Top Security News for 18/09/2022

3 ways MDR can drive business growth for MSPs
https://www.malwarebytes.com/blog/business/2022/09/3-ways-mdr-can-drive-business-growth-for-msps

Video: Analyzing Obfuscated VBS with CyberChef, (Sat, Sep 17th)
https://isc.sans.edu/diary/rss/29058

EU moves to protect journalists from spyware
https://malware.news/t/eu-moves-to-protect-journalists-from-spyware/63455/1

LLVM Passes for Security: A Brief Introduction (Part 1/4)
https://www.reddit.com/r/netsec/comments/xgxs7q/llvm_passes_for_security_a_brief_introduction/

requests-ip-rotator: A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
https://www.reddit.com/r/netsec/comments/xh40q2/requestsiprotator_a_python_library_to_utilize_aws/

Virtual FIDO is a virtual USB device that implements the FIDO2/U2F protocol (like a YubiKey) in order to support 2FA and WebAuthN.
https://www.reddit.com/r/netsec/comments/xh3bae/virtual_fido_is_a_virtual_usb_device_that/

Lockbit’s bounty: consequences matter
https://diablohorn.com/2022/09/18/lockbits-bounty-consequences-matter/

Security Affairs newsletter Round 384
https://securityaffairs.co/wordpress/135877/breaking-news/security-affairs-newsletter-round-384.html

Uber Claims No Sensitive Data Exposed in Latest Breach… But There's More to This
https://thehackernews.com/2022/09/uber-claims-no-sensitive-data-exposed.html

Jaya Baloo: Don't be afraid to bounce ideas off your teammates. [CISO]
https://thecyberwire.com/podcasts/career-notes/117/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 19/09/2022

Preventing ISO Malware , (Sun, Sep 18th)
https://malware.news/t/preventing-iso-malware-sun-sep-18th/63459/1

Update: strings.py Version 0.0.8
https://malware.news/t/update-strings-py-version-0-0-8/63458/1

Uber says there is no evidence that users’ private information was compromised
https://securityaffairs.co/wordpress/135876/data-breach/uber-data-breach-update.html

Fake google drive desktop malware started a Google Ads campaign.
https://www.reddit.com/r/Malware/comments/xhbzmi/fake_google_drive_desktop_malware_started_a/

ISC Stormcast For Monday, September 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8178, (Mon, Sep 19th)
https://malware.news/t/isc-stormcast-for-monday-september-19th-2022-https-isc-sans-edu-podcastdetail-html-id-8178-mon-sep-19th/63460/1

ISC StormCast for Monday, September 19th, 2022
https://isc.sans.edu/podcastdetail.html?id=8178

Risk Forecasting with Bayes Rule: A practical example.
https://thecyberwire.com/stories/3cf992726ebd489db4a45529f0ba1bc5/risk-forecasting-with-bayes-rule-a-practical-example

Netgear Routers impacted by FunJSQ Game Acceleration Module flaw
https://securityaffairs.co/wordpress/135887/security/netgear-game-acceleration-module-flaw.html

TeamTNT is back and targets servers to run Bitcoin encryption solvers
https://securityaffairs.co/wordpress/135911/cyber-crime/teamtnt-is-back-encryption-solvers.html

Developments in the case of the Uber breach.
https://thecyberwire.com/stories/ac8a9e6a20584c7bb8cfc7434d6d001e/developments-in-the-case-of-the-uber-breach


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 20/09/2022

GTA 6 source code and videos leaked after Rockstar Games hack
https://www.reddit.com/r/netsec/comments/xi4ls7/gta_6_source_code_and_videos_leaked_after/

Collaboration is key to balance customer experience with security, privacy
https://www.csoonline.com/article/3673943/collaboration-is-key-to-balance-customer-experience-with-security-privacy.html#tk.rss_all

Deconstructing Florian's Bicycle
https://malware.news/t/deconstructing-florians-bicycle/63490/1

Tentative attribution in the Uber breach.
https://thecyberwire.com/stories/fc212676e8e34ca18d77680a7c46b043/tentative-attribution-in-the-uber-breach

A week in security (September 12 – 18)
https://www.malwarebytes.com/blog/news/2022/09/a-week-in-security-september-12--18

ISC Stormcast For Tuesday, September 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8180, (Tue, Sep 20th)
https://malware.news/t/isc-stormcast-for-tuesday-september-20th-2022-https-isc-sans-edu-podcastdetail-html-id-8180-tue-sep-20th/63491/1

International cooperation is key to fighting threat actors and cybercrime
https://www.csoonline.com/article/3673748/international-cooperation-is-key-to-fighting-threat-actors-and-cybercrime.html#tk.rss_all

The new DOJ Law Enforcement Crypto Reports (TL;DR)
https://malware.news/t/the-new-doj-law-enforcement-crypto-reports-tl-dr/63495/1

Microsoft Teams' GIFShell Attack: What Is It and How You Can Protect Yourself from It
https://thehackernews.com/2022/09/microsoft-teams-gifshell-attack-what-is.html

Amazon Driver Fired for Posting Photo of Customer’s Dildo to Reddit
https://www.vice.com/en_us/article/epzabm/amazon-driver-fired-for-posting-photo-of-customers-dildo-to-reddit


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 21/09/2022

Major movements in US digital asset guidance. Cybersecurity in the “Giant of Africa.” Does Japan need a cyber ministry?
https://thecyberwire.com/newsletters/policy-briefing/4/181

ISC StormCast for Wednesday, September 21st, 2022
https://isc.sans.edu/podcastdetail.html?id=8182

kubernetes-sec-alert: Track Kubernetes CVEs by native GitHub notifications!
https://www.reddit.com/r/netsec/comments/xh8fr6/kubernetessecalert_track_kubernetes_cves_by/

Phishing Campaigns Use Free Online Resources, (Wed, Sep 21st)
https://malware.news/t/phishing-campaigns-use-free-online-resources-wed-sep-21st/63535/1

Grand Theft Auto 6 suffers grand theft
https://www.malwarebytes.com/blog/news/2022/09/grand-theft-auto-6-suffers-grand-theft

CISA, Claroty highlight severe vulnerabilities in popular power distribution unit product
https://malware.news/t/cisa-claroty-highlight-severe-vulnerabilities-in-popular-power-distribution-unit-product/63531/1

ASEC Weekly Malware Statistics (September 5th, 2022 – September 11th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-september-5th-2022-september-11th-2022/63532/1

Phishing Campaigns Use Free Online Resources, (Wed, Sep 21st)
https://isc.sans.edu/diary/rss/29074

Palo Alto adds software composition analysis to Prisma Cloud to boost open-source security
https://www.csoonline.com/article/3673901/palo-alto-adds-software-composition-analysis-to-prisma-cloud-to-boost-open-source-security.html#tk.rss_all

Most common SAP vulnerabilities attackers try to exploit
https://www.csoonline.com/article/3674119/most-common-sap-vulnerabilities-attackers-try-to-exploit.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 22/09/2022

ISC Stormcast For Thursday, September 22nd, 2022 https://isc.sans.edu/podcastdetail.html?id=8184, (Thu, Sep 22nd)
https://isc.sans.edu/diary/rss/29076

Record DDoS Attack with 25.3 Billion Requests Abused HTTP/2 Multiplexing
https://thehackernews.com/2022/09/record-ddos-attack-with-253-billion.html

Quickpost: Tuning The Electric Energy Consumption Of My TV
https://malware.news/t/quickpost-tuning-the-electric-energy-consumption-of-my-tv/63566/1

Former Broadcom engineer gets eight months in prison for trade secrets theft
https://www.networkworld.com/article/3674316/former-broadcom-engineer-gets-eight-months-in-prison-for-trade-secrets-theft.html#tk.rss_all

FilelessRemotePE: Loading fileless remote PE from URI to memory
https://www.reddit.com/r/netsec/comments/xkkxlb/filelessremotepe_loading_fileless_remote_pe_from/

How will cybersecurity insurance change in the coming years?
https://thecyberwire.com/podcasts/caveat/142/notes

User claim he hacked a Lockbit Server and release builder & more
https://www.reddit.com/r/netsec/comments/xk1lc9/user_claim_he_hacked_a_lockbit_server_and_release/

Critical Remote Hack Flaws Found in Dataprobe's Power Distribution Units
https://thehackernews.com/2022/09/critical-remote-hack-flaws-found-in.html

BrandPost: Great Cyber Hygiene Starts with a Culture of Security Awareness
https://www.csoonline.com/article/3674628/great-cyber-hygiene-starts-with-a-culture-of-security-awareness.html#tk.rss_all

Scammers send fake 'Energy Bills Support Scheme' texts
https://www.malwarebytes.com/blog/news/2022/09/energy-scammers-send-fake-energy-bills-support-scheme-texts


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 27/09/2022

Twitter fixes bug that left devices logged in after password reset
https://www.malwarebytes.com/blog/news/2022/09/twitter-fixes-bug-that-left-devices-logged-in-after-password-reset

The weaponisation of information
https://malware.news/t/the-weaponisation-of-information/63685/1

A study of cracked passwords from breaches demonstrates which geographical factors have the most impact on password strength
https://www.reddit.com/r/netsec/comments/xon5mo/a_study_of_cracked_passwords_from_breaches/

When Athletic Abilities Just Aren't Enough - Scoreboard Hacking Part 2
https://www.reddit.com/r/netsec/comments/xol9v3/when_athletic_abilities_just_arent_enough/

Jeremy Corbyn Plays ‘Doom’ Mod About Killing Margaret Thatcher
https://www.vice.com/en_us/article/m7gpa4/jeremy-corbyn-plays-doom-mod-about-killing-margret-thatcher

Attorney general says FBI is working on Optus data breach – video
https://www.theguardian.com/business/video/2022/sep/27/attorney-general-says-fbi-is-working-on-optus-data-breach-video

Kingpins of sexual exploitation gang arrested in Berlin
https://malware.news/t/kingpins-of-sexual-exploitation-gang-arrested-in-berlin/63686/1

Windows 11 pulls ahead of Windows 10 in anti-phishing stakes
https://www.malwarebytes.com/blog/news/2022/09/windows-11-pulls-ahead-of-windows-10-in-anti-phishing-stakes

BrandPost: Extortion Economics: Ransomware’s New Business Model
https://www.csoonline.com/article/3674773/extortion-economics-ransomware-s-new-business-model.html#tk.rss_all

Government flags new cybersecurity laws and increase in fines after Optus breach
https://www.theguardian.com/business/2022/sep/27/government-flags-new-cybersecurity-laws-and-increase-in-fines-after-optus-breach


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 28/09/2022

Over Half of Operating Systems at VA Medical Center in Texas are Outdated, Watchdog Finds
https://malware.news/t/over-half-of-operating-systems-at-va-medical-center-in-texas-are-outdated-watchdog-finds/63712/1

Ken Thompson Really Did Launch His "Trusting Trust" Trojan Attack in Real Life
https://www.reddit.com/r/netsec/comments/xprmnz/ken_thompson_really_did_launch_his_trusting_trust/

Ukraine's Defense Intelligence warns of coming Russian cyberattacks against infrastructure. Next moves for Lapsus$? Cashout scams and neglected wallets. Developments in the Optus breach.
https://thecyberwire.com/podcasts/daily-podcast/1671/notes

Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely
https://thehackernews.com/2022/09/critical-whatsapp-bugs-could-have-let.html

ISC Stormcast For Wednesday, September 28th, 2022 https://isc.sans.edu/podcastdetail.html?id=8192, (Wed, Sep 28th)
https://malware.news/t/isc-stormcast-for-wednesday-september-28th-2022-https-isc-sans-edu-podcastdetail-html-id-8192-wed-sep-28th/63714/1

ISC Stormcast For Wednesday, September 28th, 2022 https://isc.sans.edu/podcastdetail.html?id=8192, (Wed, Sep 28th)
https://isc.sans.edu/diary/rss/29096

Detecting and Mitigating the GateKeeper User Override on macOS in an Enterprise Environment
https://www.reddit.com/r/netsec/comments/xprf0s/detecting_and_mitigating_the_gatekeeper_user/

A technical analysis of Pegasus for Android – Part 2
https://www.reddit.com/r/netsec/comments/xpg78b/a_technical_analysis_of_pegasus_for_android_part_2/

The difference between signature-based and behavioural detections
https://www.reddit.com/r/netsec/comments/xpsci2/the_difference_between_signaturebased_and/

Apakah ada yang siap mengajari saya
https://0x00sec.org/t/apakah-ada-yang-siap-mengajari-saya/31440


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 29/09/2022

Breaking down the Gramm-Leach-Bliley Act.
https://thecyberwire.com/podcasts/caveat/143/notes

16 Wall Street firms fined $1.8B for using private text apps, lying about it
https://www.computerworld.com/article/3675289/16-wall-street-firms-fined-18b-for-using-private-text-apps-lying-about-it.html#tk.rss_all

How cybercriminals use public online and offline data to target employees
https://www.csoonline.com/article/3674770/how-cybercriminals-use-public-online-and-offline-data-to-target-employees.html#tk.rss_all

ISC Stormcast For Thursday, September 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8194, (Thu, Sep 29th)
https://malware.news/t/isc-stormcast-for-thursday-september-29th-2022-https-isc-sans-edu-podcastdetail-html-id-8194-thu-sep-29th/63757/1

Australia news live: Optus breach a ‘wakeup call’, minister says, as telco contacts 14,900 customers with exposed Medicare ID
https://www.theguardian.com/australia-news/live/2022/sep/29/australia-news-live-politics-optus-medicare-fuel-excise-anthony-albanese-labor-liberal-indigenous-voice-cost-of-living-weather

Kerberos: New Attack Paths? AS Requested Service Tickets
https://www.reddit.com/r/netsec/comments/xqoele/kerberos_new_attack_paths_as_requested_service/

Meta dismantled the largest Russian network since the war in Ukraine began
https://securityaffairs.co/wordpress/136326/social-networks/meta-dismantled-russian-network.html

Facebook Shuts Down Covert Political 'Influence Operations' from Russia and China
https://thehackernews.com/2022/09/facebook-shuts-down-covert-political.html

Moving Faster - Securely. Why Your Org Should Add Security to your DevOps Program
https://thecyberwire.com/podcasts/security-sandbox/19/notes

NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/28-09-2022


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 30/09/2022

North Korea weaponizes open-source software.
https://thecyberwire.com/stories/b82102c41d8f43dba308d469d86edc37/north-korea-weaponizes-open-source-software

New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server
https://www.reddit.com/r/netsec/comments/xrh7f0/new_attack_campaign_utilized_a_new_0day_rce/

Want to study for ethical hacking? You can with this $35 certification bundle
https://malware.news/t/want-to-study-for-ethical-hacking-you-can-with-this-35-certification-bundle/63803/1

NATO Says Nord Stream Pipeline Was Sabotaged, Promises to Defend Its Allies
https://www.vice.com/en_us/article/88qvvp/nato-says-nord-stream-pipeline-was-sabotaged-promises-to-defend-its-allies

Hackers support Iranian dissidents. Notes on C2C markets. Cyberespionage campaigns. Intercepted mobile calls from Russian troops expose morale problems.
https://thecyberwire.com/podcasts/daily-podcast/1673/notes

Fast Company hacked to send obscene and racist messages
https://www.malwarebytes.com/blog/news/2022/09/fast-company-is-currently-investigating-how-it-got-hacked

Diavol resurfaces
https://malware.news/t/diavol-resurfaces/63801/1

ISC Stormcast For Friday, September 30th, 2022 https://isc.sans.edu/podcastdetail.html?id=8196, (Fri, Sep 30th)
https://malware.news/t/isc-stormcast-for-friday-september-30th-2022-https-isc-sans-edu-podcastdetail-html-id-8196-fri-sep-30th/63802/1

Researchers Uncover Covert Attack Campaign Targeting Military Contractors
https://thehackernews.com/2022/09/researchers-uncover-covert-attack.html

ISC StormCast for Friday, September 30th, 2022
https://isc.sans.edu/podcastdetail.html?id=8196


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 01/10/2022

Why cybersecurity is a shared responsibility: How security leaders can engage end users to alleviate SOC analyst burnout.
https://thecyberwire.com/stories/4d68f768907f4e83ae4f6aa231c166f5/why-cybersecurity-is-a-shared-responsibility-how-security-leaders-can-engage-end-users-to-alleviate-soc-analyst-burnout

Albania explains its reasons for severing relations with Iran. Cashout scam targets forgotten crypto accounts. Next moves for Lapsus$?
https://thecyberwire.com/newsletters/week-that-was/6/39

Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild
https://thehackernews.com/2022/09/microsoft-confirms-2-new-exchange-zero.html

Tech Explainer | What is DLL Sideloading?
https://malware.news/t/tech-explainer-what-is-dll-sideloading/63833/1

A look back at Insider Threat Month: advice from industry experts.
https://thecyberwire.com

What I learnt from reading 220 IDOR bug reports.
https://www.reddit.com/r/netsec/comments/xs0a44/what_i_learnt_from_reading_220_idor_bug_reports/

Cyber Attacks Against Middle East Governments Hide Malware in Windows logo
https://thehackernews.com/2022/09/cyber-attacks-against-middle-east.html

US DoD announced the results of the Hack US bug bounty challenge
https://securityaffairs.co/wordpress/136462/hacking/dod-hack-us-results.html

NIST on cyber careers. CISA TLP update. US candidate will lead ITU. Curbing foreign spyware.
https://thecyberwire.com/newsletters/policy-briefing/4/189

North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks
https://thehackernews.com/2022/09/north-korean-hackers-weaponizing-open.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 02/10/2022

FCC moves to block robotexts
https://www.malwarebytes.com/blog/news/2022/09/fcc-is-finally-moving-forward-with-blocking-spam-texts

State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations
https://thehackernews.com/2022/10/state-sponsored-hackers-likely.html

Kayla Williams: Not everything related to cybersecurity is a fire drill. [CISO]
https://thecyberwire.com/podcasts/career-notes/119/notes

HTTPT: A Probe-Resistant Proxy
https://www.reddit.com/r/netsec/comments/xt8fkm/httpt_a_proberesistant_proxy/

Tillitis - Open Source USB security key inspired by measured boot and DICE
https://www.reddit.com/r/netsec/comments/xt8hj1/tillitis_open_source_usb_security_key_inspired_by/

Guacamaya hacktivists stole sensitive data from Mexico and Latin American countries
https://securityaffairs.co/wordpress/136497/data-breach/guacamaya-hacked-latam-countries.html

CISA adds Atlassian Bitbucket Server flaw to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.co/wordpress/136514/security/atlassian-bitbucket-flaw-known-exploited-vulnerabilities-catalog.html

Cybersecurity Awareness Month: observations and counsel from industry leaders.
https://thecyberwire.com

CISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server Vulnerability
https://thehackernews.com/2022/10/cisa-warns-of-hackers-exploiting.html

Luxury hotel chain Shangri-La suffered a security breach
https://securityaffairs.co/wordpress/136489/data-breach/shangri-la-security-breach.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 03/10/2022

What I learnt from reading 126 Information Disclosure bug reports/writeups.
https://www.reddit.com/r/netsec/comments/xtj6ch/what_i_learnt_from_reading_126_information/

Supply chain compromise impacting Comm100 Live Chat software
https://malware.news/t/supply-chain-compromise-impacting-comm100-live-chat-software/63841/1

ISC Stormcast For Monday, October 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8198, (Mon, Oct 3rd)
https://malware.news/t/isc-stormcast-for-monday-october-3rd-2022-https-isc-sans-edu-podcastdetail-html-id-8198-mon-oct-3rd/63843/1

Dank: The greatest encoder you've never heard of
https://www.reddit.com/r/netsec/comments/xtus0q/dank_the_greatest_encoder_youve_never_heard_of/

ISC StormCast for Monday, October 3rd, 2022
https://isc.sans.edu/podcastdetail.html?id=8198

Pt 1 – XDR: from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/63/notes

Security Affairs newsletter Round 386
https://securityaffairs.co/wordpress/136534/breaking-news/security-affairs-newsletter-round-386.html

PS5-4.03-Kernel-Exploit: An experimental webkit-based kernel exploit (Arbitrary R/W) for the PS5 on 4.03FW
https://www.reddit.com/r/netsec/comments/xu3nz0/ps5403kernelexploit_an_experimental_webkitbased/

Some Notes on VIRTUALGATE
https://malware.news/t/some-notes-on-virtualgate/63845/1

The 5 best security cameras of 2022
https://malware.news/t/the-5-best-security-cameras-of-2022/63844/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 04/10/2022

Hackers Exploiting Dell Driver Vulnerability to Deploy Rootkit on Targeted Computers
https://thehackernews.com/2022/10/hackers-exploiting-dell-driver.html

WUSB HISTORICAL VIDEO SERIES BEGINS
https://www.2600.com/content/wusb-historical-video-series-begins

ISC Stormcast For Tuesday, October 4th, 2022 https://isc.sans.edu/podcastdetail.html?id=8200, (Tue, Oct 4th)
https://isc.sans.edu/diary/rss/29110

Researcher Spotlight: Globetrotting with Yuri Kramarz
https://malware.news/t/researcher-spotlight-globetrotting-with-yuri-kramarz/63877/1

Microsoft Exchange zero-days exploited. Supply chain attack reported. New Lazarus activity. Mexican government falls victim to hacktivism. Hacking partial mobilization. Former insider threat.
https://thecyberwire.com/podcasts/daily-podcast/1675/notes

Microsoft mitigation for new Exchange Server zero-day exploits can be bypassed
https://www.csoonline.com/article/3675557/microsoft-mitigation-for-new-exchange-server-zero-day-exploits-can-be-bypassed.html#tk.rss_all

California Man Fined $1,000 for Drawing Lines on Maps
https://www.vice.com/en_us/article/v7vyj3/california-man-fined-for-drawing-lines-on-existing-maps

Romance scammer deepfakes Mark Ruffalo to con elderly artist
https://www.malwarebytes.com/blog/news/2022/10/romance-scammer-makes-bank-with-deepfake-mark-ruffalo

Lockbit ransomware case study
https://www.reddit.com/r/Malware/comments/xv2ijb/lockbit_ransomware_case_study/

I need some help
https://0x00sec.org/t/i-need-some-help/31517


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 05/10/2022

ProxyNotShell – the New Proxy Hell?
https://thehackernews.com/2022/10/proxynotshell-new-proxy-hell.html

Optus Hack Exposes Data of Nearly 2.1 Million Australian Telecom Customers
https://thehackernews.com/2022/10/optus-hack-exposes-data-of-nearly-21.html

Back to Basics: Cybersecurity's Weakest Link
https://thehackernews.com/2022/10/back-to-basics-cybersecuritys-weakest.html

TSUBAME Report Overflow (Apr-Jun 2022)
https://malware.news/t/tsubame-report-overflow-apr-jun-2022/63916/1

TikTok's "secret operation" tracks you even if you don't use it
https://malware.news/t/tiktoks-secret-operation-tracks-you-even-if-you-dont-use-it/63912/1

Cybersecurity awareness tips from Microsoft to empower your team to #BeCyberSmart
https://www.microsoft.com/security/blog/2022/10/04/cybersecurity-awareness-tips-from-microsoft-to-empower-your-team-to-becybersmart/

Mitigation for Exchange Zero-Days Bypassed! Microsoft Issues New Workarounds
https://thehackernews.com/2022/10/mitigation-for-exchange-zero-days.html

Dell launches new cybersecurity resources to enhance zero-trust adoption, cyber resilience
https://www.csoonline.com/article/3675558/dell-launches-new-cybersecurity-resources-to-enhance-zero-trust-adoption-cyber-resilience.html#tk.rss_all

Wireshark 4.0.0 has been released
https://www.reddit.com/r/netsec/comments/xw0q7c/wireshark_400_has_been_released/

Pixel 6 bootloader: Emulation, ROP
https://www.reddit.com/r/netsec/comments/xw1uxc/pixel_6_bootloader_emulation_rop/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 06/10/2022

NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/05-10-2022

MSSQL, meet Maggie - a novel backdoor for MSSQL servers.
https://www.reddit.com/r/netsec/comments/xvdyri/mssql_meet_maggie_a_novel_backdoor_for_mssql/

Telstra Telecom Suffers Data Breach Potentially Exposing Employee Information
https://thehackernews.com/2022/10/telstra-telecom-suffers-data-breach.html

Customer Field enhancement at Delivery Level in EWM
https://malware.news/t/customer-field-enhancement-at-delivery-level-in-ewm/63961/1

Kocho acquires Mobliciti. NetSPI receives $410 million in funding. Optus breach fallout.
https://thecyberwire.com/newsletters/business-briefing/4/40

Talkin’ About Infosec News – 10/5/2022
https://malware.news/t/talkin-about-infosec-news-10-5-2022/63960/1

Microsoft updates guidance for ‘ProxyNotShell’ bugs after researchers get around mitigations
https://malware.news/t/microsoft-updates-guidance-for-proxynotshell-bugs-after-researchers-get-around-mitigations/63957/1

A Deep Dive of CVE-2022–33987 (Got allows a redirect to a UNIX socket)
https://www.reddit.com/r/netsec/comments/xwre1m/a_deep_dive_of_cve202233987_got_allows_a_redirect/

What is cyber quantum computing?
https://thecyberwire.com/podcasts/hacking-humans/215/notes

How to encrypt a folder in MacOS to keep sensitive data from prying eyes
https://malware.news/t/how-to-encrypt-a-folder-in-macos-to-keep-sensitive-data-from-prying-eyes/63959/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 07/10/2022

Details Released for Recently Patched new macOS Archive Utility Vulnerability
https://thehackernews.com/2022/10/details-released-for-recently-patched.html

NetWalker Ransomware Scumbag Jailed For 20 Years
https://packetstormsecurity.com/news/view/33919/NetWalker-Ransomware-Scumbag-Jailed-For-20-Years.html

ISC StormCast for Friday, October 7th, 2022
https://isc.sans.edu/podcastdetail.html?id=8204

Government considers centralising digital ID verification on myGov in wake of Optus breach
https://www.theguardian.com/technology/2022/oct/07/government-considers-centralising-digital-id-verification-on-mygov-in-wake-of-optus-breach

CVE-2022-41343 - RCE via Phar Deserialisation (Dompdf)
https://www.reddit.com/r/netsec/comments/xwyf9o/cve202241343_rce_via_phar_deserialisation_dompdf/

Fully loaded: testing vulnerable PyYAML versions
https://www.reddit.com/r/netsec/comments/xxc2aa/fully_loaded_testing_vulnerable_pyyaml_versions/

Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan
https://www.csoonline.com/article/3675559/dashlane-launches-new-dark-web-insights-tool-mfa-authenticator-app-small-biz-starter-plan.html#tk.rss_all

Former Uber Security Chief Found Guilty of Data Breach Coverup
https://thehackernews.com/2022/10/former-uber-security-chief-found-guilty.html

TransUnion taps behavioral analytics to aid fraud detection, curb false positives
https://www.csoonline.com/article/3675955/transunion-taps-behavioral-analytics-to-aid-fraud-detection-curb-false-positives.html#tk.rss_all

Ransomware review: September 2022
https://www.malwarebytes.com/blog/threat-intelligence/2022/10/ransomware-review-september-2022


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 08/10/2022

Australian teen arrested for blackmailing Optus breach victims. CareOregon accidentally leaks member data. City of Tucson discloses data breach.
https://thecyberwire.com/podcasts/privacy-briefing/685/notes

3 actions Latin American leaders must take to reduce risk of cyberattacks
https://www.csoonline.com/article/3675961/3-actions-latin-american-leaders-must-take-to-reduce-risk-of-cyberattacks.html#tk.rss_all

This Week in Malware - Over 100 Packages Discovered
https://malware.news/t/this-week-in-malware-over-100-packages-discovered/64018#post_1

Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities
https://thehackernews.com/2022/10/microsoft-issues-improved-mitigations.html

Facebook Detects 400 Android and iOS Apps Stealing Users Log-in Credentials
https://thehackernews.com/2022/10/facebook-detects-400-android-and-ios.html

Microsoft warns of Exchange Server vulnerabilities. Hacktivists compromise Mexican government data. Patch news. Crime and punishment.
https://thecyberwire.com/newsletters/week-that-was/6/40

2600 KICKED OFF OF YOUTUBE FOR SARCASTIC REMARK
https://www.2600.com/content/2600-kicked-youtube-sarcastic-remark

A US EO addresses EU data privacy concerns. China’s favorite CVEs. Election security and credit risk. COVID phishbait. Notes from the hybrid war, including some really motivated draft evaders.
https://thecyberwire.com/podcasts/daily-podcast/1679/notes

Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy
https://thehackernews.com/2022/10/fortinet-warns-of-new-auth-bypass-flaw.html

securepupads.g.doubleclick.net removal
https://www.reddit.com/r/Malware/comments/xy5bdb/securepupadsgdoubleclicknet_removal/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 09/10/2022

Romance scammer given 25 years of alone time
https://malware.news/t/romance-scammer-given-25-years-of-alone-time/64021#post_1

What is torrenting and how does it work?
https://malware.news/t/what-is-torrenting-and-how-does-it-work/64025#post_1

Sysmon v14.1 Release, (Sat, Oct 8th)
https://isc.sans.edu/diary/rss/29126

Pentest reporting and the remediation cycle: Why aren’t we making progress?
https://thecyberwire.com/podcasts/cyberwire-x/39/notes

BlackByte Ransomware abuses vulnerable driver to bypass security solutions
https://securityaffairs.co/wordpress/136816/malware/blackbyte-ransomware-byovd-attack.html

Unpatched remote code execution flaw in Zimbra Collaboration Suite actively exploited
https://securityaffairs.co/wordpress/136800/hacking/zimbra-collaboration-suite-rce.html

Sysmon v14.1 Release, (Sat, Oct 8th)
https://malware.news/t/sysmon-v14-1-release-sat-oct-8th/64023#post_1

I had a pop up ad
https://www.reddit.com/r/Malware/comments/xzdzwu/i_had_a_pop_up_ad/

What can we learn from leaked Insyde's BIOS for Intel Alder Lake
https://www.reddit.com/r/netsec/comments/xyuwa7/what_can_we_learn_from_leaked_insydes_bios_for/

Key takeaways from ESET Threat Report T2 2022 – Week in security with Tony Anscombe
https://malware.news/t/key-takeaways-from-eset-threat-report-t2-2022-week-in-security-with-tony-anscombe/64026#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 10/10/2022

Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM
https://securityaffairs.co/wordpress/136866/cyber-crime/south-africa-eskom-everest-ransomware.html

Lloyd’s of London investigates alleged cyber attack
https://securityaffairs.co/wordpress/136834/security/lloyds-of-london-cyberattack.html

Curl's resolve Option, (Sun, Oct 9th)
https://isc.sans.edu/diary/rss/29132

Pt 2 – XDR: from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/64/notes

ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://isc.sans.edu/diary/rss/29134

ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://malware.news/t/isc-stormcast-for-monday-october-10th-2022-https-isc-sans-edu-podcastdetail-html-id-8206-mon-oct-10th/64030#post_1

Use case creation in SIEM - Malicious download
https://www.reddit.com/r/Malware/comments/xzmszq/use_case_creation_in_siem_malicious_download/

Is there a team recruiting？
https://0x00sec.org/t/is-there-a-team-recruiting/31635

Security Affairs newsletter Round 387
https://securityaffairs.co/wordpress/136857/breaking-news/security-affairs-newsletter-round-387.html

ISC StormCast for Monday, October 10th, 2022
https://isc.sans.edu/podcastdetail.html?id=8206


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 11/10/2022

Python and Malware: Writing a simple wiper malware
https://0x00sec.org/t/python-and-malware-writing-a-simple-wiper-malware/31652

GitLab: RCE via github import
https://www.reddit.com/r/netsec/comments/y0cnw1/gitlab_rce_via_github_import/

White House unveils Blueprint for an AI Bill of Rights
https://www.malwarebytes.com/blog/news/2022/10/the-white-houses-new-bill-of-rights-holds-big-tech-companies-accountable-for-their-ai

A week in security (October 3 – 9)
https://www.malwarebytes.com/blog/news/2022/10/a-week-in-security-october-3-9

Endor Labs offers dependency management platform for open source software
https://www.csoonline.com/article/3675963/endor-labs-offers-dependency-management-platform-for-open-source-software.html#tk.rss_all

White House unveils Blueprint for an AI Bill of Rights
https://malware.news/t/white-house-unveils-blueprint-for-an-ai-bill-of-rights/64045#post_1

ISC Stormcast For Tuesday, October 11th, 2022 https://isc.sans.edu/podcastdetail.html?id=8208, (Tue, Oct 11th)
https://malware.news/t/isc-stormcast-for-tuesday-october-11th-2022-https-isc-sans-edu-podcastdetail-html-id-8208-tue-oct-11th/64048#post_1

Hackers Steal $100 Million Cryptocurrency from Binance Bridge
https://thehackernews.com/2022/10/hackers-steal-100-million.html

Security Alert: Alert Regarding Authentication Bypass Vulnerability (CVE-2022-42458) in bingo!CMS
https://malware.news/t/security-alert-alert-regarding-authentication-bypass-vulnerability-cve-2022-42458-in-bingo-cms/64049#post_1

Persistent PHP payloads in PNGs: How to inject PHP code in an image and keep it there!
https://www.reddit.com/r/netsec/comments/y0jlzp/persistent_php_payloads_in_pngs_how_to_inject_php/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 12/10/2022

postMessage Braindump - a brief postMessage testing methodology
https://www.reddit.com/r/netsec/comments/y1tehd/postmessage_braindump_a_brief_postmessage_testing/

Uncovering Siemens SIMATIC S7-1200/1500 Hardcoded Cryptographic Keys in PLCs
https://www.reddit.com/r/netsec/comments/y19lns/uncovering_siemens_simatic_s712001500_hardcoded/

An 18 year scam odyssey of stranded astronauts
https://www.malwarebytes.com/blog/news/2022/10/an-18-year-scam-odyssey-of-stranded-astronauts

Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox
https://thehackernews.com/2022/10/researchers-detail-critical-rce-flaw.html

Meta warns Facebook users about malicious apps. Toyota leaves the keys in the car door. Dialog IT discloses security incident.
https://thecyberwire.com/podcasts/privacy-briefing/686/notes

The Fresh Phish Market: Behind the Scenes of the Caffeine Phishing-as-a-Service Platform
https://www.reddit.com/r/netsec/comments/y1hkqk/the_fresh_phish_market_behind_the_scenes_of_the/

Caffeine phishing-as-a-service platform. Malicious apps in official app stores. New Android spyware.
https://thecyberwire.com/podcasts/research-briefing/138/notes

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/11-10-2022

Smart lights vulnerable to "blink and you'll miss it" attack
https://www.malwarebytes.com/blog/news/2022/10/smart-lighting-system-suffers-a-blink-and-youll-miss-it-attack

The Latest Funding News and What it Means for Cyber Security in 2023
https://thehackernews.com/2022/10/the-latest-funding-news-and-what-it.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman