February 20, 2022

CyberSecNews Weekly - 0x17-W0822

News

• MikroTik Authentication Revealed
  Mikrotik is a well know Latvian company that produces Linux based routers for SOHO and WISP. In this article, the researchers from Margin Security explained how the encryption in RouterOS is designed (in a very unconventional way)

Tools

• HOUDINI
  Hundreds of Offensive and Useful Docker Images for Network Intrusion.

• cloud-custodian
  Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

• cve
  Gather and update all available and newest CVEs with their POC.

• Cyber Analytics Repository
  

• awesome-cloud-security
  Awesome Cloud Security Resources

Articles

• Free Cybersecurity Services and Tools | CISA
  As part of our continuing mission to reduce cybersecurity risk across U.S. critical infrastructure partners and state, local, tribal, and territorial governments, CISA has compiled a list of free cybersecurity tools and services to help organizations further advance their security capabilities. This living repository includes cybersecurity services provided by CISA, widely used open source tools, and free tools and services offered by private and public sector organizations across the cybersecurity community.

• Current MFA Fatigue Attack Campaign Targeting Microsoft Office 365 Users
  MFA can protect your Office 365 accounts, but attackers are looking to compromise this security feature through new threats such as Push Notification Spamming. Learn more about MFA fatigue and how to mitigate attacks in this article.

• Security and Privacy for public DNS Resolvers
  In this paper, ENISA analyses the new security related capabilities and risks to DNS services and infrastructures, such as: Encryption, Service outages, DNS blocking.

• Samy Kamkar Talks Hardware Security on Hackster Café
  Samy Kamkar is famous in the wireless and hardware information security scene for his research on various security exploits including methods to defeat rolling code security, and using a children's toy to open wireless garage doors. In a recent Hackster.io Hackster Café interview Samy talks about various security related topics including software defined radios.

Tutorial

• Compromising Angular via expired NPM publisher email domains
  

• Quick & Lazy Malware Development
  Quickly and lazily write malware from the perspective of a newbie and someone who has very basic programming skills.

• AWS GuardDuty Exfiltration Bypass
  In January 20, 2022 Amazon AWS has introduced a new threat detection in GuardDuty to block credential exfiltrations. Can be bypassed?

• Methodology for Malware Static analysis : Portable Executable (PE) files
  A tutorial for whom that want to start with malware analysis