Foundational Static Analysis: API Analysis
Hi all, I'm stuck in this part, where using Ghidra, I have to find where the Windows API GetModuleHandleA is used, in the binary called exercise_two.exe, and once located, find the parameter of this function. Taking a look about GetModuleHandleA, there's no references or calls to API in any part of the code. Also tried to look for references to GetProcAddress or LoadLibrary and nothing. Am doing something wrong? Any idea to find the "parameter" of the function that calls to the API?. Is the only question from this part remaining... Thanks and regards.23Views2likes0CommentsCVE-2024-3094 (XZ Utils Supply Chain Backdoor)
This training was a deep dive into supply chain attacks, focusing on how attackers compromise third-party libraries to infiltrate systems. 🌳 ROOT: The Core Lesson 🔹 Your code is only as secure as its weakest dependency. 🔹 Attackers don’t always target your app—they infect the libraries and tools you trust. 🔹 A single update from upstream can spread malware downstream into thousands of systems. 🌲 BRANCHES: Key Takeaways 1️⃣ Trunk: The Major Incidents (Real-World Cases) 📌 Log4j (CVE-2021-44228) – A simple logging library led to RCE attacks on millions of apps. 📌 XZ Utils Backdoor (CVE-2024-3094) – Attackers planted a hidden SSH backdoor inside a widely used Linux tool. 📌 SolarWinds Attack – A trusted software update infected top enterprises & governments. 2️⃣ Branches: How These Attacks Work? 🌿 Compromised Upstream – Hackers inject malicious code into open-source projects. 🌿 Silent Propagation – CI/CD pipelines & OS distros auto-fetch infected updates. 🌿 Exploitation in Production – The attacker gains remote access, RCE, or data leaks. 3️⃣ Leaves: Defensive Actions You Must Take! 🍃 Pin Dependencies – Use fixed versions instead of "latest". 🍃 Verify Integrity – Check hashes, signatures, and changelogs before updating. 🍃 Scan Your Stack – Use SCA tools like Dependabot, Trivy, or Snyk. 🍃 Restrict CI/CD Auto-Updates – Require manual reviews for third-party updates. 🍃 Monitor for Compromise – Set alerts for vulnerable dependencies. 🌟 TOP OF THE TREE: The Final Takeaway Supply chain security is not an option—it's a necessity! If upstream is compromised, everything downstream is at risk. Never blindly trust software updates—always verify before deploying. Your security is only as strong as the weakest library you import! Be proactive, not reactive—because the next Log4j or XZ Backdoor could already be in your pipeline!28Views1like0Comments🚨 Calling all CISOs and Program Managers! 🚨
We’re looking to connect with security leaders who are passionate about team readiness and resilience. DaveSpencer and our user researcher PamelaSmith are exploring how organisations exercise and prepare their teams for evolving cyber threats. We’re developing a new cyber drills concept and would love to get your insights and feedback. If you're open to having a brief chat to share how you approach team exercises and provide your perspective on our ideas, your input would be invaluable. 👉 Interested or know someone who might be? Get in touch via email or comment below.14Views0likes0CommentsPhishing != Security Awareness
Dear IL Community, I wanted to express some thoughts about the challenge that organizations may face if they want to establish a cybersecurity culture, especially when individuals within an organization do not prioritize or care about cybersecurity. From my perspective, one of the main reasons it's tough to get a cybersecurity culture going is that people just don't see the potential consequences of cyber threats. They often don't realize how much of an impact a security breach can have or how important it is for them to protect sensitive information. This lack of interest can create a big vulnerability in an organization's security defenses. Would love to get your view and discuss the following things: How can we make cybersecurity feel relevant to every employee? What innovative approaches have you seen in creating a security-minded culture? Are current training methods truly effective, or do we need a radical rethink? Is it about the missing Leadership commitment? Do we struggle to demonstrate the tangible business impacts of cybersecurity? It would be very appreciated if you can share your thoughts and experiences! All the best - Nermin81Views1like1CommentHow many 'small' events are there?
Was reviewing Cyber News Live and am amazed at the number of 'small' events out there. They go under the radar and don't make the news. But impact people and their lives every day. Makes me happy to be part of the solution!!! (13) Cyber News Live | December 2024 | Week 49 | LinkedIn31Views2likes0CommentsCool post about a Women's Cybersecurity Academy graduate
I saw this one on LinkedIn and found her post so inspiring. Yes - I work for Immersive - but continue to be impressed with stories like these where our product has helped someone move forward in their career. I also love that she was able to share badges to highlight her progress and share it with her network! Nice story to share on a Friday. https://www.linkedin.com/posts/ilytrevino_today-i-got-to-celebrate-my-graduation-from-activity-7257571313131692032-_pYm?utm_source=share&utm_medium=member_desktop12Views3likes0Comments🎄 Christmas Crisis Sim Showdown! Vote for Your Favourite! 🎄
Is it too early to mention the C word?... No, never! We're excited to announce that we'll be producing a brand new Christmas-themed crisis simulation, but we need your help to choose which one will make it to the top! Simply comment below with your preferred crisis sim scenario (A, B or C) and share why you think your pick deserves the spotlight. The winning crisis sim will be produced by our very own JonPaulGabriele and will be unveiled in December! Here are the contenders on the nice list: A) Christmas Tree-son 🎄 Cybersecurity nightmare at the North Pole! A disgruntled elf has leaked confidential data, exposing sensitive information about Santa's operations, the Naughty & Nice list, and what life is really like at the North Pole. The culprit has been identified, but their motives remain unclear. Can you manage the fallout, protect Santa's reputation, and secure the North Pole's digital infrastructure before Christmas spirit is irreparably damaged? B) Snow Way Out! ☃️ A freak winter storm has brought the world to a standstill. Businesses are closed, transport networks are ground to a halt, and communities are cut off. Can you coordinate emergency response efforts, ensure the safety of vulnerable populations, and keep essential services running in the face of this unprecedented weather event? C) Elf and Safety Crisis 🎁 A whistle-blower threatens to shatter the illusion of Santa's Workshop. Allegations of unsafe working conditions, unethical toy production, and overworked elves have surfaced, putting Santa's reputation and Christmas deliveries at risk. Can you investigate the claims, address the concerns, and restore public trust before the holiday spirit is extinguished? 🗳️ Now it’s your turn! Which simulation should we produce? Voting is open NOW and will end on Friday 8th November... Make your voice heard and make this a crisis-mas not to forget! 🎅✨266Views4likes9CommentsGive us your feedback on our new AI scenario generator
We are looking for some feedback on our Exercising features and would love to hear from our community of users! Are you someone who creates Crisis Sims? Our new AI scenario generator will be released on 12 November and we would love to hear what you think about it! If so, come along to a call with Immersive’s Product Manager, Emma, and UX Researcher, Pamela to answer a few questions about your experience and give us your feedback on these features. What we’ll cover: Other than having used the AI scenario generator, no further preparation is needed for the call. We’ll be delving into your current Exercising usage, needs and expectations, and any issues you’ve encountered along the way. This will be fed back to our team and potentially lead to feature enhancements or new feature development. Between 18 November - 17 December, we will be running calls over Google Meet, lasting up to 45 minutes. Want to influence our future product? Book in a call at a time that suits you, using this link or comment below to find out more. ✨Check out Emma’s blog post Feature Focus: Introducing the AI Scenario Generator46Views2likes0Comments