From the Ground Up - Learning About Computer Security

 There is a new information stealer called Realst that is being used to steal the system credentials of Web3 users and it is masquerading as meeting application. The Realst creators have also setup fake companies to give extra legitimacy to the initial hacking attempt.  Per the article: " names such as Clusee, Cuesee, Meeten, Meetone, and Meetio for the bogus sites." The attackers seem to reach out via a message on Telegram and coerce the prospective target with an investment opportunity or something similar to that. From there the target is directed to a website that has the fake application ready to install. After the users agrees to the install of the application it tell the user that it's not compatible with their current OS version. It then tell the user to enter their system password for the appl to work correctly. The applications main goal is to use these credentials to steal various kinds of sensitive data and then export that data to a remote server. Overall, I ...

This particular article opened my eyes to an entirely new part of the cybercriminal world that, while I'm not surprised it exists, was entirely new information to me.  Apparently, as far back as 2017 Microsoft has been keeping tabs on Abanoub Nady (also known as MRxC0DER) who has been selling do-it-yourself phishing kits and supplying continued support for them in a phishing-As-A-Service (PhaaS) subscription plan. It seems Abanoub Nady had also been illegitimately using the trademark "ONNX" too. The phishing kits were designed for large scale, coordinated attacks and where among the five most used phishing kits in the first half of 2024, per  Microsoft Digital Defense Report - article  ( Microsoft Digital Defense Report 2024 - direct link ).  I highly recommend reading more about the defense report at least, as a student I found it to be really insightful and interesting to skim through. I'd like to circle back when I have more time and give it a proper rea...

 The article I found for this week wasn't the typical type of article that I would write about. This one is about Congress pushing forward a proposal that, per the article, "would mandate an independent study of the readiness of America’s cyber forces" (see source at the bottom). I noticed while reading that this seemed to look at things from a more militaristic standpoint but I'm not sure if that is all that is really being discussed here. I would image other facets of the government, outside of the military would be a part of this investigation as it  should  pertain to the entire countries ability to defend itself. It also seems that the DoD might be opposed to this investigation too, which is pretty interesting. I'd be curious to look into this a bit further and maybe see where their objections truly lie. The article proposes that the DoD might be covering up their lack of preparedness by trying to deny the need for the investigation, but I truly hope that is ...

 Hello, This week I found an article that seemed pretty neat as I didn't know such pieces of software currently existed. This article was about a company called Symbolic Security that recently launched a SaaS platform to assist developers with making their code more secure. The software will integrate with the IDE that they are using and provide tips/advice while the code is being written.  It seems one of their major selling points is that such software currently exists but tends to do the checking while the code is being committed or added to the rest of the build. This plug-in is supposed to alleviate some of the pain of having to go back over older code to try and make it more secure after it was already considered "complete". Quite a cool tool in my humble opinion. I'd like to see it in action myself to see what kind of advice it offers. As a student such a thing sounds invaluable to me, but maybe the value of something like this tapers off as your developers lea...

 According to this article it seems that there is a large slowdown in the hiring efforts of many companies as it pertains to filling their cybersecurity teams. As someone who is currently a student for that very field and is looking at being in the job market in just a couple more years, this is certainly concerning. Stories of understaffing, low-moral, long hours, and potential burnout seem to be the reality of many professionals in the field at the moment as well. However, there might be a silver lining here. It likely comes as no surprise that the use of AI is being cited as one avenue to improving the lives of many security professionals. Per the article, 45% of teams were currently using AI in their tools already and here is what was cited as the primary use-cases: "Augmenting common operational tasks (56%) Speeding up report writing and incident reporting (49%) Simplifying threat intelligence (47%) Accelerating threat hunting (43%) Improving policy simulations (41%)" Ho...

 The Internet Archive (IA), most notably the "Wayback Machine", has been the victim of several hacks this past year. Starting back in May they suffered their first legitimate service interruption since the site's founding. They suffered a DDoS attack and eventually were victim to a data breach after that too. The group that took responsibility for the attack strangely enough didn't seem to really be trying to achieve a whole lot. They almost seemed to do it just a prove a point that it could be done. The group in question was able to deface part of the website and leave a message in-place saying:  "Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!" Considering the level that they were able to compromise the system to, it is interesting that they didn't (at least that we know of) do more with the compromised data. They wer...