CyberWeekly 22' June | Issue #4
VDPS for career launch, LSASS decryption, Nmap port scanning. Anonymity with ProxyChains, TOR, Kali Linux, Kaspersky ban, major breaches, and cutting-edge tools.
📑 Blog Reads
📹️ Videos
The US Bans Kaspersky By Mental Outlaw
Pentesting Diaries 0x1 - SQL Injection By HackerSploit
My Favorite Ethical Hacking Books By NahamSec
How a Clever 1960s Memory Trick Changed Computing By LaurieWired
Most Cybersecurity Certs are NOT Worth It By Tyler Ramsbey
📚 Recommended Reading
⚒️ Tools
Meta-Detector - a new Open-Source Intelligence (OSINT) tool created to assist with collecting information about target organizations during penetration testing engagements.
Kdrill - a tool to analyze the kernel land of Windows 64b systems (tested from Windows 7 to Windows 11). Its main objective is to assess if the kernel is compromised by a rootkit.
📰 News
U.S. bans sales of Kaspersky anti-virus software, citing ties to Russia
The U.S. government has targeted AO Kaspersky Lab due to concerns about its ties to the Russian government and potential cybersecurity risks.
Treasury has sanctioned 12 Kaspersky Lab executives under E.O. 14024 for operating in Russia's technology sector.
Commerce has banned Kaspersky Lab from providing cybersecurity products/services in the U.S. and placed it on the Entity List.
This action aims to protect U.S. national security by addressing perceived vulnerabilities posed by Kaspersky Lab technology.
Australia’s Information Commissioner Says Medibank Breach Likely Due to Lack of MFA
The attack was likely enabled by inadequate basic security measures, notably the absence of multi-factor authentication (MFA). Sensitive information from the health insurance provider was stolen and leaked online.
The breach impacted 9.7 million people. Attackers gained access to Medibank's system through an IT Service Desk Operator.
The operator had saved Medibank credentials in his personal internet browser profile on a work computer.
When he signed into his browser profile on his personal computer, the credentials were synced to it, providing attackers with access.
CDK Global Automotive SaaS Platform Goes Down
CDK Global, an automotive software-as-a-service (SaaS) provider, suffered a cybersecurity incident.
The incident disrupted operations at North American car dealerships and automobile equipment manufacturers.
Over 15,000 car dealerships use CDK's platform for various operations.
The first attack occurred on June 18, leading CDK to shut down its systems on June 19 as a precaution.
Some services were restored later on June 19, but a second attack forced another shutdown.
Firewall Configuration Responsible for Massachusetts 911 Disruption
On June 18, Massachusetts faced a state-wide outage of its 911 emergency response system.
The disruption lasted two hours and was attributed to a technical issue with a firewall.
The problem prevented 911 calls from reaching dispatch centers.
The vendor responsible, Comtech, has implemented a technical solution to prevent future occurrences.
Symantec: Attacks Using Chinese Cyberespionage Tools Targeting Asian Telecoms
Symantec's Threat Hunter Team uncovered a cyberespionage campaign ongoing since 2021.
The campaign targets multiple telecommunications operators in an unspecified Asian country.
Perpetrators utilize tools linked to Chinese threat actor groups.
Attack methods include deploying custom backdoors and attempting to steal credentials.
Symantec's report provides indicators of compromised (IoCs) for identifying affected systems.
🔬 Research
Without the sponsors and partners, hacklido wouldn't be where it is now, So we would like to thank them.
Sponsors:
Community Partners:
If you wish to Sponsor / Partner with hacklido and get benefitted? Reach out to us via Twitter / Discord / Telegram and discuss with us!