Top Security News for 03/10/2022
What I learnt from reading 126 Information Disclosure bug reports/writeups.
https://www.reddit.com/r/netsec/comments/xtj6ch/what_i_learnt_from_reading_126_information/
Supply chain compromise impacting Comm100 Live Chat software
https://malware.news/t/supply-chain-compromise-impacting-comm100-live-chat-software/63841/1
ISC Stormcast For Monday, October 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8198, (Mon, Oct 3rd)
https://malware.news/t/isc-stormcast-for-monday-october-3rd-2022-https-isc-sans-edu-podcastdetail-html-id-8198-mon-oct-3rd/63843/1
Dank: The greatest encoder you've never heard of
https://www.reddit.com/r/netsec/comments/xtus0q/dank_the_greatest_encoder_youve_never_heard_of/
ISC StormCast for Monday, October 3rd, 2022
https://isc.sans.edu/podcastdetail.html?id=8198
Pt 1 – XDR: from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/63/notes
Security Affairs newsletter Round 386
https://securityaffairs.co/wordpress/136534/breaking-news/security-affairs-newsletter-round-386.html
PS5-4.03-Kernel-Exploit: An experimental webkit-based kernel exploit (Arbitrary R/W) for the PS5 on 4.03FW
https://www.reddit.com/r/netsec/comments/xu3nz0/ps5403kernelexploit_an_experimental_webkitbased/
Some Notes on VIRTUALGATE
https://malware.news/t/some-notes-on-virtualgate/63845/1
The 5 best security cameras of 2022
https://malware.news/t/the-5-best-security-cameras-of-2022/63844/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
What I learnt from reading 126 Information Disclosure bug reports/writeups.
https://www.reddit.com/r/netsec/comments/xtj6ch/what_i_learnt_from_reading_126_information/
Supply chain compromise impacting Comm100 Live Chat software
https://malware.news/t/supply-chain-compromise-impacting-comm100-live-chat-software/63841/1
ISC Stormcast For Monday, October 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8198, (Mon, Oct 3rd)
https://malware.news/t/isc-stormcast-for-monday-october-3rd-2022-https-isc-sans-edu-podcastdetail-html-id-8198-mon-oct-3rd/63843/1
Dank: The greatest encoder you've never heard of
https://www.reddit.com/r/netsec/comments/xtus0q/dank_the_greatest_encoder_youve_never_heard_of/
ISC StormCast for Monday, October 3rd, 2022
https://isc.sans.edu/podcastdetail.html?id=8198
Pt 1 – XDR: from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/63/notes
Security Affairs newsletter Round 386
https://securityaffairs.co/wordpress/136534/breaking-news/security-affairs-newsletter-round-386.html
PS5-4.03-Kernel-Exploit: An experimental webkit-based kernel exploit (Arbitrary R/W) for the PS5 on 4.03FW
https://www.reddit.com/r/netsec/comments/xu3nz0/ps5403kernelexploit_an_experimental_webkitbased/
Some Notes on VIRTUALGATE
https://malware.news/t/some-notes-on-virtualgate/63845/1
The 5 best security cameras of 2022
https://malware.news/t/the-5-best-security-cameras-of-2022/63844/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
What I learnt from reading 126 Information Disclosure bug...
Posted in r/netsec by u/_nynan • 104 points and 3 comments
Top Security News for 04/10/2022
Hackers Exploiting Dell Driver Vulnerability to Deploy Rootkit on Targeted Computers
https://thehackernews.com/2022/10/hackers-exploiting-dell-driver.html
WUSB HISTORICAL VIDEO SERIES BEGINS
https://www.2600.com/content/wusb-historical-video-series-begins
ISC Stormcast For Tuesday, October 4th, 2022 https://isc.sans.edu/podcastdetail.html?id=8200, (Tue, Oct 4th)
https://isc.sans.edu/diary/rss/29110
Researcher Spotlight: Globetrotting with Yuri Kramarz
https://malware.news/t/researcher-spotlight-globetrotting-with-yuri-kramarz/63877/1
Microsoft Exchange zero-days exploited. Supply chain attack reported. New Lazarus activity. Mexican government falls victim to hacktivism. Hacking partial mobilization. Former insider threat.
https://thecyberwire.com/podcasts/daily-podcast/1675/notes
Microsoft mitigation for new Exchange Server zero-day exploits can be bypassed
https://www.csoonline.com/article/3675557/microsoft-mitigation-for-new-exchange-server-zero-day-exploits-can-be-bypassed.html#tk.rss_all
California Man Fined $1,000 for Drawing Lines on Maps
https://www.vice.com/en_us/article/v7vyj3/california-man-fined-for-drawing-lines-on-existing-maps
Romance scammer deepfakes Mark Ruffalo to con elderly artist
https://www.malwarebytes.com/blog/news/2022/10/romance-scammer-makes-bank-with-deepfake-mark-ruffalo
Lockbit ransomware case study
https://www.reddit.com/r/Malware/comments/xv2ijb/lockbit_ransomware_case_study/
I need some help
https://0x00sec.org/t/i-need-some-help/31517
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Hackers Exploiting Dell Driver Vulnerability to Deploy Rootkit on Targeted Computers
https://thehackernews.com/2022/10/hackers-exploiting-dell-driver.html
WUSB HISTORICAL VIDEO SERIES BEGINS
https://www.2600.com/content/wusb-historical-video-series-begins
ISC Stormcast For Tuesday, October 4th, 2022 https://isc.sans.edu/podcastdetail.html?id=8200, (Tue, Oct 4th)
https://isc.sans.edu/diary/rss/29110
Researcher Spotlight: Globetrotting with Yuri Kramarz
https://malware.news/t/researcher-spotlight-globetrotting-with-yuri-kramarz/63877/1
Microsoft Exchange zero-days exploited. Supply chain attack reported. New Lazarus activity. Mexican government falls victim to hacktivism. Hacking partial mobilization. Former insider threat.
https://thecyberwire.com/podcasts/daily-podcast/1675/notes
Microsoft mitigation for new Exchange Server zero-day exploits can be bypassed
https://www.csoonline.com/article/3675557/microsoft-mitigation-for-new-exchange-server-zero-day-exploits-can-be-bypassed.html#tk.rss_all
California Man Fined $1,000 for Drawing Lines on Maps
https://www.vice.com/en_us/article/v7vyj3/california-man-fined-for-drawing-lines-on-existing-maps
Romance scammer deepfakes Mark Ruffalo to con elderly artist
https://www.malwarebytes.com/blog/news/2022/10/romance-scammer-makes-bank-with-deepfake-mark-ruffalo
Lockbit ransomware case study
https://www.reddit.com/r/Malware/comments/xv2ijb/lockbit_ransomware_case_study/
I need some help
https://0x00sec.org/t/i-need-some-help/31517
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Tuesday, October 4th, 2022 - SANS ISC
Top Security News for 05/10/2022
ProxyNotShell – the New Proxy Hell?
https://thehackernews.com/2022/10/proxynotshell-new-proxy-hell.html
Optus Hack Exposes Data of Nearly 2.1 Million Australian Telecom Customers
https://thehackernews.com/2022/10/optus-hack-exposes-data-of-nearly-21.html
Back to Basics: Cybersecurity's Weakest Link
https://thehackernews.com/2022/10/back-to-basics-cybersecuritys-weakest.html
TSUBAME Report Overflow (Apr-Jun 2022)
https://malware.news/t/tsubame-report-overflow-apr-jun-2022/63916/1
TikTok's "secret operation" tracks you even if you don't use it
https://malware.news/t/tiktoks-secret-operation-tracks-you-even-if-you-dont-use-it/63912/1
Cybersecurity awareness tips from Microsoft to empower your team to #BeCyberSmart
https://www.microsoft.com/security/blog/2022/10/04/cybersecurity-awareness-tips-from-microsoft-to-empower-your-team-to-becybersmart/
Mitigation for Exchange Zero-Days Bypassed! Microsoft Issues New Workarounds
https://thehackernews.com/2022/10/mitigation-for-exchange-zero-days.html
Dell launches new cybersecurity resources to enhance zero-trust adoption, cyber resilience
https://www.csoonline.com/article/3675558/dell-launches-new-cybersecurity-resources-to-enhance-zero-trust-adoption-cyber-resilience.html#tk.rss_all
Wireshark 4.0.0 has been released
https://www.reddit.com/r/netsec/comments/xw0q7c/wireshark_400_has_been_released/
Pixel 6 bootloader: Emulation, ROP
https://www.reddit.com/r/netsec/comments/xw1uxc/pixel_6_bootloader_emulation_rop/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ProxyNotShell – the New Proxy Hell?
https://thehackernews.com/2022/10/proxynotshell-new-proxy-hell.html
Optus Hack Exposes Data of Nearly 2.1 Million Australian Telecom Customers
https://thehackernews.com/2022/10/optus-hack-exposes-data-of-nearly-21.html
Back to Basics: Cybersecurity's Weakest Link
https://thehackernews.com/2022/10/back-to-basics-cybersecuritys-weakest.html
TSUBAME Report Overflow (Apr-Jun 2022)
https://malware.news/t/tsubame-report-overflow-apr-jun-2022/63916/1
TikTok's "secret operation" tracks you even if you don't use it
https://malware.news/t/tiktoks-secret-operation-tracks-you-even-if-you-dont-use-it/63912/1
Cybersecurity awareness tips from Microsoft to empower your team to #BeCyberSmart
https://www.microsoft.com/security/blog/2022/10/04/cybersecurity-awareness-tips-from-microsoft-to-empower-your-team-to-becybersmart/
Mitigation for Exchange Zero-Days Bypassed! Microsoft Issues New Workarounds
https://thehackernews.com/2022/10/mitigation-for-exchange-zero-days.html
Dell launches new cybersecurity resources to enhance zero-trust adoption, cyber resilience
https://www.csoonline.com/article/3675558/dell-launches-new-cybersecurity-resources-to-enhance-zero-trust-adoption-cyber-resilience.html#tk.rss_all
Wireshark 4.0.0 has been released
https://www.reddit.com/r/netsec/comments/xw0q7c/wireshark_400_has_been_released/
Pixel 6 bootloader: Emulation, ROP
https://www.reddit.com/r/netsec/comments/xw1uxc/pixel_6_bootloader_emulation_rop/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
TSUBAME Report Overflow (Apr-Jun 2022)
This TSUBAME Report Overflow series discuss monitoring trends of overseas TSUBAME sensors and other activities which the Internet Threat Monitoring Quarterly Reports does not include. This article covers the monitoring results for the period of April to June…
Top Security News for 06/10/2022
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/05-10-2022
MSSQL, meet Maggie - a novel backdoor for MSSQL servers.
https://www.reddit.com/r/netsec/comments/xvdyri/mssql_meet_maggie_a_novel_backdoor_for_mssql/
Telstra Telecom Suffers Data Breach Potentially Exposing Employee Information
https://thehackernews.com/2022/10/telstra-telecom-suffers-data-breach.html
Customer Field enhancement at Delivery Level in EWM
https://malware.news/t/customer-field-enhancement-at-delivery-level-in-ewm/63961/1
Kocho acquires Mobliciti. NetSPI receives $410 million in funding. Optus breach fallout.
https://thecyberwire.com/newsletters/business-briefing/4/40
Talkin’ About Infosec News – 10/5/2022
https://malware.news/t/talkin-about-infosec-news-10-5-2022/63960/1
Microsoft updates guidance for ‘ProxyNotShell’ bugs after researchers get around mitigations
https://malware.news/t/microsoft-updates-guidance-for-proxynotshell-bugs-after-researchers-get-around-mitigations/63957/1
A Deep Dive of CVE-2022–33987 (Got allows a redirect to a UNIX socket)
https://www.reddit.com/r/netsec/comments/xwre1m/a_deep_dive_of_cve202233987_got_allows_a_redirect/
What is cyber quantum computing?
https://thecyberwire.com/podcasts/hacking-humans/215/notes
How to encrypt a folder in MacOS to keep sensitive data from prying eyes
https://malware.news/t/how-to-encrypt-a-folder-in-macos-to-keep-sensitive-data-from-prying-eyes/63959/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/05-10-2022
MSSQL, meet Maggie - a novel backdoor for MSSQL servers.
https://www.reddit.com/r/netsec/comments/xvdyri/mssql_meet_maggie_a_novel_backdoor_for_mssql/
Telstra Telecom Suffers Data Breach Potentially Exposing Employee Information
https://thehackernews.com/2022/10/telstra-telecom-suffers-data-breach.html
Customer Field enhancement at Delivery Level in EWM
https://malware.news/t/customer-field-enhancement-at-delivery-level-in-ewm/63961/1
Kocho acquires Mobliciti. NetSPI receives $410 million in funding. Optus breach fallout.
https://thecyberwire.com/newsletters/business-briefing/4/40
Talkin’ About Infosec News – 10/5/2022
https://malware.news/t/talkin-about-infosec-news-10-5-2022/63960/1
Microsoft updates guidance for ‘ProxyNotShell’ bugs after researchers get around mitigations
https://malware.news/t/microsoft-updates-guidance-for-proxynotshell-bugs-after-researchers-get-around-mitigations/63957/1
A Deep Dive of CVE-2022–33987 (Got allows a redirect to a UNIX socket)
https://www.reddit.com/r/netsec/comments/xwre1m/a_deep_dive_of_cve202233987_got_allows_a_redirect/
What is cyber quantum computing?
https://thecyberwire.com/podcasts/hacking-humans/215/notes
How to encrypt a folder in MacOS to keep sensitive data from prying eyes
https://malware.news/t/how-to-encrypt-a-folder-in-macos-to-keep-sensitive-data-from-prying-eyes/63959/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
MSSQL, meet Maggie - a novel backdoor for MSSQL servers.
Posted in r/netsec by u/OwnPreparation3424 • 2 points and 0 comments
Top Security News for 07/10/2022
Details Released for Recently Patched new macOS Archive Utility Vulnerability
https://thehackernews.com/2022/10/details-released-for-recently-patched.html
NetWalker Ransomware Scumbag Jailed For 20 Years
https://packetstormsecurity.com/news/view/33919/NetWalker-Ransomware-Scumbag-Jailed-For-20-Years.html
ISC StormCast for Friday, October 7th, 2022
https://isc.sans.edu/podcastdetail.html?id=8204
Government considers centralising digital ID verification on myGov in wake of Optus breach
https://www.theguardian.com/technology/2022/oct/07/government-considers-centralising-digital-id-verification-on-mygov-in-wake-of-optus-breach
CVE-2022-41343 - RCE via Phar Deserialisation (Dompdf)
https://www.reddit.com/r/netsec/comments/xwyf9o/cve202241343_rce_via_phar_deserialisation_dompdf/
Fully loaded: testing vulnerable PyYAML versions
https://www.reddit.com/r/netsec/comments/xxc2aa/fully_loaded_testing_vulnerable_pyyaml_versions/
Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan
https://www.csoonline.com/article/3675559/dashlane-launches-new-dark-web-insights-tool-mfa-authenticator-app-small-biz-starter-plan.html#tk.rss_all
Former Uber Security Chief Found Guilty of Data Breach Coverup
https://thehackernews.com/2022/10/former-uber-security-chief-found-guilty.html
TransUnion taps behavioral analytics to aid fraud detection, curb false positives
https://www.csoonline.com/article/3675955/transunion-taps-behavioral-analytics-to-aid-fraud-detection-curb-false-positives.html#tk.rss_all
Ransomware review: September 2022
https://www.malwarebytes.com/blog/threat-intelligence/2022/10/ransomware-review-september-2022
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Details Released for Recently Patched new macOS Archive Utility Vulnerability
https://thehackernews.com/2022/10/details-released-for-recently-patched.html
NetWalker Ransomware Scumbag Jailed For 20 Years
https://packetstormsecurity.com/news/view/33919/NetWalker-Ransomware-Scumbag-Jailed-For-20-Years.html
ISC StormCast for Friday, October 7th, 2022
https://isc.sans.edu/podcastdetail.html?id=8204
Government considers centralising digital ID verification on myGov in wake of Optus breach
https://www.theguardian.com/technology/2022/oct/07/government-considers-centralising-digital-id-verification-on-mygov-in-wake-of-optus-breach
CVE-2022-41343 - RCE via Phar Deserialisation (Dompdf)
https://www.reddit.com/r/netsec/comments/xwyf9o/cve202241343_rce_via_phar_deserialisation_dompdf/
Fully loaded: testing vulnerable PyYAML versions
https://www.reddit.com/r/netsec/comments/xxc2aa/fully_loaded_testing_vulnerable_pyyaml_versions/
Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan
https://www.csoonline.com/article/3675559/dashlane-launches-new-dark-web-insights-tool-mfa-authenticator-app-small-biz-starter-plan.html#tk.rss_all
Former Uber Security Chief Found Guilty of Data Breach Coverup
https://thehackernews.com/2022/10/former-uber-security-chief-found-guilty.html
TransUnion taps behavioral analytics to aid fraud detection, curb false positives
https://www.csoonline.com/article/3675955/transunion-taps-behavioral-analytics-to-aid-fraud-detection-curb-false-positives.html#tk.rss_all
Ransomware review: September 2022
https://www.malwarebytes.com/blog/threat-intelligence/2022/10/ransomware-review-september-2022
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The Register
NetWalker ransomware crook jailed for 20 years
And note to his crime pals – he said he would sing like a canary
Top Security News for 08/10/2022
Australian teen arrested for blackmailing Optus breach victims. CareOregon accidentally leaks member data. City of Tucson discloses data breach.
https://thecyberwire.com/podcasts/privacy-briefing/685/notes
3 actions Latin American leaders must take to reduce risk of cyberattacks
https://www.csoonline.com/article/3675961/3-actions-latin-american-leaders-must-take-to-reduce-risk-of-cyberattacks.html#tk.rss_all
This Week in Malware - Over 100 Packages Discovered
https://malware.news/t/this-week-in-malware-over-100-packages-discovered/64018#post_1
Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities
https://thehackernews.com/2022/10/microsoft-issues-improved-mitigations.html
Facebook Detects 400 Android and iOS Apps Stealing Users Log-in Credentials
https://thehackernews.com/2022/10/facebook-detects-400-android-and-ios.html
Microsoft warns of Exchange Server vulnerabilities. Hacktivists compromise Mexican government data. Patch news. Crime and punishment.
https://thecyberwire.com/newsletters/week-that-was/6/40
2600 KICKED OFF OF YOUTUBE FOR SARCASTIC REMARK
https://www.2600.com/content/2600-kicked-youtube-sarcastic-remark
A US EO addresses EU data privacy concerns. China’s favorite CVEs. Election security and credit risk. COVID phishbait. Notes from the hybrid war, including some really motivated draft evaders.
https://thecyberwire.com/podcasts/daily-podcast/1679/notes
Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy
https://thehackernews.com/2022/10/fortinet-warns-of-new-auth-bypass-flaw.html
securepupads.g.doubleclick.net removal
https://www.reddit.com/r/Malware/comments/xy5bdb/securepupadsgdoubleclicknet_removal/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Australian teen arrested for blackmailing Optus breach victims. CareOregon accidentally leaks member data. City of Tucson discloses data breach.
https://thecyberwire.com/podcasts/privacy-briefing/685/notes
3 actions Latin American leaders must take to reduce risk of cyberattacks
https://www.csoonline.com/article/3675961/3-actions-latin-american-leaders-must-take-to-reduce-risk-of-cyberattacks.html#tk.rss_all
This Week in Malware - Over 100 Packages Discovered
https://malware.news/t/this-week-in-malware-over-100-packages-discovered/64018#post_1
Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities
https://thehackernews.com/2022/10/microsoft-issues-improved-mitigations.html
Facebook Detects 400 Android and iOS Apps Stealing Users Log-in Credentials
https://thehackernews.com/2022/10/facebook-detects-400-android-and-ios.html
Microsoft warns of Exchange Server vulnerabilities. Hacktivists compromise Mexican government data. Patch news. Crime and punishment.
https://thecyberwire.com/newsletters/week-that-was/6/40
2600 KICKED OFF OF YOUTUBE FOR SARCASTIC REMARK
https://www.2600.com/content/2600-kicked-youtube-sarcastic-remark
A US EO addresses EU data privacy concerns. China’s favorite CVEs. Election security and credit risk. COVID phishbait. Notes from the hybrid war, including some really motivated draft evaders.
https://thecyberwire.com/podcasts/daily-podcast/1679/notes
Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy
https://thehackernews.com/2022/10/fortinet-warns-of-new-auth-bypass-flaw.html
securepupads.g.doubleclick.net removal
https://www.reddit.com/r/Malware/comments/xy5bdb/securepupadsgdoubleclicknet_removal/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Australian teen arrested for blackmailing Optus breach victims. CareOregon accidentally leaks member data. City of Tucson discloses…
Australian teen arrested for blackmailing Optus breach victims. CareOregon accidentally leaks member data. City of Tucson discloses data breach.
Top Security News for 09/10/2022
Romance scammer given 25 years of alone time
https://malware.news/t/romance-scammer-given-25-years-of-alone-time/64021#post_1
What is torrenting and how does it work?
https://malware.news/t/what-is-torrenting-and-how-does-it-work/64025#post_1
Sysmon v14.1 Release, (Sat, Oct 8th)
https://isc.sans.edu/diary/rss/29126
Pentest reporting and the remediation cycle: Why aren’t we making progress?
https://thecyberwire.com/podcasts/cyberwire-x/39/notes
BlackByte Ransomware abuses vulnerable driver to bypass security solutions
https://securityaffairs.co/wordpress/136816/malware/blackbyte-ransomware-byovd-attack.html
Unpatched remote code execution flaw in Zimbra Collaboration Suite actively exploited
https://securityaffairs.co/wordpress/136800/hacking/zimbra-collaboration-suite-rce.html
Sysmon v14.1 Release, (Sat, Oct 8th)
https://malware.news/t/sysmon-v14-1-release-sat-oct-8th/64023#post_1
I had a pop up ad
https://www.reddit.com/r/Malware/comments/xzdzwu/i_had_a_pop_up_ad/
What can we learn from leaked Insyde's BIOS for Intel Alder Lake
https://www.reddit.com/r/netsec/comments/xyuwa7/what_can_we_learn_from_leaked_insydes_bios_for/
Key takeaways from ESET Threat Report T2 2022 – Week in security with Tony Anscombe
https://malware.news/t/key-takeaways-from-eset-threat-report-t2-2022-week-in-security-with-tony-anscombe/64026#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Romance scammer given 25 years of alone time
https://malware.news/t/romance-scammer-given-25-years-of-alone-time/64021#post_1
What is torrenting and how does it work?
https://malware.news/t/what-is-torrenting-and-how-does-it-work/64025#post_1
Sysmon v14.1 Release, (Sat, Oct 8th)
https://isc.sans.edu/diary/rss/29126
Pentest reporting and the remediation cycle: Why aren’t we making progress?
https://thecyberwire.com/podcasts/cyberwire-x/39/notes
BlackByte Ransomware abuses vulnerable driver to bypass security solutions
https://securityaffairs.co/wordpress/136816/malware/blackbyte-ransomware-byovd-attack.html
Unpatched remote code execution flaw in Zimbra Collaboration Suite actively exploited
https://securityaffairs.co/wordpress/136800/hacking/zimbra-collaboration-suite-rce.html
Sysmon v14.1 Release, (Sat, Oct 8th)
https://malware.news/t/sysmon-v14-1-release-sat-oct-8th/64023#post_1
I had a pop up ad
https://www.reddit.com/r/Malware/comments/xzdzwu/i_had_a_pop_up_ad/
What can we learn from leaked Insyde's BIOS for Intel Alder Lake
https://www.reddit.com/r/netsec/comments/xyuwa7/what_can_we_learn_from_leaked_insydes_bios_for/
Key takeaways from ESET Threat Report T2 2022 – Week in security with Tony Anscombe
https://malware.news/t/key-takeaways-from-eset-threat-report-t2-2022-week-in-security-with-tony-anscombe/64026#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Romance scammer given 25 years of alone time
Romance scams are often low risk, high reward strategies for ciminals, who use them to steal large sums of money from vulnerable people in the cruellest ways possible. Once the victim wires the cash, there’s a good chance that it’s never coming back. The…
👍1
Top Security News for 10/10/2022
Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM
https://securityaffairs.co/wordpress/136866/cyber-crime/south-africa-eskom-everest-ransomware.html
Lloyd’s of London investigates alleged cyber attack
https://securityaffairs.co/wordpress/136834/security/lloyds-of-london-cyberattack.html
Curl's resolve Option, (Sun, Oct 9th)
https://isc.sans.edu/diary/rss/29132
Pt 2 – XDR: from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/64/notes
ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://isc.sans.edu/diary/rss/29134
ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://malware.news/t/isc-stormcast-for-monday-october-10th-2022-https-isc-sans-edu-podcastdetail-html-id-8206-mon-oct-10th/64030#post_1
Use case creation in SIEM - Malicious download
https://www.reddit.com/r/Malware/comments/xzmszq/use_case_creation_in_siem_malicious_download/
Is there a team recruiting?
https://0x00sec.org/t/is-there-a-team-recruiting/31635
Security Affairs newsletter Round 387
https://securityaffairs.co/wordpress/136857/breaking-news/security-affairs-newsletter-round-387.html
ISC StormCast for Monday, October 10th, 2022
https://isc.sans.edu/podcastdetail.html?id=8206
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM
https://securityaffairs.co/wordpress/136866/cyber-crime/south-africa-eskom-everest-ransomware.html
Lloyd’s of London investigates alleged cyber attack
https://securityaffairs.co/wordpress/136834/security/lloyds-of-london-cyberattack.html
Curl's resolve Option, (Sun, Oct 9th)
https://isc.sans.edu/diary/rss/29132
Pt 2 – XDR: from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/64/notes
ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://isc.sans.edu/diary/rss/29134
ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://malware.news/t/isc-stormcast-for-monday-october-10th-2022-https-isc-sans-edu-podcastdetail-html-id-8206-mon-oct-10th/64030#post_1
Use case creation in SIEM - Malicious download
https://www.reddit.com/r/Malware/comments/xzmszq/use_case_creation_in_siem_malicious_download/
Is there a team recruiting?
https://0x00sec.org/t/is-there-a-team-recruiting/31635
Security Affairs newsletter Round 387
https://securityaffairs.co/wordpress/136857/breaking-news/security-affairs-newsletter-round-387.html
ISC StormCast for Monday, October 10th, 2022
https://isc.sans.edu/podcastdetail.html?id=8206
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM
Everest ransomware operators claimed to have hacked South Africa state-owned company ESKOM Hld SOC Ltd.
Top Security News for 11/10/2022
Python and Malware: Writing a simple wiper malware
https://0x00sec.org/t/python-and-malware-writing-a-simple-wiper-malware/31652
GitLab: RCE via github import
https://www.reddit.com/r/netsec/comments/y0cnw1/gitlab_rce_via_github_import/
White House unveils Blueprint for an AI Bill of Rights
https://www.malwarebytes.com/blog/news/2022/10/the-white-houses-new-bill-of-rights-holds-big-tech-companies-accountable-for-their-ai
A week in security (October 3 – 9)
https://www.malwarebytes.com/blog/news/2022/10/a-week-in-security-october-3-9
Endor Labs offers dependency management platform for open source software
https://www.csoonline.com/article/3675963/endor-labs-offers-dependency-management-platform-for-open-source-software.html#tk.rss_all
White House unveils Blueprint for an AI Bill of Rights
https://malware.news/t/white-house-unveils-blueprint-for-an-ai-bill-of-rights/64045#post_1
ISC Stormcast For Tuesday, October 11th, 2022 https://isc.sans.edu/podcastdetail.html?id=8208, (Tue, Oct 11th)
https://malware.news/t/isc-stormcast-for-tuesday-october-11th-2022-https-isc-sans-edu-podcastdetail-html-id-8208-tue-oct-11th/64048#post_1
Hackers Steal $100 Million Cryptocurrency from Binance Bridge
https://thehackernews.com/2022/10/hackers-steal-100-million.html
Security Alert: Alert Regarding Authentication Bypass Vulnerability (CVE-2022-42458) in bingo!CMS
https://malware.news/t/security-alert-alert-regarding-authentication-bypass-vulnerability-cve-2022-42458-in-bingo-cms/64049#post_1
Persistent PHP payloads in PNGs: How to inject PHP code in an image and keep it there!
https://www.reddit.com/r/netsec/comments/y0jlzp/persistent_php_payloads_in_pngs_how_to_inject_php/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Python and Malware: Writing a simple wiper malware
https://0x00sec.org/t/python-and-malware-writing-a-simple-wiper-malware/31652
GitLab: RCE via github import
https://www.reddit.com/r/netsec/comments/y0cnw1/gitlab_rce_via_github_import/
White House unveils Blueprint for an AI Bill of Rights
https://www.malwarebytes.com/blog/news/2022/10/the-white-houses-new-bill-of-rights-holds-big-tech-companies-accountable-for-their-ai
A week in security (October 3 – 9)
https://www.malwarebytes.com/blog/news/2022/10/a-week-in-security-october-3-9
Endor Labs offers dependency management platform for open source software
https://www.csoonline.com/article/3675963/endor-labs-offers-dependency-management-platform-for-open-source-software.html#tk.rss_all
White House unveils Blueprint for an AI Bill of Rights
https://malware.news/t/white-house-unveils-blueprint-for-an-ai-bill-of-rights/64045#post_1
ISC Stormcast For Tuesday, October 11th, 2022 https://isc.sans.edu/podcastdetail.html?id=8208, (Tue, Oct 11th)
https://malware.news/t/isc-stormcast-for-tuesday-october-11th-2022-https-isc-sans-edu-podcastdetail-html-id-8208-tue-oct-11th/64048#post_1
Hackers Steal $100 Million Cryptocurrency from Binance Bridge
https://thehackernews.com/2022/10/hackers-steal-100-million.html
Security Alert: Alert Regarding Authentication Bypass Vulnerability (CVE-2022-42458) in bingo!CMS
https://malware.news/t/security-alert-alert-regarding-authentication-bypass-vulnerability-cve-2022-42458-in-bingo-cms/64049#post_1
Persistent PHP payloads in PNGs: How to inject PHP code in an image and keep it there!
https://www.reddit.com/r/netsec/comments/y0jlzp/persistent_php_payloads_in_pngs_how_to_inject_php/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
0x00sec - The Home of the Hacker
Python and Malware: Writing a simple wiper malware
Introduction In this article, I’ll describe how to write a malware, Please notice this is not a “true” malware this is only has to show you the basics and even how easy to be written, Probably python is not the best choice at all, It’s an interpreted language…
Top Security News for 12/10/2022
postMessage Braindump - a brief postMessage testing methodology
https://www.reddit.com/r/netsec/comments/y1tehd/postmessage_braindump_a_brief_postmessage_testing/
Uncovering Siemens SIMATIC S7-1200/1500 Hardcoded Cryptographic Keys in PLCs
https://www.reddit.com/r/netsec/comments/y19lns/uncovering_siemens_simatic_s712001500_hardcoded/
An 18 year scam odyssey of stranded astronauts
https://www.malwarebytes.com/blog/news/2022/10/an-18-year-scam-odyssey-of-stranded-astronauts
Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox
https://thehackernews.com/2022/10/researchers-detail-critical-rce-flaw.html
Meta warns Facebook users about malicious apps. Toyota leaves the keys in the car door. Dialog IT discloses security incident.
https://thecyberwire.com/podcasts/privacy-briefing/686/notes
The Fresh Phish Market: Behind the Scenes of the Caffeine Phishing-as-a-Service Platform
https://www.reddit.com/r/netsec/comments/y1hkqk/the_fresh_phish_market_behind_the_scenes_of_the/
Caffeine phishing-as-a-service platform. Malicious apps in official app stores. New Android spyware.
https://thecyberwire.com/podcasts/research-briefing/138/notes
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/11-10-2022
Smart lights vulnerable to "blink and you'll miss it" attack
https://www.malwarebytes.com/blog/news/2022/10/smart-lighting-system-suffers-a-blink-and-youll-miss-it-attack
The Latest Funding News and What it Means for Cyber Security in 2023
https://thehackernews.com/2022/10/the-latest-funding-news-and-what-it.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
postMessage Braindump - a brief postMessage testing methodology
https://www.reddit.com/r/netsec/comments/y1tehd/postmessage_braindump_a_brief_postmessage_testing/
Uncovering Siemens SIMATIC S7-1200/1500 Hardcoded Cryptographic Keys in PLCs
https://www.reddit.com/r/netsec/comments/y19lns/uncovering_siemens_simatic_s712001500_hardcoded/
An 18 year scam odyssey of stranded astronauts
https://www.malwarebytes.com/blog/news/2022/10/an-18-year-scam-odyssey-of-stranded-astronauts
Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox
https://thehackernews.com/2022/10/researchers-detail-critical-rce-flaw.html
Meta warns Facebook users about malicious apps. Toyota leaves the keys in the car door. Dialog IT discloses security incident.
https://thecyberwire.com/podcasts/privacy-briefing/686/notes
The Fresh Phish Market: Behind the Scenes of the Caffeine Phishing-as-a-Service Platform
https://www.reddit.com/r/netsec/comments/y1hkqk/the_fresh_phish_market_behind_the_scenes_of_the/
Caffeine phishing-as-a-service platform. Malicious apps in official app stores. New Android spyware.
https://thecyberwire.com/podcasts/research-briefing/138/notes
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/11-10-2022
Smart lights vulnerable to "blink and you'll miss it" attack
https://www.malwarebytes.com/blog/news/2022/10/smart-lighting-system-suffers-a-blink-and-youll-miss-it-attack
The Latest Funding News and What it Means for Cyber Security in 2023
https://thehackernews.com/2022/10/the-latest-funding-news-and-what-it.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
postMessage Braindump - a brief postMessage testing methodology
Posted in r/netsec by u/Gallus • 1 point and 0 comments
Top Security News for 13/10/2022
Information overload, burnout, talent retention impacting SOC performance
https://www.csoonline.com/article/3676135/information-overload-burnout-talent-retention-impacting-soc-performance.html#tk.rss_all
Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections
https://www.microsoft.com/security/blog/2022/10/12/introducing-new-microsoft-defender-for-cloud-innovations-to-strengthen-cloud-native-protections/
Update now! October patch Tuesday fixes actively used zero-day...but not the one you expected
https://malware.news/t/update-now-october-patch-tuesday-fixes-actively-used-zero-day-but-not-the-one-you-expected/64139#post_1
Sandfly 4.2 - Automatic Host Discovery and Faster Than Ever
https://malware.news/t/sandfly-4-2-automatic-host-discovery-and-faster-than-ever/64143#post_1
Prevent Ransomware Attacks on Critical Infrastructure
https://malware.news/t/prevent-ransomware-attacks-on-critical-infrastructure/64141#post_1
Top 5 ransomware detection techniques: Pros and cons of each
https://www.malwarebytes.com/blog/business/2022/10/top-5-ransomware-detection-techniques-pros-and-cons-of-each
5 cybersecurity capabilities announced at Microsoft Ignite 2022 to help you secure more with less
https://www.microsoft.com/security/blog/2022/10/12/5-cybersecurity-capabilities-announced-at-microsoft-ignite-2022-to-help-you-secure-more-with-less/
Sharing my OSCP Pre-Preparation Plan which I once made for my own self, for those who are interested in getting OSCP certification soon. Here is the link:
https://www.reddit.com/r/netsec/comments/y206t3/sharing_my_oscp_prepreparation_plan_which_i_once/
Portnox adds IoT fingerprinting to network access control service
https://www.csoonline.com/article/3676232/portnox-adds-iot-fingerprinting-to-network-access-control-service.html#tk.rss_all
UK government sounds alarm on tax scams
https://www.malwarebytes.com/blog/news/2022/10/ukgov-sounds-alarm-on-hmrc-tax-scams
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Information overload, burnout, talent retention impacting SOC performance
https://www.csoonline.com/article/3676135/information-overload-burnout-talent-retention-impacting-soc-performance.html#tk.rss_all
Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections
https://www.microsoft.com/security/blog/2022/10/12/introducing-new-microsoft-defender-for-cloud-innovations-to-strengthen-cloud-native-protections/
Update now! October patch Tuesday fixes actively used zero-day...but not the one you expected
https://malware.news/t/update-now-october-patch-tuesday-fixes-actively-used-zero-day-but-not-the-one-you-expected/64139#post_1
Sandfly 4.2 - Automatic Host Discovery and Faster Than Ever
https://malware.news/t/sandfly-4-2-automatic-host-discovery-and-faster-than-ever/64143#post_1
Prevent Ransomware Attacks on Critical Infrastructure
https://malware.news/t/prevent-ransomware-attacks-on-critical-infrastructure/64141#post_1
Top 5 ransomware detection techniques: Pros and cons of each
https://www.malwarebytes.com/blog/business/2022/10/top-5-ransomware-detection-techniques-pros-and-cons-of-each
5 cybersecurity capabilities announced at Microsoft Ignite 2022 to help you secure more with less
https://www.microsoft.com/security/blog/2022/10/12/5-cybersecurity-capabilities-announced-at-microsoft-ignite-2022-to-help-you-secure-more-with-less/
Sharing my OSCP Pre-Preparation Plan which I once made for my own self, for those who are interested in getting OSCP certification soon. Here is the link:
https://www.reddit.com/r/netsec/comments/y206t3/sharing_my_oscp_prepreparation_plan_which_i_once/
Portnox adds IoT fingerprinting to network access control service
https://www.csoonline.com/article/3676232/portnox-adds-iot-fingerprinting-to-network-access-control-service.html#tk.rss_all
UK government sounds alarm on tax scams
https://www.malwarebytes.com/blog/news/2022/10/ukgov-sounds-alarm-on-hmrc-tax-scams
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO Online
Information overload, burnout, talent retention impacting SOC performance
Security operations center leaders and staff report numerous pain points impacting SOC performance.
Top Security News for 14/10/2022
Cybersecurity labels. Transatlantic data sharing agreement update. US restricts chip exports to China. CISA will not share industry feedback on performance goals. 3.22
https://thecyberwire.com/newsletters/policy-briefing/4/197
What the cybercriminals are up to: improving their tools and carrying out the same old dreary social engineering. Budworm APT sightings. And the state of Russia’s hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1682/notes
Emotet ups its game. Budworm APT sightings. Social engineering scams. Internet takedown and recovery.
https://thecyberwire.com/newsletters/daily-briefing/11/197
Fashion company fined for data breach. Arizona city suffers data breach after hacker breaks into user account. Massive trove of credit card data dumped on dark web.
https://thecyberwire.com/podcasts/privacy-briefing/688/notes
Budworm Hackers Resurface with New Espionage Attacks Aimed at U.S. Organization
https://thehackernews.com/2022/10/budworm-hackers-resurface-with-new.html
RPC Toolkit - security research oriented resources on MS-RPC (articles, PoCs, vulnerability write-ups, tools, etc.)
https://www.reddit.com/r/netsec/comments/y2ubqx/rpc_toolkit_security_research_oriented_resources/
Chinese APT's favorite vulnerabilities revealed
https://malware.news/t/chinese-apts-favorite-vulnerabilities-revealed/64178#post_1
What the Uber verdict means to CISOs: You're (probably) not going to jail
https://www.csoonline.com/article/3676078/what-the-uber-verdict-means-to-cisos-youre-probably-not-going-to-jail.html#tk.rss_all
How to Investigate Insider Threats (Forensic Methodology)
https://www.reddit.com/r/netsec/comments/y30in9/how_to_investigate_insider_threats_forensic/
ISC Stormcast For Friday, October 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8214, (Fri, Oct 14th)
https://isc.sans.edu/diary/rss/29148
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Cybersecurity labels. Transatlantic data sharing agreement update. US restricts chip exports to China. CISA will not share industry feedback on performance goals. 3.22
https://thecyberwire.com/newsletters/policy-briefing/4/197
What the cybercriminals are up to: improving their tools and carrying out the same old dreary social engineering. Budworm APT sightings. And the state of Russia’s hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1682/notes
Emotet ups its game. Budworm APT sightings. Social engineering scams. Internet takedown and recovery.
https://thecyberwire.com/newsletters/daily-briefing/11/197
Fashion company fined for data breach. Arizona city suffers data breach after hacker breaks into user account. Massive trove of credit card data dumped on dark web.
https://thecyberwire.com/podcasts/privacy-briefing/688/notes
Budworm Hackers Resurface with New Espionage Attacks Aimed at U.S. Organization
https://thehackernews.com/2022/10/budworm-hackers-resurface-with-new.html
RPC Toolkit - security research oriented resources on MS-RPC (articles, PoCs, vulnerability write-ups, tools, etc.)
https://www.reddit.com/r/netsec/comments/y2ubqx/rpc_toolkit_security_research_oriented_resources/
Chinese APT's favorite vulnerabilities revealed
https://malware.news/t/chinese-apts-favorite-vulnerabilities-revealed/64178#post_1
What the Uber verdict means to CISOs: You're (probably) not going to jail
https://www.csoonline.com/article/3676078/what-the-uber-verdict-means-to-cisos-youre-probably-not-going-to-jail.html#tk.rss_all
How to Investigate Insider Threats (Forensic Methodology)
https://www.reddit.com/r/netsec/comments/y30in9/how_to_investigate_insider_threats_forensic/
ISC Stormcast For Friday, October 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8214, (Fri, Oct 14th)
https://isc.sans.edu/diary/rss/29148
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Cybersecurity labels. Transatlantic data sharing agreement update. US restricts chip exports to China. CISA will not share industry…
US expected to proceed with cybersecurity labeling modeled on EnergyStar. Transatlantic data sharing agreement could face pushback. US restricts chip exports to China. CISA chooses not to share industry feedback on performance goals.
Top Security News for 16/10/2022
New PHP Version of Ducktail info-stealer hijacks Facebook Business accounts
https://securityaffairs.co/wordpress/137145/malware/ducktail-php-targets-facebook.html
Userbenchmark
https://www.reddit.com/r/Malware/comments/y52asz/userbenchmark/
FBI, CISA warn of disinformation ahead of midterms
https://malware.news/t/fbi-cisa-warn-of-disinformation-ahead-of-midterms/64206#post_1
Cyber confidence: Knowing what you have and where it is.
https://thecyberwire.com/podcasts/cyberwire-x/40/notes
FBI, CISA warn of disinformation ahead of midterms
https://www.malwarebytes.com/blog/news/2022/10/fbi-and-cisa-urge-americans-to-be-critical-of-information-in-light-of-midterm-election
Malware - Covid Vaccination Supplier Declaration, (Sat, Oct 15th)
https://malware.news/t/malware-covid-vaccination-supplier-declaration-sat-oct-15th/64207#post_1
Amanda Adams: Pivoting into the tech world.
https://thecyberwire.com/podcasts/career-notes/121/notes
Indian power generation giant Tata Power hit by a cyber attack
https://securityaffairs.co/wordpress/137130/hacking/tata-power-cyber-attack.html
Social Engineering and Breaking into Stuff with Jenny Radcliffe
https://thecyberwire.com/podcasts/8th-layer-insights/26/notes
Malware - Covid Vaccination Supplier Declaration, (Sat, Oct 15th)
https://isc.sans.edu/diary/rss/29150
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
New PHP Version of Ducktail info-stealer hijacks Facebook Business accounts
https://securityaffairs.co/wordpress/137145/malware/ducktail-php-targets-facebook.html
Userbenchmark
https://www.reddit.com/r/Malware/comments/y52asz/userbenchmark/
FBI, CISA warn of disinformation ahead of midterms
https://malware.news/t/fbi-cisa-warn-of-disinformation-ahead-of-midterms/64206#post_1
Cyber confidence: Knowing what you have and where it is.
https://thecyberwire.com/podcasts/cyberwire-x/40/notes
FBI, CISA warn of disinformation ahead of midterms
https://www.malwarebytes.com/blog/news/2022/10/fbi-and-cisa-urge-americans-to-be-critical-of-information-in-light-of-midterm-election
Malware - Covid Vaccination Supplier Declaration, (Sat, Oct 15th)
https://malware.news/t/malware-covid-vaccination-supplier-declaration-sat-oct-15th/64207#post_1
Amanda Adams: Pivoting into the tech world.
https://thecyberwire.com/podcasts/career-notes/121/notes
Indian power generation giant Tata Power hit by a cyber attack
https://securityaffairs.co/wordpress/137130/hacking/tata-power-cyber-attack.html
Social Engineering and Breaking into Stuff with Jenny Radcliffe
https://thecyberwire.com/podcasts/8th-layer-insights/26/notes
Malware - Covid Vaccination Supplier Declaration, (Sat, Oct 15th)
https://isc.sans.edu/diary/rss/29150
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
New PHP Version of Ducktail info-stealer hijacks Facebook Business accounts
Experts spotted a PHP version of an information-stealing malware called Ducktail spread as cracked installers for legitimate apps and games.
👍1
Top Security News for 17/10/2022
Rozwiązania MSHP CTF (październik 2022)
https://gynvael.coldwind.pl/?id=756
Regulator: A unique method of subdomain enumeration
https://www.reddit.com/r/netsec/comments/y5muc1/regulator_a_unique_method_of_subdomain_enumeration/
ISC Stormcast For Monday, October 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8216, (Mon, Oct 17th)
https://isc.sans.edu/diary/rss/29154
Android and iOS leak some data outside VPNs
https://malware.news/t/android-and-ios-leak-some-data-outside-vpns/64213#post_1
Mysterious Prestige ransomware targets organizations in Ukraine and Poland
https://securityaffairs.co/wordpress/137203/apt/prestige-ransomware-targets-ukraine.html
Cybercriminals use Hurricane Ian as lure for scams, theft of FEMA funds
https://malware.news/t/cybercriminals-use-hurricane-ian-as-lure-for-scams-theft-of-fema-funds/64210#post_1
Weekly News Roundup — October 9 to October 15
https://malware.news/t/weekly-news-roundup-october-9-to-october-15/64211#post_1
Security Affairs newsletter Round 389
https://securityaffairs.co/wordpress/137161/breaking-news/security-affairs-newsletter-round-389.html
17th October – Threat Intelligence Report
https://malware.news/t/17th-october-threat-intelligence-report/64209#post_1
Video: Analysis of a Malicious HTML File (QBot), (Sun, Oct 16th)
https://isc.sans.edu/diary/rss/29152
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Rozwiązania MSHP CTF (październik 2022)
https://gynvael.coldwind.pl/?id=756
Regulator: A unique method of subdomain enumeration
https://www.reddit.com/r/netsec/comments/y5muc1/regulator_a_unique_method_of_subdomain_enumeration/
ISC Stormcast For Monday, October 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8216, (Mon, Oct 17th)
https://isc.sans.edu/diary/rss/29154
Android and iOS leak some data outside VPNs
https://malware.news/t/android-and-ios-leak-some-data-outside-vpns/64213#post_1
Mysterious Prestige ransomware targets organizations in Ukraine and Poland
https://securityaffairs.co/wordpress/137203/apt/prestige-ransomware-targets-ukraine.html
Cybercriminals use Hurricane Ian as lure for scams, theft of FEMA funds
https://malware.news/t/cybercriminals-use-hurricane-ian-as-lure-for-scams-theft-of-fema-funds/64210#post_1
Weekly News Roundup — October 9 to October 15
https://malware.news/t/weekly-news-roundup-october-9-to-october-15/64211#post_1
Security Affairs newsletter Round 389
https://securityaffairs.co/wordpress/137161/breaking-news/security-affairs-newsletter-round-389.html
17th October – Threat Intelligence Report
https://malware.news/t/17th-october-threat-intelligence-report/64209#post_1
Video: Analysis of a Malicious HTML File (QBot), (Sun, Oct 16th)
https://isc.sans.edu/diary/rss/29152
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
gynvael.coldwind.pl
Rozwiązania MSHP CTF (październik 2022)
Top Security News for 18/10/2022
MyDeal discloses breach. Election software CEO charged. FamilySearch discloses data breach. University of P.R. student involved in privacy violation.
https://thecyberwire.com/podcasts/privacy-briefing/690/notes
Zimbra Releases Patch for Actively Exploited Vulnerability in its Collaboration Suite
https://thehackernews.com/2022/10/zimbra-releases-patch-for-actively.html
Toner Deaf – Printing your next persistence (Hexacon 2022)
https://www.reddit.com/r/netsec/comments/y66era/toner_deaf_printing_your_next_persistence_hexacon/
Python Obfuscation for Dummies, (Tue, Oct 18th)
https://malware.news/t/python-obfuscation-for-dummies-tue-oct-18th/64243#post_1
Software Patch Management Policy Best Practices
https://malware.news/t/software-patch-management-policy-best-practices/64244#post_1
Black Basta Ransomware Hackers Infiltrate Networks via Qakbot to Deploy Brute Ratel C4
https://thehackernews.com/2022/10/black-basta-ransomware-hackers.html
Domain spoofing (noun)
https://thecyberwire.com/podcasts/word-notes/121/notes
Why Crypto Winter is No Excuse to Let Your Cyber Defenses Falter
https://thehackernews.com/2022/10/why-crypto-winter-is-no-excuse-to-let.html
Tata Power sustains cyberattack. Influence operations and battlespace prep. Ransom Cartel looks a lot like REvil. Notes from Russia’s hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1684/notes
Researchers Say Microsoft Office 365 Uses Broken Email Encryption to Secure Messages
https://thehackernews.com/2022/10/researchers-claim-microsoft-office-365.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
MyDeal discloses breach. Election software CEO charged. FamilySearch discloses data breach. University of P.R. student involved in privacy violation.
https://thecyberwire.com/podcasts/privacy-briefing/690/notes
Zimbra Releases Patch for Actively Exploited Vulnerability in its Collaboration Suite
https://thehackernews.com/2022/10/zimbra-releases-patch-for-actively.html
Toner Deaf – Printing your next persistence (Hexacon 2022)
https://www.reddit.com/r/netsec/comments/y66era/toner_deaf_printing_your_next_persistence_hexacon/
Python Obfuscation for Dummies, (Tue, Oct 18th)
https://malware.news/t/python-obfuscation-for-dummies-tue-oct-18th/64243#post_1
Software Patch Management Policy Best Practices
https://malware.news/t/software-patch-management-policy-best-practices/64244#post_1
Black Basta Ransomware Hackers Infiltrate Networks via Qakbot to Deploy Brute Ratel C4
https://thehackernews.com/2022/10/black-basta-ransomware-hackers.html
Domain spoofing (noun)
https://thecyberwire.com/podcasts/word-notes/121/notes
Why Crypto Winter is No Excuse to Let Your Cyber Defenses Falter
https://thehackernews.com/2022/10/why-crypto-winter-is-no-excuse-to-let.html
Tata Power sustains cyberattack. Influence operations and battlespace prep. Ransom Cartel looks a lot like REvil. Notes from Russia’s hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1684/notes
Researchers Say Microsoft Office 365 Uses Broken Email Encryption to Secure Messages
https://thehackernews.com/2022/10/researchers-claim-microsoft-office-365.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
The CyberWire — Your cybersecurity news connection
The CyberWire is an independent voice delivering concise, accessible, and relevant cybersecurity news to people all across the globe. We separate the signal from the noise.
Top Security News for 19/10/2022
Altruism under attack: why cybersecurity has become essential to humanitarian nonprofits
https://www.csoonline.com/article/3676668/altruism-under-attack-why-cybersecurity-has-become-essential-to-humanitarian-nonprofits.html#tk.rss_all
CVE-2022-42889 (Text4Shell) OSS detector - Finds possibly vulnerable JAR files
https://www.reddit.com/r/netsec/comments/y7aohf/cve202242889_text4shell_oss_detector_finds/
Fake tractor fraudsters plague online transactions
https://www.malwarebytes.com/blog/news/2022/10/fake-tractor-fraudsters-plague-online-transactions
ISC StormCast for Wednesday, October 19th, 2022
https://isc.sans.edu/podcastdetail.html?id=8220
Data Collection
https://malware.news/t/data-collection/64276#post_1
CVE-2022-28762: Zoom for macOS contains a debugging port misconfiguration
https://securityaffairs.co/wordpress/137266/security/zoom-macos-cve-2022-28762.html
FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684) + PoC
https://www.reddit.com/r/netsec/comments/y3lgv3/fortios_fortiproxy_and_fortiswitchmanager/
Our new scanner for Text4Shell
https://www.reddit.com/r/netsec/comments/y7gf09/our_new_scanner_for_text4shell/
Security Alert: Oracle Releases Critical Patch Update, October 2022
https://malware.news/t/security-alert-oracle-releases-critical-patch-update-october-2022/64278#post_1
How to spot a scam
https://malware.news/t/how-to-spot-a-scam/64274#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Altruism under attack: why cybersecurity has become essential to humanitarian nonprofits
https://www.csoonline.com/article/3676668/altruism-under-attack-why-cybersecurity-has-become-essential-to-humanitarian-nonprofits.html#tk.rss_all
CVE-2022-42889 (Text4Shell) OSS detector - Finds possibly vulnerable JAR files
https://www.reddit.com/r/netsec/comments/y7aohf/cve202242889_text4shell_oss_detector_finds/
Fake tractor fraudsters plague online transactions
https://www.malwarebytes.com/blog/news/2022/10/fake-tractor-fraudsters-plague-online-transactions
ISC StormCast for Wednesday, October 19th, 2022
https://isc.sans.edu/podcastdetail.html?id=8220
Data Collection
https://malware.news/t/data-collection/64276#post_1
CVE-2022-28762: Zoom for macOS contains a debugging port misconfiguration
https://securityaffairs.co/wordpress/137266/security/zoom-macos-cve-2022-28762.html
FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684) + PoC
https://www.reddit.com/r/netsec/comments/y3lgv3/fortios_fortiproxy_and_fortiswitchmanager/
Our new scanner for Text4Shell
https://www.reddit.com/r/netsec/comments/y7gf09/our_new_scanner_for_text4shell/
Security Alert: Oracle Releases Critical Patch Update, October 2022
https://malware.news/t/security-alert-oracle-releases-critical-patch-update-october-2022/64278#post_1
How to spot a scam
https://malware.news/t/how-to-spot-a-scam/64274#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
Altruism under attack: why cybersecurity has become essential to humanitarian nonprofits
Nonprofits engaged in vital humanitarian work are finding themselves faced with increasing cybersecurity risks in an already challenging environment.
Top Security News for 20/10/2022
Researchers Detail Azure SFX Flaw That Could've Allowed Attackers to Gain Admin Access
https://thehackernews.com/2022/10/researchers-detail-azure-sfx-flaw-that.html
Chinese Hackers Targeting Online Casinos with GamePlayerFramework Malware
https://thehackernews.com/2022/10/chinese-hackers-targeting-online.html
ISC Stormcast For Thursday, October 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8222, (Thu, Oct 20th)
https://malware.news/t/isc-stormcast-for-thursday-october-20th-2022-https-isc-sans-edu-podcastdetail-html-id-8222-thu-oct-20th/64324#post_1
Why Log4Text is not another Log4Shell
https://www.malwarebytes.com/blog/news/2022/10/why-log4text-is-not-another-log4shell
Do more with less—Discover the latest Microsoft Entra innovations
https://www.microsoft.com/security/blog/2022/10/19/do-more-with-less-discover-the-latest-microsoft-entra-innovations/
Fantastic Rootkits: And Where to Find Them (Part 1)
https://www.reddit.com/r/netsec/comments/y8jucu/fantastic_rootkits_and_where_to_find_them_part_1/
The cost to businesses of phishing.
https://thecyberwire.com
Ransomware attack freezes newspaper printing system
https://www.malwarebytes.com/blog/news/2022/10/ransomware-attack-freezes-newspaper-printing-system
HTTP/3 connection contamination: an upcoming threat
https://www.reddit.com/r/netsec/comments/y82ude/http3_connection_contamination_an_upcoming_threat/
Supply chain attacks increased over 600% this year and companies are falling behind
https://www.csoonline.com/article/3677228/supply-chain-attacks-increased-over-600-this-year-and-companies-are-falling-behind.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Researchers Detail Azure SFX Flaw That Could've Allowed Attackers to Gain Admin Access
https://thehackernews.com/2022/10/researchers-detail-azure-sfx-flaw-that.html
Chinese Hackers Targeting Online Casinos with GamePlayerFramework Malware
https://thehackernews.com/2022/10/chinese-hackers-targeting-online.html
ISC Stormcast For Thursday, October 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8222, (Thu, Oct 20th)
https://malware.news/t/isc-stormcast-for-thursday-october-20th-2022-https-isc-sans-edu-podcastdetail-html-id-8222-thu-oct-20th/64324#post_1
Why Log4Text is not another Log4Shell
https://www.malwarebytes.com/blog/news/2022/10/why-log4text-is-not-another-log4shell
Do more with less—Discover the latest Microsoft Entra innovations
https://www.microsoft.com/security/blog/2022/10/19/do-more-with-less-discover-the-latest-microsoft-entra-innovations/
Fantastic Rootkits: And Where to Find Them (Part 1)
https://www.reddit.com/r/netsec/comments/y8jucu/fantastic_rootkits_and_where_to_find_them_part_1/
The cost to businesses of phishing.
https://thecyberwire.com
Ransomware attack freezes newspaper printing system
https://www.malwarebytes.com/blog/news/2022/10/ransomware-attack-freezes-newspaper-printing-system
HTTP/3 connection contamination: an upcoming threat
https://www.reddit.com/r/netsec/comments/y82ude/http3_connection_contamination_an_upcoming_threat/
Supply chain attacks increased over 600% this year and companies are falling behind
https://www.csoonline.com/article/3677228/supply-chain-attacks-increased-over-600-this-year-and-companies-are-falling-behind.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Thursday, October 20th, 2022 - SANS ISC
Top Security News for 21/10/2022
Log4J-scan update: Detection for Apache Commons Text RCE (CVE-2022-42889)
https://www.reddit.com/r/netsec/comments/y91sp9/log4jscan_update_detection_for_apache_commons/
Experts spotted a new undetectable PowerShell Backdoor posing as a Windows update
https://securityaffairs.co/wordpress/137410/malware/undetectable-powershell-backdoor.html
Cybersecurity Workforce Study released.
https://thecyberwire.com/stories/8857909f273f46529695d5ea8caf954d/cybersecurity-workforce-study-released
Reverse Engineering the Apple MultiPeer Connectivity Framework
https://www.reddit.com/r/netsec/comments/y907qk/reverse_engineering_the_apple_multipeer/
ISC StormCast for Friday, October 21st, 2022
https://isc.sans.edu/podcastdetail.html?id=8224
GuLoader Malware Disguised as a Word File Being Distributed in Korea
https://malware.news/t/guloader-malware-disguised-as-a-word-file-being-distributed-in-korea/64374#post_1
ISC Stormcast For Friday, October 21st, 2022 https://isc.sans.edu/podcastdetail.html?id=8224, (Fri, Oct 21st)
https://isc.sans.edu/diary/rss/29172
5 essential security tips for SMBs
https://www.malwarebytes.com/blog/business/2022/10/5-essential-security-tips-for-smbs
Google Launches GUAC Open Source Project to Secure Software Supply Chain
https://thehackernews.com/2022/10/google-launches-guac-open-source.html
SHA-3 Buffer Overflow - CVE-2022-37454
https://www.reddit.com/r/netsec/comments/y98ox2/sha3_buffer_overflow_cve202237454/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Log4J-scan update: Detection for Apache Commons Text RCE (CVE-2022-42889)
https://www.reddit.com/r/netsec/comments/y91sp9/log4jscan_update_detection_for_apache_commons/
Experts spotted a new undetectable PowerShell Backdoor posing as a Windows update
https://securityaffairs.co/wordpress/137410/malware/undetectable-powershell-backdoor.html
Cybersecurity Workforce Study released.
https://thecyberwire.com/stories/8857909f273f46529695d5ea8caf954d/cybersecurity-workforce-study-released
Reverse Engineering the Apple MultiPeer Connectivity Framework
https://www.reddit.com/r/netsec/comments/y907qk/reverse_engineering_the_apple_multipeer/
ISC StormCast for Friday, October 21st, 2022
https://isc.sans.edu/podcastdetail.html?id=8224
GuLoader Malware Disguised as a Word File Being Distributed in Korea
https://malware.news/t/guloader-malware-disguised-as-a-word-file-being-distributed-in-korea/64374#post_1
ISC Stormcast For Friday, October 21st, 2022 https://isc.sans.edu/podcastdetail.html?id=8224, (Fri, Oct 21st)
https://isc.sans.edu/diary/rss/29172
5 essential security tips for SMBs
https://www.malwarebytes.com/blog/business/2022/10/5-essential-security-tips-for-smbs
Google Launches GUAC Open Source Project to Secure Software Supply Chain
https://thehackernews.com/2022/10/google-launches-guac-open-source.html
SHA-3 Buffer Overflow - CVE-2022-37454
https://www.reddit.com/r/netsec/comments/y98ox2/sha3_buffer_overflow_cve202237454/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Log4J-scan update: Detection for Apache Commons Text RCE...
Posted in r/netsec by u/mazen160 • 2 points and 0 comments
Top Security News for 22/10/2022
Looking for student debt relief? Watch out for scammers says the FBI
https://malware.news/t/looking-for-student-debt-relief-watch-out-for-scammers-says-the-fbi/64400#post_1
Wicked Good Development Episode #16: Ted Neward’s Philosophy 101
https://malware.news/t/wicked-good-development-episode-16-ted-neward-s-philosophy-101/64396#post_1
TikTok allegedly planned to track US user data. Medibank data breach worsens. US hospitals report a Meta Pixel breach.
https://thecyberwire.com/newsletters/privacy-briefing/4/203
Critical Flaw Reported in Move Virtual Machine Powering the Aptos Blockchain Network
https://thehackernews.com/2022/10/critical-flaw-reported-in-move-virtual.html
Former cop abused unrevoked system access to extort women
https://www.malwarebytes.com/blog/news/2022/10/former-kentucky-cop-abused-access-to-hack-snapchat-accounts
5 quick tips for better Android phone security right now
https://malware.news/t/5-quick-tips-for-better-android-phone-security-right-now/64398#post_1
News URSNIF variant doesn’t support banking features
https://securityaffairs.co/wordpress/137435/malware/ursnif-shift-backdoor.html
Former cop abused unrevoked system access to extort women
https://malware.news/t/former-cop-abused-unrevoked-system-access-to-extort-women/64399#post_1
Jon Hencinski of Expel to discuss their second Quarterly Threat Report.
https://thecyberwire.com/podcasts/interview-selects/133/notes
Looking for student debt relief? Watch out for scammers says the FBI
https://www.malwarebytes.com/blog/news/2022/10/psa-scammers-likely-to-target-student-loan-relief-applicants
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Looking for student debt relief? Watch out for scammers says the FBI
https://malware.news/t/looking-for-student-debt-relief-watch-out-for-scammers-says-the-fbi/64400#post_1
Wicked Good Development Episode #16: Ted Neward’s Philosophy 101
https://malware.news/t/wicked-good-development-episode-16-ted-neward-s-philosophy-101/64396#post_1
TikTok allegedly planned to track US user data. Medibank data breach worsens. US hospitals report a Meta Pixel breach.
https://thecyberwire.com/newsletters/privacy-briefing/4/203
Critical Flaw Reported in Move Virtual Machine Powering the Aptos Blockchain Network
https://thehackernews.com/2022/10/critical-flaw-reported-in-move-virtual.html
Former cop abused unrevoked system access to extort women
https://www.malwarebytes.com/blog/news/2022/10/former-kentucky-cop-abused-access-to-hack-snapchat-accounts
5 quick tips for better Android phone security right now
https://malware.news/t/5-quick-tips-for-better-android-phone-security-right-now/64398#post_1
News URSNIF variant doesn’t support banking features
https://securityaffairs.co/wordpress/137435/malware/ursnif-shift-backdoor.html
Former cop abused unrevoked system access to extort women
https://malware.news/t/former-cop-abused-unrevoked-system-access-to-extort-women/64399#post_1
Jon Hencinski of Expel to discuss their second Quarterly Threat Report.
https://thecyberwire.com/podcasts/interview-selects/133/notes
Looking for student debt relief? Watch out for scammers says the FBI
https://www.malwarebytes.com/blog/news/2022/10/psa-scammers-likely-to-target-student-loan-relief-applicants
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Looking for student debt relief? Watch out for scammers says the FBI
The FBI believes that scammers may be after people applying for the One-Time Federal Student Loan Debt Relief, a program announced by the Biden-Harris Administration in August 2022 that provides up to $20,000 in student loan debt relief. In a recent public…
Top Security News for 23/10/2022
Quickpost: Testing A Lemon Battery
https://malware.news/t/quickpost-testing-a-lemon-battery/64406#post_1
Analysis of thousands of active API tokens leaked via public package repositories
https://www.reddit.com/r/netsec/comments/yawkzl/analysis_of_thousands_of_active_api_tokens_leaked/
Computer flagged for possibly having malware by websites
https://www.reddit.com/r/Malware/comments/yauee7/computer_flagged_for_possibly_having_malware_by/
rtfdump's Find Option, (Sat, Oct 22nd)
https://isc.sans.edu/diary/rss/29174
Collect information of internet-connected sandboxes
https://www.reddit.com/r/netsec/comments/yanjp0/collect_information_of_internetconnected_sandboxes/
Q&A: Kenneth Geers on the cyber war between Ukraine and Russia
https://malware.news/t/q-a-kenneth-geers-on-the-cyber-war-between-ukraine-and-russia/64403#post_1
The Curious Case of ManageEngine’s Password Manager Pro's Password Database
https://www.reddit.com/r/netsec/comments/yb4rje/the_curious_case_of_manageengines_password/
Rtfdump's Find Option, (Sat, Oct 22nd)
https://malware.news/t/rtfdumps-find-option-sat-oct-22nd/64405#post_1
Update: rtfdump.py Version 0.0.12
https://malware.news/t/update-rtfdump-py-version-0-0-12/64402#post_1
Weekly News Roundup — October 16 to October 22
https://malware.news/t/weekly-news-roundup-october-16-to-october-22/64404#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Quickpost: Testing A Lemon Battery
https://malware.news/t/quickpost-testing-a-lemon-battery/64406#post_1
Analysis of thousands of active API tokens leaked via public package repositories
https://www.reddit.com/r/netsec/comments/yawkzl/analysis_of_thousands_of_active_api_tokens_leaked/
Computer flagged for possibly having malware by websites
https://www.reddit.com/r/Malware/comments/yauee7/computer_flagged_for_possibly_having_malware_by/
rtfdump's Find Option, (Sat, Oct 22nd)
https://isc.sans.edu/diary/rss/29174
Collect information of internet-connected sandboxes
https://www.reddit.com/r/netsec/comments/yanjp0/collect_information_of_internetconnected_sandboxes/
Q&A: Kenneth Geers on the cyber war between Ukraine and Russia
https://malware.news/t/q-a-kenneth-geers-on-the-cyber-war-between-ukraine-and-russia/64403#post_1
The Curious Case of ManageEngine’s Password Manager Pro's Password Database
https://www.reddit.com/r/netsec/comments/yb4rje/the_curious_case_of_manageengines_password/
Rtfdump's Find Option, (Sat, Oct 22nd)
https://malware.news/t/rtfdumps-find-option-sat-oct-22nd/64405#post_1
Update: rtfdump.py Version 0.0.12
https://malware.news/t/update-rtfdump-py-version-0-0-12/64402#post_1
Weekly News Roundup — October 16 to October 22
https://malware.news/t/weekly-news-roundup-october-16-to-october-22/64404#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Quickpost: Testing A Lemon Battery
In a chat with my colleagues, we were joking about charging smartphones with a lemon battery. And I actually wanted to know what magnitude of electrical energy we were talking about. So I connected a lemon battery to an electronic load: I took a lemon…
Top Security News for 24/10/2022
Hackers stole sensitive data from Iran’s atomic energy agency
https://securityaffairs.co/wordpress/137513/hacking/hackers-stole-sensitive-data-from-irans-atomic-energy-agency.html
The RISC Deprogrammer
https://malware.news/t/the-risc-deprogrammer/64408#post_1
Outsourcer Interserve fined £4.4m for failing to stop cyber-attack
https://www.theguardian.com/business/2022/oct/24/outsourcer-interserve-fined-4-point-4m-cyber-attack-failings-data-breach-personal-information
Sandfly Security Code Audit and Continuous Monitoring
https://malware.news/t/sandfly-security-code-audit-and-continuous-monitoring/64409#post_1
Bringing Modern Authentication APIs (FIDO2 WebAuthn, Passkeys) to Linux Desktop
https://www.reddit.com/r/netsec/comments/ybd7s8/bringing_modern_authentication_apis_fido2/
ISC StormCast for Monday, October 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8226
ISC Stormcast For Monday, October 24th, 2022 https://isc.sans.edu/podcastdetail.html?id=8226, (Mon, Oct 24th)
https://malware.news/t/isc-stormcast-for-monday-october-24th-2022-https-isc-sans-edu-podcastdetail-html-id-8226-mon-oct-24th/64411#post_1
ISC Stormcast For Monday, October 24th, 2022 https://isc.sans.edu/podcastdetail.html?id=8226, (Mon, Oct 24th)
https://isc.sans.edu/diary/rss/29178
CISA Alert AA22-294A – #StopRansomware: Daixin Team.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/35/notes
Wholesale giant METRO confirmed to have suffered a cyberattack
https://securityaffairs.co/wordpress/137506/hacking/metro-confirmed-cyberattack.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Hackers stole sensitive data from Iran’s atomic energy agency
https://securityaffairs.co/wordpress/137513/hacking/hackers-stole-sensitive-data-from-irans-atomic-energy-agency.html
The RISC Deprogrammer
https://malware.news/t/the-risc-deprogrammer/64408#post_1
Outsourcer Interserve fined £4.4m for failing to stop cyber-attack
https://www.theguardian.com/business/2022/oct/24/outsourcer-interserve-fined-4-point-4m-cyber-attack-failings-data-breach-personal-information
Sandfly Security Code Audit and Continuous Monitoring
https://malware.news/t/sandfly-security-code-audit-and-continuous-monitoring/64409#post_1
Bringing Modern Authentication APIs (FIDO2 WebAuthn, Passkeys) to Linux Desktop
https://www.reddit.com/r/netsec/comments/ybd7s8/bringing_modern_authentication_apis_fido2/
ISC StormCast for Monday, October 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8226
ISC Stormcast For Monday, October 24th, 2022 https://isc.sans.edu/podcastdetail.html?id=8226, (Mon, Oct 24th)
https://malware.news/t/isc-stormcast-for-monday-october-24th-2022-https-isc-sans-edu-podcastdetail-html-id-8226-mon-oct-24th/64411#post_1
ISC Stormcast For Monday, October 24th, 2022 https://isc.sans.edu/podcastdetail.html?id=8226, (Mon, Oct 24th)
https://isc.sans.edu/diary/rss/29178
CISA Alert AA22-294A – #StopRansomware: Daixin Team.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/35/notes
Wholesale giant METRO confirmed to have suffered a cyberattack
https://securityaffairs.co/wordpress/137506/hacking/metro-confirmed-cyberattack.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Hackers stole sensitive data from Iran’s atomic energy agency - Security Affairs
Iran’s atomic energy agency claims that alleged state-sponsored hackers have compromised its email system.