SignatureMiner : Anti-Virus Signature Intelligence Tool

SignatureMiner, a semisupervised security framework for Anti-Virus signatures featuring normalization, customization, clustering and knowledge discovery. SignatureMiner is based on MinHash and regular expressions and can be used both for malware label classification and signature-based analytics. (SignatureMiner: A Fast Anti-Virus Signature Intelligence Tool - IEEE Conference Publication, 2020) SignatureMiner is a python tool to mine information from cryptic Antivirus software signatures. It was designed to extract consensus about malware types from the outputs of Multi-scanner tools, but can be leveraged to extract (or mine) useful insights from the signatures themselves. SignatureMiner leverages the well-known minhashing approach to cluster together tokens extracted from clean AV signatures. Those clusters have to be supervised by the user to write some regular expression rules (in python) that SignatureMiner can convert into classification directives. To do this, SignatureM

Virtualbox - Install guest additions on RHEL 8 or CentOS 8

1. First install the following packages required for compilation of guest addition modules # dnf install tar bzip2 kernel-devel-$(uname -r) kernel-headers  perl gcc make elfutils-libelf-devel       2. Install Guest Addition  by running the installation script after mounting guest addition iso # ./ 3. Check if the guest addition modules has been installed # lsmod | grep vbox       Reference :

Types of web hosting - Shared, VPS and Dedicated

Shared hosting - cheap and beginner friendly In a shared hosting environment, you share one server with other customers. These plans include the physical server and the software applications within the server. Each server works similarly to a bulked-up version of your home computer. It has hard drive space, a central processing unit (CPU), and RAM. In a shared hosting space, the host puts hundreds or even thousands of users on a single server. It’s likely that each user has more than one site, and that means one shared server can house thousands of websites. How does it work? These services are affordable because the costs to operate the server are lower. The host shared the cost between you and these other owners. There are, however, some downsides. The main drawback to using shared hosting is that you are sharing all the servers resources with the other websites. Who’s it suitable for? If you are on tight budget, shared hosting is a great option. More co

OPENSSH - List supported Ciphers and Algorithms

We need this list because sometimes our Vulnerabiliy Scanning software points out that some old ciphers are WEAK. From the man pages of SSH:  -Q cipher | cipher-auth | mac | kex | key              Queries ssh for the algorithms supported for the specified version 2.  The available features are: cipher (supported sym‐              metric ciphers), cipher-auth (supported symmetric ciphers that support authenticated encryption), mac (supported message              integrity codes), kex (key exchange algorithms), key (key types). Supported cipher suites [vicky@vicky-centos-7 ~]$  ssh -Q cipher 3des-cbc blowfish-cbc cast128-cbc arcfour arcfour128 arcfour256 aes128-cbc aes192-cbc aes256-cbc aes128-ctr aes192-ctr aes256-ctr Supported message integrity codes [vicky@vicky-centos-7 ~]$ ssh -Q mac hmac-sha1 hmac-sha1-96 hmac-sha2-256 hmac-sha2-512

Security as a Service (SECaaS)

What is Security as a Service (SECaaS)? Security as a Service (SECaaS) can most easily be described as a cloud delivered model for outsourcing cybersecurity services. Much like Software as a Service, SECaaS provides security services on a subscription basis hosted by cloud providers. Security as a Service solutions have become increasingly popular for corporate infrastructures as a way to ease the in-house security team’s responsibilities, scale security needs as the business grows, and avoid the costs and maintenance of on-premise alternatives. Benefits of Security as a Service Cost Savings One of the biggest benefits of a Security as a Service model is that it saves a business money. A cloud delivered service is often available in subscription tiers with several upgrade options so a business only pays for what they need, when they need. It also eliminates the need for expertise. The Latest Security Tools and Updates When you implement SECaaS, you get

WTF is The Blockchain?

The ultimate 3500-word guide in plain English to understand Blockchain. Author :  Mohit Mamoria SOURCE :

MySQL FLUSH Commands

Flush privileges mysql> FLUSH PRIVILEGES; when we grant some privileges for a user, running the command flush privileges will reloads the grant tables in the mysql database enabling the changes to take effect without reloading or restarting mysql service. Flush TABLES mysql> FLUSH TABLES; The command closes all tables which are currently open or in use. And clears cache which intern make better utilization on available memory. Flush HOSTS mysql> FLUSH HOSTS; The command uses host cache tables, if maximum number of connections has been reached for a particular host, mysql server will not able to make new connections. flushing host tables resets the process and again allows the connections for particular HOST. Flush LOGS mysql> FLUSH LOGS; The command closes and reopens all log files, if log files are to big and taking more time to load then you can run the command which will create an empty log file. REFERENCE / SOURCE :