February 7, 2022

CyberSecNews Weekly - 0x15-W0622

News

• Expert Analyst Insight into North Korean 'Internet Outages'
  An analysis of the three DDoS attacks against the North Korean internet during January 2022.

• Huge Multinational Security Firm Exposed Sensitive Airports Files
  The SafetyDetectives cybersecurity team discovered a critical data leak affecting the prominent multinational security company, Securitas that operates in several South America's airports.

Tools

• InsecureShop
  An Intentionally designed Vulnerable Android Application built in Kotlin.

• wrongsecrets
  Examples with how to not use secrets.

• LFIDump
  A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.

• awesome-security-hardening
  A collection of awesome security hardening guides, tools and other resources

• community-threats
  The largest, public library of adversary emulation plans in JSON. A place to share custom SCYTHE threats with the community.

• hollows_hunter
  Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

• DevSecOps
  Ultimate DevSecOps library.

Articles

• Low-Detection Phishing Kits Increasingly Bypass MFA
  A growing class of phishing kits – transparent reverse proxy kits – are being used to get past multi-factor authentication using MiTM tactics.

• Using Power Automate for Covert Data Exfiltration in Microsoft 365
  How threat actors can use Microsoft Power Automate to automate data exfiltration, C2 communication, lateral movement, and evade DLP solutions.

• Serverless Security: New Risks Require New Approaches
  

• Vulnerable AWS Lambda function - Initial access in cloud attacks
  The security research team explains the attack scenario with a vulnerable AWS Lambda function could be used by attackers.

• Understanding the Unique Challenges of Securing OT Systems in 2022
  To combat the range of risks before an incident occurs, industrial organizations must adopt a forward-thinking OT security strategy that addresses these upward trends of the modern world.

• Snaring the Bad Folks
  Project by Netflix’s Cloud Infrastructure Security team

Tutorial

• Security 101: Securing file downloads
  

• Frida HandBook
  FRIDA handbook, resource to learn the basics of binary instrumentation in Windows systems with real-world examples.

• The Tale of a Click leading to RCE
  

• 10 Unknown Security Pitfalls for Python
  

• Thinking beyond SQL injection: OWASP tips for secure database access
  When it comes to secure database access, there's more to consider than SQL injections.

IR & Reversing

• Analysis of Attack Against National Games of China Systems
  

• Sandboxing Antimalware Products for Fun and Profit
  

• UART discovery and firmware extraction via Uboot