Cybercriminals are often portrayed in popular media as rogue and highly skilled individuals, wielding coding and hacking abilities from a dimly lit room. But such stereotypes are becoming outdated.
Category: Security
Apartment buildings broken into with phone in minutes — IoT-connected intercoms using default creds vulnerable to anyone with Google | Tom’s Hardware
A number of apartment complexes using internet-connected intercom/entry systems still use their default credentials, which make them fully accessible to anyone savvy enough to Google their unit’s manual.
Misconfig Mapper: Open-source tool to uncover security misconfigurations – Help Net Security
Misconfig Mapper is an open-source CLI tool built in Golang that discovers and enumerates instances of services used within your organization. It performs large-scale detection and misconfiguration assessments, leveraging customizable templates with detection and misconfiguration fingerprints to identify potential security risks in widely used third-party software and services.
OSINT Framework
Here is a useful collection of OSINT tools for CTFs and PenTesting. https://bkellyteacher.com/MiscApps/CTF/osint/
Single Right-Click Let Hackers Gain Access To System By Exploiting 0-Day
This 0-day flaw, identified by security analysts at ClearSky Cyber Security in June 2024, allows attackers to gain unauthorized access to systems through minimal user interaction.
Russian group’s hack of Texas water system underscores critical OT cyber threats | CSO Online
But water systems have been increasingly in the crosshairs in 2024, resulting in the following noteworthy water security developments:
JPCERT shares Windows Event Log tips to detect ransomware attacks
The investigation strategy proposed by JPCERT/CC covers four types of Windows Event Logs: Application, Security, System, and Setup logs.
Unpatchable 0-day in surveillance cam is being exploited to install Mirai | Ars Technica
Akamai said that the attackers are exploiting the vulnerability so they can install a variant of Mirai, which arrived in September 2016 when a botnet of infected devices took down cybersecurity news site Krebs on Security.
How Many Security Cameras Does My House Need? – CNET
For maximum security, you can place cams to watch every access point and all key areas in your home, up to nine or ten if you really want. This isn’t for everyone: Such a massive setup is best for very large houses in neighborhoods that are frequent targets of theft, with valuables that owners want to keep an eye on.
13WMAZ.com: U.S. says Georgia Tech put ‘sensitive government information’ at risk. Here’s why
The lawsuit lists a number of alleged cybersecurity violations, ranging from a lab’s computers not having anti-virus software and the university having essentially “no enforcement” of required cybersecurity regulations.