13Sep 2023 by webmaster No Comments
How to Fix CVE-2023-20238- An Authentication Bypass Vulnerability in Cisco BroadWorks?

How to Fix CVE-2023-20238- An Authentication Bypass Vulnerability in Cisco BroadWorks?

Windows
On September 6th, 2023, Cisco disclosed an authentication bypass vulnerability in its Cisco BroadWorks products. This vulnerability tracked as CVE-2023-20238, has a CVSS score of 10.0 (Critical). It allows an unauthenticated, remote attacker to forge credentials and gain unauthorized access to affected Cisco BroadWorks systems. This could enable the attacker to commit serious issues like toll fraud, view confidential data, modify customer settings, and more. Users of affected Cisco BroadWorks Platforms should urgently fix this vulnerability by upgrading to a patched release. We published this blog post to let our readers know about this vulnerability. In this blog post, we will cover the details of CVE-2023-20238, affected products, and finally, how to fix CVE-2023-20238, an Authentication Bypass Vulnerability in Cisco BroadWorks. A Short Introduction to Cisco BroadWorks Application Delivery Platform and Xtended Services Platform…
Read More
13Sep 2023 by webmaster No Comments
3 Common Types of Processed-Based Attacks Used by Malware Programs to Evade Detection- Process Injection, Process Hallowing, And Process Doppelganging

3 Common Types of Processed-Based Attacks Used by Malware Programs to Evade Detection- Process Injection, Process Hallowing, And Process Doppelganging

Linux
Growing technologies are making both attacks and prevention techniques more and more sophisticated. These technologies have made both adversaries and security professionals engage in a rat race. Attackers try every possible method to evade detection, while security professionals strive to thwart their attempts. Therefore, for a security professional, it is not optional to learn evasion techniques; it is a must. Although we can’t cover all evasion techniques in one post, we believe that by learning these three common types of process-based attacks used by malware programs to evade detection, you will be able to understand and detect many cyber attacks and create a strategy to protect your resources. In this post, we will cover the most common attacks targeting system processes by malicious programs. They are: Process Injection Process Hallowing Process Doppelganging Process Injection:…
Read More
13Sep 2023 by webmaster No Comments

How to Analyze Windows Executable Files Using PEStudio?

Windows
Windows has been the most widely used operating system for several decades. However, it’s more prone to malware infection too. Undeniably, most malware authors target Windows platforms more than any other platforms. It’s the prime responsible for Windows machine owners to keep their Windows machines safe from nasty malware programs. Well, we have been keep discussing the safety of Windows and other platforms on thesecmaster.com several times. We keep doing this as much as we can. In this post, we will be covering another unique topic, how to analyze Windows executable files using PEStudio. PEStudio is a popular tool used by malware analysts and reverse engineers to analyze and detect anomalies in Windows portable executable (PE) files like EXEs and DLLs. This comprehensive guide will explain what PEStudio is, how…
Read More
13Sep 2023 by webmaster No Comments
Step-by-Step Guide to Setup LocalGPT on Your Windows PC

Step-by-Step Guide to Setup LocalGPT on Your Windows PC

Windows
The field of artificial intelligence (AI) has seen monumental advances in recent years, largely driven by the emergence of large language models (LLMs). LLMs trained on vast datasets, are capable of working like humans, at some point in time, a way better than humans like generate remarkably human-like text, images, calculations, and many more. In essence, these LLMs are the actual brains of AI applications today. However, the broad deployment of public LLMs has also raised valid concerns about data privacy, security, reliability, and cost. As AI permeates critical domains like healthcare, finance and more, transmitting sensitive data to public cloud APIs can expose users to unprecedented risks. Dependency on external services also increases vulnerabilities to outages, while usage-based pricing limits widespread adoption. This underscores the need for AI solutions that run…
Read More
13Sep 2023 by webmaster No Comments
Step-by-Step Guide to Setup Pytorch for Your GPU on Windows 10/11

Step-by-Step Guide to Setup Pytorch for Your GPU on Windows 10/11

Windows
In this competitive world of technology, Machine Learning and Artificial Intelligence technologies have emerged as a breakthrough for developing advanced AI applications like image recognition, natural language processing, speech translation, and more. However, developing such AI-powered applications would require massive amounts of computational power far beyond the capabilities of CPUs (Central Processing Units). That’s because CPUs come with very few hand-countable cores and threads. So, CPUs can only process a few threads at a time, which becomes a bottleneck for the highly parallelizable computations required for deep learning algorithms. This gave rise to the use of GPUs (Graphics Processing Units), which shipped with thousands of cores and can handle thousands of threads simultaneously and are designed for mathematically-intensive tasks like real-time 3D graphics rendering, crypto mining, deep learning where a large number of mathematical…
Read More
23Aug 2023 by webmaster No Comments
How to Fix CVE-2023-38408- A Remote Code Execution Vulnerability in OpenSSH’s forwarded ssh-agent?

How to Fix CVE-2023-38408- A Remote Code Execution Vulnerability in OpenSSH’s forwarded ssh-agent?

Linux
On 19th July 2023, OpenSSH released the release notes of OpenSSH 9.3p2, which addressed a Remote Code Execution Vulnerability in OpenSSH’s forwarded ssh-agent. The flaw is tracked as CVE-2023-38408 allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH’s forwarded ssh-agent. Since the flaw allows attackers to perform Remote Code Execution on the victim machine and its widespread use of OpenSSH’s forwarded ssh-agent, it is highly recommended to learn how to Fix CVE-2023-38408- a Remote Code Execution Vulnerability in OpenSSH’s forwarded ssh-agent. The Qualys Threat Research Unit (TRU) has been credited with the discovery of this vulnerability upon they reported the flaw on 7th July 2023. Before we jump in to learn how to Fix CVE-2023-38408- a Remote Code Execution Vulnerability in OpenSSH’s forwarded ssh-agent, let’s see a short intro…
Read More
23Aug 2023 by webmaster No Comments
What is There in The Mandiant’s Defender’s Advantage Cyber Snapshot Report- Issue 3

What is There in The Mandiant’s Defender’s Advantage Cyber Snapshot Report- Issue 3

Network Security, Pen Testing, Windows
Mandiant recently published the latest edition of The Defender’s Advantage Cyber Snapshot report. This recurring report aims to arm cybersecurity teams with practical insights from Mandiant’s frontline experience responding to breaches worldwide. The goal is to help defenders maintain their advantage against constantly evolving threats. This new report provides guidance across five key topics organizations are focusing on: moving beyond traditional passwords to more secure authentication methods, navigating the cyber insurance process, detecting attacks by understanding adversary techniques, testing defenses proactively, planning effective incident response, and implementing new security guidelines for critical infrastructure. By sharing challenges and recommendations learned from real-world attacks, the report enables security leaders to make more informed decisions. Organizations can leverage The Defender’s Advantage findings to continuously strengthen cyber defenses. The report is one way Mandiant supports…
Read More
23Aug 2023 by webmaster No Comments
Understand the Docker Architecture with TheSecMaster

Understand the Docker Architecture with TheSecMaster

Linux
This is our second article about Docker. We covered most of the basic information about Docker and container technology in a different blog post. Please make sure you read the post “Understand Docker Containers With TheSecMaster” if you haven’t read it yet. In this post, we will delve deeper into the architecture of Docker and understand how it works under the hood. Let’s start learning about the Docker architecture on thesecmaster.com. Components of Docker Docker is a popular open-source tool designed to facilitate the creation, deployment, and execution of applications using containers. Containers allow developers to bundle an application with all its necessary parts, such as libraries and dependencies, and distribute it as a single package. Docker requires multiple components to function properly. Before we dive into the Docker Architecture, let’s familiarize ourselves with…
Read More
22Aug 2023 by webmaster No Comments
3 Flaws in PowerShell Gallery Could Lead to Supply Chain Attacks- Common Countermeasures

3 Flaws in PowerShell Gallery Could Lead to Supply Chain Attacks- Common Countermeasures

Linux, LUNIX
A team of security researchers from Aqua recently uncovered three critical vulnerabilities in Microsoft’s PowerShell Gallery that could enable attackers to conduct devastating supply chain attacks. Mor Weinberger, Yakir Kadkoda, and Ilay Goldman revealed flaws that allow threat actors to spoof legitimate packages and gain access to deleted secrets. The researchers were able to upload a fake package mimicking a popular Azure module that received callbacks from numerous cloud environments. This highlights the ease with which attackers could potentially compromise countless organizations by poisoning the repository. Despite responsible disclosure, Microsoft is yet to implement comprehensive fixes to the packaging system used by millions. The flaws enable typosquatting, metadata spoofing, and exposure of unpublished packages. Until addressed, PowerShell Gallery users are advised to implement cautionary measures to avoid becoming victims. In this blog, we…
Read More
22Aug 2023 by webmaster No Comments
Step-by-Step Procedure to Deploy RDP Certificates Using GPO

Step-by-Step Procedure to Deploy RDP Certificates Using GPO

Cloud & OS Platforms, Linux, LUNIX
Remote Desktop Protocol (RDP) is an essential tool for IT administrators to remotely manage servers and desktops. However, by default, RDP uses weak encryption and is susceptible to man-in-the-middle attacks. Administrators use RDP certificates to secure weak RDP connections. We have published a blog post, “Step By Step Procedure To Fix The RDP Certificate Error On Windows Servers” There, we showed how to get RDP certificate and how to bind that certificate to a Windows server. Deploying RDP certificates on a server or a small number of servers could be manageable, but what if, in larger environments, it’s laborious, isn’t it? Administrators can use Group Policy Objects (GPOs) to deploy RDP certificates. RDP certificates utilize the Transport Layer Security (TLS) protocol to authenticate and encrypt RDP connections. The certificates are…
Read More