2022 - Week reads - 16

Apr 18, 2022 weekreads reading

This week read list,

• GitHub: Attacker breached dozens of orgs using stolen OAuth tokens https://www.bleepingcomputer.com/news/security/github-attacker-breached-dozens-of-orgs-using-stolen-oauth-tokens/

• BITB (browser in the browser)Attack https://infosecwriteups.com/bitb-browser-in-the-browser-attack-e2008c405701

• JekyllBot:5 Flaws Let Attackers Take Control of Aethon TUG Hospital Robots https://thehackernews.com/2022/04/new-jekyllbot5-flaws-let-attackers-take.html

• Why XDR As We Know It Will Fail https://www.darkreading.com/vulnerabilities-threats/why-xdr-as-we-know-it-will-fail

• Netflix End of Series 1 https://www.brendangregg.com/blog/2022-04-15/netflix-farewell-1.html

• Nokia to supply data center switching portfolio for Microsoft’s data center networks https://www.nokia.com/about-us/news/releases/2022/04/20/nokia-to-supply-data-center-switching-portfolio-for-microsofts-data-center-networks/

• Extracting Cobalt Strike from Windows Error Reporting https://bmcder.com/blog/extracting-cobalt-strike-from-windows-error-reporting

• Anonymous hacked other Russian organizations, some of the breaches could be severe https://securityaffairs.co/wordpress/130409/hacktivism/anonymous-hacked-other-russian-organizations.html

• Software for Open Networking in the Cloud (SONiC) Moves to the Linux Foundation https://www.linuxfoundation.org/press-release/software-for-open-networking-in-the-cloud-sonic-moves-to-the-linux-foundation/