Misconfigurations in your control environment are a gateway for security incidents.

Prelude automatically and continuously monitors your security tools for missing controls, policy misconfigurations, and suboptimal performance so you can quickly visualize gaps in your defenses.

Create a free account, connect your tools, and understand whether your security investments are working as expected.

Welcome to another_secpro!

Last week, we took a look at reverse engineering in cybersecurity (don't miss out on last week's introductory article) in order to get you into the swing of things, but now we're making the step up. Do you need something to help you move from a reverse engineering newbie to someone with a valuable skill in their toolkit? Then check out Ghidra Software Reverse Engineering for Beginners, new from Packt - complete with a tasty little teaser for you all to get your excited hands on here: check it out on Substack!

And then, of course, we've got our usual news, tools, and conference venues roundup as well. Sound good? Well, let's get started!

That's why in the editor's spotlight this week, I advise you to all read Bruce Schneier'sDeepfakes and the 2024 US Election!

As always, make sure to check out the templates, podcasts, and other stuff on ourSubstackand access the very best that we have to offer. You might even learn something!

Cheers!
Austin Miller
Editor-in-Chief

Cybersecurity isn’t just about defending against threats—it’s also about understanding how they work. That’s where reverse engineering comes in. Whether it’s analyzing malware, uncovering software vulnerabilities, or inspecting hardware for backdoors, security professionals use reverse engineering to break things down and figure out how they operate.

Bruce Schneier - DOGE as a National Cyberattack: "In the span of just weeks, the US government has experienced what may be the most consequential security breach in its history—not through a sophisticated cyberattack or an act of foreign espionage, but through official orders by a billionaire with a poorly defined government role. And the implications for national security are profound."

Bruce Schneier - Delivering Malware Through Abandoned Amazon S3 Buckets: "Here’s a supply-chain attack just waiting to happen. A group of researchers searched for, and then registered, abandoned Amazon S3 buckets for about $400. These buckets contained software libraries that are still used. Presumably the projects don’t realize that they have been abandoned, and still ping them for patches, updates, and etc..."

Bruce Schneier - Trusted Execution Environments: "Really good—and detailed—survey of Trusted Execution Environments (TEEs)."

RedHat - A toolkit for your toolkit: 7 learning resources to migrate to OpenShift Virtualization: Organizations around the world have been using virtual machines for decades, often staying with a single vendor because migrating those virtual machines (VMs) from one hypervisor to another can be such a monumental task. Red Hat’s migration toolkit for virtualization (MTV) facilitates the complex task of migrating VMs to Red Hat OpenShift Virtualization with tools that are easy to use, highly configurable and can be automated to handle even the largest environments.

RedHat - Beyond the AI pilot project: Building a foundation for generative AI: Organ

TrendMicro - Chinese-Speaking Group Manipulates SEO with BadIIS: "In 2024, we observed a substantial distribution of malware known as "BadIIS" in Asia. BadIIS targets Internet Information Services (IIS) and can be used for SEO fraud or to inject malicious content into the browsers of legitimate users. This includes displaying unauthorized ads, distributing malware, and even conducting watering hole attacks aimed at specific groups. In this campaign, threat actors exploit vulnerable IIS servers to install the BadIIS malware on the compromised servers. Once users send a request to a compromised server, they might receive altered content from attackers."

mytechnotalent/Reverse-Engineering:A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM, 8-bit AVR and 32-bit RISC-V architectures.

wtsxDev/reverse-engineering: A list of awesome reverse engineering resources.

iBotPeaches/Apktool: A tool forreverseengineering Android .apk files.

radareorg/radare2: A UNIX-like reverse engineering framework and command-line toolset.

Already, we've plunged back into the never ending conveyer belt of conference after conference (for those of you lucky enough to attend the Intersec meeting in Dubai, let us know how it went!). If you've started the year on the wrong foot, you might think you're already behind the pace of the industry and only have a difficult year battling with newer, more esoteric adversaries than ever before.

Here are the five conferences we're looking forward to the most this year (in no particular order...) and how you can get involved to boost your posture!

RSA Conference (28th April - 1st May): The RSA Conference is a cornerstone of the global cybersecurity calendar. Known for its comprehensive content tracks, this conference addresses everything from cloud security to zero-trust architectures. The event also features an innovation sandbox, where start-ups showcase breakthrough technologies.

CyberUK (6th-7th May): Organised by the UK’s National Cyber Security Centre (NCSC), CyberUK is the government’s flagship cybersecurity event. It brings together security leaders, policymakers, and industry professionals to discuss pressing cybersecurity issues. With a strong focus on collaboration and innovation, CyberUK is a hub for public and private sector expertise.

DSEI (9t-12th September): DSEI stands out as a global platform that bridges defence, security, and cybersecurity. With its broad focus on cutting-edge technologies, this event is critical for those involved in national defence, law enforcement, and private security. Cybersecurity is a prominent theme, with sessions addressing both offensive and defensive cyber strategies.

Defcon (7th-10th August): Defcon is a legendary event in the hacker and cybersecurity communities. Known for its hands-on approach, Defcon offers interactive workshops, capture-the-flag contests, and discussions on emerging threats. The conference is ideal for those looking to immerse themselves in technical aspects of cybersecurity.

Black Hat (2nd-7th August): Black Hat USA is synonymous with advanced security training and research. This premier event features technical briefings, hands-on workshops, and sessions led by global security experts. Attendees can explore the latest trends in penetration testing, malware analysis, and defensive techniques, making it a must-attend for cybersecurity professionals.

And here are our picks for this month:

SecureWorld Financial Services Virtual Conference (27th Feb, hybrid): Investigate forensics, develop playbooks, and utilize AI towards the ends of securing your secuirty posture in the dangerous world of financial services. A variety of speakers and networking opportunities will help you make the step up.

Conf42: Cloud Native 2025 (6th March): Covering everything from AI, APIs, AWS, Data, Healthcare, Optimization, Security, and tools (as well as everything in between), this year's Conf42 is looking to be a conference with a little bit of something for everyone. Don't miss out on this exclusively online event - you might even see yours truly there too!

SANS Security East Baltimore (3rd-8th March): For those of you on the East Coast, East Baltimore is the place to be this year. Dive into the world of cybersecurity excellence with an immersive training experience at SANS Security EastTM Baltimore 2025. Led by world-renowned instructors boasting extensive industry experience, this flagship training conference offers live access to these top experts in the field.