Top Security News for 12/12/2022

Virtual/Fractional CISOs
https://thecyberwire.com/podcasts/cso-perspectives/94/notes

IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&CK matrix related
https://www.reddit.com/r/netsec/comments/zjn894/iatelligence_is_a_python_script_that_will_extract/

ISC Stormcast For Monday, December 12th, 2022 https://isc.sans.edu/podcastdetail.html?id=8286, (Mon, Dec 12th)
https://malware.news/t/isc-stormcast-for-monday-december-12th-2022-https-isc-sans-edu-podcastdetail-html-id-8286-mon-dec-12th/65641#post_1


Open Now: 2022 SANS Holiday Hack Challenge & KringleCon, (Sat, Dec 10th)
https://malware.news/t/xa-open-now-2022-sans-holiday-hack-challenge-kringlecon-sat-dec-10th/65640#post_1

Christmas is coming – must be time for another Amazon scam
https://malware.news/t/christmas-is-coming-must-be-time-for-another-amazon-scam/65642#post_1

Quickie: CyberChef Sorting By String Length, (Sun, Dec 11th)
https://isc.sans.edu/diary/rss/29328

Controlled Folder Access blocked action
https://www.reddit.com/r/Malware/comments/zjo1we/controlled_folder_access_blocked_action/

MuddyWater APT group is back with updated TTPs
https://securityaffairs.co/wordpress/139505/apt/muddywater-changs-ttps.html

Pwn2Own Toronto 2022 Day 4: $989K awarded for 63 unique zero-days
https://securityaffairs.co/wordpress/139516/hacking/pwn2own-toronto-2022-day4.html


Open Now: 2022 SANS Holiday Hack Challenge & KringleCon, (Sat, Dec 10th)
https://isc.sans.edu/diary/rss/29326


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 13/12/2022

ISC Stormcast For Tuesday, December 13th, 2022 https://isc.sans.edu/podcastdetail.html?id=8288, (Tue, Dec 13th)
https://isc.sans.edu/diary/rss/29332

Iranian hacking group uses compromised email accounts to distribute MSP remote access tool
https://www.malwarebytes.com/blog/news/2022/12/iranian-hacking-group-uses-compromised-email-accounts-to-distribute-msp-remote-access-tool

A week in security (December 5 - 11)
https://www.malwarebytes.com/blog/news/2022/12/a-week-in-security-december-5-11

Your Life, Their Profit: Buyer Awareness in the 21st Century
https://thecyberwire.com/podcasts/8th-layer-insights/28/notes

Anti-trust action and tech mergers. Twitter’s open access strategy. CISA’s 2023 goals. Japan plans a more assertive cyberstrategy.
https://thecyberwire.com/newsletters/policy-briefing/4/236

Hacking the Met.
https://thecyberwire.com/stories/900613a4a7b643d0a5d1b0aec5c50855/hacking-the-met

Data breaches at COVaxON and Vevor. Indian privacy vs. bots. AirAsia ransomware investigation.
https://thecyberwire.com/newsletters/privacy-briefing/4/236

Fortinet urges customers to fix actively exploited FortiOS SSL-VPN bug
https://securityaffairs.co/wordpress/139569/hacking/fortinet-fortios-ssl-vpn-bug.html

ASEC Weekly Phishing Email Threat Trends (November 27th, 2022 – December 3rd, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-november-27th-2022-december-3rd-2022/65670#post_1

Twitter Auctioning Off Fancy Chairs, Espresso Machines, $10,000 Meat Slicer in HQ Clear-Out
https://www.vice.com/en_us/article/4axmbn/twitter-auctioning-off-fancy-chairs-espresso-machines-dollar10000-meat-slicer-in-hq-clear-out


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 14/12/2022

Microsoft Patch Tuesday fixes six critical vulnerabilities
https://malware.news/t/microsoft-patch-tuesday-fixes-six-critical-vulnerabilities/65717#post_1

Exploiting CVE-2022-42703 - Bringing back the stack attack
https://www.reddit.com/r/lowlevel/comments/zge0om/exploiting_cve202242703_bringing_back_the_stack/

Cybersecurity Experts Uncover Inner Workings of Destructive Azov Ransomware
https://thehackernews.com/2022/12/cybersecurity-experts-uncover-inner.html

Citrix and NSA urge admins to fix actively exploited zero-day in Citrix ADC and Gateway
https://securityaffairs.co/wordpress/139609/apt/citrix-adc-gateway-cve-2022-27518.html

Serious Attacks Could Have Been Staged Through This Amazon ECR Public Gallery Vulnerability
https://thehackernews.com/2022/12/serious-attacks-could-have-been-staged.html

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/13-12-2022

Security Alert: Microsoft Releases December 2022 Security Updates
https://malware.news/t/security-alert-microsoft-releases-december-2022-security-updates/65720#post_1

ISC Stormcast For Wednesday, December 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8290, (Wed, Dec 14th)
https://malware.news/t/isc-stormcast-for-wednesday-december-14th-2022-https-isc-sans-edu-podcastdetail-html-id-8290-wed-dec-14th/65721#post_1

ISC Stormcast For Wednesday, December 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8290, (Wed, Dec 14th)
https://isc.sans.edu/diary/rss/29342

PCI Secure Software Standard version 1.2 sets out new payment security requirements
https://www.csoonline.com/article/3682656/pci-secure-software-standard-version-1-2-sets-out-new-payment-security-requirements.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 16/12/2022

PyPI malware creators starting to employ Anti-Debug techniques
https://www.reddit.com/r/netsec/comments/zmfkoz/pypi_malware_creators_starting_to_employ/

Microsoft revised CVE-2022-37958 severity due to its broader scope
https://securityaffairs.co/wordpress/139709/hacking/microsoft-revised-cve-2022-37958-rate.html

ISC StormCast for Friday, December 16th, 2022
https://isc.sans.edu/podcastdetail.html?id=8294

A vulnerability in the UMPD (User-Mode Printer Drivers) allows local users to trigger a use-after-free vulnerability. The vulnerability works from Windows 8 and above, and is fairly easy to exploit on older Windows machines.
https://www.reddit.com/r/netsec/comments/zmnt6b/a_vulnerability_in_the_umpd_usermode_printer/

Meta summarizes 2022 action against coordinated inauthenticity. President Putin lies low. Russian troll farms like Kid Rock.
https://thecyberwire.com/newsletters/disinformation-briefing/4/49

Combined SOC Webinar Q&A: From EDR to ITDR and ASO … and ChatGPT
https://medium.com/anton-on-security/combined-soc-webinar-q-a-from-edr-to-itdr-and-aso-95ecec02782?source=rss----8e8c3ed26c4c---4

Uber data stolen via third-party vendor
https://www.malwarebytes.com/blog/news/2022/12/uber-breached-via-attack-against-its-vendor

Windows: Still insecure after all these years
https://malware.news/t/windows-still-insecure-after-all-these-years/65798#post_1

Is an outsourced SOC worth it? Looking at the ROI of MDR
https://www.malwarebytes.com/blog/business/2022/12/are-outsourced-soc-services-worth-it-looking-at-the-roi-of-mdr

Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as 'Critical'
https://thehackernews.com/2022/12/microsoft-reclassifies-spnego-extended.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 17/12/2022

Virtual kidnapping scam strikes again. Spot the signs
https://www.malwarebytes.com/blog/news/2022/12/virtual-kidnapping-scam-strikes-again-spot-the-signs

Worldwide law enforcement action takes down major DDoS booter services
https://www.malwarebytes.com/blog/news/2022/12/worldwide-law-enforcement-action-takes-down-major-ddos-booter-services

Writing My first SpyWare for learning C/C++
https://0x00sec.org/t/writing-my-first-spyware-for-learning-c-c/32521

5 Ways to Improve Holiday Retail and Wholesale Cybersecurity
https://securityintelligence.com/articles/5-improvements-retail-wholesale-holiday-cybersecurity/

Cyber Security Is Not a Losing Game – If You Start Right Now
https://thehackernews.com/2022/12/cyber-security-is-not-losing-game-if.html

Senator Asks Gabe Newell Why Steam Hosts So Much Neo-Nazi Content
https://www.vice.com/en_us/article/dy79na/senator-asks-gabe-newell-why-steam-hosts-so-much-neo-nazi-content

Critical Vulnerability Found in Sovrin, a Popular Decentralized Identity System
https://www.reddit.com/r/netsec/comments/zn7tuz/critical_vulnerability_found_in_sovrin_a_popular/

Clare O’Neil on national security amid cyber hacks and threats to democracy
https://www.theguardian.com/australia-news/audio/2022/dec/17/clare-oneil-on-national-security-amid-cyber-hacks-and-threats-to-democracy

Update now! Apple patches active exploit vulnerability for iPhones
https://www.malwarebytes.com/blog/news/2022/12/update-now-apple-patches-active-exploit-vulnerability-for-iphones

Worldwide law enforcement action takes down major DDoS booter services
https://malware.news/t/worldwide-law-enforcement-action-takes-down-major-ddos-booter-services/65822#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 18/12/2022

Samba addressed multiple high-severity vulnerabilities
https://securityaffairs.co/wordpress/139760/hacking/samba-multiple-flaws.html

Exploiting API Framework Flexibility
https://www.reddit.com/r/netsec/comments/zo3lts/exploiting_api_framework_flexibility/

State-sponsored activity (and defenses against it). Breaches, ransomware, and social engineering. SHA-1 retired.
https://thecyberwire.com/newsletters/week-that-was/6/49

Strategies to get the most out of your toolsets.
https://thecyberwire.com/podcasts/cyberwire-x/43/notes

CyberChef & Entropy, (Sat, Dec 17th)
https://isc.sans.edu/diary/rss/29352

[QuickNote] VidarStealer Analysis
https://malware.news/t/quicknote-vidarstealer-analysis/65824#post_1

PortexAnalyzer GUI Released
https://www.reddit.com/r/Malware/comments/zo75br/portexanalyzer_gui_released/

Google Takes Gmail Security to the Next Level with Client-Side Encryption
https://thehackernews.com/2022/12/gmail-encryption.html

Writing x64dbg plugins
https://malware.news/t/writing-x64dbg-plugins/65826#post_1

Update: zipdump.py Version 0.0.23
https://malware.news/t/update-zipdump-py-version-0-0-23/65828#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 19/12/2022

Cannot access specific websites (steam, blizzard)
https://www.reddit.com/r/Malware/comments/zpbfjv/cannot_access_specific_websites_steam_blizzard/

NAVY FEDERAL CREDIT UNION SITE PHISHED
https://www.reddit.com/r/Malware/comments/zp0rdc/navy_federal_credit_union_site_phished/

ISC Stormcast For Monday, December 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8296, (Mon, Dec 19th)
https://isc.sans.edu/diary/rss/29356

Don Pezet: Stepping stones are the start of your career.
https://thecyberwire.com/podcasts/career-notes/130/notes

Google announced end-to-end encryption for Gmail web
https://securityaffairs.co/wordpress/139778/security/end-to-end-encryption-gmail-web.html

IT security trends 2023 (part 2): Why iPhones are hackers' best friends, rootkits are celebrating a renaissance, and uncertainty is bad for IT security
https://malware.news/t/it-security-trends-2023-part-2-why-iphones-are-hackers-best-friends-rootkits-are-celebrating-a-renaissance-and-uncertainty-is-bad-for-it-security/65833#post_1

Infostealer Malware with Double Extension, (Sun, Dec 18th)
https://malware.news/t/infostealer-malware-with-double-extension-sun-dec-18th/65829#post_1

Port knocking from the scratch
https://www.reddit.com/r/netsec/comments/zpche7/port_knocking_from_the_scratch/

New tool: teeplus.py
https://malware.news/t/new-tool-teeplus-py/65830#post_1

Fire and rescue service in Victoria, Australia, confirms cyber attack
https://securityaffairs.co/wordpress/139764/cyber-crime/fire-service-victoria-australia-australia.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 20/12/2022

Cybercrime (and Security) Predictions for 2023
https://thehackernews.com/2022/12/cybercrime-and-security-predictions-for.html

ISC Stormcast For Tuesday, December 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8298, (Tue, Dec 20th)
https://isc.sans.edu/diary/rss/29360

BrandPost: Overcoming the Top Technology, Process, and People Challenges Faced by CISOs
https://www.csoonline.com/article/3683828/overcoming-the-top-technology-process-and-people-challenges-faced-by-cisos.html#tk.rss_all

FTC Fines Fortnite Maker Epic Games $275 Million for Violating Children's Privacy Law
https://thehackernews.com/2022/12/ftc-fines-fortnite-maker-epic-games-275.html

Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware
https://securityaffairs.co/wordpress/139831/cyber-crime/malicious-pypi-package-sentinelone-sdk.html

clif - is a command-line application fuzzer in Rust
https://www.reddit.com/r/netsec/comments/zpxaxz/clif_is_a_commandline_application_fuzzer_in_rust/

Linux File System Monitoring & Actions, (Tue, Dec 20th)
https://isc.sans.edu/diary/rss/29362

EDR evasion with hardware breakpoints
https://www.reddit.com/r/netsec/comments/zq3n2l/edr_evasion_with_hardware_breakpoints/

Ransomware (noun)
https://thecyberwire.com/podcasts/word-notes/130/notes

Intro to Embedded RE: UART Discovery and Firmware Extraction via UBoot
https://www.reddit.com/r/netsec/comments/zqcbis/intro_to_embedded_re_uart_discovery_and_firmware/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 21/12/2022

UAC-0142 APT targets Ukraine’s Delta military intelligence program
https://securityaffairs.co/wordpress/139859/intelligence/ukraine-delta-military-intelligence-attack.html

Trojanized Windows 10 Installers Hit Ukrainian Government
https://packetstormsecurity.com/news/view/34158/Trojanized-Windows-10-Installers-Hit-Ukrainian-Government.html

Validating Okta Access Tokens in Python with PyJWT
https://www.reddit.com/r/netsec/comments/zqyuz3/validating_okta_access_tokens_in_python_with_pyjwt/

Russia-linked Gamaredon APT targeted a petroleum refining company in a NATO nation in August
https://securityaffairs.co/wordpress/139848/apt/gamaredon-petroleum-refining-company.html

Bypass iOS backup's TCC protection
https://www.reddit.com/r/netsec/comments/zquz59/bypass_ios_backups_tcc_protection/

Ukraine at D+299: Cyber operations 300 days into the war.
https://thecyberwire.com/stories/549772f3116643568315ed386e90ce3f/ukraine-at-d299

Malwarebytes earns AV-TEST Top Product awards for fourth consecutive quarter
https://www.malwarebytes.com/blog/business/2022/12/malwarebytes-earns-av-test-top-product-awards-for-fourth-consecutive-quarter

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/20-12-2022

OSV-Scanner: A vulnerability scanner written in Go which uses the data provided by OSV.dev
https://www.reddit.com/r/netsec/comments/zqjdu6/osvscanner_a_vulnerability_scanner_written_in_go/

DraftKings discloses breach. Bathroomba? 3rd-party breach in New Zealand insurer. Notes on Play ransomware.
https://thecyberwire.com/podcasts/privacy-briefing/733/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 22/12/2022

Play ransomware group claims to have stolen hotel chain data
https://www.malwarebytes.com/blog/news/2022/12/play-ransomware-group-claims-to-have-stolen-h-hotel-data

EU scrutinizes Broadcom’s purchase of VMware. FDA urges Congress to address medical device cybersecurity. CISA funding to increase.
https://thecyberwire.com/newsletters/policy-briefing/4/243

Microsoft research uncovers new Zerobot capabilities
https://www.microsoft.com/en-us/security/blog/2022/12/21/microsoft-research-uncovers-new-zerobot-capabilities/

GitHub incident allowed attacker to copy Okta’s source code
https://malware.news/t/github-incident-allowed-attacker-to-copy-okta-s-source-code/65940#post_1

Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days
https://securityaffairs.co/wordpress/139885/data-breach/shoemaker-ecco-data-leaks.html

Exchange OWASSRF Exploited for Remote Code Execution, (Thu, Dec 22nd)
https://malware.news/t/exchange-owassrf-exploited-for-remote-code-execution-thu-dec-22nd/65941#post_1

Beware of What Is Lurking in the Shadows of Your IT
https://securityintelligence.com/posts/beware-lurking-shadows-it/

Guardian Newspaper Hit By Suspected Ransomware Attack
https://packetstormsecurity.com/news/view/34160/Guardian-Newspaper-Hit-By-Suspected-Ransomware-Attack.html

Raspberry Robin Worm Strikes Again, Targeting Telecom and Government Systems
https://thehackernews.com/2022/12/raspberry-robin-worm-strikes-again.html

ISC Stormcast For Thursday, December 22nd, 2022 https://isc.sans.edu/podcastdetail.html?id=8302, (Thu, Dec 22nd)
https://isc.sans.edu/diary/rss/29372


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 23/12/2022

2022-12-21 - Files for an ISC diary (malicious Google ads)
https://malware.news/t/2022-12-21-files-for-an-isc-diary-malicious-google-ads/65980#post_1

Godfather Malware Makes Banking Apps An Offer They Can't Refuse
https://packetstormsecurity.com/news/view/34165/Godfather-Malware-Makes-Banking-Apps-An-Offer-They-Cant-Refuse.html

Puckungfu: A NETGEAR WAN Command Injection
https://www.reddit.com/r/netsec/comments/zsjzv0/puckungfu_a_netgear_wan_command_injection/

ISC Stormcast For Friday, December 23rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8304, (Fri, Dec 23rd)
https://isc.sans.edu/diary/rss/29378

The Era of Cyber Threat Intelligence Sharing
https://thehackernews.com/2022/12/the-era-of-cyber-threat-intelligence.html

Zerobot Botnet Emerges as a Growing Threat with New Exploits and Capabilities
https://thehackernews.com/2022/12/zerobot-botnet-emerges-as-growing.html

Lastpass Security Incident - December 22 update
https://www.reddit.com/r/netsec/comments/zsw3r5/lastpass_security_incident_december_22_update/

MSG entertainment uses facial recognition to boot rivals. Texas DA forces school district to issue breach notifications.
https://thecyberwire.com/newsletters/privacy-briefing/4/244

MSG entertainment uses facial recognition to boot rivals. Texas DA forces school district to issue breach notifications.
https://thecyberwire.com/podcasts/daily-podcast/735/notes

Two New Security Flaws Reported in Ghost CMS Blogging Software
https://thehackernews.com/2022/12/two-new-security-flaws-reported-in.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 24/12/2022

TikTok parent company ByteDance revealed the use of TikTok data to track journalists
https://securityaffairs.co/wordpress/139959/intelligence/tiktok-use-data-track-journalists.html

Holiday Gift Share of My Experimentation with Open AI Software
https://malware.news/t/holiday-gift-share-of-my-experimentation-with-open-ai-software/65994#post_1

PolyVice and Royal ransomware make nuisances of themselves. US warns that KillNet can be expected to go after the healthcare sector. CISA’s plans for stakeholder engagement.
https://thecyberwire.com/podcasts/daily-podcast/1730/notes

Biden signs $858 billion defense policy bill into law, expanding gov’t cyber operations
https://malware.news/t/biden-signs-858-billion-defense-policy-bill-into-law-expanding-gov-t-cyber-operations/65990#post_1

PyRDP 1.2.0 released – Can perform Net-NTLM hash capture before the certificate error on RDP
https://www.reddit.com/r/netsec/comments/ztokgx/pyrdp_120_released_can_perform_netntlm_hash/

Trade with caution - bad guys are stealing
https://malware.news/t/trade-with-caution-bad-guys-are-stealing/65989#post_1

Linux kernel module generator for Hidden firewall that follows the rules in the external YAML file.
https://www.reddit.com/r/netsec/comments/zu3i3c/linux_kernel_module_generator_for_hidden_firewall/

LastPass revealed that encrypted password vaults were stolen
https://securityaffairs.co/wordpress/139935/data-breach/lastpass-encrypted-password-vaults-stolen.html

CyberWire Live - Q4 2022 Cybersecurity Analyst Call
https://thecyberwire.com/stories/9cc3e30e061f490ea9ec60fadbb3796a/cyberwire-live---q4-2022-cybersecurity-analyst-call

France Fines Microsoft €60 Million for Using Advertising Cookies Without User Consent
https://thehackernews.com/2022/12/france-fines-microsoft-60-million-for.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 28/12/2022

Scaling Continuous Security Testing on the Cheap
https://www.reddit.com/r/netsec/comments/zwjvts/scaling_continuous_security_testing_on_the_cheap/

Improving Software Supply Chain Security
https://malware.news/t/improving-software-supply-chain-security/66029#post_1

New AMSI Bypass Using CLR Hooking
https://www.reddit.com/r/netsec/comments/zwtepr/new_amsi_bypass_using_clr_hooking/

TikTok Admits Using Its App To Spy On Reporters
https://packetstormsecurity.com/news/view/34173/TikTok-Admits-Using-Its-App-To-Spy-On-Reporters.html

Hackers stole $3 million worth of cryptocurrency from BTC.com
https://securityaffairs.com/140076/hacking/btc-com-cyber-heist.html

Ransomware cyber response - Lessons from the trenches
https://www.theprohack.com/2022/12/cyber-security-ransomware-protection-techniques.html

Spice up your persistence: loading PHP extensions from memory
https://www.reddit.com/r/netsec/comments/zwrf01/spice_up_your_persistence_loading_php_extensions/

Cybersecurity firm links Piers Morgan Twitter hack to leak of 400m records
https://www.theguardian.com/technology/2022/dec/28/cybersecurity-firm-links-piers-morgan-twitter-hack-to-leak-of-400-million-records-including-scott-morrisons

Playing with Powershell and JSON (and Amazon and Firewalls), (Wed, Dec 28th)
https://isc.sans.edu/diary/rss/29380

2022 in review: 10 of the year’s biggest cyberattacks
https://malware.news/t/2022-in-review-10-of-the-year-s-biggest-cyberattacks/66031#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 01/01/2023

VMware Shared Folders
https://www.reddit.com/r/Malware/comments/100c7h4/vmware_shared_folders/

Offensive C#
https://www.reddit.com/r/netsec/comments/100ennr/offensive_c/

Personal health information of 42M Americans leaked between 2016 and 2021
https://securityaffairs.com/140174/hacking/healthcare-phi-42m-americans-leaked.html

Ukraine at D+309: Year-end strikes.
https://thecyberwire.com/stories/755aaf39ef294665a0e583117dbd8347/ukraine-at-d309

Malvertising campaign MasquerAds abuses Google Ads
https://securityaffairs.com/140127/cyber-crime/malvertising-campaign-google-ads.html

Persistence and LOLBins
https://malware.news/t/persistence-and-lolbins/66087#post_1

Modified CVE-2019-6714 PoC to execute payload via mshta.exe
https://0x00sec.org/t/modified-cve-2019-6714-poc-to-execute-payload-via-mshta-exe/32728

Poland warns of pro-Kremlin cyberattacks aimed at destabilization
https://malware.news/t/poland-warns-of-pro-kremlin-cyberattacks-aimed-at-destabilization/66085#post_1

LuaJIT Sandbox Escape: The Saga Ends
https://www.reddit.com/r/netsec/comments/zzsyfc/luajit_sandbox_escape_the_saga_ends/

What is The Future of Reverse Engineering [ Reverse Engineering AMA ]
https://malware.news/t/what-is-the-future-of-reverse-engineering-reverse-engineering-ama/66084#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 02/01/2023

Google to Pay $29.5 Million to Settle Lawsuits Over User Location Tracking
https://thehackernews.com/2023/01/google-to-pay-295-million-to-settle.html

ISC StormCast for Monday, January 2nd, 2023
https://isc.sans.edu/podcastdetail.html?id=8306

Offensive C#
https://www.reddit.com/r/netsec/comments/100ennr/offensive_c/

ASEC Weekly Malware Statistics (December 19th, 2022 – December 25th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-december-19th-2022-december-25th-2022/66090#post_1

ISC Stormcast For Monday, January 2nd, 2023 https://isc.sans.edu/podcastdetail.html?id=8306, (Mon, Jan 2nd)
https://isc.sans.edu/diary/rss/29388

2022 CTI-EU Talk: Threat Landscape and Defences Against Mobile Surveillance Implants
https://malware.news/t/2022-cti-eu-talk-threat-landscape-and-defences-against-mobile-surveillance-implants/66088#post_1

GitHub - jafarlihi/modreveal: Utility to find hidden Linux kernel modules
https://www.reddit.com/r/netsec/comments/100lxs6/github_jafarlihimodreveal_utility_to_find_hidden/

Women in Cybersecurity panel: A discussion on hidden figures of cyber skills gap.
https://thecyberwire.com/podcasts/special-edition/46/notes

GenieACS And The Tale Of Default JWT Secret
https://0x00sec.org/t/genieacs-and-the-tale-of-default-jwt-secret/32738

Compromised PyTorch-nightly dependency chain
https://www.reddit.com/r/netsec/comments/100fs08/compromised_pytorchnightly_dependency_chain/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 03/01/2023

GitHub - kitabisa/teler-waf: teler-waf is a Go HTTP middleware that provide teler IDS functionality with teler IDS to protect against web-based attacks and improve the security of Go-based web applications. It is highly configurable and easy to integrate into existing Go applications.
https://www.reddit.com/r/netsec/comments/1014bk3/github_kitabisatelerwaf_telerwaf_is_a_go_http/

ASEC Weekly Phishing Email Threat Trends (December 18th, 2022 – December 24th, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-december-18th-2022-december-24th-2022/66102#post_1

NetworkMiner 2.8 Released, (Mon, Jan 2nd)
https://isc.sans.edu/diary/rss/29390

Pro-Russia cyberattacks aim at destabilizing Poland, security agency warns
https://securityaffairs.com/140216/cyber-warfare-2/pro-russia-cyberattacks-hit-poland.html

2nd January – Threat Intelligence Report
https://malware.news/t/2nd-january-threat-intelligence-report/66095#post_1

PyTorch compromised to demonstrate dependency confusion attack on Python environments
https://securityaffairs.com/140228/hacking/pytorch-confusion-attack.html

2022 C2 Tracker Recap in Graphics
https://malware.news/t/2022-c2-tracker-recap-in-graphics/66097#post_1

WordPress Security Alert: New Linux Malware Exploiting Over Two Dozen CMS Flaws
https://thehackernews.com/2023/01/wordpress-security-alert-new-linux.html

Putting ELF on the shelf…
https://malware.news/t/putting-elf-on-the-shelf/66100#post_1

ISC StormCast for Tuesday, January 3rd, 2023
https://isc.sans.edu/podcastdetail.html?id=8308


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 04/01/2023

PBS FRONTLINE investigates Pegasus, the powerful spyware sold to governments around the world by the Israeli company NSO Group.
https://www.reddit.com/r/netsec/comments/102sm6p/pbs_frontline_investigates_pegasus_the_powerful/

Hackers Using Stolen Bank Information to Trick Victims into Downloading BitRAT Malware
https://thehackernews.com/2023/01/hackers-using-stolen-bank-information.html

Why does technology no longer excite us? Lock and Code S04E01
https://www.malwarebytes.com/blog/podcast/2022/12/why-does-technology-no-longer-excite-us-lock-and-code-s04e01

ISC Stormcast For Wednesday, January 4th, 2023 https://isc.sans.edu/podcastdetail.html?id=8310, (Wed, Jan 4th)
https://malware.news/t/isc-stormcast-for-wednesday-january-4th-2023-https-isc-sans-edu-podcastdetail-html-id-8310-wed-jan-4th/66126#post_1

Gaming: How much is too much for our children?
https://malware.news/t/gaming-how-much-is-too-much-for-our-children/66124#post_1

oops
https://www.reddit.com/r/Malware/comments/102l9nd/oops/

SSRF vulnerabilities caused by SNI proxy misconfigurations
https://www.reddit.com/r/netsec/comments/1028g0j/ssrf_vulnerabilities_caused_by_sni_proxy/

Enforcement vs. Enrollment-based Security: How to Balance Security and Employee Trust
https://thehackernews.com/2023/01/enforcement-vs-enrollment-based.html

Does Volvo Cars suffer a new data breach?
https://securityaffairs.com/140258/hacking/volvo-cars-data-breach-2.html

of-CORS: a framework for hacking internal apps with open CORS via bug bounty
https://www.reddit.com/r/netsec/comments/102en51/ofcors_a_framework_for_hacking_internal_apps_with/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 05/01/2023

Recent cyberattacks targeting educational institutions. Streamers. BitRAT phishing scam leverages stolen bank data. Behavioral advertising draws GDPR fine.
https://thecyberwire.com/newsletters/privacy-briefing/5/2

Qualcomm Chipsets and Lenovo BIOS Get Security Updates to Fix Multiple Flaws
https://thehackernews.com/2023/01/qualcomm-chipsets-and-lenovo-bios-get.html

Terms of service and GDPR. LastPass breach update. GhostWriter resurfaces in action against Poland and its neighbors. Cellphones, opsec, and rocket strikes.
https://thecyberwire.com/podcasts/daily-podcast/1732/notes

ISC Stormcast For Thursday, January 5th, 2023 https://isc.sans.edu/podcastdetail.html?id=8312, (Thu, Jan 5th)
https://isc.sans.edu/diary/rss/29402

Update VPN Plus Server now! Synology patches vulnerability with a CVSS of 10
https://malware.news/t/update-vpn-plus-server-now-synology-patches-vulnerability-with-a-cvss-of-10/66148#post_1

a quick post about rbac-police
https://www.reddit.com/r/netsec/comments/103a9ex/a_quick_post_about_rbacpolice/

BrandPost: The Cloud Is Under Attack: The State of Cloud Security in 2023
https://www.csoonline.com/article/3684768/the-cloud-is-under-attack-the-state-of-cloud-security-in-2023.html#tk.rss_all

Leveraging credentials online and off isn't going away.
https://thecyberwire.com/podcasts/hacking-humans/226/notes

ISC Stormcast For Thursday, January 5th, 2023 https://isc.sans.edu/podcastdetail.html?id=8312, (Thu, Jan 5th)
https://malware.news/t/isc-stormcast-for-thursday-january-5th-2023-https-isc-sans-edu-podcastdetail-html-id-8312-thu-jan-5th/66150#post_1

Meta hit with $413 million fine in EU for breaking GDPR rules
https://www.computerworld.com/article/3684514/meta-hit-with-413-million-fine-in-eu-for-breaking-gdpr-rules.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 06/01/2023

Mitigate the LastPass Attack Surface in Your Environment with this Free Tool
https://thehackernews.com/2023/01/mitigate-lastpass-attack-surface-in.html

Padding oracle attack: demonstration
https://www.reddit.com/r/netsec/comments/103rh7z/padding_oracle_attack_demonstration/

“MasquerAds” — Google’s Ad-Words Massively Abused by Threat Actors, Targeting Organizations, GPUs…
https://www.reddit.com/r/netsec/comments/103xbvf/masquerads_googles_adwords_massively_abused_by/

Ransomware target list – Week in security with Tony Anscombe
https://malware.news/t/ransomware-target-list-week-in-security-with-tony-anscombe/66186#post_1

Surgeons Sorry for Texting Patients They Had 'Aggressive' Cancer Instead of 'Happy New Year'
https://www.vice.com/en_us/article/7k8339/surgeons-sorry-for-texting-patients-they-had-aggressive-cancer-instead-of-happy-new-year

Vulnerabilities offer on-ramp to a highway of private data. Job applicants' data exposed. Twitter hack results in massive data dump.
https://thecyberwire.com/podcasts/privacy-briefing/739/notes

Hundreds Of WordPress Sites Infected By Recently Discovered Backdoor
https://packetstormsecurity.com/news/view/34186/Hundreds-Of-WordPress-Sites-Infected-By-Recently-Discovered-Backdoor.html

GitHub Actions Privilege Escalations - The "workflow_run" trigger
https://www.reddit.com/r/netsec/comments/1042m5w/github_actions_privilege_escalations_the_workflow/

The BISO: bringing security to business and business to security
https://www.csoonline.com/article/3684728/the-biso-bringing-security-to-business-and-business-to-security.html#tk.rss_all

Google patches 60 vulnerabilities in first Android update of 2023
https://www.malwarebytes.com/blog/news/2023/01/first-android-update-of-2023-patches-60-vulnerabilities


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 07/01/2023

WhatsApp Introduces Proxy Support to Help Users Bypass Internet Censorship
https://thehackernews.com/2023/01/whatsapp-introduces-proxy-support-to.html

I made an Open Source Browser extension to aid in Threat Investigations!
https://www.reddit.com/r/netsec/comments/1057mto/i_made_an_open_source_browser_extension_to_aid_in/

Automotive vulnerabilities discovered.
https://thecyberwire.com/stories/602e4789b3254c9489cc245bc0ef9995/automotive-vulnerabilities-discovered

Update on LastPass and Twitter breaches. Vice Society leaks stolen UK school data. Data incident at health organization prompts questions about disclosure rules.
https://thecyberwire.com/newsletters/privacy-briefing/5/4

I scanned every package on PyPi and found 57 live AWS keys
https://www.reddit.com/r/netsec/comments/10524mo/i_scanned_every_package_on_pypi_and_found_57_live/

Malware targets 30 unpatched WordPress plugins
https://www.malwarebytes.com/blog/news/2023/01/update-your-wordpress-plugins-now-mass-backdoor-campaign-underway

Latest activity from Turla {Mandiant}
https://www.reddit.com/r/netsec/comments/104zjm8/latest_activity_from_turla_mandiant/

New Twitter data dump is a cleaned up version of old Twitter dump
https://www.malwarebytes.com/blog/news/2023/01/new-twitter-data-dump-is-a-cleaned-up-version-of-old-twitter-dump

Igor’s Tip of the Week #122: Manual load
https://malware.news/t/igor-s-tip-of-the-week-122-manual-load/66202#post_1

Variant analysis of CVE-2022-3515 affecting libksba, which resulted in CVE-2022-47629
https://www.reddit.com/r/netsec/comments/104nnug/variant_analysis_of_cve20223515_affecting_libksba/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 08/01/2023

IcedID malware campaign targets Zoom users
https://securityaffairs.com/140465/malware/icedid-targets-zoom-users.html

Teresa Rothaar: Outwork the competition. [Analyst]
https://thecyberwire.com/podcasts/career-notes/131/notes

Hive Ransomware gang leaked 550 GB stolen from Consulate Health Care
https://securityaffairs.com/140452/cyber-crime/consulate-health-care-hive-ransomware.html

GUARDARA 0.9.9 Available with Web Service Testing
https://www.reddit.com/r/netsec/comments/1060n8h/guardara_099_available_with_web_service_testing/

connmap now works with all DE/WM! Desktop widget that shows location of your current TCP peers on a world map in real-time.
https://www.reddit.com/r/netsec/comments/105q5pl/connmap_now_works_with_all_dewm_desktop_widget/

Bing redirection
https://www.reddit.com/r/Malware/comments/1061nnz/bing_redirection/

VSCode Supply Chain Attacks: Protect Your IDE from Malicious Extensions
https://www.reddit.com/r/netsec/comments/105xfqa/vscode_supply_chain_attacks_protect_your_ide_from/

Reflections on Trusting VEX (or when humans can improve SBOMs)
https://www.reddit.com/r/netsec/comments/105nsbp/reflections_on_trusting_vex_or_when_humans_can/

Setting up your bug bounty scripts with Python and Bash — The subdomain monitoring bot
https://www.reddit.com/r/netsec/comments/105jjlt/setting_up_your_bug_bounty_scripts_with_python/

Moldovaʼs government hit by flood of phishing attacks
https://malware.news/t/moldova-s-government-hit-by-flood-of-phishing-attacks/66207#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman