September 4, 2022

TSD #005: Google puts their money where their mouth is.

Hello friend 👋

Google launched a new programme this week to help secure open source software. Google is one of the biggest open source contributors in the world with nearly 2,500 repositories on GitHub, so this is a pretty big investment/deal for them. If someone finds a bug in any of Google’s open-source software packages, they can get a nice payout. It’s also great for us cyber-security folk and end users too. There have been plenty of huge software supply chain attacks over the past couple of years (SolarWinds & this dependency confusion attack to name two) and we undeniably need more eyes on these repositories.

Unlike the natural world, in software, fewer bugs are better.

If you’re not aware, this is called a Bug Bounty. If you’re interested in hunting for bugs in software, you could sign up for platforms like HackerOne and get paid for the bugs you find. HackerOne has another site that actually teaches you how to hunt for bugs if you have no idea where to start. We all have to start somewhere!

If there is something you’d like me to write about or make a video on, let me know by simply replying to this email.

Until next week,

Gary ✌️

Fun Things This Week

📽 My New Videos

Python Simple Server: When you hack into a computer, you probably want to transfer some hacking tools onto it so you can do more information gathering. The Python simple server is a useful way to host your files so you can transfer them to hosts you've compromised. Let's see how it works!

The ULTIMATE Kali Linux Setup Tutorial: Kali Linux is the go-to when it comes to hacking-focused operating systems and how you set it up matters. Best of all, it’s free! I’ve setup Kali countless times over the years and I'll show you the slickest way in this video.

📽 My First Book Review

When I get time, I love to read. However, because I don’t get much time to read a book, I’m pretty selective when it comes to picking them. If you see a book review in this newsletter or on my site, it’s because I loved it and I think it’s worth a read.

First up: Sandworm by Andy Greenberg

This is a great book for cyber-security beginners all the way up to seasoned professionals. The Russia-based Sandworm group has been targeting Ukraine for years and Andy gives great insight into their operations and impact around the globe. This book was pre-invasion, so it will give you a great insight to the precursors to the current conflict. If you want to know more about what cyber-security looks like on the ground, this is the book for you. Read my full review ->

📰 Notable Articles

Wired published an article that was an adapted excerpt from Josephine Wolff’s book Cyberinsurance Policy: Rethinking Risk in an Age of Ransomware, Computer Fraud, Data Breaches, and Cyberattacks. It talks about cyber-insurance policies and payouts during acts of war, such as what is going on in Ukraine at the moment. Merck famously got $1.4 billion after the NotPetya attack. I found the article really interesting because I’ve had some of these cyber-insurance conversations professionally. If you’re into the Risk Management and Compliance side of cyber-security, I’d add this to your reading list. You can get the full book on Amazon →

🎙Podcasts

A lot of you are either not in cyber-security, or are pretty new to the field. So, I’d like to offer up a podcast that’s a little over a year old and is absolutely riveting. The Lazarus Heist. I know it sounds like a Robert Ludlum novel (The Bourne Identity etc), and it reads like one too! But it’s a story you must know. Did the North Korean government pull off a digital heist of $1 billion? You’ll have to listen to find out!

👾 Cool Tools
  • Michel de Crevoisier added some new maps to his mind maps of Windows event logs. If you’re on the blue team, this will come in handy!
  • Masky is a python library providing an alternative way to remotely dump domain users’ credentials. The tool doesn’t exploit any new vulnerabilities and doesn’t work by dumping the LSASS process memory. It just takes advantage of legitimate Windows and Active Directory features (token impersonation, certificate authentication via Kerberos & NT hashes retrieval via PKINIT). Sounds cool!

P.S. Some of the links in this newsletter are affiliate links and help support my content. Thank you for your support! ✌️

More Articles
Subscribe to The Sunday Download

Receive weekly news and insights in your inbox. Don't miss out!

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.