Top Security News for 10/09/2022
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29032
Comparing Operating Systems for Pen Testing
https://0x00sec.org/t/comparing-operating-systems-for-pen-testing/31125
The top challenge for your cloud security practice isn’t what you think
https://malware.news/t/the-top-challenge-for-your-cloud-security-practice-isn-t-what-you-think/63253/1
Fuzzing beyond memory corruption: Finding broader classes of vulnerabilities automatically
https://www.reddit.com/r/netsec/comments/x9r04m/fuzzing_beyond_memory_corruption_finding_broader/
The Art of Code
https://0x00sec.org/t/the-art-of-code/31137
Spotlight: Occlum open source software for Intel SGX
https://www.reddit.com/r/netsec/comments/x9z56o/spotlight_occlum_open_source_software_for_intel/
Experts warn of attacks exploiting zero-day in WordPress BackupBuddy plugin
https://securityaffairs.co/wordpress/135518/hacking/backupbuddy-wordpress-zero-day.html
Iran-linked DEV-0270 group abuses BitLocker to encrypt victims’ devices
https://securityaffairs.co/wordpress/135511/apt/dev-0270-abuses-bitlocker-attacks.html
These hackers used Log4Shell vulnerability to target US energy firms
https://malware.news/t/these-hackers-used-log4shell-vulnerability-to-target-us-energy-firms/63252/1
U.S. Sanctions Iran—Under New Treasury Rules—for Attack on Albania
https://malware.news/t/u-s-sanctions-iran-under-new-treasury-rules-for-attack-on-albania/63258/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29032
Comparing Operating Systems for Pen Testing
https://0x00sec.org/t/comparing-operating-systems-for-pen-testing/31125
The top challenge for your cloud security practice isn’t what you think
https://malware.news/t/the-top-challenge-for-your-cloud-security-practice-isn-t-what-you-think/63253/1
Fuzzing beyond memory corruption: Finding broader classes of vulnerabilities automatically
https://www.reddit.com/r/netsec/comments/x9r04m/fuzzing_beyond_memory_corruption_finding_broader/
The Art of Code
https://0x00sec.org/t/the-art-of-code/31137
Spotlight: Occlum open source software for Intel SGX
https://www.reddit.com/r/netsec/comments/x9z56o/spotlight_occlum_open_source_software_for_intel/
Experts warn of attacks exploiting zero-day in WordPress BackupBuddy plugin
https://securityaffairs.co/wordpress/135518/hacking/backupbuddy-wordpress-zero-day.html
Iran-linked DEV-0270 group abuses BitLocker to encrypt victims’ devices
https://securityaffairs.co/wordpress/135511/apt/dev-0270-abuses-bitlocker-attacks.html
These hackers used Log4Shell vulnerability to target US energy firms
https://malware.news/t/these-hackers-used-log4shell-vulnerability-to-target-us-energy-firms/63252/1
U.S. Sanctions Iran—Under New Treasury Rules—for Attack on Albania
https://malware.news/t/u-s-sanctions-iran-under-new-treasury-rules-for-attack-on-albania/63258/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
InfoSec Handlers Diary Blog - SANS Internet Storm Center
Internet Storm Center Diary 2022-10-07, Author: Johannes Ullrich
Top Security News for 10/09/2022
Threats to US elections. Lazarus Group targeting energy companies. Gaming-related threats.
https://thecyberwire.com/podcasts/daily-podcast/1659/notes
Ukraine at D+197: Lessons from the hybrid war.
https://thecyberwire.com/stories/d7a434583af04b1a84ab9d16bd966308/ukraine-at-d197
Comparing Operating Systems for Pen Testing
https://0x00sec.org/t/comparing-operating-systems-for-pen-testing/31125
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://malware.news/t/maldoc-with-decoy-base64-fri-sep-9th/63254/1
Steve Carter from Nucleus Security discusses his thoughts on AI in cybersecurity.
https://thecyberwire.com/podcasts/interview-selects/127/notes
Ransomware attack knocked a Kentucky city-operated ISP offline before holiday
https://malware.news/t/ransomware-attack-knocked-a-kentucky-city-operated-isp-offline-before-holiday/63255/1
6 Top API Security Risks! Favored Targets for Attackers If Left Unmanaged
https://thehackernews.com/2022/09/6-top-api-security-risks-favored.html
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29032
ESET Research uncovers new APT group Worok – Week in security with Tony Anscombe
https://malware.news/t/eset-research-uncovers-new-apt-group-worok-week-in-security-with-tony-anscombe/63260/1
How Simple Claims of Election Interference Can be Enough to Prompt Real-World Threats
https://malware.news/t/how-simple-claims-of-election-interference-can-be-enough-to-prompt-real-world-threats/63257/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Threats to US elections. Lazarus Group targeting energy companies. Gaming-related threats.
https://thecyberwire.com/podcasts/daily-podcast/1659/notes
Ukraine at D+197: Lessons from the hybrid war.
https://thecyberwire.com/stories/d7a434583af04b1a84ab9d16bd966308/ukraine-at-d197
Comparing Operating Systems for Pen Testing
https://0x00sec.org/t/comparing-operating-systems-for-pen-testing/31125
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://malware.news/t/maldoc-with-decoy-base64-fri-sep-9th/63254/1
Steve Carter from Nucleus Security discusses his thoughts on AI in cybersecurity.
https://thecyberwire.com/podcasts/interview-selects/127/notes
Ransomware attack knocked a Kentucky city-operated ISP offline before holiday
https://malware.news/t/ransomware-attack-knocked-a-kentucky-city-operated-isp-offline-before-holiday/63255/1
6 Top API Security Risks! Favored Targets for Attackers If Left Unmanaged
https://thehackernews.com/2022/09/6-top-api-security-risks-favored.html
Maldoc With Decoy BASE64, (Fri, Sep 9th)
https://isc.sans.edu/diary/rss/29032
ESET Research uncovers new APT group Worok – Week in security with Tony Anscombe
https://malware.news/t/eset-research-uncovers-new-apt-group-worok-week-in-security-with-tony-anscombe/63260/1
How Simple Claims of Election Interference Can be Enough to Prompt Real-World Threats
https://malware.news/t/how-simple-claims-of-election-interference-can-be-enough-to-prompt-real-world-threats/63257/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Threats to US elections. Lazarus Group targeting energy companies. Gaming-related threats.
Nation-states are expected to target the US midterm elections. North Korea’s Lazarus Group is targeting energy companies. The Ukraine’s Ministry of Digital Transformation on cyber lessons learned from Russia’s hybrid war against Ukraine. CISA flags twelve…
Top Security News for 11/09/2022
Mark Logan: March towards your goals. [CEO]
https://thecyberwire.com/podcasts/career-notes/116/notes
x86matthew - WriteProcessMemoryAPC - Write memory to a remote process using APC calls
https://www.reddit.com/r/netsec/comments/xau68m/x86matthew_writeprocessmemoryapc_write_memory_to/
XORCry - a simple python ransomware
https://0x00sec.org/t/xorcry-a-simple-python-ransomware/31148
IHG suffered a cyberattack that severely impacted its booking process
https://securityaffairs.co/wordpress/135572/hacking/ihg-suffered-cyberattack.html
Phishing Word Documents with Suspicious URL, (Sat, Sep 10th)
https://isc.sans.edu/diary/rss/29034
AmCache Revisited
https://malware.news/t/amcache-revisited/63261/1
Ransomware gangs switching to new intermittent encryption tactic
https://www.reddit.com/r/Malware/comments/xazsib/ransomware_gangs_switching_to_new_intermittent/
YouTube transparency report shows battle against misinformation
https://www.malwarebytes.com/blog/news/2022/09/youtubes-latest-transparency-report-shows-battle-in-misinformation-trenches
Cisco: Log4j vulnerability used to attack energy companies in Canada, US and Japan
https://malware.news/t/cisco-log4j-vulnerability-used-to-attack-energy-companies-in-canada-us-and-japan/63262/1
U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania
https://thehackernews.com/2022/09/us-imposes-new-sanctions-on-iran-over.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Mark Logan: March towards your goals. [CEO]
https://thecyberwire.com/podcasts/career-notes/116/notes
x86matthew - WriteProcessMemoryAPC - Write memory to a remote process using APC calls
https://www.reddit.com/r/netsec/comments/xau68m/x86matthew_writeprocessmemoryapc_write_memory_to/
XORCry - a simple python ransomware
https://0x00sec.org/t/xorcry-a-simple-python-ransomware/31148
IHG suffered a cyberattack that severely impacted its booking process
https://securityaffairs.co/wordpress/135572/hacking/ihg-suffered-cyberattack.html
Phishing Word Documents with Suspicious URL, (Sat, Sep 10th)
https://isc.sans.edu/diary/rss/29034
AmCache Revisited
https://malware.news/t/amcache-revisited/63261/1
Ransomware gangs switching to new intermittent encryption tactic
https://www.reddit.com/r/Malware/comments/xazsib/ransomware_gangs_switching_to_new_intermittent/
YouTube transparency report shows battle against misinformation
https://www.malwarebytes.com/blog/news/2022/09/youtubes-latest-transparency-report-shows-battle-in-misinformation-trenches
Cisco: Log4j vulnerability used to attack energy companies in Canada, US and Japan
https://malware.news/t/cisco-log4j-vulnerability-used-to-attack-energy-companies-in-canada-us-and-japan/63262/1
U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania
https://thehackernews.com/2022/09/us-imposes-new-sanctions-on-iran-over.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Mark Logan: March towards your goals. [CEO]
Mark Logan, CEO of One Identity, sits down to share his story, explaining how he fit into different roles growing up in different companies. Mark has nearly two decades of C-Suite experience at an array of different organizations, finally landing on his current…
Top Security News for 11/09/2022
Phishing Word Documents with Suspicious URL, (Sat, Sep 10th)
https://malware.news/t/phishing-word-documents-with-suspicious-url-sat-sep-10th/63263/1
Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents
https://thehackernews.com/2022/09/iranian-apt42-launched-over-30.html
Maldoc Analysis Video – Rehearsed & Unrehearsed
https://malware.news/t/maldoc-analysis-video-rehearsed-unrehearsed/63264/1
Mark Logan: March towards your goals. [CEO]
https://thecyberwire.com/podcasts/career-notes/116/notes
China-Linked BRONZE PRESIDENT APT targets Government officials worldwide
https://securityaffairs.co/wordpress/135557/apt/bronze-president-plugx-malware.html
x86matthew - WriteProcessMemoryAPC - Write memory to a remote process using APC calls
https://www.reddit.com/r/netsec/comments/xau68m/x86matthew_writeprocessmemoryapc_write_memory_to/
U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania
https://thehackernews.com/2022/09/us-imposes-new-sanctions-on-iran-over.html
Scammers live-streamed on YouTube a fake Apple crypto event
https://securityaffairs.co/wordpress/135549/cyber-crime/fake-apple-crypto-event-youtube.html
Ransomware gangs switching to new intermittent encryption tactic
https://www.reddit.com/r/Malware/comments/xazsib/ransomware_gangs_switching_to_new_intermittent/
XORCry - a simple python ransomware
https://0x00sec.org/t/xorcry-a-simple-python-ransomware/31148
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Phishing Word Documents with Suspicious URL, (Sat, Sep 10th)
https://malware.news/t/phishing-word-documents-with-suspicious-url-sat-sep-10th/63263/1
Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents
https://thehackernews.com/2022/09/iranian-apt42-launched-over-30.html
Maldoc Analysis Video – Rehearsed & Unrehearsed
https://malware.news/t/maldoc-analysis-video-rehearsed-unrehearsed/63264/1
Mark Logan: March towards your goals. [CEO]
https://thecyberwire.com/podcasts/career-notes/116/notes
China-Linked BRONZE PRESIDENT APT targets Government officials worldwide
https://securityaffairs.co/wordpress/135557/apt/bronze-president-plugx-malware.html
x86matthew - WriteProcessMemoryAPC - Write memory to a remote process using APC calls
https://www.reddit.com/r/netsec/comments/xau68m/x86matthew_writeprocessmemoryapc_write_memory_to/
U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania
https://thehackernews.com/2022/09/us-imposes-new-sanctions-on-iran-over.html
Scammers live-streamed on YouTube a fake Apple crypto event
https://securityaffairs.co/wordpress/135549/cyber-crime/fake-apple-crypto-event-youtube.html
Ransomware gangs switching to new intermittent encryption tactic
https://www.reddit.com/r/Malware/comments/xazsib/ransomware_gangs_switching_to_new_intermittent/
XORCry - a simple python ransomware
https://0x00sec.org/t/xorcry-a-simple-python-ransomware/31148
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Phishing Word Documents with Suspicious URL, (Sat, Sep 10th)
Got this word document this week that was quarantined as phishing by Defender (223341099.docx) with the Subject: Urgent Payment Issue. Using Didier malware analysis tools, I ran through the following checks to see what could be embedded in it that is likely…
Top Security News for 12/09/2022
Security compliance around the Hash Table.
https://thecyberwire.com/podcasts/cso-perspectives-public/60/notes
Best Bluetooth trackers of 2022: AirTag and alternatives
https://malware.news/t/best-bluetooth-trackers-of-2022-airtag-and-alternatives/63269/1
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://malware.news/t/isc-stormcast-for-monday-september-12th-2022-https-isc-sans-edu-podcastdetail-html-id-8168-mon-sep-12th/63268/1
How requests-ip-rotator for bypassing rate limiting got me 6th on the leaderboard for ipv4.games
https://www.reddit.com/r/netsec/comments/xbpm5z/how_requestsiprotator_for_bypassing_rate_limiting/
Thoughts on the use of NoVNC for phishing campaigns
https://www.reddit.com/r/netsec/comments/xbkvhz/thoughts_on_the_use_of_novnc_for_phishing/
Wireshark 3.6.8 and 4.0.0rc1 Released, (Sun, Sep 11th)
https://malware.news/t/wireshark-3-6-8-and-4-0-0rc1-released-sun-sep-11th/63265/1
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://isc.sans.edu/diary/rss/29038
The ransomware problem won't get better until we change one thing
https://malware.news/t/the-ransomware-problem-wont-get-better-until-we-change-one-thing/63266/1
"Pull Request Hijacking" - bypassing code review enforcement in GitHub
https://www.reddit.com/r/netsec/comments/xbntnh/pull_request_hijacking_bypassing_code_review/
The Anatomy of a Malicious Package
https://www.reddit.com/r/netsec/comments/xc28ms/the_anatomy_of_a_malicious_package/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security compliance around the Hash Table.
https://thecyberwire.com/podcasts/cso-perspectives-public/60/notes
Best Bluetooth trackers of 2022: AirTag and alternatives
https://malware.news/t/best-bluetooth-trackers-of-2022-airtag-and-alternatives/63269/1
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://malware.news/t/isc-stormcast-for-monday-september-12th-2022-https-isc-sans-edu-podcastdetail-html-id-8168-mon-sep-12th/63268/1
How requests-ip-rotator for bypassing rate limiting got me 6th on the leaderboard for ipv4.games
https://www.reddit.com/r/netsec/comments/xbpm5z/how_requestsiprotator_for_bypassing_rate_limiting/
Thoughts on the use of NoVNC for phishing campaigns
https://www.reddit.com/r/netsec/comments/xbkvhz/thoughts_on_the_use_of_novnc_for_phishing/
Wireshark 3.6.8 and 4.0.0rc1 Released, (Sun, Sep 11th)
https://malware.news/t/wireshark-3-6-8-and-4-0-0rc1-released-sun-sep-11th/63265/1
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://isc.sans.edu/diary/rss/29038
The ransomware problem won't get better until we change one thing
https://malware.news/t/the-ransomware-problem-wont-get-better-until-we-change-one-thing/63266/1
"Pull Request Hijacking" - bypassing code review enforcement in GitHub
https://www.reddit.com/r/netsec/comments/xbntnh/pull_request_hijacking_bypassing_code_review/
The Anatomy of a Malicious Package
https://www.reddit.com/r/netsec/comments/xc28ms/the_anatomy_of_a_malicious_package/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Security compliance around the Hash Table.
Security compliance and privacy compliance are cybersecurity first principle strategies. On the Hash Table, Tom Quinn of T. Rowe Price argues for why compliance is both good for business and good for security.
Top Security News for 12/09/2022
Thoughts on the use of NoVNC for phishing campaigns
https://www.reddit.com/r/netsec/comments/xbkvhz/thoughts_on_the_use_of_novnc_for_phishing/
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://isc.sans.edu/diary/rss/29038
The ransomware problem won't get better until we change one thing
https://malware.news/t/the-ransomware-problem-wont-get-better-until-we-change-one-thing/63266/1
"Pull Request Hijacking" - bypassing code review enforcement in GitHub
https://www.reddit.com/r/netsec/comments/xbntnh/pull_request_hijacking_bypassing_code_review/
Wireshark 3.6.8 and 4.0.0rc1 Released, (Sun, Sep 11th)
https://isc.sans.edu/diary/rss/29036
Security Affairs newsletter Round 383
https://securityaffairs.co/wordpress/135593/breaking-news/security-affairs-newsletter-round-383.html
The Rise of Cyber-mercenaries
https://www.reddit.com/r/Malware/comments/xc313j/the_rise_of_cybermercenaries/
Albania was hit by a new cyberattack and blames Iran
https://securityaffairs.co/wordpress/135602/cyber-warfare-2/albania-second-cyber-attack.html
The Anatomy of a Malicious Package
https://www.reddit.com/r/netsec/comments/xc28ms/the_anatomy_of_a_malicious_package/
Bayes Rule: A different way to think about cybersecurity risk.
https://thecyberwire.com/stories/e2f21a64266a4103a4b666590b59bd54/bayes-rule-a-different-way-to-think-about-cybersecurity-risk
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Thoughts on the use of NoVNC for phishing campaigns
https://www.reddit.com/r/netsec/comments/xbkvhz/thoughts_on_the_use_of_novnc_for_phishing/
ISC Stormcast For Monday, September 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8168, (Mon, Sep 12th)
https://isc.sans.edu/diary/rss/29038
The ransomware problem won't get better until we change one thing
https://malware.news/t/the-ransomware-problem-wont-get-better-until-we-change-one-thing/63266/1
"Pull Request Hijacking" - bypassing code review enforcement in GitHub
https://www.reddit.com/r/netsec/comments/xbntnh/pull_request_hijacking_bypassing_code_review/
Wireshark 3.6.8 and 4.0.0rc1 Released, (Sun, Sep 11th)
https://isc.sans.edu/diary/rss/29036
Security Affairs newsletter Round 383
https://securityaffairs.co/wordpress/135593/breaking-news/security-affairs-newsletter-round-383.html
The Rise of Cyber-mercenaries
https://www.reddit.com/r/Malware/comments/xc313j/the_rise_of_cybermercenaries/
Albania was hit by a new cyberattack and blames Iran
https://securityaffairs.co/wordpress/135602/cyber-warfare-2/albania-second-cyber-attack.html
The Anatomy of a Malicious Package
https://www.reddit.com/r/netsec/comments/xc28ms/the_anatomy_of_a_malicious_package/
Bayes Rule: A different way to think about cybersecurity risk.
https://thecyberwire.com/stories/e2f21a64266a4103a4b666590b59bd54/bayes-rule-a-different-way-to-think-about-cybersecurity-risk
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Thoughts on the use of NoVNC for phishing campaigns
Posted in r/netsec by u/gid0rah • 74 points and 0 comments
Top Security News for 13/09/2022
A GraphQL tale: What else is in there besides introspection?
https://0x00sec.org/t/a-graphql-tale-what-else-is-in-there-besides-introspection/31180
China Accuses NSA's TAO Unit of Hacking its Military Research University
https://thehackernews.com/2022/09/china-accuses-nsas-tao-unit-of-hacking.html
ISC StormCast for Tuesday, September 13th, 2022
https://isc.sans.edu/podcastdetail.html?id=8170
Redeye is a platform to cover all aspects of red team engagement (data management, red team operation management, etc.)
https://www.reddit.com/r/netsec/comments/xcejhm/redeye_is_a_platform_to_cover_all_aspects_of_red/
Cyberattacks and sanctions. Underworld notes. Update on the hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/175
Update on the Los Angeles Unified School District ransomware attack. Spyware update. Data breaches and ransomware.
https://thecyberwire.com/newsletters/privacy-briefing/4/175
Help Save Hackersploit!
https://0x00sec.org/t/help-save-hackersploit/31182
The MSP playbook on deciphering tech promises and shaping security culture
https://www.malwarebytes.com/blog/podcast/2022/09/the-msp-playbook-on-deciphering-tech-promises-and-shaping-security-culture-lock-and-code-s03e19
Pros and Cons of 5G
https://malware.news/t/pros-and-cons-of-5g/63303/1
The seventh way to call a JavaScript function without parentheses
https://www.reddit.com/r/netsec/comments/xckbt1/the_seventh_way_to_call_a_javascript_function/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
A GraphQL tale: What else is in there besides introspection?
https://0x00sec.org/t/a-graphql-tale-what-else-is-in-there-besides-introspection/31180
China Accuses NSA's TAO Unit of Hacking its Military Research University
https://thehackernews.com/2022/09/china-accuses-nsas-tao-unit-of-hacking.html
ISC StormCast for Tuesday, September 13th, 2022
https://isc.sans.edu/podcastdetail.html?id=8170
Redeye is a platform to cover all aspects of red team engagement (data management, red team operation management, etc.)
https://www.reddit.com/r/netsec/comments/xcejhm/redeye_is_a_platform_to_cover_all_aspects_of_red/
Cyberattacks and sanctions. Underworld notes. Update on the hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/175
Update on the Los Angeles Unified School District ransomware attack. Spyware update. Data breaches and ransomware.
https://thecyberwire.com/newsletters/privacy-briefing/4/175
Help Save Hackersploit!
https://0x00sec.org/t/help-save-hackersploit/31182
The MSP playbook on deciphering tech promises and shaping security culture
https://www.malwarebytes.com/blog/podcast/2022/09/the-msp-playbook-on-deciphering-tech-promises-and-shaping-security-culture-lock-and-code-s03e19
Pros and Cons of 5G
https://malware.news/t/pros-and-cons-of-5g/63303/1
The seventh way to call a JavaScript function without parentheses
https://www.reddit.com/r/netsec/comments/xckbt1/the_seventh_way_to_call_a_javascript_function/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
0x00sec - The Home of the Hacker
A GraphQL tale: What else is in there besides introspection?
TL;DR: Finding and extracting GraphQL endpoints / queries / mutations / data types (partially) without relying on introspection or fuzzing, from publicly available javascript files. Story time: A couple days ago I was hanging out on Reddit when I saw someone…
Top Security News for 14/09/2022
The magic about how modern OS boot
https://www.reddit.com/r/netsec/comments/xd3x3h/the_magic_about_how_modern_os_boot/
Watch the Taliban Crash a Black Hawk Helicopter in Afghanistan
https://www.vice.com/en_us/article/m7g9q3/watch-the-taliban-crash-a-black-hawk-helicopter-in-afghanistan
Cyberspies drop new infostealer malware on govt networks in Asia
https://www.reddit.com/r/Malware/comments/xdqf8k/cyberspies_drop_new_infostealer_malware_on_govt/
Pro-Russian Hacktivist Groups Target Ukraine Supporters
https://malware.news/t/pro-russian-hacktivist-groups-target-ukraine-supporters/63357/1
We’re Entering the Age of Unethical Voice Tech
https://securityintelligence.com/articles/entering-age-unethical-voice-tech-deepfakes/
BrandPost: Architecting the Zero Trust Enterprise: The Benefits of Adopting a Holistic Approach to Zero Trust
https://www.csoonline.com/article/3673371/architecting-the-zero-trust-enterprise-the-benefits-of-adopting-a-holistic-approach-to-zero-trust.html#tk.rss_all
BrandPost: How to Stop Ransomware
https://www.csoonline.com/article/3673099/how-to-stop-ransomware.html#tk.rss_all
BackupBuddy WordPress plugin vulnerable to exploitation, update now!
https://www.malwarebytes.com/blog/news/2022/09/backupbuddy-wordpress-plugin-vulnerable-to-exploitation-update-now
Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research
https://thehackernews.com/2022/09/iranian-hackers-target-high-value.html
Introducing CloudFox: Automating situational awareness for cloud penetration tests
https://www.reddit.com/r/netsec/comments/xd9r4q/introducing_cloudfox_automating_situational/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The magic about how modern OS boot
https://www.reddit.com/r/netsec/comments/xd3x3h/the_magic_about_how_modern_os_boot/
Watch the Taliban Crash a Black Hawk Helicopter in Afghanistan
https://www.vice.com/en_us/article/m7g9q3/watch-the-taliban-crash-a-black-hawk-helicopter-in-afghanistan
Cyberspies drop new infostealer malware on govt networks in Asia
https://www.reddit.com/r/Malware/comments/xdqf8k/cyberspies_drop_new_infostealer_malware_on_govt/
Pro-Russian Hacktivist Groups Target Ukraine Supporters
https://malware.news/t/pro-russian-hacktivist-groups-target-ukraine-supporters/63357/1
We’re Entering the Age of Unethical Voice Tech
https://securityintelligence.com/articles/entering-age-unethical-voice-tech-deepfakes/
BrandPost: Architecting the Zero Trust Enterprise: The Benefits of Adopting a Holistic Approach to Zero Trust
https://www.csoonline.com/article/3673371/architecting-the-zero-trust-enterprise-the-benefits-of-adopting-a-holistic-approach-to-zero-trust.html#tk.rss_all
BrandPost: How to Stop Ransomware
https://www.csoonline.com/article/3673099/how-to-stop-ransomware.html#tk.rss_all
BackupBuddy WordPress plugin vulnerable to exploitation, update now!
https://www.malwarebytes.com/blog/news/2022/09/backupbuddy-wordpress-plugin-vulnerable-to-exploitation-update-now
Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research
https://thehackernews.com/2022/09/iranian-hackers-target-high-value.html
Introducing CloudFox: Automating situational awareness for cloud penetration tests
https://www.reddit.com/r/netsec/comments/xd9r4q/introducing_cloudfox_automating_situational/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
The magic about how modern OS boot
Posted in r/netsec by u/hardenedvault • 0 points and 0 comments
Top Security News for 15/09/2022
Recommended security resources for Microsoft Active Directory
https://www.csoonline.com/article/3673098/recommended-security-resources-for-microsoft-active-directory.html#tk.rss_all
Viewndow and is it Malware
https://www.reddit.com/r/Malware/comments/xemuei/viewndow_and_is_it_malware/
CISA added 2 more security flaws to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.co/wordpress/135753/security/cisa-known-exploited-vulnerabilities-catalog-new-flaws.html
WPGateway WordPress plugin vulnerability could allow full site takeover
https://www.malwarebytes.com/blog/news/2022/09/wpgateway-wordpress-plugin-vulnerability-could-allow-full-site-takeover
Excess privilege in the cloud is a universal security problem, IBM says
https://www.csoonline.com/article/3673750/excess-privilege-in-the-cloud-is-a-universal-security-problem-ibm-says.html#tk.rss_all
Crooks are using lures related to Her Majesty Queen Elizabeth II in phishing attacks
https://securityaffairs.co/wordpress/135764/cyber-crime/queen-elizabeth-ii-phishing.html
ISC Stormcast For Thursday, September 15th, 2022 https://isc.sans.edu/podcastdetail.html?id=8174, (Thu, Sep 15th)
https://malware.news/t/isc-stormcast-for-thursday-september-15th-2022-https-isc-sans-edu-podcastdetail-html-id-8174-thu-sep-15th/63395/1
Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks
https://thehackernews.com/2022/09/lorenz-ransomware-exploit-mitel-voip.html
Attacking the Android kernel using the Qualcomm TrustZone
https://www.reddit.com/r/netsec/comments/xdxlfn/attacking_the_android_kernel_using_the_qualcomm/
Trends in cyber insurance claims.
https://thecyberwire.com/stories/a307f3295a1749f4a837c4b830cfb551/trends-in-cyber-insurance-claims
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Recommended security resources for Microsoft Active Directory
https://www.csoonline.com/article/3673098/recommended-security-resources-for-microsoft-active-directory.html#tk.rss_all
Viewndow and is it Malware
https://www.reddit.com/r/Malware/comments/xemuei/viewndow_and_is_it_malware/
CISA added 2 more security flaws to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.co/wordpress/135753/security/cisa-known-exploited-vulnerabilities-catalog-new-flaws.html
WPGateway WordPress plugin vulnerability could allow full site takeover
https://www.malwarebytes.com/blog/news/2022/09/wpgateway-wordpress-plugin-vulnerability-could-allow-full-site-takeover
Excess privilege in the cloud is a universal security problem, IBM says
https://www.csoonline.com/article/3673750/excess-privilege-in-the-cloud-is-a-universal-security-problem-ibm-says.html#tk.rss_all
Crooks are using lures related to Her Majesty Queen Elizabeth II in phishing attacks
https://securityaffairs.co/wordpress/135764/cyber-crime/queen-elizabeth-ii-phishing.html
ISC Stormcast For Thursday, September 15th, 2022 https://isc.sans.edu/podcastdetail.html?id=8174, (Thu, Sep 15th)
https://malware.news/t/isc-stormcast-for-thursday-september-15th-2022-https-isc-sans-edu-podcastdetail-html-id-8174-thu-sep-15th/63395/1
Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks
https://thehackernews.com/2022/09/lorenz-ransomware-exploit-mitel-voip.html
Attacking the Android kernel using the Qualcomm TrustZone
https://www.reddit.com/r/netsec/comments/xdxlfn/attacking_the_android_kernel_using_the_qualcomm/
Trends in cyber insurance claims.
https://thecyberwire.com/stories/a307f3295a1749f4a837c4b830cfb551/trends-in-cyber-insurance-claims
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO Online
Recommended security resources for Microsoft Active Directory
These resources will keep you up to date on how to best protect your Active Directory domains.
Top Security News for 16/09/2022
Russian Gamaredon Hackers Target Ukrainian Government Using Info-Stealing Malware
https://thehackernews.com/2022/09/russian-gamaredon-hackers-target.html
Undermining Microsoft Teams Security by Mining Tokens
https://www.reddit.com/r/netsec/comments/xfdkoh/undermining_microsoft_teams_security_by_mining/
ISC Stormcast For Friday, September 16th, 2022 https://isc.sans.edu/podcastdetail.html?id=8176, (Fri, Sep 16th)
https://isc.sans.edu/diary/rss/29054
The Blind Spots of BloodHound
https://www.reddit.com/r/netsec/comments/xezmco/the_blind_spots_of_bloodhound/
US government indicts Iranian nationals for ransomware and other cybercrimes
https://www.csoonline.com/article/3673970/us-government-indicts-iranian-nationals-for-ransomware-and-other-cybercrimes.html#tk.rss_all
Explained: Fuzzing for security
https://www.malwarebytes.com/blog/news/2022/09/explained-fuzzing-for-security
U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attacks
https://thehackernews.com/2022/09/us-charges-3-iranian-hackers-and.html
Vulnerable airliner Wi-Fi. Ransomware gang threatens to leak medical records. Update on the LAUSD incident.
https://thecyberwire.com/podcasts/privacy-briefing/669/notes
Test your team’s security readiness with the Gone Phishing Tournament
https://www.microsoft.com/security/blog/2022/09/15/test-your-teams-security-readiness-with-the-gone-phishing-tournament/
Here are the new security and privacy features of iOS 16
https://www.malwarebytes.com/blog/news/2022/09/here-are-the-new-security-and-privacy-features-of-ios-16
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Russian Gamaredon Hackers Target Ukrainian Government Using Info-Stealing Malware
https://thehackernews.com/2022/09/russian-gamaredon-hackers-target.html
Undermining Microsoft Teams Security by Mining Tokens
https://www.reddit.com/r/netsec/comments/xfdkoh/undermining_microsoft_teams_security_by_mining/
ISC Stormcast For Friday, September 16th, 2022 https://isc.sans.edu/podcastdetail.html?id=8176, (Fri, Sep 16th)
https://isc.sans.edu/diary/rss/29054
The Blind Spots of BloodHound
https://www.reddit.com/r/netsec/comments/xezmco/the_blind_spots_of_bloodhound/
US government indicts Iranian nationals for ransomware and other cybercrimes
https://www.csoonline.com/article/3673970/us-government-indicts-iranian-nationals-for-ransomware-and-other-cybercrimes.html#tk.rss_all
Explained: Fuzzing for security
https://www.malwarebytes.com/blog/news/2022/09/explained-fuzzing-for-security
U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attacks
https://thehackernews.com/2022/09/us-charges-3-iranian-hackers-and.html
Vulnerable airliner Wi-Fi. Ransomware gang threatens to leak medical records. Update on the LAUSD incident.
https://thecyberwire.com/podcasts/privacy-briefing/669/notes
Test your team’s security readiness with the Gone Phishing Tournament
https://www.microsoft.com/security/blog/2022/09/15/test-your-teams-security-readiness-with-the-gone-phishing-tournament/
Here are the new security and privacy features of iOS 16
https://www.malwarebytes.com/blog/news/2022/09/here-are-the-new-security-and-privacy-features-of-ios-16
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Undermining Microsoft Teams Security by Mining Tokens
Posted in r/netsec by u/flexibeast • 25 points and 9 comments
Top Security News for 17/09/2022
Staged Payloads from Kali Linux | PT Phone Home – DNS
https://www.reddit.com/r/netsec/comments/xfko5c/staged_payloads_from_kali_linux_pt_phone_home_dns/
Uber responding to “cybersecurity incident” following reports of significant data breach
https://www.csoonline.com/article/3673942/uber-responding-to-cybersecurity-incident-following-reports-of-significant-data-breach.html#tk.rss_all
Uber Hack – What we know so far
https://malware.news/t/uber-hack-what-we-know-so-far/63447/1
North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application
https://thehackernews.com/2022/09/north-korean-hackers-spreading.html
White House Announces $1B in Cyber Funding for State and Local Governments
https://malware.news/t/white-house-announces-1b-in-cyber-funding-for-state-and-local-governments/63450/1
How to Use a UTM Solution & Win Time, Money and Resources
https://thehackernews.com/2022/09/how-to-use-utm-solution-win-time-money.html
Hackers Had Access to LastPass's Development Systems for Four Days
https://thehackernews.com/2022/09/hackers-had-access-to-lastpasss.html
How Belarusian hacktivists are using digital tools to fight back
https://malware.news/t/how-belarusian-hacktivists-are-using-digital-tools-to-fight-back/63451/1
DHS to Spend Almost $700,000 Investigating ‘Radicalization in Gaming’
https://www.vice.com/en_us/article/4ax4n3/dhs-to-spend-almost-dollar700000-investigating-radicalization-in-gaming
Restricted Access to Abortion Is a Threat to National Security, Study Finds
https://www.vice.com/en_us/article/5d353d/restricted-access-to-abortion-is-a-threat-to-national-security-study-finds
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Staged Payloads from Kali Linux | PT Phone Home – DNS
https://www.reddit.com/r/netsec/comments/xfko5c/staged_payloads_from_kali_linux_pt_phone_home_dns/
Uber responding to “cybersecurity incident” following reports of significant data breach
https://www.csoonline.com/article/3673942/uber-responding-to-cybersecurity-incident-following-reports-of-significant-data-breach.html#tk.rss_all
Uber Hack – What we know so far
https://malware.news/t/uber-hack-what-we-know-so-far/63447/1
North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application
https://thehackernews.com/2022/09/north-korean-hackers-spreading.html
White House Announces $1B in Cyber Funding for State and Local Governments
https://malware.news/t/white-house-announces-1b-in-cyber-funding-for-state-and-local-governments/63450/1
How to Use a UTM Solution & Win Time, Money and Resources
https://thehackernews.com/2022/09/how-to-use-utm-solution-win-time-money.html
Hackers Had Access to LastPass's Development Systems for Four Days
https://thehackernews.com/2022/09/hackers-had-access-to-lastpasss.html
How Belarusian hacktivists are using digital tools to fight back
https://malware.news/t/how-belarusian-hacktivists-are-using-digital-tools-to-fight-back/63451/1
DHS to Spend Almost $700,000 Investigating ‘Radicalization in Gaming’
https://www.vice.com/en_us/article/4ax4n3/dhs-to-spend-almost-dollar700000-investigating-radicalization-in-gaming
Restricted Access to Abortion Is a Threat to National Security, Study Finds
https://www.vice.com/en_us/article/5d353d/restricted-access-to-abortion-is-a-threat-to-national-security-study-finds
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Staged Payloads from Kali Linux | PT Phone Home – DNS
Posted in r/netsec by u/sanitybit • 2 points and 0 comments
Top Security News for 17/09/2022
API security—and even visibility—isn’t getting handled by enterprises
https://www.csoonline.com/article/3673974/api-securityand-even-visibilityisnt-getting-handled-by-enterprises.html#tk.rss_all
North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application
https://thehackernews.com/2022/09/north-korean-hackers-spreading.html
Restricted Access to Abortion Is a Threat to National Security, Study Finds
https://www.vice.com/en_us/article/5d353d/restricted-access-to-abortion-is-a-threat-to-national-security-study-finds
HPE security advisory (AV22-521)
https://malware.news/t/hpe-security-advisory-av22-521/63448/1
Trojanized Versions Of PuTTY Being Used To Spread Backdoor
https://packetstormsecurity.com/news/view/33849/Trojanized-Versions-Of-PuTTY-Being-Used-To-Spread-Backdoor.html
Diana Kelley, CSO & Co-founder of Cybrize to discuss the need for innovation and entrepreneurship in cybersecurity.
https://thecyberwire.com/podcasts/interview-selects/128/notes
DHS to Spend Almost $700,000 Investigating ‘Radicalization in Gaming’
https://www.vice.com/en_us/article/4ax4n3/dhs-to-spend-almost-dollar700000-investigating-radicalization-in-gaming
cloudvelo: An experimental Velociraptor implementation using cloud infrastructure
https://www.reddit.com/r/netsec/comments/xg0ocl/cloudvelo_an_experimental_velociraptor/
Uber hacked, internal systems and confidential documents were allegedly compromised
https://securityaffairs.co/wordpress/135811/data-breach/uber-hacked-systems-allegedly-compromised.html
How Belarusian hacktivists are using digital tools to fight back
https://malware.news/t/how-belarusian-hacktivists-are-using-digital-tools-to-fight-back/63451/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
API security—and even visibility—isn’t getting handled by enterprises
https://www.csoonline.com/article/3673974/api-securityand-even-visibilityisnt-getting-handled-by-enterprises.html#tk.rss_all
North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application
https://thehackernews.com/2022/09/north-korean-hackers-spreading.html
Restricted Access to Abortion Is a Threat to National Security, Study Finds
https://www.vice.com/en_us/article/5d353d/restricted-access-to-abortion-is-a-threat-to-national-security-study-finds
HPE security advisory (AV22-521)
https://malware.news/t/hpe-security-advisory-av22-521/63448/1
Trojanized Versions Of PuTTY Being Used To Spread Backdoor
https://packetstormsecurity.com/news/view/33849/Trojanized-Versions-Of-PuTTY-Being-Used-To-Spread-Backdoor.html
Diana Kelley, CSO & Co-founder of Cybrize to discuss the need for innovation and entrepreneurship in cybersecurity.
https://thecyberwire.com/podcasts/interview-selects/128/notes
DHS to Spend Almost $700,000 Investigating ‘Radicalization in Gaming’
https://www.vice.com/en_us/article/4ax4n3/dhs-to-spend-almost-dollar700000-investigating-radicalization-in-gaming
cloudvelo: An experimental Velociraptor implementation using cloud infrastructure
https://www.reddit.com/r/netsec/comments/xg0ocl/cloudvelo_an_experimental_velociraptor/
Uber hacked, internal systems and confidential documents were allegedly compromised
https://securityaffairs.co/wordpress/135811/data-breach/uber-hacked-systems-allegedly-compromised.html
How Belarusian hacktivists are using digital tools to fight back
https://malware.news/t/how-belarusian-hacktivists-are-using-digital-tools-to-fight-back/63451/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO Online
API security—and even visibility—isn’t getting handled by enterprises
A new survey highlights the widespread nature of API security incidents and the lack of full inventories of potentially dangerous APIs.
Top Security News for 18/09/2022
3 ways MDR can drive business growth for MSPs
https://www.malwarebytes.com/blog/business/2022/09/3-ways-mdr-can-drive-business-growth-for-msps
Video: Analyzing Obfuscated VBS with CyberChef, (Sat, Sep 17th)
https://isc.sans.edu/diary/rss/29058
EU moves to protect journalists from spyware
https://malware.news/t/eu-moves-to-protect-journalists-from-spyware/63455/1
LLVM Passes for Security: A Brief Introduction (Part 1/4)
https://www.reddit.com/r/netsec/comments/xgxs7q/llvm_passes_for_security_a_brief_introduction/
requests-ip-rotator: A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
https://www.reddit.com/r/netsec/comments/xh40q2/requestsiprotator_a_python_library_to_utilize_aws/
Virtual FIDO is a virtual USB device that implements the FIDO2/U2F protocol (like a YubiKey) in order to support 2FA and WebAuthN.
https://www.reddit.com/r/netsec/comments/xh3bae/virtual_fido_is_a_virtual_usb_device_that/
Lockbit’s bounty: consequences matter
https://diablohorn.com/2022/09/18/lockbits-bounty-consequences-matter/
Security Affairs newsletter Round 384
https://securityaffairs.co/wordpress/135877/breaking-news/security-affairs-newsletter-round-384.html
Uber Claims No Sensitive Data Exposed in Latest Breach… But There's More to This
https://thehackernews.com/2022/09/uber-claims-no-sensitive-data-exposed.html
Jaya Baloo: Don't be afraid to bounce ideas off your teammates. [CISO]
https://thecyberwire.com/podcasts/career-notes/117/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
3 ways MDR can drive business growth for MSPs
https://www.malwarebytes.com/blog/business/2022/09/3-ways-mdr-can-drive-business-growth-for-msps
Video: Analyzing Obfuscated VBS with CyberChef, (Sat, Sep 17th)
https://isc.sans.edu/diary/rss/29058
EU moves to protect journalists from spyware
https://malware.news/t/eu-moves-to-protect-journalists-from-spyware/63455/1
LLVM Passes for Security: A Brief Introduction (Part 1/4)
https://www.reddit.com/r/netsec/comments/xgxs7q/llvm_passes_for_security_a_brief_introduction/
requests-ip-rotator: A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
https://www.reddit.com/r/netsec/comments/xh40q2/requestsiprotator_a_python_library_to_utilize_aws/
Virtual FIDO is a virtual USB device that implements the FIDO2/U2F protocol (like a YubiKey) in order to support 2FA and WebAuthN.
https://www.reddit.com/r/netsec/comments/xh3bae/virtual_fido_is_a_virtual_usb_device_that/
Lockbit’s bounty: consequences matter
https://diablohorn.com/2022/09/18/lockbits-bounty-consequences-matter/
Security Affairs newsletter Round 384
https://securityaffairs.co/wordpress/135877/breaking-news/security-affairs-newsletter-round-384.html
Uber Claims No Sensitive Data Exposed in Latest Breach… But There's More to This
https://thehackernews.com/2022/09/uber-claims-no-sensitive-data-exposed.html
Jaya Baloo: Don't be afraid to bounce ideas off your teammates. [CISO]
https://thecyberwire.com/podcasts/career-notes/117/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
3 ways MDR can drive business growth for MSPs
With the rising demand for Managed Detection and Response (MDR), MSPs are in position to grow their business in several ways. In this post, we’ll look at three ways MDR can drive business growth for MSPs.
Top Security News for 19/09/2022
Preventing ISO Malware , (Sun, Sep 18th)
https://malware.news/t/preventing-iso-malware-sun-sep-18th/63459/1
Update: strings.py Version 0.0.8
https://malware.news/t/update-strings-py-version-0-0-8/63458/1
Uber says there is no evidence that users’ private information was compromised
https://securityaffairs.co/wordpress/135876/data-breach/uber-data-breach-update.html
Fake google drive desktop malware started a Google Ads campaign.
https://www.reddit.com/r/Malware/comments/xhbzmi/fake_google_drive_desktop_malware_started_a/
ISC Stormcast For Monday, September 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8178, (Mon, Sep 19th)
https://malware.news/t/isc-stormcast-for-monday-september-19th-2022-https-isc-sans-edu-podcastdetail-html-id-8178-mon-sep-19th/63460/1
ISC StormCast for Monday, September 19th, 2022
https://isc.sans.edu/podcastdetail.html?id=8178
Risk Forecasting with Bayes Rule: A practical example.
https://thecyberwire.com/stories/3cf992726ebd489db4a45529f0ba1bc5/risk-forecasting-with-bayes-rule-a-practical-example
Netgear Routers impacted by FunJSQ Game Acceleration Module flaw
https://securityaffairs.co/wordpress/135887/security/netgear-game-acceleration-module-flaw.html
TeamTNT is back and targets servers to run Bitcoin encryption solvers
https://securityaffairs.co/wordpress/135911/cyber-crime/teamtnt-is-back-encryption-solvers.html
Developments in the case of the Uber breach.
https://thecyberwire.com/stories/ac8a9e6a20584c7bb8cfc7434d6d001e/developments-in-the-case-of-the-uber-breach
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Preventing ISO Malware , (Sun, Sep 18th)
https://malware.news/t/preventing-iso-malware-sun-sep-18th/63459/1
Update: strings.py Version 0.0.8
https://malware.news/t/update-strings-py-version-0-0-8/63458/1
Uber says there is no evidence that users’ private information was compromised
https://securityaffairs.co/wordpress/135876/data-breach/uber-data-breach-update.html
Fake google drive desktop malware started a Google Ads campaign.
https://www.reddit.com/r/Malware/comments/xhbzmi/fake_google_drive_desktop_malware_started_a/
ISC Stormcast For Monday, September 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8178, (Mon, Sep 19th)
https://malware.news/t/isc-stormcast-for-monday-september-19th-2022-https-isc-sans-edu-podcastdetail-html-id-8178-mon-sep-19th/63460/1
ISC StormCast for Monday, September 19th, 2022
https://isc.sans.edu/podcastdetail.html?id=8178
Risk Forecasting with Bayes Rule: A practical example.
https://thecyberwire.com/stories/3cf992726ebd489db4a45529f0ba1bc5/risk-forecasting-with-bayes-rule-a-practical-example
Netgear Routers impacted by FunJSQ Game Acceleration Module flaw
https://securityaffairs.co/wordpress/135887/security/netgear-game-acceleration-module-flaw.html
TeamTNT is back and targets servers to run Bitcoin encryption solvers
https://securityaffairs.co/wordpress/135911/cyber-crime/teamtnt-is-back-encryption-solvers.html
Developments in the case of the Uber breach.
https://thecyberwire.com/stories/ac8a9e6a20584c7bb8cfc7434d6d001e/developments-in-the-case-of-the-uber-breach
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Preventing ISO Malware , (Sun, Sep 18th)
In the last few weeks, I’ve seen a significant uptick in systems infected with Chromeloader malware. This malware is a malicious extension for your browser, redirecting it to ad sites and hijacking searches. But with the success of this technique recently…
Top Security News for 20/09/2022
GTA 6 source code and videos leaked after Rockstar Games hack
https://www.reddit.com/r/netsec/comments/xi4ls7/gta_6_source_code_and_videos_leaked_after/
Collaboration is key to balance customer experience with security, privacy
https://www.csoonline.com/article/3673943/collaboration-is-key-to-balance-customer-experience-with-security-privacy.html#tk.rss_all
Deconstructing Florian's Bicycle
https://malware.news/t/deconstructing-florians-bicycle/63490/1
Tentative attribution in the Uber breach.
https://thecyberwire.com/stories/fc212676e8e34ca18d77680a7c46b043/tentative-attribution-in-the-uber-breach
A week in security (September 12 – 18)
https://www.malwarebytes.com/blog/news/2022/09/a-week-in-security-september-12--18
ISC Stormcast For Tuesday, September 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8180, (Tue, Sep 20th)
https://malware.news/t/isc-stormcast-for-tuesday-september-20th-2022-https-isc-sans-edu-podcastdetail-html-id-8180-tue-sep-20th/63491/1
International cooperation is key to fighting threat actors and cybercrime
https://www.csoonline.com/article/3673748/international-cooperation-is-key-to-fighting-threat-actors-and-cybercrime.html#tk.rss_all
The new DOJ Law Enforcement Crypto Reports (TL;DR)
https://malware.news/t/the-new-doj-law-enforcement-crypto-reports-tl-dr/63495/1
Microsoft Teams' GIFShell Attack: What Is It and How You Can Protect Yourself from It
https://thehackernews.com/2022/09/microsoft-teams-gifshell-attack-what-is.html
Amazon Driver Fired for Posting Photo of Customer’s Dildo to Reddit
https://www.vice.com/en_us/article/epzabm/amazon-driver-fired-for-posting-photo-of-customers-dildo-to-reddit
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
GTA 6 source code and videos leaked after Rockstar Games hack
https://www.reddit.com/r/netsec/comments/xi4ls7/gta_6_source_code_and_videos_leaked_after/
Collaboration is key to balance customer experience with security, privacy
https://www.csoonline.com/article/3673943/collaboration-is-key-to-balance-customer-experience-with-security-privacy.html#tk.rss_all
Deconstructing Florian's Bicycle
https://malware.news/t/deconstructing-florians-bicycle/63490/1
Tentative attribution in the Uber breach.
https://thecyberwire.com/stories/fc212676e8e34ca18d77680a7c46b043/tentative-attribution-in-the-uber-breach
A week in security (September 12 – 18)
https://www.malwarebytes.com/blog/news/2022/09/a-week-in-security-september-12--18
ISC Stormcast For Tuesday, September 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8180, (Tue, Sep 20th)
https://malware.news/t/isc-stormcast-for-tuesday-september-20th-2022-https-isc-sans-edu-podcastdetail-html-id-8180-tue-sep-20th/63491/1
International cooperation is key to fighting threat actors and cybercrime
https://www.csoonline.com/article/3673748/international-cooperation-is-key-to-fighting-threat-actors-and-cybercrime.html#tk.rss_all
The new DOJ Law Enforcement Crypto Reports (TL;DR)
https://malware.news/t/the-new-doj-law-enforcement-crypto-reports-tl-dr/63495/1
Microsoft Teams' GIFShell Attack: What Is It and How You Can Protect Yourself from It
https://thehackernews.com/2022/09/microsoft-teams-gifshell-attack-what-is.html
Amazon Driver Fired for Posting Photo of Customer’s Dildo to Reddit
https://www.vice.com/en_us/article/epzabm/amazon-driver-fired-for-posting-photo-of-customers-dildo-to-reddit
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
GTA 6 source code and videos leaked after Rockstar Games hack
Posted in r/netsec by u/CyberMasterV • 181 points and 24 comments
Top Security News for 21/09/2022
Major movements in US digital asset guidance. Cybersecurity in the “Giant of Africa.” Does Japan need a cyber ministry?
https://thecyberwire.com/newsletters/policy-briefing/4/181
ISC StormCast for Wednesday, September 21st, 2022
https://isc.sans.edu/podcastdetail.html?id=8182
kubernetes-sec-alert: Track Kubernetes CVEs by native GitHub notifications!
https://www.reddit.com/r/netsec/comments/xh8fr6/kubernetessecalert_track_kubernetes_cves_by/
Phishing Campaigns Use Free Online Resources, (Wed, Sep 21st)
https://malware.news/t/phishing-campaigns-use-free-online-resources-wed-sep-21st/63535/1
Grand Theft Auto 6 suffers grand theft
https://www.malwarebytes.com/blog/news/2022/09/grand-theft-auto-6-suffers-grand-theft
CISA, Claroty highlight severe vulnerabilities in popular power distribution unit product
https://malware.news/t/cisa-claroty-highlight-severe-vulnerabilities-in-popular-power-distribution-unit-product/63531/1
ASEC Weekly Malware Statistics (September 5th, 2022 – September 11th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-september-5th-2022-september-11th-2022/63532/1
Phishing Campaigns Use Free Online Resources, (Wed, Sep 21st)
https://isc.sans.edu/diary/rss/29074
Palo Alto adds software composition analysis to Prisma Cloud to boost open-source security
https://www.csoonline.com/article/3673901/palo-alto-adds-software-composition-analysis-to-prisma-cloud-to-boost-open-source-security.html#tk.rss_all
Most common SAP vulnerabilities attackers try to exploit
https://www.csoonline.com/article/3674119/most-common-sap-vulnerabilities-attackers-try-to-exploit.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Major movements in US digital asset guidance. Cybersecurity in the “Giant of Africa.” Does Japan need a cyber ministry?
https://thecyberwire.com/newsletters/policy-briefing/4/181
ISC StormCast for Wednesday, September 21st, 2022
https://isc.sans.edu/podcastdetail.html?id=8182
kubernetes-sec-alert: Track Kubernetes CVEs by native GitHub notifications!
https://www.reddit.com/r/netsec/comments/xh8fr6/kubernetessecalert_track_kubernetes_cves_by/
Phishing Campaigns Use Free Online Resources, (Wed, Sep 21st)
https://malware.news/t/phishing-campaigns-use-free-online-resources-wed-sep-21st/63535/1
Grand Theft Auto 6 suffers grand theft
https://www.malwarebytes.com/blog/news/2022/09/grand-theft-auto-6-suffers-grand-theft
CISA, Claroty highlight severe vulnerabilities in popular power distribution unit product
https://malware.news/t/cisa-claroty-highlight-severe-vulnerabilities-in-popular-power-distribution-unit-product/63531/1
ASEC Weekly Malware Statistics (September 5th, 2022 – September 11th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-september-5th-2022-september-11th-2022/63532/1
Phishing Campaigns Use Free Online Resources, (Wed, Sep 21st)
https://isc.sans.edu/diary/rss/29074
Palo Alto adds software composition analysis to Prisma Cloud to boost open-source security
https://www.csoonline.com/article/3673901/palo-alto-adds-software-composition-analysis-to-prisma-cloud-to-boost-open-source-security.html#tk.rss_all
Most common SAP vulnerabilities attackers try to exploit
https://www.csoonline.com/article/3674119/most-common-sap-vulnerabilities-attackers-try-to-exploit.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Major movements in US digital asset guidance. Cybersecurity in the “Giant of Africa.” Does Japan need a cyber ministry?
Top Security News for 22/09/2022
ISC Stormcast For Thursday, September 22nd, 2022 https://isc.sans.edu/podcastdetail.html?id=8184, (Thu, Sep 22nd)
https://isc.sans.edu/diary/rss/29076
Record DDoS Attack with 25.3 Billion Requests Abused HTTP/2 Multiplexing
https://thehackernews.com/2022/09/record-ddos-attack-with-253-billion.html
Quickpost: Tuning The Electric Energy Consumption Of My TV
https://malware.news/t/quickpost-tuning-the-electric-energy-consumption-of-my-tv/63566/1
Former Broadcom engineer gets eight months in prison for trade secrets theft
https://www.networkworld.com/article/3674316/former-broadcom-engineer-gets-eight-months-in-prison-for-trade-secrets-theft.html#tk.rss_all
FilelessRemotePE: Loading fileless remote PE from URI to memory
https://www.reddit.com/r/netsec/comments/xkkxlb/filelessremotepe_loading_fileless_remote_pe_from/
How will cybersecurity insurance change in the coming years?
https://thecyberwire.com/podcasts/caveat/142/notes
User claim he hacked a Lockbit Server and release builder & more
https://www.reddit.com/r/netsec/comments/xk1lc9/user_claim_he_hacked_a_lockbit_server_and_release/
Critical Remote Hack Flaws Found in Dataprobe's Power Distribution Units
https://thehackernews.com/2022/09/critical-remote-hack-flaws-found-in.html
BrandPost: Great Cyber Hygiene Starts with a Culture of Security Awareness
https://www.csoonline.com/article/3674628/great-cyber-hygiene-starts-with-a-culture-of-security-awareness.html#tk.rss_all
Scammers send fake 'Energy Bills Support Scheme' texts
https://www.malwarebytes.com/blog/news/2022/09/energy-scammers-send-fake-energy-bills-support-scheme-texts
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Thursday, September 22nd, 2022 https://isc.sans.edu/podcastdetail.html?id=8184, (Thu, Sep 22nd)
https://isc.sans.edu/diary/rss/29076
Record DDoS Attack with 25.3 Billion Requests Abused HTTP/2 Multiplexing
https://thehackernews.com/2022/09/record-ddos-attack-with-253-billion.html
Quickpost: Tuning The Electric Energy Consumption Of My TV
https://malware.news/t/quickpost-tuning-the-electric-energy-consumption-of-my-tv/63566/1
Former Broadcom engineer gets eight months in prison for trade secrets theft
https://www.networkworld.com/article/3674316/former-broadcom-engineer-gets-eight-months-in-prison-for-trade-secrets-theft.html#tk.rss_all
FilelessRemotePE: Loading fileless remote PE from URI to memory
https://www.reddit.com/r/netsec/comments/xkkxlb/filelessremotepe_loading_fileless_remote_pe_from/
How will cybersecurity insurance change in the coming years?
https://thecyberwire.com/podcasts/caveat/142/notes
User claim he hacked a Lockbit Server and release builder & more
https://www.reddit.com/r/netsec/comments/xk1lc9/user_claim_he_hacked_a_lockbit_server_and_release/
Critical Remote Hack Flaws Found in Dataprobe's Power Distribution Units
https://thehackernews.com/2022/09/critical-remote-hack-flaws-found-in.html
BrandPost: Great Cyber Hygiene Starts with a Culture of Security Awareness
https://www.csoonline.com/article/3674628/great-cyber-hygiene-starts-with-a-culture-of-security-awareness.html#tk.rss_all
Scammers send fake 'Energy Bills Support Scheme' texts
https://www.malwarebytes.com/blog/news/2022/09/energy-scammers-send-fake-energy-bills-support-scheme-texts
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Thursday, September 22nd, 2022 - SANS ISC
👍2
Top Security News for 27/09/2022
Twitter fixes bug that left devices logged in after password reset
https://www.malwarebytes.com/blog/news/2022/09/twitter-fixes-bug-that-left-devices-logged-in-after-password-reset
The weaponisation of information
https://malware.news/t/the-weaponisation-of-information/63685/1
A study of cracked passwords from breaches demonstrates which geographical factors have the most impact on password strength
https://www.reddit.com/r/netsec/comments/xon5mo/a_study_of_cracked_passwords_from_breaches/
When Athletic Abilities Just Aren't Enough - Scoreboard Hacking Part 2
https://www.reddit.com/r/netsec/comments/xol9v3/when_athletic_abilities_just_arent_enough/
Jeremy Corbyn Plays ‘Doom’ Mod About Killing Margaret Thatcher
https://www.vice.com/en_us/article/m7gpa4/jeremy-corbyn-plays-doom-mod-about-killing-margret-thatcher
Attorney general says FBI is working on Optus data breach – video
https://www.theguardian.com/business/video/2022/sep/27/attorney-general-says-fbi-is-working-on-optus-data-breach-video
Kingpins of sexual exploitation gang arrested in Berlin
https://malware.news/t/kingpins-of-sexual-exploitation-gang-arrested-in-berlin/63686/1
Windows 11 pulls ahead of Windows 10 in anti-phishing stakes
https://www.malwarebytes.com/blog/news/2022/09/windows-11-pulls-ahead-of-windows-10-in-anti-phishing-stakes
BrandPost: Extortion Economics: Ransomware’s New Business Model
https://www.csoonline.com/article/3674773/extortion-economics-ransomware-s-new-business-model.html#tk.rss_all
Government flags new cybersecurity laws and increase in fines after Optus breach
https://www.theguardian.com/business/2022/sep/27/government-flags-new-cybersecurity-laws-and-increase-in-fines-after-optus-breach
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Twitter fixes bug that left devices logged in after password reset
https://www.malwarebytes.com/blog/news/2022/09/twitter-fixes-bug-that-left-devices-logged-in-after-password-reset
The weaponisation of information
https://malware.news/t/the-weaponisation-of-information/63685/1
A study of cracked passwords from breaches demonstrates which geographical factors have the most impact on password strength
https://www.reddit.com/r/netsec/comments/xon5mo/a_study_of_cracked_passwords_from_breaches/
When Athletic Abilities Just Aren't Enough - Scoreboard Hacking Part 2
https://www.reddit.com/r/netsec/comments/xol9v3/when_athletic_abilities_just_arent_enough/
Jeremy Corbyn Plays ‘Doom’ Mod About Killing Margaret Thatcher
https://www.vice.com/en_us/article/m7gpa4/jeremy-corbyn-plays-doom-mod-about-killing-margret-thatcher
Attorney general says FBI is working on Optus data breach – video
https://www.theguardian.com/business/video/2022/sep/27/attorney-general-says-fbi-is-working-on-optus-data-breach-video
Kingpins of sexual exploitation gang arrested in Berlin
https://malware.news/t/kingpins-of-sexual-exploitation-gang-arrested-in-berlin/63686/1
Windows 11 pulls ahead of Windows 10 in anti-phishing stakes
https://www.malwarebytes.com/blog/news/2022/09/windows-11-pulls-ahead-of-windows-10-in-anti-phishing-stakes
BrandPost: Extortion Economics: Ransomware’s New Business Model
https://www.csoonline.com/article/3674773/extortion-economics-ransomware-s-new-business-model.html#tk.rss_all
Government flags new cybersecurity laws and increase in fines after Optus breach
https://www.theguardian.com/business/2022/sep/27/government-flags-new-cybersecurity-laws-and-increase-in-fines-after-optus-breach
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Twitter fixes bug that left devices logged in after password reset
Twitter says it has fixed a bug that meant users weren't logged out of active sessions on all devices after manually resetting their passwords.
👍1
Top Security News for 28/09/2022
Over Half of Operating Systems at VA Medical Center in Texas are Outdated, Watchdog Finds
https://malware.news/t/over-half-of-operating-systems-at-va-medical-center-in-texas-are-outdated-watchdog-finds/63712/1
Ken Thompson Really Did Launch His "Trusting Trust" Trojan Attack in Real Life
https://www.reddit.com/r/netsec/comments/xprmnz/ken_thompson_really_did_launch_his_trusting_trust/
Ukraine's Defense Intelligence warns of coming Russian cyberattacks against infrastructure. Next moves for Lapsus$? Cashout scams and neglected wallets. Developments in the Optus breach.
https://thecyberwire.com/podcasts/daily-podcast/1671/notes
Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely
https://thehackernews.com/2022/09/critical-whatsapp-bugs-could-have-let.html
ISC Stormcast For Wednesday, September 28th, 2022 https://isc.sans.edu/podcastdetail.html?id=8192, (Wed, Sep 28th)
https://malware.news/t/isc-stormcast-for-wednesday-september-28th-2022-https-isc-sans-edu-podcastdetail-html-id-8192-wed-sep-28th/63714/1
ISC Stormcast For Wednesday, September 28th, 2022 https://isc.sans.edu/podcastdetail.html?id=8192, (Wed, Sep 28th)
https://isc.sans.edu/diary/rss/29096
Detecting and Mitigating the GateKeeper User Override on macOS in an Enterprise Environment
https://www.reddit.com/r/netsec/comments/xprf0s/detecting_and_mitigating_the_gatekeeper_user/
A technical analysis of Pegasus for Android – Part 2
https://www.reddit.com/r/netsec/comments/xpg78b/a_technical_analysis_of_pegasus_for_android_part_2/
The difference between signature-based and behavioural detections
https://www.reddit.com/r/netsec/comments/xpsci2/the_difference_between_signaturebased_and/
Apakah ada yang siap mengajari saya
https://0x00sec.org/t/apakah-ada-yang-siap-mengajari-saya/31440
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Over Half of Operating Systems at VA Medical Center in Texas are Outdated, Watchdog Finds
https://malware.news/t/over-half-of-operating-systems-at-va-medical-center-in-texas-are-outdated-watchdog-finds/63712/1
Ken Thompson Really Did Launch His "Trusting Trust" Trojan Attack in Real Life
https://www.reddit.com/r/netsec/comments/xprmnz/ken_thompson_really_did_launch_his_trusting_trust/
Ukraine's Defense Intelligence warns of coming Russian cyberattacks against infrastructure. Next moves for Lapsus$? Cashout scams and neglected wallets. Developments in the Optus breach.
https://thecyberwire.com/podcasts/daily-podcast/1671/notes
Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely
https://thehackernews.com/2022/09/critical-whatsapp-bugs-could-have-let.html
ISC Stormcast For Wednesday, September 28th, 2022 https://isc.sans.edu/podcastdetail.html?id=8192, (Wed, Sep 28th)
https://malware.news/t/isc-stormcast-for-wednesday-september-28th-2022-https-isc-sans-edu-podcastdetail-html-id-8192-wed-sep-28th/63714/1
ISC Stormcast For Wednesday, September 28th, 2022 https://isc.sans.edu/podcastdetail.html?id=8192, (Wed, Sep 28th)
https://isc.sans.edu/diary/rss/29096
Detecting and Mitigating the GateKeeper User Override on macOS in an Enterprise Environment
https://www.reddit.com/r/netsec/comments/xprf0s/detecting_and_mitigating_the_gatekeeper_user/
A technical analysis of Pegasus for Android – Part 2
https://www.reddit.com/r/netsec/comments/xpg78b/a_technical_analysis_of_pegasus_for_android_part_2/
The difference between signature-based and behavioural detections
https://www.reddit.com/r/netsec/comments/xpsci2/the_difference_between_signaturebased_and/
Apakah ada yang siap mengajari saya
https://0x00sec.org/t/apakah-ada-yang-siap-mengajari-saya/31440
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Over Half of Operating Systems at VA Medical Center in Texas are Outdated, Watchdog Finds
An audit conducted by the VA’s Office of Inspector General found unaddressed security vulnerabilities and deficient devices at the Harlingen VA Health Care Center. Article Link: Over Half of Operating Systems at VA Medical Center in Texas are Outdated, Watchdog…
Top Security News for 29/09/2022
Breaking down the Gramm-Leach-Bliley Act.
https://thecyberwire.com/podcasts/caveat/143/notes
16 Wall Street firms fined $1.8B for using private text apps, lying about it
https://www.computerworld.com/article/3675289/16-wall-street-firms-fined-18b-for-using-private-text-apps-lying-about-it.html#tk.rss_all
How cybercriminals use public online and offline data to target employees
https://www.csoonline.com/article/3674770/how-cybercriminals-use-public-online-and-offline-data-to-target-employees.html#tk.rss_all
ISC Stormcast For Thursday, September 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8194, (Thu, Sep 29th)
https://malware.news/t/isc-stormcast-for-thursday-september-29th-2022-https-isc-sans-edu-podcastdetail-html-id-8194-thu-sep-29th/63757/1
Australia news live: Optus breach a ‘wakeup call’, minister says, as telco contacts 14,900 customers with exposed Medicare ID
https://www.theguardian.com/australia-news/live/2022/sep/29/australia-news-live-politics-optus-medicare-fuel-excise-anthony-albanese-labor-liberal-indigenous-voice-cost-of-living-weather
Kerberos: New Attack Paths? AS Requested Service Tickets
https://www.reddit.com/r/netsec/comments/xqoele/kerberos_new_attack_paths_as_requested_service/
Meta dismantled the largest Russian network since the war in Ukraine began
https://securityaffairs.co/wordpress/136326/social-networks/meta-dismantled-russian-network.html
Facebook Shuts Down Covert Political 'Influence Operations' from Russia and China
https://thehackernews.com/2022/09/facebook-shuts-down-covert-political.html
Moving Faster - Securely. Why Your Org Should Add Security to your DevOps Program
https://thecyberwire.com/podcasts/security-sandbox/19/notes
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/28-09-2022
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Breaking down the Gramm-Leach-Bliley Act.
https://thecyberwire.com/podcasts/caveat/143/notes
16 Wall Street firms fined $1.8B for using private text apps, lying about it
https://www.computerworld.com/article/3675289/16-wall-street-firms-fined-18b-for-using-private-text-apps-lying-about-it.html#tk.rss_all
How cybercriminals use public online and offline data to target employees
https://www.csoonline.com/article/3674770/how-cybercriminals-use-public-online-and-offline-data-to-target-employees.html#tk.rss_all
ISC Stormcast For Thursday, September 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8194, (Thu, Sep 29th)
https://malware.news/t/isc-stormcast-for-thursday-september-29th-2022-https-isc-sans-edu-podcastdetail-html-id-8194-thu-sep-29th/63757/1
Australia news live: Optus breach a ‘wakeup call’, minister says, as telco contacts 14,900 customers with exposed Medicare ID
https://www.theguardian.com/australia-news/live/2022/sep/29/australia-news-live-politics-optus-medicare-fuel-excise-anthony-albanese-labor-liberal-indigenous-voice-cost-of-living-weather
Kerberos: New Attack Paths? AS Requested Service Tickets
https://www.reddit.com/r/netsec/comments/xqoele/kerberos_new_attack_paths_as_requested_service/
Meta dismantled the largest Russian network since the war in Ukraine began
https://securityaffairs.co/wordpress/136326/social-networks/meta-dismantled-russian-network.html
Facebook Shuts Down Covert Political 'Influence Operations' from Russia and China
https://thehackernews.com/2022/09/facebook-shuts-down-covert-political.html
Moving Faster - Securely. Why Your Org Should Add Security to your DevOps Program
https://thecyberwire.com/podcasts/security-sandbox/19/notes
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/28-09-2022
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Breaking down the Gramm-Leach-Bliley Act.
Guest Bob Maley from Black Kite joins Dave to discuss the Gramm-Leach-Bliley Act (GLBA), federal regulation that requires financial institutions to safeguard sensitive customer information. Ben discusses a new lawsuit filed against a local public utility…
Top Security News for 30/09/2022
North Korea weaponizes open-source software.
https://thecyberwire.com/stories/b82102c41d8f43dba308d469d86edc37/north-korea-weaponizes-open-source-software
New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server
https://www.reddit.com/r/netsec/comments/xrh7f0/new_attack_campaign_utilized_a_new_0day_rce/
Want to study for ethical hacking? You can with this $35 certification bundle
https://malware.news/t/want-to-study-for-ethical-hacking-you-can-with-this-35-certification-bundle/63803/1
NATO Says Nord Stream Pipeline Was Sabotaged, Promises to Defend Its Allies
https://www.vice.com/en_us/article/88qvvp/nato-says-nord-stream-pipeline-was-sabotaged-promises-to-defend-its-allies
Hackers support Iranian dissidents. Notes on C2C markets. Cyberespionage campaigns. Intercepted mobile calls from Russian troops expose morale problems.
https://thecyberwire.com/podcasts/daily-podcast/1673/notes
Fast Company hacked to send obscene and racist messages
https://www.malwarebytes.com/blog/news/2022/09/fast-company-is-currently-investigating-how-it-got-hacked
Diavol resurfaces
https://malware.news/t/diavol-resurfaces/63801/1
ISC Stormcast For Friday, September 30th, 2022 https://isc.sans.edu/podcastdetail.html?id=8196, (Fri, Sep 30th)
https://malware.news/t/isc-stormcast-for-friday-september-30th-2022-https-isc-sans-edu-podcastdetail-html-id-8196-fri-sep-30th/63802/1
Researchers Uncover Covert Attack Campaign Targeting Military Contractors
https://thehackernews.com/2022/09/researchers-uncover-covert-attack.html
ISC StormCast for Friday, September 30th, 2022
https://isc.sans.edu/podcastdetail.html?id=8196
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
North Korea weaponizes open-source software.
https://thecyberwire.com/stories/b82102c41d8f43dba308d469d86edc37/north-korea-weaponizes-open-source-software
New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server
https://www.reddit.com/r/netsec/comments/xrh7f0/new_attack_campaign_utilized_a_new_0day_rce/
Want to study for ethical hacking? You can with this $35 certification bundle
https://malware.news/t/want-to-study-for-ethical-hacking-you-can-with-this-35-certification-bundle/63803/1
NATO Says Nord Stream Pipeline Was Sabotaged, Promises to Defend Its Allies
https://www.vice.com/en_us/article/88qvvp/nato-says-nord-stream-pipeline-was-sabotaged-promises-to-defend-its-allies
Hackers support Iranian dissidents. Notes on C2C markets. Cyberespionage campaigns. Intercepted mobile calls from Russian troops expose morale problems.
https://thecyberwire.com/podcasts/daily-podcast/1673/notes
Fast Company hacked to send obscene and racist messages
https://www.malwarebytes.com/blog/news/2022/09/fast-company-is-currently-investigating-how-it-got-hacked
Diavol resurfaces
https://malware.news/t/diavol-resurfaces/63801/1
ISC Stormcast For Friday, September 30th, 2022 https://isc.sans.edu/podcastdetail.html?id=8196, (Fri, Sep 30th)
https://malware.news/t/isc-stormcast-for-friday-september-30th-2022-https-isc-sans-edu-podcastdetail-html-id-8196-fri-sep-30th/63802/1
Researchers Uncover Covert Attack Campaign Targeting Military Contractors
https://thehackernews.com/2022/09/researchers-uncover-covert-attack.html
ISC StormCast for Friday, September 30th, 2022
https://isc.sans.edu/podcastdetail.html?id=8196
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
North Korea weaponizes open-source software.
Pyongyang is actively exploiting malicious open-source applications to prospect engineers and tech support personnel. And, as a bonus, there's some LinkedIn cafphishing going on, too.