- John Hammond
- Posts
- Cybersecurity Shenanigans đ
Cybersecurity Shenanigans đ
#001
đ Hey there,
Iâm trying the newsletter thing! đ This first edition is a bit of a soft launch, and Iâm super honored youâre here for it.
With that said, Iâm hoping to pack these things with helpful, educational cybersecurity shenanigans (hence the name) that will help you elevate your cybersecurity knowledge â and keep up-to-date on whatâs going on in my corner of the internet.
Iâd love to know what you think of this first edition, so please (please please) leave feedback below and let me know whatâs good and what else youâd like to see in these things.
Thanks for being here!
â JH
P.S. The last thing I want to do is make these newsletters feel spammy. So I wonât send you these more often than once a month (sometimes twice if something really interesting is happening).
News & Commentary
CDK Global was hacked⌠twiceâŚ
and the âfunâ doesnât stop there
This is a wild and still-unfolding headline, so bear with me. đ
Last Tuesday, news broke that CDK Global had been the victim of a cyberattack. CDK Global hosts a platform that 15,000+ car dealerships in North America use to run their business operations, from running employee payroll to managing inventory.
Hereâs the thing: For car dealerships to make use of the platform, they have to configure a VPN that stays connected to one of CDK Globalâs data centers. And the software itself requires admin privileges to function properly. I think you know where this is goingâŚ
In response to the cyberattack, CDK Global shut down a good number of services and two data centers, halting operations for many car dealerships that rely on CDK Globalâs software.
Unfortunately, thatâs only the beginningâŚbecause while CDK Global was actively recovering from the cyberattack, another one hit. đŹ Back to square one with incident response procedures.
And because threat actors never pass up the opportunity to take advantage of a good disaster, theyâre now making phone calls to car dealerships, posing as CDK Global officials who need system access.
This story is still developing, so stay tuned.
Tor Browser 13.5 now available
The Android and desktop versions of Tor Browser just got an update to pregame the expected drop of Tor Browser 14 later this year.
Android users will have a more native connection experience easier access to Tor logs, while desktop users will experience better bridge management, improved letterboxing, and more consistent error messages.
(Time to go dark web dumpster diving.)
Kaspersky has been banned in the US
If you rely on Kaspersky for antivirus software, youâre gonna wanna find a replacement by September 29.
The Presidentâs Office announced that Kaspersky will be banned in the US out of security concerns because of the companyâs roots in the Russian government. By July 20, Kaspersky wonât be able to onboard new customers based in the US, and by late-September, they wonât be able to provide software updates.
Latest Content
YouTube Videos
June 25 // Remote access software built into Windows? What could possibly go wrong??? (Inspired by @NathanMcNultyâs post.) |
June 14 // I detonate some malware (on a virtual machine đ ) by enabling macros in an Excel document. Dirty RATs. đ |
June 12 // Weaponizing normal Windows processes is a tale as old as time. In this video, I talk about stealing plaintext passwords by taking advantage of the Windows logon process. |
Sponsor
Flare is a continuous threat exposure management platform that automates detection for credentials & high risk technical exposure across the dark and clear web to empower security teams to stay a step ahead of threat actors.
Unicorns are real, and I work at one đđĽłđđŚ
â John Hammond (@_JohnHammond)
3:51 PM ⢠Jun 18, 2024
Upcoming Content
Hereâs a list of topics you may see in my feeds soon. đ
Impersonating TrustedInstaller (inspired by tiraniddo)
OAuth Consent Grant Attack
Events
Thursday, July 11 at 10am MT: Navigating Cyberthreats with John Hammond (PDQ Live)
August 4 - 8: Hacker Summer Camp. If you see me, please say hi!! (I may have some exciting news to share!)
Life Updates
I recently went to the OpenSauce conference, and it was incredible! I got to meet up with other creators like ThePrimeagen and Pirate Software, and got a picture with my guilty-pleasure comfort-streamer Ludwig.
I asked @LudwigAhgren to take the picture for us but I forgot to turn flash on for him lmao
â John Hammond (@_JohnHammond)
10:17 PM ⢠Jun 16, 2024
I also set up a big HP Proliant Server with https://ludus.cloud as a wrapper for Proxmox, and it is super cool â you can define an entire cyber range with just a YAML file and spin up a whole homelab as if it were just simple Docker commands!
slowly @badsectorlabs
â John Hammond (@_JohnHammond)
12:43 AM ⢠Jun 24, 2024
Give Me Your Feedback (Pretty Please đ)
Poll: What types of content would you like to see in this newsletter? |
Social