April 30, 2023

TSD #039: Unleash the AI Task Force

3 mins

Presented by PraiseHive

Collecting customer testimonials has never been easier! I've been using PraiseHive for a few weeks, and it has quickly become my favourite way to collect reviews. It has a clean user interface, is easy to set up, and comes with a generous free plan. If you need to capture testimonials, sign up for free.

‍


‍

Hello friend 👋

I hope you had a good week and that the week ahead looks promising! It's unseasonably chilly here in the UK at the moment, so I'm not getting as much time in the garden as I'd like to, but I'm hoping that will change soon. If you can send any sun my way...I'll take it!

A core part of what I talk about online is to do with 'building public proof' or 'building in public'. If you're trying to get into information security or even if you're in already and are looking for new opportunities, building in public is a great way to separate you from the competition. I spoke with a member of The Sunday Download in December last year and suggested they create a Cyber Threat Intelligence blog. Last week they told me they landed their first Cyber Threat Intelligence role! Let's all give them a round of applause for executing this one flawlessly! 👏👏👏

This week's cyber news:

Google adds cloud backup for 2FA

I didn't enjoy using Google Authenticator because it was a nightmare when I moved to a new phone. Having to remove 2FA from all those accounts and then set it all up again. But all that's changed! Read more.

The USA creates an AI Task Force

A newly formed task force has the objective of safeguarding the country against security risks brought about by the latest advancements in AI technology, such as ChatGPT, while also exploring the potential use of such technologies in law enforcement. Read more.

Fun Things

🕷️ My Latest Video
Crawling Web Servers: Burp Suite vs Katana

I may have had a little bit of fun making the thumbnail for this week's video! If you're doing OSINT or cyber, you'll want to see Katana in action. It's super simple and lightweight compared to Burp Suite. Watch on YouTube.

‍

👾 Cool Tools

BlackBird

If you're an OSINT analyst, don't be shy of the command line. BlackBird is a tool that lets you search for accounts by username across 581 sites, there is a GUI and PDF report too if you need that. Check it out on GitHub.

ScareCrow

ScareCrow is a payload creation framework for side loading (not injecting) into a legitimate Windows process (bypassing Application Whitelisting controls). Once the DLL loader is loaded into memory, it utilises a technique to flush an EDR’s hook out of the system DLLs running in the process's memory. Filthy stuff! Check out v5 on GitHub.

🚀 Jobs
IT Security Engineer

Must be able to make it into the London office a couple of times a month. £45-50k. VERY hands-on role working with the entire security stack: SIEM, IAM, PAM, AD, NGFW, Jamf, all of it! Check out my LinkedIn post for more if you're keen.

‍

See you next week,

Gary

Say hi 👋 on Twitter or LinkedIn

☎️ Book a 1:1 call with me

‍

👋 Ways I can help you

  1. ​Sponsor this newsletter - get in front of 1,500+ infosec readers.
  2. Get daily cyber news - LinkedIn, Twitter, or Telegram.
  3. ​Cyber Career Course - the fastest way to a career in cybersecurity.
  4. ​Take a workshop - learn essential skills to create content.
  5. Have me speak at your event.