Projects
LinkedIn Learning – CompTIA Security+ Module 10: Operations and Incident Response | Complete
TryHackMe – Incident Response Framework – Advent of Cyber
UDemy – Python for Cybersecurity – Gitlab
EdX – EC-Council | Network Defense Essentials – In Progress
Videos
Articles
- Pro-Iran Attackers Access Multiple Water Facility Controllers – Multiple agencies warn that attackers have been active since Nov. 22, targeting operational technology (OT) across the US.
- North Korean Hackers Have Stolen Over $3 Billion in Cryptocurrency: Report – Recorded Future calculates that North Korean state-sponsored threat actors are believed to have stolen more than $3 billion in cryptocurrency.
- LogoFAIL: UEFI Vulnerabilities Expose Devices to Stealth Malware Attacks – The Unified Extensible Firmware Interface (UEFI) code from various independent firmware/BIOS vendors (IBVs) has been found vulnerable to potential attacks through high-impact flaws in image parsing libraries embedded into the firmware.
- Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks – Tens of thousands of Microsoft Exchange email servers in Europe, the U.S., and Asia exposed on the public internet are vulnerable to remote code execution flaws.
- Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware – A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department of Justice (DoJ) announced.
- Security flaws in court record systems used in five US states exposed sensitive legal documents – The vulnerabilities allowed public access to restricted, sealed and confidential court filings using only a web browser
- How GitLab’s Red Team automates C2 testing – Learn how to apply professional development practices to Red Teams using open source command and control tools.
- A Decade of Have I Been Pwned – A decade ago to the day, I published a tweet launching what would surely become yet another pet project that scratched an itch, was kinda useful to a few people but other than that, would shortly fade away into the same obscurity as all the other ones I’d launched over the previous couple of decades…
- Nissan Restoring Systems After Cyberattack – Nissan Oceania says it has been working on restoring its systems after falling victim to a cyberattack.
- Hackers breach US govt agencies using Adobe ColdFusion exploit – The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified as CVE-2023-26360 to gain initial access to government servers.
- KidSecurity’s user data compromised after app failed to set password – The open instance contained over 300 million records with private user data, including 21,000 telephone numbers and 31,000 email addresses. The app’s logs also laid bare users’ payment information, exposing the first six and last four digits of credit cards, expiration month and year, and the issuing bank.
- Apple Confirms Governments Using Push Notifications to Surveil Users – Unidentified governments are surveilling smartphone users by tracking push notifications that move through Google’s and Apple’s servers, a US senator warned on Wednesday (via Reuters).
- Privilege elevation exploits used in over 50% of insider attacks – A report by Crowdstrike based on data gathered between January 2021 and April 2023 shows that insider threats are on the rise and that using privilege escalation flaws is a significant component of unauthorized activity.
- US, UK Announce Charges and Sanctions Against Two Russian Hackers – The US and UK announce charges and sanctions against two hackers working with Russia’s FSB security service.
Podcast
- Cyberwire | Ep 1963 | 12.8.23 | Russia here, Russia there, Russia everywhere.