Laude Cybersecurity

Sharing is Caring

𝟏𝟎𝟎% 𝐅𝐑𝐄𝐄 𝟏𝟎-𝐝𝐚𝐲 𝐜𝐨𝐮𝐫𝐬𝐞 designed for OSINT enthusiast, cybersecurity enthusiast (teachers, trainers), and privacy advocates who wants to learn how to use open-source intelligence techniques to audit and secure their own online presence.

𝐍𝐨𝐭𝐞: 𝐘𝐨𝐮'𝐫𝐞 𝐟𝐫𝐞𝐞 𝐭𝐨 𝐮𝐬𝐞 𝐢𝐭 𝐚𝐬 𝐫𝐞𝐟𝐞𝐫𝐞𝐧𝐜𝐞 𝐨𝐧 𝐜𝐨𝐧𝐝𝐮𝐜𝐭𝐢𝐧𝐠 𝐭𝐫𝐚𝐢𝐧𝐢𝐧𝐠𝐬.

Let’s start with basics to intermediate skills, focusing on visual aids, hands-on steps, and a daily task to make it practical and engaging. Each day includes 1–2 modules with lessons that take 1–3 hours total, plus practice time. The goal is for you to systematically uncover, analyze and mitigate your digital footprint.

𝐓𝐨𝐭𝐚𝐥 𝐃𝐮𝐫𝐚𝐭𝐢𝐨𝐧: 10 days (Assuming 2- 4 hours per day, including task).
𝐃𝐢𝐟𝐟𝐢𝐜𝐮𝐥𝐭𝐲: Beginner - Intermidiate

𝐂𝐥𝐢𝐜𝐤 𝐭𝐨 𝐑𝐞𝐚𝐝: https://medium.com//osint-do-it-yourself-self-auditing-589641d19f79

𝐏𝐫𝐞𝐫𝐞𝐪𝐮𝐢𝐬𝐢𝐭𝐞𝐬: Basic computer and internet skills (e.g., browsing & searching). No prior OSINT Experience needed, but familiarity with social media helps a lot. You’ll need a computer, tools like browsers and accounts on platforms like facebook, google (for searches).

Security analysis of KIA's infotainment system: 164 pages of research details, from in-car wiring to unpatched (?!) vulnerability to QRishing! 🚙🛠️💣💀

Security researcher Danilo Erazo shared his truly comprehensive paper documenting his research on KIA's In-Vehicle Infotainment (IVI) system. If you're interested in how to hack car head units, this presentation is a great starting point.

Among the many interesting insights and great photos shared by the author, there's a creative and surprisingly practical QRishing attack. When you pair your phone with your car, you may be prompted to scan a QR code - but if an attacker has compromised the head unit, that QR code could direct you to a malicious website.

Below is a link to the GitHub repository that is expected to contain the proof-of-concept (PoC) code and visuals for the QRishing attack. The repository is currently private. As stated on Danilo's website: "Hack-iRTOS – This tool is still private in my GitHub repo. I will make it public when the vendor resolves the vulnerability."
So, I assume that at the time of writing this post, the vulnerability has not yet been patched.

Enjoy the research and the paper - and feel free to share it with your peers!

More details:
"Hardware Hacking a Car’s Head Unit & Uncovering a Vulnerable RTOS" [PDF]: https://lnkd.in/dqp-qhGS
GitHub repository with PoC and QRishing: https://lnkd.in/d6fppJVf

🟥 Indonesian Infosec! Red/blue teamers, hackers, bug bounty hunters, pentesters, SOC & DFIR and all others!

Apply to attend Positive Hack Talks conference in Jakarta, Indonesia 🇮🇩
🗓️ July 23 — free in-person event
🔗 https://phtalks.ptsecurity.com/jakarta

Attendee registration open until July 11.

A few things you should know:
- 8 speakers — some of them are already announced on the website (check it out, we have very cool researchers)
- 100% free to attend
- No sponsors, no sales — just real tech talks
- Talks in English + live Indonesian translation via headset
- Lunch, snacks & coffee all day (halal options too)

4,000 hours of reverse engineering the Microsoft Xbox: literally every trick, from soldering to acid etching to X-raying chips. 👨🏻‍🏭🎮🪚♨️

Security researcher Markus Gaasedelen shares the fundamental and truly impressive research that took him three years and dozens of destroyed Xbox consoles. In his work, he tries nearly every trick and shares the details with the audience.

One of the most impressive things to me: Marcus soldered a 42-gauge wire (thinner than a human hair) into a 1mm hole in an attempt to disable a hidden Xbox boot ROM by tapping a microscopic gold bond wire inside the NVIDIA MCPX chip.

And on top of all that, this is a deeply personal presentation and talk. No spoilers - see for yourself. Please share it with your peers - this work is absolutely worth it.

More details:
Full-stack Reverse Engineering of the Original Microsoft Xbox [PDF]: https://lnkd.in/dP984kKx
Full-stack Reverse Engineering of the Original Microsoft Xbox [Video]: https://lnkd.in/dJgP_cc3
JTAG "Hacking" the Original Xbox in 2023 [Blog]: https://lnkd.in/dETbMXEB