Top Security News for 05/10/2022

ProxyNotShell – the New Proxy Hell?
https://thehackernews.com/2022/10/proxynotshell-new-proxy-hell.html

Optus Hack Exposes Data of Nearly 2.1 Million Australian Telecom Customers
https://thehackernews.com/2022/10/optus-hack-exposes-data-of-nearly-21.html

Back to Basics: Cybersecurity's Weakest Link
https://thehackernews.com/2022/10/back-to-basics-cybersecuritys-weakest.html

TSUBAME Report Overflow (Apr-Jun 2022)
https://malware.news/t/tsubame-report-overflow-apr-jun-2022/63916/1

TikTok's "secret operation" tracks you even if you don't use it
https://malware.news/t/tiktoks-secret-operation-tracks-you-even-if-you-dont-use-it/63912/1

Cybersecurity awareness tips from Microsoft to empower your team to #BeCyberSmart
https://www.microsoft.com/security/blog/2022/10/04/cybersecurity-awareness-tips-from-microsoft-to-empower-your-team-to-becybersmart/

Mitigation for Exchange Zero-Days Bypassed! Microsoft Issues New Workarounds
https://thehackernews.com/2022/10/mitigation-for-exchange-zero-days.html

Dell launches new cybersecurity resources to enhance zero-trust adoption, cyber resilience
https://www.csoonline.com/article/3675558/dell-launches-new-cybersecurity-resources-to-enhance-zero-trust-adoption-cyber-resilience.html#tk.rss_all

Wireshark 4.0.0 has been released
https://www.reddit.com/r/netsec/comments/xw0q7c/wireshark_400_has_been_released/

Pixel 6 bootloader: Emulation, ROP
https://www.reddit.com/r/netsec/comments/xw1uxc/pixel_6_bootloader_emulation_rop/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 06/10/2022

NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/05-10-2022

MSSQL, meet Maggie - a novel backdoor for MSSQL servers.
https://www.reddit.com/r/netsec/comments/xvdyri/mssql_meet_maggie_a_novel_backdoor_for_mssql/

Telstra Telecom Suffers Data Breach Potentially Exposing Employee Information
https://thehackernews.com/2022/10/telstra-telecom-suffers-data-breach.html

Customer Field enhancement at Delivery Level in EWM
https://malware.news/t/customer-field-enhancement-at-delivery-level-in-ewm/63961/1

Kocho acquires Mobliciti. NetSPI receives $410 million in funding. Optus breach fallout.
https://thecyberwire.com/newsletters/business-briefing/4/40

Talkin’ About Infosec News – 10/5/2022
https://malware.news/t/talkin-about-infosec-news-10-5-2022/63960/1

Microsoft updates guidance for ‘ProxyNotShell’ bugs after researchers get around mitigations
https://malware.news/t/microsoft-updates-guidance-for-proxynotshell-bugs-after-researchers-get-around-mitigations/63957/1

A Deep Dive of CVE-2022–33987 (Got allows a redirect to a UNIX socket)
https://www.reddit.com/r/netsec/comments/xwre1m/a_deep_dive_of_cve202233987_got_allows_a_redirect/

What is cyber quantum computing?
https://thecyberwire.com/podcasts/hacking-humans/215/notes

How to encrypt a folder in MacOS to keep sensitive data from prying eyes
https://malware.news/t/how-to-encrypt-a-folder-in-macos-to-keep-sensitive-data-from-prying-eyes/63959/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 07/10/2022

Details Released for Recently Patched new macOS Archive Utility Vulnerability
https://thehackernews.com/2022/10/details-released-for-recently-patched.html

NetWalker Ransomware Scumbag Jailed For 20 Years
https://packetstormsecurity.com/news/view/33919/NetWalker-Ransomware-Scumbag-Jailed-For-20-Years.html

ISC StormCast for Friday, October 7th, 2022
https://isc.sans.edu/podcastdetail.html?id=8204

Government considers centralising digital ID verification on myGov in wake of Optus breach
https://www.theguardian.com/technology/2022/oct/07/government-considers-centralising-digital-id-verification-on-mygov-in-wake-of-optus-breach

CVE-2022-41343 - RCE via Phar Deserialisation (Dompdf)
https://www.reddit.com/r/netsec/comments/xwyf9o/cve202241343_rce_via_phar_deserialisation_dompdf/

Fully loaded: testing vulnerable PyYAML versions
https://www.reddit.com/r/netsec/comments/xxc2aa/fully_loaded_testing_vulnerable_pyyaml_versions/

Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan
https://www.csoonline.com/article/3675559/dashlane-launches-new-dark-web-insights-tool-mfa-authenticator-app-small-biz-starter-plan.html#tk.rss_all

Former Uber Security Chief Found Guilty of Data Breach Coverup
https://thehackernews.com/2022/10/former-uber-security-chief-found-guilty.html

TransUnion taps behavioral analytics to aid fraud detection, curb false positives
https://www.csoonline.com/article/3675955/transunion-taps-behavioral-analytics-to-aid-fraud-detection-curb-false-positives.html#tk.rss_all

Ransomware review: September 2022
https://www.malwarebytes.com/blog/threat-intelligence/2022/10/ransomware-review-september-2022


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 08/10/2022

Australian teen arrested for blackmailing Optus breach victims. CareOregon accidentally leaks member data. City of Tucson discloses data breach.
https://thecyberwire.com/podcasts/privacy-briefing/685/notes

3 actions Latin American leaders must take to reduce risk of cyberattacks
https://www.csoonline.com/article/3675961/3-actions-latin-american-leaders-must-take-to-reduce-risk-of-cyberattacks.html#tk.rss_all

This Week in Malware - Over 100 Packages Discovered
https://malware.news/t/this-week-in-malware-over-100-packages-discovered/64018#post_1

Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities
https://thehackernews.com/2022/10/microsoft-issues-improved-mitigations.html

Facebook Detects 400 Android and iOS Apps Stealing Users Log-in Credentials
https://thehackernews.com/2022/10/facebook-detects-400-android-and-ios.html

Microsoft warns of Exchange Server vulnerabilities. Hacktivists compromise Mexican government data. Patch news. Crime and punishment.
https://thecyberwire.com/newsletters/week-that-was/6/40

2600 KICKED OFF OF YOUTUBE FOR SARCASTIC REMARK
https://www.2600.com/content/2600-kicked-youtube-sarcastic-remark

A US EO addresses EU data privacy concerns. China’s favorite CVEs. Election security and credit risk. COVID phishbait. Notes from the hybrid war, including some really motivated draft evaders.
https://thecyberwire.com/podcasts/daily-podcast/1679/notes

Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy
https://thehackernews.com/2022/10/fortinet-warns-of-new-auth-bypass-flaw.html

securepupads.g.doubleclick.net removal
https://www.reddit.com/r/Malware/comments/xy5bdb/securepupadsgdoubleclicknet_removal/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 09/10/2022

Romance scammer given 25 years of alone time
https://malware.news/t/romance-scammer-given-25-years-of-alone-time/64021#post_1

What is torrenting and how does it work?
https://malware.news/t/what-is-torrenting-and-how-does-it-work/64025#post_1

Sysmon v14.1 Release, (Sat, Oct 8th)
https://isc.sans.edu/diary/rss/29126

Pentest reporting and the remediation cycle: Why aren’t we making progress?
https://thecyberwire.com/podcasts/cyberwire-x/39/notes

BlackByte Ransomware abuses vulnerable driver to bypass security solutions
https://securityaffairs.co/wordpress/136816/malware/blackbyte-ransomware-byovd-attack.html

Unpatched remote code execution flaw in Zimbra Collaboration Suite actively exploited
https://securityaffairs.co/wordpress/136800/hacking/zimbra-collaboration-suite-rce.html

Sysmon v14.1 Release, (Sat, Oct 8th)
https://malware.news/t/sysmon-v14-1-release-sat-oct-8th/64023#post_1

I had a pop up ad
https://www.reddit.com/r/Malware/comments/xzdzwu/i_had_a_pop_up_ad/

What can we learn from leaked Insyde's BIOS for Intel Alder Lake
https://www.reddit.com/r/netsec/comments/xyuwa7/what_can_we_learn_from_leaked_insydes_bios_for/

Key takeaways from ESET Threat Report T2 2022 – Week in security with Tony Anscombe
https://malware.news/t/key-takeaways-from-eset-threat-report-t2-2022-week-in-security-with-tony-anscombe/64026#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 10/10/2022

Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM
https://securityaffairs.co/wordpress/136866/cyber-crime/south-africa-eskom-everest-ransomware.html

Lloyd’s of London investigates alleged cyber attack
https://securityaffairs.co/wordpress/136834/security/lloyds-of-london-cyberattack.html

Curl's resolve Option, (Sun, Oct 9th)
https://isc.sans.edu/diary/rss/29132

Pt 2 – XDR: from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/64/notes

ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://isc.sans.edu/diary/rss/29134

ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://malware.news/t/isc-stormcast-for-monday-october-10th-2022-https-isc-sans-edu-podcastdetail-html-id-8206-mon-oct-10th/64030#post_1

Use case creation in SIEM - Malicious download
https://www.reddit.com/r/Malware/comments/xzmszq/use_case_creation_in_siem_malicious_download/

Is there a team recruiting？
https://0x00sec.org/t/is-there-a-team-recruiting/31635

Security Affairs newsletter Round 387
https://securityaffairs.co/wordpress/136857/breaking-news/security-affairs-newsletter-round-387.html

ISC StormCast for Monday, October 10th, 2022
https://isc.sans.edu/podcastdetail.html?id=8206


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 11/10/2022

Python and Malware: Writing a simple wiper malware
https://0x00sec.org/t/python-and-malware-writing-a-simple-wiper-malware/31652

GitLab: RCE via github import
https://www.reddit.com/r/netsec/comments/y0cnw1/gitlab_rce_via_github_import/

White House unveils Blueprint for an AI Bill of Rights
https://www.malwarebytes.com/blog/news/2022/10/the-white-houses-new-bill-of-rights-holds-big-tech-companies-accountable-for-their-ai

A week in security (October 3 – 9)
https://www.malwarebytes.com/blog/news/2022/10/a-week-in-security-october-3-9

Endor Labs offers dependency management platform for open source software
https://www.csoonline.com/article/3675963/endor-labs-offers-dependency-management-platform-for-open-source-software.html#tk.rss_all

White House unveils Blueprint for an AI Bill of Rights
https://malware.news/t/white-house-unveils-blueprint-for-an-ai-bill-of-rights/64045#post_1

ISC Stormcast For Tuesday, October 11th, 2022 https://isc.sans.edu/podcastdetail.html?id=8208, (Tue, Oct 11th)
https://malware.news/t/isc-stormcast-for-tuesday-october-11th-2022-https-isc-sans-edu-podcastdetail-html-id-8208-tue-oct-11th/64048#post_1

Hackers Steal $100 Million Cryptocurrency from Binance Bridge
https://thehackernews.com/2022/10/hackers-steal-100-million.html

Security Alert: Alert Regarding Authentication Bypass Vulnerability (CVE-2022-42458) in bingo!CMS
https://malware.news/t/security-alert-alert-regarding-authentication-bypass-vulnerability-cve-2022-42458-in-bingo-cms/64049#post_1

Persistent PHP payloads in PNGs: How to inject PHP code in an image and keep it there!
https://www.reddit.com/r/netsec/comments/y0jlzp/persistent_php_payloads_in_pngs_how_to_inject_php/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 12/10/2022

postMessage Braindump - a brief postMessage testing methodology
https://www.reddit.com/r/netsec/comments/y1tehd/postmessage_braindump_a_brief_postmessage_testing/

Uncovering Siemens SIMATIC S7-1200/1500 Hardcoded Cryptographic Keys in PLCs
https://www.reddit.com/r/netsec/comments/y19lns/uncovering_siemens_simatic_s712001500_hardcoded/

An 18 year scam odyssey of stranded astronauts
https://www.malwarebytes.com/blog/news/2022/10/an-18-year-scam-odyssey-of-stranded-astronauts

Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox
https://thehackernews.com/2022/10/researchers-detail-critical-rce-flaw.html

Meta warns Facebook users about malicious apps. Toyota leaves the keys in the car door. Dialog IT discloses security incident.
https://thecyberwire.com/podcasts/privacy-briefing/686/notes

The Fresh Phish Market: Behind the Scenes of the Caffeine Phishing-as-a-Service Platform
https://www.reddit.com/r/netsec/comments/y1hkqk/the_fresh_phish_market_behind_the_scenes_of_the/

Caffeine phishing-as-a-service platform. Malicious apps in official app stores. New Android spyware.
https://thecyberwire.com/podcasts/research-briefing/138/notes

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/11-10-2022

Smart lights vulnerable to "blink and you'll miss it" attack
https://www.malwarebytes.com/blog/news/2022/10/smart-lighting-system-suffers-a-blink-and-youll-miss-it-attack

The Latest Funding News and What it Means for Cyber Security in 2023
https://thehackernews.com/2022/10/the-latest-funding-news-and-what-it.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 13/10/2022

Information overload, burnout, talent retention impacting SOC performance
https://www.csoonline.com/article/3676135/information-overload-burnout-talent-retention-impacting-soc-performance.html#tk.rss_all

Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections
https://www.microsoft.com/security/blog/2022/10/12/introducing-new-microsoft-defender-for-cloud-innovations-to-strengthen-cloud-native-protections/

Update now! October patch Tuesday fixes actively used zero-day...but not the one you expected
https://malware.news/t/update-now-october-patch-tuesday-fixes-actively-used-zero-day-but-not-the-one-you-expected/64139#post_1

Sandfly 4.2 - Automatic Host Discovery and Faster Than Ever
https://malware.news/t/sandfly-4-2-automatic-host-discovery-and-faster-than-ever/64143#post_1

Prevent Ransomware Attacks on Critical Infrastructure
https://malware.news/t/prevent-ransomware-attacks-on-critical-infrastructure/64141#post_1

Top 5 ransomware detection techniques: Pros and cons of each
https://www.malwarebytes.com/blog/business/2022/10/top-5-ransomware-detection-techniques-pros-and-cons-of-each

5 cybersecurity capabilities announced at Microsoft Ignite 2022 to help you secure more with less
https://www.microsoft.com/security/blog/2022/10/12/5-cybersecurity-capabilities-announced-at-microsoft-ignite-2022-to-help-you-secure-more-with-less/

Sharing my OSCP Pre-Preparation Plan which I once made for my own self, for those who are interested in getting OSCP certification soon. Here is the link:
https://www.reddit.com/r/netsec/comments/y206t3/sharing_my_oscp_prepreparation_plan_which_i_once/

Portnox adds IoT fingerprinting to network access control service
https://www.csoonline.com/article/3676232/portnox-adds-iot-fingerprinting-to-network-access-control-service.html#tk.rss_all

UK government sounds alarm on tax scams
https://www.malwarebytes.com/blog/news/2022/10/ukgov-sounds-alarm-on-hmrc-tax-scams


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 14/10/2022

Cybersecurity labels. Transatlantic data sharing agreement update. US restricts chip exports to China. CISA will not share industry feedback on performance goals. 3.22
https://thecyberwire.com/newsletters/policy-briefing/4/197

What the cybercriminals are up to: improving their tools and carrying out the same old dreary social engineering. Budworm APT sightings. And the state of Russia’s hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1682/notes

Emotet ups its game. Budworm APT sightings. Social engineering scams. Internet takedown and recovery.
https://thecyberwire.com/newsletters/daily-briefing/11/197

Fashion company fined for data breach. Arizona city suffers data breach after hacker breaks into user account. Massive trove of credit card data dumped on dark web.
https://thecyberwire.com/podcasts/privacy-briefing/688/notes

Budworm Hackers Resurface with New Espionage Attacks Aimed at U.S. Organization
https://thehackernews.com/2022/10/budworm-hackers-resurface-with-new.html

RPC Toolkit - security research oriented resources on MS-RPC (articles, PoCs, vulnerability write-ups, tools, etc.)
https://www.reddit.com/r/netsec/comments/y2ubqx/rpc_toolkit_security_research_oriented_resources/

Chinese APT's favorite vulnerabilities revealed
https://malware.news/t/chinese-apts-favorite-vulnerabilities-revealed/64178#post_1

What the Uber verdict means to CISOs: You're (probably) not going to jail
https://www.csoonline.com/article/3676078/what-the-uber-verdict-means-to-cisos-youre-probably-not-going-to-jail.html#tk.rss_all

How to Investigate Insider Threats (Forensic Methodology)
https://www.reddit.com/r/netsec/comments/y30in9/how_to_investigate_insider_threats_forensic/

ISC Stormcast For Friday, October 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8214, (Fri, Oct 14th)
https://isc.sans.edu/diary/rss/29148


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 16/10/2022

New PHP Version of Ducktail info-stealer hijacks Facebook Business accounts
https://securityaffairs.co/wordpress/137145/malware/ducktail-php-targets-facebook.html

Userbenchmark
https://www.reddit.com/r/Malware/comments/y52asz/userbenchmark/

FBI, CISA warn of disinformation ahead of midterms
https://malware.news/t/fbi-cisa-warn-of-disinformation-ahead-of-midterms/64206#post_1

Cyber confidence: Knowing what you have and where it is.
https://thecyberwire.com/podcasts/cyberwire-x/40/notes

FBI, CISA warn of disinformation ahead of midterms
https://www.malwarebytes.com/blog/news/2022/10/fbi-and-cisa-urge-americans-to-be-critical-of-information-in-light-of-midterm-election

Malware - Covid Vaccination Supplier Declaration, (Sat, Oct 15th)
https://malware.news/t/malware-covid-vaccination-supplier-declaration-sat-oct-15th/64207#post_1

Amanda Adams: Pivoting into the tech world.
https://thecyberwire.com/podcasts/career-notes/121/notes

Indian power generation giant Tata Power hit by a cyber attack
https://securityaffairs.co/wordpress/137130/hacking/tata-power-cyber-attack.html

Social Engineering and Breaking into Stuff with Jenny Radcliffe
https://thecyberwire.com/podcasts/8th-layer-insights/26/notes

Malware - Covid Vaccination Supplier Declaration, (Sat, Oct 15th)
https://isc.sans.edu/diary/rss/29150


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 17/10/2022

Rozwiązania MSHP CTF (październik 2022)
https://gynvael.coldwind.pl/?id=756

Regulator: A unique method of subdomain enumeration
https://www.reddit.com/r/netsec/comments/y5muc1/regulator_a_unique_method_of_subdomain_enumeration/

ISC Stormcast For Monday, October 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8216, (Mon, Oct 17th)
https://isc.sans.edu/diary/rss/29154

Android and iOS leak some data outside VPNs
https://malware.news/t/android-and-ios-leak-some-data-outside-vpns/64213#post_1

Mysterious Prestige ransomware targets organizations in Ukraine and Poland
https://securityaffairs.co/wordpress/137203/apt/prestige-ransomware-targets-ukraine.html

Cybercriminals use Hurricane Ian as lure for scams, theft of FEMA funds
https://malware.news/t/cybercriminals-use-hurricane-ian-as-lure-for-scams-theft-of-fema-funds/64210#post_1

Weekly News Roundup — October 9 to October 15
https://malware.news/t/weekly-news-roundup-october-9-to-october-15/64211#post_1

Security Affairs newsletter Round 389
https://securityaffairs.co/wordpress/137161/breaking-news/security-affairs-newsletter-round-389.html

17th October – Threat Intelligence Report
https://malware.news/t/17th-october-threat-intelligence-report/64209#post_1

Video: Analysis of a Malicious HTML File (QBot), (Sun, Oct 16th)
https://isc.sans.edu/diary/rss/29152


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 18/10/2022

MyDeal discloses breach. Election software CEO charged. FamilySearch discloses data breach. University of P.R. student involved in privacy violation.
https://thecyberwire.com/podcasts/privacy-briefing/690/notes

Zimbra Releases Patch for Actively Exploited Vulnerability in its Collaboration Suite
https://thehackernews.com/2022/10/zimbra-releases-patch-for-actively.html

Toner Deaf – Printing your next persistence (Hexacon 2022)
https://www.reddit.com/r/netsec/comments/y66era/toner_deaf_printing_your_next_persistence_hexacon/

Python Obfuscation for Dummies, (Tue, Oct 18th)
https://malware.news/t/python-obfuscation-for-dummies-tue-oct-18th/64243#post_1

Software Patch Management Policy Best Practices
https://malware.news/t/software-patch-management-policy-best-practices/64244#post_1

Black Basta Ransomware Hackers Infiltrate Networks via Qakbot to Deploy Brute Ratel C4
https://thehackernews.com/2022/10/black-basta-ransomware-hackers.html

Domain spoofing (noun)
https://thecyberwire.com/podcasts/word-notes/121/notes

Why Crypto Winter is No Excuse to Let Your Cyber Defenses Falter
https://thehackernews.com/2022/10/why-crypto-winter-is-no-excuse-to-let.html

Tata Power sustains cyberattack. Influence operations and battlespace prep. Ransom Cartel looks a lot like REvil. Notes from Russia’s hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1684/notes

Researchers Say Microsoft Office 365 Uses Broken Email Encryption to Secure Messages
https://thehackernews.com/2022/10/researchers-claim-microsoft-office-365.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 19/10/2022

Altruism under attack: why cybersecurity has become essential to humanitarian nonprofits
https://www.csoonline.com/article/3676668/altruism-under-attack-why-cybersecurity-has-become-essential-to-humanitarian-nonprofits.html#tk.rss_all

CVE-2022-42889 (Text4Shell) OSS detector - Finds possibly vulnerable JAR files
https://www.reddit.com/r/netsec/comments/y7aohf/cve202242889_text4shell_oss_detector_finds/

Fake tractor fraudsters plague online transactions
https://www.malwarebytes.com/blog/news/2022/10/fake-tractor-fraudsters-plague-online-transactions

ISC StormCast for Wednesday, October 19th, 2022
https://isc.sans.edu/podcastdetail.html?id=8220

Data Collection
https://malware.news/t/data-collection/64276#post_1

CVE-2022-28762: Zoom for macOS contains a debugging port misconfiguration
https://securityaffairs.co/wordpress/137266/security/zoom-macos-cve-2022-28762.html

FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684) + PoC
https://www.reddit.com/r/netsec/comments/y3lgv3/fortios_fortiproxy_and_fortiswitchmanager/

Our new scanner for Text4Shell
https://www.reddit.com/r/netsec/comments/y7gf09/our_new_scanner_for_text4shell/

Security Alert: Oracle Releases Critical Patch Update, October 2022
https://malware.news/t/security-alert-oracle-releases-critical-patch-update-october-2022/64278#post_1

How to spot a scam
https://malware.news/t/how-to-spot-a-scam/64274#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 20/10/2022

Researchers Detail Azure SFX Flaw That Could've Allowed Attackers to Gain Admin Access
https://thehackernews.com/2022/10/researchers-detail-azure-sfx-flaw-that.html

Chinese Hackers Targeting Online Casinos with GamePlayerFramework Malware
https://thehackernews.com/2022/10/chinese-hackers-targeting-online.html

ISC Stormcast For Thursday, October 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8222, (Thu, Oct 20th)
https://malware.news/t/isc-stormcast-for-thursday-october-20th-2022-https-isc-sans-edu-podcastdetail-html-id-8222-thu-oct-20th/64324#post_1

Why Log4Text is not another Log4Shell
https://www.malwarebytes.com/blog/news/2022/10/why-log4text-is-not-another-log4shell

Do more with less—Discover the latest Microsoft Entra innovations
https://www.microsoft.com/security/blog/2022/10/19/do-more-with-less-discover-the-latest-microsoft-entra-innovations/

Fantastic Rootkits: And Where to Find Them (Part 1)
https://www.reddit.com/r/netsec/comments/y8jucu/fantastic_rootkits_and_where_to_find_them_part_1/

The cost to businesses of phishing.
https://thecyberwire.com

Ransomware attack freezes newspaper printing system
https://www.malwarebytes.com/blog/news/2022/10/ransomware-attack-freezes-newspaper-printing-system

HTTP/3 connection contamination: an upcoming threat
https://www.reddit.com/r/netsec/comments/y82ude/http3_connection_contamination_an_upcoming_threat/

Supply chain attacks increased over 600% this year and companies are falling behind
https://www.csoonline.com/article/3677228/supply-chain-attacks-increased-over-600-this-year-and-companies-are-falling-behind.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 21/10/2022

Log4J-scan update: Detection for Apache Commons Text RCE (CVE-2022-42889)
https://www.reddit.com/r/netsec/comments/y91sp9/log4jscan_update_detection_for_apache_commons/

Experts spotted a new undetectable PowerShell Backdoor posing as a Windows update
https://securityaffairs.co/wordpress/137410/malware/undetectable-powershell-backdoor.html

Cybersecurity Workforce Study released.
https://thecyberwire.com/stories/8857909f273f46529695d5ea8caf954d/cybersecurity-workforce-study-released

Reverse Engineering the Apple MultiPeer Connectivity Framework
https://www.reddit.com/r/netsec/comments/y907qk/reverse_engineering_the_apple_multipeer/

ISC StormCast for Friday, October 21st, 2022
https://isc.sans.edu/podcastdetail.html?id=8224

GuLoader Malware Disguised as a Word File Being Distributed in Korea
https://malware.news/t/guloader-malware-disguised-as-a-word-file-being-distributed-in-korea/64374#post_1

ISC Stormcast For Friday, October 21st, 2022 https://isc.sans.edu/podcastdetail.html?id=8224, (Fri, Oct 21st)
https://isc.sans.edu/diary/rss/29172

5 essential security tips for SMBs
https://www.malwarebytes.com/blog/business/2022/10/5-essential-security-tips-for-smbs

Google Launches GUAC Open Source Project to Secure Software Supply Chain
https://thehackernews.com/2022/10/google-launches-guac-open-source.html

SHA-3 Buffer Overflow - CVE-2022-37454
https://www.reddit.com/r/netsec/comments/y98ox2/sha3_buffer_overflow_cve202237454/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 22/10/2022

Looking for student debt relief? Watch out for scammers says the FBI
https://malware.news/t/looking-for-student-debt-relief-watch-out-for-scammers-says-the-fbi/64400#post_1

Wicked Good Development Episode #16: Ted Neward’s Philosophy 101
https://malware.news/t/wicked-good-development-episode-16-ted-neward-s-philosophy-101/64396#post_1

TikTok allegedly planned to track US user data. Medibank data breach worsens. US hospitals report a Meta Pixel breach.
https://thecyberwire.com/newsletters/privacy-briefing/4/203

Critical Flaw Reported in Move Virtual Machine Powering the Aptos Blockchain Network
https://thehackernews.com/2022/10/critical-flaw-reported-in-move-virtual.html

Former cop abused unrevoked system access to extort women
https://www.malwarebytes.com/blog/news/2022/10/former-kentucky-cop-abused-access-to-hack-snapchat-accounts

5 quick tips for better Android phone security right now
https://malware.news/t/5-quick-tips-for-better-android-phone-security-right-now/64398#post_1

News URSNIF variant doesn’t support banking features
https://securityaffairs.co/wordpress/137435/malware/ursnif-shift-backdoor.html

Former cop abused unrevoked system access to extort women
https://malware.news/t/former-cop-abused-unrevoked-system-access-to-extort-women/64399#post_1

Jon Hencinski of Expel to discuss their second Quarterly Threat Report.
https://thecyberwire.com/podcasts/interview-selects/133/notes

Looking for student debt relief? Watch out for scammers says the FBI
https://www.malwarebytes.com/blog/news/2022/10/psa-scammers-likely-to-target-student-loan-relief-applicants


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 23/10/2022

Quickpost: Testing A Lemon Battery
https://malware.news/t/quickpost-testing-a-lemon-battery/64406#post_1

Analysis of thousands of active API tokens leaked via public package repositories
https://www.reddit.com/r/netsec/comments/yawkzl/analysis_of_thousands_of_active_api_tokens_leaked/

Computer flagged for possibly having malware by websites
https://www.reddit.com/r/Malware/comments/yauee7/computer_flagged_for_possibly_having_malware_by/

rtfdump's Find Option, (Sat, Oct 22nd)
https://isc.sans.edu/diary/rss/29174

Collect information of internet-connected sandboxes
https://www.reddit.com/r/netsec/comments/yanjp0/collect_information_of_internetconnected_sandboxes/

Q&A: Kenneth Geers on the cyber war between Ukraine and Russia
https://malware.news/t/q-a-kenneth-geers-on-the-cyber-war-between-ukraine-and-russia/64403#post_1

The Curious Case of ManageEngine’s Password Manager Pro's Password Database
https://www.reddit.com/r/netsec/comments/yb4rje/the_curious_case_of_manageengines_password/

Rtfdump's Find Option, (Sat, Oct 22nd)
https://malware.news/t/rtfdumps-find-option-sat-oct-22nd/64405#post_1

Update: rtfdump.py Version 0.0.12
https://malware.news/t/update-rtfdump-py-version-0-0-12/64402#post_1

Weekly News Roundup — October 16 to October 22
https://malware.news/t/weekly-news-roundup-october-16-to-october-22/64404#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 24/10/2022

Hackers stole sensitive data from Iran’s atomic energy agency
https://securityaffairs.co/wordpress/137513/hacking/hackers-stole-sensitive-data-from-irans-atomic-energy-agency.html

The RISC Deprogrammer
https://malware.news/t/the-risc-deprogrammer/64408#post_1

Outsourcer Interserve fined £4.4m for failing to stop cyber-attack
https://www.theguardian.com/business/2022/oct/24/outsourcer-interserve-fined-4-point-4m-cyber-attack-failings-data-breach-personal-information

Sandfly Security Code Audit and Continuous Monitoring
https://malware.news/t/sandfly-security-code-audit-and-continuous-monitoring/64409#post_1

Bringing Modern Authentication APIs (FIDO2 WebAuthn, Passkeys) to Linux Desktop
https://www.reddit.com/r/netsec/comments/ybd7s8/bringing_modern_authentication_apis_fido2/

ISC StormCast for Monday, October 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8226

ISC Stormcast For Monday, October 24th, 2022 https://isc.sans.edu/podcastdetail.html?id=8226, (Mon, Oct 24th)
https://malware.news/t/isc-stormcast-for-monday-october-24th-2022-https-isc-sans-edu-podcastdetail-html-id-8226-mon-oct-24th/64411#post_1

ISC Stormcast For Monday, October 24th, 2022 https://isc.sans.edu/podcastdetail.html?id=8226, (Mon, Oct 24th)
https://isc.sans.edu/diary/rss/29178

CISA Alert AA22-294A – #StopRansomware: Daixin Team.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/35/notes

Wholesale giant METRO confirmed to have suffered a cyberattack
https://securityaffairs.co/wordpress/137506/hacking/metro-confirmed-cyberattack.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 25/10/2022

Exploit archaeology: A forensic history of in-the-wild NSO Group exploits
https://www.reddit.com/r/netsec/comments/ycnmdq/exploit_archaeology_a_forensic_history_of/

Ukraine at D+242: Infrastructure remains a target.
https://thecyberwire.com/stories/4583eb279fb8484ea5fc4a1e724f3ad8/ukraine-at-d242

Secure your endpoints with Transparity and Microsoft
https://www.microsoft.com/en-us/security/blog/2022/10/24/secure-your-endpoints-with-transparity-and-microsoft/

Security experts targeted with malicious CVE PoC exploits on GitHub
https://securityaffairs.co/wordpress/137527/hacking/malicious-github-repositories.html

A gym heist in London goes cyber
https://www.malwarebytes.com/blog/podcast/2022/10/a-gym-heist-goes-cyber-in-london

Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability
https://thehackernews.com/2022/10/apple-releases-patch-for-new-actively.html

A week in security (October 17 - 23)
https://www.malwarebytes.com/blog/news/2022/10/a-week-in-security-october-17-23

Talk recordings from DEF CON 30
https://www.reddit.com/r/netsec/comments/yc9xkz/talk_recordings_from_def_con_30/

Cisco warns of ISE vulnerability with no fixed release or workaround
https://www.malwarebytes.com/blog/news/2022/10/cisco-patch-needed-for-remote-file-access-vulnerability-in-identity-services-engine

Apple Patches Everything: October 2022 Edition, (Tue, Oct 25th)
https://isc.sans.edu/diary/rss/29182


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 26/10/2022

How businesses are gaining integrated data protection with Microsoft Purview
https://www.microsoft.com/en-us/security/blog/2022/10/25/how-businesses-are-gaining-integrated-data-protection-with-microsoft-purview/

CISA Seeks Feedback on Baseline Measures to Secure Cloud Configuration
https://malware.news/t/cisa-seeks-feedback-on-baseline-measures-to-secure-cloud-configuration/64496#post_1

Indictments in PRC espionage cases. LogCrusher and OverLog. Update on the hybrid war. Two cyber trend studies.
https://thecyberwire.com/newsletters/daily-briefing/11/205

How the Software Supply Chain Security is Threatened by Hackers
https://thehackernews.com/2022/10/how-software-supply-chain-security-is.html

The Logging Dead: Two Event Log Vulnerabilities Haunting Windows
https://www.reddit.com/r/netsec/comments/yd1pdw/the_logging_dead_two_event_log_vulnerabilities/

Micropatches for Kerberos Elevation of Privilege (CVE-2022-33647, CVE-2022-33679)
https://malware.news/t/micropatches-for-kerberos-elevation-of-privilege-cve-2022-33647-cve-2022-33679/64498#post_1

IoT security strategy from enterprises using connected devices
https://www.networkworld.com/article/3677470/iot-security-strategy-from-those-who-use-connected-devices.html#tk.rss_all

Payment Terminal Malware Steals $3.3m Worth Of Credit Card Numbers
https://packetstormsecurity.com/news/view/33971/Payment-Terminal-Malware-Steals-3.3m-Worth-Of-Credit-Card-Numbers.html

“Baseball & Espionage” –with World Series Champion Ryan Zimmerman & Marc Polymeropoulous
https://thecyberwire.com/podcasts/spycast/561/notes

The Secrets Behind Uber's Breach
https://www.reddit.com/r/netsec/comments/ydebot/the_secrets_behind_ubers_breach/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman