Week 42, October 16-22, 2023
Week 42, October 16-22, 2023. Cybersecurity Weekly Updates.
This week in the world of cybersecurity:
Pro-Russian Hackers and WinRAR – A new campaign shows Pro-Russian hackers are taking advantage of a recent problem in WinRAR software. This is a big deal because many people use WinRAR to open and make compressed files.
Android Trojan SpyNote – Watch out if you use an Android phone. A bad software called SpyNote is going around that can record your calls and other sounds. This is risky for your personal information.
Binance’s Smart Chain and Malware – Binance’s Smart Chain has been tricked by a new kind of bad software called ‘EtherHiding.’ This affects people who use Binance for buying and storing digital money.
11 Ukrainian Telecom Providers Hit – A government report from Ukraine says that 11 of their telecom companies got hit by cyberattacks. This is a big problem for communication in the country.
Europol and Ragnar Locker Ransomware – Good news! Europol has taken apart the computer system of a bad software called Ragnar Locker Ransomware and caught an important person behind it.
Recent Tools and Techniques
These are some of the recent tools and techniques in the cyber-security sphere that have captured my attention.
Patator is a multi-threaded, Python-based brute-forcing tool designed to be reliable and flexible. Unlike traditional brute-forcing tools, it offers a modular approach that allows for various types of password-guessing attacks. It currently supports modules for attacking a wide range of protocols and services, including FTP, SSH, Telnet, SMTP, HTTP/HTTPS, RDP, and many more. Additionally, Patator can be used for tasks such as user enumeration and password cracking for encrypted files. This tool aims to address the limitations of existing brute-forcing tools by offering more flexibility and reliability.
The gRPC Web Pentest Suite is a collection of tools designed to test the security of gRPC Web applications. It supports different content types like application/grpc-web-text and application/grpc-web+proto, although the latter has some bugs. The suite includes three main tools. The first, grpc-scan, scans JavaScript files to find gRPC endpoints, services, messages, and field types. The second, grpc-coder, helps in encoding and decoding gRPC-web payloads, making it easier to manipulate them for testing. The third is an extension for Burp Suite that integrates the grpc-coder tool, streamlining the process. Additional resources like articles and videos on how to use these tools are also available. To get started, certain software requirements need to be met, including specific Python and Go packages. Once installed, the Burp Suite extension adds menu items for decoding and encoding gRPC-Web payloads, simplifying the testing workflow.
Sirius Scan is an open-source vulnerability scanner built to identify security weaknesses in systems. It operates on four key concepts: a vulnerability database, network scanning, agent-based discovery, and custom assessor analysis. All these features come together in an easy-to-use interface. To get started, users need to clone the Sirius repository and run its containers using Docker and Docker Compose. The system includes multiple services like a NoSQL database for data storage, a message broker for communication, and various services for data management and pipeline execution. Users can log in with a default username and password and navigate through the web UI to manage their data and run scans. The tool can also be set up on a remote machine by modifying configuration files.
That’s a wrap on this week’s edition of the Cyber-Security Update. Remember, the cyber-security landscape is ever-changing, and staying informed is your primary defense. Hopefully, the insights and information shared today will assist in navigating this complex domain and in strengthening defenses against potential threats. Stay vigilant, stay informed, and look forward to more insights into the world of cyber-security in next week’s edition.
To stay in sync with the weekly cyber-security roundups, remember to subscribe to the newsletter and follow on social media platforms. If there are any questions or specific topics you’d like to see covered, don’t hesitate to get in touch.