Week 36, September 4-10, 2023

Week 36, September 4-10, 2023. Cybersecurity Weekly Updates.

This week in the world of cybersecurity:

Hackers and MinIO Storage System – If you’re using MinIO storage systems, watch out! Hackers have found a way to break into servers using weaknesses in this system. Make sure you patch up any holes in your security to stay safe.

Vietnamese Criminals and Facebook Business Accounts – Business owners on Facebook, be careful. Criminals from Vietnam are using bad ads to break into Facebook Business accounts. It’s a good idea to check your account settings and look out for anything strange.

iMessage Scams in the U.S. – People speaking Chinese are sending a lot of scam messages through iMessage in the U.S. Don’t click on links from unknown senders and be extra cautious with your personal info.

Android’s Zero-Day Flaw – If you use an Android phone, update it now! The latest patch fixes a big security hole that people are already taking advantage of. Updating could save you from a lot of trouble.

Ukraine Stops Big Cyberattack on Energy Systems – Good news from Ukraine – they stopped a big cyberattack that was aimed at their critical energy systems.

 


Recent Tools and Techniques

These are some of the recent tools and techniques in the cyber-security sphere that have captured my attention.

LibreWolf is a custom version of Firefox that prioritizes privacy, security, and user freedom. It enhances protection against tracking and fingerprinting while also removing telemetry and data collection. The browser comes pre-configured with privacy-focused search options like DuckDuckGo, Searx, and Qwant. For added convenience, it includes uBlock Origin as a content blocker. LibreWolf is regularly updated from the latest Firefox stable source to ensure it stays secure and feature-rich. It’s an open-source project, allowing community participation in its development.

MTKPI (Multi Tool Kubernetes Pentest Image) is a Docker image packed with a wide range of tools essential for Kubernetes penetration testing. The image is designed to work in network-limited or read-only environments where downloading tools isn’t an option. It includes a web-based shell feature via ttyd, allowing developers with limited permissions to create port-forwarding. Tools packed in the image include botb, kubeletctl, kubesploit agent, CDK, peirates, traitor, ctrsploit, kdigger, kubectl, linuxprivchecker, deepce, helm, kube-hunter, kube-bench, and DDexec. To help bypass signature-based runtime security tools like Falco and Tracee, MTKPI uses a simple renaming method for executables.

Coffee is a tool written in Rust that serves as a custom implementation of Cobalt Strike’s beacon_inline_execute feature. It is designed to support most functionalities of the Cobalt Strike compatibility layer. Structured for versatility, Coffee can also be integrated as a library in various other projects. This makes it a flexible choice for those looking to execute inline scripts in a Cobalt Strike environment.

 


That’s a wrap on this week’s edition of the Cyber-Security Update. Remember, the cyber-security landscape is ever-changing, and staying informed is your primary defense. Hopefully, the insights and information shared today will assist in navigating this complex domain and in strengthening defenses against potential threats. Stay vigilant, stay informed, and look forward to more insights into the world of cyber-security in next week’s edition.

To stay in sync with the weekly cyber-security roundups, remember to subscribe to the newsletter and follow on social media platforms. If there are any questions or specific topics you’d like to see covered, don’t hesitate to get in touch.

 

Related posts