Top Security News for 17/09/2022
Staged Payloads from Kali Linux | PT Phone Home – DNS
https://www.reddit.com/r/netsec/comments/xfko5c/staged_payloads_from_kali_linux_pt_phone_home_dns/
Uber responding to “cybersecurity incident” following reports of significant data breach
https://www.csoonline.com/article/3673942/uber-responding-to-cybersecurity-incident-following-reports-of-significant-data-breach.html#tk.rss_all
Uber Hack – What we know so far
https://malware.news/t/uber-hack-what-we-know-so-far/63447/1
North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application
https://thehackernews.com/2022/09/north-korean-hackers-spreading.html
White House Announces $1B in Cyber Funding for State and Local Governments
https://malware.news/t/white-house-announces-1b-in-cyber-funding-for-state-and-local-governments/63450/1
How to Use a UTM Solution & Win Time, Money and Resources
https://thehackernews.com/2022/09/how-to-use-utm-solution-win-time-money.html
Hackers Had Access to LastPass's Development Systems for Four Days
https://thehackernews.com/2022/09/hackers-had-access-to-lastpasss.html
How Belarusian hacktivists are using digital tools to fight back
https://malware.news/t/how-belarusian-hacktivists-are-using-digital-tools-to-fight-back/63451/1
DHS to Spend Almost $700,000 Investigating ‘Radicalization in Gaming’
https://www.vice.com/en_us/article/4ax4n3/dhs-to-spend-almost-dollar700000-investigating-radicalization-in-gaming
Restricted Access to Abortion Is a Threat to National Security, Study Finds
https://www.vice.com/en_us/article/5d353d/restricted-access-to-abortion-is-a-threat-to-national-security-study-finds
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Staged Payloads from Kali Linux | PT Phone Home – DNS
https://www.reddit.com/r/netsec/comments/xfko5c/staged_payloads_from_kali_linux_pt_phone_home_dns/
Uber responding to “cybersecurity incident” following reports of significant data breach
https://www.csoonline.com/article/3673942/uber-responding-to-cybersecurity-incident-following-reports-of-significant-data-breach.html#tk.rss_all
Uber Hack – What we know so far
https://malware.news/t/uber-hack-what-we-know-so-far/63447/1
North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application
https://thehackernews.com/2022/09/north-korean-hackers-spreading.html
White House Announces $1B in Cyber Funding for State and Local Governments
https://malware.news/t/white-house-announces-1b-in-cyber-funding-for-state-and-local-governments/63450/1
How to Use a UTM Solution & Win Time, Money and Resources
https://thehackernews.com/2022/09/how-to-use-utm-solution-win-time-money.html
Hackers Had Access to LastPass's Development Systems for Four Days
https://thehackernews.com/2022/09/hackers-had-access-to-lastpasss.html
How Belarusian hacktivists are using digital tools to fight back
https://malware.news/t/how-belarusian-hacktivists-are-using-digital-tools-to-fight-back/63451/1
DHS to Spend Almost $700,000 Investigating ‘Radicalization in Gaming’
https://www.vice.com/en_us/article/4ax4n3/dhs-to-spend-almost-dollar700000-investigating-radicalization-in-gaming
Restricted Access to Abortion Is a Threat to National Security, Study Finds
https://www.vice.com/en_us/article/5d353d/restricted-access-to-abortion-is-a-threat-to-national-security-study-finds
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Staged Payloads from Kali Linux | PT Phone Home – DNS
Posted in r/netsec by u/sanitybit • 2 points and 0 comments
Top Security News for 17/09/2022
API security—and even visibility—isn’t getting handled by enterprises
https://www.csoonline.com/article/3673974/api-securityand-even-visibilityisnt-getting-handled-by-enterprises.html#tk.rss_all
North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application
https://thehackernews.com/2022/09/north-korean-hackers-spreading.html
Restricted Access to Abortion Is a Threat to National Security, Study Finds
https://www.vice.com/en_us/article/5d353d/restricted-access-to-abortion-is-a-threat-to-national-security-study-finds
HPE security advisory (AV22-521)
https://malware.news/t/hpe-security-advisory-av22-521/63448/1
Trojanized Versions Of PuTTY Being Used To Spread Backdoor
https://packetstormsecurity.com/news/view/33849/Trojanized-Versions-Of-PuTTY-Being-Used-To-Spread-Backdoor.html
Diana Kelley, CSO & Co-founder of Cybrize to discuss the need for innovation and entrepreneurship in cybersecurity.
https://thecyberwire.com/podcasts/interview-selects/128/notes
DHS to Spend Almost $700,000 Investigating ‘Radicalization in Gaming’
https://www.vice.com/en_us/article/4ax4n3/dhs-to-spend-almost-dollar700000-investigating-radicalization-in-gaming
cloudvelo: An experimental Velociraptor implementation using cloud infrastructure
https://www.reddit.com/r/netsec/comments/xg0ocl/cloudvelo_an_experimental_velociraptor/
Uber hacked, internal systems and confidential documents were allegedly compromised
https://securityaffairs.co/wordpress/135811/data-breach/uber-hacked-systems-allegedly-compromised.html
How Belarusian hacktivists are using digital tools to fight back
https://malware.news/t/how-belarusian-hacktivists-are-using-digital-tools-to-fight-back/63451/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
API security—and even visibility—isn’t getting handled by enterprises
https://www.csoonline.com/article/3673974/api-securityand-even-visibilityisnt-getting-handled-by-enterprises.html#tk.rss_all
North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application
https://thehackernews.com/2022/09/north-korean-hackers-spreading.html
Restricted Access to Abortion Is a Threat to National Security, Study Finds
https://www.vice.com/en_us/article/5d353d/restricted-access-to-abortion-is-a-threat-to-national-security-study-finds
HPE security advisory (AV22-521)
https://malware.news/t/hpe-security-advisory-av22-521/63448/1
Trojanized Versions Of PuTTY Being Used To Spread Backdoor
https://packetstormsecurity.com/news/view/33849/Trojanized-Versions-Of-PuTTY-Being-Used-To-Spread-Backdoor.html
Diana Kelley, CSO & Co-founder of Cybrize to discuss the need for innovation and entrepreneurship in cybersecurity.
https://thecyberwire.com/podcasts/interview-selects/128/notes
DHS to Spend Almost $700,000 Investigating ‘Radicalization in Gaming’
https://www.vice.com/en_us/article/4ax4n3/dhs-to-spend-almost-dollar700000-investigating-radicalization-in-gaming
cloudvelo: An experimental Velociraptor implementation using cloud infrastructure
https://www.reddit.com/r/netsec/comments/xg0ocl/cloudvelo_an_experimental_velociraptor/
Uber hacked, internal systems and confidential documents were allegedly compromised
https://securityaffairs.co/wordpress/135811/data-breach/uber-hacked-systems-allegedly-compromised.html
How Belarusian hacktivists are using digital tools to fight back
https://malware.news/t/how-belarusian-hacktivists-are-using-digital-tools-to-fight-back/63451/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO Online
API security—and even visibility—isn’t getting handled by enterprises
A new survey highlights the widespread nature of API security incidents and the lack of full inventories of potentially dangerous APIs.
Top Security News for 18/09/2022
3 ways MDR can drive business growth for MSPs
https://www.malwarebytes.com/blog/business/2022/09/3-ways-mdr-can-drive-business-growth-for-msps
Video: Analyzing Obfuscated VBS with CyberChef, (Sat, Sep 17th)
https://isc.sans.edu/diary/rss/29058
EU moves to protect journalists from spyware
https://malware.news/t/eu-moves-to-protect-journalists-from-spyware/63455/1
LLVM Passes for Security: A Brief Introduction (Part 1/4)
https://www.reddit.com/r/netsec/comments/xgxs7q/llvm_passes_for_security_a_brief_introduction/
requests-ip-rotator: A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
https://www.reddit.com/r/netsec/comments/xh40q2/requestsiprotator_a_python_library_to_utilize_aws/
Virtual FIDO is a virtual USB device that implements the FIDO2/U2F protocol (like a YubiKey) in order to support 2FA and WebAuthN.
https://www.reddit.com/r/netsec/comments/xh3bae/virtual_fido_is_a_virtual_usb_device_that/
Lockbit’s bounty: consequences matter
https://diablohorn.com/2022/09/18/lockbits-bounty-consequences-matter/
Security Affairs newsletter Round 384
https://securityaffairs.co/wordpress/135877/breaking-news/security-affairs-newsletter-round-384.html
Uber Claims No Sensitive Data Exposed in Latest Breach… But There's More to This
https://thehackernews.com/2022/09/uber-claims-no-sensitive-data-exposed.html
Jaya Baloo: Don't be afraid to bounce ideas off your teammates. [CISO]
https://thecyberwire.com/podcasts/career-notes/117/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
3 ways MDR can drive business growth for MSPs
https://www.malwarebytes.com/blog/business/2022/09/3-ways-mdr-can-drive-business-growth-for-msps
Video: Analyzing Obfuscated VBS with CyberChef, (Sat, Sep 17th)
https://isc.sans.edu/diary/rss/29058
EU moves to protect journalists from spyware
https://malware.news/t/eu-moves-to-protect-journalists-from-spyware/63455/1
LLVM Passes for Security: A Brief Introduction (Part 1/4)
https://www.reddit.com/r/netsec/comments/xgxs7q/llvm_passes_for_security_a_brief_introduction/
requests-ip-rotator: A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
https://www.reddit.com/r/netsec/comments/xh40q2/requestsiprotator_a_python_library_to_utilize_aws/
Virtual FIDO is a virtual USB device that implements the FIDO2/U2F protocol (like a YubiKey) in order to support 2FA and WebAuthN.
https://www.reddit.com/r/netsec/comments/xh3bae/virtual_fido_is_a_virtual_usb_device_that/
Lockbit’s bounty: consequences matter
https://diablohorn.com/2022/09/18/lockbits-bounty-consequences-matter/
Security Affairs newsletter Round 384
https://securityaffairs.co/wordpress/135877/breaking-news/security-affairs-newsletter-round-384.html
Uber Claims No Sensitive Data Exposed in Latest Breach… But There's More to This
https://thehackernews.com/2022/09/uber-claims-no-sensitive-data-exposed.html
Jaya Baloo: Don't be afraid to bounce ideas off your teammates. [CISO]
https://thecyberwire.com/podcasts/career-notes/117/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
3 ways MDR can drive business growth for MSPs
With the rising demand for Managed Detection and Response (MDR), MSPs are in position to grow their business in several ways. In this post, we’ll look at three ways MDR can drive business growth for MSPs.
Top Security News for 19/09/2022
Preventing ISO Malware , (Sun, Sep 18th)
https://malware.news/t/preventing-iso-malware-sun-sep-18th/63459/1
Update: strings.py Version 0.0.8
https://malware.news/t/update-strings-py-version-0-0-8/63458/1
Uber says there is no evidence that users’ private information was compromised
https://securityaffairs.co/wordpress/135876/data-breach/uber-data-breach-update.html
Fake google drive desktop malware started a Google Ads campaign.
https://www.reddit.com/r/Malware/comments/xhbzmi/fake_google_drive_desktop_malware_started_a/
ISC Stormcast For Monday, September 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8178, (Mon, Sep 19th)
https://malware.news/t/isc-stormcast-for-monday-september-19th-2022-https-isc-sans-edu-podcastdetail-html-id-8178-mon-sep-19th/63460/1
ISC StormCast for Monday, September 19th, 2022
https://isc.sans.edu/podcastdetail.html?id=8178
Risk Forecasting with Bayes Rule: A practical example.
https://thecyberwire.com/stories/3cf992726ebd489db4a45529f0ba1bc5/risk-forecasting-with-bayes-rule-a-practical-example
Netgear Routers impacted by FunJSQ Game Acceleration Module flaw
https://securityaffairs.co/wordpress/135887/security/netgear-game-acceleration-module-flaw.html
TeamTNT is back and targets servers to run Bitcoin encryption solvers
https://securityaffairs.co/wordpress/135911/cyber-crime/teamtnt-is-back-encryption-solvers.html
Developments in the case of the Uber breach.
https://thecyberwire.com/stories/ac8a9e6a20584c7bb8cfc7434d6d001e/developments-in-the-case-of-the-uber-breach
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Preventing ISO Malware , (Sun, Sep 18th)
https://malware.news/t/preventing-iso-malware-sun-sep-18th/63459/1
Update: strings.py Version 0.0.8
https://malware.news/t/update-strings-py-version-0-0-8/63458/1
Uber says there is no evidence that users’ private information was compromised
https://securityaffairs.co/wordpress/135876/data-breach/uber-data-breach-update.html
Fake google drive desktop malware started a Google Ads campaign.
https://www.reddit.com/r/Malware/comments/xhbzmi/fake_google_drive_desktop_malware_started_a/
ISC Stormcast For Monday, September 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8178, (Mon, Sep 19th)
https://malware.news/t/isc-stormcast-for-monday-september-19th-2022-https-isc-sans-edu-podcastdetail-html-id-8178-mon-sep-19th/63460/1
ISC StormCast for Monday, September 19th, 2022
https://isc.sans.edu/podcastdetail.html?id=8178
Risk Forecasting with Bayes Rule: A practical example.
https://thecyberwire.com/stories/3cf992726ebd489db4a45529f0ba1bc5/risk-forecasting-with-bayes-rule-a-practical-example
Netgear Routers impacted by FunJSQ Game Acceleration Module flaw
https://securityaffairs.co/wordpress/135887/security/netgear-game-acceleration-module-flaw.html
TeamTNT is back and targets servers to run Bitcoin encryption solvers
https://securityaffairs.co/wordpress/135911/cyber-crime/teamtnt-is-back-encryption-solvers.html
Developments in the case of the Uber breach.
https://thecyberwire.com/stories/ac8a9e6a20584c7bb8cfc7434d6d001e/developments-in-the-case-of-the-uber-breach
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Preventing ISO Malware , (Sun, Sep 18th)
In the last few weeks, I’ve seen a significant uptick in systems infected with Chromeloader malware. This malware is a malicious extension for your browser, redirecting it to ad sites and hijacking searches. But with the success of this technique recently…
Top Security News for 20/09/2022
GTA 6 source code and videos leaked after Rockstar Games hack
https://www.reddit.com/r/netsec/comments/xi4ls7/gta_6_source_code_and_videos_leaked_after/
Collaboration is key to balance customer experience with security, privacy
https://www.csoonline.com/article/3673943/collaboration-is-key-to-balance-customer-experience-with-security-privacy.html#tk.rss_all
Deconstructing Florian's Bicycle
https://malware.news/t/deconstructing-florians-bicycle/63490/1
Tentative attribution in the Uber breach.
https://thecyberwire.com/stories/fc212676e8e34ca18d77680a7c46b043/tentative-attribution-in-the-uber-breach
A week in security (September 12 – 18)
https://www.malwarebytes.com/blog/news/2022/09/a-week-in-security-september-12--18
ISC Stormcast For Tuesday, September 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8180, (Tue, Sep 20th)
https://malware.news/t/isc-stormcast-for-tuesday-september-20th-2022-https-isc-sans-edu-podcastdetail-html-id-8180-tue-sep-20th/63491/1
International cooperation is key to fighting threat actors and cybercrime
https://www.csoonline.com/article/3673748/international-cooperation-is-key-to-fighting-threat-actors-and-cybercrime.html#tk.rss_all
The new DOJ Law Enforcement Crypto Reports (TL;DR)
https://malware.news/t/the-new-doj-law-enforcement-crypto-reports-tl-dr/63495/1
Microsoft Teams' GIFShell Attack: What Is It and How You Can Protect Yourself from It
https://thehackernews.com/2022/09/microsoft-teams-gifshell-attack-what-is.html
Amazon Driver Fired for Posting Photo of Customer’s Dildo to Reddit
https://www.vice.com/en_us/article/epzabm/amazon-driver-fired-for-posting-photo-of-customers-dildo-to-reddit
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
GTA 6 source code and videos leaked after Rockstar Games hack
https://www.reddit.com/r/netsec/comments/xi4ls7/gta_6_source_code_and_videos_leaked_after/
Collaboration is key to balance customer experience with security, privacy
https://www.csoonline.com/article/3673943/collaboration-is-key-to-balance-customer-experience-with-security-privacy.html#tk.rss_all
Deconstructing Florian's Bicycle
https://malware.news/t/deconstructing-florians-bicycle/63490/1
Tentative attribution in the Uber breach.
https://thecyberwire.com/stories/fc212676e8e34ca18d77680a7c46b043/tentative-attribution-in-the-uber-breach
A week in security (September 12 – 18)
https://www.malwarebytes.com/blog/news/2022/09/a-week-in-security-september-12--18
ISC Stormcast For Tuesday, September 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8180, (Tue, Sep 20th)
https://malware.news/t/isc-stormcast-for-tuesday-september-20th-2022-https-isc-sans-edu-podcastdetail-html-id-8180-tue-sep-20th/63491/1
International cooperation is key to fighting threat actors and cybercrime
https://www.csoonline.com/article/3673748/international-cooperation-is-key-to-fighting-threat-actors-and-cybercrime.html#tk.rss_all
The new DOJ Law Enforcement Crypto Reports (TL;DR)
https://malware.news/t/the-new-doj-law-enforcement-crypto-reports-tl-dr/63495/1
Microsoft Teams' GIFShell Attack: What Is It and How You Can Protect Yourself from It
https://thehackernews.com/2022/09/microsoft-teams-gifshell-attack-what-is.html
Amazon Driver Fired for Posting Photo of Customer’s Dildo to Reddit
https://www.vice.com/en_us/article/epzabm/amazon-driver-fired-for-posting-photo-of-customers-dildo-to-reddit
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
GTA 6 source code and videos leaked after Rockstar Games hack
Posted in r/netsec by u/CyberMasterV • 181 points and 24 comments
Top Security News for 21/09/2022
Major movements in US digital asset guidance. Cybersecurity in the “Giant of Africa.” Does Japan need a cyber ministry?
https://thecyberwire.com/newsletters/policy-briefing/4/181
ISC StormCast for Wednesday, September 21st, 2022
https://isc.sans.edu/podcastdetail.html?id=8182
kubernetes-sec-alert: Track Kubernetes CVEs by native GitHub notifications!
https://www.reddit.com/r/netsec/comments/xh8fr6/kubernetessecalert_track_kubernetes_cves_by/
Phishing Campaigns Use Free Online Resources, (Wed, Sep 21st)
https://malware.news/t/phishing-campaigns-use-free-online-resources-wed-sep-21st/63535/1
Grand Theft Auto 6 suffers grand theft
https://www.malwarebytes.com/blog/news/2022/09/grand-theft-auto-6-suffers-grand-theft
CISA, Claroty highlight severe vulnerabilities in popular power distribution unit product
https://malware.news/t/cisa-claroty-highlight-severe-vulnerabilities-in-popular-power-distribution-unit-product/63531/1
ASEC Weekly Malware Statistics (September 5th, 2022 – September 11th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-september-5th-2022-september-11th-2022/63532/1
Phishing Campaigns Use Free Online Resources, (Wed, Sep 21st)
https://isc.sans.edu/diary/rss/29074
Palo Alto adds software composition analysis to Prisma Cloud to boost open-source security
https://www.csoonline.com/article/3673901/palo-alto-adds-software-composition-analysis-to-prisma-cloud-to-boost-open-source-security.html#tk.rss_all
Most common SAP vulnerabilities attackers try to exploit
https://www.csoonline.com/article/3674119/most-common-sap-vulnerabilities-attackers-try-to-exploit.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Major movements in US digital asset guidance. Cybersecurity in the “Giant of Africa.” Does Japan need a cyber ministry?
https://thecyberwire.com/newsletters/policy-briefing/4/181
ISC StormCast for Wednesday, September 21st, 2022
https://isc.sans.edu/podcastdetail.html?id=8182
kubernetes-sec-alert: Track Kubernetes CVEs by native GitHub notifications!
https://www.reddit.com/r/netsec/comments/xh8fr6/kubernetessecalert_track_kubernetes_cves_by/
Phishing Campaigns Use Free Online Resources, (Wed, Sep 21st)
https://malware.news/t/phishing-campaigns-use-free-online-resources-wed-sep-21st/63535/1
Grand Theft Auto 6 suffers grand theft
https://www.malwarebytes.com/blog/news/2022/09/grand-theft-auto-6-suffers-grand-theft
CISA, Claroty highlight severe vulnerabilities in popular power distribution unit product
https://malware.news/t/cisa-claroty-highlight-severe-vulnerabilities-in-popular-power-distribution-unit-product/63531/1
ASEC Weekly Malware Statistics (September 5th, 2022 – September 11th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-september-5th-2022-september-11th-2022/63532/1
Phishing Campaigns Use Free Online Resources, (Wed, Sep 21st)
https://isc.sans.edu/diary/rss/29074
Palo Alto adds software composition analysis to Prisma Cloud to boost open-source security
https://www.csoonline.com/article/3673901/palo-alto-adds-software-composition-analysis-to-prisma-cloud-to-boost-open-source-security.html#tk.rss_all
Most common SAP vulnerabilities attackers try to exploit
https://www.csoonline.com/article/3674119/most-common-sap-vulnerabilities-attackers-try-to-exploit.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Major movements in US digital asset guidance. Cybersecurity in the “Giant of Africa.” Does Japan need a cyber ministry?
Top Security News for 22/09/2022
ISC Stormcast For Thursday, September 22nd, 2022 https://isc.sans.edu/podcastdetail.html?id=8184, (Thu, Sep 22nd)
https://isc.sans.edu/diary/rss/29076
Record DDoS Attack with 25.3 Billion Requests Abused HTTP/2 Multiplexing
https://thehackernews.com/2022/09/record-ddos-attack-with-253-billion.html
Quickpost: Tuning The Electric Energy Consumption Of My TV
https://malware.news/t/quickpost-tuning-the-electric-energy-consumption-of-my-tv/63566/1
Former Broadcom engineer gets eight months in prison for trade secrets theft
https://www.networkworld.com/article/3674316/former-broadcom-engineer-gets-eight-months-in-prison-for-trade-secrets-theft.html#tk.rss_all
FilelessRemotePE: Loading fileless remote PE from URI to memory
https://www.reddit.com/r/netsec/comments/xkkxlb/filelessremotepe_loading_fileless_remote_pe_from/
How will cybersecurity insurance change in the coming years?
https://thecyberwire.com/podcasts/caveat/142/notes
User claim he hacked a Lockbit Server and release builder & more
https://www.reddit.com/r/netsec/comments/xk1lc9/user_claim_he_hacked_a_lockbit_server_and_release/
Critical Remote Hack Flaws Found in Dataprobe's Power Distribution Units
https://thehackernews.com/2022/09/critical-remote-hack-flaws-found-in.html
BrandPost: Great Cyber Hygiene Starts with a Culture of Security Awareness
https://www.csoonline.com/article/3674628/great-cyber-hygiene-starts-with-a-culture-of-security-awareness.html#tk.rss_all
Scammers send fake 'Energy Bills Support Scheme' texts
https://www.malwarebytes.com/blog/news/2022/09/energy-scammers-send-fake-energy-bills-support-scheme-texts
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Thursday, September 22nd, 2022 https://isc.sans.edu/podcastdetail.html?id=8184, (Thu, Sep 22nd)
https://isc.sans.edu/diary/rss/29076
Record DDoS Attack with 25.3 Billion Requests Abused HTTP/2 Multiplexing
https://thehackernews.com/2022/09/record-ddos-attack-with-253-billion.html
Quickpost: Tuning The Electric Energy Consumption Of My TV
https://malware.news/t/quickpost-tuning-the-electric-energy-consumption-of-my-tv/63566/1
Former Broadcom engineer gets eight months in prison for trade secrets theft
https://www.networkworld.com/article/3674316/former-broadcom-engineer-gets-eight-months-in-prison-for-trade-secrets-theft.html#tk.rss_all
FilelessRemotePE: Loading fileless remote PE from URI to memory
https://www.reddit.com/r/netsec/comments/xkkxlb/filelessremotepe_loading_fileless_remote_pe_from/
How will cybersecurity insurance change in the coming years?
https://thecyberwire.com/podcasts/caveat/142/notes
User claim he hacked a Lockbit Server and release builder & more
https://www.reddit.com/r/netsec/comments/xk1lc9/user_claim_he_hacked_a_lockbit_server_and_release/
Critical Remote Hack Flaws Found in Dataprobe's Power Distribution Units
https://thehackernews.com/2022/09/critical-remote-hack-flaws-found-in.html
BrandPost: Great Cyber Hygiene Starts with a Culture of Security Awareness
https://www.csoonline.com/article/3674628/great-cyber-hygiene-starts-with-a-culture-of-security-awareness.html#tk.rss_all
Scammers send fake 'Energy Bills Support Scheme' texts
https://www.malwarebytes.com/blog/news/2022/09/energy-scammers-send-fake-energy-bills-support-scheme-texts
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Thursday, September 22nd, 2022 - SANS ISC
👍2
Top Security News for 27/09/2022
Twitter fixes bug that left devices logged in after password reset
https://www.malwarebytes.com/blog/news/2022/09/twitter-fixes-bug-that-left-devices-logged-in-after-password-reset
The weaponisation of information
https://malware.news/t/the-weaponisation-of-information/63685/1
A study of cracked passwords from breaches demonstrates which geographical factors have the most impact on password strength
https://www.reddit.com/r/netsec/comments/xon5mo/a_study_of_cracked_passwords_from_breaches/
When Athletic Abilities Just Aren't Enough - Scoreboard Hacking Part 2
https://www.reddit.com/r/netsec/comments/xol9v3/when_athletic_abilities_just_arent_enough/
Jeremy Corbyn Plays ‘Doom’ Mod About Killing Margaret Thatcher
https://www.vice.com/en_us/article/m7gpa4/jeremy-corbyn-plays-doom-mod-about-killing-margret-thatcher
Attorney general says FBI is working on Optus data breach – video
https://www.theguardian.com/business/video/2022/sep/27/attorney-general-says-fbi-is-working-on-optus-data-breach-video
Kingpins of sexual exploitation gang arrested in Berlin
https://malware.news/t/kingpins-of-sexual-exploitation-gang-arrested-in-berlin/63686/1
Windows 11 pulls ahead of Windows 10 in anti-phishing stakes
https://www.malwarebytes.com/blog/news/2022/09/windows-11-pulls-ahead-of-windows-10-in-anti-phishing-stakes
BrandPost: Extortion Economics: Ransomware’s New Business Model
https://www.csoonline.com/article/3674773/extortion-economics-ransomware-s-new-business-model.html#tk.rss_all
Government flags new cybersecurity laws and increase in fines after Optus breach
https://www.theguardian.com/business/2022/sep/27/government-flags-new-cybersecurity-laws-and-increase-in-fines-after-optus-breach
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Twitter fixes bug that left devices logged in after password reset
https://www.malwarebytes.com/blog/news/2022/09/twitter-fixes-bug-that-left-devices-logged-in-after-password-reset
The weaponisation of information
https://malware.news/t/the-weaponisation-of-information/63685/1
A study of cracked passwords from breaches demonstrates which geographical factors have the most impact on password strength
https://www.reddit.com/r/netsec/comments/xon5mo/a_study_of_cracked_passwords_from_breaches/
When Athletic Abilities Just Aren't Enough - Scoreboard Hacking Part 2
https://www.reddit.com/r/netsec/comments/xol9v3/when_athletic_abilities_just_arent_enough/
Jeremy Corbyn Plays ‘Doom’ Mod About Killing Margaret Thatcher
https://www.vice.com/en_us/article/m7gpa4/jeremy-corbyn-plays-doom-mod-about-killing-margret-thatcher
Attorney general says FBI is working on Optus data breach – video
https://www.theguardian.com/business/video/2022/sep/27/attorney-general-says-fbi-is-working-on-optus-data-breach-video
Kingpins of sexual exploitation gang arrested in Berlin
https://malware.news/t/kingpins-of-sexual-exploitation-gang-arrested-in-berlin/63686/1
Windows 11 pulls ahead of Windows 10 in anti-phishing stakes
https://www.malwarebytes.com/blog/news/2022/09/windows-11-pulls-ahead-of-windows-10-in-anti-phishing-stakes
BrandPost: Extortion Economics: Ransomware’s New Business Model
https://www.csoonline.com/article/3674773/extortion-economics-ransomware-s-new-business-model.html#tk.rss_all
Government flags new cybersecurity laws and increase in fines after Optus breach
https://www.theguardian.com/business/2022/sep/27/government-flags-new-cybersecurity-laws-and-increase-in-fines-after-optus-breach
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Twitter fixes bug that left devices logged in after password reset
Twitter says it has fixed a bug that meant users weren't logged out of active sessions on all devices after manually resetting their passwords.
👍1
Top Security News for 28/09/2022
Over Half of Operating Systems at VA Medical Center in Texas are Outdated, Watchdog Finds
https://malware.news/t/over-half-of-operating-systems-at-va-medical-center-in-texas-are-outdated-watchdog-finds/63712/1
Ken Thompson Really Did Launch His "Trusting Trust" Trojan Attack in Real Life
https://www.reddit.com/r/netsec/comments/xprmnz/ken_thompson_really_did_launch_his_trusting_trust/
Ukraine's Defense Intelligence warns of coming Russian cyberattacks against infrastructure. Next moves for Lapsus$? Cashout scams and neglected wallets. Developments in the Optus breach.
https://thecyberwire.com/podcasts/daily-podcast/1671/notes
Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely
https://thehackernews.com/2022/09/critical-whatsapp-bugs-could-have-let.html
ISC Stormcast For Wednesday, September 28th, 2022 https://isc.sans.edu/podcastdetail.html?id=8192, (Wed, Sep 28th)
https://malware.news/t/isc-stormcast-for-wednesday-september-28th-2022-https-isc-sans-edu-podcastdetail-html-id-8192-wed-sep-28th/63714/1
ISC Stormcast For Wednesday, September 28th, 2022 https://isc.sans.edu/podcastdetail.html?id=8192, (Wed, Sep 28th)
https://isc.sans.edu/diary/rss/29096
Detecting and Mitigating the GateKeeper User Override on macOS in an Enterprise Environment
https://www.reddit.com/r/netsec/comments/xprf0s/detecting_and_mitigating_the_gatekeeper_user/
A technical analysis of Pegasus for Android – Part 2
https://www.reddit.com/r/netsec/comments/xpg78b/a_technical_analysis_of_pegasus_for_android_part_2/
The difference between signature-based and behavioural detections
https://www.reddit.com/r/netsec/comments/xpsci2/the_difference_between_signaturebased_and/
Apakah ada yang siap mengajari saya
https://0x00sec.org/t/apakah-ada-yang-siap-mengajari-saya/31440
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Over Half of Operating Systems at VA Medical Center in Texas are Outdated, Watchdog Finds
https://malware.news/t/over-half-of-operating-systems-at-va-medical-center-in-texas-are-outdated-watchdog-finds/63712/1
Ken Thompson Really Did Launch His "Trusting Trust" Trojan Attack in Real Life
https://www.reddit.com/r/netsec/comments/xprmnz/ken_thompson_really_did_launch_his_trusting_trust/
Ukraine's Defense Intelligence warns of coming Russian cyberattacks against infrastructure. Next moves for Lapsus$? Cashout scams and neglected wallets. Developments in the Optus breach.
https://thecyberwire.com/podcasts/daily-podcast/1671/notes
Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely
https://thehackernews.com/2022/09/critical-whatsapp-bugs-could-have-let.html
ISC Stormcast For Wednesday, September 28th, 2022 https://isc.sans.edu/podcastdetail.html?id=8192, (Wed, Sep 28th)
https://malware.news/t/isc-stormcast-for-wednesday-september-28th-2022-https-isc-sans-edu-podcastdetail-html-id-8192-wed-sep-28th/63714/1
ISC Stormcast For Wednesday, September 28th, 2022 https://isc.sans.edu/podcastdetail.html?id=8192, (Wed, Sep 28th)
https://isc.sans.edu/diary/rss/29096
Detecting and Mitigating the GateKeeper User Override on macOS in an Enterprise Environment
https://www.reddit.com/r/netsec/comments/xprf0s/detecting_and_mitigating_the_gatekeeper_user/
A technical analysis of Pegasus for Android – Part 2
https://www.reddit.com/r/netsec/comments/xpg78b/a_technical_analysis_of_pegasus_for_android_part_2/
The difference between signature-based and behavioural detections
https://www.reddit.com/r/netsec/comments/xpsci2/the_difference_between_signaturebased_and/
Apakah ada yang siap mengajari saya
https://0x00sec.org/t/apakah-ada-yang-siap-mengajari-saya/31440
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Over Half of Operating Systems at VA Medical Center in Texas are Outdated, Watchdog Finds
An audit conducted by the VA’s Office of Inspector General found unaddressed security vulnerabilities and deficient devices at the Harlingen VA Health Care Center. Article Link: Over Half of Operating Systems at VA Medical Center in Texas are Outdated, Watchdog…
Top Security News for 29/09/2022
Breaking down the Gramm-Leach-Bliley Act.
https://thecyberwire.com/podcasts/caveat/143/notes
16 Wall Street firms fined $1.8B for using private text apps, lying about it
https://www.computerworld.com/article/3675289/16-wall-street-firms-fined-18b-for-using-private-text-apps-lying-about-it.html#tk.rss_all
How cybercriminals use public online and offline data to target employees
https://www.csoonline.com/article/3674770/how-cybercriminals-use-public-online-and-offline-data-to-target-employees.html#tk.rss_all
ISC Stormcast For Thursday, September 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8194, (Thu, Sep 29th)
https://malware.news/t/isc-stormcast-for-thursday-september-29th-2022-https-isc-sans-edu-podcastdetail-html-id-8194-thu-sep-29th/63757/1
Australia news live: Optus breach a ‘wakeup call’, minister says, as telco contacts 14,900 customers with exposed Medicare ID
https://www.theguardian.com/australia-news/live/2022/sep/29/australia-news-live-politics-optus-medicare-fuel-excise-anthony-albanese-labor-liberal-indigenous-voice-cost-of-living-weather
Kerberos: New Attack Paths? AS Requested Service Tickets
https://www.reddit.com/r/netsec/comments/xqoele/kerberos_new_attack_paths_as_requested_service/
Meta dismantled the largest Russian network since the war in Ukraine began
https://securityaffairs.co/wordpress/136326/social-networks/meta-dismantled-russian-network.html
Facebook Shuts Down Covert Political 'Influence Operations' from Russia and China
https://thehackernews.com/2022/09/facebook-shuts-down-covert-political.html
Moving Faster - Securely. Why Your Org Should Add Security to your DevOps Program
https://thecyberwire.com/podcasts/security-sandbox/19/notes
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/28-09-2022
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Breaking down the Gramm-Leach-Bliley Act.
https://thecyberwire.com/podcasts/caveat/143/notes
16 Wall Street firms fined $1.8B for using private text apps, lying about it
https://www.computerworld.com/article/3675289/16-wall-street-firms-fined-18b-for-using-private-text-apps-lying-about-it.html#tk.rss_all
How cybercriminals use public online and offline data to target employees
https://www.csoonline.com/article/3674770/how-cybercriminals-use-public-online-and-offline-data-to-target-employees.html#tk.rss_all
ISC Stormcast For Thursday, September 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8194, (Thu, Sep 29th)
https://malware.news/t/isc-stormcast-for-thursday-september-29th-2022-https-isc-sans-edu-podcastdetail-html-id-8194-thu-sep-29th/63757/1
Australia news live: Optus breach a ‘wakeup call’, minister says, as telco contacts 14,900 customers with exposed Medicare ID
https://www.theguardian.com/australia-news/live/2022/sep/29/australia-news-live-politics-optus-medicare-fuel-excise-anthony-albanese-labor-liberal-indigenous-voice-cost-of-living-weather
Kerberos: New Attack Paths? AS Requested Service Tickets
https://www.reddit.com/r/netsec/comments/xqoele/kerberos_new_attack_paths_as_requested_service/
Meta dismantled the largest Russian network since the war in Ukraine began
https://securityaffairs.co/wordpress/136326/social-networks/meta-dismantled-russian-network.html
Facebook Shuts Down Covert Political 'Influence Operations' from Russia and China
https://thehackernews.com/2022/09/facebook-shuts-down-covert-political.html
Moving Faster - Securely. Why Your Org Should Add Security to your DevOps Program
https://thecyberwire.com/podcasts/security-sandbox/19/notes
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/28-09-2022
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Breaking down the Gramm-Leach-Bliley Act.
Guest Bob Maley from Black Kite joins Dave to discuss the Gramm-Leach-Bliley Act (GLBA), federal regulation that requires financial institutions to safeguard sensitive customer information. Ben discusses a new lawsuit filed against a local public utility…
Top Security News for 30/09/2022
North Korea weaponizes open-source software.
https://thecyberwire.com/stories/b82102c41d8f43dba308d469d86edc37/north-korea-weaponizes-open-source-software
New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server
https://www.reddit.com/r/netsec/comments/xrh7f0/new_attack_campaign_utilized_a_new_0day_rce/
Want to study for ethical hacking? You can with this $35 certification bundle
https://malware.news/t/want-to-study-for-ethical-hacking-you-can-with-this-35-certification-bundle/63803/1
NATO Says Nord Stream Pipeline Was Sabotaged, Promises to Defend Its Allies
https://www.vice.com/en_us/article/88qvvp/nato-says-nord-stream-pipeline-was-sabotaged-promises-to-defend-its-allies
Hackers support Iranian dissidents. Notes on C2C markets. Cyberespionage campaigns. Intercepted mobile calls from Russian troops expose morale problems.
https://thecyberwire.com/podcasts/daily-podcast/1673/notes
Fast Company hacked to send obscene and racist messages
https://www.malwarebytes.com/blog/news/2022/09/fast-company-is-currently-investigating-how-it-got-hacked
Diavol resurfaces
https://malware.news/t/diavol-resurfaces/63801/1
ISC Stormcast For Friday, September 30th, 2022 https://isc.sans.edu/podcastdetail.html?id=8196, (Fri, Sep 30th)
https://malware.news/t/isc-stormcast-for-friday-september-30th-2022-https-isc-sans-edu-podcastdetail-html-id-8196-fri-sep-30th/63802/1
Researchers Uncover Covert Attack Campaign Targeting Military Contractors
https://thehackernews.com/2022/09/researchers-uncover-covert-attack.html
ISC StormCast for Friday, September 30th, 2022
https://isc.sans.edu/podcastdetail.html?id=8196
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
North Korea weaponizes open-source software.
https://thecyberwire.com/stories/b82102c41d8f43dba308d469d86edc37/north-korea-weaponizes-open-source-software
New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server
https://www.reddit.com/r/netsec/comments/xrh7f0/new_attack_campaign_utilized_a_new_0day_rce/
Want to study for ethical hacking? You can with this $35 certification bundle
https://malware.news/t/want-to-study-for-ethical-hacking-you-can-with-this-35-certification-bundle/63803/1
NATO Says Nord Stream Pipeline Was Sabotaged, Promises to Defend Its Allies
https://www.vice.com/en_us/article/88qvvp/nato-says-nord-stream-pipeline-was-sabotaged-promises-to-defend-its-allies
Hackers support Iranian dissidents. Notes on C2C markets. Cyberespionage campaigns. Intercepted mobile calls from Russian troops expose morale problems.
https://thecyberwire.com/podcasts/daily-podcast/1673/notes
Fast Company hacked to send obscene and racist messages
https://www.malwarebytes.com/blog/news/2022/09/fast-company-is-currently-investigating-how-it-got-hacked
Diavol resurfaces
https://malware.news/t/diavol-resurfaces/63801/1
ISC Stormcast For Friday, September 30th, 2022 https://isc.sans.edu/podcastdetail.html?id=8196, (Fri, Sep 30th)
https://malware.news/t/isc-stormcast-for-friday-september-30th-2022-https-isc-sans-edu-podcastdetail-html-id-8196-fri-sep-30th/63802/1
Researchers Uncover Covert Attack Campaign Targeting Military Contractors
https://thehackernews.com/2022/09/researchers-uncover-covert-attack.html
ISC StormCast for Friday, September 30th, 2022
https://isc.sans.edu/podcastdetail.html?id=8196
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
North Korea weaponizes open-source software.
Pyongyang is actively exploiting malicious open-source applications to prospect engineers and tech support personnel. And, as a bonus, there's some LinkedIn cafphishing going on, too.
Top Security News for 01/10/2022
Why cybersecurity is a shared responsibility: How security leaders can engage end users to alleviate SOC analyst burnout.
https://thecyberwire.com/stories/4d68f768907f4e83ae4f6aa231c166f5/why-cybersecurity-is-a-shared-responsibility-how-security-leaders-can-engage-end-users-to-alleviate-soc-analyst-burnout
Albania explains its reasons for severing relations with Iran. Cashout scam targets forgotten crypto accounts. Next moves for Lapsus$?
https://thecyberwire.com/newsletters/week-that-was/6/39
Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild
https://thehackernews.com/2022/09/microsoft-confirms-2-new-exchange-zero.html
Tech Explainer | What is DLL Sideloading?
https://malware.news/t/tech-explainer-what-is-dll-sideloading/63833/1
A look back at Insider Threat Month: advice from industry experts.
https://thecyberwire.com
What I learnt from reading 220 IDOR bug reports.
https://www.reddit.com/r/netsec/comments/xs0a44/what_i_learnt_from_reading_220_idor_bug_reports/
Cyber Attacks Against Middle East Governments Hide Malware in Windows logo
https://thehackernews.com/2022/09/cyber-attacks-against-middle-east.html
US DoD announced the results of the Hack US bug bounty challenge
https://securityaffairs.co/wordpress/136462/hacking/dod-hack-us-results.html
NIST on cyber careers. CISA TLP update. US candidate will lead ITU. Curbing foreign spyware.
https://thecyberwire.com/newsletters/policy-briefing/4/189
North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks
https://thehackernews.com/2022/09/north-korean-hackers-weaponizing-open.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Why cybersecurity is a shared responsibility: How security leaders can engage end users to alleviate SOC analyst burnout.
https://thecyberwire.com/stories/4d68f768907f4e83ae4f6aa231c166f5/why-cybersecurity-is-a-shared-responsibility-how-security-leaders-can-engage-end-users-to-alleviate-soc-analyst-burnout
Albania explains its reasons for severing relations with Iran. Cashout scam targets forgotten crypto accounts. Next moves for Lapsus$?
https://thecyberwire.com/newsletters/week-that-was/6/39
Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild
https://thehackernews.com/2022/09/microsoft-confirms-2-new-exchange-zero.html
Tech Explainer | What is DLL Sideloading?
https://malware.news/t/tech-explainer-what-is-dll-sideloading/63833/1
A look back at Insider Threat Month: advice from industry experts.
https://thecyberwire.com
What I learnt from reading 220 IDOR bug reports.
https://www.reddit.com/r/netsec/comments/xs0a44/what_i_learnt_from_reading_220_idor_bug_reports/
Cyber Attacks Against Middle East Governments Hide Malware in Windows logo
https://thehackernews.com/2022/09/cyber-attacks-against-middle-east.html
US DoD announced the results of the Hack US bug bounty challenge
https://securityaffairs.co/wordpress/136462/hacking/dod-hack-us-results.html
NIST on cyber careers. CISA TLP update. US candidate will lead ITU. Curbing foreign spyware.
https://thecyberwire.com/newsletters/policy-briefing/4/189
North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks
https://thehackernews.com/2022/09/north-korean-hackers-weaponizing-open.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Why cybersecurity is a shared responsibility: How security leaders can engage end users to alleviate SOC analyst burnout.
Cybersecurity is a team sport — and National Cybersecurity Awareness Month (NCSAM) is a great opportunity to remind everyone of that. Hosted by CISA and the National Cybersecurity Alliance (NCSA), NCSAM aims to raise awareness about and ensure everyone has…
Top Security News for 02/10/2022
FCC moves to block robotexts
https://www.malwarebytes.com/blog/news/2022/09/fcc-is-finally-moving-forward-with-blocking-spam-texts
State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations
https://thehackernews.com/2022/10/state-sponsored-hackers-likely.html
Kayla Williams: Not everything related to cybersecurity is a fire drill. [CISO]
https://thecyberwire.com/podcasts/career-notes/119/notes
HTTPT: A Probe-Resistant Proxy
https://www.reddit.com/r/netsec/comments/xt8fkm/httpt_a_proberesistant_proxy/
Tillitis - Open Source USB security key inspired by measured boot and DICE
https://www.reddit.com/r/netsec/comments/xt8hj1/tillitis_open_source_usb_security_key_inspired_by/
Guacamaya hacktivists stole sensitive data from Mexico and Latin American countries
https://securityaffairs.co/wordpress/136497/data-breach/guacamaya-hacked-latam-countries.html
CISA adds Atlassian Bitbucket Server flaw to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.co/wordpress/136514/security/atlassian-bitbucket-flaw-known-exploited-vulnerabilities-catalog.html
Cybersecurity Awareness Month: observations and counsel from industry leaders.
https://thecyberwire.com
CISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server Vulnerability
https://thehackernews.com/2022/10/cisa-warns-of-hackers-exploiting.html
Luxury hotel chain Shangri-La suffered a security breach
https://securityaffairs.co/wordpress/136489/data-breach/shangri-la-security-breach.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
FCC moves to block robotexts
https://www.malwarebytes.com/blog/news/2022/09/fcc-is-finally-moving-forward-with-blocking-spam-texts
State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations
https://thehackernews.com/2022/10/state-sponsored-hackers-likely.html
Kayla Williams: Not everything related to cybersecurity is a fire drill. [CISO]
https://thecyberwire.com/podcasts/career-notes/119/notes
HTTPT: A Probe-Resistant Proxy
https://www.reddit.com/r/netsec/comments/xt8fkm/httpt_a_proberesistant_proxy/
Tillitis - Open Source USB security key inspired by measured boot and DICE
https://www.reddit.com/r/netsec/comments/xt8hj1/tillitis_open_source_usb_security_key_inspired_by/
Guacamaya hacktivists stole sensitive data from Mexico and Latin American countries
https://securityaffairs.co/wordpress/136497/data-breach/guacamaya-hacked-latam-countries.html
CISA adds Atlassian Bitbucket Server flaw to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.co/wordpress/136514/security/atlassian-bitbucket-flaw-known-exploited-vulnerabilities-catalog.html
Cybersecurity Awareness Month: observations and counsel from industry leaders.
https://thecyberwire.com
CISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server Vulnerability
https://thehackernews.com/2022/10/cisa-warns-of-hackers-exploiting.html
Luxury hotel chain Shangri-La suffered a security breach
https://securityaffairs.co/wordpress/136489/data-breach/shangri-la-security-breach.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
FCC moves to block robotexts
The Federal Communications Commission wants mobile carriers to block spam texts at the network level.
Top Security News for 03/10/2022
What I learnt from reading 126 Information Disclosure bug reports/writeups.
https://www.reddit.com/r/netsec/comments/xtj6ch/what_i_learnt_from_reading_126_information/
Supply chain compromise impacting Comm100 Live Chat software
https://malware.news/t/supply-chain-compromise-impacting-comm100-live-chat-software/63841/1
ISC Stormcast For Monday, October 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8198, (Mon, Oct 3rd)
https://malware.news/t/isc-stormcast-for-monday-october-3rd-2022-https-isc-sans-edu-podcastdetail-html-id-8198-mon-oct-3rd/63843/1
Dank: The greatest encoder you've never heard of
https://www.reddit.com/r/netsec/comments/xtus0q/dank_the_greatest_encoder_youve_never_heard_of/
ISC StormCast for Monday, October 3rd, 2022
https://isc.sans.edu/podcastdetail.html?id=8198
Pt 1 – XDR: from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/63/notes
Security Affairs newsletter Round 386
https://securityaffairs.co/wordpress/136534/breaking-news/security-affairs-newsletter-round-386.html
PS5-4.03-Kernel-Exploit: An experimental webkit-based kernel exploit (Arbitrary R/W) for the PS5 on 4.03FW
https://www.reddit.com/r/netsec/comments/xu3nz0/ps5403kernelexploit_an_experimental_webkitbased/
Some Notes on VIRTUALGATE
https://malware.news/t/some-notes-on-virtualgate/63845/1
The 5 best security cameras of 2022
https://malware.news/t/the-5-best-security-cameras-of-2022/63844/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
What I learnt from reading 126 Information Disclosure bug reports/writeups.
https://www.reddit.com/r/netsec/comments/xtj6ch/what_i_learnt_from_reading_126_information/
Supply chain compromise impacting Comm100 Live Chat software
https://malware.news/t/supply-chain-compromise-impacting-comm100-live-chat-software/63841/1
ISC Stormcast For Monday, October 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8198, (Mon, Oct 3rd)
https://malware.news/t/isc-stormcast-for-monday-october-3rd-2022-https-isc-sans-edu-podcastdetail-html-id-8198-mon-oct-3rd/63843/1
Dank: The greatest encoder you've never heard of
https://www.reddit.com/r/netsec/comments/xtus0q/dank_the_greatest_encoder_youve_never_heard_of/
ISC StormCast for Monday, October 3rd, 2022
https://isc.sans.edu/podcastdetail.html?id=8198
Pt 1 – XDR: from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/63/notes
Security Affairs newsletter Round 386
https://securityaffairs.co/wordpress/136534/breaking-news/security-affairs-newsletter-round-386.html
PS5-4.03-Kernel-Exploit: An experimental webkit-based kernel exploit (Arbitrary R/W) for the PS5 on 4.03FW
https://www.reddit.com/r/netsec/comments/xu3nz0/ps5403kernelexploit_an_experimental_webkitbased/
Some Notes on VIRTUALGATE
https://malware.news/t/some-notes-on-virtualgate/63845/1
The 5 best security cameras of 2022
https://malware.news/t/the-5-best-security-cameras-of-2022/63844/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
What I learnt from reading 126 Information Disclosure bug...
Posted in r/netsec by u/_nynan • 104 points and 3 comments
Top Security News for 04/10/2022
Hackers Exploiting Dell Driver Vulnerability to Deploy Rootkit on Targeted Computers
https://thehackernews.com/2022/10/hackers-exploiting-dell-driver.html
WUSB HISTORICAL VIDEO SERIES BEGINS
https://www.2600.com/content/wusb-historical-video-series-begins
ISC Stormcast For Tuesday, October 4th, 2022 https://isc.sans.edu/podcastdetail.html?id=8200, (Tue, Oct 4th)
https://isc.sans.edu/diary/rss/29110
Researcher Spotlight: Globetrotting with Yuri Kramarz
https://malware.news/t/researcher-spotlight-globetrotting-with-yuri-kramarz/63877/1
Microsoft Exchange zero-days exploited. Supply chain attack reported. New Lazarus activity. Mexican government falls victim to hacktivism. Hacking partial mobilization. Former insider threat.
https://thecyberwire.com/podcasts/daily-podcast/1675/notes
Microsoft mitigation for new Exchange Server zero-day exploits can be bypassed
https://www.csoonline.com/article/3675557/microsoft-mitigation-for-new-exchange-server-zero-day-exploits-can-be-bypassed.html#tk.rss_all
California Man Fined $1,000 for Drawing Lines on Maps
https://www.vice.com/en_us/article/v7vyj3/california-man-fined-for-drawing-lines-on-existing-maps
Romance scammer deepfakes Mark Ruffalo to con elderly artist
https://www.malwarebytes.com/blog/news/2022/10/romance-scammer-makes-bank-with-deepfake-mark-ruffalo
Lockbit ransomware case study
https://www.reddit.com/r/Malware/comments/xv2ijb/lockbit_ransomware_case_study/
I need some help
https://0x00sec.org/t/i-need-some-help/31517
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Hackers Exploiting Dell Driver Vulnerability to Deploy Rootkit on Targeted Computers
https://thehackernews.com/2022/10/hackers-exploiting-dell-driver.html
WUSB HISTORICAL VIDEO SERIES BEGINS
https://www.2600.com/content/wusb-historical-video-series-begins
ISC Stormcast For Tuesday, October 4th, 2022 https://isc.sans.edu/podcastdetail.html?id=8200, (Tue, Oct 4th)
https://isc.sans.edu/diary/rss/29110
Researcher Spotlight: Globetrotting with Yuri Kramarz
https://malware.news/t/researcher-spotlight-globetrotting-with-yuri-kramarz/63877/1
Microsoft Exchange zero-days exploited. Supply chain attack reported. New Lazarus activity. Mexican government falls victim to hacktivism. Hacking partial mobilization. Former insider threat.
https://thecyberwire.com/podcasts/daily-podcast/1675/notes
Microsoft mitigation for new Exchange Server zero-day exploits can be bypassed
https://www.csoonline.com/article/3675557/microsoft-mitigation-for-new-exchange-server-zero-day-exploits-can-be-bypassed.html#tk.rss_all
California Man Fined $1,000 for Drawing Lines on Maps
https://www.vice.com/en_us/article/v7vyj3/california-man-fined-for-drawing-lines-on-existing-maps
Romance scammer deepfakes Mark Ruffalo to con elderly artist
https://www.malwarebytes.com/blog/news/2022/10/romance-scammer-makes-bank-with-deepfake-mark-ruffalo
Lockbit ransomware case study
https://www.reddit.com/r/Malware/comments/xv2ijb/lockbit_ransomware_case_study/
I need some help
https://0x00sec.org/t/i-need-some-help/31517
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Tuesday, October 4th, 2022 - SANS ISC
Top Security News for 05/10/2022
ProxyNotShell – the New Proxy Hell?
https://thehackernews.com/2022/10/proxynotshell-new-proxy-hell.html
Optus Hack Exposes Data of Nearly 2.1 Million Australian Telecom Customers
https://thehackernews.com/2022/10/optus-hack-exposes-data-of-nearly-21.html
Back to Basics: Cybersecurity's Weakest Link
https://thehackernews.com/2022/10/back-to-basics-cybersecuritys-weakest.html
TSUBAME Report Overflow (Apr-Jun 2022)
https://malware.news/t/tsubame-report-overflow-apr-jun-2022/63916/1
TikTok's "secret operation" tracks you even if you don't use it
https://malware.news/t/tiktoks-secret-operation-tracks-you-even-if-you-dont-use-it/63912/1
Cybersecurity awareness tips from Microsoft to empower your team to #BeCyberSmart
https://www.microsoft.com/security/blog/2022/10/04/cybersecurity-awareness-tips-from-microsoft-to-empower-your-team-to-becybersmart/
Mitigation for Exchange Zero-Days Bypassed! Microsoft Issues New Workarounds
https://thehackernews.com/2022/10/mitigation-for-exchange-zero-days.html
Dell launches new cybersecurity resources to enhance zero-trust adoption, cyber resilience
https://www.csoonline.com/article/3675558/dell-launches-new-cybersecurity-resources-to-enhance-zero-trust-adoption-cyber-resilience.html#tk.rss_all
Wireshark 4.0.0 has been released
https://www.reddit.com/r/netsec/comments/xw0q7c/wireshark_400_has_been_released/
Pixel 6 bootloader: Emulation, ROP
https://www.reddit.com/r/netsec/comments/xw1uxc/pixel_6_bootloader_emulation_rop/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ProxyNotShell – the New Proxy Hell?
https://thehackernews.com/2022/10/proxynotshell-new-proxy-hell.html
Optus Hack Exposes Data of Nearly 2.1 Million Australian Telecom Customers
https://thehackernews.com/2022/10/optus-hack-exposes-data-of-nearly-21.html
Back to Basics: Cybersecurity's Weakest Link
https://thehackernews.com/2022/10/back-to-basics-cybersecuritys-weakest.html
TSUBAME Report Overflow (Apr-Jun 2022)
https://malware.news/t/tsubame-report-overflow-apr-jun-2022/63916/1
TikTok's "secret operation" tracks you even if you don't use it
https://malware.news/t/tiktoks-secret-operation-tracks-you-even-if-you-dont-use-it/63912/1
Cybersecurity awareness tips from Microsoft to empower your team to #BeCyberSmart
https://www.microsoft.com/security/blog/2022/10/04/cybersecurity-awareness-tips-from-microsoft-to-empower-your-team-to-becybersmart/
Mitigation for Exchange Zero-Days Bypassed! Microsoft Issues New Workarounds
https://thehackernews.com/2022/10/mitigation-for-exchange-zero-days.html
Dell launches new cybersecurity resources to enhance zero-trust adoption, cyber resilience
https://www.csoonline.com/article/3675558/dell-launches-new-cybersecurity-resources-to-enhance-zero-trust-adoption-cyber-resilience.html#tk.rss_all
Wireshark 4.0.0 has been released
https://www.reddit.com/r/netsec/comments/xw0q7c/wireshark_400_has_been_released/
Pixel 6 bootloader: Emulation, ROP
https://www.reddit.com/r/netsec/comments/xw1uxc/pixel_6_bootloader_emulation_rop/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
TSUBAME Report Overflow (Apr-Jun 2022)
This TSUBAME Report Overflow series discuss monitoring trends of overseas TSUBAME sensors and other activities which the Internet Threat Monitoring Quarterly Reports does not include. This article covers the monitoring results for the period of April to June…
Top Security News for 06/10/2022
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/05-10-2022
MSSQL, meet Maggie - a novel backdoor for MSSQL servers.
https://www.reddit.com/r/netsec/comments/xvdyri/mssql_meet_maggie_a_novel_backdoor_for_mssql/
Telstra Telecom Suffers Data Breach Potentially Exposing Employee Information
https://thehackernews.com/2022/10/telstra-telecom-suffers-data-breach.html
Customer Field enhancement at Delivery Level in EWM
https://malware.news/t/customer-field-enhancement-at-delivery-level-in-ewm/63961/1
Kocho acquires Mobliciti. NetSPI receives $410 million in funding. Optus breach fallout.
https://thecyberwire.com/newsletters/business-briefing/4/40
Talkin’ About Infosec News – 10/5/2022
https://malware.news/t/talkin-about-infosec-news-10-5-2022/63960/1
Microsoft updates guidance for ‘ProxyNotShell’ bugs after researchers get around mitigations
https://malware.news/t/microsoft-updates-guidance-for-proxynotshell-bugs-after-researchers-get-around-mitigations/63957/1
A Deep Dive of CVE-2022–33987 (Got allows a redirect to a UNIX socket)
https://www.reddit.com/r/netsec/comments/xwre1m/a_deep_dive_of_cve202233987_got_allows_a_redirect/
What is cyber quantum computing?
https://thecyberwire.com/podcasts/hacking-humans/215/notes
How to encrypt a folder in MacOS to keep sensitive data from prying eyes
https://malware.news/t/how-to-encrypt-a-folder-in-macos-to-keep-sensitive-data-from-prying-eyes/63959/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/05-10-2022
MSSQL, meet Maggie - a novel backdoor for MSSQL servers.
https://www.reddit.com/r/netsec/comments/xvdyri/mssql_meet_maggie_a_novel_backdoor_for_mssql/
Telstra Telecom Suffers Data Breach Potentially Exposing Employee Information
https://thehackernews.com/2022/10/telstra-telecom-suffers-data-breach.html
Customer Field enhancement at Delivery Level in EWM
https://malware.news/t/customer-field-enhancement-at-delivery-level-in-ewm/63961/1
Kocho acquires Mobliciti. NetSPI receives $410 million in funding. Optus breach fallout.
https://thecyberwire.com/newsletters/business-briefing/4/40
Talkin’ About Infosec News – 10/5/2022
https://malware.news/t/talkin-about-infosec-news-10-5-2022/63960/1
Microsoft updates guidance for ‘ProxyNotShell’ bugs after researchers get around mitigations
https://malware.news/t/microsoft-updates-guidance-for-proxynotshell-bugs-after-researchers-get-around-mitigations/63957/1
A Deep Dive of CVE-2022–33987 (Got allows a redirect to a UNIX socket)
https://www.reddit.com/r/netsec/comments/xwre1m/a_deep_dive_of_cve202233987_got_allows_a_redirect/
What is cyber quantum computing?
https://thecyberwire.com/podcasts/hacking-humans/215/notes
How to encrypt a folder in MacOS to keep sensitive data from prying eyes
https://malware.news/t/how-to-encrypt-a-folder-in-macos-to-keep-sensitive-data-from-prying-eyes/63959/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
MSSQL, meet Maggie - a novel backdoor for MSSQL servers.
Posted in r/netsec by u/OwnPreparation3424 • 2 points and 0 comments
Top Security News for 07/10/2022
Details Released for Recently Patched new macOS Archive Utility Vulnerability
https://thehackernews.com/2022/10/details-released-for-recently-patched.html
NetWalker Ransomware Scumbag Jailed For 20 Years
https://packetstormsecurity.com/news/view/33919/NetWalker-Ransomware-Scumbag-Jailed-For-20-Years.html
ISC StormCast for Friday, October 7th, 2022
https://isc.sans.edu/podcastdetail.html?id=8204
Government considers centralising digital ID verification on myGov in wake of Optus breach
https://www.theguardian.com/technology/2022/oct/07/government-considers-centralising-digital-id-verification-on-mygov-in-wake-of-optus-breach
CVE-2022-41343 - RCE via Phar Deserialisation (Dompdf)
https://www.reddit.com/r/netsec/comments/xwyf9o/cve202241343_rce_via_phar_deserialisation_dompdf/
Fully loaded: testing vulnerable PyYAML versions
https://www.reddit.com/r/netsec/comments/xxc2aa/fully_loaded_testing_vulnerable_pyyaml_versions/
Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan
https://www.csoonline.com/article/3675559/dashlane-launches-new-dark-web-insights-tool-mfa-authenticator-app-small-biz-starter-plan.html#tk.rss_all
Former Uber Security Chief Found Guilty of Data Breach Coverup
https://thehackernews.com/2022/10/former-uber-security-chief-found-guilty.html
TransUnion taps behavioral analytics to aid fraud detection, curb false positives
https://www.csoonline.com/article/3675955/transunion-taps-behavioral-analytics-to-aid-fraud-detection-curb-false-positives.html#tk.rss_all
Ransomware review: September 2022
https://www.malwarebytes.com/blog/threat-intelligence/2022/10/ransomware-review-september-2022
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Details Released for Recently Patched new macOS Archive Utility Vulnerability
https://thehackernews.com/2022/10/details-released-for-recently-patched.html
NetWalker Ransomware Scumbag Jailed For 20 Years
https://packetstormsecurity.com/news/view/33919/NetWalker-Ransomware-Scumbag-Jailed-For-20-Years.html
ISC StormCast for Friday, October 7th, 2022
https://isc.sans.edu/podcastdetail.html?id=8204
Government considers centralising digital ID verification on myGov in wake of Optus breach
https://www.theguardian.com/technology/2022/oct/07/government-considers-centralising-digital-id-verification-on-mygov-in-wake-of-optus-breach
CVE-2022-41343 - RCE via Phar Deserialisation (Dompdf)
https://www.reddit.com/r/netsec/comments/xwyf9o/cve202241343_rce_via_phar_deserialisation_dompdf/
Fully loaded: testing vulnerable PyYAML versions
https://www.reddit.com/r/netsec/comments/xxc2aa/fully_loaded_testing_vulnerable_pyyaml_versions/
Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan
https://www.csoonline.com/article/3675559/dashlane-launches-new-dark-web-insights-tool-mfa-authenticator-app-small-biz-starter-plan.html#tk.rss_all
Former Uber Security Chief Found Guilty of Data Breach Coverup
https://thehackernews.com/2022/10/former-uber-security-chief-found-guilty.html
TransUnion taps behavioral analytics to aid fraud detection, curb false positives
https://www.csoonline.com/article/3675955/transunion-taps-behavioral-analytics-to-aid-fraud-detection-curb-false-positives.html#tk.rss_all
Ransomware review: September 2022
https://www.malwarebytes.com/blog/threat-intelligence/2022/10/ransomware-review-september-2022
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The Register
NetWalker ransomware crook jailed for 20 years
And note to his crime pals – he said he would sing like a canary
Top Security News for 08/10/2022
Australian teen arrested for blackmailing Optus breach victims. CareOregon accidentally leaks member data. City of Tucson discloses data breach.
https://thecyberwire.com/podcasts/privacy-briefing/685/notes
3 actions Latin American leaders must take to reduce risk of cyberattacks
https://www.csoonline.com/article/3675961/3-actions-latin-american-leaders-must-take-to-reduce-risk-of-cyberattacks.html#tk.rss_all
This Week in Malware - Over 100 Packages Discovered
https://malware.news/t/this-week-in-malware-over-100-packages-discovered/64018#post_1
Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities
https://thehackernews.com/2022/10/microsoft-issues-improved-mitigations.html
Facebook Detects 400 Android and iOS Apps Stealing Users Log-in Credentials
https://thehackernews.com/2022/10/facebook-detects-400-android-and-ios.html
Microsoft warns of Exchange Server vulnerabilities. Hacktivists compromise Mexican government data. Patch news. Crime and punishment.
https://thecyberwire.com/newsletters/week-that-was/6/40
2600 KICKED OFF OF YOUTUBE FOR SARCASTIC REMARK
https://www.2600.com/content/2600-kicked-youtube-sarcastic-remark
A US EO addresses EU data privacy concerns. China’s favorite CVEs. Election security and credit risk. COVID phishbait. Notes from the hybrid war, including some really motivated draft evaders.
https://thecyberwire.com/podcasts/daily-podcast/1679/notes
Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy
https://thehackernews.com/2022/10/fortinet-warns-of-new-auth-bypass-flaw.html
securepupads.g.doubleclick.net removal
https://www.reddit.com/r/Malware/comments/xy5bdb/securepupadsgdoubleclicknet_removal/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Australian teen arrested for blackmailing Optus breach victims. CareOregon accidentally leaks member data. City of Tucson discloses data breach.
https://thecyberwire.com/podcasts/privacy-briefing/685/notes
3 actions Latin American leaders must take to reduce risk of cyberattacks
https://www.csoonline.com/article/3675961/3-actions-latin-american-leaders-must-take-to-reduce-risk-of-cyberattacks.html#tk.rss_all
This Week in Malware - Over 100 Packages Discovered
https://malware.news/t/this-week-in-malware-over-100-packages-discovered/64018#post_1
Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities
https://thehackernews.com/2022/10/microsoft-issues-improved-mitigations.html
Facebook Detects 400 Android and iOS Apps Stealing Users Log-in Credentials
https://thehackernews.com/2022/10/facebook-detects-400-android-and-ios.html
Microsoft warns of Exchange Server vulnerabilities. Hacktivists compromise Mexican government data. Patch news. Crime and punishment.
https://thecyberwire.com/newsletters/week-that-was/6/40
2600 KICKED OFF OF YOUTUBE FOR SARCASTIC REMARK
https://www.2600.com/content/2600-kicked-youtube-sarcastic-remark
A US EO addresses EU data privacy concerns. China’s favorite CVEs. Election security and credit risk. COVID phishbait. Notes from the hybrid war, including some really motivated draft evaders.
https://thecyberwire.com/podcasts/daily-podcast/1679/notes
Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy
https://thehackernews.com/2022/10/fortinet-warns-of-new-auth-bypass-flaw.html
securepupads.g.doubleclick.net removal
https://www.reddit.com/r/Malware/comments/xy5bdb/securepupadsgdoubleclicknet_removal/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Australian teen arrested for blackmailing Optus breach victims. CareOregon accidentally leaks member data. City of Tucson discloses…
Australian teen arrested for blackmailing Optus breach victims. CareOregon accidentally leaks member data. City of Tucson discloses data breach.
Top Security News for 09/10/2022
Romance scammer given 25 years of alone time
https://malware.news/t/romance-scammer-given-25-years-of-alone-time/64021#post_1
What is torrenting and how does it work?
https://malware.news/t/what-is-torrenting-and-how-does-it-work/64025#post_1
Sysmon v14.1 Release, (Sat, Oct 8th)
https://isc.sans.edu/diary/rss/29126
Pentest reporting and the remediation cycle: Why aren’t we making progress?
https://thecyberwire.com/podcasts/cyberwire-x/39/notes
BlackByte Ransomware abuses vulnerable driver to bypass security solutions
https://securityaffairs.co/wordpress/136816/malware/blackbyte-ransomware-byovd-attack.html
Unpatched remote code execution flaw in Zimbra Collaboration Suite actively exploited
https://securityaffairs.co/wordpress/136800/hacking/zimbra-collaboration-suite-rce.html
Sysmon v14.1 Release, (Sat, Oct 8th)
https://malware.news/t/sysmon-v14-1-release-sat-oct-8th/64023#post_1
I had a pop up ad
https://www.reddit.com/r/Malware/comments/xzdzwu/i_had_a_pop_up_ad/
What can we learn from leaked Insyde's BIOS for Intel Alder Lake
https://www.reddit.com/r/netsec/comments/xyuwa7/what_can_we_learn_from_leaked_insydes_bios_for/
Key takeaways from ESET Threat Report T2 2022 – Week in security with Tony Anscombe
https://malware.news/t/key-takeaways-from-eset-threat-report-t2-2022-week-in-security-with-tony-anscombe/64026#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Romance scammer given 25 years of alone time
https://malware.news/t/romance-scammer-given-25-years-of-alone-time/64021#post_1
What is torrenting and how does it work?
https://malware.news/t/what-is-torrenting-and-how-does-it-work/64025#post_1
Sysmon v14.1 Release, (Sat, Oct 8th)
https://isc.sans.edu/diary/rss/29126
Pentest reporting and the remediation cycle: Why aren’t we making progress?
https://thecyberwire.com/podcasts/cyberwire-x/39/notes
BlackByte Ransomware abuses vulnerable driver to bypass security solutions
https://securityaffairs.co/wordpress/136816/malware/blackbyte-ransomware-byovd-attack.html
Unpatched remote code execution flaw in Zimbra Collaboration Suite actively exploited
https://securityaffairs.co/wordpress/136800/hacking/zimbra-collaboration-suite-rce.html
Sysmon v14.1 Release, (Sat, Oct 8th)
https://malware.news/t/sysmon-v14-1-release-sat-oct-8th/64023#post_1
I had a pop up ad
https://www.reddit.com/r/Malware/comments/xzdzwu/i_had_a_pop_up_ad/
What can we learn from leaked Insyde's BIOS for Intel Alder Lake
https://www.reddit.com/r/netsec/comments/xyuwa7/what_can_we_learn_from_leaked_insydes_bios_for/
Key takeaways from ESET Threat Report T2 2022 – Week in security with Tony Anscombe
https://malware.news/t/key-takeaways-from-eset-threat-report-t2-2022-week-in-security-with-tony-anscombe/64026#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Romance scammer given 25 years of alone time
Romance scams are often low risk, high reward strategies for ciminals, who use them to steal large sums of money from vulnerable people in the cruellest ways possible. Once the victim wires the cash, there’s a good chance that it’s never coming back. The…
👍1
Top Security News for 10/10/2022
Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM
https://securityaffairs.co/wordpress/136866/cyber-crime/south-africa-eskom-everest-ransomware.html
Lloyd’s of London investigates alleged cyber attack
https://securityaffairs.co/wordpress/136834/security/lloyds-of-london-cyberattack.html
Curl's resolve Option, (Sun, Oct 9th)
https://isc.sans.edu/diary/rss/29132
Pt 2 – XDR: from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/64/notes
ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://isc.sans.edu/diary/rss/29134
ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://malware.news/t/isc-stormcast-for-monday-october-10th-2022-https-isc-sans-edu-podcastdetail-html-id-8206-mon-oct-10th/64030#post_1
Use case creation in SIEM - Malicious download
https://www.reddit.com/r/Malware/comments/xzmszq/use_case_creation_in_siem_malicious_download/
Is there a team recruiting?
https://0x00sec.org/t/is-there-a-team-recruiting/31635
Security Affairs newsletter Round 387
https://securityaffairs.co/wordpress/136857/breaking-news/security-affairs-newsletter-round-387.html
ISC StormCast for Monday, October 10th, 2022
https://isc.sans.edu/podcastdetail.html?id=8206
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM
https://securityaffairs.co/wordpress/136866/cyber-crime/south-africa-eskom-everest-ransomware.html
Lloyd’s of London investigates alleged cyber attack
https://securityaffairs.co/wordpress/136834/security/lloyds-of-london-cyberattack.html
Curl's resolve Option, (Sun, Oct 9th)
https://isc.sans.edu/diary/rss/29132
Pt 2 – XDR: from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/64/notes
ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://isc.sans.edu/diary/rss/29134
ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://malware.news/t/isc-stormcast-for-monday-october-10th-2022-https-isc-sans-edu-podcastdetail-html-id-8206-mon-oct-10th/64030#post_1
Use case creation in SIEM - Malicious download
https://www.reddit.com/r/Malware/comments/xzmszq/use_case_creation_in_siem_malicious_download/
Is there a team recruiting?
https://0x00sec.org/t/is-there-a-team-recruiting/31635
Security Affairs newsletter Round 387
https://securityaffairs.co/wordpress/136857/breaking-news/security-affairs-newsletter-round-387.html
ISC StormCast for Monday, October 10th, 2022
https://isc.sans.edu/podcastdetail.html?id=8206
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM
Everest ransomware operators claimed to have hacked South Africa state-owned company ESKOM Hld SOC Ltd.