Top Security News for 23/10/2022
Quickpost: Testing A Lemon Battery
https://malware.news/t/quickpost-testing-a-lemon-battery/64406#post_1
Analysis of thousands of active API tokens leaked via public package repositories
https://www.reddit.com/r/netsec/comments/yawkzl/analysis_of_thousands_of_active_api_tokens_leaked/
Computer flagged for possibly having malware by websites
https://www.reddit.com/r/Malware/comments/yauee7/computer_flagged_for_possibly_having_malware_by/
rtfdump's Find Option, (Sat, Oct 22nd)
https://isc.sans.edu/diary/rss/29174
Collect information of internet-connected sandboxes
https://www.reddit.com/r/netsec/comments/yanjp0/collect_information_of_internetconnected_sandboxes/
Q&A: Kenneth Geers on the cyber war between Ukraine and Russia
https://malware.news/t/q-a-kenneth-geers-on-the-cyber-war-between-ukraine-and-russia/64403#post_1
The Curious Case of ManageEngine’s Password Manager Pro's Password Database
https://www.reddit.com/r/netsec/comments/yb4rje/the_curious_case_of_manageengines_password/
Rtfdump's Find Option, (Sat, Oct 22nd)
https://malware.news/t/rtfdumps-find-option-sat-oct-22nd/64405#post_1
Update: rtfdump.py Version 0.0.12
https://malware.news/t/update-rtfdump-py-version-0-0-12/64402#post_1
Weekly News Roundup — October 16 to October 22
https://malware.news/t/weekly-news-roundup-october-16-to-october-22/64404#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Quickpost: Testing A Lemon Battery
https://malware.news/t/quickpost-testing-a-lemon-battery/64406#post_1
Analysis of thousands of active API tokens leaked via public package repositories
https://www.reddit.com/r/netsec/comments/yawkzl/analysis_of_thousands_of_active_api_tokens_leaked/
Computer flagged for possibly having malware by websites
https://www.reddit.com/r/Malware/comments/yauee7/computer_flagged_for_possibly_having_malware_by/
rtfdump's Find Option, (Sat, Oct 22nd)
https://isc.sans.edu/diary/rss/29174
Collect information of internet-connected sandboxes
https://www.reddit.com/r/netsec/comments/yanjp0/collect_information_of_internetconnected_sandboxes/
Q&A: Kenneth Geers on the cyber war between Ukraine and Russia
https://malware.news/t/q-a-kenneth-geers-on-the-cyber-war-between-ukraine-and-russia/64403#post_1
The Curious Case of ManageEngine’s Password Manager Pro's Password Database
https://www.reddit.com/r/netsec/comments/yb4rje/the_curious_case_of_manageengines_password/
Rtfdump's Find Option, (Sat, Oct 22nd)
https://malware.news/t/rtfdumps-find-option-sat-oct-22nd/64405#post_1
Update: rtfdump.py Version 0.0.12
https://malware.news/t/update-rtfdump-py-version-0-0-12/64402#post_1
Weekly News Roundup — October 16 to October 22
https://malware.news/t/weekly-news-roundup-october-16-to-october-22/64404#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Quickpost: Testing A Lemon Battery
In a chat with my colleagues, we were joking about charging smartphones with a lemon battery. And I actually wanted to know what magnitude of electrical energy we were talking about. So I connected a lemon battery to an electronic load: I took a lemon…
Top Security News for 24/10/2022
Hackers stole sensitive data from Iran’s atomic energy agency
https://securityaffairs.co/wordpress/137513/hacking/hackers-stole-sensitive-data-from-irans-atomic-energy-agency.html
The RISC Deprogrammer
https://malware.news/t/the-risc-deprogrammer/64408#post_1
Outsourcer Interserve fined £4.4m for failing to stop cyber-attack
https://www.theguardian.com/business/2022/oct/24/outsourcer-interserve-fined-4-point-4m-cyber-attack-failings-data-breach-personal-information
Sandfly Security Code Audit and Continuous Monitoring
https://malware.news/t/sandfly-security-code-audit-and-continuous-monitoring/64409#post_1
Bringing Modern Authentication APIs (FIDO2 WebAuthn, Passkeys) to Linux Desktop
https://www.reddit.com/r/netsec/comments/ybd7s8/bringing_modern_authentication_apis_fido2/
ISC StormCast for Monday, October 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8226
ISC Stormcast For Monday, October 24th, 2022 https://isc.sans.edu/podcastdetail.html?id=8226, (Mon, Oct 24th)
https://malware.news/t/isc-stormcast-for-monday-october-24th-2022-https-isc-sans-edu-podcastdetail-html-id-8226-mon-oct-24th/64411#post_1
ISC Stormcast For Monday, October 24th, 2022 https://isc.sans.edu/podcastdetail.html?id=8226, (Mon, Oct 24th)
https://isc.sans.edu/diary/rss/29178
CISA Alert AA22-294A – #StopRansomware: Daixin Team.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/35/notes
Wholesale giant METRO confirmed to have suffered a cyberattack
https://securityaffairs.co/wordpress/137506/hacking/metro-confirmed-cyberattack.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Hackers stole sensitive data from Iran’s atomic energy agency
https://securityaffairs.co/wordpress/137513/hacking/hackers-stole-sensitive-data-from-irans-atomic-energy-agency.html
The RISC Deprogrammer
https://malware.news/t/the-risc-deprogrammer/64408#post_1
Outsourcer Interserve fined £4.4m for failing to stop cyber-attack
https://www.theguardian.com/business/2022/oct/24/outsourcer-interserve-fined-4-point-4m-cyber-attack-failings-data-breach-personal-information
Sandfly Security Code Audit and Continuous Monitoring
https://malware.news/t/sandfly-security-code-audit-and-continuous-monitoring/64409#post_1
Bringing Modern Authentication APIs (FIDO2 WebAuthn, Passkeys) to Linux Desktop
https://www.reddit.com/r/netsec/comments/ybd7s8/bringing_modern_authentication_apis_fido2/
ISC StormCast for Monday, October 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8226
ISC Stormcast For Monday, October 24th, 2022 https://isc.sans.edu/podcastdetail.html?id=8226, (Mon, Oct 24th)
https://malware.news/t/isc-stormcast-for-monday-october-24th-2022-https-isc-sans-edu-podcastdetail-html-id-8226-mon-oct-24th/64411#post_1
ISC Stormcast For Monday, October 24th, 2022 https://isc.sans.edu/podcastdetail.html?id=8226, (Mon, Oct 24th)
https://isc.sans.edu/diary/rss/29178
CISA Alert AA22-294A – #StopRansomware: Daixin Team.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/35/notes
Wholesale giant METRO confirmed to have suffered a cyberattack
https://securityaffairs.co/wordpress/137506/hacking/metro-confirmed-cyberattack.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Hackers stole sensitive data from Iran’s atomic energy agency - Security Affairs
Iran’s atomic energy agency claims that alleged state-sponsored hackers have compromised its email system.
Top Security News for 25/10/2022
Exploit archaeology: A forensic history of in-the-wild NSO Group exploits
https://www.reddit.com/r/netsec/comments/ycnmdq/exploit_archaeology_a_forensic_history_of/
Ukraine at D+242: Infrastructure remains a target.
https://thecyberwire.com/stories/4583eb279fb8484ea5fc4a1e724f3ad8/ukraine-at-d242
Secure your endpoints with Transparity and Microsoft
https://www.microsoft.com/en-us/security/blog/2022/10/24/secure-your-endpoints-with-transparity-and-microsoft/
Security experts targeted with malicious CVE PoC exploits on GitHub
https://securityaffairs.co/wordpress/137527/hacking/malicious-github-repositories.html
A gym heist in London goes cyber
https://www.malwarebytes.com/blog/podcast/2022/10/a-gym-heist-goes-cyber-in-london
Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability
https://thehackernews.com/2022/10/apple-releases-patch-for-new-actively.html
A week in security (October 17 - 23)
https://www.malwarebytes.com/blog/news/2022/10/a-week-in-security-october-17-23
Talk recordings from DEF CON 30
https://www.reddit.com/r/netsec/comments/yc9xkz/talk_recordings_from_def_con_30/
Cisco warns of ISE vulnerability with no fixed release or workaround
https://www.malwarebytes.com/blog/news/2022/10/cisco-patch-needed-for-remote-file-access-vulnerability-in-identity-services-engine
Apple Patches Everything: October 2022 Edition, (Tue, Oct 25th)
https://isc.sans.edu/diary/rss/29182
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Exploit archaeology: A forensic history of in-the-wild NSO Group exploits
https://www.reddit.com/r/netsec/comments/ycnmdq/exploit_archaeology_a_forensic_history_of/
Ukraine at D+242: Infrastructure remains a target.
https://thecyberwire.com/stories/4583eb279fb8484ea5fc4a1e724f3ad8/ukraine-at-d242
Secure your endpoints with Transparity and Microsoft
https://www.microsoft.com/en-us/security/blog/2022/10/24/secure-your-endpoints-with-transparity-and-microsoft/
Security experts targeted with malicious CVE PoC exploits on GitHub
https://securityaffairs.co/wordpress/137527/hacking/malicious-github-repositories.html
A gym heist in London goes cyber
https://www.malwarebytes.com/blog/podcast/2022/10/a-gym-heist-goes-cyber-in-london
Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability
https://thehackernews.com/2022/10/apple-releases-patch-for-new-actively.html
A week in security (October 17 - 23)
https://www.malwarebytes.com/blog/news/2022/10/a-week-in-security-october-17-23
Talk recordings from DEF CON 30
https://www.reddit.com/r/netsec/comments/yc9xkz/talk_recordings_from_def_con_30/
Cisco warns of ISE vulnerability with no fixed release or workaround
https://www.malwarebytes.com/blog/news/2022/10/cisco-patch-needed-for-remote-file-access-vulnerability-in-identity-services-engine
Apple Patches Everything: October 2022 Edition, (Tue, Oct 25th)
https://isc.sans.edu/diary/rss/29182
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Exploit archaeology: A forensic history of in-the-wild NSO Group exploits
Posted by DonnchaOC - 54 votes and 9 comments
Top Security News for 26/10/2022
How businesses are gaining integrated data protection with Microsoft Purview
https://www.microsoft.com/en-us/security/blog/2022/10/25/how-businesses-are-gaining-integrated-data-protection-with-microsoft-purview/
CISA Seeks Feedback on Baseline Measures to Secure Cloud Configuration
https://malware.news/t/cisa-seeks-feedback-on-baseline-measures-to-secure-cloud-configuration/64496#post_1
Indictments in PRC espionage cases. LogCrusher and OverLog. Update on the hybrid war. Two cyber trend studies.
https://thecyberwire.com/newsletters/daily-briefing/11/205
How the Software Supply Chain Security is Threatened by Hackers
https://thehackernews.com/2022/10/how-software-supply-chain-security-is.html
The Logging Dead: Two Event Log Vulnerabilities Haunting Windows
https://www.reddit.com/r/netsec/comments/yd1pdw/the_logging_dead_two_event_log_vulnerabilities/
Micropatches for Kerberos Elevation of Privilege (CVE-2022-33647, CVE-2022-33679)
https://malware.news/t/micropatches-for-kerberos-elevation-of-privilege-cve-2022-33647-cve-2022-33679/64498#post_1
IoT security strategy from enterprises using connected devices
https://www.networkworld.com/article/3677470/iot-security-strategy-from-those-who-use-connected-devices.html#tk.rss_all
Payment Terminal Malware Steals $3.3m Worth Of Credit Card Numbers
https://packetstormsecurity.com/news/view/33971/Payment-Terminal-Malware-Steals-3.3m-Worth-Of-Credit-Card-Numbers.html
“Baseball & Espionage” –with World Series Champion Ryan Zimmerman & Marc Polymeropoulous
https://thecyberwire.com/podcasts/spycast/561/notes
The Secrets Behind Uber's Breach
https://www.reddit.com/r/netsec/comments/ydebot/the_secrets_behind_ubers_breach/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
How businesses are gaining integrated data protection with Microsoft Purview
https://www.microsoft.com/en-us/security/blog/2022/10/25/how-businesses-are-gaining-integrated-data-protection-with-microsoft-purview/
CISA Seeks Feedback on Baseline Measures to Secure Cloud Configuration
https://malware.news/t/cisa-seeks-feedback-on-baseline-measures-to-secure-cloud-configuration/64496#post_1
Indictments in PRC espionage cases. LogCrusher and OverLog. Update on the hybrid war. Two cyber trend studies.
https://thecyberwire.com/newsletters/daily-briefing/11/205
How the Software Supply Chain Security is Threatened by Hackers
https://thehackernews.com/2022/10/how-software-supply-chain-security-is.html
The Logging Dead: Two Event Log Vulnerabilities Haunting Windows
https://www.reddit.com/r/netsec/comments/yd1pdw/the_logging_dead_two_event_log_vulnerabilities/
Micropatches for Kerberos Elevation of Privilege (CVE-2022-33647, CVE-2022-33679)
https://malware.news/t/micropatches-for-kerberos-elevation-of-privilege-cve-2022-33647-cve-2022-33679/64498#post_1
IoT security strategy from enterprises using connected devices
https://www.networkworld.com/article/3677470/iot-security-strategy-from-those-who-use-connected-devices.html#tk.rss_all
Payment Terminal Malware Steals $3.3m Worth Of Credit Card Numbers
https://packetstormsecurity.com/news/view/33971/Payment-Terminal-Malware-Steals-3.3m-Worth-Of-Credit-Card-Numbers.html
“Baseball & Espionage” –with World Series Champion Ryan Zimmerman & Marc Polymeropoulous
https://thecyberwire.com/podcasts/spycast/561/notes
The Secrets Behind Uber's Breach
https://www.reddit.com/r/netsec/comments/ydebot/the_secrets_behind_ubers_breach/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Microsoft Security Blog
How businesses are gaining integrated data protection with Microsoft Purview - Microsoft Security Blog
Learn how three companies maximized their existing Microsoft 365 subscriptions to gain integrated data loss prevention and information protection.
Top Security News for 27/10/2022
Hackers Actively Exploiting Cisco AnyConnect and GIGABYTE Drivers Vulnerabilities
https://thehackernews.com/2022/10/hackers-actively-exploiting-cisco.html
Problem with C++ 20 modules in WDK
https://www.reddit.com/r/lowlevel/comments/ydcpcz/problem_with_c_20_modules_in_wdk/
Ring0VBA - Getting Ring0 Using a Goddamn Word Document
https://www.reddit.com/r/netsec/comments/ydyylz/ring0vba_getting_ring0_using_a_goddamn_word/
SilverEdge Government Solutions acquires Counter Threat Solutions. Valence Security raises $25 million in seed funding. IronNet joins Space ISAC.
https://thecyberwire.com/newsletters/business-briefing/4/43
Token handles abuse: One shell to HANDLE them all
https://www.reddit.com/r/netsec/comments/ydvpa7/token_handles_abuse_one_shell_to_handle_them_all/
Russian Politician Calls for ‘Desatanization’ of Ukraine
https://www.vice.com/en_us/article/wxn79y/russian-politician-calls-for-desatanization-of-ukraine
Malformed signature trick can bypass Mark of the Web
https://www.malwarebytes.com/blog/news/2022/10/malware-authors-use-malformed-signature-trick-to-bypass-mark-of-the-web
ISC Stormcast For Thursday, October 27th, 2022 https://isc.sans.edu/podcastdetail.html?id=8232, (Thu, Oct 27th)
https://malware.news/t/isc-stormcast-for-thursday-october-27th-2022-https-isc-sans-edu-podcastdetail-html-id-8232-thu-oct-27th/64548#post_1
ISC StormCast for Thursday, October 27th, 2022
https://isc.sans.edu/podcastdetail.html?id=8232
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/26-10-2022
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Hackers Actively Exploiting Cisco AnyConnect and GIGABYTE Drivers Vulnerabilities
https://thehackernews.com/2022/10/hackers-actively-exploiting-cisco.html
Problem with C++ 20 modules in WDK
https://www.reddit.com/r/lowlevel/comments/ydcpcz/problem_with_c_20_modules_in_wdk/
Ring0VBA - Getting Ring0 Using a Goddamn Word Document
https://www.reddit.com/r/netsec/comments/ydyylz/ring0vba_getting_ring0_using_a_goddamn_word/
SilverEdge Government Solutions acquires Counter Threat Solutions. Valence Security raises $25 million in seed funding. IronNet joins Space ISAC.
https://thecyberwire.com/newsletters/business-briefing/4/43
Token handles abuse: One shell to HANDLE them all
https://www.reddit.com/r/netsec/comments/ydvpa7/token_handles_abuse_one_shell_to_handle_them_all/
Russian Politician Calls for ‘Desatanization’ of Ukraine
https://www.vice.com/en_us/article/wxn79y/russian-politician-calls-for-desatanization-of-ukraine
Malformed signature trick can bypass Mark of the Web
https://www.malwarebytes.com/blog/news/2022/10/malware-authors-use-malformed-signature-trick-to-bypass-mark-of-the-web
ISC Stormcast For Thursday, October 27th, 2022 https://isc.sans.edu/podcastdetail.html?id=8232, (Thu, Oct 27th)
https://malware.news/t/isc-stormcast-for-thursday-october-27th-2022-https-isc-sans-edu-podcastdetail-html-id-8232-thu-oct-27th/64548#post_1
ISC StormCast for Thursday, October 27th, 2022
https://isc.sans.edu/podcastdetail.html?id=8232
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/26-10-2022
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Problem with C++ 20 modules in WDK
Hi everyone. I have a problem with building the WDM or the KMDF driver, when using my C++20 modules. Do you had that problems ? Maybe WDK doesn't...
👍1
Top Security News for 03/11/2022
Monthly Threat Actor Group Intelligence Report, September 2022 (KOR)
https://malware.news/t/monthly-threat-actor-group-intelligence-report-september-2022-kor/64738#post_1
Watching Facebook Burn
https://www.vice.com/en_us/article/7k8mwq/watching-facebook-burn
Netacea launches malicious bot intelligence service to help customers tackle threats
https://www.csoonline.com/article/3678298/netacea-launches-malicious-bot-intelligence-service-to-help-customers-tackle-threats.html#tk.rss_all
ISC Stormcast For Thursday, November 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8242, (Thu, Nov 3rd)
https://isc.sans.edu/diary/rss/29216
New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users' Data
https://thehackernews.com/2022/11/new-tiktok-privacy-policy-confirms.html
Microsoft Security tips for mitigating risk in mergers and acquisitions
https://www.microsoft.com/en-us/security/blog/2022/11/02/microsoft-security-tips-for-mitigating-risk-in-mergers-and-acquisitions/
Experts Warn of SandStrike Android Spyware Infecting Devices via Malicious VPN App
https://thehackernews.com/2022/11/experts-warn-of-sandstrike-android.html
Patch notes, including OpenSSL updates. CISA and election security. Notes on the hybrid war. Trends in cybercrime.
https://thecyberwire.com/newsletters/daily-briefing/11/211
Gregor Samsa: Exploiting Java's XML Signature Verification
https://googleprojectzero.blogspot.com/2022/11/gregor-samsa-exploiting-java-xml.html
ISC Stormcast For Thursday, November 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8242, (Thu, Nov 3rd)
https://malware.news/t/isc-stormcast-for-thursday-november-3rd-2022-https-isc-sans-edu-podcastdetail-html-id-8242-thu-nov-3rd/64733#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Monthly Threat Actor Group Intelligence Report, September 2022 (KOR)
https://malware.news/t/monthly-threat-actor-group-intelligence-report-september-2022-kor/64738#post_1
Watching Facebook Burn
https://www.vice.com/en_us/article/7k8mwq/watching-facebook-burn
Netacea launches malicious bot intelligence service to help customers tackle threats
https://www.csoonline.com/article/3678298/netacea-launches-malicious-bot-intelligence-service-to-help-customers-tackle-threats.html#tk.rss_all
ISC Stormcast For Thursday, November 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8242, (Thu, Nov 3rd)
https://isc.sans.edu/diary/rss/29216
New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users' Data
https://thehackernews.com/2022/11/new-tiktok-privacy-policy-confirms.html
Microsoft Security tips for mitigating risk in mergers and acquisitions
https://www.microsoft.com/en-us/security/blog/2022/11/02/microsoft-security-tips-for-mitigating-risk-in-mergers-and-acquisitions/
Experts Warn of SandStrike Android Spyware Infecting Devices via Malicious VPN App
https://thehackernews.com/2022/11/experts-warn-of-sandstrike-android.html
Patch notes, including OpenSSL updates. CISA and election security. Notes on the hybrid war. Trends in cybercrime.
https://thecyberwire.com/newsletters/daily-briefing/11/211
Gregor Samsa: Exploiting Java's XML Signature Verification
https://googleprojectzero.blogspot.com/2022/11/gregor-samsa-exploiting-java-xml.html
ISC Stormcast For Thursday, November 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8242, (Thu, Nov 3rd)
https://malware.news/t/isc-stormcast-for-thursday-november-3rd-2022-https-isc-sans-edu-podcastdetail-html-id-8242-thu-nov-3rd/64733#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Monthly Threat Actor Group Intelligence Report, September 2022 (KOR)
Monthly Threat Actor Group Intelligence Report, September 2022 (KOR) 2022년 8월 21일에서 2022년 9월 20일까지 NSHC ThreatRecon팀에서 수집한 데이터와 정보를 바탕으로 분석한 해킹 그룹(Threat Actor Group)들의 활동을 요약 정리한 내용이다. 이번 9월에는 총 25개의 해킹 그룹들의 활동이 확인되었으며, SectorA 그룹이 32%로 가장 많았으며, SectorE와…
Top Security News for 04/11/2022
Stopping C2 communications in human-operated ransomware through network protection
https://www.microsoft.com/en-us/security/blog/2022/11/03/stopping-c2-communications-in-human-operated-ransomware-through-network-protection/
Researchers Discover Link In Tooling Between FIN7 And Black Basta Ransomware Group
https://packetstormsecurity.com/news/view/34003/Researchers-Discover-Link-In-Tooling-Between-FIN7-And-Black-Basta-Ransomware-Group.html
Combining Powershell Scripts
https://0x00sec.org/t/combining-powershell-scripts/31978
Why Identity & Access Management Governance is a Core Part of Your SaaS Security
https://thehackernews.com/2022/11/why-identity-access-management.html
CVE-2022-3602 & CVE-2022-3786 - OSS tools to detect susceptibility to the recent OpenSSL issues
https://www.reddit.com/r/netsec/comments/ykzip5/cve20223602_cve20223786_oss_tools_to_detect/
Nuke Experts Are Horrified by Biden’s New ‘Nuclear Posture Review’
https://www.vice.com/en_us/article/n7zk9w/nuke-experts-are-horrified-by-bidens-new-nuclear-posture-review
Why Did the OpenSSL Punycode Vulnerability Happen
https://www.reddit.com/r/netsec/comments/ylgnxb/why_did_the_openssl_punycode_vulnerability_happen/
Reverse Branch Target Buffer Poisoning - new ASLR bypass technique using CPU vulnerabilities [PDF]
https://www.reddit.com/r/netsec/comments/yls06p/reverse_branch_target_buffer_poisoning_new_aslr/
Threat Model Examples
https://www.reddit.com/r/netsec/comments/yl7xx0/threat_model_examples/
Cyberspace ‘a battleground’ as reports of cybercrime in Australia jump 13%
https://www.theguardian.com/australia-news/2022/nov/04/cyberspace-a-battleground-as-reports-of-cybercrime-in-australia-jump-13
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Stopping C2 communications in human-operated ransomware through network protection
https://www.microsoft.com/en-us/security/blog/2022/11/03/stopping-c2-communications-in-human-operated-ransomware-through-network-protection/
Researchers Discover Link In Tooling Between FIN7 And Black Basta Ransomware Group
https://packetstormsecurity.com/news/view/34003/Researchers-Discover-Link-In-Tooling-Between-FIN7-And-Black-Basta-Ransomware-Group.html
Combining Powershell Scripts
https://0x00sec.org/t/combining-powershell-scripts/31978
Why Identity & Access Management Governance is a Core Part of Your SaaS Security
https://thehackernews.com/2022/11/why-identity-access-management.html
CVE-2022-3602 & CVE-2022-3786 - OSS tools to detect susceptibility to the recent OpenSSL issues
https://www.reddit.com/r/netsec/comments/ykzip5/cve20223602_cve20223786_oss_tools_to_detect/
Nuke Experts Are Horrified by Biden’s New ‘Nuclear Posture Review’
https://www.vice.com/en_us/article/n7zk9w/nuke-experts-are-horrified-by-bidens-new-nuclear-posture-review
Why Did the OpenSSL Punycode Vulnerability Happen
https://www.reddit.com/r/netsec/comments/ylgnxb/why_did_the_openssl_punycode_vulnerability_happen/
Reverse Branch Target Buffer Poisoning - new ASLR bypass technique using CPU vulnerabilities [PDF]
https://www.reddit.com/r/netsec/comments/yls06p/reverse_branch_target_buffer_poisoning_new_aslr/
Threat Model Examples
https://www.reddit.com/r/netsec/comments/yl7xx0/threat_model_examples/
Cyberspace ‘a battleground’ as reports of cybercrime in Australia jump 13%
https://www.theguardian.com/australia-news/2022/nov/04/cyberspace-a-battleground-as-reports-of-cybercrime-in-australia-jump-13
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Microsoft News
Stopping C2 communications in human-operated ransomware through network protection
Providing advanced protection against increasingly sophisticated human-operated ransomware, Microsoft Defender for Endpoint’s network protection leverages threat intelligence and machine learning to block command-and-control (C2) communications.
Top Security News for 05/11/2022
Geopolitics plays major role in cyberattacks, says EU cybersecurity agency
https://www.csoonline.com/article/3678771/geopolitics-plays-major-role-in-cyberattacks-says-eu-cybersecurity-agency.html#tk.rss_all
Your OT Is No Longer Isolated: Act Fast to Protect It
https://thehackernews.com/2022/11/your-ot-is-no-longer-isolated-act-fast.html
The Android Malware's Journey: From Google Play to banking fraud | Cleafy Labs
https://www.reddit.com/r/netsec/comments/ylzaos/the_android_malwares_journey_from_google_play_to/
Threat reports and trends. Misconfiguration risk to US government networks' security and compliance. CISA and election security.
https://thecyberwire.com/newsletters/week-that-was/6/44
Microsoft named a Leader in 2022 Gartner® Magic Quadrant™ for Access Management for the 6th year
https://www.microsoft.com/en-us/security/blog/2022/11/04/microsoft-named-a-leader-in-2022-gartner-magic-quadrant-for-access-management-for-the-6th-year/
HRDevHelper - Decompiler Plugin for Hex-Rays by Dennis Elser
https://www.reddit.com/r/netsec/comments/ymfb0g/hrdevhelper_decompiler_plugin_for_hexrays_by/
How | To | Protect | Windows | MalwareBytes AdwCleaner
https://www.reddit.com/r/Malware/comments/ym81eb/how_to_protect_windows_malwarebytes_adwcleaner/
Ismael Valenzuela from Blackberry discusses their report on "The Cyber Insurance Gap - What Is It, and How Can We Close It?"
https://thecyberwire.com/podcasts/interview-selects/135/notes
More Than 250 US News Sites Inject Malware In Possible Supply Chain Attack
https://packetstormsecurity.com/news/view/34006/More-Than-250-US-News-Sites-Inject-Malware-In-Possible-Supply-Chain-Attack.html
GitHub Users File a Class-Action Lawsuit Against Microsoft for Training an AI Tool With Their Code
https://www.vice.com/en_us/article/bvm3k5/github-users-file-a-class-action-lawsuit-against-microsoft-for-training-an-ai-tool-with-their-code
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Geopolitics plays major role in cyberattacks, says EU cybersecurity agency
https://www.csoonline.com/article/3678771/geopolitics-plays-major-role-in-cyberattacks-says-eu-cybersecurity-agency.html#tk.rss_all
Your OT Is No Longer Isolated: Act Fast to Protect It
https://thehackernews.com/2022/11/your-ot-is-no-longer-isolated-act-fast.html
The Android Malware's Journey: From Google Play to banking fraud | Cleafy Labs
https://www.reddit.com/r/netsec/comments/ylzaos/the_android_malwares_journey_from_google_play_to/
Threat reports and trends. Misconfiguration risk to US government networks' security and compliance. CISA and election security.
https://thecyberwire.com/newsletters/week-that-was/6/44
Microsoft named a Leader in 2022 Gartner® Magic Quadrant™ for Access Management for the 6th year
https://www.microsoft.com/en-us/security/blog/2022/11/04/microsoft-named-a-leader-in-2022-gartner-magic-quadrant-for-access-management-for-the-6th-year/
HRDevHelper - Decompiler Plugin for Hex-Rays by Dennis Elser
https://www.reddit.com/r/netsec/comments/ymfb0g/hrdevhelper_decompiler_plugin_for_hexrays_by/
How | To | Protect | Windows | MalwareBytes AdwCleaner
https://www.reddit.com/r/Malware/comments/ym81eb/how_to_protect_windows_malwarebytes_adwcleaner/
Ismael Valenzuela from Blackberry discusses their report on "The Cyber Insurance Gap - What Is It, and How Can We Close It?"
https://thecyberwire.com/podcasts/interview-selects/135/notes
More Than 250 US News Sites Inject Malware In Possible Supply Chain Attack
https://packetstormsecurity.com/news/view/34006/More-Than-250-US-News-Sites-Inject-Malware-In-Possible-Supply-Chain-Attack.html
GitHub Users File a Class-Action Lawsuit Against Microsoft for Training an AI Tool With Their Code
https://www.vice.com/en_us/article/bvm3k5/github-users-file-a-class-action-lawsuit-against-microsoft-for-training-an-ai-tool-with-their-code
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
Geopolitics plays major role in cyberattacks, says EU cybersecurity agency
State-sponsored threat actors have targeted 128 government organizations in 42 countries that support Ukraine, as ransomware and DDoS rank as top forms of cyberattacks, says the EU Agency for Cybersecurity (ENISA).
Top Security News for 07/11/2022
IPv4 Address Representations, (Sun, Nov 6th)
https://malware.news/t/ipv4-address-representations-sun-nov-6th/64797#post_1
The 12 best holiday gift ideas for hackers in 2022
https://malware.news/t/the-12-best-holiday-gift-ideas-for-hackers-in-2022/64796#post_1
Using IP geolocation to detect suspicious logins to GSuite
https://malware.news/t/using-ip-geolocation-to-detect-suspicious-logins-to-gsuite/64799#post_1
Quickpost: Testing A USB Fridge
https://malware.news/t/quickpost-testing-a-usb-fridge/64798#post_1
ThinkstScapes Quarterly | 2022.Q3 | Summary of a lot of conference talks
https://www.reddit.com/r/netsec/comments/yo3rnf/thinkstscapes_quarterly_2022q3_summary_of_a_lot/
Pt 2 – Students of the game: What are the Hash Table’s go-to information sources for 2022?
https://thecyberwire.com/podcasts/cso-perspectives-public/67/notes
LockBit 3.0 gang claims to have stolen data from Kearney & Company
https://securityaffairs.co/wordpress/138136/cyber-crime/lockbit-ransomware-kearney-company.html
UK NCSC govt agency is scanning the Internet for flawed devices in the UK
https://securityaffairs.co/wordpress/138158/security/uk-ncsc-scans-internet.html
ISC Stormcast For Monday, November 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8246, (Mon, Nov 7th)
https://isc.sans.edu/diary/rss/29226
Security Affairs newsletter Round 392
https://securityaffairs.co/wordpress/138124/breaking-news/security-affairs-newsletter-round-392.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
IPv4 Address Representations, (Sun, Nov 6th)
https://malware.news/t/ipv4-address-representations-sun-nov-6th/64797#post_1
The 12 best holiday gift ideas for hackers in 2022
https://malware.news/t/the-12-best-holiday-gift-ideas-for-hackers-in-2022/64796#post_1
Using IP geolocation to detect suspicious logins to GSuite
https://malware.news/t/using-ip-geolocation-to-detect-suspicious-logins-to-gsuite/64799#post_1
Quickpost: Testing A USB Fridge
https://malware.news/t/quickpost-testing-a-usb-fridge/64798#post_1
ThinkstScapes Quarterly | 2022.Q3 | Summary of a lot of conference talks
https://www.reddit.com/r/netsec/comments/yo3rnf/thinkstscapes_quarterly_2022q3_summary_of_a_lot/
Pt 2 – Students of the game: What are the Hash Table’s go-to information sources for 2022?
https://thecyberwire.com/podcasts/cso-perspectives-public/67/notes
LockBit 3.0 gang claims to have stolen data from Kearney & Company
https://securityaffairs.co/wordpress/138136/cyber-crime/lockbit-ransomware-kearney-company.html
UK NCSC govt agency is scanning the Internet for flawed devices in the UK
https://securityaffairs.co/wordpress/138158/security/uk-ncsc-scans-internet.html
ISC Stormcast For Monday, November 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8246, (Mon, Nov 7th)
https://isc.sans.edu/diary/rss/29226
Security Affairs newsletter Round 392
https://securityaffairs.co/wordpress/138124/breaking-news/security-affairs-newsletter-round-392.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
IPv4 Address Representations, (Sun, Nov 6th)
A reader asked for help with this maldoc. Not with the analysis itself, but how to understand where the URL is pointing to. Article Link: https://isc.sans.edu/diary/rss/29224
Top Security News for 08/11/2022
Disclosure as zero-day prep. Election security. Hacktivism and satcom in the hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/214
ISC Stormcast For Tuesday, November 8th, 2022 https://isc.sans.edu/podcastdetail.html?id=8248, (Tue, Nov 8th)
https://malware.news/t/isc-stormcast-for-tuesday-november-8th-2022-https-isc-sans-edu-podcastdetail-html-id-8248-tue-nov-8th/64828#post_1
Japan joins NATO's CCDCoE. Scanning in the UK. FCC on security of Emergency Alert System. Greek spyware scandal update.
https://thecyberwire.com/newsletters/policy-briefing/4/214
CISA, NSA and Industry Outline Security Responsibilities of Software Suppliers
https://malware.news/t/cisa-nsa-and-industry-outline-security-responsibilities-of-software-suppliers/64824#post_1
Medibank Refuses to Pay Ransom After 9.7 Million Customers Exposed in Ransomware Hack
https://thehackernews.com/2022/11/medibank-refuses-to-pay-ransom-after-97.html
BrandPost: Managed Security Services Can Relieve the Cybersecurity Skills Gap
https://www.csoonline.com/article/3678854/managed-security-services-can-relieve-the-cybersecurity-skills-gap.html#tk.rss_all
Robin Banks Phishing Service for Cybercriminals Returns with Russian Server
https://thehackernews.com/2022/11/robin-banks-phishing-service-for.html
Former CISA Head Calls for Renewed Action to Combat Election Lies
https://malware.news/t/former-cisa-head-calls-for-renewed-action-to-combat-election-lies/64826#post_1
We’re Christian Mouchet, Jean-Philippe Bossuat, Kurt Rohloff, Nigel Smart, Pascal Paillier, Rand Hindi, Wonkyung Jung, various researchers and library developers of homomorphic encryption to answer questions about homomorphic encryption and why it’s important for the future of data privacy! AMA
https://www.reddit.com/r/netsec/comments/yp6ec1/were_christian_mouchet_jeanphilippe_bossuat_kurt/
Web Application Firewall (noun)
https://thecyberwire.com/podcasts/word-notes/124/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Disclosure as zero-day prep. Election security. Hacktivism and satcom in the hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/214
ISC Stormcast For Tuesday, November 8th, 2022 https://isc.sans.edu/podcastdetail.html?id=8248, (Tue, Nov 8th)
https://malware.news/t/isc-stormcast-for-tuesday-november-8th-2022-https-isc-sans-edu-podcastdetail-html-id-8248-tue-nov-8th/64828#post_1
Japan joins NATO's CCDCoE. Scanning in the UK. FCC on security of Emergency Alert System. Greek spyware scandal update.
https://thecyberwire.com/newsletters/policy-briefing/4/214
CISA, NSA and Industry Outline Security Responsibilities of Software Suppliers
https://malware.news/t/cisa-nsa-and-industry-outline-security-responsibilities-of-software-suppliers/64824#post_1
Medibank Refuses to Pay Ransom After 9.7 Million Customers Exposed in Ransomware Hack
https://thehackernews.com/2022/11/medibank-refuses-to-pay-ransom-after-97.html
BrandPost: Managed Security Services Can Relieve the Cybersecurity Skills Gap
https://www.csoonline.com/article/3678854/managed-security-services-can-relieve-the-cybersecurity-skills-gap.html#tk.rss_all
Robin Banks Phishing Service for Cybercriminals Returns with Russian Server
https://thehackernews.com/2022/11/robin-banks-phishing-service-for.html
Former CISA Head Calls for Renewed Action to Combat Election Lies
https://malware.news/t/former-cisa-head-calls-for-renewed-action-to-combat-election-lies/64826#post_1
We’re Christian Mouchet, Jean-Philippe Bossuat, Kurt Rohloff, Nigel Smart, Pascal Paillier, Rand Hindi, Wonkyung Jung, various researchers and library developers of homomorphic encryption to answer questions about homomorphic encryption and why it’s important for the future of data privacy! AMA
https://www.reddit.com/r/netsec/comments/yp6ec1/were_christian_mouchet_jeanphilippe_bossuat_kurt/
Web Application Firewall (noun)
https://thecyberwire.com/podcasts/word-notes/124/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Disclosure as zero-day prep. Election security. Hacktivism and satcom in the hybrid war.
Microsoft accuses China of using vulnerability disclosure to develop zero-days. Election security on the eve of the US midterms. US FBI rates hacktivist contributions to Russia's war as "unsophisticated." Starlink and tactical communications. Firer's remorse.
Top Security News for 09/11/2022
CryptoChecker web
https://0x00sec.org/t/cryptochecker-web/32045
Update on the Robin Banks phishing kit. APT10 uses LODEINFO to target Japan. BEC gang impersonates international law firms.
https://thecyberwire.com/podcasts/research-briefing/142/notes
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/08-11-2022
Medibank hacker threatens to dump data. Facial recognition proves difficult to limit under GDPR. Baby monitors and privacy risk.
https://thecyberwire.com/newsletters/privacy-briefing/4/215
New updated IceXLoader claims thousands of victims around the world
https://www.reddit.com/r/netsec/comments/ypo0cb/new_updated_icexloader_claims_thousands_of/
Greece bans spyware sales. Australia to fund offensive cyber program. Pennsylvania data breach notification law.
https://thecyberwire.com/newsletters/policy-briefing/4/215
Security Alert: Microsoft Releases November 2022 Security Updates
https://malware.news/t/security-alert-microsoft-releases-november-2022-security-updates/64864#post_1
SimpleX Chat: security assessment by Trail of Bits and v4.2 released
https://www.reddit.com/r/netsec/comments/ypuead/simplex_chat_security_assessment_by_trail_of_bits/
ISC Stormcast For Wednesday, November 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8250, (Wed, Nov 9th)
https://malware.news/t/isc-stormcast-for-wednesday-november-9th-2022-https-isc-sans-edu-podcastdetail-html-id-8250-wed-nov-9th/64867#post_1
ISC Stormcast For Wednesday, November 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8250, (Wed, Nov 9th)
https://isc.sans.edu/diary/rss/29232
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CryptoChecker web
https://0x00sec.org/t/cryptochecker-web/32045
Update on the Robin Banks phishing kit. APT10 uses LODEINFO to target Japan. BEC gang impersonates international law firms.
https://thecyberwire.com/podcasts/research-briefing/142/notes
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/08-11-2022
Medibank hacker threatens to dump data. Facial recognition proves difficult to limit under GDPR. Baby monitors and privacy risk.
https://thecyberwire.com/newsletters/privacy-briefing/4/215
New updated IceXLoader claims thousands of victims around the world
https://www.reddit.com/r/netsec/comments/ypo0cb/new_updated_icexloader_claims_thousands_of/
Greece bans spyware sales. Australia to fund offensive cyber program. Pennsylvania data breach notification law.
https://thecyberwire.com/newsletters/policy-briefing/4/215
Security Alert: Microsoft Releases November 2022 Security Updates
https://malware.news/t/security-alert-microsoft-releases-november-2022-security-updates/64864#post_1
SimpleX Chat: security assessment by Trail of Bits and v4.2 released
https://www.reddit.com/r/netsec/comments/ypuead/simplex_chat_security_assessment_by_trail_of_bits/
ISC Stormcast For Wednesday, November 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8250, (Wed, Nov 9th)
https://malware.news/t/isc-stormcast-for-wednesday-november-9th-2022-https-isc-sans-edu-podcastdetail-html-id-8250-wed-nov-9th/64867#post_1
ISC Stormcast For Wednesday, November 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8250, (Wed, Nov 9th)
https://isc.sans.edu/diary/rss/29232
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Top Security News for 29/11/2022
Exception(al) Failure - Breaking the STM32F1 Read-Out Protection
https://www.reddit.com/r/netsec/comments/z6z1qp/exceptional_failure_breaking_the_stm32f1_readout/
500 million WhatsApp mobile numbers up for sale on the dark web
https://www.csoonline.com/article/3681449/500-million-whatsapp-mobile-numbers-up-for-sale-on-the-dark-web.html#tk.rss_all
2600 HOLIDAY SPECIALS HAVE ARRIVED
https://www.2600.com/content/2600-holiday-specials-have-arrived
ISC StormCast for Tuesday, November 29th, 2022
https://isc.sans.edu/podcastdetail.html?id=8268
ISC Stormcast For Tuesday, November 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8268, (Tue, Nov 29th)
https://malware.news/t/isc-stormcast-for-tuesday-november-29th-2022-https-isc-sans-edu-podcastdetail-html-id-8268-tue-nov-29th/65310#post_1
U.S. and UK Ban More Chinese Kit as Xi’s Grip Weakens
https://malware.news/t/u-s-and-uk-ban-more-chinese-kit-as-xi-s-grip-weakens/65305#post_1
CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability
https://thehackernews.com/2022/11/cisa-warns-of-actively-exploited.html
Data Loss Protection (DLP) (noun)
https://thecyberwire.com/podcasts/word-notes/127/notes
The 5 Cornerstones for an Effective Cyber Security Awareness Training
https://thehackernews.com/2022/11/the-5-cornerstones-for-effective-cyber.html
The Art of Bypassing Kerberoast Detections with Orpheus
https://www.reddit.com/r/netsec/comments/z7fomb/the_art_of_bypassing_kerberoast_detections_with/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Exception(al) Failure - Breaking the STM32F1 Read-Out Protection
https://www.reddit.com/r/netsec/comments/z6z1qp/exceptional_failure_breaking_the_stm32f1_readout/
500 million WhatsApp mobile numbers up for sale on the dark web
https://www.csoonline.com/article/3681449/500-million-whatsapp-mobile-numbers-up-for-sale-on-the-dark-web.html#tk.rss_all
2600 HOLIDAY SPECIALS HAVE ARRIVED
https://www.2600.com/content/2600-holiday-specials-have-arrived
ISC StormCast for Tuesday, November 29th, 2022
https://isc.sans.edu/podcastdetail.html?id=8268
ISC Stormcast For Tuesday, November 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8268, (Tue, Nov 29th)
https://malware.news/t/isc-stormcast-for-tuesday-november-29th-2022-https-isc-sans-edu-podcastdetail-html-id-8268-tue-nov-29th/65310#post_1
U.S. and UK Ban More Chinese Kit as Xi’s Grip Weakens
https://malware.news/t/u-s-and-uk-ban-more-chinese-kit-as-xi-s-grip-weakens/65305#post_1
CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability
https://thehackernews.com/2022/11/cisa-warns-of-actively-exploited.html
Data Loss Protection (DLP) (noun)
https://thecyberwire.com/podcasts/word-notes/127/notes
The 5 Cornerstones for an Effective Cyber Security Awareness Training
https://thehackernews.com/2022/11/the-5-cornerstones-for-effective-cyber.html
The Art of Bypassing Kerberoast Detections with Orpheus
https://www.reddit.com/r/netsec/comments/z7fomb/the_art_of_bypassing_kerberoast_detections_with/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Exception(al) Failure - Breaking the STM32F1 Read-Out Protection
Posted in r/netsec by u/Gallus • 21 points and 1 comment
Top Security News for 30/11/2022
TikTok challenge spreads malware.
https://thecyberwire.com/stories/98c006aa1b98406a86f21ecc1d21b7ac/tiktok-challenge-spreads-malware
DDoS as threat to e-commerce. Meta's GDPR fine. TikTok challenge spreads malware. US CYBERCOM's support for Ukraine.
https://thecyberwire.com/newsletters/daily-briefing/11/227
Looting Microsoft Configuration Manager
https://www.reddit.com/r/netsec/comments/z86x3y/looting_microsoft_configuration_manager/
[Control systems] Moxa security advisory (AV22-664)
https://malware.news/t/control-systems-moxa-security-advisory-av22-664/65340#post_1
Hackers Using Trending TikTok 'Invisible Challenge' to Spread Malware
https://thehackernews.com/2022/11/hackers-using-trending-invisible.html
DDoS as a holiday-season threat to e-commerce. TikTok challenge spreads malware. Meta's GDPR fine. US Cyber Command describes support for Ukraine's cyber defense.
https://thecyberwire.com/podcasts/daily-podcast/1712/notes
TSA Considers Using Third-Party Assessors in Coming Pipeline Regulations
https://malware.news/t/tsa-considers-using-third-party-assessors-in-coming-pipeline-regulations/65337#post_1
Subdomain Enumeration with DNSSEC
https://www.reddit.com/r/netsec/comments/z7t8r4/subdomain_enumeration_with_dnssec/
Xiongmai IoT Exploitation
https://www.reddit.com/r/netsec/comments/z84wuw/xiongmai_iot_exploitation/
Malware Analysis - Ghidra vs Cutter vs Binary Ninja vs IDA Free
https://malware.news/t/malware-analysis-ghidra-vs-cutter-vs-binary-ninja-vs-ida-free/65336#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
TikTok challenge spreads malware.
https://thecyberwire.com/stories/98c006aa1b98406a86f21ecc1d21b7ac/tiktok-challenge-spreads-malware
DDoS as threat to e-commerce. Meta's GDPR fine. TikTok challenge spreads malware. US CYBERCOM's support for Ukraine.
https://thecyberwire.com/newsletters/daily-briefing/11/227
Looting Microsoft Configuration Manager
https://www.reddit.com/r/netsec/comments/z86x3y/looting_microsoft_configuration_manager/
[Control systems] Moxa security advisory (AV22-664)
https://malware.news/t/control-systems-moxa-security-advisory-av22-664/65340#post_1
Hackers Using Trending TikTok 'Invisible Challenge' to Spread Malware
https://thehackernews.com/2022/11/hackers-using-trending-invisible.html
DDoS as a holiday-season threat to e-commerce. TikTok challenge spreads malware. Meta's GDPR fine. US Cyber Command describes support for Ukraine's cyber defense.
https://thecyberwire.com/podcasts/daily-podcast/1712/notes
TSA Considers Using Third-Party Assessors in Coming Pipeline Regulations
https://malware.news/t/tsa-considers-using-third-party-assessors-in-coming-pipeline-regulations/65337#post_1
Subdomain Enumeration with DNSSEC
https://www.reddit.com/r/netsec/comments/z7t8r4/subdomain_enumeration_with_dnssec/
Xiongmai IoT Exploitation
https://www.reddit.com/r/netsec/comments/z84wuw/xiongmai_iot_exploitation/
Malware Analysis - Ghidra vs Cutter vs Binary Ninja vs IDA Free
https://malware.news/t/malware-analysis-ghidra-vs-cutter-vs-binary-ninja-vs-ida-free/65336#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
N2K CyberWire
TikTok challenge spreads malware.
There's malware lurking in a TikTok challenge. And, by the way, think about keeping your clothes on.
Top Security News for 01/12/2022
AWS' Inspector offers vulnerability management for Lambda serverless functions
https://www.csoonline.com/article/3681117/aws-inspector-offers-vulnerability-management-for-lambda-serverless-functions.html#tk.rss_all
Welcoming women in cybersecurity.
https://thecyberwire.com/stories/e2039ffcbeb74e769032a2e0036033b0/welcoming-women-in-cybersecurity
FUD Java RAT
https://www.reddit.com/r/Malware/comments/z9dfwb/fud_java_rat/
The Burp challenge
https://portswigger.net/blog/the-burp-challenge
Discord For Malware Course
https://www.reddit.com/r/Malware/comments/z9745i/discord_for_malware_course/
What is Ransom Cartel? A ransomware gang focused on reputational damage
https://www.csoonline.com/article/3680734/what-is-ransom-cartel-a-ransomware-gang-focused-on-reputational-damage.html#tk.rss_all
Multiversity by @wefuzz_io, a collection of amazing resources for Hackers and Developers to learn, develop, showcase and contribute to the future of Web3 Security
https://www.reddit.com/r/netsec/comments/z8yp36/multiversity_by_wefuzz_io_a_collection_of_amazing/
Patching healthcare cybersecurity risks.
https://thecyberwire.com/podcasts/caveat/151/notes
AWS launches new cybersecurity service Amazon Security Lake
https://www.csoonline.com/article/3681082/aws-launches-new-cybersecurity-service-amazon-security-lake.html#tk.rss_all
Lastpass discloses the second security breach this year
https://securityaffairs.co/wordpress/139136/data-breach/lastpass-second-security-breach.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
AWS' Inspector offers vulnerability management for Lambda serverless functions
https://www.csoonline.com/article/3681117/aws-inspector-offers-vulnerability-management-for-lambda-serverless-functions.html#tk.rss_all
Welcoming women in cybersecurity.
https://thecyberwire.com/stories/e2039ffcbeb74e769032a2e0036033b0/welcoming-women-in-cybersecurity
FUD Java RAT
https://www.reddit.com/r/Malware/comments/z9dfwb/fud_java_rat/
The Burp challenge
https://portswigger.net/blog/the-burp-challenge
Discord For Malware Course
https://www.reddit.com/r/Malware/comments/z9745i/discord_for_malware_course/
What is Ransom Cartel? A ransomware gang focused on reputational damage
https://www.csoonline.com/article/3680734/what-is-ransom-cartel-a-ransomware-gang-focused-on-reputational-damage.html#tk.rss_all
Multiversity by @wefuzz_io, a collection of amazing resources for Hackers and Developers to learn, develop, showcase and contribute to the future of Web3 Security
https://www.reddit.com/r/netsec/comments/z8yp36/multiversity_by_wefuzz_io_a_collection_of_amazing/
Patching healthcare cybersecurity risks.
https://thecyberwire.com/podcasts/caveat/151/notes
AWS launches new cybersecurity service Amazon Security Lake
https://www.csoonline.com/article/3681082/aws-launches-new-cybersecurity-service-amazon-security-lake.html#tk.rss_all
Lastpass discloses the second security breach this year
https://securityaffairs.co/wordpress/139136/data-breach/lastpass-second-security-breach.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO Online
AWS' Inspector offers vulnerability management for Lambda serverless functions
AWS announces new cybersecurity features in Amazon Inspector and Amazon Macie at AWS Re:Invent 2022 in Las Vegas.
👍1
Top Security News for 02/12/2022
CISA: Cuba ransomware group has stolen $60 million from at least 100 organizations
https://malware.news/t/cisa-cuba-ransomware-group-has-stolen-60-million-from-at-least-100-organizations/65412#post_1
The CI/CD Goat just got wilder! - A new challenge to the deliberately vulnerable CI/CD environment
https://www.reddit.com/r/netsec/comments/z9pjzz/the_cicd_goat_just_got_wilder_a_new_challenge_to/
W4SP continues to nest in PyPI: Same supply chain attack, different distribution method
https://malware.news/t/w4sp-continues-to-nest-in-pypi-same-supply-chain-attack-different-distribution-method/65411#post_1
Software projects face supply chain security risk due to insecure artifact downloads via GitHub Actions
https://www.csoonline.com/article/3681988/software-projects-face-supply-chain-security-risk-due-to-insecure-artifact-downloads-via-github-act.html#tk.rss_all
Sasha Grey Is Not Recruiting Soldiers for the Russian Army
https://www.vice.com/en_us/article/k7b5jm/sasha-grey-is-not-recruiting-soldiers-for-the-russian-army
ASEC Weekly Phishing Email Threat Trend (November 13th, 2022 – November 19th, 2022 )
https://malware.news/t/asec-weekly-phishing-email-threat-trend-november-13th-2022-november-19th-2022/65415#post_1
Huawei Security Hypervisor Vulnerability
https://www.reddit.com/r/netsec/comments/z9s1as/huawei_security_hypervisor_vulnerability/
Cyberespionage, cybercrime, and patriotic hacktivism. The Heliconia framework described. Cyber risk for the telecom and healthcare sectors. Notes on the hybrid war. Predictions for 2023.
https://thecyberwire.com/podcasts/daily-podcast/1714/notes
Unauthenticated Command Injection in Asus M25 NAS
https://www.reddit.com/r/netsec/comments/z9phg8/unauthenticated_command_injection_in_asus_m25_nas/
2022-12-01 - Files for an ISC diary (obama224 Qakbot)
https://malware.news/t/2022-12-01-files-for-an-isc-diary-obama224-qakbot/65418#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CISA: Cuba ransomware group has stolen $60 million from at least 100 organizations
https://malware.news/t/cisa-cuba-ransomware-group-has-stolen-60-million-from-at-least-100-organizations/65412#post_1
The CI/CD Goat just got wilder! - A new challenge to the deliberately vulnerable CI/CD environment
https://www.reddit.com/r/netsec/comments/z9pjzz/the_cicd_goat_just_got_wilder_a_new_challenge_to/
W4SP continues to nest in PyPI: Same supply chain attack, different distribution method
https://malware.news/t/w4sp-continues-to-nest-in-pypi-same-supply-chain-attack-different-distribution-method/65411#post_1
Software projects face supply chain security risk due to insecure artifact downloads via GitHub Actions
https://www.csoonline.com/article/3681988/software-projects-face-supply-chain-security-risk-due-to-insecure-artifact-downloads-via-github-act.html#tk.rss_all
Sasha Grey Is Not Recruiting Soldiers for the Russian Army
https://www.vice.com/en_us/article/k7b5jm/sasha-grey-is-not-recruiting-soldiers-for-the-russian-army
ASEC Weekly Phishing Email Threat Trend (November 13th, 2022 – November 19th, 2022 )
https://malware.news/t/asec-weekly-phishing-email-threat-trend-november-13th-2022-november-19th-2022/65415#post_1
Huawei Security Hypervisor Vulnerability
https://www.reddit.com/r/netsec/comments/z9s1as/huawei_security_hypervisor_vulnerability/
Cyberespionage, cybercrime, and patriotic hacktivism. The Heliconia framework described. Cyber risk for the telecom and healthcare sectors. Notes on the hybrid war. Predictions for 2023.
https://thecyberwire.com/podcasts/daily-podcast/1714/notes
Unauthenticated Command Injection in Asus M25 NAS
https://www.reddit.com/r/netsec/comments/z9phg8/unauthenticated_command_injection_in_asus_m25_nas/
2022-12-01 - Files for an ISC diary (obama224 Qakbot)
https://malware.news/t/2022-12-01-files-for-an-isc-diary-obama224-qakbot/65418#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
CISA: Cuba ransomware group has stolen $60 million from at least 100 organizations
The Cuba ransomware group has launched attacks against 100 organizations around the world and brought in $60 million between December 2021 and August 2022, according to a new advisory from the Cybersecurity and Infrastructure Security Agency (CISA) and FBI.…
Top Security News for 03/12/2022
Dell, HP, and Lenovo Devices Found Using Outdated OpenSSL Versions
https://thehackernews.com/2022/11/dell-hp-and-lenovo-devices-found-using.html
[Control Systems] ABB security advisory (AV22-670)
https://malware.news/t/control-systems-abb-security-advisory-av22-670/65441#post_1
Maria Varmazis interviews Brandon Bailey about Space Attack Research and Tactic Analysis, or SPARTA matrix.
https://thecyberwire.com/podcasts/interview-selects/137/notes
RansomHouse attacks Colombian healthcare network. Patient data exposed in breach. US school district suffers data breach.
https://thecyberwire.com/newsletters/privacy-briefing/4/230
Adversarial activity. Risk and trend reports. Sandworm renews ransomware activity against Ukrainian targets.
https://thecyberwire.com/newsletters/week-that-was/6/47
Elon Musk Confirms Twitter 2.0 will Bring End-to-End Encryption to Direct Messages
https://thehackernews.com/2022/11/elon-musk-confirms-twitter-20-will.html
Hackers Using Trending TikTok 'Invisible Challenge' to Spread Malware
https://thehackernews.com/2022/11/hackers-using-trending-invisible.html
Inside the Windows Cache Manager
https://malware.news/t/inside-the-windows-cache-manager/65445#post_1
Millions of Android Devices Still Don't Have Patches for Mali GPU Flaws
https://thehackernews.com/2022/11/million-of-android-devices-still-dont.html
U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk
https://thehackernews.com/2022/11/us-bans-chinese-telecom-equipment-and.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Dell, HP, and Lenovo Devices Found Using Outdated OpenSSL Versions
https://thehackernews.com/2022/11/dell-hp-and-lenovo-devices-found-using.html
[Control Systems] ABB security advisory (AV22-670)
https://malware.news/t/control-systems-abb-security-advisory-av22-670/65441#post_1
Maria Varmazis interviews Brandon Bailey about Space Attack Research and Tactic Analysis, or SPARTA matrix.
https://thecyberwire.com/podcasts/interview-selects/137/notes
RansomHouse attacks Colombian healthcare network. Patient data exposed in breach. US school district suffers data breach.
https://thecyberwire.com/newsletters/privacy-briefing/4/230
Adversarial activity. Risk and trend reports. Sandworm renews ransomware activity against Ukrainian targets.
https://thecyberwire.com/newsletters/week-that-was/6/47
Elon Musk Confirms Twitter 2.0 will Bring End-to-End Encryption to Direct Messages
https://thehackernews.com/2022/11/elon-musk-confirms-twitter-20-will.html
Hackers Using Trending TikTok 'Invisible Challenge' to Spread Malware
https://thehackernews.com/2022/11/hackers-using-trending-invisible.html
Inside the Windows Cache Manager
https://malware.news/t/inside-the-windows-cache-manager/65445#post_1
Millions of Android Devices Still Don't Have Patches for Mali GPU Flaws
https://thehackernews.com/2022/11/million-of-android-devices-still-dont.html
U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk
https://thehackernews.com/2022/11/us-bans-chinese-telecom-equipment-and.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
[Control Systems] ABB security advisory (AV22-670)
Article Link: [Control Systems] ABB security advisory (AV22-670) - Canadian Centre for Cyber Security
Top Security News for 04/12/2022
[KIS-2022-06] Drupal H5P Module <= 2.0.0 (isValidPackage) Zip Slip Vulnerability
https://www.reddit.com/r/netsec/comments/zbhtrx/kis202206_drupal_h5p_module_200_isvalidpackage/
Update: python-per-line.py Version 0.0.9
https://malware.news/t/update-python-per-line-py-version-0-0-9/65451#post_1
kitabisa/teler release v2.0.0-dev
https://www.reddit.com/r/netsec/comments/zbbcb8/kitabisateler_release_v200dev/
Securing Your SAP Environments: Going Beyond Access Control
https://securityintelligence.com/securing-sap-environments-beyond-access-control/
Linux LOLBins Applications Available in Windows, (Sat, Dec 3rd)
https://malware.news/t/linux-lolbins-applications-available-in-windows-sat-dec-3rd/65449#post_1
Pre-Auth RCE with CodeQL in Under 20 Minutes
https://www.reddit.com/r/netsec/comments/zbfj1a/preauth_rce_with_codeql_in_under_20_minutes/
Safe malware testing
https://www.reddit.com/r/Malware/comments/zbigro/safe_malware_testing/
New CryWiper wiper targets Russian entities masquerading as a ransomware
https://securityaffairs.co/wordpress/139237/malware/crywiper-wiper.html
Dissecting Windows Section Objects
https://malware.news/t/dissecting-windows-section-objects/65448#post_1
Using make_sc_hash_db.py to create API hashing DBs
https://malware.news/t/using-make-sc-hash-db-py-to-create-api-hashing-dbs/65450#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
[KIS-2022-06] Drupal H5P Module <= 2.0.0 (isValidPackage) Zip Slip Vulnerability
https://www.reddit.com/r/netsec/comments/zbhtrx/kis202206_drupal_h5p_module_200_isvalidpackage/
Update: python-per-line.py Version 0.0.9
https://malware.news/t/update-python-per-line-py-version-0-0-9/65451#post_1
kitabisa/teler release v2.0.0-dev
https://www.reddit.com/r/netsec/comments/zbbcb8/kitabisateler_release_v200dev/
Securing Your SAP Environments: Going Beyond Access Control
https://securityintelligence.com/securing-sap-environments-beyond-access-control/
Linux LOLBins Applications Available in Windows, (Sat, Dec 3rd)
https://malware.news/t/linux-lolbins-applications-available-in-windows-sat-dec-3rd/65449#post_1
Pre-Auth RCE with CodeQL in Under 20 Minutes
https://www.reddit.com/r/netsec/comments/zbfj1a/preauth_rce_with_codeql_in_under_20_minutes/
Safe malware testing
https://www.reddit.com/r/Malware/comments/zbigro/safe_malware_testing/
New CryWiper wiper targets Russian entities masquerading as a ransomware
https://securityaffairs.co/wordpress/139237/malware/crywiper-wiper.html
Dissecting Windows Section Objects
https://malware.news/t/dissecting-windows-section-objects/65448#post_1
Using make_sc_hash_db.py to create API hashing DBs
https://malware.news/t/using-make-sc-hash-db-py-to-create-api-hashing-dbs/65450#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
[KIS-2022-06] Drupal H5P Module <= 2.0.0 (isValidPackage) Zip Slip...
Posted in r/netsec by u/eg1x • 2 points and 0 comments
❤1
Top Security News for 05/12/2022
GitHub Actions - Artifact Poisoning Vulnerability
https://www.reddit.com/r/netsec/comments/zcdlzp/github_actions_artifact_poisoning_vulnerability/
Test Post 2 – 5 Dec Prod Release
https://malware.news/t/test-post-2-5-dec-prod-release/65457#post_1
OWASP Top 10 CI/CD Security Risks project released
https://www.reddit.com/r/netsec/comments/zckkhi/owasp_top_10_cicd_security_risks_project_released/
US DHS Cyber Safety Board will review Lapsus$ gang’s operations
https://securityaffairs.co/wordpress/139255/cyber-crime/us-dhs-cyber-safety-board-review-lapsus-attacks.html
Vulnerability Management: An essential tactic for zero trust from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/70/notes
Finger.exe LOLBin, (Sun, Dec 4th)
https://isc.sans.edu/diary/rss/29298
New report finds social media fueling a rise in primary school violence
https://malware.news/t/new-report-finds-social-media-fueling-a-rise-in-primary-school-violence/65461#post_1
Botnet servers found infected with Cobalt Strike Beacon Malware
https://www.reddit.com/r/Malware/comments/zcrlba/botnet_servers_found_infected_with_cobalt_strike/
Extracting Certificates For Defender
https://malware.news/t/extracting-certificates-for-defender/65455#post_1
Deobfuscation of .NET using PowerShelling & dnlib - Eternity Malware
https://malware.news/t/deobfuscation-of-net-using-powershelling-dnlib-eternity-malware/65456#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
GitHub Actions - Artifact Poisoning Vulnerability
https://www.reddit.com/r/netsec/comments/zcdlzp/github_actions_artifact_poisoning_vulnerability/
Test Post 2 – 5 Dec Prod Release
https://malware.news/t/test-post-2-5-dec-prod-release/65457#post_1
OWASP Top 10 CI/CD Security Risks project released
https://www.reddit.com/r/netsec/comments/zckkhi/owasp_top_10_cicd_security_risks_project_released/
US DHS Cyber Safety Board will review Lapsus$ gang’s operations
https://securityaffairs.co/wordpress/139255/cyber-crime/us-dhs-cyber-safety-board-review-lapsus-attacks.html
Vulnerability Management: An essential tactic for zero trust from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/70/notes
Finger.exe LOLBin, (Sun, Dec 4th)
https://isc.sans.edu/diary/rss/29298
New report finds social media fueling a rise in primary school violence
https://malware.news/t/new-report-finds-social-media-fueling-a-rise-in-primary-school-violence/65461#post_1
Botnet servers found infected with Cobalt Strike Beacon Malware
https://www.reddit.com/r/Malware/comments/zcrlba/botnet_servers_found_infected_with_cobalt_strike/
Extracting Certificates For Defender
https://malware.news/t/extracting-certificates-for-defender/65455#post_1
Deobfuscation of .NET using PowerShelling & dnlib - Eternity Malware
https://malware.news/t/deobfuscation-of-net-using-powershelling-dnlib-eternity-malware/65456#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: GitHub Actions - Artifact Poisoning Vulnerability
Posted by u/dotanoam - 118 votes and 6 comments
Top Security News for 06/12/2022
New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers
https://thehackernews.com/2022/12/new-bmc-supply-chain-vulnerabilities.html
[Help] I'm looking for a downloadable list of all CVEs including vulnerability
https://www.reddit.com/r/netsec/comments/zdm9g2/help_im_looking_for_a_downloadable_list_of_all/
Cybersecurity Plan: 3 Keys for CISOs
https://malware.news/t/cybersecurity-plan-3-keys-for-cisos/65499#post_1
Schoolyard Bully: a Facebook Trojan.
https://thecyberwire.com/stories/a22b8c59a5354b16bea865d1d1197efa/schoolyard-bully-a-facebook-trojan
Hijacking GitHub Repositories by Deleting and Restoring Them
https://www.reddit.com/r/netsec/comments/zdcgza/hijacking_github_repositories_by_deleting_and/
GitLab security advisory (AV22-676)
https://malware.news/t/gitlab-security-advisory-av22-676/65494#post_1
French hospital cancels operations after a ransomware attack
https://securityaffairs.co/wordpress/139316/cyber-crime/french-hospital-ransomware-attack-2.html
North Korean Hackers Spread AppleJeus Malware Disguised as Cryptocurrency Apps
https://thehackernews.com/2022/12/north-korean-hackers-spread-applejeus.html
Journalist Sues NSO After Being Hacked By Pegasus Spyware
https://packetstormsecurity.com/news/view/34104/Journalist-Sues-NSO-After-Being-Hacked-By-Pegasus-Spyware.html
A Detailed Analysis of The Last Version of REvil Ransomware [PDF]
https://www.reddit.com/r/netsec/comments/zd92ww/a_detailed_analysis_of_the_last_version_of_revil/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers
https://thehackernews.com/2022/12/new-bmc-supply-chain-vulnerabilities.html
[Help] I'm looking for a downloadable list of all CVEs including vulnerability
https://www.reddit.com/r/netsec/comments/zdm9g2/help_im_looking_for_a_downloadable_list_of_all/
Cybersecurity Plan: 3 Keys for CISOs
https://malware.news/t/cybersecurity-plan-3-keys-for-cisos/65499#post_1
Schoolyard Bully: a Facebook Trojan.
https://thecyberwire.com/stories/a22b8c59a5354b16bea865d1d1197efa/schoolyard-bully-a-facebook-trojan
Hijacking GitHub Repositories by Deleting and Restoring Them
https://www.reddit.com/r/netsec/comments/zdcgza/hijacking_github_repositories_by_deleting_and/
GitLab security advisory (AV22-676)
https://malware.news/t/gitlab-security-advisory-av22-676/65494#post_1
French hospital cancels operations after a ransomware attack
https://securityaffairs.co/wordpress/139316/cyber-crime/french-hospital-ransomware-attack-2.html
North Korean Hackers Spread AppleJeus Malware Disguised as Cryptocurrency Apps
https://thehackernews.com/2022/12/north-korean-hackers-spread-applejeus.html
Journalist Sues NSO After Being Hacked By Pegasus Spyware
https://packetstormsecurity.com/news/view/34104/Journalist-Sues-NSO-After-Being-Hacked-By-Pegasus-Spyware.html
A Detailed Analysis of The Last Version of REvil Ransomware [PDF]
https://www.reddit.com/r/netsec/comments/zd92ww/a_detailed_analysis_of_the_last_version_of_revil/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: [Help] I'm looking for a downloadable list of all CVEs including vulnerability
Posted by u/much_thanks - No votes and 2 comments
Top Security News for 07/12/2022
ISC StormCast for Wednesday, December 7th, 2022
https://isc.sans.edu/podcastdetail.html?id=8280
ISC Stormcast For Wednesday, December 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8280, (Wed, Dec 7th)
https://malware.news/t/isc-stormcast-for-wednesday-december-7th-2022-https-isc-sans-edu-podcastdetail-html-id-8280-wed-dec-7th/65539#post_1
Sophos fixed a critical flaw in its Sophos Firewall version 19.5
https://securityaffairs.co/wordpress/139362/security/sophos-firewall-critical-flaw.html
The changing role of the MITRE ATT@CK framework
https://www.csoonline.com/article/3681990/the-changing-role-of-the-mitre-att-ck-framework.html#tk.rss_all
Containers, Security, and Risks within Containerized Environments
https://securityintelligence.com/posts/containers-security-risks-containerized-environments/
ISC Stormcast For Wednesday, December 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8280, (Wed, Dec 7th)
https://isc.sans.edu/diary/rss/29310
Cyberespionage, privateering, hacktivism and influence operations, in Ukraine, Russia, the Middle East, and elsewhere. Criminals need quality control, too. A new entry in CISA’s KEV Catalog.
https://thecyberwire.com/podcasts/daily-podcast/1717/notes
Darknet's Largest Mobile Malware Marketplace Threatens Users Worldwide
https://thehackernews.com/2022/12/darknets-largest-mobile-malware.html
Telcom and BPO Companies Under Attack by SIM Swapping Hackers
https://thehackernews.com/2022/12/telcom-and-bpo-companies-under-attack.html
Want To Detect Cobalt Strike On The Network? Look To Process Memory
https://packetstormsecurity.com/news/view/34112/Want-To-Detect-Cobalt-Strike-On-The-Network-Look-To-Process-Memory.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC StormCast for Wednesday, December 7th, 2022
https://isc.sans.edu/podcastdetail.html?id=8280
ISC Stormcast For Wednesday, December 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8280, (Wed, Dec 7th)
https://malware.news/t/isc-stormcast-for-wednesday-december-7th-2022-https-isc-sans-edu-podcastdetail-html-id-8280-wed-dec-7th/65539#post_1
Sophos fixed a critical flaw in its Sophos Firewall version 19.5
https://securityaffairs.co/wordpress/139362/security/sophos-firewall-critical-flaw.html
The changing role of the MITRE ATT@CK framework
https://www.csoonline.com/article/3681990/the-changing-role-of-the-mitre-att-ck-framework.html#tk.rss_all
Containers, Security, and Risks within Containerized Environments
https://securityintelligence.com/posts/containers-security-risks-containerized-environments/
ISC Stormcast For Wednesday, December 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8280, (Wed, Dec 7th)
https://isc.sans.edu/diary/rss/29310
Cyberespionage, privateering, hacktivism and influence operations, in Ukraine, Russia, the Middle East, and elsewhere. Criminals need quality control, too. A new entry in CISA’s KEV Catalog.
https://thecyberwire.com/podcasts/daily-podcast/1717/notes
Darknet's Largest Mobile Malware Marketplace Threatens Users Worldwide
https://thehackernews.com/2022/12/darknets-largest-mobile-malware.html
Telcom and BPO Companies Under Attack by SIM Swapping Hackers
https://thehackernews.com/2022/12/telcom-and-bpo-companies-under-attack.html
Want To Detect Cobalt Strike On The Network? Look To Process Memory
https://packetstormsecurity.com/news/view/34112/Want-To-Detect-Cobalt-Strike-On-The-Network-Look-To-Process-Memory.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Wednesday, December 7th, 2022 - SANS ISC
Top Security News for 08/12/2022
Trojan analysis
https://www.reddit.com/r/Malware/comments/zfh5uh/trojan_analysis/
Follow the money along the blockchain.
https://thecyberwire.com/podcasts/caveat/152/notes
An Artist Used Pokémon Go Technology to Sell ‘Crypto Cocaine’ NFTs in Art Basel Bathrooms
https://www.vice.com/en_us/article/93ajye/a-ton-of-coke-crypto-cocaine-nfts-art-basel-festival-miami
Apple announces new security and privacy measures amid surge in cyber-attacks
https://www.theguardian.com/technology/2022/dec/07/apple-new-security-privacy-measures-spike-cyber-attacks
Android 13 Image Now Available
https://malware.news/t/android-13-image-now-available/65568#post_1
Do not get your news on social media.
https://thecyberwire.com/podcasts/hacking-humans/223/notes
South Pacific Vacations May Be Wrecked By Ransomware
https://packetstormsecurity.com/news/view/34120/South-Pacific-Vacations-May-Be-Wrecked-By-Ransomware.html
Ransomware, third-party risk, cyberespionage, social engineering, and a software supply-chain threat..
https://thecyberwire.com/podcasts/daily-podcast/1718/notes
ISC StormCast for Thursday, December 8th, 2022
https://isc.sans.edu/podcastdetail.html?id=8282
ASEC Weekly Phishing Email Threat Trend (November 20th, 2022 – November 26th, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trend-november-20th-2022-november-26th-2022/65569#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Trojan analysis
https://www.reddit.com/r/Malware/comments/zfh5uh/trojan_analysis/
Follow the money along the blockchain.
https://thecyberwire.com/podcasts/caveat/152/notes
An Artist Used Pokémon Go Technology to Sell ‘Crypto Cocaine’ NFTs in Art Basel Bathrooms
https://www.vice.com/en_us/article/93ajye/a-ton-of-coke-crypto-cocaine-nfts-art-basel-festival-miami
Apple announces new security and privacy measures amid surge in cyber-attacks
https://www.theguardian.com/technology/2022/dec/07/apple-new-security-privacy-measures-spike-cyber-attacks
Android 13 Image Now Available
https://malware.news/t/android-13-image-now-available/65568#post_1
Do not get your news on social media.
https://thecyberwire.com/podcasts/hacking-humans/223/notes
South Pacific Vacations May Be Wrecked By Ransomware
https://packetstormsecurity.com/news/view/34120/South-Pacific-Vacations-May-Be-Wrecked-By-Ransomware.html
Ransomware, third-party risk, cyberespionage, social engineering, and a software supply-chain threat..
https://thecyberwire.com/podcasts/daily-podcast/1718/notes
ISC StormCast for Thursday, December 8th, 2022
https://isc.sans.edu/podcastdetail.html?id=8282
ASEC Weekly Phishing Email Threat Trend (November 20th, 2022 – November 26th, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trend-november-20th-2022-november-26th-2022/65569#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Trojan analysis
I found a VB script file tagged as a trojan by many AV on a pc that I remotely fixed today. I'd like to import it on my pc for studying because I...