Top Security News for 13/10/2022

Information overload, burnout, talent retention impacting SOC performance
https://www.csoonline.com/article/3676135/information-overload-burnout-talent-retention-impacting-soc-performance.html#tk.rss_all

Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections
https://www.microsoft.com/security/blog/2022/10/12/introducing-new-microsoft-defender-for-cloud-innovations-to-strengthen-cloud-native-protections/

Update now! October patch Tuesday fixes actively used zero-day...but not the one you expected
https://malware.news/t/update-now-october-patch-tuesday-fixes-actively-used-zero-day-but-not-the-one-you-expected/64139#post_1

Sandfly 4.2 - Automatic Host Discovery and Faster Than Ever
https://malware.news/t/sandfly-4-2-automatic-host-discovery-and-faster-than-ever/64143#post_1

Prevent Ransomware Attacks on Critical Infrastructure
https://malware.news/t/prevent-ransomware-attacks-on-critical-infrastructure/64141#post_1

Top 5 ransomware detection techniques: Pros and cons of each
https://www.malwarebytes.com/blog/business/2022/10/top-5-ransomware-detection-techniques-pros-and-cons-of-each

5 cybersecurity capabilities announced at Microsoft Ignite 2022 to help you secure more with less
https://www.microsoft.com/security/blog/2022/10/12/5-cybersecurity-capabilities-announced-at-microsoft-ignite-2022-to-help-you-secure-more-with-less/

Sharing my OSCP Pre-Preparation Plan which I once made for my own self, for those who are interested in getting OSCP certification soon. Here is the link:
https://www.reddit.com/r/netsec/comments/y206t3/sharing_my_oscp_prepreparation_plan_which_i_once/

Portnox adds IoT fingerprinting to network access control service
https://www.csoonline.com/article/3676232/portnox-adds-iot-fingerprinting-to-network-access-control-service.html#tk.rss_all

UK government sounds alarm on tax scams
https://www.malwarebytes.com/blog/news/2022/10/ukgov-sounds-alarm-on-hmrc-tax-scams


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 14/10/2022

Cybersecurity labels. Transatlantic data sharing agreement update. US restricts chip exports to China. CISA will not share industry feedback on performance goals. 3.22
https://thecyberwire.com/newsletters/policy-briefing/4/197

What the cybercriminals are up to: improving their tools and carrying out the same old dreary social engineering. Budworm APT sightings. And the state of Russia’s hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1682/notes

Emotet ups its game. Budworm APT sightings. Social engineering scams. Internet takedown and recovery.
https://thecyberwire.com/newsletters/daily-briefing/11/197

Fashion company fined for data breach. Arizona city suffers data breach after hacker breaks into user account. Massive trove of credit card data dumped on dark web.
https://thecyberwire.com/podcasts/privacy-briefing/688/notes

Budworm Hackers Resurface with New Espionage Attacks Aimed at U.S. Organization
https://thehackernews.com/2022/10/budworm-hackers-resurface-with-new.html

RPC Toolkit - security research oriented resources on MS-RPC (articles, PoCs, vulnerability write-ups, tools, etc.)
https://www.reddit.com/r/netsec/comments/y2ubqx/rpc_toolkit_security_research_oriented_resources/

Chinese APT's favorite vulnerabilities revealed
https://malware.news/t/chinese-apts-favorite-vulnerabilities-revealed/64178#post_1

What the Uber verdict means to CISOs: You're (probably) not going to jail
https://www.csoonline.com/article/3676078/what-the-uber-verdict-means-to-cisos-youre-probably-not-going-to-jail.html#tk.rss_all

How to Investigate Insider Threats (Forensic Methodology)
https://www.reddit.com/r/netsec/comments/y30in9/how_to_investigate_insider_threats_forensic/

ISC Stormcast For Friday, October 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8214, (Fri, Oct 14th)
https://isc.sans.edu/diary/rss/29148


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 16/10/2022

New PHP Version of Ducktail info-stealer hijacks Facebook Business accounts
https://securityaffairs.co/wordpress/137145/malware/ducktail-php-targets-facebook.html

Userbenchmark
https://www.reddit.com/r/Malware/comments/y52asz/userbenchmark/

FBI, CISA warn of disinformation ahead of midterms
https://malware.news/t/fbi-cisa-warn-of-disinformation-ahead-of-midterms/64206#post_1

Cyber confidence: Knowing what you have and where it is.
https://thecyberwire.com/podcasts/cyberwire-x/40/notes

FBI, CISA warn of disinformation ahead of midterms
https://www.malwarebytes.com/blog/news/2022/10/fbi-and-cisa-urge-americans-to-be-critical-of-information-in-light-of-midterm-election

Malware - Covid Vaccination Supplier Declaration, (Sat, Oct 15th)
https://malware.news/t/malware-covid-vaccination-supplier-declaration-sat-oct-15th/64207#post_1

Amanda Adams: Pivoting into the tech world.
https://thecyberwire.com/podcasts/career-notes/121/notes

Indian power generation giant Tata Power hit by a cyber attack
https://securityaffairs.co/wordpress/137130/hacking/tata-power-cyber-attack.html

Social Engineering and Breaking into Stuff with Jenny Radcliffe
https://thecyberwire.com/podcasts/8th-layer-insights/26/notes

Malware - Covid Vaccination Supplier Declaration, (Sat, Oct 15th)
https://isc.sans.edu/diary/rss/29150


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 17/10/2022

Rozwiązania MSHP CTF (październik 2022)
https://gynvael.coldwind.pl/?id=756

Regulator: A unique method of subdomain enumeration
https://www.reddit.com/r/netsec/comments/y5muc1/regulator_a_unique_method_of_subdomain_enumeration/

ISC Stormcast For Monday, October 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8216, (Mon, Oct 17th)
https://isc.sans.edu/diary/rss/29154

Android and iOS leak some data outside VPNs
https://malware.news/t/android-and-ios-leak-some-data-outside-vpns/64213#post_1

Mysterious Prestige ransomware targets organizations in Ukraine and Poland
https://securityaffairs.co/wordpress/137203/apt/prestige-ransomware-targets-ukraine.html

Cybercriminals use Hurricane Ian as lure for scams, theft of FEMA funds
https://malware.news/t/cybercriminals-use-hurricane-ian-as-lure-for-scams-theft-of-fema-funds/64210#post_1

Weekly News Roundup — October 9 to October 15
https://malware.news/t/weekly-news-roundup-october-9-to-october-15/64211#post_1

Security Affairs newsletter Round 389
https://securityaffairs.co/wordpress/137161/breaking-news/security-affairs-newsletter-round-389.html

17th October – Threat Intelligence Report
https://malware.news/t/17th-october-threat-intelligence-report/64209#post_1

Video: Analysis of a Malicious HTML File (QBot), (Sun, Oct 16th)
https://isc.sans.edu/diary/rss/29152


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 18/10/2022

MyDeal discloses breach. Election software CEO charged. FamilySearch discloses data breach. University of P.R. student involved in privacy violation.
https://thecyberwire.com/podcasts/privacy-briefing/690/notes

Zimbra Releases Patch for Actively Exploited Vulnerability in its Collaboration Suite
https://thehackernews.com/2022/10/zimbra-releases-patch-for-actively.html

Toner Deaf – Printing your next persistence (Hexacon 2022)
https://www.reddit.com/r/netsec/comments/y66era/toner_deaf_printing_your_next_persistence_hexacon/

Python Obfuscation for Dummies, (Tue, Oct 18th)
https://malware.news/t/python-obfuscation-for-dummies-tue-oct-18th/64243#post_1

Software Patch Management Policy Best Practices
https://malware.news/t/software-patch-management-policy-best-practices/64244#post_1

Black Basta Ransomware Hackers Infiltrate Networks via Qakbot to Deploy Brute Ratel C4
https://thehackernews.com/2022/10/black-basta-ransomware-hackers.html

Domain spoofing (noun)
https://thecyberwire.com/podcasts/word-notes/121/notes

Why Crypto Winter is No Excuse to Let Your Cyber Defenses Falter
https://thehackernews.com/2022/10/why-crypto-winter-is-no-excuse-to-let.html

Tata Power sustains cyberattack. Influence operations and battlespace prep. Ransom Cartel looks a lot like REvil. Notes from Russia’s hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1684/notes

Researchers Say Microsoft Office 365 Uses Broken Email Encryption to Secure Messages
https://thehackernews.com/2022/10/researchers-claim-microsoft-office-365.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 19/10/2022

Altruism under attack: why cybersecurity has become essential to humanitarian nonprofits
https://www.csoonline.com/article/3676668/altruism-under-attack-why-cybersecurity-has-become-essential-to-humanitarian-nonprofits.html#tk.rss_all

CVE-2022-42889 (Text4Shell) OSS detector - Finds possibly vulnerable JAR files
https://www.reddit.com/r/netsec/comments/y7aohf/cve202242889_text4shell_oss_detector_finds/

Fake tractor fraudsters plague online transactions
https://www.malwarebytes.com/blog/news/2022/10/fake-tractor-fraudsters-plague-online-transactions

ISC StormCast for Wednesday, October 19th, 2022
https://isc.sans.edu/podcastdetail.html?id=8220

Data Collection
https://malware.news/t/data-collection/64276#post_1

CVE-2022-28762: Zoom for macOS contains a debugging port misconfiguration
https://securityaffairs.co/wordpress/137266/security/zoom-macos-cve-2022-28762.html

FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684) + PoC
https://www.reddit.com/r/netsec/comments/y3lgv3/fortios_fortiproxy_and_fortiswitchmanager/

Our new scanner for Text4Shell
https://www.reddit.com/r/netsec/comments/y7gf09/our_new_scanner_for_text4shell/

Security Alert: Oracle Releases Critical Patch Update, October 2022
https://malware.news/t/security-alert-oracle-releases-critical-patch-update-october-2022/64278#post_1

How to spot a scam
https://malware.news/t/how-to-spot-a-scam/64274#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 20/10/2022

Researchers Detail Azure SFX Flaw That Could've Allowed Attackers to Gain Admin Access
https://thehackernews.com/2022/10/researchers-detail-azure-sfx-flaw-that.html

Chinese Hackers Targeting Online Casinos with GamePlayerFramework Malware
https://thehackernews.com/2022/10/chinese-hackers-targeting-online.html

ISC Stormcast For Thursday, October 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8222, (Thu, Oct 20th)
https://malware.news/t/isc-stormcast-for-thursday-october-20th-2022-https-isc-sans-edu-podcastdetail-html-id-8222-thu-oct-20th/64324#post_1

Why Log4Text is not another Log4Shell
https://www.malwarebytes.com/blog/news/2022/10/why-log4text-is-not-another-log4shell

Do more with less—Discover the latest Microsoft Entra innovations
https://www.microsoft.com/security/blog/2022/10/19/do-more-with-less-discover-the-latest-microsoft-entra-innovations/

Fantastic Rootkits: And Where to Find Them (Part 1)
https://www.reddit.com/r/netsec/comments/y8jucu/fantastic_rootkits_and_where_to_find_them_part_1/

The cost to businesses of phishing.
https://thecyberwire.com

Ransomware attack freezes newspaper printing system
https://www.malwarebytes.com/blog/news/2022/10/ransomware-attack-freezes-newspaper-printing-system

HTTP/3 connection contamination: an upcoming threat
https://www.reddit.com/r/netsec/comments/y82ude/http3_connection_contamination_an_upcoming_threat/

Supply chain attacks increased over 600% this year and companies are falling behind
https://www.csoonline.com/article/3677228/supply-chain-attacks-increased-over-600-this-year-and-companies-are-falling-behind.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 21/10/2022

Log4J-scan update: Detection for Apache Commons Text RCE (CVE-2022-42889)
https://www.reddit.com/r/netsec/comments/y91sp9/log4jscan_update_detection_for_apache_commons/

Experts spotted a new undetectable PowerShell Backdoor posing as a Windows update
https://securityaffairs.co/wordpress/137410/malware/undetectable-powershell-backdoor.html

Cybersecurity Workforce Study released.
https://thecyberwire.com/stories/8857909f273f46529695d5ea8caf954d/cybersecurity-workforce-study-released

Reverse Engineering the Apple MultiPeer Connectivity Framework
https://www.reddit.com/r/netsec/comments/y907qk/reverse_engineering_the_apple_multipeer/

ISC StormCast for Friday, October 21st, 2022
https://isc.sans.edu/podcastdetail.html?id=8224

GuLoader Malware Disguised as a Word File Being Distributed in Korea
https://malware.news/t/guloader-malware-disguised-as-a-word-file-being-distributed-in-korea/64374#post_1

ISC Stormcast For Friday, October 21st, 2022 https://isc.sans.edu/podcastdetail.html?id=8224, (Fri, Oct 21st)
https://isc.sans.edu/diary/rss/29172

5 essential security tips for SMBs
https://www.malwarebytes.com/blog/business/2022/10/5-essential-security-tips-for-smbs

Google Launches GUAC Open Source Project to Secure Software Supply Chain
https://thehackernews.com/2022/10/google-launches-guac-open-source.html

SHA-3 Buffer Overflow - CVE-2022-37454
https://www.reddit.com/r/netsec/comments/y98ox2/sha3_buffer_overflow_cve202237454/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 22/10/2022

Looking for student debt relief? Watch out for scammers says the FBI
https://malware.news/t/looking-for-student-debt-relief-watch-out-for-scammers-says-the-fbi/64400#post_1

Wicked Good Development Episode #16: Ted Neward’s Philosophy 101
https://malware.news/t/wicked-good-development-episode-16-ted-neward-s-philosophy-101/64396#post_1

TikTok allegedly planned to track US user data. Medibank data breach worsens. US hospitals report a Meta Pixel breach.
https://thecyberwire.com/newsletters/privacy-briefing/4/203

Critical Flaw Reported in Move Virtual Machine Powering the Aptos Blockchain Network
https://thehackernews.com/2022/10/critical-flaw-reported-in-move-virtual.html

Former cop abused unrevoked system access to extort women
https://www.malwarebytes.com/blog/news/2022/10/former-kentucky-cop-abused-access-to-hack-snapchat-accounts

5 quick tips for better Android phone security right now
https://malware.news/t/5-quick-tips-for-better-android-phone-security-right-now/64398#post_1

News URSNIF variant doesn’t support banking features
https://securityaffairs.co/wordpress/137435/malware/ursnif-shift-backdoor.html

Former cop abused unrevoked system access to extort women
https://malware.news/t/former-cop-abused-unrevoked-system-access-to-extort-women/64399#post_1

Jon Hencinski of Expel to discuss their second Quarterly Threat Report.
https://thecyberwire.com/podcasts/interview-selects/133/notes

Looking for student debt relief? Watch out for scammers says the FBI
https://www.malwarebytes.com/blog/news/2022/10/psa-scammers-likely-to-target-student-loan-relief-applicants


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 23/10/2022

Quickpost: Testing A Lemon Battery
https://malware.news/t/quickpost-testing-a-lemon-battery/64406#post_1

Analysis of thousands of active API tokens leaked via public package repositories
https://www.reddit.com/r/netsec/comments/yawkzl/analysis_of_thousands_of_active_api_tokens_leaked/

Computer flagged for possibly having malware by websites
https://www.reddit.com/r/Malware/comments/yauee7/computer_flagged_for_possibly_having_malware_by/

rtfdump's Find Option, (Sat, Oct 22nd)
https://isc.sans.edu/diary/rss/29174

Collect information of internet-connected sandboxes
https://www.reddit.com/r/netsec/comments/yanjp0/collect_information_of_internetconnected_sandboxes/

Q&A: Kenneth Geers on the cyber war between Ukraine and Russia
https://malware.news/t/q-a-kenneth-geers-on-the-cyber-war-between-ukraine-and-russia/64403#post_1

The Curious Case of ManageEngine’s Password Manager Pro's Password Database
https://www.reddit.com/r/netsec/comments/yb4rje/the_curious_case_of_manageengines_password/

Rtfdump's Find Option, (Sat, Oct 22nd)
https://malware.news/t/rtfdumps-find-option-sat-oct-22nd/64405#post_1

Update: rtfdump.py Version 0.0.12
https://malware.news/t/update-rtfdump-py-version-0-0-12/64402#post_1

Weekly News Roundup — October 16 to October 22
https://malware.news/t/weekly-news-roundup-october-16-to-october-22/64404#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 24/10/2022

Hackers stole sensitive data from Iran’s atomic energy agency
https://securityaffairs.co/wordpress/137513/hacking/hackers-stole-sensitive-data-from-irans-atomic-energy-agency.html

The RISC Deprogrammer
https://malware.news/t/the-risc-deprogrammer/64408#post_1

Outsourcer Interserve fined £4.4m for failing to stop cyber-attack
https://www.theguardian.com/business/2022/oct/24/outsourcer-interserve-fined-4-point-4m-cyber-attack-failings-data-breach-personal-information

Sandfly Security Code Audit and Continuous Monitoring
https://malware.news/t/sandfly-security-code-audit-and-continuous-monitoring/64409#post_1

Bringing Modern Authentication APIs (FIDO2 WebAuthn, Passkeys) to Linux Desktop
https://www.reddit.com/r/netsec/comments/ybd7s8/bringing_modern_authentication_apis_fido2/

ISC StormCast for Monday, October 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8226

ISC Stormcast For Monday, October 24th, 2022 https://isc.sans.edu/podcastdetail.html?id=8226, (Mon, Oct 24th)
https://malware.news/t/isc-stormcast-for-monday-october-24th-2022-https-isc-sans-edu-podcastdetail-html-id-8226-mon-oct-24th/64411#post_1

ISC Stormcast For Monday, October 24th, 2022 https://isc.sans.edu/podcastdetail.html?id=8226, (Mon, Oct 24th)
https://isc.sans.edu/diary/rss/29178

CISA Alert AA22-294A – #StopRansomware: Daixin Team.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/35/notes

Wholesale giant METRO confirmed to have suffered a cyberattack
https://securityaffairs.co/wordpress/137506/hacking/metro-confirmed-cyberattack.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 25/10/2022

Exploit archaeology: A forensic history of in-the-wild NSO Group exploits
https://www.reddit.com/r/netsec/comments/ycnmdq/exploit_archaeology_a_forensic_history_of/

Ukraine at D+242: Infrastructure remains a target.
https://thecyberwire.com/stories/4583eb279fb8484ea5fc4a1e724f3ad8/ukraine-at-d242

Secure your endpoints with Transparity and Microsoft
https://www.microsoft.com/en-us/security/blog/2022/10/24/secure-your-endpoints-with-transparity-and-microsoft/

Security experts targeted with malicious CVE PoC exploits on GitHub
https://securityaffairs.co/wordpress/137527/hacking/malicious-github-repositories.html

A gym heist in London goes cyber
https://www.malwarebytes.com/blog/podcast/2022/10/a-gym-heist-goes-cyber-in-london

Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability
https://thehackernews.com/2022/10/apple-releases-patch-for-new-actively.html

A week in security (October 17 - 23)
https://www.malwarebytes.com/blog/news/2022/10/a-week-in-security-october-17-23

Talk recordings from DEF CON 30
https://www.reddit.com/r/netsec/comments/yc9xkz/talk_recordings_from_def_con_30/

Cisco warns of ISE vulnerability with no fixed release or workaround
https://www.malwarebytes.com/blog/news/2022/10/cisco-patch-needed-for-remote-file-access-vulnerability-in-identity-services-engine

Apple Patches Everything: October 2022 Edition, (Tue, Oct 25th)
https://isc.sans.edu/diary/rss/29182


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 26/10/2022

How businesses are gaining integrated data protection with Microsoft Purview
https://www.microsoft.com/en-us/security/blog/2022/10/25/how-businesses-are-gaining-integrated-data-protection-with-microsoft-purview/

CISA Seeks Feedback on Baseline Measures to Secure Cloud Configuration
https://malware.news/t/cisa-seeks-feedback-on-baseline-measures-to-secure-cloud-configuration/64496#post_1

Indictments in PRC espionage cases. LogCrusher and OverLog. Update on the hybrid war. Two cyber trend studies.
https://thecyberwire.com/newsletters/daily-briefing/11/205

How the Software Supply Chain Security is Threatened by Hackers
https://thehackernews.com/2022/10/how-software-supply-chain-security-is.html

The Logging Dead: Two Event Log Vulnerabilities Haunting Windows
https://www.reddit.com/r/netsec/comments/yd1pdw/the_logging_dead_two_event_log_vulnerabilities/

Micropatches for Kerberos Elevation of Privilege (CVE-2022-33647, CVE-2022-33679)
https://malware.news/t/micropatches-for-kerberos-elevation-of-privilege-cve-2022-33647-cve-2022-33679/64498#post_1

IoT security strategy from enterprises using connected devices
https://www.networkworld.com/article/3677470/iot-security-strategy-from-those-who-use-connected-devices.html#tk.rss_all

Payment Terminal Malware Steals $3.3m Worth Of Credit Card Numbers
https://packetstormsecurity.com/news/view/33971/Payment-Terminal-Malware-Steals-3.3m-Worth-Of-Credit-Card-Numbers.html

“Baseball & Espionage” –with World Series Champion Ryan Zimmerman & Marc Polymeropoulous
https://thecyberwire.com/podcasts/spycast/561/notes

The Secrets Behind Uber's Breach
https://www.reddit.com/r/netsec/comments/ydebot/the_secrets_behind_ubers_breach/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 27/10/2022

Hackers Actively Exploiting Cisco AnyConnect and GIGABYTE Drivers Vulnerabilities
https://thehackernews.com/2022/10/hackers-actively-exploiting-cisco.html

Problem with C++ 20 modules in WDK
https://www.reddit.com/r/lowlevel/comments/ydcpcz/problem_with_c_20_modules_in_wdk/

Ring0VBA - Getting Ring0 Using a Goddamn Word Document
https://www.reddit.com/r/netsec/comments/ydyylz/ring0vba_getting_ring0_using_a_goddamn_word/

SilverEdge Government Solutions acquires Counter Threat Solutions. Valence Security raises $25 million in seed funding. IronNet joins Space ISAC.
https://thecyberwire.com/newsletters/business-briefing/4/43

Token handles abuse: One shell to HANDLE them all
https://www.reddit.com/r/netsec/comments/ydvpa7/token_handles_abuse_one_shell_to_handle_them_all/

Russian Politician Calls for ‘Desatanization’ of Ukraine
https://www.vice.com/en_us/article/wxn79y/russian-politician-calls-for-desatanization-of-ukraine

Malformed signature trick can bypass Mark of the Web
https://www.malwarebytes.com/blog/news/2022/10/malware-authors-use-malformed-signature-trick-to-bypass-mark-of-the-web

ISC Stormcast For Thursday, October 27th, 2022 https://isc.sans.edu/podcastdetail.html?id=8232, (Thu, Oct 27th)
https://malware.news/t/isc-stormcast-for-thursday-october-27th-2022-https-isc-sans-edu-podcastdetail-html-id-8232-thu-oct-27th/64548#post_1

ISC StormCast for Thursday, October 27th, 2022
https://isc.sans.edu/podcastdetail.html?id=8232

NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/26-10-2022


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 03/11/2022

Monthly Threat Actor Group Intelligence Report, September 2022 (KOR)
https://malware.news/t/monthly-threat-actor-group-intelligence-report-september-2022-kor/64738#post_1

Watching Facebook Burn
https://www.vice.com/en_us/article/7k8mwq/watching-facebook-burn

Netacea launches malicious bot intelligence service to help customers tackle threats
https://www.csoonline.com/article/3678298/netacea-launches-malicious-bot-intelligence-service-to-help-customers-tackle-threats.html#tk.rss_all

ISC Stormcast For Thursday, November 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8242, (Thu, Nov 3rd)
https://isc.sans.edu/diary/rss/29216

New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users' Data
https://thehackernews.com/2022/11/new-tiktok-privacy-policy-confirms.html

Microsoft Security tips for mitigating risk in mergers and acquisitions
https://www.microsoft.com/en-us/security/blog/2022/11/02/microsoft-security-tips-for-mitigating-risk-in-mergers-and-acquisitions/

Experts Warn of SandStrike Android Spyware Infecting Devices via Malicious VPN App
https://thehackernews.com/2022/11/experts-warn-of-sandstrike-android.html

Patch notes, including OpenSSL updates. CISA and election security. Notes on the hybrid war. Trends in cybercrime.
https://thecyberwire.com/newsletters/daily-briefing/11/211

Gregor Samsa: Exploiting Java's XML Signature Verification
https://googleprojectzero.blogspot.com/2022/11/gregor-samsa-exploiting-java-xml.html

ISC Stormcast For Thursday, November 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8242, (Thu, Nov 3rd)
https://malware.news/t/isc-stormcast-for-thursday-november-3rd-2022-https-isc-sans-edu-podcastdetail-html-id-8242-thu-nov-3rd/64733#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 04/11/2022

Stopping C2 communications in human-operated ransomware through network protection
https://www.microsoft.com/en-us/security/blog/2022/11/03/stopping-c2-communications-in-human-operated-ransomware-through-network-protection/

Researchers Discover Link In Tooling Between FIN7 And Black Basta Ransomware Group
https://packetstormsecurity.com/news/view/34003/Researchers-Discover-Link-In-Tooling-Between-FIN7-And-Black-Basta-Ransomware-Group.html

Combining Powershell Scripts
https://0x00sec.org/t/combining-powershell-scripts/31978

Why Identity & Access Management Governance is a Core Part of Your SaaS Security
https://thehackernews.com/2022/11/why-identity-access-management.html

CVE-2022-3602 & CVE-2022-3786 - OSS tools to detect susceptibility to the recent OpenSSL issues
https://www.reddit.com/r/netsec/comments/ykzip5/cve20223602_cve20223786_oss_tools_to_detect/

Nuke Experts Are Horrified by Biden’s New ‘Nuclear Posture Review’
https://www.vice.com/en_us/article/n7zk9w/nuke-experts-are-horrified-by-bidens-new-nuclear-posture-review

Why Did the OpenSSL Punycode Vulnerability Happen
https://www.reddit.com/r/netsec/comments/ylgnxb/why_did_the_openssl_punycode_vulnerability_happen/

Reverse Branch Target Buffer Poisoning - new ASLR bypass technique using CPU vulnerabilities [PDF]
https://www.reddit.com/r/netsec/comments/yls06p/reverse_branch_target_buffer_poisoning_new_aslr/

Threat Model Examples
https://www.reddit.com/r/netsec/comments/yl7xx0/threat_model_examples/

Cyberspace ‘a battleground’ as reports of cybercrime in Australia jump 13%
https://www.theguardian.com/australia-news/2022/nov/04/cyberspace-a-battleground-as-reports-of-cybercrime-in-australia-jump-13


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 05/11/2022

Geopolitics plays major role in cyberattacks, says EU cybersecurity agency
https://www.csoonline.com/article/3678771/geopolitics-plays-major-role-in-cyberattacks-says-eu-cybersecurity-agency.html#tk.rss_all

Your OT Is No Longer Isolated: Act Fast to Protect It
https://thehackernews.com/2022/11/your-ot-is-no-longer-isolated-act-fast.html

The Android Malware's Journey: From Google Play to banking fraud | Cleafy Labs
https://www.reddit.com/r/netsec/comments/ylzaos/the_android_malwares_journey_from_google_play_to/

Threat reports and trends. Misconfiguration risk to US government networks' security and compliance. CISA and election security.
https://thecyberwire.com/newsletters/week-that-was/6/44

Microsoft named a Leader in 2022 Gartner® Magic Quadrant™ for Access Management for the 6th year
https://www.microsoft.com/en-us/security/blog/2022/11/04/microsoft-named-a-leader-in-2022-gartner-magic-quadrant-for-access-management-for-the-6th-year/

HRDevHelper - Decompiler Plugin for Hex-Rays by Dennis Elser
https://www.reddit.com/r/netsec/comments/ymfb0g/hrdevhelper_decompiler_plugin_for_hexrays_by/

How | To | Protect | Windows | MalwareBytes AdwCleaner
https://www.reddit.com/r/Malware/comments/ym81eb/how_to_protect_windows_malwarebytes_adwcleaner/

Ismael Valenzuela from Blackberry discusses their report on "The Cyber Insurance Gap - What Is It, and How Can We Close It?"
https://thecyberwire.com/podcasts/interview-selects/135/notes

More Than 250 US News Sites Inject Malware In Possible Supply Chain Attack
https://packetstormsecurity.com/news/view/34006/More-Than-250-US-News-Sites-Inject-Malware-In-Possible-Supply-Chain-Attack.html

GitHub Users File a Class-Action Lawsuit Against Microsoft for Training an AI Tool With Their Code
https://www.vice.com/en_us/article/bvm3k5/github-users-file-a-class-action-lawsuit-against-microsoft-for-training-an-ai-tool-with-their-code


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 07/11/2022

IPv4 Address Representations, (Sun, Nov 6th)
https://malware.news/t/ipv4-address-representations-sun-nov-6th/64797#post_1

The 12 best holiday gift ideas for hackers in 2022
https://malware.news/t/the-12-best-holiday-gift-ideas-for-hackers-in-2022/64796#post_1

Using IP geolocation to detect suspicious logins to GSuite
https://malware.news/t/using-ip-geolocation-to-detect-suspicious-logins-to-gsuite/64799#post_1

Quickpost: Testing A USB Fridge
https://malware.news/t/quickpost-testing-a-usb-fridge/64798#post_1

ThinkstScapes Quarterly | 2022.Q3 | Summary of a lot of conference talks
https://www.reddit.com/r/netsec/comments/yo3rnf/thinkstscapes_quarterly_2022q3_summary_of_a_lot/

Pt 2 – Students of the game: What are the Hash Table’s go-to information sources for 2022?
https://thecyberwire.com/podcasts/cso-perspectives-public/67/notes

LockBit 3.0 gang claims to have stolen data from Kearney & Company
https://securityaffairs.co/wordpress/138136/cyber-crime/lockbit-ransomware-kearney-company.html

UK NCSC govt agency is scanning the Internet for flawed devices in the UK
https://securityaffairs.co/wordpress/138158/security/uk-ncsc-scans-internet.html

ISC Stormcast For Monday, November 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8246, (Mon, Nov 7th)
https://isc.sans.edu/diary/rss/29226

Security Affairs newsletter Round 392
https://securityaffairs.co/wordpress/138124/breaking-news/security-affairs-newsletter-round-392.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 08/11/2022

Disclosure as zero-day prep. Election security. Hacktivism and satcom in the hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/214

ISC Stormcast For Tuesday, November 8th, 2022 https://isc.sans.edu/podcastdetail.html?id=8248, (Tue, Nov 8th)
https://malware.news/t/isc-stormcast-for-tuesday-november-8th-2022-https-isc-sans-edu-podcastdetail-html-id-8248-tue-nov-8th/64828#post_1

Japan joins NATO's CCDCoE. Scanning in the UK. FCC on security of Emergency Alert System. Greek spyware scandal update.
https://thecyberwire.com/newsletters/policy-briefing/4/214

CISA, NSA and Industry Outline Security Responsibilities of Software Suppliers
https://malware.news/t/cisa-nsa-and-industry-outline-security-responsibilities-of-software-suppliers/64824#post_1

Medibank Refuses to Pay Ransom After 9.7 Million Customers Exposed in Ransomware Hack
https://thehackernews.com/2022/11/medibank-refuses-to-pay-ransom-after-97.html

BrandPost: Managed Security Services Can Relieve the Cybersecurity Skills Gap
https://www.csoonline.com/article/3678854/managed-security-services-can-relieve-the-cybersecurity-skills-gap.html#tk.rss_all

Robin Banks Phishing Service for Cybercriminals Returns with Russian Server
https://thehackernews.com/2022/11/robin-banks-phishing-service-for.html

Former CISA Head Calls for Renewed Action to Combat Election Lies
https://malware.news/t/former-cisa-head-calls-for-renewed-action-to-combat-election-lies/64826#post_1

We’re Christian Mouchet, Jean-Philippe Bossuat, Kurt Rohloff, Nigel Smart, Pascal Paillier, Rand Hindi, Wonkyung Jung, various researchers and library developers of homomorphic encryption to answer questions about homomorphic encryption and why it’s important for the future of data privacy! AMA
https://www.reddit.com/r/netsec/comments/yp6ec1/were_christian_mouchet_jeanphilippe_bossuat_kurt/

Web Application Firewall (noun)
https://thecyberwire.com/podcasts/word-notes/124/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 09/11/2022

CryptoChecker web
https://0x00sec.org/t/cryptochecker-web/32045

Update on the Robin Banks phishing kit. APT10 uses LODEINFO to target Japan. BEC gang impersonates international law firms.
https://thecyberwire.com/podcasts/research-briefing/142/notes

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/08-11-2022

Medibank hacker threatens to dump data. Facial recognition proves difficult to limit under GDPR. Baby monitors and privacy risk.
https://thecyberwire.com/newsletters/privacy-briefing/4/215

New updated IceXLoader claims thousands of victims around the world
https://www.reddit.com/r/netsec/comments/ypo0cb/new_updated_icexloader_claims_thousands_of/

Greece bans spyware sales. Australia to fund offensive cyber program. Pennsylvania data breach notification law.
https://thecyberwire.com/newsletters/policy-briefing/4/215

Security Alert: Microsoft Releases November 2022 Security Updates
https://malware.news/t/security-alert-microsoft-releases-november-2022-security-updates/64864#post_1

SimpleX Chat: security assessment by Trail of Bits and v4.2 released
https://www.reddit.com/r/netsec/comments/ypuead/simplex_chat_security_assessment_by_trail_of_bits/

ISC Stormcast For Wednesday, November 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8250, (Wed, Nov 9th)
https://malware.news/t/isc-stormcast-for-wednesday-november-9th-2022-https-isc-sans-edu-podcastdetail-html-id-8250-wed-nov-9th/64867#post_1

ISC Stormcast For Wednesday, November 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8250, (Wed, Nov 9th)
https://isc.sans.edu/diary/rss/29232


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 29/11/2022

Exception(al) Failure - Breaking the STM32F1 Read-Out Protection
https://www.reddit.com/r/netsec/comments/z6z1qp/exceptional_failure_breaking_the_stm32f1_readout/

500 million WhatsApp mobile numbers up for sale on the dark web
https://www.csoonline.com/article/3681449/500-million-whatsapp-mobile-numbers-up-for-sale-on-the-dark-web.html#tk.rss_all

2600 HOLIDAY SPECIALS HAVE ARRIVED
https://www.2600.com/content/2600-holiday-specials-have-arrived

ISC StormCast for Tuesday, November 29th, 2022
https://isc.sans.edu/podcastdetail.html?id=8268

ISC Stormcast For Tuesday, November 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8268, (Tue, Nov 29th)
https://malware.news/t/isc-stormcast-for-tuesday-november-29th-2022-https-isc-sans-edu-podcastdetail-html-id-8268-tue-nov-29th/65310#post_1

U.S. and UK Ban More Chinese Kit as Xi’s Grip Weakens
https://malware.news/t/u-s-and-uk-ban-more-chinese-kit-as-xi-s-grip-weakens/65305#post_1

CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability
https://thehackernews.com/2022/11/cisa-warns-of-actively-exploited.html

Data Loss Protection (DLP) (noun)
https://thecyberwire.com/podcasts/word-notes/127/notes

The 5 Cornerstones for an Effective Cyber Security Awareness Training
https://thehackernews.com/2022/11/the-5-cornerstones-for-effective-cyber.html

The Art of Bypassing Kerberoast Detections with Orpheus
https://www.reddit.com/r/netsec/comments/z7fomb/the_art_of_bypassing_kerberoast_detections_with/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman