Under the Weather (Taxonomy?), Beating Roulette, Monitoring Macs, & XBMC Glory Days – PSW #781
In the security news: Blizzards, Sleet, Typhoons, Sandstorms and Tsunamis, masking your car stealing tech in a Nokia phone, kill -64, Google doesn't want to fix an RCE, hijacking packages, monitoring macs, beating Roulette, lame advice from Microsoft, are post-authentication vulnerabilities even vulnerabilities?, Ghosts, burpgpt, and do you trust Google? All that and more on this episode of Paul’s Security Weekly.
Announcements
Join us at an upcoming Official Cyber Security Summit in a city near you! This series of one-day, invitation-only, executive level conferences are designed to educate senior cyber professionals on the latest threat landscape. We are pleased to offer our listeners $100 off admission when you use code SecWeek23 to register. Visit securityweekly.com/cybersecuritysummit to learn more and register today!
Hosts
- 1. wireproxy
Use WireGuard without root privs!
- 2. debugHunter – Chrome Extension
"Discover hidden debugging parameters and uncover web application secrets"
- 3. Living Off The Land Drivers
"Today, we are excited to announce the release of the Living Off The Land Drivers project. This project aims to consolidate as many vulnerable and malicious drivers as possible into a single location, making it accessible for everyone to find and learn from."
- 4. CryptoClippy Speaks Portuguese
Real-time clipboard monitoring and shenanigans. Scary!
- 5. Technical analysis of the Genesis Market
Some interesting analysis of the Genesis market software and related malware, Chrome extensions, etc.
- 6. GreyNoise – Introducing IP Similarity
GreyNoise is starting to introduce some REALLY cool features on their platform, using large scale data analysis and ML models. IP Similarity is exactly what it sounds like: "show me other IPs exhibiting the same behavior as this"
- 7. Harnessing the Power of AI in AWS Pentesting.pdf
A bit disappointed in the limited imagination here, but it's a very practical set of examples. Mostly focusing on the fact that ChatGPT enables a pen tester to 'just-in-time' learn any tool's cli or generate code they need during a pen test. Just-in-time cheatsheets for most anything (as long as it existed before September 2021, that is).
- 8. 64 Methods For Execute Mimikatz(RTC0003)
Wondering why mimikatz is still an issue for defenders and a core attacker tool? Check this out.
- 9. APT28 Exploits Known Vulnerability to Carry Out Reconnaissance and Deploy Malware on Cisco Routers
Do these show notes support facepalm emoji? 1. it has been a best practice for 20+ years not to expose administrative services to the public Internet 2. the vuln being exploited is nearly SIX YEARS OLD 3. come on people