Top Security News for 08/11/2022
Disclosure as zero-day prep. Election security. Hacktivism and satcom in the hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/214
ISC Stormcast For Tuesday, November 8th, 2022 https://isc.sans.edu/podcastdetail.html?id=8248, (Tue, Nov 8th)
https://malware.news/t/isc-stormcast-for-tuesday-november-8th-2022-https-isc-sans-edu-podcastdetail-html-id-8248-tue-nov-8th/64828#post_1
Japan joins NATO's CCDCoE. Scanning in the UK. FCC on security of Emergency Alert System. Greek spyware scandal update.
https://thecyberwire.com/newsletters/policy-briefing/4/214
CISA, NSA and Industry Outline Security Responsibilities of Software Suppliers
https://malware.news/t/cisa-nsa-and-industry-outline-security-responsibilities-of-software-suppliers/64824#post_1
Medibank Refuses to Pay Ransom After 9.7 Million Customers Exposed in Ransomware Hack
https://thehackernews.com/2022/11/medibank-refuses-to-pay-ransom-after-97.html
BrandPost: Managed Security Services Can Relieve the Cybersecurity Skills Gap
https://www.csoonline.com/article/3678854/managed-security-services-can-relieve-the-cybersecurity-skills-gap.html#tk.rss_all
Robin Banks Phishing Service for Cybercriminals Returns with Russian Server
https://thehackernews.com/2022/11/robin-banks-phishing-service-for.html
Former CISA Head Calls for Renewed Action to Combat Election Lies
https://malware.news/t/former-cisa-head-calls-for-renewed-action-to-combat-election-lies/64826#post_1
We’re Christian Mouchet, Jean-Philippe Bossuat, Kurt Rohloff, Nigel Smart, Pascal Paillier, Rand Hindi, Wonkyung Jung, various researchers and library developers of homomorphic encryption to answer questions about homomorphic encryption and why it’s important for the future of data privacy! AMA
https://www.reddit.com/r/netsec/comments/yp6ec1/were_christian_mouchet_jeanphilippe_bossuat_kurt/
Web Application Firewall (noun)
https://thecyberwire.com/podcasts/word-notes/124/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Disclosure as zero-day prep. Election security. Hacktivism and satcom in the hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/214
ISC Stormcast For Tuesday, November 8th, 2022 https://isc.sans.edu/podcastdetail.html?id=8248, (Tue, Nov 8th)
https://malware.news/t/isc-stormcast-for-tuesday-november-8th-2022-https-isc-sans-edu-podcastdetail-html-id-8248-tue-nov-8th/64828#post_1
Japan joins NATO's CCDCoE. Scanning in the UK. FCC on security of Emergency Alert System. Greek spyware scandal update.
https://thecyberwire.com/newsletters/policy-briefing/4/214
CISA, NSA and Industry Outline Security Responsibilities of Software Suppliers
https://malware.news/t/cisa-nsa-and-industry-outline-security-responsibilities-of-software-suppliers/64824#post_1
Medibank Refuses to Pay Ransom After 9.7 Million Customers Exposed in Ransomware Hack
https://thehackernews.com/2022/11/medibank-refuses-to-pay-ransom-after-97.html
BrandPost: Managed Security Services Can Relieve the Cybersecurity Skills Gap
https://www.csoonline.com/article/3678854/managed-security-services-can-relieve-the-cybersecurity-skills-gap.html#tk.rss_all
Robin Banks Phishing Service for Cybercriminals Returns with Russian Server
https://thehackernews.com/2022/11/robin-banks-phishing-service-for.html
Former CISA Head Calls for Renewed Action to Combat Election Lies
https://malware.news/t/former-cisa-head-calls-for-renewed-action-to-combat-election-lies/64826#post_1
We’re Christian Mouchet, Jean-Philippe Bossuat, Kurt Rohloff, Nigel Smart, Pascal Paillier, Rand Hindi, Wonkyung Jung, various researchers and library developers of homomorphic encryption to answer questions about homomorphic encryption and why it’s important for the future of data privacy! AMA
https://www.reddit.com/r/netsec/comments/yp6ec1/were_christian_mouchet_jeanphilippe_bossuat_kurt/
Web Application Firewall (noun)
https://thecyberwire.com/podcasts/word-notes/124/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Disclosure as zero-day prep. Election security. Hacktivism and satcom in the hybrid war.
Microsoft accuses China of using vulnerability disclosure to develop zero-days. Election security on the eve of the US midterms. US FBI rates hacktivist contributions to Russia's war as "unsophisticated." Starlink and tactical communications. Firer's remorse.
Top Security News for 09/11/2022
CryptoChecker web
https://0x00sec.org/t/cryptochecker-web/32045
Update on the Robin Banks phishing kit. APT10 uses LODEINFO to target Japan. BEC gang impersonates international law firms.
https://thecyberwire.com/podcasts/research-briefing/142/notes
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/08-11-2022
Medibank hacker threatens to dump data. Facial recognition proves difficult to limit under GDPR. Baby monitors and privacy risk.
https://thecyberwire.com/newsletters/privacy-briefing/4/215
New updated IceXLoader claims thousands of victims around the world
https://www.reddit.com/r/netsec/comments/ypo0cb/new_updated_icexloader_claims_thousands_of/
Greece bans spyware sales. Australia to fund offensive cyber program. Pennsylvania data breach notification law.
https://thecyberwire.com/newsletters/policy-briefing/4/215
Security Alert: Microsoft Releases November 2022 Security Updates
https://malware.news/t/security-alert-microsoft-releases-november-2022-security-updates/64864#post_1
SimpleX Chat: security assessment by Trail of Bits and v4.2 released
https://www.reddit.com/r/netsec/comments/ypuead/simplex_chat_security_assessment_by_trail_of_bits/
ISC Stormcast For Wednesday, November 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8250, (Wed, Nov 9th)
https://malware.news/t/isc-stormcast-for-wednesday-november-9th-2022-https-isc-sans-edu-podcastdetail-html-id-8250-wed-nov-9th/64867#post_1
ISC Stormcast For Wednesday, November 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8250, (Wed, Nov 9th)
https://isc.sans.edu/diary/rss/29232
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CryptoChecker web
https://0x00sec.org/t/cryptochecker-web/32045
Update on the Robin Banks phishing kit. APT10 uses LODEINFO to target Japan. BEC gang impersonates international law firms.
https://thecyberwire.com/podcasts/research-briefing/142/notes
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/08-11-2022
Medibank hacker threatens to dump data. Facial recognition proves difficult to limit under GDPR. Baby monitors and privacy risk.
https://thecyberwire.com/newsletters/privacy-briefing/4/215
New updated IceXLoader claims thousands of victims around the world
https://www.reddit.com/r/netsec/comments/ypo0cb/new_updated_icexloader_claims_thousands_of/
Greece bans spyware sales. Australia to fund offensive cyber program. Pennsylvania data breach notification law.
https://thecyberwire.com/newsletters/policy-briefing/4/215
Security Alert: Microsoft Releases November 2022 Security Updates
https://malware.news/t/security-alert-microsoft-releases-november-2022-security-updates/64864#post_1
SimpleX Chat: security assessment by Trail of Bits and v4.2 released
https://www.reddit.com/r/netsec/comments/ypuead/simplex_chat_security_assessment_by_trail_of_bits/
ISC Stormcast For Wednesday, November 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8250, (Wed, Nov 9th)
https://malware.news/t/isc-stormcast-for-wednesday-november-9th-2022-https-isc-sans-edu-podcastdetail-html-id-8250-wed-nov-9th/64867#post_1
ISC Stormcast For Wednesday, November 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8250, (Wed, Nov 9th)
https://isc.sans.edu/diary/rss/29232
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Top Security News for 29/11/2022
Exception(al) Failure - Breaking the STM32F1 Read-Out Protection
https://www.reddit.com/r/netsec/comments/z6z1qp/exceptional_failure_breaking_the_stm32f1_readout/
500 million WhatsApp mobile numbers up for sale on the dark web
https://www.csoonline.com/article/3681449/500-million-whatsapp-mobile-numbers-up-for-sale-on-the-dark-web.html#tk.rss_all
2600 HOLIDAY SPECIALS HAVE ARRIVED
https://www.2600.com/content/2600-holiday-specials-have-arrived
ISC StormCast for Tuesday, November 29th, 2022
https://isc.sans.edu/podcastdetail.html?id=8268
ISC Stormcast For Tuesday, November 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8268, (Tue, Nov 29th)
https://malware.news/t/isc-stormcast-for-tuesday-november-29th-2022-https-isc-sans-edu-podcastdetail-html-id-8268-tue-nov-29th/65310#post_1
U.S. and UK Ban More Chinese Kit as Xi’s Grip Weakens
https://malware.news/t/u-s-and-uk-ban-more-chinese-kit-as-xi-s-grip-weakens/65305#post_1
CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability
https://thehackernews.com/2022/11/cisa-warns-of-actively-exploited.html
Data Loss Protection (DLP) (noun)
https://thecyberwire.com/podcasts/word-notes/127/notes
The 5 Cornerstones for an Effective Cyber Security Awareness Training
https://thehackernews.com/2022/11/the-5-cornerstones-for-effective-cyber.html
The Art of Bypassing Kerberoast Detections with Orpheus
https://www.reddit.com/r/netsec/comments/z7fomb/the_art_of_bypassing_kerberoast_detections_with/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Exception(al) Failure - Breaking the STM32F1 Read-Out Protection
https://www.reddit.com/r/netsec/comments/z6z1qp/exceptional_failure_breaking_the_stm32f1_readout/
500 million WhatsApp mobile numbers up for sale on the dark web
https://www.csoonline.com/article/3681449/500-million-whatsapp-mobile-numbers-up-for-sale-on-the-dark-web.html#tk.rss_all
2600 HOLIDAY SPECIALS HAVE ARRIVED
https://www.2600.com/content/2600-holiday-specials-have-arrived
ISC StormCast for Tuesday, November 29th, 2022
https://isc.sans.edu/podcastdetail.html?id=8268
ISC Stormcast For Tuesday, November 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8268, (Tue, Nov 29th)
https://malware.news/t/isc-stormcast-for-tuesday-november-29th-2022-https-isc-sans-edu-podcastdetail-html-id-8268-tue-nov-29th/65310#post_1
U.S. and UK Ban More Chinese Kit as Xi’s Grip Weakens
https://malware.news/t/u-s-and-uk-ban-more-chinese-kit-as-xi-s-grip-weakens/65305#post_1
CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability
https://thehackernews.com/2022/11/cisa-warns-of-actively-exploited.html
Data Loss Protection (DLP) (noun)
https://thecyberwire.com/podcasts/word-notes/127/notes
The 5 Cornerstones for an Effective Cyber Security Awareness Training
https://thehackernews.com/2022/11/the-5-cornerstones-for-effective-cyber.html
The Art of Bypassing Kerberoast Detections with Orpheus
https://www.reddit.com/r/netsec/comments/z7fomb/the_art_of_bypassing_kerberoast_detections_with/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Exception(al) Failure - Breaking the STM32F1 Read-Out Protection
Posted in r/netsec by u/Gallus • 21 points and 1 comment
Top Security News for 30/11/2022
TikTok challenge spreads malware.
https://thecyberwire.com/stories/98c006aa1b98406a86f21ecc1d21b7ac/tiktok-challenge-spreads-malware
DDoS as threat to e-commerce. Meta's GDPR fine. TikTok challenge spreads malware. US CYBERCOM's support for Ukraine.
https://thecyberwire.com/newsletters/daily-briefing/11/227
Looting Microsoft Configuration Manager
https://www.reddit.com/r/netsec/comments/z86x3y/looting_microsoft_configuration_manager/
[Control systems] Moxa security advisory (AV22-664)
https://malware.news/t/control-systems-moxa-security-advisory-av22-664/65340#post_1
Hackers Using Trending TikTok 'Invisible Challenge' to Spread Malware
https://thehackernews.com/2022/11/hackers-using-trending-invisible.html
DDoS as a holiday-season threat to e-commerce. TikTok challenge spreads malware. Meta's GDPR fine. US Cyber Command describes support for Ukraine's cyber defense.
https://thecyberwire.com/podcasts/daily-podcast/1712/notes
TSA Considers Using Third-Party Assessors in Coming Pipeline Regulations
https://malware.news/t/tsa-considers-using-third-party-assessors-in-coming-pipeline-regulations/65337#post_1
Subdomain Enumeration with DNSSEC
https://www.reddit.com/r/netsec/comments/z7t8r4/subdomain_enumeration_with_dnssec/
Xiongmai IoT Exploitation
https://www.reddit.com/r/netsec/comments/z84wuw/xiongmai_iot_exploitation/
Malware Analysis - Ghidra vs Cutter vs Binary Ninja vs IDA Free
https://malware.news/t/malware-analysis-ghidra-vs-cutter-vs-binary-ninja-vs-ida-free/65336#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
TikTok challenge spreads malware.
https://thecyberwire.com/stories/98c006aa1b98406a86f21ecc1d21b7ac/tiktok-challenge-spreads-malware
DDoS as threat to e-commerce. Meta's GDPR fine. TikTok challenge spreads malware. US CYBERCOM's support for Ukraine.
https://thecyberwire.com/newsletters/daily-briefing/11/227
Looting Microsoft Configuration Manager
https://www.reddit.com/r/netsec/comments/z86x3y/looting_microsoft_configuration_manager/
[Control systems] Moxa security advisory (AV22-664)
https://malware.news/t/control-systems-moxa-security-advisory-av22-664/65340#post_1
Hackers Using Trending TikTok 'Invisible Challenge' to Spread Malware
https://thehackernews.com/2022/11/hackers-using-trending-invisible.html
DDoS as a holiday-season threat to e-commerce. TikTok challenge spreads malware. Meta's GDPR fine. US Cyber Command describes support for Ukraine's cyber defense.
https://thecyberwire.com/podcasts/daily-podcast/1712/notes
TSA Considers Using Third-Party Assessors in Coming Pipeline Regulations
https://malware.news/t/tsa-considers-using-third-party-assessors-in-coming-pipeline-regulations/65337#post_1
Subdomain Enumeration with DNSSEC
https://www.reddit.com/r/netsec/comments/z7t8r4/subdomain_enumeration_with_dnssec/
Xiongmai IoT Exploitation
https://www.reddit.com/r/netsec/comments/z84wuw/xiongmai_iot_exploitation/
Malware Analysis - Ghidra vs Cutter vs Binary Ninja vs IDA Free
https://malware.news/t/malware-analysis-ghidra-vs-cutter-vs-binary-ninja-vs-ida-free/65336#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
N2K CyberWire
TikTok challenge spreads malware.
There's malware lurking in a TikTok challenge. And, by the way, think about keeping your clothes on.
Top Security News for 01/12/2022
AWS' Inspector offers vulnerability management for Lambda serverless functions
https://www.csoonline.com/article/3681117/aws-inspector-offers-vulnerability-management-for-lambda-serverless-functions.html#tk.rss_all
Welcoming women in cybersecurity.
https://thecyberwire.com/stories/e2039ffcbeb74e769032a2e0036033b0/welcoming-women-in-cybersecurity
FUD Java RAT
https://www.reddit.com/r/Malware/comments/z9dfwb/fud_java_rat/
The Burp challenge
https://portswigger.net/blog/the-burp-challenge
Discord For Malware Course
https://www.reddit.com/r/Malware/comments/z9745i/discord_for_malware_course/
What is Ransom Cartel? A ransomware gang focused on reputational damage
https://www.csoonline.com/article/3680734/what-is-ransom-cartel-a-ransomware-gang-focused-on-reputational-damage.html#tk.rss_all
Multiversity by @wefuzz_io, a collection of amazing resources for Hackers and Developers to learn, develop, showcase and contribute to the future of Web3 Security
https://www.reddit.com/r/netsec/comments/z8yp36/multiversity_by_wefuzz_io_a_collection_of_amazing/
Patching healthcare cybersecurity risks.
https://thecyberwire.com/podcasts/caveat/151/notes
AWS launches new cybersecurity service Amazon Security Lake
https://www.csoonline.com/article/3681082/aws-launches-new-cybersecurity-service-amazon-security-lake.html#tk.rss_all
Lastpass discloses the second security breach this year
https://securityaffairs.co/wordpress/139136/data-breach/lastpass-second-security-breach.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
AWS' Inspector offers vulnerability management for Lambda serverless functions
https://www.csoonline.com/article/3681117/aws-inspector-offers-vulnerability-management-for-lambda-serverless-functions.html#tk.rss_all
Welcoming women in cybersecurity.
https://thecyberwire.com/stories/e2039ffcbeb74e769032a2e0036033b0/welcoming-women-in-cybersecurity
FUD Java RAT
https://www.reddit.com/r/Malware/comments/z9dfwb/fud_java_rat/
The Burp challenge
https://portswigger.net/blog/the-burp-challenge
Discord For Malware Course
https://www.reddit.com/r/Malware/comments/z9745i/discord_for_malware_course/
What is Ransom Cartel? A ransomware gang focused on reputational damage
https://www.csoonline.com/article/3680734/what-is-ransom-cartel-a-ransomware-gang-focused-on-reputational-damage.html#tk.rss_all
Multiversity by @wefuzz_io, a collection of amazing resources for Hackers and Developers to learn, develop, showcase and contribute to the future of Web3 Security
https://www.reddit.com/r/netsec/comments/z8yp36/multiversity_by_wefuzz_io_a_collection_of_amazing/
Patching healthcare cybersecurity risks.
https://thecyberwire.com/podcasts/caveat/151/notes
AWS launches new cybersecurity service Amazon Security Lake
https://www.csoonline.com/article/3681082/aws-launches-new-cybersecurity-service-amazon-security-lake.html#tk.rss_all
Lastpass discloses the second security breach this year
https://securityaffairs.co/wordpress/139136/data-breach/lastpass-second-security-breach.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO Online
AWS' Inspector offers vulnerability management for Lambda serverless functions
AWS announces new cybersecurity features in Amazon Inspector and Amazon Macie at AWS Re:Invent 2022 in Las Vegas.
👍1
Top Security News for 02/12/2022
CISA: Cuba ransomware group has stolen $60 million from at least 100 organizations
https://malware.news/t/cisa-cuba-ransomware-group-has-stolen-60-million-from-at-least-100-organizations/65412#post_1
The CI/CD Goat just got wilder! - A new challenge to the deliberately vulnerable CI/CD environment
https://www.reddit.com/r/netsec/comments/z9pjzz/the_cicd_goat_just_got_wilder_a_new_challenge_to/
W4SP continues to nest in PyPI: Same supply chain attack, different distribution method
https://malware.news/t/w4sp-continues-to-nest-in-pypi-same-supply-chain-attack-different-distribution-method/65411#post_1
Software projects face supply chain security risk due to insecure artifact downloads via GitHub Actions
https://www.csoonline.com/article/3681988/software-projects-face-supply-chain-security-risk-due-to-insecure-artifact-downloads-via-github-act.html#tk.rss_all
Sasha Grey Is Not Recruiting Soldiers for the Russian Army
https://www.vice.com/en_us/article/k7b5jm/sasha-grey-is-not-recruiting-soldiers-for-the-russian-army
ASEC Weekly Phishing Email Threat Trend (November 13th, 2022 – November 19th, 2022 )
https://malware.news/t/asec-weekly-phishing-email-threat-trend-november-13th-2022-november-19th-2022/65415#post_1
Huawei Security Hypervisor Vulnerability
https://www.reddit.com/r/netsec/comments/z9s1as/huawei_security_hypervisor_vulnerability/
Cyberespionage, cybercrime, and patriotic hacktivism. The Heliconia framework described. Cyber risk for the telecom and healthcare sectors. Notes on the hybrid war. Predictions for 2023.
https://thecyberwire.com/podcasts/daily-podcast/1714/notes
Unauthenticated Command Injection in Asus M25 NAS
https://www.reddit.com/r/netsec/comments/z9phg8/unauthenticated_command_injection_in_asus_m25_nas/
2022-12-01 - Files for an ISC diary (obama224 Qakbot)
https://malware.news/t/2022-12-01-files-for-an-isc-diary-obama224-qakbot/65418#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CISA: Cuba ransomware group has stolen $60 million from at least 100 organizations
https://malware.news/t/cisa-cuba-ransomware-group-has-stolen-60-million-from-at-least-100-organizations/65412#post_1
The CI/CD Goat just got wilder! - A new challenge to the deliberately vulnerable CI/CD environment
https://www.reddit.com/r/netsec/comments/z9pjzz/the_cicd_goat_just_got_wilder_a_new_challenge_to/
W4SP continues to nest in PyPI: Same supply chain attack, different distribution method
https://malware.news/t/w4sp-continues-to-nest-in-pypi-same-supply-chain-attack-different-distribution-method/65411#post_1
Software projects face supply chain security risk due to insecure artifact downloads via GitHub Actions
https://www.csoonline.com/article/3681988/software-projects-face-supply-chain-security-risk-due-to-insecure-artifact-downloads-via-github-act.html#tk.rss_all
Sasha Grey Is Not Recruiting Soldiers for the Russian Army
https://www.vice.com/en_us/article/k7b5jm/sasha-grey-is-not-recruiting-soldiers-for-the-russian-army
ASEC Weekly Phishing Email Threat Trend (November 13th, 2022 – November 19th, 2022 )
https://malware.news/t/asec-weekly-phishing-email-threat-trend-november-13th-2022-november-19th-2022/65415#post_1
Huawei Security Hypervisor Vulnerability
https://www.reddit.com/r/netsec/comments/z9s1as/huawei_security_hypervisor_vulnerability/
Cyberespionage, cybercrime, and patriotic hacktivism. The Heliconia framework described. Cyber risk for the telecom and healthcare sectors. Notes on the hybrid war. Predictions for 2023.
https://thecyberwire.com/podcasts/daily-podcast/1714/notes
Unauthenticated Command Injection in Asus M25 NAS
https://www.reddit.com/r/netsec/comments/z9phg8/unauthenticated_command_injection_in_asus_m25_nas/
2022-12-01 - Files for an ISC diary (obama224 Qakbot)
https://malware.news/t/2022-12-01-files-for-an-isc-diary-obama224-qakbot/65418#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
CISA: Cuba ransomware group has stolen $60 million from at least 100 organizations
The Cuba ransomware group has launched attacks against 100 organizations around the world and brought in $60 million between December 2021 and August 2022, according to a new advisory from the Cybersecurity and Infrastructure Security Agency (CISA) and FBI.…
Top Security News for 03/12/2022
Dell, HP, and Lenovo Devices Found Using Outdated OpenSSL Versions
https://thehackernews.com/2022/11/dell-hp-and-lenovo-devices-found-using.html
[Control Systems] ABB security advisory (AV22-670)
https://malware.news/t/control-systems-abb-security-advisory-av22-670/65441#post_1
Maria Varmazis interviews Brandon Bailey about Space Attack Research and Tactic Analysis, or SPARTA matrix.
https://thecyberwire.com/podcasts/interview-selects/137/notes
RansomHouse attacks Colombian healthcare network. Patient data exposed in breach. US school district suffers data breach.
https://thecyberwire.com/newsletters/privacy-briefing/4/230
Adversarial activity. Risk and trend reports. Sandworm renews ransomware activity against Ukrainian targets.
https://thecyberwire.com/newsletters/week-that-was/6/47
Elon Musk Confirms Twitter 2.0 will Bring End-to-End Encryption to Direct Messages
https://thehackernews.com/2022/11/elon-musk-confirms-twitter-20-will.html
Hackers Using Trending TikTok 'Invisible Challenge' to Spread Malware
https://thehackernews.com/2022/11/hackers-using-trending-invisible.html
Inside the Windows Cache Manager
https://malware.news/t/inside-the-windows-cache-manager/65445#post_1
Millions of Android Devices Still Don't Have Patches for Mali GPU Flaws
https://thehackernews.com/2022/11/million-of-android-devices-still-dont.html
U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk
https://thehackernews.com/2022/11/us-bans-chinese-telecom-equipment-and.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Dell, HP, and Lenovo Devices Found Using Outdated OpenSSL Versions
https://thehackernews.com/2022/11/dell-hp-and-lenovo-devices-found-using.html
[Control Systems] ABB security advisory (AV22-670)
https://malware.news/t/control-systems-abb-security-advisory-av22-670/65441#post_1
Maria Varmazis interviews Brandon Bailey about Space Attack Research and Tactic Analysis, or SPARTA matrix.
https://thecyberwire.com/podcasts/interview-selects/137/notes
RansomHouse attacks Colombian healthcare network. Patient data exposed in breach. US school district suffers data breach.
https://thecyberwire.com/newsletters/privacy-briefing/4/230
Adversarial activity. Risk and trend reports. Sandworm renews ransomware activity against Ukrainian targets.
https://thecyberwire.com/newsletters/week-that-was/6/47
Elon Musk Confirms Twitter 2.0 will Bring End-to-End Encryption to Direct Messages
https://thehackernews.com/2022/11/elon-musk-confirms-twitter-20-will.html
Hackers Using Trending TikTok 'Invisible Challenge' to Spread Malware
https://thehackernews.com/2022/11/hackers-using-trending-invisible.html
Inside the Windows Cache Manager
https://malware.news/t/inside-the-windows-cache-manager/65445#post_1
Millions of Android Devices Still Don't Have Patches for Mali GPU Flaws
https://thehackernews.com/2022/11/million-of-android-devices-still-dont.html
U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk
https://thehackernews.com/2022/11/us-bans-chinese-telecom-equipment-and.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
[Control Systems] ABB security advisory (AV22-670)
Article Link: [Control Systems] ABB security advisory (AV22-670) - Canadian Centre for Cyber Security
Top Security News for 04/12/2022
[KIS-2022-06] Drupal H5P Module <= 2.0.0 (isValidPackage) Zip Slip Vulnerability
https://www.reddit.com/r/netsec/comments/zbhtrx/kis202206_drupal_h5p_module_200_isvalidpackage/
Update: python-per-line.py Version 0.0.9
https://malware.news/t/update-python-per-line-py-version-0-0-9/65451#post_1
kitabisa/teler release v2.0.0-dev
https://www.reddit.com/r/netsec/comments/zbbcb8/kitabisateler_release_v200dev/
Securing Your SAP Environments: Going Beyond Access Control
https://securityintelligence.com/securing-sap-environments-beyond-access-control/
Linux LOLBins Applications Available in Windows, (Sat, Dec 3rd)
https://malware.news/t/linux-lolbins-applications-available-in-windows-sat-dec-3rd/65449#post_1
Pre-Auth RCE with CodeQL in Under 20 Minutes
https://www.reddit.com/r/netsec/comments/zbfj1a/preauth_rce_with_codeql_in_under_20_minutes/
Safe malware testing
https://www.reddit.com/r/Malware/comments/zbigro/safe_malware_testing/
New CryWiper wiper targets Russian entities masquerading as a ransomware
https://securityaffairs.co/wordpress/139237/malware/crywiper-wiper.html
Dissecting Windows Section Objects
https://malware.news/t/dissecting-windows-section-objects/65448#post_1
Using make_sc_hash_db.py to create API hashing DBs
https://malware.news/t/using-make-sc-hash-db-py-to-create-api-hashing-dbs/65450#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
[KIS-2022-06] Drupal H5P Module <= 2.0.0 (isValidPackage) Zip Slip Vulnerability
https://www.reddit.com/r/netsec/comments/zbhtrx/kis202206_drupal_h5p_module_200_isvalidpackage/
Update: python-per-line.py Version 0.0.9
https://malware.news/t/update-python-per-line-py-version-0-0-9/65451#post_1
kitabisa/teler release v2.0.0-dev
https://www.reddit.com/r/netsec/comments/zbbcb8/kitabisateler_release_v200dev/
Securing Your SAP Environments: Going Beyond Access Control
https://securityintelligence.com/securing-sap-environments-beyond-access-control/
Linux LOLBins Applications Available in Windows, (Sat, Dec 3rd)
https://malware.news/t/linux-lolbins-applications-available-in-windows-sat-dec-3rd/65449#post_1
Pre-Auth RCE with CodeQL in Under 20 Minutes
https://www.reddit.com/r/netsec/comments/zbfj1a/preauth_rce_with_codeql_in_under_20_minutes/
Safe malware testing
https://www.reddit.com/r/Malware/comments/zbigro/safe_malware_testing/
New CryWiper wiper targets Russian entities masquerading as a ransomware
https://securityaffairs.co/wordpress/139237/malware/crywiper-wiper.html
Dissecting Windows Section Objects
https://malware.news/t/dissecting-windows-section-objects/65448#post_1
Using make_sc_hash_db.py to create API hashing DBs
https://malware.news/t/using-make-sc-hash-db-py-to-create-api-hashing-dbs/65450#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
[KIS-2022-06] Drupal H5P Module <= 2.0.0 (isValidPackage) Zip Slip...
Posted in r/netsec by u/eg1x • 2 points and 0 comments
❤1
Top Security News for 05/12/2022
GitHub Actions - Artifact Poisoning Vulnerability
https://www.reddit.com/r/netsec/comments/zcdlzp/github_actions_artifact_poisoning_vulnerability/
Test Post 2 – 5 Dec Prod Release
https://malware.news/t/test-post-2-5-dec-prod-release/65457#post_1
OWASP Top 10 CI/CD Security Risks project released
https://www.reddit.com/r/netsec/comments/zckkhi/owasp_top_10_cicd_security_risks_project_released/
US DHS Cyber Safety Board will review Lapsus$ gang’s operations
https://securityaffairs.co/wordpress/139255/cyber-crime/us-dhs-cyber-safety-board-review-lapsus-attacks.html
Vulnerability Management: An essential tactic for zero trust from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/70/notes
Finger.exe LOLBin, (Sun, Dec 4th)
https://isc.sans.edu/diary/rss/29298
New report finds social media fueling a rise in primary school violence
https://malware.news/t/new-report-finds-social-media-fueling-a-rise-in-primary-school-violence/65461#post_1
Botnet servers found infected with Cobalt Strike Beacon Malware
https://www.reddit.com/r/Malware/comments/zcrlba/botnet_servers_found_infected_with_cobalt_strike/
Extracting Certificates For Defender
https://malware.news/t/extracting-certificates-for-defender/65455#post_1
Deobfuscation of .NET using PowerShelling & dnlib - Eternity Malware
https://malware.news/t/deobfuscation-of-net-using-powershelling-dnlib-eternity-malware/65456#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
GitHub Actions - Artifact Poisoning Vulnerability
https://www.reddit.com/r/netsec/comments/zcdlzp/github_actions_artifact_poisoning_vulnerability/
Test Post 2 – 5 Dec Prod Release
https://malware.news/t/test-post-2-5-dec-prod-release/65457#post_1
OWASP Top 10 CI/CD Security Risks project released
https://www.reddit.com/r/netsec/comments/zckkhi/owasp_top_10_cicd_security_risks_project_released/
US DHS Cyber Safety Board will review Lapsus$ gang’s operations
https://securityaffairs.co/wordpress/139255/cyber-crime/us-dhs-cyber-safety-board-review-lapsus-attacks.html
Vulnerability Management: An essential tactic for zero trust from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/70/notes
Finger.exe LOLBin, (Sun, Dec 4th)
https://isc.sans.edu/diary/rss/29298
New report finds social media fueling a rise in primary school violence
https://malware.news/t/new-report-finds-social-media-fueling-a-rise-in-primary-school-violence/65461#post_1
Botnet servers found infected with Cobalt Strike Beacon Malware
https://www.reddit.com/r/Malware/comments/zcrlba/botnet_servers_found_infected_with_cobalt_strike/
Extracting Certificates For Defender
https://malware.news/t/extracting-certificates-for-defender/65455#post_1
Deobfuscation of .NET using PowerShelling & dnlib - Eternity Malware
https://malware.news/t/deobfuscation-of-net-using-powershelling-dnlib-eternity-malware/65456#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: GitHub Actions - Artifact Poisoning Vulnerability
Posted by u/dotanoam - 118 votes and 6 comments
Top Security News for 06/12/2022
New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers
https://thehackernews.com/2022/12/new-bmc-supply-chain-vulnerabilities.html
[Help] I'm looking for a downloadable list of all CVEs including vulnerability
https://www.reddit.com/r/netsec/comments/zdm9g2/help_im_looking_for_a_downloadable_list_of_all/
Cybersecurity Plan: 3 Keys for CISOs
https://malware.news/t/cybersecurity-plan-3-keys-for-cisos/65499#post_1
Schoolyard Bully: a Facebook Trojan.
https://thecyberwire.com/stories/a22b8c59a5354b16bea865d1d1197efa/schoolyard-bully-a-facebook-trojan
Hijacking GitHub Repositories by Deleting and Restoring Them
https://www.reddit.com/r/netsec/comments/zdcgza/hijacking_github_repositories_by_deleting_and/
GitLab security advisory (AV22-676)
https://malware.news/t/gitlab-security-advisory-av22-676/65494#post_1
French hospital cancels operations after a ransomware attack
https://securityaffairs.co/wordpress/139316/cyber-crime/french-hospital-ransomware-attack-2.html
North Korean Hackers Spread AppleJeus Malware Disguised as Cryptocurrency Apps
https://thehackernews.com/2022/12/north-korean-hackers-spread-applejeus.html
Journalist Sues NSO After Being Hacked By Pegasus Spyware
https://packetstormsecurity.com/news/view/34104/Journalist-Sues-NSO-After-Being-Hacked-By-Pegasus-Spyware.html
A Detailed Analysis of The Last Version of REvil Ransomware [PDF]
https://www.reddit.com/r/netsec/comments/zd92ww/a_detailed_analysis_of_the_last_version_of_revil/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers
https://thehackernews.com/2022/12/new-bmc-supply-chain-vulnerabilities.html
[Help] I'm looking for a downloadable list of all CVEs including vulnerability
https://www.reddit.com/r/netsec/comments/zdm9g2/help_im_looking_for_a_downloadable_list_of_all/
Cybersecurity Plan: 3 Keys for CISOs
https://malware.news/t/cybersecurity-plan-3-keys-for-cisos/65499#post_1
Schoolyard Bully: a Facebook Trojan.
https://thecyberwire.com/stories/a22b8c59a5354b16bea865d1d1197efa/schoolyard-bully-a-facebook-trojan
Hijacking GitHub Repositories by Deleting and Restoring Them
https://www.reddit.com/r/netsec/comments/zdcgza/hijacking_github_repositories_by_deleting_and/
GitLab security advisory (AV22-676)
https://malware.news/t/gitlab-security-advisory-av22-676/65494#post_1
French hospital cancels operations after a ransomware attack
https://securityaffairs.co/wordpress/139316/cyber-crime/french-hospital-ransomware-attack-2.html
North Korean Hackers Spread AppleJeus Malware Disguised as Cryptocurrency Apps
https://thehackernews.com/2022/12/north-korean-hackers-spread-applejeus.html
Journalist Sues NSO After Being Hacked By Pegasus Spyware
https://packetstormsecurity.com/news/view/34104/Journalist-Sues-NSO-After-Being-Hacked-By-Pegasus-Spyware.html
A Detailed Analysis of The Last Version of REvil Ransomware [PDF]
https://www.reddit.com/r/netsec/comments/zd92ww/a_detailed_analysis_of_the_last_version_of_revil/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: [Help] I'm looking for a downloadable list of all CVEs including vulnerability
Posted by u/much_thanks - No votes and 2 comments
Top Security News for 07/12/2022
ISC StormCast for Wednesday, December 7th, 2022
https://isc.sans.edu/podcastdetail.html?id=8280
ISC Stormcast For Wednesday, December 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8280, (Wed, Dec 7th)
https://malware.news/t/isc-stormcast-for-wednesday-december-7th-2022-https-isc-sans-edu-podcastdetail-html-id-8280-wed-dec-7th/65539#post_1
Sophos fixed a critical flaw in its Sophos Firewall version 19.5
https://securityaffairs.co/wordpress/139362/security/sophos-firewall-critical-flaw.html
The changing role of the MITRE ATT@CK framework
https://www.csoonline.com/article/3681990/the-changing-role-of-the-mitre-att-ck-framework.html#tk.rss_all
Containers, Security, and Risks within Containerized Environments
https://securityintelligence.com/posts/containers-security-risks-containerized-environments/
ISC Stormcast For Wednesday, December 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8280, (Wed, Dec 7th)
https://isc.sans.edu/diary/rss/29310
Cyberespionage, privateering, hacktivism and influence operations, in Ukraine, Russia, the Middle East, and elsewhere. Criminals need quality control, too. A new entry in CISA’s KEV Catalog.
https://thecyberwire.com/podcasts/daily-podcast/1717/notes
Darknet's Largest Mobile Malware Marketplace Threatens Users Worldwide
https://thehackernews.com/2022/12/darknets-largest-mobile-malware.html
Telcom and BPO Companies Under Attack by SIM Swapping Hackers
https://thehackernews.com/2022/12/telcom-and-bpo-companies-under-attack.html
Want To Detect Cobalt Strike On The Network? Look To Process Memory
https://packetstormsecurity.com/news/view/34112/Want-To-Detect-Cobalt-Strike-On-The-Network-Look-To-Process-Memory.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC StormCast for Wednesday, December 7th, 2022
https://isc.sans.edu/podcastdetail.html?id=8280
ISC Stormcast For Wednesday, December 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8280, (Wed, Dec 7th)
https://malware.news/t/isc-stormcast-for-wednesday-december-7th-2022-https-isc-sans-edu-podcastdetail-html-id-8280-wed-dec-7th/65539#post_1
Sophos fixed a critical flaw in its Sophos Firewall version 19.5
https://securityaffairs.co/wordpress/139362/security/sophos-firewall-critical-flaw.html
The changing role of the MITRE ATT@CK framework
https://www.csoonline.com/article/3681990/the-changing-role-of-the-mitre-att-ck-framework.html#tk.rss_all
Containers, Security, and Risks within Containerized Environments
https://securityintelligence.com/posts/containers-security-risks-containerized-environments/
ISC Stormcast For Wednesday, December 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8280, (Wed, Dec 7th)
https://isc.sans.edu/diary/rss/29310
Cyberespionage, privateering, hacktivism and influence operations, in Ukraine, Russia, the Middle East, and elsewhere. Criminals need quality control, too. A new entry in CISA’s KEV Catalog.
https://thecyberwire.com/podcasts/daily-podcast/1717/notes
Darknet's Largest Mobile Malware Marketplace Threatens Users Worldwide
https://thehackernews.com/2022/12/darknets-largest-mobile-malware.html
Telcom and BPO Companies Under Attack by SIM Swapping Hackers
https://thehackernews.com/2022/12/telcom-and-bpo-companies-under-attack.html
Want To Detect Cobalt Strike On The Network? Look To Process Memory
https://packetstormsecurity.com/news/view/34112/Want-To-Detect-Cobalt-Strike-On-The-Network-Look-To-Process-Memory.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Wednesday, December 7th, 2022 - SANS ISC
Top Security News for 08/12/2022
Trojan analysis
https://www.reddit.com/r/Malware/comments/zfh5uh/trojan_analysis/
Follow the money along the blockchain.
https://thecyberwire.com/podcasts/caveat/152/notes
An Artist Used Pokémon Go Technology to Sell ‘Crypto Cocaine’ NFTs in Art Basel Bathrooms
https://www.vice.com/en_us/article/93ajye/a-ton-of-coke-crypto-cocaine-nfts-art-basel-festival-miami
Apple announces new security and privacy measures amid surge in cyber-attacks
https://www.theguardian.com/technology/2022/dec/07/apple-new-security-privacy-measures-spike-cyber-attacks
Android 13 Image Now Available
https://malware.news/t/android-13-image-now-available/65568#post_1
Do not get your news on social media.
https://thecyberwire.com/podcasts/hacking-humans/223/notes
South Pacific Vacations May Be Wrecked By Ransomware
https://packetstormsecurity.com/news/view/34120/South-Pacific-Vacations-May-Be-Wrecked-By-Ransomware.html
Ransomware, third-party risk, cyberespionage, social engineering, and a software supply-chain threat..
https://thecyberwire.com/podcasts/daily-podcast/1718/notes
ISC StormCast for Thursday, December 8th, 2022
https://isc.sans.edu/podcastdetail.html?id=8282
ASEC Weekly Phishing Email Threat Trend (November 20th, 2022 – November 26th, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trend-november-20th-2022-november-26th-2022/65569#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Trojan analysis
https://www.reddit.com/r/Malware/comments/zfh5uh/trojan_analysis/
Follow the money along the blockchain.
https://thecyberwire.com/podcasts/caveat/152/notes
An Artist Used Pokémon Go Technology to Sell ‘Crypto Cocaine’ NFTs in Art Basel Bathrooms
https://www.vice.com/en_us/article/93ajye/a-ton-of-coke-crypto-cocaine-nfts-art-basel-festival-miami
Apple announces new security and privacy measures amid surge in cyber-attacks
https://www.theguardian.com/technology/2022/dec/07/apple-new-security-privacy-measures-spike-cyber-attacks
Android 13 Image Now Available
https://malware.news/t/android-13-image-now-available/65568#post_1
Do not get your news on social media.
https://thecyberwire.com/podcasts/hacking-humans/223/notes
South Pacific Vacations May Be Wrecked By Ransomware
https://packetstormsecurity.com/news/view/34120/South-Pacific-Vacations-May-Be-Wrecked-By-Ransomware.html
Ransomware, third-party risk, cyberespionage, social engineering, and a software supply-chain threat..
https://thecyberwire.com/podcasts/daily-podcast/1718/notes
ISC StormCast for Thursday, December 8th, 2022
https://isc.sans.edu/podcastdetail.html?id=8282
ASEC Weekly Phishing Email Threat Trend (November 20th, 2022 – November 26th, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trend-november-20th-2022-november-26th-2022/65569#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Trojan analysis
I found a VB script file tagged as a trojan by many AV on a pc that I remotely fixed today. I'd like to import it on my pc for studying because I...
Top Security News for 09/12/2022
COVID-bit: New COVert Channel to Exfiltrate Data from Air-Gapped Computers
https://thehackernews.com/2022/12/covid-bit-new-covert-channel-to.html
Vehicle Identification Numbers reveal driver data via telematics
https://www.malwarebytes.com/blog/news/2022/12/vehicle-identification-numbers-reveal-driver-data-via-telematics
ISC StormCast for Friday, December 9th, 2022
https://isc.sans.edu/podcastdetail.html?id=8284
The IT Army of Ukraine claims VTB DDoS. DPRK exploits Internet Explorer vulnerability. New variant of Babuk ransomware reported. Blind spots in air-gapped networks. And, dog and cat hacking.
https://thecyberwire.com/podcasts/daily-podcast/1719/notes
Guy Who Wrote Minecraft's Ending Poem Makes It Public Domain After Taking Shrooms
https://www.vice.com/en_us/article/m7gn3q/guy-who-wrote-minecrafts-ending-poem-makes-it-public-domain-after-taking-shrooms
Using ChatGPT to Generate Phishing Campaigns
https://www.reddit.com/r/netsec/comments/zgkz7n/using_chatgpt_to_generate_phishing_campaigns/
5 SaaS security best practices
https://www.malwarebytes.com/blog/business/2022/12/5-saas-security-best-practices
2023 NDAA's cyber provisions. States vs. TikTok. Cyber incident reporting rules. Takedown orders in India.
https://thecyberwire.com/newsletters/policy-briefing/4/234
APT37 used Internet Explorer Zero-Day in a recent campaign
https://securityaffairs.co/wordpress/139403/apt/apt37-internet-explorer-zero-day.html
ISC Stormcast For Friday, December 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8284, (Fri, Dec 9th)
https://malware.news/t/isc-stormcast-for-friday-december-9th-2022-https-isc-sans-edu-podcastdetail-html-id-8284-fri-dec-9th/65612#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
COVID-bit: New COVert Channel to Exfiltrate Data from Air-Gapped Computers
https://thehackernews.com/2022/12/covid-bit-new-covert-channel-to.html
Vehicle Identification Numbers reveal driver data via telematics
https://www.malwarebytes.com/blog/news/2022/12/vehicle-identification-numbers-reveal-driver-data-via-telematics
ISC StormCast for Friday, December 9th, 2022
https://isc.sans.edu/podcastdetail.html?id=8284
The IT Army of Ukraine claims VTB DDoS. DPRK exploits Internet Explorer vulnerability. New variant of Babuk ransomware reported. Blind spots in air-gapped networks. And, dog and cat hacking.
https://thecyberwire.com/podcasts/daily-podcast/1719/notes
Guy Who Wrote Minecraft's Ending Poem Makes It Public Domain After Taking Shrooms
https://www.vice.com/en_us/article/m7gn3q/guy-who-wrote-minecrafts-ending-poem-makes-it-public-domain-after-taking-shrooms
Using ChatGPT to Generate Phishing Campaigns
https://www.reddit.com/r/netsec/comments/zgkz7n/using_chatgpt_to_generate_phishing_campaigns/
5 SaaS security best practices
https://www.malwarebytes.com/blog/business/2022/12/5-saas-security-best-practices
2023 NDAA's cyber provisions. States vs. TikTok. Cyber incident reporting rules. Takedown orders in India.
https://thecyberwire.com/newsletters/policy-briefing/4/234
APT37 used Internet Explorer Zero-Day in a recent campaign
https://securityaffairs.co/wordpress/139403/apt/apt37-internet-explorer-zero-day.html
ISC Stormcast For Friday, December 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8284, (Fri, Dec 9th)
https://malware.news/t/isc-stormcast-for-friday-december-9th-2022-https-isc-sans-edu-podcastdetail-html-id-8284-fri-dec-9th/65612#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Vehicle Identification Numbers reveal driver data via telematics
We take a look at reports of vehicle identification numbers being used to potentially reveal customer data through telematics.
Top Security News for 10/12/2022
Cobalt Mirage's Dokbk malware. Zombinder in the C2C market. Relief-themed impersonation scams.
https://thecyberwire.com/newsletters/daily-briefing/11/235
Epic Games introduces safer accounts for kids
https://www.malwarebytes.com/blog/news/2022/12/epic-games-places-child-accounts-into-a-security-cabinet
Cybersecurity during the World Cup.
https://thecyberwire.com/podcasts/research-saturday/261/notes
Why is Robust API Security Crucial in eCommerce?
https://thehackernews.com/2022/12/why-is-robust-api-security-crucial-in.html
This week's activities in cyber gangland. Trends in ransomware. Rackspace works to remediate a ransomware incident.
https://thecyberwire.com/newsletters/week-that-was/6/48
Researchers Detail New Attack Method to Bypass Popular Web Application Firewalls
https://thehackernews.com/2022/12/researchers-detail-new-attack-method-to.html
Pwn2Own Toronto 2022 Day 3: Participants earned nearly $1 million
https://securityaffairs.co/wordpress/139462/hacking/pwn2own-toronto-2022-day-3-participants-earned-nearly-1-million.html
EU court orders Google to remove false search results. Australia’s strategy for awakening from its cyber slumber. Netherlands to join US in Chinese tech export ban.
https://thecyberwire.com/newsletters/policy-briefing/4/235
Security Advisory for FreeBSD Ping Stack-Based Overflow CVE-2022-23093
https://malware.news/t/security-advisory-for-freebsd-ping-stack-based-overflow-cve-2022-23093/65633#post_1
Mike Hamilton, former CISO of Seattle discusses how $1 billion for cybersecurity funding will be difficult to distribute to state and local governments.
https://thecyberwire.com/podcasts/interview-selects/138/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Cobalt Mirage's Dokbk malware. Zombinder in the C2C market. Relief-themed impersonation scams.
https://thecyberwire.com/newsletters/daily-briefing/11/235
Epic Games introduces safer accounts for kids
https://www.malwarebytes.com/blog/news/2022/12/epic-games-places-child-accounts-into-a-security-cabinet
Cybersecurity during the World Cup.
https://thecyberwire.com/podcasts/research-saturday/261/notes
Why is Robust API Security Crucial in eCommerce?
https://thehackernews.com/2022/12/why-is-robust-api-security-crucial-in.html
This week's activities in cyber gangland. Trends in ransomware. Rackspace works to remediate a ransomware incident.
https://thecyberwire.com/newsletters/week-that-was/6/48
Researchers Detail New Attack Method to Bypass Popular Web Application Firewalls
https://thehackernews.com/2022/12/researchers-detail-new-attack-method-to.html
Pwn2Own Toronto 2022 Day 3: Participants earned nearly $1 million
https://securityaffairs.co/wordpress/139462/hacking/pwn2own-toronto-2022-day-3-participants-earned-nearly-1-million.html
EU court orders Google to remove false search results. Australia’s strategy for awakening from its cyber slumber. Netherlands to join US in Chinese tech export ban.
https://thecyberwire.com/newsletters/policy-briefing/4/235
Security Advisory for FreeBSD Ping Stack-Based Overflow CVE-2022-23093
https://malware.news/t/security-advisory-for-freebsd-ping-stack-based-overflow-cve-2022-23093/65633#post_1
Mike Hamilton, former CISO of Seattle discusses how $1 billion for cybersecurity funding will be difficult to distribute to state and local governments.
https://thecyberwire.com/podcasts/interview-selects/138/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Cobalt Mirage's Dokbk malware. Zombinder in the C2C market. Relief-themed impersonation scams.
Cobalt Mirage deploys Drokbk malware. Zombinder in the C2C market. Impersonation scams: that's not Ukraine’s Ministry of Digital Transformation. On the cyber front, nothing new. CISA releases three ICS advisories.
Top Security News for 11/12/2022
Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant
https://thehackernews.com/2022/12/hack-for-hire-group-targets-travel-and.html
Telstra sorry for publishing up to 130,000 customers’ details online
https://www.theguardian.com/business/2022/dec/11/telstra-sorry-for-publishing-up-to-130000-customers-details-online
US HHS warns healthcare orgs of Royal Ransomware attacks
https://securityaffairs.co/wordpress/139486/cyber-crime/us-hhs-royal-ransomware-attacks.html
Diamond industry under attack – Week in security with Tony Anscombe
https://malware.news/t/diamond-industry-under-attack-week-in-security-with-tony-anscombe/65635#post_1
At least 4,460 vulnerable Pulse Connect Secure hosts are exposed to the Internet
https://securityaffairs.co/wordpress/139491/security/pulse-connect-secure-vulnerbale-hosts.html
Can Machines Create Truly Authentic Content?
https://malware.news/t/can-machines-create-truly-authentic-content/65638#post_1
Someone on a Discord DM tried to get me to install malware from a website, can I report this somehow?
https://www.reddit.com/r/Malware/comments/zhwg81/someone_on_a_discord_dm_tried_to_get_me_to/
Yara rules collection
https://malware.news/t/yara-rules-collection/65636#post_1
Mobile Bug Bounty Hunting? Enter BLE – Cybervelia
https://www.reddit.com/r/netsec/comments/zhnaeo/mobile_bug_bounty_hunting_enter_ble_cybervelia/
Deep Dive: PIPEDREAM/Incontroller ICS Attack Framework
https://malware.news/t/deep-dive-pipedream-incontroller-ics-attack-framework/65637#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant
https://thehackernews.com/2022/12/hack-for-hire-group-targets-travel-and.html
Telstra sorry for publishing up to 130,000 customers’ details online
https://www.theguardian.com/business/2022/dec/11/telstra-sorry-for-publishing-up-to-130000-customers-details-online
US HHS warns healthcare orgs of Royal Ransomware attacks
https://securityaffairs.co/wordpress/139486/cyber-crime/us-hhs-royal-ransomware-attacks.html
Diamond industry under attack – Week in security with Tony Anscombe
https://malware.news/t/diamond-industry-under-attack-week-in-security-with-tony-anscombe/65635#post_1
At least 4,460 vulnerable Pulse Connect Secure hosts are exposed to the Internet
https://securityaffairs.co/wordpress/139491/security/pulse-connect-secure-vulnerbale-hosts.html
Can Machines Create Truly Authentic Content?
https://malware.news/t/can-machines-create-truly-authentic-content/65638#post_1
Someone on a Discord DM tried to get me to install malware from a website, can I report this somehow?
https://www.reddit.com/r/Malware/comments/zhwg81/someone_on_a_discord_dm_tried_to_get_me_to/
Yara rules collection
https://malware.news/t/yara-rules-collection/65636#post_1
Mobile Bug Bounty Hunting? Enter BLE – Cybervelia
https://www.reddit.com/r/netsec/comments/zhnaeo/mobile_bug_bounty_hunting_enter_ble_cybervelia/
Deep Dive: PIPEDREAM/Incontroller ICS Attack Framework
https://malware.news/t/deep-dive-pipedream-incontroller-ics-attack-framework/65637#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
the Guardian
Telstra sorry for publishing up to 130,000 customers’ details online
Release of names, numbers and addresses of some unlisted customers was not due to cyber-attack
Top Security News for 12/12/2022
Virtual/Fractional CISOs
https://thecyberwire.com/podcasts/cso-perspectives/94/notes
IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&CK matrix related
https://www.reddit.com/r/netsec/comments/zjn894/iatelligence_is_a_python_script_that_will_extract/
ISC Stormcast For Monday, December 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8286, (Mon, Dec 12th)
https://malware.news/t/isc-stormcast-for-monday-december-12th-2022-https-isc-sans-edu-podcastdetail-html-id-8286-mon-dec-12th/65641#post_1
Open Now: 2022 SANS Holiday Hack Challenge & KringleCon, (Sat, Dec 10th)
https://malware.news/t/xa-open-now-2022-sans-holiday-hack-challenge-kringlecon-sat-dec-10th/65640#post_1
Christmas is coming – must be time for another Amazon scam
https://malware.news/t/christmas-is-coming-must-be-time-for-another-amazon-scam/65642#post_1
Quickie: CyberChef Sorting By String Length, (Sun, Dec 11th)
https://isc.sans.edu/diary/rss/29328
Controlled Folder Access blocked action
https://www.reddit.com/r/Malware/comments/zjo1we/controlled_folder_access_blocked_action/
MuddyWater APT group is back with updated TTPs
https://securityaffairs.co/wordpress/139505/apt/muddywater-changs-ttps.html
Pwn2Own Toronto 2022 Day 4: $989K awarded for 63 unique zero-days
https://securityaffairs.co/wordpress/139516/hacking/pwn2own-toronto-2022-day4.html

Open Now: 2022 SANS Holiday Hack Challenge & KringleCon, (Sat, Dec 10th)
https://isc.sans.edu/diary/rss/29326
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Virtual/Fractional CISOs
https://thecyberwire.com/podcasts/cso-perspectives/94/notes
IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&CK matrix related
https://www.reddit.com/r/netsec/comments/zjn894/iatelligence_is_a_python_script_that_will_extract/
ISC Stormcast For Monday, December 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8286, (Mon, Dec 12th)
https://malware.news/t/isc-stormcast-for-monday-december-12th-2022-https-isc-sans-edu-podcastdetail-html-id-8286-mon-dec-12th/65641#post_1
Open Now: 2022 SANS Holiday Hack Challenge & KringleCon, (Sat, Dec 10th)
https://malware.news/t/xa-open-now-2022-sans-holiday-hack-challenge-kringlecon-sat-dec-10th/65640#post_1
Christmas is coming – must be time for another Amazon scam
https://malware.news/t/christmas-is-coming-must-be-time-for-another-amazon-scam/65642#post_1
Quickie: CyberChef Sorting By String Length, (Sun, Dec 11th)
https://isc.sans.edu/diary/rss/29328
Controlled Folder Access blocked action
https://www.reddit.com/r/Malware/comments/zjo1we/controlled_folder_access_blocked_action/
MuddyWater APT group is back with updated TTPs
https://securityaffairs.co/wordpress/139505/apt/muddywater-changs-ttps.html
Pwn2Own Toronto 2022 Day 4: $989K awarded for 63 unique zero-days
https://securityaffairs.co/wordpress/139516/hacking/pwn2own-toronto-2022-day4.html

Open Now: 2022 SANS Holiday Hack Challenge & KringleCon, (Sat, Dec 10th)
https://isc.sans.edu/diary/rss/29326
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Virtual/Fractional CISOs
Todd Inskeep, the Founder & Sr Managing Director at Incovate Solutions, discusses the evolution of CISO role.
Top Security News for 13/12/2022
ISC Stormcast For Tuesday, December 13th, 2022 https://isc.sans.edu/podcastdetail.html?id=8288, (Tue, Dec 13th)
https://isc.sans.edu/diary/rss/29332
Iranian hacking group uses compromised email accounts to distribute MSP remote access tool
https://www.malwarebytes.com/blog/news/2022/12/iranian-hacking-group-uses-compromised-email-accounts-to-distribute-msp-remote-access-tool
A week in security (December 5 - 11)
https://www.malwarebytes.com/blog/news/2022/12/a-week-in-security-december-5-11
Your Life, Their Profit: Buyer Awareness in the 21st Century
https://thecyberwire.com/podcasts/8th-layer-insights/28/notes
Anti-trust action and tech mergers. Twitter’s open access strategy. CISA’s 2023 goals. Japan plans a more assertive cyberstrategy.
https://thecyberwire.com/newsletters/policy-briefing/4/236
Hacking the Met.
https://thecyberwire.com/stories/900613a4a7b643d0a5d1b0aec5c50855/hacking-the-met
Data breaches at COVaxON and Vevor. Indian privacy vs. bots. AirAsia ransomware investigation.
https://thecyberwire.com/newsletters/privacy-briefing/4/236
Fortinet urges customers to fix actively exploited FortiOS SSL-VPN bug
https://securityaffairs.co/wordpress/139569/hacking/fortinet-fortios-ssl-vpn-bug.html
ASEC Weekly Phishing Email Threat Trends (November 27th, 2022 – December 3rd, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-november-27th-2022-december-3rd-2022/65670#post_1
Twitter Auctioning Off Fancy Chairs, Espresso Machines, $10,000 Meat Slicer in HQ Clear-Out
https://www.vice.com/en_us/article/4axmbn/twitter-auctioning-off-fancy-chairs-espresso-machines-dollar10000-meat-slicer-in-hq-clear-out
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Tuesday, December 13th, 2022 https://isc.sans.edu/podcastdetail.html?id=8288, (Tue, Dec 13th)
https://isc.sans.edu/diary/rss/29332
Iranian hacking group uses compromised email accounts to distribute MSP remote access tool
https://www.malwarebytes.com/blog/news/2022/12/iranian-hacking-group-uses-compromised-email-accounts-to-distribute-msp-remote-access-tool
A week in security (December 5 - 11)
https://www.malwarebytes.com/blog/news/2022/12/a-week-in-security-december-5-11
Your Life, Their Profit: Buyer Awareness in the 21st Century
https://thecyberwire.com/podcasts/8th-layer-insights/28/notes
Anti-trust action and tech mergers. Twitter’s open access strategy. CISA’s 2023 goals. Japan plans a more assertive cyberstrategy.
https://thecyberwire.com/newsletters/policy-briefing/4/236
Hacking the Met.
https://thecyberwire.com/stories/900613a4a7b643d0a5d1b0aec5c50855/hacking-the-met
Data breaches at COVaxON and Vevor. Indian privacy vs. bots. AirAsia ransomware investigation.
https://thecyberwire.com/newsletters/privacy-briefing/4/236
Fortinet urges customers to fix actively exploited FortiOS SSL-VPN bug
https://securityaffairs.co/wordpress/139569/hacking/fortinet-fortios-ssl-vpn-bug.html
ASEC Weekly Phishing Email Threat Trends (November 27th, 2022 – December 3rd, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-november-27th-2022-december-3rd-2022/65670#post_1
Twitter Auctioning Off Fancy Chairs, Espresso Machines, $10,000 Meat Slicer in HQ Clear-Out
https://www.vice.com/en_us/article/4axmbn/twitter-auctioning-off-fancy-chairs-espresso-machines-dollar10000-meat-slicer-in-hq-clear-out
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Tuesday, December 13th, 2022 - SANS ISC
Top Security News for 14/12/2022
Microsoft Patch Tuesday fixes six critical vulnerabilities
https://malware.news/t/microsoft-patch-tuesday-fixes-six-critical-vulnerabilities/65717#post_1
Exploiting CVE-2022-42703 - Bringing back the stack attack
https://www.reddit.com/r/lowlevel/comments/zge0om/exploiting_cve202242703_bringing_back_the_stack/
Cybersecurity Experts Uncover Inner Workings of Destructive Azov Ransomware
https://thehackernews.com/2022/12/cybersecurity-experts-uncover-inner.html
Citrix and NSA urge admins to fix actively exploited zero-day in Citrix ADC and Gateway
https://securityaffairs.co/wordpress/139609/apt/citrix-adc-gateway-cve-2022-27518.html
Serious Attacks Could Have Been Staged Through This Amazon ECR Public Gallery Vulnerability
https://thehackernews.com/2022/12/serious-attacks-could-have-been-staged.html
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/13-12-2022
Security Alert: Microsoft Releases December 2022 Security Updates
https://malware.news/t/security-alert-microsoft-releases-december-2022-security-updates/65720#post_1
ISC Stormcast For Wednesday, December 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8290, (Wed, Dec 14th)
https://malware.news/t/isc-stormcast-for-wednesday-december-14th-2022-https-isc-sans-edu-podcastdetail-html-id-8290-wed-dec-14th/65721#post_1
ISC Stormcast For Wednesday, December 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8290, (Wed, Dec 14th)
https://isc.sans.edu/diary/rss/29342
PCI Secure Software Standard version 1.2 sets out new payment security requirements
https://www.csoonline.com/article/3682656/pci-secure-software-standard-version-1-2-sets-out-new-payment-security-requirements.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Microsoft Patch Tuesday fixes six critical vulnerabilities
https://malware.news/t/microsoft-patch-tuesday-fixes-six-critical-vulnerabilities/65717#post_1
Exploiting CVE-2022-42703 - Bringing back the stack attack
https://www.reddit.com/r/lowlevel/comments/zge0om/exploiting_cve202242703_bringing_back_the_stack/
Cybersecurity Experts Uncover Inner Workings of Destructive Azov Ransomware
https://thehackernews.com/2022/12/cybersecurity-experts-uncover-inner.html
Citrix and NSA urge admins to fix actively exploited zero-day in Citrix ADC and Gateway
https://securityaffairs.co/wordpress/139609/apt/citrix-adc-gateway-cve-2022-27518.html
Serious Attacks Could Have Been Staged Through This Amazon ECR Public Gallery Vulnerability
https://thehackernews.com/2022/12/serious-attacks-could-have-been-staged.html
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/13-12-2022
Security Alert: Microsoft Releases December 2022 Security Updates
https://malware.news/t/security-alert-microsoft-releases-december-2022-security-updates/65720#post_1
ISC Stormcast For Wednesday, December 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8290, (Wed, Dec 14th)
https://malware.news/t/isc-stormcast-for-wednesday-december-14th-2022-https-isc-sans-edu-podcastdetail-html-id-8290-wed-dec-14th/65721#post_1
ISC Stormcast For Wednesday, December 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8290, (Wed, Dec 14th)
https://isc.sans.edu/diary/rss/29342
PCI Secure Software Standard version 1.2 sets out new payment security requirements
https://www.csoonline.com/article/3682656/pci-secure-software-standard-version-1-2-sets-out-new-payment-security-requirements.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Microsoft Patch Tuesday fixes six critical vulnerabilities
One moderate vulnerability already exploited impacts the Windows SmartScreen Security Feature Article Link: Microsoft Patch Tuesday fixes six critical vulnerabilities | ZDNET
👍1
Top Security News for 16/12/2022
PyPI malware creators starting to employ Anti-Debug techniques
https://www.reddit.com/r/netsec/comments/zmfkoz/pypi_malware_creators_starting_to_employ/
Microsoft revised CVE-2022-37958 severity due to its broader scope
https://securityaffairs.co/wordpress/139709/hacking/microsoft-revised-cve-2022-37958-rate.html
ISC StormCast for Friday, December 16th, 2022
https://isc.sans.edu/podcastdetail.html?id=8294
A vulnerability in the UMPD (User-Mode Printer Drivers) allows local users to trigger a use-after-free vulnerability. The vulnerability works from Windows 8 and above, and is fairly easy to exploit on older Windows machines.
https://www.reddit.com/r/netsec/comments/zmnt6b/a_vulnerability_in_the_umpd_usermode_printer/
Meta summarizes 2022 action against coordinated inauthenticity. President Putin lies low. Russian troll farms like Kid Rock.
https://thecyberwire.com/newsletters/disinformation-briefing/4/49
Combined SOC Webinar Q&A: From EDR to ITDR and ASO … and ChatGPT
https://medium.com/anton-on-security/combined-soc-webinar-q-a-from-edr-to-itdr-and-aso-95ecec02782?source=rss----8e8c3ed26c4c---4
Uber data stolen via third-party vendor
https://www.malwarebytes.com/blog/news/2022/12/uber-breached-via-attack-against-its-vendor
Windows: Still insecure after all these years
https://malware.news/t/windows-still-insecure-after-all-these-years/65798#post_1
Is an outsourced SOC worth it? Looking at the ROI of MDR
https://www.malwarebytes.com/blog/business/2022/12/are-outsourced-soc-services-worth-it-looking-at-the-roi-of-mdr
Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as 'Critical'
https://thehackernews.com/2022/12/microsoft-reclassifies-spnego-extended.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
PyPI malware creators starting to employ Anti-Debug techniques
https://www.reddit.com/r/netsec/comments/zmfkoz/pypi_malware_creators_starting_to_employ/
Microsoft revised CVE-2022-37958 severity due to its broader scope
https://securityaffairs.co/wordpress/139709/hacking/microsoft-revised-cve-2022-37958-rate.html
ISC StormCast for Friday, December 16th, 2022
https://isc.sans.edu/podcastdetail.html?id=8294
A vulnerability in the UMPD (User-Mode Printer Drivers) allows local users to trigger a use-after-free vulnerability. The vulnerability works from Windows 8 and above, and is fairly easy to exploit on older Windows machines.
https://www.reddit.com/r/netsec/comments/zmnt6b/a_vulnerability_in_the_umpd_usermode_printer/
Meta summarizes 2022 action against coordinated inauthenticity. President Putin lies low. Russian troll farms like Kid Rock.
https://thecyberwire.com/newsletters/disinformation-briefing/4/49
Combined SOC Webinar Q&A: From EDR to ITDR and ASO … and ChatGPT
https://medium.com/anton-on-security/combined-soc-webinar-q-a-from-edr-to-itdr-and-aso-95ecec02782?source=rss----8e8c3ed26c4c---4
Uber data stolen via third-party vendor
https://www.malwarebytes.com/blog/news/2022/12/uber-breached-via-attack-against-its-vendor
Windows: Still insecure after all these years
https://malware.news/t/windows-still-insecure-after-all-these-years/65798#post_1
Is an outsourced SOC worth it? Looking at the ROI of MDR
https://www.malwarebytes.com/blog/business/2022/12/are-outsourced-soc-services-worth-it-looking-at-the-roi-of-mdr
Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as 'Critical'
https://thehackernews.com/2022/12/microsoft-reclassifies-spnego-extended.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
PyPI malware creators starting to employ Anti-Debug techniques
Posted in r/netsec by u/SRMish3 • 0 points and 0 comments
Top Security News for 17/12/2022
Virtual kidnapping scam strikes again. Spot the signs
https://www.malwarebytes.com/blog/news/2022/12/virtual-kidnapping-scam-strikes-again-spot-the-signs
Worldwide law enforcement action takes down major DDoS booter services
https://www.malwarebytes.com/blog/news/2022/12/worldwide-law-enforcement-action-takes-down-major-ddos-booter-services
Writing My first SpyWare for learning C/C++
https://0x00sec.org/t/writing-my-first-spyware-for-learning-c-c/32521
5 Ways to Improve Holiday Retail and Wholesale Cybersecurity
https://securityintelligence.com/articles/5-improvements-retail-wholesale-holiday-cybersecurity/
Cyber Security Is Not a Losing Game – If You Start Right Now
https://thehackernews.com/2022/12/cyber-security-is-not-losing-game-if.html
Senator Asks Gabe Newell Why Steam Hosts So Much Neo-Nazi Content
https://www.vice.com/en_us/article/dy79na/senator-asks-gabe-newell-why-steam-hosts-so-much-neo-nazi-content
Critical Vulnerability Found in Sovrin, a Popular Decentralized Identity System
https://www.reddit.com/r/netsec/comments/zn7tuz/critical_vulnerability_found_in_sovrin_a_popular/
Clare O’Neil on national security amid cyber hacks and threats to democracy
https://www.theguardian.com/australia-news/audio/2022/dec/17/clare-oneil-on-national-security-amid-cyber-hacks-and-threats-to-democracy
Update now! Apple patches active exploit vulnerability for iPhones
https://www.malwarebytes.com/blog/news/2022/12/update-now-apple-patches-active-exploit-vulnerability-for-iphones
Worldwide law enforcement action takes down major DDoS booter services
https://malware.news/t/worldwide-law-enforcement-action-takes-down-major-ddos-booter-services/65822#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Virtual kidnapping scam strikes again. Spot the signs
https://www.malwarebytes.com/blog/news/2022/12/virtual-kidnapping-scam-strikes-again-spot-the-signs
Worldwide law enforcement action takes down major DDoS booter services
https://www.malwarebytes.com/blog/news/2022/12/worldwide-law-enforcement-action-takes-down-major-ddos-booter-services
Writing My first SpyWare for learning C/C++
https://0x00sec.org/t/writing-my-first-spyware-for-learning-c-c/32521
5 Ways to Improve Holiday Retail and Wholesale Cybersecurity
https://securityintelligence.com/articles/5-improvements-retail-wholesale-holiday-cybersecurity/
Cyber Security Is Not a Losing Game – If You Start Right Now
https://thehackernews.com/2022/12/cyber-security-is-not-losing-game-if.html
Senator Asks Gabe Newell Why Steam Hosts So Much Neo-Nazi Content
https://www.vice.com/en_us/article/dy79na/senator-asks-gabe-newell-why-steam-hosts-so-much-neo-nazi-content
Critical Vulnerability Found in Sovrin, a Popular Decentralized Identity System
https://www.reddit.com/r/netsec/comments/zn7tuz/critical_vulnerability_found_in_sovrin_a_popular/
Clare O’Neil on national security amid cyber hacks and threats to democracy
https://www.theguardian.com/australia-news/audio/2022/dec/17/clare-oneil-on-national-security-amid-cyber-hacks-and-threats-to-democracy
Update now! Apple patches active exploit vulnerability for iPhones
https://www.malwarebytes.com/blog/news/2022/12/update-now-apple-patches-active-exploit-vulnerability-for-iphones
Worldwide law enforcement action takes down major DDoS booter services
https://malware.news/t/worldwide-law-enforcement-action-takes-down-major-ddos-booter-services/65822#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Virtual kidnapping scam strikes again. Spot the signs
A recent scam has been making the rounds that attempts to fool you into thinking a loved one has been kidnapped.
Top Security News for 18/12/2022
Samba addressed multiple high-severity vulnerabilities
https://securityaffairs.co/wordpress/139760/hacking/samba-multiple-flaws.html
Exploiting API Framework Flexibility
https://www.reddit.com/r/netsec/comments/zo3lts/exploiting_api_framework_flexibility/
State-sponsored activity (and defenses against it). Breaches, ransomware, and social engineering. SHA-1 retired.
https://thecyberwire.com/newsletters/week-that-was/6/49
Strategies to get the most out of your toolsets.
https://thecyberwire.com/podcasts/cyberwire-x/43/notes
CyberChef & Entropy, (Sat, Dec 17th)
https://isc.sans.edu/diary/rss/29352
[QuickNote] VidarStealer Analysis
https://malware.news/t/quicknote-vidarstealer-analysis/65824#post_1
PortexAnalyzer GUI Released
https://www.reddit.com/r/Malware/comments/zo75br/portexanalyzer_gui_released/
Google Takes Gmail Security to the Next Level with Client-Side Encryption
https://thehackernews.com/2022/12/gmail-encryption.html
Writing x64dbg plugins
https://malware.news/t/writing-x64dbg-plugins/65826#post_1
Update: zipdump.py Version 0.0.23
https://malware.news/t/update-zipdump-py-version-0-0-23/65828#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Samba addressed multiple high-severity vulnerabilities
https://securityaffairs.co/wordpress/139760/hacking/samba-multiple-flaws.html
Exploiting API Framework Flexibility
https://www.reddit.com/r/netsec/comments/zo3lts/exploiting_api_framework_flexibility/
State-sponsored activity (and defenses against it). Breaches, ransomware, and social engineering. SHA-1 retired.
https://thecyberwire.com/newsletters/week-that-was/6/49
Strategies to get the most out of your toolsets.
https://thecyberwire.com/podcasts/cyberwire-x/43/notes
CyberChef & Entropy, (Sat, Dec 17th)
https://isc.sans.edu/diary/rss/29352
[QuickNote] VidarStealer Analysis
https://malware.news/t/quicknote-vidarstealer-analysis/65824#post_1
PortexAnalyzer GUI Released
https://www.reddit.com/r/Malware/comments/zo75br/portexanalyzer_gui_released/
Google Takes Gmail Security to the Next Level with Client-Side Encryption
https://thehackernews.com/2022/12/gmail-encryption.html
Writing x64dbg plugins
https://malware.news/t/writing-x64dbg-plugins/65826#post_1
Update: zipdump.py Version 0.0.23
https://malware.news/t/update-zipdump-py-version-0-0-23/65828#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Samba addressed multiple high-severity vulnerabilities
Samba released updates to address multiple vulnerabilities that can be exploited to take control of impacted systems.