Hello friend đź‘‹
I spent some time this week in London speaking with like-minded individuals about all things cyber-security. It was lovely to meet up with colleagues in real life again. Like many of you, I have been a home worker since the start of the pandemic and have to say, I’ve missed that office lifestyle a bit. So it was nice to be in it for the day for the first time in a few years.
The big news this week is the Uber hack, I’ll cover that once we know a little bit more from their blue team. But the initial access method is eerily similar to the recent Cisco breach where employees were socially engineered to accept the Duo authentication notifications.
I’m also wondering if we’ll see a whole new wave of phishing attacks in the wake of the Queen’s passing. I can see it now: “Greetings from your new King. Click here to sign the book of condolences digitally” or “Click here to get a one-of-a-kind Royal Mail postage stamp with the King’s head on it”. Cybercriminals are typically quick to capitalise on headline-making news. Remember, they don’t need to hack everyone, it’s a bit like sales conversion rates. If 10% of people click on malicious emails, that’s what they care about. They send 1,000,000 emails, 10% will convert, that’s 100,000 potential victims. Just imagine if they get £1 out of each victim! Not bad for a day’s work.
Another interesting thing I’ve been looking at this week is that Microsoft Teams stores authentication tokens in…you guessed…PLAINTEXT. Meaning that an attacker just needs to get onto a victim’s computer and they can take over that account. It’s 2022, Microsoft is one of the richest companies in the world, they sell extremely expensive corporate security tools with their P3 licenses, and this is what we have to live with. People make mistakes, and companies make mistakes. The important thing to remember is that mistakes will continue to be made up and down the supply chain. And both employees and security professionals need to act accordingly. Read more on Bleeping Computer.​
If there is something you’d like me to write about or make a video on, let me know by simply replying to this email.
You can get in touch with me by simply hitting reply. I respond to every email that hits my inbox.
Until next week,
Gary ✌️
Fun Things This Week
đź“˝ My New Videos
Smart Hackers DON'T Use Terminal: The default Terminal is incredibly basic...too basic. Let's upgrade our hacking experience with my favourite multiplexer!
‍
🎙Podcasts
I think we're in agreement that having multi-factor authentication is a good thing. We're better with it than without. In the latest episode of Cybereason's Malicious Life podcast, Roger Grimes states his claims that the sense of security current MFA solutions provides us - is false. It's a great listen, especially in light of current attacks we are seeing across the Internet.
‍
📸 Products
My first videos were shot on my iPhone, but nowadays I use a 4k camera with a full-frame sensor. I need a memory card that can keep up with the sheer amount of data being written to it. The write speeds of cards can be wildly different, so if you need something fast, I highly recommend that you look for cards with the UHS-II designation. I bought this one from Lexar and I can just shoot video effortlessly. No lag. No buffering. It’s practically instant. It’s a small price to pay for something so useful. Especially when it means I don’t miss a shot.
đź‘ľ Cool Tools
- ​SharpImpersonation: A user impersonation tool via token or shellcode injection.
- ​All in One Recon Tool: An easy-to-use python tool to perform DNS recon, subdomain enumeration and much more.
‍
P.S. Some of the links in this newsletter are affiliate links and help support my content. Thank you for your support! ✌️
‍
.svg){kind=small}
.svg){kind=small}