Aug 28, 2016

Cybersec Brief w/c 22nd August 2016

Selected cybersecurity events of the week commencing Monday 22nd August 2016.

NASA having security issues, iOS 0-days seen in the wild an some things about crypto-currencies.



Tools, Techniques & Procedures

Major update for exploit development toolkit Pwntools
http://www.theregister.co.uk/2016/08/24/major_update_drops_for_popular_pwntools_penetration_showbag/


Cybercrime

Research & Reports

AskMeAnything with game hacking book author
https://www.reddit.com/r/netsec/comments/4yqjis/i_am_nick_cano_author_of_game_hacking_developing/





Aug 21, 2016

Cybersec Brief w/c 15th August 2016

Selected cybersecurity events of the week commencing Monday 15th August 2016.

Potential NSA tools & exploits being leaked and the German Intelligence Agency challenging applicants with a reverse engineering puzzle.



Tools, Techniques & Procedures

Monitoring WMI to catch WMI attacks
https://www.fireeye.com/blog/threat-research/2016/08/wmi_vs_wmi_monitor.html

[GERMAN] German intelligence agency puts reverse engineering challenge online for applicants
http://www.bnd.bund.de/DE/Karriere/Reversing_Challenge/Reversing_Challenge_node.html


Cybercrime

Munich shooting gun dealer suspect arrested
http://www.thelocal.de/20160816/man-who-sold-gun-to-munich-shooter-arrested-in-marburg

'ShadowBrokers' offering potential Equation Group (NSA?) tools and exploits for highest bidder
https://www.riskbasedsecurity.com/2016/08/the-shadow-brokers-lifting-the-shadows-of-the-nsas-equation-group/


Research & Reports

Cisco to cut 5,500 jobs as revenue drops by 2%
https://www.theguardian.com/technology/2016/aug/17/cisco-systems-to-sack-fifth-of-global-workforce-says-report

Powershell to be ported to Linux & Mac and becoming Open-Source
http://www.theregister.co.uk/2016/08/18/microsoft_brings_powershell_to_linux_and_mac_publishes_as_open_source/




Aug 14, 2016

Cybersec Brief w/c 8th August 2016

Selected cybersecurity events of the week commencing Monday 8th August 2016.

A busy week in the wake of Defcon and Blackhat 2016. Bug bounties on the rise and smart machines automating vulnerability discovery and patching.


Tools, Techniques & Procedures

A collection of multiple years' worth of DefconCTFs
Enough brainteasers for the rainy autmn season.
http://fuzyll.com/2016/the-defcon-ctf-vm/


Cybercrime

Malware-infected USB sticks sent out by o2 UK
An interesting case of a supply chain attack? 
http://www.theregister.co.uk/2016/08/08/o2_sent_customers_a_windows_virus_on_usb_pens/


Research & Reports

Collection of Defcon 2016 presentations
https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/

Bugcrowd AskUsAnything
Prominent bug bounty platform opens up for questions

Vulnerability might leave big parts of the internet open to 'Man-In-The-Middle' attack
Even if attacker is not sitting along the traffic route 

AskUsAnything with people behind Mayhem, 'AI' winning Darpa's Grand Cyber Challenge 2016
Mayhem was designed to identify and patch vulnerabilities automatically. Good bye, Pentesters!

Insights on bug bounties from a successful, long-term bug hunter




Aug 7, 2016

Cybersec Brief w/c 1st August 2016

Selected cybersecurity events of the week commencing Monday 1st August 2016.

Tools, Techniques & Procedures

Dark Web OSINT automation with python and OnionScan
In-depth description and coding tutorial in python.
http://www.automatingosint.com/blog/2016/07/dark-web-osint-with-python-and-onionscan-part-one/

FireEye releases Fakenet-NG to provide malware analysts and Pentesters with a configurable traffic interception framework
https://github.com/fireeye/flare-fakenet-ng

A multiplayer framework for Pentesters during engagements
Make Pentesting a gamified collaborative effort and maximize the synergies of Pentesters working together.
https://www.faradaysec.com/

Salesforce releases Vulnreport, a tool to automate Pentest / Vulnerability Management reporting
The tool is meant to help Pentesters increase efficiency and focus on the testing rather than the reporting.
https://medium.com/salesforce-open-source/introducing-vulnreport-b3ad324411a1#.mrys1asz0
http://vulnreport.io/


Cybercrime

FossHub hacked - Software Audacity & Classic-Shell was bundled with malware
http://www.infosecisland.com/blogview/24798-FossHub-Hacked-Distributes-Malware-Packed-Audacity-and-Classic-Shell.html


Research & Reports

FireEye releases ICS Vulnerability Trend Report
https://www2.fireeye.com/rs/848-DID-242/images/ics-vulnerability-trend-report-final.pdf

IBM claims to have created artificial spiking neurons, opening possible advancements in AI 
http://www.theregister.co.uk/2016/08/03/ibm_phase_change_material_neuron_modelling/

High frequency bug hunting: 120 bugs in 120 days. A report
https://shubs.io/high-frequency-security-bug-hunting-120-days-120-bugs/





Aug 1, 2016

Cybersec Brief w/c 25th July 2016

Selected cybersecurity events of the week commencing Monday 25th July 2016.

Tools, Techniques & Procedures

FireEye releases tool-roundup about some frequently used Red Teaming tools.
The round-up covers multiple phases of a Red Team engagement.
https://www.fireeye.com/blog/threat-research/2016/07/red_team_tool_roundup.html

Nettitude consultants release PoshC2, a Powershell C2 post exploitation framework for Red Teaming.
The functionality and features are similar to Empire and CobaltStrike's Beacon.
https://github.com/nettitude/PoshC2

A 5-step how-to on how to get your Threat hunting team going.
http://www.darkreading.com/vulnerabilities---threats/how-to-roll-your-own-threat-intelligence-team/a/d-id/1326445?

A project dedicated to Threat hunting including various IoCs and tips.
http://www.threathunting.net/

Geo-Politics

US Democratic National Comittee hacked. Unconfirmed rumors say Russians are behind the attack.
https://www.theguardian.com/us-news/2016/jul/26/russia-hackers-democratic-national-committee-email-leak

German shooter buys gun on Darknet and lures victims in via hacked Facebook account.
http://www.networkworld.com/article/3099197/security/german-shooter-hacked-facebook-account-to-lure-victims-bought-gun-on-dark-net.html