YesWeHack’s Post

SentinelOne, a leader in cybersecurity, and Intezer have joined forces to tackle the growing challenge of Rust malware. Their latest project, 0xA11C, is designed to make reverse engineering of Rust malware more accessible, helping threat researchers better understand and counteract these sophisticated threats before they overwhelm the industry. Key Highlights: 📌Collaborative Expertise: SentinelLabs and Intezer researchers are creating tools to simplify Rust malware analysis. 📌Critical Insight: Rust’s complexity surpasses even C++, making it challenging for reverse engineers to decode. 📌Community Focus: This initiative aims to engage the security community, offering tools to tackle Rust malware head-on. Juan Andrés Guerrero-Saade, AVP of Research at SentinelLabs, emphasized the project’s importance in overcoming the unique challenges Rust presents. Nicole Fishbein, Security Researcher at Intezer, highlighted the parallels with Go malware analysis, underscoring the need for specialized tools. Learn more about 0xA11C and contribute in our website: https://lnkd.in/dgEVczMY #Cybersecurity #RustMalware #ThreatResearch

From hacking to awareness, every match is a masterclass in cybersecurity. Don't miss the action, insights, and epic battles happening at Cyber Breaker Competition - Season 1! 🚀🔒 #CyberBreakerCompetition #Perisai #YouBuild #WeGuard

🚀 **Day 16: Cybersecurity Bootcamp Chronicles** 🚀 Advanced Attack Techniques and Malware Analysis🦠🦠💉 Another tough day, delving into pass the hash, pass the ticket, LDAP, brute force attacks, ransomware, and an introduction to malware analysis. Our daily lab gave us hands-on experience with FFuf, Hydra, and Kerberos. Just because it’s hard, doesn’t mean it’s impossible… #BootcampLife #Ransomware #MalwareAnalysis #Kerberos #TechSkills #Ironhack #CyberSecurityTraining

Will you be attending DEF CON 2024? The highly anticipated hacker conference will be held in Las Vegas on August 12-13. Having attended in 2022, we know it's a phenomenal event featuring talks from top hackers worldwide, engaging workshops, and dynamic brainstorming sessions. We're excited to be attending again this year😄 Have you been to DEF CON? Let us know in the comments💬 #defcon #hackerconference #cybersecurity

🏴☠️💻 Just completed the Pyrat Lab on TryHackMe! 🚀 Dove into a pirate-themed cybersecurity challenge that tested my skills in penetration testing and vulnerability exploitation. From reconnaissance to post-exploitation, every step was a thrilling adventure! 🌊⚓ 🔍 Key Highlights: Conducted detailed reconnaissance using Nmap Exploited vulnerabilities with Metasploit Gained access and escalated privileges Documented findings and recommendations If you're looking to sharpen your hacking skills in a fun environment, I highly recommend giving this lab a try! 🏴☠️💪 #tryhackme #CyberSecurity #PenetrationTesting #PyratLab #LearningJourney #EthicalHacking

Security researchers at JFrog have found multiple attacks on Docker Hub over the past five years, exposing vulnerabilities in open-source registries. According to JFrog research, a significant portion of Docker Hub's repositories—over four million—are without actual content, containing only documentation which is termed "imageless" repositories. However, this documentation serves as a deceptive front, leading users to phishing or malware sites. Among the 4.79 million empty repositories identified, approximately 3.2 million were exploited in three distinct campaigns: Downloader, E-book phishing, and Website. The Downloader campaign payload establishes contact with a command-and-control server to transmit system metadata, receiving cracked software links in return. The E-book phishing campaign prompts them to provide financial information for downloads. Conversely, the Website campaign's objectives are presently ambiguous, although it is spread across sites with mild content moderation policies. The broader implications suggest similar attacks could extend beyond Docker Hub, urging developers to exercise caution when accessing open-source packages. #dockerhub #securityrisks #opensource #malware #bizserveit

Podcast bait, malware switch.: Joshua Miller from Proofpoint is discussing their work on "Best Laid Plans: TA453 Targets Religious Figure with Fake Podcast Invite Delivering New BlackSmith Malware Toolset." Proofpoint identified Iranian threat actor TA453 targeting a prominent Jewish figure with a fake podcast interview invitation, using a benign email to build trust before sending a malicious link. The attack attempted to deliver new malware called BlackSmith, containing a PowerShell trojan dubbed AnvilEcho, designed for intelligence gathering and exfiltration. This malware consolidates all of TA453's known capabilities into a single script rather than the previously used modular approach. #cyber #cybersecurity #cybersecurityjobs #technology #informationsecurity #cyberjobs #management #innovation

Almost a year ago today, I conducted my first-ever pen test project as a newcomer to hacking, with an attempt at malware analysis. The focus was on enumeration, vulnerability scanning, system hacking, malware analysis, and report writing. I particularly enjoyed the challenge of enumerating admin users and passwords. While footprinting is typically the first step in a penetration test, it was deliberately skipped in this demonstration project. It’s always good to reflect on past work to see how far we’ve come. I’ll be uploading some recent projects soon to showcase my progress! #Cybersecurity #PenetrationTesting #MalwareAnalysis #LearningJourney

🔒 Exciting News! Join me for a Fundamentals of Ethical Hacking Workshop! 🔒 Are you ready to dive into the world of cybersecurity? Join me for an immersive workshop where we'll explore the fundamentals of ethical hacking and learn essential techniques to enhance your cybersecurity skills. 📅 Date: [17/05/2024] 🕒 Time: [19.00] IST (Asia/Kolkata) 📍 Location: [Online Google Meet] 🔗 Registration: [Secure your spot here!] https://lu.ma/Hack101 In this workshop, we'll cover: - Understanding the importance of ethical hacking - Exploring common vulnerabilities and exploits - Hands-on exercises to sharpen your skills - Tips for securing your digital assets Whether you're a beginner or an experienced professional, this workshop offers valuable insights and practical knowledge to level up your cybersecurity game. Don't miss out on this opportunity to expand your knowledge and network with like-minded individuals! Secure your spot today by registering here ➡️ https://lu.ma/Hack101 Feel free to reach out if you have any questions. See you there! 🔐💻 #EthicalHacking #Cybersecurity #Workshop #LearningOpportunity

Excited to share that I'll be speaking at The Hackers Meetup on "The Art of Network Traffic Analysis: Detecting & Responding to Threats" on July 28th, 2024! In this session, I'll be covering the latest tools and techniques for effective packet inspection, protocol analysis, and anomaly detection, including hands-on demos and real-world examples. Registration link is in the comments below. Looking forward to seeing you there! #TheHackersMeetup #BangaloreChapter #NetworkTrafficAnalysis #Cybersecurity #ThreatDetection #InfoSec