Top Security News for 26/10/2022

How businesses are gaining integrated data protection with Microsoft Purview
https://www.microsoft.com/en-us/security/blog/2022/10/25/how-businesses-are-gaining-integrated-data-protection-with-microsoft-purview/

CISA Seeks Feedback on Baseline Measures to Secure Cloud Configuration
https://malware.news/t/cisa-seeks-feedback-on-baseline-measures-to-secure-cloud-configuration/64496#post_1

Indictments in PRC espionage cases. LogCrusher and OverLog. Update on the hybrid war. Two cyber trend studies.
https://thecyberwire.com/newsletters/daily-briefing/11/205

How the Software Supply Chain Security is Threatened by Hackers
https://thehackernews.com/2022/10/how-software-supply-chain-security-is.html

The Logging Dead: Two Event Log Vulnerabilities Haunting Windows
https://www.reddit.com/r/netsec/comments/yd1pdw/the_logging_dead_two_event_log_vulnerabilities/

Micropatches for Kerberos Elevation of Privilege (CVE-2022-33647, CVE-2022-33679)
https://malware.news/t/micropatches-for-kerberos-elevation-of-privilege-cve-2022-33647-cve-2022-33679/64498#post_1

IoT security strategy from enterprises using connected devices
https://www.networkworld.com/article/3677470/iot-security-strategy-from-those-who-use-connected-devices.html#tk.rss_all

Payment Terminal Malware Steals $3.3m Worth Of Credit Card Numbers
https://packetstormsecurity.com/news/view/33971/Payment-Terminal-Malware-Steals-3.3m-Worth-Of-Credit-Card-Numbers.html

“Baseball & Espionage” –with World Series Champion Ryan Zimmerman & Marc Polymeropoulous
https://thecyberwire.com/podcasts/spycast/561/notes

The Secrets Behind Uber's Breach
https://www.reddit.com/r/netsec/comments/ydebot/the_secrets_behind_ubers_breach/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 27/10/2022

Hackers Actively Exploiting Cisco AnyConnect and GIGABYTE Drivers Vulnerabilities
https://thehackernews.com/2022/10/hackers-actively-exploiting-cisco.html

Problem with C++ 20 modules in WDK
https://www.reddit.com/r/lowlevel/comments/ydcpcz/problem_with_c_20_modules_in_wdk/

Ring0VBA - Getting Ring0 Using a Goddamn Word Document
https://www.reddit.com/r/netsec/comments/ydyylz/ring0vba_getting_ring0_using_a_goddamn_word/

SilverEdge Government Solutions acquires Counter Threat Solutions. Valence Security raises $25 million in seed funding. IronNet joins Space ISAC.
https://thecyberwire.com/newsletters/business-briefing/4/43

Token handles abuse: One shell to HANDLE them all
https://www.reddit.com/r/netsec/comments/ydvpa7/token_handles_abuse_one_shell_to_handle_them_all/

Russian Politician Calls for ‘Desatanization’ of Ukraine
https://www.vice.com/en_us/article/wxn79y/russian-politician-calls-for-desatanization-of-ukraine

Malformed signature trick can bypass Mark of the Web
https://www.malwarebytes.com/blog/news/2022/10/malware-authors-use-malformed-signature-trick-to-bypass-mark-of-the-web

ISC Stormcast For Thursday, October 27th, 2022 https://isc.sans.edu/podcastdetail.html?id=8232, (Thu, Oct 27th)
https://malware.news/t/isc-stormcast-for-thursday-october-27th-2022-https-isc-sans-edu-podcastdetail-html-id-8232-thu-oct-27th/64548#post_1

ISC StormCast for Thursday, October 27th, 2022
https://isc.sans.edu/podcastdetail.html?id=8232

NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/26-10-2022


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 03/11/2022

Monthly Threat Actor Group Intelligence Report, September 2022 (KOR)
https://malware.news/t/monthly-threat-actor-group-intelligence-report-september-2022-kor/64738#post_1

Watching Facebook Burn
https://www.vice.com/en_us/article/7k8mwq/watching-facebook-burn

Netacea launches malicious bot intelligence service to help customers tackle threats
https://www.csoonline.com/article/3678298/netacea-launches-malicious-bot-intelligence-service-to-help-customers-tackle-threats.html#tk.rss_all

ISC Stormcast For Thursday, November 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8242, (Thu, Nov 3rd)
https://isc.sans.edu/diary/rss/29216

New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users' Data
https://thehackernews.com/2022/11/new-tiktok-privacy-policy-confirms.html

Microsoft Security tips for mitigating risk in mergers and acquisitions
https://www.microsoft.com/en-us/security/blog/2022/11/02/microsoft-security-tips-for-mitigating-risk-in-mergers-and-acquisitions/

Experts Warn of SandStrike Android Spyware Infecting Devices via Malicious VPN App
https://thehackernews.com/2022/11/experts-warn-of-sandstrike-android.html

Patch notes, including OpenSSL updates. CISA and election security. Notes on the hybrid war. Trends in cybercrime.
https://thecyberwire.com/newsletters/daily-briefing/11/211

Gregor Samsa: Exploiting Java's XML Signature Verification
https://googleprojectzero.blogspot.com/2022/11/gregor-samsa-exploiting-java-xml.html

ISC Stormcast For Thursday, November 3rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8242, (Thu, Nov 3rd)
https://malware.news/t/isc-stormcast-for-thursday-november-3rd-2022-https-isc-sans-edu-podcastdetail-html-id-8242-thu-nov-3rd/64733#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 04/11/2022

Stopping C2 communications in human-operated ransomware through network protection
https://www.microsoft.com/en-us/security/blog/2022/11/03/stopping-c2-communications-in-human-operated-ransomware-through-network-protection/

Researchers Discover Link In Tooling Between FIN7 And Black Basta Ransomware Group
https://packetstormsecurity.com/news/view/34003/Researchers-Discover-Link-In-Tooling-Between-FIN7-And-Black-Basta-Ransomware-Group.html

Combining Powershell Scripts
https://0x00sec.org/t/combining-powershell-scripts/31978

Why Identity & Access Management Governance is a Core Part of Your SaaS Security
https://thehackernews.com/2022/11/why-identity-access-management.html

CVE-2022-3602 & CVE-2022-3786 - OSS tools to detect susceptibility to the recent OpenSSL issues
https://www.reddit.com/r/netsec/comments/ykzip5/cve20223602_cve20223786_oss_tools_to_detect/

Nuke Experts Are Horrified by Biden’s New ‘Nuclear Posture Review’
https://www.vice.com/en_us/article/n7zk9w/nuke-experts-are-horrified-by-bidens-new-nuclear-posture-review

Why Did the OpenSSL Punycode Vulnerability Happen
https://www.reddit.com/r/netsec/comments/ylgnxb/why_did_the_openssl_punycode_vulnerability_happen/

Reverse Branch Target Buffer Poisoning - new ASLR bypass technique using CPU vulnerabilities [PDF]
https://www.reddit.com/r/netsec/comments/yls06p/reverse_branch_target_buffer_poisoning_new_aslr/

Threat Model Examples
https://www.reddit.com/r/netsec/comments/yl7xx0/threat_model_examples/

Cyberspace ‘a battleground’ as reports of cybercrime in Australia jump 13%
https://www.theguardian.com/australia-news/2022/nov/04/cyberspace-a-battleground-as-reports-of-cybercrime-in-australia-jump-13


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 05/11/2022

Geopolitics plays major role in cyberattacks, says EU cybersecurity agency
https://www.csoonline.com/article/3678771/geopolitics-plays-major-role-in-cyberattacks-says-eu-cybersecurity-agency.html#tk.rss_all

Your OT Is No Longer Isolated: Act Fast to Protect It
https://thehackernews.com/2022/11/your-ot-is-no-longer-isolated-act-fast.html

The Android Malware's Journey: From Google Play to banking fraud | Cleafy Labs
https://www.reddit.com/r/netsec/comments/ylzaos/the_android_malwares_journey_from_google_play_to/

Threat reports and trends. Misconfiguration risk to US government networks' security and compliance. CISA and election security.
https://thecyberwire.com/newsletters/week-that-was/6/44

Microsoft named a Leader in 2022 Gartner® Magic Quadrant™ for Access Management for the 6th year
https://www.microsoft.com/en-us/security/blog/2022/11/04/microsoft-named-a-leader-in-2022-gartner-magic-quadrant-for-access-management-for-the-6th-year/

HRDevHelper - Decompiler Plugin for Hex-Rays by Dennis Elser
https://www.reddit.com/r/netsec/comments/ymfb0g/hrdevhelper_decompiler_plugin_for_hexrays_by/

How | To | Protect | Windows | MalwareBytes AdwCleaner
https://www.reddit.com/r/Malware/comments/ym81eb/how_to_protect_windows_malwarebytes_adwcleaner/

Ismael Valenzuela from Blackberry discusses their report on "The Cyber Insurance Gap - What Is It, and How Can We Close It?"
https://thecyberwire.com/podcasts/interview-selects/135/notes

More Than 250 US News Sites Inject Malware In Possible Supply Chain Attack
https://packetstormsecurity.com/news/view/34006/More-Than-250-US-News-Sites-Inject-Malware-In-Possible-Supply-Chain-Attack.html

GitHub Users File a Class-Action Lawsuit Against Microsoft for Training an AI Tool With Their Code
https://www.vice.com/en_us/article/bvm3k5/github-users-file-a-class-action-lawsuit-against-microsoft-for-training-an-ai-tool-with-their-code


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 07/11/2022

IPv4 Address Representations, (Sun, Nov 6th)
https://malware.news/t/ipv4-address-representations-sun-nov-6th/64797#post_1

The 12 best holiday gift ideas for hackers in 2022
https://malware.news/t/the-12-best-holiday-gift-ideas-for-hackers-in-2022/64796#post_1

Using IP geolocation to detect suspicious logins to GSuite
https://malware.news/t/using-ip-geolocation-to-detect-suspicious-logins-to-gsuite/64799#post_1

Quickpost: Testing A USB Fridge
https://malware.news/t/quickpost-testing-a-usb-fridge/64798#post_1

ThinkstScapes Quarterly | 2022.Q3 | Summary of a lot of conference talks
https://www.reddit.com/r/netsec/comments/yo3rnf/thinkstscapes_quarterly_2022q3_summary_of_a_lot/

Pt 2 – Students of the game: What are the Hash Table’s go-to information sources for 2022?
https://thecyberwire.com/podcasts/cso-perspectives-public/67/notes

LockBit 3.0 gang claims to have stolen data from Kearney & Company
https://securityaffairs.co/wordpress/138136/cyber-crime/lockbit-ransomware-kearney-company.html

UK NCSC govt agency is scanning the Internet for flawed devices in the UK
https://securityaffairs.co/wordpress/138158/security/uk-ncsc-scans-internet.html

ISC Stormcast For Monday, November 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8246, (Mon, Nov 7th)
https://isc.sans.edu/diary/rss/29226

Security Affairs newsletter Round 392
https://securityaffairs.co/wordpress/138124/breaking-news/security-affairs-newsletter-round-392.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 08/11/2022

Disclosure as zero-day prep. Election security. Hacktivism and satcom in the hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/214

ISC Stormcast For Tuesday, November 8th, 2022 https://isc.sans.edu/podcastdetail.html?id=8248, (Tue, Nov 8th)
https://malware.news/t/isc-stormcast-for-tuesday-november-8th-2022-https-isc-sans-edu-podcastdetail-html-id-8248-tue-nov-8th/64828#post_1

Japan joins NATO's CCDCoE. Scanning in the UK. FCC on security of Emergency Alert System. Greek spyware scandal update.
https://thecyberwire.com/newsletters/policy-briefing/4/214

CISA, NSA and Industry Outline Security Responsibilities of Software Suppliers
https://malware.news/t/cisa-nsa-and-industry-outline-security-responsibilities-of-software-suppliers/64824#post_1

Medibank Refuses to Pay Ransom After 9.7 Million Customers Exposed in Ransomware Hack
https://thehackernews.com/2022/11/medibank-refuses-to-pay-ransom-after-97.html

BrandPost: Managed Security Services Can Relieve the Cybersecurity Skills Gap
https://www.csoonline.com/article/3678854/managed-security-services-can-relieve-the-cybersecurity-skills-gap.html#tk.rss_all

Robin Banks Phishing Service for Cybercriminals Returns with Russian Server
https://thehackernews.com/2022/11/robin-banks-phishing-service-for.html

Former CISA Head Calls for Renewed Action to Combat Election Lies
https://malware.news/t/former-cisa-head-calls-for-renewed-action-to-combat-election-lies/64826#post_1

We’re Christian Mouchet, Jean-Philippe Bossuat, Kurt Rohloff, Nigel Smart, Pascal Paillier, Rand Hindi, Wonkyung Jung, various researchers and library developers of homomorphic encryption to answer questions about homomorphic encryption and why it’s important for the future of data privacy! AMA
https://www.reddit.com/r/netsec/comments/yp6ec1/were_christian_mouchet_jeanphilippe_bossuat_kurt/

Web Application Firewall (noun)
https://thecyberwire.com/podcasts/word-notes/124/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 09/11/2022

CryptoChecker web
https://0x00sec.org/t/cryptochecker-web/32045

Update on the Robin Banks phishing kit. APT10 uses LODEINFO to target Japan. BEC gang impersonates international law firms.
https://thecyberwire.com/podcasts/research-briefing/142/notes

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/08-11-2022

Medibank hacker threatens to dump data. Facial recognition proves difficult to limit under GDPR. Baby monitors and privacy risk.
https://thecyberwire.com/newsletters/privacy-briefing/4/215

New updated IceXLoader claims thousands of victims around the world
https://www.reddit.com/r/netsec/comments/ypo0cb/new_updated_icexloader_claims_thousands_of/

Greece bans spyware sales. Australia to fund offensive cyber program. Pennsylvania data breach notification law.
https://thecyberwire.com/newsletters/policy-briefing/4/215

Security Alert: Microsoft Releases November 2022 Security Updates
https://malware.news/t/security-alert-microsoft-releases-november-2022-security-updates/64864#post_1

SimpleX Chat: security assessment by Trail of Bits and v4.2 released
https://www.reddit.com/r/netsec/comments/ypuead/simplex_chat_security_assessment_by_trail_of_bits/

ISC Stormcast For Wednesday, November 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8250, (Wed, Nov 9th)
https://malware.news/t/isc-stormcast-for-wednesday-november-9th-2022-https-isc-sans-edu-podcastdetail-html-id-8250-wed-nov-9th/64867#post_1

ISC Stormcast For Wednesday, November 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8250, (Wed, Nov 9th)
https://isc.sans.edu/diary/rss/29232


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 29/11/2022

Exception(al) Failure - Breaking the STM32F1 Read-Out Protection
https://www.reddit.com/r/netsec/comments/z6z1qp/exceptional_failure_breaking_the_stm32f1_readout/

500 million WhatsApp mobile numbers up for sale on the dark web
https://www.csoonline.com/article/3681449/500-million-whatsapp-mobile-numbers-up-for-sale-on-the-dark-web.html#tk.rss_all

2600 HOLIDAY SPECIALS HAVE ARRIVED
https://www.2600.com/content/2600-holiday-specials-have-arrived

ISC StormCast for Tuesday, November 29th, 2022
https://isc.sans.edu/podcastdetail.html?id=8268

ISC Stormcast For Tuesday, November 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8268, (Tue, Nov 29th)
https://malware.news/t/isc-stormcast-for-tuesday-november-29th-2022-https-isc-sans-edu-podcastdetail-html-id-8268-tue-nov-29th/65310#post_1

U.S. and UK Ban More Chinese Kit as Xi’s Grip Weakens
https://malware.news/t/u-s-and-uk-ban-more-chinese-kit-as-xi-s-grip-weakens/65305#post_1

CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability
https://thehackernews.com/2022/11/cisa-warns-of-actively-exploited.html

Data Loss Protection (DLP) (noun)
https://thecyberwire.com/podcasts/word-notes/127/notes

The 5 Cornerstones for an Effective Cyber Security Awareness Training
https://thehackernews.com/2022/11/the-5-cornerstones-for-effective-cyber.html

The Art of Bypassing Kerberoast Detections with Orpheus
https://www.reddit.com/r/netsec/comments/z7fomb/the_art_of_bypassing_kerberoast_detections_with/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 30/11/2022

TikTok challenge spreads malware.
https://thecyberwire.com/stories/98c006aa1b98406a86f21ecc1d21b7ac/tiktok-challenge-spreads-malware

DDoS as threat to e-commerce. Meta's GDPR fine. TikTok challenge spreads malware. US CYBERCOM's support for Ukraine.
https://thecyberwire.com/newsletters/daily-briefing/11/227

Looting Microsoft Configuration Manager
https://www.reddit.com/r/netsec/comments/z86x3y/looting_microsoft_configuration_manager/

[Control systems] Moxa security advisory (AV22-664)
https://malware.news/t/control-systems-moxa-security-advisory-av22-664/65340#post_1

Hackers Using Trending TikTok 'Invisible Challenge' to Spread Malware
https://thehackernews.com/2022/11/hackers-using-trending-invisible.html

DDoS as a holiday-season threat to e-commerce. TikTok challenge spreads malware. Meta's GDPR fine. US Cyber Command describes support for Ukraine's cyber defense.
https://thecyberwire.com/podcasts/daily-podcast/1712/notes

TSA Considers Using Third-Party Assessors in Coming Pipeline Regulations
https://malware.news/t/tsa-considers-using-third-party-assessors-in-coming-pipeline-regulations/65337#post_1

Subdomain Enumeration with DNSSEC
https://www.reddit.com/r/netsec/comments/z7t8r4/subdomain_enumeration_with_dnssec/

Xiongmai IoT Exploitation
https://www.reddit.com/r/netsec/comments/z84wuw/xiongmai_iot_exploitation/

Malware Analysis - Ghidra vs Cutter vs Binary Ninja vs IDA Free
https://malware.news/t/malware-analysis-ghidra-vs-cutter-vs-binary-ninja-vs-ida-free/65336#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 01/12/2022

AWS' Inspector offers vulnerability management for Lambda serverless functions
https://www.csoonline.com/article/3681117/aws-inspector-offers-vulnerability-management-for-lambda-serverless-functions.html#tk.rss_all

Welcoming women in cybersecurity.
https://thecyberwire.com/stories/e2039ffcbeb74e769032a2e0036033b0/welcoming-women-in-cybersecurity

FUD Java RAT
https://www.reddit.com/r/Malware/comments/z9dfwb/fud_java_rat/

The Burp challenge
https://portswigger.net/blog/the-burp-challenge

Discord For Malware Course
https://www.reddit.com/r/Malware/comments/z9745i/discord_for_malware_course/

What is Ransom Cartel? A ransomware gang focused on reputational damage
https://www.csoonline.com/article/3680734/what-is-ransom-cartel-a-ransomware-gang-focused-on-reputational-damage.html#tk.rss_all

Multiversity by @wefuzz_io, a collection of amazing resources for Hackers and Developers to learn, develop, showcase and contribute to the future of Web3 Security
https://www.reddit.com/r/netsec/comments/z8yp36/multiversity_by_wefuzz_io_a_collection_of_amazing/

Patching healthcare cybersecurity risks.
https://thecyberwire.com/podcasts/caveat/151/notes

AWS launches new cybersecurity service Amazon Security Lake
https://www.csoonline.com/article/3681082/aws-launches-new-cybersecurity-service-amazon-security-lake.html#tk.rss_all

Lastpass discloses the second security breach this year
https://securityaffairs.co/wordpress/139136/data-breach/lastpass-second-security-breach.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 02/12/2022

CISA: Cuba ransomware group has stolen $60 million from at least 100 organizations
https://malware.news/t/cisa-cuba-ransomware-group-has-stolen-60-million-from-at-least-100-organizations/65412#post_1

The CI/CD Goat just got wilder! - A new challenge to the deliberately vulnerable CI/CD environment
https://www.reddit.com/r/netsec/comments/z9pjzz/the_cicd_goat_just_got_wilder_a_new_challenge_to/

W4SP continues to nest in PyPI: Same supply chain attack, different distribution method
https://malware.news/t/w4sp-continues-to-nest-in-pypi-same-supply-chain-attack-different-distribution-method/65411#post_1

Software projects face supply chain security risk due to insecure artifact downloads via GitHub Actions
https://www.csoonline.com/article/3681988/software-projects-face-supply-chain-security-risk-due-to-insecure-artifact-downloads-via-github-act.html#tk.rss_all

Sasha Grey Is Not Recruiting Soldiers for the Russian Army
https://www.vice.com/en_us/article/k7b5jm/sasha-grey-is-not-recruiting-soldiers-for-the-russian-army

ASEC Weekly Phishing Email Threat Trend (November 13th, 2022 – November 19th, 2022 )
https://malware.news/t/asec-weekly-phishing-email-threat-trend-november-13th-2022-november-19th-2022/65415#post_1

Huawei Security Hypervisor Vulnerability
https://www.reddit.com/r/netsec/comments/z9s1as/huawei_security_hypervisor_vulnerability/

Cyberespionage, cybercrime, and patriotic hacktivism. The Heliconia framework described. Cyber risk for the telecom and healthcare sectors. Notes on the hybrid war. Predictions for 2023.
https://thecyberwire.com/podcasts/daily-podcast/1714/notes

Unauthenticated Command Injection in Asus M25 NAS
https://www.reddit.com/r/netsec/comments/z9phg8/unauthenticated_command_injection_in_asus_m25_nas/

2022-12-01 - Files for an ISC diary (obama224 Qakbot)
https://malware.news/t/2022-12-01-files-for-an-isc-diary-obama224-qakbot/65418#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 03/12/2022

Dell, HP, and Lenovo Devices Found Using Outdated OpenSSL Versions
https://thehackernews.com/2022/11/dell-hp-and-lenovo-devices-found-using.html

[Control Systems] ABB security advisory (AV22-670)
https://malware.news/t/control-systems-abb-security-advisory-av22-670/65441#post_1

Maria Varmazis interviews Brandon Bailey about Space Attack Research and Tactic Analysis, or SPARTA matrix.
https://thecyberwire.com/podcasts/interview-selects/137/notes

RansomHouse attacks Colombian healthcare network. Patient data exposed in breach. US school district suffers data breach.
https://thecyberwire.com/newsletters/privacy-briefing/4/230

Adversarial activity. Risk and trend reports. Sandworm renews ransomware activity against Ukrainian targets.
https://thecyberwire.com/newsletters/week-that-was/6/47

Elon Musk Confirms Twitter 2.0 will Bring End-to-End Encryption to Direct Messages
https://thehackernews.com/2022/11/elon-musk-confirms-twitter-20-will.html

Hackers Using Trending TikTok 'Invisible Challenge' to Spread Malware
https://thehackernews.com/2022/11/hackers-using-trending-invisible.html

Inside the Windows Cache Manager
https://malware.news/t/inside-the-windows-cache-manager/65445#post_1

Millions of Android Devices Still Don't Have Patches for Mali GPU Flaws
https://thehackernews.com/2022/11/million-of-android-devices-still-dont.html

U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk
https://thehackernews.com/2022/11/us-bans-chinese-telecom-equipment-and.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 04/12/2022

[KIS-2022-06] Drupal H5P Module <= 2.0.0 (isValidPackage) Zip Slip Vulnerability
https://www.reddit.com/r/netsec/comments/zbhtrx/kis202206_drupal_h5p_module_200_isvalidpackage/

Update: python-per-line.py Version 0.0.9
https://malware.news/t/update-python-per-line-py-version-0-0-9/65451#post_1

kitabisa/teler release v2.0.0-dev
https://www.reddit.com/r/netsec/comments/zbbcb8/kitabisateler_release_v200dev/

Securing Your SAP Environments: Going Beyond Access Control
https://securityintelligence.com/securing-sap-environments-beyond-access-control/

Linux LOLBins Applications Available in Windows, (Sat, Dec 3rd)
https://malware.news/t/linux-lolbins-applications-available-in-windows-sat-dec-3rd/65449#post_1

Pre-Auth RCE with CodeQL in Under 20 Minutes
https://www.reddit.com/r/netsec/comments/zbfj1a/preauth_rce_with_codeql_in_under_20_minutes/

Safe malware testing
https://www.reddit.com/r/Malware/comments/zbigro/safe_malware_testing/

New CryWiper wiper targets Russian entities masquerading as a ransomware
https://securityaffairs.co/wordpress/139237/malware/crywiper-wiper.html

Dissecting Windows Section Objects
https://malware.news/t/dissecting-windows-section-objects/65448#post_1

Using make_sc_hash_db.py to create API hashing DBs
https://malware.news/t/using-make-sc-hash-db-py-to-create-api-hashing-dbs/65450#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 05/12/2022

GitHub Actions - Artifact Poisoning Vulnerability
https://www.reddit.com/r/netsec/comments/zcdlzp/github_actions_artifact_poisoning_vulnerability/

Test Post 2 – 5 Dec Prod Release
https://malware.news/t/test-post-2-5-dec-prod-release/65457#post_1

OWASP Top 10 CI/CD Security Risks project released
https://www.reddit.com/r/netsec/comments/zckkhi/owasp_top_10_cicd_security_risks_project_released/

US DHS Cyber Safety Board will review Lapsus$ gang’s operations
https://securityaffairs.co/wordpress/139255/cyber-crime/us-dhs-cyber-safety-board-review-lapsus-attacks.html

Vulnerability Management: An essential tactic for zero trust from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/70/notes

Finger.exe LOLBin, (Sun, Dec 4th)
https://isc.sans.edu/diary/rss/29298

New report finds social media fueling a rise in primary school violence
https://malware.news/t/new-report-finds-social-media-fueling-a-rise-in-primary-school-violence/65461#post_1

Botnet servers found infected with Cobalt Strike Beacon Malware
https://www.reddit.com/r/Malware/comments/zcrlba/botnet_servers_found_infected_with_cobalt_strike/

Extracting Certificates For Defender
https://malware.news/t/extracting-certificates-for-defender/65455#post_1

Deobfuscation of .NET using PowerShelling & dnlib - Eternity Malware
https://malware.news/t/deobfuscation-of-net-using-powershelling-dnlib-eternity-malware/65456#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 06/12/2022

New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers
https://thehackernews.com/2022/12/new-bmc-supply-chain-vulnerabilities.html

[Help] I'm looking for a downloadable list of all CVEs including vulnerability
https://www.reddit.com/r/netsec/comments/zdm9g2/help_im_looking_for_a_downloadable_list_of_all/

Cybersecurity Plan: 3 Keys for CISOs
https://malware.news/t/cybersecurity-plan-3-keys-for-cisos/65499#post_1

Schoolyard Bully: a Facebook Trojan.
https://thecyberwire.com/stories/a22b8c59a5354b16bea865d1d1197efa/schoolyard-bully-a-facebook-trojan

Hijacking GitHub Repositories by Deleting and Restoring Them
https://www.reddit.com/r/netsec/comments/zdcgza/hijacking_github_repositories_by_deleting_and/

GitLab security advisory (AV22-676)
https://malware.news/t/gitlab-security-advisory-av22-676/65494#post_1

French hospital cancels operations after a ransomware attack
https://securityaffairs.co/wordpress/139316/cyber-crime/french-hospital-ransomware-attack-2.html

North Korean Hackers Spread AppleJeus Malware Disguised as Cryptocurrency Apps
https://thehackernews.com/2022/12/north-korean-hackers-spread-applejeus.html

Journalist Sues NSO After Being Hacked By Pegasus Spyware
https://packetstormsecurity.com/news/view/34104/Journalist-Sues-NSO-After-Being-Hacked-By-Pegasus-Spyware.html

A Detailed Analysis of The Last Version of REvil Ransomware [PDF]
https://www.reddit.com/r/netsec/comments/zd92ww/a_detailed_analysis_of_the_last_version_of_revil/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 07/12/2022

ISC StormCast for Wednesday, December 7th, 2022
https://isc.sans.edu/podcastdetail.html?id=8280

ISC Stormcast For Wednesday, December 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8280, (Wed, Dec 7th)
https://malware.news/t/isc-stormcast-for-wednesday-december-7th-2022-https-isc-sans-edu-podcastdetail-html-id-8280-wed-dec-7th/65539#post_1

Sophos fixed a critical flaw in its Sophos Firewall version 19.5
https://securityaffairs.co/wordpress/139362/security/sophos-firewall-critical-flaw.html

The changing role of the MITRE ATT@CK framework
https://www.csoonline.com/article/3681990/the-changing-role-of-the-mitre-att-ck-framework.html#tk.rss_all

Containers, Security, and Risks within Containerized Environments
https://securityintelligence.com/posts/containers-security-risks-containerized-environments/

ISC Stormcast For Wednesday, December 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8280, (Wed, Dec 7th)
https://isc.sans.edu/diary/rss/29310

Cyberespionage, privateering, hacktivism and influence operations, in Ukraine, Russia, the Middle East, and elsewhere. Criminals need quality control, too. A new entry in CISA’s KEV Catalog.
https://thecyberwire.com/podcasts/daily-podcast/1717/notes

Darknet's Largest Mobile Malware Marketplace Threatens Users Worldwide
https://thehackernews.com/2022/12/darknets-largest-mobile-malware.html

Telcom and BPO Companies Under Attack by SIM Swapping Hackers
https://thehackernews.com/2022/12/telcom-and-bpo-companies-under-attack.html

Want To Detect Cobalt Strike On The Network? Look To Process Memory
https://packetstormsecurity.com/news/view/34112/Want-To-Detect-Cobalt-Strike-On-The-Network-Look-To-Process-Memory.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 08/12/2022

Trojan analysis
https://www.reddit.com/r/Malware/comments/zfh5uh/trojan_analysis/

Follow the money along the blockchain.
https://thecyberwire.com/podcasts/caveat/152/notes

An Artist Used Pokémon Go Technology to Sell ‘Crypto Cocaine’ NFTs in Art Basel Bathrooms
https://www.vice.com/en_us/article/93ajye/a-ton-of-coke-crypto-cocaine-nfts-art-basel-festival-miami

Apple announces new security and privacy measures amid surge in cyber-attacks
https://www.theguardian.com/technology/2022/dec/07/apple-new-security-privacy-measures-spike-cyber-attacks

Android 13 Image Now Available
https://malware.news/t/android-13-image-now-available/65568#post_1

Do not get your news on social media.
https://thecyberwire.com/podcasts/hacking-humans/223/notes

South Pacific Vacations May Be Wrecked By Ransomware
https://packetstormsecurity.com/news/view/34120/South-Pacific-Vacations-May-Be-Wrecked-By-Ransomware.html

Ransomware, third-party risk, cyberespionage, social engineering, and a software supply-chain threat..
https://thecyberwire.com/podcasts/daily-podcast/1718/notes

ISC StormCast for Thursday, December 8th, 2022
https://isc.sans.edu/podcastdetail.html?id=8282

ASEC Weekly Phishing Email Threat Trend (November 20th, 2022 – November 26th, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trend-november-20th-2022-november-26th-2022/65569#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 09/12/2022

COVID-bit: New COVert Channel to Exfiltrate Data from Air-Gapped Computers
https://thehackernews.com/2022/12/covid-bit-new-covert-channel-to.html

Vehicle Identification Numbers reveal driver data via telematics
https://www.malwarebytes.com/blog/news/2022/12/vehicle-identification-numbers-reveal-driver-data-via-telematics

ISC StormCast for Friday, December 9th, 2022
https://isc.sans.edu/podcastdetail.html?id=8284

The IT Army of Ukraine claims VTB DDoS. DPRK exploits Internet Explorer vulnerability. New variant of Babuk ransomware reported. Blind spots in air-gapped networks. And, dog and cat hacking.
https://thecyberwire.com/podcasts/daily-podcast/1719/notes

Guy Who Wrote Minecraft's Ending Poem Makes It Public Domain After Taking Shrooms
https://www.vice.com/en_us/article/m7gn3q/guy-who-wrote-minecrafts-ending-poem-makes-it-public-domain-after-taking-shrooms

Using ChatGPT to Generate Phishing Campaigns
https://www.reddit.com/r/netsec/comments/zgkz7n/using_chatgpt_to_generate_phishing_campaigns/

5 SaaS security best practices
https://www.malwarebytes.com/blog/business/2022/12/5-saas-security-best-practices

2023 NDAA's cyber provisions. States vs. TikTok. Cyber incident reporting rules. Takedown orders in India.
https://thecyberwire.com/newsletters/policy-briefing/4/234

APT37 used Internet Explorer Zero-Day in a recent campaign
https://securityaffairs.co/wordpress/139403/apt/apt37-internet-explorer-zero-day.html

ISC Stormcast For Friday, December 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8284, (Fri, Dec 9th)
https://malware.news/t/isc-stormcast-for-friday-december-9th-2022-https-isc-sans-edu-podcastdetail-html-id-8284-fri-dec-9th/65612#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 10/12/2022

Cobalt Mirage's Dokbk malware. Zombinder in the C2C market. Relief-themed impersonation scams.
https://thecyberwire.com/newsletters/daily-briefing/11/235

Epic Games introduces safer accounts for kids
https://www.malwarebytes.com/blog/news/2022/12/epic-games-places-child-accounts-into-a-security-cabinet

Cybersecurity during the World Cup.
https://thecyberwire.com/podcasts/research-saturday/261/notes

Why is Robust API Security Crucial in eCommerce?
https://thehackernews.com/2022/12/why-is-robust-api-security-crucial-in.html

This week's activities in cyber gangland. Trends in ransomware. Rackspace works to remediate a ransomware incident.
https://thecyberwire.com/newsletters/week-that-was/6/48

Researchers Detail New Attack Method to Bypass Popular Web Application Firewalls
https://thehackernews.com/2022/12/researchers-detail-new-attack-method-to.html

Pwn2Own Toronto 2022 Day 3: Participants earned nearly $1 million
https://securityaffairs.co/wordpress/139462/hacking/pwn2own-toronto-2022-day-3-participants-earned-nearly-1-million.html

EU court orders Google to remove false search results. Australia’s strategy for awakening from its cyber slumber. Netherlands to join US in Chinese tech export ban.
https://thecyberwire.com/newsletters/policy-briefing/4/235

Security Advisory for FreeBSD Ping Stack-Based Overflow CVE-2022-23093
https://malware.news/t/security-advisory-for-freebsd-ping-stack-based-overflow-cve-2022-23093/65633#post_1

Mike Hamilton, former CISO of Seattle discusses how $1 billion for cybersecurity funding will be difficult to distribute to state and local governments.
https://thecyberwire.com/podcasts/interview-selects/138/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 11/12/2022

Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant
https://thehackernews.com/2022/12/hack-for-hire-group-targets-travel-and.html

Telstra sorry for publishing up to 130,000 customers’ details online
https://www.theguardian.com/business/2022/dec/11/telstra-sorry-for-publishing-up-to-130000-customers-details-online

US HHS warns healthcare orgs of Royal Ransomware attacks
https://securityaffairs.co/wordpress/139486/cyber-crime/us-hhs-royal-ransomware-attacks.html

Diamond industry under attack – Week in security with Tony Anscombe
https://malware.news/t/diamond-industry-under-attack-week-in-security-with-tony-anscombe/65635#post_1

At least 4,460 vulnerable Pulse Connect Secure hosts are exposed to the Internet
https://securityaffairs.co/wordpress/139491/security/pulse-connect-secure-vulnerbale-hosts.html

Can Machines Create Truly Authentic Content?
https://malware.news/t/can-machines-create-truly-authentic-content/65638#post_1

Someone on a Discord DM tried to get me to install malware from a website, can I report this somehow?
https://www.reddit.com/r/Malware/comments/zhwg81/someone_on_a_discord_dm_tried_to_get_me_to/

Yara rules collection
https://malware.news/t/yara-rules-collection/65636#post_1

Mobile Bug Bounty Hunting? Enter BLE – Cybervelia
https://www.reddit.com/r/netsec/comments/zhnaeo/mobile_bug_bounty_hunting_enter_ble_cybervelia/

Deep Dive: PIPEDREAM/Incontroller ICS Attack Framework
https://malware.news/t/deep-dive-pipedream-incontroller-ics-attack-framework/65637#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman