Ronnie Watson

@[email protected]
6 Followers
49 Following
34 Posts
AboutAm a Cybersecurity Professional!
SSCP Certifiedhttps://www.credly.com/badges/471a9741-8fd6-44b9-9e79-338c5db40f26
GIAC Cloud Security Essentialshttps://www.credly.com/badges/c3dbf54f-4387-472d-ba8b-5caba16a4128/public_url
GitHubhttps://github.com/watsoninfosec/
Ronnie WatsonMay 21, 2024
@kjaymiller Hey Jay, hope all is well bro.
Ronnie WatsonJan 27, 2024
MetasploitJan 26, 2024
This week's wrap-up includes 8 new modules, including exploits for Atlassian Confluence and Ivanti Connect Secure, along with direct syscalls in Meterpreter's loader.
https://www.rapid7.com/blog/post/2024/01/26/metasploit-weekly-wrap-up-01-26-24/
Metasploit Weekly Wrap-Up 01/26/24 | Rapid7 Blog

This week's wrap-up adds 8 new modules and direct syscalls to Meterpreter's Reflective Loader.

Rapid7
Ronnie WatsonJan 23, 2024
BleepingComputerJan 22, 2024

Apple released security updates to address this year's first zero-day vulnerability exploited in attacks that could impact iPhones, Macs, and Apple TVs.

https://www.bleepingcomputer.com/news/apple/apple-fixes-first-zero-day-bug-exploited-in-attacks-this-year/

Ronnie WatsonJan 23, 2024
The Tor ProjectJan 22, 2024
It's #DataPrivacyWeek: join us this Thursday for a virtual live event where we discuss the challenges and opportunities of digital rights advocacy in 2024 with a panel of experts. 📺 Set a reminder here: https://www.youtube.com/watch?v=-K8ki7zBArs
[LAUNCH] Tor Postbox, a testimony hub featuring stories from Tor users worldwide!

YouTube
Ronnie WatsonNov 14, 2023
Security Onion 🧅​Nov 14, 2023

Security Onion 2.4 Feature o' the Day!

Configure IDS Rules:
https://blog.securityonion.net/2023/11/security-onion-24-feature-o-day_14.html

Security Onion 2.4 Feature o' the Day - Configure IDS Rules

Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure IDS rules: You can read more abo...

Ronnie WatsonNov 14, 2023
MalwareLabNov 14, 2023

Did you ever hear about Custom Headers in #bravebrowser? Yesterday I found out that #Brave will add custom HTTP header X-Brave-Partner on websites of the Brave's partners.

Currently, it adds this header only on #Grammarly website, the reason is "Count Brave visitors as part of an ad campaign".
Also, if #Yandex is a default search index, the Brave adds special clid parameter to search requests for indicating that request originated from Brave (2423859 for Android users, 2353835 for Desktop users).

Reference: https://github.com/brave/brave-browser/wiki/Custom-Headers

In the past, the list contains several Brave partners, such as upholdm you can check the revisions of the wiki page (e.g. in 2019-2020).

Interesting fact is that in the past, this list was updated dynamically - the Brave browser downloaded a json config once a day from https://laptop-updates.brave.com/promo/custom-headers

And this feature could not be disabled: https://github.com/brave/brave-core/commit/6983876d3c2a2218dd6813ba3141cd674128fccf

Nowadays, the list of partners is hardcoded in the source code, but still it is there.

For more info see this issue and source code: https://github.com/brave/brave-browser/issues/16455
https://github.com/brave/brave-core/blob/master/components/brave_referrals/browser/brave_referrals_service.cc

Despite the custom headers and clid are same for all Brave users, it can be used to identify who uses Brave browser - in some organizations/companies it could be prohibited because of its support for Tor, and this Custom Headers and parameters can distinguish between the Brave users and others

#Privacy #Referrals #Tracking #Forensics #NetworkAnalysis

Custom Headers

Next generation Brave browser for Android, Linux, macOS, Windows. - brave/brave-browser

GitHub
Ronnie WatsonOct 9, 2023
#SSCP Unboxing (ISC2) #youtube
https://youtu.be/3Wst8J-MdBQ
SSCP Unboxing (ISC2)

YouTube
Ronnie WatsonSep 22, 2023

#ATTENTION #Blackafrican #Americans who needs help with #CyberSecurity with a focus on #BlueTeams area come join my discord server.
#Nigeria #Africa

Channels for:
#SecurityOnion
#SIEM
#Incidentresponse
#LABBuild

Let's Connect our people!!

Link: https://t.co/mEGFVOkU4F

Join the CyberLAB Discord Server!

Check out the CyberLAB community on Discord - hang out with 9 other members and enjoy free voice and text chat.

Discord
Ronnie WatsonSep 12, 2023

Am Back, uploaded to #YouTube #WatsonInfoSec

https://youtube.com/watch?v=yxvoshoyxSo&feature=shared

I am Back, Where Have You Been?

YouTube
Ronnie WatsonSep 2, 2023
My #securityonion build is complete! Running on Dell R710 server. @securityonion Thanks for the stickers.