CyberSecNews Weekly - 0x22-W1422
News
-
A Closer Look at the LAPSUS$ Data Extortion Group
The news of the week: Microsoft and identity management platform Okta both disclosed this week breaches involving LAPSUS$, a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish the information unless a ransom demand is paid. -
CVE-2022-23812 - GitHub Advisory Database
Embedded Malicious Code in node-ipc
Tools
-
API-SecurityEmpire
API Security Project aims to present unique attack and defense methods in API Security field -
xepor
Xepor, a web routing framework for reverse engineers and security researchers, brings the best of mitmproxy. -
routeros-scanner
Tool to scan for RouterOS (Mikrotik) forensic artifacts and vulnerabilities. -
clash
A rule-based tunnel in Go. -
miasm
Reverse engineering framework in Python.
Articles
-
CVE-2022-27254: PoC for vulnerability in Honda’s Remote Keyless System
PoC for vulnerability in Honda’s Remote Keyless System(CVE-2022-27254) -
Tesla’s charging ports use a standard wireless message to open up on 315MHz…Which can be replyed!
Tutorial
-
NSA, CISA release Kubernetes Hardening Guidance
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Technical Report, “Kubernetes Hardening Guidance,” today. -
How We Discovered Vulnerabilities in CI/CD Pipelines of Popular Open-Source Projects
Cycode discovered critical vulnerabilities in several popular open-source projects, each of which can cause a supply-chain attack through the CI process.
IR & Reversing
-
Operation Dragon Castling: APT group targeting betting companies
-
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
An analysis by Microsoft about the LAPSU$ group tactics and how to detect it.