Top Security New for 18/05/2022
Update now! Apple patches zero-day vulnerability affecting Macs, Apple Watch, and Apple TV
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/update-now-apple-patches-zero-day-vulnerability-affecting-macs-apple-watch-and-apple-tv/
Over 200 Apps on Play Store Caught Spying on Android Users Using Facestealer
https://thehackernews.com/2022/05/over-200-apps-on-play-store-caught.html
Gmail-linked Facebook accounts vulnerable to attack using a chain of bugs—now fixed
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/gmail-linked-facebook-accounts-vulnerable-to-attack-using-a-chain-of-bugs-now-fixed/
Long lost @ symbol gets new life obscuring malicious URLs
https://blog.malwarebytes.com/social-engineering/2022/05/long-lost-symbol-gets-new-life-obscuring-malicious-urls/
A dev's critique of OAUTH2, based on their experience. "OAUTH2 ... places the viability of [client developers'] products in the hands of corporate entities who are in no way accountable to anyone except their major shareholders."
https://www.reddit.com/r/netsec/comments/urfk8m/a_devs_critique_of_oauth2_based_on_their/
Kids 5 to 11 get FDA OK for COVID-19 booster doses
https://arstechnica.com/?p=1854632
Stealing Google Drive OAuth tokens from Dropbox
https://www.reddit.com/r/netsec/comments/urvcip/stealing_google_drive_oauth_tokens_from_dropbox/
“Look what I found here” phish targets Facebook users
https://blog.malwarebytes.com/scams/2022/05/look-what-i-found-here-phish-targets-facebook-users/
BrandPost: DDos Extortion Takes VoIP Providers Offline
https://www.csoonline.com/article/3660514/ddos-extortion-takes-voip-providers-offline.html#tk.rss_all
Car owners warned of another theft-enabling relay attack
https://blog.malwarebytes.com/hacking-2/2022/05/car-owners-warned-of-another-theft-enabling-relay-attack/
For more information, feel free to follow me at @ShayaFeedman on Twitter
Update now! Apple patches zero-day vulnerability affecting Macs, Apple Watch, and Apple TV
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/update-now-apple-patches-zero-day-vulnerability-affecting-macs-apple-watch-and-apple-tv/
Over 200 Apps on Play Store Caught Spying on Android Users Using Facestealer
https://thehackernews.com/2022/05/over-200-apps-on-play-store-caught.html
Gmail-linked Facebook accounts vulnerable to attack using a chain of bugs—now fixed
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/gmail-linked-facebook-accounts-vulnerable-to-attack-using-a-chain-of-bugs-now-fixed/
Long lost @ symbol gets new life obscuring malicious URLs
https://blog.malwarebytes.com/social-engineering/2022/05/long-lost-symbol-gets-new-life-obscuring-malicious-urls/
A dev's critique of OAUTH2, based on their experience. "OAUTH2 ... places the viability of [client developers'] products in the hands of corporate entities who are in no way accountable to anyone except their major shareholders."
https://www.reddit.com/r/netsec/comments/urfk8m/a_devs_critique_of_oauth2_based_on_their/
Kids 5 to 11 get FDA OK for COVID-19 booster doses
https://arstechnica.com/?p=1854632
Stealing Google Drive OAuth tokens from Dropbox
https://www.reddit.com/r/netsec/comments/urvcip/stealing_google_drive_oauth_tokens_from_dropbox/
“Look what I found here” phish targets Facebook users
https://blog.malwarebytes.com/scams/2022/05/look-what-i-found-here-phish-targets-facebook-users/
BrandPost: DDos Extortion Takes VoIP Providers Offline
https://www.csoonline.com/article/3660514/ddos-extortion-takes-voip-providers-offline.html#tk.rss_all
Car owners warned of another theft-enabling relay attack
https://blog.malwarebytes.com/hacking-2/2022/05/car-owners-warned-of-another-theft-enabling-relay-attack/
For more information, feel free to follow me at @ShayaFeedman on Twitter
Malwarebytes
Update now! Apple patches zero-day vulnerability affecting Macs, Apple Watch, and Apple TV
If you're an Apple user, make sure you patch for CVE-2022-22675, a zero-day flaw actively exported in the wild.
👍1
Top Security New for 19/05/2022
Researchers Expose Inner Workings of Billion-Dollar Wizard Spider Cybercrime Gang
https://thehackernews.com/2022/05/researchers-expose-inner-working-of.html
BrandPost: How a Culture of Learning Can Help Close the Cybersecurity Skills Gap
https://www.csoonline.com/article/3661228/how-a-culture-of-learning-can-help-close-the-cybersecurity-skills-gap.html#tk.rss_all
Google Russia forced to declare bankruptcy after bank account seizure
https://arstechnica.com/?p=1854920
U.S. Warns Against North Korean Hackers Posing as IT Freelancers
https://thehackernews.com/2022/05/us-warns-against-north-korean-hackers.html
What Microsoft Defender can tell you about your network
https://www.csoonline.com/article/3660494/what-microsoft-defender-can-tell-you-about-your-network.html#tk.rss_all
ISC Stormcast For Thursday, May 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8014, (Thu, May 19th)
https://malware.news/t/isc-stormcast-for-thursday-may-19th-2022-https-isc-sans-edu-podcastdetail-html-id-8014-thu-may-19th/60274/1
ISC Stormcast For Thursday, May 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8014, (Thu, May 19th)
https://isc.sans.edu/diary/rss/28666
2022-05-18 - Pcap and malware for ISC diary: EXOTIC LILY --> Bumblebee --> Cobalt Strike
https://malware.news/t/2022-05-18-pcap-and-malware-for-isc-diary-exotic-lily-bumblebee-cobalt-strike/60276/1
Ransomware: What’s in a Name?
https://malware.news/t/ransomware-what-s-in-a-name/60270/1
2022-05-18 - TA578 thread-hijacked emails and ISO example for Bumblebee
https://malware.news/t/2022-05-18-ta578-thread-hijacked-emails-and-iso-example-for-bumblebee/60273/1
For more information, feel free to follow me at https://twitter.com/ShayaFeedman
Researchers Expose Inner Workings of Billion-Dollar Wizard Spider Cybercrime Gang
https://thehackernews.com/2022/05/researchers-expose-inner-working-of.html
BrandPost: How a Culture of Learning Can Help Close the Cybersecurity Skills Gap
https://www.csoonline.com/article/3661228/how-a-culture-of-learning-can-help-close-the-cybersecurity-skills-gap.html#tk.rss_all
Google Russia forced to declare bankruptcy after bank account seizure
https://arstechnica.com/?p=1854920
U.S. Warns Against North Korean Hackers Posing as IT Freelancers
https://thehackernews.com/2022/05/us-warns-against-north-korean-hackers.html
What Microsoft Defender can tell you about your network
https://www.csoonline.com/article/3660494/what-microsoft-defender-can-tell-you-about-your-network.html#tk.rss_all
ISC Stormcast For Thursday, May 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8014, (Thu, May 19th)
https://malware.news/t/isc-stormcast-for-thursday-may-19th-2022-https-isc-sans-edu-podcastdetail-html-id-8014-thu-may-19th/60274/1
ISC Stormcast For Thursday, May 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8014, (Thu, May 19th)
https://isc.sans.edu/diary/rss/28666
2022-05-18 - Pcap and malware for ISC diary: EXOTIC LILY --> Bumblebee --> Cobalt Strike
https://malware.news/t/2022-05-18-pcap-and-malware-for-isc-diary-exotic-lily-bumblebee-cobalt-strike/60276/1
Ransomware: What’s in a Name?
https://malware.news/t/ransomware-what-s-in-a-name/60270/1
2022-05-18 - TA578 thread-hijacked emails and ISO example for Bumblebee
https://malware.news/t/2022-05-18-ta578-thread-hijacked-emails-and-iso-example-for-bumblebee/60273/1
For more information, feel free to follow me at https://twitter.com/ShayaFeedman
CSO Online
How a Culture of Learning Can Help Close the Cybersecurity Skills Gap
Whether it’s building an understanding of cybersecurity best practices or advancing highly technical cyber skills, training and certifications are ways organizations are ensuring the skills gap isn’t compromising their security.
Top Security New for 20/05/2022
Uber CISO's trial underscores the importance of truth, transparency, and trust
https://www.csoonline.com/article/3660560/uber-cisos-trial-underscores-the-importance-of-truth-transparency-and-trust.html#tk.rss_all
Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
https://www.reddit.com/r/netsec/comments/ut76ps/rise_in_xorddos_a_deeper_look_at_the_stealthy/
QuSecure launches end-to-end post-quantum cybersecurity solution
https://www.csoonline.com/article/3660775/qusecure-launches-end-to-end-post-quantum-cybersecurity-solution.html#tk.rss_all
10 ways attackers gain access to networks
https://blog.malwarebytes.com/hacking-2/2022/05/10-ways-attackers-gain-access-to-networks/
ISC Stormcast For Friday, May 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8016, (Fri, May 20th)
https://isc.sans.edu/diary/rss/28668
WannaCry 5 years on: Still a top threat
https://www.csoonline.com/article/3660575/wannacry-5-years-on-still-a-top-threat.html#tk.rss_all
Is Hack the Kernel a great way to learn operating systems?
https://www.reddit.com/r/lowlevel/comments/utf4ij/is_hack_the_kernel_a_great_way_to_learn_operating/
Enterprises report rise in risk events, yet risk management lags
https://www.csoonline.com/article/3661350/enterprises-report-rise-in-risk-events-yet-risk-management-lags.html#tk.rss_all
Web Trackers Caught Intercepting Online Forms Even Before Users Hit Submit
https://thehackernews.com/2022/05/web-trackers-caught-intercepting-online.html
[RE027] China-based APT Mustang Panda might have still continued their attack activities against organizations in Vietnam
https://malware.news/t/re027-china-based-apt-mustang-panda-might-have-still-continued-their-attack-activities-against-organizations-in-vietnam/60324/1
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Uber CISO's trial underscores the importance of truth, transparency, and trust
https://www.csoonline.com/article/3660560/uber-cisos-trial-underscores-the-importance-of-truth-transparency-and-trust.html#tk.rss_all
Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
https://www.reddit.com/r/netsec/comments/ut76ps/rise_in_xorddos_a_deeper_look_at_the_stealthy/
QuSecure launches end-to-end post-quantum cybersecurity solution
https://www.csoonline.com/article/3660775/qusecure-launches-end-to-end-post-quantum-cybersecurity-solution.html#tk.rss_all
10 ways attackers gain access to networks
https://blog.malwarebytes.com/hacking-2/2022/05/10-ways-attackers-gain-access-to-networks/
ISC Stormcast For Friday, May 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8016, (Fri, May 20th)
https://isc.sans.edu/diary/rss/28668
WannaCry 5 years on: Still a top threat
https://www.csoonline.com/article/3660575/wannacry-5-years-on-still-a-top-threat.html#tk.rss_all
Is Hack the Kernel a great way to learn operating systems?
https://www.reddit.com/r/lowlevel/comments/utf4ij/is_hack_the_kernel_a_great_way_to_learn_operating/
Enterprises report rise in risk events, yet risk management lags
https://www.csoonline.com/article/3661350/enterprises-report-rise-in-risk-events-yet-risk-management-lags.html#tk.rss_all
Web Trackers Caught Intercepting Online Forms Even Before Users Hit Submit
https://thehackernews.com/2022/05/web-trackers-caught-intercepting-online.html
[RE027] China-based APT Mustang Panda might have still continued their attack activities against organizations in Vietnam
https://malware.news/t/re027-china-based-apt-mustang-panda-might-have-still-continued-their-attack-activities-against-organizations-in-vietnam/60324/1
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO Online
Uber CISO's trial underscores the importance of truth, transparency, and trust
The criminal trial offers a lesson in the value of both CISOs and organizations adhering to a policy of truth, transparency and trust when it comes to security.
Top Security New for 21/05/2022
[SANS ISC] A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes
https://blog.rootshell.be/2022/05/20/sans-isc-a-zip-bomb-to-bypass-security-controls-sandboxes/
When eBPF meets TLS! A Security Focused Introduction to eBPF
https://www.reddit.com/r/netsec/comments/uu9agd/when_ebpf_meets_tls_a_security_focused/
Tesla, Microsoft and Ubuntu bugs found during Pwn2Own hacking competition
https://malware.news/t/tesla-microsoft-and-ubuntu-bugs-found-during-pwn2own-hacking-competition/60356/1
Shift left is only part of secure software delivery
https://malware.news/t/shift-left-is-only-part-of-secure-software-delivery/60354/1
Canada bans Huawei, ZTE in 5G networks
https://www.networkworld.com/article/3661691/canada-bans-huawei-zte-in-5g-networks.html#tk.rss_all
Microsoft Warns Rise in XorDdos Malware Targeting Linux Devices
https://thehackernews.com/2022/05/microsoft-warns-rise-in-xorddos-malware.html
Matryoshka Trap: Recursive MMIO Flaws Lead to VM Escape
https://www.reddit.com/r/netsec/comments/uuaeqm/matryoshka_trap_recursive_mmio_flaws_lead_to_vm/
Cytrox's Predator Spyware Target Android Users with Zero-Day Exploits
https://thehackernews.com/2022/05/cytroxs-predator-spyware-target-android.html
Is Conti rebranding? Commercial spyware scrutinized. Notes from the cyber phases of a hybrid war. Notes on the underworld. Software supply chain attack. Canada will exclude Huawei from 5G.
https://thecyberwire.com/podcasts/daily-podcast/1583/notes
Raytheon’s John DeSimone on building the offensive line
https://www.csoonline.com/article/3660638/raytheon-s-john-desimone-on-building-the-offensive-line.html#tk.rss_all
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
[SANS ISC] A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes
https://blog.rootshell.be/2022/05/20/sans-isc-a-zip-bomb-to-bypass-security-controls-sandboxes/
When eBPF meets TLS! A Security Focused Introduction to eBPF
https://www.reddit.com/r/netsec/comments/uu9agd/when_ebpf_meets_tls_a_security_focused/
Tesla, Microsoft and Ubuntu bugs found during Pwn2Own hacking competition
https://malware.news/t/tesla-microsoft-and-ubuntu-bugs-found-during-pwn2own-hacking-competition/60356/1
Shift left is only part of secure software delivery
https://malware.news/t/shift-left-is-only-part-of-secure-software-delivery/60354/1
Canada bans Huawei, ZTE in 5G networks
https://www.networkworld.com/article/3661691/canada-bans-huawei-zte-in-5g-networks.html#tk.rss_all
Microsoft Warns Rise in XorDdos Malware Targeting Linux Devices
https://thehackernews.com/2022/05/microsoft-warns-rise-in-xorddos-malware.html
Matryoshka Trap: Recursive MMIO Flaws Lead to VM Escape
https://www.reddit.com/r/netsec/comments/uuaeqm/matryoshka_trap_recursive_mmio_flaws_lead_to_vm/
Cytrox's Predator Spyware Target Android Users with Zero-Day Exploits
https://thehackernews.com/2022/05/cytroxs-predator-spyware-target-android.html
Is Conti rebranding? Commercial spyware scrutinized. Notes from the cyber phases of a hybrid war. Notes on the underworld. Software supply chain attack. Canada will exclude Huawei from 5G.
https://thecyberwire.com/podcasts/daily-podcast/1583/notes
Raytheon’s John DeSimone on building the offensive line
https://www.csoonline.com/article/3660638/raytheon-s-john-desimone-on-building-the-offensive-line.html#tk.rss_all
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
/dev/random
[SANS ISC] A 'Zip Bomb' to Bypass Security Controls & Sandboxes - /dev/random
I published the following diary on isc.sans.edu: “A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes“: Yesterday, I analyzed a malicious archive for a customer. It was delivered to the mailbox of a user who, hopefully, was security-aware and reported it.…
👍1
Top Security New for 22/05/2022
Biden administration lays out plan for four carbon-capture facilities
https://arstechnica.com/?p=1855569
Asian media company Nikkei suffered a ransomware attack
https://securityaffairs.co/wordpress/131533/data-breach/nikkei-data-breach.html
Russia-linked Sandworm continues to conduct attacks against Ukraine
https://securityaffairs.co/wordpress/131523/apt/sandworm-attacks-against-ukraine.html
Metastealer – filling the Racoon void
https://www.reddit.com/r/Malware/comments/uuhier/metastealer_filling_the_racoon_void/
AutoWarp bug leads to Automation headaches.
https://thecyberwire.com/podcasts/research-saturday/233/notes
SolarWinds ready to move past breach and help customers manage theirs
https://malware.news/t/solarwinds-ready-to-move-past-breach-and-help-customers-manage-theirs/60360/1
Researchers Find Backdoor in School Management Plugin for WordPress
https://thehackernews.com/2022/05/researchers-find-backdoor-in-school.html
Metastealer – filling the Racoon void
https://www.reddit.com/r/netsec/comments/uuob6i/metastealer_filling_the_racoon_void/
$547 Worth of 18 Books on Python Coding by Starch Press for $18 (-97% oFF)
https://www.reddit.com/r/netsec/comments/uul1lw/547_worth_of_18_books_on_python_coding_by_starch/
network configuration for malware analysis
https://www.reddit.com/r/Malware/comments/uuuwv3/network_configuration_for_malware_analysis/
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Biden administration lays out plan for four carbon-capture facilities
https://arstechnica.com/?p=1855569
Asian media company Nikkei suffered a ransomware attack
https://securityaffairs.co/wordpress/131533/data-breach/nikkei-data-breach.html
Russia-linked Sandworm continues to conduct attacks against Ukraine
https://securityaffairs.co/wordpress/131523/apt/sandworm-attacks-against-ukraine.html
Metastealer – filling the Racoon void
https://www.reddit.com/r/Malware/comments/uuhier/metastealer_filling_the_racoon_void/
AutoWarp bug leads to Automation headaches.
https://thecyberwire.com/podcasts/research-saturday/233/notes
SolarWinds ready to move past breach and help customers manage theirs
https://malware.news/t/solarwinds-ready-to-move-past-breach-and-help-customers-manage-theirs/60360/1
Researchers Find Backdoor in School Management Plugin for WordPress
https://thehackernews.com/2022/05/researchers-find-backdoor-in-school.html
Metastealer – filling the Racoon void
https://www.reddit.com/r/netsec/comments/uuob6i/metastealer_filling_the_racoon_void/
$547 Worth of 18 Books on Python Coding by Starch Press for $18 (-97% oFF)
https://www.reddit.com/r/netsec/comments/uul1lw/547_worth_of_18_books_on_python_coding_by_starch/
network configuration for malware analysis
https://www.reddit.com/r/Malware/comments/uuuwv3/network_configuration_for_malware_analysis/
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Ars Technica
Biden administration lays out plan for four carbon-capture facilities
Big infrastructure package includes funds for the underdeveloped technology.
Top Security New for 23/05/2022
North Korea-linked Lazarus APT uses Log4J to target VMware servers
https://securityaffairs.co/wordpress/131483/apt/lazarus-apt-log4j-vmware-servers.html
Charity Wright: Pursue what you love. [Threat intelligence]
https://thecyberwire.com/podcasts/career-notes/101/notes
Android SMS catcher
https://0x00sec.org/t/android-sms-catcher/29445
ASEC Weekly Malware Statistics (May 9th, 2022 – May 15th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-may-9th-2022-may-15th-2022/60364/1
How to program watch OS
https://www.reddit.com/r/lowlevel/comments/uv88mc/how_to_program_watch_os/
Conscerned
https://www.reddit.com/r/Malware/comments/uvaxu5/conscerned/
Misinformation needs tackling and it would help if politicians stopped muddying the water
https://malware.news/t/misinformation-needs-tackling-and-it-would-help-if-politicians-stopped-muddying-the-water/60362/1
ISC StormCast for Monday, May 23rd, 2022
https://isc.sans.edu/podcastdetail.html?id=8018
A year after report, task force urges U.S. to keep ransomware on front burner
https://www.reddit.com/r/Malware/comments/uv37s6/a_year_after_report_task_force_urges_us_to_keep/
ISC Stormcast For Monday, May 23rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8018, (Mon, May 23rd)
https://malware.news/t/isc-stormcast-for-monday-may-23rd-2022-https-isc-sans-edu-podcastdetail-html-id-8018-mon-may-23rd/60363/1
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
North Korea-linked Lazarus APT uses Log4J to target VMware servers
https://securityaffairs.co/wordpress/131483/apt/lazarus-apt-log4j-vmware-servers.html
Charity Wright: Pursue what you love. [Threat intelligence]
https://thecyberwire.com/podcasts/career-notes/101/notes
Android SMS catcher
https://0x00sec.org/t/android-sms-catcher/29445
ASEC Weekly Malware Statistics (May 9th, 2022 – May 15th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-may-9th-2022-may-15th-2022/60364/1
How to program watch OS
https://www.reddit.com/r/lowlevel/comments/uv88mc/how_to_program_watch_os/
Conscerned
https://www.reddit.com/r/Malware/comments/uvaxu5/conscerned/
Misinformation needs tackling and it would help if politicians stopped muddying the water
https://malware.news/t/misinformation-needs-tackling-and-it-would-help-if-politicians-stopped-muddying-the-water/60362/1
ISC StormCast for Monday, May 23rd, 2022
https://isc.sans.edu/podcastdetail.html?id=8018
A year after report, task force urges U.S. to keep ransomware on front burner
https://www.reddit.com/r/Malware/comments/uv37s6/a_year_after_report_task_force_urges_us_to_keep/
ISC Stormcast For Monday, May 23rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8018, (Mon, May 23rd)
https://malware.news/t/isc-stormcast-for-monday-may-23rd-2022-https-isc-sans-edu-podcastdetail-html-id-8018-mon-may-23rd/60363/1
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
North Korea-linked Lazarus APT uses Log4J to target VMware servers
North Korea-linked Lazarus APT is exploiting the Log4J remote code execution (RCE) in attacks aimed at VMware Horizon servers.
Top Security New for 24/05/2022
A week in security (May 16 – 22)
https://blog.malwarebytes.com/a-week-in-security/2022/05/a-week-in-security-may-16-22/
Canada's ban on Huawei and ZTE. Ransomware task forces. NSF advocates threat intelligence sharing.
https://thecyberwire.com/newsletters/policy-briefing/4/99
Data protection concerns spike as states get ready to outlaw abortion
https://www.csoonline.com/article/3661689/data-protection-concerns-spike-as-states-get-ready-to-outlaw-abortion.html#tk.rss_all
Hiding MSFVENOM Payloads in USB NIC EEPROM
https://www.reddit.com/r/netsec/comments/uw4feh/hiding_msfvenom_payloads_in_usb_nic_eeprom/
ISC StormCast for Tuesday, May 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8020
mx-takeover focuses DNS MX records and detects misconfigured MX records.
https://www.reddit.com/r/netsec/comments/uw2s73/mxtakeover_focuses_dns_mx_records_and_detects/
Beneath the surface: Uncovering the shift in web skimming
https://www.reddit.com/r/netsec/comments/uw42x0/beneath_the_surface_uncovering_the_shift_in_web/
Cyber developments in Russia's hybrid war against Ukraine. Conti's dissolution.
https://thecyberwire.com/newsletters/daily-briefing/11/99
VOLUME 38 OF THE HACKER DIGEST RELEASED
https://www.2600.com/content/volume-38-hacker-digest-released
DEADLINE FOR SUBMITTING HOPE TALK PROPOSALS IS MAY 31, 2022!
https://www.2600.com/content/deadline-submitting-hope-talk-proposals-may-31-2022
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
A week in security (May 16 – 22)
https://blog.malwarebytes.com/a-week-in-security/2022/05/a-week-in-security-may-16-22/
Canada's ban on Huawei and ZTE. Ransomware task forces. NSF advocates threat intelligence sharing.
https://thecyberwire.com/newsletters/policy-briefing/4/99
Data protection concerns spike as states get ready to outlaw abortion
https://www.csoonline.com/article/3661689/data-protection-concerns-spike-as-states-get-ready-to-outlaw-abortion.html#tk.rss_all
Hiding MSFVENOM Payloads in USB NIC EEPROM
https://www.reddit.com/r/netsec/comments/uw4feh/hiding_msfvenom_payloads_in_usb_nic_eeprom/
ISC StormCast for Tuesday, May 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8020
mx-takeover focuses DNS MX records and detects misconfigured MX records.
https://www.reddit.com/r/netsec/comments/uw2s73/mxtakeover_focuses_dns_mx_records_and_detects/
Beneath the surface: Uncovering the shift in web skimming
https://www.reddit.com/r/netsec/comments/uw42x0/beneath_the_surface_uncovering_the_shift_in_web/
Cyber developments in Russia's hybrid war against Ukraine. Conti's dissolution.
https://thecyberwire.com/newsletters/daily-briefing/11/99
VOLUME 38 OF THE HACKER DIGEST RELEASED
https://www.2600.com/content/volume-38-hacker-digest-released
DEADLINE FOR SUBMITTING HOPE TALK PROPOSALS IS MAY 31, 2022!
https://www.2600.com/content/deadline-submitting-hope-talk-proposals-may-31-2022
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes Labs
A week in security (May 16 – 22)
The most important and interesting computer security stories from the last seven days.
Top Security News for 25/05/2022
Suspected Chinese threat actors target Russian government entities. New version of Sandworm malware loader. Linux botnet activity.
https://thecyberwire.com/newsletters/research-briefing/4/21
7 machine identity management best practices
https://www.csoonline.com/article/3661357/7-machine-identity-best-practices.html#tk.rss_all
New Rhino Blog Post: CVE-2022-25237: Bonitasoft Authorization Bypass and RCE
https://www.reddit.com/r/netsec/comments/uwt4gq/new_rhino_blog_post_cve202225237_bonitasoft/
Exium expands SASE, 5G-based security for midsize enterprise networks
https://www.networkworld.com/article/3661700/exium-expands-sase-5g-based-security-for-midsize-enterprise-networks.html#tk.rss_all
ISC StormCast for Wednesday, May 25th, 2022
https://isc.sans.edu/podcastdetail.html?id=8022
Zoom patches XMPP vulnerability chain that could lead to remote code execution
https://malware.news/t/zoom-patches-xmpp-vulnerability-chain-that-could-lead-to-remote-code-execution/60432/1
Method that Tricks Users to Perceive Attachment of PDF File as Safe File
https://malware.news/t/method-that-tricks-users-to-perceive-attachment-of-pdf-file-as-safe-file/60435/1
CMMC issues. CISA's forthcoming incident reporting rules. US FTC blogs policy.
https://thecyberwire.com/newsletters/policy-briefing/4/100
Experts to World: We’re Doomed
https://www.vice.com/en_us/article/93bxxv/experts-to-world-were-doomed
SIM-based Authentication Aims to Transform Device Binding Security to End Phishing
https://thehackernews.com/2022/05/sim-based-authentication-aims-to.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Suspected Chinese threat actors target Russian government entities. New version of Sandworm malware loader. Linux botnet activity.
https://thecyberwire.com/newsletters/research-briefing/4/21
7 machine identity management best practices
https://www.csoonline.com/article/3661357/7-machine-identity-best-practices.html#tk.rss_all
New Rhino Blog Post: CVE-2022-25237: Bonitasoft Authorization Bypass and RCE
https://www.reddit.com/r/netsec/comments/uwt4gq/new_rhino_blog_post_cve202225237_bonitasoft/
Exium expands SASE, 5G-based security for midsize enterprise networks
https://www.networkworld.com/article/3661700/exium-expands-sase-5g-based-security-for-midsize-enterprise-networks.html#tk.rss_all
ISC StormCast for Wednesday, May 25th, 2022
https://isc.sans.edu/podcastdetail.html?id=8022
Zoom patches XMPP vulnerability chain that could lead to remote code execution
https://malware.news/t/zoom-patches-xmpp-vulnerability-chain-that-could-lead-to-remote-code-execution/60432/1
Method that Tricks Users to Perceive Attachment of PDF File as Safe File
https://malware.news/t/method-that-tricks-users-to-perceive-attachment-of-pdf-file-as-safe-file/60435/1
CMMC issues. CISA's forthcoming incident reporting rules. US FTC blogs policy.
https://thecyberwire.com/newsletters/policy-briefing/4/100
Experts to World: We’re Doomed
https://www.vice.com/en_us/article/93bxxv/experts-to-world-were-doomed
SIM-based Authentication Aims to Transform Device Binding Security to End Phishing
https://thehackernews.com/2022/05/sim-based-authentication-aims-to.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Suspected Chinese threat actors target Russian government entities. New version of Sandworm malware loader. Linux botnet activity.
👍1
Top Security News for 26/05/2022
How the Saitama backdoor uses DNS tunnelling
https://blog.malwarebytes.com/threat-intelligence/2022/05/how-the-saitama-backdoor-uses-dns-tunnelling/
PIXM releases new computer vision solution for mobile phishing
https://www.csoonline.com/article/3661560/pixm-releases-new-computer-vision-solution-for-mobile-phishing.html#tk.rss_all
Pfizer warns of “constant waves” of COVID as complacency grows
https://arstechnica.com/?p=1856239
Learn How Hackers Can Hijack Your Online Accounts Even Before You Create Them
https://thehackernews.com/2022/05/learn-how-hackers-can-hijack-your.html
BrandPost: How Shift Left Security Helps Developers Build More Secure Cloud-Native Apps
https://www.csoonline.com/article/3662070/how-shift-left-security-helps-developers-build-more-secure-cloud-native-apps.html#tk.rss_all
Twitter fined $150 million by FTC for alleged privacy violations
https://malware.news/t/twitter-fined-150-million-by-ftc-for-alleged-privacy-violations/60475/1
Lumos System Can Find Hidden Cameras and IoT Devices in Your Airbnb or Hotel Room
https://thehackernews.com/2022/05/lumos-system-can-find-hidden-cameras.html
If Europe and Japan can have small, cheap EVs, why can’t America?
https://arstechnica.com/?p=1856257
YouTube remains in Russia to be an independent news source: CEO
https://malware.news/t/youtube-remains-in-russia-to-be-an-independent-news-source-ceo/60474/1
Tetragon: case study of security product's self-protection
https://www.reddit.com/r/netsec/comments/uxhw4k/tetragon_case_study_of_security_products/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
How the Saitama backdoor uses DNS tunnelling
https://blog.malwarebytes.com/threat-intelligence/2022/05/how-the-saitama-backdoor-uses-dns-tunnelling/
PIXM releases new computer vision solution for mobile phishing
https://www.csoonline.com/article/3661560/pixm-releases-new-computer-vision-solution-for-mobile-phishing.html#tk.rss_all
Pfizer warns of “constant waves” of COVID as complacency grows
https://arstechnica.com/?p=1856239
Learn How Hackers Can Hijack Your Online Accounts Even Before You Create Them
https://thehackernews.com/2022/05/learn-how-hackers-can-hijack-your.html
BrandPost: How Shift Left Security Helps Developers Build More Secure Cloud-Native Apps
https://www.csoonline.com/article/3662070/how-shift-left-security-helps-developers-build-more-secure-cloud-native-apps.html#tk.rss_all
Twitter fined $150 million by FTC for alleged privacy violations
https://malware.news/t/twitter-fined-150-million-by-ftc-for-alleged-privacy-violations/60475/1
Lumos System Can Find Hidden Cameras and IoT Devices in Your Airbnb or Hotel Room
https://thehackernews.com/2022/05/lumos-system-can-find-hidden-cameras.html
If Europe and Japan can have small, cheap EVs, why can’t America?
https://arstechnica.com/?p=1856257
YouTube remains in Russia to be an independent news source: CEO
https://malware.news/t/youtube-remains-in-russia-to-be-an-independent-news-source-ceo/60474/1
Tetragon: case study of security product's self-protection
https://www.reddit.com/r/netsec/comments/uxhw4k/tetragon_case_study_of_security_products/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
👍1
Top Security News for 27/05/2022
Uvalde SWAT Team Bragged About Training at Schools on Facebook
https://www.vice.com/en_us/article/wxdwgn/uvalde-swat-team-bragged-about-training-at-schools-on-facebook
Cheerscrypt described. Twitter settles with FTC over data privacy. Update on SpiceJet's ransomware incident.
https://thecyberwire.com/newsletters/privacy-briefing/4/102
Cheerscrypt described. Twitter settles with FTC over data privacy. Update on SpiceJet's ransomware incident.
https://thecyberwire.com/podcasts/privacy-briefing/593/notes
Vulnerabilities and exploits: Pantsdown, ChromeLoader. Ransomware campaign updates. CISA Known Exploited Vulnerabilities.
https://thecyberwire.com/newsletters/daily-briefing/11/102
Episode 67 : IceCoal DB Reversing
https://malware.news/t/episode-67-icecoal-db-reversing/60521/1
New Linux-based ransomware targets VMware servers
https://www.csoonline.com/article/3662153/new-linux-based-ransomware-targets-vmware-servers.html#tk.rss_all
ASEC Weekly Malware Statistics (May 16th, 2022 – May 22nd, 2022)
https://malware.news/t/asec-weekly-malware-statistics-may-16th-2022-may-22nd-2022/60519/1
Russian disinformation: disruption is easier than persuasion. Hyperlocal propaganda. Coordinated inauthenticity, at scale. Possible Ukrainian disinformation. Dissent in Russia's war. Influence ops against authoritarians.
https://thecyberwire.com/newsletters/disinformation-briefing/4/21
Top Ten Most Cumbersome Website Infections to Remove in 2021
https://malware.news/t/top-ten-most-cumbersome-website-infections-to-remove-in-2021/60520/1
Critical 'Pantsdown' BMC Vulnerability Affects QCT Servers Used in Data Centers
https://thehackernews.com/2022/05/critical-pantsdown-bmc-vulnerability.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Uvalde SWAT Team Bragged About Training at Schools on Facebook
https://www.vice.com/en_us/article/wxdwgn/uvalde-swat-team-bragged-about-training-at-schools-on-facebook
Cheerscrypt described. Twitter settles with FTC over data privacy. Update on SpiceJet's ransomware incident.
https://thecyberwire.com/newsletters/privacy-briefing/4/102
Cheerscrypt described. Twitter settles with FTC over data privacy. Update on SpiceJet's ransomware incident.
https://thecyberwire.com/podcasts/privacy-briefing/593/notes
Vulnerabilities and exploits: Pantsdown, ChromeLoader. Ransomware campaign updates. CISA Known Exploited Vulnerabilities.
https://thecyberwire.com/newsletters/daily-briefing/11/102
Episode 67 : IceCoal DB Reversing
https://malware.news/t/episode-67-icecoal-db-reversing/60521/1
New Linux-based ransomware targets VMware servers
https://www.csoonline.com/article/3662153/new-linux-based-ransomware-targets-vmware-servers.html#tk.rss_all
ASEC Weekly Malware Statistics (May 16th, 2022 – May 22nd, 2022)
https://malware.news/t/asec-weekly-malware-statistics-may-16th-2022-may-22nd-2022/60519/1
Russian disinformation: disruption is easier than persuasion. Hyperlocal propaganda. Coordinated inauthenticity, at scale. Possible Ukrainian disinformation. Dissent in Russia's war. Influence ops against authoritarians.
https://thecyberwire.com/newsletters/disinformation-briefing/4/21
Top Ten Most Cumbersome Website Infections to Remove in 2021
https://malware.news/t/top-ten-most-cumbersome-website-infections-to-remove-in-2021/60520/1
Critical 'Pantsdown' BMC Vulnerability Affects QCT Servers Used in Data Centers
https://thehackernews.com/2022/05/critical-pantsdown-bmc-vulnerability.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Vice
Uvalde SWAT Team Bragged About Training at Schools on Facebook
Uvalde SWAT visited schools to "familiarize themselves with layouts of our local schools and businesses."
Top Security News for 28/05/2022
RCE over ham radio - Reverse shell via WinAPRS
https://www.reddit.com/r/netsec/comments/uxo9bk/rce_over_ham_radio_reverse_shell_via_winaprs/
How To Build a Trusted Cybersecurity Program
https://malware.news/t/how-to-build-a-trusted-cybersecurity-program/60553/1
Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw
https://securityaffairs.co/wordpress/131698/hacking/poc-exploit-code-vmware-cve-2022-22972.html
Nearly 100,000 NPM Users' Credentials Stolen in GitHub OAuth Breach
https://thehackernews.com/2022/05/nearly-100000-npm-users-credentials.html
CISA, DOD Report Gaps for Agencies Assessing 5G Security Risks
https://malware.news/t/cisa-dod-report-gaps-for-agencies-assessing-5g-security-risks/60550/1
Man who helped Infraud cybercrime cartel steal millions of credit cards sentenced
https://malware.news/t/man-who-helped-infraud-cybercrime-cartel-steal-millions-of-credit-cards-sentenced/60551/1
Cecelia Marinier from RSAC and Niloo Howe, judge, on the RSAC Innovation Sandbox contest.
https://thecyberwire.com/podcasts/interview-selects/112/notes
AWS universal rate-limiter bypass
https://www.reddit.com/r/netsec/comments/uyz6zw/aws_universal_ratelimiter_bypass/
Ukraine at D+92: Artillery, DDoS, and remittances in a hybrid war.
https://thecyberwire.com/stories/eb35d7ba848d4b16ac000f6936d75779/ukraine-at-d92
Firefox, Thunderbird, receive patches for critical security issues
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/firefox-thunderbird-receive-patches-for-critical-security-issues/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
RCE over ham radio - Reverse shell via WinAPRS
https://www.reddit.com/r/netsec/comments/uxo9bk/rce_over_ham_radio_reverse_shell_via_winaprs/
How To Build a Trusted Cybersecurity Program
https://malware.news/t/how-to-build-a-trusted-cybersecurity-program/60553/1
Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw
https://securityaffairs.co/wordpress/131698/hacking/poc-exploit-code-vmware-cve-2022-22972.html
Nearly 100,000 NPM Users' Credentials Stolen in GitHub OAuth Breach
https://thehackernews.com/2022/05/nearly-100000-npm-users-credentials.html
CISA, DOD Report Gaps for Agencies Assessing 5G Security Risks
https://malware.news/t/cisa-dod-report-gaps-for-agencies-assessing-5g-security-risks/60550/1
Man who helped Infraud cybercrime cartel steal millions of credit cards sentenced
https://malware.news/t/man-who-helped-infraud-cybercrime-cartel-steal-millions-of-credit-cards-sentenced/60551/1
Cecelia Marinier from RSAC and Niloo Howe, judge, on the RSAC Innovation Sandbox contest.
https://thecyberwire.com/podcasts/interview-selects/112/notes
AWS universal rate-limiter bypass
https://www.reddit.com/r/netsec/comments/uyz6zw/aws_universal_ratelimiter_bypass/
Ukraine at D+92: Artillery, DDoS, and remittances in a hybrid war.
https://thecyberwire.com/stories/eb35d7ba848d4b16ac000f6936d75779/ukraine-at-d92
Firefox, Thunderbird, receive patches for critical security issues
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/firefox-thunderbird-receive-patches-for-critical-security-issues/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
RCE over ham radio - Reverse shell via WinAPRS
Posted in r/netsec by u/rickostuff • 53 points and 21 comments
Top Security News for 29/05/2022
Understanding CVE-2022-22972 (VMWare Workspace One Access Auth Bypass)
https://www.reddit.com/r/netsec/comments/uzkf6p/understanding_cve202222972_vmware_workspace_one/
Stealthy Linux malware bypasses firewalls for remote access
https://www.reddit.com/r/Malware/comments/uzr2gb/stealthy_linux_malware_bypasses_firewalls_for/
Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks
https://securityaffairs.co/wordpress/131762/apt/gamaredon-apt-ddos-attacks.html
New York Man Sentenced to 4 Years in Transnational Cybercrime Scheme
https://thehackernews.com/2022/05/new-york-man-sentenced-to-4-years-in.html
Mining museums’ genomic treasures
https://arstechnica.com/?p=1856930
Are TikTok algorithms changing how people talk about suicide?
https://arstechnica.com/?p=1857008
Rikkei Finance Hack: Explained
https://www.reddit.com/r/netsec/comments/uzjfyx/rikkei_finance_hack_explained/
Compromised military tech?
https://thecyberwire.com/podcasts/research-saturday/234/notes
The strange link between Industrial Spy and the Cuba ransomware operation
https://securityaffairs.co/wordpress/131754/cyber-crime/industrial-spy-cuba-ransomware.html
How to secure Kubernetes Deployment
https://www.reddit.com/r/netsec/comments/uzk9od/how_to_secure_kubernetes_deployment/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Understanding CVE-2022-22972 (VMWare Workspace One Access Auth Bypass)
https://www.reddit.com/r/netsec/comments/uzkf6p/understanding_cve202222972_vmware_workspace_one/
Stealthy Linux malware bypasses firewalls for remote access
https://www.reddit.com/r/Malware/comments/uzr2gb/stealthy_linux_malware_bypasses_firewalls_for/
Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks
https://securityaffairs.co/wordpress/131762/apt/gamaredon-apt-ddos-attacks.html
New York Man Sentenced to 4 Years in Transnational Cybercrime Scheme
https://thehackernews.com/2022/05/new-york-man-sentenced-to-4-years-in.html
Mining museums’ genomic treasures
https://arstechnica.com/?p=1856930
Are TikTok algorithms changing how people talk about suicide?
https://arstechnica.com/?p=1857008
Rikkei Finance Hack: Explained
https://www.reddit.com/r/netsec/comments/uzjfyx/rikkei_finance_hack_explained/
Compromised military tech?
https://thecyberwire.com/podcasts/research-saturday/234/notes
The strange link between Industrial Spy and the Cuba ransomware operation
https://securityaffairs.co/wordpress/131754/cyber-crime/industrial-spy-cuba-ransomware.html
How to secure Kubernetes Deployment
https://www.reddit.com/r/netsec/comments/uzk9od/how_to_secure_kubernetes_deployment/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Understanding CVE-2022-22972 (VMWare Workspace One Access Auth Bypass)
Posted in r/netsec by u/Mempodipper • 21 points and 0 comments
Top Security News for 30/05/2022
The mystery of China’s sudden warnings about US hackers
https://arstechnica.com/?p=1856999
Curious - What is Skillbrains ?
https://www.bleepingcomputer.com/forums/t/772662/curious-what-is-skillbrains/
ForceAdmin : Create infinate #UAC prompts forcing a user to run as admin.
https://www.reddit.com/r/netsec/comments/v08p38/forceadmin_create_infinate_uac_prompts_forcing_a/
Pro-Russian hacker group KillNet plans to attack Italy on May 30
https://securityaffairs.co/wordpress/131776/hacking/killnet-threatens-italy.html
JPG to Malware
https://www.reddit.com/r/netsec/comments/v08plj/jpg_to_malware/
Extracting The Overlay Of A PE File, (Sun, May 29th)
https://malware.news/t/extracting-the-overlay-of-a-pe-file-sun-may-29th/60555/1
Clop ransomware gang is back, hits 21 victims in a single month
https://www.reddit.com/r/Malware/comments/v03we1/clop_ransomware_gang_is_back_hits_21_victims_in_a/
How to stop malware extension from automatically re-installing every time i open Chrome
https://www.reddit.com/r/Malware/comments/v0k9fo/how_to_stop_malware_extension_from_automatically/
grsecurity - Tetragone: A Lesson in Security Fundamentals
https://www.reddit.com/r/netsec/comments/v06ok1/grsecurity_tetragone_a_lesson_in_security/
Extracting The Overlay Of A PE File, (Sun, May 29th)
https://isc.sans.edu/diary/rss/28692
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The mystery of China’s sudden warnings about US hackers
https://arstechnica.com/?p=1856999
Curious - What is Skillbrains ?
https://www.bleepingcomputer.com/forums/t/772662/curious-what-is-skillbrains/
ForceAdmin : Create infinate #UAC prompts forcing a user to run as admin.
https://www.reddit.com/r/netsec/comments/v08p38/forceadmin_create_infinate_uac_prompts_forcing_a/
Pro-Russian hacker group KillNet plans to attack Italy on May 30
https://securityaffairs.co/wordpress/131776/hacking/killnet-threatens-italy.html
JPG to Malware
https://www.reddit.com/r/netsec/comments/v08plj/jpg_to_malware/
Extracting The Overlay Of A PE File, (Sun, May 29th)
https://malware.news/t/extracting-the-overlay-of-a-pe-file-sun-may-29th/60555/1
Clop ransomware gang is back, hits 21 victims in a single month
https://www.reddit.com/r/Malware/comments/v03we1/clop_ransomware_gang_is_back_hits_21_victims_in_a/
How to stop malware extension from automatically re-installing every time i open Chrome
https://www.reddit.com/r/Malware/comments/v0k9fo/how_to_stop_malware_extension_from_automatically/
grsecurity - Tetragone: A Lesson in Security Fundamentals
https://www.reddit.com/r/netsec/comments/v06ok1/grsecurity_tetragone_a_lesson_in_security/
Extracting The Overlay Of A PE File, (Sun, May 29th)
https://isc.sans.edu/diary/rss/28692
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Ars Technica
The mystery of China’s sudden warnings about US hackers
China has recently begun saber-rattling about American cyberespionage.
Top Security News for 31/05/2022
Is 3rd Party App Access the New Executable File?
https://thehackernews.com/2022/05/is-3rd-party-app-access-new-executable.html
POS Small Business Operation
https://www.bleepingcomputer.com/forums/t/772687/pos-small-business-operation/
WorldWide Deadbolt Ransomware : 1,216. title: "ALL YOUR FILES HAVE BEEN LOCKED BY DEADBOLT."
https://www.reddit.com/r/Malware/comments/v1ddoc/worldwide_deadbolt_ransomware_1216_title_all_your/
How Costa Rica found itself at war over ransomware
https://www.csoonline.com/article/3662311/how-costa-rica-found-itself-at-war-over-ransomware.html#tk.rss_all
I found a malicious chrome extension
https://www.reddit.com/r/Malware/comments/v1ddvb/i_found_a_malicious_chrome_extension/
Microsoft Office zero-day “Follina”—it’s not a bug, it’s a feature! (It’s a bug)
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/microsoft-office-zero-day-follina-its-not-a-bug-its-a-feature-its-a-bug/
Remembering Apple’s Newton, 30 years on
https://arstechnica.com/?p=1856644
Offensive Windows IPC Internals 3: ALPC
https://www.reddit.com/r/netsec/comments/v0uhc6/offensive_windows_ipc_internals_3_alpc/
Linux malware is on the rise—6 types of attacks to look for
https://www.csoonline.com/article/3662151/linux-malware-is-on-the-rise-6-types-of-attacks-to-look-for.html#tk.rss_all
Intuit phish says “we have put a temporary hold on your account”
https://blog.malwarebytes.com/social-engineering/2022/05/intuit-phish-says-we-have-put-a-temporary-hold-on-your-account/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Is 3rd Party App Access the New Executable File?
https://thehackernews.com/2022/05/is-3rd-party-app-access-new-executable.html
POS Small Business Operation
https://www.bleepingcomputer.com/forums/t/772687/pos-small-business-operation/
WorldWide Deadbolt Ransomware : 1,216. title: "ALL YOUR FILES HAVE BEEN LOCKED BY DEADBOLT."
https://www.reddit.com/r/Malware/comments/v1ddoc/worldwide_deadbolt_ransomware_1216_title_all_your/
How Costa Rica found itself at war over ransomware
https://www.csoonline.com/article/3662311/how-costa-rica-found-itself-at-war-over-ransomware.html#tk.rss_all
I found a malicious chrome extension
https://www.reddit.com/r/Malware/comments/v1ddvb/i_found_a_malicious_chrome_extension/
Microsoft Office zero-day “Follina”—it’s not a bug, it’s a feature! (It’s a bug)
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/microsoft-office-zero-day-follina-its-not-a-bug-its-a-feature-its-a-bug/
Remembering Apple’s Newton, 30 years on
https://arstechnica.com/?p=1856644
Offensive Windows IPC Internals 3: ALPC
https://www.reddit.com/r/netsec/comments/v0uhc6/offensive_windows_ipc_internals_3_alpc/
Linux malware is on the rise—6 types of attacks to look for
https://www.csoonline.com/article/3662151/linux-malware-is-on-the-rise-6-types-of-attacks-to-look-for.html#tk.rss_all
Intuit phish says “we have put a temporary hold on your account”
https://blog.malwarebytes.com/social-engineering/2022/05/intuit-phish-says-we-have-put-a-temporary-hold-on-your-account/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
BleepingComputer.com
POS Small Business Operation - General Security
POS Small Business Operation - posted in General Security: When setting up a new Point of Sale system in a small business, are there any recommendations/standards for safeguarding those systems? Thank you.
Top Security News for 01/06/2022
Code execution 0-day in Windows has been under active exploit for 7 weeks
https://arstechnica.com/?p=1857315
Is quantum teleportation the future of secure communications?
https://blog.malwarebytes.com/reports/2022/05/is-quantum-teleportation-the-future-of-secure-communications/
FBI warns of education sector credentials on dark web forums
https://blog.malwarebytes.com/privacy-2/2022/05/fbi-warns-of-education-sector-credentials-on-dark-web-forums/
Runescape phish claims your email has been changed
https://blog.malwarebytes.com/scams/2022/05/runescape-phish-claims-your-email-has-been-changed/
Microsoft Releases Workarounds for Office Vulnerability Under Active Exploitation
https://thehackernews.com/2022/05/microsoft-releases-workarounds-for.html
Marjorie Taylor Greene Says Bill Gates Will Force You to Eat Burgers Made in a ‘Peach Tree Dish’
https://www.vice.com/en_us/article/5dgne3/marjorie-taylor-greene-says-bill-gates-will-force-you-to-eat-burgers-made-in-a-peach-tree-dish
Technical Advisory: CVE-2022-30190 Zero-day Vulnerability “Follina” in Microsoft Support Diagnostic Tool
https://malware.news/t/technical-advisory-cve-2022-30190-zero-day-vulnerability-follina-in-microsoft-support-diagnostic-tool/60610/1
SideWinder Hackers Launched Over a 1,000 Cyber Attacks Over the Past 2 Years
https://thehackernews.com/2022/05/sidewinder-hackers-launched-over-1000.html
Interpol Nabs 3 Nigerian Scammers Behind Malware-based Attacks
https://thehackernews.com/2022/05/interpol-nabs-3-nigerian-scammers.html
The Internet needs to stop getting excited by vaporware EVs
https://arstechnica.com/?p=1857185
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Code execution 0-day in Windows has been under active exploit for 7 weeks
https://arstechnica.com/?p=1857315
Is quantum teleportation the future of secure communications?
https://blog.malwarebytes.com/reports/2022/05/is-quantum-teleportation-the-future-of-secure-communications/
FBI warns of education sector credentials on dark web forums
https://blog.malwarebytes.com/privacy-2/2022/05/fbi-warns-of-education-sector-credentials-on-dark-web-forums/
Runescape phish claims your email has been changed
https://blog.malwarebytes.com/scams/2022/05/runescape-phish-claims-your-email-has-been-changed/
Microsoft Releases Workarounds for Office Vulnerability Under Active Exploitation
https://thehackernews.com/2022/05/microsoft-releases-workarounds-for.html
Marjorie Taylor Greene Says Bill Gates Will Force You to Eat Burgers Made in a ‘Peach Tree Dish’
https://www.vice.com/en_us/article/5dgne3/marjorie-taylor-greene-says-bill-gates-will-force-you-to-eat-burgers-made-in-a-peach-tree-dish
Technical Advisory: CVE-2022-30190 Zero-day Vulnerability “Follina” in Microsoft Support Diagnostic Tool
https://malware.news/t/technical-advisory-cve-2022-30190-zero-day-vulnerability-follina-in-microsoft-support-diagnostic-tool/60610/1
SideWinder Hackers Launched Over a 1,000 Cyber Attacks Over the Past 2 Years
https://thehackernews.com/2022/05/sidewinder-hackers-launched-over-1000.html
Interpol Nabs 3 Nigerian Scammers Behind Malware-based Attacks
https://thehackernews.com/2022/05/interpol-nabs-3-nigerian-scammers.html
The Internet needs to stop getting excited by vaporware EVs
https://arstechnica.com/?p=1857185
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Is quantum teleportation the future of secure communications?
Dutch scientists have demonstrated the next step towards a quantum-based Internet that will make communications immediate and private
Top Security News for 02/06/2022
US Supreme Court puts a hold on enforcement of Texas social media law. INTERPOL issues warning about various forms of online extortion. US Commerce Department will restrict cyber exports to China.
https://thecyberwire.com/newsletters/policy-briefing/4/105
Unofficial patches for the 0-day vulnerability called Follina (CVE-2022-30190)
https://www.reddit.com/r/netsec/comments/v2maa4/unofficial_patches_for_the_0day_vulnerability/
Ransomware attack turns 2022 into 1977 for Somerset County
https://malware.news/t/ransomware-attack-turns-2022-into-1977-for-somerset-county/60662/1
Discord Is the Center of the Crypto World and That’s a Problem
https://www.vice.com/en_us/article/4awkew/discord-is-the-center-of-the-crypto-world-and-thats-a-problem
NASA still “pushing” for a Russian cosmonaut to fly on next SpaceX mission
https://arstechnica.com/?p=1856528
Information Security BASICS - Anvil Secure
https://www.reddit.com/r/netsec/comments/v2mrkd/information_security_basics_anvil_secure/
Minerva's evasion based CTF is open for registration
https://www.reddit.com/r/netsec/comments/v2ehz0/minervas_evasion_based_ctf_is_open_for/
NSIS Installer Malware Included with Various Malicious Files
https://malware.news/t/nsis-installer-malware-included-with-various-malicious-files/60663/1
Mass account takeover in Yunmai smartscale API (full disclosure)
https://www.reddit.com/r/netsec/comments/v0uv1g/mass_account_takeover_in_yunmai_smartscale_api/
OST2 Vulnerabilities 1001: C-Family Software Implementation Vulnerabilities (Taught via explaining > 3 dozen CVEs from the last 3 years)
https://www.reddit.com/r/netsec/comments/v2ep1m/ost2_vulnerabilities_1001_cfamily_software/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
US Supreme Court puts a hold on enforcement of Texas social media law. INTERPOL issues warning about various forms of online extortion. US Commerce Department will restrict cyber exports to China.
https://thecyberwire.com/newsletters/policy-briefing/4/105
Unofficial patches for the 0-day vulnerability called Follina (CVE-2022-30190)
https://www.reddit.com/r/netsec/comments/v2maa4/unofficial_patches_for_the_0day_vulnerability/
Ransomware attack turns 2022 into 1977 for Somerset County
https://malware.news/t/ransomware-attack-turns-2022-into-1977-for-somerset-county/60662/1
Discord Is the Center of the Crypto World and That’s a Problem
https://www.vice.com/en_us/article/4awkew/discord-is-the-center-of-the-crypto-world-and-thats-a-problem
NASA still “pushing” for a Russian cosmonaut to fly on next SpaceX mission
https://arstechnica.com/?p=1856528
Information Security BASICS - Anvil Secure
https://www.reddit.com/r/netsec/comments/v2mrkd/information_security_basics_anvil_secure/
Minerva's evasion based CTF is open for registration
https://www.reddit.com/r/netsec/comments/v2ehz0/minervas_evasion_based_ctf_is_open_for/
NSIS Installer Malware Included with Various Malicious Files
https://malware.news/t/nsis-installer-malware-included-with-various-malicious-files/60663/1
Mass account takeover in Yunmai smartscale API (full disclosure)
https://www.reddit.com/r/netsec/comments/v0uv1g/mass_account_takeover_in_yunmai_smartscale_api/
OST2 Vulnerabilities 1001: C-Family Software Implementation Vulnerabilities (Taught via explaining > 3 dozen CVEs from the last 3 years)
https://www.reddit.com/r/netsec/comments/v2ep1m/ost2_vulnerabilities_1001_cfamily_software/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
US Supreme Court puts a hold on enforcement of Texas social media law. INTERPOL issues warning about various forms of online extortion.…
Top Security News for 03/06/2022
Remotely Controlling Touchscreens
https://malware.news/t/remotely-controlling-touchscreens/60703/1
WinDealer dealing on the side
https://securelist.com/windealer-dealing-on-the-side/105946/
Analysis report on Log4j attack patterns
https://www.reddit.com/r/Malware/comments/v3p7l2/analysis_report_on_log4j_attack_patterns/
Ransomware roundup: System-locking malware dominates headlines
https://www.csoonline.com/article/3662038/ransomware-roundup-system-locking-malware-dominates-headlines.html#tk.rss_all
Analysis of the Massive NDSW/NDSX Malware Campaign
https://malware.news/t/analysis-of-the-massive-ndsw-ndsx-malware-campaign/60704/1
Sandbox Evasion... With Just a Filename!, (Fri, Jun 3rd)
https://isc.sans.edu/diary/rss/28708
Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks
https://thehackernews.com/2022/06/researchers-demonstrate-ransomware-for.html
10 of the hottest new cybersecurity startups at RSA 2022
https://www.csoonline.com/article/3662771/10-of-the-hottest-new-cybersecurity-startups-at-rsa-2022.html#tk.rss_all
ExpressVPN Removes Servers in India After Refusing to Comply with Government Order
https://thehackernews.com/2022/06/expressvpn-removes-servers-in-india.html
NASA just bought the rest of the space station crew flights from SpaceX
https://arstechnica.com/?p=1857926
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Remotely Controlling Touchscreens
https://malware.news/t/remotely-controlling-touchscreens/60703/1
WinDealer dealing on the side
https://securelist.com/windealer-dealing-on-the-side/105946/
Analysis report on Log4j attack patterns
https://www.reddit.com/r/Malware/comments/v3p7l2/analysis_report_on_log4j_attack_patterns/
Ransomware roundup: System-locking malware dominates headlines
https://www.csoonline.com/article/3662038/ransomware-roundup-system-locking-malware-dominates-headlines.html#tk.rss_all
Analysis of the Massive NDSW/NDSX Malware Campaign
https://malware.news/t/analysis-of-the-massive-ndsw-ndsx-malware-campaign/60704/1
Sandbox Evasion... With Just a Filename!, (Fri, Jun 3rd)
https://isc.sans.edu/diary/rss/28708
Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks
https://thehackernews.com/2022/06/researchers-demonstrate-ransomware-for.html
10 of the hottest new cybersecurity startups at RSA 2022
https://www.csoonline.com/article/3662771/10-of-the-hottest-new-cybersecurity-startups-at-rsa-2022.html#tk.rss_all
ExpressVPN Removes Servers in India After Refusing to Comply with Government Order
https://thehackernews.com/2022/06/expressvpn-removes-servers-in-india.html
NASA just bought the rest of the space station crew flights from SpaceX
https://arstechnica.com/?p=1857926
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Remotely Controlling Touchscreens
Researchers have demonstrated controlling touchscreens at a distance, at least in a laboratory setting: The core idea is to take advantage of the electromagnetic signals to execute basic touch events such as taps and swipes into targeted locations of the…
👍2
Top Security News for 04/06/2022
Chinese LuoYu Hackers Using Man-on-the-Side Attacks to Deploy WinDealer Backdoor
https://thehackernews.com/2022/06/chinese-luoyu-hackers-using-man-on-side.html
After remote-work ultimatum, Musk reveals plan to cut 10% of Tesla jobs
https://arstechnica.com/?p=1858044
Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies
https://thehackernews.com/2022/06/microsoft-blocks-iran-linked-lebanese.html
Hacktivism, nominal and (possibly) real. Cyber gangs rebrand and branch out. CISA alerts. Cyber phases of Russia's hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/107
[updated]Unpatched Atlassian Confluence vulnerability is actively exploited
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/06/unpatched-atlassian-confluence-vulnerability-is-actively-exploited/
Perry Carpenter on his new book "The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer"
https://thecyberwire.com/podcasts/interview-selects/113/notes
Critical Atlassian 0-day is under active exploit. You’re patched, right?
https://arstechnica.com/?p=1858307
Threat Roundup for May 27 to June 3
https://malware.news/t/threat-roundup-for-may-27-to-june-3/60734/1
SSO explained: Single sign-on definition, examples, and terminology
https://www.csoonline.com/article/2115776/sso-explained-single-sign-on-definition-examples-and-terminology.html#tk.rss_all
Americans want more electric vehicles, but 50% by 2030 looks unlikely
https://arstechnica.com/?p=1858024
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Chinese LuoYu Hackers Using Man-on-the-Side Attacks to Deploy WinDealer Backdoor
https://thehackernews.com/2022/06/chinese-luoyu-hackers-using-man-on-side.html
After remote-work ultimatum, Musk reveals plan to cut 10% of Tesla jobs
https://arstechnica.com/?p=1858044
Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies
https://thehackernews.com/2022/06/microsoft-blocks-iran-linked-lebanese.html
Hacktivism, nominal and (possibly) real. Cyber gangs rebrand and branch out. CISA alerts. Cyber phases of Russia's hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/107
[updated]Unpatched Atlassian Confluence vulnerability is actively exploited
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/06/unpatched-atlassian-confluence-vulnerability-is-actively-exploited/
Perry Carpenter on his new book "The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer"
https://thecyberwire.com/podcasts/interview-selects/113/notes
Critical Atlassian 0-day is under active exploit. You’re patched, right?
https://arstechnica.com/?p=1858307
Threat Roundup for May 27 to June 3
https://malware.news/t/threat-roundup-for-may-27-to-june-3/60734/1
SSO explained: Single sign-on definition, examples, and terminology
https://www.csoonline.com/article/2115776/sso-explained-single-sign-on-definition-examples-and-terminology.html#tk.rss_all
Americans want more electric vehicles, but 50% by 2030 looks unlikely
https://arstechnica.com/?p=1858024
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Hacktivism, nominal and (possibly) real. Cyber gangs rebrand and branch out. CISA alerts. Cyber phases of Russia's hybrid war.
Hacktivism: anti-Iran, and Iran-sponsored. Rebranding to evade sanctions. Conti's threat to firmware. Atlassian works on an actively exploited Confluence vulnerability. CISA releases ICS security advisories. Cyber phases of Russia's hybrid war against Ukraine.
👍1
Top Security News for 05/06/2022
Cyber phases of Russia's hybrid war. Microsoft hits Polonium and mitigates Follina. CISA and its partners warn about the Karakurt extortion group. Clipminer is out in the wild. Notes from the underworld.
https://thecyberwire.com/newsletters/week-that-was/6/22
LemonDucks evading detection.
https://thecyberwire.com/podcasts/research-saturday/235/notes
Technical Advisory – Multiple Vulnerabilities in U-Boot (CVE-2022-30790, CVE-2022-30552) - including remote write anywhere primitive in its IP stack
https://www.reddit.com/r/netsec/comments/v4ht0r/technical_advisory_multiple_vulnerabilities_in/
The Domain Generation Algorithms of SharkBot
https://malware.news/t/the-domain-generation-algorithms-of-sharkbot/60743/1
Smaller reactors may still have a big nuclear waste problem
https://arstechnica.com/?p=1858107
An actively exploited Microsoft 0-day flaw still doesn’t have a patch
https://arstechnica.com/?p=1858179
Protected: Biweekly Malware Challenge #1: Gozi/ISFB String Decryption
https://malware.news/t/protected-biweekly-malware-challenge-1-gozi-isfb-string-decryption/60740/1
Certificate Ripper released - tool to extract server certificates
https://www.reddit.com/r/netsec/comments/v4qegg/certificate_ripper_released_tool_to_extract/
Anonymous: Operation Russia after 100 days of war
https://securityaffairs.co/wordpress/131933/hacktivism/anonymous-operation-russia-100-days.html
Mind Map of Malware Mitigations
https://www.reddit.com/r/Malware/comments/v4vc7a/mind_map_of_malware_mitigations/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Cyber phases of Russia's hybrid war. Microsoft hits Polonium and mitigates Follina. CISA and its partners warn about the Karakurt extortion group. Clipminer is out in the wild. Notes from the underworld.
https://thecyberwire.com/newsletters/week-that-was/6/22
LemonDucks evading detection.
https://thecyberwire.com/podcasts/research-saturday/235/notes
Technical Advisory – Multiple Vulnerabilities in U-Boot (CVE-2022-30790, CVE-2022-30552) - including remote write anywhere primitive in its IP stack
https://www.reddit.com/r/netsec/comments/v4ht0r/technical_advisory_multiple_vulnerabilities_in/
The Domain Generation Algorithms of SharkBot
https://malware.news/t/the-domain-generation-algorithms-of-sharkbot/60743/1
Smaller reactors may still have a big nuclear waste problem
https://arstechnica.com/?p=1858107
An actively exploited Microsoft 0-day flaw still doesn’t have a patch
https://arstechnica.com/?p=1858179
Protected: Biweekly Malware Challenge #1: Gozi/ISFB String Decryption
https://malware.news/t/protected-biweekly-malware-challenge-1-gozi-isfb-string-decryption/60740/1
Certificate Ripper released - tool to extract server certificates
https://www.reddit.com/r/netsec/comments/v4qegg/certificate_ripper_released_tool_to_extract/
Anonymous: Operation Russia after 100 days of war
https://securityaffairs.co/wordpress/131933/hacktivism/anonymous-operation-russia-100-days.html
Mind Map of Malware Mitigations
https://www.reddit.com/r/Malware/comments/v4vc7a/mind_map_of_malware_mitigations/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Cyber phases of Russia's hybrid war. Microsoft hits Polonium and mitigates Follina. CISA and its partners warn about the Karakurt…
Cyber phases of Russia's hybrid war. Microsoft shuts down Tehran-directed threat actor. CISA and its partners warn about the Karakurt extortion group. Clipminer is out in the wild. Microsoft issues mitigations for Follina zero-day. Notes from the underworld.…
Top Security News for 06/06/2022
Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild
https://securityaffairs.co/wordpress/131942/security/atlassian-fixes-confluence-zero-day.html
ISC StormCast for Monday, June 6th, 2022
https://isc.sans.edu/podcastdetail.html?id=8036
Security Affairs newsletter Round 368 by Pierluigi Paganini
https://securityaffairs.co/wordpress/131958/breaking-news/security-affairs-newsletter-round-368-by-pierluigi-paganini.html
State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S
https://thehackernews.com/2022/06/state-backed-hackers-exploit-microsoft.html
ISC Stormcast For Monday, June 6th, 2022 https://isc.sans.edu/podcastdetail.html?id=8036, (Mon, Jun 6th)
https://isc.sans.edu/diary/rss/28716
OFFENSIVE C#
https://www.reddit.com/r/Malware/comments/v564kf/offensive_c/
Defining the intruder’s dilemma.
https://thecyberwire.com/podcasts/cyberwire-x/32/notes
Analysis Of An "ms-msdt" RTF Maldoc, (Sun, Jun 5th)
https://isc.sans.edu/diary/rss/28714
Analysis of a large brute force attack campaign against Windows Remote Desktop
https://www.reddit.com/r/netsec/comments/v58po4/analysis_of_a_large_brute_force_attack_campaign/
Making blockchain stop wasting energy by getting it to manage energy
https://arstechnica.com/?p=1858298
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild
https://securityaffairs.co/wordpress/131942/security/atlassian-fixes-confluence-zero-day.html
ISC StormCast for Monday, June 6th, 2022
https://isc.sans.edu/podcastdetail.html?id=8036
Security Affairs newsletter Round 368 by Pierluigi Paganini
https://securityaffairs.co/wordpress/131958/breaking-news/security-affairs-newsletter-round-368-by-pierluigi-paganini.html
State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S
https://thehackernews.com/2022/06/state-backed-hackers-exploit-microsoft.html
ISC Stormcast For Monday, June 6th, 2022 https://isc.sans.edu/podcastdetail.html?id=8036, (Mon, Jun 6th)
https://isc.sans.edu/diary/rss/28716
OFFENSIVE C#
https://www.reddit.com/r/Malware/comments/v564kf/offensive_c/
Defining the intruder’s dilemma.
https://thecyberwire.com/podcasts/cyberwire-x/32/notes
Analysis Of An "ms-msdt" RTF Maldoc, (Sun, Jun 5th)
https://isc.sans.edu/diary/rss/28714
Analysis of a large brute force attack campaign against Windows Remote Desktop
https://www.reddit.com/r/netsec/comments/v58po4/analysis_of_a_large_brute_force_attack_campaign/
Making blockchain stop wasting energy by getting it to manage energy
https://arstechnica.com/?p=1858298
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Atlassian rolled out fixes for Confluence zero-day actively exploited
Atlassian has addressed on Friday an actively exploited critical RCE flaw (CVE-2022-26134) in Confluence Server and Data Center products.
Top Security News for 07/06/2022
Solid-state batteries for EVs move a step closer to production
https://arstechnica.com/?p=1858366
Russia seeks to hijack German telescope on its X-ray spacecraft
https://arstechnica.com/?p=1858353
Observed In The Wild: Atlassian Confluence Server CVE-2022-26134
https://www.reddit.com/r/netsec/comments/v6iia0/observed_in_the_wild_atlassian_confluence_server/
Microsoft Seizes 41 Domains Used in Spear-Phishing Attacks by Bohrium Hackers
https://thehackernews.com/2022/06/microsoft-seizes-41-domains-used-in.html
Popping Eagle: How Global Analytics Uncovered a Stealthy Threat Actor
https://www.reddit.com/r/netsec/comments/v4aspa/popping_eagle_how_global_analytics_uncovered_a/
Passwordstate - Revoked its Digicert certificate used to sign the code
https://www.reddit.com/r/netsec/comments/v5xl0o/passwordstate_revoked_its_digicert_certificate/
Ukraine's SSSCIP discusses the cyber phases of Russia's war. Atlassian patches Confluence;. State actor exploits Follina.
https://thecyberwire.com/newsletters/daily-briefing/11/108
Big Tech pulls out all the stops to halt “self-preferencing” antitrust bill
https://arstechnica.com/?p=1858462
Microsoft Autopatch is here…but can you use it?
https://blog.malwarebytes.com/business-2/2022/06/microsoft-autopatch-is-here-but-can-you-use-it/
State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S
https://thehackernews.com/2022/06/state-backed-hackers-exploit-microsoft.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Solid-state batteries for EVs move a step closer to production
https://arstechnica.com/?p=1858366
Russia seeks to hijack German telescope on its X-ray spacecraft
https://arstechnica.com/?p=1858353
Observed In The Wild: Atlassian Confluence Server CVE-2022-26134
https://www.reddit.com/r/netsec/comments/v6iia0/observed_in_the_wild_atlassian_confluence_server/
Microsoft Seizes 41 Domains Used in Spear-Phishing Attacks by Bohrium Hackers
https://thehackernews.com/2022/06/microsoft-seizes-41-domains-used-in.html
Popping Eagle: How Global Analytics Uncovered a Stealthy Threat Actor
https://www.reddit.com/r/netsec/comments/v4aspa/popping_eagle_how_global_analytics_uncovered_a/
Passwordstate - Revoked its Digicert certificate used to sign the code
https://www.reddit.com/r/netsec/comments/v5xl0o/passwordstate_revoked_its_digicert_certificate/
Ukraine's SSSCIP discusses the cyber phases of Russia's war. Atlassian patches Confluence;. State actor exploits Follina.
https://thecyberwire.com/newsletters/daily-briefing/11/108
Big Tech pulls out all the stops to halt “self-preferencing” antitrust bill
https://arstechnica.com/?p=1858462
Microsoft Autopatch is here…but can you use it?
https://blog.malwarebytes.com/business-2/2022/06/microsoft-autopatch-is-here-but-can-you-use-it/
State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S
https://thehackernews.com/2022/06/state-backed-hackers-exploit-microsoft.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Ars Technica
Solid-state batteries for EVs move a step closer to production
Solid Power wants to give cells to BMW and Ford for testing later this year.