Hello friend 👋

I hope you're well. It's been a busy week in both the cyber landscape and my creative world!

With all that's going on in the world: war in Ukraine, uprisings in Iran, and political turmoil in various countries around the world, the need for a VPN has never been more important. Not just for you and me, but for people in sensitive positions like journalists, activists, and politicians.

Don't worry, this isn't about to turn into an advert for NordVPN.

However, this week, both iOS and Android were found to be still leaking data outside of VPN channels. So if you're an activist in Iran following the women's revolt, your mobile device is making DNS requests and administrative traffic transmissions outside the VPN. This allows the Government to get in on the action and do some clever tracking and interception work. No matter whether you're on iPhone or Android. Vendors have stated that they're aware of the issue but don't appear to be doing much to fix it. This was first reported in iOS back on iOS 13, we're on iOS 16 today. So this has been going on for years. People turning on their VPN, paying a premium for a reputable one, thinking they’re safe. When actually, they're not.

Here's the proof with some Wireshark interception by Mysk when they're using ProtonVPN:

Cisco Talos reported on a new GoLang-based attack framework written in Chinese that works on Windows, Linux and macOS. It's called Alchimist and it has a web interface written in Simplified Chinese which can generate a configured payload, establish remote sessions, deploy payload to the remote machines, capture screenshots, perform remote shellcode execution and run arbitrary commands. Their blog on the framework is worth a read if you're interested in attacker tools!

You can get in touch with me by simply hitting reply. I respond to every email that hits my inbox.

Until next week,

Gary ✌️

‍

Fun Things This Week

📽 My New Video

How to Get a Cyber Security Job WITHOUT EXPERIENCE: I was honoured to be a guest on Ron Sharon's podcast, Midnight Wars, where we talked about how to break into cyber security without experience, what cyber threat intelligence is, and my journey into the cyber security industry! Thanks for having me, Ron! If you'd prefer to listen to this, rather than watch it, I've got a link in the podcast section below 👇

‍

🎙Podcasts

This is a little weird for me. But this week's podcast is Ron Sharon's Midnight Wars podcast. And I'm the guest speaker! My first proper podcast appearance. Do I have an IMDB entry yet? 😂 I had a great chat with Ron and about 60 attendees on LinkedIn Live. I look forward to the next episode of Midnight Wars.

This week on Smashing Security, Graham Cluley discussed some interesting things, including how a couple woke up to find $10.5 million in their cryptocurrency account.

‍

👾 Cool Tools

​Havoc is a modern and malleable post-exploitation command and control framework, created by @C5pider. If you'd like to see the sorts of tools that bad guys and red teams use on engagements, check out what 18-year-old C5pider has made! It's incredible!

‍

SteaLinG is an open-source penetration testing framework designed for social engineering. After the hack, you can upload it to the victim's device and run it. It can even hijack Telegram sessions!

‍

P.S. Some of the links in this newsletter are affiliate links and help support my content. Thank you for your support! ✌️

‍

‍

‍

‍