Kali Linux 2023.1 introduces ‘Purple’ distro for defensive security – Offensive Security has released Kali Linux 2023.1, the first version of 2023 and the project’s 10th anniversary, with a new distro called ‘Kali Purple,’ aimed at Blue and Purple teamers for defensive security.
There are a lot of different fields within cybersecurity. How do you know which one is right for you. Many people will tell you this is one of the first steps to do. It is important in order to apply for the right jobs for you. SANS has created a tool to help identify what roles would be right for you and define where your strengths are. Here is a sample of what mine looks like:
Bitwarden flaw can let hackers steal passwords using iframes – Bitwarden’s credentials autofill feature contains a risky behavior that could allow malicious iframes embedded in trusted websites to steal people’s credentials and send them to an attacker.
Security Now 912 – The NSA @ Home – Hosted by Steve Gibson, Leo Laporte LastPass hack details, Signal says no to UK, more PyPI troubles, QNAP bug bounty
Smashing Security 311 – TikTok, wiretapping, and your deepfake voice is your password
Security Now 913 – A Fowl Incident, Hosted by Steve Gibson, Leo Laporte, DDoS’ing Fosstodon, Strategic Objective 3.3, CISA’s Covert Red-Team
ChatGPT – good or evil? AI impact on cybersecurity – the business community is concerned about the AI’s potential to change the game for cyber criminals and wreak havoc in the world of defense organizations. Should businesses soon expect a wave of even more advanced cyber-attacks or simply more attacks? Will current cybersecurity solutions be enough? Or will ChatGPT instead provide cybersecurity specialists with more efficient and smarter defensive and threat hunting tools?
Splunk Training – As part of its $100 million Splunk Pledge, Splunk has committed to supporting nonprofit organizations that provide skills training to individuals from communities that have been traditionally underrepresented in the technology industry. It is our hope that the Splunk training you receive through WSC helps prepare you for a successful career in our increasingly data-driven economy.
US Marshals Service Hit By Major Ransomware Attack – In response to the ransomware attack, the Marshals Service disconnected the affected system, and the Department of Justice initiated a forensic investigation.
Alyssa Miller is a CISO at Epiq. She has been in the cyber security industry for 15 years. She has created 28 days of helpful youtube videos covering how to get hired in the cyber security field. You can find the playlist here and the below video is an introduction.
Insider Threats Don’t Mean Insiders Are Threatening – By implementing tools that enable internal users to do their jobs efficiently and securely, companies reduce insider threat risk by building insider trust.
Student Medical Records Exposed After LAUSD Breach – “Hundreds” of special education students’ psych records have turned up on the Dark Web. School records like these are covered by FERPA, not HIPAA, so parents have little recourse.
Last month John on Mastodon asked what podcast people were listening to. I jumped in with my list, but I learned of a lot more out there then I was aware of. Being a big podcast fan this is one of the first mediums I turned to myself when looking for information about cyber security. Since replying to that post I have built a longer list of podcasts that I listen to and podcast that I want to listen to.
Podcast I listen to
Security Now – I have listened to this program for a long time. It is a weekly show that goes over the news and answers listener questions. It is part of the TWIT family of podcasts. I reccomend checking the rest of their podcasts out if you are into technology. They are wonderfully produced. This podcast is on the longer side, usually around 1.5 to 2 hours.
Smashing Security – This is also a weekly podcast, but has an emphasis on funny. They cover the wild part of security. The stories are always funny! This is a shorter podcast, usually under an hour. I never miss this one.
Risky Business – I haven’t listened to many episodes of this podcast, but I have enjoyed those I have caught. I hope to listen to many more soon.
Darknet Diaries – These episodes go very deep. The story telling is simply magnificent. If you only have time for one podcast in cybersecurity make it this one.
Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon by Kim Zetter
The Book in Three Sentences
The first cyber war attack by the US targeting centrifuges in Iran.
This was the first attack, but it is seen as only the beginning and shows that many systems all over the world are in danger of being exploited.
Real physical destruction can be caused by a malicious computer code.
Impressions
This book is not the first cyber security book I’ve read. The story telling was done well, if a little long winded, like many non-fiction books I think this book could have been condensed further. At times it read as though the author was trying to make an article into a book, but at 400 plus pages, I think there was too much repetitive content. Nonetheless, this was an interesting book and covers a pivotal part of cyber history. Stuxnet is mentioned and discussed in many of the virtual training classes I have been taking in the last few months.
Who Should Read It
I think there are two categories of people who would be interested in this book. One being history people. I fit in this category as well. This was such a pivotal part of how technology is changing modern warfare that it can’t be ignored.
The second group that will be interested in this book are those with an interest in computers especially information security folks. This is the first virus designed specifically to target a very niche device. It was purposely written to attack, just that device to accomplish political goals.
My Takeaways
It made me aware that governments can leverage malicious code to attack each other, minimizing human loss
I learned that governments is keeping zero days to themselves in order to carry out attacks against their enemies
The purpose of this project was to get a deeper understanding of DNS and networking. It also helped with many unix commands.
What is a PiHole?
The Pi-hole is a DNS sinkhole that protects your devices from unwanted content, without installing any client-side software. It can be installed as a docker component or on a raspberry pi.
I had a old raspberry pi sitting around that I had configured for the kids as a retropi, but they were not using it so I decided to do this project to learn something as well as increase the privacy of the entire house. Since getting people to be secure is hard, I’m trying instead to keep the place that they do most of their internet browsing to be more secure.
How to set up a PiHole
I primary used this video and the documentation that they put together. It worked without issue.
How to Create a PiHole
This was a fun and education project because not only did I learn more about DNS. I got to play with setting up DHCP reservations, customizing my DNS servers on the DHCP server. I also never attached the raspberry pi to a monitor or keyboard, I used SSH to connect to it and do all the operations for this tutorial.
I highly recommend this project for fun and for a chance to educate yourself with a hands on project! After setting this all up I learned that my smart TV (Samsung) was sending out 7k request an hour. I wasn’t even using the smart features! We have a AppleTV hooked up to the TV so I just unplugged the Ethernet cable on our TV. It is amazing and surprising to see what request are flowing across your network.
