Week 34, August 21-27, 2023

Week 34, August 21-27, 2023. Cybersecurity Weekly Updates.

This week in the world of cybersecurity:

New WinRAR Vulnerability (CVE-2023-40477) is a big concern because it could let hackers take control of your PC. This is urgent for anyone who uses WinRAR software. Then, there’s a serious warning from Ivanti about a Critical Zero-Day Flaw in Sentry Software that’s being actively exploited. This means bad guys are already using this weakness to cause trouble. North Korean Affiliates are also making headlines for a $40M Cryptocurrency Heist, which the FBI warns could impact the crypto world big time. Two LAPSUS$ Hackers Convicted reveals that high-profile tech firms are not safe and law is catching up. Finally, Urgent FBI Warning about Barracuda Email Gateways tells us that even after fixing some problems, these gateways are still vulnerable and could be a weak spot for many companies.

Recent Tools and Techniques

These are some of the recent tools and techniques in the cyber-security sphere that have captured my attention.

The OSDP attack tool is designed to exploit multiple vulnerabilities in the Open Supervised Device Protocol (OSDP). It features five main attacks. Attack #1 exploits the fact that OSDP doesn’t require encryption, allowing attackers to listen and capture sensitive data like card numbers. Attack #2 is a Downgrade Attack, where the tool can trick the system into disabling encryption even if it supports it. Attack #3 focuses on exploiting the ‘install mode’ to request base encryption keys from the controller, providing easy access to an attacker. Attack #4 aims to break encryption by trying out common weak encryption keys that are often left as defaults. Finally, Attack #5 is the Keyset Capture, which captures the keyset message during initial setup and decrypts all future messages. The tool also identifies several medium to low risk issues weakening the protocol or system, such as truncated MACs, limited sequence numbers, and less secure encryption modes. It’s a comprehensive tool for testing the security of OSDP-based systems.

FaceFusion is a next-generation tool specialized in face swapping and enhancement. Using advanced algorithms, it enables seamless and natural-looking swaps while providing a range of options for facial feature adjustments and lighting modifications. The tool is designed to work with high-resolution images and offers a user-friendly interface, making it effective for both novice and expert users.

GitSint v2.0 is an OSINT (Open Source Intelligence) tool that focuses on gathering information through GitHub. It utilizes GitHub APIs to extract a wide range of data such as login details, name, email, biography, and more. The tool is fully asynchronous, enhancing its speed and efficiency in data scraping. With a command-line interface menu, it allows for easy navigation. Information retrieved is organized in a tree structure, making it easier to navigate through the results. The latest version includes new features such as asynchronous system improvements, redesigned interface, and the ability to search for additional information like GitLab names and domain data via Hunter.io.

That’s a wrap on this week’s edition of the Cyber-Security Update. Remember, the cyber-security landscape is ever-changing, and staying informed is your primary defense. Hopefully, the insights and information shared today will assist in navigating this complex domain and in strengthening defenses against potential threats. Stay vigilant, stay informed, and look forward to more insights into the world of cyber-security in next week’s edition.

To stay in sync with the weekly cyber-security roundups, remember to subscribe to the newsletter and follow on social media platforms. If there are any questions or specific topics you’d like to see covered, don’t hesitate to get in touch.