Hi there, newsletter time again, and this one will be kept sort due to various reasons so it should be a quick read this time which i guess may be a good things since you possible got a full plate already.
This edition of the newsletter however will have no news related to elon or what he is doing with twitter due to the reason that just in the last week since he have taken over, so much have happened and so fast that any news i add about it will be buried in a pile of everything else new since then to the point i have no idea what i can reliable add before things changes a couples hours later, so i want to a least wait until next week until things are a little more stable……who i am kidding, it’s elon, nothing is even stable with him.
Enough things are happening without elon being involved such as Z-Library get seized again but still only knocked down but not out, LinkedIn adds additional profile information display, popular news sites share ads, Microsoft copilot sued for open-source piracy, UK’s NCSC scanning country connected devices and ARM being couple asshats like usually.
~Kazu
News Of Interests:
Z-Library eBook site domains seized by U.S. Dept of Justice
Kazu: last week the website which offered millions of ebooks and articles free of charge got seized by US authorities. for a while the DNS was pointed towards a server owned by Law enforcements used for seizures. However, not long after, the DNS changed to an anonymizing hosting provider named njalla and while the clearnet website is still down, their TOR website is working just fine, so likely they will still stick around for a while still.
Tags: FBI, DOJ, Seized, Piracy, InfoSec, News, Ebooks
LinkedIn Adds Verified Emails, Profile Creation Dates
https://krebsonsecurity.com/2022/11/linkedin-adds-verified-emails-profile-creation-dates/
Kazu: linkedIn has had a serious problem with accounts that pretend to be someone they are not and people have had no real way of finding out more about the account than what the person themselves have disclosed which makes it hard for people to try to find out if the person is who they say they are.
Now LinkedIn have added a feature that lets anyone view additional meta-data related to an account such as when they joined, if their contact or profile photo have been updated more or less than a year ago(seems to only show if less or more only), if they have verified mail or phone number and so forth.
These extra metadata will make it a lot easier to know if a person is genuine or not which will help very much in the security and safety area of things for sure. However, it should be noted that this also opens up for new OSINT methods as well.
Tags: Privacy, Security, InfoSec, Safety, LinkedIn, News, OSINT
More than 250 US news sites inject malware in possible supply chain attack
Kazu: I hate ads with a furry passion which anyone who follows me on the bird side will already be pretty aware of, but I also understand that not everyone cares that much about them and in some cases explicitly allow them to appear for various reasons.
but if there's ever was a valid reason to use tools to block such a thing before they manage to get to you in the first place then it's cases like this where ads are used to deliver malware to people who visit the site, and if it's a popular side, it can end up affected a lot of people.
Malware through ads is not uncommon practice either and has happened a lot of time before, so all in all I feel letting ads through are more risk then I feel I can justify....and that is before we talk about all the invasion of privacy ads are.
Tags: Malware, Ads, Infection, InfoSec, Attack, supply chain, News
Microsoft sued for open-source piracy through GitHub Copilot
Kazu: I can't say I didn't see this coming considering Copilot literally pulls parts of other people's code, along with their comments, into someone else's code, which may have different licensing terms amongst other things. It also helps spread possible bad practices to do things for people who may not even know enough to know if they got dumped is good or not, only that it works.
Tags: GitHub, Microsoft, copilot, lawsuit, open-source, News
British govt is scanning all Internet devices hosted in UK
Kazu: It appears the UK's National Cyber Security Centre have decided to start doing what other countries have done and start scanning all internet connected services in the UK for vulnerabilities. They state they will start slow and then increase the tests performed with time. They also state they will test vulnerabilities on their own systems before scanning country wide, although some may still feel uncomfortable with the idea altogether.
NCSC says organisations that want to be excluded can email them with a list of addresses to exclude.
Tags: InfoSec, UK, NCSC, Scanning, Vulnerabilities, News
Qualcomm: Arm threatens to end CPU licensing, charge device makers instead
https://www.theregister.com/2022/11/01/qualcomm_arm_cpu
Kazu:The chip designer company, ARM, which are used in most IoT, Phones, tablets, etc have decided be a asshat again and changing their licensing from semiconductor companies towards device makers instead which must be one of the stupidist decision of a long list of stupid ones they have made.
And to just pile on top of stupid decision while we are at it, it seems also that "chipmakers will be barred from providing OEMs with processors that feature custom engines, such as GPUs, neural processing units, and image signal processors, and instead must use only Arm-designed blocks"
which will not only hurt innovations but also severely reduce the number of designers and companies which would before paid a lot of money for their licence now deciding against even considering it cause the design will not be 100% pure ARM design.
Tags: Technology, Electronics, Chips, Hardware, ARM, CPU, News
Other Things of Interests:
Antivirus Event Analysis Cheat Sheet v1.10.0
https://www.nextron-systems.com/2022/08/13/antivirus-event-analysis-cheat-sheet-v1-10-0/
Kazu: New version of the "Antivirus Event Analysis Cheat Sheet" by nextron is out. This one has many new additions to it related to Silver and Brute Ratel with many new tags and much more.
Tags: InfoSec, Threat-Hunting, DFIR, Cheatsheet, Blue Team
Layered Images analysis Tool
https://www.aperisolve.com/
Kazu: came across this tool which allow you to analysis images with multiple tools such as zsteg, steghide, outguess, exiftool, binwalk.foremost and others at the same time speeding images related analysis up.
The above link is to the online tool, but from what I can see, it should be available to be used offline as well, although I haven't had the time to test that out yet. I also realize that cyber-chef may be a better option overall as I am sure it uses most of the same tools as well, but I figured it couldn’t hurt having another tool available for quick analysis of images.
Tags: Forensic, DFIR, Stego, Tool
Running GPT-3 Prompts in Google Sheets
Kazu: as much as i like spreadsheets formulas, there's just some things that you may want to do which there's just no easy or even existing formulas you can use to accomplish certain task such as summaries reviews, categories feedback, sanitize data or other tasks which required you to read through something, parse it, and then write something fitting in response.
But all that is annoying and takes time to do, so sure would be nice if there was some way to automate it. well, that is what @shubroski thought as well and decided to built a way to run GPT3 prompts inside his spreadsheets, it still got couple issues, but with time i am sure it will get better, although, since it's automation and ML/AI there will always be bound to be some mistake.
Tags: Technology, GPT3, Spreadsheet, AI, ML