The Cyber Threat Perspective

This is the November 2023 Cyber Threat Recap. Every day our Cyber Threat Intelligence team is tracking, researching, and analyzing threats, vulnerabilities, exploits, and techniques with the purpose of keeping you up-to-date on what's relevant and important in the industry. So you can be more prepared today than you were yesterday to protect your organization.Okta Breach/1PasswordOkta says its support system was breached using stolen credentials1Password Detects Suspicious Activity Following Okta Support BreachHackers Stole Access Tokens from Okta’s Support Unit – Krebs on SecurityOcto Tempesthttps://www.microsoft.com/en-us/security/blog/2023/10/25/octo-tempest-crosses-boundaries-to-facilitate-extortion-encryption-and-destruction/Trendshttps://www.simplilearn.com/top-cybersecurity-trends-articleThe 10 Biggest Cyber Security Trends In 2024 Everyone Must Be Ready For NowBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

Get ready for a spine-chilling dive into the world of unsecured credentials! Discover the hidden spots where credentials often lurk, like unattended answer files and even auto hotkey scripts. The hosts share eye-opening stories about the dangers of overprivileged accounts and misconfigured tools. Uncover how everyday items like sticky notes can become gateways for hackers. Ultimately, this thrilling discussion highlights the urgent need for better security practices and user education in the digital realm.

Dive into the intriguing world of web application penetration testing! Discover the meticulous planning involved, from kickoff meetings to defining scopes and workflows. Learn how client-side validations can be risky and explore real-world exploitation strategies. Catch insights on handling out-of-scope findings and the importance of creating clear proofs-of-concept. Experience the creativity in exploiting vulnerabilities, including playful demonstrations, all while tackling common challenges like WAFs and undocumented APIs. It's a fascinating peek behind the keyboard!

Discover the intriguing life of an internal penetration tester as Brad and Spencer dive into their daily tasks. Learn about the meticulous planning that goes into preparation, from tool selection to client conversations. They emphasize the importance of an assumed-breach model and endpoint testing, while also discussing the challenge of finding vulnerabilities in out-of-scope systems. With insights on maintaining workflow and effective note-taking, listeners gain a clear understanding of how to validate vulnerabilities and provide true client value.

Learn what makes a penetration test report truly impactful. Discover the essential elements that ensure clarity and actionable insights for improving organizational security. Hear about the importance of clear communication and contextual risk framing in conveying findings to stakeholders. The discussion also covers challenges in vulnerability remediation and the need for ongoing audits. Plus, tips on enhancing report composition and the critical role of client feedback in refining the reporting process.

Delve into the manipulative tactics of social engineering and their rising prevalence in cybersecurity. Discover the importance of comprehensive training to foster awareness and a strong security culture within organizations. Learn about effective strategies like Multi-Factor Authentication and the principles of least privilege. Embrace a proactive approach to identify vulnerabilities and enhance defenses against these attacks. Explore how viewing challenges as opportunities can strengthen overall security.

In this episode, Spencer and Darrius discuss unpopular Cybersecurity opinions, which are referred to as "hot takes." This discussion was inspired from a tweet by John Breth (@JBizzle703) which as of recording has close to 4 million views.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

In this episode, Darrius and Spencer discuss Offensive Security TTPs and tools that look promising, that we're excited for, or are trending.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

Dive into the world of securing Windows services, where the speakers reveal the hidden dangers often uncovered during internal penetration tests. Discover the crucial role of lesser-known services like the print spooler and the risks of running them with elevated privileges. Learn about the importance of secure installation practices and the common pitfalls stemming from misconfigured file permissions. Plus, explore essential tools and strategies for risk identification and mitigation, ensuring your systems stay safe from ever-present threats.

Jake Hildreth, the creator of the Locksmith tool, and Sam Erde, an IT veteran specializing in Microsoft technologies, discuss the critical role of Active Directory Certificate Services (AD CS) security. They delve into the inception of Locksmith, highlighting its unique features for identifying and fixing misconfigurations. The conversation is filled with personal anecdotes reflecting on their IT journeys and the importance of mentorship. They also share proactive strategies for enhancing organizational security, making this a treasure trove for cybersecurity enthusiasts.