Cybersecurity ???And Much More Newsletter ?? Vol. 3 Num. 02

Greetings, friends.

Welcome to my newsletter, if you are not yet subscribed, please do. It might include books, articles, tech, tips, and cool stuff about cybersecurity.

Enjoy!

What’s Happening

???CISA ?????Adds Two Flaws to Known Exploited Vulnerabilities Catalog

The US Cybersecurity and Infrastructure Security Agency (CISA) has added two privilege elevation vulnerabilities to its Known Exploited Vulnerabilities (KDEV) Catalog. One of the vulnerabilities is in Microsoft Exchange Server, and the other is in Windows. Executive Branch US Federal Civilian Agencies have until January 31 to fix the problems.

???Microsoft Patch Tuesday

Microsoft announced patches for almost 100 vulnerabilities on Tuesday, January 10. A privilege escalation vulnerability (CVE-2023-21674) in Windows Advanced Local Procedure Call (ALPC) is being exploited extensively. The vulnerability might be exploited to escape the browser sandbox and obtain system privileges. Eleven of the vulnerabilities are categorized as critical, while the remaining eight are classified as significant.

???Critical Architectural Vulnerabilities in Siemens PLC

More than 100 models of Siemens SIMATIC and SIPLUS S7-1500 programmable logic controllers (PLCs) have a design flaw that could be used to install firmware and get around all of the protected boot features. The bug can't be fixed with a software patch because of how it works. Siemens says that exploiting the flaw requires physical access to vulnerable devices. The company recommends that users "assess the risk of physical access to the device in the target deployment and take steps to make sure that only trusted personnel have access to the physical hardware.”

???Critical Control Web Panel Vulnerability is Being Actively Exploited

A known major vulnerability in the Web Control Panel web hosting interface is being exploited by hackers. The remote code execution vulnerability was addressed in October 2022; users are encouraged to upgrade to version 0.9.8.1147 or later.

???Fortinet FortiOS SSL-VPN Flaw Was Exploited to Infect Government Systems

Fortinet says an unknown threat actor exploited a serious FortiOS SSL-VPN weakness to infect government and government-related systems. Fortinet fixed the heap-based buffer overflow issue (CVE-2022-42475) late last year. On December 12, Fortinet issued a warning for FortiOS SSL-VPN 7.2.8, released in November. Fortinet "shares [their] early study into this malware and additional IoCs uncovered during... continuing examination" in a January 11 blog post.

????US FAA Addresses Notice to Air Missions System Outage

This week, the US Federal Aviation Administration (FAA) stopped domestic flights from taking off because its Notice to Air Missions System (NOTAMS) was down. The FAA let planes fly again after 9 a.m. on Wednesday. The FAA says that it looks like the problem was a broken database file. NOTAMS is a separate system from the FAA's air traffic control system that lets pilots know about possible dangers.

Security Bites

???Tips - ???Security - 5G Reminder

???This is a quick 5G reminder as I continue my series about Telco Security.

5G is the fifth generation of cell phone technology. It replaces the 4G (LTE/WiMax), 3G (UMTS), and 2G (GSM) systems. 5G networks are meant to provide faster internet speeds, lower latency, and more reliable connections for a wide range of devices and use cases, such as self-driving cars, drones, virtual reality, and the Internet of Things (IoT).

It uses a different part of the radio spectrum than its predecessors, which lets it send and receive more data at a faster rate.

The architecture of a 5G network is designed to be highly flexible and scalable, and is divided into several main components:

1. Radio Access Network (RAN): Connects the devices to the 5G network.
2. Core Network: Handles the routing and management of the data.
3. Transport Network: Connects the different parts of the network including the RAN and Core Network.
4. Virtualized Infrastructure: It could be on a private or public cloud, but it’s an important part of the flexible and scalable aspect of 5G as many components are virtualized.
5. Management and Orchestration: Automates and manages various functions and services within the network.
6. Edge Computing: being closer to the endpoints is one of the key elements in reducing latency and offering high-speed services.

For the deployment of 5G networks, while it is not that different from the previous generation, it includes similar steps and strategies. The steps include getting the licensing required for the spectrum allocation, planning on how to use the frequencies based on the use cases and services, designing the network architecture to be deployed, and the strategies to follow.

These strategies depend on the scope of the deployment, budget, business opportunities, use cases, and more, but they can be resumed in two main ones:

• Non-Standalone (NSA) deployment: With this strategy, 5G technology is used to improve existing 4G networks instead of completely replacing them.
• Standalone deployment (SA): With this strategy, 5G networks are built from scratch, which gives them the best performance and capabilities. But the process is more complicated and takes more time.

Stay tuned for more…

???Tips - ???Security - ?? Tool Spotlight - Check IoC

IOC stands for "Indicator of Compromise.” It is a term used in cybersecurity to describe any object or observation that can be used to find out if an attack is happening or has happened.

IP addresses, domain names, file hashes, and registry keys are all types of IOCs. Check IOC is a free community tool that lets people look up IP addresses and domains in a database of IOCs that are linked to malware. The tool can help users find potential security threats and protect their systems and networks by taking the right steps.

In addition to that, they offer a paid plan that includes some more features, like:

• Research unlimited IPs & domains with one click ease
• Authoritative results from over 900 Threat Intel feeds.
• Continuous, rapid updates to stay ahead of attackers.
• Includes historical meta-data spanning 10+ years.
• Passive DNS & ASN data included.

P.S: ThreatStop disclaimer says that: “The resulting information cannot be reused for commercial purposes without permission.”

My Favorites

??????Books I’m Currently Reading ????

Title: The Escape Artist: The Man Who Broke Out of Auschwitz to Warn the World

Author: Jonathan Freedland

Overview:

In April 1944, Rudolf Vrba became the first Jew to break out of Auschwitz—one of only four who ever pulled off that near-impossible feat. He did it to reveal the truth of the death camp to the world—and to warn the last Jews of Europe what fate awaited them at the end of the railway line. Against all odds, he and his fellow escapee, Fred Wetzler, climbed mountains, crossed rivers and narrowly missed German bullets until they had smuggled out the first full account of Auschwitz the world had ever seen—a forensically detailed report that would eventually reach Franklin Roosevelt, Winston Churchill and the Pope.

??????Books I Recommend Reading ??

Title: Hacking APIs: Breaking Web Application Programming Interfaces

Author: Corey J. Ball

Overview:

Hacking APIs is a crash course on testing the security of web APIs. It will teach you how to test APIs for vulnerabilities, get high rewards from bug bounty programs, and make your own APIs safer.

You'll learn how REST and GraphQL APIs work in the real world and use Burp Suite and Postman to set up a streamlined API testing lab. Then you'll learn how to use tools like Kiterunner and OWASP Amass that can be used for reconnaissance, endpoint analysis, and fuzzing. Next, you'll learn how to do common attacks, like ones that target an API's authentication system or the injection vulnerabilities that are common in web apps. You'll also learn how to get around security measures meant to stop these attacks.

In the nine guided labs in the book, which focus on APIs that were made to be weak, you'll practice:

• Using fuzzing techniques to list API users and endpoints
• Using Postman to find a vulnerability that lets too much data out
• Using a JSON Web Token attack to try to break into an API authentication process
• Using several API attack methods together to do a NoSQL injection
• Trying to break into a GraphQL API to find a broken object level authorization flaw

By the end of the book, you'll know how to find high-paying API bugs that other hackers haven't found and how to make web applications safer.

???Podcast - I was on a Podcast

Title: Humans of InfoSec

Is the manager role the only path ahead in cybersecurity? @seifhateb Security Engineer at Twilio, shares his view on the Individual Contributor vs Manager dilemma, and how people in the field can pursue the type of role that fits them best:

https://bit.ly/3IJRfqT

???Videos - The Theranos Scam! It could have worked out if it was a Tech Company

Theranos, what seemed like one of the most groundbreaking companies of the 21st century ended up being one of Silicon Valley's greatest failures. How did Elizabeth Holmes manage to fool the world? In this video, we find out the twisting rollercoaster of a story. Link

Quote of the Week

“People won’t believe what they can’t imagine . . .” ― From “The Escape Artist”

If you’re interested in starting a career in cybersecurity, watch this one, and don’t forget to subscribe to my channel and leave a comment if there are any topics you’re interested in seeing in my next video.

Check out my other stuff here.