CWN #19 - 2023 Week 51
The week stories about malicious OAuth apps, too much fuss about the Autospill vulnerability, SMTP smuggling, a new RCE in Outlook...
Archive
A collection of 18 issues
Latest
CWN #18 - 2023 Week 50
Late and short issue: your devices are listening (well, some of them) and Microsoft targets a CaaS (no it's not a new licence from them) and quick links
CWN #17 - 2023 Week 49
Happy 10 years anniversary to IHBP !
Troy Hunt is celebrating 10 years of “I Have Been Pwned?” with a history of everything that happened through the years https://www.troyhunt.com/a-decade-of-have-i-been-pwned/
⚙️ And if you never heard of it, try his “Password Purgatory” for some fun https://github.com/troyhunt/
CWN #16 - 2023 Week 48
Solutions for phishing resistant MFA and SMBs being easily compromised
CWN #15 - Week 47
Weekly news that ended focusing on containers, with exposed secrets in public repos and the 2nd proof of a working exploit on eBPF
CWN 14 - 2023 Week #40
Microsoft recently announced the public preview of Microsoft Graph activity logs. This provides organizations with full visibility into HTTP requests made through the Microsoft Graph API.
CWN #13 2023 - Week 40
The CISA and NSA release a top 10 of misconfigurations
What’s up with the 2023 MITRE ATT&CK Evaluations
Why are all vendors claiming a 100% detection rate ?!?
CWN #12 - 2023 Week 29
Microsoft leaking some keys and Citrix enabling easy remote accesses for everyone
CWN #11 - 2023 Week 20
In this edition, zero trust approaches, how Splunk does its detection engineering and a few tools
CWN #9 - 2023 Week 18
Guidance from Microsoft's DART, Virustotal providing visibility into YARA rules, Trend analyses Earth Longzhi, ...
CWN #6 - 2023 week 16
Initiatives by Google to solve the vulnerability management problem, Microsoft releasing LAPS for AAD and improving the visibility into its Azure API, and other news...
CWN #5 - 2023 week 15
A few titbits about PinDuoDuo, rorschach ransomware, a Twitter vulnerability, logging in AWS and others...
CWN #4 - 2023 Week 13
3CX was compromised and used to deliver malware ! A fine for the scooter rental service Cityscoot, research on AD Protected Users and more.
CWN #3 - 2023 Week 12
GPT-4 is still here ! More details about it, a french initiative for training cybersecurity professionals, the RedCanary 2023 reports and more.
CWN #2 - 2023 Week 11
GTP-4 is there ! Also, news from Greynoise, another AiTM phishing kit, a critical vulnerability in Outlook and a new kill chain from Meta.
CWN #1 - 2023 Week 10
First post! A summary of thedfirreport "2022 year in review" and other interesting links
Coming soon
This is cyberwhatnow, a brand new site by SomeOne that's just getting started. Things will be up and running here shortly, but you can subscribe in the meantime if you'd like to stay up to date and receive emails when new content is published!