IT Pro Tuesday #314

by | Aug 12, 2024 | IT Pro Tuesday

IT Pro Tuesday #314

Welcome back to IT Pro Tuesday!

In the latest Security Swarm Podcast: “Inside Anonymous Sudan: Threat Actor Group Behind Major Cyber Attacks,” we explore who this group is, their affiliations, motivations, and the tactics, techniques, and procedures (TTPs) they employ.

We’re looking for favorite tips and tools we can share with the community… those that help you do your job better and more easily. Please share your suggestions on the IT Pro Tuesday subreddit, and we’ll be featuring them in the coming weeks.

Now on to this week’s list!

A Free Tool

Angry IP Scanner is an open-source network scanner for Linux, Windows, and Mac. It can detect open ports and perform actions on them (as permitted), such as viewing shared files, accessing web/FTP server, pinging, and launching Telnet. Also shows some details about detected computers. BCF13 says, “been using for 20 years. World’s most simple tool!”
External Attack Surface Management Attack Surface Summary

A Tutorial

Using Wireshark to Solve Real Problems for Real People is a presentation that walks you through detailed case studies that help teach effective packet analysis. Nnyan explains, “Wireshark is one tool we use almost every day by most of our groups. Here is my fave session at Sharkfest 18. I refer to this time and time again.”
External Attack Surface Management Attack Surface Summary

A Newsletter

This Week in Self-Hosted is an e-mail newsletter that goes out each week to summarize the latest self-hosted news, trends, launches, updates, and more. A favorite source of current information for sassanix.
External Attack Surface Management Attack Surface Summary

Security News

Almost unfixable “Sinkclose” bug affects hundreds of millions of AMD chips explains a frightening chip security flaw that can allow malware to embed itself so deeply in memory that it’s nearly impossible to remove. Kindly suggested by muttmutt2112.
External Attack Surface Management Attack Surface Summary

A Tip

Some helpful advice, compliments of Darkfold: “Don’t allow user desktop/laptop machines to talk amongst themselves, apart from the minimum required for Teams calls etc. The number of dumb things that just got stopped dead or massively contained by dropping inbound traffic from user machines to other user machines is honestly ridiculous.”

P.S. Bonus Free Tools

dos2unix / unix2dos is a text file format converter that can adjust line breaks between DOS or Mac and Unix. Helpjuice explains, “[it’s] wonderful for when someone sends you something in the wrong line endings.”

Pocket ID is a simple OIDC provider offering user authentication via passkeys. Author GeneralXHD adds, “it only supports passkey authentication, which means you don’t need a password. Some people might not like this idea at first, but I believe passkeys are the future, and once you try them, you’ll love them. For example, you can now use a physical Yubikey to sign in to all your self-hosted services easily and securely.”