Thank god that’s finally over.
Adobe Flash I mean.
Happy new year everyone.
Strong encryption is key to digital privacy and free speech, yet governments are eager to access your devices and communications instead of securing them. Technologist Bruce Schneier breaks down the new Crypto Wars in our first EFF30 Fireside Chat. https://www.eff.org/deeplinks/2020/12/eff-30-saving-encryption-cryptographer-bruce-schneier
Living off the Land -
The term "living off the land" refers to file-less, malware-less attacks that turn a system's own native tools against them. Bad actors use perfectly legitimate programs and processes to perform malicious activities, thereby blending into a network and hiding among the legitimate processes to pull off a stealthy exploit.
A list of binaries, scripts, and libraries that are often abused in LotL attacks.
Merry Christmas and Happy Holidays from Between The Hacks! www.ckd3.com/blog/christmas2020 https://www.ckd3.com/blog/christmas2020
SANS is doing an emergency webinar tonight about SolarWinds https://www.sans.org/webcasts/emergency-webcast-about-solarwinds-supply-chain-attack-118015
WARNING WARNING WARNING WARNING
This is a long-ass thread, even by my long-ass standards. If you'd prefer to read it on the web, here you go:
WARNING WARNING WARNING WARNING
Security researchers are alarmed: the already-notorious Trickbot malware has been spottied probing infected computers to find out which version of UEFI they're running. This is read as evidence that Trickbot has figured out how to pull off a really scary feat.
Hacking 101 by Humble Bundle and No Starch Press. Get up to 18 deeply discounted hacking e-books, for as little as one dollar while giving to charity. https://www.ckd3.com/blog/hacking101-humblebundle
WOW!! SANS Virtual Summits Will Be FREE for the Community in 2021
Cyber Threat Intelligence Summit
ICS Security Suimit
Purple Team Summit
CloudSec Next Summit
Security Awareness Summit
Cybersecurity Leadership Summit
Cyber Defense Summit |
Threat Hunting Summit
Cloud & DevOps Security 2021
Pen Test HackFest Summit
This week on Between The Hacks: Google used for phishing, the U.K. reveals their National Cyber Force, the state of CISA, ransomware takes over printers, and password managers are needed more than ever. https://www.ckd3.com/blog/bth-news-21nov2020
We infiltrated an IRC botnet. Here’s what we found https://cybernews.com/security/we-infiltrated-an-irc-botnet-heres-what-we-found/
This week on Between the Hacks: Week 5 of Cybersecurity Awareness Month, Trump Campaign site defaced, ransomware threat against U.S. hospitals, a Facebook MFA bypass attack and how to enable MFA on your accounts. https://www.ckd3.com/blog/bth-news-31oct2020
I guess this guy didn't need to have an IQ of 197 since he had 100% of Trump's password. -- Trump's Twitter account hacked after Dutch researcher guessed password https://www.theguardian.com/us-news/2020/oct/22/trump-twitter-hacked-dutch-researcher-password?CMP=share_btn_tw
This week on Between the Hacks, it’s Cybersecurity Awareness Month, potentially steep fines for paying a ransom, a New Jersey hospital pays a ransom to prevent sensitive data leakage, a warning about election misinformation, and a tool to test website privacy. https://www.ckd3.com/blog/bth-news-04oct2020
A Mastodon instance for info/cyber security-minded people.