Top Security News for 07/09/2022
Dream Setup (Continued)
https://0x00sec.org/t/dream-setup-continued/31071
New EvilProxy Phishing Service Allowing Cybercriminals to Bypass 2-Factor Security
https://thehackernews.com/2022/09/new-evilproxy-phishing-service-allowing.html
IRS accidental data exposure. Samsung discloses data breach. Data breach sacks 49ers. Third-party data breach exposes KeyBank customer data.
https://thecyberwire.com/podcasts/privacy-briefing/662/notes
Vulnerability Analysis of CVE-2018-12613 – phpMyAdmin 4.8.1 Remote Code Execution
https://www.reddit.com/r/netsec/comments/x7eain/vulnerability_analysis_of_cve201812613_phpmyadmin/
Update: hex-to-bin.py Version 0.0.6
https://malware.news/t/update-hex-to-bin-py-version-0-0-6/63170/1
What Is Your Security Team Profile? Prevention, Detection, or Risk Management
https://thehackernews.com/2022/09/what-is-your-security-team-profile.html
How to turn security research into profit: a CL.0 case study
https://www.reddit.com/r/netsec/comments/x7anu0/how_to_turn_security_research_into_profit_a_cl0/
SharkFest'21 Wireshark Conference Playlist - hours of free netsec and network analysis content
https://www.reddit.com/r/netsec/comments/x7j0gb/sharkfest21_wireshark_conference_playlist_hours/
TA505 Group's TeslaGun In-Depth Analysis
https://www.reddit.com/r/netsec/comments/x76sts/ta505_groups_teslagun_indepth_analysis/
The Heartbleed bug: How a flaw in OpenSSL caused a security crisis
https://www.csoonline.com/article/3223203/the-heartbleed-bug-how-a-flaw-in-openssl-caused-a-security-crisis.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Dream Setup (Continued)
https://0x00sec.org/t/dream-setup-continued/31071
New EvilProxy Phishing Service Allowing Cybercriminals to Bypass 2-Factor Security
https://thehackernews.com/2022/09/new-evilproxy-phishing-service-allowing.html
IRS accidental data exposure. Samsung discloses data breach. Data breach sacks 49ers. Third-party data breach exposes KeyBank customer data.
https://thecyberwire.com/podcasts/privacy-briefing/662/notes
Vulnerability Analysis of CVE-2018-12613 – phpMyAdmin 4.8.1 Remote Code Execution
https://www.reddit.com/r/netsec/comments/x7eain/vulnerability_analysis_of_cve201812613_phpmyadmin/
Update: hex-to-bin.py Version 0.0.6
https://malware.news/t/update-hex-to-bin-py-version-0-0-6/63170/1
What Is Your Security Team Profile? Prevention, Detection, or Risk Management
https://thehackernews.com/2022/09/what-is-your-security-team-profile.html
How to turn security research into profit: a CL.0 case study
https://www.reddit.com/r/netsec/comments/x7anu0/how_to_turn_security_research_into_profit_a_cl0/
SharkFest'21 Wireshark Conference Playlist - hours of free netsec and network analysis content
https://www.reddit.com/r/netsec/comments/x7j0gb/sharkfest21_wireshark_conference_playlist_hours/
TA505 Group's TeslaGun In-Depth Analysis
https://www.reddit.com/r/netsec/comments/x76sts/ta505_groups_teslagun_indepth_analysis/
The Heartbleed bug: How a flaw in OpenSSL caused a security crisis
https://www.csoonline.com/article/3223203/the-heartbleed-bug-how-a-flaw-in-openssl-caused-a-security-crisis.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
0x00sec - The Home of the Hacker
Dream Setup (Continued)
Hello everyone, I thought that it would be fun to restart the dream setup conversation just for fun. Personally I would have a Inbox Zero gaming desk like this one. As well as three ASUS ROG Swift PG35VQ 35 Curved Monitors. I would also get a Apple Mac Pro…
Top Security News for 08/09/2022
Quickpost: Sun Drying Biodegradable Waste
https://malware.news/t/quickpost-sun-drying-biodegradable-waste/63201/1
ISC StormCast for Thursday, September 8th, 2022
https://isc.sans.edu/podcastdetail.html?id=8164
CIEM vs CWPP vs CSPM
https://malware.news/t/ciem-vs-cwpp-vs-cspm/63204/1
US lawmakers’ continued focus on TikTok as national security threat. NTSB lacks CISA-mandated vulnerability disclosure policy. US Army works to improve cybersecurity training.
https://thecyberwire.com/newsletters/policy-briefing/4/172
The Cost of a Data Breach for Government Agencies
https://securityintelligence.com/articles/cost-data-breach-government-agencies/
Albania attributes major cyberattack to Iran. TikTok denies breach. New Linux malware.
https://thecyberwire.com/podcasts/daily-podcast/1657/notes
Edward Snowden and whistleblower ethics.
https://thecyberwire.com/podcasts/caveat/140/notes
Global companies say supply chain partners expose them to ransomware
https://www.csoonline.com/article/3672155/global-companies-say-supply-chain-partners-expose-them-to-ransomware.html#tk.rss_all
Some Members of Conti Group Targeting Ukraine in Financially Motivated Attacks
https://thehackernews.com/2022/09/some-members-of-conti-group-targeting.html
TTPs Associated With a New Version of the BlackCat Ransomware
https://www.reddit.com/r/netsec/comments/x85xf5/ttps_associated_with_a_new_version_of_the/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Quickpost: Sun Drying Biodegradable Waste
https://malware.news/t/quickpost-sun-drying-biodegradable-waste/63201/1
ISC StormCast for Thursday, September 8th, 2022
https://isc.sans.edu/podcastdetail.html?id=8164
CIEM vs CWPP vs CSPM
https://malware.news/t/ciem-vs-cwpp-vs-cspm/63204/1
US lawmakers’ continued focus on TikTok as national security threat. NTSB lacks CISA-mandated vulnerability disclosure policy. US Army works to improve cybersecurity training.
https://thecyberwire.com/newsletters/policy-briefing/4/172
The Cost of a Data Breach for Government Agencies
https://securityintelligence.com/articles/cost-data-breach-government-agencies/
Albania attributes major cyberattack to Iran. TikTok denies breach. New Linux malware.
https://thecyberwire.com/podcasts/daily-podcast/1657/notes
Edward Snowden and whistleblower ethics.
https://thecyberwire.com/podcasts/caveat/140/notes
Global companies say supply chain partners expose them to ransomware
https://www.csoonline.com/article/3672155/global-companies-say-supply-chain-partners-expose-them-to-ransomware.html#tk.rss_all
Some Members of Conti Group Targeting Ukraine in Financially Motivated Attacks
https://thehackernews.com/2022/09/some-members-of-conti-group-targeting.html
TTPs Associated With a New Version of the BlackCat Ransomware
https://www.reddit.com/r/netsec/comments/x85xf5/ttps_associated_with_a_new_version_of_the/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Quickpost: Sun Drying Biodegradable Waste
As biodegradable waste contains a lot of water, I was wondering how much mass reduction I can achieve by exposing it to the sun (by evaporating some of the contained water). On a sunny day in March (Belgium), I weighed these fruit peels (I had just consumed…
Top Security News for 08/09/2022
ISC Stormcast For Thursday, September 8th, 2022 https://isc.sans.edu/podcastdetail.html?id=8164, (Thu, Sep 8th)
https://malware.news/t/isc-stormcast-for-thursday-september-8th-2022-https-isc-sans-edu-podcastdetail-html-id-8164-thu-sep-8th/63205/1
How to set up an Android for your kids
https://www.malwarebytes.com/blog/news/2022/09/how-to-set-up-an-android-for-your-kids
Los Angeles school district hit by ransomware. CISA and FBI issue a Joint Advisory on the Vice Society. Comment on the data incident at KeyBank.
https://thecyberwire.com/podcasts/privacy-briefing/663/notes
Authorities Shut Down WT1SHOP Site for Selling Stolen Credentials and Credit Cards
https://thehackernews.com/2022/09/authorities-shut-down-wt1shop-site-for.html
Go beyond compliance with Microsoft Purview
https://thecyberwire.com/podcasts/uncovering-hidden-risks/3/notes
Quickpost: Sun Drying Biodegradable Waste
https://malware.news/t/quickpost-sun-drying-biodegradable-waste/63201/1
Warning issued about Vice Society ransomware targeting the education sector
https://www.malwarebytes.com/blog/news/2022/09/authorities-issue-warning-about-vice-society-ransomware-targeting-the-education-sector
Cisco Releases Security Patches for New Vulnerabilities Impacting Multiple Products
https://thehackernews.com/2022/09/cisco-releases-security-patches-for-new.html
SharkFest'21 Wireshark Conference Playlist - hours of free netsec and network analysis content
https://www.reddit.com/r/netsec/comments/x8bdvv/sharkfest21_wireshark_conference_playlist_hours/
4 strategy game-changers for finding cybersecurity talent
https://www.csoonline.com/article/3672429/4-strategy-game-changers-for-finding-cybersecurity-talent.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Thursday, September 8th, 2022 https://isc.sans.edu/podcastdetail.html?id=8164, (Thu, Sep 8th)
https://malware.news/t/isc-stormcast-for-thursday-september-8th-2022-https-isc-sans-edu-podcastdetail-html-id-8164-thu-sep-8th/63205/1
How to set up an Android for your kids
https://www.malwarebytes.com/blog/news/2022/09/how-to-set-up-an-android-for-your-kids
Los Angeles school district hit by ransomware. CISA and FBI issue a Joint Advisory on the Vice Society. Comment on the data incident at KeyBank.
https://thecyberwire.com/podcasts/privacy-briefing/663/notes
Authorities Shut Down WT1SHOP Site for Selling Stolen Credentials and Credit Cards
https://thehackernews.com/2022/09/authorities-shut-down-wt1shop-site-for.html
Go beyond compliance with Microsoft Purview
https://thecyberwire.com/podcasts/uncovering-hidden-risks/3/notes
Quickpost: Sun Drying Biodegradable Waste
https://malware.news/t/quickpost-sun-drying-biodegradable-waste/63201/1
Warning issued about Vice Society ransomware targeting the education sector
https://www.malwarebytes.com/blog/news/2022/09/authorities-issue-warning-about-vice-society-ransomware-targeting-the-education-sector
Cisco Releases Security Patches for New Vulnerabilities Impacting Multiple Products
https://thehackernews.com/2022/09/cisco-releases-security-patches-for-new.html
SharkFest'21 Wireshark Conference Playlist - hours of free netsec and network analysis content
https://www.reddit.com/r/netsec/comments/x8bdvv/sharkfest21_wireshark_conference_playlist_hours/
4 strategy game-changers for finding cybersecurity talent
https://www.csoonline.com/article/3672429/4-strategy-game-changers-for-finding-cybersecurity-talent.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Thursday, September 8th, 2022 - SANS ISC
Top Security News for 09/09/2022
Monkey 365 is a plugin-based PowerShell module that can be used to review the security posture of your Microsoft cloud environment.
https://www.reddit.com/r/netsec/comments/x8thy3/monkey_365_is_a_pluginbased_powershell_module/
Quickpost: Dolmen du roc de l’Arca
https://malware.news/t/quickpost-dolmen-du-roc-de-l-arca/63242/1
Shopify Fails to Prevent Known Breached Passwords
https://thehackernews.com/2022/09/shopify-fails-to-prevent-known-breached.html
Microsoft investigates Iranian attacks against the Albanian government
https://www.microsoft.com/security/blog/2022/09/08/microsoft-investigates-iranian-attacks-against-the-albanian-government/
Ransomware review: August 2022
https://www.malwarebytes.com/blog/threat-intelligence/2022/09/ransomware-review-august-2022
Threat Source newsletter (Sept. 8, 2022) — Why there is no one-stop-shop solution for protecting passwords
https://malware.news/t/threat-source-newsletter-sept-8-2022-why-there-is-no-one-stop-shop-solution-for-protecting-passwords/63240/1
CISA adds 12 new flaws to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.co/wordpress/135491/security/cisa-known-exploited-vulnerabilities-catalog-flaws-2.html
Cisco will not fix the authentication bypass flaw in EoL routers
https://securityaffairs.co/wordpress/135464/security/cisco-security-flaws.html
Chinese and Iranian cyberespionage reported. Cybersecurity for SMBs. Conti's old playbook used against Ukraine. Telco resiliency.
https://thecyberwire.com/newsletters/daily-briefing/11/173
ISC Stormcast For Friday, September 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8166, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29030
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Monkey 365 is a plugin-based PowerShell module that can be used to review the security posture of your Microsoft cloud environment.
https://www.reddit.com/r/netsec/comments/x8thy3/monkey_365_is_a_pluginbased_powershell_module/
Quickpost: Dolmen du roc de l’Arca
https://malware.news/t/quickpost-dolmen-du-roc-de-l-arca/63242/1
Shopify Fails to Prevent Known Breached Passwords
https://thehackernews.com/2022/09/shopify-fails-to-prevent-known-breached.html
Microsoft investigates Iranian attacks against the Albanian government
https://www.microsoft.com/security/blog/2022/09/08/microsoft-investigates-iranian-attacks-against-the-albanian-government/
Ransomware review: August 2022
https://www.malwarebytes.com/blog/threat-intelligence/2022/09/ransomware-review-august-2022
Threat Source newsletter (Sept. 8, 2022) — Why there is no one-stop-shop solution for protecting passwords
https://malware.news/t/threat-source-newsletter-sept-8-2022-why-there-is-no-one-stop-shop-solution-for-protecting-passwords/63240/1
CISA adds 12 new flaws to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.co/wordpress/135491/security/cisa-known-exploited-vulnerabilities-catalog-flaws-2.html
Cisco will not fix the authentication bypass flaw in EoL routers
https://securityaffairs.co/wordpress/135464/security/cisco-security-flaws.html
Chinese and Iranian cyberespionage reported. Cybersecurity for SMBs. Conti's old playbook used against Ukraine. Telco resiliency.
https://thecyberwire.com/newsletters/daily-briefing/11/173
ISC Stormcast For Friday, September 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8166, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29030
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Monkey 365 is a plugin-based PowerShell module that can be used to...
Posted in r/netsec by u/sanitybit • 81 points and 8 comments
Top Security News for 09/09/2022
Australian Workers Are the Latest International Apple Staff to Unionise
https://www.vice.com/en_us/article/qjk3eb/australian-workers-union-apple-strike
Ransomware review: August 2022
https://www.malwarebytes.com/blog/threat-intelligence/2022/09/ransomware-review-august-2022
ISC Stormcast For Friday, September 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8166, (Fri, Sep 9th)
https://malware.news/t/isc-stormcast-for-friday-september-9th-2022-https-isc-sans-edu-podcastdetail-html-id-8166-fri-sep-9th/63244/1
ISC StormCast for Friday, September 9th, 2022
https://isc.sans.edu/podcastdetail.html?id=8166
How posting personal and business photos can be a security risk
https://www.csoonline.com/article/3672869/how-posting-personal-and-business-photos-can-be-a-security-risk.html#tk.rss_all
Exploiting Laravel based applications with leaked APP_KEYs and Queues
https://www.reddit.com/r/netsec/comments/x8utoj/exploiting_laravel_based_applications_with_leaked/
Bypass Credential Exfiltration Detection - Hacking The Cloud
https://www.reddit.com/r/netsec/comments/x920z9/bypass_credential_exfiltration_detection_hacking/
Chinese and Iranian cyberespionage reported. Cybersecurity for SMBs. Conti's old playbook used against Ukraine. Telco resiliency.
https://thecyberwire.com/newsletters/daily-briefing/11/173
ISC Stormcast For Friday, September 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8166, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29030
Chasing the Cyber 1%: How to Beat the Cybersecurity Poverty Line
https://securityintelligence.com/articles/rise-above-cybersecurity-poverty-line/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Australian Workers Are the Latest International Apple Staff to Unionise
https://www.vice.com/en_us/article/qjk3eb/australian-workers-union-apple-strike
Ransomware review: August 2022
https://www.malwarebytes.com/blog/threat-intelligence/2022/09/ransomware-review-august-2022
ISC Stormcast For Friday, September 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8166, (Fri, Sep 9th)
https://malware.news/t/isc-stormcast-for-friday-september-9th-2022-https-isc-sans-edu-podcastdetail-html-id-8166-fri-sep-9th/63244/1
ISC StormCast for Friday, September 9th, 2022
https://isc.sans.edu/podcastdetail.html?id=8166
How posting personal and business photos can be a security risk
https://www.csoonline.com/article/3672869/how-posting-personal-and-business-photos-can-be-a-security-risk.html#tk.rss_all
Exploiting Laravel based applications with leaked APP_KEYs and Queues
https://www.reddit.com/r/netsec/comments/x8utoj/exploiting_laravel_based_applications_with_leaked/
Bypass Credential Exfiltration Detection - Hacking The Cloud
https://www.reddit.com/r/netsec/comments/x920z9/bypass_credential_exfiltration_detection_hacking/
Chinese and Iranian cyberespionage reported. Cybersecurity for SMBs. Conti's old playbook used against Ukraine. Telco resiliency.
https://thecyberwire.com/newsletters/daily-briefing/11/173
ISC Stormcast For Friday, September 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8166, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29030
Chasing the Cyber 1%: How to Beat the Cybersecurity Poverty Line
https://securityintelligence.com/articles/rise-above-cybersecurity-poverty-line/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Vice
Australian Workers Are the Latest International Apple Staff to Unionise
Unionised Apple workers in Australia told VICE World News that they plan to protest poor pay by refusing to sell certain products or to work at all.
Top Security News for 10/09/2022
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29032
Comparing Operating Systems for Pen Testing
https://0x00sec.org/t/comparing-operating-systems-for-pen-testing/31125
The top challenge for your cloud security practice isn’t what you think
https://malware.news/t/the-top-challenge-for-your-cloud-security-practice-isn-t-what-you-think/63253/1
Fuzzing beyond memory corruption: Finding broader classes of vulnerabilities automatically
https://www.reddit.com/r/netsec/comments/x9r04m/fuzzing_beyond_memory_corruption_finding_broader/
The Art of Code
https://0x00sec.org/t/the-art-of-code/31137
Spotlight: Occlum open source software for Intel SGX
https://www.reddit.com/r/netsec/comments/x9z56o/spotlight_occlum_open_source_software_for_intel/
Experts warn of attacks exploiting zero-day in WordPress BackupBuddy plugin
https://securityaffairs.co/wordpress/135518/hacking/backupbuddy-wordpress-zero-day.html
Iran-linked DEV-0270 group abuses BitLocker to encrypt victims’ devices
https://securityaffairs.co/wordpress/135511/apt/dev-0270-abuses-bitlocker-attacks.html
These hackers used Log4Shell vulnerability to target US energy firms
https://malware.news/t/these-hackers-used-log4shell-vulnerability-to-target-us-energy-firms/63252/1
U.S. Sanctions Iran—Under New Treasury Rules—for Attack on Albania
https://malware.news/t/u-s-sanctions-iran-under-new-treasury-rules-for-attack-on-albania/63258/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29032
Comparing Operating Systems for Pen Testing
https://0x00sec.org/t/comparing-operating-systems-for-pen-testing/31125
The top challenge for your cloud security practice isn’t what you think
https://malware.news/t/the-top-challenge-for-your-cloud-security-practice-isn-t-what-you-think/63253/1
Fuzzing beyond memory corruption: Finding broader classes of vulnerabilities automatically
https://www.reddit.com/r/netsec/comments/x9r04m/fuzzing_beyond_memory_corruption_finding_broader/
The Art of Code
https://0x00sec.org/t/the-art-of-code/31137
Spotlight: Occlum open source software for Intel SGX
https://www.reddit.com/r/netsec/comments/x9z56o/spotlight_occlum_open_source_software_for_intel/
Experts warn of attacks exploiting zero-day in WordPress BackupBuddy plugin
https://securityaffairs.co/wordpress/135518/hacking/backupbuddy-wordpress-zero-day.html
Iran-linked DEV-0270 group abuses BitLocker to encrypt victims’ devices
https://securityaffairs.co/wordpress/135511/apt/dev-0270-abuses-bitlocker-attacks.html
These hackers used Log4Shell vulnerability to target US energy firms
https://malware.news/t/these-hackers-used-log4shell-vulnerability-to-target-us-energy-firms/63252/1
U.S. Sanctions Iran—Under New Treasury Rules—for Attack on Albania
https://malware.news/t/u-s-sanctions-iran-under-new-treasury-rules-for-attack-on-albania/63258/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
InfoSec Handlers Diary Blog - SANS Internet Storm Center
Internet Storm Center Diary 2022-10-07, Author: Johannes Ullrich
Top Security News for 10/09/2022
Threats to US elections. Lazarus Group targeting energy companies. Gaming-related threats.
https://thecyberwire.com/podcasts/daily-podcast/1659/notes
Ukraine at D+197: Lessons from the hybrid war.
https://thecyberwire.com/stories/d7a434583af04b1a84ab9d16bd966308/ukraine-at-d197
Comparing Operating Systems for Pen Testing
https://0x00sec.org/t/comparing-operating-systems-for-pen-testing/31125
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://malware.news/t/maldoc-with-decoy-base64-fri-sep-9th/63254/1
Steve Carter from Nucleus Security discusses his thoughts on AI in cybersecurity.
https://thecyberwire.com/podcasts/interview-selects/127/notes
Ransomware attack knocked a Kentucky city-operated ISP offline before holiday
https://malware.news/t/ransomware-attack-knocked-a-kentucky-city-operated-isp-offline-before-holiday/63255/1
6 Top API Security Risks! Favored Targets for Attackers If Left Unmanaged
https://thehackernews.com/2022/09/6-top-api-security-risks-favored.html
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29032
ESET Research uncovers new APT group Worok – Week in security with Tony Anscombe
https://malware.news/t/eset-research-uncovers-new-apt-group-worok-week-in-security-with-tony-anscombe/63260/1
How Simple Claims of Election Interference Can be Enough to Prompt Real-World Threats
https://malware.news/t/how-simple-claims-of-election-interference-can-be-enough-to-prompt-real-world-threats/63257/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Threats to US elections. Lazarus Group targeting energy companies. Gaming-related threats.
https://thecyberwire.com/podcasts/daily-podcast/1659/notes
Ukraine at D+197: Lessons from the hybrid war.
https://thecyberwire.com/stories/d7a434583af04b1a84ab9d16bd966308/ukraine-at-d197
Comparing Operating Systems for Pen Testing
https://0x00sec.org/t/comparing-operating-systems-for-pen-testing/31125
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://malware.news/t/maldoc-with-decoy-base64-fri-sep-9th/63254/1
Steve Carter from Nucleus Security discusses his thoughts on AI in cybersecurity.
https://thecyberwire.com/podcasts/interview-selects/127/notes
Ransomware attack knocked a Kentucky city-operated ISP offline before holiday
https://malware.news/t/ransomware-attack-knocked-a-kentucky-city-operated-isp-offline-before-holiday/63255/1
6 Top API Security Risks! Favored Targets for Attackers If Left Unmanaged
https://thehackernews.com/2022/09/6-top-api-security-risks-favored.html
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29032
ESET Research uncovers new APT group Worok – Week in security with Tony Anscombe
https://malware.news/t/eset-research-uncovers-new-apt-group-worok-week-in-security-with-tony-anscombe/63260/1
How Simple Claims of Election Interference Can be Enough to Prompt Real-World Threats
https://malware.news/t/how-simple-claims-of-election-interference-can-be-enough-to-prompt-real-world-threats/63257/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Threats to US elections. Lazarus Group targeting energy companies. Gaming-related threats.
Nation-states are expected to target the US midterm elections. North Korea’s Lazarus Group is targeting energy companies. The Ukraine’s Ministry of Digital Transformation on cyber lessons learned from Russia’s hybrid war against Ukraine. CISA flags twelve…
Top Security News for 11/09/2022
Mark Logan: March towards your goals. [CEO]
https://thecyberwire.com/podcasts/career-notes/116/notes
x86matthew - WriteProcessMemoryAPC - Write memory to a remote process using APC calls
https://www.reddit.com/r/netsec/comments/xau68m/x86matthew_writeprocessmemoryapc_write_memory_to/
XORCry - a simple python ransomware
https://0x00sec.org/t/xorcry-a-simple-python-ransomware/31148
IHG suffered a cyberattack that severely impacted its booking process
https://securityaffairs.co/wordpress/135572/hacking/ihg-suffered-cyberattack.html
Phishing Word Documents with Suspicious URL, (Sat, Sep 10th)
https://isc.sans.edu/diary/rss/29034
AmCache Revisited
https://malware.news/t/amcache-revisited/63261/1
Ransomware gangs switching to new intermittent encryption tactic
https://www.reddit.com/r/Malware/comments/xazsib/ransomware_gangs_switching_to_new_intermittent/
YouTube transparency report shows battle against misinformation
https://www.malwarebytes.com/blog/news/2022/09/youtubes-latest-transparency-report-shows-battle-in-misinformation-trenches
Cisco: Log4j vulnerability used to attack energy companies in Canada, US and Japan
https://malware.news/t/cisco-log4j-vulnerability-used-to-attack-energy-companies-in-canada-us-and-japan/63262/1
U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania
https://thehackernews.com/2022/09/us-imposes-new-sanctions-on-iran-over.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Mark Logan: March towards your goals. [CEO]
https://thecyberwire.com/podcasts/career-notes/116/notes
x86matthew - WriteProcessMemoryAPC - Write memory to a remote process using APC calls
https://www.reddit.com/r/netsec/comments/xau68m/x86matthew_writeprocessmemoryapc_write_memory_to/
XORCry - a simple python ransomware
https://0x00sec.org/t/xorcry-a-simple-python-ransomware/31148
IHG suffered a cyberattack that severely impacted its booking process
https://securityaffairs.co/wordpress/135572/hacking/ihg-suffered-cyberattack.html
Phishing Word Documents with Suspicious URL, (Sat, Sep 10th)
https://isc.sans.edu/diary/rss/29034
AmCache Revisited
https://malware.news/t/amcache-revisited/63261/1
Ransomware gangs switching to new intermittent encryption tactic
https://www.reddit.com/r/Malware/comments/xazsib/ransomware_gangs_switching_to_new_intermittent/
YouTube transparency report shows battle against misinformation
https://www.malwarebytes.com/blog/news/2022/09/youtubes-latest-transparency-report-shows-battle-in-misinformation-trenches
Cisco: Log4j vulnerability used to attack energy companies in Canada, US and Japan
https://malware.news/t/cisco-log4j-vulnerability-used-to-attack-energy-companies-in-canada-us-and-japan/63262/1
U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania
https://thehackernews.com/2022/09/us-imposes-new-sanctions-on-iran-over.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Mark Logan: March towards your goals. [CEO]
Mark Logan, CEO of One Identity, sits down to share his story, explaining how he fit into different roles growing up in different companies. Mark has nearly two decades of C-Suite experience at an array of different organizations, finally landing on his current…
Top Security News for 11/09/2022
Phishing Word Documents with Suspicious URL, (Sat, Sep 10th)
https://malware.news/t/phishing-word-documents-with-suspicious-url-sat-sep-10th/63263/1
Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents
https://thehackernews.com/2022/09/iranian-apt42-launched-over-30.html
Maldoc Analysis Video – Rehearsed & Unrehearsed
https://malware.news/t/maldoc-analysis-video-rehearsed-unrehearsed/63264/1
Mark Logan: March towards your goals. [CEO]
https://thecyberwire.com/podcasts/career-notes/116/notes
China-Linked BRONZE PRESIDENT APT targets Government officials worldwide
https://securityaffairs.co/wordpress/135557/apt/bronze-president-plugx-malware.html
x86matthew - WriteProcessMemoryAPC - Write memory to a remote process using APC calls
https://www.reddit.com/r/netsec/comments/xau68m/x86matthew_writeprocessmemoryapc_write_memory_to/
U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania
https://thehackernews.com/2022/09/us-imposes-new-sanctions-on-iran-over.html
Scammers live-streamed on YouTube a fake Apple crypto event
https://securityaffairs.co/wordpress/135549/cyber-crime/fake-apple-crypto-event-youtube.html
Ransomware gangs switching to new intermittent encryption tactic
https://www.reddit.com/r/Malware/comments/xazsib/ransomware_gangs_switching_to_new_intermittent/
XORCry - a simple python ransomware
https://0x00sec.org/t/xorcry-a-simple-python-ransomware/31148
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Phishing Word Documents with Suspicious URL, (Sat, Sep 10th)
https://malware.news/t/phishing-word-documents-with-suspicious-url-sat-sep-10th/63263/1
Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents
https://thehackernews.com/2022/09/iranian-apt42-launched-over-30.html
Maldoc Analysis Video – Rehearsed & Unrehearsed
https://malware.news/t/maldoc-analysis-video-rehearsed-unrehearsed/63264/1
Mark Logan: March towards your goals. [CEO]
https://thecyberwire.com/podcasts/career-notes/116/notes
China-Linked BRONZE PRESIDENT APT targets Government officials worldwide
https://securityaffairs.co/wordpress/135557/apt/bronze-president-plugx-malware.html
x86matthew - WriteProcessMemoryAPC - Write memory to a remote process using APC calls
https://www.reddit.com/r/netsec/comments/xau68m/x86matthew_writeprocessmemoryapc_write_memory_to/
U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania
https://thehackernews.com/2022/09/us-imposes-new-sanctions-on-iran-over.html
Scammers live-streamed on YouTube a fake Apple crypto event
https://securityaffairs.co/wordpress/135549/cyber-crime/fake-apple-crypto-event-youtube.html
Ransomware gangs switching to new intermittent encryption tactic
https://www.reddit.com/r/Malware/comments/xazsib/ransomware_gangs_switching_to_new_intermittent/
XORCry - a simple python ransomware
https://0x00sec.org/t/xorcry-a-simple-python-ransomware/31148
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Phishing Word Documents with Suspicious URL, (Sat, Sep 10th)
Got this word document this week that was quarantined as phishing by Defender (223341099.docx) with the Subject: Urgent Payment Issue. Using Didier malware analysis tools, I ran through the following checks to see what could be embedded in it that is likely…
Top Security News for 12/09/2022
Security compliance around the Hash Table.
https://thecyberwire.com/podcasts/cso-perspectives-public/60/notes
Best Bluetooth trackers of 2022: AirTag and alternatives
https://malware.news/t/best-bluetooth-trackers-of-2022-airtag-and-alternatives/63269/1
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://malware.news/t/isc-stormcast-for-monday-september-12th-2022-https-isc-sans-edu-podcastdetail-html-id-8168-mon-sep-12th/63268/1
How requests-ip-rotator for bypassing rate limiting got me 6th on the leaderboard for ipv4.games
https://www.reddit.com/r/netsec/comments/xbpm5z/how_requestsiprotator_for_bypassing_rate_limiting/
Thoughts on the use of NoVNC for phishing campaigns
https://www.reddit.com/r/netsec/comments/xbkvhz/thoughts_on_the_use_of_novnc_for_phishing/
Wireshark 3.6.8 and 4.0.0rc1 Released, (Sun, Sep 11th)
https://malware.news/t/wireshark-3-6-8-and-4-0-0rc1-released-sun-sep-11th/63265/1
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://isc.sans.edu/diary/rss/29038
The ransomware problem won't get better until we change one thing
https://malware.news/t/the-ransomware-problem-wont-get-better-until-we-change-one-thing/63266/1
"Pull Request Hijacking" - bypassing code review enforcement in GitHub
https://www.reddit.com/r/netsec/comments/xbntnh/pull_request_hijacking_bypassing_code_review/
The Anatomy of a Malicious Package
https://www.reddit.com/r/netsec/comments/xc28ms/the_anatomy_of_a_malicious_package/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security compliance around the Hash Table.
https://thecyberwire.com/podcasts/cso-perspectives-public/60/notes
Best Bluetooth trackers of 2022: AirTag and alternatives
https://malware.news/t/best-bluetooth-trackers-of-2022-airtag-and-alternatives/63269/1
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://malware.news/t/isc-stormcast-for-monday-september-12th-2022-https-isc-sans-edu-podcastdetail-html-id-8168-mon-sep-12th/63268/1
How requests-ip-rotator for bypassing rate limiting got me 6th on the leaderboard for ipv4.games
https://www.reddit.com/r/netsec/comments/xbpm5z/how_requestsiprotator_for_bypassing_rate_limiting/
Thoughts on the use of NoVNC for phishing campaigns
https://www.reddit.com/r/netsec/comments/xbkvhz/thoughts_on_the_use_of_novnc_for_phishing/
Wireshark 3.6.8 and 4.0.0rc1 Released, (Sun, Sep 11th)
https://malware.news/t/wireshark-3-6-8-and-4-0-0rc1-released-sun-sep-11th/63265/1
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://isc.sans.edu/diary/rss/29038
The ransomware problem won't get better until we change one thing
https://malware.news/t/the-ransomware-problem-wont-get-better-until-we-change-one-thing/63266/1
"Pull Request Hijacking" - bypassing code review enforcement in GitHub
https://www.reddit.com/r/netsec/comments/xbntnh/pull_request_hijacking_bypassing_code_review/
The Anatomy of a Malicious Package
https://www.reddit.com/r/netsec/comments/xc28ms/the_anatomy_of_a_malicious_package/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Security compliance around the Hash Table.
Security compliance and privacy compliance are cybersecurity first principle strategies. On the Hash Table, Tom Quinn of T. Rowe Price argues for why compliance is both good for business and good for security.
Top Security News for 12/09/2022
Thoughts on the use of NoVNC for phishing campaigns
https://www.reddit.com/r/netsec/comments/xbkvhz/thoughts_on_the_use_of_novnc_for_phishing/
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://isc.sans.edu/diary/rss/29038
The ransomware problem won't get better until we change one thing
https://malware.news/t/the-ransomware-problem-wont-get-better-until-we-change-one-thing/63266/1
"Pull Request Hijacking" - bypassing code review enforcement in GitHub
https://www.reddit.com/r/netsec/comments/xbntnh/pull_request_hijacking_bypassing_code_review/
Wireshark 3.6.8 and 4.0.0rc1 Released, (Sun, Sep 11th)
https://isc.sans.edu/diary/rss/29036
Security Affairs newsletter Round 383
https://securityaffairs.co/wordpress/135593/breaking-news/security-affairs-newsletter-round-383.html
The Rise of Cyber-mercenaries
https://www.reddit.com/r/Malware/comments/xc313j/the_rise_of_cybermercenaries/
Albania was hit by a new cyberattack and blames Iran
https://securityaffairs.co/wordpress/135602/cyber-warfare-2/albania-second-cyber-attack.html
The Anatomy of a Malicious Package
https://www.reddit.com/r/netsec/comments/xc28ms/the_anatomy_of_a_malicious_package/
Bayes Rule: A different way to think about cybersecurity risk.
https://thecyberwire.com/stories/e2f21a64266a4103a4b666590b59bd54/bayes-rule-a-different-way-to-think-about-cybersecurity-risk
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Thoughts on the use of NoVNC for phishing campaigns
https://www.reddit.com/r/netsec/comments/xbkvhz/thoughts_on_the_use_of_novnc_for_phishing/
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://isc.sans.edu/diary/rss/29038
The ransomware problem won't get better until we change one thing
https://malware.news/t/the-ransomware-problem-wont-get-better-until-we-change-one-thing/63266/1
"Pull Request Hijacking" - bypassing code review enforcement in GitHub
https://www.reddit.com/r/netsec/comments/xbntnh/pull_request_hijacking_bypassing_code_review/
Wireshark 3.6.8 and 4.0.0rc1 Released, (Sun, Sep 11th)
https://isc.sans.edu/diary/rss/29036
Security Affairs newsletter Round 383
https://securityaffairs.co/wordpress/135593/breaking-news/security-affairs-newsletter-round-383.html
The Rise of Cyber-mercenaries
https://www.reddit.com/r/Malware/comments/xc313j/the_rise_of_cybermercenaries/
Albania was hit by a new cyberattack and blames Iran
https://securityaffairs.co/wordpress/135602/cyber-warfare-2/albania-second-cyber-attack.html
The Anatomy of a Malicious Package
https://www.reddit.com/r/netsec/comments/xc28ms/the_anatomy_of_a_malicious_package/
Bayes Rule: A different way to think about cybersecurity risk.
https://thecyberwire.com/stories/e2f21a64266a4103a4b666590b59bd54/bayes-rule-a-different-way-to-think-about-cybersecurity-risk
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Thoughts on the use of NoVNC for phishing campaigns
Posted in r/netsec by u/gid0rah • 74 points and 0 comments
Top Security News for 13/09/2022
A GraphQL tale: What else is in there besides introspection?
https://0x00sec.org/t/a-graphql-tale-what-else-is-in-there-besides-introspection/31180
China Accuses NSA's TAO Unit of Hacking its Military Research University
https://thehackernews.com/2022/09/china-accuses-nsas-tao-unit-of-hacking.html
ISC StormCast for Tuesday, September 13th, 2022
https://isc.sans.edu/podcastdetail.html?id=8170
Redeye is a platform to cover all aspects of red team engagement (data management, red team operation management, etc.)
https://www.reddit.com/r/netsec/comments/xcejhm/redeye_is_a_platform_to_cover_all_aspects_of_red/
Cyberattacks and sanctions. Underworld notes. Update on the hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/175
Update on the Los Angeles Unified School District ransomware attack. Spyware update. Data breaches and ransomware.
https://thecyberwire.com/newsletters/privacy-briefing/4/175
Help Save Hackersploit!
https://0x00sec.org/t/help-save-hackersploit/31182
The MSP playbook on deciphering tech promises and shaping security culture
https://www.malwarebytes.com/blog/podcast/2022/09/the-msp-playbook-on-deciphering-tech-promises-and-shaping-security-culture-lock-and-code-s03e19
Pros and Cons of 5G
https://malware.news/t/pros-and-cons-of-5g/63303/1
The seventh way to call a JavaScript function without parentheses
https://www.reddit.com/r/netsec/comments/xckbt1/the_seventh_way_to_call_a_javascript_function/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
A GraphQL tale: What else is in there besides introspection?
https://0x00sec.org/t/a-graphql-tale-what-else-is-in-there-besides-introspection/31180
China Accuses NSA's TAO Unit of Hacking its Military Research University
https://thehackernews.com/2022/09/china-accuses-nsas-tao-unit-of-hacking.html
ISC StormCast for Tuesday, September 13th, 2022
https://isc.sans.edu/podcastdetail.html?id=8170
Redeye is a platform to cover all aspects of red team engagement (data management, red team operation management, etc.)
https://www.reddit.com/r/netsec/comments/xcejhm/redeye_is_a_platform_to_cover_all_aspects_of_red/
Cyberattacks and sanctions. Underworld notes. Update on the hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/175
Update on the Los Angeles Unified School District ransomware attack. Spyware update. Data breaches and ransomware.
https://thecyberwire.com/newsletters/privacy-briefing/4/175
Help Save Hackersploit!
https://0x00sec.org/t/help-save-hackersploit/31182
The MSP playbook on deciphering tech promises and shaping security culture
https://www.malwarebytes.com/blog/podcast/2022/09/the-msp-playbook-on-deciphering-tech-promises-and-shaping-security-culture-lock-and-code-s03e19
Pros and Cons of 5G
https://malware.news/t/pros-and-cons-of-5g/63303/1
The seventh way to call a JavaScript function without parentheses
https://www.reddit.com/r/netsec/comments/xckbt1/the_seventh_way_to_call_a_javascript_function/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
0x00sec - The Home of the Hacker
A GraphQL tale: What else is in there besides introspection?
TL;DR: Finding and extracting GraphQL endpoints / queries / mutations / data types (partially) without relying on introspection or fuzzing, from publicly available javascript files. Story time: A couple days ago I was hanging out on Reddit when I saw someone…
Top Security News for 14/09/2022
The magic about how modern OS boot
https://www.reddit.com/r/netsec/comments/xd3x3h/the_magic_about_how_modern_os_boot/
Watch the Taliban Crash a Black Hawk Helicopter in Afghanistan
https://www.vice.com/en_us/article/m7g9q3/watch-the-taliban-crash-a-black-hawk-helicopter-in-afghanistan
Cyberspies drop new infostealer malware on govt networks in Asia
https://www.reddit.com/r/Malware/comments/xdqf8k/cyberspies_drop_new_infostealer_malware_on_govt/
Pro-Russian Hacktivist Groups Target Ukraine Supporters
https://malware.news/t/pro-russian-hacktivist-groups-target-ukraine-supporters/63357/1
We’re Entering the Age of Unethical Voice Tech
https://securityintelligence.com/articles/entering-age-unethical-voice-tech-deepfakes/
BrandPost: Architecting the Zero Trust Enterprise: The Benefits of Adopting a Holistic Approach to Zero Trust
https://www.csoonline.com/article/3673371/architecting-the-zero-trust-enterprise-the-benefits-of-adopting-a-holistic-approach-to-zero-trust.html#tk.rss_all
BrandPost: How to Stop Ransomware
https://www.csoonline.com/article/3673099/how-to-stop-ransomware.html#tk.rss_all
BackupBuddy WordPress plugin vulnerable to exploitation, update now!
https://www.malwarebytes.com/blog/news/2022/09/backupbuddy-wordpress-plugin-vulnerable-to-exploitation-update-now
Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research
https://thehackernews.com/2022/09/iranian-hackers-target-high-value.html
Introducing CloudFox: Automating situational awareness for cloud penetration tests
https://www.reddit.com/r/netsec/comments/xd9r4q/introducing_cloudfox_automating_situational/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The magic about how modern OS boot
https://www.reddit.com/r/netsec/comments/xd3x3h/the_magic_about_how_modern_os_boot/
Watch the Taliban Crash a Black Hawk Helicopter in Afghanistan
https://www.vice.com/en_us/article/m7g9q3/watch-the-taliban-crash-a-black-hawk-helicopter-in-afghanistan
Cyberspies drop new infostealer malware on govt networks in Asia
https://www.reddit.com/r/Malware/comments/xdqf8k/cyberspies_drop_new_infostealer_malware_on_govt/
Pro-Russian Hacktivist Groups Target Ukraine Supporters
https://malware.news/t/pro-russian-hacktivist-groups-target-ukraine-supporters/63357/1
We’re Entering the Age of Unethical Voice Tech
https://securityintelligence.com/articles/entering-age-unethical-voice-tech-deepfakes/
BrandPost: Architecting the Zero Trust Enterprise: The Benefits of Adopting a Holistic Approach to Zero Trust
https://www.csoonline.com/article/3673371/architecting-the-zero-trust-enterprise-the-benefits-of-adopting-a-holistic-approach-to-zero-trust.html#tk.rss_all
BrandPost: How to Stop Ransomware
https://www.csoonline.com/article/3673099/how-to-stop-ransomware.html#tk.rss_all
BackupBuddy WordPress plugin vulnerable to exploitation, update now!
https://www.malwarebytes.com/blog/news/2022/09/backupbuddy-wordpress-plugin-vulnerable-to-exploitation-update-now
Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research
https://thehackernews.com/2022/09/iranian-hackers-target-high-value.html
Introducing CloudFox: Automating situational awareness for cloud penetration tests
https://www.reddit.com/r/netsec/comments/xd9r4q/introducing_cloudfox_automating_situational/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
The magic about how modern OS boot
Posted in r/netsec by u/hardenedvault • 0 points and 0 comments
Top Security News for 15/09/2022
Recommended security resources for Microsoft Active Directory
https://www.csoonline.com/article/3673098/recommended-security-resources-for-microsoft-active-directory.html#tk.rss_all
Viewndow and is it Malware
https://www.reddit.com/r/Malware/comments/xemuei/viewndow_and_is_it_malware/
CISA added 2 more security flaws to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.co/wordpress/135753/security/cisa-known-exploited-vulnerabilities-catalog-new-flaws.html
WPGateway WordPress plugin vulnerability could allow full site takeover
https://www.malwarebytes.com/blog/news/2022/09/wpgateway-wordpress-plugin-vulnerability-could-allow-full-site-takeover
Excess privilege in the cloud is a universal security problem, IBM says
https://www.csoonline.com/article/3673750/excess-privilege-in-the-cloud-is-a-universal-security-problem-ibm-says.html#tk.rss_all
Crooks are using lures related to Her Majesty Queen Elizabeth II in phishing attacks
https://securityaffairs.co/wordpress/135764/cyber-crime/queen-elizabeth-ii-phishing.html
ISC Stormcast For Thursday, September 15th, 2022 https://isc.sans.edu/podcastdetail.html?id=8174, (Thu, Sep 15th)
https://malware.news/t/isc-stormcast-for-thursday-september-15th-2022-https-isc-sans-edu-podcastdetail-html-id-8174-thu-sep-15th/63395/1
Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks
https://thehackernews.com/2022/09/lorenz-ransomware-exploit-mitel-voip.html
Attacking the Android kernel using the Qualcomm TrustZone
https://www.reddit.com/r/netsec/comments/xdxlfn/attacking_the_android_kernel_using_the_qualcomm/
Trends in cyber insurance claims.
https://thecyberwire.com/stories/a307f3295a1749f4a837c4b830cfb551/trends-in-cyber-insurance-claims
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Recommended security resources for Microsoft Active Directory
https://www.csoonline.com/article/3673098/recommended-security-resources-for-microsoft-active-directory.html#tk.rss_all
Viewndow and is it Malware
https://www.reddit.com/r/Malware/comments/xemuei/viewndow_and_is_it_malware/
CISA added 2 more security flaws to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.co/wordpress/135753/security/cisa-known-exploited-vulnerabilities-catalog-new-flaws.html
WPGateway WordPress plugin vulnerability could allow full site takeover
https://www.malwarebytes.com/blog/news/2022/09/wpgateway-wordpress-plugin-vulnerability-could-allow-full-site-takeover
Excess privilege in the cloud is a universal security problem, IBM says
https://www.csoonline.com/article/3673750/excess-privilege-in-the-cloud-is-a-universal-security-problem-ibm-says.html#tk.rss_all
Crooks are using lures related to Her Majesty Queen Elizabeth II in phishing attacks
https://securityaffairs.co/wordpress/135764/cyber-crime/queen-elizabeth-ii-phishing.html
ISC Stormcast For Thursday, September 15th, 2022 https://isc.sans.edu/podcastdetail.html?id=8174, (Thu, Sep 15th)
https://malware.news/t/isc-stormcast-for-thursday-september-15th-2022-https-isc-sans-edu-podcastdetail-html-id-8174-thu-sep-15th/63395/1
Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks
https://thehackernews.com/2022/09/lorenz-ransomware-exploit-mitel-voip.html
Attacking the Android kernel using the Qualcomm TrustZone
https://www.reddit.com/r/netsec/comments/xdxlfn/attacking_the_android_kernel_using_the_qualcomm/
Trends in cyber insurance claims.
https://thecyberwire.com/stories/a307f3295a1749f4a837c4b830cfb551/trends-in-cyber-insurance-claims
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO Online
Recommended security resources for Microsoft Active Directory
These resources will keep you up to date on how to best protect your Active Directory domains.
Top Security News for 16/09/2022
Russian Gamaredon Hackers Target Ukrainian Government Using Info-Stealing Malware
https://thehackernews.com/2022/09/russian-gamaredon-hackers-target.html
Undermining Microsoft Teams Security by Mining Tokens
https://www.reddit.com/r/netsec/comments/xfdkoh/undermining_microsoft_teams_security_by_mining/
ISC Stormcast For Friday, September 16th, 2022 https://isc.sans.edu/podcastdetail.html?id=8176, (Fri, Sep 16th)
https://isc.sans.edu/diary/rss/29054
The Blind Spots of BloodHound
https://www.reddit.com/r/netsec/comments/xezmco/the_blind_spots_of_bloodhound/
US government indicts Iranian nationals for ransomware and other cybercrimes
https://www.csoonline.com/article/3673970/us-government-indicts-iranian-nationals-for-ransomware-and-other-cybercrimes.html#tk.rss_all
Explained: Fuzzing for security
https://www.malwarebytes.com/blog/news/2022/09/explained-fuzzing-for-security
U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attacks
https://thehackernews.com/2022/09/us-charges-3-iranian-hackers-and.html
Vulnerable airliner Wi-Fi. Ransomware gang threatens to leak medical records. Update on the LAUSD incident.
https://thecyberwire.com/podcasts/privacy-briefing/669/notes
Test your team’s security readiness with the Gone Phishing Tournament
https://www.microsoft.com/security/blog/2022/09/15/test-your-teams-security-readiness-with-the-gone-phishing-tournament/
Here are the new security and privacy features of iOS 16
https://www.malwarebytes.com/blog/news/2022/09/here-are-the-new-security-and-privacy-features-of-ios-16
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Russian Gamaredon Hackers Target Ukrainian Government Using Info-Stealing Malware
https://thehackernews.com/2022/09/russian-gamaredon-hackers-target.html
Undermining Microsoft Teams Security by Mining Tokens
https://www.reddit.com/r/netsec/comments/xfdkoh/undermining_microsoft_teams_security_by_mining/
ISC Stormcast For Friday, September 16th, 2022 https://isc.sans.edu/podcastdetail.html?id=8176, (Fri, Sep 16th)
https://isc.sans.edu/diary/rss/29054
The Blind Spots of BloodHound
https://www.reddit.com/r/netsec/comments/xezmco/the_blind_spots_of_bloodhound/
US government indicts Iranian nationals for ransomware and other cybercrimes
https://www.csoonline.com/article/3673970/us-government-indicts-iranian-nationals-for-ransomware-and-other-cybercrimes.html#tk.rss_all
Explained: Fuzzing for security
https://www.malwarebytes.com/blog/news/2022/09/explained-fuzzing-for-security
U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attacks
https://thehackernews.com/2022/09/us-charges-3-iranian-hackers-and.html
Vulnerable airliner Wi-Fi. Ransomware gang threatens to leak medical records. Update on the LAUSD incident.
https://thecyberwire.com/podcasts/privacy-briefing/669/notes
Test your team’s security readiness with the Gone Phishing Tournament
https://www.microsoft.com/security/blog/2022/09/15/test-your-teams-security-readiness-with-the-gone-phishing-tournament/
Here are the new security and privacy features of iOS 16
https://www.malwarebytes.com/blog/news/2022/09/here-are-the-new-security-and-privacy-features-of-ios-16
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Undermining Microsoft Teams Security by Mining Tokens
Posted in r/netsec by u/flexibeast • 25 points and 9 comments
Top Security News for 17/09/2022
Staged Payloads from Kali Linux | PT Phone Home – DNS
https://www.reddit.com/r/netsec/comments/xfko5c/staged_payloads_from_kali_linux_pt_phone_home_dns/
Uber responding to “cybersecurity incident” following reports of significant data breach
https://www.csoonline.com/article/3673942/uber-responding-to-cybersecurity-incident-following-reports-of-significant-data-breach.html#tk.rss_all
Uber Hack – What we know so far
https://malware.news/t/uber-hack-what-we-know-so-far/63447/1
North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application
https://thehackernews.com/2022/09/north-korean-hackers-spreading.html
White House Announces $1B in Cyber Funding for State and Local Governments
https://malware.news/t/white-house-announces-1b-in-cyber-funding-for-state-and-local-governments/63450/1
How to Use a UTM Solution & Win Time, Money and Resources
https://thehackernews.com/2022/09/how-to-use-utm-solution-win-time-money.html
Hackers Had Access to LastPass's Development Systems for Four Days
https://thehackernews.com/2022/09/hackers-had-access-to-lastpasss.html
How Belarusian hacktivists are using digital tools to fight back
https://malware.news/t/how-belarusian-hacktivists-are-using-digital-tools-to-fight-back/63451/1
DHS to Spend Almost $700,000 Investigating ‘Radicalization in Gaming’
https://www.vice.com/en_us/article/4ax4n3/dhs-to-spend-almost-dollar700000-investigating-radicalization-in-gaming
Restricted Access to Abortion Is a Threat to National Security, Study Finds
https://www.vice.com/en_us/article/5d353d/restricted-access-to-abortion-is-a-threat-to-national-security-study-finds
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Staged Payloads from Kali Linux | PT Phone Home – DNS
https://www.reddit.com/r/netsec/comments/xfko5c/staged_payloads_from_kali_linux_pt_phone_home_dns/
Uber responding to “cybersecurity incident” following reports of significant data breach
https://www.csoonline.com/article/3673942/uber-responding-to-cybersecurity-incident-following-reports-of-significant-data-breach.html#tk.rss_all
Uber Hack – What we know so far
https://malware.news/t/uber-hack-what-we-know-so-far/63447/1
North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application
https://thehackernews.com/2022/09/north-korean-hackers-spreading.html
White House Announces $1B in Cyber Funding for State and Local Governments
https://malware.news/t/white-house-announces-1b-in-cyber-funding-for-state-and-local-governments/63450/1
How to Use a UTM Solution & Win Time, Money and Resources
https://thehackernews.com/2022/09/how-to-use-utm-solution-win-time-money.html
Hackers Had Access to LastPass's Development Systems for Four Days
https://thehackernews.com/2022/09/hackers-had-access-to-lastpasss.html
How Belarusian hacktivists are using digital tools to fight back
https://malware.news/t/how-belarusian-hacktivists-are-using-digital-tools-to-fight-back/63451/1
DHS to Spend Almost $700,000 Investigating ‘Radicalization in Gaming’
https://www.vice.com/en_us/article/4ax4n3/dhs-to-spend-almost-dollar700000-investigating-radicalization-in-gaming
Restricted Access to Abortion Is a Threat to National Security, Study Finds
https://www.vice.com/en_us/article/5d353d/restricted-access-to-abortion-is-a-threat-to-national-security-study-finds
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Staged Payloads from Kali Linux | PT Phone Home – DNS
Posted in r/netsec by u/sanitybit • 2 points and 0 comments
Top Security News for 17/09/2022
API security—and even visibility—isn’t getting handled by enterprises
https://www.csoonline.com/article/3673974/api-securityand-even-visibilityisnt-getting-handled-by-enterprises.html#tk.rss_all
North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application
https://thehackernews.com/2022/09/north-korean-hackers-spreading.html
Restricted Access to Abortion Is a Threat to National Security, Study Finds
https://www.vice.com/en_us/article/5d353d/restricted-access-to-abortion-is-a-threat-to-national-security-study-finds
HPE security advisory (AV22-521)
https://malware.news/t/hpe-security-advisory-av22-521/63448/1
Trojanized Versions Of PuTTY Being Used To Spread Backdoor
https://packetstormsecurity.com/news/view/33849/Trojanized-Versions-Of-PuTTY-Being-Used-To-Spread-Backdoor.html
Diana Kelley, CSO & Co-founder of Cybrize to discuss the need for innovation and entrepreneurship in cybersecurity.
https://thecyberwire.com/podcasts/interview-selects/128/notes
DHS to Spend Almost $700,000 Investigating ‘Radicalization in Gaming’
https://www.vice.com/en_us/article/4ax4n3/dhs-to-spend-almost-dollar700000-investigating-radicalization-in-gaming
cloudvelo: An experimental Velociraptor implementation using cloud infrastructure
https://www.reddit.com/r/netsec/comments/xg0ocl/cloudvelo_an_experimental_velociraptor/
Uber hacked, internal systems and confidential documents were allegedly compromised
https://securityaffairs.co/wordpress/135811/data-breach/uber-hacked-systems-allegedly-compromised.html
How Belarusian hacktivists are using digital tools to fight back
https://malware.news/t/how-belarusian-hacktivists-are-using-digital-tools-to-fight-back/63451/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
API security—and even visibility—isn’t getting handled by enterprises
https://www.csoonline.com/article/3673974/api-securityand-even-visibilityisnt-getting-handled-by-enterprises.html#tk.rss_all
North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application
https://thehackernews.com/2022/09/north-korean-hackers-spreading.html
Restricted Access to Abortion Is a Threat to National Security, Study Finds
https://www.vice.com/en_us/article/5d353d/restricted-access-to-abortion-is-a-threat-to-national-security-study-finds
HPE security advisory (AV22-521)
https://malware.news/t/hpe-security-advisory-av22-521/63448/1
Trojanized Versions Of PuTTY Being Used To Spread Backdoor
https://packetstormsecurity.com/news/view/33849/Trojanized-Versions-Of-PuTTY-Being-Used-To-Spread-Backdoor.html
Diana Kelley, CSO & Co-founder of Cybrize to discuss the need for innovation and entrepreneurship in cybersecurity.
https://thecyberwire.com/podcasts/interview-selects/128/notes
DHS to Spend Almost $700,000 Investigating ‘Radicalization in Gaming’
https://www.vice.com/en_us/article/4ax4n3/dhs-to-spend-almost-dollar700000-investigating-radicalization-in-gaming
cloudvelo: An experimental Velociraptor implementation using cloud infrastructure
https://www.reddit.com/r/netsec/comments/xg0ocl/cloudvelo_an_experimental_velociraptor/
Uber hacked, internal systems and confidential documents were allegedly compromised
https://securityaffairs.co/wordpress/135811/data-breach/uber-hacked-systems-allegedly-compromised.html
How Belarusian hacktivists are using digital tools to fight back
https://malware.news/t/how-belarusian-hacktivists-are-using-digital-tools-to-fight-back/63451/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO Online
API security—and even visibility—isn’t getting handled by enterprises
A new survey highlights the widespread nature of API security incidents and the lack of full inventories of potentially dangerous APIs.
Top Security News for 18/09/2022
3 ways MDR can drive business growth for MSPs
https://www.malwarebytes.com/blog/business/2022/09/3-ways-mdr-can-drive-business-growth-for-msps
Video: Analyzing Obfuscated VBS with CyberChef, (Sat, Sep 17th)
https://isc.sans.edu/diary/rss/29058
EU moves to protect journalists from spyware
https://malware.news/t/eu-moves-to-protect-journalists-from-spyware/63455/1
LLVM Passes for Security: A Brief Introduction (Part 1/4)
https://www.reddit.com/r/netsec/comments/xgxs7q/llvm_passes_for_security_a_brief_introduction/
requests-ip-rotator: A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
https://www.reddit.com/r/netsec/comments/xh40q2/requestsiprotator_a_python_library_to_utilize_aws/
Virtual FIDO is a virtual USB device that implements the FIDO2/U2F protocol (like a YubiKey) in order to support 2FA and WebAuthN.
https://www.reddit.com/r/netsec/comments/xh3bae/virtual_fido_is_a_virtual_usb_device_that/
Lockbit’s bounty: consequences matter
https://diablohorn.com/2022/09/18/lockbits-bounty-consequences-matter/
Security Affairs newsletter Round 384
https://securityaffairs.co/wordpress/135877/breaking-news/security-affairs-newsletter-round-384.html
Uber Claims No Sensitive Data Exposed in Latest Breach… But There's More to This
https://thehackernews.com/2022/09/uber-claims-no-sensitive-data-exposed.html
Jaya Baloo: Don't be afraid to bounce ideas off your teammates. [CISO]
https://thecyberwire.com/podcasts/career-notes/117/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
3 ways MDR can drive business growth for MSPs
https://www.malwarebytes.com/blog/business/2022/09/3-ways-mdr-can-drive-business-growth-for-msps
Video: Analyzing Obfuscated VBS with CyberChef, (Sat, Sep 17th)
https://isc.sans.edu/diary/rss/29058
EU moves to protect journalists from spyware
https://malware.news/t/eu-moves-to-protect-journalists-from-spyware/63455/1
LLVM Passes for Security: A Brief Introduction (Part 1/4)
https://www.reddit.com/r/netsec/comments/xgxs7q/llvm_passes_for_security_a_brief_introduction/
requests-ip-rotator: A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
https://www.reddit.com/r/netsec/comments/xh40q2/requestsiprotator_a_python_library_to_utilize_aws/
Virtual FIDO is a virtual USB device that implements the FIDO2/U2F protocol (like a YubiKey) in order to support 2FA and WebAuthN.
https://www.reddit.com/r/netsec/comments/xh3bae/virtual_fido_is_a_virtual_usb_device_that/
Lockbit’s bounty: consequences matter
https://diablohorn.com/2022/09/18/lockbits-bounty-consequences-matter/
Security Affairs newsletter Round 384
https://securityaffairs.co/wordpress/135877/breaking-news/security-affairs-newsletter-round-384.html
Uber Claims No Sensitive Data Exposed in Latest Breach… But There's More to This
https://thehackernews.com/2022/09/uber-claims-no-sensitive-data-exposed.html
Jaya Baloo: Don't be afraid to bounce ideas off your teammates. [CISO]
https://thecyberwire.com/podcasts/career-notes/117/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
3 ways MDR can drive business growth for MSPs
With the rising demand for Managed Detection and Response (MDR), MSPs are in position to grow their business in several ways. In this post, we’ll look at three ways MDR can drive business growth for MSPs.
Top Security News for 19/09/2022
Preventing ISO Malware , (Sun, Sep 18th)
https://malware.news/t/preventing-iso-malware-sun-sep-18th/63459/1
Update: strings.py Version 0.0.8
https://malware.news/t/update-strings-py-version-0-0-8/63458/1
Uber says there is no evidence that users’ private information was compromised
https://securityaffairs.co/wordpress/135876/data-breach/uber-data-breach-update.html
Fake google drive desktop malware started a Google Ads campaign.
https://www.reddit.com/r/Malware/comments/xhbzmi/fake_google_drive_desktop_malware_started_a/
ISC Stormcast For Monday, September 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8178, (Mon, Sep 19th)
https://malware.news/t/isc-stormcast-for-monday-september-19th-2022-https-isc-sans-edu-podcastdetail-html-id-8178-mon-sep-19th/63460/1
ISC StormCast for Monday, September 19th, 2022
https://isc.sans.edu/podcastdetail.html?id=8178
Risk Forecasting with Bayes Rule: A practical example.
https://thecyberwire.com/stories/3cf992726ebd489db4a45529f0ba1bc5/risk-forecasting-with-bayes-rule-a-practical-example
Netgear Routers impacted by FunJSQ Game Acceleration Module flaw
https://securityaffairs.co/wordpress/135887/security/netgear-game-acceleration-module-flaw.html
TeamTNT is back and targets servers to run Bitcoin encryption solvers
https://securityaffairs.co/wordpress/135911/cyber-crime/teamtnt-is-back-encryption-solvers.html
Developments in the case of the Uber breach.
https://thecyberwire.com/stories/ac8a9e6a20584c7bb8cfc7434d6d001e/developments-in-the-case-of-the-uber-breach
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Preventing ISO Malware , (Sun, Sep 18th)
https://malware.news/t/preventing-iso-malware-sun-sep-18th/63459/1
Update: strings.py Version 0.0.8
https://malware.news/t/update-strings-py-version-0-0-8/63458/1
Uber says there is no evidence that users’ private information was compromised
https://securityaffairs.co/wordpress/135876/data-breach/uber-data-breach-update.html
Fake google drive desktop malware started a Google Ads campaign.
https://www.reddit.com/r/Malware/comments/xhbzmi/fake_google_drive_desktop_malware_started_a/
ISC Stormcast For Monday, September 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8178, (Mon, Sep 19th)
https://malware.news/t/isc-stormcast-for-monday-september-19th-2022-https-isc-sans-edu-podcastdetail-html-id-8178-mon-sep-19th/63460/1
ISC StormCast for Monday, September 19th, 2022
https://isc.sans.edu/podcastdetail.html?id=8178
Risk Forecasting with Bayes Rule: A practical example.
https://thecyberwire.com/stories/3cf992726ebd489db4a45529f0ba1bc5/risk-forecasting-with-bayes-rule-a-practical-example
Netgear Routers impacted by FunJSQ Game Acceleration Module flaw
https://securityaffairs.co/wordpress/135887/security/netgear-game-acceleration-module-flaw.html
TeamTNT is back and targets servers to run Bitcoin encryption solvers
https://securityaffairs.co/wordpress/135911/cyber-crime/teamtnt-is-back-encryption-solvers.html
Developments in the case of the Uber breach.
https://thecyberwire.com/stories/ac8a9e6a20584c7bb8cfc7434d6d001e/developments-in-the-case-of-the-uber-breach
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Preventing ISO Malware , (Sun, Sep 18th)
In the last few weeks, I’ve seen a significant uptick in systems infected with Chromeloader malware. This malware is a malicious extension for your browser, redirecting it to ad sites and hijacking searches. But with the success of this technique recently…
Top Security News for 20/09/2022
GTA 6 source code and videos leaked after Rockstar Games hack
https://www.reddit.com/r/netsec/comments/xi4ls7/gta_6_source_code_and_videos_leaked_after/
Collaboration is key to balance customer experience with security, privacy
https://www.csoonline.com/article/3673943/collaboration-is-key-to-balance-customer-experience-with-security-privacy.html#tk.rss_all
Deconstructing Florian's Bicycle
https://malware.news/t/deconstructing-florians-bicycle/63490/1
Tentative attribution in the Uber breach.
https://thecyberwire.com/stories/fc212676e8e34ca18d77680a7c46b043/tentative-attribution-in-the-uber-breach
A week in security (September 12 – 18)
https://www.malwarebytes.com/blog/news/2022/09/a-week-in-security-september-12--18
ISC Stormcast For Tuesday, September 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8180, (Tue, Sep 20th)
https://malware.news/t/isc-stormcast-for-tuesday-september-20th-2022-https-isc-sans-edu-podcastdetail-html-id-8180-tue-sep-20th/63491/1
International cooperation is key to fighting threat actors and cybercrime
https://www.csoonline.com/article/3673748/international-cooperation-is-key-to-fighting-threat-actors-and-cybercrime.html#tk.rss_all
The new DOJ Law Enforcement Crypto Reports (TL;DR)
https://malware.news/t/the-new-doj-law-enforcement-crypto-reports-tl-dr/63495/1
Microsoft Teams' GIFShell Attack: What Is It and How You Can Protect Yourself from It
https://thehackernews.com/2022/09/microsoft-teams-gifshell-attack-what-is.html
Amazon Driver Fired for Posting Photo of Customer’s Dildo to Reddit
https://www.vice.com/en_us/article/epzabm/amazon-driver-fired-for-posting-photo-of-customers-dildo-to-reddit
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
GTA 6 source code and videos leaked after Rockstar Games hack
https://www.reddit.com/r/netsec/comments/xi4ls7/gta_6_source_code_and_videos_leaked_after/
Collaboration is key to balance customer experience with security, privacy
https://www.csoonline.com/article/3673943/collaboration-is-key-to-balance-customer-experience-with-security-privacy.html#tk.rss_all
Deconstructing Florian's Bicycle
https://malware.news/t/deconstructing-florians-bicycle/63490/1
Tentative attribution in the Uber breach.
https://thecyberwire.com/stories/fc212676e8e34ca18d77680a7c46b043/tentative-attribution-in-the-uber-breach
A week in security (September 12 – 18)
https://www.malwarebytes.com/blog/news/2022/09/a-week-in-security-september-12--18
ISC Stormcast For Tuesday, September 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8180, (Tue, Sep 20th)
https://malware.news/t/isc-stormcast-for-tuesday-september-20th-2022-https-isc-sans-edu-podcastdetail-html-id-8180-tue-sep-20th/63491/1
International cooperation is key to fighting threat actors and cybercrime
https://www.csoonline.com/article/3673748/international-cooperation-is-key-to-fighting-threat-actors-and-cybercrime.html#tk.rss_all
The new DOJ Law Enforcement Crypto Reports (TL;DR)
https://malware.news/t/the-new-doj-law-enforcement-crypto-reports-tl-dr/63495/1
Microsoft Teams' GIFShell Attack: What Is It and How You Can Protect Yourself from It
https://thehackernews.com/2022/09/microsoft-teams-gifshell-attack-what-is.html
Amazon Driver Fired for Posting Photo of Customer’s Dildo to Reddit
https://www.vice.com/en_us/article/epzabm/amazon-driver-fired-for-posting-photo-of-customers-dildo-to-reddit
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
GTA 6 source code and videos leaked after Rockstar Games hack
Posted in r/netsec by u/CyberMasterV • 181 points and 24 comments
Top Security News for 21/09/2022
Major movements in US digital asset guidance. Cybersecurity in the “Giant of Africa.” Does Japan need a cyber ministry?
https://thecyberwire.com/newsletters/policy-briefing/4/181
ISC StormCast for Wednesday, September 21st, 2022
https://isc.sans.edu/podcastdetail.html?id=8182
kubernetes-sec-alert: Track Kubernetes CVEs by native GitHub notifications!
https://www.reddit.com/r/netsec/comments/xh8fr6/kubernetessecalert_track_kubernetes_cves_by/
Phishing Campaigns Use Free Online Resources, (Wed, Sep 21st)
https://malware.news/t/phishing-campaigns-use-free-online-resources-wed-sep-21st/63535/1
Grand Theft Auto 6 suffers grand theft
https://www.malwarebytes.com/blog/news/2022/09/grand-theft-auto-6-suffers-grand-theft
CISA, Claroty highlight severe vulnerabilities in popular power distribution unit product
https://malware.news/t/cisa-claroty-highlight-severe-vulnerabilities-in-popular-power-distribution-unit-product/63531/1
ASEC Weekly Malware Statistics (September 5th, 2022 – September 11th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-september-5th-2022-september-11th-2022/63532/1
Phishing Campaigns Use Free Online Resources, (Wed, Sep 21st)
https://isc.sans.edu/diary/rss/29074
Palo Alto adds software composition analysis to Prisma Cloud to boost open-source security
https://www.csoonline.com/article/3673901/palo-alto-adds-software-composition-analysis-to-prisma-cloud-to-boost-open-source-security.html#tk.rss_all
Most common SAP vulnerabilities attackers try to exploit
https://www.csoonline.com/article/3674119/most-common-sap-vulnerabilities-attackers-try-to-exploit.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Major movements in US digital asset guidance. Cybersecurity in the “Giant of Africa.” Does Japan need a cyber ministry?
https://thecyberwire.com/newsletters/policy-briefing/4/181
ISC StormCast for Wednesday, September 21st, 2022
https://isc.sans.edu/podcastdetail.html?id=8182
kubernetes-sec-alert: Track Kubernetes CVEs by native GitHub notifications!
https://www.reddit.com/r/netsec/comments/xh8fr6/kubernetessecalert_track_kubernetes_cves_by/
Phishing Campaigns Use Free Online Resources, (Wed, Sep 21st)
https://malware.news/t/phishing-campaigns-use-free-online-resources-wed-sep-21st/63535/1
Grand Theft Auto 6 suffers grand theft
https://www.malwarebytes.com/blog/news/2022/09/grand-theft-auto-6-suffers-grand-theft
CISA, Claroty highlight severe vulnerabilities in popular power distribution unit product
https://malware.news/t/cisa-claroty-highlight-severe-vulnerabilities-in-popular-power-distribution-unit-product/63531/1
ASEC Weekly Malware Statistics (September 5th, 2022 – September 11th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-september-5th-2022-september-11th-2022/63532/1
Phishing Campaigns Use Free Online Resources, (Wed, Sep 21st)
https://isc.sans.edu/diary/rss/29074
Palo Alto adds software composition analysis to Prisma Cloud to boost open-source security
https://www.csoonline.com/article/3673901/palo-alto-adds-software-composition-analysis-to-prisma-cloud-to-boost-open-source-security.html#tk.rss_all
Most common SAP vulnerabilities attackers try to exploit
https://www.csoonline.com/article/3674119/most-common-sap-vulnerabilities-attackers-try-to-exploit.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Major movements in US digital asset guidance. Cybersecurity in the “Giant of Africa.” Does Japan need a cyber ministry?