Top Security News for 04/09/2022
Video: James Webb JPEG With Malware, (Sat, Sep 3rd)
https://isc.sans.edu/diary/rss/29012
Arti 1.0.0: Rust Tor implementation is ready for production use
https://www.reddit.com/r/netsec/comments/x51i31/arti_100_rust_tor_implementation_is_ready_for/
SimpleX Chat - the first messaging platform that has no user identifiers (not even random numbers) - v3.2 of iOS and Android apps released - with Incognito mode and support for .onion hostnames.
https://www.reddit.com/r/netsec/comments/x4y615/simplex_chat_the_first_messaging_platform_that/
Machine Learning for Language Detection in Python with scikit-learn
https://malware.news/t/machine-learning-for-language-detection-in-python-with-scikit-learn/63104/1
Analysis: Situational Awareness + Timelines
https://malware.news/t/analysis-situational-awareness-timelines/63101/1
Fun with Windows Containers - Popping Calc
https://www.reddit.com/r/netsec/comments/x51a3b/fun_with_windows_containers_popping_calc/
Video: James Webb JPEG With Malware, (Sat, Sep 3rd)
https://malware.news/t/video-james-webb-jpeg-with-malware-sat-sep-3rd/63100/1
Anjali Hansen: Cross team collaboration works best. [Privacy Council]
https://thecyberwire.com/podcasts/career-notes/115/notes
Security Affairs newsletter Round 382
https://securityaffairs.co/wordpress/135269/breaking-news/security-affairs-newsletter-round-382.html
LEMONADE.BIN and the evolution of binary formats from COM to PE32+
https://www.reddit.com/r/lowlevel/comments/x43ujz/lemonadebin_and_the_evolution_of_binary_formats/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Video: James Webb JPEG With Malware, (Sat, Sep 3rd)
https://isc.sans.edu/diary/rss/29012
Arti 1.0.0: Rust Tor implementation is ready for production use
https://www.reddit.com/r/netsec/comments/x51i31/arti_100_rust_tor_implementation_is_ready_for/
SimpleX Chat - the first messaging platform that has no user identifiers (not even random numbers) - v3.2 of iOS and Android apps released - with Incognito mode and support for .onion hostnames.
https://www.reddit.com/r/netsec/comments/x4y615/simplex_chat_the_first_messaging_platform_that/
Machine Learning for Language Detection in Python with scikit-learn
https://malware.news/t/machine-learning-for-language-detection-in-python-with-scikit-learn/63104/1
Analysis: Situational Awareness + Timelines
https://malware.news/t/analysis-situational-awareness-timelines/63101/1
Fun with Windows Containers - Popping Calc
https://www.reddit.com/r/netsec/comments/x51a3b/fun_with_windows_containers_popping_calc/
Video: James Webb JPEG With Malware, (Sat, Sep 3rd)
https://malware.news/t/video-james-webb-jpeg-with-malware-sat-sep-3rd/63100/1
Anjali Hansen: Cross team collaboration works best. [Privacy Council]
https://thecyberwire.com/podcasts/career-notes/115/notes
Security Affairs newsletter Round 382
https://securityaffairs.co/wordpress/135269/breaking-news/security-affairs-newsletter-round-382.html
LEMONADE.BIN and the evolution of binary formats from COM to PE32+
https://www.reddit.com/r/lowlevel/comments/x43ujz/lemonadebin_and_the_evolution_of_binary_formats/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
InfoSec Handlers Diary Blog - SANS Internet Storm Center
Internet Storm Center Diary 2022-10-26, Author: Johannes Ullrich
Top Security News for 05/09/2022
Update: oledump.py Version 0.0.70
https://malware.news/t/update-oledump-py-version-0-0-70/63105/1
The source code of a remote access trojan (RAT) dubbed 'CodeRAT' has been leaked on GitHub after malware analysts confronted the developer about attacks that used the tool.
https://www.reddit.com/r/Malware/comments/x64wcy/the_source_code_of_a_remote_access_trojan_rat/
There’s Another Hole In Your SoC: Unisoc ROM Vulnerabilities as used in the Motorola Moto E40 / Teclast T40 5G etc. - disclosure timeline is a thing of wonder
https://www.reddit.com/r/lowlevel/comments/x5ieqo/theres_another_hole_in_your_soc_unisoc_rom/
A new phishing scam targets American Express cardholders
https://securityaffairs.co/wordpress/135292/hacking/phishing-scam-targets-american-express.html
HWP File Disguised as Personal Profile Form (OLE Object)
https://malware.news/t/hwp-file-disguised-as-personal-profile-form-ole-object/63108/1
Video: VBA Maldoc & UTF7 (APT-C-35), (Sun, Sep 4th)
https://isc.sans.edu/diary/rss/29016
Video: Kernel Mode Driver Emulation with Speakeasy
https://www.reddit.com/r/Malware/comments/x5r7wg/video_kernel_mode_driver_emulation_with_speakeasy/
Video: VBA Maldoc & UTF7 (APT-C-35), (Sun, Sep 4th)
https://malware.news/t/video-vba-maldoc-utf7-apt-c-35-sun-sep-4th/63106/1
IRS mistakenly published confidential info for roughly 120K taxpayers
https://securityaffairs.co/wordpress/135271/security/irs-data-leak.html
Anonymous hacked Yandex taxi causing a massive traffic jam in Moscow
https://securityaffairs.co/wordpress/135280/hacktivism/anonyomus-hacked-yandex-taxi.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Update: oledump.py Version 0.0.70
https://malware.news/t/update-oledump-py-version-0-0-70/63105/1
The source code of a remote access trojan (RAT) dubbed 'CodeRAT' has been leaked on GitHub after malware analysts confronted the developer about attacks that used the tool.
https://www.reddit.com/r/Malware/comments/x64wcy/the_source_code_of_a_remote_access_trojan_rat/
There’s Another Hole In Your SoC: Unisoc ROM Vulnerabilities as used in the Motorola Moto E40 / Teclast T40 5G etc. - disclosure timeline is a thing of wonder
https://www.reddit.com/r/lowlevel/comments/x5ieqo/theres_another_hole_in_your_soc_unisoc_rom/
A new phishing scam targets American Express cardholders
https://securityaffairs.co/wordpress/135292/hacking/phishing-scam-targets-american-express.html
HWP File Disguised as Personal Profile Form (OLE Object)
https://malware.news/t/hwp-file-disguised-as-personal-profile-form-ole-object/63108/1
Video: VBA Maldoc & UTF7 (APT-C-35), (Sun, Sep 4th)
https://isc.sans.edu/diary/rss/29016
Video: Kernel Mode Driver Emulation with Speakeasy
https://www.reddit.com/r/Malware/comments/x5r7wg/video_kernel_mode_driver_emulation_with_speakeasy/
Video: VBA Maldoc & UTF7 (APT-C-35), (Sun, Sep 4th)
https://malware.news/t/video-vba-maldoc-utf7-apt-c-35-sun-sep-4th/63106/1
IRS mistakenly published confidential info for roughly 120K taxpayers
https://securityaffairs.co/wordpress/135271/security/irs-data-leak.html
Anonymous hacked Yandex taxi causing a massive traffic jam in Moscow
https://securityaffairs.co/wordpress/135280/hacktivism/anonyomus-hacked-yandex-taxi.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Update: oledump.py Version 0.0.70
This is an update to plugin plugin_vba_dco.py, improving generalization and adding option -p. You can watch this maldoc analysis video to learn how to use the generalization feature of this plugin: oledump_V0_0_70.zip (http) MD5: D6EC4FD6B7BE60E01A98922BC06A1E8F…
Top Security News for 05/09/2022
Anonymous hacked Yandex taxi causing a massive traffic jam in Moscow
https://securityaffairs.co/wordpress/135280/hacktivism/anonyomus-hacked-yandex-taxi.html
Update: oledump.py Version 0.0.70
https://malware.news/t/update-oledump-py-version-0-0-70/63105/1
IRS mistakenly published confidential info for roughly 120K taxpayers
https://securityaffairs.co/wordpress/135271/security/irs-data-leak.html
Malware Analysis - Kernel Mode Driver Emulation with Speakeasy
https://malware.news/t/malware-analysis-kernel-mode-driver-emulation-with-speakeasy/63107/1
There’s Another Hole In Your SoC: Unisoc ROM Vulnerabilities as used in the Motorola Moto E40 / Teclast T40 5G etc. - disclosure timeline is a thing of wonder
https://www.reddit.com/r/lowlevel/comments/x5ieqo/theres_another_hole_in_your_soc_unisoc_rom/
WPHash - Fingerprinting WordPress Plugins, now in public beta and open to feedback and collaboration
https://www.reddit.com/r/netsec/comments/x5udxe/wphash_fingerprinting_wordpress_plugins_now_in/
Security compliance and cybersecurity first principles.
https://thecyberwire.com/podcasts/cso-perspectives-public/59/notes
Video: VBA Maldoc & UTF7 (APT-C-35), (Sun, Sep 4th)
https://isc.sans.edu/diary/rss/29016
SharkBot malware sneaks back on Google Play to steal your logins
https://www.reddit.com/r/Malware/comments/x68c1q/sharkbot_malware_sneaks_back_on_google_play_to/
HWP File Disguised as Personal Profile Form (OLE Object)
https://malware.news/t/hwp-file-disguised-as-personal-profile-form-ole-object/63108/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Anonymous hacked Yandex taxi causing a massive traffic jam in Moscow
https://securityaffairs.co/wordpress/135280/hacktivism/anonyomus-hacked-yandex-taxi.html
Update: oledump.py Version 0.0.70
https://malware.news/t/update-oledump-py-version-0-0-70/63105/1
IRS mistakenly published confidential info for roughly 120K taxpayers
https://securityaffairs.co/wordpress/135271/security/irs-data-leak.html
Malware Analysis - Kernel Mode Driver Emulation with Speakeasy
https://malware.news/t/malware-analysis-kernel-mode-driver-emulation-with-speakeasy/63107/1
There’s Another Hole In Your SoC: Unisoc ROM Vulnerabilities as used in the Motorola Moto E40 / Teclast T40 5G etc. - disclosure timeline is a thing of wonder
https://www.reddit.com/r/lowlevel/comments/x5ieqo/theres_another_hole_in_your_soc_unisoc_rom/
WPHash - Fingerprinting WordPress Plugins, now in public beta and open to feedback and collaboration
https://www.reddit.com/r/netsec/comments/x5udxe/wphash_fingerprinting_wordpress_plugins_now_in/
Security compliance and cybersecurity first principles.
https://thecyberwire.com/podcasts/cso-perspectives-public/59/notes
Video: VBA Maldoc & UTF7 (APT-C-35), (Sun, Sep 4th)
https://isc.sans.edu/diary/rss/29016
SharkBot malware sneaks back on Google Play to steal your logins
https://www.reddit.com/r/Malware/comments/x68c1q/sharkbot_malware_sneaks_back_on_google_play_to/
HWP File Disguised as Personal Profile Form (OLE Object)
https://malware.news/t/hwp-file-disguised-as-personal-profile-form-ole-object/63108/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Anonymous hacked Yandex taxi causing a traffic jam in Moscow
The popular collective Anonymous and the IT Army of Ukraine hacked the Yandex Taxi app causing a massive traffic jam in Moscow.
Top Security News for 06/09/2022
Ransomware Attackers Abuse Genshin Impact Anti-Cheat System to Disable Antivirus
https://thehackernews.com/2022/09/ransomware-attackers-abuse-genshin.html
SAT/SMT Solvers by Example
https://www.reddit.com/r/netsec/comments/x6y3hk/satsmt_solvers_by_example/
ISC StormCast for Tuesday, September 6th, 2022
https://isc.sans.edu/podcastdetail.html?id=8160
CVE-2022-30190, AKA Follina, Uses Macro-less Word Docs to Drop RCE Files
https://www.reddit.com/r/netsec/comments/x6aqwc/cve202230190_aka_follina_uses_macroless_word_docs/
PackMyPayload - Emerging Threat of Containerized Malware. It can serve purpose for a Proof-of-Concept presenting emerging risk of container file formats with embedded malware.
https://www.reddit.com/r/Malware/comments/x6xpb4/packmypayload_emerging_threat_of_containerized/
Hacking my Helium Crypto Miner
https://www.reddit.com/r/netsec/comments/x6d97k/hacking_my_helium_crypto_miner/
JPCERT/CC Releases URL Dataset of Confirmed Phishing Sites
https://malware.news/t/jpcert-cc-releases-url-dataset-of-confirmed-phishing-sites/63125/1
ISC Stormcast For Tuesday, September 6th, 2022 https://isc.sans.edu/podcastdetail.html?id=8160, (Tue, Sep 6th)
https://malware.news/t/isc-stormcast-for-tuesday-september-6th-2022-https-isc-sans-edu-podcastdetail-html-id-8160-tue-sep-6th/63123/1
Walkthrough of an unauthenticated RCE affecting pfBlockerNG <= 2.1.4_26 (CVE-2022-31814)
https://www.reddit.com/r/netsec/comments/x6b5is/walkthrough_of_an_unauthenticated_rce_affecting/
Microsoft will disable Basic authentication for Exchange Online in less than a month
https://www.malwarebytes.com/blog/news/2022/09/microsoft-to-disable-basic-auth-for-exchange-online-in-less-than-a-month
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Ransomware Attackers Abuse Genshin Impact Anti-Cheat System to Disable Antivirus
https://thehackernews.com/2022/09/ransomware-attackers-abuse-genshin.html
SAT/SMT Solvers by Example
https://www.reddit.com/r/netsec/comments/x6y3hk/satsmt_solvers_by_example/
ISC StormCast for Tuesday, September 6th, 2022
https://isc.sans.edu/podcastdetail.html?id=8160
CVE-2022-30190, AKA Follina, Uses Macro-less Word Docs to Drop RCE Files
https://www.reddit.com/r/netsec/comments/x6aqwc/cve202230190_aka_follina_uses_macroless_word_docs/
PackMyPayload - Emerging Threat of Containerized Malware. It can serve purpose for a Proof-of-Concept presenting emerging risk of container file formats with embedded malware.
https://www.reddit.com/r/Malware/comments/x6xpb4/packmypayload_emerging_threat_of_containerized/
Hacking my Helium Crypto Miner
https://www.reddit.com/r/netsec/comments/x6d97k/hacking_my_helium_crypto_miner/
JPCERT/CC Releases URL Dataset of Confirmed Phishing Sites
https://malware.news/t/jpcert-cc-releases-url-dataset-of-confirmed-phishing-sites/63125/1
ISC Stormcast For Tuesday, September 6th, 2022 https://isc.sans.edu/podcastdetail.html?id=8160, (Tue, Sep 6th)
https://malware.news/t/isc-stormcast-for-tuesday-september-6th-2022-https-isc-sans-edu-podcastdetail-html-id-8160-tue-sep-6th/63123/1
Walkthrough of an unauthenticated RCE affecting pfBlockerNG <= 2.1.4_26 (CVE-2022-31814)
https://www.reddit.com/r/netsec/comments/x6b5is/walkthrough_of_an_unauthenticated_rce_affecting/
Microsoft will disable Basic authentication for Exchange Online in less than a month
https://www.malwarebytes.com/blog/news/2022/09/microsoft-to-disable-basic-auth-for-exchange-online-in-less-than-a-month
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
SAT/SMT Solvers by Example
Posted in r/netsec by u/ambray_ • 4 points and 0 comments
Top Security News for 06/09/2022
ISC Stormcast For Tuesday, September 6th, 2022 https://isc.sans.edu/podcastdetail.html?id=8160, (Tue, Sep 6th)
https://malware.news/t/isc-stormcast-for-tuesday-september-6th-2022-https-isc-sans-edu-podcastdetail-html-id-8160-tue-sep-6th/63123/1
How Azure Active Directory opens new authentication risks
https://www.csoonline.com/article/3672531/how-azure-active-directory-opens-new-authentication-risks.html#tk.rss_all
Zero-day puts a dent in Chrome's mojo
https://www.malwarebytes.com/blog/news/2022/09/update-chrome-asap-a-new-zero-day-is-already-being-exploited
Hacking my Helium Crypto Miner
https://www.reddit.com/r/netsec/comments/x6d97k/hacking_my_helium_crypto_miner/
JPCERT/CC Releases URL Dataset of Confirmed Phishing Sites
https://malware.news/t/jpcert-cc-releases-url-dataset-of-confirmed-phishing-sites/63125/1
Ransomware Attackers Abuse Genshin Impact Anti-Cheat System to Disable Antivirus
https://thehackernews.com/2022/09/ransomware-attackers-abuse-genshin.html
ISC Stormcast For Tuesday, September 6th, 2022 https://isc.sans.edu/podcastdetail.html?id=8160, (Tue, Sep 6th)
https://isc.sans.edu/diary/rss/29020
QNAP warns new Deadbolt ransomware attacks exploiting zero-day
https://securityaffairs.co/wordpress/135347/malware/qnap-deadbolt-ransomware-new-attacks.html
A week in security (August 29 - September 4)
https://malware.news/t/a-week-in-security-august-29-september-4/63121/1
Simulated Phishing (noun)
https://thecyberwire.com/podcasts/word-notes/115/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Tuesday, September 6th, 2022 https://isc.sans.edu/podcastdetail.html?id=8160, (Tue, Sep 6th)
https://malware.news/t/isc-stormcast-for-tuesday-september-6th-2022-https-isc-sans-edu-podcastdetail-html-id-8160-tue-sep-6th/63123/1
How Azure Active Directory opens new authentication risks
https://www.csoonline.com/article/3672531/how-azure-active-directory-opens-new-authentication-risks.html#tk.rss_all
Zero-day puts a dent in Chrome's mojo
https://www.malwarebytes.com/blog/news/2022/09/update-chrome-asap-a-new-zero-day-is-already-being-exploited
Hacking my Helium Crypto Miner
https://www.reddit.com/r/netsec/comments/x6d97k/hacking_my_helium_crypto_miner/
JPCERT/CC Releases URL Dataset of Confirmed Phishing Sites
https://malware.news/t/jpcert-cc-releases-url-dataset-of-confirmed-phishing-sites/63125/1
Ransomware Attackers Abuse Genshin Impact Anti-Cheat System to Disable Antivirus
https://thehackernews.com/2022/09/ransomware-attackers-abuse-genshin.html
ISC Stormcast For Tuesday, September 6th, 2022 https://isc.sans.edu/podcastdetail.html?id=8160, (Tue, Sep 6th)
https://isc.sans.edu/diary/rss/29020
QNAP warns new Deadbolt ransomware attacks exploiting zero-day
https://securityaffairs.co/wordpress/135347/malware/qnap-deadbolt-ransomware-new-attacks.html
A week in security (August 29 - September 4)
https://malware.news/t/a-week-in-security-august-29-september-4/63121/1
Simulated Phishing (noun)
https://thecyberwire.com/podcasts/word-notes/115/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Tuesday, September 6th, 2022 - SANS ISC
👍1
Top Security News for 07/09/2022
Integrating Live Patching in SecDevOps Workflows
https://thehackernews.com/2022/09/integrating-live-patching-in-secdevops.html
What Is Your Security Team Profile? Prevention, Detection, or Risk Management
https://thehackernews.com/2022/09/what-is-your-security-team-profile.html
SharkFest'21 Wireshark Conference Playlist - hours of free netsec and network analysis content
https://www.reddit.com/r/netsec/comments/x7j0gb/sharkfest21_wireshark_conference_playlist_hours/
23 year old Denial of Service bug in Curl
https://www.reddit.com/r/netsec/comments/x7e5kc/23_year_old_denial_of_service_bug_in_curl/
BrandPost: How Leading Companies Secure a Hybrid Workforce
https://www.csoonline.com/article/3672189/how-leading-companies-secure-a-hybrid-workforce.html#tk.rss_all
PackMyPayload - Emerging Threat of Containerized Malware. It can serve purpose for a Proof-of-Concept presenting emerging risk of container file formats with embedded malware.
https://www.reddit.com/r/Malware/comments/x7s1i0/packmypayload_emerging_threat_of_containerized/
The Heartbleed bug: How a flaw in OpenSSL caused a security crisis
https://www.csoonline.com/article/3223203/the-heartbleed-bug-how-a-flaw-in-openssl-caused-a-security-crisis.html#tk.rss_all
IRS accidental data exposure. Samsung discloses data breach. Data breach sacks 49ers. Third-party data breach exposes KeyBank customer data.
https://thecyberwire.com/podcasts/privacy-briefing/662/notes
In-app browser security risks, and what to do about them
https://www.csoonline.com/article/3672234/in-app-browser-security-risks-and-what-to-do-about-them.html#tk.rss_all
QNAP Warns of New DeadBolt Ransomware Attacks Exploiting Photo Station Flaw
https://thehackernews.com/2022/09/qnap-warns-of-new-deadbolt-ransomware.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Integrating Live Patching in SecDevOps Workflows
https://thehackernews.com/2022/09/integrating-live-patching-in-secdevops.html
What Is Your Security Team Profile? Prevention, Detection, or Risk Management
https://thehackernews.com/2022/09/what-is-your-security-team-profile.html
SharkFest'21 Wireshark Conference Playlist - hours of free netsec and network analysis content
https://www.reddit.com/r/netsec/comments/x7j0gb/sharkfest21_wireshark_conference_playlist_hours/
23 year old Denial of Service bug in Curl
https://www.reddit.com/r/netsec/comments/x7e5kc/23_year_old_denial_of_service_bug_in_curl/
BrandPost: How Leading Companies Secure a Hybrid Workforce
https://www.csoonline.com/article/3672189/how-leading-companies-secure-a-hybrid-workforce.html#tk.rss_all
PackMyPayload - Emerging Threat of Containerized Malware. It can serve purpose for a Proof-of-Concept presenting emerging risk of container file formats with embedded malware.
https://www.reddit.com/r/Malware/comments/x7s1i0/packmypayload_emerging_threat_of_containerized/
The Heartbleed bug: How a flaw in OpenSSL caused a security crisis
https://www.csoonline.com/article/3223203/the-heartbleed-bug-how-a-flaw-in-openssl-caused-a-security-crisis.html#tk.rss_all
IRS accidental data exposure. Samsung discloses data breach. Data breach sacks 49ers. Third-party data breach exposes KeyBank customer data.
https://thecyberwire.com/podcasts/privacy-briefing/662/notes
In-app browser security risks, and what to do about them
https://www.csoonline.com/article/3672234/in-app-browser-security-risks-and-what-to-do-about-them.html#tk.rss_all
QNAP Warns of New DeadBolt Ransomware Attacks Exploiting Photo Station Flaw
https://thehackernews.com/2022/09/qnap-warns-of-new-deadbolt-ransomware.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
SharkFest'21 Wireshark Conference Playlist - hours of free netsec and network analysis content : r/netsec
466K subscribers in the netsec community. /r/netsec is a community-curated aggregator of technical information security content. Our mission is to…
Top Security News for 07/09/2022
Dream Setup (Continued)
https://0x00sec.org/t/dream-setup-continued/31071
New EvilProxy Phishing Service Allowing Cybercriminals to Bypass 2-Factor Security
https://thehackernews.com/2022/09/new-evilproxy-phishing-service-allowing.html
IRS accidental data exposure. Samsung discloses data breach. Data breach sacks 49ers. Third-party data breach exposes KeyBank customer data.
https://thecyberwire.com/podcasts/privacy-briefing/662/notes
Vulnerability Analysis of CVE-2018-12613 – phpMyAdmin 4.8.1 Remote Code Execution
https://www.reddit.com/r/netsec/comments/x7eain/vulnerability_analysis_of_cve201812613_phpmyadmin/
Update: hex-to-bin.py Version 0.0.6
https://malware.news/t/update-hex-to-bin-py-version-0-0-6/63170/1
What Is Your Security Team Profile? Prevention, Detection, or Risk Management
https://thehackernews.com/2022/09/what-is-your-security-team-profile.html
How to turn security research into profit: a CL.0 case study
https://www.reddit.com/r/netsec/comments/x7anu0/how_to_turn_security_research_into_profit_a_cl0/
SharkFest'21 Wireshark Conference Playlist - hours of free netsec and network analysis content
https://www.reddit.com/r/netsec/comments/x7j0gb/sharkfest21_wireshark_conference_playlist_hours/
TA505 Group's TeslaGun In-Depth Analysis
https://www.reddit.com/r/netsec/comments/x76sts/ta505_groups_teslagun_indepth_analysis/
The Heartbleed bug: How a flaw in OpenSSL caused a security crisis
https://www.csoonline.com/article/3223203/the-heartbleed-bug-how-a-flaw-in-openssl-caused-a-security-crisis.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Dream Setup (Continued)
https://0x00sec.org/t/dream-setup-continued/31071
New EvilProxy Phishing Service Allowing Cybercriminals to Bypass 2-Factor Security
https://thehackernews.com/2022/09/new-evilproxy-phishing-service-allowing.html
IRS accidental data exposure. Samsung discloses data breach. Data breach sacks 49ers. Third-party data breach exposes KeyBank customer data.
https://thecyberwire.com/podcasts/privacy-briefing/662/notes
Vulnerability Analysis of CVE-2018-12613 – phpMyAdmin 4.8.1 Remote Code Execution
https://www.reddit.com/r/netsec/comments/x7eain/vulnerability_analysis_of_cve201812613_phpmyadmin/
Update: hex-to-bin.py Version 0.0.6
https://malware.news/t/update-hex-to-bin-py-version-0-0-6/63170/1
What Is Your Security Team Profile? Prevention, Detection, or Risk Management
https://thehackernews.com/2022/09/what-is-your-security-team-profile.html
How to turn security research into profit: a CL.0 case study
https://www.reddit.com/r/netsec/comments/x7anu0/how_to_turn_security_research_into_profit_a_cl0/
SharkFest'21 Wireshark Conference Playlist - hours of free netsec and network analysis content
https://www.reddit.com/r/netsec/comments/x7j0gb/sharkfest21_wireshark_conference_playlist_hours/
TA505 Group's TeslaGun In-Depth Analysis
https://www.reddit.com/r/netsec/comments/x76sts/ta505_groups_teslagun_indepth_analysis/
The Heartbleed bug: How a flaw in OpenSSL caused a security crisis
https://www.csoonline.com/article/3223203/the-heartbleed-bug-how-a-flaw-in-openssl-caused-a-security-crisis.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
0x00sec - The Home of the Hacker
Dream Setup (Continued)
Hello everyone, I thought that it would be fun to restart the dream setup conversation just for fun. Personally I would have a Inbox Zero gaming desk like this one. As well as three ASUS ROG Swift PG35VQ 35 Curved Monitors. I would also get a Apple Mac Pro…
Top Security News for 08/09/2022
Quickpost: Sun Drying Biodegradable Waste
https://malware.news/t/quickpost-sun-drying-biodegradable-waste/63201/1
ISC StormCast for Thursday, September 8th, 2022
https://isc.sans.edu/podcastdetail.html?id=8164
CIEM vs CWPP vs CSPM
https://malware.news/t/ciem-vs-cwpp-vs-cspm/63204/1
US lawmakers’ continued focus on TikTok as national security threat. NTSB lacks CISA-mandated vulnerability disclosure policy. US Army works to improve cybersecurity training.
https://thecyberwire.com/newsletters/policy-briefing/4/172
The Cost of a Data Breach for Government Agencies
https://securityintelligence.com/articles/cost-data-breach-government-agencies/
Albania attributes major cyberattack to Iran. TikTok denies breach. New Linux malware.
https://thecyberwire.com/podcasts/daily-podcast/1657/notes
Edward Snowden and whistleblower ethics.
https://thecyberwire.com/podcasts/caveat/140/notes
Global companies say supply chain partners expose them to ransomware
https://www.csoonline.com/article/3672155/global-companies-say-supply-chain-partners-expose-them-to-ransomware.html#tk.rss_all
Some Members of Conti Group Targeting Ukraine in Financially Motivated Attacks
https://thehackernews.com/2022/09/some-members-of-conti-group-targeting.html
TTPs Associated With a New Version of the BlackCat Ransomware
https://www.reddit.com/r/netsec/comments/x85xf5/ttps_associated_with_a_new_version_of_the/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Quickpost: Sun Drying Biodegradable Waste
https://malware.news/t/quickpost-sun-drying-biodegradable-waste/63201/1
ISC StormCast for Thursday, September 8th, 2022
https://isc.sans.edu/podcastdetail.html?id=8164
CIEM vs CWPP vs CSPM
https://malware.news/t/ciem-vs-cwpp-vs-cspm/63204/1
US lawmakers’ continued focus on TikTok as national security threat. NTSB lacks CISA-mandated vulnerability disclosure policy. US Army works to improve cybersecurity training.
https://thecyberwire.com/newsletters/policy-briefing/4/172
The Cost of a Data Breach for Government Agencies
https://securityintelligence.com/articles/cost-data-breach-government-agencies/
Albania attributes major cyberattack to Iran. TikTok denies breach. New Linux malware.
https://thecyberwire.com/podcasts/daily-podcast/1657/notes
Edward Snowden and whistleblower ethics.
https://thecyberwire.com/podcasts/caveat/140/notes
Global companies say supply chain partners expose them to ransomware
https://www.csoonline.com/article/3672155/global-companies-say-supply-chain-partners-expose-them-to-ransomware.html#tk.rss_all
Some Members of Conti Group Targeting Ukraine in Financially Motivated Attacks
https://thehackernews.com/2022/09/some-members-of-conti-group-targeting.html
TTPs Associated With a New Version of the BlackCat Ransomware
https://www.reddit.com/r/netsec/comments/x85xf5/ttps_associated_with_a_new_version_of_the/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Quickpost: Sun Drying Biodegradable Waste
As biodegradable waste contains a lot of water, I was wondering how much mass reduction I can achieve by exposing it to the sun (by evaporating some of the contained water). On a sunny day in March (Belgium), I weighed these fruit peels (I had just consumed…
Top Security News for 08/09/2022
ISC Stormcast For Thursday, September 8th, 2022 https://isc.sans.edu/podcastdetail.html?id=8164, (Thu, Sep 8th)
https://malware.news/t/isc-stormcast-for-thursday-september-8th-2022-https-isc-sans-edu-podcastdetail-html-id-8164-thu-sep-8th/63205/1
How to set up an Android for your kids
https://www.malwarebytes.com/blog/news/2022/09/how-to-set-up-an-android-for-your-kids
Los Angeles school district hit by ransomware. CISA and FBI issue a Joint Advisory on the Vice Society. Comment on the data incident at KeyBank.
https://thecyberwire.com/podcasts/privacy-briefing/663/notes
Authorities Shut Down WT1SHOP Site for Selling Stolen Credentials and Credit Cards
https://thehackernews.com/2022/09/authorities-shut-down-wt1shop-site-for.html
Go beyond compliance with Microsoft Purview
https://thecyberwire.com/podcasts/uncovering-hidden-risks/3/notes
Quickpost: Sun Drying Biodegradable Waste
https://malware.news/t/quickpost-sun-drying-biodegradable-waste/63201/1
Warning issued about Vice Society ransomware targeting the education sector
https://www.malwarebytes.com/blog/news/2022/09/authorities-issue-warning-about-vice-society-ransomware-targeting-the-education-sector
Cisco Releases Security Patches for New Vulnerabilities Impacting Multiple Products
https://thehackernews.com/2022/09/cisco-releases-security-patches-for-new.html
SharkFest'21 Wireshark Conference Playlist - hours of free netsec and network analysis content
https://www.reddit.com/r/netsec/comments/x8bdvv/sharkfest21_wireshark_conference_playlist_hours/
4 strategy game-changers for finding cybersecurity talent
https://www.csoonline.com/article/3672429/4-strategy-game-changers-for-finding-cybersecurity-talent.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Thursday, September 8th, 2022 https://isc.sans.edu/podcastdetail.html?id=8164, (Thu, Sep 8th)
https://malware.news/t/isc-stormcast-for-thursday-september-8th-2022-https-isc-sans-edu-podcastdetail-html-id-8164-thu-sep-8th/63205/1
How to set up an Android for your kids
https://www.malwarebytes.com/blog/news/2022/09/how-to-set-up-an-android-for-your-kids
Los Angeles school district hit by ransomware. CISA and FBI issue a Joint Advisory on the Vice Society. Comment on the data incident at KeyBank.
https://thecyberwire.com/podcasts/privacy-briefing/663/notes
Authorities Shut Down WT1SHOP Site for Selling Stolen Credentials and Credit Cards
https://thehackernews.com/2022/09/authorities-shut-down-wt1shop-site-for.html
Go beyond compliance with Microsoft Purview
https://thecyberwire.com/podcasts/uncovering-hidden-risks/3/notes
Quickpost: Sun Drying Biodegradable Waste
https://malware.news/t/quickpost-sun-drying-biodegradable-waste/63201/1
Warning issued about Vice Society ransomware targeting the education sector
https://www.malwarebytes.com/blog/news/2022/09/authorities-issue-warning-about-vice-society-ransomware-targeting-the-education-sector
Cisco Releases Security Patches for New Vulnerabilities Impacting Multiple Products
https://thehackernews.com/2022/09/cisco-releases-security-patches-for-new.html
SharkFest'21 Wireshark Conference Playlist - hours of free netsec and network analysis content
https://www.reddit.com/r/netsec/comments/x8bdvv/sharkfest21_wireshark_conference_playlist_hours/
4 strategy game-changers for finding cybersecurity talent
https://www.csoonline.com/article/3672429/4-strategy-game-changers-for-finding-cybersecurity-talent.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Thursday, September 8th, 2022 - SANS ISC
Top Security News for 09/09/2022
Monkey 365 is a plugin-based PowerShell module that can be used to review the security posture of your Microsoft cloud environment.
https://www.reddit.com/r/netsec/comments/x8thy3/monkey_365_is_a_pluginbased_powershell_module/
Quickpost: Dolmen du roc de l’Arca
https://malware.news/t/quickpost-dolmen-du-roc-de-l-arca/63242/1
Shopify Fails to Prevent Known Breached Passwords
https://thehackernews.com/2022/09/shopify-fails-to-prevent-known-breached.html
Microsoft investigates Iranian attacks against the Albanian government
https://www.microsoft.com/security/blog/2022/09/08/microsoft-investigates-iranian-attacks-against-the-albanian-government/
Ransomware review: August 2022
https://www.malwarebytes.com/blog/threat-intelligence/2022/09/ransomware-review-august-2022
Threat Source newsletter (Sept. 8, 2022) — Why there is no one-stop-shop solution for protecting passwords
https://malware.news/t/threat-source-newsletter-sept-8-2022-why-there-is-no-one-stop-shop-solution-for-protecting-passwords/63240/1
CISA adds 12 new flaws to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.co/wordpress/135491/security/cisa-known-exploited-vulnerabilities-catalog-flaws-2.html
Cisco will not fix the authentication bypass flaw in EoL routers
https://securityaffairs.co/wordpress/135464/security/cisco-security-flaws.html
Chinese and Iranian cyberespionage reported. Cybersecurity for SMBs. Conti's old playbook used against Ukraine. Telco resiliency.
https://thecyberwire.com/newsletters/daily-briefing/11/173
ISC Stormcast For Friday, September 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8166, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29030
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Monkey 365 is a plugin-based PowerShell module that can be used to review the security posture of your Microsoft cloud environment.
https://www.reddit.com/r/netsec/comments/x8thy3/monkey_365_is_a_pluginbased_powershell_module/
Quickpost: Dolmen du roc de l’Arca
https://malware.news/t/quickpost-dolmen-du-roc-de-l-arca/63242/1
Shopify Fails to Prevent Known Breached Passwords
https://thehackernews.com/2022/09/shopify-fails-to-prevent-known-breached.html
Microsoft investigates Iranian attacks against the Albanian government
https://www.microsoft.com/security/blog/2022/09/08/microsoft-investigates-iranian-attacks-against-the-albanian-government/
Ransomware review: August 2022
https://www.malwarebytes.com/blog/threat-intelligence/2022/09/ransomware-review-august-2022
Threat Source newsletter (Sept. 8, 2022) — Why there is no one-stop-shop solution for protecting passwords
https://malware.news/t/threat-source-newsletter-sept-8-2022-why-there-is-no-one-stop-shop-solution-for-protecting-passwords/63240/1
CISA adds 12 new flaws to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.co/wordpress/135491/security/cisa-known-exploited-vulnerabilities-catalog-flaws-2.html
Cisco will not fix the authentication bypass flaw in EoL routers
https://securityaffairs.co/wordpress/135464/security/cisco-security-flaws.html
Chinese and Iranian cyberespionage reported. Cybersecurity for SMBs. Conti's old playbook used against Ukraine. Telco resiliency.
https://thecyberwire.com/newsletters/daily-briefing/11/173
ISC Stormcast For Friday, September 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8166, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29030
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Monkey 365 is a plugin-based PowerShell module that can be used to...
Posted in r/netsec by u/sanitybit • 81 points and 8 comments
Top Security News for 09/09/2022
Australian Workers Are the Latest International Apple Staff to Unionise
https://www.vice.com/en_us/article/qjk3eb/australian-workers-union-apple-strike
Ransomware review: August 2022
https://www.malwarebytes.com/blog/threat-intelligence/2022/09/ransomware-review-august-2022
ISC Stormcast For Friday, September 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8166, (Fri, Sep 9th)
https://malware.news/t/isc-stormcast-for-friday-september-9th-2022-https-isc-sans-edu-podcastdetail-html-id-8166-fri-sep-9th/63244/1
ISC StormCast for Friday, September 9th, 2022
https://isc.sans.edu/podcastdetail.html?id=8166
How posting personal and business photos can be a security risk
https://www.csoonline.com/article/3672869/how-posting-personal-and-business-photos-can-be-a-security-risk.html#tk.rss_all
Exploiting Laravel based applications with leaked APP_KEYs and Queues
https://www.reddit.com/r/netsec/comments/x8utoj/exploiting_laravel_based_applications_with_leaked/
Bypass Credential Exfiltration Detection - Hacking The Cloud
https://www.reddit.com/r/netsec/comments/x920z9/bypass_credential_exfiltration_detection_hacking/
Chinese and Iranian cyberespionage reported. Cybersecurity for SMBs. Conti's old playbook used against Ukraine. Telco resiliency.
https://thecyberwire.com/newsletters/daily-briefing/11/173
ISC Stormcast For Friday, September 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8166, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29030
Chasing the Cyber 1%: How to Beat the Cybersecurity Poverty Line
https://securityintelligence.com/articles/rise-above-cybersecurity-poverty-line/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Australian Workers Are the Latest International Apple Staff to Unionise
https://www.vice.com/en_us/article/qjk3eb/australian-workers-union-apple-strike
Ransomware review: August 2022
https://www.malwarebytes.com/blog/threat-intelligence/2022/09/ransomware-review-august-2022
ISC Stormcast For Friday, September 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8166, (Fri, Sep 9th)
https://malware.news/t/isc-stormcast-for-friday-september-9th-2022-https-isc-sans-edu-podcastdetail-html-id-8166-fri-sep-9th/63244/1
ISC StormCast for Friday, September 9th, 2022
https://isc.sans.edu/podcastdetail.html?id=8166
How posting personal and business photos can be a security risk
https://www.csoonline.com/article/3672869/how-posting-personal-and-business-photos-can-be-a-security-risk.html#tk.rss_all
Exploiting Laravel based applications with leaked APP_KEYs and Queues
https://www.reddit.com/r/netsec/comments/x8utoj/exploiting_laravel_based_applications_with_leaked/
Bypass Credential Exfiltration Detection - Hacking The Cloud
https://www.reddit.com/r/netsec/comments/x920z9/bypass_credential_exfiltration_detection_hacking/
Chinese and Iranian cyberespionage reported. Cybersecurity for SMBs. Conti's old playbook used against Ukraine. Telco resiliency.
https://thecyberwire.com/newsletters/daily-briefing/11/173
ISC Stormcast For Friday, September 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8166, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29030
Chasing the Cyber 1%: How to Beat the Cybersecurity Poverty Line
https://securityintelligence.com/articles/rise-above-cybersecurity-poverty-line/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Vice
Australian Workers Are the Latest International Apple Staff to Unionise
Unionised Apple workers in Australia told VICE World News that they plan to protest poor pay by refusing to sell certain products or to work at all.
Top Security News for 10/09/2022
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29032
Comparing Operating Systems for Pen Testing
https://0x00sec.org/t/comparing-operating-systems-for-pen-testing/31125
The top challenge for your cloud security practice isn’t what you think
https://malware.news/t/the-top-challenge-for-your-cloud-security-practice-isn-t-what-you-think/63253/1
Fuzzing beyond memory corruption: Finding broader classes of vulnerabilities automatically
https://www.reddit.com/r/netsec/comments/x9r04m/fuzzing_beyond_memory_corruption_finding_broader/
The Art of Code
https://0x00sec.org/t/the-art-of-code/31137
Spotlight: Occlum open source software for Intel SGX
https://www.reddit.com/r/netsec/comments/x9z56o/spotlight_occlum_open_source_software_for_intel/
Experts warn of attacks exploiting zero-day in WordPress BackupBuddy plugin
https://securityaffairs.co/wordpress/135518/hacking/backupbuddy-wordpress-zero-day.html
Iran-linked DEV-0270 group abuses BitLocker to encrypt victims’ devices
https://securityaffairs.co/wordpress/135511/apt/dev-0270-abuses-bitlocker-attacks.html
These hackers used Log4Shell vulnerability to target US energy firms
https://malware.news/t/these-hackers-used-log4shell-vulnerability-to-target-us-energy-firms/63252/1
U.S. Sanctions Iran—Under New Treasury Rules—for Attack on Albania
https://malware.news/t/u-s-sanctions-iran-under-new-treasury-rules-for-attack-on-albania/63258/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29032
Comparing Operating Systems for Pen Testing
https://0x00sec.org/t/comparing-operating-systems-for-pen-testing/31125
The top challenge for your cloud security practice isn’t what you think
https://malware.news/t/the-top-challenge-for-your-cloud-security-practice-isn-t-what-you-think/63253/1
Fuzzing beyond memory corruption: Finding broader classes of vulnerabilities automatically
https://www.reddit.com/r/netsec/comments/x9r04m/fuzzing_beyond_memory_corruption_finding_broader/
The Art of Code
https://0x00sec.org/t/the-art-of-code/31137
Spotlight: Occlum open source software for Intel SGX
https://www.reddit.com/r/netsec/comments/x9z56o/spotlight_occlum_open_source_software_for_intel/
Experts warn of attacks exploiting zero-day in WordPress BackupBuddy plugin
https://securityaffairs.co/wordpress/135518/hacking/backupbuddy-wordpress-zero-day.html
Iran-linked DEV-0270 group abuses BitLocker to encrypt victims’ devices
https://securityaffairs.co/wordpress/135511/apt/dev-0270-abuses-bitlocker-attacks.html
These hackers used Log4Shell vulnerability to target US energy firms
https://malware.news/t/these-hackers-used-log4shell-vulnerability-to-target-us-energy-firms/63252/1
U.S. Sanctions Iran—Under New Treasury Rules—for Attack on Albania
https://malware.news/t/u-s-sanctions-iran-under-new-treasury-rules-for-attack-on-albania/63258/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
InfoSec Handlers Diary Blog - SANS Internet Storm Center
Internet Storm Center Diary 2022-10-07, Author: Johannes Ullrich
Top Security News for 10/09/2022
Threats to US elections. Lazarus Group targeting energy companies. Gaming-related threats.
https://thecyberwire.com/podcasts/daily-podcast/1659/notes
Ukraine at D+197: Lessons from the hybrid war.
https://thecyberwire.com/stories/d7a434583af04b1a84ab9d16bd966308/ukraine-at-d197
Comparing Operating Systems for Pen Testing
https://0x00sec.org/t/comparing-operating-systems-for-pen-testing/31125
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://malware.news/t/maldoc-with-decoy-base64-fri-sep-9th/63254/1
Steve Carter from Nucleus Security discusses his thoughts on AI in cybersecurity.
https://thecyberwire.com/podcasts/interview-selects/127/notes
Ransomware attack knocked a Kentucky city-operated ISP offline before holiday
https://malware.news/t/ransomware-attack-knocked-a-kentucky-city-operated-isp-offline-before-holiday/63255/1
6 Top API Security Risks! Favored Targets for Attackers If Left Unmanaged
https://thehackernews.com/2022/09/6-top-api-security-risks-favored.html
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29032
ESET Research uncovers new APT group Worok – Week in security with Tony Anscombe
https://malware.news/t/eset-research-uncovers-new-apt-group-worok-week-in-security-with-tony-anscombe/63260/1
How Simple Claims of Election Interference Can be Enough to Prompt Real-World Threats
https://malware.news/t/how-simple-claims-of-election-interference-can-be-enough-to-prompt-real-world-threats/63257/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Threats to US elections. Lazarus Group targeting energy companies. Gaming-related threats.
https://thecyberwire.com/podcasts/daily-podcast/1659/notes
Ukraine at D+197: Lessons from the hybrid war.
https://thecyberwire.com/stories/d7a434583af04b1a84ab9d16bd966308/ukraine-at-d197
Comparing Operating Systems for Pen Testing
https://0x00sec.org/t/comparing-operating-systems-for-pen-testing/31125
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://malware.news/t/maldoc-with-decoy-base64-fri-sep-9th/63254/1
Steve Carter from Nucleus Security discusses his thoughts on AI in cybersecurity.
https://thecyberwire.com/podcasts/interview-selects/127/notes
Ransomware attack knocked a Kentucky city-operated ISP offline before holiday
https://malware.news/t/ransomware-attack-knocked-a-kentucky-city-operated-isp-offline-before-holiday/63255/1
6 Top API Security Risks! Favored Targets for Attackers If Left Unmanaged
https://thehackernews.com/2022/09/6-top-api-security-risks-favored.html
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29032
ESET Research uncovers new APT group Worok – Week in security with Tony Anscombe
https://malware.news/t/eset-research-uncovers-new-apt-group-worok-week-in-security-with-tony-anscombe/63260/1
How Simple Claims of Election Interference Can be Enough to Prompt Real-World Threats
https://malware.news/t/how-simple-claims-of-election-interference-can-be-enough-to-prompt-real-world-threats/63257/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Threats to US elections. Lazarus Group targeting energy companies. Gaming-related threats.
Nation-states are expected to target the US midterm elections. North Korea’s Lazarus Group is targeting energy companies. The Ukraine’s Ministry of Digital Transformation on cyber lessons learned from Russia’s hybrid war against Ukraine. CISA flags twelve…
Top Security News for 11/09/2022
Mark Logan: March towards your goals. [CEO]
https://thecyberwire.com/podcasts/career-notes/116/notes
x86matthew - WriteProcessMemoryAPC - Write memory to a remote process using APC calls
https://www.reddit.com/r/netsec/comments/xau68m/x86matthew_writeprocessmemoryapc_write_memory_to/
XORCry - a simple python ransomware
https://0x00sec.org/t/xorcry-a-simple-python-ransomware/31148
IHG suffered a cyberattack that severely impacted its booking process
https://securityaffairs.co/wordpress/135572/hacking/ihg-suffered-cyberattack.html
Phishing Word Documents with Suspicious URL, (Sat, Sep 10th)
https://isc.sans.edu/diary/rss/29034
AmCache Revisited
https://malware.news/t/amcache-revisited/63261/1
Ransomware gangs switching to new intermittent encryption tactic
https://www.reddit.com/r/Malware/comments/xazsib/ransomware_gangs_switching_to_new_intermittent/
YouTube transparency report shows battle against misinformation
https://www.malwarebytes.com/blog/news/2022/09/youtubes-latest-transparency-report-shows-battle-in-misinformation-trenches
Cisco: Log4j vulnerability used to attack energy companies in Canada, US and Japan
https://malware.news/t/cisco-log4j-vulnerability-used-to-attack-energy-companies-in-canada-us-and-japan/63262/1
U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania
https://thehackernews.com/2022/09/us-imposes-new-sanctions-on-iran-over.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Mark Logan: March towards your goals. [CEO]
https://thecyberwire.com/podcasts/career-notes/116/notes
x86matthew - WriteProcessMemoryAPC - Write memory to a remote process using APC calls
https://www.reddit.com/r/netsec/comments/xau68m/x86matthew_writeprocessmemoryapc_write_memory_to/
XORCry - a simple python ransomware
https://0x00sec.org/t/xorcry-a-simple-python-ransomware/31148
IHG suffered a cyberattack that severely impacted its booking process
https://securityaffairs.co/wordpress/135572/hacking/ihg-suffered-cyberattack.html
Phishing Word Documents with Suspicious URL, (Sat, Sep 10th)
https://isc.sans.edu/diary/rss/29034
AmCache Revisited
https://malware.news/t/amcache-revisited/63261/1
Ransomware gangs switching to new intermittent encryption tactic
https://www.reddit.com/r/Malware/comments/xazsib/ransomware_gangs_switching_to_new_intermittent/
YouTube transparency report shows battle against misinformation
https://www.malwarebytes.com/blog/news/2022/09/youtubes-latest-transparency-report-shows-battle-in-misinformation-trenches
Cisco: Log4j vulnerability used to attack energy companies in Canada, US and Japan
https://malware.news/t/cisco-log4j-vulnerability-used-to-attack-energy-companies-in-canada-us-and-japan/63262/1
U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania
https://thehackernews.com/2022/09/us-imposes-new-sanctions-on-iran-over.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Mark Logan: March towards your goals. [CEO]
Mark Logan, CEO of One Identity, sits down to share his story, explaining how he fit into different roles growing up in different companies. Mark has nearly two decades of C-Suite experience at an array of different organizations, finally landing on his current…
Top Security News for 11/09/2022
Phishing Word Documents with Suspicious URL, (Sat, Sep 10th)
https://malware.news/t/phishing-word-documents-with-suspicious-url-sat-sep-10th/63263/1
Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents
https://thehackernews.com/2022/09/iranian-apt42-launched-over-30.html
Maldoc Analysis Video – Rehearsed & Unrehearsed
https://malware.news/t/maldoc-analysis-video-rehearsed-unrehearsed/63264/1
Mark Logan: March towards your goals. [CEO]
https://thecyberwire.com/podcasts/career-notes/116/notes
China-Linked BRONZE PRESIDENT APT targets Government officials worldwide
https://securityaffairs.co/wordpress/135557/apt/bronze-president-plugx-malware.html
x86matthew - WriteProcessMemoryAPC - Write memory to a remote process using APC calls
https://www.reddit.com/r/netsec/comments/xau68m/x86matthew_writeprocessmemoryapc_write_memory_to/
U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania
https://thehackernews.com/2022/09/us-imposes-new-sanctions-on-iran-over.html
Scammers live-streamed on YouTube a fake Apple crypto event
https://securityaffairs.co/wordpress/135549/cyber-crime/fake-apple-crypto-event-youtube.html
Ransomware gangs switching to new intermittent encryption tactic
https://www.reddit.com/r/Malware/comments/xazsib/ransomware_gangs_switching_to_new_intermittent/
XORCry - a simple python ransomware
https://0x00sec.org/t/xorcry-a-simple-python-ransomware/31148
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Phishing Word Documents with Suspicious URL, (Sat, Sep 10th)
https://malware.news/t/phishing-word-documents-with-suspicious-url-sat-sep-10th/63263/1
Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents
https://thehackernews.com/2022/09/iranian-apt42-launched-over-30.html
Maldoc Analysis Video – Rehearsed & Unrehearsed
https://malware.news/t/maldoc-analysis-video-rehearsed-unrehearsed/63264/1
Mark Logan: March towards your goals. [CEO]
https://thecyberwire.com/podcasts/career-notes/116/notes
China-Linked BRONZE PRESIDENT APT targets Government officials worldwide
https://securityaffairs.co/wordpress/135557/apt/bronze-president-plugx-malware.html
x86matthew - WriteProcessMemoryAPC - Write memory to a remote process using APC calls
https://www.reddit.com/r/netsec/comments/xau68m/x86matthew_writeprocessmemoryapc_write_memory_to/
U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania
https://thehackernews.com/2022/09/us-imposes-new-sanctions-on-iran-over.html
Scammers live-streamed on YouTube a fake Apple crypto event
https://securityaffairs.co/wordpress/135549/cyber-crime/fake-apple-crypto-event-youtube.html
Ransomware gangs switching to new intermittent encryption tactic
https://www.reddit.com/r/Malware/comments/xazsib/ransomware_gangs_switching_to_new_intermittent/
XORCry - a simple python ransomware
https://0x00sec.org/t/xorcry-a-simple-python-ransomware/31148
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Phishing Word Documents with Suspicious URL, (Sat, Sep 10th)
Got this word document this week that was quarantined as phishing by Defender (223341099.docx) with the Subject: Urgent Payment Issue. Using Didier malware analysis tools, I ran through the following checks to see what could be embedded in it that is likely…
Top Security News for 12/09/2022
Security compliance around the Hash Table.
https://thecyberwire.com/podcasts/cso-perspectives-public/60/notes
Best Bluetooth trackers of 2022: AirTag and alternatives
https://malware.news/t/best-bluetooth-trackers-of-2022-airtag-and-alternatives/63269/1
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://malware.news/t/isc-stormcast-for-monday-september-12th-2022-https-isc-sans-edu-podcastdetail-html-id-8168-mon-sep-12th/63268/1
How requests-ip-rotator for bypassing rate limiting got me 6th on the leaderboard for ipv4.games
https://www.reddit.com/r/netsec/comments/xbpm5z/how_requestsiprotator_for_bypassing_rate_limiting/
Thoughts on the use of NoVNC for phishing campaigns
https://www.reddit.com/r/netsec/comments/xbkvhz/thoughts_on_the_use_of_novnc_for_phishing/
Wireshark 3.6.8 and 4.0.0rc1 Released, (Sun, Sep 11th)
https://malware.news/t/wireshark-3-6-8-and-4-0-0rc1-released-sun-sep-11th/63265/1
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://isc.sans.edu/diary/rss/29038
The ransomware problem won't get better until we change one thing
https://malware.news/t/the-ransomware-problem-wont-get-better-until-we-change-one-thing/63266/1
"Pull Request Hijacking" - bypassing code review enforcement in GitHub
https://www.reddit.com/r/netsec/comments/xbntnh/pull_request_hijacking_bypassing_code_review/
The Anatomy of a Malicious Package
https://www.reddit.com/r/netsec/comments/xc28ms/the_anatomy_of_a_malicious_package/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security compliance around the Hash Table.
https://thecyberwire.com/podcasts/cso-perspectives-public/60/notes
Best Bluetooth trackers of 2022: AirTag and alternatives
https://malware.news/t/best-bluetooth-trackers-of-2022-airtag-and-alternatives/63269/1
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://malware.news/t/isc-stormcast-for-monday-september-12th-2022-https-isc-sans-edu-podcastdetail-html-id-8168-mon-sep-12th/63268/1
How requests-ip-rotator for bypassing rate limiting got me 6th on the leaderboard for ipv4.games
https://www.reddit.com/r/netsec/comments/xbpm5z/how_requestsiprotator_for_bypassing_rate_limiting/
Thoughts on the use of NoVNC for phishing campaigns
https://www.reddit.com/r/netsec/comments/xbkvhz/thoughts_on_the_use_of_novnc_for_phishing/
Wireshark 3.6.8 and 4.0.0rc1 Released, (Sun, Sep 11th)
https://malware.news/t/wireshark-3-6-8-and-4-0-0rc1-released-sun-sep-11th/63265/1
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://isc.sans.edu/diary/rss/29038
The ransomware problem won't get better until we change one thing
https://malware.news/t/the-ransomware-problem-wont-get-better-until-we-change-one-thing/63266/1
"Pull Request Hijacking" - bypassing code review enforcement in GitHub
https://www.reddit.com/r/netsec/comments/xbntnh/pull_request_hijacking_bypassing_code_review/
The Anatomy of a Malicious Package
https://www.reddit.com/r/netsec/comments/xc28ms/the_anatomy_of_a_malicious_package/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Security compliance around the Hash Table.
Security compliance and privacy compliance are cybersecurity first principle strategies. On the Hash Table, Tom Quinn of T. Rowe Price argues for why compliance is both good for business and good for security.
Top Security News for 12/09/2022
Thoughts on the use of NoVNC for phishing campaigns
https://www.reddit.com/r/netsec/comments/xbkvhz/thoughts_on_the_use_of_novnc_for_phishing/
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://isc.sans.edu/diary/rss/29038
The ransomware problem won't get better until we change one thing
https://malware.news/t/the-ransomware-problem-wont-get-better-until-we-change-one-thing/63266/1
"Pull Request Hijacking" - bypassing code review enforcement in GitHub
https://www.reddit.com/r/netsec/comments/xbntnh/pull_request_hijacking_bypassing_code_review/
Wireshark 3.6.8 and 4.0.0rc1 Released, (Sun, Sep 11th)
https://isc.sans.edu/diary/rss/29036
Security Affairs newsletter Round 383
https://securityaffairs.co/wordpress/135593/breaking-news/security-affairs-newsletter-round-383.html
The Rise of Cyber-mercenaries
https://www.reddit.com/r/Malware/comments/xc313j/the_rise_of_cybermercenaries/
Albania was hit by a new cyberattack and blames Iran
https://securityaffairs.co/wordpress/135602/cyber-warfare-2/albania-second-cyber-attack.html
The Anatomy of a Malicious Package
https://www.reddit.com/r/netsec/comments/xc28ms/the_anatomy_of_a_malicious_package/
Bayes Rule: A different way to think about cybersecurity risk.
https://thecyberwire.com/stories/e2f21a64266a4103a4b666590b59bd54/bayes-rule-a-different-way-to-think-about-cybersecurity-risk
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Thoughts on the use of NoVNC for phishing campaigns
https://www.reddit.com/r/netsec/comments/xbkvhz/thoughts_on_the_use_of_novnc_for_phishing/
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://isc.sans.edu/diary/rss/29038
The ransomware problem won't get better until we change one thing
https://malware.news/t/the-ransomware-problem-wont-get-better-until-we-change-one-thing/63266/1
"Pull Request Hijacking" - bypassing code review enforcement in GitHub
https://www.reddit.com/r/netsec/comments/xbntnh/pull_request_hijacking_bypassing_code_review/
Wireshark 3.6.8 and 4.0.0rc1 Released, (Sun, Sep 11th)
https://isc.sans.edu/diary/rss/29036
Security Affairs newsletter Round 383
https://securityaffairs.co/wordpress/135593/breaking-news/security-affairs-newsletter-round-383.html
The Rise of Cyber-mercenaries
https://www.reddit.com/r/Malware/comments/xc313j/the_rise_of_cybermercenaries/
Albania was hit by a new cyberattack and blames Iran
https://securityaffairs.co/wordpress/135602/cyber-warfare-2/albania-second-cyber-attack.html
The Anatomy of a Malicious Package
https://www.reddit.com/r/netsec/comments/xc28ms/the_anatomy_of_a_malicious_package/
Bayes Rule: A different way to think about cybersecurity risk.
https://thecyberwire.com/stories/e2f21a64266a4103a4b666590b59bd54/bayes-rule-a-different-way-to-think-about-cybersecurity-risk
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Thoughts on the use of NoVNC for phishing campaigns
Posted in r/netsec by u/gid0rah • 74 points and 0 comments
Top Security News for 13/09/2022
A GraphQL tale: What else is in there besides introspection?
https://0x00sec.org/t/a-graphql-tale-what-else-is-in-there-besides-introspection/31180
China Accuses NSA's TAO Unit of Hacking its Military Research University
https://thehackernews.com/2022/09/china-accuses-nsas-tao-unit-of-hacking.html
ISC StormCast for Tuesday, September 13th, 2022
https://isc.sans.edu/podcastdetail.html?id=8170
Redeye is a platform to cover all aspects of red team engagement (data management, red team operation management, etc.)
https://www.reddit.com/r/netsec/comments/xcejhm/redeye_is_a_platform_to_cover_all_aspects_of_red/
Cyberattacks and sanctions. Underworld notes. Update on the hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/175
Update on the Los Angeles Unified School District ransomware attack. Spyware update. Data breaches and ransomware.
https://thecyberwire.com/newsletters/privacy-briefing/4/175
Help Save Hackersploit!
https://0x00sec.org/t/help-save-hackersploit/31182
The MSP playbook on deciphering tech promises and shaping security culture
https://www.malwarebytes.com/blog/podcast/2022/09/the-msp-playbook-on-deciphering-tech-promises-and-shaping-security-culture-lock-and-code-s03e19
Pros and Cons of 5G
https://malware.news/t/pros-and-cons-of-5g/63303/1
The seventh way to call a JavaScript function without parentheses
https://www.reddit.com/r/netsec/comments/xckbt1/the_seventh_way_to_call_a_javascript_function/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
A GraphQL tale: What else is in there besides introspection?
https://0x00sec.org/t/a-graphql-tale-what-else-is-in-there-besides-introspection/31180
China Accuses NSA's TAO Unit of Hacking its Military Research University
https://thehackernews.com/2022/09/china-accuses-nsas-tao-unit-of-hacking.html
ISC StormCast for Tuesday, September 13th, 2022
https://isc.sans.edu/podcastdetail.html?id=8170
Redeye is a platform to cover all aspects of red team engagement (data management, red team operation management, etc.)
https://www.reddit.com/r/netsec/comments/xcejhm/redeye_is_a_platform_to_cover_all_aspects_of_red/
Cyberattacks and sanctions. Underworld notes. Update on the hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/175
Update on the Los Angeles Unified School District ransomware attack. Spyware update. Data breaches and ransomware.
https://thecyberwire.com/newsletters/privacy-briefing/4/175
Help Save Hackersploit!
https://0x00sec.org/t/help-save-hackersploit/31182
The MSP playbook on deciphering tech promises and shaping security culture
https://www.malwarebytes.com/blog/podcast/2022/09/the-msp-playbook-on-deciphering-tech-promises-and-shaping-security-culture-lock-and-code-s03e19
Pros and Cons of 5G
https://malware.news/t/pros-and-cons-of-5g/63303/1
The seventh way to call a JavaScript function without parentheses
https://www.reddit.com/r/netsec/comments/xckbt1/the_seventh_way_to_call_a_javascript_function/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
0x00sec - The Home of the Hacker
A GraphQL tale: What else is in there besides introspection?
TL;DR: Finding and extracting GraphQL endpoints / queries / mutations / data types (partially) without relying on introspection or fuzzing, from publicly available javascript files. Story time: A couple days ago I was hanging out on Reddit when I saw someone…
Top Security News for 14/09/2022
The magic about how modern OS boot
https://www.reddit.com/r/netsec/comments/xd3x3h/the_magic_about_how_modern_os_boot/
Watch the Taliban Crash a Black Hawk Helicopter in Afghanistan
https://www.vice.com/en_us/article/m7g9q3/watch-the-taliban-crash-a-black-hawk-helicopter-in-afghanistan
Cyberspies drop new infostealer malware on govt networks in Asia
https://www.reddit.com/r/Malware/comments/xdqf8k/cyberspies_drop_new_infostealer_malware_on_govt/
Pro-Russian Hacktivist Groups Target Ukraine Supporters
https://malware.news/t/pro-russian-hacktivist-groups-target-ukraine-supporters/63357/1
We’re Entering the Age of Unethical Voice Tech
https://securityintelligence.com/articles/entering-age-unethical-voice-tech-deepfakes/
BrandPost: Architecting the Zero Trust Enterprise: The Benefits of Adopting a Holistic Approach to Zero Trust
https://www.csoonline.com/article/3673371/architecting-the-zero-trust-enterprise-the-benefits-of-adopting-a-holistic-approach-to-zero-trust.html#tk.rss_all
BrandPost: How to Stop Ransomware
https://www.csoonline.com/article/3673099/how-to-stop-ransomware.html#tk.rss_all
BackupBuddy WordPress plugin vulnerable to exploitation, update now!
https://www.malwarebytes.com/blog/news/2022/09/backupbuddy-wordpress-plugin-vulnerable-to-exploitation-update-now
Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research
https://thehackernews.com/2022/09/iranian-hackers-target-high-value.html
Introducing CloudFox: Automating situational awareness for cloud penetration tests
https://www.reddit.com/r/netsec/comments/xd9r4q/introducing_cloudfox_automating_situational/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The magic about how modern OS boot
https://www.reddit.com/r/netsec/comments/xd3x3h/the_magic_about_how_modern_os_boot/
Watch the Taliban Crash a Black Hawk Helicopter in Afghanistan
https://www.vice.com/en_us/article/m7g9q3/watch-the-taliban-crash-a-black-hawk-helicopter-in-afghanistan
Cyberspies drop new infostealer malware on govt networks in Asia
https://www.reddit.com/r/Malware/comments/xdqf8k/cyberspies_drop_new_infostealer_malware_on_govt/
Pro-Russian Hacktivist Groups Target Ukraine Supporters
https://malware.news/t/pro-russian-hacktivist-groups-target-ukraine-supporters/63357/1
We’re Entering the Age of Unethical Voice Tech
https://securityintelligence.com/articles/entering-age-unethical-voice-tech-deepfakes/
BrandPost: Architecting the Zero Trust Enterprise: The Benefits of Adopting a Holistic Approach to Zero Trust
https://www.csoonline.com/article/3673371/architecting-the-zero-trust-enterprise-the-benefits-of-adopting-a-holistic-approach-to-zero-trust.html#tk.rss_all
BrandPost: How to Stop Ransomware
https://www.csoonline.com/article/3673099/how-to-stop-ransomware.html#tk.rss_all
BackupBuddy WordPress plugin vulnerable to exploitation, update now!
https://www.malwarebytes.com/blog/news/2022/09/backupbuddy-wordpress-plugin-vulnerable-to-exploitation-update-now
Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research
https://thehackernews.com/2022/09/iranian-hackers-target-high-value.html
Introducing CloudFox: Automating situational awareness for cloud penetration tests
https://www.reddit.com/r/netsec/comments/xd9r4q/introducing_cloudfox_automating_situational/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
The magic about how modern OS boot
Posted in r/netsec by u/hardenedvault • 0 points and 0 comments
Top Security News for 15/09/2022
Recommended security resources for Microsoft Active Directory
https://www.csoonline.com/article/3673098/recommended-security-resources-for-microsoft-active-directory.html#tk.rss_all
Viewndow and is it Malware
https://www.reddit.com/r/Malware/comments/xemuei/viewndow_and_is_it_malware/
CISA added 2 more security flaws to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.co/wordpress/135753/security/cisa-known-exploited-vulnerabilities-catalog-new-flaws.html
WPGateway WordPress plugin vulnerability could allow full site takeover
https://www.malwarebytes.com/blog/news/2022/09/wpgateway-wordpress-plugin-vulnerability-could-allow-full-site-takeover
Excess privilege in the cloud is a universal security problem, IBM says
https://www.csoonline.com/article/3673750/excess-privilege-in-the-cloud-is-a-universal-security-problem-ibm-says.html#tk.rss_all
Crooks are using lures related to Her Majesty Queen Elizabeth II in phishing attacks
https://securityaffairs.co/wordpress/135764/cyber-crime/queen-elizabeth-ii-phishing.html
ISC Stormcast For Thursday, September 15th, 2022 https://isc.sans.edu/podcastdetail.html?id=8174, (Thu, Sep 15th)
https://malware.news/t/isc-stormcast-for-thursday-september-15th-2022-https-isc-sans-edu-podcastdetail-html-id-8174-thu-sep-15th/63395/1
Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks
https://thehackernews.com/2022/09/lorenz-ransomware-exploit-mitel-voip.html
Attacking the Android kernel using the Qualcomm TrustZone
https://www.reddit.com/r/netsec/comments/xdxlfn/attacking_the_android_kernel_using_the_qualcomm/
Trends in cyber insurance claims.
https://thecyberwire.com/stories/a307f3295a1749f4a837c4b830cfb551/trends-in-cyber-insurance-claims
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Recommended security resources for Microsoft Active Directory
https://www.csoonline.com/article/3673098/recommended-security-resources-for-microsoft-active-directory.html#tk.rss_all
Viewndow and is it Malware
https://www.reddit.com/r/Malware/comments/xemuei/viewndow_and_is_it_malware/
CISA added 2 more security flaws to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.co/wordpress/135753/security/cisa-known-exploited-vulnerabilities-catalog-new-flaws.html
WPGateway WordPress plugin vulnerability could allow full site takeover
https://www.malwarebytes.com/blog/news/2022/09/wpgateway-wordpress-plugin-vulnerability-could-allow-full-site-takeover
Excess privilege in the cloud is a universal security problem, IBM says
https://www.csoonline.com/article/3673750/excess-privilege-in-the-cloud-is-a-universal-security-problem-ibm-says.html#tk.rss_all
Crooks are using lures related to Her Majesty Queen Elizabeth II in phishing attacks
https://securityaffairs.co/wordpress/135764/cyber-crime/queen-elizabeth-ii-phishing.html
ISC Stormcast For Thursday, September 15th, 2022 https://isc.sans.edu/podcastdetail.html?id=8174, (Thu, Sep 15th)
https://malware.news/t/isc-stormcast-for-thursday-september-15th-2022-https-isc-sans-edu-podcastdetail-html-id-8174-thu-sep-15th/63395/1
Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks
https://thehackernews.com/2022/09/lorenz-ransomware-exploit-mitel-voip.html
Attacking the Android kernel using the Qualcomm TrustZone
https://www.reddit.com/r/netsec/comments/xdxlfn/attacking_the_android_kernel_using_the_qualcomm/
Trends in cyber insurance claims.
https://thecyberwire.com/stories/a307f3295a1749f4a837c4b830cfb551/trends-in-cyber-insurance-claims
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO Online
Recommended security resources for Microsoft Active Directory
These resources will keep you up to date on how to best protect your Active Directory domains.
Top Security News for 16/09/2022
Russian Gamaredon Hackers Target Ukrainian Government Using Info-Stealing Malware
https://thehackernews.com/2022/09/russian-gamaredon-hackers-target.html
Undermining Microsoft Teams Security by Mining Tokens
https://www.reddit.com/r/netsec/comments/xfdkoh/undermining_microsoft_teams_security_by_mining/
ISC Stormcast For Friday, September 16th, 2022 https://isc.sans.edu/podcastdetail.html?id=8176, (Fri, Sep 16th)
https://isc.sans.edu/diary/rss/29054
The Blind Spots of BloodHound
https://www.reddit.com/r/netsec/comments/xezmco/the_blind_spots_of_bloodhound/
US government indicts Iranian nationals for ransomware and other cybercrimes
https://www.csoonline.com/article/3673970/us-government-indicts-iranian-nationals-for-ransomware-and-other-cybercrimes.html#tk.rss_all
Explained: Fuzzing for security
https://www.malwarebytes.com/blog/news/2022/09/explained-fuzzing-for-security
U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attacks
https://thehackernews.com/2022/09/us-charges-3-iranian-hackers-and.html
Vulnerable airliner Wi-Fi. Ransomware gang threatens to leak medical records. Update on the LAUSD incident.
https://thecyberwire.com/podcasts/privacy-briefing/669/notes
Test your team’s security readiness with the Gone Phishing Tournament
https://www.microsoft.com/security/blog/2022/09/15/test-your-teams-security-readiness-with-the-gone-phishing-tournament/
Here are the new security and privacy features of iOS 16
https://www.malwarebytes.com/blog/news/2022/09/here-are-the-new-security-and-privacy-features-of-ios-16
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Russian Gamaredon Hackers Target Ukrainian Government Using Info-Stealing Malware
https://thehackernews.com/2022/09/russian-gamaredon-hackers-target.html
Undermining Microsoft Teams Security by Mining Tokens
https://www.reddit.com/r/netsec/comments/xfdkoh/undermining_microsoft_teams_security_by_mining/
ISC Stormcast For Friday, September 16th, 2022 https://isc.sans.edu/podcastdetail.html?id=8176, (Fri, Sep 16th)
https://isc.sans.edu/diary/rss/29054
The Blind Spots of BloodHound
https://www.reddit.com/r/netsec/comments/xezmco/the_blind_spots_of_bloodhound/
US government indicts Iranian nationals for ransomware and other cybercrimes
https://www.csoonline.com/article/3673970/us-government-indicts-iranian-nationals-for-ransomware-and-other-cybercrimes.html#tk.rss_all
Explained: Fuzzing for security
https://www.malwarebytes.com/blog/news/2022/09/explained-fuzzing-for-security
U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attacks
https://thehackernews.com/2022/09/us-charges-3-iranian-hackers-and.html
Vulnerable airliner Wi-Fi. Ransomware gang threatens to leak medical records. Update on the LAUSD incident.
https://thecyberwire.com/podcasts/privacy-briefing/669/notes
Test your team’s security readiness with the Gone Phishing Tournament
https://www.microsoft.com/security/blog/2022/09/15/test-your-teams-security-readiness-with-the-gone-phishing-tournament/
Here are the new security and privacy features of iOS 16
https://www.malwarebytes.com/blog/news/2022/09/here-are-the-new-security-and-privacy-features-of-ios-16
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Undermining Microsoft Teams Security by Mining Tokens
Posted in r/netsec by u/flexibeast • 25 points and 9 comments