Top Security New for 16/05/2022

The 2023 Nissan Z first drive
https://arstechnica.com/?p=1854343

Using Stolen IAM Credentials - Hacking The Cloud
https://www.reddit.com/r/netsec/comments/uqgfe5/using_stolen_iam_credentials_hacking_the_cloud/

ISC StormCast for Monday, May 16th, 2022
https://isc.sans.edu/podcastdetail.html?id=8008

Singapore launches safety rating scheme for e-commerce sites
https://malware.news/t/singapore-launches-safety-rating-scheme-for-e-commerce-sites/60144/1

Nasty Zyxel remote execution bug is being exploited
https://malware.news/t/nasty-zyxel-remote-execution-bug-is-being-exploited/60150/1

Crypters - Some questions
https://0x00sec.org/t/crypters-some-questions/29335

mp3 file random corruption
https://www.reddit.com/r/Malware/comments/uq9ord/mp3_file_random_corruption/

How to spot the signs of a virtual kidnap scam
https://blog.malwarebytes.com/scams/2022/05/how-to-spot-the-signs-of-a-virtual-kidnap-scam/

The tech sector teardown is more catharsis than crisis
https://arstechnica.com/?p=1854178

How to spot the signs of a virtual kidnap scam
https://malware.news/t/how-to-spot-the-signs-of-a-virtual-kidnap-scam/60148/1



For more information, feel free to follow me at @ShayaFeedman on Twitter

Top Security New for 17/05/2022

Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls RCE Vulnerability
https://thehackernews.com/2022/05/watch-out-hackers-begin-exploiting.html

Why MRG-Effitas matters to SMBs
https://blog.malwarebytes.com/malwarebytes-news/2022/05/why-mrg-effitas-matters-to-smbs/

Users advised to patch actively exploited Zyxel vulnerability. Hacktivism and influence ops in Russia’s hybrid war. Ransomware notes. Indiscriminate hacktivism? Alt-coin sanctions case will proceed.
https://thecyberwire.com/podcasts/daily-podcast/1579/notes

A dev's critique of OAUTH2, based on their experience. "OAUTH2 ... places the viability of [client developers'] products in the hands of corporate entities who are in no way accountable to anyone except their major shareholders."
https://www.reddit.com/r/netsec/comments/urfk8m/a_devs_critique_of_oauth2_based_on_their/

Army’s New ‘Psyop’ Recruitment Ad Looks Like a Terrifying Video Game Cutscene
https://www.vice.com/en_us/article/93bxwz/armys-new-recruitment-ad-looks-like-a-terrifying-video-game-cutscene

ISC Stormcast For Tuesday, May 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8010, (Tue, May 17th)
https://isc.sans.edu/diary/rss/28656

Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis
https://blog.malwarebytes.com/threat-intelligence/2022/05/custom-powershell-rat-targets-germans-seeking-information-about-the-ukraine-crisis/

BrandPost: The Cyberwar Against Pro-Ukrainian Countries is Real. Here’s What to Do
https://www.csoonline.com/article/3660576/the-cyberwar-against-pro-ukrainian-countries-is-real-here-s-what-to-do.html#tk.rss_all

12 steps to building a top-notch vulnerability management program
https://www.csoonline.com/article/3659838/12-steps-to-building-a-top-notch-vulnerability-management-program.html#tk.rss_all

SMM Callouts in HP Products
https://www.reddit.com/r/netsec/comments/uquoz6/smm_callouts_in_hp_products/



For more information, feel free to follow me at @ShayaFeedman on Twitter

Top Security New for 18/05/2022

Update now! Apple patches zero-day vulnerability affecting Macs, Apple Watch, and Apple TV
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/update-now-apple-patches-zero-day-vulnerability-affecting-macs-apple-watch-and-apple-tv/

Over 200 Apps on Play Store Caught Spying on Android Users Using Facestealer
https://thehackernews.com/2022/05/over-200-apps-on-play-store-caught.html

Gmail-linked Facebook accounts vulnerable to attack using a chain of bugs—now fixed
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/gmail-linked-facebook-accounts-vulnerable-to-attack-using-a-chain-of-bugs-now-fixed/

Long lost @ symbol gets new life obscuring malicious URLs
https://blog.malwarebytes.com/social-engineering/2022/05/long-lost-symbol-gets-new-life-obscuring-malicious-urls/

A dev's critique of OAUTH2, based on their experience. "OAUTH2 ... places the viability of [client developers'] products in the hands of corporate entities who are in no way accountable to anyone except their major shareholders."
https://www.reddit.com/r/netsec/comments/urfk8m/a_devs_critique_of_oauth2_based_on_their/

Kids 5 to 11 get FDA OK for COVID-19 booster doses
https://arstechnica.com/?p=1854632

Stealing Google Drive OAuth tokens from Dropbox
https://www.reddit.com/r/netsec/comments/urvcip/stealing_google_drive_oauth_tokens_from_dropbox/

“Look what I found here” phish targets Facebook users
https://blog.malwarebytes.com/scams/2022/05/look-what-i-found-here-phish-targets-facebook-users/

BrandPost: DDos Extortion Takes VoIP Providers Offline
https://www.csoonline.com/article/3660514/ddos-extortion-takes-voip-providers-offline.html#tk.rss_all

Car owners warned of another theft-enabling relay attack
https://blog.malwarebytes.com/hacking-2/2022/05/car-owners-warned-of-another-theft-enabling-relay-attack/



For more information, feel free to follow me at @ShayaFeedman on Twitter

Top Security New for 19/05/2022

Researchers Expose Inner Workings of Billion-Dollar Wizard Spider Cybercrime Gang
https://thehackernews.com/2022/05/researchers-expose-inner-working-of.html

BrandPost: How a Culture of Learning Can Help Close the Cybersecurity Skills Gap
https://www.csoonline.com/article/3661228/how-a-culture-of-learning-can-help-close-the-cybersecurity-skills-gap.html#tk.rss_all

Google Russia forced to declare bankruptcy after bank account seizure
https://arstechnica.com/?p=1854920

U.S. Warns Against North Korean Hackers Posing as IT Freelancers
https://thehackernews.com/2022/05/us-warns-against-north-korean-hackers.html

What Microsoft Defender can tell you about your network
https://www.csoonline.com/article/3660494/what-microsoft-defender-can-tell-you-about-your-network.html#tk.rss_all

ISC Stormcast For Thursday, May 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8014, (Thu, May 19th)
https://malware.news/t/isc-stormcast-for-thursday-may-19th-2022-https-isc-sans-edu-podcastdetail-html-id-8014-thu-may-19th/60274/1

ISC Stormcast For Thursday, May 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8014, (Thu, May 19th)
https://isc.sans.edu/diary/rss/28666

2022-05-18 - Pcap and malware for ISC diary: EXOTIC LILY --> Bumblebee --> Cobalt Strike
https://malware.news/t/2022-05-18-pcap-and-malware-for-isc-diary-exotic-lily-bumblebee-cobalt-strike/60276/1

Ransomware: What’s in a Name?
https://malware.news/t/ransomware-what-s-in-a-name/60270/1

2022-05-18 - TA578 thread-hijacked emails and ISO example for Bumblebee
https://malware.news/t/2022-05-18-ta578-thread-hijacked-emails-and-iso-example-for-bumblebee/60273/1



For more information, feel free to follow me at https://twitter.com/ShayaFeedman

Top Security New for 20/05/2022

Uber CISO's trial underscores the importance of truth, transparency, and trust
https://www.csoonline.com/article/3660560/uber-cisos-trial-underscores-the-importance-of-truth-transparency-and-trust.html#tk.rss_all

Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
https://www.reddit.com/r/netsec/comments/ut76ps/rise_in_xorddos_a_deeper_look_at_the_stealthy/

QuSecure launches end-to-end post-quantum cybersecurity solution
https://www.csoonline.com/article/3660775/qusecure-launches-end-to-end-post-quantum-cybersecurity-solution.html#tk.rss_all

10 ways attackers gain access to networks
https://blog.malwarebytes.com/hacking-2/2022/05/10-ways-attackers-gain-access-to-networks/

ISC Stormcast For Friday, May 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8016, (Fri, May 20th)
https://isc.sans.edu/diary/rss/28668

WannaCry 5 years on: Still a top threat
https://www.csoonline.com/article/3660575/wannacry-5-years-on-still-a-top-threat.html#tk.rss_all

Is Hack the Kernel a great way to learn operating systems?
https://www.reddit.com/r/lowlevel/comments/utf4ij/is_hack_the_kernel_a_great_way_to_learn_operating/

Enterprises report rise in risk events, yet risk management lags
https://www.csoonline.com/article/3661350/enterprises-report-rise-in-risk-events-yet-risk-management-lags.html#tk.rss_all

Web Trackers Caught Intercepting Online Forms Even Before Users Hit Submit
https://thehackernews.com/2022/05/web-trackers-caught-intercepting-online.html

[RE027] China-based APT Mustang Panda might have still continued their attack activities against organizations in Vietnam
https://malware.news/t/re027-china-based-apt-mustang-panda-might-have-still-continued-their-attack-activities-against-organizations-in-vietnam/60324/1


Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security New for 21/05/2022

[SANS ISC] A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes
https://blog.rootshell.be/2022/05/20/sans-isc-a-zip-bomb-to-bypass-security-controls-sandboxes/

When eBPF meets TLS! A Security Focused Introduction to eBPF
https://www.reddit.com/r/netsec/comments/uu9agd/when_ebpf_meets_tls_a_security_focused/

Tesla, Microsoft and Ubuntu bugs found during Pwn2Own hacking competition
https://malware.news/t/tesla-microsoft-and-ubuntu-bugs-found-during-pwn2own-hacking-competition/60356/1

Shift left is only part of secure software delivery
https://malware.news/t/shift-left-is-only-part-of-secure-software-delivery/60354/1

Canada bans Huawei, ZTE in 5G networks
https://www.networkworld.com/article/3661691/canada-bans-huawei-zte-in-5g-networks.html#tk.rss_all

Microsoft Warns Rise in XorDdos Malware Targeting Linux Devices
https://thehackernews.com/2022/05/microsoft-warns-rise-in-xorddos-malware.html

Matryoshka Trap: Recursive MMIO Flaws Lead to VM Escape
https://www.reddit.com/r/netsec/comments/uuaeqm/matryoshka_trap_recursive_mmio_flaws_lead_to_vm/

Cytrox's Predator Spyware Target Android Users with Zero-Day Exploits
https://thehackernews.com/2022/05/cytroxs-predator-spyware-target-android.html

Is Conti rebranding? Commercial spyware scrutinized. Notes from the cyber phases of a hybrid war. Notes on the underworld. Software supply chain attack. Canada will exclude Huawei from 5G.
https://thecyberwire.com/podcasts/daily-podcast/1583/notes

Raytheon’s John DeSimone on building the offensive line
https://www.csoonline.com/article/3660638/raytheon-s-john-desimone-on-building-the-offensive-line.html#tk.rss_all


Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security New for 22/05/2022

Biden administration lays out plan for four carbon-capture facilities
https://arstechnica.com/?p=1855569

Asian media company Nikkei suffered a ransomware attack
https://securityaffairs.co/wordpress/131533/data-breach/nikkei-data-breach.html

Russia-linked Sandworm continues to conduct attacks against Ukraine
https://securityaffairs.co/wordpress/131523/apt/sandworm-attacks-against-ukraine.html

Metastealer – filling the Racoon void
https://www.reddit.com/r/Malware/comments/uuhier/metastealer_filling_the_racoon_void/

AutoWarp bug leads to Automation headaches.
https://thecyberwire.com/podcasts/research-saturday/233/notes

SolarWinds ready to move past breach and help customers manage theirs
https://malware.news/t/solarwinds-ready-to-move-past-breach-and-help-customers-manage-theirs/60360/1

Researchers Find Backdoor in School Management Plugin for WordPress
https://thehackernews.com/2022/05/researchers-find-backdoor-in-school.html

Metastealer – filling the Racoon void
https://www.reddit.com/r/netsec/comments/uuob6i/metastealer_filling_the_racoon_void/

$547 Worth of 18 Books on Python Coding by Starch Press for $18 (-97% oFF)
https://www.reddit.com/r/netsec/comments/uul1lw/547_worth_of_18_books_on_python_coding_by_starch/

network configuration for malware analysis
https://www.reddit.com/r/Malware/comments/uuuwv3/network_configuration_for_malware_analysis/


Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security New for 23/05/2022

North Korea-linked Lazarus APT uses Log4J to target VMware servers
https://securityaffairs.co/wordpress/131483/apt/lazarus-apt-log4j-vmware-servers.html

Charity Wright: Pursue what you love. [Threat intelligence]
https://thecyberwire.com/podcasts/career-notes/101/notes

Android SMS catcher
https://0x00sec.org/t/android-sms-catcher/29445

ASEC Weekly Malware Statistics (May 9th, 2022 – May 15th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-may-9th-2022-may-15th-2022/60364/1

How to program watch OS
https://www.reddit.com/r/lowlevel/comments/uv88mc/how_to_program_watch_os/

Conscerned
https://www.reddit.com/r/Malware/comments/uvaxu5/conscerned/

Misinformation needs tackling and it would help if politicians stopped muddying the water
https://malware.news/t/misinformation-needs-tackling-and-it-would-help-if-politicians-stopped-muddying-the-water/60362/1

ISC StormCast for Monday, May 23rd, 2022
https://isc.sans.edu/podcastdetail.html?id=8018

A year after report, task force urges U.S. to keep ransomware on front burner
https://www.reddit.com/r/Malware/comments/uv37s6/a_year_after_report_task_force_urges_us_to_keep/

ISC Stormcast For Monday, May 23rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8018, (Mon, May 23rd)
https://malware.news/t/isc-stormcast-for-monday-may-23rd-2022-https-isc-sans-edu-podcastdetail-html-id-8018-mon-may-23rd/60363/1


Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security New for 24/05/2022

A week in security (May 16 – 22)
https://blog.malwarebytes.com/a-week-in-security/2022/05/a-week-in-security-may-16-22/

Canada's ban on Huawei and ZTE. Ransomware task forces. NSF advocates threat intelligence sharing.
https://thecyberwire.com/newsletters/policy-briefing/4/99

Data protection concerns spike as states get ready to outlaw abortion
https://www.csoonline.com/article/3661689/data-protection-concerns-spike-as-states-get-ready-to-outlaw-abortion.html#tk.rss_all

Hiding MSFVENOM Payloads in USB NIC EEPROM
https://www.reddit.com/r/netsec/comments/uw4feh/hiding_msfvenom_payloads_in_usb_nic_eeprom/

ISC StormCast for Tuesday, May 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8020

mx-takeover focuses DNS MX records and detects misconfigured MX records.
https://www.reddit.com/r/netsec/comments/uw2s73/mxtakeover_focuses_dns_mx_records_and_detects/

Beneath the surface: Uncovering the shift in web skimming
https://www.reddit.com/r/netsec/comments/uw42x0/beneath_the_surface_uncovering_the_shift_in_web/

Cyber developments in Russia's hybrid war against Ukraine. Conti's dissolution.
https://thecyberwire.com/newsletters/daily-briefing/11/99

VOLUME 38 OF THE HACKER DIGEST RELEASED
https://www.2600.com/content/volume-38-hacker-digest-released

DEADLINE FOR SUBMITTING HOPE TALK PROPOSALS IS MAY 31, 2022!
https://www.2600.com/content/deadline-submitting-hope-talk-proposals-may-31-2022


Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 25/05/2022

Suspected Chinese threat actors target Russian government entities. New version of Sandworm malware loader. Linux botnet activity.
https://thecyberwire.com/newsletters/research-briefing/4/21

7 machine identity management best practices
https://www.csoonline.com/article/3661357/7-machine-identity-best-practices.html#tk.rss_all

New Rhino Blog Post: CVE-2022-25237: Bonitasoft Authorization Bypass and RCE
https://www.reddit.com/r/netsec/comments/uwt4gq/new_rhino_blog_post_cve202225237_bonitasoft/

Exium expands SASE, 5G-based security for midsize enterprise networks
https://www.networkworld.com/article/3661700/exium-expands-sase-5g-based-security-for-midsize-enterprise-networks.html#tk.rss_all

ISC StormCast for Wednesday, May 25th, 2022
https://isc.sans.edu/podcastdetail.html?id=8022

Zoom patches XMPP vulnerability chain that could lead to remote code execution
https://malware.news/t/zoom-patches-xmpp-vulnerability-chain-that-could-lead-to-remote-code-execution/60432/1

Method that Tricks Users to Perceive Attachment of PDF File as Safe File
https://malware.news/t/method-that-tricks-users-to-perceive-attachment-of-pdf-file-as-safe-file/60435/1

CMMC issues. CISA's forthcoming incident reporting rules. US FTC blogs policy.
https://thecyberwire.com/newsletters/policy-briefing/4/100

Experts to World: We’re Doomed
https://www.vice.com/en_us/article/93bxxv/experts-to-world-were-doomed

SIM-based Authentication Aims to Transform Device Binding Security to End Phishing
https://thehackernews.com/2022/05/sim-based-authentication-aims-to.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 26/05/2022

How the Saitama backdoor uses DNS tunnelling
https://blog.malwarebytes.com/threat-intelligence/2022/05/how-the-saitama-backdoor-uses-dns-tunnelling/

PIXM releases new computer vision solution for mobile phishing
https://www.csoonline.com/article/3661560/pixm-releases-new-computer-vision-solution-for-mobile-phishing.html#tk.rss_all

Pfizer warns of “constant waves” of COVID as complacency grows
https://arstechnica.com/?p=1856239

Learn How Hackers Can Hijack Your Online Accounts Even Before You Create Them
https://thehackernews.com/2022/05/learn-how-hackers-can-hijack-your.html

BrandPost: How Shift Left Security Helps Developers Build More Secure Cloud-Native Apps
https://www.csoonline.com/article/3662070/how-shift-left-security-helps-developers-build-more-secure-cloud-native-apps.html#tk.rss_all

Twitter fined $150 million by FTC for alleged privacy violations
https://malware.news/t/twitter-fined-150-million-by-ftc-for-alleged-privacy-violations/60475/1

Lumos System Can Find Hidden Cameras and IoT Devices in Your Airbnb or Hotel Room
https://thehackernews.com/2022/05/lumos-system-can-find-hidden-cameras.html

If Europe and Japan can have small, cheap EVs, why can’t America?
https://arstechnica.com/?p=1856257

YouTube remains in Russia to be an independent news source: CEO
https://malware.news/t/youtube-remains-in-russia-to-be-an-independent-news-source-ceo/60474/1

Tetragon: case study of security product's self-protection
https://www.reddit.com/r/netsec/comments/uxhw4k/tetragon_case_study_of_security_products/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 27/05/2022

Uvalde SWAT Team Bragged About Training at Schools on Facebook
https://www.vice.com/en_us/article/wxdwgn/uvalde-swat-team-bragged-about-training-at-schools-on-facebook

Cheerscrypt described. Twitter settles with FTC over data privacy. Update on SpiceJet's ransomware incident.
https://thecyberwire.com/newsletters/privacy-briefing/4/102

Cheerscrypt described. Twitter settles with FTC over data privacy. Update on SpiceJet's ransomware incident.
https://thecyberwire.com/podcasts/privacy-briefing/593/notes

Vulnerabilities and exploits: Pantsdown, ChromeLoader. Ransomware campaign updates. CISA Known Exploited Vulnerabilities.
https://thecyberwire.com/newsletters/daily-briefing/11/102

Episode 67 : IceCoal DB Reversing
https://malware.news/t/episode-67-icecoal-db-reversing/60521/1

New Linux-based ransomware targets VMware servers
https://www.csoonline.com/article/3662153/new-linux-based-ransomware-targets-vmware-servers.html#tk.rss_all

ASEC Weekly Malware Statistics (May 16th, 2022 – May 22nd, 2022)
https://malware.news/t/asec-weekly-malware-statistics-may-16th-2022-may-22nd-2022/60519/1

Russian disinformation: disruption is easier than persuasion. Hyperlocal propaganda. Coordinated inauthenticity, at scale. Possible Ukrainian disinformation. Dissent in Russia's war. Influence ops against authoritarians.
https://thecyberwire.com/newsletters/disinformation-briefing/4/21

Top Ten Most Cumbersome Website Infections to Remove in 2021
https://malware.news/t/top-ten-most-cumbersome-website-infections-to-remove-in-2021/60520/1

Critical 'Pantsdown' BMC Vulnerability Affects QCT Servers Used in Data Centers
https://thehackernews.com/2022/05/critical-pantsdown-bmc-vulnerability.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 28/05/2022

RCE over ham radio - Reverse shell via WinAPRS
https://www.reddit.com/r/netsec/comments/uxo9bk/rce_over_ham_radio_reverse_shell_via_winaprs/

How To Build a Trusted Cybersecurity Program
https://malware.news/t/how-to-build-a-trusted-cybersecurity-program/60553/1

Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw
https://securityaffairs.co/wordpress/131698/hacking/poc-exploit-code-vmware-cve-2022-22972.html

Nearly 100,000 NPM Users' Credentials Stolen in GitHub OAuth Breach
https://thehackernews.com/2022/05/nearly-100000-npm-users-credentials.html

CISA, DOD Report Gaps for Agencies Assessing 5G Security Risks
https://malware.news/t/cisa-dod-report-gaps-for-agencies-assessing-5g-security-risks/60550/1

Man who helped Infraud cybercrime cartel steal millions of credit cards sentenced
https://malware.news/t/man-who-helped-infraud-cybercrime-cartel-steal-millions-of-credit-cards-sentenced/60551/1

Cecelia Marinier from RSAC and Niloo Howe, judge, on the RSAC Innovation Sandbox contest.
https://thecyberwire.com/podcasts/interview-selects/112/notes

AWS universal rate-limiter bypass
https://www.reddit.com/r/netsec/comments/uyz6zw/aws_universal_ratelimiter_bypass/

Ukraine at D+92: Artillery, DDoS, and remittances in a hybrid war.
https://thecyberwire.com/stories/eb35d7ba848d4b16ac000f6936d75779/ukraine-at-d92

Firefox, Thunderbird, receive patches for critical security issues
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/firefox-thunderbird-receive-patches-for-critical-security-issues/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 29/05/2022

Understanding CVE-2022-22972 (VMWare Workspace One Access Auth Bypass)
https://www.reddit.com/r/netsec/comments/uzkf6p/understanding_cve202222972_vmware_workspace_one/

Stealthy Linux malware bypasses firewalls for remote access
https://www.reddit.com/r/Malware/comments/uzr2gb/stealthy_linux_malware_bypasses_firewalls_for/

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks
https://securityaffairs.co/wordpress/131762/apt/gamaredon-apt-ddos-attacks.html

New York Man Sentenced to 4 Years in Transnational Cybercrime Scheme
https://thehackernews.com/2022/05/new-york-man-sentenced-to-4-years-in.html

Mining museums’ genomic treasures
https://arstechnica.com/?p=1856930

Are TikTok algorithms changing how people talk about suicide?
https://arstechnica.com/?p=1857008

Rikkei Finance Hack: Explained
https://www.reddit.com/r/netsec/comments/uzjfyx/rikkei_finance_hack_explained/

Compromised military tech?
https://thecyberwire.com/podcasts/research-saturday/234/notes

The strange link between Industrial Spy and the Cuba ransomware operation
https://securityaffairs.co/wordpress/131754/cyber-crime/industrial-spy-cuba-ransomware.html

How to secure Kubernetes Deployment
https://www.reddit.com/r/netsec/comments/uzk9od/how_to_secure_kubernetes_deployment/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 30/05/2022

The mystery of China’s sudden warnings about US hackers
https://arstechnica.com/?p=1856999

Curious - What is Skillbrains ?
https://www.bleepingcomputer.com/forums/t/772662/curious-what-is-skillbrains/

ForceAdmin : Create infinate #UAC prompts forcing a user to run as admin.
https://www.reddit.com/r/netsec/comments/v08p38/forceadmin_create_infinate_uac_prompts_forcing_a/

Pro-Russian hacker group KillNet plans to attack Italy on May 30
https://securityaffairs.co/wordpress/131776/hacking/killnet-threatens-italy.html

JPG to Malware
https://www.reddit.com/r/netsec/comments/v08plj/jpg_to_malware/

Extracting The Overlay Of A PE File, (Sun, May 29th)
https://malware.news/t/extracting-the-overlay-of-a-pe-file-sun-may-29th/60555/1

Clop ransomware gang is back, hits 21 victims in a single month
https://www.reddit.com/r/Malware/comments/v03we1/clop_ransomware_gang_is_back_hits_21_victims_in_a/

How to stop malware extension from automatically re-installing every time i open Chrome
https://www.reddit.com/r/Malware/comments/v0k9fo/how_to_stop_malware_extension_from_automatically/

grsecurity - Tetragone: A Lesson in Security Fundamentals
https://www.reddit.com/r/netsec/comments/v06ok1/grsecurity_tetragone_a_lesson_in_security/

Extracting The Overlay Of A PE File, (Sun, May 29th)
https://isc.sans.edu/diary/rss/28692


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 31/05/2022

Is 3rd Party App Access the New Executable File?
https://thehackernews.com/2022/05/is-3rd-party-app-access-new-executable.html

POS Small Business Operation
https://www.bleepingcomputer.com/forums/t/772687/pos-small-business-operation/

WorldWide Deadbolt Ransomware : 1,216. title: "ALL YOUR FILES HAVE BEEN LOCKED BY DEADBOLT."
https://www.reddit.com/r/Malware/comments/v1ddoc/worldwide_deadbolt_ransomware_1216_title_all_your/

How Costa Rica found itself at war over ransomware
https://www.csoonline.com/article/3662311/how-costa-rica-found-itself-at-war-over-ransomware.html#tk.rss_all

I found a malicious chrome extension
https://www.reddit.com/r/Malware/comments/v1ddvb/i_found_a_malicious_chrome_extension/

Microsoft Office zero-day “Follina”—it’s not a bug, it’s a feature! (It’s a bug)
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/microsoft-office-zero-day-follina-its-not-a-bug-its-a-feature-its-a-bug/

Remembering Apple’s Newton, 30 years on
https://arstechnica.com/?p=1856644

Offensive Windows IPC Internals 3: ALPC
https://www.reddit.com/r/netsec/comments/v0uhc6/offensive_windows_ipc_internals_3_alpc/

Linux malware is on the rise—6 types of attacks to look for
https://www.csoonline.com/article/3662151/linux-malware-is-on-the-rise-6-types-of-attacks-to-look-for.html#tk.rss_all

Intuit phish says “we have put a temporary hold on your account”
https://blog.malwarebytes.com/social-engineering/2022/05/intuit-phish-says-we-have-put-a-temporary-hold-on-your-account/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 01/06/2022

Code execution 0-day in Windows has been under active exploit for 7 weeks
https://arstechnica.com/?p=1857315

Is quantum teleportation the future of secure communications?
https://blog.malwarebytes.com/reports/2022/05/is-quantum-teleportation-the-future-of-secure-communications/

FBI warns of education sector credentials on dark web forums
https://blog.malwarebytes.com/privacy-2/2022/05/fbi-warns-of-education-sector-credentials-on-dark-web-forums/

Runescape phish claims your email has been changed
https://blog.malwarebytes.com/scams/2022/05/runescape-phish-claims-your-email-has-been-changed/

Microsoft Releases Workarounds for Office Vulnerability Under Active Exploitation
https://thehackernews.com/2022/05/microsoft-releases-workarounds-for.html

Marjorie Taylor Greene Says Bill Gates Will Force You to Eat Burgers Made in a ‘Peach Tree Dish’
https://www.vice.com/en_us/article/5dgne3/marjorie-taylor-greene-says-bill-gates-will-force-you-to-eat-burgers-made-in-a-peach-tree-dish

Technical Advisory: CVE-2022-30190 Zero-day Vulnerability “Follina” in Microsoft Support Diagnostic Tool
https://malware.news/t/technical-advisory-cve-2022-30190-zero-day-vulnerability-follina-in-microsoft-support-diagnostic-tool/60610/1

SideWinder Hackers Launched Over a 1,000 Cyber Attacks Over the Past 2 Years
https://thehackernews.com/2022/05/sidewinder-hackers-launched-over-1000.html

Interpol Nabs 3 Nigerian Scammers Behind Malware-based Attacks
https://thehackernews.com/2022/05/interpol-nabs-3-nigerian-scammers.html

The Internet needs to stop getting excited by vaporware EVs
https://arstechnica.com/?p=1857185


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 02/06/2022

US Supreme Court puts a hold on enforcement of Texas social media law. INTERPOL issues warning about various forms of online extortion. US Commerce Department will restrict cyber exports to China.
https://thecyberwire.com/newsletters/policy-briefing/4/105

Unofficial patches for the 0-day vulnerability called Follina (CVE-2022-30190)
https://www.reddit.com/r/netsec/comments/v2maa4/unofficial_patches_for_the_0day_vulnerability/

Ransomware attack turns 2022 into 1977 for Somerset County
https://malware.news/t/ransomware-attack-turns-2022-into-1977-for-somerset-county/60662/1

Discord Is the Center of the Crypto World and That’s a Problem
https://www.vice.com/en_us/article/4awkew/discord-is-the-center-of-the-crypto-world-and-thats-a-problem

NASA still “pushing” for a Russian cosmonaut to fly on next SpaceX mission
https://arstechnica.com/?p=1856528

Information Security BASICS - Anvil Secure
https://www.reddit.com/r/netsec/comments/v2mrkd/information_security_basics_anvil_secure/

Minerva's evasion based CTF is open for registration
https://www.reddit.com/r/netsec/comments/v2ehz0/minervas_evasion_based_ctf_is_open_for/

NSIS Installer Malware Included with Various Malicious Files
https://malware.news/t/nsis-installer-malware-included-with-various-malicious-files/60663/1

Mass account takeover in Yunmai smartscale API (full disclosure)
https://www.reddit.com/r/netsec/comments/v0uv1g/mass_account_takeover_in_yunmai_smartscale_api/

OST2 Vulnerabilities 1001: C-Family Software Implementation Vulnerabilities (Taught via explaining > 3 dozen CVEs from the last 3 years)
https://www.reddit.com/r/netsec/comments/v2ep1m/ost2_vulnerabilities_1001_cfamily_software/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 03/06/2022

Remotely Controlling Touchscreens
https://malware.news/t/remotely-controlling-touchscreens/60703/1

WinDealer dealing on the side
https://securelist.com/windealer-dealing-on-the-side/105946/

Analysis report on Log4j attack patterns
https://www.reddit.com/r/Malware/comments/v3p7l2/analysis_report_on_log4j_attack_patterns/

Ransomware roundup: System-locking malware dominates headlines
https://www.csoonline.com/article/3662038/ransomware-roundup-system-locking-malware-dominates-headlines.html#tk.rss_all

Analysis of the Massive NDSW/NDSX Malware Campaign
https://malware.news/t/analysis-of-the-massive-ndsw-ndsx-malware-campaign/60704/1

Sandbox Evasion... With Just a Filename!, (Fri, Jun 3rd)
https://isc.sans.edu/diary/rss/28708

Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks
https://thehackernews.com/2022/06/researchers-demonstrate-ransomware-for.html

10 of the hottest new cybersecurity startups at RSA 2022
https://www.csoonline.com/article/3662771/10-of-the-hottest-new-cybersecurity-startups-at-rsa-2022.html#tk.rss_all

ExpressVPN Removes Servers in India After Refusing to Comply with Government Order
https://thehackernews.com/2022/06/expressvpn-removes-servers-in-india.html

NASA just bought the rest of the space station crew flights from SpaceX
https://arstechnica.com/?p=1857926


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 04/06/2022

Chinese LuoYu Hackers Using Man-on-the-Side Attacks to Deploy WinDealer Backdoor
https://thehackernews.com/2022/06/chinese-luoyu-hackers-using-man-on-side.html

After remote-work ultimatum, Musk reveals plan to cut 10% of Tesla jobs
https://arstechnica.com/?p=1858044

Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies
https://thehackernews.com/2022/06/microsoft-blocks-iran-linked-lebanese.html

Hacktivism, nominal and (possibly) real. Cyber gangs rebrand and branch out. CISA alerts. Cyber phases of Russia's hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/107

[updated]Unpatched Atlassian Confluence vulnerability is actively exploited
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/06/unpatched-atlassian-confluence-vulnerability-is-actively-exploited/

Perry Carpenter on his new book "The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer"
https://thecyberwire.com/podcasts/interview-selects/113/notes

Critical Atlassian 0-day is under active exploit. You’re patched, right?
https://arstechnica.com/?p=1858307

Threat Roundup for May 27 to June 3
https://malware.news/t/threat-roundup-for-may-27-to-june-3/60734/1

SSO explained: Single sign-on definition, examples, and terminology
https://www.csoonline.com/article/2115776/sso-explained-single-sign-on-definition-examples-and-terminology.html#tk.rss_all

Americans want more electric vehicles, but 50% by 2030 looks unlikely
https://arstechnica.com/?p=1858024


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman