April 2, 2023

TSD #035: Cops are running cybercrime websites!

4 mins

Hello friend 👋

I put a post on LinkedIn about potentially creating some sort of Cyber Threat Intelligence course and it was pretty well received. Keep an eye out for an early sign up announcement!

This week's cyber news:

Cops are running cybercrime sites.

If you are considering testing a DDoS-for-hire service or joining any other cybercrime website, think again. The National Crime Agency has admitted that it runs honeypot hacking websites so they can penetrate cybercrime networks. Read more.

3CX supply chain attack.

We may have narrowly avoided a global supply chain attack after 3CX's software got poisoned, possibly by North Korean threat actors. Read more.

A huge leak about Russian cyber ops.

A data breach at a Russian company offers a rare look into their cyberwar ambitions. More than 5,000 pages of documents from a Moscow-based contractor offer unusual glimpses into planning and training for security services, including the notorious hacking group Sandworm. Read more.

Fun Things

📽️ My Latest Video

I came across a browser extension that will change your life if you're a hacker. Pro or newbie it doesn't matter - this extension is amazing!

🎥 New Equipment

I don't often go on spending sprees. Last week it was keyboards and cameras, this week it's:

​Logitech MX Master 3S for Mac​

I honestly can't believe I've not used this mouse before! I've seen all the YouTube creators using them and finally know why. It's just got an insane amount of features and is a beauty to hold. If you're looking for a new mouse, just buy this thing.

​Felt Desk Mat​

I've been using a little PVC mat for a few years now. It's ok. But I figured since I was redoing my entire interface to the computer, I might as well upgrade the mat too. This felt one was cheap from Amazon and absolutely a great upgrade. It's warmer on your forearms and they don't stick to it, the mouse moves more smoothly and the keystrokes are dampened. Winner.

🎧 24 hr Hacking Playlist

I've created a 24-hour-long playlist of cool music to get you through your OSCP or another late-night hacking session. It's free to listen to on Spotify. It's got infamous tunes from The Matrix, Hackers, Mr Robot, and dozens more!

‍

👾 Cool Tools
​Brayden Park's File Integrity Monitor​

​Brayden Park is a student at Purdue University and a security intern at NineStar Connect. For his summer 2022 project, he wrote a piece of software that monitors either a single computer or a network of computers for changes to a file. It's now available for you to experiment with. Check it out on GitHub.

David Schloss' ADGenny​

​Dahvid Schloss has written a cool PowerShell script that generates a set of random users and populates them into Active Directory. It creates Organizational Units and corresponding groups based on predefined department names and then assigns users to these groups. Users are given randomly generated names, passwords, and titles specific to their department. Very cool! Check it out on GitHub.

‍

See you next week,

Gary

Say hi 👋 on Twitter or LinkedIn

☎️ Book a 1:1 call with me

‍

👋 Ways I can help you

  1. ​Sponsor this newsletter - get in front of 1,500+ infosec readers.
  2. Get daily cyber news - LinkedIn, Twitter, or Telegram.
  3. ​Cyber Career Course - the fastest way to a career in cybersecurity.
  4. ​Take a workshop - learn essential skills to create content.
  5. Have me speak at your event.