CyberWeekly 15' June | Issue #3

The only weekly newsletter you'll ever need for cybersecurity by hacklido.

📑 Blog Reads

1. NTLM Deprecated by Microsoft 2024, So let's pentest Kerberos

2. What is HTTP request smuggling?

3. How to Find more Vulnerabilities — Source Code Auditing Explained

4. The Mask - The World’s Most Sophisticated APT Campaign

5. File Inclusion, Path Traversal

---

📹️ Videos

1. APT Malware (advanced persistent threat) By John Hammond

2. Hacking Windows Recall To See Everything By Mental Outlaw

3. Securing the Cloud with Amazon Inspector! By Tyler Ramsbey

4. The Story Of A CSRF Exploit And A Hacker - CSRF introduction By The XSS rat

5. Fuzz Faster with Turbo Intruder By The Cyber Mentor

---

📚 Recommended Reading

1. JavaScript Analysis for Pentesters

2. Malware development blog series

3. Writing a Debugger From Scratch - DbgRs Part 1 - Attaching to a Process

4. Deobfuscating Android ARM64 strings with Ghidra: Emulating, Patching, and Automating

5. Driving forward in Android drivers

---

⚒️ Tools

1. Stepping Stones - A Red Team Activity Hub with interation support of Cobalt Strike

2. Zoom Session Takeover - Cookie Tossing Payloads, OAuth Dirty Dancing, Browser Permissions Hijacking, and WAF abuse

---

🏴 Upcoming CTF Events

1. Google Capture The Flag 2024 - [Export 📅]

   1. Fri, 21 June 2024, 18:00 UTC — Sun, 23 June 2024, 18:00 UTC

   2. On-line - Format: Jeopardy Jeopardy

   3. Official URL: https://g.co/ctf

2. Kryptokaffe CTF 2024 - [Export 📅]

   1. Mon, 17 June 2024, 08:00 UTC — Sun, 21 July 2024, 12:00 UTC

   2. On-line - Format: Hack quest

   3. Official URL: https://www.kryptokaffe.se/

---

📰 News

1. Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability

2. GAO: Federal Agencies Have Implemented Just 65% of Cybersecurity Recommendations

3. Microsoft Chose Profit Over Security and Left U.S. Government Vulnerable to Russian Hack, Whistleblower Says

4. Windows flaw may have been exploited with Black Basta ransomware before it was patched

5. GitHub phishing campaign wipes repos, extorts victims

---

🔬 Research

1. REVS: Unlearning Sensitive Information in Language Models via Rank Editing in the Vocabulary Space

2. Detection-Rate-Emphasized Multi-objective Evolutionary Feature Selection for Network Intrusion Detection

---

Without the sponsors and partners, hacklido wouldn't be where it is now, So we would like to thank them.

Sponsors:

• Your web links goes here!

Community Partners:

• Cyber Security News

• Ethical Hacking Tutorials

• Sysxplore

If you wish to Sponsor / Partner with hacklido and get benefitted? Reach out to us via Twitter / Discord / Telegram and discuss with us!

---