Cyber Security Round Up - September 15th, 2023

Android Pentesting, OSINT Guide, Threat Detection, Directory Traversal, Reverse Engineering,Cloud Security and more.

We welcome you to Bi-Monthly newsletter by Hacklido to keep you updated with the latest Infosec trends around the globe.

⚡ Sponsored by - Your Sponsor Message Goes here! Reach us to talk about this more! Discord | Twitter | Telegram

---

📑 15 Blog Reads

1. Android Pentesting Series — I : Configuring The Android Emulator/Device With Proxy (Burp)

2. A Beginners Guide to OSINT | Day1 of 30DaysOfOSINT

3. My debut with a Critical Bug: How I found my first bug (API misconfiguration)

4. Android Pentesting Series — II : Setting up the CA Certs For Intercepting Web Traffic

5. What and What' Not to expect from OSINT | Day2 of 30DaysOfOSINT

6. Ensuring Smooth Operations: Navigating Cloud Security for Small Businesses

7. The OSINT Cycle: Getting familiar with process of data collection and analysis | Day3 of 30DaysOfOSINT

8. "The Cybersecurity Chronicles: Part 1 – Getting Started with Google's Certificate"

9. The OSINT Approaches | Day4 of 30DaysOfOSINT

10. Insider Threat Detection in AWS Cloud using Data Mining

11. Exploring the Power of OSINT: Use Cases in Various Fields of Cybersecurity | Day5 of 30DaysOfOSINT

12. Finding Clues in the Past: Unveiling Vulnerabilities with Wayback-Machine.

13. Reverse Engineering — Analyzing Headers

14. Directory Traversal in Web App Penetration Testing | 2023

15. Beyond the Screen: The Hidden World of Firmware Security

---

📹️ 5 Videos

1. Getting Started with Command Injection by @TCMSecurityAcademy

2. Bug Bounty Stories (EP1): Hacking An Online Casino by @NahamSec

3. The Discovery of Zenbleed by @LiveOverflow

4. Critical Thinking - A Bug Bounty Podcast by @criticalthinkingpodcast

5. Watch How To Pivot Through a Network with Chisel by @_JohnHammond

---

🧵 5 Twitter Threads

1. Top 4 tools to automate SQL Injection vulnerabilities! by @intigriti

2. IDOR vulnerability by @atomiczsec

3. Bug Bounty by @Rhynorater

4. What is Identity & Access Management? by @caljhud

5. Check out this new article that explores call stacks. by @elasticseclabs

---

📚 5 Recommended Reading

1. Deep Dive Into Windows Diagnostic Data & Telemetry (EventTranscript.db) - PART 1

2. Deep Dive Into Windows Diagnostic Data & Telemetry (EventTranscript.db) - PART 2

3. How Cross-Site Frame Counting Exposes Private Repositories on GitHub

4. Best WAF solutions in 2023 - real-world comparison

5. Exploring Vulnerability Classes in Single Sign-On (SSO) Implementation

---

⚒️ 2 Tools

1. Dosinator - DoSinator is a versatile Denial of Service (DoS) testing tool developed in Python.

2. DorXNG - DorXNG is a modern solution for harvesting OSINT data using advanced search engine operators through multiple upstream search providers.

---

🏴 3 Upcoming CTF Events

1. SunshineCTF 2023

   • Mode: Online

   • Date: 07th October 2023

   • Duration: 48 Hours

2. ASIS CTF Quals 2023

   • Mode: Online

   • Date: 22nd September 2023

   • Duration: 24 Hours

3. vsCTF 2023

   • Mode: Online

   • Date: 23rd September 2023

   • Duration: 24 Hours

---

📰 News

1. Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks

2. Cisco security appliance 0-day is under attack by ransomware crooks

3. Cisco warns of VPN zero-day exploited by ransomware gangs

---

💼 Jobs

1. Company - Spry Methods

   Role - Cybersecurity Analyst

   Location - Washington, DC (Remote)

   Click here to Apply

2. Company - Multi Recruit

   Role - Network Security Engineer

   Location - India (Remote)

   Click here to Apply

---

Without the sponsors and partners hacklido wouldn't be where it is now, So we would like to thank them.

Sponsors:

• Your web links goes here!

Community Partners:

• Cyber Security News

• Ethical Hacking Tutorials

• Sysxplore

If you wish to Sponsor / Partner with hacklido and get benefitted? Reach out to us via Twitter or Discord and discuss with us!

---