TryHackMe – Advent of Cyber 2023 | Day 16

I ran all the way through this once, to make sure I understood it enough to do a video of it then the second time through it didn’t work. As much as I would like to go back a third time I just don’t have time today. So here is the official tryhackme video and a screenshot to show I actually did complete it.

Weekly Cybersecurity Wrap-up 12/11/23

Projects

TryHackMe – Advent of Cyber

UDemy – Python for Cybersecurity – Gitlab – COMPLETE

EdX – EC-Council | Network Defense Essentials – In Progress

Videos

Top Five Cybersecurity Predictions for 2024 – The cybersecurity industry continues to face many challenges, including shortages of skilled security personnel, record-level ransomware attacks, and increased risks associated with modern attack surfaces. However, investments in security products and services continue to remain strong, including AI-fueled threat prevention, zero trust security, managed detection and response (MDR), and more. So, what does next year have in store for the cybersecurity industry? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he shares his top five cybersecurity predictions for 2024.

Articles

New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices – Tracked as CVE-2023-45866, the issue relates to a case of authentication bypass that enables attackers to connect to susceptible devices and inject keystrokes to achieve code execution as the victim.
HACKTIVISTS HACKED AN IRISH WATER UTILITY AND INTERRUPTED THE WATER SUPPLY – Threat actors launched a cyberattack on an Irish water utility causing the interruption of the power supply for two days.
Kelvin Security hacking group leader arrested in Spain – The Spanish police have arrested one of the alleged leaders of the ‘Kelvin Security’ hacking group, which is believed to be responsible for 300 cyberattacks against organizations in 90 countries since 2020.
Apple: 2.5B Records Exposed, Marking Staggering Surge in Data Breaches – Data breaches are rapidly accelerating, according to a number-crunching report from Apple this week — heightening the need to finally implement end-to-end data encryption.
Counter-Strike 2 HTML injection bug exposes players’ IP addresses – Valve has reportedly fixed an HTML injection flaw in CS2 that was heavily abused today to inject images into games and obtain other players’ IP addresses.
Multiple Ohio schools receive threats, believed to be Russian hackers, saying bombs are in schools – Schools in Ohio have received threats of multiple explosives inside American schools. via DataBreaches.net
Over 1,450 pfSense servers exposed to RCE attacks via bug chain – Roughly 1,450 pfSense instances exposed online are vulnerable to command injection and cross-site scripting flaws that, if chained, could enable attackers to perform remote code execution on the appliance.
Cloud engineer gets 2 years for wiping ex-employer’s code repos – Miklos Daniel Brody, a cloud engineer, was sentenced to two years in prison and a restitution of $529,000 for wiping the code repositories of his former employer in retaliation for being fired by the company.
Cyberattack Cripples Ukraine’s Largest Telecom Operator – Kyivstar, the largest mobile network operator in Ukraine, was hit by a massive cyberattack on Tuesday, disrupting mobile and internet communications for millions of citizens.
Ukrainian military says it hacked Russia’s federal tax agency – The Ukrainian government’s military intelligence service says it hacked the Russian Federal Taxation Service (FNS), wiping the agency’s database and backup copies.
UBIQUITI USERS CLAIM TO HAVE ACCESS TO OTHER PEOPLE’S DEVICES – Users of Ubiquiti WiFi products started reporting that they are accessing other people’s devices when logging into their accounts.
New Security Vulnerabilities Uncovered in pfSense Firewall Software – Patch Now – Multiple security vulnerabilities have been discovered in the open-source Netgate pfSense firewall solution called pfSense that could be chained by an attacker to execute arbitrary commands on susceptible appliances.
Food Giant Kraft Heinz Targeted by Ransomware Group – A ransomware group claims to have breached the systems of Kraft Heinz, but the food giant says it’s unable to verify the claims.
Ex-Amazon engineer pleads guilty to hacking crypto exchanges – Former Amazon security engineer Shakeeb Ahmed pleaded guilty this week to hacking and stealing over $12.3 million from two cryptocurrency exchanges in July 2022.

Podcasts

Cyberwire – Ep 1964 | 12.11.23 – China sets sights on US critical infrastructure.

TryHackMe – Advent of Cyber 2023 | Day 15

Phishing, Programming, ML

TryHackMe – Advent of Cyber 2023 | Day 14

Machine Learning and Python

TryHackMe – Advent of Cyber 2023 | Day 13

Firewalls!

TryHackMe – Advent of Cyber 2023 | Day 12

TryHackMe – Advent of Cyber 2023 | Day 11

TryHackMe – Advent of Cyber 2023 | Day 10

I completed day 10, but I was having so much trouble re-ruining through the examples a second time (machine timeouts, and copy paste issues) that I gave up recording my own experience. It wasn’t pretty. Instead I recommend you follow the video below instead today.

Thats Day 10 in the bag. I’m a day behind, but I hope to catch up this week.

TryHackMe – Advent of Cyber 2023 | Day 9

Weekly Cybersecurity Wrap-up 12/4/23

Projects

LinkedIn Learning – CompTIA Security+ Module 10: Operations and Incident Response | Complete

TryHackMe – Incident Response Framework – Advent of Cyber

UDemy – Python for Cybersecurity – Gitlab

EdX – EC-Council | Network Defense Essentials – In Progress

Videos

Articles

Pro-Iran Attackers Access Multiple Water Facility Controllers – Multiple agencies warn that attackers have been active since Nov. 22, targeting operational technology (OT) across the US.
North Korean Hackers Have Stolen Over $3 Billion in Cryptocurrency: Report – Recorded Future calculates that North Korean state-sponsored threat actors are believed to have stolen more than $3 billion in cryptocurrency.
LogoFAIL: UEFI Vulnerabilities Expose Devices to Stealth Malware Attacks – The Unified Extensible Firmware Interface (UEFI) code from various independent firmware/BIOS vendors (IBVs) has been found vulnerable to potential attacks through high-impact flaws in image parsing libraries embedded into the firmware.
Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks – Tens of thousands of Microsoft Exchange email servers in Europe, the U.S., and Asia exposed on the public internet are vulnerable to remote code execution flaws.
Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware – A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department of Justice (DoJ) announced.
Security flaws in court record systems used in five US states exposed sensitive legal documents – The vulnerabilities allowed public access to restricted, sealed and confidential court filings using only a web browser
How GitLab’s Red Team automates C2 testing – Learn how to apply professional development practices to Red Teams using open source command and control tools.
A Decade of Have I Been Pwned – A decade ago to the day, I published a tweet launching what would surely become yet another pet project that scratched an itch, was kinda useful to a few people but other than that, would shortly fade away into the same obscurity as all the other ones I’d launched over the previous couple of decades…
Nissan Restoring Systems After Cyberattack – Nissan Oceania says it has been working on restoring its systems after falling victim to a cyberattack.
Hackers breach US govt agencies using Adobe ColdFusion exploit – The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified as CVE-2023-26360 to gain initial access to government servers.
KidSecurity’s user data compromised after app failed to set password – The open instance contained over 300 million records with private user data, including 21,000 telephone numbers and 31,000 email addresses. The app’s logs also laid bare users’ payment information, exposing the first six and last four digits of credit cards, expiration month and year, and the issuing bank.
Apple Confirms Governments Using Push Notifications to Surveil Users – Unidentified governments are surveilling smartphone users by tracking push notifications that move through Google’s and Apple’s servers, a US senator warned on Wednesday (via Reuters).
Privilege elevation exploits used in over 50% of insider attacks – A report by Crowdstrike based on data gathered between January 2021 and April 2023 shows that insider threats are on the rise and that using privilege escalation flaws is a significant component of unauthorized activity.
US, UK Announce Charges and Sanctions Against Two Russian Hackers – The US and UK announce charges and sanctions against two hackers working with Russia’s FSB security service.

Podcast

Cyberwire | Ep 1963 | 12.8.23 | Russia here, Russia there, Russia everywhere.