Top Security News for 13/01/2023

Threat actors actively exploit Control Web Panel RCE following PoC release
https://securityaffairs.com/140698/hacking/web-panel-rce-exploitation.html

List of git commits before and after a security audit
https://www.reddit.com/r/netsec/comments/10aajbk/list_of_git_commits_before_and_after_a_security/

WhatsApp lawsuit against NSO Group greenlit by Supreme Court
https://www.malwarebytes.com/blog/news/2023/01/whatsapp-lawsuit-against-nso-group-greenlit-by-supreme-court-

Keeping the wolves out of wolfSSL (Protocol Fuzzing)
https://www.reddit.com/r/netsec/comments/10a94b9/keeping_the_wolves_out_of_wolfssl_protocol_fuzzing/

US and Japanese ministers meet to discuss cyber collaboration. US President Joe Biden speaks out about user data privacy. New bill focuses on energy cybersecurity research.
https://thecyberwire.com/newsletters/policy-briefing/5/8

Twitter Denies Hacking Claims, Assures Leaked User Data Not from its System
https://thehackernews.com/2023/01/twitter-denies-hacking-claims-assures.html

Trojanized VPN installers circulate in Iran. A trip down the static expressway. Hacktivism-for-profit. IT incidents disrupt NOTAMs and Royal Mail. HR phishbait.
https://thecyberwire.com/podcasts/daily-podcast/1738/notes

Prominent AI Philosopher and ‘Father’ of Longtermism Sent Very Racist Email to a 90s Philosophy Listserv
https://www.vice.com/en_us/article/z34dm3/prominent-ai-philosopher-and-father-of-longtermism-sent-very-racist-email-to-a-90s-philosophy-listserv

If you're looking for hackers, please contact me
https://0x00sec.org/t/if-youre-looking-for-hackers-please-contact-me/32920

BrandPost: How Financial Institutions Can SOAR to Success with Devo SOAR
https://www.csoonline.com/article/3685191/how-financial-institutions-can-soar-to-success-with-devo-soar.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 14/01/2023

How to use Open Source CloudQuery for Attack Surface Management and Graph Visualization for Cloud and AWS | CloudQuery
https://www.reddit.com/r/netsec/comments/10av9td/how_to_use_open_source_cloudquery_for_attack/

DUCKTAIL waddles back again.
https://thecyberwire.com/podcasts/research-saturday/264/notes

Cybercriminals Using Polyglot Files in Malware Distribution to Fly Under the Radar
https://thehackernews.com/2023/01/cybercriminals-using-polyglot-files-in.html

🚀 Announcing Matano + Suricata: Build your own Security Data Lake on AWS using Suricata Logs
https://www.reddit.com/r/netsec/comments/10ax24v/announcing_matano_suricata_build_your_own/

Android TV box on Amazon came pre-installed with malware
https://www.reddit.com/r/Malware/comments/10b05fd/android_tv_box_on_amazon_came_preinstalled_with/

TikTok Fined $5.4 Million by French Regulator for Violating Cookie Laws
https://thehackernews.com/2023/01/tiktok-fined-54-million-by-french.html

Clear communication is crucial: why writing effective vulnerability reports matters
https://www.reddit.com/r/netsec/comments/10avk6s/clear_communication_is_crucial_why_writing/

CircleCI incident report for January 4, 2023 security incident
https://www.reddit.com/r/netsec/comments/10b7jhw/circleci_incident_report_for_january_4_2023/

NortonLifeLock: threat actors breached Norton Password Manager accounts
https://securityaffairs.com/140772/data-breach/norton-password-manager-security-breach.html

CYBER: The Government Isn’t Coming for Your Gas Stoves
https://www.vice.com/en_us/article/m7gyb8/cyber-the-government-isnt-coming-for-your-gas-stoves


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 15/01/2023

e-Discovery Law and Lawyers in Fifty Years
https://malware.news/t/e-discovery-law-and-lawyers-in-fifty-years/66406#post_1

just got infected with vipersoftx and i dont know how
https://www.reddit.com/r/Malware/comments/10bo8sn/just_got_infected_with_vipersoftx_and_i_dont_know/

santa-linux: a proof of concept binary authorization system for linux, based on Google's Santa
https://www.reddit.com/r/netsec/comments/10bt2e1/santalinux_a_proof_of_concept_binary/

Mysql SOUNDEX function in Symfony with Doctrine
https://malware.news/t/mysql-soundex-function-in-symfony-with-doctrine/66405#post_1

Analysis of FG-IR-22-398 – FortiOS - heap-based buffer overflow in SSLVPNd
https://www.reddit.com/r/netsec/comments/10bzr8n/analysis_of_fgir22398_fortios_heapbased_buffer/

Impact of the CircleCI Security Incident on the Datadog Agent
https://www.reddit.com/r/netsec/comments/10bvjm4/impact_of_the_circleci_security_incident_on_the/

Most internet-exposed Cacti servers exposed to hacking
https://securityaffairs.com/140797/hacking/cacti-servers-cve-2022-46169-flaw.html

Is it possible to hack iCloud info for missing person (last known location of phone)
https://www.reddit.com/r/netsec/comments/10c5ps9/is_it_possible_to_hack_icloud_info_for_missing/

Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability
https://thehackernews.com/2023/01/cacti-servers-under-attack-as-majority.html

French CNIL fined Tiktok $5.4 Million for violating cookie laws
https://securityaffairs.com/140786/digital-id/cnil-fined-tiktok.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 16/01/2023

Monitoring of operating system versions in Google Workspace
https://malware.news/t/monitoring-of-operating-system-versions-in-google-workspace/66410#post_1

Timely patching is good, but sometimes it's not enough
https://www.malwarebytes.com/blog/news/2023/01/timely-patching-is-good-but-does-not-provide-full-ransomware-protection

Gene Fay: Lead from the front. [CEO]
https://thecyberwire.com/podcasts/career-notes/132/notes

Ransomware Diaries: Undercover with the Leader of Lockbit
https://malware.news/t/ransomware-diaries-undercover-with-the-leader-of-lockbit/66417#post_1

AI Can Write Malware Now. Are We Doomed?
https://malware.news/t/ai-can-write-malware-now-are-we-doomed/66411#post_1

ISC Stormcast For Monday, January 16th, 2023 https://isc.sans.edu/podcastdetail.html?id=8326, (Mon, Jan 16th)
https://isc.sans.edu/diary/rss/29436

Timely patching is good, but sometimes it's not enough
https://malware.news/t/timely-patching-is-good-but-sometimes-its-not-enough/66413#post_1

Ransomware has now become a problem for everyone, and not just tech
https://malware.news/t/ransomware-has-now-become-a-problem-for-everyone-and-not-just-tech/66412#post_1

ISC Stormcast For Monday, January 16th, 2023 https://isc.sans.edu/podcastdetail.html?id=8326, (Mon, Jan 16th)
https://malware.news/t/isc-stormcast-for-monday-january-16th-2023-https-isc-sans-edu-podcastdetail-html-id-8326-mon-jan-16th/66416#post_1

Wi-Fi Geolocation, Then and Now
https://malware.news/t/wi-fi-geolocation-then-and-now/66415#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 17/01/2023

Accountant ordered to pay ex-employer after bossware shows "time theft"
https://www.malwarebytes.com/blog/news/2023/01/accountant-ordered-to-pay-ex-employer-after-bossware-shows-time-theft

T95 Android TV Box sold on Amazon hides sophisticated malware
https://securityaffairs.com/140866/security/t95-android-tv-box-malware.html

Fighting technology's gender gap with TracketPacer: Lock and Code S04E02
https://www.malwarebytes.com/blog/podcast/2023/01/fighting-technologys-gender-gap-with-tracketpacer

[CVE-2023-0179] Linux kernel stack buffer overflow in nftables: PoC and writeup
https://www.reddit.com/r/netsec/comments/10d98w1/cve20230179_linux_kernel_stack_buffer_overflow_in/

New Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild
https://thehackernews.com/2023/01/new-backdoor-created-using-leaked-cias.html

ISC Stormcast For Tuesday, January 17th, 2023 https://isc.sans.edu/podcastdetail.html?id=8328, (Tue, Jan 17th)
https://isc.sans.edu/diary/rss/29440

Unauthenticated Configuration Export in Multiple WAGO Products
https://www.reddit.com/r/netsec/comments/10dblrc/unauthenticated_configuration_export_in_multiple/

Avast researchers released a free BianLian ransomware decryptor for some variants of the malware
https://securityaffairs.com/140892/malware/free-bianlian-ransomware-decryptor.html

"Untraceable" surveillance firm sued for scraping Facebook and Instagram data
https://www.malwarebytes.com/blog/news/2023/01/untraceable-surveillance-firm-sued-for-scraping-facebook-and-instagram-data

The misadventures of SPF: Delivering SPF authenticated emails on behalf of the Ukrainian MoD, MIT and 1000+ others.
https://www.reddit.com/r/netsec/comments/10e4rk9/the_misadventures_of_spf_delivering_spf/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 18/01/2023

Web skimmer found on website of Liquor Control Board of Ontario
https://www.malwarebytes.com/blog/news/2023/01/web-skimmer-found-on-website-of-liquor-control-board-of-ontario

Introducing RPC Investigator
https://www.reddit.com/r/netsec/comments/10ed95w/introducing_rpc_investigator/

4 Places to Supercharge Your SOC with Automation
https://thehackernews.com/2023/01/4-places-to-supercharge-your-soc-with.html

Thousands of Norton LifeLock accounts compromised. Hacktivists spill Cellebrite data. ODIN Intelligence website defaced.
https://thecyberwire.com/newsletters/privacy-briefing/5/10

NEW OUTFITS FOR HACKER BABIES ANNOUNCED
https://www.2600.com/content/new-outfits-hacker-babies-announced

Artists Are Suing Over Stable Diffusion Stealing Their Work for AI Art
https://www.vice.com/en_us/article/dy7b5y/artists-are-suing-over-stable-diffusion-stealing-their-work-for-ai-art

US Maritime Administrator to study port crane cybersecurity concerns
https://www.csoonline.com/article/3685378/us-maritime-administrator-to-study-port-crane-cybersecurity-concerns.html#tk.rss_all

2023-01-16 - Google ad --> Fake 7-Zip page --> Malicious .msi file
https://malware.news/t/2023-01-16-google-ad-fake-7-zip-page-malicious-msi-file/66471#post_1

2023-01-12 - IcedID (Bokbot) infection with Cobalt Strike
https://malware.news/t/2023-01-12-icedid-bokbot-infection-with-cobalt-strike/66472#post_1

Hackers Can Abuse Legitimate GitHub Codespaces Feature to Deliver Malware
https://thehackernews.com/2023/01/hackers-can-abuse-legitimate-github.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 19/01/2023

ISC StormCast for Thursday, January 19th, 2023
https://isc.sans.edu/podcastdetail.html?id=8332

Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers
https://thehackernews.com/2023/01/critical-security-vulnerabilities.html

What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks
https://securelist.com/corporate-threat-predictions-2023/108456/

ISC Stormcast For Thursday, January 19th, 2023 https://isc.sans.edu/podcastdetail.html?id=8332, (Thu, Jan 19th)
https://isc.sans.edu/diary/rss/29450

Trustwave relaunches Advanced Continual Threat Hunting with human-led methodology
https://www.csoonline.com/article/3685575/trustwave-relaunches-advanced-continual-threat-hunting-with-human-led-methodology.html#tk.rss_all

What is Business Attack Surface Management?
https://malware.news/t/what-is-business-attack-surface-management/66505#post_1

Chinese cyberespionage against Iran. Threats to industrial systems. CISA updates. Notes on the hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/12/11

NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/18-01-2023

Perception Point launches Advanced Threat Protection for Zendesk
https://www.csoonline.com/article/3685383/perception-point-launches-advanced-threat-protection-for-zendesk.html#tk.rss_all

Experts found SSRF flaws in four different Microsoft Azure services
https://securityaffairs.com/140947/hacking/microsoft-azure-services-ssrf-flaws.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 20/01/2023

Criminal-on-criminal action in the dark web. The cyber phases of the hybrid war heat up. ICS vulnerabilities. Codespaces and malware servers. Blank-image attacks. Social engineering.
https://thecyberwire.com/podcasts/daily-podcast/1742/notes

People, Process and Technology: The Incident Response Trifecta
https://securityintelligence.com/articles/incident-response-trifecta/

Ukraine at D+329: Disinformation and cyber in combined arms.
https://thecyberwire.com/stories/04a3c88d22544c0ea383e1b5adcbba78/ukraine-at-d329

Privacy experts raise their voices about the dangers of voice-assisted tech. MailChimp swiftly responds to data breach.
https://thecyberwire.com/newsletters/privacy-briefing/5/12

Synthetic Media Creates New Social Engineering Threats
https://securityintelligence.com/articles/synthetic-media-new-social-engineering-threats/

TLS Connection Cryptographic Protocol Vulnerabilities
https://malware.news/t/tls-connection-cryptographic-protocol-vulnerabilities/66550#post_1

New Chinese Malware Spotted Exploiting Recent Fortinet Firewall Vulnerability
https://thehackernews.com/2023/01/new-chinese-malware-spotted-exploiting.html

SeeProxy: Golang reverse proxy with CobaltStrike malleable profile validation.
https://www.reddit.com/r/netsec/comments/10g06ki/seeproxy_golang_reverse_proxy_with_cobaltstrike/

How CISOs can manage the cybersecurity of high-level executives
https://www.csoonline.com/article/3685415/how-cisos-can-manage-the-security-of-high-level-executives.html#tk.rss_all

Privacy legislation revisions in Australia and India. Recent actions in data handling regulation in the EU. US HHS issues healthcare cybersecurity guidance.
https://thecyberwire.com/newsletters/policy-briefing/5/12


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 21/01/2023

How Much is the U.S. Investing in Cyber (And is it Enough)?
https://securityintelligence.com/articles/how-much-is-us-investing-in-cyber/

Ransomware money laundering operation disrupted, founder arrested
https://www.malwarebytes.com/blog/news/2023/01/bitzlato-ransomware-laundry-operation-sees-founder-arrested

Vijilan - Managed service Providers (msp)
https://www.reddit.com/r/netsec/comments/10h71z4/vijilan_managed_service_providers_msp/

Paul Martini from iboss discusses their survey about Zero Trust cybersecurity.
https://thecyberwire.com/podcasts/interview-selects/143/notes

Mailchimp breach feels like deja vu
https://malware.news/t/mailchimp-breach-feels-like-deja-vu/66571#post_1

Orca describes, Microsoft fixes, four Azure SSRF issues. DNV recovering from ransomware. T-Mobile discloses a data breach. Cyberattack hits Nunavut utility.
https://thecyberwire.com/newsletters/week-that-was/7/3

Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers' DNS Settings
https://thehackernews.com/2023/01/roaming-mantis-spreading-mobile-malware.html

Russia Needs to Learn to Lose Like America
https://www.vice.com/en_us/article/qjkq9w/russia-needs-to-learn-to-lose-like-america

NIST to rework its cybersecurity guidelines. NSA updates its internet protocol guidance. CRA violations could mean steep fines.
https://thecyberwire.com/newsletters/policy-briefing/5/13

T-Mobile suffered a new data breach, 37 million accounts have been compromised
https://securityaffairs.com/141086/data-breach/t-mobile-data-breach-5.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 31/01/2023

Attack Cases of CoinMiners Mining Ethereum Classic Coins
https://malware.news/t/attack-cases-of-coinminers-mining-ethereum-classic-coins/66796#post_1

Economic headwinds could deepen the cybersecurity skills shortage
https://www.csoonline.com/article/3686470/economic-headwinds-could-deepen-the-cybersecurity-skills-shortage.html#tk.rss_all

A private moment, caught by a Roomba, ended up on Facebook. Eileen Guo explains how: Lock and Code S04E03
https://www.malwarebytes.com/blog/podcast/2023/01/a-private-moment-caught-by-a-roomba-ended-up-on-facebook-lock-and-code-s04e03

0x00sec new chat feature!
https://0x00sec.org/t/0x00sec-new-chat-feature/33230

Update your LearnPress plugins now!
https://www.malwarebytes.com/blog/news/2023/01/update-your-learnpress-plugins-now

ASEC Weekly Phishing Email Threat Trends (January 15th, 2023 – January 21st, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-january-15th-2023-january-21st-2023/66798#post_1

Soft Skills: Writing
https://malware.news/t/soft-skills-writing/66794#post_1

How the Silk Road Affair Changed Law Enforcement
https://securityintelligence.com/articles/silk-road-dark-web-law-enforcement/

This paper reinforces the belief that RSA isn't going to fall to Shor's Algorithm anytime soon
https://www.reddit.com/r/netsec/comments/10msabt/this_paper_reinforces_the_belief_that_rsa_isnt/

Researcher received a $27,000 bounty for 2FA bypass bug in Facebook and Instagram
https://securityaffairs.com/141571/social-networks/facebook-instagram-bug.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 01/02/2023

Guardz debuts with cybersecurity-as-a-service for small businesses
https://www.csoonline.com/article/3686534/guardz-debuts-with-cybersecurity-as-a-service-for-small-businesses.html#tk.rss_all

ISC Stormcast For Wednesday, February 1st, 2023 https://isc.sans.edu/podcastdetail.html?id=8350, (Wed, Feb 1st)
https://malware.news/t/isc-stormcast-for-wednesday-february-1st-2023-https-isc-sans-edu-podcastdetail-html-id-8350-wed-feb-1st/66829#post_1

Threat actors abuse Microsoft’s “verified publisher” status to exploit OAuth privileges
https://www.csoonline.com/article/3686573/threat-actors-abuse-microsoft-s-verified-publisher-status-to-exploit-oauth-privileges.html#tk.rss_all

Google sponsored ads malvertising targets password manager
https://www.malwarebytes.com/blog/threat-intelligence/2023/01/google-sponsored-ads-malvertising-targets-password-manager

2023-01-31 - BB12 Qakbot (Qbot) with Cobalt Strike and VNC traffi
https://malware.news/t/2023-01-31-bb12-qakbot-qbot-with-cobalt-strike-and-vnc-traffi/66828#post_1

Free sources for really deep dives
https://www.reddit.com/r/Malware/comments/10qmeq1/free_sources_for_really_deep_dives/

Learning CodeQL - Going Beyond Grep
https://www.reddit.com/r/netsec/comments/10pydgb/learning_codeql_going_beyond_grep/

The Good, Bad and Compromisable Aspects of Linux eBPF
https://www.reddit.com/r/netsec/comments/10pxh6w/the_good_bad_and_compromisable_aspects_of_linux/

Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Breach Corporate Email Accounts
https://thehackernews.com/2023/02/hackers-abused-microsofts-verified.html

FTC rules against Chegg in data breach case. Three third-party health data breaches. Bugs in OpenEMR. UK’s IPT says MI5 mishandled personal data.
https://thecyberwire.com/newsletters/privacy-briefing/5/20


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 02/02/2023

Safely and securely moving to the cloud.
https://thecyberwire.com/podcasts/caveat/159/notes

Rotating Packet Captures with pfSense, (Wed, Feb 1st)
https://isc.sans.edu/diary/rss/29500

New Prilex PoS Malware evolves to target NFC-enabled credit cards
https://securityaffairs.com/141686/malware/prilex-pos-malware-nfc-enabled-credit-cards.html

Vista Equity Partners acquires KnowBe4. Saviynt raises $205 million in growth funding. The cyber labor market continues to see dark days.
https://thecyberwire.com/newsletters/business-briefing/5/5

Up to 10 million people potentially impacted by JD Sports breach
https://www.malwarebytes.com/blog/news/2023/02/up-to-10-million-people-potentially-impacted-by-jd-sports-breach

Research Exposes Azure Serverless Security Blind Spots
https://malware.news/t/research-exposes-azure-serverless-security-blind-spots/66858#post_1

Cmd Malware
https://www.reddit.com/r/Malware/comments/10rf9yy/cmd_malware/

A war on commerce.
https://thecyberwire.com/podcasts/hacking-humans/230/notes

ISC Stormcast For Thursday, February 2nd, 2023 https://isc.sans.edu/podcastdetail.html?id=8352, (Thu, Feb 2nd)
https://malware.news/t/isc-stormcast-for-thursday-february-2nd-2023-https-isc-sans-edu-podcastdetail-html-id-8352-thu-feb-2nd/66857#post_1

Experts Warn of 'Ice Breaker' Cyberattacks Targeting Gaming and Gambling Industry
https://thehackernews.com/2023/02/experts-warn-of-ice-breaker.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 03/02/2023

Ransomware in December 2022
https://www.malwarebytes.com/blog/threat-intelligence/2023/02/ransomware-in-december-2022

Cybersecurity and privacy tips you can teach your 5+-year-old
https://www.malwarebytes.com/blog/news/2023/02/cybersecurity-and-privacy-tips-you-can-teach-your-5-year-old

Discovering Six Critical Docker Desktop Privilege Escalation Vulnerabilities. (Bonus: New OSS Tool!)
https://www.reddit.com/r/netsec/comments/10rylf9/discovering_six_critical_docker_desktop_privilege/

Adobe Acrobat Reader - resetForm - CAgg UaF - RCE Exploit - CVE-2023-21608
https://www.reddit.com/r/netsec/comments/10s95yz/adobe_acrobat_reader_resetform_cagg_uaf_rce/

Cisco fixes vulnerabilities in ICS appliances. NIST’s anti-phishing guidelines. OneNote exploitation. HeadCrab malware. Recent actions by Russian threat actors. Trends in state-directed cyber ops.
https://thecyberwire.com/podcasts/daily-podcast/1752/notes

EMBA - Automated firmware security scanner v1.2.1 released
https://www.reddit.com/r/netsec/comments/10rrlm0/emba_automated_firmware_security_scanner_v121/

Remote code execution exploit chain available for VMware vRealize Log Insight
https://www.csoonline.com/article/3687171/remote-code-execution-exploit-chain-available-for-vmware-vrealize-log-insight.html#tk.rss_all

ISC Stormcast For Friday, February 3rd, 2023 https://isc.sans.edu/podcastdetail.html?id=8354, (Fri, Feb 3rd)
https://malware.news/t/isc-stormcast-for-friday-february-3rd-2023-https-isc-sans-edu-podcastdetail-html-id-8354-fri-feb-3rd/66893#post_1

TC39 proposal for mitigating prototype pollution
https://www.reddit.com/r/netsec/comments/10s6730/tc39_proposal_for_mitigating_prototype_pollution/

New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products
https://thehackernews.com/2023/02/new-high-severity-vulnerabilities.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 08/02/2023

Redistribution of Magniber Ransomware in Korea (January 28th)
https://malware.news/t/redistribution-of-magniber-ransomware-in-korea-january-28th/67002#post_1

Tackling the New Cyber Insurance Requirements: Can Your Organization Comply?
https://thehackernews.com/2023/02/tackling-new-cyber-insurance.html

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/07-02-2023

How to Spot a Nefarious Cryptocurrency Platform
https://securityintelligence.com/articles/how-to-spot-nefarious-crypto-platform/

How to get data from the website
https://0x00sec.org/t/how-to-get-data-from-the-website/33367

New Linux variant of Clop Ransomware uses a flawed encryption algorithm
https://securityaffairs.com/141932/cyber-crime/clop-ransomware-linux-variant.html

Quad Partners' cyber challenge. Federal Cyber R&D Strategic Plan RFI. CISA supports victims of ESXiArgs ransomware. Pakistan unblocks Wikipedia.
https://thecyberwire.com/newsletters/policy-briefing/5/25

Quasar RAT Being Distributed by Private HTS Program
https://malware.news/t/quasar-rat-being-distributed-by-private-hts-program/67001#post_1

Conservatives Are Obsessed With Getting ChatGPT to Say the N-Word
https://www.vice.com/en_us/article/wxnv59/conservatives-are-obsessed-with-getting-chatgpt-to-say-the-n-word

Post-Exploitation: Abusing the KeePass Plugin Cache
https://www.reddit.com/r/netsec/comments/10w944g/postexploitation_abusing_the_keepass_plugin_cache/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 09/02/2023

ISC Stormcast For Thursday, February 9th, 2023 https://isc.sans.edu/podcastdetail.html?id=8362, (Thu, Feb 9th)
https://isc.sans.edu/diary/rss/29532

ISC Stormcast For Thursday, February 9th, 2023 https://isc.sans.edu/podcastdetail.html?id=8362, (Thu, Feb 9th)
https://malware.news/t/isc-stormcast-for-thursday-february-9th-2023-https-isc-sans-edu-podcastdetail-html-id-8362-thu-feb-9th/67041#post_1

Ransomware review: February 2023
https://malware.news/t/ransomware-review-february-2023/67039#post_1

Dota 2 Under Attack: How a V8 Bug Was Exploited in the Game
https://www.reddit.com/r/netsec/comments/10wsv0n/dota_2_under_attack_how_a_v8_bug_was_exploited_in/

Growing number of endpoint security tools overwhelm users, leaving devices unprotected
https://www.csoonline.com/article/3687140/growing-number-of-endpoint-security-tools-overwhelm-users-leaving-devices-unprotected.html#tk.rss_all

OpenSSH Pre-Auth Double Free - CVE-2023-25136 - Writeup and Proof-of-Concept
https://www.reddit.com/r/netsec/comments/10x5fag/openssh_preauth_double_free_cve202325136_writeup/

NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/08-02-2023

Cohesity Data Cloud 7.0 enhances privileged access authentication, ransomware recovery
https://www.csoonline.com/article/3687179/cohesity-data-cloud-70-enhances-privileged-access-authentication-ransomware-recovery.html#tk.rss_all

Solving one of NOBELIUM’s most novel attacks: Cyberattack Series
https://www.microsoft.com/en-us/security/blog/2023/02/08/solving-one-of-nobeliums-most-novel-attacks-cyberattack-series/

CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks
https://thehackernews.com/2023/02/cert-ua-alerts-ukrainian-state.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 10/02/2023

Hackers Are Selling A Service That Bypasses ChatGPT Restrictions On Malware
https://packetstormsecurity.com/news/view/34300/Hackers-Are-Selling-A-Service-That-Bypasses-ChatGPT-Restrictions-On-Malware.html

ISC Stormcast For Friday, February 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8364, (Fri, Feb 10th)
https://malware.news/t/isc-stormcast-for-friday-february-10th-2023-https-isc-sans-edu-podcastdetail-html-id-8364-fri-feb-10th/67082#post_1

Neo4jection: Secrets, Data, and Cloud Exploits - Attacking Neo4j
https://www.reddit.com/r/netsec/comments/10xwr98/neo4jection_secrets_data_and_cloud_exploits/

After the war in Ukraine: Cyber revanchism.
https://thecyberwire.com/stories/f9543307f1f14165a966baae3be4db26/after-the-war-in-ukraine-cyber-revanchism

VMware ESXi server ransomware evolves, after recovery script released
https://www.networkworld.com/article/3687610/vmware-esxi-server-ransomware-evolves-after-recovery-script-released.html#tk.rss_all

“Permanently” Bricking Computers and Other Supply Chain Issues
https://malware.news/t/permanently-bricking-computers-and-other-supply-chain-issues/67080#post_1

[SANS ISC] A Backdoor with Smart Screenshot Capability
https://blog.rootshell.be/2023/02/09/sans-isc-a-backdoor-with-smart-screenshot-capabilitysans-isc/

What is a Pentester, and Can They Prevent Data Breaches?
https://securityintelligence.com/articles/what-is-a-pentester/

Widespread ransomware operation infests thousands. British hospital trust accidentally leaks staff data.
https://thecyberwire.com/podcasts/privacy-briefing/763/notes

ISC StormCast for Friday, February 10th, 2023
https://isc.sans.edu/podcastdetail.html?id=8364


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 10/02/2023

Android mobile devices from top vendors in China have pre-installed malware
https://securityaffairs.com/141989/malware/android-mobile-devices-china-malware.html

How to unleash the power of an effective security engineering team
https://www.csoonline.com/article/3687180/how-to-unleash-the-power-of-an-effective-security-engineering-team.html#tk.rss_all

What is a Pentester, and Can They Prevent Data Breaches?
https://securityintelligence.com/articles/what-is-a-pentester/

secpat2gf: convert secret patterns to gf compatible.
https://www.reddit.com/r/netsec/comments/10yfi1o/secpat2gf_convert_secret_patterns_to_gf_compatible/

U.S., Britain Impose Sanctions On Russia's Trickbot Hacking Gang
https://packetstormsecurity.com/news/view/34301/U.S.-Britain-Impose-Sanctions-On-Russias-Trickbot-Hacking-Gang.html

We had a security incident. Here’s what we know.
https://www.reddit.com/r/netsec/comments/10y59q2/we_had_a_security_incident_heres_what_we_know/

2022 in Cybersecurity
https://malware.news/t/2022-in-cybersecurity/67083#post_1

[SANS ISC] A Backdoor with Smart Screenshot Capability
https://blog.rootshell.be/2023/02/09/sans-isc-a-backdoor-with-smart-screenshot-capabilitysans-isc/

Introducing Malwarebytes Application Block: How to block unauthorized software from executing on Windows endpoints
https://www.malwarebytes.com/blog/business/2023/02/introducing-malwarebytes-application-block-how-to-block-unauthorized-software-from-executing-on-windows-endpoints

OpenSSL Fixes Multiple New Security Flaws with Latest Update
https://thehackernews.com/2023/02/openssl-fixes-multiple-new-security.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 11/02/2023

DPRK fund malicious cyber activities with ransomware attacks on critical Infrastructure
https://securityaffairs.com/142090/breaking-news/north-korea-hackers-ransomware.html

Reddit discloses security breach that exposed source code and internal docs
https://securityaffairs.com/142071/data-breach/reddit-security-breach.html

FireFly : an advanced black-box fuzzer and not just a standard asset discovery tool
https://www.reddit.com/r/netsec/comments/10z2wpa/firefly_an_advanced_blackbox_fuzzer_and_not_just/

$800,000 recovered from Business Email Compromise attack
https://www.malwarebytes.com/blog/news/2023/02/800k-recovered-from-business-email-compromise-attack

Reddit breached, here's what you need to know
https://www.malwarebytes.com/blog/news/2023/02/reddit-systems-compromised-by-phish-attack.-heres-what-you-need-to-do-next

Ransomware attack hit the City of Oakland
https://securityaffairs.com/142110/cyber-crime/city-of-oakland-ransomware-attack.html

Researchers Uncover Obfuscated Malicious Code in PyPI Python Packages
https://thehackernews.com/2023/02/researchers-uncover-obfuscated.html

U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks
https://thehackernews.com/2023/02/uk-and-us-sanction-7-russians-for.html

Find Writable Shares with Python.
https://www.reddit.com/r/netsec/comments/10yrr2f/find_writable_shares_with_python/

US, RoK agencies outline DPRK ransomware. Reddit breached. ICS and IIoT issues. It’s almost Valentine’s Day. Have you noticed? (The hoods have.)
https://thecyberwire.com/podcasts/daily-podcast/1758/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 12/02/2023

Clop ransomware claims the hack of 130 orgs using GoAnywhere MFT flaw
https://securityaffairs.com/142130/cyber-crime/clop-ransomware-goanywhere-mft.html

Four Generations of Predictive Coding Software, the Background and History of Predictive Coding
https://malware.news/t/four-generations-of-predictive-coding-software-the-background-and-history-of-predictive-coding/67114#post_1

CISA adds Fortra MFT, TerraMaster NAS, Intel driver Flaws, to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.com/142115/hacking/mft-terramaster-intel-driver-flaws-to-its-known-exploited-vulnerabilities-catalog.html

Second Grader Version by Chat GPT of the Blog Earlier Today “Four Generations of Predictive Coding Software, from 2009 to Today”
https://malware.news/t/second-grader-version-by-chat-gpt-of-the-blog-earlier-today-four-generations-of-predictive-coding-software-from-2009-to-today/67116#post_1

New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool
https://thehackernews.com/2023/02/new-esxiargs-ransomware-variant-emerges.html

ESXiArgs Ransomware Analysis with @fwosar
https://malware.news/t/esxiargs-ransomware-analysis-with-fwosar/67115#post_1

PCAP Data Analysis with Zeek, (Sun, Feb 12th)
https://malware.news/t/pcap-data-analysis-with-zeek-sun-feb-12th/67117#post_1

Understanding auditd logs for threat hunting
https://www.reddit.com/r/netsec/comments/10zfc1s/understanding_auditd_logs_for_threat_hunting/

Jaden Dicks: It is never too early to start. [CyberVista intern]
https://thecyberwire.com/podcasts/career-notes/136/notes

GitHub - dwisiswant0/gfx: A wrapper around grep, to help you grep for things! - Improved version of gf by @tomnomnom.
https://www.reddit.com/r/netsec/comments/10zn48n/github_dwisiswant0gfx_a_wrapper_around_grep_to/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 13/02/2023

Security Affairs newsletter Round 406 by Pierluigi Paganini
https://securityaffairs.com/142136/breaking-news/security-affairs-newsletter-round-406-by-pierluigi-paganini.html

Russian Government evaluates the immunity to hackers acting in the interests of Russia
https://securityaffairs.com/142139/cyber-warfare-2/russian-government-crooks-immunity.html

Hacktivists hacked Iranian State TV during President’s speech on Revolution Day
https://securityaffairs.com/142172/hacktivism/iranian-state-tv-hacked.html

Prior research on cybersecurity first principles.
https://thecyberwire.com/podcasts/cso-perspectives/99/notes

AsyncRAT Being Distributed as Windows Help File (*.chm)
https://malware.news/t/asyncrat-being-distributed-as-windows-help-file-chm/67121#post_1

HWSyscalls is a new method to execute indirect syscalls using hardware breakpoints, HalosGate and a synthetic trampoline on kernel32 with hardware breakpoints.
https://www.reddit.com/r/netsec/comments/110jego/hwsyscalls_is_a_new_method_to_execute_indirect/

ASEC Weekly Phishing Email Threat Trends (January 29th, 2023 – February 4th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-january-29th-2023-february-4th-2023/67119#post_1

Prior research on cybersecurity first principles.
https://thecyberwire.com/stories/4c2978fc087f48df955f19f71c7c18de/prior-research-on-cybersecurity-first-principles

Hackers Targeting U.S. and German Firms Monitor Victims' Desktops with Screenshotter
https://thehackernews.com/2023/02/hackers-targeting-us-and-german-firms.html

ClamAV on Linux Systems
https://www.reddit.com/r/netsec/comments/110xwut/clamav_on_linux_systems/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 14/02/2023

PLC vulnerabilities can enable deep lateral movement inside OT networks
https://www.csoonline.com/article/3687991/plc-vulnerabilities-can-enable-deep-lateral-movement-inside-ot-networks.html#tk.rss_all

Verified Security Test: Malicious File vs EDR
https://www.reddit.com/r/netsec/comments/111cm2y/verified_security_test_malicious_file_vs_edr/

Apple fixes the first zero-day in iPhones and Macs this year
https://securityaffairs.com/142200/hacking/apple-zero-day-iphones-macs.html

Consent to gather data is a "misguided" solution, study reveals
https://www.malwarebytes.com/blog/news/2023/02/consent-to-gather-data-is-a-misguided-solution-study-reveals

Artificial Intelligence Allows Three Ages of Ralph to Promote His Next Two Blogs on the Connection Between Plato’s Cave and E-Discovery
https://malware.news/t/artificial-intelligence-allows-three-ages-of-ralph-to-promote-his-next-two-blogs-on-the-connection-between-plato-s-cave-and-e-discovery/67161#post_1

Training and CTFs
https://malware.news/t/training-and-ctfs/67159#post_1

Plan now to avoid a communications failure after a cyberattack
https://www.csoonline.com/article/3687808/the-role-of-cisos-in-the-communication-response-following-an-incident.html#tk.rss_all

ChatGPT (noun)
https://thecyberwire.com/podcasts/word-notes/135/notes

Apple Patches Exploited Vulnerability, (Mon, Feb 13th)
https://isc.sans.edu/diary/rss/29544

Jailbreaking ChatGPT and other large language models while we can
https://www.malwarebytes.com/blog/news/2023/02/jailbreaking-large-language-models-like-chatgp-while-we-still-can


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman