The Cyber Threat Perspective

This is the November 2023 Cyber Threat Recap. Every day our Cyber Threat Intelligence team is tracking, researching, and analyzing threats, vulnerabilities, exploits, and techniques with the purpose of keeping you up-to-date on what's relevant and important in the industry. So you can be more prepared today than you were yesterday to protect your organization.Okta Breach/1PasswordOkta says its support system was breached using stolen credentials1Password Detects Suspicious Activity Following Okta Support BreachHackers Stole Access Tokens from Okta’s Support Unit – Krebs on SecurityOcto Tempesthttps://www.microsoft.com/en-us/security/blog/2023/10/25/octo-tempest-crosses-boundaries-to-facilitate-extortion-encryption-and-destruction/Trendshttps://www.simplilearn.com/top-cybersecurity-trends-articleThe 10 Biggest Cyber Security Trends In 2024 Everyone Must Be Ready For NowBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://click.spenceralessi.com/mylinks Work with Us: https://securit360.com

Get ready for a spine-chilling dive into the world of unsecured credentials! Discover the hidden spots where credentials often lurk, like unattended answer files and even auto hotkey scripts. The hosts share eye-opening stories about the dangers of overprivileged accounts and misconfigured tools. Uncover how everyday items like sticky notes can become gateways for hackers. Ultimately, this thrilling discussion highlights the urgent need for better security practices and user education in the digital realm.

In this episode, Spencer and Darrius go "behind the hack" and discuss what life is like behind the keyboard of a web application penetration tester. They discuss various parts of a web app penetration test such as planning and preparation, execution, and post-exploitation as well as common challenges throughout the way.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://click.spenceralessi.com/mylinks Work with Us: https://securit360.com

In this episode, Brad and Spencer go "behind the hack" and discuss what life is like behind the keyboard of an internal penetration tester. They discuss various parts of an internal penetration test such as planning and preparation, execution, post-exploitation as well as common challenges throughout the way.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://click.spenceralessi.com/mylinks Work with Us: https://securit360.com

Learn what makes a penetration test report truly impactful. Discover the essential elements that ensure clarity and actionable insights for improving organizational security. Hear about the importance of clear communication and contextual risk framing in conveying findings to stakeholders. The discussion also covers challenges in vulnerability remediation and the need for ongoing audits. Plus, tips on enhancing report composition and the critical role of client feedback in refining the reporting process.

Delve into the manipulative tactics of social engineering and their rising prevalence in cybersecurity. Discover the importance of comprehensive training to foster awareness and a strong security culture within organizations. Learn about effective strategies like Multi-Factor Authentication and the principles of least privilege. Embrace a proactive approach to identify vulnerabilities and enhance defenses against these attacks. Explore how viewing challenges as opportunities can strengthen overall security.

In this episode, Spencer and Darrius discuss unpopular Cybersecurity opinions, which are referred to as "hot takes." This discussion was inspired from a tweet by John Breth (@JBizzle703) which as of recording has close to 4 million views.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://click.spenceralessi.com/mylinks Work with Us: https://securit360.com

In this episode, Darrius and Spencer discuss Offensive Security TTPs and tools that look promising, that we're excited for, or are trending.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://click.spenceralessi.com/mylinks Work with Us: https://securit360.com

Dive into the world of securing Windows services, where the speakers reveal the hidden dangers often uncovered during internal penetration tests. Discover the crucial role of lesser-known services like the print spooler and the risks of running them with elevated privileges. Learn about the importance of secure installation practices and the common pitfalls stemming from misconfigured file permissions. Plus, explore essential tools and strategies for risk identification and mitigation, ensuring your systems stay safe from ever-present threats.

Jake Hildreth, the creator of the Locksmith tool, and Sam Erde, an IT veteran specializing in Microsoft technologies, discuss the critical role of Active Directory Certificate Services (AD CS) security. They delve into the inception of Locksmith, highlighting its unique features for identifying and fixing misconfigurations. The conversation is filled with personal anecdotes reflecting on their IT journeys and the importance of mentorship. They also share proactive strategies for enhancing organizational security, making this a treasure trove for cybersecurity enthusiasts.