The offensive cybersecurity industry — trends and updates
I also recommend to watch the Blackhat talk mentioned.
Selling 0-Days to Governments and Offensive Security Companies
Category: News
Hackers claim to take down Russian satellite communications provider
“A group of previously unknown hackers has claimed responsibility for a cyberattack on the Russian satellite communications provider Dozor-Teleport, which is used by energy companies and the country’s defense and security services.“
Read more: https://therecord.media/hackers-take-down-russian-satellite-provider
Swiss intelligence warns of fallout in cyberspace as West clamps down on spies
“Switzerland’s Federal Intelligence Service (FIS) is warning that cyberattacks conducted for espionage purposes — including those targeting critical infrastructure operators — are going to increase as a result of Western efforts to degrade Russia’s human intelligence networks in Europe.“
https://therecord.media/switzerland-cyber-espionage-russian-diplomatic-expulsions
Someone is posing as a fake security company to create malicious GitHub repositories
“An unidentified party has been creating malicious GitHub repositories under the guise of a fake company that promises exploits for well-known products such as Chrome, Exchange and Discord, but actually infects users who download them.“
Black Hat / ToolsWatch SecTor Toronto 2023 First Arsenal – Call For Tools Open
Presented directly by the Black Hat and ToolsWatch Team, the forthcoming SecTor Arsenal is scheduled for two consecutive days in the Business Hall on October 25-26, 2023.
The Arsenal unites researchers and the open-source community, offering a platform for them to present their most recent open-source tools and products. It creates an immersive and engaging environment where individuals passionate about hacking, regardless of their skill level, can explore specialized tools and targets that might otherwise be challenging to access.
From personal experience I can add: Highly recommended.
National Security Strategy Germany
From the perspective of offensive cybersecurity an interesting point, while it states:
“The Federal Government will examine the capabilities and legal powers required to defend against threats in cyberspace – which includes defending against an ongoing or imminent cyberattack – while respecting the principle of proportionality, and develop benchmarks for their use, in accordance with our obligations under international law and the norms of responsible state behavior in cyberspace. We reject hackbacks as a means of cyber defense in principle.“
But also:
“We must be able to detect aggressive cyber activity early and quickly counter ongoing attacks. The German government is therefore striving to supplement the legal basis for a rapid whole-of-government response in cyberspace in order to be able to counter overarching threat situations decisively and with clear competencies.”
Citing Carlo Masala: “Hackbacks remain prohibited. But we hack first now.”
We learn Security! 