Top Security News for 09/10/2022
Romance scammer given 25 years of alone time
https://malware.news/t/romance-scammer-given-25-years-of-alone-time/64021#post_1
What is torrenting and how does it work?
https://malware.news/t/what-is-torrenting-and-how-does-it-work/64025#post_1
Sysmon v14.1 Release, (Sat, Oct 8th)
https://isc.sans.edu/diary/rss/29126
Pentest reporting and the remediation cycle: Why aren’t we making progress?
https://thecyberwire.com/podcasts/cyberwire-x/39/notes
BlackByte Ransomware abuses vulnerable driver to bypass security solutions
https://securityaffairs.co/wordpress/136816/malware/blackbyte-ransomware-byovd-attack.html
Unpatched remote code execution flaw in Zimbra Collaboration Suite actively exploited
https://securityaffairs.co/wordpress/136800/hacking/zimbra-collaboration-suite-rce.html
Sysmon v14.1 Release, (Sat, Oct 8th)
https://malware.news/t/sysmon-v14-1-release-sat-oct-8th/64023#post_1
I had a pop up ad
https://www.reddit.com/r/Malware/comments/xzdzwu/i_had_a_pop_up_ad/
What can we learn from leaked Insyde's BIOS for Intel Alder Lake
https://www.reddit.com/r/netsec/comments/xyuwa7/what_can_we_learn_from_leaked_insydes_bios_for/
Key takeaways from ESET Threat Report T2 2022 – Week in security with Tony Anscombe
https://malware.news/t/key-takeaways-from-eset-threat-report-t2-2022-week-in-security-with-tony-anscombe/64026#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Romance scammer given 25 years of alone time
https://malware.news/t/romance-scammer-given-25-years-of-alone-time/64021#post_1
What is torrenting and how does it work?
https://malware.news/t/what-is-torrenting-and-how-does-it-work/64025#post_1
Sysmon v14.1 Release, (Sat, Oct 8th)
https://isc.sans.edu/diary/rss/29126
Pentest reporting and the remediation cycle: Why aren’t we making progress?
https://thecyberwire.com/podcasts/cyberwire-x/39/notes
BlackByte Ransomware abuses vulnerable driver to bypass security solutions
https://securityaffairs.co/wordpress/136816/malware/blackbyte-ransomware-byovd-attack.html
Unpatched remote code execution flaw in Zimbra Collaboration Suite actively exploited
https://securityaffairs.co/wordpress/136800/hacking/zimbra-collaboration-suite-rce.html
Sysmon v14.1 Release, (Sat, Oct 8th)
https://malware.news/t/sysmon-v14-1-release-sat-oct-8th/64023#post_1
I had a pop up ad
https://www.reddit.com/r/Malware/comments/xzdzwu/i_had_a_pop_up_ad/
What can we learn from leaked Insyde's BIOS for Intel Alder Lake
https://www.reddit.com/r/netsec/comments/xyuwa7/what_can_we_learn_from_leaked_insydes_bios_for/
Key takeaways from ESET Threat Report T2 2022 – Week in security with Tony Anscombe
https://malware.news/t/key-takeaways-from-eset-threat-report-t2-2022-week-in-security-with-tony-anscombe/64026#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Romance scammer given 25 years of alone time
Romance scams are often low risk, high reward strategies for ciminals, who use them to steal large sums of money from vulnerable people in the cruellest ways possible. Once the victim wires the cash, there’s a good chance that it’s never coming back. The…
👍1
Top Security News for 10/10/2022
Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM
https://securityaffairs.co/wordpress/136866/cyber-crime/south-africa-eskom-everest-ransomware.html
Lloyd’s of London investigates alleged cyber attack
https://securityaffairs.co/wordpress/136834/security/lloyds-of-london-cyberattack.html
Curl's resolve Option, (Sun, Oct 9th)
https://isc.sans.edu/diary/rss/29132
Pt 2 – XDR: from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/64/notes
ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://isc.sans.edu/diary/rss/29134
ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://malware.news/t/isc-stormcast-for-monday-october-10th-2022-https-isc-sans-edu-podcastdetail-html-id-8206-mon-oct-10th/64030#post_1
Use case creation in SIEM - Malicious download
https://www.reddit.com/r/Malware/comments/xzmszq/use_case_creation_in_siem_malicious_download/
Is there a team recruiting?
https://0x00sec.org/t/is-there-a-team-recruiting/31635
Security Affairs newsletter Round 387
https://securityaffairs.co/wordpress/136857/breaking-news/security-affairs-newsletter-round-387.html
ISC StormCast for Monday, October 10th, 2022
https://isc.sans.edu/podcastdetail.html?id=8206
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM
https://securityaffairs.co/wordpress/136866/cyber-crime/south-africa-eskom-everest-ransomware.html
Lloyd’s of London investigates alleged cyber attack
https://securityaffairs.co/wordpress/136834/security/lloyds-of-london-cyberattack.html
Curl's resolve Option, (Sun, Oct 9th)
https://isc.sans.edu/diary/rss/29132
Pt 2 – XDR: from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/64/notes
ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://isc.sans.edu/diary/rss/29134
ISC Stormcast For Monday, October 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8206, (Mon, Oct 10th)
https://malware.news/t/isc-stormcast-for-monday-october-10th-2022-https-isc-sans-edu-podcastdetail-html-id-8206-mon-oct-10th/64030#post_1
Use case creation in SIEM - Malicious download
https://www.reddit.com/r/Malware/comments/xzmszq/use_case_creation_in_siem_malicious_download/
Is there a team recruiting?
https://0x00sec.org/t/is-there-a-team-recruiting/31635
Security Affairs newsletter Round 387
https://securityaffairs.co/wordpress/136857/breaking-news/security-affairs-newsletter-round-387.html
ISC StormCast for Monday, October 10th, 2022
https://isc.sans.edu/podcastdetail.html?id=8206
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM
Everest ransomware operators claimed to have hacked South Africa state-owned company ESKOM Hld SOC Ltd.
Top Security News for 11/10/2022
Python and Malware: Writing a simple wiper malware
https://0x00sec.org/t/python-and-malware-writing-a-simple-wiper-malware/31652
GitLab: RCE via github import
https://www.reddit.com/r/netsec/comments/y0cnw1/gitlab_rce_via_github_import/
White House unveils Blueprint for an AI Bill of Rights
https://www.malwarebytes.com/blog/news/2022/10/the-white-houses-new-bill-of-rights-holds-big-tech-companies-accountable-for-their-ai
A week in security (October 3 – 9)
https://www.malwarebytes.com/blog/news/2022/10/a-week-in-security-october-3-9
Endor Labs offers dependency management platform for open source software
https://www.csoonline.com/article/3675963/endor-labs-offers-dependency-management-platform-for-open-source-software.html#tk.rss_all
White House unveils Blueprint for an AI Bill of Rights
https://malware.news/t/white-house-unveils-blueprint-for-an-ai-bill-of-rights/64045#post_1
ISC Stormcast For Tuesday, October 11th, 2022 https://isc.sans.edu/podcastdetail.html?id=8208, (Tue, Oct 11th)
https://malware.news/t/isc-stormcast-for-tuesday-october-11th-2022-https-isc-sans-edu-podcastdetail-html-id-8208-tue-oct-11th/64048#post_1
Hackers Steal $100 Million Cryptocurrency from Binance Bridge
https://thehackernews.com/2022/10/hackers-steal-100-million.html
Security Alert: Alert Regarding Authentication Bypass Vulnerability (CVE-2022-42458) in bingo!CMS
https://malware.news/t/security-alert-alert-regarding-authentication-bypass-vulnerability-cve-2022-42458-in-bingo-cms/64049#post_1
Persistent PHP payloads in PNGs: How to inject PHP code in an image and keep it there!
https://www.reddit.com/r/netsec/comments/y0jlzp/persistent_php_payloads_in_pngs_how_to_inject_php/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Python and Malware: Writing a simple wiper malware
https://0x00sec.org/t/python-and-malware-writing-a-simple-wiper-malware/31652
GitLab: RCE via github import
https://www.reddit.com/r/netsec/comments/y0cnw1/gitlab_rce_via_github_import/
White House unveils Blueprint for an AI Bill of Rights
https://www.malwarebytes.com/blog/news/2022/10/the-white-houses-new-bill-of-rights-holds-big-tech-companies-accountable-for-their-ai
A week in security (October 3 – 9)
https://www.malwarebytes.com/blog/news/2022/10/a-week-in-security-october-3-9
Endor Labs offers dependency management platform for open source software
https://www.csoonline.com/article/3675963/endor-labs-offers-dependency-management-platform-for-open-source-software.html#tk.rss_all
White House unveils Blueprint for an AI Bill of Rights
https://malware.news/t/white-house-unveils-blueprint-for-an-ai-bill-of-rights/64045#post_1
ISC Stormcast For Tuesday, October 11th, 2022 https://isc.sans.edu/podcastdetail.html?id=8208, (Tue, Oct 11th)
https://malware.news/t/isc-stormcast-for-tuesday-october-11th-2022-https-isc-sans-edu-podcastdetail-html-id-8208-tue-oct-11th/64048#post_1
Hackers Steal $100 Million Cryptocurrency from Binance Bridge
https://thehackernews.com/2022/10/hackers-steal-100-million.html
Security Alert: Alert Regarding Authentication Bypass Vulnerability (CVE-2022-42458) in bingo!CMS
https://malware.news/t/security-alert-alert-regarding-authentication-bypass-vulnerability-cve-2022-42458-in-bingo-cms/64049#post_1
Persistent PHP payloads in PNGs: How to inject PHP code in an image and keep it there!
https://www.reddit.com/r/netsec/comments/y0jlzp/persistent_php_payloads_in_pngs_how_to_inject_php/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
0x00sec - The Home of the Hacker
Python and Malware: Writing a simple wiper malware
Introduction In this article, I’ll describe how to write a malware, Please notice this is not a “true” malware this is only has to show you the basics and even how easy to be written, Probably python is not the best choice at all, It’s an interpreted language…
Top Security News for 12/10/2022
postMessage Braindump - a brief postMessage testing methodology
https://www.reddit.com/r/netsec/comments/y1tehd/postmessage_braindump_a_brief_postmessage_testing/
Uncovering Siemens SIMATIC S7-1200/1500 Hardcoded Cryptographic Keys in PLCs
https://www.reddit.com/r/netsec/comments/y19lns/uncovering_siemens_simatic_s712001500_hardcoded/
An 18 year scam odyssey of stranded astronauts
https://www.malwarebytes.com/blog/news/2022/10/an-18-year-scam-odyssey-of-stranded-astronauts
Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox
https://thehackernews.com/2022/10/researchers-detail-critical-rce-flaw.html
Meta warns Facebook users about malicious apps. Toyota leaves the keys in the car door. Dialog IT discloses security incident.
https://thecyberwire.com/podcasts/privacy-briefing/686/notes
The Fresh Phish Market: Behind the Scenes of the Caffeine Phishing-as-a-Service Platform
https://www.reddit.com/r/netsec/comments/y1hkqk/the_fresh_phish_market_behind_the_scenes_of_the/
Caffeine phishing-as-a-service platform. Malicious apps in official app stores. New Android spyware.
https://thecyberwire.com/podcasts/research-briefing/138/notes
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/11-10-2022
Smart lights vulnerable to "blink and you'll miss it" attack
https://www.malwarebytes.com/blog/news/2022/10/smart-lighting-system-suffers-a-blink-and-youll-miss-it-attack
The Latest Funding News and What it Means for Cyber Security in 2023
https://thehackernews.com/2022/10/the-latest-funding-news-and-what-it.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
postMessage Braindump - a brief postMessage testing methodology
https://www.reddit.com/r/netsec/comments/y1tehd/postmessage_braindump_a_brief_postmessage_testing/
Uncovering Siemens SIMATIC S7-1200/1500 Hardcoded Cryptographic Keys in PLCs
https://www.reddit.com/r/netsec/comments/y19lns/uncovering_siemens_simatic_s712001500_hardcoded/
An 18 year scam odyssey of stranded astronauts
https://www.malwarebytes.com/blog/news/2022/10/an-18-year-scam-odyssey-of-stranded-astronauts
Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox
https://thehackernews.com/2022/10/researchers-detail-critical-rce-flaw.html
Meta warns Facebook users about malicious apps. Toyota leaves the keys in the car door. Dialog IT discloses security incident.
https://thecyberwire.com/podcasts/privacy-briefing/686/notes
The Fresh Phish Market: Behind the Scenes of the Caffeine Phishing-as-a-Service Platform
https://www.reddit.com/r/netsec/comments/y1hkqk/the_fresh_phish_market_behind_the_scenes_of_the/
Caffeine phishing-as-a-service platform. Malicious apps in official app stores. New Android spyware.
https://thecyberwire.com/podcasts/research-briefing/138/notes
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/11-10-2022
Smart lights vulnerable to "blink and you'll miss it" attack
https://www.malwarebytes.com/blog/news/2022/10/smart-lighting-system-suffers-a-blink-and-youll-miss-it-attack
The Latest Funding News and What it Means for Cyber Security in 2023
https://thehackernews.com/2022/10/the-latest-funding-news-and-what-it.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
postMessage Braindump - a brief postMessage testing methodology
Posted in r/netsec by u/Gallus • 1 point and 0 comments
Top Security News for 13/10/2022
Information overload, burnout, talent retention impacting SOC performance
https://www.csoonline.com/article/3676135/information-overload-burnout-talent-retention-impacting-soc-performance.html#tk.rss_all
Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections
https://www.microsoft.com/security/blog/2022/10/12/introducing-new-microsoft-defender-for-cloud-innovations-to-strengthen-cloud-native-protections/
Update now! October patch Tuesday fixes actively used zero-day...but not the one you expected
https://malware.news/t/update-now-october-patch-tuesday-fixes-actively-used-zero-day-but-not-the-one-you-expected/64139#post_1
Sandfly 4.2 - Automatic Host Discovery and Faster Than Ever
https://malware.news/t/sandfly-4-2-automatic-host-discovery-and-faster-than-ever/64143#post_1
Prevent Ransomware Attacks on Critical Infrastructure
https://malware.news/t/prevent-ransomware-attacks-on-critical-infrastructure/64141#post_1
Top 5 ransomware detection techniques: Pros and cons of each
https://www.malwarebytes.com/blog/business/2022/10/top-5-ransomware-detection-techniques-pros-and-cons-of-each
5 cybersecurity capabilities announced at Microsoft Ignite 2022 to help you secure more with less
https://www.microsoft.com/security/blog/2022/10/12/5-cybersecurity-capabilities-announced-at-microsoft-ignite-2022-to-help-you-secure-more-with-less/
Sharing my OSCP Pre-Preparation Plan which I once made for my own self, for those who are interested in getting OSCP certification soon. Here is the link:
https://www.reddit.com/r/netsec/comments/y206t3/sharing_my_oscp_prepreparation_plan_which_i_once/
Portnox adds IoT fingerprinting to network access control service
https://www.csoonline.com/article/3676232/portnox-adds-iot-fingerprinting-to-network-access-control-service.html#tk.rss_all
UK government sounds alarm on tax scams
https://www.malwarebytes.com/blog/news/2022/10/ukgov-sounds-alarm-on-hmrc-tax-scams
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Information overload, burnout, talent retention impacting SOC performance
https://www.csoonline.com/article/3676135/information-overload-burnout-talent-retention-impacting-soc-performance.html#tk.rss_all
Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections
https://www.microsoft.com/security/blog/2022/10/12/introducing-new-microsoft-defender-for-cloud-innovations-to-strengthen-cloud-native-protections/
Update now! October patch Tuesday fixes actively used zero-day...but not the one you expected
https://malware.news/t/update-now-october-patch-tuesday-fixes-actively-used-zero-day-but-not-the-one-you-expected/64139#post_1
Sandfly 4.2 - Automatic Host Discovery and Faster Than Ever
https://malware.news/t/sandfly-4-2-automatic-host-discovery-and-faster-than-ever/64143#post_1
Prevent Ransomware Attacks on Critical Infrastructure
https://malware.news/t/prevent-ransomware-attacks-on-critical-infrastructure/64141#post_1
Top 5 ransomware detection techniques: Pros and cons of each
https://www.malwarebytes.com/blog/business/2022/10/top-5-ransomware-detection-techniques-pros-and-cons-of-each
5 cybersecurity capabilities announced at Microsoft Ignite 2022 to help you secure more with less
https://www.microsoft.com/security/blog/2022/10/12/5-cybersecurity-capabilities-announced-at-microsoft-ignite-2022-to-help-you-secure-more-with-less/
Sharing my OSCP Pre-Preparation Plan which I once made for my own self, for those who are interested in getting OSCP certification soon. Here is the link:
https://www.reddit.com/r/netsec/comments/y206t3/sharing_my_oscp_prepreparation_plan_which_i_once/
Portnox adds IoT fingerprinting to network access control service
https://www.csoonline.com/article/3676232/portnox-adds-iot-fingerprinting-to-network-access-control-service.html#tk.rss_all
UK government sounds alarm on tax scams
https://www.malwarebytes.com/blog/news/2022/10/ukgov-sounds-alarm-on-hmrc-tax-scams
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO Online
Information overload, burnout, talent retention impacting SOC performance
Security operations center leaders and staff report numerous pain points impacting SOC performance.
Top Security News for 14/10/2022
Cybersecurity labels. Transatlantic data sharing agreement update. US restricts chip exports to China. CISA will not share industry feedback on performance goals. 3.22
https://thecyberwire.com/newsletters/policy-briefing/4/197
What the cybercriminals are up to: improving their tools and carrying out the same old dreary social engineering. Budworm APT sightings. And the state of Russia’s hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1682/notes
Emotet ups its game. Budworm APT sightings. Social engineering scams. Internet takedown and recovery.
https://thecyberwire.com/newsletters/daily-briefing/11/197
Fashion company fined for data breach. Arizona city suffers data breach after hacker breaks into user account. Massive trove of credit card data dumped on dark web.
https://thecyberwire.com/podcasts/privacy-briefing/688/notes
Budworm Hackers Resurface with New Espionage Attacks Aimed at U.S. Organization
https://thehackernews.com/2022/10/budworm-hackers-resurface-with-new.html
RPC Toolkit - security research oriented resources on MS-RPC (articles, PoCs, vulnerability write-ups, tools, etc.)
https://www.reddit.com/r/netsec/comments/y2ubqx/rpc_toolkit_security_research_oriented_resources/
Chinese APT's favorite vulnerabilities revealed
https://malware.news/t/chinese-apts-favorite-vulnerabilities-revealed/64178#post_1
What the Uber verdict means to CISOs: You're (probably) not going to jail
https://www.csoonline.com/article/3676078/what-the-uber-verdict-means-to-cisos-youre-probably-not-going-to-jail.html#tk.rss_all
How to Investigate Insider Threats (Forensic Methodology)
https://www.reddit.com/r/netsec/comments/y30in9/how_to_investigate_insider_threats_forensic/
ISC Stormcast For Friday, October 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8214, (Fri, Oct 14th)
https://isc.sans.edu/diary/rss/29148
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Cybersecurity labels. Transatlantic data sharing agreement update. US restricts chip exports to China. CISA will not share industry feedback on performance goals. 3.22
https://thecyberwire.com/newsletters/policy-briefing/4/197
What the cybercriminals are up to: improving their tools and carrying out the same old dreary social engineering. Budworm APT sightings. And the state of Russia’s hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1682/notes
Emotet ups its game. Budworm APT sightings. Social engineering scams. Internet takedown and recovery.
https://thecyberwire.com/newsletters/daily-briefing/11/197
Fashion company fined for data breach. Arizona city suffers data breach after hacker breaks into user account. Massive trove of credit card data dumped on dark web.
https://thecyberwire.com/podcasts/privacy-briefing/688/notes
Budworm Hackers Resurface with New Espionage Attacks Aimed at U.S. Organization
https://thehackernews.com/2022/10/budworm-hackers-resurface-with-new.html
RPC Toolkit - security research oriented resources on MS-RPC (articles, PoCs, vulnerability write-ups, tools, etc.)
https://www.reddit.com/r/netsec/comments/y2ubqx/rpc_toolkit_security_research_oriented_resources/
Chinese APT's favorite vulnerabilities revealed
https://malware.news/t/chinese-apts-favorite-vulnerabilities-revealed/64178#post_1
What the Uber verdict means to CISOs: You're (probably) not going to jail
https://www.csoonline.com/article/3676078/what-the-uber-verdict-means-to-cisos-youre-probably-not-going-to-jail.html#tk.rss_all
How to Investigate Insider Threats (Forensic Methodology)
https://www.reddit.com/r/netsec/comments/y30in9/how_to_investigate_insider_threats_forensic/
ISC Stormcast For Friday, October 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8214, (Fri, Oct 14th)
https://isc.sans.edu/diary/rss/29148
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Cybersecurity labels. Transatlantic data sharing agreement update. US restricts chip exports to China. CISA will not share industry…
US expected to proceed with cybersecurity labeling modeled on EnergyStar. Transatlantic data sharing agreement could face pushback. US restricts chip exports to China. CISA chooses not to share industry feedback on performance goals.
Top Security News for 16/10/2022
New PHP Version of Ducktail info-stealer hijacks Facebook Business accounts
https://securityaffairs.co/wordpress/137145/malware/ducktail-php-targets-facebook.html
Userbenchmark
https://www.reddit.com/r/Malware/comments/y52asz/userbenchmark/
FBI, CISA warn of disinformation ahead of midterms
https://malware.news/t/fbi-cisa-warn-of-disinformation-ahead-of-midterms/64206#post_1
Cyber confidence: Knowing what you have and where it is.
https://thecyberwire.com/podcasts/cyberwire-x/40/notes
FBI, CISA warn of disinformation ahead of midterms
https://www.malwarebytes.com/blog/news/2022/10/fbi-and-cisa-urge-americans-to-be-critical-of-information-in-light-of-midterm-election
Malware - Covid Vaccination Supplier Declaration, (Sat, Oct 15th)
https://malware.news/t/malware-covid-vaccination-supplier-declaration-sat-oct-15th/64207#post_1
Amanda Adams: Pivoting into the tech world.
https://thecyberwire.com/podcasts/career-notes/121/notes
Indian power generation giant Tata Power hit by a cyber attack
https://securityaffairs.co/wordpress/137130/hacking/tata-power-cyber-attack.html
Social Engineering and Breaking into Stuff with Jenny Radcliffe
https://thecyberwire.com/podcasts/8th-layer-insights/26/notes
Malware - Covid Vaccination Supplier Declaration, (Sat, Oct 15th)
https://isc.sans.edu/diary/rss/29150
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
New PHP Version of Ducktail info-stealer hijacks Facebook Business accounts
https://securityaffairs.co/wordpress/137145/malware/ducktail-php-targets-facebook.html
Userbenchmark
https://www.reddit.com/r/Malware/comments/y52asz/userbenchmark/
FBI, CISA warn of disinformation ahead of midterms
https://malware.news/t/fbi-cisa-warn-of-disinformation-ahead-of-midterms/64206#post_1
Cyber confidence: Knowing what you have and where it is.
https://thecyberwire.com/podcasts/cyberwire-x/40/notes
FBI, CISA warn of disinformation ahead of midterms
https://www.malwarebytes.com/blog/news/2022/10/fbi-and-cisa-urge-americans-to-be-critical-of-information-in-light-of-midterm-election
Malware - Covid Vaccination Supplier Declaration, (Sat, Oct 15th)
https://malware.news/t/malware-covid-vaccination-supplier-declaration-sat-oct-15th/64207#post_1
Amanda Adams: Pivoting into the tech world.
https://thecyberwire.com/podcasts/career-notes/121/notes
Indian power generation giant Tata Power hit by a cyber attack
https://securityaffairs.co/wordpress/137130/hacking/tata-power-cyber-attack.html
Social Engineering and Breaking into Stuff with Jenny Radcliffe
https://thecyberwire.com/podcasts/8th-layer-insights/26/notes
Malware - Covid Vaccination Supplier Declaration, (Sat, Oct 15th)
https://isc.sans.edu/diary/rss/29150
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
New PHP Version of Ducktail info-stealer hijacks Facebook Business accounts
Experts spotted a PHP version of an information-stealing malware called Ducktail spread as cracked installers for legitimate apps and games.
👍1
Top Security News for 17/10/2022
Rozwiązania MSHP CTF (październik 2022)
https://gynvael.coldwind.pl/?id=756
Regulator: A unique method of subdomain enumeration
https://www.reddit.com/r/netsec/comments/y5muc1/regulator_a_unique_method_of_subdomain_enumeration/
ISC Stormcast For Monday, October 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8216, (Mon, Oct 17th)
https://isc.sans.edu/diary/rss/29154
Android and iOS leak some data outside VPNs
https://malware.news/t/android-and-ios-leak-some-data-outside-vpns/64213#post_1
Mysterious Prestige ransomware targets organizations in Ukraine and Poland
https://securityaffairs.co/wordpress/137203/apt/prestige-ransomware-targets-ukraine.html
Cybercriminals use Hurricane Ian as lure for scams, theft of FEMA funds
https://malware.news/t/cybercriminals-use-hurricane-ian-as-lure-for-scams-theft-of-fema-funds/64210#post_1
Weekly News Roundup — October 9 to October 15
https://malware.news/t/weekly-news-roundup-october-9-to-october-15/64211#post_1
Security Affairs newsletter Round 389
https://securityaffairs.co/wordpress/137161/breaking-news/security-affairs-newsletter-round-389.html
17th October – Threat Intelligence Report
https://malware.news/t/17th-october-threat-intelligence-report/64209#post_1
Video: Analysis of a Malicious HTML File (QBot), (Sun, Oct 16th)
https://isc.sans.edu/diary/rss/29152
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Rozwiązania MSHP CTF (październik 2022)
https://gynvael.coldwind.pl/?id=756
Regulator: A unique method of subdomain enumeration
https://www.reddit.com/r/netsec/comments/y5muc1/regulator_a_unique_method_of_subdomain_enumeration/
ISC Stormcast For Monday, October 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8216, (Mon, Oct 17th)
https://isc.sans.edu/diary/rss/29154
Android and iOS leak some data outside VPNs
https://malware.news/t/android-and-ios-leak-some-data-outside-vpns/64213#post_1
Mysterious Prestige ransomware targets organizations in Ukraine and Poland
https://securityaffairs.co/wordpress/137203/apt/prestige-ransomware-targets-ukraine.html
Cybercriminals use Hurricane Ian as lure for scams, theft of FEMA funds
https://malware.news/t/cybercriminals-use-hurricane-ian-as-lure-for-scams-theft-of-fema-funds/64210#post_1
Weekly News Roundup — October 9 to October 15
https://malware.news/t/weekly-news-roundup-october-9-to-october-15/64211#post_1
Security Affairs newsletter Round 389
https://securityaffairs.co/wordpress/137161/breaking-news/security-affairs-newsletter-round-389.html
17th October – Threat Intelligence Report
https://malware.news/t/17th-october-threat-intelligence-report/64209#post_1
Video: Analysis of a Malicious HTML File (QBot), (Sun, Oct 16th)
https://isc.sans.edu/diary/rss/29152
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
gynvael.coldwind.pl
Rozwiązania MSHP CTF (październik 2022)
Top Security News for 18/10/2022
MyDeal discloses breach. Election software CEO charged. FamilySearch discloses data breach. University of P.R. student involved in privacy violation.
https://thecyberwire.com/podcasts/privacy-briefing/690/notes
Zimbra Releases Patch for Actively Exploited Vulnerability in its Collaboration Suite
https://thehackernews.com/2022/10/zimbra-releases-patch-for-actively.html
Toner Deaf – Printing your next persistence (Hexacon 2022)
https://www.reddit.com/r/netsec/comments/y66era/toner_deaf_printing_your_next_persistence_hexacon/
Python Obfuscation for Dummies, (Tue, Oct 18th)
https://malware.news/t/python-obfuscation-for-dummies-tue-oct-18th/64243#post_1
Software Patch Management Policy Best Practices
https://malware.news/t/software-patch-management-policy-best-practices/64244#post_1
Black Basta Ransomware Hackers Infiltrate Networks via Qakbot to Deploy Brute Ratel C4
https://thehackernews.com/2022/10/black-basta-ransomware-hackers.html
Domain spoofing (noun)
https://thecyberwire.com/podcasts/word-notes/121/notes
Why Crypto Winter is No Excuse to Let Your Cyber Defenses Falter
https://thehackernews.com/2022/10/why-crypto-winter-is-no-excuse-to-let.html
Tata Power sustains cyberattack. Influence operations and battlespace prep. Ransom Cartel looks a lot like REvil. Notes from Russia’s hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1684/notes
Researchers Say Microsoft Office 365 Uses Broken Email Encryption to Secure Messages
https://thehackernews.com/2022/10/researchers-claim-microsoft-office-365.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
MyDeal discloses breach. Election software CEO charged. FamilySearch discloses data breach. University of P.R. student involved in privacy violation.
https://thecyberwire.com/podcasts/privacy-briefing/690/notes
Zimbra Releases Patch for Actively Exploited Vulnerability in its Collaboration Suite
https://thehackernews.com/2022/10/zimbra-releases-patch-for-actively.html
Toner Deaf – Printing your next persistence (Hexacon 2022)
https://www.reddit.com/r/netsec/comments/y66era/toner_deaf_printing_your_next_persistence_hexacon/
Python Obfuscation for Dummies, (Tue, Oct 18th)
https://malware.news/t/python-obfuscation-for-dummies-tue-oct-18th/64243#post_1
Software Patch Management Policy Best Practices
https://malware.news/t/software-patch-management-policy-best-practices/64244#post_1
Black Basta Ransomware Hackers Infiltrate Networks via Qakbot to Deploy Brute Ratel C4
https://thehackernews.com/2022/10/black-basta-ransomware-hackers.html
Domain spoofing (noun)
https://thecyberwire.com/podcasts/word-notes/121/notes
Why Crypto Winter is No Excuse to Let Your Cyber Defenses Falter
https://thehackernews.com/2022/10/why-crypto-winter-is-no-excuse-to-let.html
Tata Power sustains cyberattack. Influence operations and battlespace prep. Ransom Cartel looks a lot like REvil. Notes from Russia’s hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1684/notes
Researchers Say Microsoft Office 365 Uses Broken Email Encryption to Secure Messages
https://thehackernews.com/2022/10/researchers-claim-microsoft-office-365.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
The CyberWire — Your cybersecurity news connection
The CyberWire is an independent voice delivering concise, accessible, and relevant cybersecurity news to people all across the globe. We separate the signal from the noise.
Top Security News for 19/10/2022
Altruism under attack: why cybersecurity has become essential to humanitarian nonprofits
https://www.csoonline.com/article/3676668/altruism-under-attack-why-cybersecurity-has-become-essential-to-humanitarian-nonprofits.html#tk.rss_all
CVE-2022-42889 (Text4Shell) OSS detector - Finds possibly vulnerable JAR files
https://www.reddit.com/r/netsec/comments/y7aohf/cve202242889_text4shell_oss_detector_finds/
Fake tractor fraudsters plague online transactions
https://www.malwarebytes.com/blog/news/2022/10/fake-tractor-fraudsters-plague-online-transactions
ISC StormCast for Wednesday, October 19th, 2022
https://isc.sans.edu/podcastdetail.html?id=8220
Data Collection
https://malware.news/t/data-collection/64276#post_1
CVE-2022-28762: Zoom for macOS contains a debugging port misconfiguration
https://securityaffairs.co/wordpress/137266/security/zoom-macos-cve-2022-28762.html
FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684) + PoC
https://www.reddit.com/r/netsec/comments/y3lgv3/fortios_fortiproxy_and_fortiswitchmanager/
Our new scanner for Text4Shell
https://www.reddit.com/r/netsec/comments/y7gf09/our_new_scanner_for_text4shell/
Security Alert: Oracle Releases Critical Patch Update, October 2022
https://malware.news/t/security-alert-oracle-releases-critical-patch-update-october-2022/64278#post_1
How to spot a scam
https://malware.news/t/how-to-spot-a-scam/64274#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Altruism under attack: why cybersecurity has become essential to humanitarian nonprofits
https://www.csoonline.com/article/3676668/altruism-under-attack-why-cybersecurity-has-become-essential-to-humanitarian-nonprofits.html#tk.rss_all
CVE-2022-42889 (Text4Shell) OSS detector - Finds possibly vulnerable JAR files
https://www.reddit.com/r/netsec/comments/y7aohf/cve202242889_text4shell_oss_detector_finds/
Fake tractor fraudsters plague online transactions
https://www.malwarebytes.com/blog/news/2022/10/fake-tractor-fraudsters-plague-online-transactions
ISC StormCast for Wednesday, October 19th, 2022
https://isc.sans.edu/podcastdetail.html?id=8220
Data Collection
https://malware.news/t/data-collection/64276#post_1
CVE-2022-28762: Zoom for macOS contains a debugging port misconfiguration
https://securityaffairs.co/wordpress/137266/security/zoom-macos-cve-2022-28762.html
FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684) + PoC
https://www.reddit.com/r/netsec/comments/y3lgv3/fortios_fortiproxy_and_fortiswitchmanager/
Our new scanner for Text4Shell
https://www.reddit.com/r/netsec/comments/y7gf09/our_new_scanner_for_text4shell/
Security Alert: Oracle Releases Critical Patch Update, October 2022
https://malware.news/t/security-alert-oracle-releases-critical-patch-update-october-2022/64278#post_1
How to spot a scam
https://malware.news/t/how-to-spot-a-scam/64274#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
Altruism under attack: why cybersecurity has become essential to humanitarian nonprofits
Nonprofits engaged in vital humanitarian work are finding themselves faced with increasing cybersecurity risks in an already challenging environment.
Top Security News for 20/10/2022
Researchers Detail Azure SFX Flaw That Could've Allowed Attackers to Gain Admin Access
https://thehackernews.com/2022/10/researchers-detail-azure-sfx-flaw-that.html
Chinese Hackers Targeting Online Casinos with GamePlayerFramework Malware
https://thehackernews.com/2022/10/chinese-hackers-targeting-online.html
ISC Stormcast For Thursday, October 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8222, (Thu, Oct 20th)
https://malware.news/t/isc-stormcast-for-thursday-october-20th-2022-https-isc-sans-edu-podcastdetail-html-id-8222-thu-oct-20th/64324#post_1
Why Log4Text is not another Log4Shell
https://www.malwarebytes.com/blog/news/2022/10/why-log4text-is-not-another-log4shell
Do more with less—Discover the latest Microsoft Entra innovations
https://www.microsoft.com/security/blog/2022/10/19/do-more-with-less-discover-the-latest-microsoft-entra-innovations/
Fantastic Rootkits: And Where to Find Them (Part 1)
https://www.reddit.com/r/netsec/comments/y8jucu/fantastic_rootkits_and_where_to_find_them_part_1/
The cost to businesses of phishing.
https://thecyberwire.com
Ransomware attack freezes newspaper printing system
https://www.malwarebytes.com/blog/news/2022/10/ransomware-attack-freezes-newspaper-printing-system
HTTP/3 connection contamination: an upcoming threat
https://www.reddit.com/r/netsec/comments/y82ude/http3_connection_contamination_an_upcoming_threat/
Supply chain attacks increased over 600% this year and companies are falling behind
https://www.csoonline.com/article/3677228/supply-chain-attacks-increased-over-600-this-year-and-companies-are-falling-behind.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Researchers Detail Azure SFX Flaw That Could've Allowed Attackers to Gain Admin Access
https://thehackernews.com/2022/10/researchers-detail-azure-sfx-flaw-that.html
Chinese Hackers Targeting Online Casinos with GamePlayerFramework Malware
https://thehackernews.com/2022/10/chinese-hackers-targeting-online.html
ISC Stormcast For Thursday, October 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8222, (Thu, Oct 20th)
https://malware.news/t/isc-stormcast-for-thursday-october-20th-2022-https-isc-sans-edu-podcastdetail-html-id-8222-thu-oct-20th/64324#post_1
Why Log4Text is not another Log4Shell
https://www.malwarebytes.com/blog/news/2022/10/why-log4text-is-not-another-log4shell
Do more with less—Discover the latest Microsoft Entra innovations
https://www.microsoft.com/security/blog/2022/10/19/do-more-with-less-discover-the-latest-microsoft-entra-innovations/
Fantastic Rootkits: And Where to Find Them (Part 1)
https://www.reddit.com/r/netsec/comments/y8jucu/fantastic_rootkits_and_where_to_find_them_part_1/
The cost to businesses of phishing.
https://thecyberwire.com
Ransomware attack freezes newspaper printing system
https://www.malwarebytes.com/blog/news/2022/10/ransomware-attack-freezes-newspaper-printing-system
HTTP/3 connection contamination: an upcoming threat
https://www.reddit.com/r/netsec/comments/y82ude/http3_connection_contamination_an_upcoming_threat/
Supply chain attacks increased over 600% this year and companies are falling behind
https://www.csoonline.com/article/3677228/supply-chain-attacks-increased-over-600-this-year-and-companies-are-falling-behind.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Thursday, October 20th, 2022 - SANS ISC
Top Security News for 21/10/2022
Log4J-scan update: Detection for Apache Commons Text RCE (CVE-2022-42889)
https://www.reddit.com/r/netsec/comments/y91sp9/log4jscan_update_detection_for_apache_commons/
Experts spotted a new undetectable PowerShell Backdoor posing as a Windows update
https://securityaffairs.co/wordpress/137410/malware/undetectable-powershell-backdoor.html
Cybersecurity Workforce Study released.
https://thecyberwire.com/stories/8857909f273f46529695d5ea8caf954d/cybersecurity-workforce-study-released
Reverse Engineering the Apple MultiPeer Connectivity Framework
https://www.reddit.com/r/netsec/comments/y907qk/reverse_engineering_the_apple_multipeer/
ISC StormCast for Friday, October 21st, 2022
https://isc.sans.edu/podcastdetail.html?id=8224
GuLoader Malware Disguised as a Word File Being Distributed in Korea
https://malware.news/t/guloader-malware-disguised-as-a-word-file-being-distributed-in-korea/64374#post_1
ISC Stormcast For Friday, October 21st, 2022 https://isc.sans.edu/podcastdetail.html?id=8224, (Fri, Oct 21st)
https://isc.sans.edu/diary/rss/29172
5 essential security tips for SMBs
https://www.malwarebytes.com/blog/business/2022/10/5-essential-security-tips-for-smbs
Google Launches GUAC Open Source Project to Secure Software Supply Chain
https://thehackernews.com/2022/10/google-launches-guac-open-source.html
SHA-3 Buffer Overflow - CVE-2022-37454
https://www.reddit.com/r/netsec/comments/y98ox2/sha3_buffer_overflow_cve202237454/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Log4J-scan update: Detection for Apache Commons Text RCE (CVE-2022-42889)
https://www.reddit.com/r/netsec/comments/y91sp9/log4jscan_update_detection_for_apache_commons/
Experts spotted a new undetectable PowerShell Backdoor posing as a Windows update
https://securityaffairs.co/wordpress/137410/malware/undetectable-powershell-backdoor.html
Cybersecurity Workforce Study released.
https://thecyberwire.com/stories/8857909f273f46529695d5ea8caf954d/cybersecurity-workforce-study-released
Reverse Engineering the Apple MultiPeer Connectivity Framework
https://www.reddit.com/r/netsec/comments/y907qk/reverse_engineering_the_apple_multipeer/
ISC StormCast for Friday, October 21st, 2022
https://isc.sans.edu/podcastdetail.html?id=8224
GuLoader Malware Disguised as a Word File Being Distributed in Korea
https://malware.news/t/guloader-malware-disguised-as-a-word-file-being-distributed-in-korea/64374#post_1
ISC Stormcast For Friday, October 21st, 2022 https://isc.sans.edu/podcastdetail.html?id=8224, (Fri, Oct 21st)
https://isc.sans.edu/diary/rss/29172
5 essential security tips for SMBs
https://www.malwarebytes.com/blog/business/2022/10/5-essential-security-tips-for-smbs
Google Launches GUAC Open Source Project to Secure Software Supply Chain
https://thehackernews.com/2022/10/google-launches-guac-open-source.html
SHA-3 Buffer Overflow - CVE-2022-37454
https://www.reddit.com/r/netsec/comments/y98ox2/sha3_buffer_overflow_cve202237454/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Log4J-scan update: Detection for Apache Commons Text RCE...
Posted in r/netsec by u/mazen160 • 2 points and 0 comments
Top Security News for 22/10/2022
Looking for student debt relief? Watch out for scammers says the FBI
https://malware.news/t/looking-for-student-debt-relief-watch-out-for-scammers-says-the-fbi/64400#post_1
Wicked Good Development Episode #16: Ted Neward’s Philosophy 101
https://malware.news/t/wicked-good-development-episode-16-ted-neward-s-philosophy-101/64396#post_1
TikTok allegedly planned to track US user data. Medibank data breach worsens. US hospitals report a Meta Pixel breach.
https://thecyberwire.com/newsletters/privacy-briefing/4/203
Critical Flaw Reported in Move Virtual Machine Powering the Aptos Blockchain Network
https://thehackernews.com/2022/10/critical-flaw-reported-in-move-virtual.html
Former cop abused unrevoked system access to extort women
https://www.malwarebytes.com/blog/news/2022/10/former-kentucky-cop-abused-access-to-hack-snapchat-accounts
5 quick tips for better Android phone security right now
https://malware.news/t/5-quick-tips-for-better-android-phone-security-right-now/64398#post_1
News URSNIF variant doesn’t support banking features
https://securityaffairs.co/wordpress/137435/malware/ursnif-shift-backdoor.html
Former cop abused unrevoked system access to extort women
https://malware.news/t/former-cop-abused-unrevoked-system-access-to-extort-women/64399#post_1
Jon Hencinski of Expel to discuss their second Quarterly Threat Report.
https://thecyberwire.com/podcasts/interview-selects/133/notes
Looking for student debt relief? Watch out for scammers says the FBI
https://www.malwarebytes.com/blog/news/2022/10/psa-scammers-likely-to-target-student-loan-relief-applicants
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Looking for student debt relief? Watch out for scammers says the FBI
https://malware.news/t/looking-for-student-debt-relief-watch-out-for-scammers-says-the-fbi/64400#post_1
Wicked Good Development Episode #16: Ted Neward’s Philosophy 101
https://malware.news/t/wicked-good-development-episode-16-ted-neward-s-philosophy-101/64396#post_1
TikTok allegedly planned to track US user data. Medibank data breach worsens. US hospitals report a Meta Pixel breach.
https://thecyberwire.com/newsletters/privacy-briefing/4/203
Critical Flaw Reported in Move Virtual Machine Powering the Aptos Blockchain Network
https://thehackernews.com/2022/10/critical-flaw-reported-in-move-virtual.html
Former cop abused unrevoked system access to extort women
https://www.malwarebytes.com/blog/news/2022/10/former-kentucky-cop-abused-access-to-hack-snapchat-accounts
5 quick tips for better Android phone security right now
https://malware.news/t/5-quick-tips-for-better-android-phone-security-right-now/64398#post_1
News URSNIF variant doesn’t support banking features
https://securityaffairs.co/wordpress/137435/malware/ursnif-shift-backdoor.html
Former cop abused unrevoked system access to extort women
https://malware.news/t/former-cop-abused-unrevoked-system-access-to-extort-women/64399#post_1
Jon Hencinski of Expel to discuss their second Quarterly Threat Report.
https://thecyberwire.com/podcasts/interview-selects/133/notes
Looking for student debt relief? Watch out for scammers says the FBI
https://www.malwarebytes.com/blog/news/2022/10/psa-scammers-likely-to-target-student-loan-relief-applicants
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Looking for student debt relief? Watch out for scammers says the FBI
The FBI believes that scammers may be after people applying for the One-Time Federal Student Loan Debt Relief, a program announced by the Biden-Harris Administration in August 2022 that provides up to $20,000 in student loan debt relief. In a recent public…
Top Security News for 23/10/2022
Quickpost: Testing A Lemon Battery
https://malware.news/t/quickpost-testing-a-lemon-battery/64406#post_1
Analysis of thousands of active API tokens leaked via public package repositories
https://www.reddit.com/r/netsec/comments/yawkzl/analysis_of_thousands_of_active_api_tokens_leaked/
Computer flagged for possibly having malware by websites
https://www.reddit.com/r/Malware/comments/yauee7/computer_flagged_for_possibly_having_malware_by/
rtfdump's Find Option, (Sat, Oct 22nd)
https://isc.sans.edu/diary/rss/29174
Collect information of internet-connected sandboxes
https://www.reddit.com/r/netsec/comments/yanjp0/collect_information_of_internetconnected_sandboxes/
Q&A: Kenneth Geers on the cyber war between Ukraine and Russia
https://malware.news/t/q-a-kenneth-geers-on-the-cyber-war-between-ukraine-and-russia/64403#post_1
The Curious Case of ManageEngine’s Password Manager Pro's Password Database
https://www.reddit.com/r/netsec/comments/yb4rje/the_curious_case_of_manageengines_password/
Rtfdump's Find Option, (Sat, Oct 22nd)
https://malware.news/t/rtfdumps-find-option-sat-oct-22nd/64405#post_1
Update: rtfdump.py Version 0.0.12
https://malware.news/t/update-rtfdump-py-version-0-0-12/64402#post_1
Weekly News Roundup — October 16 to October 22
https://malware.news/t/weekly-news-roundup-october-16-to-october-22/64404#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Quickpost: Testing A Lemon Battery
https://malware.news/t/quickpost-testing-a-lemon-battery/64406#post_1
Analysis of thousands of active API tokens leaked via public package repositories
https://www.reddit.com/r/netsec/comments/yawkzl/analysis_of_thousands_of_active_api_tokens_leaked/
Computer flagged for possibly having malware by websites
https://www.reddit.com/r/Malware/comments/yauee7/computer_flagged_for_possibly_having_malware_by/
rtfdump's Find Option, (Sat, Oct 22nd)
https://isc.sans.edu/diary/rss/29174
Collect information of internet-connected sandboxes
https://www.reddit.com/r/netsec/comments/yanjp0/collect_information_of_internetconnected_sandboxes/
Q&A: Kenneth Geers on the cyber war between Ukraine and Russia
https://malware.news/t/q-a-kenneth-geers-on-the-cyber-war-between-ukraine-and-russia/64403#post_1
The Curious Case of ManageEngine’s Password Manager Pro's Password Database
https://www.reddit.com/r/netsec/comments/yb4rje/the_curious_case_of_manageengines_password/
Rtfdump's Find Option, (Sat, Oct 22nd)
https://malware.news/t/rtfdumps-find-option-sat-oct-22nd/64405#post_1
Update: rtfdump.py Version 0.0.12
https://malware.news/t/update-rtfdump-py-version-0-0-12/64402#post_1
Weekly News Roundup — October 16 to October 22
https://malware.news/t/weekly-news-roundup-october-16-to-october-22/64404#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Quickpost: Testing A Lemon Battery
In a chat with my colleagues, we were joking about charging smartphones with a lemon battery. And I actually wanted to know what magnitude of electrical energy we were talking about. So I connected a lemon battery to an electronic load: I took a lemon…
Top Security News for 24/10/2022
Hackers stole sensitive data from Iran’s atomic energy agency
https://securityaffairs.co/wordpress/137513/hacking/hackers-stole-sensitive-data-from-irans-atomic-energy-agency.html
The RISC Deprogrammer
https://malware.news/t/the-risc-deprogrammer/64408#post_1
Outsourcer Interserve fined £4.4m for failing to stop cyber-attack
https://www.theguardian.com/business/2022/oct/24/outsourcer-interserve-fined-4-point-4m-cyber-attack-failings-data-breach-personal-information
Sandfly Security Code Audit and Continuous Monitoring
https://malware.news/t/sandfly-security-code-audit-and-continuous-monitoring/64409#post_1
Bringing Modern Authentication APIs (FIDO2 WebAuthn, Passkeys) to Linux Desktop
https://www.reddit.com/r/netsec/comments/ybd7s8/bringing_modern_authentication_apis_fido2/
ISC StormCast for Monday, October 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8226
ISC Stormcast For Monday, October 24th, 2022 https://isc.sans.edu/podcastdetail.html?id=8226, (Mon, Oct 24th)
https://malware.news/t/isc-stormcast-for-monday-october-24th-2022-https-isc-sans-edu-podcastdetail-html-id-8226-mon-oct-24th/64411#post_1
ISC Stormcast For Monday, October 24th, 2022 https://isc.sans.edu/podcastdetail.html?id=8226, (Mon, Oct 24th)
https://isc.sans.edu/diary/rss/29178
CISA Alert AA22-294A – #StopRansomware: Daixin Team.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/35/notes
Wholesale giant METRO confirmed to have suffered a cyberattack
https://securityaffairs.co/wordpress/137506/hacking/metro-confirmed-cyberattack.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Hackers stole sensitive data from Iran’s atomic energy agency
https://securityaffairs.co/wordpress/137513/hacking/hackers-stole-sensitive-data-from-irans-atomic-energy-agency.html
The RISC Deprogrammer
https://malware.news/t/the-risc-deprogrammer/64408#post_1
Outsourcer Interserve fined £4.4m for failing to stop cyber-attack
https://www.theguardian.com/business/2022/oct/24/outsourcer-interserve-fined-4-point-4m-cyber-attack-failings-data-breach-personal-information
Sandfly Security Code Audit and Continuous Monitoring
https://malware.news/t/sandfly-security-code-audit-and-continuous-monitoring/64409#post_1
Bringing Modern Authentication APIs (FIDO2 WebAuthn, Passkeys) to Linux Desktop
https://www.reddit.com/r/netsec/comments/ybd7s8/bringing_modern_authentication_apis_fido2/
ISC StormCast for Monday, October 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8226
ISC Stormcast For Monday, October 24th, 2022 https://isc.sans.edu/podcastdetail.html?id=8226, (Mon, Oct 24th)
https://malware.news/t/isc-stormcast-for-monday-october-24th-2022-https-isc-sans-edu-podcastdetail-html-id-8226-mon-oct-24th/64411#post_1
ISC Stormcast For Monday, October 24th, 2022 https://isc.sans.edu/podcastdetail.html?id=8226, (Mon, Oct 24th)
https://isc.sans.edu/diary/rss/29178
CISA Alert AA22-294A – #StopRansomware: Daixin Team.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/35/notes
Wholesale giant METRO confirmed to have suffered a cyberattack
https://securityaffairs.co/wordpress/137506/hacking/metro-confirmed-cyberattack.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Hackers stole sensitive data from Iran’s atomic energy agency - Security Affairs
Iran’s atomic energy agency claims that alleged state-sponsored hackers have compromised its email system.
Top Security News for 25/10/2022
Exploit archaeology: A forensic history of in-the-wild NSO Group exploits
https://www.reddit.com/r/netsec/comments/ycnmdq/exploit_archaeology_a_forensic_history_of/
Ukraine at D+242: Infrastructure remains a target.
https://thecyberwire.com/stories/4583eb279fb8484ea5fc4a1e724f3ad8/ukraine-at-d242
Secure your endpoints with Transparity and Microsoft
https://www.microsoft.com/en-us/security/blog/2022/10/24/secure-your-endpoints-with-transparity-and-microsoft/
Security experts targeted with malicious CVE PoC exploits on GitHub
https://securityaffairs.co/wordpress/137527/hacking/malicious-github-repositories.html
A gym heist in London goes cyber
https://www.malwarebytes.com/blog/podcast/2022/10/a-gym-heist-goes-cyber-in-london
Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability
https://thehackernews.com/2022/10/apple-releases-patch-for-new-actively.html
A week in security (October 17 - 23)
https://www.malwarebytes.com/blog/news/2022/10/a-week-in-security-october-17-23
Talk recordings from DEF CON 30
https://www.reddit.com/r/netsec/comments/yc9xkz/talk_recordings_from_def_con_30/
Cisco warns of ISE vulnerability with no fixed release or workaround
https://www.malwarebytes.com/blog/news/2022/10/cisco-patch-needed-for-remote-file-access-vulnerability-in-identity-services-engine
Apple Patches Everything: October 2022 Edition, (Tue, Oct 25th)
https://isc.sans.edu/diary/rss/29182
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Exploit archaeology: A forensic history of in-the-wild NSO Group exploits
https://www.reddit.com/r/netsec/comments/ycnmdq/exploit_archaeology_a_forensic_history_of/
Ukraine at D+242: Infrastructure remains a target.
https://thecyberwire.com/stories/4583eb279fb8484ea5fc4a1e724f3ad8/ukraine-at-d242
Secure your endpoints with Transparity and Microsoft
https://www.microsoft.com/en-us/security/blog/2022/10/24/secure-your-endpoints-with-transparity-and-microsoft/
Security experts targeted with malicious CVE PoC exploits on GitHub
https://securityaffairs.co/wordpress/137527/hacking/malicious-github-repositories.html
A gym heist in London goes cyber
https://www.malwarebytes.com/blog/podcast/2022/10/a-gym-heist-goes-cyber-in-london
Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability
https://thehackernews.com/2022/10/apple-releases-patch-for-new-actively.html
A week in security (October 17 - 23)
https://www.malwarebytes.com/blog/news/2022/10/a-week-in-security-october-17-23
Talk recordings from DEF CON 30
https://www.reddit.com/r/netsec/comments/yc9xkz/talk_recordings_from_def_con_30/
Cisco warns of ISE vulnerability with no fixed release or workaround
https://www.malwarebytes.com/blog/news/2022/10/cisco-patch-needed-for-remote-file-access-vulnerability-in-identity-services-engine
Apple Patches Everything: October 2022 Edition, (Tue, Oct 25th)
https://isc.sans.edu/diary/rss/29182
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Exploit archaeology: A forensic history of in-the-wild NSO Group exploits
Posted by DonnchaOC - 54 votes and 9 comments
Top Security News for 26/10/2022
How businesses are gaining integrated data protection with Microsoft Purview
https://www.microsoft.com/en-us/security/blog/2022/10/25/how-businesses-are-gaining-integrated-data-protection-with-microsoft-purview/
CISA Seeks Feedback on Baseline Measures to Secure Cloud Configuration
https://malware.news/t/cisa-seeks-feedback-on-baseline-measures-to-secure-cloud-configuration/64496#post_1
Indictments in PRC espionage cases. LogCrusher and OverLog. Update on the hybrid war. Two cyber trend studies.
https://thecyberwire.com/newsletters/daily-briefing/11/205
How the Software Supply Chain Security is Threatened by Hackers
https://thehackernews.com/2022/10/how-software-supply-chain-security-is.html
The Logging Dead: Two Event Log Vulnerabilities Haunting Windows
https://www.reddit.com/r/netsec/comments/yd1pdw/the_logging_dead_two_event_log_vulnerabilities/
Micropatches for Kerberos Elevation of Privilege (CVE-2022-33647, CVE-2022-33679)
https://malware.news/t/micropatches-for-kerberos-elevation-of-privilege-cve-2022-33647-cve-2022-33679/64498#post_1
IoT security strategy from enterprises using connected devices
https://www.networkworld.com/article/3677470/iot-security-strategy-from-those-who-use-connected-devices.html#tk.rss_all
Payment Terminal Malware Steals $3.3m Worth Of Credit Card Numbers
https://packetstormsecurity.com/news/view/33971/Payment-Terminal-Malware-Steals-3.3m-Worth-Of-Credit-Card-Numbers.html
“Baseball & Espionage” –with World Series Champion Ryan Zimmerman & Marc Polymeropoulous
https://thecyberwire.com/podcasts/spycast/561/notes
The Secrets Behind Uber's Breach
https://www.reddit.com/r/netsec/comments/ydebot/the_secrets_behind_ubers_breach/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
How businesses are gaining integrated data protection with Microsoft Purview
https://www.microsoft.com/en-us/security/blog/2022/10/25/how-businesses-are-gaining-integrated-data-protection-with-microsoft-purview/
CISA Seeks Feedback on Baseline Measures to Secure Cloud Configuration
https://malware.news/t/cisa-seeks-feedback-on-baseline-measures-to-secure-cloud-configuration/64496#post_1
Indictments in PRC espionage cases. LogCrusher and OverLog. Update on the hybrid war. Two cyber trend studies.
https://thecyberwire.com/newsletters/daily-briefing/11/205
How the Software Supply Chain Security is Threatened by Hackers
https://thehackernews.com/2022/10/how-software-supply-chain-security-is.html
The Logging Dead: Two Event Log Vulnerabilities Haunting Windows
https://www.reddit.com/r/netsec/comments/yd1pdw/the_logging_dead_two_event_log_vulnerabilities/
Micropatches for Kerberos Elevation of Privilege (CVE-2022-33647, CVE-2022-33679)
https://malware.news/t/micropatches-for-kerberos-elevation-of-privilege-cve-2022-33647-cve-2022-33679/64498#post_1
IoT security strategy from enterprises using connected devices
https://www.networkworld.com/article/3677470/iot-security-strategy-from-those-who-use-connected-devices.html#tk.rss_all
Payment Terminal Malware Steals $3.3m Worth Of Credit Card Numbers
https://packetstormsecurity.com/news/view/33971/Payment-Terminal-Malware-Steals-3.3m-Worth-Of-Credit-Card-Numbers.html
“Baseball & Espionage” –with World Series Champion Ryan Zimmerman & Marc Polymeropoulous
https://thecyberwire.com/podcasts/spycast/561/notes
The Secrets Behind Uber's Breach
https://www.reddit.com/r/netsec/comments/ydebot/the_secrets_behind_ubers_breach/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Microsoft Security Blog
How businesses are gaining integrated data protection with Microsoft Purview - Microsoft Security Blog
Learn how three companies maximized their existing Microsoft 365 subscriptions to gain integrated data loss prevention and information protection.
Top Security News for 27/10/2022
Hackers Actively Exploiting Cisco AnyConnect and GIGABYTE Drivers Vulnerabilities
https://thehackernews.com/2022/10/hackers-actively-exploiting-cisco.html
Problem with C++ 20 modules in WDK
https://www.reddit.com/r/lowlevel/comments/ydcpcz/problem_with_c_20_modules_in_wdk/
Ring0VBA - Getting Ring0 Using a Goddamn Word Document
https://www.reddit.com/r/netsec/comments/ydyylz/ring0vba_getting_ring0_using_a_goddamn_word/
SilverEdge Government Solutions acquires Counter Threat Solutions. Valence Security raises $25 million in seed funding. IronNet joins Space ISAC.
https://thecyberwire.com/newsletters/business-briefing/4/43
Token handles abuse: One shell to HANDLE them all
https://www.reddit.com/r/netsec/comments/ydvpa7/token_handles_abuse_one_shell_to_handle_them_all/
Russian Politician Calls for ‘Desatanization’ of Ukraine
https://www.vice.com/en_us/article/wxn79y/russian-politician-calls-for-desatanization-of-ukraine
Malformed signature trick can bypass Mark of the Web
https://www.malwarebytes.com/blog/news/2022/10/malware-authors-use-malformed-signature-trick-to-bypass-mark-of-the-web
ISC Stormcast For Thursday, October 27th, 2022 https://isc.sans.edu/podcastdetail.html?id=8232, (Thu, Oct 27th)
https://malware.news/t/isc-stormcast-for-thursday-october-27th-2022-https-isc-sans-edu-podcastdetail-html-id-8232-thu-oct-27th/64548#post_1
ISC StormCast for Thursday, October 27th, 2022
https://isc.sans.edu/podcastdetail.html?id=8232
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/26-10-2022
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Hackers Actively Exploiting Cisco AnyConnect and GIGABYTE Drivers Vulnerabilities
https://thehackernews.com/2022/10/hackers-actively-exploiting-cisco.html
Problem with C++ 20 modules in WDK
https://www.reddit.com/r/lowlevel/comments/ydcpcz/problem_with_c_20_modules_in_wdk/
Ring0VBA - Getting Ring0 Using a Goddamn Word Document
https://www.reddit.com/r/netsec/comments/ydyylz/ring0vba_getting_ring0_using_a_goddamn_word/
SilverEdge Government Solutions acquires Counter Threat Solutions. Valence Security raises $25 million in seed funding. IronNet joins Space ISAC.
https://thecyberwire.com/newsletters/business-briefing/4/43
Token handles abuse: One shell to HANDLE them all
https://www.reddit.com/r/netsec/comments/ydvpa7/token_handles_abuse_one_shell_to_handle_them_all/
Russian Politician Calls for ‘Desatanization’ of Ukraine
https://www.vice.com/en_us/article/wxn79y/russian-politician-calls-for-desatanization-of-ukraine
Malformed signature trick can bypass Mark of the Web
https://www.malwarebytes.com/blog/news/2022/10/malware-authors-use-malformed-signature-trick-to-bypass-mark-of-the-web
ISC Stormcast For Thursday, October 27th, 2022 https://isc.sans.edu/podcastdetail.html?id=8232, (Thu, Oct 27th)
https://malware.news/t/isc-stormcast-for-thursday-october-27th-2022-https-isc-sans-edu-podcastdetail-html-id-8232-thu-oct-27th/64548#post_1
ISC StormCast for Thursday, October 27th, 2022
https://isc.sans.edu/podcastdetail.html?id=8232
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/26-10-2022
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Problem with C++ 20 modules in WDK
Hi everyone. I have a problem with building the WDM or the KMDF driver, when using my C++20 modules. Do you had that problems ? Maybe WDK doesn't...
👍1
Top Security News for 03/11/2022
Monthly Threat Actor Group Intelligence Report, September 2022 (KOR)
https://malware.news/t/monthly-threat-actor-group-intelligence-report-september-2022-kor/64738#post_1
Watching Facebook Burn
https://www.vice.com/en_us/article/7k8mwq/watching-facebook-burn
Netacea launches malicious bot intelligence service to help customers tackle threats
https://www.csoonline.com/article/3678298/netacea-launches-malicious-bot-intelligence-service-to-help-customers-tackle-threats.html#tk.rss_all
ISC Stormcast For Thursday, November 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8242, (Thu, Nov 3rd)
https://isc.sans.edu/diary/rss/29216
New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users' Data
https://thehackernews.com/2022/11/new-tiktok-privacy-policy-confirms.html
Microsoft Security tips for mitigating risk in mergers and acquisitions
https://www.microsoft.com/en-us/security/blog/2022/11/02/microsoft-security-tips-for-mitigating-risk-in-mergers-and-acquisitions/
Experts Warn of SandStrike Android Spyware Infecting Devices via Malicious VPN App
https://thehackernews.com/2022/11/experts-warn-of-sandstrike-android.html
Patch notes, including OpenSSL updates. CISA and election security. Notes on the hybrid war. Trends in cybercrime.
https://thecyberwire.com/newsletters/daily-briefing/11/211
Gregor Samsa: Exploiting Java's XML Signature Verification
https://googleprojectzero.blogspot.com/2022/11/gregor-samsa-exploiting-java-xml.html
ISC Stormcast For Thursday, November 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8242, (Thu, Nov 3rd)
https://malware.news/t/isc-stormcast-for-thursday-november-3rd-2022-https-isc-sans-edu-podcastdetail-html-id-8242-thu-nov-3rd/64733#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Monthly Threat Actor Group Intelligence Report, September 2022 (KOR)
https://malware.news/t/monthly-threat-actor-group-intelligence-report-september-2022-kor/64738#post_1
Watching Facebook Burn
https://www.vice.com/en_us/article/7k8mwq/watching-facebook-burn
Netacea launches malicious bot intelligence service to help customers tackle threats
https://www.csoonline.com/article/3678298/netacea-launches-malicious-bot-intelligence-service-to-help-customers-tackle-threats.html#tk.rss_all
ISC Stormcast For Thursday, November 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8242, (Thu, Nov 3rd)
https://isc.sans.edu/diary/rss/29216
New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users' Data
https://thehackernews.com/2022/11/new-tiktok-privacy-policy-confirms.html
Microsoft Security tips for mitigating risk in mergers and acquisitions
https://www.microsoft.com/en-us/security/blog/2022/11/02/microsoft-security-tips-for-mitigating-risk-in-mergers-and-acquisitions/
Experts Warn of SandStrike Android Spyware Infecting Devices via Malicious VPN App
https://thehackernews.com/2022/11/experts-warn-of-sandstrike-android.html
Patch notes, including OpenSSL updates. CISA and election security. Notes on the hybrid war. Trends in cybercrime.
https://thecyberwire.com/newsletters/daily-briefing/11/211
Gregor Samsa: Exploiting Java's XML Signature Verification
https://googleprojectzero.blogspot.com/2022/11/gregor-samsa-exploiting-java-xml.html
ISC Stormcast For Thursday, November 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8242, (Thu, Nov 3rd)
https://malware.news/t/isc-stormcast-for-thursday-november-3rd-2022-https-isc-sans-edu-podcastdetail-html-id-8242-thu-nov-3rd/64733#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Monthly Threat Actor Group Intelligence Report, September 2022 (KOR)
Monthly Threat Actor Group Intelligence Report, September 2022 (KOR) 2022년 8월 21일에서 2022년 9월 20일까지 NSHC ThreatRecon팀에서 수집한 데이터와 정보를 바탕으로 분석한 해킹 그룹(Threat Actor Group)들의 활동을 요약 정리한 내용이다. 이번 9월에는 총 25개의 해킹 그룹들의 활동이 확인되었으며, SectorA 그룹이 32%로 가장 많았으며, SectorE와…
Top Security News for 04/11/2022
Stopping C2 communications in human-operated ransomware through network protection
https://www.microsoft.com/en-us/security/blog/2022/11/03/stopping-c2-communications-in-human-operated-ransomware-through-network-protection/
Researchers Discover Link In Tooling Between FIN7 And Black Basta Ransomware Group
https://packetstormsecurity.com/news/view/34003/Researchers-Discover-Link-In-Tooling-Between-FIN7-And-Black-Basta-Ransomware-Group.html
Combining Powershell Scripts
https://0x00sec.org/t/combining-powershell-scripts/31978
Why Identity & Access Management Governance is a Core Part of Your SaaS Security
https://thehackernews.com/2022/11/why-identity-access-management.html
CVE-2022-3602 & CVE-2022-3786 - OSS tools to detect susceptibility to the recent OpenSSL issues
https://www.reddit.com/r/netsec/comments/ykzip5/cve20223602_cve20223786_oss_tools_to_detect/
Nuke Experts Are Horrified by Biden’s New ‘Nuclear Posture Review’
https://www.vice.com/en_us/article/n7zk9w/nuke-experts-are-horrified-by-bidens-new-nuclear-posture-review
Why Did the OpenSSL Punycode Vulnerability Happen
https://www.reddit.com/r/netsec/comments/ylgnxb/why_did_the_openssl_punycode_vulnerability_happen/
Reverse Branch Target Buffer Poisoning - new ASLR bypass technique using CPU vulnerabilities [PDF]
https://www.reddit.com/r/netsec/comments/yls06p/reverse_branch_target_buffer_poisoning_new_aslr/
Threat Model Examples
https://www.reddit.com/r/netsec/comments/yl7xx0/threat_model_examples/
Cyberspace ‘a battleground’ as reports of cybercrime in Australia jump 13%
https://www.theguardian.com/australia-news/2022/nov/04/cyberspace-a-battleground-as-reports-of-cybercrime-in-australia-jump-13
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Stopping C2 communications in human-operated ransomware through network protection
https://www.microsoft.com/en-us/security/blog/2022/11/03/stopping-c2-communications-in-human-operated-ransomware-through-network-protection/
Researchers Discover Link In Tooling Between FIN7 And Black Basta Ransomware Group
https://packetstormsecurity.com/news/view/34003/Researchers-Discover-Link-In-Tooling-Between-FIN7-And-Black-Basta-Ransomware-Group.html
Combining Powershell Scripts
https://0x00sec.org/t/combining-powershell-scripts/31978
Why Identity & Access Management Governance is a Core Part of Your SaaS Security
https://thehackernews.com/2022/11/why-identity-access-management.html
CVE-2022-3602 & CVE-2022-3786 - OSS tools to detect susceptibility to the recent OpenSSL issues
https://www.reddit.com/r/netsec/comments/ykzip5/cve20223602_cve20223786_oss_tools_to_detect/
Nuke Experts Are Horrified by Biden’s New ‘Nuclear Posture Review’
https://www.vice.com/en_us/article/n7zk9w/nuke-experts-are-horrified-by-bidens-new-nuclear-posture-review
Why Did the OpenSSL Punycode Vulnerability Happen
https://www.reddit.com/r/netsec/comments/ylgnxb/why_did_the_openssl_punycode_vulnerability_happen/
Reverse Branch Target Buffer Poisoning - new ASLR bypass technique using CPU vulnerabilities [PDF]
https://www.reddit.com/r/netsec/comments/yls06p/reverse_branch_target_buffer_poisoning_new_aslr/
Threat Model Examples
https://www.reddit.com/r/netsec/comments/yl7xx0/threat_model_examples/
Cyberspace ‘a battleground’ as reports of cybercrime in Australia jump 13%
https://www.theguardian.com/australia-news/2022/nov/04/cyberspace-a-battleground-as-reports-of-cybercrime-in-australia-jump-13
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Microsoft News
Stopping C2 communications in human-operated ransomware through network protection
Providing advanced protection against increasingly sophisticated human-operated ransomware, Microsoft Defender for Endpoint’s network protection leverages threat intelligence and machine learning to block command-and-control (C2) communications.
Top Security News for 05/11/2022
Geopolitics plays major role in cyberattacks, says EU cybersecurity agency
https://www.csoonline.com/article/3678771/geopolitics-plays-major-role-in-cyberattacks-says-eu-cybersecurity-agency.html#tk.rss_all
Your OT Is No Longer Isolated: Act Fast to Protect It
https://thehackernews.com/2022/11/your-ot-is-no-longer-isolated-act-fast.html
The Android Malware's Journey: From Google Play to banking fraud | Cleafy Labs
https://www.reddit.com/r/netsec/comments/ylzaos/the_android_malwares_journey_from_google_play_to/
Threat reports and trends. Misconfiguration risk to US government networks' security and compliance. CISA and election security.
https://thecyberwire.com/newsletters/week-that-was/6/44
Microsoft named a Leader in 2022 Gartner® Magic Quadrant™ for Access Management for the 6th year
https://www.microsoft.com/en-us/security/blog/2022/11/04/microsoft-named-a-leader-in-2022-gartner-magic-quadrant-for-access-management-for-the-6th-year/
HRDevHelper - Decompiler Plugin for Hex-Rays by Dennis Elser
https://www.reddit.com/r/netsec/comments/ymfb0g/hrdevhelper_decompiler_plugin_for_hexrays_by/
How | To | Protect | Windows | MalwareBytes AdwCleaner
https://www.reddit.com/r/Malware/comments/ym81eb/how_to_protect_windows_malwarebytes_adwcleaner/
Ismael Valenzuela from Blackberry discusses their report on "The Cyber Insurance Gap - What Is It, and How Can We Close It?"
https://thecyberwire.com/podcasts/interview-selects/135/notes
More Than 250 US News Sites Inject Malware In Possible Supply Chain Attack
https://packetstormsecurity.com/news/view/34006/More-Than-250-US-News-Sites-Inject-Malware-In-Possible-Supply-Chain-Attack.html
GitHub Users File a Class-Action Lawsuit Against Microsoft for Training an AI Tool With Their Code
https://www.vice.com/en_us/article/bvm3k5/github-users-file-a-class-action-lawsuit-against-microsoft-for-training-an-ai-tool-with-their-code
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Geopolitics plays major role in cyberattacks, says EU cybersecurity agency
https://www.csoonline.com/article/3678771/geopolitics-plays-major-role-in-cyberattacks-says-eu-cybersecurity-agency.html#tk.rss_all
Your OT Is No Longer Isolated: Act Fast to Protect It
https://thehackernews.com/2022/11/your-ot-is-no-longer-isolated-act-fast.html
The Android Malware's Journey: From Google Play to banking fraud | Cleafy Labs
https://www.reddit.com/r/netsec/comments/ylzaos/the_android_malwares_journey_from_google_play_to/
Threat reports and trends. Misconfiguration risk to US government networks' security and compliance. CISA and election security.
https://thecyberwire.com/newsletters/week-that-was/6/44
Microsoft named a Leader in 2022 Gartner® Magic Quadrant™ for Access Management for the 6th year
https://www.microsoft.com/en-us/security/blog/2022/11/04/microsoft-named-a-leader-in-2022-gartner-magic-quadrant-for-access-management-for-the-6th-year/
HRDevHelper - Decompiler Plugin for Hex-Rays by Dennis Elser
https://www.reddit.com/r/netsec/comments/ymfb0g/hrdevhelper_decompiler_plugin_for_hexrays_by/
How | To | Protect | Windows | MalwareBytes AdwCleaner
https://www.reddit.com/r/Malware/comments/ym81eb/how_to_protect_windows_malwarebytes_adwcleaner/
Ismael Valenzuela from Blackberry discusses their report on "The Cyber Insurance Gap - What Is It, and How Can We Close It?"
https://thecyberwire.com/podcasts/interview-selects/135/notes
More Than 250 US News Sites Inject Malware In Possible Supply Chain Attack
https://packetstormsecurity.com/news/view/34006/More-Than-250-US-News-Sites-Inject-Malware-In-Possible-Supply-Chain-Attack.html
GitHub Users File a Class-Action Lawsuit Against Microsoft for Training an AI Tool With Their Code
https://www.vice.com/en_us/article/bvm3k5/github-users-file-a-class-action-lawsuit-against-microsoft-for-training-an-ai-tool-with-their-code
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
Geopolitics plays major role in cyberattacks, says EU cybersecurity agency
State-sponsored threat actors have targeted 128 government organizations in 42 countries that support Ukraine, as ransomware and DDoS rank as top forms of cyberattacks, says the EU Agency for Cybersecurity (ENISA).