Top Security News for 17/01/2023
Accountant ordered to pay ex-employer after bossware shows "time theft"
https://www.malwarebytes.com/blog/news/2023/01/accountant-ordered-to-pay-ex-employer-after-bossware-shows-time-theft
T95 Android TV Box sold on Amazon hides sophisticated malware
https://securityaffairs.com/140866/security/t95-android-tv-box-malware.html
Fighting technology's gender gap with TracketPacer: Lock and Code S04E02
https://www.malwarebytes.com/blog/podcast/2023/01/fighting-technologys-gender-gap-with-tracketpacer
[CVE-2023-0179] Linux kernel stack buffer overflow in nftables: PoC and writeup
https://www.reddit.com/r/netsec/comments/10d98w1/cve20230179_linux_kernel_stack_buffer_overflow_in/
New Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild
https://thehackernews.com/2023/01/new-backdoor-created-using-leaked-cias.html
ISC Stormcast For Tuesday, January 17th, 2023 https://isc.sans.edu/podcastdetail.html?id=8328, (Tue, Jan 17th)
https://isc.sans.edu/diary/rss/29440
Unauthenticated Configuration Export in Multiple WAGO Products
https://www.reddit.com/r/netsec/comments/10dblrc/unauthenticated_configuration_export_in_multiple/
Avast researchers released a free BianLian ransomware decryptor for some variants of the malware
https://securityaffairs.com/140892/malware/free-bianlian-ransomware-decryptor.html
"Untraceable" surveillance firm sued for scraping Facebook and Instagram data
https://www.malwarebytes.com/blog/news/2023/01/untraceable-surveillance-firm-sued-for-scraping-facebook-and-instagram-data
The misadventures of SPF: Delivering SPF authenticated emails on behalf of the Ukrainian MoD, MIT and 1000+ others.
https://www.reddit.com/r/netsec/comments/10e4rk9/the_misadventures_of_spf_delivering_spf/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Accountant ordered to pay ex-employer after bossware shows "time theft"
https://www.malwarebytes.com/blog/news/2023/01/accountant-ordered-to-pay-ex-employer-after-bossware-shows-time-theft
T95 Android TV Box sold on Amazon hides sophisticated malware
https://securityaffairs.com/140866/security/t95-android-tv-box-malware.html
Fighting technology's gender gap with TracketPacer: Lock and Code S04E02
https://www.malwarebytes.com/blog/podcast/2023/01/fighting-technologys-gender-gap-with-tracketpacer
[CVE-2023-0179] Linux kernel stack buffer overflow in nftables: PoC and writeup
https://www.reddit.com/r/netsec/comments/10d98w1/cve20230179_linux_kernel_stack_buffer_overflow_in/
New Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild
https://thehackernews.com/2023/01/new-backdoor-created-using-leaked-cias.html
ISC Stormcast For Tuesday, January 17th, 2023 https://isc.sans.edu/podcastdetail.html?id=8328, (Tue, Jan 17th)
https://isc.sans.edu/diary/rss/29440
Unauthenticated Configuration Export in Multiple WAGO Products
https://www.reddit.com/r/netsec/comments/10dblrc/unauthenticated_configuration_export_in_multiple/
Avast researchers released a free BianLian ransomware decryptor for some variants of the malware
https://securityaffairs.com/140892/malware/free-bianlian-ransomware-decryptor.html
"Untraceable" surveillance firm sued for scraping Facebook and Instagram data
https://www.malwarebytes.com/blog/news/2023/01/untraceable-surveillance-firm-sued-for-scraping-facebook-and-instagram-data
The misadventures of SPF: Delivering SPF authenticated emails on behalf of the Ukrainian MoD, MIT and 1000+ others.
https://www.reddit.com/r/netsec/comments/10e4rk9/the_misadventures_of_spf_delivering_spf/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Accountant ordered to pay ex-employer after bossware shows "time theft"
Bossware helped an employer fire an accountant for not working during work time. The accountant sued for wrongful termination.
❤1
Top Security News for 18/01/2023
Web skimmer found on website of Liquor Control Board of Ontario
https://www.malwarebytes.com/blog/news/2023/01/web-skimmer-found-on-website-of-liquor-control-board-of-ontario
Introducing RPC Investigator
https://www.reddit.com/r/netsec/comments/10ed95w/introducing_rpc_investigator/
4 Places to Supercharge Your SOC with Automation
https://thehackernews.com/2023/01/4-places-to-supercharge-your-soc-with.html
Thousands of Norton LifeLock accounts compromised. Hacktivists spill Cellebrite data. ODIN Intelligence website defaced.
https://thecyberwire.com/newsletters/privacy-briefing/5/10
NEW OUTFITS FOR HACKER BABIES ANNOUNCED
https://www.2600.com/content/new-outfits-hacker-babies-announced
Artists Are Suing Over Stable Diffusion Stealing Their Work for AI Art
https://www.vice.com/en_us/article/dy7b5y/artists-are-suing-over-stable-diffusion-stealing-their-work-for-ai-art
US Maritime Administrator to study port crane cybersecurity concerns
https://www.csoonline.com/article/3685378/us-maritime-administrator-to-study-port-crane-cybersecurity-concerns.html#tk.rss_all
2023-01-16 - Google ad --> Fake 7-Zip page --> Malicious .msi file
https://malware.news/t/2023-01-16-google-ad-fake-7-zip-page-malicious-msi-file/66471#post_1
2023-01-12 - IcedID (Bokbot) infection with Cobalt Strike
https://malware.news/t/2023-01-12-icedid-bokbot-infection-with-cobalt-strike/66472#post_1
Hackers Can Abuse Legitimate GitHub Codespaces Feature to Deliver Malware
https://thehackernews.com/2023/01/hackers-can-abuse-legitimate-github.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Web skimmer found on website of Liquor Control Board of Ontario
https://www.malwarebytes.com/blog/news/2023/01/web-skimmer-found-on-website-of-liquor-control-board-of-ontario
Introducing RPC Investigator
https://www.reddit.com/r/netsec/comments/10ed95w/introducing_rpc_investigator/
4 Places to Supercharge Your SOC with Automation
https://thehackernews.com/2023/01/4-places-to-supercharge-your-soc-with.html
Thousands of Norton LifeLock accounts compromised. Hacktivists spill Cellebrite data. ODIN Intelligence website defaced.
https://thecyberwire.com/newsletters/privacy-briefing/5/10
NEW OUTFITS FOR HACKER BABIES ANNOUNCED
https://www.2600.com/content/new-outfits-hacker-babies-announced
Artists Are Suing Over Stable Diffusion Stealing Their Work for AI Art
https://www.vice.com/en_us/article/dy7b5y/artists-are-suing-over-stable-diffusion-stealing-their-work-for-ai-art
US Maritime Administrator to study port crane cybersecurity concerns
https://www.csoonline.com/article/3685378/us-maritime-administrator-to-study-port-crane-cybersecurity-concerns.html#tk.rss_all
2023-01-16 - Google ad --> Fake 7-Zip page --> Malicious .msi file
https://malware.news/t/2023-01-16-google-ad-fake-7-zip-page-malicious-msi-file/66471#post_1
2023-01-12 - IcedID (Bokbot) infection with Cobalt Strike
https://malware.news/t/2023-01-12-icedid-bokbot-infection-with-cobalt-strike/66472#post_1
Hackers Can Abuse Legitimate GitHub Codespaces Feature to Deliver Malware
https://thehackernews.com/2023/01/hackers-can-abuse-legitimate-github.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Web skimmer found on website of Liquor Control Board of Ontario
LCBO account holders are under advice to schange their passwords and monitor their credit card statements after a web skimmer was found on the webiste
Top Security News for 19/01/2023
ISC StormCast for Thursday, January 19th, 2023
https://isc.sans.edu/podcastdetail.html?id=8332
Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers
https://thehackernews.com/2023/01/critical-security-vulnerabilities.html
What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks
https://securelist.com/corporate-threat-predictions-2023/108456/
ISC Stormcast For Thursday, January 19th, 2023 https://isc.sans.edu/podcastdetail.html?id=8332, (Thu, Jan 19th)
https://isc.sans.edu/diary/rss/29450
Trustwave relaunches Advanced Continual Threat Hunting with human-led methodology
https://www.csoonline.com/article/3685575/trustwave-relaunches-advanced-continual-threat-hunting-with-human-led-methodology.html#tk.rss_all
What is Business Attack Surface Management?
https://malware.news/t/what-is-business-attack-surface-management/66505#post_1
Chinese cyberespionage against Iran. Threats to industrial systems. CISA updates. Notes on the hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/12/11
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/18-01-2023
Perception Point launches Advanced Threat Protection for Zendesk
https://www.csoonline.com/article/3685383/perception-point-launches-advanced-threat-protection-for-zendesk.html#tk.rss_all
Experts found SSRF flaws in four different Microsoft Azure services
https://securityaffairs.com/140947/hacking/microsoft-azure-services-ssrf-flaws.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC StormCast for Thursday, January 19th, 2023
https://isc.sans.edu/podcastdetail.html?id=8332
Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers
https://thehackernews.com/2023/01/critical-security-vulnerabilities.html
What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks
https://securelist.com/corporate-threat-predictions-2023/108456/
ISC Stormcast For Thursday, January 19th, 2023 https://isc.sans.edu/podcastdetail.html?id=8332, (Thu, Jan 19th)
https://isc.sans.edu/diary/rss/29450
Trustwave relaunches Advanced Continual Threat Hunting with human-led methodology
https://www.csoonline.com/article/3685575/trustwave-relaunches-advanced-continual-threat-hunting-with-human-led-methodology.html#tk.rss_all
What is Business Attack Surface Management?
https://malware.news/t/what-is-business-attack-surface-management/66505#post_1
Chinese cyberespionage against Iran. Threats to industrial systems. CISA updates. Notes on the hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/12/11
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/18-01-2023
Perception Point launches Advanced Threat Protection for Zendesk
https://www.csoonline.com/article/3685383/perception-point-launches-advanced-threat-protection-for-zendesk.html#tk.rss_all
Experts found SSRF flaws in four different Microsoft Azure services
https://securityaffairs.com/140947/hacking/microsoft-azure-services-ssrf-flaws.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Thursday, January 19th, 2023 - SANS ISC
Top Security News for 20/01/2023
Criminal-on-criminal action in the dark web. The cyber phases of the hybrid war heat up. ICS vulnerabilities. Codespaces and malware servers. Blank-image attacks. Social engineering.
https://thecyberwire.com/podcasts/daily-podcast/1742/notes
People, Process and Technology: The Incident Response Trifecta
https://securityintelligence.com/articles/incident-response-trifecta/
Ukraine at D+329: Disinformation and cyber in combined arms.
https://thecyberwire.com/stories/04a3c88d22544c0ea383e1b5adcbba78/ukraine-at-d329
Privacy experts raise their voices about the dangers of voice-assisted tech. MailChimp swiftly responds to data breach.
https://thecyberwire.com/newsletters/privacy-briefing/5/12
Synthetic Media Creates New Social Engineering Threats
https://securityintelligence.com/articles/synthetic-media-new-social-engineering-threats/
TLS Connection Cryptographic Protocol Vulnerabilities
https://malware.news/t/tls-connection-cryptographic-protocol-vulnerabilities/66550#post_1
New Chinese Malware Spotted Exploiting Recent Fortinet Firewall Vulnerability
https://thehackernews.com/2023/01/new-chinese-malware-spotted-exploiting.html
SeeProxy: Golang reverse proxy with CobaltStrike malleable profile validation.
https://www.reddit.com/r/netsec/comments/10g06ki/seeproxy_golang_reverse_proxy_with_cobaltstrike/
How CISOs can manage the cybersecurity of high-level executives
https://www.csoonline.com/article/3685415/how-cisos-can-manage-the-security-of-high-level-executives.html#tk.rss_all
Privacy legislation revisions in Australia and India. Recent actions in data handling regulation in the EU. US HHS issues healthcare cybersecurity guidance.
https://thecyberwire.com/newsletters/policy-briefing/5/12
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Criminal-on-criminal action in the dark web. The cyber phases of the hybrid war heat up. ICS vulnerabilities. Codespaces and malware servers. Blank-image attacks. Social engineering.
https://thecyberwire.com/podcasts/daily-podcast/1742/notes
People, Process and Technology: The Incident Response Trifecta
https://securityintelligence.com/articles/incident-response-trifecta/
Ukraine at D+329: Disinformation and cyber in combined arms.
https://thecyberwire.com/stories/04a3c88d22544c0ea383e1b5adcbba78/ukraine-at-d329
Privacy experts raise their voices about the dangers of voice-assisted tech. MailChimp swiftly responds to data breach.
https://thecyberwire.com/newsletters/privacy-briefing/5/12
Synthetic Media Creates New Social Engineering Threats
https://securityintelligence.com/articles/synthetic-media-new-social-engineering-threats/
TLS Connection Cryptographic Protocol Vulnerabilities
https://malware.news/t/tls-connection-cryptographic-protocol-vulnerabilities/66550#post_1
New Chinese Malware Spotted Exploiting Recent Fortinet Firewall Vulnerability
https://thehackernews.com/2023/01/new-chinese-malware-spotted-exploiting.html
SeeProxy: Golang reverse proxy with CobaltStrike malleable profile validation.
https://www.reddit.com/r/netsec/comments/10g06ki/seeproxy_golang_reverse_proxy_with_cobaltstrike/
How CISOs can manage the cybersecurity of high-level executives
https://www.csoonline.com/article/3685415/how-cisos-can-manage-the-security-of-high-level-executives.html#tk.rss_all
Privacy legislation revisions in Australia and India. Recent actions in data handling regulation in the EU. US HHS issues healthcare cybersecurity guidance.
https://thecyberwire.com/newsletters/policy-briefing/5/12
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Criminal-on-criminal action in the dark web. The cyber phases of the hybrid war heat up. ICS vulnerabilities. Codespaces and malware…
A hostile takeover of the Solaris contraband market. Ukraine warns that Russian cyberattacks continue. An overview of 2H 2022 ICS vulnerabilities. Codespaces accounts can act as malware servers. Blank-image attacks. Campaigns leveraging HR policy themes.…
Top Security News for 21/01/2023
How Much is the U.S. Investing in Cyber (And is it Enough)?
https://securityintelligence.com/articles/how-much-is-us-investing-in-cyber/
Ransomware money laundering operation disrupted, founder arrested
https://www.malwarebytes.com/blog/news/2023/01/bitzlato-ransomware-laundry-operation-sees-founder-arrested
Vijilan - Managed service Providers (msp)
https://www.reddit.com/r/netsec/comments/10h71z4/vijilan_managed_service_providers_msp/
Paul Martini from iboss discusses their survey about Zero Trust cybersecurity.
https://thecyberwire.com/podcasts/interview-selects/143/notes
Mailchimp breach feels like deja vu
https://malware.news/t/mailchimp-breach-feels-like-deja-vu/66571#post_1
Orca describes, Microsoft fixes, four Azure SSRF issues. DNV recovering from ransomware. T-Mobile discloses a data breach. Cyberattack hits Nunavut utility.
https://thecyberwire.com/newsletters/week-that-was/7/3
Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers' DNS Settings
https://thehackernews.com/2023/01/roaming-mantis-spreading-mobile-malware.html
Russia Needs to Learn to Lose Like America
https://www.vice.com/en_us/article/qjkq9w/russia-needs-to-learn-to-lose-like-america
NIST to rework its cybersecurity guidelines. NSA updates its internet protocol guidance. CRA violations could mean steep fines.
https://thecyberwire.com/newsletters/policy-briefing/5/13
T-Mobile suffered a new data breach, 37 million accounts have been compromised
https://securityaffairs.com/141086/data-breach/t-mobile-data-breach-5.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
How Much is the U.S. Investing in Cyber (And is it Enough)?
https://securityintelligence.com/articles/how-much-is-us-investing-in-cyber/
Ransomware money laundering operation disrupted, founder arrested
https://www.malwarebytes.com/blog/news/2023/01/bitzlato-ransomware-laundry-operation-sees-founder-arrested
Vijilan - Managed service Providers (msp)
https://www.reddit.com/r/netsec/comments/10h71z4/vijilan_managed_service_providers_msp/
Paul Martini from iboss discusses their survey about Zero Trust cybersecurity.
https://thecyberwire.com/podcasts/interview-selects/143/notes
Mailchimp breach feels like deja vu
https://malware.news/t/mailchimp-breach-feels-like-deja-vu/66571#post_1
Orca describes, Microsoft fixes, four Azure SSRF issues. DNV recovering from ransomware. T-Mobile discloses a data breach. Cyberattack hits Nunavut utility.
https://thecyberwire.com/newsletters/week-that-was/7/3
Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers' DNS Settings
https://thehackernews.com/2023/01/roaming-mantis-spreading-mobile-malware.html
Russia Needs to Learn to Lose Like America
https://www.vice.com/en_us/article/qjkq9w/russia-needs-to-learn-to-lose-like-america
NIST to rework its cybersecurity guidelines. NSA updates its internet protocol guidance. CRA violations could mean steep fines.
https://thecyberwire.com/newsletters/policy-briefing/5/13
T-Mobile suffered a new data breach, 37 million accounts have been compromised
https://securityaffairs.com/141086/data-breach/t-mobile-data-breach-5.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Intelligence
How Much is the U.S. Investing in Cyber (And is it Enough)?
It’s no secret that cyberattacks in the US are increasing in frequency and sophistication. Are we spending enough on cybersecurity to combat these attacks?
Top Security News for 31/01/2023
Attack Cases of CoinMiners Mining Ethereum Classic Coins
https://malware.news/t/attack-cases-of-coinminers-mining-ethereum-classic-coins/66796#post_1
Economic headwinds could deepen the cybersecurity skills shortage
https://www.csoonline.com/article/3686470/economic-headwinds-could-deepen-the-cybersecurity-skills-shortage.html#tk.rss_all
A private moment, caught by a Roomba, ended up on Facebook. Eileen Guo explains how: Lock and Code S04E03
https://www.malwarebytes.com/blog/podcast/2023/01/a-private-moment-caught-by-a-roomba-ended-up-on-facebook-lock-and-code-s04e03
0x00sec new chat feature!
https://0x00sec.org/t/0x00sec-new-chat-feature/33230
Update your LearnPress plugins now!
https://www.malwarebytes.com/blog/news/2023/01/update-your-learnpress-plugins-now
ASEC Weekly Phishing Email Threat Trends (January 15th, 2023 – January 21st, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-january-15th-2023-january-21st-2023/66798#post_1
Soft Skills: Writing
https://malware.news/t/soft-skills-writing/66794#post_1
How the Silk Road Affair Changed Law Enforcement
https://securityintelligence.com/articles/silk-road-dark-web-law-enforcement/
This paper reinforces the belief that RSA isn't going to fall to Shor's Algorithm anytime soon
https://www.reddit.com/r/netsec/comments/10msabt/this_paper_reinforces_the_belief_that_rsa_isnt/
Researcher received a $27,000 bounty for 2FA bypass bug in Facebook and Instagram
https://securityaffairs.com/141571/social-networks/facebook-instagram-bug.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Attack Cases of CoinMiners Mining Ethereum Classic Coins
https://malware.news/t/attack-cases-of-coinminers-mining-ethereum-classic-coins/66796#post_1
Economic headwinds could deepen the cybersecurity skills shortage
https://www.csoonline.com/article/3686470/economic-headwinds-could-deepen-the-cybersecurity-skills-shortage.html#tk.rss_all
A private moment, caught by a Roomba, ended up on Facebook. Eileen Guo explains how: Lock and Code S04E03
https://www.malwarebytes.com/blog/podcast/2023/01/a-private-moment-caught-by-a-roomba-ended-up-on-facebook-lock-and-code-s04e03
0x00sec new chat feature!
https://0x00sec.org/t/0x00sec-new-chat-feature/33230
Update your LearnPress plugins now!
https://www.malwarebytes.com/blog/news/2023/01/update-your-learnpress-plugins-now
ASEC Weekly Phishing Email Threat Trends (January 15th, 2023 – January 21st, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-january-15th-2023-january-21st-2023/66798#post_1
Soft Skills: Writing
https://malware.news/t/soft-skills-writing/66794#post_1
How the Silk Road Affair Changed Law Enforcement
https://securityintelligence.com/articles/silk-road-dark-web-law-enforcement/
This paper reinforces the belief that RSA isn't going to fall to Shor's Algorithm anytime soon
https://www.reddit.com/r/netsec/comments/10msabt/this_paper_reinforces_the_belief_that_rsa_isnt/
Researcher received a $27,000 bounty for 2FA bypass bug in Facebook and Instagram
https://securityaffairs.com/141571/social-networks/facebook-instagram-bug.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Attack Cases of CoinMiners Mining Ethereum Classic Coins
The ASEC analysis team is monitoring CoinMiners that are targeting Korean and overseas users. We have covered cases of various types of CoinMiner attacks over multiple blog posts in the past. This post aims to introduce the recently discovered malware that…
Top Security News for 01/02/2023
Guardz debuts with cybersecurity-as-a-service for small businesses
https://www.csoonline.com/article/3686534/guardz-debuts-with-cybersecurity-as-a-service-for-small-businesses.html#tk.rss_all
ISC Stormcast For Wednesday, February 1st, 2023 https://isc.sans.edu/podcastdetail.html?id=8350, (Wed, Feb 1st)
https://malware.news/t/isc-stormcast-for-wednesday-february-1st-2023-https-isc-sans-edu-podcastdetail-html-id-8350-wed-feb-1st/66829#post_1
Threat actors abuse Microsoft’s “verified publisher” status to exploit OAuth privileges
https://www.csoonline.com/article/3686573/threat-actors-abuse-microsoft-s-verified-publisher-status-to-exploit-oauth-privileges.html#tk.rss_all
Google sponsored ads malvertising targets password manager
https://www.malwarebytes.com/blog/threat-intelligence/2023/01/google-sponsored-ads-malvertising-targets-password-manager
2023-01-31 - BB12 Qakbot (Qbot) with Cobalt Strike and VNC traffi
https://malware.news/t/2023-01-31-bb12-qakbot-qbot-with-cobalt-strike-and-vnc-traffi/66828#post_1
Free sources for really deep dives
https://www.reddit.com/r/Malware/comments/10qmeq1/free_sources_for_really_deep_dives/
Learning CodeQL - Going Beyond Grep
https://www.reddit.com/r/netsec/comments/10pydgb/learning_codeql_going_beyond_grep/
The Good, Bad and Compromisable Aspects of Linux eBPF
https://www.reddit.com/r/netsec/comments/10pxh6w/the_good_bad_and_compromisable_aspects_of_linux/
Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Breach Corporate Email Accounts
https://thehackernews.com/2023/02/hackers-abused-microsofts-verified.html
FTC rules against Chegg in data breach case. Three third-party health data breaches. Bugs in OpenEMR. UK’s IPT says MI5 mishandled personal data.
https://thecyberwire.com/newsletters/privacy-briefing/5/20
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Guardz debuts with cybersecurity-as-a-service for small businesses
https://www.csoonline.com/article/3686534/guardz-debuts-with-cybersecurity-as-a-service-for-small-businesses.html#tk.rss_all
ISC Stormcast For Wednesday, February 1st, 2023 https://isc.sans.edu/podcastdetail.html?id=8350, (Wed, Feb 1st)
https://malware.news/t/isc-stormcast-for-wednesday-february-1st-2023-https-isc-sans-edu-podcastdetail-html-id-8350-wed-feb-1st/66829#post_1
Threat actors abuse Microsoft’s “verified publisher” status to exploit OAuth privileges
https://www.csoonline.com/article/3686573/threat-actors-abuse-microsoft-s-verified-publisher-status-to-exploit-oauth-privileges.html#tk.rss_all
Google sponsored ads malvertising targets password manager
https://www.malwarebytes.com/blog/threat-intelligence/2023/01/google-sponsored-ads-malvertising-targets-password-manager
2023-01-31 - BB12 Qakbot (Qbot) with Cobalt Strike and VNC traffi
https://malware.news/t/2023-01-31-bb12-qakbot-qbot-with-cobalt-strike-and-vnc-traffi/66828#post_1
Free sources for really deep dives
https://www.reddit.com/r/Malware/comments/10qmeq1/free_sources_for_really_deep_dives/
Learning CodeQL - Going Beyond Grep
https://www.reddit.com/r/netsec/comments/10pydgb/learning_codeql_going_beyond_grep/
The Good, Bad and Compromisable Aspects of Linux eBPF
https://www.reddit.com/r/netsec/comments/10pxh6w/the_good_bad_and_compromisable_aspects_of_linux/
Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Breach Corporate Email Accounts
https://thehackernews.com/2023/02/hackers-abused-microsofts-verified.html
FTC rules against Chegg in data breach case. Three third-party health data breaches. Bugs in OpenEMR. UK’s IPT says MI5 mishandled personal data.
https://thecyberwire.com/newsletters/privacy-briefing/5/20
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
Guardz debuts with cybersecurity-as-a-service for small businesses
An easy-to-use cybersecurity toolkit from Tel Aviv-based startup Guardz targets small and medium-size businesses (SMBs).
Top Security News for 02/02/2023
Safely and securely moving to the cloud.
https://thecyberwire.com/podcasts/caveat/159/notes
Rotating Packet Captures with pfSense, (Wed, Feb 1st)
https://isc.sans.edu/diary/rss/29500
New Prilex PoS Malware evolves to target NFC-enabled credit cards
https://securityaffairs.com/141686/malware/prilex-pos-malware-nfc-enabled-credit-cards.html
Vista Equity Partners acquires KnowBe4. Saviynt raises $205 million in growth funding. The cyber labor market continues to see dark days.
https://thecyberwire.com/newsletters/business-briefing/5/5
Up to 10 million people potentially impacted by JD Sports breach
https://www.malwarebytes.com/blog/news/2023/02/up-to-10-million-people-potentially-impacted-by-jd-sports-breach
Research Exposes Azure Serverless Security Blind Spots
https://malware.news/t/research-exposes-azure-serverless-security-blind-spots/66858#post_1
Cmd Malware
https://www.reddit.com/r/Malware/comments/10rf9yy/cmd_malware/
A war on commerce.
https://thecyberwire.com/podcasts/hacking-humans/230/notes
ISC Stormcast For Thursday, February 2nd, 2023 https://isc.sans.edu/podcastdetail.html?id=8352, (Thu, Feb 2nd)
https://malware.news/t/isc-stormcast-for-thursday-february-2nd-2023-https-isc-sans-edu-podcastdetail-html-id-8352-thu-feb-2nd/66857#post_1
Experts Warn of 'Ice Breaker' Cyberattacks Targeting Gaming and Gambling Industry
https://thehackernews.com/2023/02/experts-warn-of-ice-breaker.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Safely and securely moving to the cloud.
https://thecyberwire.com/podcasts/caveat/159/notes
Rotating Packet Captures with pfSense, (Wed, Feb 1st)
https://isc.sans.edu/diary/rss/29500
New Prilex PoS Malware evolves to target NFC-enabled credit cards
https://securityaffairs.com/141686/malware/prilex-pos-malware-nfc-enabled-credit-cards.html
Vista Equity Partners acquires KnowBe4. Saviynt raises $205 million in growth funding. The cyber labor market continues to see dark days.
https://thecyberwire.com/newsletters/business-briefing/5/5
Up to 10 million people potentially impacted by JD Sports breach
https://www.malwarebytes.com/blog/news/2023/02/up-to-10-million-people-potentially-impacted-by-jd-sports-breach
Research Exposes Azure Serverless Security Blind Spots
https://malware.news/t/research-exposes-azure-serverless-security-blind-spots/66858#post_1
Cmd Malware
https://www.reddit.com/r/Malware/comments/10rf9yy/cmd_malware/
A war on commerce.
https://thecyberwire.com/podcasts/hacking-humans/230/notes
ISC Stormcast For Thursday, February 2nd, 2023 https://isc.sans.edu/podcastdetail.html?id=8352, (Thu, Feb 2nd)
https://malware.news/t/isc-stormcast-for-thursday-february-2nd-2023-https-isc-sans-edu-podcastdetail-html-id-8352-thu-feb-2nd/66857#post_1
Experts Warn of 'Ice Breaker' Cyberattacks Targeting Gaming and Gambling Industry
https://thehackernews.com/2023/02/experts-warn-of-ice-breaker.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Safely and securely moving to the cloud.
Willie Hicks, Federal Chief Technologist from Dynatrace, sits down to discuss accelerated adoption and use of secure cloud infrastructure and services by the federal government. Ben’s story is on a new academic paper on the terms of service documents provided…
Top Security News for 03/02/2023
Ransomware in December 2022
https://www.malwarebytes.com/blog/threat-intelligence/2023/02/ransomware-in-december-2022
Cybersecurity and privacy tips you can teach your 5+-year-old
https://www.malwarebytes.com/blog/news/2023/02/cybersecurity-and-privacy-tips-you-can-teach-your-5-year-old
Discovering Six Critical Docker Desktop Privilege Escalation Vulnerabilities. (Bonus: New OSS Tool!)
https://www.reddit.com/r/netsec/comments/10rylf9/discovering_six_critical_docker_desktop_privilege/
Adobe Acrobat Reader - resetForm - CAgg UaF - RCE Exploit - CVE-2023-21608
https://www.reddit.com/r/netsec/comments/10s95yz/adobe_acrobat_reader_resetform_cagg_uaf_rce/
Cisco fixes vulnerabilities in ICS appliances. NIST’s anti-phishing guidelines. OneNote exploitation. HeadCrab malware. Recent actions by Russian threat actors. Trends in state-directed cyber ops.
https://thecyberwire.com/podcasts/daily-podcast/1752/notes
EMBA - Automated firmware security scanner v1.2.1 released
https://www.reddit.com/r/netsec/comments/10rrlm0/emba_automated_firmware_security_scanner_v121/
Remote code execution exploit chain available for VMware vRealize Log Insight
https://www.csoonline.com/article/3687171/remote-code-execution-exploit-chain-available-for-vmware-vrealize-log-insight.html#tk.rss_all
ISC Stormcast For Friday, February 3rd, 2023 https://isc.sans.edu/podcastdetail.html?id=8354, (Fri, Feb 3rd)
https://malware.news/t/isc-stormcast-for-friday-february-3rd-2023-https-isc-sans-edu-podcastdetail-html-id-8354-fri-feb-3rd/66893#post_1
TC39 proposal for mitigating prototype pollution
https://www.reddit.com/r/netsec/comments/10s6730/tc39_proposal_for_mitigating_prototype_pollution/
New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products
https://thehackernews.com/2023/02/new-high-severity-vulnerabilities.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Ransomware in December 2022
https://www.malwarebytes.com/blog/threat-intelligence/2023/02/ransomware-in-december-2022
Cybersecurity and privacy tips you can teach your 5+-year-old
https://www.malwarebytes.com/blog/news/2023/02/cybersecurity-and-privacy-tips-you-can-teach-your-5-year-old
Discovering Six Critical Docker Desktop Privilege Escalation Vulnerabilities. (Bonus: New OSS Tool!)
https://www.reddit.com/r/netsec/comments/10rylf9/discovering_six_critical_docker_desktop_privilege/
Adobe Acrobat Reader - resetForm - CAgg UaF - RCE Exploit - CVE-2023-21608
https://www.reddit.com/r/netsec/comments/10s95yz/adobe_acrobat_reader_resetform_cagg_uaf_rce/
Cisco fixes vulnerabilities in ICS appliances. NIST’s anti-phishing guidelines. OneNote exploitation. HeadCrab malware. Recent actions by Russian threat actors. Trends in state-directed cyber ops.
https://thecyberwire.com/podcasts/daily-podcast/1752/notes
EMBA - Automated firmware security scanner v1.2.1 released
https://www.reddit.com/r/netsec/comments/10rrlm0/emba_automated_firmware_security_scanner_v121/
Remote code execution exploit chain available for VMware vRealize Log Insight
https://www.csoonline.com/article/3687171/remote-code-execution-exploit-chain-available-for-vmware-vrealize-log-insight.html#tk.rss_all
ISC Stormcast For Friday, February 3rd, 2023 https://isc.sans.edu/podcastdetail.html?id=8354, (Fri, Feb 3rd)
https://malware.news/t/isc-stormcast-for-friday-february-3rd-2023-https-isc-sans-edu-podcastdetail-html-id-8354-fri-feb-3rd/66893#post_1
TC39 proposal for mitigating prototype pollution
https://www.reddit.com/r/netsec/comments/10s6730/tc39_proposal_for_mitigating_prototype_pollution/
New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products
https://thehackernews.com/2023/02/new-high-severity-vulnerabilities.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Ransomware in December 2022
Our Threat Intelligence team looks at known ransomware attacks by gang, country, and industry sector in December 2022, and looks at why LockBit had to make a public apology
👍1
Top Security News for 08/02/2023
Redistribution of Magniber Ransomware in Korea (January 28th)
https://malware.news/t/redistribution-of-magniber-ransomware-in-korea-january-28th/67002#post_1
Tackling the New Cyber Insurance Requirements: Can Your Organization Comply?
https://thehackernews.com/2023/02/tackling-new-cyber-insurance.html
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/07-02-2023
How to Spot a Nefarious Cryptocurrency Platform
https://securityintelligence.com/articles/how-to-spot-nefarious-crypto-platform/
How to get data from the website
https://0x00sec.org/t/how-to-get-data-from-the-website/33367
New Linux variant of Clop Ransomware uses a flawed encryption algorithm
https://securityaffairs.com/141932/cyber-crime/clop-ransomware-linux-variant.html
Quad Partners' cyber challenge. Federal Cyber R&D Strategic Plan RFI. CISA supports victims of ESXiArgs ransomware. Pakistan unblocks Wikipedia.
https://thecyberwire.com/newsletters/policy-briefing/5/25
Quasar RAT Being Distributed by Private HTS Program
https://malware.news/t/quasar-rat-being-distributed-by-private-hts-program/67001#post_1
Conservatives Are Obsessed With Getting ChatGPT to Say the N-Word
https://www.vice.com/en_us/article/wxnv59/conservatives-are-obsessed-with-getting-chatgpt-to-say-the-n-word
Post-Exploitation: Abusing the KeePass Plugin Cache
https://www.reddit.com/r/netsec/comments/10w944g/postexploitation_abusing_the_keepass_plugin_cache/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Redistribution of Magniber Ransomware in Korea (January 28th)
https://malware.news/t/redistribution-of-magniber-ransomware-in-korea-january-28th/67002#post_1
Tackling the New Cyber Insurance Requirements: Can Your Organization Comply?
https://thehackernews.com/2023/02/tackling-new-cyber-insurance.html
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/07-02-2023
How to Spot a Nefarious Cryptocurrency Platform
https://securityintelligence.com/articles/how-to-spot-nefarious-crypto-platform/
How to get data from the website
https://0x00sec.org/t/how-to-get-data-from-the-website/33367
New Linux variant of Clop Ransomware uses a flawed encryption algorithm
https://securityaffairs.com/141932/cyber-crime/clop-ransomware-linux-variant.html
Quad Partners' cyber challenge. Federal Cyber R&D Strategic Plan RFI. CISA supports victims of ESXiArgs ransomware. Pakistan unblocks Wikipedia.
https://thecyberwire.com/newsletters/policy-briefing/5/25
Quasar RAT Being Distributed by Private HTS Program
https://malware.news/t/quasar-rat-being-distributed-by-private-hts-program/67001#post_1
Conservatives Are Obsessed With Getting ChatGPT to Say the N-Word
https://www.vice.com/en_us/article/wxnv59/conservatives-are-obsessed-with-getting-chatgpt-to-say-the-n-word
Post-Exploitation: Abusing the KeePass Plugin Cache
https://www.reddit.com/r/netsec/comments/10w944g/postexploitation_abusing_the_keepass_plugin_cache/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Redistribution of Magniber Ransomware in Korea (January 28th)
On the morning of January 28th, the ASEC analysis team discovered the redistribution of Magniber disguised as normal Windows Installers (MSI). The distributed Magniber files have MSI as their extensions, disguising themselves as Windows update files. According…
Top Security News for 09/02/2023
ISC Stormcast For Thursday, February 9th, 2023 https://isc.sans.edu/podcastdetail.html?id=8362, (Thu, Feb 9th)
https://isc.sans.edu/diary/rss/29532
ISC Stormcast For Thursday, February 9th, 2023 https://isc.sans.edu/podcastdetail.html?id=8362, (Thu, Feb 9th)
https://malware.news/t/isc-stormcast-for-thursday-february-9th-2023-https-isc-sans-edu-podcastdetail-html-id-8362-thu-feb-9th/67041#post_1
Ransomware review: February 2023
https://malware.news/t/ransomware-review-february-2023/67039#post_1
Dota 2 Under Attack: How a V8 Bug Was Exploited in the Game
https://www.reddit.com/r/netsec/comments/10wsv0n/dota_2_under_attack_how_a_v8_bug_was_exploited_in/
Growing number of endpoint security tools overwhelm users, leaving devices unprotected
https://www.csoonline.com/article/3687140/growing-number-of-endpoint-security-tools-overwhelm-users-leaving-devices-unprotected.html#tk.rss_all
OpenSSH Pre-Auth Double Free - CVE-2023-25136 - Writeup and Proof-of-Concept
https://www.reddit.com/r/netsec/comments/10x5fag/openssh_preauth_double_free_cve202325136_writeup/
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/08-02-2023
Cohesity Data Cloud 7.0 enhances privileged access authentication, ransomware recovery
https://www.csoonline.com/article/3687179/cohesity-data-cloud-70-enhances-privileged-access-authentication-ransomware-recovery.html#tk.rss_all
Solving one of NOBELIUM’s most novel attacks: Cyberattack Series
https://www.microsoft.com/en-us/security/blog/2023/02/08/solving-one-of-nobeliums-most-novel-attacks-cyberattack-series/
CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks
https://thehackernews.com/2023/02/cert-ua-alerts-ukrainian-state.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Thursday, February 9th, 2023 https://isc.sans.edu/podcastdetail.html?id=8362, (Thu, Feb 9th)
https://isc.sans.edu/diary/rss/29532
ISC Stormcast For Thursday, February 9th, 2023 https://isc.sans.edu/podcastdetail.html?id=8362, (Thu, Feb 9th)
https://malware.news/t/isc-stormcast-for-thursday-february-9th-2023-https-isc-sans-edu-podcastdetail-html-id-8362-thu-feb-9th/67041#post_1
Ransomware review: February 2023
https://malware.news/t/ransomware-review-february-2023/67039#post_1
Dota 2 Under Attack: How a V8 Bug Was Exploited in the Game
https://www.reddit.com/r/netsec/comments/10wsv0n/dota_2_under_attack_how_a_v8_bug_was_exploited_in/
Growing number of endpoint security tools overwhelm users, leaving devices unprotected
https://www.csoonline.com/article/3687140/growing-number-of-endpoint-security-tools-overwhelm-users-leaving-devices-unprotected.html#tk.rss_all
OpenSSH Pre-Auth Double Free - CVE-2023-25136 - Writeup and Proof-of-Concept
https://www.reddit.com/r/netsec/comments/10x5fag/openssh_preauth_double_free_cve202325136_writeup/
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/08-02-2023
Cohesity Data Cloud 7.0 enhances privileged access authentication, ransomware recovery
https://www.csoonline.com/article/3687179/cohesity-data-cloud-70-enhances-privileged-access-authentication-ransomware-recovery.html#tk.rss_all
Solving one of NOBELIUM’s most novel attacks: Cyberattack Series
https://www.microsoft.com/en-us/security/blog/2023/02/08/solving-one-of-nobeliums-most-novel-attacks-cyberattack-series/
CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks
https://thehackernews.com/2023/02/cert-ua-alerts-ukrainian-state.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Thursday, February 9th, 2023 - SANS ISC
Top Security News for 10/02/2023
Hackers Are Selling A Service That Bypasses ChatGPT Restrictions On Malware
https://packetstormsecurity.com/news/view/34300/Hackers-Are-Selling-A-Service-That-Bypasses-ChatGPT-Restrictions-On-Malware.html
ISC Stormcast For Friday, February 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8364, (Fri, Feb 10th)
https://malware.news/t/isc-stormcast-for-friday-february-10th-2023-https-isc-sans-edu-podcastdetail-html-id-8364-fri-feb-10th/67082#post_1
Neo4jection: Secrets, Data, and Cloud Exploits - Attacking Neo4j
https://www.reddit.com/r/netsec/comments/10xwr98/neo4jection_secrets_data_and_cloud_exploits/
After the war in Ukraine: Cyber revanchism.
https://thecyberwire.com/stories/f9543307f1f14165a966baae3be4db26/after-the-war-in-ukraine-cyber-revanchism
VMware ESXi server ransomware evolves, after recovery script released
https://www.networkworld.com/article/3687610/vmware-esxi-server-ransomware-evolves-after-recovery-script-released.html#tk.rss_all
“Permanently” Bricking Computers and Other Supply Chain Issues
https://malware.news/t/permanently-bricking-computers-and-other-supply-chain-issues/67080#post_1
[SANS ISC] A Backdoor with Smart Screenshot Capability
https://blog.rootshell.be/2023/02/09/sans-isc-a-backdoor-with-smart-screenshot-capabilitysans-isc/
What is a Pentester, and Can They Prevent Data Breaches?
https://securityintelligence.com/articles/what-is-a-pentester/
Widespread ransomware operation infests thousands. British hospital trust accidentally leaks staff data.
https://thecyberwire.com/podcasts/privacy-briefing/763/notes
ISC StormCast for Friday, February 10th, 2023
https://isc.sans.edu/podcastdetail.html?id=8364
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Hackers Are Selling A Service That Bypasses ChatGPT Restrictions On Malware
https://packetstormsecurity.com/news/view/34300/Hackers-Are-Selling-A-Service-That-Bypasses-ChatGPT-Restrictions-On-Malware.html
ISC Stormcast For Friday, February 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8364, (Fri, Feb 10th)
https://malware.news/t/isc-stormcast-for-friday-february-10th-2023-https-isc-sans-edu-podcastdetail-html-id-8364-fri-feb-10th/67082#post_1
Neo4jection: Secrets, Data, and Cloud Exploits - Attacking Neo4j
https://www.reddit.com/r/netsec/comments/10xwr98/neo4jection_secrets_data_and_cloud_exploits/
After the war in Ukraine: Cyber revanchism.
https://thecyberwire.com/stories/f9543307f1f14165a966baae3be4db26/after-the-war-in-ukraine-cyber-revanchism
VMware ESXi server ransomware evolves, after recovery script released
https://www.networkworld.com/article/3687610/vmware-esxi-server-ransomware-evolves-after-recovery-script-released.html#tk.rss_all
“Permanently” Bricking Computers and Other Supply Chain Issues
https://malware.news/t/permanently-bricking-computers-and-other-supply-chain-issues/67080#post_1
[SANS ISC] A Backdoor with Smart Screenshot Capability
https://blog.rootshell.be/2023/02/09/sans-isc-a-backdoor-with-smart-screenshot-capabilitysans-isc/
What is a Pentester, and Can They Prevent Data Breaches?
https://securityintelligence.com/articles/what-is-a-pentester/
Widespread ransomware operation infests thousands. British hospital trust accidentally leaks staff data.
https://thecyberwire.com/podcasts/privacy-briefing/763/notes
ISC StormCast for Friday, February 10th, 2023
https://isc.sans.edu/podcastdetail.html?id=8364
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Ars Technica
Hackers are selling a service that bypasses ChatGPT restrictions on malware
ChatGPT restrictions on the creation of illicit content are easy to circumvent.
Top Security News for 10/02/2023
Android mobile devices from top vendors in China have pre-installed malware
https://securityaffairs.com/141989/malware/android-mobile-devices-china-malware.html
How to unleash the power of an effective security engineering team
https://www.csoonline.com/article/3687180/how-to-unleash-the-power-of-an-effective-security-engineering-team.html#tk.rss_all
What is a Pentester, and Can They Prevent Data Breaches?
https://securityintelligence.com/articles/what-is-a-pentester/
secpat2gf: convert secret patterns to gf compatible.
https://www.reddit.com/r/netsec/comments/10yfi1o/secpat2gf_convert_secret_patterns_to_gf_compatible/
U.S., Britain Impose Sanctions On Russia's Trickbot Hacking Gang
https://packetstormsecurity.com/news/view/34301/U.S.-Britain-Impose-Sanctions-On-Russias-Trickbot-Hacking-Gang.html
We had a security incident. Here’s what we know.
https://www.reddit.com/r/netsec/comments/10y59q2/we_had_a_security_incident_heres_what_we_know/
2022 in Cybersecurity
https://malware.news/t/2022-in-cybersecurity/67083#post_1
[SANS ISC] A Backdoor with Smart Screenshot Capability
https://blog.rootshell.be/2023/02/09/sans-isc-a-backdoor-with-smart-screenshot-capabilitysans-isc/
Introducing Malwarebytes Application Block: How to block unauthorized software from executing on Windows endpoints
https://www.malwarebytes.com/blog/business/2023/02/introducing-malwarebytes-application-block-how-to-block-unauthorized-software-from-executing-on-windows-endpoints
OpenSSL Fixes Multiple New Security Flaws with Latest Update
https://thehackernews.com/2023/02/openssl-fixes-multiple-new-security.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Android mobile devices from top vendors in China have pre-installed malware
https://securityaffairs.com/141989/malware/android-mobile-devices-china-malware.html
How to unleash the power of an effective security engineering team
https://www.csoonline.com/article/3687180/how-to-unleash-the-power-of-an-effective-security-engineering-team.html#tk.rss_all
What is a Pentester, and Can They Prevent Data Breaches?
https://securityintelligence.com/articles/what-is-a-pentester/
secpat2gf: convert secret patterns to gf compatible.
https://www.reddit.com/r/netsec/comments/10yfi1o/secpat2gf_convert_secret_patterns_to_gf_compatible/
U.S., Britain Impose Sanctions On Russia's Trickbot Hacking Gang
https://packetstormsecurity.com/news/view/34301/U.S.-Britain-Impose-Sanctions-On-Russias-Trickbot-Hacking-Gang.html
We had a security incident. Here’s what we know.
https://www.reddit.com/r/netsec/comments/10y59q2/we_had_a_security_incident_heres_what_we_know/
2022 in Cybersecurity
https://malware.news/t/2022-in-cybersecurity/67083#post_1
[SANS ISC] A Backdoor with Smart Screenshot Capability
https://blog.rootshell.be/2023/02/09/sans-isc-a-backdoor-with-smart-screenshot-capabilitysans-isc/
Introducing Malwarebytes Application Block: How to block unauthorized software from executing on Windows endpoints
https://www.malwarebytes.com/blog/business/2023/02/introducing-malwarebytes-application-block-how-to-block-unauthorized-software-from-executing-on-windows-endpoints
OpenSSL Fixes Multiple New Security Flaws with Latest Update
https://thehackernews.com/2023/02/openssl-fixes-multiple-new-security.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Android mobile devices from top vendors in China have pre-installed malware
Researchers reported that the top-of-the-line Android mobile devices sold in China are shipped with malware.
Top Security News for 11/02/2023
DPRK fund malicious cyber activities with ransomware attacks on critical Infrastructure
https://securityaffairs.com/142090/breaking-news/north-korea-hackers-ransomware.html
Reddit discloses security breach that exposed source code and internal docs
https://securityaffairs.com/142071/data-breach/reddit-security-breach.html
FireFly : an advanced black-box fuzzer and not just a standard asset discovery tool
https://www.reddit.com/r/netsec/comments/10z2wpa/firefly_an_advanced_blackbox_fuzzer_and_not_just/
$800,000 recovered from Business Email Compromise attack
https://www.malwarebytes.com/blog/news/2023/02/800k-recovered-from-business-email-compromise-attack
Reddit breached, here's what you need to know
https://www.malwarebytes.com/blog/news/2023/02/reddit-systems-compromised-by-phish-attack.-heres-what-you-need-to-do-next
Ransomware attack hit the City of Oakland
https://securityaffairs.com/142110/cyber-crime/city-of-oakland-ransomware-attack.html
Researchers Uncover Obfuscated Malicious Code in PyPI Python Packages
https://thehackernews.com/2023/02/researchers-uncover-obfuscated.html
U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks
https://thehackernews.com/2023/02/uk-and-us-sanction-7-russians-for.html
Find Writable Shares with Python.
https://www.reddit.com/r/netsec/comments/10yrr2f/find_writable_shares_with_python/
US, RoK agencies outline DPRK ransomware. Reddit breached. ICS and IIoT issues. It’s almost Valentine’s Day. Have you noticed? (The hoods have.)
https://thecyberwire.com/podcasts/daily-podcast/1758/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
DPRK fund malicious cyber activities with ransomware attacks on critical Infrastructure
https://securityaffairs.com/142090/breaking-news/north-korea-hackers-ransomware.html
Reddit discloses security breach that exposed source code and internal docs
https://securityaffairs.com/142071/data-breach/reddit-security-breach.html
FireFly : an advanced black-box fuzzer and not just a standard asset discovery tool
https://www.reddit.com/r/netsec/comments/10z2wpa/firefly_an_advanced_blackbox_fuzzer_and_not_just/
$800,000 recovered from Business Email Compromise attack
https://www.malwarebytes.com/blog/news/2023/02/800k-recovered-from-business-email-compromise-attack
Reddit breached, here's what you need to know
https://www.malwarebytes.com/blog/news/2023/02/reddit-systems-compromised-by-phish-attack.-heres-what-you-need-to-do-next
Ransomware attack hit the City of Oakland
https://securityaffairs.com/142110/cyber-crime/city-of-oakland-ransomware-attack.html
Researchers Uncover Obfuscated Malicious Code in PyPI Python Packages
https://thehackernews.com/2023/02/researchers-uncover-obfuscated.html
U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks
https://thehackernews.com/2023/02/uk-and-us-sanction-7-russians-for.html
Find Writable Shares with Python.
https://www.reddit.com/r/netsec/comments/10yrr2f/find_writable_shares_with_python/
US, RoK agencies outline DPRK ransomware. Reddit breached. ICS and IIoT issues. It’s almost Valentine’s Day. Have you noticed? (The hoods have.)
https://thecyberwire.com/podcasts/daily-podcast/1758/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
DPRK fund malicious cyber activities with ransomware attacks on critical Infrastructure
North Korea-linked hacker groups conduct ransomware attacks against critical infrastructure facilities to fund their activities.
Top Security News for 12/02/2023
Clop ransomware claims the hack of 130 orgs using GoAnywhere MFT flaw
https://securityaffairs.com/142130/cyber-crime/clop-ransomware-goanywhere-mft.html
Four Generations of Predictive Coding Software, the Background and History of Predictive Coding
https://malware.news/t/four-generations-of-predictive-coding-software-the-background-and-history-of-predictive-coding/67114#post_1
CISA adds Fortra MFT, TerraMaster NAS, Intel driver Flaws, to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.com/142115/hacking/mft-terramaster-intel-driver-flaws-to-its-known-exploited-vulnerabilities-catalog.html
Second Grader Version by Chat GPT of the Blog Earlier Today “Four Generations of Predictive Coding Software, from 2009 to Today”
https://malware.news/t/second-grader-version-by-chat-gpt-of-the-blog-earlier-today-four-generations-of-predictive-coding-software-from-2009-to-today/67116#post_1
New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool
https://thehackernews.com/2023/02/new-esxiargs-ransomware-variant-emerges.html
ESXiArgs Ransomware Analysis with @fwosar
https://malware.news/t/esxiargs-ransomware-analysis-with-fwosar/67115#post_1
PCAP Data Analysis with Zeek, (Sun, Feb 12th)
https://malware.news/t/pcap-data-analysis-with-zeek-sun-feb-12th/67117#post_1
Understanding auditd logs for threat hunting
https://www.reddit.com/r/netsec/comments/10zfc1s/understanding_auditd_logs_for_threat_hunting/
Jaden Dicks: It is never too early to start. [CyberVista intern]
https://thecyberwire.com/podcasts/career-notes/136/notes
GitHub - dwisiswant0/gfx: A wrapper around grep, to help you grep for things! - Improved version of gf by @tomnomnom.
https://www.reddit.com/r/netsec/comments/10zn48n/github_dwisiswant0gfx_a_wrapper_around_grep_to/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Clop ransomware claims the hack of 130 orgs using GoAnywhere MFT flaw
https://securityaffairs.com/142130/cyber-crime/clop-ransomware-goanywhere-mft.html
Four Generations of Predictive Coding Software, the Background and History of Predictive Coding
https://malware.news/t/four-generations-of-predictive-coding-software-the-background-and-history-of-predictive-coding/67114#post_1
CISA adds Fortra MFT, TerraMaster NAS, Intel driver Flaws, to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.com/142115/hacking/mft-terramaster-intel-driver-flaws-to-its-known-exploited-vulnerabilities-catalog.html
Second Grader Version by Chat GPT of the Blog Earlier Today “Four Generations of Predictive Coding Software, from 2009 to Today”
https://malware.news/t/second-grader-version-by-chat-gpt-of-the-blog-earlier-today-four-generations-of-predictive-coding-software-from-2009-to-today/67116#post_1
New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool
https://thehackernews.com/2023/02/new-esxiargs-ransomware-variant-emerges.html
ESXiArgs Ransomware Analysis with @fwosar
https://malware.news/t/esxiargs-ransomware-analysis-with-fwosar/67115#post_1
PCAP Data Analysis with Zeek, (Sun, Feb 12th)
https://malware.news/t/pcap-data-analysis-with-zeek-sun-feb-12th/67117#post_1
Understanding auditd logs for threat hunting
https://www.reddit.com/r/netsec/comments/10zfc1s/understanding_auditd_logs_for_threat_hunting/
Jaden Dicks: It is never too early to start. [CyberVista intern]
https://thecyberwire.com/podcasts/career-notes/136/notes
GitHub - dwisiswant0/gfx: A wrapper around grep, to help you grep for things! - Improved version of gf by @tomnomnom.
https://www.reddit.com/r/netsec/comments/10zn48n/github_dwisiswant0gfx_a_wrapper_around_grep_to/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Clop ransomware claims the hack of 130 orgs using GoAnywhere MFT flaw
The Clop ransomware group claims to have breached over 130 organizations exploiting the GoAnywhere MFT zero-day.
Top Security News for 13/02/2023
Security Affairs newsletter Round 406 by Pierluigi Paganini
https://securityaffairs.com/142136/breaking-news/security-affairs-newsletter-round-406-by-pierluigi-paganini.html
Russian Government evaluates the immunity to hackers acting in the interests of Russia
https://securityaffairs.com/142139/cyber-warfare-2/russian-government-crooks-immunity.html
Hacktivists hacked Iranian State TV during President’s speech on Revolution Day
https://securityaffairs.com/142172/hacktivism/iranian-state-tv-hacked.html
Prior research on cybersecurity first principles.
https://thecyberwire.com/podcasts/cso-perspectives/99/notes
AsyncRAT Being Distributed as Windows Help File (*.chm)
https://malware.news/t/asyncrat-being-distributed-as-windows-help-file-chm/67121#post_1
HWSyscalls is a new method to execute indirect syscalls using hardware breakpoints, HalosGate and a synthetic trampoline on kernel32 with hardware breakpoints.
https://www.reddit.com/r/netsec/comments/110jego/hwsyscalls_is_a_new_method_to_execute_indirect/
ASEC Weekly Phishing Email Threat Trends (January 29th, 2023 – February 4th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-january-29th-2023-february-4th-2023/67119#post_1
Prior research on cybersecurity first principles.
https://thecyberwire.com/stories/4c2978fc087f48df955f19f71c7c18de/prior-research-on-cybersecurity-first-principles
Hackers Targeting U.S. and German Firms Monitor Victims' Desktops with Screenshotter
https://thehackernews.com/2023/02/hackers-targeting-us-and-german-firms.html
ClamAV on Linux Systems
https://www.reddit.com/r/netsec/comments/110xwut/clamav_on_linux_systems/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs newsletter Round 406 by Pierluigi Paganini
https://securityaffairs.com/142136/breaking-news/security-affairs-newsletter-round-406-by-pierluigi-paganini.html
Russian Government evaluates the immunity to hackers acting in the interests of Russia
https://securityaffairs.com/142139/cyber-warfare-2/russian-government-crooks-immunity.html
Hacktivists hacked Iranian State TV during President’s speech on Revolution Day
https://securityaffairs.com/142172/hacktivism/iranian-state-tv-hacked.html
Prior research on cybersecurity first principles.
https://thecyberwire.com/podcasts/cso-perspectives/99/notes
AsyncRAT Being Distributed as Windows Help File (*.chm)
https://malware.news/t/asyncrat-being-distributed-as-windows-help-file-chm/67121#post_1
HWSyscalls is a new method to execute indirect syscalls using hardware breakpoints, HalosGate and a synthetic trampoline on kernel32 with hardware breakpoints.
https://www.reddit.com/r/netsec/comments/110jego/hwsyscalls_is_a_new_method_to_execute_indirect/
ASEC Weekly Phishing Email Threat Trends (January 29th, 2023 – February 4th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-january-29th-2023-february-4th-2023/67119#post_1
Prior research on cybersecurity first principles.
https://thecyberwire.com/stories/4c2978fc087f48df955f19f71c7c18de/prior-research-on-cybersecurity-first-principles
Hackers Targeting U.S. and German Firms Monitor Victims' Desktops with Screenshotter
https://thehackernews.com/2023/02/hackers-targeting-us-and-german-firms.html
ClamAV on Linux Systems
https://www.reddit.com/r/netsec/comments/110xwut/clamav_on_linux_systems/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Security Affairs newsletter Round 406 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you
Top Security News for 14/02/2023
PLC vulnerabilities can enable deep lateral movement inside OT networks
https://www.csoonline.com/article/3687991/plc-vulnerabilities-can-enable-deep-lateral-movement-inside-ot-networks.html#tk.rss_all
Verified Security Test: Malicious File vs EDR
https://www.reddit.com/r/netsec/comments/111cm2y/verified_security_test_malicious_file_vs_edr/
Apple fixes the first zero-day in iPhones and Macs this year
https://securityaffairs.com/142200/hacking/apple-zero-day-iphones-macs.html
Consent to gather data is a "misguided" solution, study reveals
https://www.malwarebytes.com/blog/news/2023/02/consent-to-gather-data-is-a-misguided-solution-study-reveals
Artificial Intelligence Allows Three Ages of Ralph to Promote His Next Two Blogs on the Connection Between Plato’s Cave and E-Discovery
https://malware.news/t/artificial-intelligence-allows-three-ages-of-ralph-to-promote-his-next-two-blogs-on-the-connection-between-plato-s-cave-and-e-discovery/67161#post_1
Training and CTFs
https://malware.news/t/training-and-ctfs/67159#post_1
Plan now to avoid a communications failure after a cyberattack
https://www.csoonline.com/article/3687808/the-role-of-cisos-in-the-communication-response-following-an-incident.html#tk.rss_all
ChatGPT (noun)
https://thecyberwire.com/podcasts/word-notes/135/notes
Apple Patches Exploited Vulnerability, (Mon, Feb 13th)
https://isc.sans.edu/diary/rss/29544
Jailbreaking ChatGPT and other large language models while we can
https://www.malwarebytes.com/blog/news/2023/02/jailbreaking-large-language-models-like-chatgp-while-we-still-can
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
PLC vulnerabilities can enable deep lateral movement inside OT networks
https://www.csoonline.com/article/3687991/plc-vulnerabilities-can-enable-deep-lateral-movement-inside-ot-networks.html#tk.rss_all
Verified Security Test: Malicious File vs EDR
https://www.reddit.com/r/netsec/comments/111cm2y/verified_security_test_malicious_file_vs_edr/
Apple fixes the first zero-day in iPhones and Macs this year
https://securityaffairs.com/142200/hacking/apple-zero-day-iphones-macs.html
Consent to gather data is a "misguided" solution, study reveals
https://www.malwarebytes.com/blog/news/2023/02/consent-to-gather-data-is-a-misguided-solution-study-reveals
Artificial Intelligence Allows Three Ages of Ralph to Promote His Next Two Blogs on the Connection Between Plato’s Cave and E-Discovery
https://malware.news/t/artificial-intelligence-allows-three-ages-of-ralph-to-promote-his-next-two-blogs-on-the-connection-between-plato-s-cave-and-e-discovery/67161#post_1
Training and CTFs
https://malware.news/t/training-and-ctfs/67159#post_1
Plan now to avoid a communications failure after a cyberattack
https://www.csoonline.com/article/3687808/the-role-of-cisos-in-the-communication-response-following-an-incident.html#tk.rss_all
ChatGPT (noun)
https://thecyberwire.com/podcasts/word-notes/135/notes
Apple Patches Exploited Vulnerability, (Mon, Feb 13th)
https://isc.sans.edu/diary/rss/29544
Jailbreaking ChatGPT and other large language models while we can
https://www.malwarebytes.com/blog/news/2023/02/jailbreaking-large-language-models-like-chatgp-while-we-still-can
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
PLC vulnerabilities can enable deep lateral movement inside OT networks
Researchers demonstrate how attackers can target PLCs to bypass authentication and perform remote code execution on industrial networks.
Top Security News for 15/02/2023
Threat activity in the industrial sector. New information-stealing malware targets Ukraine. MortalKombat ransomware.
https://thecyberwire.com/podcasts/research-briefing/155/notes
A Different Payload for ManageEngine's CVE-2022-47966
https://www.reddit.com/r/netsec/comments/1127arf/a_different_payload_for_manageengines_cve202247966/
PYbot DDoS Malware Being Distributed Disguised as a Discord Nitro Code Generator
https://malware.news/t/pybot-ddos-malware-being-distributed-disguised-as-a-discord-nitro-code-generator/67209#post_1
Measuring cybersecurity: The what, why, and how
https://www.csoonline.com/article/3687733/measuring-cybersecurity-the-what-why-and-how.html#tk.rss_all
ISC Stormcast For Wednesday, February 15th, 2023 https://isc.sans.edu/podcastdetail.html?id=8370, (Wed, Feb 15th)
https://isc.sans.edu/diary/rss/29550
Should you share passwords with your partner?
https://www.malwarebytes.com/blog/news/2023/02/should-you-share-passwords-with-your-partner
Expel announces MDR for Kubernetes with MITRE ATT&CK framework alignment
https://www.csoonline.com/article/3687677/expel-announces-mdr-for-kubernetes-with-mitre-attandck-framework-alignment.html#tk.rss_all
The Pixel phones may be getting a long overdue feature
https://malware.news/t/the-pixel-phones-may-be-getting-a-long-overdue-feature/67206#post_1
EnterpriseDB adds Transparent Data Encryption to PostgreSQL
https://www.infoworld.com/article/3687813/enterprisedb-adds-transparent-data-encryption-to-postgresql.html#tk.rss_all
How to deal with developers' fatigue? - Having a long list of vulnerabilities to fix
https://www.reddit.com/r/netsec/comments/11291qt/how_to_deal_with_developers_fatigue_having_a_long/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Threat activity in the industrial sector. New information-stealing malware targets Ukraine. MortalKombat ransomware.
https://thecyberwire.com/podcasts/research-briefing/155/notes
A Different Payload for ManageEngine's CVE-2022-47966
https://www.reddit.com/r/netsec/comments/1127arf/a_different_payload_for_manageengines_cve202247966/
PYbot DDoS Malware Being Distributed Disguised as a Discord Nitro Code Generator
https://malware.news/t/pybot-ddos-malware-being-distributed-disguised-as-a-discord-nitro-code-generator/67209#post_1
Measuring cybersecurity: The what, why, and how
https://www.csoonline.com/article/3687733/measuring-cybersecurity-the-what-why-and-how.html#tk.rss_all
ISC Stormcast For Wednesday, February 15th, 2023 https://isc.sans.edu/podcastdetail.html?id=8370, (Wed, Feb 15th)
https://isc.sans.edu/diary/rss/29550
Should you share passwords with your partner?
https://www.malwarebytes.com/blog/news/2023/02/should-you-share-passwords-with-your-partner
Expel announces MDR for Kubernetes with MITRE ATT&CK framework alignment
https://www.csoonline.com/article/3687677/expel-announces-mdr-for-kubernetes-with-mitre-attandck-framework-alignment.html#tk.rss_all
The Pixel phones may be getting a long overdue feature
https://malware.news/t/the-pixel-phones-may-be-getting-a-long-overdue-feature/67206#post_1
EnterpriseDB adds Transparent Data Encryption to PostgreSQL
https://www.infoworld.com/article/3687813/enterprisedb-adds-transparent-data-encryption-to-postgresql.html#tk.rss_all
How to deal with developers' fatigue? - Having a long list of vulnerabilities to fix
https://www.reddit.com/r/netsec/comments/11291qt/how_to_deal_with_developers_fatigue_having_a_long/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Threat activity in the industrial sector. New information-stealing malware targets Ukraine. MortalKombat ransomware.
Top Security News for 16/02/2023
Cybersecurity startup Oligo debuts with new application security tech
https://www.csoonline.com/article/3687617/cybersecurity-startup-oligo-debuts-with-new-application-security-tech.html#tk.rss_all
Update: process-binary-file Version 0.0.9
https://malware.news/t/update-process-binary-file-version-0-0-9/67241#post_1
Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware
https://thehackernews.com/2023/02/financially-motivated-threat-actor.html
5 biggest risks of using third-party services providers
https://www.csoonline.com/article/3687812/5-major-risks-third-party-services-may-bring-along-with-them.html#tk.rss_all
Defending against attacks on Azure AD: Goodbye firewall, hello identity protection
https://www.csoonline.com/article/3688108/defending-against-attacks-on-azure-ad-goodbye-firewall-hello-identity-protection.html#tk.rss_all
Google Rolling Out Privacy Sandbox Beta on Android 13 Devices
https://thehackernews.com/2023/02/google-rolling-out-privacy-sandbox-beta.html
Security tool adoption jumps, Okta report shows
https://www.computerworld.com/article/3688350/security-tool-adoption-jumps-okta-report-shows.html#tk.rss_all
Sophos introduces 5G support for desktop firewalls
https://malware.news/t/sophos-introduces-5g-support-for-desktop-firewalls/67245#post_1
Firewall performance for the campus edge with the new XGS 7500 and XGS 8500
https://malware.news/t/firewall-performance-for-the-campus-edge-with-the-new-xgs-7500-and-xgs-8500/67244#post_1
Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar
https://thehackernews.com/2023/02/experts-warn-of-beep-new-evasive.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Cybersecurity startup Oligo debuts with new application security tech
https://www.csoonline.com/article/3687617/cybersecurity-startup-oligo-debuts-with-new-application-security-tech.html#tk.rss_all
Update: process-binary-file Version 0.0.9
https://malware.news/t/update-process-binary-file-version-0-0-9/67241#post_1
Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware
https://thehackernews.com/2023/02/financially-motivated-threat-actor.html
5 biggest risks of using third-party services providers
https://www.csoonline.com/article/3687812/5-major-risks-third-party-services-may-bring-along-with-them.html#tk.rss_all
Defending against attacks on Azure AD: Goodbye firewall, hello identity protection
https://www.csoonline.com/article/3688108/defending-against-attacks-on-azure-ad-goodbye-firewall-hello-identity-protection.html#tk.rss_all
Google Rolling Out Privacy Sandbox Beta on Android 13 Devices
https://thehackernews.com/2023/02/google-rolling-out-privacy-sandbox-beta.html
Security tool adoption jumps, Okta report shows
https://www.computerworld.com/article/3688350/security-tool-adoption-jumps-okta-report-shows.html#tk.rss_all
Sophos introduces 5G support for desktop firewalls
https://malware.news/t/sophos-introduces-5g-support-for-desktop-firewalls/67245#post_1
Firewall performance for the campus edge with the new XGS 7500 and XGS 8500
https://malware.news/t/firewall-performance-for-the-campus-edge-with-the-new-xgs-7500-and-xgs-8500/67244#post_1
Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar
https://thehackernews.com/2023/02/experts-warn-of-beep-new-evasive.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
Cybersecurity startup Oligo debuts with new application security tech
An Israeli startup targets open source code vulnerabilities with advanced agentless filtering technology.
👍1
Top Security News for 17/02/2023
Bing Is Not Sentient, Does Not Have Feelings, Is Not Alive, and Does Not Want to Be Alive
https://www.vice.com/en_us/article/k7bmmx/bing-ai-chatbot-meltdown-sentience
ISC Stormcast For Friday, February 17th, 2023 https://isc.sans.edu/podcastdetail.html?id=8374, (Fri, Feb 17th)
https://isc.sans.edu/diary/rss/29558
ISC StormCast for Friday, February 17th, 2023
https://isc.sans.edu/podcastdetail.html?id=8374
Tile steps up measures against thieves and stalkers, criticizes Apple's AirTag approach
https://malware.news/t/tile-steps-up-measures-against-thieves-and-stalkers-criticizes-apples-airtag-approach/67294#post_1
Evolving cyberattacks, alert fatigue creating DFIR burnout, regulatory risk
https://www.csoonline.com/article/3688228/evolving-cyberattacks-alert-fatigue-creating-dfir-burnout-regulatory-risk.html#tk.rss_all
New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle East
https://thehackernews.com/2023/02/new-threat-actor-wip26-targeting.html
How automation in CSPM can improve cloud security
https://www.csoonline.com/article/3687745/how-automation-in-cspm-can-improve-cloud-security.html#tk.rss_all
Critical RCE Vulnerability Discovered in ClamAV Open-Source Antivirus Software
https://thehackernews.com/2023/02/critical-rce-vulnerability-discovered.html
No More Access Denied - I Am the TrustedInstaller
https://www.reddit.com/r/netsec/comments/113xm49/no_more_access_denied_i_am_the_trustedinstaller/
Malware authors leverage more attack techniques that enable lateral movement
https://www.csoonline.com/article/3688568/malware-authors-leverage-more-attack-techniques-that-enable-lateral-movement.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Bing Is Not Sentient, Does Not Have Feelings, Is Not Alive, and Does Not Want to Be Alive
https://www.vice.com/en_us/article/k7bmmx/bing-ai-chatbot-meltdown-sentience
ISC Stormcast For Friday, February 17th, 2023 https://isc.sans.edu/podcastdetail.html?id=8374, (Fri, Feb 17th)
https://isc.sans.edu/diary/rss/29558
ISC StormCast for Friday, February 17th, 2023
https://isc.sans.edu/podcastdetail.html?id=8374
Tile steps up measures against thieves and stalkers, criticizes Apple's AirTag approach
https://malware.news/t/tile-steps-up-measures-against-thieves-and-stalkers-criticizes-apples-airtag-approach/67294#post_1
Evolving cyberattacks, alert fatigue creating DFIR burnout, regulatory risk
https://www.csoonline.com/article/3688228/evolving-cyberattacks-alert-fatigue-creating-dfir-burnout-regulatory-risk.html#tk.rss_all
New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle East
https://thehackernews.com/2023/02/new-threat-actor-wip26-targeting.html
How automation in CSPM can improve cloud security
https://www.csoonline.com/article/3687745/how-automation-in-cspm-can-improve-cloud-security.html#tk.rss_all
Critical RCE Vulnerability Discovered in ClamAV Open-Source Antivirus Software
https://thehackernews.com/2023/02/critical-rce-vulnerability-discovered.html
No More Access Denied - I Am the TrustedInstaller
https://www.reddit.com/r/netsec/comments/113xm49/no_more_access_denied_i_am_the_trustedinstaller/
Malware authors leverage more attack techniques that enable lateral movement
https://www.csoonline.com/article/3688568/malware-authors-leverage-more-attack-techniques-that-enable-lateral-movement.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Vice
Bing Is Not Sentient, Does Not Have Feelings, Is Not Alive, and Does Not Want to Be Alive
Bing AI is just a glitchy chatbot, and we can never forget that.
Top Security News for 18/02/2023
German airport websites hit by DDos attacks once again
https://securityaffairs.com/142373/breaking-news/german-airports-websites-failures.html
Data corruption incident affects New Hampshire medical center. Atlassian discloses data breach. PayPal impersonation scam seeks personal information.
https://thecyberwire.com/podcasts/privacy-briefing/769/notes
iPhone calendar spam: What it is, and how to remove it
https://www.malwarebytes.com/blog/news/2023/02/iphone-calendar-spam-what-it-is-and-how-to-remove-it
Armenian Entities Hit by New Version of OxtaRAT Spying Tool
https://thehackernews.com/2023/02/armenian-entities-hit-by-new-version-of.html
Implementing and achieving security resilience.
https://thecyberwire.com/podcasts/research-saturday/269/notes
Mortal Kombat ransomware forms tag team with crypto-stealing malware
https://www.malwarebytes.com/blog/news/2023/02/mortal-kombat-ransomware-forms-tag-team-partnership-with-laplas-clipper
Guide For Beginners: Syslog Configuration on Cisco Devices
https://www.reddit.com/r/netsec/comments/114d8r6/guide_for_beginners_syslog_configuration_on_cisco/
New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices
https://thehackernews.com/2023/02/new-mirai-botnet-variant-v3g4.html
Quickpost: Fixing A Duplicate Key
https://malware.news/t/quickpost-fixing-a-duplicate-key/67326#post_1
Ghidra Golf: A Reverse Engineering CTF
https://www.reddit.com/r/netsec/comments/114ih63/ghidra_golf_a_reverse_engineering_ctf/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
German airport websites hit by DDos attacks once again
https://securityaffairs.com/142373/breaking-news/german-airports-websites-failures.html
Data corruption incident affects New Hampshire medical center. Atlassian discloses data breach. PayPal impersonation scam seeks personal information.
https://thecyberwire.com/podcasts/privacy-briefing/769/notes
iPhone calendar spam: What it is, and how to remove it
https://www.malwarebytes.com/blog/news/2023/02/iphone-calendar-spam-what-it-is-and-how-to-remove-it
Armenian Entities Hit by New Version of OxtaRAT Spying Tool
https://thehackernews.com/2023/02/armenian-entities-hit-by-new-version-of.html
Implementing and achieving security resilience.
https://thecyberwire.com/podcasts/research-saturday/269/notes
Mortal Kombat ransomware forms tag team with crypto-stealing malware
https://www.malwarebytes.com/blog/news/2023/02/mortal-kombat-ransomware-forms-tag-team-partnership-with-laplas-clipper
Guide For Beginners: Syslog Configuration on Cisco Devices
https://www.reddit.com/r/netsec/comments/114d8r6/guide_for_beginners_syslog_configuration_on_cisco/
New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices
https://thehackernews.com/2023/02/new-mirai-botnet-variant-v3g4.html
Quickpost: Fixing A Duplicate Key
https://malware.news/t/quickpost-fixing-a-duplicate-key/67326#post_1
Ghidra Golf: A Reverse Engineering CTF
https://www.reddit.com/r/netsec/comments/114ih63/ghidra_golf_a_reverse_engineering_ctf/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
German airport websites hit by DDos attacks once again
Experts are investigating the failures of several German airports after some media attributed them to a possible hacking campaign.