Security Stack Sheet #63

 

Word of the week

“Apollo 11 Software Lessons”

Yes, in 1969 the internet was still 14 years away, the World Wide Web wouldn’t show up until eight years after that and wouldn’t become a “thing” for the masses for yet another five years or so.

But the Apollo 11 mission couldn’t have happened without computer code—software. As the Wall Street Journal put it a couple of weeks ago: “It took more than big rockets to put humans on the moon … It took code.”

cid:<a href=[email protected]“>

Start with Margaret Hamilton, now 82, the MIT computer programmer who led the team that created the onboard flight software for the Apollo missions. As the Guardian noted in an interview with her earlier this month, “Her rigorous approach was so successful that no software bugs were ever known to have occurred during any crewed Apollo missions.”

No software bugs. Perhaps if she consented (and it was possible) to be cloned multiple times and all those Hamiltons were in charge of software development today, nobody would have ever heard of Patch Tuesday.

It was she and her team that wrote the software that included the “program alarm” and the restart capability that saved the landing

Link HERE

 

Bonus 

“Mimicking the herd invites regression to the man.”
~ Charlie Munger

cid:<a href=[email protected]“>

Link HERE

What Static Code Analysis should we all use?

cid:<a href=[email protected]“>

Link HERE

cid:<a href=[email protected]“>

Link HERE

HANNAH HILLAM ILLUSTRATION

Link HERE

cid:<a href=[email protected]“>

Link HERE

Valider et non pas juste parser !

Link HERE (in French)

 

Crypto challenge of the week

Secure Everything with Azure Sphere

We’re calling on all engineers and developers around the globe to create highly secured, MCU-powered projects using the Azure Sphere, designing creative ways to secure what needs it most – everything!

Link HERE

Answer from last week: Echo (challenge for your kids!)

 

Dates

  • May 25th 2019: 1 year of GDPR Live! See incidents section below

GDPR Enforcement Tracker

Link HERE – thanks to Marius

  • 1st January 2020 – The California Consumer Privacy Act (CCPA) becomes effective

Image result for ccpa

Link HERE

  • June 30th 2018: TLS1.1 mandatory for PCI-DSS compliance  BEWARE!

Link HERE

Now: TLS1.2 mandatory for proper security

HTTPS everywhere HERE

  • Halloween Brexit! or later or not or bust Brexit Fatigue HERE

cid:<a href=[email protected]“>

Link HERE

  • September 2019: PSD2 security mandatory
  • November 3rd 2020: Trump’s second term start
  • 2022 – First trip to Mars according to Elon Musk

cid:<a href=[email protected]“>

 

Book on the week/month

New chapters

cover

Link HERE

Cipher
Electronic Newsletter of the Technical Committee on Security & Privacy
A Technical Committee of the Computer Society of the IEEE

Link HERE

 

Comic of the week

Spreadsheets

 

##Some OWASP stuff first

-OWASP Robot Security Project

The OWASP Robotic Security Project is meant to create bottom up driven robot security standards applied globally. It includes robot identification, registration, change of registration, robot termination (and other robot security – we need to flesh this out)

Link HERE

-Pentesting bible

Hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources

Link HERE

-WHAT IS SECOPS? (AND WHAT ARE THE BENEFITS AND BEST PRACTICES?) from SentinelOne

Link HERE

-Security, responsibility and trust in Azure – training

Link HERE

cid:<a href=[email protected]“>

Link HERE

 

Events

OWASP events HERE

All InfoSec events HERE

The complete Security Events calendar – Peerlyst

Link HERE

Bsides Liverpool

https://yt3.ggpht.com/a/AGF-l7_F4V5oItu57YN-YwND_Lxopb3AfwLOl8yArQ=s176-c-k-c0xffffffff-no-rj-mo

Link HERE

 

Incidents

Global ALERT level

cid:<a href=[email protected]“>

BLUE or GUARDED indicates a general risk of increased hacking, virus, or other malicious activity. The potential exists for malicious cyber activities, but no known exploits have been identified, or known exploits have been identified but no significant impact has occurred. 

cid:<a href=[email protected]“>

Incident data HERE Find your country

NCSC Weekly Threat Report

Provided Image

Met Police newsdesk breached

London’s Metropolitan Police suffered a “hack” which saw their Twitter feed and press bureau post a series of bizarre messages.

Scotland Yard confirmed that a third party platform had "been subject to unauthorised access

Cyber crime group develop Reverse-Shell malware

Cyber crime organisation FIN8 have evolved their techniques used to steal consumers credit card information.

FIN8 was first identified in 2016 for their spear-phishing activity, targeting over 150 organisations with their financially-motivated attacks. Following a period of relative dormancy, the group have recently begun utilising their variant of the ShellTea attack designed to install Point of Sale (PoS) malware on hospitality companies.

Research from cyber security firm Gigamon has uncovered FIN8’s new BADHATCH reverse shell malware which infects a network via a more traditional phishing attack. Once on the system BADHATCH utilizes its file transfer functionality, allowing FIN8 to further infect networks with other attacks such as the aforementioned ShellTea virus, in order to steal consumers payment information

Link HERE

Troy Hunt Weekly update 149

cid:<a href=[email protected]“>

Link HERE

 

Incidents & events detail

iNSYNQ ransomware affecting accounting software QuickBooks

iNSYNQ, a cloud-hosting company that specializes in accounting software and services, suffered a ransomware attack a week ago. The company took its network offline once it realized what was happening. iNSYNQ customers have been unable to access their data. An iNSYNQ status report on Monday, July 22 says that they have “started to restore customer desktops.”

[Honan]

A salutary reminder that even though your data may be in the cloud it still needs to be backed up

Links HERE and HERE

Popular Samsung, LG Android Phones Open to ‘Spearphone’ Eavesdropping

Link HERE

Ransomware hits Johannesburg electricity supply

Link HERE

My browser, the spy: How extensions slurped up browsing histories from 4M users

Link HERE

Equifax To Pay Up To $700 Million In Data Breach Settlement

Image result for equifax breach

Links HERE and HERE

Industry Response to the BlueKeep Vulnerability

It’s been five weeks since we first posted about the exposure of the BlueKeep vulnerability on the external networks of many organizations across the world. There have been further developments regarding the capabilities of the vulnerability including that both the DHS developed a working exploit and individuals from the private sector have also developed a remote code exploit. Both of these milestones further demonstrate the risk introduced by this vulnerability and the pressing statements by Microsoft and the NSA to patch

cid:<a href=[email protected]“>

Link HERE

Kazakh Government Intercepting All HTTPS Traffic

Ministry officials in Kazakhstan say that the government’s new practice of intercepting all HTTPS traffic that moves within the country’s borders is “aimed at enhancing the protection of citizens, government bodies and private companies from … cyber threats.” ISPs in the country have begun forcing all users to install a government root certificate that allows government agencies to decrypt their traffic, examine it, re-encrypt it with their certificate, and send it on its way. Citizens who have not installed the government’s certificate report being unable to access the Internet.

[Neely]

The legislation supporting this was passed in December in 2015; implementation was delayed by lawsuits. Marketed as being a safety measure for consumers, the certificates are distributed over insecure channels, which makes it hard to ensure you’re getting the genuine certificates, nor do instructions include information on risks of installing the incorrect certificates

Link HERE

PSA: Don’t Store 2FA Codes in Password Managers

It seems convenient, but it’s a trap!

Link HERE

Payment Card Data Breach Response – Alexis Gargurevich

Link HERE

A simple fix could have saved British Airways from its £183m fine

cid:<a href=[email protected]“>

Link HERE

Chrome 76 Will Close Loophole that Sites Use to Detect Users Browsing in Incognito Mode

Chrome 76, which is currently in beta, will prevent websites from detecting when a user is browsing in Incognito Mode. Some sites currently do not allow users to read content if they are using privacy modes. The sites have been using a loophole in the FileSystem API that allowed them to detect whether users are in Incognito Mode. Currently, the Chrome FileSystem API is disabled in Incognito Mode. Sites are able to check for the availability of this API and, if it is not detected, assume that users are in Incognito Mode. Chrome 76 modifies the FileSystem API “to remedy this method of Incognito Mode detection.”

[Neely]

Mozilla also is working to eliminate other mechanisms, beyond the FileSystem API call, used to detect Incognito Mode. Even so, sites are working to find other ways to keep paywalls and other revenue generating mechanisms in place as Incognito browsing is often used to circumvent these capabilities. If you find a site valuable and use it frequently, you may want to just subscribe to it

Link HERE

 

Research of the week

Featuring – BIML Security Principles

Early work in security and privacy of ML has taken an “operations security” tack focused on securing an existing ML system and maintaining its data integrity. For example, Nicolas Papernot uses Salzter and Schroeder’s famous security principles to provide an operational perspective on ML security.[i] In our view, this work does not go far enough into ML design to satisfy our goals. Following Papernot, we directly address Salzter and Schroeder’s security principles as adapted in the book Building Secure Software by Viega and McGraw. Our treatment is more directly tied to security engineering than to security operations

Link HERE

Exploiting CVE–2019-1132: Another NULL Pointer Dereference in Windows Kernel

The vulnerability we are discussing in this post, NULL pointer dereference, resides in win32k.sys driver which leads to successful escalation of privileges (EoP) on Windows 7 and Windows Server 2008 OSes.

Microsoft addressed this vulnerability in July patch and the vulnerability was discussed previously by ESET in their blog as this vulnerability was used in targeted attacks in Eastern Europe.

This article focuses on analyzing the vulnerability and creating a working exploit on Windows 7 x86 environment with June patch installed

Link HERE

HACKING WORDPRESS 4.7.0-1

EXPLOITING THE EXPLOITABLE

The guys from sucuri have recently published a blog post with details of a WordPress vulnerability which allows an unauthenticated attacker to easily edit any blog post of their liking by abusing a bug in the WordPress REST API. I am not going to write about the details of the vulnerability because that has been discussed in the original blog post as mentioned. Instead, I will show you how to easily exploit this issue by using our Rest tool

Link HERE

 

Tool of the week

Twint

How to Mine Twitter for Targeted Information with Twint

Link HERE

Metasploit — Pivoting

Pivoting is the unique technique of using an instance (also referred to as a ‘plant’ or ‘foothold’) to be able to move around inside a network. Basically using the first compromise to allow and even aid in the compromise of other otherwise inaccessible systems. In this scenario, we will be using it for routing traffic from a normally non-routable network

Link HERE

Smuggler and Cove: A PoC for data exfiltration using Scapy

Link HERE

How to Hack Wi-Fi: Get Anyone’s Wi-Fi Password Without Cracking Using Wifiphisher

One of the most powerful Wi-Fi social engineering attacks is Wifiphisher, a tool that blocks the internet until users enter their…

While password cracking and WPS setup PIN attacks get a lot of attention, social engineering attacks are by far the fastest way of obtaining a Wi-Fi password. One of the most powerful Wi-Fi social engineering attacks is Wifiphisher, a tool that blocks the internet until desperate…

Link HERE

Office 365 Attack Toolkit

cid:<a href=[email protected]“>

Link HERE

Docker for Pentesters

Link HERE

cid:<a href=[email protected]“>

Cangibrina is a multi platform tool which aims to obtain the admin Dashboard of sites using brute-force over wordlist, google, nmap, and robots.txt

Link HERE

 

Other interesting articles

##Cybersecurity: Linchpin of the digital enterprise

cid:<a href=[email protected]“>

Link HERE

 

##The Encryption Debate Is Over – Dead At The Hands Of Facebook

The sad reality of the encryption debate is that after 30 years it is finally over: dead at the hands of Facebook. If the company’s new on-device content moderation succeeds it will usher in the end of consumer end-to-end encryption and create a framework for governments to outsource their mass surveillance directly to social media companies, completely bypassing encryption.

In the end, encryption’s days are numbered and the world has Facebook to thank

Link HERE

 

##The best secure browsers 2019

tor browser secure

Link HERE

 

##And finally, Time Speeds Up When You’re Wasting It

cid:<a href=[email protected]“>

I can’t remember what the solution was, and perhaps it’s not known for certain anyway. But it was some combination of the following:

  • Do new things all the time.
  • Always be learning.
  • Focus on the pure joy of whatever experience you’re having; don’t focus on the past or the future

Link HERE

AND

Servants without Masters

Link HERE

 

##HACKING, TOOLS and FUN – CHECK BELOW!

AppSec Ezine

Must see

Link HERE and credits to HERE

 

Sage

Sage Business Cloud

Sage

For over 35 years Sage has supported businesses through compliance, legislation, and regulatory changes. Visit our Brexit and Making Tax Digital hubs to see how we can help your business.

If you’ve received this email by mistake, we’re sorry for bothering you. It may contain information that’s confidential, so please delete it without sharing it. And if you let us know, we can try to stop it from happening again. Thank you.

We may monitor any emails sent or received by us, or on our behalf. If we do, this will be in line with relevant law and our own policies.

Sage (UK) Limited. Registered in England at North Park, Newcastle upon Tyne, NE13 9AA. Registered number 1045967.

Sage

The information contained in this email transmission may constitute confidential information. If you are not the intended recipient, please take notice that reuse of the information is prohibited.

Leave a Reply

Your email address will not be published. Required fields are marked *