SEARCH KEYWORD -- Mobile app


  Python Deserialization Attack Introduction: How to Build a Python Pickle Bomb

This article introduces an old and classic unsecured Python data serialization feature (the pickle library) and demonstrates how a red team attacker can exploit it to create a malicious binary or text data file that executes remote code or commands upon deserialization. The following attack flow diagram illustrates this process: We will follow 3 steps with the program code to show how Deserialization Attacks Work:   [ Step1 ] Crafting Malicious Data: An attacker crafts a malicious payloa...

       2024-07-07 03:08:22

  Python PLC Honeypot: Env Deployment And Attack Detection

In the previous article, we introduced the design of Python PLC Honeypot Project, this article will provide detailed step-by-step instructions on how to deploy and use the honeypot system in your environment for detecting potential attacks on OT (Operational Technology) networks. The article includes three main section:   Design of Attack Alert and Notification Function Honeypot deployment: an example deployment of a mixed OT protocol honeypot, consisting of a simple setup with...

       2024-12-01 00:27:33

  SIEM Big Data Visualization [02]: National Cyber Threats Dashboard

Dashboard for Summarizing SG National Cyber Threats in Critical Infrastructure Program Design Purpose: The purpose of this program is to develop a comprehensive Angular web dashboard plugin for a Security Information and Event Management (SIEM) system, focusing on the effective monitoring, categorization, summarization, and visualization of cyber threat events targeting Singapore's critical infrastructure. This dashboard will provide researchers and security managers with a clear, concise view ...

       2024-10-19 09:56:45

  SIEM Big Data Visualization : Dashboard for Monitoring Scam Events in Critical Infrastructure

Project Design Purpose: In a Security Information and Event Management (SIEM) system, effective monitoring and visualization of scam events is crucial to detecting and responding to cyberattacks. Cybercriminals often use deceptive methods to exploit individuals or organizations, aiming to steal sensitive information, financial assets, or disrupt operations. This project seeks to develop a web plugin dashboard to help cybersecurity researchers and managers better understand the scope and impact ...

       2024-10-05 20:47:09

  Power Grid OT Simulation System

Mini OT-Energy-System Cyber Security Digital Twin Figure-00: Power_Grid_OT_Simulation_System Environment Diagram, version v0.1.2 (2024) Project Design Purpose: The primary objective of this project is to develop a scaled-down Operational Technology (OT) digital twin/equivalent — an advanced software simulation system capable of emulating the functionality of an small-sized 18KW (560+MkWh/year) hybrid power grid. This system will meet the requirements for cybersecurity training, exercises...

       2024-10-13 09:00:12

  Kubernetes Authentication & Authorization 101

If we want to build a system with user modules, Authentication and Authorization are something that we can never ignore, though they could be fuzzy to understand. Authentication (from Greek: αὐθεντικÏŒς authentikos, “real, genuine”, from αὐθέντης authentes, “author”) is the act of proving an assertion, such as the identity of a computer s...

   RBAC,AUTHORIZATION,AUTHENTICATION,KUBERNETES     2021-06-05 23:19:18

  People Detection Radar [IoT] : Build a Raspberry PI Xandar Kardian IoT People Count Radar

Program Design Purpose: People detection sensors and radars are utilized in various applications across multiple fields such as security and surveillance, healthcare, building automation, smart cities, transportation and autonomous manufacturing systems. This project aims to develop a prototype IoT device for an indoor people counting using the Xandar Kardian people detection radar and a Raspberry Pi. The device will be network-ready and easily integrated with other systems. The Python-based I...

       2024-07-21 08:19:57

  Python FTP Server and Client

Distributed Log File Automated Archive System This week, we will introduce the automated compute cluster nodes' log automated archive system project and FTP Communication utility library module. Program Design Purpose: This project aims to create an FTP server & client lib program for file transfer and a files management system for log data synchronization. We will develop an automated log file archive system that regularly collects newly generated log files from multiple nodes in a compute...

       2024-09-29 04:07:50

  A walk through of different ways accessing Kubernetes application

When a web application is deployed on KUbernetes, to access the application, there must be some set up needs to be done so that external users can access the resource within the Kubernetes clusters. IN this post, we will walk through different ways to access application from outside. Before exploring different ways, let's set up a simple nginx eb application which will just serve the nginx welcome message when loading. # deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: ngin...

   KUBERNETES,PORT FORWARD,SERVICE,CLUSTERIP,NODEPORT,LOADBALANCER,INGRESS     2021-05-31 00:20:27

  LinkedIn is out of China and replaced with LinkedIn Jobs

The popular job searching site LinkedIn has come out a special version for China which is just offering job searching capabilities and messaging capabilities in the connections. The social media capability like news feeds and peoples activities are stripped out. Now if you are in China and open LinkedIn app, it will prompt you and ask you to download an app called LinkedIn Jobs. You will not be able to dismiss the dialog and you are forced to download the other app if you wanna continue to...

   LINKEDIN,LINKEDIN JOBS,CHINA,MICROSOFT     2021-12-24 20:13:24

RECENT