TikTok To Stop Scraping Clipboard Data, a Nationwide Bill could Ban Facial Recognition, and Nvidia Discloses Multiple Vulnerabilities.
Hak5’s latest edition of Threatwire highlights some fascinating recent developments in the security field.
- Lamphone Can “See” Your Conversations,
- Facial Recognition Bans are Trending, and
- Honda was Hit With Ransomware
A few years back, I attended a session on ethics issues around facial recognition and tips on defeating the algorithm.
Hak5 explains how to defeat facial recognition in 2020.
It can be difficult to communicate off the grid when there’s no infrastructure. That’s also true when you’re in situations where there is no cellular service or reliable Wi-Fi hotspots, such as a convoy of vehicles that want to talk to talk to each other, or protestors around the world where law enforcement cut out the cell signals.
On this episode of Cyber Weapons Lab, we’ll show how you can use a cheap $35 Raspberry Pi with PirateBox to enable Android phones to talk to each other without using any cell towers.
To learn more, check out the article: https://nulb.app/x6vtu
The Cyber Mentor explores the how and why you should build an Active Directory Lab in this cyber-security filled tutorial video.
At the recent DEFCONConference, Nina Kollars explains her experience buying Nespresso coffee capsules.
In 2018 I somewhat innocently bought very expensive coffee (Nespresso capsules) online from Ebay. What followed was a series of unexpected additional packages from the manufacturer Nespresso and a lurking suspicion that something had gone terribly–if not criminally–wrong as a result of my purchase.
This talk chronicles the obnoxious amounts of obsessive research and tracking that became my new hobby–stalking Nespresso fraudsters and my decidedly non-technical attempts at developing a generic search profile and reporting the fraudsters to anyone who would listen, to include : the persons whose identities had been stolen, Nespresso, Ebay, and the FBI. Ultimately I just ended up with a LOT of coffee; a lingering sense that I had committed several crimes; and no faith left in humanity.
freeCodeCamp.org has posted a full 14 hour network penetration testing/ethical hacking in this full tutorial course for beginners.
This course teaches everything you need to know to get started with ethical hacking and penetration testing. You will learn the practical skills necessary to work in the field.
Throughout the course, you will develop your own Active Directory lab in Windows, make it vulnerable, hack it, and patch it. We’ll cover the red and blue sides. We’ll also cover some of the boring stuff like report writing :).
This course was originally live streamed weekly on Twitch and built from lessons learned in the previous week.
GitHub repo (for homework):
Course created by The Cyber Mentor.
Check out his YouTube channel:
- (0:00) – Course Introduction/whoami
- (6:12) – Part 1: Introduction, Notekeeping, and Introductory Linux
- (1:43:45) – Part 2: Python 101
- (3:10:05) – Part 3: Python 102 (Building a Terrible Port Scanner)
- (4:23:14) – Part 4: Passive OSINT
- (5:41:41) – Part 5: Scanning Tools & Tactics
- (6:56:42) – Part 6: Enumeration
- (8:31:22) – Part 7: Exploitation, Shells, and Some Credential Stuffing
- (9:57:15) – Part 8: Building an AD Lab, LLMNR Poisoning, and NTLMv2 Cracking with Hashcat
- (11:13:20) – Part 9: NTLM Relay, Token Impersonation, Pass the Hash, PsExec, and more
- (12:40:46) – Part 10: MS17-010, GPP/cPasswords, and Kerberoasting
- (13:32:33) – Part 11: File Transfers, Pivoting, Report Writing, and Career Advice