Top Security New for 16/05/2022
The 2023 Nissan Z first drive
https://arstechnica.com/?p=1854343
Using Stolen IAM Credentials - Hacking The Cloud
https://www.reddit.com/r/netsec/comments/uqgfe5/using_stolen_iam_credentials_hacking_the_cloud/
ISC StormCast for Monday, May 16th, 2022
https://isc.sans.edu/podcastdetail.html?id=8008
Singapore launches safety rating scheme for e-commerce sites
https://malware.news/t/singapore-launches-safety-rating-scheme-for-e-commerce-sites/60144/1
Nasty Zyxel remote execution bug is being exploited
https://malware.news/t/nasty-zyxel-remote-execution-bug-is-being-exploited/60150/1
Crypters - Some questions
https://0x00sec.org/t/crypters-some-questions/29335
mp3 file random corruption
https://www.reddit.com/r/Malware/comments/uq9ord/mp3_file_random_corruption/
How to spot the signs of a virtual kidnap scam
https://blog.malwarebytes.com/scams/2022/05/how-to-spot-the-signs-of-a-virtual-kidnap-scam/
The tech sector teardown is more catharsis than crisis
https://arstechnica.com/?p=1854178
How to spot the signs of a virtual kidnap scam
https://malware.news/t/how-to-spot-the-signs-of-a-virtual-kidnap-scam/60148/1
For more information, feel free to follow me at @ShayaFeedman on Twitter
The 2023 Nissan Z first drive
https://arstechnica.com/?p=1854343
Using Stolen IAM Credentials - Hacking The Cloud
https://www.reddit.com/r/netsec/comments/uqgfe5/using_stolen_iam_credentials_hacking_the_cloud/
ISC StormCast for Monday, May 16th, 2022
https://isc.sans.edu/podcastdetail.html?id=8008
Singapore launches safety rating scheme for e-commerce sites
https://malware.news/t/singapore-launches-safety-rating-scheme-for-e-commerce-sites/60144/1
Nasty Zyxel remote execution bug is being exploited
https://malware.news/t/nasty-zyxel-remote-execution-bug-is-being-exploited/60150/1
Crypters - Some questions
https://0x00sec.org/t/crypters-some-questions/29335
mp3 file random corruption
https://www.reddit.com/r/Malware/comments/uq9ord/mp3_file_random_corruption/
How to spot the signs of a virtual kidnap scam
https://blog.malwarebytes.com/scams/2022/05/how-to-spot-the-signs-of-a-virtual-kidnap-scam/
The tech sector teardown is more catharsis than crisis
https://arstechnica.com/?p=1854178
How to spot the signs of a virtual kidnap scam
https://malware.news/t/how-to-spot-the-signs-of-a-virtual-kidnap-scam/60148/1
For more information, feel free to follow me at @ShayaFeedman on Twitter
Ars Technica
The 2023 Nissan Z first drive
Is it a remastered classic or an old platform pushed too far?
Top Security New for 17/05/2022
Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls RCE Vulnerability
https://thehackernews.com/2022/05/watch-out-hackers-begin-exploiting.html
Why MRG-Effitas matters to SMBs
https://blog.malwarebytes.com/malwarebytes-news/2022/05/why-mrg-effitas-matters-to-smbs/
Users advised to patch actively exploited Zyxel vulnerability. Hacktivism and influence ops in Russia’s hybrid war. Ransomware notes. Indiscriminate hacktivism? Alt-coin sanctions case will proceed.
https://thecyberwire.com/podcasts/daily-podcast/1579/notes
A dev's critique of OAUTH2, based on their experience. "OAUTH2 ... places the viability of [client developers'] products in the hands of corporate entities who are in no way accountable to anyone except their major shareholders."
https://www.reddit.com/r/netsec/comments/urfk8m/a_devs_critique_of_oauth2_based_on_their/
Army’s New ‘Psyop’ Recruitment Ad Looks Like a Terrifying Video Game Cutscene
https://www.vice.com/en_us/article/93bxwz/armys-new-recruitment-ad-looks-like-a-terrifying-video-game-cutscene
ISC Stormcast For Tuesday, May 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8010, (Tue, May 17th)
https://isc.sans.edu/diary/rss/28656
Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis
https://blog.malwarebytes.com/threat-intelligence/2022/05/custom-powershell-rat-targets-germans-seeking-information-about-the-ukraine-crisis/
BrandPost: The Cyberwar Against Pro-Ukrainian Countries is Real. Here’s What to Do
https://www.csoonline.com/article/3660576/the-cyberwar-against-pro-ukrainian-countries-is-real-here-s-what-to-do.html#tk.rss_all
12 steps to building a top-notch vulnerability management program
https://www.csoonline.com/article/3659838/12-steps-to-building-a-top-notch-vulnerability-management-program.html#tk.rss_all
SMM Callouts in HP Products
https://www.reddit.com/r/netsec/comments/uquoz6/smm_callouts_in_hp_products/
For more information, feel free to follow me at @ShayaFeedman on Twitter
Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls RCE Vulnerability
https://thehackernews.com/2022/05/watch-out-hackers-begin-exploiting.html
Why MRG-Effitas matters to SMBs
https://blog.malwarebytes.com/malwarebytes-news/2022/05/why-mrg-effitas-matters-to-smbs/
Users advised to patch actively exploited Zyxel vulnerability. Hacktivism and influence ops in Russia’s hybrid war. Ransomware notes. Indiscriminate hacktivism? Alt-coin sanctions case will proceed.
https://thecyberwire.com/podcasts/daily-podcast/1579/notes
A dev's critique of OAUTH2, based on their experience. "OAUTH2 ... places the viability of [client developers'] products in the hands of corporate entities who are in no way accountable to anyone except their major shareholders."
https://www.reddit.com/r/netsec/comments/urfk8m/a_devs_critique_of_oauth2_based_on_their/
Army’s New ‘Psyop’ Recruitment Ad Looks Like a Terrifying Video Game Cutscene
https://www.vice.com/en_us/article/93bxwz/armys-new-recruitment-ad-looks-like-a-terrifying-video-game-cutscene
ISC Stormcast For Tuesday, May 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8010, (Tue, May 17th)
https://isc.sans.edu/diary/rss/28656
Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis
https://blog.malwarebytes.com/threat-intelligence/2022/05/custom-powershell-rat-targets-germans-seeking-information-about-the-ukraine-crisis/
BrandPost: The Cyberwar Against Pro-Ukrainian Countries is Real. Here’s What to Do
https://www.csoonline.com/article/3660576/the-cyberwar-against-pro-ukrainian-countries-is-real-here-s-what-to-do.html#tk.rss_all
12 steps to building a top-notch vulnerability management program
https://www.csoonline.com/article/3659838/12-steps-to-building-a-top-notch-vulnerability-management-program.html#tk.rss_all
SMM Callouts in HP Products
https://www.reddit.com/r/netsec/comments/uquoz6/smm_callouts_in_hp_products/
For more information, feel free to follow me at @ShayaFeedman on Twitter
Malwarebytes
Why MRG-Effitas matters to SMBs
The 360° Assessment & Certification from MRG-Effitas can offer guidance to SMBs looking for a simple, effective cybersecurity product.
Top Security New for 18/05/2022
Update now! Apple patches zero-day vulnerability affecting Macs, Apple Watch, and Apple TV
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/update-now-apple-patches-zero-day-vulnerability-affecting-macs-apple-watch-and-apple-tv/
Over 200 Apps on Play Store Caught Spying on Android Users Using Facestealer
https://thehackernews.com/2022/05/over-200-apps-on-play-store-caught.html
Gmail-linked Facebook accounts vulnerable to attack using a chain of bugs—now fixed
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/gmail-linked-facebook-accounts-vulnerable-to-attack-using-a-chain-of-bugs-now-fixed/
Long lost @ symbol gets new life obscuring malicious URLs
https://blog.malwarebytes.com/social-engineering/2022/05/long-lost-symbol-gets-new-life-obscuring-malicious-urls/
A dev's critique of OAUTH2, based on their experience. "OAUTH2 ... places the viability of [client developers'] products in the hands of corporate entities who are in no way accountable to anyone except their major shareholders."
https://www.reddit.com/r/netsec/comments/urfk8m/a_devs_critique_of_oauth2_based_on_their/
Kids 5 to 11 get FDA OK for COVID-19 booster doses
https://arstechnica.com/?p=1854632
Stealing Google Drive OAuth tokens from Dropbox
https://www.reddit.com/r/netsec/comments/urvcip/stealing_google_drive_oauth_tokens_from_dropbox/
“Look what I found here” phish targets Facebook users
https://blog.malwarebytes.com/scams/2022/05/look-what-i-found-here-phish-targets-facebook-users/
BrandPost: DDos Extortion Takes VoIP Providers Offline
https://www.csoonline.com/article/3660514/ddos-extortion-takes-voip-providers-offline.html#tk.rss_all
Car owners warned of another theft-enabling relay attack
https://blog.malwarebytes.com/hacking-2/2022/05/car-owners-warned-of-another-theft-enabling-relay-attack/
For more information, feel free to follow me at @ShayaFeedman on Twitter
Update now! Apple patches zero-day vulnerability affecting Macs, Apple Watch, and Apple TV
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/update-now-apple-patches-zero-day-vulnerability-affecting-macs-apple-watch-and-apple-tv/
Over 200 Apps on Play Store Caught Spying on Android Users Using Facestealer
https://thehackernews.com/2022/05/over-200-apps-on-play-store-caught.html
Gmail-linked Facebook accounts vulnerable to attack using a chain of bugs—now fixed
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/gmail-linked-facebook-accounts-vulnerable-to-attack-using-a-chain-of-bugs-now-fixed/
Long lost @ symbol gets new life obscuring malicious URLs
https://blog.malwarebytes.com/social-engineering/2022/05/long-lost-symbol-gets-new-life-obscuring-malicious-urls/
A dev's critique of OAUTH2, based on their experience. "OAUTH2 ... places the viability of [client developers'] products in the hands of corporate entities who are in no way accountable to anyone except their major shareholders."
https://www.reddit.com/r/netsec/comments/urfk8m/a_devs_critique_of_oauth2_based_on_their/
Kids 5 to 11 get FDA OK for COVID-19 booster doses
https://arstechnica.com/?p=1854632
Stealing Google Drive OAuth tokens from Dropbox
https://www.reddit.com/r/netsec/comments/urvcip/stealing_google_drive_oauth_tokens_from_dropbox/
“Look what I found here” phish targets Facebook users
https://blog.malwarebytes.com/scams/2022/05/look-what-i-found-here-phish-targets-facebook-users/
BrandPost: DDos Extortion Takes VoIP Providers Offline
https://www.csoonline.com/article/3660514/ddos-extortion-takes-voip-providers-offline.html#tk.rss_all
Car owners warned of another theft-enabling relay attack
https://blog.malwarebytes.com/hacking-2/2022/05/car-owners-warned-of-another-theft-enabling-relay-attack/
For more information, feel free to follow me at @ShayaFeedman on Twitter
Malwarebytes
Update now! Apple patches zero-day vulnerability affecting Macs, Apple Watch, and Apple TV
If you're an Apple user, make sure you patch for CVE-2022-22675, a zero-day flaw actively exported in the wild.
👍1
Top Security New for 19/05/2022
Researchers Expose Inner Workings of Billion-Dollar Wizard Spider Cybercrime Gang
https://thehackernews.com/2022/05/researchers-expose-inner-working-of.html
BrandPost: How a Culture of Learning Can Help Close the Cybersecurity Skills Gap
https://www.csoonline.com/article/3661228/how-a-culture-of-learning-can-help-close-the-cybersecurity-skills-gap.html#tk.rss_all
Google Russia forced to declare bankruptcy after bank account seizure
https://arstechnica.com/?p=1854920
U.S. Warns Against North Korean Hackers Posing as IT Freelancers
https://thehackernews.com/2022/05/us-warns-against-north-korean-hackers.html
What Microsoft Defender can tell you about your network
https://www.csoonline.com/article/3660494/what-microsoft-defender-can-tell-you-about-your-network.html#tk.rss_all
ISC Stormcast For Thursday, May 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8014, (Thu, May 19th)
https://malware.news/t/isc-stormcast-for-thursday-may-19th-2022-https-isc-sans-edu-podcastdetail-html-id-8014-thu-may-19th/60274/1
ISC Stormcast For Thursday, May 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8014, (Thu, May 19th)
https://isc.sans.edu/diary/rss/28666
2022-05-18 - Pcap and malware for ISC diary: EXOTIC LILY --> Bumblebee --> Cobalt Strike
https://malware.news/t/2022-05-18-pcap-and-malware-for-isc-diary-exotic-lily-bumblebee-cobalt-strike/60276/1
Ransomware: What’s in a Name?
https://malware.news/t/ransomware-what-s-in-a-name/60270/1
2022-05-18 - TA578 thread-hijacked emails and ISO example for Bumblebee
https://malware.news/t/2022-05-18-ta578-thread-hijacked-emails-and-iso-example-for-bumblebee/60273/1
For more information, feel free to follow me at https://twitter.com/ShayaFeedman
Researchers Expose Inner Workings of Billion-Dollar Wizard Spider Cybercrime Gang
https://thehackernews.com/2022/05/researchers-expose-inner-working-of.html
BrandPost: How a Culture of Learning Can Help Close the Cybersecurity Skills Gap
https://www.csoonline.com/article/3661228/how-a-culture-of-learning-can-help-close-the-cybersecurity-skills-gap.html#tk.rss_all
Google Russia forced to declare bankruptcy after bank account seizure
https://arstechnica.com/?p=1854920
U.S. Warns Against North Korean Hackers Posing as IT Freelancers
https://thehackernews.com/2022/05/us-warns-against-north-korean-hackers.html
What Microsoft Defender can tell you about your network
https://www.csoonline.com/article/3660494/what-microsoft-defender-can-tell-you-about-your-network.html#tk.rss_all
ISC Stormcast For Thursday, May 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8014, (Thu, May 19th)
https://malware.news/t/isc-stormcast-for-thursday-may-19th-2022-https-isc-sans-edu-podcastdetail-html-id-8014-thu-may-19th/60274/1
ISC Stormcast For Thursday, May 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8014, (Thu, May 19th)
https://isc.sans.edu/diary/rss/28666
2022-05-18 - Pcap and malware for ISC diary: EXOTIC LILY --> Bumblebee --> Cobalt Strike
https://malware.news/t/2022-05-18-pcap-and-malware-for-isc-diary-exotic-lily-bumblebee-cobalt-strike/60276/1
Ransomware: What’s in a Name?
https://malware.news/t/ransomware-what-s-in-a-name/60270/1
2022-05-18 - TA578 thread-hijacked emails and ISO example for Bumblebee
https://malware.news/t/2022-05-18-ta578-thread-hijacked-emails-and-iso-example-for-bumblebee/60273/1
For more information, feel free to follow me at https://twitter.com/ShayaFeedman
CSO Online
How a Culture of Learning Can Help Close the Cybersecurity Skills Gap
Whether it’s building an understanding of cybersecurity best practices or advancing highly technical cyber skills, training and certifications are ways organizations are ensuring the skills gap isn’t compromising their security.
Top Security New for 20/05/2022
Uber CISO's trial underscores the importance of truth, transparency, and trust
https://www.csoonline.com/article/3660560/uber-cisos-trial-underscores-the-importance-of-truth-transparency-and-trust.html#tk.rss_all
Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
https://www.reddit.com/r/netsec/comments/ut76ps/rise_in_xorddos_a_deeper_look_at_the_stealthy/
QuSecure launches end-to-end post-quantum cybersecurity solution
https://www.csoonline.com/article/3660775/qusecure-launches-end-to-end-post-quantum-cybersecurity-solution.html#tk.rss_all
10 ways attackers gain access to networks
https://blog.malwarebytes.com/hacking-2/2022/05/10-ways-attackers-gain-access-to-networks/
ISC Stormcast For Friday, May 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8016, (Fri, May 20th)
https://isc.sans.edu/diary/rss/28668
WannaCry 5 years on: Still a top threat
https://www.csoonline.com/article/3660575/wannacry-5-years-on-still-a-top-threat.html#tk.rss_all
Is Hack the Kernel a great way to learn operating systems?
https://www.reddit.com/r/lowlevel/comments/utf4ij/is_hack_the_kernel_a_great_way_to_learn_operating/
Enterprises report rise in risk events, yet risk management lags
https://www.csoonline.com/article/3661350/enterprises-report-rise-in-risk-events-yet-risk-management-lags.html#tk.rss_all
Web Trackers Caught Intercepting Online Forms Even Before Users Hit Submit
https://thehackernews.com/2022/05/web-trackers-caught-intercepting-online.html
[RE027] China-based APT Mustang Panda might have still continued their attack activities against organizations in Vietnam
https://malware.news/t/re027-china-based-apt-mustang-panda-might-have-still-continued-their-attack-activities-against-organizations-in-vietnam/60324/1
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Uber CISO's trial underscores the importance of truth, transparency, and trust
https://www.csoonline.com/article/3660560/uber-cisos-trial-underscores-the-importance-of-truth-transparency-and-trust.html#tk.rss_all
Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
https://www.reddit.com/r/netsec/comments/ut76ps/rise_in_xorddos_a_deeper_look_at_the_stealthy/
QuSecure launches end-to-end post-quantum cybersecurity solution
https://www.csoonline.com/article/3660775/qusecure-launches-end-to-end-post-quantum-cybersecurity-solution.html#tk.rss_all
10 ways attackers gain access to networks
https://blog.malwarebytes.com/hacking-2/2022/05/10-ways-attackers-gain-access-to-networks/
ISC Stormcast For Friday, May 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8016, (Fri, May 20th)
https://isc.sans.edu/diary/rss/28668
WannaCry 5 years on: Still a top threat
https://www.csoonline.com/article/3660575/wannacry-5-years-on-still-a-top-threat.html#tk.rss_all
Is Hack the Kernel a great way to learn operating systems?
https://www.reddit.com/r/lowlevel/comments/utf4ij/is_hack_the_kernel_a_great_way_to_learn_operating/
Enterprises report rise in risk events, yet risk management lags
https://www.csoonline.com/article/3661350/enterprises-report-rise-in-risk-events-yet-risk-management-lags.html#tk.rss_all
Web Trackers Caught Intercepting Online Forms Even Before Users Hit Submit
https://thehackernews.com/2022/05/web-trackers-caught-intercepting-online.html
[RE027] China-based APT Mustang Panda might have still continued their attack activities against organizations in Vietnam
https://malware.news/t/re027-china-based-apt-mustang-panda-might-have-still-continued-their-attack-activities-against-organizations-in-vietnam/60324/1
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO Online
Uber CISO's trial underscores the importance of truth, transparency, and trust
The criminal trial offers a lesson in the value of both CISOs and organizations adhering to a policy of truth, transparency and trust when it comes to security.
Top Security New for 21/05/2022
[SANS ISC] A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes
https://blog.rootshell.be/2022/05/20/sans-isc-a-zip-bomb-to-bypass-security-controls-sandboxes/
When eBPF meets TLS! A Security Focused Introduction to eBPF
https://www.reddit.com/r/netsec/comments/uu9agd/when_ebpf_meets_tls_a_security_focused/
Tesla, Microsoft and Ubuntu bugs found during Pwn2Own hacking competition
https://malware.news/t/tesla-microsoft-and-ubuntu-bugs-found-during-pwn2own-hacking-competition/60356/1
Shift left is only part of secure software delivery
https://malware.news/t/shift-left-is-only-part-of-secure-software-delivery/60354/1
Canada bans Huawei, ZTE in 5G networks
https://www.networkworld.com/article/3661691/canada-bans-huawei-zte-in-5g-networks.html#tk.rss_all
Microsoft Warns Rise in XorDdos Malware Targeting Linux Devices
https://thehackernews.com/2022/05/microsoft-warns-rise-in-xorddos-malware.html
Matryoshka Trap: Recursive MMIO Flaws Lead to VM Escape
https://www.reddit.com/r/netsec/comments/uuaeqm/matryoshka_trap_recursive_mmio_flaws_lead_to_vm/
Cytrox's Predator Spyware Target Android Users with Zero-Day Exploits
https://thehackernews.com/2022/05/cytroxs-predator-spyware-target-android.html
Is Conti rebranding? Commercial spyware scrutinized. Notes from the cyber phases of a hybrid war. Notes on the underworld. Software supply chain attack. Canada will exclude Huawei from 5G.
https://thecyberwire.com/podcasts/daily-podcast/1583/notes
Raytheon’s John DeSimone on building the offensive line
https://www.csoonline.com/article/3660638/raytheon-s-john-desimone-on-building-the-offensive-line.html#tk.rss_all
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
[SANS ISC] A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes
https://blog.rootshell.be/2022/05/20/sans-isc-a-zip-bomb-to-bypass-security-controls-sandboxes/
When eBPF meets TLS! A Security Focused Introduction to eBPF
https://www.reddit.com/r/netsec/comments/uu9agd/when_ebpf_meets_tls_a_security_focused/
Tesla, Microsoft and Ubuntu bugs found during Pwn2Own hacking competition
https://malware.news/t/tesla-microsoft-and-ubuntu-bugs-found-during-pwn2own-hacking-competition/60356/1
Shift left is only part of secure software delivery
https://malware.news/t/shift-left-is-only-part-of-secure-software-delivery/60354/1
Canada bans Huawei, ZTE in 5G networks
https://www.networkworld.com/article/3661691/canada-bans-huawei-zte-in-5g-networks.html#tk.rss_all
Microsoft Warns Rise in XorDdos Malware Targeting Linux Devices
https://thehackernews.com/2022/05/microsoft-warns-rise-in-xorddos-malware.html
Matryoshka Trap: Recursive MMIO Flaws Lead to VM Escape
https://www.reddit.com/r/netsec/comments/uuaeqm/matryoshka_trap_recursive_mmio_flaws_lead_to_vm/
Cytrox's Predator Spyware Target Android Users with Zero-Day Exploits
https://thehackernews.com/2022/05/cytroxs-predator-spyware-target-android.html
Is Conti rebranding? Commercial spyware scrutinized. Notes from the cyber phases of a hybrid war. Notes on the underworld. Software supply chain attack. Canada will exclude Huawei from 5G.
https://thecyberwire.com/podcasts/daily-podcast/1583/notes
Raytheon’s John DeSimone on building the offensive line
https://www.csoonline.com/article/3660638/raytheon-s-john-desimone-on-building-the-offensive-line.html#tk.rss_all
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
/dev/random
[SANS ISC] A 'Zip Bomb' to Bypass Security Controls & Sandboxes - /dev/random
I published the following diary on isc.sans.edu: “A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes“: Yesterday, I analyzed a malicious archive for a customer. It was delivered to the mailbox of a user who, hopefully, was security-aware and reported it.…
👍1
Top Security New for 22/05/2022
Biden administration lays out plan for four carbon-capture facilities
https://arstechnica.com/?p=1855569
Asian media company Nikkei suffered a ransomware attack
https://securityaffairs.co/wordpress/131533/data-breach/nikkei-data-breach.html
Russia-linked Sandworm continues to conduct attacks against Ukraine
https://securityaffairs.co/wordpress/131523/apt/sandworm-attacks-against-ukraine.html
Metastealer – filling the Racoon void
https://www.reddit.com/r/Malware/comments/uuhier/metastealer_filling_the_racoon_void/
AutoWarp bug leads to Automation headaches.
https://thecyberwire.com/podcasts/research-saturday/233/notes
SolarWinds ready to move past breach and help customers manage theirs
https://malware.news/t/solarwinds-ready-to-move-past-breach-and-help-customers-manage-theirs/60360/1
Researchers Find Backdoor in School Management Plugin for WordPress
https://thehackernews.com/2022/05/researchers-find-backdoor-in-school.html
Metastealer – filling the Racoon void
https://www.reddit.com/r/netsec/comments/uuob6i/metastealer_filling_the_racoon_void/
$547 Worth of 18 Books on Python Coding by Starch Press for $18 (-97% oFF)
https://www.reddit.com/r/netsec/comments/uul1lw/547_worth_of_18_books_on_python_coding_by_starch/
network configuration for malware analysis
https://www.reddit.com/r/Malware/comments/uuuwv3/network_configuration_for_malware_analysis/
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Biden administration lays out plan for four carbon-capture facilities
https://arstechnica.com/?p=1855569
Asian media company Nikkei suffered a ransomware attack
https://securityaffairs.co/wordpress/131533/data-breach/nikkei-data-breach.html
Russia-linked Sandworm continues to conduct attacks against Ukraine
https://securityaffairs.co/wordpress/131523/apt/sandworm-attacks-against-ukraine.html
Metastealer – filling the Racoon void
https://www.reddit.com/r/Malware/comments/uuhier/metastealer_filling_the_racoon_void/
AutoWarp bug leads to Automation headaches.
https://thecyberwire.com/podcasts/research-saturday/233/notes
SolarWinds ready to move past breach and help customers manage theirs
https://malware.news/t/solarwinds-ready-to-move-past-breach-and-help-customers-manage-theirs/60360/1
Researchers Find Backdoor in School Management Plugin for WordPress
https://thehackernews.com/2022/05/researchers-find-backdoor-in-school.html
Metastealer – filling the Racoon void
https://www.reddit.com/r/netsec/comments/uuob6i/metastealer_filling_the_racoon_void/
$547 Worth of 18 Books on Python Coding by Starch Press for $18 (-97% oFF)
https://www.reddit.com/r/netsec/comments/uul1lw/547_worth_of_18_books_on_python_coding_by_starch/
network configuration for malware analysis
https://www.reddit.com/r/Malware/comments/uuuwv3/network_configuration_for_malware_analysis/
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Ars Technica
Biden administration lays out plan for four carbon-capture facilities
Big infrastructure package includes funds for the underdeveloped technology.
Top Security New for 23/05/2022
North Korea-linked Lazarus APT uses Log4J to target VMware servers
https://securityaffairs.co/wordpress/131483/apt/lazarus-apt-log4j-vmware-servers.html
Charity Wright: Pursue what you love. [Threat intelligence]
https://thecyberwire.com/podcasts/career-notes/101/notes
Android SMS catcher
https://0x00sec.org/t/android-sms-catcher/29445
ASEC Weekly Malware Statistics (May 9th, 2022 – May 15th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-may-9th-2022-may-15th-2022/60364/1
How to program watch OS
https://www.reddit.com/r/lowlevel/comments/uv88mc/how_to_program_watch_os/
Conscerned
https://www.reddit.com/r/Malware/comments/uvaxu5/conscerned/
Misinformation needs tackling and it would help if politicians stopped muddying the water
https://malware.news/t/misinformation-needs-tackling-and-it-would-help-if-politicians-stopped-muddying-the-water/60362/1
ISC StormCast for Monday, May 23rd, 2022
https://isc.sans.edu/podcastdetail.html?id=8018
A year after report, task force urges U.S. to keep ransomware on front burner
https://www.reddit.com/r/Malware/comments/uv37s6/a_year_after_report_task_force_urges_us_to_keep/
ISC Stormcast For Monday, May 23rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8018, (Mon, May 23rd)
https://malware.news/t/isc-stormcast-for-monday-may-23rd-2022-https-isc-sans-edu-podcastdetail-html-id-8018-mon-may-23rd/60363/1
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
North Korea-linked Lazarus APT uses Log4J to target VMware servers
https://securityaffairs.co/wordpress/131483/apt/lazarus-apt-log4j-vmware-servers.html
Charity Wright: Pursue what you love. [Threat intelligence]
https://thecyberwire.com/podcasts/career-notes/101/notes
Android SMS catcher
https://0x00sec.org/t/android-sms-catcher/29445
ASEC Weekly Malware Statistics (May 9th, 2022 – May 15th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-may-9th-2022-may-15th-2022/60364/1
How to program watch OS
https://www.reddit.com/r/lowlevel/comments/uv88mc/how_to_program_watch_os/
Conscerned
https://www.reddit.com/r/Malware/comments/uvaxu5/conscerned/
Misinformation needs tackling and it would help if politicians stopped muddying the water
https://malware.news/t/misinformation-needs-tackling-and-it-would-help-if-politicians-stopped-muddying-the-water/60362/1
ISC StormCast for Monday, May 23rd, 2022
https://isc.sans.edu/podcastdetail.html?id=8018
A year after report, task force urges U.S. to keep ransomware on front burner
https://www.reddit.com/r/Malware/comments/uv37s6/a_year_after_report_task_force_urges_us_to_keep/
ISC Stormcast For Monday, May 23rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8018, (Mon, May 23rd)
https://malware.news/t/isc-stormcast-for-monday-may-23rd-2022-https-isc-sans-edu-podcastdetail-html-id-8018-mon-may-23rd/60363/1
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
North Korea-linked Lazarus APT uses Log4J to target VMware servers
North Korea-linked Lazarus APT is exploiting the Log4J remote code execution (RCE) in attacks aimed at VMware Horizon servers.
Top Security New for 24/05/2022
A week in security (May 16 – 22)
https://blog.malwarebytes.com/a-week-in-security/2022/05/a-week-in-security-may-16-22/
Canada's ban on Huawei and ZTE. Ransomware task forces. NSF advocates threat intelligence sharing.
https://thecyberwire.com/newsletters/policy-briefing/4/99
Data protection concerns spike as states get ready to outlaw abortion
https://www.csoonline.com/article/3661689/data-protection-concerns-spike-as-states-get-ready-to-outlaw-abortion.html#tk.rss_all
Hiding MSFVENOM Payloads in USB NIC EEPROM
https://www.reddit.com/r/netsec/comments/uw4feh/hiding_msfvenom_payloads_in_usb_nic_eeprom/
ISC StormCast for Tuesday, May 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8020
mx-takeover focuses DNS MX records and detects misconfigured MX records.
https://www.reddit.com/r/netsec/comments/uw2s73/mxtakeover_focuses_dns_mx_records_and_detects/
Beneath the surface: Uncovering the shift in web skimming
https://www.reddit.com/r/netsec/comments/uw42x0/beneath_the_surface_uncovering_the_shift_in_web/
Cyber developments in Russia's hybrid war against Ukraine. Conti's dissolution.
https://thecyberwire.com/newsletters/daily-briefing/11/99
VOLUME 38 OF THE HACKER DIGEST RELEASED
https://www.2600.com/content/volume-38-hacker-digest-released
DEADLINE FOR SUBMITTING HOPE TALK PROPOSALS IS MAY 31, 2022!
https://www.2600.com/content/deadline-submitting-hope-talk-proposals-may-31-2022
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
A week in security (May 16 – 22)
https://blog.malwarebytes.com/a-week-in-security/2022/05/a-week-in-security-may-16-22/
Canada's ban on Huawei and ZTE. Ransomware task forces. NSF advocates threat intelligence sharing.
https://thecyberwire.com/newsletters/policy-briefing/4/99
Data protection concerns spike as states get ready to outlaw abortion
https://www.csoonline.com/article/3661689/data-protection-concerns-spike-as-states-get-ready-to-outlaw-abortion.html#tk.rss_all
Hiding MSFVENOM Payloads in USB NIC EEPROM
https://www.reddit.com/r/netsec/comments/uw4feh/hiding_msfvenom_payloads_in_usb_nic_eeprom/
ISC StormCast for Tuesday, May 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8020
mx-takeover focuses DNS MX records and detects misconfigured MX records.
https://www.reddit.com/r/netsec/comments/uw2s73/mxtakeover_focuses_dns_mx_records_and_detects/
Beneath the surface: Uncovering the shift in web skimming
https://www.reddit.com/r/netsec/comments/uw42x0/beneath_the_surface_uncovering_the_shift_in_web/
Cyber developments in Russia's hybrid war against Ukraine. Conti's dissolution.
https://thecyberwire.com/newsletters/daily-briefing/11/99
VOLUME 38 OF THE HACKER DIGEST RELEASED
https://www.2600.com/content/volume-38-hacker-digest-released
DEADLINE FOR SUBMITTING HOPE TALK PROPOSALS IS MAY 31, 2022!
https://www.2600.com/content/deadline-submitting-hope-talk-proposals-may-31-2022
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes Labs
A week in security (May 16 – 22)
The most important and interesting computer security stories from the last seven days.
Top Security News for 25/05/2022
Suspected Chinese threat actors target Russian government entities. New version of Sandworm malware loader. Linux botnet activity.
https://thecyberwire.com/newsletters/research-briefing/4/21
7 machine identity management best practices
https://www.csoonline.com/article/3661357/7-machine-identity-best-practices.html#tk.rss_all
New Rhino Blog Post: CVE-2022-25237: Bonitasoft Authorization Bypass and RCE
https://www.reddit.com/r/netsec/comments/uwt4gq/new_rhino_blog_post_cve202225237_bonitasoft/
Exium expands SASE, 5G-based security for midsize enterprise networks
https://www.networkworld.com/article/3661700/exium-expands-sase-5g-based-security-for-midsize-enterprise-networks.html#tk.rss_all
ISC StormCast for Wednesday, May 25th, 2022
https://isc.sans.edu/podcastdetail.html?id=8022
Zoom patches XMPP vulnerability chain that could lead to remote code execution
https://malware.news/t/zoom-patches-xmpp-vulnerability-chain-that-could-lead-to-remote-code-execution/60432/1
Method that Tricks Users to Perceive Attachment of PDF File as Safe File
https://malware.news/t/method-that-tricks-users-to-perceive-attachment-of-pdf-file-as-safe-file/60435/1
CMMC issues. CISA's forthcoming incident reporting rules. US FTC blogs policy.
https://thecyberwire.com/newsletters/policy-briefing/4/100
Experts to World: We’re Doomed
https://www.vice.com/en_us/article/93bxxv/experts-to-world-were-doomed
SIM-based Authentication Aims to Transform Device Binding Security to End Phishing
https://thehackernews.com/2022/05/sim-based-authentication-aims-to.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Suspected Chinese threat actors target Russian government entities. New version of Sandworm malware loader. Linux botnet activity.
https://thecyberwire.com/newsletters/research-briefing/4/21
7 machine identity management best practices
https://www.csoonline.com/article/3661357/7-machine-identity-best-practices.html#tk.rss_all
New Rhino Blog Post: CVE-2022-25237: Bonitasoft Authorization Bypass and RCE
https://www.reddit.com/r/netsec/comments/uwt4gq/new_rhino_blog_post_cve202225237_bonitasoft/
Exium expands SASE, 5G-based security for midsize enterprise networks
https://www.networkworld.com/article/3661700/exium-expands-sase-5g-based-security-for-midsize-enterprise-networks.html#tk.rss_all
ISC StormCast for Wednesday, May 25th, 2022
https://isc.sans.edu/podcastdetail.html?id=8022
Zoom patches XMPP vulnerability chain that could lead to remote code execution
https://malware.news/t/zoom-patches-xmpp-vulnerability-chain-that-could-lead-to-remote-code-execution/60432/1
Method that Tricks Users to Perceive Attachment of PDF File as Safe File
https://malware.news/t/method-that-tricks-users-to-perceive-attachment-of-pdf-file-as-safe-file/60435/1
CMMC issues. CISA's forthcoming incident reporting rules. US FTC blogs policy.
https://thecyberwire.com/newsletters/policy-briefing/4/100
Experts to World: We’re Doomed
https://www.vice.com/en_us/article/93bxxv/experts-to-world-were-doomed
SIM-based Authentication Aims to Transform Device Binding Security to End Phishing
https://thehackernews.com/2022/05/sim-based-authentication-aims-to.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Suspected Chinese threat actors target Russian government entities. New version of Sandworm malware loader. Linux botnet activity.
👍1
Top Security News for 26/05/2022
How the Saitama backdoor uses DNS tunnelling
https://blog.malwarebytes.com/threat-intelligence/2022/05/how-the-saitama-backdoor-uses-dns-tunnelling/
PIXM releases new computer vision solution for mobile phishing
https://www.csoonline.com/article/3661560/pixm-releases-new-computer-vision-solution-for-mobile-phishing.html#tk.rss_all
Pfizer warns of “constant waves” of COVID as complacency grows
https://arstechnica.com/?p=1856239
Learn How Hackers Can Hijack Your Online Accounts Even Before You Create Them
https://thehackernews.com/2022/05/learn-how-hackers-can-hijack-your.html
BrandPost: How Shift Left Security Helps Developers Build More Secure Cloud-Native Apps
https://www.csoonline.com/article/3662070/how-shift-left-security-helps-developers-build-more-secure-cloud-native-apps.html#tk.rss_all
Twitter fined $150 million by FTC for alleged privacy violations
https://malware.news/t/twitter-fined-150-million-by-ftc-for-alleged-privacy-violations/60475/1
Lumos System Can Find Hidden Cameras and IoT Devices in Your Airbnb or Hotel Room
https://thehackernews.com/2022/05/lumos-system-can-find-hidden-cameras.html
If Europe and Japan can have small, cheap EVs, why can’t America?
https://arstechnica.com/?p=1856257
YouTube remains in Russia to be an independent news source: CEO
https://malware.news/t/youtube-remains-in-russia-to-be-an-independent-news-source-ceo/60474/1
Tetragon: case study of security product's self-protection
https://www.reddit.com/r/netsec/comments/uxhw4k/tetragon_case_study_of_security_products/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
How the Saitama backdoor uses DNS tunnelling
https://blog.malwarebytes.com/threat-intelligence/2022/05/how-the-saitama-backdoor-uses-dns-tunnelling/
PIXM releases new computer vision solution for mobile phishing
https://www.csoonline.com/article/3661560/pixm-releases-new-computer-vision-solution-for-mobile-phishing.html#tk.rss_all
Pfizer warns of “constant waves” of COVID as complacency grows
https://arstechnica.com/?p=1856239
Learn How Hackers Can Hijack Your Online Accounts Even Before You Create Them
https://thehackernews.com/2022/05/learn-how-hackers-can-hijack-your.html
BrandPost: How Shift Left Security Helps Developers Build More Secure Cloud-Native Apps
https://www.csoonline.com/article/3662070/how-shift-left-security-helps-developers-build-more-secure-cloud-native-apps.html#tk.rss_all
Twitter fined $150 million by FTC for alleged privacy violations
https://malware.news/t/twitter-fined-150-million-by-ftc-for-alleged-privacy-violations/60475/1
Lumos System Can Find Hidden Cameras and IoT Devices in Your Airbnb or Hotel Room
https://thehackernews.com/2022/05/lumos-system-can-find-hidden-cameras.html
If Europe and Japan can have small, cheap EVs, why can’t America?
https://arstechnica.com/?p=1856257
YouTube remains in Russia to be an independent news source: CEO
https://malware.news/t/youtube-remains-in-russia-to-be-an-independent-news-source-ceo/60474/1
Tetragon: case study of security product's self-protection
https://www.reddit.com/r/netsec/comments/uxhw4k/tetragon_case_study_of_security_products/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
👍1
Top Security News for 27/05/2022
Uvalde SWAT Team Bragged About Training at Schools on Facebook
https://www.vice.com/en_us/article/wxdwgn/uvalde-swat-team-bragged-about-training-at-schools-on-facebook
Cheerscrypt described. Twitter settles with FTC over data privacy. Update on SpiceJet's ransomware incident.
https://thecyberwire.com/newsletters/privacy-briefing/4/102
Cheerscrypt described. Twitter settles with FTC over data privacy. Update on SpiceJet's ransomware incident.
https://thecyberwire.com/podcasts/privacy-briefing/593/notes
Vulnerabilities and exploits: Pantsdown, ChromeLoader. Ransomware campaign updates. CISA Known Exploited Vulnerabilities.
https://thecyberwire.com/newsletters/daily-briefing/11/102
Episode 67 : IceCoal DB Reversing
https://malware.news/t/episode-67-icecoal-db-reversing/60521/1
New Linux-based ransomware targets VMware servers
https://www.csoonline.com/article/3662153/new-linux-based-ransomware-targets-vmware-servers.html#tk.rss_all
ASEC Weekly Malware Statistics (May 16th, 2022 – May 22nd, 2022)
https://malware.news/t/asec-weekly-malware-statistics-may-16th-2022-may-22nd-2022/60519/1
Russian disinformation: disruption is easier than persuasion. Hyperlocal propaganda. Coordinated inauthenticity, at scale. Possible Ukrainian disinformation. Dissent in Russia's war. Influence ops against authoritarians.
https://thecyberwire.com/newsletters/disinformation-briefing/4/21
Top Ten Most Cumbersome Website Infections to Remove in 2021
https://malware.news/t/top-ten-most-cumbersome-website-infections-to-remove-in-2021/60520/1
Critical 'Pantsdown' BMC Vulnerability Affects QCT Servers Used in Data Centers
https://thehackernews.com/2022/05/critical-pantsdown-bmc-vulnerability.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Uvalde SWAT Team Bragged About Training at Schools on Facebook
https://www.vice.com/en_us/article/wxdwgn/uvalde-swat-team-bragged-about-training-at-schools-on-facebook
Cheerscrypt described. Twitter settles with FTC over data privacy. Update on SpiceJet's ransomware incident.
https://thecyberwire.com/newsletters/privacy-briefing/4/102
Cheerscrypt described. Twitter settles with FTC over data privacy. Update on SpiceJet's ransomware incident.
https://thecyberwire.com/podcasts/privacy-briefing/593/notes
Vulnerabilities and exploits: Pantsdown, ChromeLoader. Ransomware campaign updates. CISA Known Exploited Vulnerabilities.
https://thecyberwire.com/newsletters/daily-briefing/11/102
Episode 67 : IceCoal DB Reversing
https://malware.news/t/episode-67-icecoal-db-reversing/60521/1
New Linux-based ransomware targets VMware servers
https://www.csoonline.com/article/3662153/new-linux-based-ransomware-targets-vmware-servers.html#tk.rss_all
ASEC Weekly Malware Statistics (May 16th, 2022 – May 22nd, 2022)
https://malware.news/t/asec-weekly-malware-statistics-may-16th-2022-may-22nd-2022/60519/1
Russian disinformation: disruption is easier than persuasion. Hyperlocal propaganda. Coordinated inauthenticity, at scale. Possible Ukrainian disinformation. Dissent in Russia's war. Influence ops against authoritarians.
https://thecyberwire.com/newsletters/disinformation-briefing/4/21
Top Ten Most Cumbersome Website Infections to Remove in 2021
https://malware.news/t/top-ten-most-cumbersome-website-infections-to-remove-in-2021/60520/1
Critical 'Pantsdown' BMC Vulnerability Affects QCT Servers Used in Data Centers
https://thehackernews.com/2022/05/critical-pantsdown-bmc-vulnerability.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Vice
Uvalde SWAT Team Bragged About Training at Schools on Facebook
Uvalde SWAT visited schools to "familiarize themselves with layouts of our local schools and businesses."
Top Security News for 28/05/2022
RCE over ham radio - Reverse shell via WinAPRS
https://www.reddit.com/r/netsec/comments/uxo9bk/rce_over_ham_radio_reverse_shell_via_winaprs/
How To Build a Trusted Cybersecurity Program
https://malware.news/t/how-to-build-a-trusted-cybersecurity-program/60553/1
Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw
https://securityaffairs.co/wordpress/131698/hacking/poc-exploit-code-vmware-cve-2022-22972.html
Nearly 100,000 NPM Users' Credentials Stolen in GitHub OAuth Breach
https://thehackernews.com/2022/05/nearly-100000-npm-users-credentials.html
CISA, DOD Report Gaps for Agencies Assessing 5G Security Risks
https://malware.news/t/cisa-dod-report-gaps-for-agencies-assessing-5g-security-risks/60550/1
Man who helped Infraud cybercrime cartel steal millions of credit cards sentenced
https://malware.news/t/man-who-helped-infraud-cybercrime-cartel-steal-millions-of-credit-cards-sentenced/60551/1
Cecelia Marinier from RSAC and Niloo Howe, judge, on the RSAC Innovation Sandbox contest.
https://thecyberwire.com/podcasts/interview-selects/112/notes
AWS universal rate-limiter bypass
https://www.reddit.com/r/netsec/comments/uyz6zw/aws_universal_ratelimiter_bypass/
Ukraine at D+92: Artillery, DDoS, and remittances in a hybrid war.
https://thecyberwire.com/stories/eb35d7ba848d4b16ac000f6936d75779/ukraine-at-d92
Firefox, Thunderbird, receive patches for critical security issues
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/firefox-thunderbird-receive-patches-for-critical-security-issues/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
RCE over ham radio - Reverse shell via WinAPRS
https://www.reddit.com/r/netsec/comments/uxo9bk/rce_over_ham_radio_reverse_shell_via_winaprs/
How To Build a Trusted Cybersecurity Program
https://malware.news/t/how-to-build-a-trusted-cybersecurity-program/60553/1
Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw
https://securityaffairs.co/wordpress/131698/hacking/poc-exploit-code-vmware-cve-2022-22972.html
Nearly 100,000 NPM Users' Credentials Stolen in GitHub OAuth Breach
https://thehackernews.com/2022/05/nearly-100000-npm-users-credentials.html
CISA, DOD Report Gaps for Agencies Assessing 5G Security Risks
https://malware.news/t/cisa-dod-report-gaps-for-agencies-assessing-5g-security-risks/60550/1
Man who helped Infraud cybercrime cartel steal millions of credit cards sentenced
https://malware.news/t/man-who-helped-infraud-cybercrime-cartel-steal-millions-of-credit-cards-sentenced/60551/1
Cecelia Marinier from RSAC and Niloo Howe, judge, on the RSAC Innovation Sandbox contest.
https://thecyberwire.com/podcasts/interview-selects/112/notes
AWS universal rate-limiter bypass
https://www.reddit.com/r/netsec/comments/uyz6zw/aws_universal_ratelimiter_bypass/
Ukraine at D+92: Artillery, DDoS, and remittances in a hybrid war.
https://thecyberwire.com/stories/eb35d7ba848d4b16ac000f6936d75779/ukraine-at-d92
Firefox, Thunderbird, receive patches for critical security issues
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/firefox-thunderbird-receive-patches-for-critical-security-issues/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
RCE over ham radio - Reverse shell via WinAPRS
Posted in r/netsec by u/rickostuff • 53 points and 21 comments
Top Security News for 29/05/2022
Understanding CVE-2022-22972 (VMWare Workspace One Access Auth Bypass)
https://www.reddit.com/r/netsec/comments/uzkf6p/understanding_cve202222972_vmware_workspace_one/
Stealthy Linux malware bypasses firewalls for remote access
https://www.reddit.com/r/Malware/comments/uzr2gb/stealthy_linux_malware_bypasses_firewalls_for/
Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks
https://securityaffairs.co/wordpress/131762/apt/gamaredon-apt-ddos-attacks.html
New York Man Sentenced to 4 Years in Transnational Cybercrime Scheme
https://thehackernews.com/2022/05/new-york-man-sentenced-to-4-years-in.html
Mining museums’ genomic treasures
https://arstechnica.com/?p=1856930
Are TikTok algorithms changing how people talk about suicide?
https://arstechnica.com/?p=1857008
Rikkei Finance Hack: Explained
https://www.reddit.com/r/netsec/comments/uzjfyx/rikkei_finance_hack_explained/
Compromised military tech?
https://thecyberwire.com/podcasts/research-saturday/234/notes
The strange link between Industrial Spy and the Cuba ransomware operation
https://securityaffairs.co/wordpress/131754/cyber-crime/industrial-spy-cuba-ransomware.html
How to secure Kubernetes Deployment
https://www.reddit.com/r/netsec/comments/uzk9od/how_to_secure_kubernetes_deployment/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Understanding CVE-2022-22972 (VMWare Workspace One Access Auth Bypass)
https://www.reddit.com/r/netsec/comments/uzkf6p/understanding_cve202222972_vmware_workspace_one/
Stealthy Linux malware bypasses firewalls for remote access
https://www.reddit.com/r/Malware/comments/uzr2gb/stealthy_linux_malware_bypasses_firewalls_for/
Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks
https://securityaffairs.co/wordpress/131762/apt/gamaredon-apt-ddos-attacks.html
New York Man Sentenced to 4 Years in Transnational Cybercrime Scheme
https://thehackernews.com/2022/05/new-york-man-sentenced-to-4-years-in.html
Mining museums’ genomic treasures
https://arstechnica.com/?p=1856930
Are TikTok algorithms changing how people talk about suicide?
https://arstechnica.com/?p=1857008
Rikkei Finance Hack: Explained
https://www.reddit.com/r/netsec/comments/uzjfyx/rikkei_finance_hack_explained/
Compromised military tech?
https://thecyberwire.com/podcasts/research-saturday/234/notes
The strange link between Industrial Spy and the Cuba ransomware operation
https://securityaffairs.co/wordpress/131754/cyber-crime/industrial-spy-cuba-ransomware.html
How to secure Kubernetes Deployment
https://www.reddit.com/r/netsec/comments/uzk9od/how_to_secure_kubernetes_deployment/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Understanding CVE-2022-22972 (VMWare Workspace One Access Auth Bypass)
Posted in r/netsec by u/Mempodipper • 21 points and 0 comments
Top Security News for 30/05/2022
The mystery of China’s sudden warnings about US hackers
https://arstechnica.com/?p=1856999
Curious - What is Skillbrains ?
https://www.bleepingcomputer.com/forums/t/772662/curious-what-is-skillbrains/
ForceAdmin : Create infinate #UAC prompts forcing a user to run as admin.
https://www.reddit.com/r/netsec/comments/v08p38/forceadmin_create_infinate_uac_prompts_forcing_a/
Pro-Russian hacker group KillNet plans to attack Italy on May 30
https://securityaffairs.co/wordpress/131776/hacking/killnet-threatens-italy.html
JPG to Malware
https://www.reddit.com/r/netsec/comments/v08plj/jpg_to_malware/
Extracting The Overlay Of A PE File, (Sun, May 29th)
https://malware.news/t/extracting-the-overlay-of-a-pe-file-sun-may-29th/60555/1
Clop ransomware gang is back, hits 21 victims in a single month
https://www.reddit.com/r/Malware/comments/v03we1/clop_ransomware_gang_is_back_hits_21_victims_in_a/
How to stop malware extension from automatically re-installing every time i open Chrome
https://www.reddit.com/r/Malware/comments/v0k9fo/how_to_stop_malware_extension_from_automatically/
grsecurity - Tetragone: A Lesson in Security Fundamentals
https://www.reddit.com/r/netsec/comments/v06ok1/grsecurity_tetragone_a_lesson_in_security/
Extracting The Overlay Of A PE File, (Sun, May 29th)
https://isc.sans.edu/diary/rss/28692
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The mystery of China’s sudden warnings about US hackers
https://arstechnica.com/?p=1856999
Curious - What is Skillbrains ?
https://www.bleepingcomputer.com/forums/t/772662/curious-what-is-skillbrains/
ForceAdmin : Create infinate #UAC prompts forcing a user to run as admin.
https://www.reddit.com/r/netsec/comments/v08p38/forceadmin_create_infinate_uac_prompts_forcing_a/
Pro-Russian hacker group KillNet plans to attack Italy on May 30
https://securityaffairs.co/wordpress/131776/hacking/killnet-threatens-italy.html
JPG to Malware
https://www.reddit.com/r/netsec/comments/v08plj/jpg_to_malware/
Extracting The Overlay Of A PE File, (Sun, May 29th)
https://malware.news/t/extracting-the-overlay-of-a-pe-file-sun-may-29th/60555/1
Clop ransomware gang is back, hits 21 victims in a single month
https://www.reddit.com/r/Malware/comments/v03we1/clop_ransomware_gang_is_back_hits_21_victims_in_a/
How to stop malware extension from automatically re-installing every time i open Chrome
https://www.reddit.com/r/Malware/comments/v0k9fo/how_to_stop_malware_extension_from_automatically/
grsecurity - Tetragone: A Lesson in Security Fundamentals
https://www.reddit.com/r/netsec/comments/v06ok1/grsecurity_tetragone_a_lesson_in_security/
Extracting The Overlay Of A PE File, (Sun, May 29th)
https://isc.sans.edu/diary/rss/28692
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Ars Technica
The mystery of China’s sudden warnings about US hackers
China has recently begun saber-rattling about American cyberespionage.