📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #17/2023 is out! It includes, but not only:
‣ Hackers target vulnerable #Veeam#backup servers exposed online
‣ #FBI queries for Americans’ digital data drops, yet advocates for surveillance reform remain undeterred
‣ #OpenAI: #ChatGPT Back in #Italy After Meeting Watchdog Demands
‣ Many Public #Salesforce Sites are Leaking Private Data
‣ #NIST CSF 2.0 Core discussion draft released, stakeholder feedback invited
‣ #Paperbug Attack: New Politically-Motivated Surveillance Campaign in #Tajikistan
‣ #Linux version of RTM Locker #ransomware targets #VMware ESXi servers
‣ New Atomic #macOS info-stealing #malware targets 50 crypto wallets
‣ #Google Gets Court Order to Take Down #CryptBot That Infected Over 670,000 Computers
‣ #Telegram restricted in #Brazil after refusal to supply user data to authorities
‣ #Cisco discloses XSS zero-day flaw in server management tool
‣ Ukrainian arrested for selling data of 300M people to Russians
‣ Hackers are breaking into AT&T email accounts to steal #cryptocurrency
‣ #Accenture, #IBM, #Mandiant join Elite Cyber Defenders Program to secure critical infrastructure
‣ ATT&CK v13 April Updates
‣ New Data Sharing Platform Serves as Early Warning System for #OTSecurity Threats
‣ North Korean Hackers Target Mac Users With New ‘#RustBucket’ Malware
‣ New All-in-One "#EvilExtractor" Stealer for #Windows Systems Surfaces on the Dark Web
📚 This week's recommended book is: "This Is How They Tell Me the World Ends: The Cyberweapons Arms Race" by Nicole Perlroth
Subscribe to the #newsletter to have it piping hot in your inbox every Sunday ⬇️
Well, the Oklahoma governor Stitt did it. He signed SB 613 into law, after saying he will veto all bills until he gets his way on other bills. Thankfully the Senate removed the language banning trans healthcare from being covered by private insurance in the state, it still is banning all sorts of gender affirming care for anyone under 18. Will be forcibly de-transitioning children now, with a bullshit 6 month "wind down".
Me and my wife have been trying to get out of Oklahoma for a while now, but... it's getting more and more risky and dangerous for us here. I've been trying to find a new job, since I've been unable to perform my current job, since at least August (been on a medical LOA, but the short term disability company is ghosting me, and has not paid be since November 1st). I'm at a point, where I'm really not sure what to do at this point. Struggling to find a new job, and my wife doesn't have enough income for us to save money to move.
That being said, I have been trying to find my first infosec role for near 2 years now. In that time, I began working on a degree in Cybersecurity & Digital Forensics, but after I contracted COVID at work, I had to drop mid-semester, and the board at the school, denied my request for retro-active withdraw, with refund for the classes, which ended with me owing the school almost 4 grand for the semester, since they had to return student loan funds. Which has lead me to being unable to re-enroll. Began to work on studying for the Sec+ exam, while also continuing to work with my homelab on things, as well as doing work on TryHackMe learning paths.
I've spent the better part of my adult life working in industrial equipment maintenance since I got out of the USAF, where I was an Aircraft Electrician. Due to various reasons, I've had to step away from industrial equipment maintenance, and been trying to figure out how to make my career switch since my last role doing that ended in 2018.
I do have a general resume on hand I can supply on request, let me know. Otherwise, I am also trying to raise some funding for me and my wife to be able to escape this state, that is actively hostile to both me and my wife. We've previously faced threats of direct violence from individuals, but now the state is directly targeting us. I have a GoFundMe I have started to try to help us.
A new ICSNPP-Synchrophasor parser for Synchrophasor Data Transfer for Power Systems (IEEE C37.118) has been integrated.
We've also got a plethora of component version updates, including Arkime to v4.3.0, Capa to v5.1.0, Fluent Bit to v2.1.2, NetBox to v3.5.0, NGINX to v1.22.1, Supercronic to v0.2.24, Suricata to v6.0.10, Yara to v4.3.0, and Zeek to v5.2.1.
Check out the release on GitHub or grab my ISO builds at malcolm.fyi.
So, one thing I miss about infosec Twitter was the viral awareness brought to timely issues.
Like the cissp bylaw change vote last year.
Now it's up again, but I don't see the advocacy.
Anyone got an opinion on the petition vote? #cissp#bylaws#infosec
I did not have the chance to be at #RSAC2023, but the resources I've collected here almost felt that I was there... minus the important social event part :sad_panda:
Excited that I can finally talk about this! Last year I discovered a security issue that allowed a third-party iOS application to access a user's location without their consent/knowledge. Not a great writeup, but more details here: https://github.com/biscuitehh/cve-2022-46718-leaky-location
And I see that the Daixin ransomware leak site is back online after a hiatus. Their spokesperson tells me that they have been working on other projects but will be resuming ransomware work soon.