I was up late trying to figure out a stupid issue I was having with the Crowdstrike API so I didn't stream on twitch last night, hoping to do a stream tonight. I think they took a feature out my team was actually using which would allow me to contain a device and make a note that could be viewed in the dashboard.
We're delighted to announce our second #Keynote Speaker for #EverythingOpen - Jana Dekanovska!
Jana is a well-known #infosec analyst, with a particular interest in the intersection of #AI and threat #intelligence, and is a Strategic Threat Advisor at #CrowdStrike.
README has been crafted for the upcoming Domain Assassin release for both the local and lambda versions with terraforms included for it, and tfenv files plus shell scripts to package the lambda to a zip as well as switch between AWS prod and dev for you easily.
I may be getting #Crowdstrike for my homelab in a few months. I want to see about tying it into #Wazuh eventually and covering all my desktops and servers.
Somehow I became the freaking #cloud#engineer in my group of #cybersecurity engineers at work. I have never done #AWS and my work paid for #ACloudGuru for the company to learn, and I’ve been rolling through #lambda and now #ECS at work and making custom #python for #crowdstrike and #zscaler and now looking at rolling a @grafana at work for a POC probably on AWS too. I only started doing Python a few months ago. #chatgpt helped a lot. The times really do change don’t they? #infosec#IT
Does anyone know how to do a @crowdstrike containment with a note in the WebUI via the #API on #crowdstrike? It’s bugging the hell out of me at work and Ops really wants that in the CS dashboard
Working on a #crowdstrike autocontainment script for work, because Fusion Workflows apparently do not have a “not” statement which messes up logic. So #python on an #AWS lambda it is! But holy crap is the API convoluted. You have to pull by agent ID then pipe the agent ID to another call to figure out the host name. Gonna be a headache for #jira automated tickets 🙃
I may see about sanitizing it when I’m done and putting it on GitHub it uses AWS secrets manager anyway 🤷♂️ #infosec#cybersecurity
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #22/2023 is out! It includes, but not only:
➝ 🇺🇸 🪖 Air Force denies running simulation where AI drone “killed” its operator
➝ 🇺🇸 🏂 #Burton Snowboards discloses #databreach after February attack
➝ 🇺🇸 🧪 Enzo Biochem #Ransomware Attack Exposes Information of 2.5M Individuals
➝ 🧠 🤖 Introducing Charlotte AI, #CrowdStrike’s Generative AI Security Analyst
➝ 🐍 🦠 Malicious #PyPI Packages Using Compiled #Python Code to Bypass Detection
➝ 🇰🇵 🎠 N. Korean ScarCruft Hackers Exploit LNK Files to Spread #RokRAT
➝ 🦠 📱 New Zero-Click Hack Targets #iOS Users with Stealthy Root-Privilege #Malware
➝ 🇷🇺 🇺🇸 #Russia says U.S. accessed thousands of #Apple phones in spy plot
➝ 🇯🇵 🚗 #Toyota Discloses New Data Breach Involving Vehicle, Customer Information
➝ ☁️ 👻 Organizations Warned of #Salesforce ‘Ghost Sites’ Exposing Sensitive Information
➝ 🔐 👀 #Amazon faces $30 million fine over Ring, Alexa #privacy violations
➝ 🔐 🧱 Active Mirai Botnet Variant Exploiting #Zyxel Devices for #DDoS Attacks
➝ 🇷🇺 🇺🇦 Russia’s ‘Silicon Valley’ hit by cyberattack; Ukrainian group claims deep access
➝ 🦠 🤖 #Spyware Found in #GooglePlay Apps With Over 420 Million Downloads
➝ 🦠 🚪 #RomCom malware spread via Google Ads for #ChatGPT, GIMP, more
➝ 👛 Southeast Asian hacking crew racks up victims, rapidly expands criminal campaign
➝ 🍏 #Microsoft finds #macOS bug that lets hackers bypass SIP root restrictions
➝ 🦠 🚪 #Barracuda zero-day abused since 2022 to drop new malware, steal data
➝ 🇬🇷 Worst cyberattack in #Greece disrupts high school exams, causes political spat
➝ 🇮🇳 🎠 Sneaky DogeRAT Trojan Poses as Popular Apps, Targets Indian #Android Users
➝ 🇺🇸 U.S. Department of Defense releases 2023 Cyber Strategy
➝ 📱☝🏻 New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force
➝ 🇯🇵 🎠 New GobRAT Remote Access #Trojan Targeting #Linux Routers in #Japan
➝ 🦠 📂 Clever ‘File Archiver In The Browser’ phishing trick uses #ZIP domains
📚 This week's recommended reading is: "Fancy Bear Goes Phishing: The Dark History of the Information Age, in Five Extraordinary Hacks" by Scott J. Shapiro
Subscribe to the #newsletter to have it piping hot in your inbox every Sunday ⬇️