc

Network Intrusion Detection System (IDS) Task by CodeAlpha Using Snort and i showed how to configure Snort and how to set up rules and alerts and response suspicious network activity. GitHub repositories - https://lnkd.in/gsvsDuXU #codealpha #cyberdefense

An unconventional way to target devices, whether computers or phones This method is called brute force merging In other words the mined link helps spread the Trojan or the server for direct penetration with ease. For example, I scan this barcode and then it will take me to a link, and when I enter the link attached inside the barcodeI will automatically be hacked easily! This is true and unfortunately, a large number of individuals and companies are widespread in Arab society who use the bar code without examining it first specifically companies or individuals who have no idea about protecting themselves. To avoid this attack, you must first scan any barcode before entering it through the VirusTotal platform or the Kaspersky application.

If you want to improve your Cyber Security posture consider SecurityOnion. If you are a tad strapped for cash and want to do improve your Cyber Security Posture consider SecurityOnion. There are other great tools out there (like Wazuh), so consider your use case - But do something today.

The ideal replacement to legacy PSTN alarm receivers. The DT42IP is the swiss knife solution for monitoring centres being forced otherwise to replace their PSTN receivers with multiple IP desktop versions.

Here's a sneak peek at a NEW feature coming to our FREE and OPEN Security Onion platform in the upcoming 2.4.70 release! This new Detections feature makes it SO much easier to tune your existing detections and create new detections. https://lnkd.in/dXVA-RgT

CVE-2024-8956 CVSS: 9.1 Critical CVE Type: Improper Authorization VulnCheck: https://lnkd.in/eUUs7CF2 Details: PTZOptics PT30X-SDI/NDI-xx cameras with firmware versions before 6.3.40 are vulnerable to insufficient authentication. This flaw allows unauthorized access to /cgi-bin/param.cgi without requiring an HTTP Authorization header. As a result, an attacker can remotely leak sensitive information such as usernames, password hashes, and configuration details. Additionally, attackers can update or overwrite configuration values, posing a significant security risk by altering the camera’s settings. Upgrading to the latest firmware version is recommended to mitigate this vulnerability.

Infographic: A History of Network Device Threats and What Lies Ahead https://lnkd.in/etMqR4-h