Top Security News for 30/11/2022

TikTok challenge spreads malware.
https://thecyberwire.com/stories/98c006aa1b98406a86f21ecc1d21b7ac/tiktok-challenge-spreads-malware

DDoS as threat to e-commerce. Meta's GDPR fine. TikTok challenge spreads malware. US CYBERCOM's support for Ukraine.
https://thecyberwire.com/newsletters/daily-briefing/11/227

Looting Microsoft Configuration Manager
https://www.reddit.com/r/netsec/comments/z86x3y/looting_microsoft_configuration_manager/

[Control systems] Moxa security advisory (AV22-664)
https://malware.news/t/control-systems-moxa-security-advisory-av22-664/65340#post_1

Hackers Using Trending TikTok 'Invisible Challenge' to Spread Malware
https://thehackernews.com/2022/11/hackers-using-trending-invisible.html

DDoS as a holiday-season threat to e-commerce. TikTok challenge spreads malware. Meta's GDPR fine. US Cyber Command describes support for Ukraine's cyber defense.
https://thecyberwire.com/podcasts/daily-podcast/1712/notes

TSA Considers Using Third-Party Assessors in Coming Pipeline Regulations
https://malware.news/t/tsa-considers-using-third-party-assessors-in-coming-pipeline-regulations/65337#post_1

Subdomain Enumeration with DNSSEC
https://www.reddit.com/r/netsec/comments/z7t8r4/subdomain_enumeration_with_dnssec/

Xiongmai IoT Exploitation
https://www.reddit.com/r/netsec/comments/z84wuw/xiongmai_iot_exploitation/

Malware Analysis - Ghidra vs Cutter vs Binary Ninja vs IDA Free
https://malware.news/t/malware-analysis-ghidra-vs-cutter-vs-binary-ninja-vs-ida-free/65336#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 01/12/2022

AWS' Inspector offers vulnerability management for Lambda serverless functions
https://www.csoonline.com/article/3681117/aws-inspector-offers-vulnerability-management-for-lambda-serverless-functions.html#tk.rss_all

Welcoming women in cybersecurity.
https://thecyberwire.com/stories/e2039ffcbeb74e769032a2e0036033b0/welcoming-women-in-cybersecurity

FUD Java RAT
https://www.reddit.com/r/Malware/comments/z9dfwb/fud_java_rat/

The Burp challenge
https://portswigger.net/blog/the-burp-challenge

Discord For Malware Course
https://www.reddit.com/r/Malware/comments/z9745i/discord_for_malware_course/

What is Ransom Cartel? A ransomware gang focused on reputational damage
https://www.csoonline.com/article/3680734/what-is-ransom-cartel-a-ransomware-gang-focused-on-reputational-damage.html#tk.rss_all

Multiversity by @wefuzz_io, a collection of amazing resources for Hackers and Developers to learn, develop, showcase and contribute to the future of Web3 Security
https://www.reddit.com/r/netsec/comments/z8yp36/multiversity_by_wefuzz_io_a_collection_of_amazing/

Patching healthcare cybersecurity risks.
https://thecyberwire.com/podcasts/caveat/151/notes

AWS launches new cybersecurity service Amazon Security Lake
https://www.csoonline.com/article/3681082/aws-launches-new-cybersecurity-service-amazon-security-lake.html#tk.rss_all

Lastpass discloses the second security breach this year
https://securityaffairs.co/wordpress/139136/data-breach/lastpass-second-security-breach.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 02/12/2022

CISA: Cuba ransomware group has stolen $60 million from at least 100 organizations
https://malware.news/t/cisa-cuba-ransomware-group-has-stolen-60-million-from-at-least-100-organizations/65412#post_1

The CI/CD Goat just got wilder! - A new challenge to the deliberately vulnerable CI/CD environment
https://www.reddit.com/r/netsec/comments/z9pjzz/the_cicd_goat_just_got_wilder_a_new_challenge_to/

W4SP continues to nest in PyPI: Same supply chain attack, different distribution method
https://malware.news/t/w4sp-continues-to-nest-in-pypi-same-supply-chain-attack-different-distribution-method/65411#post_1

Software projects face supply chain security risk due to insecure artifact downloads via GitHub Actions
https://www.csoonline.com/article/3681988/software-projects-face-supply-chain-security-risk-due-to-insecure-artifact-downloads-via-github-act.html#tk.rss_all

Sasha Grey Is Not Recruiting Soldiers for the Russian Army
https://www.vice.com/en_us/article/k7b5jm/sasha-grey-is-not-recruiting-soldiers-for-the-russian-army

ASEC Weekly Phishing Email Threat Trend (November 13th, 2022 – November 19th, 2022 )
https://malware.news/t/asec-weekly-phishing-email-threat-trend-november-13th-2022-november-19th-2022/65415#post_1

Huawei Security Hypervisor Vulnerability
https://www.reddit.com/r/netsec/comments/z9s1as/huawei_security_hypervisor_vulnerability/

Cyberespionage, cybercrime, and patriotic hacktivism. The Heliconia framework described. Cyber risk for the telecom and healthcare sectors. Notes on the hybrid war. Predictions for 2023.
https://thecyberwire.com/podcasts/daily-podcast/1714/notes

Unauthenticated Command Injection in Asus M25 NAS
https://www.reddit.com/r/netsec/comments/z9phg8/unauthenticated_command_injection_in_asus_m25_nas/

2022-12-01 - Files for an ISC diary (obama224 Qakbot)
https://malware.news/t/2022-12-01-files-for-an-isc-diary-obama224-qakbot/65418#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 03/12/2022

Dell, HP, and Lenovo Devices Found Using Outdated OpenSSL Versions
https://thehackernews.com/2022/11/dell-hp-and-lenovo-devices-found-using.html

[Control Systems] ABB security advisory (AV22-670)
https://malware.news/t/control-systems-abb-security-advisory-av22-670/65441#post_1

Maria Varmazis interviews Brandon Bailey about Space Attack Research and Tactic Analysis, or SPARTA matrix.
https://thecyberwire.com/podcasts/interview-selects/137/notes

RansomHouse attacks Colombian healthcare network. Patient data exposed in breach. US school district suffers data breach.
https://thecyberwire.com/newsletters/privacy-briefing/4/230

Adversarial activity. Risk and trend reports. Sandworm renews ransomware activity against Ukrainian targets.
https://thecyberwire.com/newsletters/week-that-was/6/47

Elon Musk Confirms Twitter 2.0 will Bring End-to-End Encryption to Direct Messages
https://thehackernews.com/2022/11/elon-musk-confirms-twitter-20-will.html

Hackers Using Trending TikTok 'Invisible Challenge' to Spread Malware
https://thehackernews.com/2022/11/hackers-using-trending-invisible.html

Inside the Windows Cache Manager
https://malware.news/t/inside-the-windows-cache-manager/65445#post_1

Millions of Android Devices Still Don't Have Patches for Mali GPU Flaws
https://thehackernews.com/2022/11/million-of-android-devices-still-dont.html

U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk
https://thehackernews.com/2022/11/us-bans-chinese-telecom-equipment-and.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 04/12/2022

[KIS-2022-06] Drupal H5P Module <= 2.0.0 (isValidPackage) Zip Slip Vulnerability
https://www.reddit.com/r/netsec/comments/zbhtrx/kis202206_drupal_h5p_module_200_isvalidpackage/

Update: python-per-line.py Version 0.0.9
https://malware.news/t/update-python-per-line-py-version-0-0-9/65451#post_1

kitabisa/teler release v2.0.0-dev
https://www.reddit.com/r/netsec/comments/zbbcb8/kitabisateler_release_v200dev/

Securing Your SAP Environments: Going Beyond Access Control
https://securityintelligence.com/securing-sap-environments-beyond-access-control/

Linux LOLBins Applications Available in Windows, (Sat, Dec 3rd)
https://malware.news/t/linux-lolbins-applications-available-in-windows-sat-dec-3rd/65449#post_1

Pre-Auth RCE with CodeQL in Under 20 Minutes
https://www.reddit.com/r/netsec/comments/zbfj1a/preauth_rce_with_codeql_in_under_20_minutes/

Safe malware testing
https://www.reddit.com/r/Malware/comments/zbigro/safe_malware_testing/

New CryWiper wiper targets Russian entities masquerading as a ransomware
https://securityaffairs.co/wordpress/139237/malware/crywiper-wiper.html

Dissecting Windows Section Objects
https://malware.news/t/dissecting-windows-section-objects/65448#post_1

Using make_sc_hash_db.py to create API hashing DBs
https://malware.news/t/using-make-sc-hash-db-py-to-create-api-hashing-dbs/65450#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 05/12/2022

GitHub Actions - Artifact Poisoning Vulnerability
https://www.reddit.com/r/netsec/comments/zcdlzp/github_actions_artifact_poisoning_vulnerability/

Test Post 2 – 5 Dec Prod Release
https://malware.news/t/test-post-2-5-dec-prod-release/65457#post_1

OWASP Top 10 CI/CD Security Risks project released
https://www.reddit.com/r/netsec/comments/zckkhi/owasp_top_10_cicd_security_risks_project_released/

US DHS Cyber Safety Board will review Lapsus$ gang’s operations
https://securityaffairs.co/wordpress/139255/cyber-crime/us-dhs-cyber-safety-board-review-lapsus-attacks.html

Vulnerability Management: An essential tactic for zero trust from the Rick the Toolman Series.
https://thecyberwire.com/podcasts/cso-perspectives-public/70/notes

Finger.exe LOLBin, (Sun, Dec 4th)
https://isc.sans.edu/diary/rss/29298

New report finds social media fueling a rise in primary school violence
https://malware.news/t/new-report-finds-social-media-fueling-a-rise-in-primary-school-violence/65461#post_1

Botnet servers found infected with Cobalt Strike Beacon Malware
https://www.reddit.com/r/Malware/comments/zcrlba/botnet_servers_found_infected_with_cobalt_strike/

Extracting Certificates For Defender
https://malware.news/t/extracting-certificates-for-defender/65455#post_1

Deobfuscation of .NET using PowerShelling & dnlib - Eternity Malware
https://malware.news/t/deobfuscation-of-net-using-powershelling-dnlib-eternity-malware/65456#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 06/12/2022

New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers
https://thehackernews.com/2022/12/new-bmc-supply-chain-vulnerabilities.html

[Help] I'm looking for a downloadable list of all CVEs including vulnerability
https://www.reddit.com/r/netsec/comments/zdm9g2/help_im_looking_for_a_downloadable_list_of_all/

Cybersecurity Plan: 3 Keys for CISOs
https://malware.news/t/cybersecurity-plan-3-keys-for-cisos/65499#post_1

Schoolyard Bully: a Facebook Trojan.
https://thecyberwire.com/stories/a22b8c59a5354b16bea865d1d1197efa/schoolyard-bully-a-facebook-trojan

Hijacking GitHub Repositories by Deleting and Restoring Them
https://www.reddit.com/r/netsec/comments/zdcgza/hijacking_github_repositories_by_deleting_and/

GitLab security advisory (AV22-676)
https://malware.news/t/gitlab-security-advisory-av22-676/65494#post_1

French hospital cancels operations after a ransomware attack
https://securityaffairs.co/wordpress/139316/cyber-crime/french-hospital-ransomware-attack-2.html

North Korean Hackers Spread AppleJeus Malware Disguised as Cryptocurrency Apps
https://thehackernews.com/2022/12/north-korean-hackers-spread-applejeus.html

Journalist Sues NSO After Being Hacked By Pegasus Spyware
https://packetstormsecurity.com/news/view/34104/Journalist-Sues-NSO-After-Being-Hacked-By-Pegasus-Spyware.html

A Detailed Analysis of The Last Version of REvil Ransomware [PDF]
https://www.reddit.com/r/netsec/comments/zd92ww/a_detailed_analysis_of_the_last_version_of_revil/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 07/12/2022

ISC StormCast for Wednesday, December 7th, 2022
https://isc.sans.edu/podcastdetail.html?id=8280

ISC Stormcast For Wednesday, December 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8280, (Wed, Dec 7th)
https://malware.news/t/isc-stormcast-for-wednesday-december-7th-2022-https-isc-sans-edu-podcastdetail-html-id-8280-wed-dec-7th/65539#post_1

Sophos fixed a critical flaw in its Sophos Firewall version 19.5
https://securityaffairs.co/wordpress/139362/security/sophos-firewall-critical-flaw.html

The changing role of the MITRE ATT@CK framework
https://www.csoonline.com/article/3681990/the-changing-role-of-the-mitre-att-ck-framework.html#tk.rss_all

Containers, Security, and Risks within Containerized Environments
https://securityintelligence.com/posts/containers-security-risks-containerized-environments/

ISC Stormcast For Wednesday, December 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8280, (Wed, Dec 7th)
https://isc.sans.edu/diary/rss/29310

Cyberespionage, privateering, hacktivism and influence operations, in Ukraine, Russia, the Middle East, and elsewhere. Criminals need quality control, too. A new entry in CISA’s KEV Catalog.
https://thecyberwire.com/podcasts/daily-podcast/1717/notes

Darknet's Largest Mobile Malware Marketplace Threatens Users Worldwide
https://thehackernews.com/2022/12/darknets-largest-mobile-malware.html

Telcom and BPO Companies Under Attack by SIM Swapping Hackers
https://thehackernews.com/2022/12/telcom-and-bpo-companies-under-attack.html

Want To Detect Cobalt Strike On The Network? Look To Process Memory
https://packetstormsecurity.com/news/view/34112/Want-To-Detect-Cobalt-Strike-On-The-Network-Look-To-Process-Memory.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 08/12/2022

Trojan analysis
https://www.reddit.com/r/Malware/comments/zfh5uh/trojan_analysis/

Follow the money along the blockchain.
https://thecyberwire.com/podcasts/caveat/152/notes

An Artist Used Pokémon Go Technology to Sell ‘Crypto Cocaine’ NFTs in Art Basel Bathrooms
https://www.vice.com/en_us/article/93ajye/a-ton-of-coke-crypto-cocaine-nfts-art-basel-festival-miami

Apple announces new security and privacy measures amid surge in cyber-attacks
https://www.theguardian.com/technology/2022/dec/07/apple-new-security-privacy-measures-spike-cyber-attacks

Android 13 Image Now Available
https://malware.news/t/android-13-image-now-available/65568#post_1

Do not get your news on social media.
https://thecyberwire.com/podcasts/hacking-humans/223/notes

South Pacific Vacations May Be Wrecked By Ransomware
https://packetstormsecurity.com/news/view/34120/South-Pacific-Vacations-May-Be-Wrecked-By-Ransomware.html

Ransomware, third-party risk, cyberespionage, social engineering, and a software supply-chain threat..
https://thecyberwire.com/podcasts/daily-podcast/1718/notes

ISC StormCast for Thursday, December 8th, 2022
https://isc.sans.edu/podcastdetail.html?id=8282

ASEC Weekly Phishing Email Threat Trend (November 20th, 2022 – November 26th, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trend-november-20th-2022-november-26th-2022/65569#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 09/12/2022

COVID-bit: New COVert Channel to Exfiltrate Data from Air-Gapped Computers
https://thehackernews.com/2022/12/covid-bit-new-covert-channel-to.html

Vehicle Identification Numbers reveal driver data via telematics
https://www.malwarebytes.com/blog/news/2022/12/vehicle-identification-numbers-reveal-driver-data-via-telematics

ISC StormCast for Friday, December 9th, 2022
https://isc.sans.edu/podcastdetail.html?id=8284

The IT Army of Ukraine claims VTB DDoS. DPRK exploits Internet Explorer vulnerability. New variant of Babuk ransomware reported. Blind spots in air-gapped networks. And, dog and cat hacking.
https://thecyberwire.com/podcasts/daily-podcast/1719/notes

Guy Who Wrote Minecraft's Ending Poem Makes It Public Domain After Taking Shrooms
https://www.vice.com/en_us/article/m7gn3q/guy-who-wrote-minecrafts-ending-poem-makes-it-public-domain-after-taking-shrooms

Using ChatGPT to Generate Phishing Campaigns
https://www.reddit.com/r/netsec/comments/zgkz7n/using_chatgpt_to_generate_phishing_campaigns/

5 SaaS security best practices
https://www.malwarebytes.com/blog/business/2022/12/5-saas-security-best-practices

2023 NDAA's cyber provisions. States vs. TikTok. Cyber incident reporting rules. Takedown orders in India.
https://thecyberwire.com/newsletters/policy-briefing/4/234

APT37 used Internet Explorer Zero-Day in a recent campaign
https://securityaffairs.co/wordpress/139403/apt/apt37-internet-explorer-zero-day.html

ISC Stormcast For Friday, December 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8284, (Fri, Dec 9th)
https://malware.news/t/isc-stormcast-for-friday-december-9th-2022-https-isc-sans-edu-podcastdetail-html-id-8284-fri-dec-9th/65612#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 10/12/2022

Cobalt Mirage's Dokbk malware. Zombinder in the C2C market. Relief-themed impersonation scams.
https://thecyberwire.com/newsletters/daily-briefing/11/235

Epic Games introduces safer accounts for kids
https://www.malwarebytes.com/blog/news/2022/12/epic-games-places-child-accounts-into-a-security-cabinet

Cybersecurity during the World Cup.
https://thecyberwire.com/podcasts/research-saturday/261/notes

Why is Robust API Security Crucial in eCommerce?
https://thehackernews.com/2022/12/why-is-robust-api-security-crucial-in.html

This week's activities in cyber gangland. Trends in ransomware. Rackspace works to remediate a ransomware incident.
https://thecyberwire.com/newsletters/week-that-was/6/48

Researchers Detail New Attack Method to Bypass Popular Web Application Firewalls
https://thehackernews.com/2022/12/researchers-detail-new-attack-method-to.html

Pwn2Own Toronto 2022 Day 3: Participants earned nearly $1 million
https://securityaffairs.co/wordpress/139462/hacking/pwn2own-toronto-2022-day-3-participants-earned-nearly-1-million.html

EU court orders Google to remove false search results. Australia’s strategy for awakening from its cyber slumber. Netherlands to join US in Chinese tech export ban.
https://thecyberwire.com/newsletters/policy-briefing/4/235

Security Advisory for FreeBSD Ping Stack-Based Overflow CVE-2022-23093
https://malware.news/t/security-advisory-for-freebsd-ping-stack-based-overflow-cve-2022-23093/65633#post_1

Mike Hamilton, former CISO of Seattle discusses how $1 billion for cybersecurity funding will be difficult to distribute to state and local governments.
https://thecyberwire.com/podcasts/interview-selects/138/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 11/12/2022

Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant
https://thehackernews.com/2022/12/hack-for-hire-group-targets-travel-and.html

Telstra sorry for publishing up to 130,000 customers’ details online
https://www.theguardian.com/business/2022/dec/11/telstra-sorry-for-publishing-up-to-130000-customers-details-online

US HHS warns healthcare orgs of Royal Ransomware attacks
https://securityaffairs.co/wordpress/139486/cyber-crime/us-hhs-royal-ransomware-attacks.html

Diamond industry under attack – Week in security with Tony Anscombe
https://malware.news/t/diamond-industry-under-attack-week-in-security-with-tony-anscombe/65635#post_1

At least 4,460 vulnerable Pulse Connect Secure hosts are exposed to the Internet
https://securityaffairs.co/wordpress/139491/security/pulse-connect-secure-vulnerbale-hosts.html

Can Machines Create Truly Authentic Content?
https://malware.news/t/can-machines-create-truly-authentic-content/65638#post_1

Someone on a Discord DM tried to get me to install malware from a website, can I report this somehow?
https://www.reddit.com/r/Malware/comments/zhwg81/someone_on_a_discord_dm_tried_to_get_me_to/

Yara rules collection
https://malware.news/t/yara-rules-collection/65636#post_1

Mobile Bug Bounty Hunting? Enter BLE – Cybervelia
https://www.reddit.com/r/netsec/comments/zhnaeo/mobile_bug_bounty_hunting_enter_ble_cybervelia/

Deep Dive: PIPEDREAM/Incontroller ICS Attack Framework
https://malware.news/t/deep-dive-pipedream-incontroller-ics-attack-framework/65637#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 12/12/2022

Virtual/Fractional CISOs
https://thecyberwire.com/podcasts/cso-perspectives/94/notes

IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&CK matrix related
https://www.reddit.com/r/netsec/comments/zjn894/iatelligence_is_a_python_script_that_will_extract/

ISC Stormcast For Monday, December 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8286, (Mon, Dec 12th)
https://malware.news/t/isc-stormcast-for-monday-december-12th-2022-https-isc-sans-edu-podcastdetail-html-id-8286-mon-dec-12th/65641#post_1


Open Now: 2022 SANS Holiday Hack Challenge & KringleCon, (Sat, Dec 10th)
https://malware.news/t/xa-open-now-2022-sans-holiday-hack-challenge-kringlecon-sat-dec-10th/65640#post_1

Christmas is coming – must be time for another Amazon scam
https://malware.news/t/christmas-is-coming-must-be-time-for-another-amazon-scam/65642#post_1

Quickie: CyberChef Sorting By String Length, (Sun, Dec 11th)
https://isc.sans.edu/diary/rss/29328

Controlled Folder Access blocked action
https://www.reddit.com/r/Malware/comments/zjo1we/controlled_folder_access_blocked_action/

MuddyWater APT group is back with updated TTPs
https://securityaffairs.co/wordpress/139505/apt/muddywater-changs-ttps.html

Pwn2Own Toronto 2022 Day 4: $989K awarded for 63 unique zero-days
https://securityaffairs.co/wordpress/139516/hacking/pwn2own-toronto-2022-day4.html


Open Now: 2022 SANS Holiday Hack Challenge & KringleCon, (Sat, Dec 10th)
https://isc.sans.edu/diary/rss/29326


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 13/12/2022

ISC Stormcast For Tuesday, December 13th, 2022 https://isc.sans.edu/podcastdetail.html?id=8288, (Tue, Dec 13th)
https://isc.sans.edu/diary/rss/29332

Iranian hacking group uses compromised email accounts to distribute MSP remote access tool
https://www.malwarebytes.com/blog/news/2022/12/iranian-hacking-group-uses-compromised-email-accounts-to-distribute-msp-remote-access-tool

A week in security (December 5 - 11)
https://www.malwarebytes.com/blog/news/2022/12/a-week-in-security-december-5-11

Your Life, Their Profit: Buyer Awareness in the 21st Century
https://thecyberwire.com/podcasts/8th-layer-insights/28/notes

Anti-trust action and tech mergers. Twitter’s open access strategy. CISA’s 2023 goals. Japan plans a more assertive cyberstrategy.
https://thecyberwire.com/newsletters/policy-briefing/4/236

Hacking the Met.
https://thecyberwire.com/stories/900613a4a7b643d0a5d1b0aec5c50855/hacking-the-met

Data breaches at COVaxON and Vevor. Indian privacy vs. bots. AirAsia ransomware investigation.
https://thecyberwire.com/newsletters/privacy-briefing/4/236

Fortinet urges customers to fix actively exploited FortiOS SSL-VPN bug
https://securityaffairs.co/wordpress/139569/hacking/fortinet-fortios-ssl-vpn-bug.html

ASEC Weekly Phishing Email Threat Trends (November 27th, 2022 – December 3rd, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-november-27th-2022-december-3rd-2022/65670#post_1

Twitter Auctioning Off Fancy Chairs, Espresso Machines, $10,000 Meat Slicer in HQ Clear-Out
https://www.vice.com/en_us/article/4axmbn/twitter-auctioning-off-fancy-chairs-espresso-machines-dollar10000-meat-slicer-in-hq-clear-out


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 14/12/2022

Microsoft Patch Tuesday fixes six critical vulnerabilities
https://malware.news/t/microsoft-patch-tuesday-fixes-six-critical-vulnerabilities/65717#post_1

Exploiting CVE-2022-42703 - Bringing back the stack attack
https://www.reddit.com/r/lowlevel/comments/zge0om/exploiting_cve202242703_bringing_back_the_stack/

Cybersecurity Experts Uncover Inner Workings of Destructive Azov Ransomware
https://thehackernews.com/2022/12/cybersecurity-experts-uncover-inner.html

Citrix and NSA urge admins to fix actively exploited zero-day in Citrix ADC and Gateway
https://securityaffairs.co/wordpress/139609/apt/citrix-adc-gateway-cve-2022-27518.html

Serious Attacks Could Have Been Staged Through This Amazon ECR Public Gallery Vulnerability
https://thehackernews.com/2022/12/serious-attacks-could-have-been-staged.html

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/13-12-2022

Security Alert: Microsoft Releases December 2022 Security Updates
https://malware.news/t/security-alert-microsoft-releases-december-2022-security-updates/65720#post_1

ISC Stormcast For Wednesday, December 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8290, (Wed, Dec 14th)
https://malware.news/t/isc-stormcast-for-wednesday-december-14th-2022-https-isc-sans-edu-podcastdetail-html-id-8290-wed-dec-14th/65721#post_1

ISC Stormcast For Wednesday, December 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8290, (Wed, Dec 14th)
https://isc.sans.edu/diary/rss/29342

PCI Secure Software Standard version 1.2 sets out new payment security requirements
https://www.csoonline.com/article/3682656/pci-secure-software-standard-version-1-2-sets-out-new-payment-security-requirements.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 16/12/2022

PyPI malware creators starting to employ Anti-Debug techniques
https://www.reddit.com/r/netsec/comments/zmfkoz/pypi_malware_creators_starting_to_employ/

Microsoft revised CVE-2022-37958 severity due to its broader scope
https://securityaffairs.co/wordpress/139709/hacking/microsoft-revised-cve-2022-37958-rate.html

ISC StormCast for Friday, December 16th, 2022
https://isc.sans.edu/podcastdetail.html?id=8294

A vulnerability in the UMPD (User-Mode Printer Drivers) allows local users to trigger a use-after-free vulnerability. The vulnerability works from Windows 8 and above, and is fairly easy to exploit on older Windows machines.
https://www.reddit.com/r/netsec/comments/zmnt6b/a_vulnerability_in_the_umpd_usermode_printer/

Meta summarizes 2022 action against coordinated inauthenticity. President Putin lies low. Russian troll farms like Kid Rock.
https://thecyberwire.com/newsletters/disinformation-briefing/4/49

Combined SOC Webinar Q&A: From EDR to ITDR and ASO … and ChatGPT
https://medium.com/anton-on-security/combined-soc-webinar-q-a-from-edr-to-itdr-and-aso-95ecec02782?source=rss----8e8c3ed26c4c---4

Uber data stolen via third-party vendor
https://www.malwarebytes.com/blog/news/2022/12/uber-breached-via-attack-against-its-vendor

Windows: Still insecure after all these years
https://malware.news/t/windows-still-insecure-after-all-these-years/65798#post_1

Is an outsourced SOC worth it? Looking at the ROI of MDR
https://www.malwarebytes.com/blog/business/2022/12/are-outsourced-soc-services-worth-it-looking-at-the-roi-of-mdr

Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as 'Critical'
https://thehackernews.com/2022/12/microsoft-reclassifies-spnego-extended.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 17/12/2022

Virtual kidnapping scam strikes again. Spot the signs
https://www.malwarebytes.com/blog/news/2022/12/virtual-kidnapping-scam-strikes-again-spot-the-signs

Worldwide law enforcement action takes down major DDoS booter services
https://www.malwarebytes.com/blog/news/2022/12/worldwide-law-enforcement-action-takes-down-major-ddos-booter-services

Writing My first SpyWare for learning C/C++
https://0x00sec.org/t/writing-my-first-spyware-for-learning-c-c/32521

5 Ways to Improve Holiday Retail and Wholesale Cybersecurity
https://securityintelligence.com/articles/5-improvements-retail-wholesale-holiday-cybersecurity/

Cyber Security Is Not a Losing Game – If You Start Right Now
https://thehackernews.com/2022/12/cyber-security-is-not-losing-game-if.html

Senator Asks Gabe Newell Why Steam Hosts So Much Neo-Nazi Content
https://www.vice.com/en_us/article/dy79na/senator-asks-gabe-newell-why-steam-hosts-so-much-neo-nazi-content

Critical Vulnerability Found in Sovrin, a Popular Decentralized Identity System
https://www.reddit.com/r/netsec/comments/zn7tuz/critical_vulnerability_found_in_sovrin_a_popular/

Clare O’Neil on national security amid cyber hacks and threats to democracy
https://www.theguardian.com/australia-news/audio/2022/dec/17/clare-oneil-on-national-security-amid-cyber-hacks-and-threats-to-democracy

Update now! Apple patches active exploit vulnerability for iPhones
https://www.malwarebytes.com/blog/news/2022/12/update-now-apple-patches-active-exploit-vulnerability-for-iphones

Worldwide law enforcement action takes down major DDoS booter services
https://malware.news/t/worldwide-law-enforcement-action-takes-down-major-ddos-booter-services/65822#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 18/12/2022

Samba addressed multiple high-severity vulnerabilities
https://securityaffairs.co/wordpress/139760/hacking/samba-multiple-flaws.html

Exploiting API Framework Flexibility
https://www.reddit.com/r/netsec/comments/zo3lts/exploiting_api_framework_flexibility/

State-sponsored activity (and defenses against it). Breaches, ransomware, and social engineering. SHA-1 retired.
https://thecyberwire.com/newsletters/week-that-was/6/49

Strategies to get the most out of your toolsets.
https://thecyberwire.com/podcasts/cyberwire-x/43/notes

CyberChef & Entropy, (Sat, Dec 17th)
https://isc.sans.edu/diary/rss/29352

[QuickNote] VidarStealer Analysis
https://malware.news/t/quicknote-vidarstealer-analysis/65824#post_1

PortexAnalyzer GUI Released
https://www.reddit.com/r/Malware/comments/zo75br/portexanalyzer_gui_released/

Google Takes Gmail Security to the Next Level with Client-Side Encryption
https://thehackernews.com/2022/12/gmail-encryption.html

Writing x64dbg plugins
https://malware.news/t/writing-x64dbg-plugins/65826#post_1

Update: zipdump.py Version 0.0.23
https://malware.news/t/update-zipdump-py-version-0-0-23/65828#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 19/12/2022

Cannot access specific websites (steam, blizzard)
https://www.reddit.com/r/Malware/comments/zpbfjv/cannot_access_specific_websites_steam_blizzard/

NAVY FEDERAL CREDIT UNION SITE PHISHED
https://www.reddit.com/r/Malware/comments/zp0rdc/navy_federal_credit_union_site_phished/

ISC Stormcast For Monday, December 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8296, (Mon, Dec 19th)
https://isc.sans.edu/diary/rss/29356

Don Pezet: Stepping stones are the start of your career.
https://thecyberwire.com/podcasts/career-notes/130/notes

Google announced end-to-end encryption for Gmail web
https://securityaffairs.co/wordpress/139778/security/end-to-end-encryption-gmail-web.html

IT security trends 2023 (part 2): Why iPhones are hackers' best friends, rootkits are celebrating a renaissance, and uncertainty is bad for IT security
https://malware.news/t/it-security-trends-2023-part-2-why-iphones-are-hackers-best-friends-rootkits-are-celebrating-a-renaissance-and-uncertainty-is-bad-for-it-security/65833#post_1

Infostealer Malware with Double Extension, (Sun, Dec 18th)
https://malware.news/t/infostealer-malware-with-double-extension-sun-dec-18th/65829#post_1

Port knocking from the scratch
https://www.reddit.com/r/netsec/comments/zpche7/port_knocking_from_the_scratch/

New tool: teeplus.py
https://malware.news/t/new-tool-teeplus-py/65830#post_1

Fire and rescue service in Victoria, Australia, confirms cyber attack
https://securityaffairs.co/wordpress/139764/cyber-crime/fire-service-victoria-australia-australia.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 20/12/2022

Cybercrime (and Security) Predictions for 2023
https://thehackernews.com/2022/12/cybercrime-and-security-predictions-for.html

ISC Stormcast For Tuesday, December 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8298, (Tue, Dec 20th)
https://isc.sans.edu/diary/rss/29360

BrandPost: Overcoming the Top Technology, Process, and People Challenges Faced by CISOs
https://www.csoonline.com/article/3683828/overcoming-the-top-technology-process-and-people-challenges-faced-by-cisos.html#tk.rss_all

FTC Fines Fortnite Maker Epic Games $275 Million for Violating Children's Privacy Law
https://thehackernews.com/2022/12/ftc-fines-fortnite-maker-epic-games-275.html

Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware
https://securityaffairs.co/wordpress/139831/cyber-crime/malicious-pypi-package-sentinelone-sdk.html

clif - is a command-line application fuzzer in Rust
https://www.reddit.com/r/netsec/comments/zpxaxz/clif_is_a_commandline_application_fuzzer_in_rust/

Linux File System Monitoring & Actions, (Tue, Dec 20th)
https://isc.sans.edu/diary/rss/29362

EDR evasion with hardware breakpoints
https://www.reddit.com/r/netsec/comments/zq3n2l/edr_evasion_with_hardware_breakpoints/

Ransomware (noun)
https://thecyberwire.com/podcasts/word-notes/130/notes

Intro to Embedded RE: UART Discovery and Firmware Extraction via UBoot
https://www.reddit.com/r/netsec/comments/zqcbis/intro_to_embedded_re_uart_discovery_and_firmware/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 21/12/2022

UAC-0142 APT targets Ukraine’s Delta military intelligence program
https://securityaffairs.co/wordpress/139859/intelligence/ukraine-delta-military-intelligence-attack.html

Trojanized Windows 10 Installers Hit Ukrainian Government
https://packetstormsecurity.com/news/view/34158/Trojanized-Windows-10-Installers-Hit-Ukrainian-Government.html

Validating Okta Access Tokens in Python with PyJWT
https://www.reddit.com/r/netsec/comments/zqyuz3/validating_okta_access_tokens_in_python_with_pyjwt/

Russia-linked Gamaredon APT targeted a petroleum refining company in a NATO nation in August
https://securityaffairs.co/wordpress/139848/apt/gamaredon-petroleum-refining-company.html

Bypass iOS backup's TCC protection
https://www.reddit.com/r/netsec/comments/zquz59/bypass_ios_backups_tcc_protection/

Ukraine at D+299: Cyber operations 300 days into the war.
https://thecyberwire.com/stories/549772f3116643568315ed386e90ce3f/ukraine-at-d299

Malwarebytes earns AV-TEST Top Product awards for fourth consecutive quarter
https://www.malwarebytes.com/blog/business/2022/12/malwarebytes-earns-av-test-top-product-awards-for-fourth-consecutive-quarter

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/20-12-2022

OSV-Scanner: A vulnerability scanner written in Go which uses the data provided by OSV.dev
https://www.reddit.com/r/netsec/comments/zqjdu6/osvscanner_a_vulnerability_scanner_written_in_go/

DraftKings discloses breach. Bathroomba? 3rd-party breach in New Zealand insurer. Notes on Play ransomware.
https://thecyberwire.com/podcasts/privacy-briefing/733/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman