Every week I post what I have been working on in my journey to learn more about cybersecurity and hopefully land a job in the field. I hope these post can help others on their cyber journeys.
- Colorado Dept. of Higher Education Hit With Massive Data Breach – Last week, the department uncovered a data breach that occurred back in June stemming from what it deems to be a cybersecurity ransomware incident.
- North Korean hackers ‘ScarCruft’ breached Russian missile maker – The North Korean state-sponsored hacking group ScarCruft has been linked to a cyberattack on the IT infrastructure and email server for NPO Mashinostroyeniya, a Russian space rocket designer and intercontinental ballistic missile engineering organization.
- Ransomware Victims Surge as Threat Actors Pivot to Zero-Day Exploits – Threat actors such as the operators of the Cl0p ransomware family increasingly exploit unknown and day-one vulnerabilities in their attacks.
- New ‘Deep Learning Attack’ Deciphers Laptop Keystrokes with 95% Accuracy – A group of academics has devised a “deep learning-based acoustic side-channel attack” that can be used to classify laptop keystrokes that are recorded using a nearby phone with 95% accuracy.
- Tunnel Vision: CloudflareD AbuseD in the WilD – Cloudflared is functionally very similar to ngrok, an ingress-as-a-service tool that’s been used by TAs for quite some time now. However, Cloudflared differs from ngrok in that it provides a lot more usability for free, including the ability to host TCP connectivity over Cloudflared. Additionally, Cloudflared provides the full suite of Access controls, Gateway configurations, Team Management, and User Analytics.
- Darknet Diaries 136: TEAM XECUTER – Team Xecuter was a group involved with making and selling modchips for video game systems. They often made mods that allowed the video game system to rip games or play pirated games. It was a crowd favorite in the modding scene. Until it all fell apart.
- Smashing Security 334: Acoustic attacks, and the tears of a crypto rapper
- TryHackMe – SOC Level 1 (61% Complete)
- Wazuh – Complete