دسته: هسته اصلی سیستم‌عامل

Docker + Python CRUD API + Excel VBA – All for beginners – Useful code

import os, sqlite3

from typing import List, Optional

from fastapi import FastAPI, HTTPException

from pydantic import BaseModel

DB_PATH = os.getenv(“DB_PATH”, “/data/app.db”)

app = FastAPI(title=“Minimal Todo CRUD”, description=“Beginner-friendly, zero frontend.”)

class TodoIn(BaseModel):

    title: str

    completed: bool = False

class TodoUpdate(BaseModel):

    title: Optional[str] = None

    completed: Optional[bool] = None

class TodoOut(TodoIn):

    id: int

def row_to_todo(row) -> TodoOut:

    return TodoOut(id=row[“id”], title=row[“title”], completed=bool(row[“completed”]))

def get_conn():

    conn = sqlite3.connect(DB_PATH)

    conn.row_factory = sqlite3.Row

    return conn

@app.on_event(“startup”)

def init_db():

    os.makedirs(os.path.dirname(DB_PATH), exist_ok=True)

    conn = get_conn()

    conn.execute(“””

        CREATE TABLE IF NOT EXISTS todos(

            id INTEGER PRIMARY KEY AUTOINCREMENT,

            title TEXT NOT NULL,

            completed INTEGER NOT NULL DEFAULT 0

        )

    “””)

    conn.commit(); conn.close()

@app.post(“/todos”, response_model=TodoOut, status_code=201)

def create_todo(payload: TodoIn):

    conn = get_conn()

    cur = conn.execute(

        “INSERT INTO todos(title, completed) VALUES(?, ?)”,

        (payload.title, int(payload.completed))

    )

    conn.commit()

    row = conn.execute(“SELECT * FROM todos WHERE id=?”, (cur.lastrowid,)).fetchone()

    conn.close()

    return row_to_todo(row)

@app.get(“/todos”, response_model=List[TodoOut])

def list_todos():

    conn = get_conn()

    rows = conn.execute(“SELECT * FROM todos ORDER BY id DESC”).fetchall()

    conn.close()

    return [row_to_todo(r) for r in rows]

@app.get(“/todos/{todo_id}”, response_model=TodoOut)

def get_todo(todo_id: int):

    conn = get_conn()

    row = conn.execute(“SELECT * FROM todos WHERE id=?”, (todo_id,)).fetchone()

    conn.close()

    if not row:

        raise HTTPException(404, “Todo not found”)

    return row_to_todo(row)

@app.patch(“/todos/{todo_id}”, response_model=TodoOut)

def update_todo(todo_id: int, payload: TodoUpdate):

    data = payload.model_dump(exclude_unset=True)

    if not data:

        return get_todo(todo_id)  # nothing to change

    fields, values = [], []

    if “title” in data:

        fields.append(“title=?”); values.append(data[“title”])

    if “completed” in data:

        fields.append(“completed=?”); values.append(int(data[“completed”]))

    if not fields:

        return get_todo(todo_id)

    conn = get_conn()

    cur = conn.execute(f“UPDATE todos SET {‘, ‘.join(fields)} WHERE id=?”, (*values, todo_id))

    if cur.rowcount == 0:

        conn.close(); raise HTTPException(404, “Todo not found”)

    conn.commit()

    row = conn.execute(“SELECT * FROM todos WHERE id=?”, (todo_id,)).fetchone()

    conn.close()

    return row_to_todo(row)

@app.delete(“/todos/{todo_id}”, status_code=204)

def delete_todo(todo_id: int):

    conn = get_conn()

    cur = conn.execute(“DELETE FROM todos WHERE id=?”, (todo_id,))

    conn.commit(); conn.close()

    if cur.rowcount == 0:

        raise HTTPException(404, “Todo not found”)

    return  # 204 No Content

Source link

آگوست 21, 2025
Closing the Compliance Gap with Data Discovery
In today’s regulatory climate, compliance is no longer a box-ticking exercise. It is a strategic necessity. Organizations across industries are under pressure to secure sensitive data, meet privacy obligations, and avoid hefty penalties. Yet, despite all the talk about “data visibility” and “compliance readiness,” one fundamental gap remains: unseen data—the information your business holds but doesn’t know about.

Unseen data isn’t just a blind spot—it’s a compliance time bomb waiting to trigger regulatory and reputational damage.

The Myth: Sensitive Data Lives Only in Databases

Many businesses operate under the dangerous assumption that sensitive information exists only in structured repositories like databases, ERP platforms, or CRM systems. While it’s true these systems hold vast amounts of personal and financial information, they’re far from the whole picture.

Reality check: Sensitive data is often scattered across endpoints, collaboration platforms, and forgotten storage locations. Think of HR documents on a laptop, customer details in a shared folder, or financial reports in someone’s email archive. These are prime targets for breaches—and they often escape compliance audits because they live outside the “official” data sources.

Myth vs Reality: Why Structured Data is Not the Whole Story

Yes, structured sources like SQL databases allow centralized access control and auditing. But compliance risks aren’t limited to structured data. Unstructured and endpoint data can be far more dangerous because:
- They are harder to track.
- They often bypass IT policies.
- They get replicated in multiple places without oversight.
When organizations focus solely on structured data, they risk overlooking up to 50–70% of their sensitive information footprint.

The Challenge Without Complete Discovery

Without full-spectrum data discovery—covering structured, unstructured, and endpoint environments—organizations face several challenges:
1. Compliance Gaps – Regulations like GDPR, DPDPA, HIPAA, and CCPA require knowing all locations of personal data. If data is missed, compliance reports will be incomplete.
2. Increased Breach Risk – Cybercriminals exploit the easiest entry points, often targeting endpoints and poorly secured file shares.
3. Inefficient Remediation – Without knowing where data lives, security teams can’t effectively remove, encrypt, or mask it.
4. Costly Investigations – Post-breach forensics becomes slower and more expensive when data locations are unknown.
The Importance of Discovering Data Everywhere

A truly compliant organization knows where every piece of sensitive data resides, no matter the format or location. That means extending discovery capabilities to:
1. Structured Data
- Where it lives: Databases, ERP, CRM, and transactional systems.
- Why it matters: It holds core business-critical records, such as customer PII, payment data, and medical records.
- Risks if ignored: Non-compliance with data subject rights requests; inaccurate reporting.
1. Unstructured Data
- Where it lives: File servers, SharePoint, Teams, Slack, email archives, cloud storage.
- Why it matters: Contains contracts, scanned IDs, reports, and sensitive documents in freeform formats.
- Risks if ignored: Harder to monitor, control, and protect due to scattered storage.
1. Endpoint Data
- Where it lives: Laptops, desktops, mobile devices (Windows, Mac, Linux).
- Why it matters: Employees often store working copies of sensitive files locally.
- Risks if ignored: Theft, loss, or compromise of devices can expose critical information.
Real-World Examples of Compliance Risks from Unseen Data
1. Healthcare Sector: A hospital’s breach investigation revealed patient records stored on a doctor’s laptop, which was never logged into official systems. GDPR fines followed.
2. Banking & Finance: An audit found loan application forms with customer PII on a shared drive, accessible to interns.
3. Retail: During a PCI DSS assessment, old CSV exports containing cardholder data were discovered in an unused cloud folder.
4. Government: Sensitive citizen records are emailed between departments, bypassing secure document transfer systems, and are later exposed to a phishing attack.
Closing the Gap: A Proactive Approach to Data Discovery

The only way to eliminate unseen data risks is to deploy comprehensive data discovery and classification tools that scan across servers, cloud platforms, and endpoints—automatically detecting sensitive content wherever it resides.

This proactive approach supports regulatory compliance, improves breach resilience, reduces audit stress, and ensures that data governance policies are meaningful in practice, not just on paper.

Bottom Line

Compliance isn’t just about protecting data you know exists—it’s about uncovering the data you don’t. From servers to endpoints, organizations need end-to-end visibility to safeguard against unseen risks and meet today’s stringent data protection laws.

Seqrite empowers organizations to achieve full-spectrum data visibility — from servers to endpoints — ensuring compliance and reducing risk. Learn how we can help you discover what matters most.
Source link
آگوست 19, 2025

Exploring SOAP Web Services – From Browser Console to Python – Useful code

SOAP (Simple Object Access Protocol) might sound intimidating (or funny) but it is actually a straightforward way for systems to exchange structured messages using XML. In this article, I am introducing SOAP through YouTube video, where it is explored through 2 different angles – first in the Chrome browser console, then with Python and Jupyter Notebook.

The SOAP Exchange Mechanism uses requests and response.

Part 1 – Soap in the Chrome Browser Console

We start by sending SOAP requests directly from the browser’s JS console. This is a quick way to see the raw XML
<soap> envelopes in action. Using a public integer calculator web service, we perform basic operations – additions, subtraction, multiplication, division – and observe how the requests and responses happen in real time!

For the browser, the entire SOAP journey looks like that:

Chrome Browser -> HTTP POST -> SOAP XML -> Server (http://www.dneonline.com/calculator.asmx?WSDL) -> SOAP XML -> Chrome Browser

function soapCalc(op, a, b) {

const xml = `<?xml version=“1.0” encoding=“utf-8”?>

<soap:Envelope xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance”

xmlns:xsd=“http://www.w3.org/2001/XMLSchema”

xmlns:soap=“http://schemas.xmlsoap.org/soap/envelope/”>

<soap:Body>

<${op} xmlns=“http://tempuri.org/”>

</${op}>

</soap:Body>

</soap:Envelope>`;

return fetch(“/calculator.asmx”, {

method: “POST”,

headers: {

“Content-Type”: “text/xml; charset=utf-8”,

“SOAPAction”: `http://tempuri.org/${op}`

body: xml

})

.then(r => r.text())

.then(str => {

const doc = new DOMParser().parseFromString(str, “text/xml”);

const resultTag = `${op}Result`;

const result = doc.getElementsByTagName(resultTag)[0]?.textContent;

console.log(`${op}(${a}, ${b}) → ${result}`);

return Number(result);

});

}

A simple way to call it is with constants, to avoid the strings:

const soapAdd = (a,b) => soapCalc(“Add”, a, b); const soapSubtract = (a,b) => soapCalc(“Subtract”, a, b); const soapMultiply = (a,b) => soapCalc(“Multiply”, a, b); const soapDivide = (a,b) => soapCalc(“Divide”, a, b);

const soapAdd = (a,b) => soapCalc(“Add”, a, b);

const soapSubtract = (a,b) => soapCalc(“Subtract”, a, b);

const soapMultiply = (a,b) => soapCalc(“Multiply”, a, b);

const soapDivide = (a,b) => soapCalc(“Divide”, a, b);

Like that:

soapAdd(5, 7); // 12 soapSubtract(10, 3); // 7 soapMultiply(6, 7); // 42 soapDivide(8, 2); // 4

soapAdd(5, 7); // 12

soapSubtract(10, 3); // 7

soapMultiply(6, 7); // 42

soapDivide(8, 2); // 4

Part 2 – Soap with Python and Jupyter Notebook

Here we jump into Python. With the help of libaries, we load the the WSDL (Web Services Description Language) file, inspect the available operations, and call the same calculator service programmatically.

from zeep import Client, Settings, helpers from zeep.plugins import HistoryPlugin from zeep.transports import Transport from zeep.exceptions import Fault, TransportError import requests import requests_cache from lxml import etree session = requests.Session() transport = Transport(session=session, timeout=20) settings = Settings(strict=False, xml_huge_tree=True) history = HistoryPlugin() WSDL = “https://www.dneonline.com/calculator.asmx?WSDL” client = None MODE = None def build_client_from(url: str): return Client(wsdl=url, settings=settings, transport=transport, plugins=[history]) try: session.verify = True client = build_client_from(WSDL) MODE = “https” except Exception: try: session.verify = False client = build_client_from(WSDL) MODE = “https_verify_false” except Exception: try: http_wsdl = WSDL.replace(“https://”, “http://”) print(“http is replaced!”) session.verify = True client = build_client_from(http_wsdl) MODE = “http” except Exception: client = None MODE = None print(“Client is none!”)

from zeep import Client, Settings, helpers

from zeep.plugins import HistoryPlugin

from zeep.transports import Transport

from zeep.exceptions import Fault, TransportError

import requests

import requests_cache

from lxml import etree

session = requests.Session()

transport = Transport(session=session, timeout=20)

settings = Settings(strict=False, xml_huge_tree=True)

history = HistoryPlugin()

WSDL = “https://www.dneonline.com/calculator.asmx?WSDL”

client = None

MODE = None

def build_client_from(url: str):

return Client(wsdl=url, settings=settings, transport=transport, plugins=[history])

try:

session.verify = True

client = build_client_from(WSDL)

MODE = “https”

except Exception:

try:

session.verify = False

client = build_client_from(WSDL)

MODE = “https_verify_false”

except Exception:

try:

http_wsdl = WSDL.replace(“https://”, “http://”)

print(“http is replaced!”)

session.verify = True

client = build_client_from(http_wsdl)

MODE = “http”

except Exception:

client = None

MODE = None

print(“Client is none!”)

def list_ops_robust(c, label): print(f”– {label} –“) for service in c.wsdl.services.values(): print(“Service:”, service.name) for port in service.ports.values(): print(” Port:”, port.name) ops = getattr(port.binding, “_operations”, {}) if isinstance(ops, dict) and ops: for name in sorted(ops.keys()): print(” Operation:”, name) else: proxy = c.bind(service.name, port.name) names = sorted(n for n in dir(proxy) if not n.startswith(“_”) and callable(getattr(proxy, n, None))) for n in names: print(” Operation:”, n)

def list_ops_robust(c, label):

print(f“– {label} –“)

for service in c.wsdl.services.values():

print(“Service:”, service.name)

for port in service.ports.values():

print(” Port:”, port.name)

ops = getattr(port.binding, “_operations”, {})

if isinstance(ops, dict) and ops:

for name in sorted(ops.keys()):

print(” Operation:”, name)

else:

proxy = c.bind(service.name, port.name)

names = sorted(n for n in dir(proxy) if not n.startswith(“_”) and callable(getattr(proxy, n, None)))

for n in names:

print(” Operation:”, n)

def safe_call(op, **kwargs): try: return getattr(client.service, op)(**kwargs) except Fault as f: print(f”{op} → SOAP Fault:”, f) except TransportError as te: print(f”{op} → Transport error:”, te) except Exception as e: print(f”{op} → Error:”, type(e).__name__, e) show_last_exchange(history)

def safe_call(op, **kwargs):

try:

return getattr(client.service, op)(**kwargs)

except Fault as f:

print(f“{op} → SOAP Fault:”, f)

except TransportError as te:

print(f“{op} → Transport error:”, te)

except Exception as e:

print(f“{op} → Error:”, type(e).__name__, e)

show_last_exchange(history)

—– SOAP REQUEST —– <soap-env:Envelope xmlns:soap-env=”http://schemas.xmlsoap.org/soap/envelope/”> <soap-env:Body> <ns0:Subtract xmlns:ns0=”http://tempuri.org/”> <ns0:intA>360</ns0:intA> <ns0:intB>2400</ns0:intB> </ns0:Subtract> </soap-env:Body> </soap-env:Envelope> —– SOAP RESPONSE —– <soap:Envelope xmlns:soap=”http://schemas.xmlsoap.org/soap/envelope/” xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance” xmlns:xsd=”http://www.w3.org/2001/XMLSchema”> <soap:Body> <SubtractResponse xmlns=”http://tempuri.org/”> <SubtractResult>-2040</SubtractResult> </SubtractResponse> </soap:Body> </soap:Envelope>

——– SOAP REQUEST ——–

<soap-env:Envelope xmlns:soap-env=“http://schemas.xmlsoap.org/soap/envelope/”>

<soap-env:Body>

<ns0:Subtract xmlns:ns0=“http://tempuri.org/”>

<ns0:intA>360</ns0:intA>

<ns0:intB>2400</ns0:intB>

</ns0:Subtract>

</soap-env:Body>

</soap-env:Envelope>

—– SOAP RESPONSE —–

<soap:Envelope xmlns:soap=“http://schemas.xmlsoap.org/soap/envelope/” xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance” xmlns:xsd=“http://www.w3.org/2001/XMLSchema”>

<soap:Body>

</SubtractResponse>

</soap:Body>

</soap:Envelope>

safe_call(“Divide”, intA=100, intB=10) >>10

safe_call(“Divide”, intA=100, intB=10)

>>10

https://www.youtube.com/watch?v=rr0r1GmiyZg
Github code – https://github.com/Vitosh/Python_personal/tree/master/YouTube/038_Python-SOAP-Basics!

Enjoy it! 🙂

Source link

آگوست 16, 2025

How to Choose the Top XDR Vendor for Your Cybersecurity Future
Cyberattacks aren’t slowing down—they’re getting bolder and smarter. From phishing scams to ransomware outbreaks, the number of incidents has doubled or even tripled year over year. In today’s hybrid, multi-vendor IT landscape, protecting your organization’s digital assets requires choosing the top XDR vendor that can see and stop threats across every possible entry point.

Over the last five years, XDR (Extended Detection and Response) has emerged as one of the most promising cybersecurity innovations. Leading IT analysts agree: XDR solutions will play a central role in the future of cyber defense. But not all XDR platforms are created equal. Success depends on how well an XDR vendor integrates Endpoint Protection Platforms (EPP) and Endpoint Detection and Response (EDR) to detect, analyze, and neutralize threats in real time.

This guide will explain what makes a great XDR vendor and how Seqrite XDR compares to industry benchmarks. It also includes a practical checklist for confidently evaluating your next security investment.

Why Choosing the Right XDR Vendor Matters

Your XDR platform isn’t just another security tool; it’s the nerve center of your threat detection and response strategy. The best solutions act as a central brain, collecting security telemetry from:
- Endpoints
- Networks
- Firewalls
- Email
- Identity systems
- DNS
They don’t just collect this data, they correlate it intelligently, filter out the noise, and give your security team actionable insights to respond faster.

According to industry reports, over 80% of IT and cybersecurity professionals are increasing budgets for threat detection and response. If you choose the wrong vendor, you risk fragmented visibility, alert fatigue, and missed attacks.

Key Capabilities Every Top XDR Vendor Should Offer

When shortlisting top XDR vendors, here’s what to look for:
1. Advanced Threat Detection – Identify sophisticated, multi-layer attack patterns that bypass traditional tools.
2. Risk-Based Prioritization – Assign scores (1–1000) so you know which threats truly matter.
3. Unified Visibility – A centralized console to eliminate security silos.
4. Integration Flexibility – Native and third-party integrations to protect existing investments.
5. Automation & Orchestration – Automate repetitive workflows to respond in seconds, not hours.
6. MITRE ATT&CK Mapping – Know exactly which attacker tactics and techniques you can detect.
Remember, it’s the integration of EPP and EDR that makes or breaks an XDR solution’s effectiveness.

Your Unified Detection & Response Checklist

Use this checklist to compare vendors on a like-for-like basis:
- Full telemetry coverage: Endpoints, networks, firewalls, email, identity, and DNS.
- Native integration strength: Smooth backend-to-frontend integration for consistent coverage.
- Real-time threat correlation: Remove false positives, detect real attacks faster.
- Proactive security posture: Shift from reactive to predictive threat hunting.
- MITRE ATT&CK alignment: Validate protection capabilities against industry-recognized standards.
Why Automation Is the Game-Changer

The top XDR vendors go beyond detection, they optimize your entire security operation. Automated playbooks can instantly execute containment actions when a threat is detected. Intelligent alert grouping cuts down on noise, preventing analyst burnout.

Automation isn’t just about speed; it’s about cost savings. A report by IBM Security shows that organizations with full automation save over ₹31 crore annually and detect/respond to breaches much faster than those relying on manual processes.

The Seqrite XDR Advantage

Seqrite XDR combines advanced detection, rich telemetry, and AI-driven automation into a single, unified platform. It offers:
- Seamless integration with Seqrite Endpoint Protection (EPP) and Seqrite Endpoint Detection & Response (EDR) and third party telemetry sources.
- MITRE ATT&CK-aligned visibility to stay ahead of attackers.
- Automated playbooks to slash response times and reduce manual workload.
- Unified console for complete visibility across your IT ecosystem.
- GenAI-powered SIA (Seqrite Intelligent Assistant) – Your AI-Powered Virtual Security Analyst. SIA offers predefined prompts and conversational access to incident and alert data, streamlining investigations and making it faster for analysts to understand, prioritize, and respond to threats.
In a market crowded with XDR solutions, Seqrite delivers a future-ready, AI-augmented platform designed for today’s threats and tomorrow’s unknowns.

If you’re evaluating your next security investment, start with a vendor who understands the evolving threat landscape and backs it up with a platform built for speed, intelligence, and resilience.
Source link
آگوست 13, 2025
RBI Emphasizes Adopting Zero Trust Approaches for Banking Institutions
In a significant move to bolster cybersecurity in India’s financial ecosystem, the Reserve Bank of India (RBI) has underscored the urgent need for regulated entities—especially banks—to adopt Zero Trust approaches as part of a broader strategy to curb cyber fraud. In its latest Financial Stability Report (June 2025), RBI highlighted Zero Trust as a foundational pillar for risk-based supervision, AI-aware defenses, and proactive cyber risk management.

The directive comes amid growing concerns about the digital attack surface, vendor lock-in risks, and the systemic threats posed by overreliance on a few IT infrastructure providers. RBI has clarified that traditional perimeter-based security is no longer enough, and financial institutions must transition to continuous verification models where no user or device is inherently trusted.

What is Zero Trust?

Zero Trust is a modern security framework built on the principle: “Never trust, always verify.”

Unlike legacy models that grant broad access to anyone inside the network, Zero Trust requires every user, device, and application to be verified continuously, regardless of location—inside or outside the organization’s perimeter.

Key principles of Zero Trust include:
- Least-privilege access: Users only get access to what they need—nothing more.
- Micro-segmentation: Breaking down networks and applications into smaller zones to isolate threats.
- Continuous verification: Access is granted based on multiple dynamic factors, including identity, device posture, location, time, and behavior.
- Assume breach: Security models assume threats are already inside the network and act accordingly.
In short, Zero Trust ensures that access is never implicit, and every request is assessed with context and caution.

Seqrite ZTNA: Zero Trust in Action for Indian Banking

To help banks and financial institutions meet RBI’s Zero Trust directive, Seqrite ZTNA (Zero Trust Network Access) offers a modern, scalable, and India-ready solution that aligns seamlessly with RBI’s vision.

Key Capabilities of Seqrite ZTNA
- Granular access control
  It allows access only to specific applications based on role, user identity, device health, and risk level, eliminating broad network exposure.
- Continuous risk-based verification
  Each access request is evaluated in real time using contextual signals like location, device posture, login time, and behavior.
- No VPN dependency
  Removes the risks of traditional VPNs that grant excessive access. Seqrite ZTNA gives just-in-time access to authorized resources.
- Built-in analytics and audit readiness
  Detailed logs of every session help organizations meet RBI’s incident reporting and risk-based supervision requirements.
- Easy integration with identity systems
  Works seamlessly with Azure AD, Google Workspace, and other Identity Providers to enforce secure authentication.
- Supports hybrid and remote workforces
  Agent-based or agent-less deployment suits internal employees, third-party vendors, and remote users.
How Seqrite ZTNA Supports RBI’s Zero Trust Mandate

RBI’s recommendations aren’t just about better firewalls but about shifting the cybersecurity posture entirely. Seqrite ZTNA helps financial institutions adopt this shift with:
- Risk-Based Supervision Alignment
- Policies can be tailored based on user risk, job function, device posture, or geography.
- Enables graded monitoring, as RBI emphasizes, with intelligent access decisions based on risk level.
- CART and AI-Aware Defenses
- Behavior analytics and real-time monitoring help institutions detect anomalies and conduct Continuous Assessment-Based Red Teaming (CART) simulations.
- Uniform Incident Reporting
- Seqrite’s detailed session logs and access histories simplify compliance with RBI’s call for standardized incident reporting frameworks.
- Vendor Lock-In Mitigation
- Unlike global cloud-only vendors, Seqrite ZTNA is designed with data sovereignty and local compliance in mind, offering full control to Indian enterprises.
Sample Use Case: A Mid-Sized Regional Bank

Challenge: The bank must secure access to its core banking applications for remote employees and third-party vendors without relying on VPNs.

With Seqrite ZTNA:
- Users access only assigned applications, not the entire network.
- Device posture is verified before every session.
- Behavior is monitored continuously to detect anomalies.
- Detailed logs assist compliance with RBI audits.
- Risk-based policies automatically adjust based on context (e.g., denying access from unknown locations or outdated devices).
Result: A Zero Trust-aligned access model with reduced attack surface, better visibility, and continuous compliance readiness.

Conclusion: Future-Proofing Banking Security with Zero Trust

RBI’s directive isn’t just another compliance checklist, it’s a wake-up call. As India’s financial institutions expand digitally, adopting Zero Trust is essential for staying resilient, secure, and compliant.

Seqrite ZTNA empowers banks to implement Zero Trust in a practical, scalable way aligned with national cybersecurity priorities. With granular access control, continuous monitoring, and compliance-ready visibility, Seqrite ZTNA is the right step forward in securing India’s digital financial infrastructure.
Source link
آگوست 11, 2025
How Hackers Use Vector Graphics for Phishing Attacks
Introduction

In the ever-evolving cybersecurity landscape, attackers constantly seek new ways to bypass traditional defences. One of the latest and most insidious methods involves using Scalable Vector Graphics (SVG)—a file format typically associated with clean, scalable images for websites and applications. But beneath their seemingly harmless appearance, SVGs can harbour threatening scripts capable of executing sophisticated phishing attacks.

This blog explores how SVGs are weaponized, why they often evade detection, and what organizations can do to protect themselves.

SVGs: More Than Just Images

SVG files differ fundamentally from standard image formats like JPEG or PNG. Instead of storing pixel data, SVGs use XML-based code to define vector paths, shapes, and text. This makes them ideal for responsive design, as they scale without losing quality. However, this same structure allows SVGs to contain embedded JavaScript, which can execute when the file is opened in a browser—something that happens by default on many Windows systems.

Delivery
- Email Attachments: Sent via spear-phishing emails with convincing subject lines and sender impersonation.
- Cloud Storage Links: Shared through Dropbox, Google Drive, OneDrive, etc., often bypassing email filters.
Fig:1 Attack chain of SVG campaign

The image illustrates the SVG phishing attack chain in four distinct stages: it begins with an email containing a seemingly harmless SVG attachment, which, when opened, triggers JavaScript execution in the browser, ultimately redirecting the user to a phishing site designed to steal credentials.

How the attack works:

When a target receives an SVG attachment and opens an email, the file typically launches in their default web browser—unless they have a specific application set to handle SVG files—allowing any embedded scripts to execute immediately.

Fig2: Phishing Email of SVG campaign

Attackers commonly send phishing emails with deceptive subject lines like “Reminder for your Scheduled Event 7212025.msg” or “Meeting-Reminder-7152025.msg”, paired with innocuous-looking attachments named “Upcoming Meeting.svg” or “Your-to-do-List.svg” to avoid raising suspicion. Once opened, the embedded JavaScript within the SVG file silently redirects the victim to a phishing site that closely mimics trusted services like Microsoft 365 or Google Workspace. As shown in fig.

Fig3: Malicious SVG code.

In the analyzed SVG sample, the attacker embeds a <script> tag within the SVG, using a CDATA section to hide malicious logic. The code includes a long hex-encoded string (Y) and a short XOR key (q), which decodes into a JavaScript payload when processed. This decoded payload is then executed using window.location = ‘javascript:’ + v;, effectively redirecting the victim to a phishing site upon opening the file. An unused email address variable (g.rume@mse-filterpressen.de) is likely a decoy or part of targeted delivery.

Upon decryption, we found the c2c phishing link as

hxxps://hju[.]yxfbynit[.]es/koRfAEHVFeQZ!bM9

Fig4: Cloudflare CAPTCHA gate

The link directs to a phishing site protected by a Cloudflare CAPTCHA gate. After you check the box to verify, you’re human then you’re redirected to a malicious page controlled by the attackers.

Fig5: Office 365 login form

This page embeds a genuine-looking Office 365 login form, allowing the phishing group to capture and validate your email and password credentials simultaneously.

Conclusion: Staying Ahead of SVG-Based Threats

As attackers continue to innovate, organizations must recognize the hidden risks in seemingly benign file formats like SVG. Security teams should:
- Implement deep content inspection for SVG files.
- Disable automatic browser rendering of SVGs from untrusted sources.
- Educate employees about the risks of opening unfamiliar attachments.
- Monitor for unusual redirects and script activity in email and web traffic.
SVGs may be powerful tools for developers, but in the wrong hands, they can become potent weapons for cybercriminals. Awareness and proactive defense are key to staying ahead of this emerging threat.

IOCs

c78a99a4e6c04ae3c8d49c8351818090

f68e333c9310af3503942e066f8c9ed1

2ecce89fa1e5de9f94d038744fc34219

6b51979ffae37fa27f0ed13e2bbcf37e

4aea855cde4c963016ed36566ae113b7

84ca41529259a2cea825403363074538

Authors:

Soumen Burma

Rumana Siddiqui
Source link
آگوست 7, 2025

Shortest route between points in a city – with Python and OpenStreetMap – Useful code

After the article for introduction to Graphs in Python, I have decided to put the graph theory into practice and start looking for the shortest points between points in a city. Parts of the code are inspired from the book Optimization Algorithms by Alaa Khamis, other parts are mine 🙂

The idea is to go from the monument to the church with a car. The flag marks the middle, between the two points.

The solution uses several powerful Python libraries:

OSMnx to download and work with real road networks from OpenStreetMap
NetworkX to model the road system as a graph and calculate the shortest path using Dijkstra’s algorithm
Folium for interactive map visualization

We start by geocoding the two landmarks to get their latitude and longitude. Then we build a drivable street network centered around the Levski Monument using ox.graph_from_address. After snapping both points to the nearest graph nodes, we compute the shortest route by distance. Finally, we visualize everything both in an interactive map and in a clean black-on-white static graph where the path is drawn in yellow.

import shutup shutup.please() import pandas as pd import matplotlib.pyplot as plt import numpy as np import networkx as nx import osmnx as ox import folium

import shutup

shutup.please()

import pandas as pd

import matplotlib.pyplot as plt

import numpy as np

import networkx as nx

import osmnx as ox

import folium

type_of_network = ‘drive’ start_point_name = “Monument Vasil Levski, Sofia, Bulgaria” end_point_name = “Sveti Sedmochislenitsi Church, Sofia, Bulgaria” start_point_geocode = ox.geocode(start_point_name) end_point_geocode = ox.geocode(end_point_name) center_point = ( (start_point_geocode[0]+end_point_geocode[0]) /2, (start_point_geocode[1]+end_point_geocode[1])/2 ) graph = ox.graph_from_point(center_point, dist=1000, network_type=type_of_network) ox.plot_graph( graph, bgcolor=”yellow”, edge_color=”black”, node_color=”black”, edge_linewidth=1, node_size = 50, figsize=(10,10) )

type_of_network = ‘drive’

start_point_name = “Monument Vasil Levski, Sofia, Bulgaria”

end_point_name = “Sveti Sedmochislenitsi Church, Sofia, Bulgaria”

start_point_geocode = ox.geocode(start_point_name)

end_point_geocode = ox.geocode(end_point_name)

center_point = (

(start_point_geocode[0]+end_point_geocode[0]) /2,

(start_point_geocode[1]+end_point_geocode[1])/2

)

graph = ox.graph_from_point(center_point, dist=1000, network_type=type_of_network)

ox.plot_graph(

graph,

bgcolor = ‘yellow’,

edge_color = ‘black’,

node_color = ‘black’,

edge_linewidth=1,

node_size = 50,

figsize=(10,10)

)

Nodes and edges in radius of 1000 meters around the center point

origin_node = ox.distance.nearest_nodes(graph, start_point_geocode[1],start_point_geocode[0]) destination_node = ox.distance.nearest_nodes(graph, end_point_geocode[1],end_point_geocode[0]) fig, ax = ox.plot_graph( graph, bgcolor=”black”, edge_color=”white”, node_color=”white”, edge_linewidth=1, node_size = 50, show = False, close= False ) origin_xy = (graph.nodes[origin_node][‘x’],graph.nodes[origin_node][‘y’]) destination_xy = (graph.nodes[destination_node][‘x’],graph.nodes[destination_node][‘y’]) ax.scatter(*origin_xy, s=80, c=”red”, label = “Origin”, zorder = 3) ax.scatter(*destination_xy, s=80, c=”green”, label = “Destination”, zorder = 3) ax.legend(facecolor = “white”) plt.title(“Graph with Origin (red) and Destination (green) nodes”) plt.show()

origin_node = ox.distance.nearest_nodes(graph, start_point_geocode[1],start_point_geocode[0])

destination_node = ox.distance.nearest_nodes(graph, end_point_geocode[1],end_point_geocode[0])

fig, ax = ox.plot_graph(

graph,

bgcolor = ‘black’,

edge_color = ‘white’,

node_color = ‘white’,

edge_linewidth=1,

node_size = 50,

show = False,

close= False

)

origin_xy = (graph.nodes[origin_node][‘x’],graph.nodes[origin_node][‘y’])

destination_xy = (graph.nodes[destination_node][‘x’],graph.nodes[destination_node][‘y’])

ax.scatter(*origin_xy, s=80, c=“red”, label = “Origin”, zorder = 3)

ax.scatter(*destination_xy, s=80, c=“green”, label = “Destination”, zorder = 3)

ax.legend(facecolor = “white”)

plt.title(“Graph with Origin (red) and Destination (green) nodes”)

plt.show()

Red and green are the nodes, that are the closest to the start and end points.

route = nx.shortest_path(graph, origin_node, destination_node, weight=”length”, method = ‘dijkstra’) route_length_meters = nx.shortest_path_length(graph, origin_node, destination_node, weight=”length”, method = ‘dijkstra’) ox.plot_graph_route(graph, route)

route = nx.shortest_path(graph, origin_node, destination_node, weight = ‘length’, method = ‘dijkstra’)

route_length_meters = nx.shortest_path_length(graph, origin_node, destination_node, weight =‘length’, method = ‘dijkstra’)

ox.plot_graph_route(graph, route)

The closest driving route between the two points is in blue.

The full code is implemented in a Jupyter Notebook in GitHub and explained in the video.

https://www.youtube.com/watch?v=kQIK2P7erAA

GitHub link:

Enjoy the rest of your day! 🙂

Source link

آگوست 3, 2025

Introduction to Graphs in Python – Useful code

Lately, I am reading the book Optimization Algorithms by Alaa Khamis and the chapter 3 – Blind Search Algorithms, has caught my attention. The chapter starts with explaining what graphs are how these are displayed in python and I have decided to make a YT video, presenting the code of the book with Jupyter Notebook.

Trees are different, when we talk about graphs in python

Why graphs? Because they are everywhere:

A road map is a graph
Your social-media friends form a graph
Tasks in a to-do list, with dependables on each other, can be a graph

With Python we can build and draw these structures in just a few lines of code.

Setup

import shutup shutup.please() %matplotlib inline import pandas as pd import matplotlib.pyplot as plt import numpy as np import networkx as nx import hypernetx as hnx plt.rcParams[“figure.figsize”] = (6, 4)

import shutup

shutup.please()

%matplotlib inline

import pandas as pd

import matplotlib.pyplot as plt

import numpy as np

import networkx as nx

import hypernetx as hnx

plt.rcParams[“figure.figsize”] = (6, 4)

Undirected graph

Edges have no arrows
Use it for two‑way streets or mutual friendships.

# Undirected Graph graph = nx.Graph() nodes = list(range(5)) graph.add_nodes_from(nodes) edges = [(0,1),(3,4),(3,0),(3,5),(2,0)] graph.add_edges_from(edges) nx.draw_networkx(graph, font_color = “white”)

# Undirected Graph

graph = nx.Graph()

nodes = list(range(5))

graph.add_nodes_from(nodes)

edges = [(0,1),(3,4),(3,0),(3,5),(2,0)]

graph.add_edges_from(edges)

nx.draw_networkx(graph, font_color = “white”)

Undirected graph

Directed graph

Arrowheads show direction.
Good for “A follows B” but not the other way around.

# Directed Graph digraph = nx.DiGraph() nodes = list(range(5)) edges = [(0,0),(4,0),(1,0),(3,0),(2,0)] digraph.add_nodes_from(nodes) digraph.add_edges_from(edges) nx.draw_networkx(digraph, font_color = “white”)

# Directed Graph

digraph = nx.DiGraph()

nodes = list(range(5))

edges = [(0,0),(4,0),(1,0),(3,0),(2,0)]

digraph.add_nodes_from(nodes)

digraph.add_edges_from(edges)

nx.draw_networkx(digraph, font_color = “white”)

Directed graph

Multigraph

Allows two or more edges between the same nodes.
Think of two train lines that join the same pair of cities.

# Multigraph multigraph = nx.MultiGraph() nodes = list(range(5)) edges = [(0,0),(4,0),(1,0),(1,0),(1,0),(1,0),(1,0),(3,0),(2,0)] multigraph.add_nodes_from(nodes) multigraph.add_edges_from(edges) pos = nx.kamada_kawai_layout(multigraph) ax = plt.gca() for my_edge in multigraph.edges: ax.annotate(“”, xy=pos[my_edge[0]], xycoords=”data”, xytext=pos[my_edge[1]], textcoords=”data”, arrowprops=dict(arrowstyle=”-“, connectionstyle=f”arc3, rad={0.3*my_edge[2]}”),zorder=1) nx.draw_networkx_nodes(multigraph, pos) nx.draw_networkx_labels(multigraph, pos, font_color = “w”)

# Multigraph

multigraph = nx.MultiGraph()

nodes = list(range(5))

edges = [(0,0),(4,0),(1,0),(1,0),(1,0),(1,0),(1,0),(3,0),(2,0)]

multigraph.add_nodes_from(nodes)

multigraph.add_edges_from(edges)

pos = nx.kamada_kawai_layout(multigraph)

ax = plt.gca()

for my_edge in multigraph.edges:

ax.annotate(“”, xy=pos[my_edge[0]], xycoords=‘data’, xytext=pos[my_edge[1]], textcoords=‘data’, arrowprops=dict(arrowstyle=“-“, connectionstyle=f“arc3, rad={0.3*my_edge[2]}”),zorder=1)

nx.draw_networkx_nodes(multigraph, pos)

nx.draw_networkx_labels(multigraph, pos, font_color = “w”)

Multigraph

Directed Acyclic Graph (Tree)

No cycles = no way to loop back.
Used in task schedulers and Git histories.

# Acyclic Graph (Tree) acyclic_graph = nx.DiGraph() nodes = list(range(5)) edges = [(4,0),(1,0),(3,0),(0,2),(2,1)] acyclic_graph.add_nodes_from(nodes) acyclic_graph.add_edges_from(edges) nx.draw_networkx(acyclic_graph, nx.kamada_kawai_layout(acyclic_graph), with_labels= True, font_color = “white”) plt.show() nx.is_directed_acyclic_graph(acyclic_graph)

# Acyclic Graph (Tree)

acyclic_graph = nx.DiGraph()

nodes = list(range(5))

edges = [(4,0),(1,0),(3,0),(0,2),(2,1)]

acyclic_graph.add_nodes_from(nodes)

acyclic_graph.add_edges_from(edges)

nx.draw_networkx(acyclic_graph, nx.kamada_kawai_layout(acyclic_graph), with_labels= True, font_color = “white”)

plt.show()

nx.is_directed_acyclic_graph(acyclic_graph)

Directed Acyclic Graph (Tree)

Hypergraph

One “edge” can touch many nodes.
We simulate it with a bipartite graph: red squares = hyper‑edges.

#Hypergraph data = { “Ivan”:(“Football”,”Maths”,”Dancing”), “Peter”:(“French”,”Spanish”,”Dancing”), “George”:(“Dancing”,”English”,”Advanced French”), “Vitosh”:(“Maths”,”Dancing”,”Spanish”,”Talking”, “YouTube”), } H = hnx.Hypergraph(data) hnx.draw(H)

#Hypergraph

data = {

“Ivan”:(“Football”,“Maths”,“Dancing”),

“Peter”:(“French”,“Spanish”,“Dancing”),

“George”:(“Dancing”,“English”,“Advanced French”),

“Vitosh”:(“Maths”,“Dancing”,“Spanish”,“Talking”, “YouTube”),

}

H = hnx.Hypergraph(data)

hnx.draw(H)

Hypergraph

Weighted Graph

Graph with weights on the edges
Idea for mapping distances between cities on a map

# Weighted Graph weighted_graph = nx.Graph() weighted_graph.add_node(“Sofia”, pos=(0,0)) weighted_graph.add_node(“Plovdiv”, pos=(0,2)) weighted_graph.add_node(“Varna”, pos=(2,0)) weighted_graph.add_node(“Rousse”, pos=(2,2)) weighted_graph.add_weighted_edges_from([(“Sofia”, “Plovdiv”, 200), (“Sofia”,”Varna”,450), (“Plovdiv”,”Rousse”,300)]) pos = nx.get_node_attributes(weighted_graph, ‘pos’) nx.draw_networkx(weighted_graph, pos, with_labels=True) nx.draw_networkx_edge_labels(weighted_graph, pos,edge_labels={(u,v):d[‘weight’] for u,v,d in weighted_graph.edges(data=True)}) plt.show() # make it more beautiful :) nx.draw_networkx(weighted_graph, pos, with_labels=False, node_color=”cyan”) labels = {node: node for node in weighted_graph.nodes()} node_labels = nx.draw_networkx_labels(weighted_graph, pos, labels=labels,font_size = 12) offset = .12 node_labels[“Sofia”].set_position((pos[“Sofia”][0], pos[“Sofia”][1] – offset)) node_labels[“Varna”].set_position((pos[“Varna”][0], pos[“Varna”][1] – offset)) node_labels[“Plovdiv”].set_position((pos[“Plovdiv”][0], pos[“Plovdiv”][1] + offset)) node_labels[“Rousse”].set_position((pos[“Rousse”][0], pos[“Rousse”][1] + offset)) nx.draw_networkx_edge_labels(weighted_graph, pos,edge_labels={(u,v):d[‘weight’] for u,v,d in weighted_graph.edges(data=True)}) plt.show()

# Weighted Graph

weighted_graph = nx.Graph()

weighted_graph.add_node(“Sofia”, pos=(0,0))

weighted_graph.add_node(“Plovdiv”, pos=(0,2))

weighted_graph.add_node(“Varna”, pos=(2,0))

weighted_graph.add_node(“Rousse”, pos=(2,2))

weighted_graph.add_weighted_edges_from([(“Sofia”, “Plovdiv”, 200),

(“Sofia”,“Varna”,450),

(“Plovdiv”,“Rousse”,300)])

pos = nx.get_node_attributes(weighted_graph, ‘pos’)

nx.draw_networkx(weighted_graph, pos, with_labels=True)

nx.draw_networkx_edge_labels(weighted_graph, pos,edge_labels={(u,v):d[‘weight’] for u,v,d in weighted_graph.edges(data=True)})

plt.show()

# make it more beautiful 🙂

nx.draw_networkx(weighted_graph, pos, with_labels=False, node_color = ‘cyan’)

labels = {node: node for node in weighted_graph.nodes()}

node_labels = nx.draw_networkx_labels(weighted_graph, pos, labels=labels,font_size = 12)

offset = .12

node_labels[“Sofia”].set_position((pos[“Sofia”][0], pos[“Sofia”][1] – offset))

node_labels[“Varna”].set_position((pos[“Varna”][0], pos[“Varna”][1] – offset))

node_labels[“Plovdiv”].set_position((pos[“Plovdiv”][0], pos[“Plovdiv”][1] + offset))

node_labels[“Rousse”].set_position((pos[“Rousse”][0], pos[“Rousse”][1] + offset))

nx.draw_networkx_edge_labels(weighted_graph, pos,edge_labels={(u,v):d[‘weight’] for u,v,d in weighted_graph.edges(data=True)})

plt.show()

Weighted Graph

https://www.youtube.com/watch?v=8vnu_5QRC74

🙂

Source link

آگوست 1, 2025

What is a Zero-Day Attack? Zero Day Attacks 2025
What is a Zero-Day Attack?

A zero-day attack is defined as a cyber attack that happens when the vendor is unaware of any flaw or security vulnerability in the software, hardware, or firmware. The unknown or unaddressed vulnerability used in a zero-day attack is called a zero-day vulnerability.

What makes a Zero Day Attack lethal for organizations is

-They are often targeted attacks before the vendor can release the fix for the security vulnerability

– The malicious actor uses a zero-day exploit to plant malware, steal data, or exploit the users, organizations, or systems as part of cyber espionage or warfare.

– They take days to contain, as the fix is yet to be released by the vendors

Examples of Zero-Day Attacks in 2025

As per the India Cyber Threat Report 2025, these are the top zero day attacks identified in 2024, detailing their nature, potential impacts, and associated CVE identifiers.

Ivanti Connect Secure Command Injection (CVE-2024-21887)

A severe remote command execution vulnerability that allows attackers to execute unauthorized shell commands due to improper input validation. While authentication is typically required, an associated authentication flaw enables attackers to bypass this requirement, facilitating full system compromise.

Microsoft Windows Shortcut Handler (CVE-2024-21412)

A critical security bypass vulnerability in Windows’ shortcut file processing. It enables remote code execution through specially crafted shortcut (.lnk) files, circumventing established security controls when users interact with these malicious shortcuts.

Ivanti Connect Secure Server-Side Request Forgery (SSRF) (CVE-2024-21893)

This Server-Side request forgery vulnerability in the SAML component allows attackers to initiate unauthorized requests through the application. Successful exploitation grants access to internal network resources and enables the forwarding of malicious requests, leading to broader network compromise.

Mozilla Firefox Animation Timeline Use-After-Free (CVE-2024-9680)

A use-after-free vulnerability in Firefox’s animation timeline component permits remote code execution when users visit specially crafted websites. This vulnerability can lead to full system compromise, posing significant security risks to users.

How a Zero-day Attack Works?

Step 1: A software code creates a vulnerability without the developer realizing it.

Step 2: A malicious actor discovers this vulnerability and launches a targeted attack to exploit the code.

Step 3: The developer reliazes a security vulnerability in the software yet does not have a patch ready to fix it.

Step 4: The developers release a security patch to close the security vulnerability.

Step 5: The developers deploy the security patch.

The gap between the zero-day attack and the developers deploying a security patch is enough for a successful attack and may lead to a ransomware demand, system infiltration, and sensitive data leak. So how do we protect against

How to Protect Against Zero-Day Attacks?
1. Use behavior-based detection tools such as Endpoint Detection and Response (EDR) or Extended Detection and Response ( XDR)
2. Keep software updated regularly
3. Employ threat intelligence and zero-trust security models
4. Partner with cybersecurity vendors that offer zero-day protection, such as Seqrite.
Source link
جولای 31, 2025
Can Python or Ruby Feel First-Class in the Browser?

Can Python or Ruby Feel First-Class in the Browser?

Source link

جولای 30, 2025

دسته: هسته اصلی سیستم‌عامل

The Myth: Sensitive Data Lives Only in Databases

Myth vs Reality: Why Structured Data is Not the Whole Story

The Challenge Without Complete Discovery

The Importance of Discovering Data Everywhere

Real-World Examples of Compliance Risks from Unseen Data

Closing the Gap: A Proactive Approach to Data Discovery

Bottom Line

Part 1 – Soap in the Chrome Browser Console

Part 2 – Soap with Python and Jupyter Notebook

Why Choosing the Right XDR Vendor Matters

Key Capabilities Every Top XDR Vendor Should Offer

Your Unified Detection & Response Checklist

Why Automation Is the Game-Changer

The Seqrite XDR Advantage

What is Zero Trust?

Seqrite ZTNA: Zero Trust in Action for Indian Banking

Key Capabilities of Seqrite ZTNA

How Seqrite ZTNA Supports RBI’s Zero Trust Mandate

Sample Use Case: A Mid-Sized Regional Bank

With Seqrite ZTNA:

Conclusion: Future-Proofing Banking Security with Zero Trust

Introduction

SVGs: More Than Just Images

Delivery

How the attack works:

Conclusion: Staying Ahead of SVG-Based Threats

IOCs

Setup

Undirected graph

Directed graph

Multigraph

Directed Acyclic Graph (Tree)

Hypergraph

Weighted Graph

What is a Zero-Day Attack?

What makes a Zero Day Attack lethal for organizations is

Examples of Zero-Day Attacks in 2025

How a Zero-day Attack Works?

How to Protect Against Zero-Day Attacks?