Rick Farina – Board Member at RF Hackers Sanctuary

After an unsuccessful adult film career under the pseudonym “Chubby Cox”, Zero has settled comfortably into his backup career of Wireless Security. Specializing in Wifi security, he has also branched out into bluetooth, radio, and sdr. Currently, he is working on the best Linux distro to ever grace the face of the earth, Pentoo. This bio is entirely unbiased.

Rick Mellendick – Board Member at RF Hackers Sanctuary

Rick is the Chief Security Officer for PI Achievers by day, a process improvement and security firm, and an RF Hacker by night. Rick specializes in designing and assessing networks using offensive techniques to assist in securing client networks. He is a subject matter expert in computer network operations, Radio Frequency (RF) offense and defense, and building large scale security programs. Rick has completed over 500 vulnerability assessments and penetrations tests, specializing in the radio frequency spectrum.

Bill Brenner

VP, Content Strategy at CyberRisk Alliance

Larry Pesce

Principal Managing Consultant and Director of Research & Development at InGuardians

Lee Neely

Senior Cyber Analyst at Lawrence Livermore National Laboratory

Paul Asadoorian

Founder at Security Weekly

Tyler Robinson

Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

Scott Scheferman – Principal Cyber Strategist at Eclypsium

Scott, aka “Shagghie” in the community, is a public speaker, thought leader and cyber strategist. With decades of cyber consulting in both Federal and Commercial domains, he brings strong opinions and insight into any topic covering cyber, privacy, AI/ML, or the intersections of these. Winner of the first defcon badge-hacking contest and a defcon music artist, he currently works to bring urgent awareness to the device and firmware attack surface now being readily exploited.

Bill Brenner

VP, Content Strategy at CyberRisk Alliance

Larry Pesce

Principal Managing Consultant and Director of Research & Development at InGuardians

Lee Neely

Senior Cyber Analyst at Lawrence Livermore National Laboratory

Paul Asadoorian

Founder at Security Weekly

Tyler Robinson

Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

Bill Brenner

VP, Content Strategy at CyberRisk Alliance

Joff Thyer

Security Analyst at Black Hills Information Security

Larry Pesce

Principal Managing Consultant and Director of Research & Development at InGuardians

1. assless-chaps –
2. Dominic White on Twitter –
3. ‘Master Faces’ That Can Bypass Over 40% Of Facial ID Authentication Systems –
4. Mysterious “Potential Hijack” Of Commercial Ship Ongoing In The Gulf Of Oman (Updated) –

Lee Neely

Senior Cyber Analyst at Lawrence Livermore National Laboratory

1. New Android Malware Uses VNC to Spy and Steal Passwords from Victims – A previously undocumented Android-based RAT has been found to use VNC screen and keystroke recording features to steal sensitive information on the device.
2. Chipotle’s Email Marketing Account Hacked to Spread Malware – A new phishing campaign exploiting a compromised Chipolte Mailgun mailing service account was discovered in mid-July. In Of the 121 phishing emails detected, two were vishing attacks (fake voicemail notifications with malware attachments), 14 impersonated the USAA Bank, and 105 impersonated Microsoft.
3. PwnedPiper critical bug set impacts major hospitals in North America – Pneumatic tube system (PTS) stations used in thousands of hospitals worldwide are vulnerable to a set of nine critical security issues collectively dubbed “PwnedPiper,” that could be exploited by unauthenticated attackers to take complete control over some Internet-connected TransLogic PTS stations and ultimately take control over a targeted hospital’s entire PTS network.
4. LockBit 2.0, the first ransomware that uses group policies to encrypt Windows domains – A new variant of the LockBit 2.0 ransomware is now able to encrypt Windows domains by using Active Directory group policies.
5. SafeWA – Application Audit – An audit report regarding Western Australia’s SafeWA COVID-19 contact tracing app reveals that police accessed the app’s data and that the app itself contained security flaws. In the report, the Auditor-General of Western Australia expressed concern that the personal data the app collected were used for purposes other than contact tracing. Western Australia released the SafeWA app in November 2020.
6. The Lazio Region vaccine portal is held hostage by hackers – Lazio Italy’s regional government was forced to take down its COVID-19 shot-booking system after it was hit by a possible ransomware attack during which attackers targeted its database
7. Over 100 warship locations have been faked in one year – Abuses of location technology might just result in hot political disputes. According to Wired, SkyWatch and Global Fishing Watch theyound the fakes by comparing uses of the automatic identification system (AIS, a GPS-based system to help prevent collisions) with verifiable position data by using an identifying pattern.
8. Vulnerabilities in NicheStack TCP/IP Stack Affect Many OT Device Vendors – Researchers have identified more than a dozen vulnerabilities in the NicheStack TCP/IP stack, which appears to be used by many operational technology (OT) vendors. The issues could be exploited by attackers to perform remote code execution; conduct denial-of-service attacks, TCP spoofing, DNS cache poisoning; and to leak information.
9. Stop ignoring this iPhone warning – Have you seen the prompt on your iPhone to update to iOS 14.7.1, but you’ve been putting it off? After all, it doesn’t seem like there’s much to it… Hint -it’s a big deal.
10. Reindeer leaked the sensitive data of more than 300,000 people – WizCase’s ethical cyber researchers discovered a misconfigured Amazon S3 bucket belonging to Reindeer containing over 50,000 files and totaling 32GB of data. The Reindeer Company is a defunct American advertising company.

Paul Asadoorian

Founder at Security Weekly

1. July Firmware Threat Report – Eclypsium –
2. Why Would Someone Hack My Website? – Basically: Because it’s there…
3. A NSA Guidance Explains How to Secure Your Wireless Devices? – Actually some pretty decent tips
4. The hostel WiFi vigilante – This is like the easy button for ARP poisoning: http://arcai.com/what-is-netcut/. The solution? perhaps: “So, wrote a script to scrape ARP table repeatedly, found duplicate entries for IP addresses, New duplicate ARP entries in subsequent scrapes are attackers, since original entry is the victim device’s ARP entry. Found original MAC addresses for attackers from the duplicate ARP entries, ARP poisoned the attackers themselves.”
5. Let’s understand Cryptography – This is a much better article on crypto.
6. Research Shows How a Remote Print Server Leads to Windows Admin Privileges –
7. Productivity tools for H@xors – Some neat tips, in fact I am testing out this one: https://github.com/laurent22/joplin as it allows for note taking, copy/paste images and even has a vim mode. I also thought it was a neat trick to switch your caps lock key for the escape key.
8. ‘I’m Calling About Your Car Warranty’, aka PII Hijinx – This is a really interesting concept, and glad to see the research will be continued: “Researchers created 300 fake identities, signing them up on 185 legitimate websites ranging from Target to Fox News, with each identity used on a single website. Then they tracked how many email messages, phone calls, text messages and other responses were received based on the personally identifiable information (PII) used to register.”
9. A brief history of cryptography – This article was not what it claimed to be. I suggest that the author, and anyone else looking to write articles such as this, to confide in someone in the community as a reviewer/editor first. We are happy to help.
10. How I Monitor Active SSH Sessions With Prometheus And Grafana – I need to look into this one more. So Prometheus is a time-series DB for monitoring (https://prometheus.io/) and Grafana (https://grafana.com/) allows you to “Query, visualize, alert on, and understand your data no matter where it’s stored.”.
11. Nothing is Unhackable – Agree or Disagree? “Nothing is unhackable. It is extremely important for everyone to understand that nothing is unhackable. The more complicated the device, and the more complicated the software, or the more open it is to interaction with other applications, or research by security researchers or hackers, the more likely it is that you have created an additional attack surface. Playing offense is easy, because all you need to do is find a vulnerability. And playing defense is hard, because you need to defend yourself on all fronts, all the time.”
12. Microsoft Patched the Issue That Enabled a Windows Container Escape – “…users should follow Microsoft’s guidance recommending not to use Windows containers as a security feature. Microsoft recommends using strictly Hyper-V containers for anything that relies on containerization as a security boundary. Any process running in Windows Server containers should be assumed to have the same privileges as admin on the host, which in this case is the Kubernetes node. ” – So can you run a container inside Kubernetes and then run Kubernetes inside Hyper-V?
13. Cisco Patches Critical Vulnerability in Small Business VPN Routers – 1) Its often the web interface 2) Its never supposed to be exposed to the Internet 3) scans always show that people have exposed it to the Internet 4) its always specially crafted requests that lead to RCE or DoS, hence this: “To exploit the bug, a remote, unauthenticated attacker has to send specially crafted HTTP requests to an affected device, which could allow them to execute arbitrary code or cause a denial of service (DoS) condition. “[T]he web management interface is locally accessible by default and cannot be disabled, but is not enabled for remote management by default. However, based on queries via BinaryEdge, we’ve confirmed there are at least 8,850 remotely accessible devices,” “
14. Cobalt Strike Bugs Found in the Latest Versions of the Cobalt Strike’s Server. – Handy, so a good tool used by bad people has a vulnerability that good people can use against the bad people using the good tool: “They discovered that a user is able to register fake beacons with the server of a particular Cobalt Strike installation and that by sending fake tasks to the server, can crash it by exhausting the available memory.”
15. Black Hat 2021: DNS loophole makes nation-state level spying as easy as registering a domain – “What we found was that registering certain “special” domains, specifically the name of the name server itself, has unexpected consequences on all other customers using the name server. It breaks the isolation between tenants. We successfully registered one type of special domain, but we suspect there are many others.”
16. Scientist Invents Toilet That Turns Human Feces Into Cryptocurrency – Just for the LOLs

Tyler Robinson

Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security