"Authorized 'hacking back' will enable previously unrealized asymmetries for the cyber adversary." - The Art of Cyber War

In this week's Seclog, the cybersecurity landscape reveals a persistent focus on supply chain vulnerabilities, with multiple reports detailing sophisticated npm campaigns like Shai-Hulud and tactics employed by North Korean actors leveraging GitHub. Emerging threats include the Aisuru botnet's shift from DDoS to residential proxy services, indicating a move towards more covert monetization strategies.

📚 SecMisc #

Thinking Like a Google Security Engineer - substack.com

Insights derived from a Senior Security Engineer's first year at Google. Provides valuable guidance for security professionals seeking to adopt the mindset prevalent in leading tech security teams.

OPSEC Guide for Teenagers - substack.com

A personal yet comprehensive guide to digital Operational Security tailored for teenagers. Offers practical advice on navigating online risks, privacy, and digital hygiene.

📰 SecLinks #

Online Tool to Check Dependency Confusion - jsmon.sh

Introduces DepiConf, an online tool designed to identify npm packages vulnerable to dependency confusion attacks. Helps proactively discover non-existent package names that could be exploited.

Aisuru Botnet Shifts Focus to Residential Proxies - krebsonsecurity.com

The Aisuru botnet has pivoted from DDoS attacks to renting out IoT devices as residential proxies. Indicates a strategic shift towards sustained, less detectable monetization.

Slack TURN Server Internal Network Proxy - hackerone.com

A HackerOne report detailed a critical vulnerability in Slack's TURN servers. Allowed TCP and UDP proxying to their internal network and AWS metadata services.

North Korean Actors Leverage GitHub for npm Attacks - socket.dev

Socket Threat Research uncovered extensive infrastructure used by North Korean threat actors. Led to the deployment of 197 malicious npm packages.

Amazon's AI Agents Counter Cyber Threats - amazon.science

Amazon has developed Autonomous Threat Analysis (ATA), leveraging agentic AI and adversarial multiagent reinforcement learning. Reduces the time to develop security protections from weeks to hours.

Shai-Hulud npm Campaign Expands - socket.dev

Reports another wave of the "Shai-Hulud" campaign, impacting over 500 npm packages. Highlights the persistent threat posed by this supply chain attack.

Cache Poisoning Case Studies - herish.me

The first part of a deep dive into cache poisoning, illustrating its evolution into a high-impact attack vector. Presents real-world case studies from platforms like HackerOne and Shopify.

💻 SecGit #

AI-Powered Burp-Style Repeater for Chrome - github.com

rep+ is a Chrome DevTools extension that functions as a Burp-style HTTP Repeater. Integrates built-in AI features to explain requests and suggest attack vectors.

CLI Tool for Bug Bounty Scope Filtering - github.com

Hacker-Scoper is a CLI tool for filtering URLs based on Bug Bounty program scope rules. Aids bug bounty hunters by automating the identification of in-scope targets.

Foxhound: Data-Flow Tracking Web Browser - github.com

SAP's Project Foxhound is a web browser with dynamic data-flow tracking within its JavaScript engine. Helps identify insecure data flows and potential data privacy leaks.

← Back to Seclog