Article: Hackers scan for vulnerabilities within 15 minutes of disclosure

h0w1tzr’s Commentary: I long suspected that APT groups were taking advantage of this, but I didn’t realize how quickly some of them are doing it!

System administrators have even less time to patch disclosed security vulnerabilities than previously thought, as a new report shows threat actors scanning for vulnerable endpoints within 15 minutes of a new CVE being publicly disclosed.

According to Palo Alto’s 2022 Unit 42 Incident Response Report, hackers are constantly monitoring software vendor bulletin boards for new vulnerability announcements they can leverage for initial access to a corporate network or to perform remote code execution.

However, the speed at which threat actors begin scanning for vulnerabilities puts system administrators in the crosshairs as they race to patch the bugs before they are exploited.

Links

No Starch Press releasing a book on using NSA’s Ghidra

I just read on Twitter that No Starch Press (NSP) is going to be releasing a book on using the recently open sourced NSA software reverse engineering (SRE) tool named Ghidra. This is their version of IDA Pro and unlike IDA is open sourced and free. As of the time of this posting it is for pre-sale right now and you can get both the physical and eBook combo for a substantial discount. I just bought the combo pack and it looks like the eBook is already available in pdf, mobi and epub formats:

Links:

Great visual guide to how Kerberos works in Windows Active Directory networks

Today on Twitter I found a really easy to follow walk through about how Kerberos works in Windows Active Directory networks. It walks you through each step of the authentication process, what machines are involved and what is happening underneath the hood. It’s a great read for anyone want to know more about how modern day Windows authentication works.

Links:

BHIS Blog Post: GNU Radio Primer

Black Hills Information Security just published a great blog post for anyone interested in software defined radios (SDRs). It links to other tutorials that he found while working with a car key fob and how he used GNU Radio paired with a HackRF One to capture and replay the signal back to the receiver. This is a good read for anyone interested in doing working with SDRs.

BHIS Blog Post: http://bit.ly/3467czI