August 14, 2022

TSD #002: Cisco Breached - Honest Writeup

Cisco breached by ransomware gang, but not encrypted, 2.8Gb of data stolen.

Hello friend 👋

It’s been a busy week!

I’m still getting used to this new cadence: 2 x YouTube videos per week, this newsletter every Sunday, daily LinkedIn content, and random blog posts. It’s a lot! Thankfully I have a great system for producing all this content. It’s all built using the app Notion and I’ll show it to you when I have time to prepare some behind-the-scenes content.

The highlight of this week has been the reporting from Cisco Talos on their data breach. If you’re new to cyber-security or you want to work in cyber, I recommend staying tuned to the big cyber news stories like this. It’ll give you insight that you won’t get from doing courses and hacking on TryHackMe. Here’s an excerpt from the report:

Initial access to the Cisco VPN was achieved via the successful compromise of a Cisco employee’s personal Google account. The user had enabled password syncing via Google Chrome and had stored their Cisco credentials in their browser, enabling that information to synchronize to their Google account. After obtaining the user’s credentials, the attacker attempted to bypass multifactor authentication (MFA) using a variety of techniques, including voice phishing (aka “vishing”) and MFA fatigue. Source: Cisco Talos.

Microsoft also released their monthly security patches, called Patch Tuesday. If you’ve never heard of Patch Tuesday, it happens every month and it’s where Microsoft try and fix the security bugs in their products. Which are plentiful! Loads of critical vulnerabilities in there. Keep your systems updated and stay safe! Here’s a link to ZDNet’s take on this month’s patching efforts.

Until next week,

Gary ✌️

Fun Things This Week

📽 My New Videos

​Netcat Basics: Netcat is an insanely powerful tool. In this short video, I show you how to set up a listener and then connect to it so you can chat with another person on your local network without using WhatsApp.

Curl Basics: CURL is the tool that powers the Internet. Using a URL? Clicking a link? You’re CURLing. You just don’t know it. I’ll show you how to use it on the command line.

🎙 Podcasts

The SANS Internet Storm Centre, presented by Johannes Ulrich, it's a nice daily (Mon-Fri) podcast that lasts around 5 minutes and gives you a few key events from the world of cyber to pay attention to. This episode covers the Cisco breach:

🎵 Songs

I heard this song on a TV show I was watching. It’s not very often a cover beats the original, but this cover of Ian Brown’s F.E.A.R. by Various Cruelties challenges his crown in my opinion!

⚙️ Products

Not a day goes by when I'm not on a call. A couple of people asked about the unusual mug I was drinking from. I’m the type of person that will make a nice filter coffee and then leave it on a windowsill somewhere to go cold. But that problem vanished when I bought my Ember mug. It sounds ridiculous, but once you experience it, there’s no going back. It’s not just a ‘heated’ mug. It controls the temperature and sets it at whatever temperature you like! Get yours here:

🧵 Thread

Cyber-security is a field where there are plenty of opportunities to think outside the box. This thread from Hassan Bhatti resonated with me this week. A great example of thinking outside the box. Always try and see what is outside the box your mind naturally puts things in.

👾 Cool Tools

Blackbird: Similar to Sherlock and Spiderfoot, Blackbird is an OSINT tool to quickly search for accounts by username across 153 sites.

P.S. Some of the links in this newsletter are affiliate links and help support my content. Thank you for your support! ✌️

More Articles
Subscribe to The Sunday Download

Receive weekly news and insights in your inbox. Don't miss out!

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.