🐂 Renegade Security | NO. 2 (Standard Edition)
A Moses Frost Newsletter
First and foremost I must apologize to the readership. Due to unforeseen issues, we had to delay our newsletter by a day. I do appreciate everyone for signing up. Let’s start with a reader-inspired retraction. Last week we ran a story that featured a GitHub repo with potential Chinese Malware. Unknowingly to me, because I really don’t like getting involved in community in-fighting, there were questions raised about the person who reported this. I am going to leave the links to this to you the reader. I cannot validate the information myself, so I am going to leave it up to the readers to be informed. The way I view it the article I posted that I found interesting was more about the dirty wordlist than the legitimacy of all of the repo.
LEARNING HOW TO HAVE BETTER OPSEC DEPARTMENT
Blackberry has written up about how they have tracked a threat actor that is linked to different attack groups through a Crimeware as a Service for Traffic Direction (TDS). I would recommend checking it out as the way they do attribution is interesting. Article is here.
ATTRIBUTION IS HARD DEPARTMENT
I am not sure this is bright, but someone who gave an interview with wired took out the North Korean Internet. If you don’t know the situation at all, the North Korean Internet is rather sketchy. Yes, yes, Wikipedia is not the most reliable of sources, however, if you do some searching there are good groups that have done the research on it. Given how small the bandwidth is, you can imagine that this is something that a user could take out. There are however questions, first, was this legal? Second, I am not so sure I would go up against that regime and be outspoken about it. The stories I’ve heard are not comfortable.
The Log4j bug will be pretty bad for a long time to come. Keep scanning you will find more and more log4j issues as time goes on. We are now seeing scanners scanning Government IP space looking for bugs. Spoiler; they find Log4J issues.
An AWS S3 WebDav Interface. This tool is written in rust, and it uses S3 as the backend.