Education
CVE-2023-23397 enables a threat actor to send a calendar invite whereby the properties of the msg file can include a path for the reminder sound file. This is achieved by setting:
Read more “The Long Game: Persistent Hash Theft”
Leadership
This post started as a reply to a great topic on LinkedIn, but I hit the character limit so now it’s a blog post!
Years ago I simulated attacks (authorized obviously for the people that have wild imaginations) on a customer which included a physical attack where I walked into a healthcare organization, armed with a suit a smile (and a USB key) I needed to gain access and attempt to move laterally and escalate privileges.
Read more “Adopting an Attacker Mindset to Defend Healthcare”
Strategy
This morning before I got on with some more dull affairs of business, I saw the following:
2023-2030 Australian Cyber Security Strategy Discussion Paper
How we (humanity) and people (including governments etc.) respond to the changing digital landscape and cyber threats that affect society and humanity as a whole is really important. It’s great to see the Australian government using an advisory board and panel structure as they look to review/renew their national cyber security strategy. I’m posting this to raise awareness as I think these things are ever so important that people in the community, industry, academia etc. give their inputs, help and support to the people charged with the incredibly complex task of developing and implementing cyber strategies at country scale! A task not so simple, hence they are calling for inputs as part of a general consultation request from people and organizations.
Read more “Australia National Cyber Strategy Consultation”
Guides
There are so many lists of “tools” of “free resources” for “cyber” etc. Well I don’t want to make a list of stuff for social media, this isn’t the TOP x tools, this is simply some resources that I use on a regular basis that should give people a fairly good idea of where to start looking. Cyber sleuthing is a mixture of:
Education
Whilst the common person will largely link the words “hacker/hackers” to criminal the reality is hackers are scientists/artists/creators/ComputerOperators and the choice of being a criminal or not is down to actions and consequences. So the debate about if you identify as “hacker” does that make you a criminal, well it’s nonsense isn’t it. I could call myself a pony but it won’t make me one, much like I could call myself a criminal and I could be entirely law abiding.
Read more “Am I a criminal or am I a cybersecurity crime fighter?”
Vulnerabilities
There appears to be a new RCE out for Fortinet devices as per this post (it’s against FortiNAC as far I am aware so this is probably a much smaller exposure footprint than all fortinet devices):
https://www.fortiguard.com/psirt/FG-IR-22-300
There’s also this in FortiWeb (and well they released 40 odd fixes to various bits)
https://www.fortiguard.com/psirt/FG-IR-21-186
When we consider security edge devices and the risks these may pose to organizations and society as a whole it’s important to understand that these are no trivial matter. These are “security” appliances that are there to protect your organizations, to provide remote access as well as protect network egress etc.
Fortinet are not the only vendor to suffer from these types of vulnerability (Remote Code Execution – RCE) however there do appear to have been quite a few of these when looking historically.
Read more “CVE-2022-39952 Fortinet Global Exposure”
Threat Intel
Cyberwarfare in Ukraine was hyped as a MASSIVE thing, yet largely it’s been more bark and bite, but perhaps people need to understand that you can’t just “CYBER” a remote network, and even if you could, let’s say you get RCE on 30 networks in a country, so what? There needs to be value, purpose and something that will support other objectives, this isn’t a CTF.
Education
Do you ever get the feeing you are being watched? What about listening to it? Do you ever talk about a subject and then see it appear in adverts despite never using a computer to search for it?
Well don’t worry there’s lots of reasons as to why this can occur, and whilst you might want to think someone is spying on you, the truth is they probably aren’t looking for you, but they might be harvesting your data.
Read more “Is my house spying on me?”
Education
I was pottering about (not like a wizard, more like a cold infected zombie!) and an email hit my mailbox with the “Head of Cyber Architecture” at BA. I have no intention of applying but I thought.. I wonder if this is a good exercise to show people how I would go about the exercise? Well to even begin this I need to write down some notes. So I guess here we go… how far I get into this “fantast football” style scenario who knows, but hopefully it will show some people how I might do things! First up let’s look at the raw requirement:
Read more “How would I apply to the role of “Head of Cyber Architecture””
Threat Intel
https://www.icann.org/resources/pages/dnssec-what-is-it-why-important-2019-03-05-en
Ok read all that good. What we are talking about here is signing a DNS zone to “assure” that the client is getting DNS responses from the right ZONE data. DNSSEC does not encrypt the conversation between DNS client and DNS server. It does enable the client to be able to check if the data it gets back is valid. In short what we are doing is validating that the “data” being returned is authorized and not tampered with.
Read more “DNSSEC – why not having a signed zone is almost never going to lead to you getting pwn3d”