Top Security News for 20/12/2022

Cybercrime (and Security) Predictions for 2023
https://thehackernews.com/2022/12/cybercrime-and-security-predictions-for.html

ISC Stormcast For Tuesday, December 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8298, (Tue, Dec 20th)
https://isc.sans.edu/diary/rss/29360

BrandPost: Overcoming the Top Technology, Process, and People Challenges Faced by CISOs
https://www.csoonline.com/article/3683828/overcoming-the-top-technology-process-and-people-challenges-faced-by-cisos.html#tk.rss_all

FTC Fines Fortnite Maker Epic Games $275 Million for Violating Children's Privacy Law
https://thehackernews.com/2022/12/ftc-fines-fortnite-maker-epic-games-275.html

Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware
https://securityaffairs.co/wordpress/139831/cyber-crime/malicious-pypi-package-sentinelone-sdk.html

clif - is a command-line application fuzzer in Rust
https://www.reddit.com/r/netsec/comments/zpxaxz/clif_is_a_commandline_application_fuzzer_in_rust/

Linux File System Monitoring & Actions, (Tue, Dec 20th)
https://isc.sans.edu/diary/rss/29362

EDR evasion with hardware breakpoints
https://www.reddit.com/r/netsec/comments/zq3n2l/edr_evasion_with_hardware_breakpoints/

Ransomware (noun)
https://thecyberwire.com/podcasts/word-notes/130/notes

Intro to Embedded RE: UART Discovery and Firmware Extraction via UBoot
https://www.reddit.com/r/netsec/comments/zqcbis/intro_to_embedded_re_uart_discovery_and_firmware/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 21/12/2022

UAC-0142 APT targets Ukraine’s Delta military intelligence program
https://securityaffairs.co/wordpress/139859/intelligence/ukraine-delta-military-intelligence-attack.html

Trojanized Windows 10 Installers Hit Ukrainian Government
https://packetstormsecurity.com/news/view/34158/Trojanized-Windows-10-Installers-Hit-Ukrainian-Government.html

Validating Okta Access Tokens in Python with PyJWT
https://www.reddit.com/r/netsec/comments/zqyuz3/validating_okta_access_tokens_in_python_with_pyjwt/

Russia-linked Gamaredon APT targeted a petroleum refining company in a NATO nation in August
https://securityaffairs.co/wordpress/139848/apt/gamaredon-petroleum-refining-company.html

Bypass iOS backup's TCC protection
https://www.reddit.com/r/netsec/comments/zquz59/bypass_ios_backups_tcc_protection/

Ukraine at D+299: Cyber operations 300 days into the war.
https://thecyberwire.com/stories/549772f3116643568315ed386e90ce3f/ukraine-at-d299

Malwarebytes earns AV-TEST Top Product awards for fourth consecutive quarter
https://www.malwarebytes.com/blog/business/2022/12/malwarebytes-earns-av-test-top-product-awards-for-fourth-consecutive-quarter

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/20-12-2022

OSV-Scanner: A vulnerability scanner written in Go which uses the data provided by OSV.dev
https://www.reddit.com/r/netsec/comments/zqjdu6/osvscanner_a_vulnerability_scanner_written_in_go/

DraftKings discloses breach. Bathroomba? 3rd-party breach in New Zealand insurer. Notes on Play ransomware.
https://thecyberwire.com/podcasts/privacy-briefing/733/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 22/12/2022

Play ransomware group claims to have stolen hotel chain data
https://www.malwarebytes.com/blog/news/2022/12/play-ransomware-group-claims-to-have-stolen-h-hotel-data

EU scrutinizes Broadcom’s purchase of VMware. FDA urges Congress to address medical device cybersecurity. CISA funding to increase.
https://thecyberwire.com/newsletters/policy-briefing/4/243

Microsoft research uncovers new Zerobot capabilities
https://www.microsoft.com/en-us/security/blog/2022/12/21/microsoft-research-uncovers-new-zerobot-capabilities/

GitHub incident allowed attacker to copy Okta’s source code
https://malware.news/t/github-incident-allowed-attacker-to-copy-okta-s-source-code/65940#post_1

Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days
https://securityaffairs.co/wordpress/139885/data-breach/shoemaker-ecco-data-leaks.html

Exchange OWASSRF Exploited for Remote Code Execution, (Thu, Dec 22nd)
https://malware.news/t/exchange-owassrf-exploited-for-remote-code-execution-thu-dec-22nd/65941#post_1

Beware of What Is Lurking in the Shadows of Your IT
https://securityintelligence.com/posts/beware-lurking-shadows-it/

Guardian Newspaper Hit By Suspected Ransomware Attack
https://packetstormsecurity.com/news/view/34160/Guardian-Newspaper-Hit-By-Suspected-Ransomware-Attack.html

Raspberry Robin Worm Strikes Again, Targeting Telecom and Government Systems
https://thehackernews.com/2022/12/raspberry-robin-worm-strikes-again.html

ISC Stormcast For Thursday, December 22nd, 2022 https://isc.sans.edu/podcastdetail.html?id=8302, (Thu, Dec 22nd)
https://isc.sans.edu/diary/rss/29372


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 23/12/2022

2022-12-21 - Files for an ISC diary (malicious Google ads)
https://malware.news/t/2022-12-21-files-for-an-isc-diary-malicious-google-ads/65980#post_1

Godfather Malware Makes Banking Apps An Offer They Can't Refuse
https://packetstormsecurity.com/news/view/34165/Godfather-Malware-Makes-Banking-Apps-An-Offer-They-Cant-Refuse.html

Puckungfu: A NETGEAR WAN Command Injection
https://www.reddit.com/r/netsec/comments/zsjzv0/puckungfu_a_netgear_wan_command_injection/

ISC Stormcast For Friday, December 23rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8304, (Fri, Dec 23rd)
https://isc.sans.edu/diary/rss/29378

The Era of Cyber Threat Intelligence Sharing
https://thehackernews.com/2022/12/the-era-of-cyber-threat-intelligence.html

Zerobot Botnet Emerges as a Growing Threat with New Exploits and Capabilities
https://thehackernews.com/2022/12/zerobot-botnet-emerges-as-growing.html

Lastpass Security Incident - December 22 update
https://www.reddit.com/r/netsec/comments/zsw3r5/lastpass_security_incident_december_22_update/

MSG entertainment uses facial recognition to boot rivals. Texas DA forces school district to issue breach notifications.
https://thecyberwire.com/newsletters/privacy-briefing/4/244

MSG entertainment uses facial recognition to boot rivals. Texas DA forces school district to issue breach notifications.
https://thecyberwire.com/podcasts/daily-podcast/735/notes

Two New Security Flaws Reported in Ghost CMS Blogging Software
https://thehackernews.com/2022/12/two-new-security-flaws-reported-in.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 24/12/2022

TikTok parent company ByteDance revealed the use of TikTok data to track journalists
https://securityaffairs.co/wordpress/139959/intelligence/tiktok-use-data-track-journalists.html

Holiday Gift Share of My Experimentation with Open AI Software
https://malware.news/t/holiday-gift-share-of-my-experimentation-with-open-ai-software/65994#post_1

PolyVice and Royal ransomware make nuisances of themselves. US warns that KillNet can be expected to go after the healthcare sector. CISA’s plans for stakeholder engagement.
https://thecyberwire.com/podcasts/daily-podcast/1730/notes

Biden signs $858 billion defense policy bill into law, expanding gov’t cyber operations
https://malware.news/t/biden-signs-858-billion-defense-policy-bill-into-law-expanding-gov-t-cyber-operations/65990#post_1

PyRDP 1.2.0 released – Can perform Net-NTLM hash capture before the certificate error on RDP
https://www.reddit.com/r/netsec/comments/ztokgx/pyrdp_120_released_can_perform_netntlm_hash/

Trade with caution - bad guys are stealing
https://malware.news/t/trade-with-caution-bad-guys-are-stealing/65989#post_1

Linux kernel module generator for Hidden firewall that follows the rules in the external YAML file.
https://www.reddit.com/r/netsec/comments/zu3i3c/linux_kernel_module_generator_for_hidden_firewall/

LastPass revealed that encrypted password vaults were stolen
https://securityaffairs.co/wordpress/139935/data-breach/lastpass-encrypted-password-vaults-stolen.html

CyberWire Live - Q4 2022 Cybersecurity Analyst Call
https://thecyberwire.com/stories/9cc3e30e061f490ea9ec60fadbb3796a/cyberwire-live---q4-2022-cybersecurity-analyst-call

France Fines Microsoft €60 Million for Using Advertising Cookies Without User Consent
https://thehackernews.com/2022/12/france-fines-microsoft-60-million-for.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 28/12/2022

Scaling Continuous Security Testing on the Cheap
https://www.reddit.com/r/netsec/comments/zwjvts/scaling_continuous_security_testing_on_the_cheap/

Improving Software Supply Chain Security
https://malware.news/t/improving-software-supply-chain-security/66029#post_1

New AMSI Bypass Using CLR Hooking
https://www.reddit.com/r/netsec/comments/zwtepr/new_amsi_bypass_using_clr_hooking/

TikTok Admits Using Its App To Spy On Reporters
https://packetstormsecurity.com/news/view/34173/TikTok-Admits-Using-Its-App-To-Spy-On-Reporters.html

Hackers stole $3 million worth of cryptocurrency from BTC.com
https://securityaffairs.com/140076/hacking/btc-com-cyber-heist.html

Ransomware cyber response - Lessons from the trenches
https://www.theprohack.com/2022/12/cyber-security-ransomware-protection-techniques.html

Spice up your persistence: loading PHP extensions from memory
https://www.reddit.com/r/netsec/comments/zwrf01/spice_up_your_persistence_loading_php_extensions/

Cybersecurity firm links Piers Morgan Twitter hack to leak of 400m records
https://www.theguardian.com/technology/2022/dec/28/cybersecurity-firm-links-piers-morgan-twitter-hack-to-leak-of-400-million-records-including-scott-morrisons

Playing with Powershell and JSON (and Amazon and Firewalls), (Wed, Dec 28th)
https://isc.sans.edu/diary/rss/29380

2022 in review: 10 of the year’s biggest cyberattacks
https://malware.news/t/2022-in-review-10-of-the-year-s-biggest-cyberattacks/66031#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 01/01/2023

VMware Shared Folders
https://www.reddit.com/r/Malware/comments/100c7h4/vmware_shared_folders/

Offensive C#
https://www.reddit.com/r/netsec/comments/100ennr/offensive_c/

Personal health information of 42M Americans leaked between 2016 and 2021
https://securityaffairs.com/140174/hacking/healthcare-phi-42m-americans-leaked.html

Ukraine at D+309: Year-end strikes.
https://thecyberwire.com/stories/755aaf39ef294665a0e583117dbd8347/ukraine-at-d309

Malvertising campaign MasquerAds abuses Google Ads
https://securityaffairs.com/140127/cyber-crime/malvertising-campaign-google-ads.html

Persistence and LOLBins
https://malware.news/t/persistence-and-lolbins/66087#post_1

Modified CVE-2019-6714 PoC to execute payload via mshta.exe
https://0x00sec.org/t/modified-cve-2019-6714-poc-to-execute-payload-via-mshta-exe/32728

Poland warns of pro-Kremlin cyberattacks aimed at destabilization
https://malware.news/t/poland-warns-of-pro-kremlin-cyberattacks-aimed-at-destabilization/66085#post_1

LuaJIT Sandbox Escape: The Saga Ends
https://www.reddit.com/r/netsec/comments/zzsyfc/luajit_sandbox_escape_the_saga_ends/

What is The Future of Reverse Engineering [ Reverse Engineering AMA ]
https://malware.news/t/what-is-the-future-of-reverse-engineering-reverse-engineering-ama/66084#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 02/01/2023

Google to Pay $29.5 Million to Settle Lawsuits Over User Location Tracking
https://thehackernews.com/2023/01/google-to-pay-295-million-to-settle.html

ISC StormCast for Monday, January 2nd, 2023
https://isc.sans.edu/podcastdetail.html?id=8306

Offensive C#
https://www.reddit.com/r/netsec/comments/100ennr/offensive_c/

ASEC Weekly Malware Statistics (December 19th, 2022 – December 25th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-december-19th-2022-december-25th-2022/66090#post_1

ISC Stormcast For Monday, January 2nd, 2023 https://isc.sans.edu/podcastdetail.html?id=8306, (Mon, Jan 2nd)
https://isc.sans.edu/diary/rss/29388

2022 CTI-EU Talk: Threat Landscape and Defences Against Mobile Surveillance Implants
https://malware.news/t/2022-cti-eu-talk-threat-landscape-and-defences-against-mobile-surveillance-implants/66088#post_1

GitHub - jafarlihi/modreveal: Utility to find hidden Linux kernel modules
https://www.reddit.com/r/netsec/comments/100lxs6/github_jafarlihimodreveal_utility_to_find_hidden/

Women in Cybersecurity panel: A discussion on hidden figures of cyber skills gap.
https://thecyberwire.com/podcasts/special-edition/46/notes

GenieACS And The Tale Of Default JWT Secret
https://0x00sec.org/t/genieacs-and-the-tale-of-default-jwt-secret/32738

Compromised PyTorch-nightly dependency chain
https://www.reddit.com/r/netsec/comments/100fs08/compromised_pytorchnightly_dependency_chain/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 03/01/2023

GitHub - kitabisa/teler-waf: teler-waf is a Go HTTP middleware that provide teler IDS functionality with teler IDS to protect against web-based attacks and improve the security of Go-based web applications. It is highly configurable and easy to integrate into existing Go applications.
https://www.reddit.com/r/netsec/comments/1014bk3/github_kitabisatelerwaf_telerwaf_is_a_go_http/

ASEC Weekly Phishing Email Threat Trends (December 18th, 2022 – December 24th, 2022)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-december-18th-2022-december-24th-2022/66102#post_1

NetworkMiner 2.8 Released, (Mon, Jan 2nd)
https://isc.sans.edu/diary/rss/29390

Pro-Russia cyberattacks aim at destabilizing Poland, security agency warns
https://securityaffairs.com/140216/cyber-warfare-2/pro-russia-cyberattacks-hit-poland.html

2nd January – Threat Intelligence Report
https://malware.news/t/2nd-january-threat-intelligence-report/66095#post_1

PyTorch compromised to demonstrate dependency confusion attack on Python environments
https://securityaffairs.com/140228/hacking/pytorch-confusion-attack.html

2022 C2 Tracker Recap in Graphics
https://malware.news/t/2022-c2-tracker-recap-in-graphics/66097#post_1

WordPress Security Alert: New Linux Malware Exploiting Over Two Dozen CMS Flaws
https://thehackernews.com/2023/01/wordpress-security-alert-new-linux.html

Putting ELF on the shelf…
https://malware.news/t/putting-elf-on-the-shelf/66100#post_1

ISC StormCast for Tuesday, January 3rd, 2023
https://isc.sans.edu/podcastdetail.html?id=8308


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 04/01/2023

PBS FRONTLINE investigates Pegasus, the powerful spyware sold to governments around the world by the Israeli company NSO Group.
https://www.reddit.com/r/netsec/comments/102sm6p/pbs_frontline_investigates_pegasus_the_powerful/

Hackers Using Stolen Bank Information to Trick Victims into Downloading BitRAT Malware
https://thehackernews.com/2023/01/hackers-using-stolen-bank-information.html

Why does technology no longer excite us? Lock and Code S04E01
https://www.malwarebytes.com/blog/podcast/2022/12/why-does-technology-no-longer-excite-us-lock-and-code-s04e01

ISC Stormcast For Wednesday, January 4th, 2023 https://isc.sans.edu/podcastdetail.html?id=8310, (Wed, Jan 4th)
https://malware.news/t/isc-stormcast-for-wednesday-january-4th-2023-https-isc-sans-edu-podcastdetail-html-id-8310-wed-jan-4th/66126#post_1

Gaming: How much is too much for our children?
https://malware.news/t/gaming-how-much-is-too-much-for-our-children/66124#post_1

oops
https://www.reddit.com/r/Malware/comments/102l9nd/oops/

SSRF vulnerabilities caused by SNI proxy misconfigurations
https://www.reddit.com/r/netsec/comments/1028g0j/ssrf_vulnerabilities_caused_by_sni_proxy/

Enforcement vs. Enrollment-based Security: How to Balance Security and Employee Trust
https://thehackernews.com/2023/01/enforcement-vs-enrollment-based.html

Does Volvo Cars suffer a new data breach?
https://securityaffairs.com/140258/hacking/volvo-cars-data-breach-2.html

of-CORS: a framework for hacking internal apps with open CORS via bug bounty
https://www.reddit.com/r/netsec/comments/102en51/ofcors_a_framework_for_hacking_internal_apps_with/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 05/01/2023

Recent cyberattacks targeting educational institutions. Streamers. BitRAT phishing scam leverages stolen bank data. Behavioral advertising draws GDPR fine.
https://thecyberwire.com/newsletters/privacy-briefing/5/2

Qualcomm Chipsets and Lenovo BIOS Get Security Updates to Fix Multiple Flaws
https://thehackernews.com/2023/01/qualcomm-chipsets-and-lenovo-bios-get.html

Terms of service and GDPR. LastPass breach update. GhostWriter resurfaces in action against Poland and its neighbors. Cellphones, opsec, and rocket strikes.
https://thecyberwire.com/podcasts/daily-podcast/1732/notes

ISC Stormcast For Thursday, January 5th, 2023 https://isc.sans.edu/podcastdetail.html?id=8312, (Thu, Jan 5th)
https://isc.sans.edu/diary/rss/29402

Update VPN Plus Server now! Synology patches vulnerability with a CVSS of 10
https://malware.news/t/update-vpn-plus-server-now-synology-patches-vulnerability-with-a-cvss-of-10/66148#post_1

a quick post about rbac-police
https://www.reddit.com/r/netsec/comments/103a9ex/a_quick_post_about_rbacpolice/

BrandPost: The Cloud Is Under Attack: The State of Cloud Security in 2023
https://www.csoonline.com/article/3684768/the-cloud-is-under-attack-the-state-of-cloud-security-in-2023.html#tk.rss_all

Leveraging credentials online and off isn't going away.
https://thecyberwire.com/podcasts/hacking-humans/226/notes

ISC Stormcast For Thursday, January 5th, 2023 https://isc.sans.edu/podcastdetail.html?id=8312, (Thu, Jan 5th)
https://malware.news/t/isc-stormcast-for-thursday-january-5th-2023-https-isc-sans-edu-podcastdetail-html-id-8312-thu-jan-5th/66150#post_1

Meta hit with $413 million fine in EU for breaking GDPR rules
https://www.computerworld.com/article/3684514/meta-hit-with-413-million-fine-in-eu-for-breaking-gdpr-rules.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 06/01/2023

Mitigate the LastPass Attack Surface in Your Environment with this Free Tool
https://thehackernews.com/2023/01/mitigate-lastpass-attack-surface-in.html

Padding oracle attack: demonstration
https://www.reddit.com/r/netsec/comments/103rh7z/padding_oracle_attack_demonstration/

“MasquerAds” — Google’s Ad-Words Massively Abused by Threat Actors, Targeting Organizations, GPUs…
https://www.reddit.com/r/netsec/comments/103xbvf/masquerads_googles_adwords_massively_abused_by/

Ransomware target list – Week in security with Tony Anscombe
https://malware.news/t/ransomware-target-list-week-in-security-with-tony-anscombe/66186#post_1

Surgeons Sorry for Texting Patients They Had 'Aggressive' Cancer Instead of 'Happy New Year'
https://www.vice.com/en_us/article/7k8339/surgeons-sorry-for-texting-patients-they-had-aggressive-cancer-instead-of-happy-new-year

Vulnerabilities offer on-ramp to a highway of private data. Job applicants' data exposed. Twitter hack results in massive data dump.
https://thecyberwire.com/podcasts/privacy-briefing/739/notes

Hundreds Of WordPress Sites Infected By Recently Discovered Backdoor
https://packetstormsecurity.com/news/view/34186/Hundreds-Of-WordPress-Sites-Infected-By-Recently-Discovered-Backdoor.html

GitHub Actions Privilege Escalations - The "workflow_run" trigger
https://www.reddit.com/r/netsec/comments/1042m5w/github_actions_privilege_escalations_the_workflow/

The BISO: bringing security to business and business to security
https://www.csoonline.com/article/3684728/the-biso-bringing-security-to-business-and-business-to-security.html#tk.rss_all

Google patches 60 vulnerabilities in first Android update of 2023
https://www.malwarebytes.com/blog/news/2023/01/first-android-update-of-2023-patches-60-vulnerabilities


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 07/01/2023

WhatsApp Introduces Proxy Support to Help Users Bypass Internet Censorship
https://thehackernews.com/2023/01/whatsapp-introduces-proxy-support-to.html

I made an Open Source Browser extension to aid in Threat Investigations!
https://www.reddit.com/r/netsec/comments/1057mto/i_made_an_open_source_browser_extension_to_aid_in/

Automotive vulnerabilities discovered.
https://thecyberwire.com/stories/602e4789b3254c9489cc245bc0ef9995/automotive-vulnerabilities-discovered

Update on LastPass and Twitter breaches. Vice Society leaks stolen UK school data. Data incident at health organization prompts questions about disclosure rules.
https://thecyberwire.com/newsletters/privacy-briefing/5/4

I scanned every package on PyPi and found 57 live AWS keys
https://www.reddit.com/r/netsec/comments/10524mo/i_scanned_every_package_on_pypi_and_found_57_live/

Malware targets 30 unpatched WordPress plugins
https://www.malwarebytes.com/blog/news/2023/01/update-your-wordpress-plugins-now-mass-backdoor-campaign-underway

Latest activity from Turla {Mandiant}
https://www.reddit.com/r/netsec/comments/104zjm8/latest_activity_from_turla_mandiant/

New Twitter data dump is a cleaned up version of old Twitter dump
https://www.malwarebytes.com/blog/news/2023/01/new-twitter-data-dump-is-a-cleaned-up-version-of-old-twitter-dump

Igor’s Tip of the Week #122: Manual load
https://malware.news/t/igor-s-tip-of-the-week-122-manual-load/66202#post_1

Variant analysis of CVE-2022-3515 affecting libksba, which resulted in CVE-2022-47629
https://www.reddit.com/r/netsec/comments/104nnug/variant_analysis_of_cve20223515_affecting_libksba/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 08/01/2023

IcedID malware campaign targets Zoom users
https://securityaffairs.com/140465/malware/icedid-targets-zoom-users.html

Teresa Rothaar: Outwork the competition. [Analyst]
https://thecyberwire.com/podcasts/career-notes/131/notes

Hive Ransomware gang leaked 550 GB stolen from Consulate Health Care
https://securityaffairs.com/140452/cyber-crime/consulate-health-care-hive-ransomware.html

GUARDARA 0.9.9 Available with Web Service Testing
https://www.reddit.com/r/netsec/comments/1060n8h/guardara_099_available_with_web_service_testing/

connmap now works with all DE/WM! Desktop widget that shows location of your current TCP peers on a world map in real-time.
https://www.reddit.com/r/netsec/comments/105q5pl/connmap_now_works_with_all_dewm_desktop_widget/

Bing redirection
https://www.reddit.com/r/Malware/comments/1061nnz/bing_redirection/

VSCode Supply Chain Attacks: Protect Your IDE from Malicious Extensions
https://www.reddit.com/r/netsec/comments/105xfqa/vscode_supply_chain_attacks_protect_your_ide_from/

Reflections on Trusting VEX (or when humans can improve SBOMs)
https://www.reddit.com/r/netsec/comments/105nsbp/reflections_on_trusting_vex_or_when_humans_can/

Setting up your bug bounty scripts with Python and Bash — The subdomain monitoring bot
https://www.reddit.com/r/netsec/comments/105jjlt/setting_up_your_bug_bounty_scripts_with_python/

Moldovaʼs government hit by flood of phishing attacks
https://malware.news/t/moldova-s-government-hit-by-flood-of-phishing-attacks/66207#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 09/01/2023

ISC Stormcast For Monday, January 9th, 2023 https://isc.sans.edu/podcastdetail.html?id=8316, (Mon, Jan 9th)
https://malware.news/t/isc-stormcast-for-monday-january-9th-2023-https-isc-sans-edu-podcastdetail-html-id-8316-mon-jan-9th/66212#post_1

ISC StormCast for Monday, January 9th, 2023
https://isc.sans.edu/podcastdetail.html?id=8316

One of America's most hated companies hired a security robot. It didn't go well
https://malware.news/t/one-of-americas-most-hated-companies-hired-a-security-robot-it-didnt-go-well/66209#post_1

YARA v4.3.0-rc1 --skip-larger, (Sat, Jan 7th)
https://malware.news/t/yara-v4-3-0-rc1-skip-larger-sat-jan-7th/66208#post_1

Digital Personal Data Protection Bill 2022
https://malware.news/t/digital-personal-data-protection-bill-2022/66214#post_1

DShield Sensor JSON Log Analysis, (Sun, Jan 8th)
https://malware.news/t/dshield-sensor-json-log-analysis-sun-jan-8th/66210#post_1

Unwrapping Ursnifs Gifts
https://malware.news/t/unwrapping-ursnifs-gifts/66211#post_1

History of Infosec: a primer.
https://thecyberwire.com/podcasts/cso-perspectives-public/74/notes

Dridex targets MacOS users with a new delivery technique
https://securityaffairs.com/140488/malware/dridex-banking-malware-macos.html

Russian and Belarusian men charged with spying for Russian GRU
https://securityaffairs.com/140507/intelligence/poland-charged-russian-gru-spies.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 10/01/2023

Malicious PyPI Packages Using Cloudflare Tunnels to Sneak Through Firewalls
https://thehackernews.com/2023/01/malicious-pypi-packages-using.html

Schneider Electric Teams With BitSight on OT Risk Detection
https://malware.news/t/schneider-electric-teams-with-bitsight-on-ot-risk-detection/66249#post_1

ChatGPT and academic standards. Social engineering capers. Schools sue social media platforms.
https://thecyberwire.com/newsletters/daily-briefing/12/5

Social engineering shenanigans, by both crooks and spies. Suing social media over alleged mental health damages. And how to earn an “F.”
https://thecyberwire.com/podcasts/daily-podcast/1735/notes

DNSChanger and the Global Scope of Cybersecurity
https://securityintelligence.com/articles/dnschanger-and-global-cybersecurity/

Unwrapping Ursnifs Gifts
https://www.reddit.com/r/netsec/comments/107dwc1/unwrapping_ursnifs_gifts/

PUP (noun)
https://thecyberwire.com/podcasts/word-notes/131/notes

New Study Uncovers Text-to-SQL Model Vulnerabilities Allowing Data Theft and DoS Attacks
https://thehackernews.com/2023/01/new-study-uncovers-text-to-sql-model.html

Louisiana wants your ID if you're looking at adult-only websites
https://www.malwarebytes.com/blog/news/2023/01/attempts-to-stop-under-aged-from-accessing-adult-only-content-on-the-internet

Yokogawa to Sell Unidirectional Gateways from Waterfall Security Solutions Under New Partnership
https://malware.news/t/yokogawa-to-sell-unidirectional-gateways-from-waterfall-security-solutions-under-new-partnership/66250#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 11/01/2023

Zoom Rooms was affected by four “high” severity vulnerabilities
https://securityaffairs.com/140607/security/zoom-rooms-vulnerabilities.html

Turla piggybacks on abandoned malware infrastructure. Bluebottle targets African countries. Blind Eagle goes after Ecuador. Automotive vulnerabilities.
https://thecyberwire.com/podcasts/research-briefing/150/notes

How to Analyze JavaScript Malware – A Case Study of Vjw0rm
https://www.reddit.com/r/netsec/comments/108cj7d/how_to_analyze_javascript_malware_a_case_study_of/

ISC Stormcast For Wednesday, January 11th, 2023 https://isc.sans.edu/podcastdetail.html?id=8320, (Wed, Jan 11th)
https://malware.news/t/isc-stormcast-for-wednesday-january-11th-2023-https-isc-sans-edu-podcastdetail-html-id-8320-wed-jan-11th/66301#post_1

Polite WiFi loophole could allow attackers to drain device batteries
https://www.malwarebytes.com/blog/news/2023/01/polite-wifi-loophole-could-allow-attackers-to-drain-device-batteries

StrongPity Hackers Distribute Trojanized Telegram App to Target Android Users
https://thehackernews.com/2023/01/strongpity-hackers-distribute.html

Semgrep rules for Swift language (iOS mobile apps)
https://www.reddit.com/r/netsec/comments/108ftxi/semgrep_rules_for_swift_language_ios_mobile_apps/

Startup Uses AI Chatbot to Provide Mental Health Counseling and Then Realizes It 'Feels Weird'
https://www.vice.com/en_us/article/4ax9yw/startup-uses-ai-chatbot-to-provide-mental-health-counseling-and-then-realizes-it-feels-weird

BrandPost: Adaptive DDoS Suppression for a Safer, More Resilient Internet
https://www.csoonline.com/article/3685288/adaptive-ddos-suppression-for-a-safer-more-resilient-internet.html#tk.rss_all

A View Into Web(View) Attacks in Android
https://securityintelligence.com/posts/view-into-webview-attacks-android/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 12/01/2023

Cisco security advisory (AV23-018)
https://malware.news/t/cisco-security-advisory-av23-018/66332#post_1

Identity thieves bypass security questions to access Experian credit reports
https://www.malwarebytes.com/blog/news/2023/01/identity-thieves-bypass-security-questions-to-access-experian-credit-reports

Cyberespionage and hybrid-war hacktivism. Healthcare cyber risk. Cryptojacking Kubernetes. Patch Tuesday.
https://thecyberwire.com/newsletters/daily-briefing/12/7

T95 Allwinner T616 Malware Analysis - "Pre-owned" Android TV Device
https://www.reddit.com/r/netsec/comments/109f5cy/t95_allwinner_t616_malware_analysis_preowned/

Study shows attackers can use ChatGPT to significantly enhance phishing and BEC scams
https://www.csoonline.com/article/3685368/study-shows-attackers-can-use-chatgpt-to-significantly-enhance-phishing-and-bec-scams.html#tk.rss_all

Legitify supports scanning GitLab for security misconfigurations and best practices
https://www.reddit.com/r/netsec/comments/1093fxk/legitify_supports_scanning_gitlab_for_security/

Save 20% on a Tile Mate tracker
https://malware.news/t/save-20-on-a-tile-mate-tracker/66335#post_1

NetSPI acquires nVisium. Netskope raises $401 million in convertible notes. Executive moves.
https://thecyberwire.com/newsletters/business-briefing/5/2

Maternal &Family Health Services discloses ransomware attack months after discovery
https://www.malwarebytes.com/blog/news/2023/01/maternal-family-health-services-discloses-ransomware-attack-months-after-discovery

Alert: Hackers Actively Exploiting Critical "Control Web Panel" RCE Vulnerability
https://thehackernews.com/2023/01/alert-hackers-actively-exploiting.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 13/01/2023

Threat actors actively exploit Control Web Panel RCE following PoC release
https://securityaffairs.com/140698/hacking/web-panel-rce-exploitation.html

List of git commits before and after a security audit
https://www.reddit.com/r/netsec/comments/10aajbk/list_of_git_commits_before_and_after_a_security/

WhatsApp lawsuit against NSO Group greenlit by Supreme Court
https://www.malwarebytes.com/blog/news/2023/01/whatsapp-lawsuit-against-nso-group-greenlit-by-supreme-court-

Keeping the wolves out of wolfSSL (Protocol Fuzzing)
https://www.reddit.com/r/netsec/comments/10a94b9/keeping_the_wolves_out_of_wolfssl_protocol_fuzzing/

US and Japanese ministers meet to discuss cyber collaboration. US President Joe Biden speaks out about user data privacy. New bill focuses on energy cybersecurity research.
https://thecyberwire.com/newsletters/policy-briefing/5/8

Twitter Denies Hacking Claims, Assures Leaked User Data Not from its System
https://thehackernews.com/2023/01/twitter-denies-hacking-claims-assures.html

Trojanized VPN installers circulate in Iran. A trip down the static expressway. Hacktivism-for-profit. IT incidents disrupt NOTAMs and Royal Mail. HR phishbait.
https://thecyberwire.com/podcasts/daily-podcast/1738/notes

Prominent AI Philosopher and ‘Father’ of Longtermism Sent Very Racist Email to a 90s Philosophy Listserv
https://www.vice.com/en_us/article/z34dm3/prominent-ai-philosopher-and-father-of-longtermism-sent-very-racist-email-to-a-90s-philosophy-listserv

If you're looking for hackers, please contact me
https://0x00sec.org/t/if-youre-looking-for-hackers-please-contact-me/32920

BrandPost: How Financial Institutions Can SOAR to Success with Devo SOAR
https://www.csoonline.com/article/3685191/how-financial-institutions-can-soar-to-success-with-devo-soar.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 14/01/2023

How to use Open Source CloudQuery for Attack Surface Management and Graph Visualization for Cloud and AWS | CloudQuery
https://www.reddit.com/r/netsec/comments/10av9td/how_to_use_open_source_cloudquery_for_attack/

DUCKTAIL waddles back again.
https://thecyberwire.com/podcasts/research-saturday/264/notes

Cybercriminals Using Polyglot Files in Malware Distribution to Fly Under the Radar
https://thehackernews.com/2023/01/cybercriminals-using-polyglot-files-in.html

🚀 Announcing Matano + Suricata: Build your own Security Data Lake on AWS using Suricata Logs
https://www.reddit.com/r/netsec/comments/10ax24v/announcing_matano_suricata_build_your_own/

Android TV box on Amazon came pre-installed with malware
https://www.reddit.com/r/Malware/comments/10b05fd/android_tv_box_on_amazon_came_preinstalled_with/

TikTok Fined $5.4 Million by French Regulator for Violating Cookie Laws
https://thehackernews.com/2023/01/tiktok-fined-54-million-by-french.html

Clear communication is crucial: why writing effective vulnerability reports matters
https://www.reddit.com/r/netsec/comments/10avk6s/clear_communication_is_crucial_why_writing/

CircleCI incident report for January 4, 2023 security incident
https://www.reddit.com/r/netsec/comments/10b7jhw/circleci_incident_report_for_january_4_2023/

NortonLifeLock: threat actors breached Norton Password Manager accounts
https://securityaffairs.com/140772/data-breach/norton-password-manager-security-breach.html

CYBER: The Government Isn’t Coming for Your Gas Stoves
https://www.vice.com/en_us/article/m7gyb8/cyber-the-government-isnt-coming-for-your-gas-stoves


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 15/01/2023

e-Discovery Law and Lawyers in Fifty Years
https://malware.news/t/e-discovery-law-and-lawyers-in-fifty-years/66406#post_1

just got infected with vipersoftx and i dont know how
https://www.reddit.com/r/Malware/comments/10bo8sn/just_got_infected_with_vipersoftx_and_i_dont_know/

santa-linux: a proof of concept binary authorization system for linux, based on Google's Santa
https://www.reddit.com/r/netsec/comments/10bt2e1/santalinux_a_proof_of_concept_binary/

Mysql SOUNDEX function in Symfony with Doctrine
https://malware.news/t/mysql-soundex-function-in-symfony-with-doctrine/66405#post_1

Analysis of FG-IR-22-398 – FortiOS - heap-based buffer overflow in SSLVPNd
https://www.reddit.com/r/netsec/comments/10bzr8n/analysis_of_fgir22398_fortios_heapbased_buffer/

Impact of the CircleCI Security Incident on the Datadog Agent
https://www.reddit.com/r/netsec/comments/10bvjm4/impact_of_the_circleci_security_incident_on_the/

Most internet-exposed Cacti servers exposed to hacking
https://securityaffairs.com/140797/hacking/cacti-servers-cve-2022-46169-flaw.html

Is it possible to hack iCloud info for missing person (last known location of phone)
https://www.reddit.com/r/netsec/comments/10c5ps9/is_it_possible_to_hack_icloud_info_for_missing/

Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability
https://thehackernews.com/2023/01/cacti-servers-under-attack-as-majority.html

French CNIL fined Tiktok $5.4 Million for violating cookie laws
https://securityaffairs.com/140786/digital-id/cnil-fined-tiktok.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman