Top Security News for 07/12/2022
ISC StormCast for Wednesday, December 7th, 2022
https://isc.sans.edu/podcastdetail.html?id=8280
ISC Stormcast For Wednesday, December 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8280, (Wed, Dec 7th)
https://malware.news/t/isc-stormcast-for-wednesday-december-7th-2022-https-isc-sans-edu-podcastdetail-html-id-8280-wed-dec-7th/65539#post_1
Sophos fixed a critical flaw in its Sophos Firewall version 19.5
https://securityaffairs.co/wordpress/139362/security/sophos-firewall-critical-flaw.html
The changing role of the MITRE ATT@CK framework
https://www.csoonline.com/article/3681990/the-changing-role-of-the-mitre-att-ck-framework.html#tk.rss_all
Containers, Security, and Risks within Containerized Environments
https://securityintelligence.com/posts/containers-security-risks-containerized-environments/
ISC Stormcast For Wednesday, December 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8280, (Wed, Dec 7th)
https://isc.sans.edu/diary/rss/29310
Cyberespionage, privateering, hacktivism and influence operations, in Ukraine, Russia, the Middle East, and elsewhere. Criminals need quality control, too. A new entry in CISA’s KEV Catalog.
https://thecyberwire.com/podcasts/daily-podcast/1717/notes
Darknet's Largest Mobile Malware Marketplace Threatens Users Worldwide
https://thehackernews.com/2022/12/darknets-largest-mobile-malware.html
Telcom and BPO Companies Under Attack by SIM Swapping Hackers
https://thehackernews.com/2022/12/telcom-and-bpo-companies-under-attack.html
Want To Detect Cobalt Strike On The Network? Look To Process Memory
https://packetstormsecurity.com/news/view/34112/Want-To-Detect-Cobalt-Strike-On-The-Network-Look-To-Process-Memory.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC StormCast for Wednesday, December 7th, 2022
https://isc.sans.edu/podcastdetail.html?id=8280
ISC Stormcast For Wednesday, December 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8280, (Wed, Dec 7th)
https://malware.news/t/isc-stormcast-for-wednesday-december-7th-2022-https-isc-sans-edu-podcastdetail-html-id-8280-wed-dec-7th/65539#post_1
Sophos fixed a critical flaw in its Sophos Firewall version 19.5
https://securityaffairs.co/wordpress/139362/security/sophos-firewall-critical-flaw.html
The changing role of the MITRE ATT@CK framework
https://www.csoonline.com/article/3681990/the-changing-role-of-the-mitre-att-ck-framework.html#tk.rss_all
Containers, Security, and Risks within Containerized Environments
https://securityintelligence.com/posts/containers-security-risks-containerized-environments/
ISC Stormcast For Wednesday, December 7th, 2022 https://isc.sans.edu/podcastdetail.html?id=8280, (Wed, Dec 7th)
https://isc.sans.edu/diary/rss/29310
Cyberespionage, privateering, hacktivism and influence operations, in Ukraine, Russia, the Middle East, and elsewhere. Criminals need quality control, too. A new entry in CISA’s KEV Catalog.
https://thecyberwire.com/podcasts/daily-podcast/1717/notes
Darknet's Largest Mobile Malware Marketplace Threatens Users Worldwide
https://thehackernews.com/2022/12/darknets-largest-mobile-malware.html
Telcom and BPO Companies Under Attack by SIM Swapping Hackers
https://thehackernews.com/2022/12/telcom-and-bpo-companies-under-attack.html
Want To Detect Cobalt Strike On The Network? Look To Process Memory
https://packetstormsecurity.com/news/view/34112/Want-To-Detect-Cobalt-Strike-On-The-Network-Look-To-Process-Memory.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Wednesday, December 7th, 2022 - SANS ISC
Top Security News for 08/12/2022
Trojan analysis
https://www.reddit.com/r/Malware/comments/zfh5uh/trojan_analysis/
Follow the money along the blockchain.
https://thecyberwire.com/podcasts/caveat/152/notes
An Artist Used Pokémon Go Technology to Sell ‘Crypto Cocaine’ NFTs in Art Basel Bathrooms
https://www.vice.com/en_us/article/93ajye/a-ton-of-coke-crypto-cocaine-nfts-art-basel-festival-miami
Apple announces new security and privacy measures amid surge in cyber-attacks
https://www.theguardian.com/technology/2022/dec/07/apple-new-security-privacy-measures-spike-cyber-attacks
Android 13 Image Now Available
https://malware.news/t/android-13-image-now-available/65568#post_1
Do not get your news on social media.
https://thecyberwire.com/podcasts/hacking-humans/223/notes
South Pacific Vacations May Be Wrecked By Ransomware
https://packetstormsecurity.com/news/view/34120/South-Pacific-Vacations-May-Be-Wrecked-By-Ransomware.html
Ransomware, third-party risk, cyberespionage, social engineering, and a software supply-chain threat..
https://thecyberwire.com/podcasts/daily-podcast/1718/notes
ISC StormCast for Thursday, December 8th, 2022
https://isc.sans.edu/podcastdetail.html?id=8282
ASEC Weekly Phishing Email Threat Trend (November 20th, 2022 – November 26th, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trend-november-20th-2022-november-26th-2022/65569#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Trojan analysis
https://www.reddit.com/r/Malware/comments/zfh5uh/trojan_analysis/
Follow the money along the blockchain.
https://thecyberwire.com/podcasts/caveat/152/notes
An Artist Used Pokémon Go Technology to Sell ‘Crypto Cocaine’ NFTs in Art Basel Bathrooms
https://www.vice.com/en_us/article/93ajye/a-ton-of-coke-crypto-cocaine-nfts-art-basel-festival-miami
Apple announces new security and privacy measures amid surge in cyber-attacks
https://www.theguardian.com/technology/2022/dec/07/apple-new-security-privacy-measures-spike-cyber-attacks
Android 13 Image Now Available
https://malware.news/t/android-13-image-now-available/65568#post_1
Do not get your news on social media.
https://thecyberwire.com/podcasts/hacking-humans/223/notes
South Pacific Vacations May Be Wrecked By Ransomware
https://packetstormsecurity.com/news/view/34120/South-Pacific-Vacations-May-Be-Wrecked-By-Ransomware.html
Ransomware, third-party risk, cyberespionage, social engineering, and a software supply-chain threat..
https://thecyberwire.com/podcasts/daily-podcast/1718/notes
ISC StormCast for Thursday, December 8th, 2022
https://isc.sans.edu/podcastdetail.html?id=8282
ASEC Weekly Phishing Email Threat Trend (November 20th, 2022 – November 26th, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trend-november-20th-2022-november-26th-2022/65569#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Trojan analysis
I found a VB script file tagged as a trojan by many AV on a pc that I remotely fixed today. I'd like to import it on my pc for studying because I...
Top Security News for 09/12/2022
COVID-bit: New COVert Channel to Exfiltrate Data from Air-Gapped Computers
https://thehackernews.com/2022/12/covid-bit-new-covert-channel-to.html
Vehicle Identification Numbers reveal driver data via telematics
https://www.malwarebytes.com/blog/news/2022/12/vehicle-identification-numbers-reveal-driver-data-via-telematics
ISC StormCast for Friday, December 9th, 2022
https://isc.sans.edu/podcastdetail.html?id=8284
The IT Army of Ukraine claims VTB DDoS. DPRK exploits Internet Explorer vulnerability. New variant of Babuk ransomware reported. Blind spots in air-gapped networks. And, dog and cat hacking.
https://thecyberwire.com/podcasts/daily-podcast/1719/notes
Guy Who Wrote Minecraft's Ending Poem Makes It Public Domain After Taking Shrooms
https://www.vice.com/en_us/article/m7gn3q/guy-who-wrote-minecrafts-ending-poem-makes-it-public-domain-after-taking-shrooms
Using ChatGPT to Generate Phishing Campaigns
https://www.reddit.com/r/netsec/comments/zgkz7n/using_chatgpt_to_generate_phishing_campaigns/
5 SaaS security best practices
https://www.malwarebytes.com/blog/business/2022/12/5-saas-security-best-practices
2023 NDAA's cyber provisions. States vs. TikTok. Cyber incident reporting rules. Takedown orders in India.
https://thecyberwire.com/newsletters/policy-briefing/4/234
APT37 used Internet Explorer Zero-Day in a recent campaign
https://securityaffairs.co/wordpress/139403/apt/apt37-internet-explorer-zero-day.html
ISC Stormcast For Friday, December 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8284, (Fri, Dec 9th)
https://malware.news/t/isc-stormcast-for-friday-december-9th-2022-https-isc-sans-edu-podcastdetail-html-id-8284-fri-dec-9th/65612#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
COVID-bit: New COVert Channel to Exfiltrate Data from Air-Gapped Computers
https://thehackernews.com/2022/12/covid-bit-new-covert-channel-to.html
Vehicle Identification Numbers reveal driver data via telematics
https://www.malwarebytes.com/blog/news/2022/12/vehicle-identification-numbers-reveal-driver-data-via-telematics
ISC StormCast for Friday, December 9th, 2022
https://isc.sans.edu/podcastdetail.html?id=8284
The IT Army of Ukraine claims VTB DDoS. DPRK exploits Internet Explorer vulnerability. New variant of Babuk ransomware reported. Blind spots in air-gapped networks. And, dog and cat hacking.
https://thecyberwire.com/podcasts/daily-podcast/1719/notes
Guy Who Wrote Minecraft's Ending Poem Makes It Public Domain After Taking Shrooms
https://www.vice.com/en_us/article/m7gn3q/guy-who-wrote-minecrafts-ending-poem-makes-it-public-domain-after-taking-shrooms
Using ChatGPT to Generate Phishing Campaigns
https://www.reddit.com/r/netsec/comments/zgkz7n/using_chatgpt_to_generate_phishing_campaigns/
5 SaaS security best practices
https://www.malwarebytes.com/blog/business/2022/12/5-saas-security-best-practices
2023 NDAA's cyber provisions. States vs. TikTok. Cyber incident reporting rules. Takedown orders in India.
https://thecyberwire.com/newsletters/policy-briefing/4/234
APT37 used Internet Explorer Zero-Day in a recent campaign
https://securityaffairs.co/wordpress/139403/apt/apt37-internet-explorer-zero-day.html
ISC Stormcast For Friday, December 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8284, (Fri, Dec 9th)
https://malware.news/t/isc-stormcast-for-friday-december-9th-2022-https-isc-sans-edu-podcastdetail-html-id-8284-fri-dec-9th/65612#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Vehicle Identification Numbers reveal driver data via telematics
We take a look at reports of vehicle identification numbers being used to potentially reveal customer data through telematics.
Top Security News for 10/12/2022
Cobalt Mirage's Dokbk malware. Zombinder in the C2C market. Relief-themed impersonation scams.
https://thecyberwire.com/newsletters/daily-briefing/11/235
Epic Games introduces safer accounts for kids
https://www.malwarebytes.com/blog/news/2022/12/epic-games-places-child-accounts-into-a-security-cabinet
Cybersecurity during the World Cup.
https://thecyberwire.com/podcasts/research-saturday/261/notes
Why is Robust API Security Crucial in eCommerce?
https://thehackernews.com/2022/12/why-is-robust-api-security-crucial-in.html
This week's activities in cyber gangland. Trends in ransomware. Rackspace works to remediate a ransomware incident.
https://thecyberwire.com/newsletters/week-that-was/6/48
Researchers Detail New Attack Method to Bypass Popular Web Application Firewalls
https://thehackernews.com/2022/12/researchers-detail-new-attack-method-to.html
Pwn2Own Toronto 2022 Day 3: Participants earned nearly $1 million
https://securityaffairs.co/wordpress/139462/hacking/pwn2own-toronto-2022-day-3-participants-earned-nearly-1-million.html
EU court orders Google to remove false search results. Australia’s strategy for awakening from its cyber slumber. Netherlands to join US in Chinese tech export ban.
https://thecyberwire.com/newsletters/policy-briefing/4/235
Security Advisory for FreeBSD Ping Stack-Based Overflow CVE-2022-23093
https://malware.news/t/security-advisory-for-freebsd-ping-stack-based-overflow-cve-2022-23093/65633#post_1
Mike Hamilton, former CISO of Seattle discusses how $1 billion for cybersecurity funding will be difficult to distribute to state and local governments.
https://thecyberwire.com/podcasts/interview-selects/138/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Cobalt Mirage's Dokbk malware. Zombinder in the C2C market. Relief-themed impersonation scams.
https://thecyberwire.com/newsletters/daily-briefing/11/235
Epic Games introduces safer accounts for kids
https://www.malwarebytes.com/blog/news/2022/12/epic-games-places-child-accounts-into-a-security-cabinet
Cybersecurity during the World Cup.
https://thecyberwire.com/podcasts/research-saturday/261/notes
Why is Robust API Security Crucial in eCommerce?
https://thehackernews.com/2022/12/why-is-robust-api-security-crucial-in.html
This week's activities in cyber gangland. Trends in ransomware. Rackspace works to remediate a ransomware incident.
https://thecyberwire.com/newsletters/week-that-was/6/48
Researchers Detail New Attack Method to Bypass Popular Web Application Firewalls
https://thehackernews.com/2022/12/researchers-detail-new-attack-method-to.html
Pwn2Own Toronto 2022 Day 3: Participants earned nearly $1 million
https://securityaffairs.co/wordpress/139462/hacking/pwn2own-toronto-2022-day-3-participants-earned-nearly-1-million.html
EU court orders Google to remove false search results. Australia’s strategy for awakening from its cyber slumber. Netherlands to join US in Chinese tech export ban.
https://thecyberwire.com/newsletters/policy-briefing/4/235
Security Advisory for FreeBSD Ping Stack-Based Overflow CVE-2022-23093
https://malware.news/t/security-advisory-for-freebsd-ping-stack-based-overflow-cve-2022-23093/65633#post_1
Mike Hamilton, former CISO of Seattle discusses how $1 billion for cybersecurity funding will be difficult to distribute to state and local governments.
https://thecyberwire.com/podcasts/interview-selects/138/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Cobalt Mirage's Dokbk malware. Zombinder in the C2C market. Relief-themed impersonation scams.
Cobalt Mirage deploys Drokbk malware. Zombinder in the C2C market. Impersonation scams: that's not Ukraine’s Ministry of Digital Transformation. On the cyber front, nothing new. CISA releases three ICS advisories.
Top Security News for 11/12/2022
Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant
https://thehackernews.com/2022/12/hack-for-hire-group-targets-travel-and.html
Telstra sorry for publishing up to 130,000 customers’ details online
https://www.theguardian.com/business/2022/dec/11/telstra-sorry-for-publishing-up-to-130000-customers-details-online
US HHS warns healthcare orgs of Royal Ransomware attacks
https://securityaffairs.co/wordpress/139486/cyber-crime/us-hhs-royal-ransomware-attacks.html
Diamond industry under attack – Week in security with Tony Anscombe
https://malware.news/t/diamond-industry-under-attack-week-in-security-with-tony-anscombe/65635#post_1
At least 4,460 vulnerable Pulse Connect Secure hosts are exposed to the Internet
https://securityaffairs.co/wordpress/139491/security/pulse-connect-secure-vulnerbale-hosts.html
Can Machines Create Truly Authentic Content?
https://malware.news/t/can-machines-create-truly-authentic-content/65638#post_1
Someone on a Discord DM tried to get me to install malware from a website, can I report this somehow?
https://www.reddit.com/r/Malware/comments/zhwg81/someone_on_a_discord_dm_tried_to_get_me_to/
Yara rules collection
https://malware.news/t/yara-rules-collection/65636#post_1
Mobile Bug Bounty Hunting? Enter BLE – Cybervelia
https://www.reddit.com/r/netsec/comments/zhnaeo/mobile_bug_bounty_hunting_enter_ble_cybervelia/
Deep Dive: PIPEDREAM/Incontroller ICS Attack Framework
https://malware.news/t/deep-dive-pipedream-incontroller-ics-attack-framework/65637#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant
https://thehackernews.com/2022/12/hack-for-hire-group-targets-travel-and.html
Telstra sorry for publishing up to 130,000 customers’ details online
https://www.theguardian.com/business/2022/dec/11/telstra-sorry-for-publishing-up-to-130000-customers-details-online
US HHS warns healthcare orgs of Royal Ransomware attacks
https://securityaffairs.co/wordpress/139486/cyber-crime/us-hhs-royal-ransomware-attacks.html
Diamond industry under attack – Week in security with Tony Anscombe
https://malware.news/t/diamond-industry-under-attack-week-in-security-with-tony-anscombe/65635#post_1
At least 4,460 vulnerable Pulse Connect Secure hosts are exposed to the Internet
https://securityaffairs.co/wordpress/139491/security/pulse-connect-secure-vulnerbale-hosts.html
Can Machines Create Truly Authentic Content?
https://malware.news/t/can-machines-create-truly-authentic-content/65638#post_1
Someone on a Discord DM tried to get me to install malware from a website, can I report this somehow?
https://www.reddit.com/r/Malware/comments/zhwg81/someone_on_a_discord_dm_tried_to_get_me_to/
Yara rules collection
https://malware.news/t/yara-rules-collection/65636#post_1
Mobile Bug Bounty Hunting? Enter BLE – Cybervelia
https://www.reddit.com/r/netsec/comments/zhnaeo/mobile_bug_bounty_hunting_enter_ble_cybervelia/
Deep Dive: PIPEDREAM/Incontroller ICS Attack Framework
https://malware.news/t/deep-dive-pipedream-incontroller-ics-attack-framework/65637#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
the Guardian
Telstra sorry for publishing up to 130,000 customers’ details online
Release of names, numbers and addresses of some unlisted customers was not due to cyber-attack
Top Security News for 12/12/2022
Virtual/Fractional CISOs
https://thecyberwire.com/podcasts/cso-perspectives/94/notes
IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&CK matrix related
https://www.reddit.com/r/netsec/comments/zjn894/iatelligence_is_a_python_script_that_will_extract/
ISC Stormcast For Monday, December 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8286, (Mon, Dec 12th)
https://malware.news/t/isc-stormcast-for-monday-december-12th-2022-https-isc-sans-edu-podcastdetail-html-id-8286-mon-dec-12th/65641#post_1
Open Now: 2022 SANS Holiday Hack Challenge & KringleCon, (Sat, Dec 10th)
https://malware.news/t/xa-open-now-2022-sans-holiday-hack-challenge-kringlecon-sat-dec-10th/65640#post_1
Christmas is coming – must be time for another Amazon scam
https://malware.news/t/christmas-is-coming-must-be-time-for-another-amazon-scam/65642#post_1
Quickie: CyberChef Sorting By String Length, (Sun, Dec 11th)
https://isc.sans.edu/diary/rss/29328
Controlled Folder Access blocked action
https://www.reddit.com/r/Malware/comments/zjo1we/controlled_folder_access_blocked_action/
MuddyWater APT group is back with updated TTPs
https://securityaffairs.co/wordpress/139505/apt/muddywater-changs-ttps.html
Pwn2Own Toronto 2022 Day 4: $989K awarded for 63 unique zero-days
https://securityaffairs.co/wordpress/139516/hacking/pwn2own-toronto-2022-day4.html

Open Now: 2022 SANS Holiday Hack Challenge & KringleCon, (Sat, Dec 10th)
https://isc.sans.edu/diary/rss/29326
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Virtual/Fractional CISOs
https://thecyberwire.com/podcasts/cso-perspectives/94/notes
IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&CK matrix related
https://www.reddit.com/r/netsec/comments/zjn894/iatelligence_is_a_python_script_that_will_extract/
ISC Stormcast For Monday, December 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8286, (Mon, Dec 12th)
https://malware.news/t/isc-stormcast-for-monday-december-12th-2022-https-isc-sans-edu-podcastdetail-html-id-8286-mon-dec-12th/65641#post_1
Open Now: 2022 SANS Holiday Hack Challenge & KringleCon, (Sat, Dec 10th)
https://malware.news/t/xa-open-now-2022-sans-holiday-hack-challenge-kringlecon-sat-dec-10th/65640#post_1
Christmas is coming – must be time for another Amazon scam
https://malware.news/t/christmas-is-coming-must-be-time-for-another-amazon-scam/65642#post_1
Quickie: CyberChef Sorting By String Length, (Sun, Dec 11th)
https://isc.sans.edu/diary/rss/29328
Controlled Folder Access blocked action
https://www.reddit.com/r/Malware/comments/zjo1we/controlled_folder_access_blocked_action/
MuddyWater APT group is back with updated TTPs
https://securityaffairs.co/wordpress/139505/apt/muddywater-changs-ttps.html
Pwn2Own Toronto 2022 Day 4: $989K awarded for 63 unique zero-days
https://securityaffairs.co/wordpress/139516/hacking/pwn2own-toronto-2022-day4.html

Open Now: 2022 SANS Holiday Hack Challenge & KringleCon, (Sat, Dec 10th)
https://isc.sans.edu/diary/rss/29326
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Virtual/Fractional CISOs
Todd Inskeep, the Founder & Sr Managing Director at Incovate Solutions, discusses the evolution of CISO role.
Top Security News for 13/12/2022
ISC Stormcast For Tuesday, December 13th, 2022 https://isc.sans.edu/podcastdetail.html?id=8288, (Tue, Dec 13th)
https://isc.sans.edu/diary/rss/29332
Iranian hacking group uses compromised email accounts to distribute MSP remote access tool
https://www.malwarebytes.com/blog/news/2022/12/iranian-hacking-group-uses-compromised-email-accounts-to-distribute-msp-remote-access-tool
A week in security (December 5 - 11)
https://www.malwarebytes.com/blog/news/2022/12/a-week-in-security-december-5-11
Your Life, Their Profit: Buyer Awareness in the 21st Century
https://thecyberwire.com/podcasts/8th-layer-insights/28/notes
Anti-trust action and tech mergers. Twitter’s open access strategy. CISA’s 2023 goals. Japan plans a more assertive cyberstrategy.
https://thecyberwire.com/newsletters/policy-briefing/4/236
Hacking the Met.
https://thecyberwire.com/stories/900613a4a7b643d0a5d1b0aec5c50855/hacking-the-met
Data breaches at COVaxON and Vevor. Indian privacy vs. bots. AirAsia ransomware investigation.
https://thecyberwire.com/newsletters/privacy-briefing/4/236
Fortinet urges customers to fix actively exploited FortiOS SSL-VPN bug
https://securityaffairs.co/wordpress/139569/hacking/fortinet-fortios-ssl-vpn-bug.html
ASEC Weekly Phishing Email Threat Trends (November 27th, 2022 – December 3rd, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-november-27th-2022-december-3rd-2022/65670#post_1
Twitter Auctioning Off Fancy Chairs, Espresso Machines, $10,000 Meat Slicer in HQ Clear-Out
https://www.vice.com/en_us/article/4axmbn/twitter-auctioning-off-fancy-chairs-espresso-machines-dollar10000-meat-slicer-in-hq-clear-out
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Tuesday, December 13th, 2022 https://isc.sans.edu/podcastdetail.html?id=8288, (Tue, Dec 13th)
https://isc.sans.edu/diary/rss/29332
Iranian hacking group uses compromised email accounts to distribute MSP remote access tool
https://www.malwarebytes.com/blog/news/2022/12/iranian-hacking-group-uses-compromised-email-accounts-to-distribute-msp-remote-access-tool
A week in security (December 5 - 11)
https://www.malwarebytes.com/blog/news/2022/12/a-week-in-security-december-5-11
Your Life, Their Profit: Buyer Awareness in the 21st Century
https://thecyberwire.com/podcasts/8th-layer-insights/28/notes
Anti-trust action and tech mergers. Twitter’s open access strategy. CISA’s 2023 goals. Japan plans a more assertive cyberstrategy.
https://thecyberwire.com/newsletters/policy-briefing/4/236
Hacking the Met.
https://thecyberwire.com/stories/900613a4a7b643d0a5d1b0aec5c50855/hacking-the-met
Data breaches at COVaxON and Vevor. Indian privacy vs. bots. AirAsia ransomware investigation.
https://thecyberwire.com/newsletters/privacy-briefing/4/236
Fortinet urges customers to fix actively exploited FortiOS SSL-VPN bug
https://securityaffairs.co/wordpress/139569/hacking/fortinet-fortios-ssl-vpn-bug.html
ASEC Weekly Phishing Email Threat Trends (November 27th, 2022 – December 3rd, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-november-27th-2022-december-3rd-2022/65670#post_1
Twitter Auctioning Off Fancy Chairs, Espresso Machines, $10,000 Meat Slicer in HQ Clear-Out
https://www.vice.com/en_us/article/4axmbn/twitter-auctioning-off-fancy-chairs-espresso-machines-dollar10000-meat-slicer-in-hq-clear-out
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Tuesday, December 13th, 2022 - SANS ISC
Top Security News for 14/12/2022
Microsoft Patch Tuesday fixes six critical vulnerabilities
https://malware.news/t/microsoft-patch-tuesday-fixes-six-critical-vulnerabilities/65717#post_1
Exploiting CVE-2022-42703 - Bringing back the stack attack
https://www.reddit.com/r/lowlevel/comments/zge0om/exploiting_cve202242703_bringing_back_the_stack/
Cybersecurity Experts Uncover Inner Workings of Destructive Azov Ransomware
https://thehackernews.com/2022/12/cybersecurity-experts-uncover-inner.html
Citrix and NSA urge admins to fix actively exploited zero-day in Citrix ADC and Gateway
https://securityaffairs.co/wordpress/139609/apt/citrix-adc-gateway-cve-2022-27518.html
Serious Attacks Could Have Been Staged Through This Amazon ECR Public Gallery Vulnerability
https://thehackernews.com/2022/12/serious-attacks-could-have-been-staged.html
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/13-12-2022
Security Alert: Microsoft Releases December 2022 Security Updates
https://malware.news/t/security-alert-microsoft-releases-december-2022-security-updates/65720#post_1
ISC Stormcast For Wednesday, December 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8290, (Wed, Dec 14th)
https://malware.news/t/isc-stormcast-for-wednesday-december-14th-2022-https-isc-sans-edu-podcastdetail-html-id-8290-wed-dec-14th/65721#post_1
ISC Stormcast For Wednesday, December 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8290, (Wed, Dec 14th)
https://isc.sans.edu/diary/rss/29342
PCI Secure Software Standard version 1.2 sets out new payment security requirements
https://www.csoonline.com/article/3682656/pci-secure-software-standard-version-1-2-sets-out-new-payment-security-requirements.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Microsoft Patch Tuesday fixes six critical vulnerabilities
https://malware.news/t/microsoft-patch-tuesday-fixes-six-critical-vulnerabilities/65717#post_1
Exploiting CVE-2022-42703 - Bringing back the stack attack
https://www.reddit.com/r/lowlevel/comments/zge0om/exploiting_cve202242703_bringing_back_the_stack/
Cybersecurity Experts Uncover Inner Workings of Destructive Azov Ransomware
https://thehackernews.com/2022/12/cybersecurity-experts-uncover-inner.html
Citrix and NSA urge admins to fix actively exploited zero-day in Citrix ADC and Gateway
https://securityaffairs.co/wordpress/139609/apt/citrix-adc-gateway-cve-2022-27518.html
Serious Attacks Could Have Been Staged Through This Amazon ECR Public Gallery Vulnerability
https://thehackernews.com/2022/12/serious-attacks-could-have-been-staged.html
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/13-12-2022
Security Alert: Microsoft Releases December 2022 Security Updates
https://malware.news/t/security-alert-microsoft-releases-december-2022-security-updates/65720#post_1
ISC Stormcast For Wednesday, December 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8290, (Wed, Dec 14th)
https://malware.news/t/isc-stormcast-for-wednesday-december-14th-2022-https-isc-sans-edu-podcastdetail-html-id-8290-wed-dec-14th/65721#post_1
ISC Stormcast For Wednesday, December 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8290, (Wed, Dec 14th)
https://isc.sans.edu/diary/rss/29342
PCI Secure Software Standard version 1.2 sets out new payment security requirements
https://www.csoonline.com/article/3682656/pci-secure-software-standard-version-1-2-sets-out-new-payment-security-requirements.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Microsoft Patch Tuesday fixes six critical vulnerabilities
One moderate vulnerability already exploited impacts the Windows SmartScreen Security Feature Article Link: Microsoft Patch Tuesday fixes six critical vulnerabilities | ZDNET
👍1
Top Security News for 16/12/2022
PyPI malware creators starting to employ Anti-Debug techniques
https://www.reddit.com/r/netsec/comments/zmfkoz/pypi_malware_creators_starting_to_employ/
Microsoft revised CVE-2022-37958 severity due to its broader scope
https://securityaffairs.co/wordpress/139709/hacking/microsoft-revised-cve-2022-37958-rate.html
ISC StormCast for Friday, December 16th, 2022
https://isc.sans.edu/podcastdetail.html?id=8294
A vulnerability in the UMPD (User-Mode Printer Drivers) allows local users to trigger a use-after-free vulnerability. The vulnerability works from Windows 8 and above, and is fairly easy to exploit on older Windows machines.
https://www.reddit.com/r/netsec/comments/zmnt6b/a_vulnerability_in_the_umpd_usermode_printer/
Meta summarizes 2022 action against coordinated inauthenticity. President Putin lies low. Russian troll farms like Kid Rock.
https://thecyberwire.com/newsletters/disinformation-briefing/4/49
Combined SOC Webinar Q&A: From EDR to ITDR and ASO … and ChatGPT
https://medium.com/anton-on-security/combined-soc-webinar-q-a-from-edr-to-itdr-and-aso-95ecec02782?source=rss----8e8c3ed26c4c---4
Uber data stolen via third-party vendor
https://www.malwarebytes.com/blog/news/2022/12/uber-breached-via-attack-against-its-vendor
Windows: Still insecure after all these years
https://malware.news/t/windows-still-insecure-after-all-these-years/65798#post_1
Is an outsourced SOC worth it? Looking at the ROI of MDR
https://www.malwarebytes.com/blog/business/2022/12/are-outsourced-soc-services-worth-it-looking-at-the-roi-of-mdr
Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as 'Critical'
https://thehackernews.com/2022/12/microsoft-reclassifies-spnego-extended.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
PyPI malware creators starting to employ Anti-Debug techniques
https://www.reddit.com/r/netsec/comments/zmfkoz/pypi_malware_creators_starting_to_employ/
Microsoft revised CVE-2022-37958 severity due to its broader scope
https://securityaffairs.co/wordpress/139709/hacking/microsoft-revised-cve-2022-37958-rate.html
ISC StormCast for Friday, December 16th, 2022
https://isc.sans.edu/podcastdetail.html?id=8294
A vulnerability in the UMPD (User-Mode Printer Drivers) allows local users to trigger a use-after-free vulnerability. The vulnerability works from Windows 8 and above, and is fairly easy to exploit on older Windows machines.
https://www.reddit.com/r/netsec/comments/zmnt6b/a_vulnerability_in_the_umpd_usermode_printer/
Meta summarizes 2022 action against coordinated inauthenticity. President Putin lies low. Russian troll farms like Kid Rock.
https://thecyberwire.com/newsletters/disinformation-briefing/4/49
Combined SOC Webinar Q&A: From EDR to ITDR and ASO … and ChatGPT
https://medium.com/anton-on-security/combined-soc-webinar-q-a-from-edr-to-itdr-and-aso-95ecec02782?source=rss----8e8c3ed26c4c---4
Uber data stolen via third-party vendor
https://www.malwarebytes.com/blog/news/2022/12/uber-breached-via-attack-against-its-vendor
Windows: Still insecure after all these years
https://malware.news/t/windows-still-insecure-after-all-these-years/65798#post_1
Is an outsourced SOC worth it? Looking at the ROI of MDR
https://www.malwarebytes.com/blog/business/2022/12/are-outsourced-soc-services-worth-it-looking-at-the-roi-of-mdr
Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as 'Critical'
https://thehackernews.com/2022/12/microsoft-reclassifies-spnego-extended.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
PyPI malware creators starting to employ Anti-Debug techniques
Posted in r/netsec by u/SRMish3 • 0 points and 0 comments
Top Security News for 17/12/2022
Virtual kidnapping scam strikes again. Spot the signs
https://www.malwarebytes.com/blog/news/2022/12/virtual-kidnapping-scam-strikes-again-spot-the-signs
Worldwide law enforcement action takes down major DDoS booter services
https://www.malwarebytes.com/blog/news/2022/12/worldwide-law-enforcement-action-takes-down-major-ddos-booter-services
Writing My first SpyWare for learning C/C++
https://0x00sec.org/t/writing-my-first-spyware-for-learning-c-c/32521
5 Ways to Improve Holiday Retail and Wholesale Cybersecurity
https://securityintelligence.com/articles/5-improvements-retail-wholesale-holiday-cybersecurity/
Cyber Security Is Not a Losing Game – If You Start Right Now
https://thehackernews.com/2022/12/cyber-security-is-not-losing-game-if.html
Senator Asks Gabe Newell Why Steam Hosts So Much Neo-Nazi Content
https://www.vice.com/en_us/article/dy79na/senator-asks-gabe-newell-why-steam-hosts-so-much-neo-nazi-content
Critical Vulnerability Found in Sovrin, a Popular Decentralized Identity System
https://www.reddit.com/r/netsec/comments/zn7tuz/critical_vulnerability_found_in_sovrin_a_popular/
Clare O’Neil on national security amid cyber hacks and threats to democracy
https://www.theguardian.com/australia-news/audio/2022/dec/17/clare-oneil-on-national-security-amid-cyber-hacks-and-threats-to-democracy
Update now! Apple patches active exploit vulnerability for iPhones
https://www.malwarebytes.com/blog/news/2022/12/update-now-apple-patches-active-exploit-vulnerability-for-iphones
Worldwide law enforcement action takes down major DDoS booter services
https://malware.news/t/worldwide-law-enforcement-action-takes-down-major-ddos-booter-services/65822#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Virtual kidnapping scam strikes again. Spot the signs
https://www.malwarebytes.com/blog/news/2022/12/virtual-kidnapping-scam-strikes-again-spot-the-signs
Worldwide law enforcement action takes down major DDoS booter services
https://www.malwarebytes.com/blog/news/2022/12/worldwide-law-enforcement-action-takes-down-major-ddos-booter-services
Writing My first SpyWare for learning C/C++
https://0x00sec.org/t/writing-my-first-spyware-for-learning-c-c/32521
5 Ways to Improve Holiday Retail and Wholesale Cybersecurity
https://securityintelligence.com/articles/5-improvements-retail-wholesale-holiday-cybersecurity/
Cyber Security Is Not a Losing Game – If You Start Right Now
https://thehackernews.com/2022/12/cyber-security-is-not-losing-game-if.html
Senator Asks Gabe Newell Why Steam Hosts So Much Neo-Nazi Content
https://www.vice.com/en_us/article/dy79na/senator-asks-gabe-newell-why-steam-hosts-so-much-neo-nazi-content
Critical Vulnerability Found in Sovrin, a Popular Decentralized Identity System
https://www.reddit.com/r/netsec/comments/zn7tuz/critical_vulnerability_found_in_sovrin_a_popular/
Clare O’Neil on national security amid cyber hacks and threats to democracy
https://www.theguardian.com/australia-news/audio/2022/dec/17/clare-oneil-on-national-security-amid-cyber-hacks-and-threats-to-democracy
Update now! Apple patches active exploit vulnerability for iPhones
https://www.malwarebytes.com/blog/news/2022/12/update-now-apple-patches-active-exploit-vulnerability-for-iphones
Worldwide law enforcement action takes down major DDoS booter services
https://malware.news/t/worldwide-law-enforcement-action-takes-down-major-ddos-booter-services/65822#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Virtual kidnapping scam strikes again. Spot the signs
A recent scam has been making the rounds that attempts to fool you into thinking a loved one has been kidnapped.
Top Security News for 18/12/2022
Samba addressed multiple high-severity vulnerabilities
https://securityaffairs.co/wordpress/139760/hacking/samba-multiple-flaws.html
Exploiting API Framework Flexibility
https://www.reddit.com/r/netsec/comments/zo3lts/exploiting_api_framework_flexibility/
State-sponsored activity (and defenses against it). Breaches, ransomware, and social engineering. SHA-1 retired.
https://thecyberwire.com/newsletters/week-that-was/6/49
Strategies to get the most out of your toolsets.
https://thecyberwire.com/podcasts/cyberwire-x/43/notes
CyberChef & Entropy, (Sat, Dec 17th)
https://isc.sans.edu/diary/rss/29352
[QuickNote] VidarStealer Analysis
https://malware.news/t/quicknote-vidarstealer-analysis/65824#post_1
PortexAnalyzer GUI Released
https://www.reddit.com/r/Malware/comments/zo75br/portexanalyzer_gui_released/
Google Takes Gmail Security to the Next Level with Client-Side Encryption
https://thehackernews.com/2022/12/gmail-encryption.html
Writing x64dbg plugins
https://malware.news/t/writing-x64dbg-plugins/65826#post_1
Update: zipdump.py Version 0.0.23
https://malware.news/t/update-zipdump-py-version-0-0-23/65828#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Samba addressed multiple high-severity vulnerabilities
https://securityaffairs.co/wordpress/139760/hacking/samba-multiple-flaws.html
Exploiting API Framework Flexibility
https://www.reddit.com/r/netsec/comments/zo3lts/exploiting_api_framework_flexibility/
State-sponsored activity (and defenses against it). Breaches, ransomware, and social engineering. SHA-1 retired.
https://thecyberwire.com/newsletters/week-that-was/6/49
Strategies to get the most out of your toolsets.
https://thecyberwire.com/podcasts/cyberwire-x/43/notes
CyberChef & Entropy, (Sat, Dec 17th)
https://isc.sans.edu/diary/rss/29352
[QuickNote] VidarStealer Analysis
https://malware.news/t/quicknote-vidarstealer-analysis/65824#post_1
PortexAnalyzer GUI Released
https://www.reddit.com/r/Malware/comments/zo75br/portexanalyzer_gui_released/
Google Takes Gmail Security to the Next Level with Client-Side Encryption
https://thehackernews.com/2022/12/gmail-encryption.html
Writing x64dbg plugins
https://malware.news/t/writing-x64dbg-plugins/65826#post_1
Update: zipdump.py Version 0.0.23
https://malware.news/t/update-zipdump-py-version-0-0-23/65828#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Samba addressed multiple high-severity vulnerabilities
Samba released updates to address multiple vulnerabilities that can be exploited to take control of impacted systems.
Top Security News for 19/12/2022
Cannot access specific websites (steam, blizzard)
https://www.reddit.com/r/Malware/comments/zpbfjv/cannot_access_specific_websites_steam_blizzard/
NAVY FEDERAL CREDIT UNION SITE PHISHED
https://www.reddit.com/r/Malware/comments/zp0rdc/navy_federal_credit_union_site_phished/
ISC Stormcast For Monday, December 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8296, (Mon, Dec 19th)
https://isc.sans.edu/diary/rss/29356
Don Pezet: Stepping stones are the start of your career.
https://thecyberwire.com/podcasts/career-notes/130/notes
Google announced end-to-end encryption for Gmail web
https://securityaffairs.co/wordpress/139778/security/end-to-end-encryption-gmail-web.html
IT security trends 2023 (part 2): Why iPhones are hackers' best friends, rootkits are celebrating a renaissance, and uncertainty is bad for IT security
https://malware.news/t/it-security-trends-2023-part-2-why-iphones-are-hackers-best-friends-rootkits-are-celebrating-a-renaissance-and-uncertainty-is-bad-for-it-security/65833#post_1
Infostealer Malware with Double Extension, (Sun, Dec 18th)
https://malware.news/t/infostealer-malware-with-double-extension-sun-dec-18th/65829#post_1
Port knocking from the scratch
https://www.reddit.com/r/netsec/comments/zpche7/port_knocking_from_the_scratch/
New tool: teeplus.py
https://malware.news/t/new-tool-teeplus-py/65830#post_1
Fire and rescue service in Victoria, Australia, confirms cyber attack
https://securityaffairs.co/wordpress/139764/cyber-crime/fire-service-victoria-australia-australia.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Cannot access specific websites (steam, blizzard)
https://www.reddit.com/r/Malware/comments/zpbfjv/cannot_access_specific_websites_steam_blizzard/
NAVY FEDERAL CREDIT UNION SITE PHISHED
https://www.reddit.com/r/Malware/comments/zp0rdc/navy_federal_credit_union_site_phished/
ISC Stormcast For Monday, December 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8296, (Mon, Dec 19th)
https://isc.sans.edu/diary/rss/29356
Don Pezet: Stepping stones are the start of your career.
https://thecyberwire.com/podcasts/career-notes/130/notes
Google announced end-to-end encryption for Gmail web
https://securityaffairs.co/wordpress/139778/security/end-to-end-encryption-gmail-web.html
IT security trends 2023 (part 2): Why iPhones are hackers' best friends, rootkits are celebrating a renaissance, and uncertainty is bad for IT security
https://malware.news/t/it-security-trends-2023-part-2-why-iphones-are-hackers-best-friends-rootkits-are-celebrating-a-renaissance-and-uncertainty-is-bad-for-it-security/65833#post_1
Infostealer Malware with Double Extension, (Sun, Dec 18th)
https://malware.news/t/infostealer-malware-with-double-extension-sun-dec-18th/65829#post_1
Port knocking from the scratch
https://www.reddit.com/r/netsec/comments/zpche7/port_knocking_from_the_scratch/
New tool: teeplus.py
https://malware.news/t/new-tool-teeplus-py/65830#post_1
Fire and rescue service in Victoria, Australia, confirms cyber attack
https://securityaffairs.co/wordpress/139764/cyber-crime/fire-service-victoria-australia-australia.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Cannot access specific websites (steam, blizzard)
Ive been experience some issues lately with these 2 web sites. Few days ago I downloaded a program from some "illicit source". Turns out my...
Top Security News for 20/12/2022
Cybercrime (and Security) Predictions for 2023
https://thehackernews.com/2022/12/cybercrime-and-security-predictions-for.html
ISC Stormcast For Tuesday, December 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8298, (Tue, Dec 20th)
https://isc.sans.edu/diary/rss/29360
BrandPost: Overcoming the Top Technology, Process, and People Challenges Faced by CISOs
https://www.csoonline.com/article/3683828/overcoming-the-top-technology-process-and-people-challenges-faced-by-cisos.html#tk.rss_all
FTC Fines Fortnite Maker Epic Games $275 Million for Violating Children's Privacy Law
https://thehackernews.com/2022/12/ftc-fines-fortnite-maker-epic-games-275.html
Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware
https://securityaffairs.co/wordpress/139831/cyber-crime/malicious-pypi-package-sentinelone-sdk.html
clif - is a command-line application fuzzer in Rust
https://www.reddit.com/r/netsec/comments/zpxaxz/clif_is_a_commandline_application_fuzzer_in_rust/
Linux File System Monitoring & Actions, (Tue, Dec 20th)
https://isc.sans.edu/diary/rss/29362
EDR evasion with hardware breakpoints
https://www.reddit.com/r/netsec/comments/zq3n2l/edr_evasion_with_hardware_breakpoints/
Ransomware (noun)
https://thecyberwire.com/podcasts/word-notes/130/notes
Intro to Embedded RE: UART Discovery and Firmware Extraction via UBoot
https://www.reddit.com/r/netsec/comments/zqcbis/intro_to_embedded_re_uart_discovery_and_firmware/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Cybercrime (and Security) Predictions for 2023
https://thehackernews.com/2022/12/cybercrime-and-security-predictions-for.html
ISC Stormcast For Tuesday, December 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8298, (Tue, Dec 20th)
https://isc.sans.edu/diary/rss/29360
BrandPost: Overcoming the Top Technology, Process, and People Challenges Faced by CISOs
https://www.csoonline.com/article/3683828/overcoming-the-top-technology-process-and-people-challenges-faced-by-cisos.html#tk.rss_all
FTC Fines Fortnite Maker Epic Games $275 Million for Violating Children's Privacy Law
https://thehackernews.com/2022/12/ftc-fines-fortnite-maker-epic-games-275.html
Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware
https://securityaffairs.co/wordpress/139831/cyber-crime/malicious-pypi-package-sentinelone-sdk.html
clif - is a command-line application fuzzer in Rust
https://www.reddit.com/r/netsec/comments/zpxaxz/clif_is_a_commandline_application_fuzzer_in_rust/
Linux File System Monitoring & Actions, (Tue, Dec 20th)
https://isc.sans.edu/diary/rss/29362
EDR evasion with hardware breakpoints
https://www.reddit.com/r/netsec/comments/zq3n2l/edr_evasion_with_hardware_breakpoints/
Ransomware (noun)
https://thecyberwire.com/podcasts/word-notes/130/notes
Intro to Embedded RE: UART Discovery and Firmware Extraction via UBoot
https://www.reddit.com/r/netsec/comments/zqcbis/intro_to_embedded_re_uart_discovery_and_firmware/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Tuesday, December 20th, 2022 - SANS ISC
Top Security News for 21/12/2022
UAC-0142 APT targets Ukraine’s Delta military intelligence program
https://securityaffairs.co/wordpress/139859/intelligence/ukraine-delta-military-intelligence-attack.html
Trojanized Windows 10 Installers Hit Ukrainian Government
https://packetstormsecurity.com/news/view/34158/Trojanized-Windows-10-Installers-Hit-Ukrainian-Government.html
Validating Okta Access Tokens in Python with PyJWT
https://www.reddit.com/r/netsec/comments/zqyuz3/validating_okta_access_tokens_in_python_with_pyjwt/
Russia-linked Gamaredon APT targeted a petroleum refining company in a NATO nation in August
https://securityaffairs.co/wordpress/139848/apt/gamaredon-petroleum-refining-company.html
Bypass iOS backup's TCC protection
https://www.reddit.com/r/netsec/comments/zquz59/bypass_ios_backups_tcc_protection/
Ukraine at D+299: Cyber operations 300 days into the war.
https://thecyberwire.com/stories/549772f3116643568315ed386e90ce3f/ukraine-at-d299
Malwarebytes earns AV-TEST Top Product awards for fourth consecutive quarter
https://www.malwarebytes.com/blog/business/2022/12/malwarebytes-earns-av-test-top-product-awards-for-fourth-consecutive-quarter
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/20-12-2022
OSV-Scanner: A vulnerability scanner written in Go which uses the data provided by OSV.dev
https://www.reddit.com/r/netsec/comments/zqjdu6/osvscanner_a_vulnerability_scanner_written_in_go/
DraftKings discloses breach. Bathroomba? 3rd-party breach in New Zealand insurer. Notes on Play ransomware.
https://thecyberwire.com/podcasts/privacy-briefing/733/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
UAC-0142 APT targets Ukraine’s Delta military intelligence program
https://securityaffairs.co/wordpress/139859/intelligence/ukraine-delta-military-intelligence-attack.html
Trojanized Windows 10 Installers Hit Ukrainian Government
https://packetstormsecurity.com/news/view/34158/Trojanized-Windows-10-Installers-Hit-Ukrainian-Government.html
Validating Okta Access Tokens in Python with PyJWT
https://www.reddit.com/r/netsec/comments/zqyuz3/validating_okta_access_tokens_in_python_with_pyjwt/
Russia-linked Gamaredon APT targeted a petroleum refining company in a NATO nation in August
https://securityaffairs.co/wordpress/139848/apt/gamaredon-petroleum-refining-company.html
Bypass iOS backup's TCC protection
https://www.reddit.com/r/netsec/comments/zquz59/bypass_ios_backups_tcc_protection/
Ukraine at D+299: Cyber operations 300 days into the war.
https://thecyberwire.com/stories/549772f3116643568315ed386e90ce3f/ukraine-at-d299
Malwarebytes earns AV-TEST Top Product awards for fourth consecutive quarter
https://www.malwarebytes.com/blog/business/2022/12/malwarebytes-earns-av-test-top-product-awards-for-fourth-consecutive-quarter
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/20-12-2022
OSV-Scanner: A vulnerability scanner written in Go which uses the data provided by OSV.dev
https://www.reddit.com/r/netsec/comments/zqjdu6/osvscanner_a_vulnerability_scanner_written_in_go/
DraftKings discloses breach. Bathroomba? 3rd-party breach in New Zealand insurer. Notes on Play ransomware.
https://thecyberwire.com/podcasts/privacy-briefing/733/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
UAC-0142 APT targets Ukraine's Delta military intelligence program
Ukraine’s CERT-UA revealed the national Delta military intelligence program has been targeted with a malware-based attack.
Top Security News for 22/12/2022
Play ransomware group claims to have stolen hotel chain data
https://www.malwarebytes.com/blog/news/2022/12/play-ransomware-group-claims-to-have-stolen-h-hotel-data
EU scrutinizes Broadcom’s purchase of VMware. FDA urges Congress to address medical device cybersecurity. CISA funding to increase.
https://thecyberwire.com/newsletters/policy-briefing/4/243
Microsoft research uncovers new Zerobot capabilities
https://www.microsoft.com/en-us/security/blog/2022/12/21/microsoft-research-uncovers-new-zerobot-capabilities/
GitHub incident allowed attacker to copy Okta’s source code
https://malware.news/t/github-incident-allowed-attacker-to-copy-okta-s-source-code/65940#post_1
Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days
https://securityaffairs.co/wordpress/139885/data-breach/shoemaker-ecco-data-leaks.html
Exchange OWASSRF Exploited for Remote Code Execution, (Thu, Dec 22nd)
https://malware.news/t/exchange-owassrf-exploited-for-remote-code-execution-thu-dec-22nd/65941#post_1
Beware of What Is Lurking in the Shadows of Your IT
https://securityintelligence.com/posts/beware-lurking-shadows-it/
Guardian Newspaper Hit By Suspected Ransomware Attack
https://packetstormsecurity.com/news/view/34160/Guardian-Newspaper-Hit-By-Suspected-Ransomware-Attack.html
Raspberry Robin Worm Strikes Again, Targeting Telecom and Government Systems
https://thehackernews.com/2022/12/raspberry-robin-worm-strikes-again.html
ISC Stormcast For Thursday, December 22nd, 2022 https://isc.sans.edu/podcastdetail.html?id=8302, (Thu, Dec 22nd)
https://isc.sans.edu/diary/rss/29372
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Play ransomware group claims to have stolen hotel chain data
https://www.malwarebytes.com/blog/news/2022/12/play-ransomware-group-claims-to-have-stolen-h-hotel-data
EU scrutinizes Broadcom’s purchase of VMware. FDA urges Congress to address medical device cybersecurity. CISA funding to increase.
https://thecyberwire.com/newsletters/policy-briefing/4/243
Microsoft research uncovers new Zerobot capabilities
https://www.microsoft.com/en-us/security/blog/2022/12/21/microsoft-research-uncovers-new-zerobot-capabilities/
GitHub incident allowed attacker to copy Okta’s source code
https://malware.news/t/github-incident-allowed-attacker-to-copy-okta-s-source-code/65940#post_1
Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days
https://securityaffairs.co/wordpress/139885/data-breach/shoemaker-ecco-data-leaks.html
Exchange OWASSRF Exploited for Remote Code Execution, (Thu, Dec 22nd)
https://malware.news/t/exchange-owassrf-exploited-for-remote-code-execution-thu-dec-22nd/65941#post_1
Beware of What Is Lurking in the Shadows of Your IT
https://securityintelligence.com/posts/beware-lurking-shadows-it/
Guardian Newspaper Hit By Suspected Ransomware Attack
https://packetstormsecurity.com/news/view/34160/Guardian-Newspaper-Hit-By-Suspected-Ransomware-Attack.html
Raspberry Robin Worm Strikes Again, Targeting Telecom and Government Systems
https://thehackernews.com/2022/12/raspberry-robin-worm-strikes-again.html
ISC Stormcast For Thursday, December 22nd, 2022 https://isc.sans.edu/podcastdetail.html?id=8302, (Thu, Dec 22nd)
https://isc.sans.edu/diary/rss/29372
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Play ransomware group claims to have stolen hotel chain data
A ransomware group claims to have stolen data from the H-Hotel chain, and is now threatening to leak it if the ransom is not paid
Top Security News for 23/12/2022
2022-12-21 - Files for an ISC diary (malicious Google ads)
https://malware.news/t/2022-12-21-files-for-an-isc-diary-malicious-google-ads/65980#post_1
Godfather Malware Makes Banking Apps An Offer They Can't Refuse
https://packetstormsecurity.com/news/view/34165/Godfather-Malware-Makes-Banking-Apps-An-Offer-They-Cant-Refuse.html
Puckungfu: A NETGEAR WAN Command Injection
https://www.reddit.com/r/netsec/comments/zsjzv0/puckungfu_a_netgear_wan_command_injection/
ISC Stormcast For Friday, December 23rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8304, (Fri, Dec 23rd)
https://isc.sans.edu/diary/rss/29378
The Era of Cyber Threat Intelligence Sharing
https://thehackernews.com/2022/12/the-era-of-cyber-threat-intelligence.html
Zerobot Botnet Emerges as a Growing Threat with New Exploits and Capabilities
https://thehackernews.com/2022/12/zerobot-botnet-emerges-as-growing.html
Lastpass Security Incident - December 22 update
https://www.reddit.com/r/netsec/comments/zsw3r5/lastpass_security_incident_december_22_update/
MSG entertainment uses facial recognition to boot rivals. Texas DA forces school district to issue breach notifications.
https://thecyberwire.com/newsletters/privacy-briefing/4/244
MSG entertainment uses facial recognition to boot rivals. Texas DA forces school district to issue breach notifications.
https://thecyberwire.com/podcasts/daily-podcast/735/notes
Two New Security Flaws Reported in Ghost CMS Blogging Software
https://thehackernews.com/2022/12/two-new-security-flaws-reported-in.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
2022-12-21 - Files for an ISC diary (malicious Google ads)
https://malware.news/t/2022-12-21-files-for-an-isc-diary-malicious-google-ads/65980#post_1
Godfather Malware Makes Banking Apps An Offer They Can't Refuse
https://packetstormsecurity.com/news/view/34165/Godfather-Malware-Makes-Banking-Apps-An-Offer-They-Cant-Refuse.html
Puckungfu: A NETGEAR WAN Command Injection
https://www.reddit.com/r/netsec/comments/zsjzv0/puckungfu_a_netgear_wan_command_injection/
ISC Stormcast For Friday, December 23rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8304, (Fri, Dec 23rd)
https://isc.sans.edu/diary/rss/29378
The Era of Cyber Threat Intelligence Sharing
https://thehackernews.com/2022/12/the-era-of-cyber-threat-intelligence.html
Zerobot Botnet Emerges as a Growing Threat with New Exploits and Capabilities
https://thehackernews.com/2022/12/zerobot-botnet-emerges-as-growing.html
Lastpass Security Incident - December 22 update
https://www.reddit.com/r/netsec/comments/zsw3r5/lastpass_security_incident_december_22_update/
MSG entertainment uses facial recognition to boot rivals. Texas DA forces school district to issue breach notifications.
https://thecyberwire.com/newsletters/privacy-briefing/4/244
MSG entertainment uses facial recognition to boot rivals. Texas DA forces school district to issue breach notifications.
https://thecyberwire.com/podcasts/daily-podcast/735/notes
Two New Security Flaws Reported in Ghost CMS Blogging Software
https://thehackernews.com/2022/12/two-new-security-flaws-reported-in.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
2022-12-21 - Files for an ISC diary (malicious Google ads)
Article Link: Malware-Traffic-Analysis.net - 2022-12-21 - Files for an ISC diary (malicious Google ads)
Top Security News for 24/12/2022
TikTok parent company ByteDance revealed the use of TikTok data to track journalists
https://securityaffairs.co/wordpress/139959/intelligence/tiktok-use-data-track-journalists.html
Holiday Gift Share of My Experimentation with Open AI Software
https://malware.news/t/holiday-gift-share-of-my-experimentation-with-open-ai-software/65994#post_1
PolyVice and Royal ransomware make nuisances of themselves. US warns that KillNet can be expected to go after the healthcare sector. CISA’s plans for stakeholder engagement.
https://thecyberwire.com/podcasts/daily-podcast/1730/notes
Biden signs $858 billion defense policy bill into law, expanding gov’t cyber operations
https://malware.news/t/biden-signs-858-billion-defense-policy-bill-into-law-expanding-gov-t-cyber-operations/65990#post_1
PyRDP 1.2.0 released – Can perform Net-NTLM hash capture before the certificate error on RDP
https://www.reddit.com/r/netsec/comments/ztokgx/pyrdp_120_released_can_perform_netntlm_hash/
Trade with caution - bad guys are stealing
https://malware.news/t/trade-with-caution-bad-guys-are-stealing/65989#post_1
Linux kernel module generator for Hidden firewall that follows the rules in the external YAML file.
https://www.reddit.com/r/netsec/comments/zu3i3c/linux_kernel_module_generator_for_hidden_firewall/
LastPass revealed that encrypted password vaults were stolen
https://securityaffairs.co/wordpress/139935/data-breach/lastpass-encrypted-password-vaults-stolen.html
CyberWire Live - Q4 2022 Cybersecurity Analyst Call
https://thecyberwire.com/stories/9cc3e30e061f490ea9ec60fadbb3796a/cyberwire-live---q4-2022-cybersecurity-analyst-call
France Fines Microsoft €60 Million for Using Advertising Cookies Without User Consent
https://thehackernews.com/2022/12/france-fines-microsoft-60-million-for.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
TikTok parent company ByteDance revealed the use of TikTok data to track journalists
https://securityaffairs.co/wordpress/139959/intelligence/tiktok-use-data-track-journalists.html
Holiday Gift Share of My Experimentation with Open AI Software
https://malware.news/t/holiday-gift-share-of-my-experimentation-with-open-ai-software/65994#post_1
PolyVice and Royal ransomware make nuisances of themselves. US warns that KillNet can be expected to go after the healthcare sector. CISA’s plans for stakeholder engagement.
https://thecyberwire.com/podcasts/daily-podcast/1730/notes
Biden signs $858 billion defense policy bill into law, expanding gov’t cyber operations
https://malware.news/t/biden-signs-858-billion-defense-policy-bill-into-law-expanding-gov-t-cyber-operations/65990#post_1
PyRDP 1.2.0 released – Can perform Net-NTLM hash capture before the certificate error on RDP
https://www.reddit.com/r/netsec/comments/ztokgx/pyrdp_120_released_can_perform_netntlm_hash/
Trade with caution - bad guys are stealing
https://malware.news/t/trade-with-caution-bad-guys-are-stealing/65989#post_1
Linux kernel module generator for Hidden firewall that follows the rules in the external YAML file.
https://www.reddit.com/r/netsec/comments/zu3i3c/linux_kernel_module_generator_for_hidden_firewall/
LastPass revealed that encrypted password vaults were stolen
https://securityaffairs.co/wordpress/139935/data-breach/lastpass-encrypted-password-vaults-stolen.html
CyberWire Live - Q4 2022 Cybersecurity Analyst Call
https://thecyberwire.com/stories/9cc3e30e061f490ea9ec60fadbb3796a/cyberwire-live---q4-2022-cybersecurity-analyst-call
France Fines Microsoft €60 Million for Using Advertising Cookies Without User Consent
https://thehackernews.com/2022/12/france-fines-microsoft-60-million-for.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
TikTok parent company ByteDance revealed the use of TikTok data to track journalists
ByteDance admitted that its employees accessed TikTok data to track journalists to identify the source of leaks to the media.
Top Security News for 28/12/2022
Scaling Continuous Security Testing on the Cheap
https://www.reddit.com/r/netsec/comments/zwjvts/scaling_continuous_security_testing_on_the_cheap/
Improving Software Supply Chain Security
https://malware.news/t/improving-software-supply-chain-security/66029#post_1
New AMSI Bypass Using CLR Hooking
https://www.reddit.com/r/netsec/comments/zwtepr/new_amsi_bypass_using_clr_hooking/
TikTok Admits Using Its App To Spy On Reporters
https://packetstormsecurity.com/news/view/34173/TikTok-Admits-Using-Its-App-To-Spy-On-Reporters.html
Hackers stole $3 million worth of cryptocurrency from BTC.com
https://securityaffairs.com/140076/hacking/btc-com-cyber-heist.html
Ransomware cyber response - Lessons from the trenches
https://www.theprohack.com/2022/12/cyber-security-ransomware-protection-techniques.html
Spice up your persistence: loading PHP extensions from memory
https://www.reddit.com/r/netsec/comments/zwrf01/spice_up_your_persistence_loading_php_extensions/
Cybersecurity firm links Piers Morgan Twitter hack to leak of 400m records
https://www.theguardian.com/technology/2022/dec/28/cybersecurity-firm-links-piers-morgan-twitter-hack-to-leak-of-400-million-records-including-scott-morrisons
Playing with Powershell and JSON (and Amazon and Firewalls), (Wed, Dec 28th)
https://isc.sans.edu/diary/rss/29380
2022 in review: 10 of the year’s biggest cyberattacks
https://malware.news/t/2022-in-review-10-of-the-year-s-biggest-cyberattacks/66031#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Scaling Continuous Security Testing on the Cheap
https://www.reddit.com/r/netsec/comments/zwjvts/scaling_continuous_security_testing_on_the_cheap/
Improving Software Supply Chain Security
https://malware.news/t/improving-software-supply-chain-security/66029#post_1
New AMSI Bypass Using CLR Hooking
https://www.reddit.com/r/netsec/comments/zwtepr/new_amsi_bypass_using_clr_hooking/
TikTok Admits Using Its App To Spy On Reporters
https://packetstormsecurity.com/news/view/34173/TikTok-Admits-Using-Its-App-To-Spy-On-Reporters.html
Hackers stole $3 million worth of cryptocurrency from BTC.com
https://securityaffairs.com/140076/hacking/btc-com-cyber-heist.html
Ransomware cyber response - Lessons from the trenches
https://www.theprohack.com/2022/12/cyber-security-ransomware-protection-techniques.html
Spice up your persistence: loading PHP extensions from memory
https://www.reddit.com/r/netsec/comments/zwrf01/spice_up_your_persistence_loading_php_extensions/
Cybersecurity firm links Piers Morgan Twitter hack to leak of 400m records
https://www.theguardian.com/technology/2022/dec/28/cybersecurity-firm-links-piers-morgan-twitter-hack-to-leak-of-400-million-records-including-scott-morrisons
Playing with Powershell and JSON (and Amazon and Firewalls), (Wed, Dec 28th)
https://isc.sans.edu/diary/rss/29380
2022 in review: 10 of the year’s biggest cyberattacks
https://malware.news/t/2022-in-review-10-of-the-year-s-biggest-cyberattacks/66031#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Scaling Continuous Security Testing on the Cheap
Posted in r/netsec by u/DH_Prelude • 45 points and 1 comment
Top Security News for 01/01/2023
VMware Shared Folders
https://www.reddit.com/r/Malware/comments/100c7h4/vmware_shared_folders/
Offensive C#
https://www.reddit.com/r/netsec/comments/100ennr/offensive_c/
Personal health information of 42M Americans leaked between 2016 and 2021
https://securityaffairs.com/140174/hacking/healthcare-phi-42m-americans-leaked.html
Ukraine at D+309: Year-end strikes.
https://thecyberwire.com/stories/755aaf39ef294665a0e583117dbd8347/ukraine-at-d309
Malvertising campaign MasquerAds abuses Google Ads
https://securityaffairs.com/140127/cyber-crime/malvertising-campaign-google-ads.html
Persistence and LOLBins
https://malware.news/t/persistence-and-lolbins/66087#post_1
Modified CVE-2019-6714 PoC to execute payload via mshta.exe
https://0x00sec.org/t/modified-cve-2019-6714-poc-to-execute-payload-via-mshta-exe/32728
Poland warns of pro-Kremlin cyberattacks aimed at destabilization
https://malware.news/t/poland-warns-of-pro-kremlin-cyberattacks-aimed-at-destabilization/66085#post_1
LuaJIT Sandbox Escape: The Saga Ends
https://www.reddit.com/r/netsec/comments/zzsyfc/luajit_sandbox_escape_the_saga_ends/
What is The Future of Reverse Engineering [ Reverse Engineering AMA ]
https://malware.news/t/what-is-the-future-of-reverse-engineering-reverse-engineering-ama/66084#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
VMware Shared Folders
https://www.reddit.com/r/Malware/comments/100c7h4/vmware_shared_folders/
Offensive C#
https://www.reddit.com/r/netsec/comments/100ennr/offensive_c/
Personal health information of 42M Americans leaked between 2016 and 2021
https://securityaffairs.com/140174/hacking/healthcare-phi-42m-americans-leaked.html
Ukraine at D+309: Year-end strikes.
https://thecyberwire.com/stories/755aaf39ef294665a0e583117dbd8347/ukraine-at-d309
Malvertising campaign MasquerAds abuses Google Ads
https://securityaffairs.com/140127/cyber-crime/malvertising-campaign-google-ads.html
Persistence and LOLBins
https://malware.news/t/persistence-and-lolbins/66087#post_1
Modified CVE-2019-6714 PoC to execute payload via mshta.exe
https://0x00sec.org/t/modified-cve-2019-6714-poc-to-execute-payload-via-mshta-exe/32728
Poland warns of pro-Kremlin cyberattacks aimed at destabilization
https://malware.news/t/poland-warns-of-pro-kremlin-cyberattacks-aimed-at-destabilization/66085#post_1
LuaJIT Sandbox Escape: The Saga Ends
https://www.reddit.com/r/netsec/comments/zzsyfc/luajit_sandbox_escape_the_saga_ends/
What is The Future of Reverse Engineering [ Reverse Engineering AMA ]
https://malware.news/t/what-is-the-future-of-reverse-engineering-reverse-engineering-ama/66084#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
VMware Shared Folders
Hello r/Malware! I had a question regarding the "Shared Folders" feature on VMware. If I were to share a folder with the VM, and ran malware on...
Top Security News for 02/01/2023
Google to Pay $29.5 Million to Settle Lawsuits Over User Location Tracking
https://thehackernews.com/2023/01/google-to-pay-295-million-to-settle.html
ISC StormCast for Monday, January 2nd, 2023
https://isc.sans.edu/podcastdetail.html?id=8306
Offensive C#
https://www.reddit.com/r/netsec/comments/100ennr/offensive_c/
ASEC Weekly Malware Statistics (December 19th, 2022 – December 25th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-december-19th-2022-december-25th-2022/66090#post_1
ISC Stormcast For Monday, January 2nd, 2023 https://isc.sans.edu/podcastdetail.html?id=8306, (Mon, Jan 2nd)
https://isc.sans.edu/diary/rss/29388
2022 CTI-EU Talk: Threat Landscape and Defences Against Mobile Surveillance Implants
https://malware.news/t/2022-cti-eu-talk-threat-landscape-and-defences-against-mobile-surveillance-implants/66088#post_1
GitHub - jafarlihi/modreveal: Utility to find hidden Linux kernel modules
https://www.reddit.com/r/netsec/comments/100lxs6/github_jafarlihimodreveal_utility_to_find_hidden/
Women in Cybersecurity panel: A discussion on hidden figures of cyber skills gap.
https://thecyberwire.com/podcasts/special-edition/46/notes
GenieACS And The Tale Of Default JWT Secret
https://0x00sec.org/t/genieacs-and-the-tale-of-default-jwt-secret/32738
Compromised PyTorch-nightly dependency chain
https://www.reddit.com/r/netsec/comments/100fs08/compromised_pytorchnightly_dependency_chain/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Google to Pay $29.5 Million to Settle Lawsuits Over User Location Tracking
https://thehackernews.com/2023/01/google-to-pay-295-million-to-settle.html
ISC StormCast for Monday, January 2nd, 2023
https://isc.sans.edu/podcastdetail.html?id=8306
Offensive C#
https://www.reddit.com/r/netsec/comments/100ennr/offensive_c/
ASEC Weekly Malware Statistics (December 19th, 2022 – December 25th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-december-19th-2022-december-25th-2022/66090#post_1
ISC Stormcast For Monday, January 2nd, 2023 https://isc.sans.edu/podcastdetail.html?id=8306, (Mon, Jan 2nd)
https://isc.sans.edu/diary/rss/29388
2022 CTI-EU Talk: Threat Landscape and Defences Against Mobile Surveillance Implants
https://malware.news/t/2022-cti-eu-talk-threat-landscape-and-defences-against-mobile-surveillance-implants/66088#post_1
GitHub - jafarlihi/modreveal: Utility to find hidden Linux kernel modules
https://www.reddit.com/r/netsec/comments/100lxs6/github_jafarlihimodreveal_utility_to_find_hidden/
Women in Cybersecurity panel: A discussion on hidden figures of cyber skills gap.
https://thecyberwire.com/podcasts/special-edition/46/notes
GenieACS And The Tale Of Default JWT Secret
https://0x00sec.org/t/genieacs-and-the-tale-of-default-jwt-secret/32738
Compromised PyTorch-nightly dependency chain
https://www.reddit.com/r/netsec/comments/100fs08/compromised_pytorchnightly_dependency_chain/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Monday, January 2nd, 2023 - SANS ISC
Top Security News for 03/01/2023
GitHub - kitabisa/teler-waf: teler-waf is a Go HTTP middleware that provide teler IDS functionality with teler IDS to protect against web-based attacks and improve the security of Go-based web applications. It is highly configurable and easy to integrate into existing Go applications.
https://www.reddit.com/r/netsec/comments/1014bk3/github_kitabisatelerwaf_telerwaf_is_a_go_http/
ASEC Weekly Phishing Email Threat Trends (December 18th, 2022 – December 24th, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-december-18th-2022-december-24th-2022/66102#post_1
NetworkMiner 2.8 Released, (Mon, Jan 2nd)
https://isc.sans.edu/diary/rss/29390
Pro-Russia cyberattacks aim at destabilizing Poland, security agency warns
https://securityaffairs.com/140216/cyber-warfare-2/pro-russia-cyberattacks-hit-poland.html
2nd January – Threat Intelligence Report
https://malware.news/t/2nd-january-threat-intelligence-report/66095#post_1
PyTorch compromised to demonstrate dependency confusion attack on Python environments
https://securityaffairs.com/140228/hacking/pytorch-confusion-attack.html
2022 C2 Tracker Recap in Graphics
https://malware.news/t/2022-c2-tracker-recap-in-graphics/66097#post_1
WordPress Security Alert: New Linux Malware Exploiting Over Two Dozen CMS Flaws
https://thehackernews.com/2023/01/wordpress-security-alert-new-linux.html
Putting ELF on the shelf…
https://malware.news/t/putting-elf-on-the-shelf/66100#post_1
ISC StormCast for Tuesday, January 3rd, 2023
https://isc.sans.edu/podcastdetail.html?id=8308
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
GitHub - kitabisa/teler-waf: teler-waf is a Go HTTP middleware that provide teler IDS functionality with teler IDS to protect against web-based attacks and improve the security of Go-based web applications. It is highly configurable and easy to integrate into existing Go applications.
https://www.reddit.com/r/netsec/comments/1014bk3/github_kitabisatelerwaf_telerwaf_is_a_go_http/
ASEC Weekly Phishing Email Threat Trends (December 18th, 2022 – December 24th, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-december-18th-2022-december-24th-2022/66102#post_1
NetworkMiner 2.8 Released, (Mon, Jan 2nd)
https://isc.sans.edu/diary/rss/29390
Pro-Russia cyberattacks aim at destabilizing Poland, security agency warns
https://securityaffairs.com/140216/cyber-warfare-2/pro-russia-cyberattacks-hit-poland.html
2nd January – Threat Intelligence Report
https://malware.news/t/2nd-january-threat-intelligence-report/66095#post_1
PyTorch compromised to demonstrate dependency confusion attack on Python environments
https://securityaffairs.com/140228/hacking/pytorch-confusion-attack.html
2022 C2 Tracker Recap in Graphics
https://malware.news/t/2022-c2-tracker-recap-in-graphics/66097#post_1
WordPress Security Alert: New Linux Malware Exploiting Over Two Dozen CMS Flaws
https://thehackernews.com/2023/01/wordpress-security-alert-new-linux.html
Putting ELF on the shelf…
https://malware.news/t/putting-elf-on-the-shelf/66100#post_1
ISC StormCast for Tuesday, January 3rd, 2023
https://isc.sans.edu/podcastdetail.html?id=8308
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
GitHub - kitabisa/teler-waf: teler-waf is a Go HTTP middleware...
Posted in r/netsec by u/dwisiswant0 • 27 points and 0 comments