ISC2CT Newsletter Issue 11  

Welcome

Welcome Members!

Welcome Back! Hope the Holidays were safe and fun! Keep those resolutions of ... 1. Get more involved 2. Pay Chapter dues

ISC2CT  

Member News

**Congratulations**

Congrats to our Members who passed their Cyber Exams. Keep up the Great work.

ISC2CT  

January Chapter Meeting

Thank you for a Great Jan 2023 Meeting. Thank you to the GitTech Chapter group and to Dutch for the excellent presentation.

Do you want to present or know a speaker - Let us know and we can get it scheduled.

ISC2CT  

GitTech (Use Caution)

GitHub - Porchetta-Industries/CrackMapExec: A swiss army knife for pentesting networks

A swiss army knife for pentesting networks. Contribute to Porchetta-Industries/CrackMapExec development by creating an account on GitHub. CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of "Living off the Land": abusing built-in Active Directory features/protocols to achieve it's functionality and allowing it to evade most endpoint protection/IDS/IPS solutions.

github.com  

Cyber News

Microsoft Azure Services Flaws Could've Exposed Cloud Resources to Unauthorized Access

Researchers have discovered severe Server-Side Request Forgery (SSRF) vulnerabilities in 4 Microsoft Azure services.

thehackernews.com  

Crypto-Exchange Used to Launder Ransomware Transactions Dismantled - Infosecurity Magazine

The US Justice Department arrested Russian national named Anatoly Legkodymov, the alleged owner of the China-based underground platform Bitzlato

infosecurity-magazine.com  

PYTHON DEVELOPERS UNDER ATTACK. – CyberWorkx

Researchers from Checkpoint and Phylum had identified a new supply chain attack targetting to compromise python developers by making them download typosquatted python modules which contains malicious code in the intention of compromising the same.

cyberworkx.in  

Generating Hypotheses for Successful Threat Hunting | SANS Institute

Threat hunting is a proactive and iterative approach to detecting threats. Although threat hunters should rely heavily on automation and machine assistance, the process itself cannot be fully automated. One of the human's key contributions to a hunt is the formulation of a hypotheses to guide the.

sans.org  

Password managers: should you use them?

What's the point of password managers anyway? Let's take a look at what they do, how they work, and when you should use them.

cybr.com  

PayPal Breach Exposed PII of Nearly 35K Accounts

The credential-stuffing attack, likely fueled by password reuse, yielded personal identifiable information that can be used to verify the authenticity of previously stolen data.

darkreading.com  

No spam, EVER. We'll never share your email address and you can opt out at any time. Newsletter is sent on the first of every month.