Hackers claim to take down Russian satellite communications provider

A group of previously unknown hackers has claimed responsibility for a cyberattack on the Russian satellite communications provider Dozor-Teleport, which is used by energy companies and the country’s defense and security services.

Read more: https://therecord.media/hackers-take-down-russian-satellite-provider

Swiss intelligence warns of fallout in cyberspace as West clamps down on spies

Switzerland’s Federal Intelligence Service (FIS) is warning that cyberattacks conducted for espionage purposes — including those targeting critical infrastructure operators — are going to increase as a result of Western efforts to degrade Russia’s human intelligence networks in Europe.

https://therecord.media/switzerland-cyber-espionage-russian-diplomatic-expulsions

Someone is posing as a fake security company to create malicious GitHub repositories

An unidentified party has been creating malicious GitHub repositories under the guise of a fake company  that promises exploits for well-known products such as Chrome, Exchange and Discord, but actually infects users who download them.

Read more:
https://www.scmagazine.com/news/devops/someone-is-posing-as-a-fake-security-company-to-create-malicious-github-repositories

Black Hat / ToolsWatch SecTor Toronto 2023 First Arsenal – Call For Tools Open

Presented directly by the Black Hat and ToolsWatch Team, the forthcoming SecTor Arsenal is scheduled for two consecutive days in the Business Hall on October 25-26, 2023.

The Arsenal unites researchers and the open-source community, offering a platform for them to present their most recent open-source tools and products. It creates an immersive and engaging environment where individuals passionate about hacking, regardless of their skill level, can explore specialized tools and targets that might otherwise be challenging to access.

From personal experience I can add: Highly recommended.

Read more.

National Security Strategy Germany

From the perspective of offensive cybersecurity an interesting point, while it states:

“The Federal Government will examine the capabilities and legal powers required to defend against threats in cyberspace – which includes defending against an ongoing or imminent cyberattack – while respecting the principle of proportionality, and develop benchmarks for their use, in accordance with our obligations under international law and the norms of responsible state behavior in cyberspace. We reject hackbacks as a means of cyber defense in principle.

But also:

“We must be able to detect aggressive cyber activity early and quickly counter ongoing attacks. The German government is therefore striving to supplement the legal basis for a rapid whole-of-government response in cyberspace in order to be able to counter overarching threat situations decisively and with clear competencies.”

Citing Carlo Masala: “Hackbacks remain prohibited. But we hack first now.”

Read more.

Quantum Computing and IT security implications

This article is not for learning quantum computing (I am not the right person for that), but to understand some of the implications for IT security and maybe give some help in taking the very first steps.

Introduction to Quantum Computing for Dummies

Since it is so popular let us ask ChatGPT:

OK, know that it is all clear, let’s move on!

I watched these as an easy to understand introduction into this complex topic.

Quantum Computers Explained in a Way Anyone Can Understand

Dig deeper into Quantum computing

If you want to dig deeper have a look at this article, which also links some free introducing books:

https://builtin.com/software-engineering-perspectives/how-to-learn-quantum-computing

This also looks interesting:

https://towardsdatascience.com/the-ultimate-beginners-guide-to-quantum-computing-and-its-applications-5b43c8fbcd8f

Braking RSA

A current discussion is when/how RSA will be broke.

RSA’s demise from quantum attacks is very much exaggerated, expert says

Expert says the focus on quantum attacks may distract us from more immediate threats.

https://arstechnica.com/information-technology/2023/01/fear-not-rsa-encryption-wont-fall-to-quantum-computing-anytime-soon/

One more article about this topic:

Fujitsu: Quantum computers no threat to encryption just yet comment bubble on black

Heavily hyped tech bound for some sort of milestone by decade end

https://www.theregister.com/2023/01/24/fujitsu_quantum_encryption/

Implications in depth

And if you want to dig deeper in these topics here are three fantastic resources:

Quantum computers are nuclear weapons of the tech – but their potential is immeasurable

As scientists across the world express their excitement about the development of quantum technology, others are worried about the dangers it poses to today’s encryption and the potential benefits it could offer to cybercriminals.

https://cybernews.com/crypto/quantum-computers-promises/

Ensure to watch the video at the end:

The Story of Shor’s Algorithm, Straight From the Source | Peter Shor

How Quantum Computers Break Encryption | Shor’s Algorithm Explained

Conclusion

For me it is hard to look into the future here, this field is much too complex and I have only some basic understanding. From what I see at the current point there is no direct impact and we all should be aware that there is also some hype. Maybe you should start to consider what might happen if your current encryption will be broke in the future. I hope I showed a path for starting research for everyone who is interested.

Quantum Computing can have great impact on lot’s of fields, obviously IT security and encryption is only a very small fraction of it. I wonder what it will mean for all STEM fields like astronomy, material research, medicine, understanding the brain, the universe and all the rest.

Course Review: Active Directory Pentesting Full Course – Red Team Hacking

Link: https://www.udemy.com/course/active-directory-red-team-hacking/

Content

Tactics & Techniques

  • local/domain  privilege escalations
  • local/domain  enumaration
  • lateral movement
  • perstistance

Used Tools

  • Powersploit
  • Mimikatz
  • Metasploit
  • Sherlock/Watson
  • Rubeus

Conclusion

  • goes not too deep, so a good coverage but sometimes explanations are missing
  • practical examples
  • also runs into problems sometimes without deleting them, which is good to see imho
  • if you want to run the examples by yourself you will need to setup your own lab
  • you should have some prior knowledge, for example in Powershell, ADS, networking and pentesting in general
  • this is a beginner course for ADS red teaming
  • I gave 4/5 stars and for that price I can recommend the course
  • Hint: wait for discounts at udemy

Softskills: CV, Job Application and Interviews

This one might be a bit too specific, since every country has its own CV and interview culture. For example in the US you don’t add a picture of yourself, in Germany this is very common. There should be much more differences, so please don’t take everything here for granted in the area or county where you want to get a job. I try to be as general as possible here.

From my previous post Softskills: Networking for your Career you should be aware that it is good to get a job over a personal network and could be the most promising option.

CV & Job Application

A couple of points for the CV & job application:

  • be honest, when people found out you lied or made things up you are out
  • don’t go into details that don’t have something to do with the job you are applying to, unless it seems necessary
  • everything else write detailed, I like to have much information, but other people might have a different opinion
  • take a clean and easy to read format
  • write a great motivation letter for your application
  • proof facts, for example if you write you have a certification add a copy or scan of it to the application
  • check for grammar and spelling
  • if possible let somebody read your application who can give good feedback

Job Interview

I was on both sides of the table, conducting interviews and also of course being the candidate.

  • know your CV well, you should be able to explain everything without looking it up
  • if you have a bad feeling you normaly should not take the job, unless it is a huge chance for you or you can use it for jumping to a better job
  • prepare for the interview, think about what questions might be asked
  • try to prepare for standart questions like
    • what was your biggest mistake
    • where do you see yourself in five years
    • what is your biggest weakness
    • what do you expect from your employer
    • and so on
  • prepare for technical questions
    • there is nothing worse for example when you say for example you know XSS but could not explain the difference between a stored and a reflected XSS
    • have a look at the Daniel Miessler interview questions (see also below)
  • if you have weak spots in your CV you can try to handle this pro-actively, if not prepare for critical questions
  • prepare questions that you want to ask, for me an interview always has to go into both directions

Links
https://us.experteer.com/magazine/should-you-put-a-photo-on-your-cv/
https://danielmiessler.com/study/infosec_interview_questions/
https://www.indeed.com/career-advice/resumes-cover-letters/motivation-letter

Softskills: Networking for your Career

Whether looking for a new job, enhancing your knowlege or finding like-minded people, networking is important for your career.

Social Networks

When I looked for my first job as a pentester I wrote to CEOs and company owners from smaller companies that I found interesting on Xing (which is manily active in Germany) and later I also used LinkedIn. I got invitations to interviews and found a job.

Further I use twitter, but not as much as I did 2-3 years ago. But you can still get information very quick when you follow the right people. For example when a PoC for an exploit is available it is posted fast here, but be careful and check the information.

On all networks you can use direct mail for contacting people when you have questions, in my experience most people are happy to help.

But how to start? First follow and add people you know. Search for people who might be interesting for you and also add/follow them. When contacting the first time, just say a few words about yourself. Share posts you find interesting and maybe start sending your own post, maybe a link to an interesting blog post you found interesting or a short course review.

You can also be successful without social media accounts, but for me it was a booster. It is also useful to stay in contact with people you meet at…

Conferences & Meet-ups

Another great place for networking is conferences and local meetings. At local meetings (I visited the OWASP meeting Cologne for some time) it is easy to get into touch with people in the area you live, you have presentations and can learn.

At conferences it depends strongly for me what you expect. For networking it might be better to go to smaller conferences, especialy if you don’t know anybody. Bigger conferences are also good, but maybe a bit overwhelming first.

You can get more contacts when participating actively, for example by giving a presentation or as a volunteer.

Or, when you are in the industry for a longer time, just meet with people you know.

And guess what? I got in touch with one of my employers at a conference.

Links