Cyber Security Round Up - September 30th, 2023

Android Pentesting, OSINT Guide, Web Security, Bug Bounty, Data Breaches, Malware Analysis and more.

We welcome you to Bi-Monthly newsletter by Hacklido to keep you updated with the latest Infosec trends around the globe.

⚡ Sponsored by - Your Sponsor Message Goes here! Reach us to talk about this more! Discord | Twitter | Telegram

---

📑 15 Blog Reads

1. My debut with a Critical Bug: How I found my first bug (API misconfiguration)

2. Cisco's Historic $28 Billion Acquisition of Splunk in Cash

3. Android Pentesting Series — I : Configuring The Android Emulator/Device With Proxy (Burp)

4. Finding Clues in the Past: Unveiling Vulnerabilities with Wayback-Machine

5. Revealing Deepfakes with Blockchain

6. Beyond the Screen: The Hidden World of Firmware Security

7. Mastering OSINT: Building the Ultimate Environment for Open Source Intelligence

8. Android Pentesting Series — II : Setting up the CA Certs For Intercepting Web Traffic

9. The Cybersecurity Chronicles: Part 1 – Getting Started with Google's Certificate

10. Directory Traversal in Web App Penetration Testing | 2023

11. Exploring the Power of OSINT: Use Cases in Various Fields of Cybersecurity

12. Should employees use their own devices at work?

13. Setting up your own VM for OSINT

14. Insider Threat Detection in AWS Cloud using Data Mining

15. Ransomware in Focus: Akira

---

📹️ 5 Videos

1. Find and Exploit Server-Side Template Injection (SSTI) by @TCMSecurityAcademy

2. Bug Bounty Stories (EP2): Hacking a Prison by @NahamSec

3. Hacker Tweets Explained by @LiveOverflow

4. Mobile Hacking Maestro Sergey Toshin by @criticalthinkingpodcast

5. Learn how to Run ANY Linux Program In Memory by @_JohnHammond

---

🧵 5 Twitter Threads

1. CVE-2023-36845 by @HackerGautam

2. Learn about The ESPIONAGE MALWARE by @RedHatPentester

3. Learn How Unicodes can be used to takeover accounts and bypass block lists by @vidocsecurity

4. Get familiar with BugBounty by @gregxsunday

5. What is the vulnerability in this code? by @vidocsecurity

---

📚 5 Recommended Reading

1. Getting Started with ProjectDiscovery in Linux and Windows

2. 10 best practices for securely developing with AI

3. Critical WebP 0-day security CVE-2023-4863 impacts wider software ecosystem

4. Thinking Like an Attacker: Balancing Offensive and Defensive Cyber Tactics

5. What is this re-entrancy attack and how to find, explore and report such vulnerability?

---

⚒️ 2 Tools

1. AttackGen - AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework.

2. GPTFuzz - GPTFUZZER is a Red Teaming Large Language Model with Auto-Generated Jailbreak Prompts.

---

🏴 3 Upcoming CTF Events

1. Balsn CTF 2023

   • Mode: Online

   • Date: 07th October 2023

   • Duration: 48 Hours

2. BlackHat MEA CTF Qualification 2023

   • Mode: Online

   • Date: 08th October 2023

   • Duration: 24 Hours

3. Hack.lu CTF 2023

   • Mode: Online

   • Date: 13th October 2023

   • Duration: 48 Hours

---

📰 News

1. Discord is investigating cause of ‘You have been blocked’ errors

2. Millions of Exim mail servers exposed to zero-day RCE attacks

3. New Trojan ZenRAT masquerades as Bitwarden Password Manager

4. Who’s Behind the 8Base Ransomware Website?

5. DarkBeam leaks billions of email and password combinations

---

💼 Jobs

1. Company - ChartMogul

   Role - Security Engineer

   Location - EU (Remote)

   Click here to Apply

2. Company - Crosslake Technologies

   Role - Penetration Testing Consultant

   Location - India (Remote)

   Click here to Apply

---

Without the sponsors and partners hacklido wouldn't be where it is now, So we would like to thank them.

Sponsors:

• Your web links goes here!

Community Partners:

• Cyber Security News

• Ethical Hacking Tutorials

• Sysxplore

If you wish to Sponsor / Partner with hacklido and get benefitted? Reach out to us via Twitter or Discord and discuss with us!

---

Thank you for reading till here. If you loved the newsletter, don't forget to subscribe for getting such newsletter straight into your inbox. Happy Learning with 🤍 hacklido 💙