Top Security News for 22/09/2022
ISC Stormcast For Thursday, September 22nd, 2022 https://isc.sans.edu/podcastdetail.html?id=8184, (Thu, Sep 22nd)
https://isc.sans.edu/diary/rss/29076
Record DDoS Attack with 25.3 Billion Requests Abused HTTP/2 Multiplexing
https://thehackernews.com/2022/09/record-ddos-attack-with-253-billion.html
Quickpost: Tuning The Electric Energy Consumption Of My TV
https://malware.news/t/quickpost-tuning-the-electric-energy-consumption-of-my-tv/63566/1
Former Broadcom engineer gets eight months in prison for trade secrets theft
https://www.networkworld.com/article/3674316/former-broadcom-engineer-gets-eight-months-in-prison-for-trade-secrets-theft.html#tk.rss_all
FilelessRemotePE: Loading fileless remote PE from URI to memory
https://www.reddit.com/r/netsec/comments/xkkxlb/filelessremotepe_loading_fileless_remote_pe_from/
How will cybersecurity insurance change in the coming years?
https://thecyberwire.com/podcasts/caveat/142/notes
User claim he hacked a Lockbit Server and release builder & more
https://www.reddit.com/r/netsec/comments/xk1lc9/user_claim_he_hacked_a_lockbit_server_and_release/
Critical Remote Hack Flaws Found in Dataprobe's Power Distribution Units
https://thehackernews.com/2022/09/critical-remote-hack-flaws-found-in.html
BrandPost: Great Cyber Hygiene Starts with a Culture of Security Awareness
https://www.csoonline.com/article/3674628/great-cyber-hygiene-starts-with-a-culture-of-security-awareness.html#tk.rss_all
Scammers send fake 'Energy Bills Support Scheme' texts
https://www.malwarebytes.com/blog/news/2022/09/energy-scammers-send-fake-energy-bills-support-scheme-texts
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Thursday, September 22nd, 2022 https://isc.sans.edu/podcastdetail.html?id=8184, (Thu, Sep 22nd)
https://isc.sans.edu/diary/rss/29076
Record DDoS Attack with 25.3 Billion Requests Abused HTTP/2 Multiplexing
https://thehackernews.com/2022/09/record-ddos-attack-with-253-billion.html
Quickpost: Tuning The Electric Energy Consumption Of My TV
https://malware.news/t/quickpost-tuning-the-electric-energy-consumption-of-my-tv/63566/1
Former Broadcom engineer gets eight months in prison for trade secrets theft
https://www.networkworld.com/article/3674316/former-broadcom-engineer-gets-eight-months-in-prison-for-trade-secrets-theft.html#tk.rss_all
FilelessRemotePE: Loading fileless remote PE from URI to memory
https://www.reddit.com/r/netsec/comments/xkkxlb/filelessremotepe_loading_fileless_remote_pe_from/
How will cybersecurity insurance change in the coming years?
https://thecyberwire.com/podcasts/caveat/142/notes
User claim he hacked a Lockbit Server and release builder & more
https://www.reddit.com/r/netsec/comments/xk1lc9/user_claim_he_hacked_a_lockbit_server_and_release/
Critical Remote Hack Flaws Found in Dataprobe's Power Distribution Units
https://thehackernews.com/2022/09/critical-remote-hack-flaws-found-in.html
BrandPost: Great Cyber Hygiene Starts with a Culture of Security Awareness
https://www.csoonline.com/article/3674628/great-cyber-hygiene-starts-with-a-culture-of-security-awareness.html#tk.rss_all
Scammers send fake 'Energy Bills Support Scheme' texts
https://www.malwarebytes.com/blog/news/2022/09/energy-scammers-send-fake-energy-bills-support-scheme-texts
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Thursday, September 22nd, 2022 - SANS ISC
👍2
Top Security News for 27/09/2022
Twitter fixes bug that left devices logged in after password reset
https://www.malwarebytes.com/blog/news/2022/09/twitter-fixes-bug-that-left-devices-logged-in-after-password-reset
The weaponisation of information
https://malware.news/t/the-weaponisation-of-information/63685/1
A study of cracked passwords from breaches demonstrates which geographical factors have the most impact on password strength
https://www.reddit.com/r/netsec/comments/xon5mo/a_study_of_cracked_passwords_from_breaches/
When Athletic Abilities Just Aren't Enough - Scoreboard Hacking Part 2
https://www.reddit.com/r/netsec/comments/xol9v3/when_athletic_abilities_just_arent_enough/
Jeremy Corbyn Plays ‘Doom’ Mod About Killing Margaret Thatcher
https://www.vice.com/en_us/article/m7gpa4/jeremy-corbyn-plays-doom-mod-about-killing-margret-thatcher
Attorney general says FBI is working on Optus data breach – video
https://www.theguardian.com/business/video/2022/sep/27/attorney-general-says-fbi-is-working-on-optus-data-breach-video
Kingpins of sexual exploitation gang arrested in Berlin
https://malware.news/t/kingpins-of-sexual-exploitation-gang-arrested-in-berlin/63686/1
Windows 11 pulls ahead of Windows 10 in anti-phishing stakes
https://www.malwarebytes.com/blog/news/2022/09/windows-11-pulls-ahead-of-windows-10-in-anti-phishing-stakes
BrandPost: Extortion Economics: Ransomware’s New Business Model
https://www.csoonline.com/article/3674773/extortion-economics-ransomware-s-new-business-model.html#tk.rss_all
Government flags new cybersecurity laws and increase in fines after Optus breach
https://www.theguardian.com/business/2022/sep/27/government-flags-new-cybersecurity-laws-and-increase-in-fines-after-optus-breach
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Twitter fixes bug that left devices logged in after password reset
https://www.malwarebytes.com/blog/news/2022/09/twitter-fixes-bug-that-left-devices-logged-in-after-password-reset
The weaponisation of information
https://malware.news/t/the-weaponisation-of-information/63685/1
A study of cracked passwords from breaches demonstrates which geographical factors have the most impact on password strength
https://www.reddit.com/r/netsec/comments/xon5mo/a_study_of_cracked_passwords_from_breaches/
When Athletic Abilities Just Aren't Enough - Scoreboard Hacking Part 2
https://www.reddit.com/r/netsec/comments/xol9v3/when_athletic_abilities_just_arent_enough/
Jeremy Corbyn Plays ‘Doom’ Mod About Killing Margaret Thatcher
https://www.vice.com/en_us/article/m7gpa4/jeremy-corbyn-plays-doom-mod-about-killing-margret-thatcher
Attorney general says FBI is working on Optus data breach – video
https://www.theguardian.com/business/video/2022/sep/27/attorney-general-says-fbi-is-working-on-optus-data-breach-video
Kingpins of sexual exploitation gang arrested in Berlin
https://malware.news/t/kingpins-of-sexual-exploitation-gang-arrested-in-berlin/63686/1
Windows 11 pulls ahead of Windows 10 in anti-phishing stakes
https://www.malwarebytes.com/blog/news/2022/09/windows-11-pulls-ahead-of-windows-10-in-anti-phishing-stakes
BrandPost: Extortion Economics: Ransomware’s New Business Model
https://www.csoonline.com/article/3674773/extortion-economics-ransomware-s-new-business-model.html#tk.rss_all
Government flags new cybersecurity laws and increase in fines after Optus breach
https://www.theguardian.com/business/2022/sep/27/government-flags-new-cybersecurity-laws-and-increase-in-fines-after-optus-breach
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Twitter fixes bug that left devices logged in after password reset
Twitter says it has fixed a bug that meant users weren't logged out of active sessions on all devices after manually resetting their passwords.
👍1
Top Security News for 28/09/2022
Over Half of Operating Systems at VA Medical Center in Texas are Outdated, Watchdog Finds
https://malware.news/t/over-half-of-operating-systems-at-va-medical-center-in-texas-are-outdated-watchdog-finds/63712/1
Ken Thompson Really Did Launch His "Trusting Trust" Trojan Attack in Real Life
https://www.reddit.com/r/netsec/comments/xprmnz/ken_thompson_really_did_launch_his_trusting_trust/
Ukraine's Defense Intelligence warns of coming Russian cyberattacks against infrastructure. Next moves for Lapsus$? Cashout scams and neglected wallets. Developments in the Optus breach.
https://thecyberwire.com/podcasts/daily-podcast/1671/notes
Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely
https://thehackernews.com/2022/09/critical-whatsapp-bugs-could-have-let.html
ISC Stormcast For Wednesday, September 28th, 2022 https://isc.sans.edu/podcastdetail.html?id=8192, (Wed, Sep 28th)
https://malware.news/t/isc-stormcast-for-wednesday-september-28th-2022-https-isc-sans-edu-podcastdetail-html-id-8192-wed-sep-28th/63714/1
ISC Stormcast For Wednesday, September 28th, 2022 https://isc.sans.edu/podcastdetail.html?id=8192, (Wed, Sep 28th)
https://isc.sans.edu/diary/rss/29096
Detecting and Mitigating the GateKeeper User Override on macOS in an Enterprise Environment
https://www.reddit.com/r/netsec/comments/xprf0s/detecting_and_mitigating_the_gatekeeper_user/
A technical analysis of Pegasus for Android – Part 2
https://www.reddit.com/r/netsec/comments/xpg78b/a_technical_analysis_of_pegasus_for_android_part_2/
The difference between signature-based and behavioural detections
https://www.reddit.com/r/netsec/comments/xpsci2/the_difference_between_signaturebased_and/
Apakah ada yang siap mengajari saya
https://0x00sec.org/t/apakah-ada-yang-siap-mengajari-saya/31440
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Over Half of Operating Systems at VA Medical Center in Texas are Outdated, Watchdog Finds
https://malware.news/t/over-half-of-operating-systems-at-va-medical-center-in-texas-are-outdated-watchdog-finds/63712/1
Ken Thompson Really Did Launch His "Trusting Trust" Trojan Attack in Real Life
https://www.reddit.com/r/netsec/comments/xprmnz/ken_thompson_really_did_launch_his_trusting_trust/
Ukraine's Defense Intelligence warns of coming Russian cyberattacks against infrastructure. Next moves for Lapsus$? Cashout scams and neglected wallets. Developments in the Optus breach.
https://thecyberwire.com/podcasts/daily-podcast/1671/notes
Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely
https://thehackernews.com/2022/09/critical-whatsapp-bugs-could-have-let.html
ISC Stormcast For Wednesday, September 28th, 2022 https://isc.sans.edu/podcastdetail.html?id=8192, (Wed, Sep 28th)
https://malware.news/t/isc-stormcast-for-wednesday-september-28th-2022-https-isc-sans-edu-podcastdetail-html-id-8192-wed-sep-28th/63714/1
ISC Stormcast For Wednesday, September 28th, 2022 https://isc.sans.edu/podcastdetail.html?id=8192, (Wed, Sep 28th)
https://isc.sans.edu/diary/rss/29096
Detecting and Mitigating the GateKeeper User Override on macOS in an Enterprise Environment
https://www.reddit.com/r/netsec/comments/xprf0s/detecting_and_mitigating_the_gatekeeper_user/
A technical analysis of Pegasus for Android – Part 2
https://www.reddit.com/r/netsec/comments/xpg78b/a_technical_analysis_of_pegasus_for_android_part_2/
The difference between signature-based and behavioural detections
https://www.reddit.com/r/netsec/comments/xpsci2/the_difference_between_signaturebased_and/
Apakah ada yang siap mengajari saya
https://0x00sec.org/t/apakah-ada-yang-siap-mengajari-saya/31440
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Over Half of Operating Systems at VA Medical Center in Texas are Outdated, Watchdog Finds
An audit conducted by the VA’s Office of Inspector General found unaddressed security vulnerabilities and deficient devices at the Harlingen VA Health Care Center. Article Link: Over Half of Operating Systems at VA Medical Center in Texas are Outdated, Watchdog…
Top Security News for 29/09/2022
Breaking down the Gramm-Leach-Bliley Act.
https://thecyberwire.com/podcasts/caveat/143/notes
16 Wall Street firms fined $1.8B for using private text apps, lying about it
https://www.computerworld.com/article/3675289/16-wall-street-firms-fined-18b-for-using-private-text-apps-lying-about-it.html#tk.rss_all
How cybercriminals use public online and offline data to target employees
https://www.csoonline.com/article/3674770/how-cybercriminals-use-public-online-and-offline-data-to-target-employees.html#tk.rss_all
ISC Stormcast For Thursday, September 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8194, (Thu, Sep 29th)
https://malware.news/t/isc-stormcast-for-thursday-september-29th-2022-https-isc-sans-edu-podcastdetail-html-id-8194-thu-sep-29th/63757/1
Australia news live: Optus breach a ‘wakeup call’, minister says, as telco contacts 14,900 customers with exposed Medicare ID
https://www.theguardian.com/australia-news/live/2022/sep/29/australia-news-live-politics-optus-medicare-fuel-excise-anthony-albanese-labor-liberal-indigenous-voice-cost-of-living-weather
Kerberos: New Attack Paths? AS Requested Service Tickets
https://www.reddit.com/r/netsec/comments/xqoele/kerberos_new_attack_paths_as_requested_service/
Meta dismantled the largest Russian network since the war in Ukraine began
https://securityaffairs.co/wordpress/136326/social-networks/meta-dismantled-russian-network.html
Facebook Shuts Down Covert Political 'Influence Operations' from Russia and China
https://thehackernews.com/2022/09/facebook-shuts-down-covert-political.html
Moving Faster - Securely. Why Your Org Should Add Security to your DevOps Program
https://thecyberwire.com/podcasts/security-sandbox/19/notes
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/28-09-2022
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Breaking down the Gramm-Leach-Bliley Act.
https://thecyberwire.com/podcasts/caveat/143/notes
16 Wall Street firms fined $1.8B for using private text apps, lying about it
https://www.computerworld.com/article/3675289/16-wall-street-firms-fined-18b-for-using-private-text-apps-lying-about-it.html#tk.rss_all
How cybercriminals use public online and offline data to target employees
https://www.csoonline.com/article/3674770/how-cybercriminals-use-public-online-and-offline-data-to-target-employees.html#tk.rss_all
ISC Stormcast For Thursday, September 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8194, (Thu, Sep 29th)
https://malware.news/t/isc-stormcast-for-thursday-september-29th-2022-https-isc-sans-edu-podcastdetail-html-id-8194-thu-sep-29th/63757/1
Australia news live: Optus breach a ‘wakeup call’, minister says, as telco contacts 14,900 customers with exposed Medicare ID
https://www.theguardian.com/australia-news/live/2022/sep/29/australia-news-live-politics-optus-medicare-fuel-excise-anthony-albanese-labor-liberal-indigenous-voice-cost-of-living-weather
Kerberos: New Attack Paths? AS Requested Service Tickets
https://www.reddit.com/r/netsec/comments/xqoele/kerberos_new_attack_paths_as_requested_service/
Meta dismantled the largest Russian network since the war in Ukraine began
https://securityaffairs.co/wordpress/136326/social-networks/meta-dismantled-russian-network.html
Facebook Shuts Down Covert Political 'Influence Operations' from Russia and China
https://thehackernews.com/2022/09/facebook-shuts-down-covert-political.html
Moving Faster - Securely. Why Your Org Should Add Security to your DevOps Program
https://thecyberwire.com/podcasts/security-sandbox/19/notes
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/28-09-2022
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Breaking down the Gramm-Leach-Bliley Act.
Guest Bob Maley from Black Kite joins Dave to discuss the Gramm-Leach-Bliley Act (GLBA), federal regulation that requires financial institutions to safeguard sensitive customer information. Ben discusses a new lawsuit filed against a local public utility…
Top Security News for 30/09/2022
North Korea weaponizes open-source software.
https://thecyberwire.com/stories/b82102c41d8f43dba308d469d86edc37/north-korea-weaponizes-open-source-software
New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server
https://www.reddit.com/r/netsec/comments/xrh7f0/new_attack_campaign_utilized_a_new_0day_rce/
Want to study for ethical hacking? You can with this $35 certification bundle
https://malware.news/t/want-to-study-for-ethical-hacking-you-can-with-this-35-certification-bundle/63803/1
NATO Says Nord Stream Pipeline Was Sabotaged, Promises to Defend Its Allies
https://www.vice.com/en_us/article/88qvvp/nato-says-nord-stream-pipeline-was-sabotaged-promises-to-defend-its-allies
Hackers support Iranian dissidents. Notes on C2C markets. Cyberespionage campaigns. Intercepted mobile calls from Russian troops expose morale problems.
https://thecyberwire.com/podcasts/daily-podcast/1673/notes
Fast Company hacked to send obscene and racist messages
https://www.malwarebytes.com/blog/news/2022/09/fast-company-is-currently-investigating-how-it-got-hacked
Diavol resurfaces
https://malware.news/t/diavol-resurfaces/63801/1
ISC Stormcast For Friday, September 30th, 2022 https://isc.sans.edu/podcastdetail.html?id=8196, (Fri, Sep 30th)
https://malware.news/t/isc-stormcast-for-friday-september-30th-2022-https-isc-sans-edu-podcastdetail-html-id-8196-fri-sep-30th/63802/1
Researchers Uncover Covert Attack Campaign Targeting Military Contractors
https://thehackernews.com/2022/09/researchers-uncover-covert-attack.html
ISC StormCast for Friday, September 30th, 2022
https://isc.sans.edu/podcastdetail.html?id=8196
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
North Korea weaponizes open-source software.
https://thecyberwire.com/stories/b82102c41d8f43dba308d469d86edc37/north-korea-weaponizes-open-source-software
New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server
https://www.reddit.com/r/netsec/comments/xrh7f0/new_attack_campaign_utilized_a_new_0day_rce/
Want to study for ethical hacking? You can with this $35 certification bundle
https://malware.news/t/want-to-study-for-ethical-hacking-you-can-with-this-35-certification-bundle/63803/1
NATO Says Nord Stream Pipeline Was Sabotaged, Promises to Defend Its Allies
https://www.vice.com/en_us/article/88qvvp/nato-says-nord-stream-pipeline-was-sabotaged-promises-to-defend-its-allies
Hackers support Iranian dissidents. Notes on C2C markets. Cyberespionage campaigns. Intercepted mobile calls from Russian troops expose morale problems.
https://thecyberwire.com/podcasts/daily-podcast/1673/notes
Fast Company hacked to send obscene and racist messages
https://www.malwarebytes.com/blog/news/2022/09/fast-company-is-currently-investigating-how-it-got-hacked
Diavol resurfaces
https://malware.news/t/diavol-resurfaces/63801/1
ISC Stormcast For Friday, September 30th, 2022 https://isc.sans.edu/podcastdetail.html?id=8196, (Fri, Sep 30th)
https://malware.news/t/isc-stormcast-for-friday-september-30th-2022-https-isc-sans-edu-podcastdetail-html-id-8196-fri-sep-30th/63802/1
Researchers Uncover Covert Attack Campaign Targeting Military Contractors
https://thehackernews.com/2022/09/researchers-uncover-covert-attack.html
ISC StormCast for Friday, September 30th, 2022
https://isc.sans.edu/podcastdetail.html?id=8196
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
North Korea weaponizes open-source software.
Pyongyang is actively exploiting malicious open-source applications to prospect engineers and tech support personnel. And, as a bonus, there's some LinkedIn cafphishing going on, too.
Top Security News for 01/10/2022
Why cybersecurity is a shared responsibility: How security leaders can engage end users to alleviate SOC analyst burnout.
https://thecyberwire.com/stories/4d68f768907f4e83ae4f6aa231c166f5/why-cybersecurity-is-a-shared-responsibility-how-security-leaders-can-engage-end-users-to-alleviate-soc-analyst-burnout
Albania explains its reasons for severing relations with Iran. Cashout scam targets forgotten crypto accounts. Next moves for Lapsus$?
https://thecyberwire.com/newsletters/week-that-was/6/39
Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild
https://thehackernews.com/2022/09/microsoft-confirms-2-new-exchange-zero.html
Tech Explainer | What is DLL Sideloading?
https://malware.news/t/tech-explainer-what-is-dll-sideloading/63833/1
A look back at Insider Threat Month: advice from industry experts.
https://thecyberwire.com
What I learnt from reading 220 IDOR bug reports.
https://www.reddit.com/r/netsec/comments/xs0a44/what_i_learnt_from_reading_220_idor_bug_reports/
Cyber Attacks Against Middle East Governments Hide Malware in Windows logo
https://thehackernews.com/2022/09/cyber-attacks-against-middle-east.html
US DoD announced the results of the Hack US bug bounty challenge
https://securityaffairs.co/wordpress/136462/hacking/dod-hack-us-results.html
NIST on cyber careers. CISA TLP update. US candidate will lead ITU. Curbing foreign spyware.
https://thecyberwire.com/newsletters/policy-briefing/4/189
North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks
https://thehackernews.com/2022/09/north-korean-hackers-weaponizing-open.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Why cybersecurity is a shared responsibility: How security leaders can engage end users to alleviate SOC analyst burnout.
https://thecyberwire.com/stories/4d68f768907f4e83ae4f6aa231c166f5/why-cybersecurity-is-a-shared-responsibility-how-security-leaders-can-engage-end-users-to-alleviate-soc-analyst-burnout
Albania explains its reasons for severing relations with Iran. Cashout scam targets forgotten crypto accounts. Next moves for Lapsus$?
https://thecyberwire.com/newsletters/week-that-was/6/39
Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild
https://thehackernews.com/2022/09/microsoft-confirms-2-new-exchange-zero.html
Tech Explainer | What is DLL Sideloading?
https://malware.news/t/tech-explainer-what-is-dll-sideloading/63833/1
A look back at Insider Threat Month: advice from industry experts.
https://thecyberwire.com
What I learnt from reading 220 IDOR bug reports.
https://www.reddit.com/r/netsec/comments/xs0a44/what_i_learnt_from_reading_220_idor_bug_reports/
Cyber Attacks Against Middle East Governments Hide Malware in Windows logo
https://thehackernews.com/2022/09/cyber-attacks-against-middle-east.html
US DoD announced the results of the Hack US bug bounty challenge
https://securityaffairs.co/wordpress/136462/hacking/dod-hack-us-results.html
NIST on cyber careers. CISA TLP update. US candidate will lead ITU. Curbing foreign spyware.
https://thecyberwire.com/newsletters/policy-briefing/4/189
North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks
https://thehackernews.com/2022/09/north-korean-hackers-weaponizing-open.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Why cybersecurity is a shared responsibility: How security leaders can engage end users to alleviate SOC analyst burnout.
Cybersecurity is a team sport — and National Cybersecurity Awareness Month (NCSAM) is a great opportunity to remind everyone of that. Hosted by CISA and the National Cybersecurity Alliance (NCSA), NCSAM aims to raise awareness about and ensure everyone has…
Top Security News for 02/10/2022
FCC moves to block robotexts
https://www.malwarebytes.com/blog/news/2022/09/fcc-is-finally-moving-forward-with-blocking-spam-texts
State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations
https://thehackernews.com/2022/10/state-sponsored-hackers-likely.html
Kayla Williams: Not everything related to cybersecurity is a fire drill. [CISO]
https://thecyberwire.com/podcasts/career-notes/119/notes
HTTPT: A Probe-Resistant Proxy
https://www.reddit.com/r/netsec/comments/xt8fkm/httpt_a_proberesistant_proxy/
Tillitis - Open Source USB security key inspired by measured boot and DICE
https://www.reddit.com/r/netsec/comments/xt8hj1/tillitis_open_source_usb_security_key_inspired_by/
Guacamaya hacktivists stole sensitive data from Mexico and Latin American countries
https://securityaffairs.co/wordpress/136497/data-breach/guacamaya-hacked-latam-countries.html
CISA adds Atlassian Bitbucket Server flaw to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.co/wordpress/136514/security/atlassian-bitbucket-flaw-known-exploited-vulnerabilities-catalog.html
Cybersecurity Awareness Month: observations and counsel from industry leaders.
https://thecyberwire.com
CISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server Vulnerability
https://thehackernews.com/2022/10/cisa-warns-of-hackers-exploiting.html
Luxury hotel chain Shangri-La suffered a security breach
https://securityaffairs.co/wordpress/136489/data-breach/shangri-la-security-breach.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
FCC moves to block robotexts
https://www.malwarebytes.com/blog/news/2022/09/fcc-is-finally-moving-forward-with-blocking-spam-texts
State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations
https://thehackernews.com/2022/10/state-sponsored-hackers-likely.html
Kayla Williams: Not everything related to cybersecurity is a fire drill. [CISO]
https://thecyberwire.com/podcasts/career-notes/119/notes
HTTPT: A Probe-Resistant Proxy
https://www.reddit.com/r/netsec/comments/xt8fkm/httpt_a_proberesistant_proxy/
Tillitis - Open Source USB security key inspired by measured boot and DICE
https://www.reddit.com/r/netsec/comments/xt8hj1/tillitis_open_source_usb_security_key_inspired_by/
Guacamaya hacktivists stole sensitive data from Mexico and Latin American countries
https://securityaffairs.co/wordpress/136497/data-breach/guacamaya-hacked-latam-countries.html
CISA adds Atlassian Bitbucket Server flaw to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.co/wordpress/136514/security/atlassian-bitbucket-flaw-known-exploited-vulnerabilities-catalog.html
Cybersecurity Awareness Month: observations and counsel from industry leaders.
https://thecyberwire.com
CISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server Vulnerability
https://thehackernews.com/2022/10/cisa-warns-of-hackers-exploiting.html
Luxury hotel chain Shangri-La suffered a security breach
https://securityaffairs.co/wordpress/136489/data-breach/shangri-la-security-breach.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
FCC moves to block robotexts
The Federal Communications Commission wants mobile carriers to block spam texts at the network level.
Top Security News for 03/10/2022
What I learnt from reading 126 Information Disclosure bug reports/writeups.
https://www.reddit.com/r/netsec/comments/xtj6ch/what_i_learnt_from_reading_126_information/
Supply chain compromise impacting Comm100 Live Chat software
https://malware.news/t/supply-chain-compromise-impacting-comm100-live-chat-software/63841/1
ISC Stormcast For Monday, October 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8198, (Mon, Oct 3rd)
https://malware.news/t/isc-stormcast-for-monday-october-3rd-2022-https-isc-sans-edu-podcastdetail-html-id-8198-mon-oct-3rd/63843/1
Dank: The greatest encoder you've never heard of
https://www.reddit.com/r/netsec/comments/xtus0q/dank_the_greatest_encoder_youve_never_heard_of/
ISC StormCast for Monday, October 3rd, 2022
https://isc.sans.edu/podcastdetail.html?id=8198
Pt 1 – XDR: from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/63/notes
Security Affairs newsletter Round 386
https://securityaffairs.co/wordpress/136534/breaking-news/security-affairs-newsletter-round-386.html
PS5-4.03-Kernel-Exploit: An experimental webkit-based kernel exploit (Arbitrary R/W) for the PS5 on 4.03FW
https://www.reddit.com/r/netsec/comments/xu3nz0/ps5403kernelexploit_an_experimental_webkitbased/
Some Notes on VIRTUALGATE
https://malware.news/t/some-notes-on-virtualgate/63845/1
The 5 best security cameras of 2022
https://malware.news/t/the-5-best-security-cameras-of-2022/63844/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
What I learnt from reading 126 Information Disclosure bug reports/writeups.
https://www.reddit.com/r/netsec/comments/xtj6ch/what_i_learnt_from_reading_126_information/
Supply chain compromise impacting Comm100 Live Chat software
https://malware.news/t/supply-chain-compromise-impacting-comm100-live-chat-software/63841/1
ISC Stormcast For Monday, October 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8198, (Mon, Oct 3rd)
https://malware.news/t/isc-stormcast-for-monday-october-3rd-2022-https-isc-sans-edu-podcastdetail-html-id-8198-mon-oct-3rd/63843/1
Dank: The greatest encoder you've never heard of
https://www.reddit.com/r/netsec/comments/xtus0q/dank_the_greatest_encoder_youve_never_heard_of/
ISC StormCast for Monday, October 3rd, 2022
https://isc.sans.edu/podcastdetail.html?id=8198
Pt 1 – XDR: from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/63/notes
Security Affairs newsletter Round 386
https://securityaffairs.co/wordpress/136534/breaking-news/security-affairs-newsletter-round-386.html
PS5-4.03-Kernel-Exploit: An experimental webkit-based kernel exploit (Arbitrary R/W) for the PS5 on 4.03FW
https://www.reddit.com/r/netsec/comments/xu3nz0/ps5403kernelexploit_an_experimental_webkitbased/
Some Notes on VIRTUALGATE
https://malware.news/t/some-notes-on-virtualgate/63845/1
The 5 best security cameras of 2022
https://malware.news/t/the-5-best-security-cameras-of-2022/63844/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
What I learnt from reading 126 Information Disclosure bug...
Posted in r/netsec by u/_nynan • 104 points and 3 comments
Top Security News for 04/10/2022
Hackers Exploiting Dell Driver Vulnerability to Deploy Rootkit on Targeted Computers
https://thehackernews.com/2022/10/hackers-exploiting-dell-driver.html
WUSB HISTORICAL VIDEO SERIES BEGINS
https://www.2600.com/content/wusb-historical-video-series-begins
ISC Stormcast For Tuesday, October 4th, 2022 https://isc.sans.edu/podcastdetail.html?id=8200, (Tue, Oct 4th)
https://isc.sans.edu/diary/rss/29110
Researcher Spotlight: Globetrotting with Yuri Kramarz
https://malware.news/t/researcher-spotlight-globetrotting-with-yuri-kramarz/63877/1
Microsoft Exchange zero-days exploited. Supply chain attack reported. New Lazarus activity. Mexican government falls victim to hacktivism. Hacking partial mobilization. Former insider threat.
https://thecyberwire.com/podcasts/daily-podcast/1675/notes
Microsoft mitigation for new Exchange Server zero-day exploits can be bypassed
https://www.csoonline.com/article/3675557/microsoft-mitigation-for-new-exchange-server-zero-day-exploits-can-be-bypassed.html#tk.rss_all
California Man Fined $1,000 for Drawing Lines on Maps
https://www.vice.com/en_us/article/v7vyj3/california-man-fined-for-drawing-lines-on-existing-maps
Romance scammer deepfakes Mark Ruffalo to con elderly artist
https://www.malwarebytes.com/blog/news/2022/10/romance-scammer-makes-bank-with-deepfake-mark-ruffalo
Lockbit ransomware case study
https://www.reddit.com/r/Malware/comments/xv2ijb/lockbit_ransomware_case_study/
I need some help
https://0x00sec.org/t/i-need-some-help/31517
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Hackers Exploiting Dell Driver Vulnerability to Deploy Rootkit on Targeted Computers
https://thehackernews.com/2022/10/hackers-exploiting-dell-driver.html
WUSB HISTORICAL VIDEO SERIES BEGINS
https://www.2600.com/content/wusb-historical-video-series-begins
ISC Stormcast For Tuesday, October 4th, 2022 https://isc.sans.edu/podcastdetail.html?id=8200, (Tue, Oct 4th)
https://isc.sans.edu/diary/rss/29110
Researcher Spotlight: Globetrotting with Yuri Kramarz
https://malware.news/t/researcher-spotlight-globetrotting-with-yuri-kramarz/63877/1
Microsoft Exchange zero-days exploited. Supply chain attack reported. New Lazarus activity. Mexican government falls victim to hacktivism. Hacking partial mobilization. Former insider threat.
https://thecyberwire.com/podcasts/daily-podcast/1675/notes
Microsoft mitigation for new Exchange Server zero-day exploits can be bypassed
https://www.csoonline.com/article/3675557/microsoft-mitigation-for-new-exchange-server-zero-day-exploits-can-be-bypassed.html#tk.rss_all
California Man Fined $1,000 for Drawing Lines on Maps
https://www.vice.com/en_us/article/v7vyj3/california-man-fined-for-drawing-lines-on-existing-maps
Romance scammer deepfakes Mark Ruffalo to con elderly artist
https://www.malwarebytes.com/blog/news/2022/10/romance-scammer-makes-bank-with-deepfake-mark-ruffalo
Lockbit ransomware case study
https://www.reddit.com/r/Malware/comments/xv2ijb/lockbit_ransomware_case_study/
I need some help
https://0x00sec.org/t/i-need-some-help/31517
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Tuesday, October 4th, 2022 - SANS ISC
Top Security News for 05/10/2022
ProxyNotShell – the New Proxy Hell?
https://thehackernews.com/2022/10/proxynotshell-new-proxy-hell.html
Optus Hack Exposes Data of Nearly 2.1 Million Australian Telecom Customers
https://thehackernews.com/2022/10/optus-hack-exposes-data-of-nearly-21.html
Back to Basics: Cybersecurity's Weakest Link
https://thehackernews.com/2022/10/back-to-basics-cybersecuritys-weakest.html
TSUBAME Report Overflow (Apr-Jun 2022)
https://malware.news/t/tsubame-report-overflow-apr-jun-2022/63916/1
TikTok's "secret operation" tracks you even if you don't use it
https://malware.news/t/tiktoks-secret-operation-tracks-you-even-if-you-dont-use-it/63912/1
Cybersecurity awareness tips from Microsoft to empower your team to #BeCyberSmart
https://www.microsoft.com/security/blog/2022/10/04/cybersecurity-awareness-tips-from-microsoft-to-empower-your-team-to-becybersmart/
Mitigation for Exchange Zero-Days Bypassed! Microsoft Issues New Workarounds
https://thehackernews.com/2022/10/mitigation-for-exchange-zero-days.html
Dell launches new cybersecurity resources to enhance zero-trust adoption, cyber resilience
https://www.csoonline.com/article/3675558/dell-launches-new-cybersecurity-resources-to-enhance-zero-trust-adoption-cyber-resilience.html#tk.rss_all
Wireshark 4.0.0 has been released
https://www.reddit.com/r/netsec/comments/xw0q7c/wireshark_400_has_been_released/
Pixel 6 bootloader: Emulation, ROP
https://www.reddit.com/r/netsec/comments/xw1uxc/pixel_6_bootloader_emulation_rop/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ProxyNotShell – the New Proxy Hell?
https://thehackernews.com/2022/10/proxynotshell-new-proxy-hell.html
Optus Hack Exposes Data of Nearly 2.1 Million Australian Telecom Customers
https://thehackernews.com/2022/10/optus-hack-exposes-data-of-nearly-21.html
Back to Basics: Cybersecurity's Weakest Link
https://thehackernews.com/2022/10/back-to-basics-cybersecuritys-weakest.html
TSUBAME Report Overflow (Apr-Jun 2022)
https://malware.news/t/tsubame-report-overflow-apr-jun-2022/63916/1
TikTok's "secret operation" tracks you even if you don't use it
https://malware.news/t/tiktoks-secret-operation-tracks-you-even-if-you-dont-use-it/63912/1
Cybersecurity awareness tips from Microsoft to empower your team to #BeCyberSmart
https://www.microsoft.com/security/blog/2022/10/04/cybersecurity-awareness-tips-from-microsoft-to-empower-your-team-to-becybersmart/
Mitigation for Exchange Zero-Days Bypassed! Microsoft Issues New Workarounds
https://thehackernews.com/2022/10/mitigation-for-exchange-zero-days.html
Dell launches new cybersecurity resources to enhance zero-trust adoption, cyber resilience
https://www.csoonline.com/article/3675558/dell-launches-new-cybersecurity-resources-to-enhance-zero-trust-adoption-cyber-resilience.html#tk.rss_all
Wireshark 4.0.0 has been released
https://www.reddit.com/r/netsec/comments/xw0q7c/wireshark_400_has_been_released/
Pixel 6 bootloader: Emulation, ROP
https://www.reddit.com/r/netsec/comments/xw1uxc/pixel_6_bootloader_emulation_rop/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
TSUBAME Report Overflow (Apr-Jun 2022)
This TSUBAME Report Overflow series discuss monitoring trends of overseas TSUBAME sensors and other activities which the Internet Threat Monitoring Quarterly Reports does not include. This article covers the monitoring results for the period of April to June…
Top Security News for 06/10/2022
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/05-10-2022
MSSQL, meet Maggie - a novel backdoor for MSSQL servers.
https://www.reddit.com/r/netsec/comments/xvdyri/mssql_meet_maggie_a_novel_backdoor_for_mssql/
Telstra Telecom Suffers Data Breach Potentially Exposing Employee Information
https://thehackernews.com/2022/10/telstra-telecom-suffers-data-breach.html
Customer Field enhancement at Delivery Level in EWM
https://malware.news/t/customer-field-enhancement-at-delivery-level-in-ewm/63961/1
Kocho acquires Mobliciti. NetSPI receives $410 million in funding. Optus breach fallout.
https://thecyberwire.com/newsletters/business-briefing/4/40
Talkin’ About Infosec News – 10/5/2022
https://malware.news/t/talkin-about-infosec-news-10-5-2022/63960/1
Microsoft updates guidance for ‘ProxyNotShell’ bugs after researchers get around mitigations
https://malware.news/t/microsoft-updates-guidance-for-proxynotshell-bugs-after-researchers-get-around-mitigations/63957/1
A Deep Dive of CVE-2022–33987 (Got allows a redirect to a UNIX socket)
https://www.reddit.com/r/netsec/comments/xwre1m/a_deep_dive_of_cve202233987_got_allows_a_redirect/
What is cyber quantum computing?
https://thecyberwire.com/podcasts/hacking-humans/215/notes
How to encrypt a folder in MacOS to keep sensitive data from prying eyes
https://malware.news/t/how-to-encrypt-a-folder-in-macos-to-keep-sensitive-data-from-prying-eyes/63959/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/05-10-2022
MSSQL, meet Maggie - a novel backdoor for MSSQL servers.
https://www.reddit.com/r/netsec/comments/xvdyri/mssql_meet_maggie_a_novel_backdoor_for_mssql/
Telstra Telecom Suffers Data Breach Potentially Exposing Employee Information
https://thehackernews.com/2022/10/telstra-telecom-suffers-data-breach.html
Customer Field enhancement at Delivery Level in EWM
https://malware.news/t/customer-field-enhancement-at-delivery-level-in-ewm/63961/1
Kocho acquires Mobliciti. NetSPI receives $410 million in funding. Optus breach fallout.
https://thecyberwire.com/newsletters/business-briefing/4/40
Talkin’ About Infosec News – 10/5/2022
https://malware.news/t/talkin-about-infosec-news-10-5-2022/63960/1
Microsoft updates guidance for ‘ProxyNotShell’ bugs after researchers get around mitigations
https://malware.news/t/microsoft-updates-guidance-for-proxynotshell-bugs-after-researchers-get-around-mitigations/63957/1
A Deep Dive of CVE-2022–33987 (Got allows a redirect to a UNIX socket)
https://www.reddit.com/r/netsec/comments/xwre1m/a_deep_dive_of_cve202233987_got_allows_a_redirect/
What is cyber quantum computing?
https://thecyberwire.com/podcasts/hacking-humans/215/notes
How to encrypt a folder in MacOS to keep sensitive data from prying eyes
https://malware.news/t/how-to-encrypt-a-folder-in-macos-to-keep-sensitive-data-from-prying-eyes/63959/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
MSSQL, meet Maggie - a novel backdoor for MSSQL servers.
Posted in r/netsec by u/OwnPreparation3424 • 2 points and 0 comments
Top Security News for 07/10/2022
Details Released for Recently Patched new macOS Archive Utility Vulnerability
https://thehackernews.com/2022/10/details-released-for-recently-patched.html
NetWalker Ransomware Scumbag Jailed For 20 Years
https://packetstormsecurity.com/news/view/33919/NetWalker-Ransomware-Scumbag-Jailed-For-20-Years.html
ISC StormCast for Friday, October 7th, 2022
https://isc.sans.edu/podcastdetail.html?id=8204
Government considers centralising digital ID verification on myGov in wake of Optus breach
https://www.theguardian.com/technology/2022/oct/07/government-considers-centralising-digital-id-verification-on-mygov-in-wake-of-optus-breach
CVE-2022-41343 - RCE via Phar Deserialisation (Dompdf)
https://www.reddit.com/r/netsec/comments/xwyf9o/cve202241343_rce_via_phar_deserialisation_dompdf/
Fully loaded: testing vulnerable PyYAML versions
https://www.reddit.com/r/netsec/comments/xxc2aa/fully_loaded_testing_vulnerable_pyyaml_versions/
Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan
https://www.csoonline.com/article/3675559/dashlane-launches-new-dark-web-insights-tool-mfa-authenticator-app-small-biz-starter-plan.html#tk.rss_all
Former Uber Security Chief Found Guilty of Data Breach Coverup
https://thehackernews.com/2022/10/former-uber-security-chief-found-guilty.html
TransUnion taps behavioral analytics to aid fraud detection, curb false positives
https://www.csoonline.com/article/3675955/transunion-taps-behavioral-analytics-to-aid-fraud-detection-curb-false-positives.html#tk.rss_all
Ransomware review: September 2022
https://www.malwarebytes.com/blog/threat-intelligence/2022/10/ransomware-review-september-2022
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Details Released for Recently Patched new macOS Archive Utility Vulnerability
https://thehackernews.com/2022/10/details-released-for-recently-patched.html
NetWalker Ransomware Scumbag Jailed For 20 Years
https://packetstormsecurity.com/news/view/33919/NetWalker-Ransomware-Scumbag-Jailed-For-20-Years.html
ISC StormCast for Friday, October 7th, 2022
https://isc.sans.edu/podcastdetail.html?id=8204
Government considers centralising digital ID verification on myGov in wake of Optus breach
https://www.theguardian.com/technology/2022/oct/07/government-considers-centralising-digital-id-verification-on-mygov-in-wake-of-optus-breach
CVE-2022-41343 - RCE via Phar Deserialisation (Dompdf)
https://www.reddit.com/r/netsec/comments/xwyf9o/cve202241343_rce_via_phar_deserialisation_dompdf/
Fully loaded: testing vulnerable PyYAML versions
https://www.reddit.com/r/netsec/comments/xxc2aa/fully_loaded_testing_vulnerable_pyyaml_versions/
Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan
https://www.csoonline.com/article/3675559/dashlane-launches-new-dark-web-insights-tool-mfa-authenticator-app-small-biz-starter-plan.html#tk.rss_all
Former Uber Security Chief Found Guilty of Data Breach Coverup
https://thehackernews.com/2022/10/former-uber-security-chief-found-guilty.html
TransUnion taps behavioral analytics to aid fraud detection, curb false positives
https://www.csoonline.com/article/3675955/transunion-taps-behavioral-analytics-to-aid-fraud-detection-curb-false-positives.html#tk.rss_all
Ransomware review: September 2022
https://www.malwarebytes.com/blog/threat-intelligence/2022/10/ransomware-review-september-2022
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The Register
NetWalker ransomware crook jailed for 20 years
And note to his crime pals – he said he would sing like a canary
Top Security News for 08/10/2022
Australian teen arrested for blackmailing Optus breach victims. CareOregon accidentally leaks member data. City of Tucson discloses data breach.
https://thecyberwire.com/podcasts/privacy-briefing/685/notes
3 actions Latin American leaders must take to reduce risk of cyberattacks
https://www.csoonline.com/article/3675961/3-actions-latin-american-leaders-must-take-to-reduce-risk-of-cyberattacks.html#tk.rss_all
This Week in Malware - Over 100 Packages Discovered
https://malware.news/t/this-week-in-malware-over-100-packages-discovered/64018#post_1
Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities
https://thehackernews.com/2022/10/microsoft-issues-improved-mitigations.html
Facebook Detects 400 Android and iOS Apps Stealing Users Log-in Credentials
https://thehackernews.com/2022/10/facebook-detects-400-android-and-ios.html
Microsoft warns of Exchange Server vulnerabilities. Hacktivists compromise Mexican government data. Patch news. Crime and punishment.
https://thecyberwire.com/newsletters/week-that-was/6/40
2600 KICKED OFF OF YOUTUBE FOR SARCASTIC REMARK
https://www.2600.com/content/2600-kicked-youtube-sarcastic-remark
A US EO addresses EU data privacy concerns. China’s favorite CVEs. Election security and credit risk. COVID phishbait. Notes from the hybrid war, including some really motivated draft evaders.
https://thecyberwire.com/podcasts/daily-podcast/1679/notes
Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy
https://thehackernews.com/2022/10/fortinet-warns-of-new-auth-bypass-flaw.html
securepupads.g.doubleclick.net removal
https://www.reddit.com/r/Malware/comments/xy5bdb/securepupadsgdoubleclicknet_removal/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Australian teen arrested for blackmailing Optus breach victims. CareOregon accidentally leaks member data. City of Tucson discloses data breach.
https://thecyberwire.com/podcasts/privacy-briefing/685/notes
3 actions Latin American leaders must take to reduce risk of cyberattacks
https://www.csoonline.com/article/3675961/3-actions-latin-american-leaders-must-take-to-reduce-risk-of-cyberattacks.html#tk.rss_all
This Week in Malware - Over 100 Packages Discovered
https://malware.news/t/this-week-in-malware-over-100-packages-discovered/64018#post_1
Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities
https://thehackernews.com/2022/10/microsoft-issues-improved-mitigations.html
Facebook Detects 400 Android and iOS Apps Stealing Users Log-in Credentials
https://thehackernews.com/2022/10/facebook-detects-400-android-and-ios.html
Microsoft warns of Exchange Server vulnerabilities. Hacktivists compromise Mexican government data. Patch news. Crime and punishment.
https://thecyberwire.com/newsletters/week-that-was/6/40
2600 KICKED OFF OF YOUTUBE FOR SARCASTIC REMARK
https://www.2600.com/content/2600-kicked-youtube-sarcastic-remark
A US EO addresses EU data privacy concerns. China’s favorite CVEs. Election security and credit risk. COVID phishbait. Notes from the hybrid war, including some really motivated draft evaders.
https://thecyberwire.com/podcasts/daily-podcast/1679/notes
Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy
https://thehackernews.com/2022/10/fortinet-warns-of-new-auth-bypass-flaw.html
securepupads.g.doubleclick.net removal
https://www.reddit.com/r/Malware/comments/xy5bdb/securepupadsgdoubleclicknet_removal/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Australian teen arrested for blackmailing Optus breach victims. CareOregon accidentally leaks member data. City of Tucson discloses…
Australian teen arrested for blackmailing Optus breach victims. CareOregon accidentally leaks member data. City of Tucson discloses data breach.
Top Security News for 09/10/2022
Romance scammer given 25 years of alone time
https://malware.news/t/romance-scammer-given-25-years-of-alone-time/64021#post_1
What is torrenting and how does it work?
https://malware.news/t/what-is-torrenting-and-how-does-it-work/64025#post_1
Sysmon v14.1 Release, (Sat, Oct 8th)
https://isc.sans.edu/diary/rss/29126
Pentest reporting and the remediation cycle: Why aren’t we making progress?
https://thecyberwire.com/podcasts/cyberwire-x/39/notes
BlackByte Ransomware abuses vulnerable driver to bypass security solutions
https://securityaffairs.co/wordpress/136816/malware/blackbyte-ransomware-byovd-attack.html
Unpatched remote code execution flaw in Zimbra Collaboration Suite actively exploited
https://securityaffairs.co/wordpress/136800/hacking/zimbra-collaboration-suite-rce.html
Sysmon v14.1 Release, (Sat, Oct 8th)
https://malware.news/t/sysmon-v14-1-release-sat-oct-8th/64023#post_1
I had a pop up ad
https://www.reddit.com/r/Malware/comments/xzdzwu/i_had_a_pop_up_ad/
What can we learn from leaked Insyde's BIOS for Intel Alder Lake
https://www.reddit.com/r/netsec/comments/xyuwa7/what_can_we_learn_from_leaked_insydes_bios_for/
Key takeaways from ESET Threat Report T2 2022 – Week in security with Tony Anscombe
https://malware.news/t/key-takeaways-from-eset-threat-report-t2-2022-week-in-security-with-tony-anscombe/64026#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Romance scammer given 25 years of alone time
https://malware.news/t/romance-scammer-given-25-years-of-alone-time/64021#post_1
What is torrenting and how does it work?
https://malware.news/t/what-is-torrenting-and-how-does-it-work/64025#post_1
Sysmon v14.1 Release, (Sat, Oct 8th)
https://isc.sans.edu/diary/rss/29126
Pentest reporting and the remediation cycle: Why aren’t we making progress?
https://thecyberwire.com/podcasts/cyberwire-x/39/notes
BlackByte Ransomware abuses vulnerable driver to bypass security solutions
https://securityaffairs.co/wordpress/136816/malware/blackbyte-ransomware-byovd-attack.html
Unpatched remote code execution flaw in Zimbra Collaboration Suite actively exploited
https://securityaffairs.co/wordpress/136800/hacking/zimbra-collaboration-suite-rce.html
Sysmon v14.1 Release, (Sat, Oct 8th)
https://malware.news/t/sysmon-v14-1-release-sat-oct-8th/64023#post_1
I had a pop up ad
https://www.reddit.com/r/Malware/comments/xzdzwu/i_had_a_pop_up_ad/
What can we learn from leaked Insyde's BIOS for Intel Alder Lake
https://www.reddit.com/r/netsec/comments/xyuwa7/what_can_we_learn_from_leaked_insydes_bios_for/
Key takeaways from ESET Threat Report T2 2022 – Week in security with Tony Anscombe
https://malware.news/t/key-takeaways-from-eset-threat-report-t2-2022-week-in-security-with-tony-anscombe/64026#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Romance scammer given 25 years of alone time
Romance scams are often low risk, high reward strategies for ciminals, who use them to steal large sums of money from vulnerable people in the cruellest ways possible. Once the victim wires the cash, there’s a good chance that it’s never coming back. The…
👍1
Top Security News for 10/10/2022
Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM
https://securityaffairs.co/wordpress/136866/cyber-crime/south-africa-eskom-everest-ransomware.html
Lloyd’s of London investigates alleged cyber attack
https://securityaffairs.co/wordpress/136834/security/lloyds-of-london-cyberattack.html
Curl's resolve Option, (Sun, Oct 9th)
https://isc.sans.edu/diary/rss/29132
Pt 2 – XDR: from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/64/notes
ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://isc.sans.edu/diary/rss/29134
ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://malware.news/t/isc-stormcast-for-monday-october-10th-2022-https-isc-sans-edu-podcastdetail-html-id-8206-mon-oct-10th/64030#post_1
Use case creation in SIEM - Malicious download
https://www.reddit.com/r/Malware/comments/xzmszq/use_case_creation_in_siem_malicious_download/
Is there a team recruiting?
https://0x00sec.org/t/is-there-a-team-recruiting/31635
Security Affairs newsletter Round 387
https://securityaffairs.co/wordpress/136857/breaking-news/security-affairs-newsletter-round-387.html
ISC StormCast for Monday, October 10th, 2022
https://isc.sans.edu/podcastdetail.html?id=8206
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM
https://securityaffairs.co/wordpress/136866/cyber-crime/south-africa-eskom-everest-ransomware.html
Lloyd’s of London investigates alleged cyber attack
https://securityaffairs.co/wordpress/136834/security/lloyds-of-london-cyberattack.html
Curl's resolve Option, (Sun, Oct 9th)
https://isc.sans.edu/diary/rss/29132
Pt 2 – XDR: from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/64/notes
ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://isc.sans.edu/diary/rss/29134
ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://malware.news/t/isc-stormcast-for-monday-october-10th-2022-https-isc-sans-edu-podcastdetail-html-id-8206-mon-oct-10th/64030#post_1
Use case creation in SIEM - Malicious download
https://www.reddit.com/r/Malware/comments/xzmszq/use_case_creation_in_siem_malicious_download/
Is there a team recruiting?
https://0x00sec.org/t/is-there-a-team-recruiting/31635
Security Affairs newsletter Round 387
https://securityaffairs.co/wordpress/136857/breaking-news/security-affairs-newsletter-round-387.html
ISC StormCast for Monday, October 10th, 2022
https://isc.sans.edu/podcastdetail.html?id=8206
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM
Everest ransomware operators claimed to have hacked South Africa state-owned company ESKOM Hld SOC Ltd.
Top Security News for 11/10/2022
Python and Malware: Writing a simple wiper malware
https://0x00sec.org/t/python-and-malware-writing-a-simple-wiper-malware/31652
GitLab: RCE via github import
https://www.reddit.com/r/netsec/comments/y0cnw1/gitlab_rce_via_github_import/
White House unveils Blueprint for an AI Bill of Rights
https://www.malwarebytes.com/blog/news/2022/10/the-white-houses-new-bill-of-rights-holds-big-tech-companies-accountable-for-their-ai
A week in security (October 3 – 9)
https://www.malwarebytes.com/blog/news/2022/10/a-week-in-security-october-3-9
Endor Labs offers dependency management platform for open source software
https://www.csoonline.com/article/3675963/endor-labs-offers-dependency-management-platform-for-open-source-software.html#tk.rss_all
White House unveils Blueprint for an AI Bill of Rights
https://malware.news/t/white-house-unveils-blueprint-for-an-ai-bill-of-rights/64045#post_1
ISC Stormcast For Tuesday, October 11th, 2022 https://isc.sans.edu/podcastdetail.html?id=8208, (Tue, Oct 11th)
https://malware.news/t/isc-stormcast-for-tuesday-october-11th-2022-https-isc-sans-edu-podcastdetail-html-id-8208-tue-oct-11th/64048#post_1
Hackers Steal $100 Million Cryptocurrency from Binance Bridge
https://thehackernews.com/2022/10/hackers-steal-100-million.html
Security Alert: Alert Regarding Authentication Bypass Vulnerability (CVE-2022-42458) in bingo!CMS
https://malware.news/t/security-alert-alert-regarding-authentication-bypass-vulnerability-cve-2022-42458-in-bingo-cms/64049#post_1
Persistent PHP payloads in PNGs: How to inject PHP code in an image and keep it there!
https://www.reddit.com/r/netsec/comments/y0jlzp/persistent_php_payloads_in_pngs_how_to_inject_php/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Python and Malware: Writing a simple wiper malware
https://0x00sec.org/t/python-and-malware-writing-a-simple-wiper-malware/31652
GitLab: RCE via github import
https://www.reddit.com/r/netsec/comments/y0cnw1/gitlab_rce_via_github_import/
White House unveils Blueprint for an AI Bill of Rights
https://www.malwarebytes.com/blog/news/2022/10/the-white-houses-new-bill-of-rights-holds-big-tech-companies-accountable-for-their-ai
A week in security (October 3 – 9)
https://www.malwarebytes.com/blog/news/2022/10/a-week-in-security-october-3-9
Endor Labs offers dependency management platform for open source software
https://www.csoonline.com/article/3675963/endor-labs-offers-dependency-management-platform-for-open-source-software.html#tk.rss_all
White House unveils Blueprint for an AI Bill of Rights
https://malware.news/t/white-house-unveils-blueprint-for-an-ai-bill-of-rights/64045#post_1
ISC Stormcast For Tuesday, October 11th, 2022 https://isc.sans.edu/podcastdetail.html?id=8208, (Tue, Oct 11th)
https://malware.news/t/isc-stormcast-for-tuesday-october-11th-2022-https-isc-sans-edu-podcastdetail-html-id-8208-tue-oct-11th/64048#post_1
Hackers Steal $100 Million Cryptocurrency from Binance Bridge
https://thehackernews.com/2022/10/hackers-steal-100-million.html
Security Alert: Alert Regarding Authentication Bypass Vulnerability (CVE-2022-42458) in bingo!CMS
https://malware.news/t/security-alert-alert-regarding-authentication-bypass-vulnerability-cve-2022-42458-in-bingo-cms/64049#post_1
Persistent PHP payloads in PNGs: How to inject PHP code in an image and keep it there!
https://www.reddit.com/r/netsec/comments/y0jlzp/persistent_php_payloads_in_pngs_how_to_inject_php/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
0x00sec - The Home of the Hacker
Python and Malware: Writing a simple wiper malware
Introduction In this article, I’ll describe how to write a malware, Please notice this is not a “true” malware this is only has to show you the basics and even how easy to be written, Probably python is not the best choice at all, It’s an interpreted language…
Top Security News for 12/10/2022
postMessage Braindump - a brief postMessage testing methodology
https://www.reddit.com/r/netsec/comments/y1tehd/postmessage_braindump_a_brief_postmessage_testing/
Uncovering Siemens SIMATIC S7-1200/1500 Hardcoded Cryptographic Keys in PLCs
https://www.reddit.com/r/netsec/comments/y19lns/uncovering_siemens_simatic_s712001500_hardcoded/
An 18 year scam odyssey of stranded astronauts
https://www.malwarebytes.com/blog/news/2022/10/an-18-year-scam-odyssey-of-stranded-astronauts
Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox
https://thehackernews.com/2022/10/researchers-detail-critical-rce-flaw.html
Meta warns Facebook users about malicious apps. Toyota leaves the keys in the car door. Dialog IT discloses security incident.
https://thecyberwire.com/podcasts/privacy-briefing/686/notes
The Fresh Phish Market: Behind the Scenes of the Caffeine Phishing-as-a-Service Platform
https://www.reddit.com/r/netsec/comments/y1hkqk/the_fresh_phish_market_behind_the_scenes_of_the/
Caffeine phishing-as-a-service platform. Malicious apps in official app stores. New Android spyware.
https://thecyberwire.com/podcasts/research-briefing/138/notes
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/11-10-2022
Smart lights vulnerable to "blink and you'll miss it" attack
https://www.malwarebytes.com/blog/news/2022/10/smart-lighting-system-suffers-a-blink-and-youll-miss-it-attack
The Latest Funding News and What it Means for Cyber Security in 2023
https://thehackernews.com/2022/10/the-latest-funding-news-and-what-it.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
postMessage Braindump - a brief postMessage testing methodology
https://www.reddit.com/r/netsec/comments/y1tehd/postmessage_braindump_a_brief_postmessage_testing/
Uncovering Siemens SIMATIC S7-1200/1500 Hardcoded Cryptographic Keys in PLCs
https://www.reddit.com/r/netsec/comments/y19lns/uncovering_siemens_simatic_s712001500_hardcoded/
An 18 year scam odyssey of stranded astronauts
https://www.malwarebytes.com/blog/news/2022/10/an-18-year-scam-odyssey-of-stranded-astronauts
Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox
https://thehackernews.com/2022/10/researchers-detail-critical-rce-flaw.html
Meta warns Facebook users about malicious apps. Toyota leaves the keys in the car door. Dialog IT discloses security incident.
https://thecyberwire.com/podcasts/privacy-briefing/686/notes
The Fresh Phish Market: Behind the Scenes of the Caffeine Phishing-as-a-Service Platform
https://www.reddit.com/r/netsec/comments/y1hkqk/the_fresh_phish_market_behind_the_scenes_of_the/
Caffeine phishing-as-a-service platform. Malicious apps in official app stores. New Android spyware.
https://thecyberwire.com/podcasts/research-briefing/138/notes
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/11-10-2022
Smart lights vulnerable to "blink and you'll miss it" attack
https://www.malwarebytes.com/blog/news/2022/10/smart-lighting-system-suffers-a-blink-and-youll-miss-it-attack
The Latest Funding News and What it Means for Cyber Security in 2023
https://thehackernews.com/2022/10/the-latest-funding-news-and-what-it.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
postMessage Braindump - a brief postMessage testing methodology
Posted in r/netsec by u/Gallus • 1 point and 0 comments
Top Security News for 13/10/2022
Information overload, burnout, talent retention impacting SOC performance
https://www.csoonline.com/article/3676135/information-overload-burnout-talent-retention-impacting-soc-performance.html#tk.rss_all
Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections
https://www.microsoft.com/security/blog/2022/10/12/introducing-new-microsoft-defender-for-cloud-innovations-to-strengthen-cloud-native-protections/
Update now! October patch Tuesday fixes actively used zero-day...but not the one you expected
https://malware.news/t/update-now-october-patch-tuesday-fixes-actively-used-zero-day-but-not-the-one-you-expected/64139#post_1
Sandfly 4.2 - Automatic Host Discovery and Faster Than Ever
https://malware.news/t/sandfly-4-2-automatic-host-discovery-and-faster-than-ever/64143#post_1
Prevent Ransomware Attacks on Critical Infrastructure
https://malware.news/t/prevent-ransomware-attacks-on-critical-infrastructure/64141#post_1
Top 5 ransomware detection techniques: Pros and cons of each
https://www.malwarebytes.com/blog/business/2022/10/top-5-ransomware-detection-techniques-pros-and-cons-of-each
5 cybersecurity capabilities announced at Microsoft Ignite 2022 to help you secure more with less
https://www.microsoft.com/security/blog/2022/10/12/5-cybersecurity-capabilities-announced-at-microsoft-ignite-2022-to-help-you-secure-more-with-less/
Sharing my OSCP Pre-Preparation Plan which I once made for my own self, for those who are interested in getting OSCP certification soon. Here is the link:
https://www.reddit.com/r/netsec/comments/y206t3/sharing_my_oscp_prepreparation_plan_which_i_once/
Portnox adds IoT fingerprinting to network access control service
https://www.csoonline.com/article/3676232/portnox-adds-iot-fingerprinting-to-network-access-control-service.html#tk.rss_all
UK government sounds alarm on tax scams
https://www.malwarebytes.com/blog/news/2022/10/ukgov-sounds-alarm-on-hmrc-tax-scams
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Information overload, burnout, talent retention impacting SOC performance
https://www.csoonline.com/article/3676135/information-overload-burnout-talent-retention-impacting-soc-performance.html#tk.rss_all
Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections
https://www.microsoft.com/security/blog/2022/10/12/introducing-new-microsoft-defender-for-cloud-innovations-to-strengthen-cloud-native-protections/
Update now! October patch Tuesday fixes actively used zero-day...but not the one you expected
https://malware.news/t/update-now-october-patch-tuesday-fixes-actively-used-zero-day-but-not-the-one-you-expected/64139#post_1
Sandfly 4.2 - Automatic Host Discovery and Faster Than Ever
https://malware.news/t/sandfly-4-2-automatic-host-discovery-and-faster-than-ever/64143#post_1
Prevent Ransomware Attacks on Critical Infrastructure
https://malware.news/t/prevent-ransomware-attacks-on-critical-infrastructure/64141#post_1
Top 5 ransomware detection techniques: Pros and cons of each
https://www.malwarebytes.com/blog/business/2022/10/top-5-ransomware-detection-techniques-pros-and-cons-of-each
5 cybersecurity capabilities announced at Microsoft Ignite 2022 to help you secure more with less
https://www.microsoft.com/security/blog/2022/10/12/5-cybersecurity-capabilities-announced-at-microsoft-ignite-2022-to-help-you-secure-more-with-less/
Sharing my OSCP Pre-Preparation Plan which I once made for my own self, for those who are interested in getting OSCP certification soon. Here is the link:
https://www.reddit.com/r/netsec/comments/y206t3/sharing_my_oscp_prepreparation_plan_which_i_once/
Portnox adds IoT fingerprinting to network access control service
https://www.csoonline.com/article/3676232/portnox-adds-iot-fingerprinting-to-network-access-control-service.html#tk.rss_all
UK government sounds alarm on tax scams
https://www.malwarebytes.com/blog/news/2022/10/ukgov-sounds-alarm-on-hmrc-tax-scams
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO Online
Information overload, burnout, talent retention impacting SOC performance
Security operations center leaders and staff report numerous pain points impacting SOC performance.
Top Security News for 14/10/2022
Cybersecurity labels. Transatlantic data sharing agreement update. US restricts chip exports to China. CISA will not share industry feedback on performance goals. 3.22
https://thecyberwire.com/newsletters/policy-briefing/4/197
What the cybercriminals are up to: improving their tools and carrying out the same old dreary social engineering. Budworm APT sightings. And the state of Russia’s hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1682/notes
Emotet ups its game. Budworm APT sightings. Social engineering scams. Internet takedown and recovery.
https://thecyberwire.com/newsletters/daily-briefing/11/197
Fashion company fined for data breach. Arizona city suffers data breach after hacker breaks into user account. Massive trove of credit card data dumped on dark web.
https://thecyberwire.com/podcasts/privacy-briefing/688/notes
Budworm Hackers Resurface with New Espionage Attacks Aimed at U.S. Organization
https://thehackernews.com/2022/10/budworm-hackers-resurface-with-new.html
RPC Toolkit - security research oriented resources on MS-RPC (articles, PoCs, vulnerability write-ups, tools, etc.)
https://www.reddit.com/r/netsec/comments/y2ubqx/rpc_toolkit_security_research_oriented_resources/
Chinese APT's favorite vulnerabilities revealed
https://malware.news/t/chinese-apts-favorite-vulnerabilities-revealed/64178#post_1
What the Uber verdict means to CISOs: You're (probably) not going to jail
https://www.csoonline.com/article/3676078/what-the-uber-verdict-means-to-cisos-youre-probably-not-going-to-jail.html#tk.rss_all
How to Investigate Insider Threats (Forensic Methodology)
https://www.reddit.com/r/netsec/comments/y30in9/how_to_investigate_insider_threats_forensic/
ISC Stormcast For Friday, October 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8214, (Fri, Oct 14th)
https://isc.sans.edu/diary/rss/29148
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Cybersecurity labels. Transatlantic data sharing agreement update. US restricts chip exports to China. CISA will not share industry feedback on performance goals. 3.22
https://thecyberwire.com/newsletters/policy-briefing/4/197
What the cybercriminals are up to: improving their tools and carrying out the same old dreary social engineering. Budworm APT sightings. And the state of Russia’s hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1682/notes
Emotet ups its game. Budworm APT sightings. Social engineering scams. Internet takedown and recovery.
https://thecyberwire.com/newsletters/daily-briefing/11/197
Fashion company fined for data breach. Arizona city suffers data breach after hacker breaks into user account. Massive trove of credit card data dumped on dark web.
https://thecyberwire.com/podcasts/privacy-briefing/688/notes
Budworm Hackers Resurface with New Espionage Attacks Aimed at U.S. Organization
https://thehackernews.com/2022/10/budworm-hackers-resurface-with-new.html
RPC Toolkit - security research oriented resources on MS-RPC (articles, PoCs, vulnerability write-ups, tools, etc.)
https://www.reddit.com/r/netsec/comments/y2ubqx/rpc_toolkit_security_research_oriented_resources/
Chinese APT's favorite vulnerabilities revealed
https://malware.news/t/chinese-apts-favorite-vulnerabilities-revealed/64178#post_1
What the Uber verdict means to CISOs: You're (probably) not going to jail
https://www.csoonline.com/article/3676078/what-the-uber-verdict-means-to-cisos-youre-probably-not-going-to-jail.html#tk.rss_all
How to Investigate Insider Threats (Forensic Methodology)
https://www.reddit.com/r/netsec/comments/y30in9/how_to_investigate_insider_threats_forensic/
ISC Stormcast For Friday, October 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8214, (Fri, Oct 14th)
https://isc.sans.edu/diary/rss/29148
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Cybersecurity labels. Transatlantic data sharing agreement update. US restricts chip exports to China. CISA will not share industry…
US expected to proceed with cybersecurity labeling modeled on EnergyStar. Transatlantic data sharing agreement could face pushback. US restricts chip exports to China. CISA chooses not to share industry feedback on performance goals.
Top Security News for 16/10/2022
New PHP Version of Ducktail info-stealer hijacks Facebook Business accounts
https://securityaffairs.co/wordpress/137145/malware/ducktail-php-targets-facebook.html
Userbenchmark
https://www.reddit.com/r/Malware/comments/y52asz/userbenchmark/
FBI, CISA warn of disinformation ahead of midterms
https://malware.news/t/fbi-cisa-warn-of-disinformation-ahead-of-midterms/64206#post_1
Cyber confidence: Knowing what you have and where it is.
https://thecyberwire.com/podcasts/cyberwire-x/40/notes
FBI, CISA warn of disinformation ahead of midterms
https://www.malwarebytes.com/blog/news/2022/10/fbi-and-cisa-urge-americans-to-be-critical-of-information-in-light-of-midterm-election
Malware - Covid Vaccination Supplier Declaration, (Sat, Oct 15th)
https://malware.news/t/malware-covid-vaccination-supplier-declaration-sat-oct-15th/64207#post_1
Amanda Adams: Pivoting into the tech world.
https://thecyberwire.com/podcasts/career-notes/121/notes
Indian power generation giant Tata Power hit by a cyber attack
https://securityaffairs.co/wordpress/137130/hacking/tata-power-cyber-attack.html
Social Engineering and Breaking into Stuff with Jenny Radcliffe
https://thecyberwire.com/podcasts/8th-layer-insights/26/notes
Malware - Covid Vaccination Supplier Declaration, (Sat, Oct 15th)
https://isc.sans.edu/diary/rss/29150
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
New PHP Version of Ducktail info-stealer hijacks Facebook Business accounts
https://securityaffairs.co/wordpress/137145/malware/ducktail-php-targets-facebook.html
Userbenchmark
https://www.reddit.com/r/Malware/comments/y52asz/userbenchmark/
FBI, CISA warn of disinformation ahead of midterms
https://malware.news/t/fbi-cisa-warn-of-disinformation-ahead-of-midterms/64206#post_1
Cyber confidence: Knowing what you have and where it is.
https://thecyberwire.com/podcasts/cyberwire-x/40/notes
FBI, CISA warn of disinformation ahead of midterms
https://www.malwarebytes.com/blog/news/2022/10/fbi-and-cisa-urge-americans-to-be-critical-of-information-in-light-of-midterm-election
Malware - Covid Vaccination Supplier Declaration, (Sat, Oct 15th)
https://malware.news/t/malware-covid-vaccination-supplier-declaration-sat-oct-15th/64207#post_1
Amanda Adams: Pivoting into the tech world.
https://thecyberwire.com/podcasts/career-notes/121/notes
Indian power generation giant Tata Power hit by a cyber attack
https://securityaffairs.co/wordpress/137130/hacking/tata-power-cyber-attack.html
Social Engineering and Breaking into Stuff with Jenny Radcliffe
https://thecyberwire.com/podcasts/8th-layer-insights/26/notes
Malware - Covid Vaccination Supplier Declaration, (Sat, Oct 15th)
https://isc.sans.edu/diary/rss/29150
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
New PHP Version of Ducktail info-stealer hijacks Facebook Business accounts
Experts spotted a PHP version of an information-stealing malware called Ducktail spread as cracked installers for legitimate apps and games.
👍1
Top Security News for 17/10/2022
Rozwiązania MSHP CTF (październik 2022)
https://gynvael.coldwind.pl/?id=756
Regulator: A unique method of subdomain enumeration
https://www.reddit.com/r/netsec/comments/y5muc1/regulator_a_unique_method_of_subdomain_enumeration/
ISC Stormcast For Monday, October 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8216, (Mon, Oct 17th)
https://isc.sans.edu/diary/rss/29154
Android and iOS leak some data outside VPNs
https://malware.news/t/android-and-ios-leak-some-data-outside-vpns/64213#post_1
Mysterious Prestige ransomware targets organizations in Ukraine and Poland
https://securityaffairs.co/wordpress/137203/apt/prestige-ransomware-targets-ukraine.html
Cybercriminals use Hurricane Ian as lure for scams, theft of FEMA funds
https://malware.news/t/cybercriminals-use-hurricane-ian-as-lure-for-scams-theft-of-fema-funds/64210#post_1
Weekly News Roundup — October 9 to October 15
https://malware.news/t/weekly-news-roundup-october-9-to-october-15/64211#post_1
Security Affairs newsletter Round 389
https://securityaffairs.co/wordpress/137161/breaking-news/security-affairs-newsletter-round-389.html
17th October – Threat Intelligence Report
https://malware.news/t/17th-october-threat-intelligence-report/64209#post_1
Video: Analysis of a Malicious HTML File (QBot), (Sun, Oct 16th)
https://isc.sans.edu/diary/rss/29152
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Rozwiązania MSHP CTF (październik 2022)
https://gynvael.coldwind.pl/?id=756
Regulator: A unique method of subdomain enumeration
https://www.reddit.com/r/netsec/comments/y5muc1/regulator_a_unique_method_of_subdomain_enumeration/
ISC Stormcast For Monday, October 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8216, (Mon, Oct 17th)
https://isc.sans.edu/diary/rss/29154
Android and iOS leak some data outside VPNs
https://malware.news/t/android-and-ios-leak-some-data-outside-vpns/64213#post_1
Mysterious Prestige ransomware targets organizations in Ukraine and Poland
https://securityaffairs.co/wordpress/137203/apt/prestige-ransomware-targets-ukraine.html
Cybercriminals use Hurricane Ian as lure for scams, theft of FEMA funds
https://malware.news/t/cybercriminals-use-hurricane-ian-as-lure-for-scams-theft-of-fema-funds/64210#post_1
Weekly News Roundup — October 9 to October 15
https://malware.news/t/weekly-news-roundup-october-9-to-october-15/64211#post_1
Security Affairs newsletter Round 389
https://securityaffairs.co/wordpress/137161/breaking-news/security-affairs-newsletter-round-389.html
17th October – Threat Intelligence Report
https://malware.news/t/17th-october-threat-intelligence-report/64209#post_1
Video: Analysis of a Malicious HTML File (QBot), (Sun, Oct 16th)
https://isc.sans.edu/diary/rss/29152
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
gynvael.coldwind.pl
Rozwiązania MSHP CTF (październik 2022)