Top Security News for 03/02/2023

Ransomware in December 2022
https://www.malwarebytes.com/blog/threat-intelligence/2023/02/ransomware-in-december-2022

Cybersecurity and privacy tips you can teach your 5+-year-old
https://www.malwarebytes.com/blog/news/2023/02/cybersecurity-and-privacy-tips-you-can-teach-your-5-year-old

Discovering Six Critical Docker Desktop Privilege Escalation Vulnerabilities. (Bonus: New OSS Tool!)
https://www.reddit.com/r/netsec/comments/10rylf9/discovering_six_critical_docker_desktop_privilege/

Adobe Acrobat Reader - resetForm - CAgg UaF - RCE Exploit - CVE-2023-21608
https://www.reddit.com/r/netsec/comments/10s95yz/adobe_acrobat_reader_resetform_cagg_uaf_rce/

Cisco fixes vulnerabilities in ICS appliances. NIST’s anti-phishing guidelines. OneNote exploitation. HeadCrab malware. Recent actions by Russian threat actors. Trends in state-directed cyber ops.
https://thecyberwire.com/podcasts/daily-podcast/1752/notes

EMBA - Automated firmware security scanner v1.2.1 released
https://www.reddit.com/r/netsec/comments/10rrlm0/emba_automated_firmware_security_scanner_v121/

Remote code execution exploit chain available for VMware vRealize Log Insight
https://www.csoonline.com/article/3687171/remote-code-execution-exploit-chain-available-for-vmware-vrealize-log-insight.html#tk.rss_all

ISC Stormcast For Friday, February 3rd, 2023 https://isc.sans.edu/podcastdetail.html?id=8354, (Fri, Feb 3rd)
https://malware.news/t/isc-stormcast-for-friday-february-3rd-2023-https-isc-sans-edu-podcastdetail-html-id-8354-fri-feb-3rd/66893#post_1

TC39 proposal for mitigating prototype pollution
https://www.reddit.com/r/netsec/comments/10s6730/tc39_proposal_for_mitigating_prototype_pollution/

New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products
https://thehackernews.com/2023/02/new-high-severity-vulnerabilities.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 08/02/2023

Redistribution of Magniber Ransomware in Korea (January 28th)
https://malware.news/t/redistribution-of-magniber-ransomware-in-korea-january-28th/67002#post_1

Tackling the New Cyber Insurance Requirements: Can Your Organization Comply?
https://thehackernews.com/2023/02/tackling-new-cyber-insurance.html

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/07-02-2023

How to Spot a Nefarious Cryptocurrency Platform
https://securityintelligence.com/articles/how-to-spot-nefarious-crypto-platform/

How to get data from the website
https://0x00sec.org/t/how-to-get-data-from-the-website/33367

New Linux variant of Clop Ransomware uses a flawed encryption algorithm
https://securityaffairs.com/141932/cyber-crime/clop-ransomware-linux-variant.html

Quad Partners' cyber challenge. Federal Cyber R&D Strategic Plan RFI. CISA supports victims of ESXiArgs ransomware. Pakistan unblocks Wikipedia.
https://thecyberwire.com/newsletters/policy-briefing/5/25

Quasar RAT Being Distributed by Private HTS Program
https://malware.news/t/quasar-rat-being-distributed-by-private-hts-program/67001#post_1

Conservatives Are Obsessed With Getting ChatGPT to Say the N-Word
https://www.vice.com/en_us/article/wxnv59/conservatives-are-obsessed-with-getting-chatgpt-to-say-the-n-word

Post-Exploitation: Abusing the KeePass Plugin Cache
https://www.reddit.com/r/netsec/comments/10w944g/postexploitation_abusing_the_keepass_plugin_cache/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 09/02/2023

ISC Stormcast For Thursday, February 9th, 2023 https://isc.sans.edu/podcastdetail.html?id=8362, (Thu, Feb 9th)
https://isc.sans.edu/diary/rss/29532

ISC Stormcast For Thursday, February 9th, 2023 https://isc.sans.edu/podcastdetail.html?id=8362, (Thu, Feb 9th)
https://malware.news/t/isc-stormcast-for-thursday-february-9th-2023-https-isc-sans-edu-podcastdetail-html-id-8362-thu-feb-9th/67041#post_1

Ransomware review: February 2023
https://malware.news/t/ransomware-review-february-2023/67039#post_1

Dota 2 Under Attack: How a V8 Bug Was Exploited in the Game
https://www.reddit.com/r/netsec/comments/10wsv0n/dota_2_under_attack_how_a_v8_bug_was_exploited_in/

Growing number of endpoint security tools overwhelm users, leaving devices unprotected
https://www.csoonline.com/article/3687140/growing-number-of-endpoint-security-tools-overwhelm-users-leaving-devices-unprotected.html#tk.rss_all

OpenSSH Pre-Auth Double Free - CVE-2023-25136 - Writeup and Proof-of-Concept
https://www.reddit.com/r/netsec/comments/10x5fag/openssh_preauth_double_free_cve202325136_writeup/

NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/08-02-2023

Cohesity Data Cloud 7.0 enhances privileged access authentication, ransomware recovery
https://www.csoonline.com/article/3687179/cohesity-data-cloud-70-enhances-privileged-access-authentication-ransomware-recovery.html#tk.rss_all

Solving one of NOBELIUM’s most novel attacks: Cyberattack Series
https://www.microsoft.com/en-us/security/blog/2023/02/08/solving-one-of-nobeliums-most-novel-attacks-cyberattack-series/

CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks
https://thehackernews.com/2023/02/cert-ua-alerts-ukrainian-state.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 10/02/2023

Hackers Are Selling A Service That Bypasses ChatGPT Restrictions On Malware
https://packetstormsecurity.com/news/view/34300/Hackers-Are-Selling-A-Service-That-Bypasses-ChatGPT-Restrictions-On-Malware.html

ISC Stormcast For Friday, February 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8364, (Fri, Feb 10th)
https://malware.news/t/isc-stormcast-for-friday-february-10th-2023-https-isc-sans-edu-podcastdetail-html-id-8364-fri-feb-10th/67082#post_1

Neo4jection: Secrets, Data, and Cloud Exploits - Attacking Neo4j
https://www.reddit.com/r/netsec/comments/10xwr98/neo4jection_secrets_data_and_cloud_exploits/

After the war in Ukraine: Cyber revanchism.
https://thecyberwire.com/stories/f9543307f1f14165a966baae3be4db26/after-the-war-in-ukraine-cyber-revanchism

VMware ESXi server ransomware evolves, after recovery script released
https://www.networkworld.com/article/3687610/vmware-esxi-server-ransomware-evolves-after-recovery-script-released.html#tk.rss_all

“Permanently” Bricking Computers and Other Supply Chain Issues
https://malware.news/t/permanently-bricking-computers-and-other-supply-chain-issues/67080#post_1

[SANS ISC] A Backdoor with Smart Screenshot Capability
https://blog.rootshell.be/2023/02/09/sans-isc-a-backdoor-with-smart-screenshot-capabilitysans-isc/

What is a Pentester, and Can They Prevent Data Breaches?
https://securityintelligence.com/articles/what-is-a-pentester/

Widespread ransomware operation infests thousands. British hospital trust accidentally leaks staff data.
https://thecyberwire.com/podcasts/privacy-briefing/763/notes

ISC StormCast for Friday, February 10th, 2023
https://isc.sans.edu/podcastdetail.html?id=8364


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 10/02/2023

Android mobile devices from top vendors in China have pre-installed malware
https://securityaffairs.com/141989/malware/android-mobile-devices-china-malware.html

How to unleash the power of an effective security engineering team
https://www.csoonline.com/article/3687180/how-to-unleash-the-power-of-an-effective-security-engineering-team.html#tk.rss_all

What is a Pentester, and Can They Prevent Data Breaches?
https://securityintelligence.com/articles/what-is-a-pentester/

secpat2gf: convert secret patterns to gf compatible.
https://www.reddit.com/r/netsec/comments/10yfi1o/secpat2gf_convert_secret_patterns_to_gf_compatible/

U.S., Britain Impose Sanctions On Russia's Trickbot Hacking Gang
https://packetstormsecurity.com/news/view/34301/U.S.-Britain-Impose-Sanctions-On-Russias-Trickbot-Hacking-Gang.html

We had a security incident. Here’s what we know.
https://www.reddit.com/r/netsec/comments/10y59q2/we_had_a_security_incident_heres_what_we_know/

2022 in Cybersecurity
https://malware.news/t/2022-in-cybersecurity/67083#post_1

[SANS ISC] A Backdoor with Smart Screenshot Capability
https://blog.rootshell.be/2023/02/09/sans-isc-a-backdoor-with-smart-screenshot-capabilitysans-isc/

Introducing Malwarebytes Application Block: How to block unauthorized software from executing on Windows endpoints
https://www.malwarebytes.com/blog/business/2023/02/introducing-malwarebytes-application-block-how-to-block-unauthorized-software-from-executing-on-windows-endpoints

OpenSSL Fixes Multiple New Security Flaws with Latest Update
https://thehackernews.com/2023/02/openssl-fixes-multiple-new-security.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 11/02/2023

DPRK fund malicious cyber activities with ransomware attacks on critical Infrastructure
https://securityaffairs.com/142090/breaking-news/north-korea-hackers-ransomware.html

Reddit discloses security breach that exposed source code and internal docs
https://securityaffairs.com/142071/data-breach/reddit-security-breach.html

FireFly : an advanced black-box fuzzer and not just a standard asset discovery tool
https://www.reddit.com/r/netsec/comments/10z2wpa/firefly_an_advanced_blackbox_fuzzer_and_not_just/

$800,000 recovered from Business Email Compromise attack
https://www.malwarebytes.com/blog/news/2023/02/800k-recovered-from-business-email-compromise-attack

Reddit breached, here's what you need to know
https://www.malwarebytes.com/blog/news/2023/02/reddit-systems-compromised-by-phish-attack.-heres-what-you-need-to-do-next

Ransomware attack hit the City of Oakland
https://securityaffairs.com/142110/cyber-crime/city-of-oakland-ransomware-attack.html

Researchers Uncover Obfuscated Malicious Code in PyPI Python Packages
https://thehackernews.com/2023/02/researchers-uncover-obfuscated.html

U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks
https://thehackernews.com/2023/02/uk-and-us-sanction-7-russians-for.html

Find Writable Shares with Python.
https://www.reddit.com/r/netsec/comments/10yrr2f/find_writable_shares_with_python/

US, RoK agencies outline DPRK ransomware. Reddit breached. ICS and IIoT issues. It’s almost Valentine’s Day. Have you noticed? (The hoods have.)
https://thecyberwire.com/podcasts/daily-podcast/1758/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 12/02/2023

Clop ransomware claims the hack of 130 orgs using GoAnywhere MFT flaw
https://securityaffairs.com/142130/cyber-crime/clop-ransomware-goanywhere-mft.html

Four Generations of Predictive Coding Software, the Background and History of Predictive Coding
https://malware.news/t/four-generations-of-predictive-coding-software-the-background-and-history-of-predictive-coding/67114#post_1

CISA adds Fortra MFT, TerraMaster NAS, Intel driver Flaws, to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.com/142115/hacking/mft-terramaster-intel-driver-flaws-to-its-known-exploited-vulnerabilities-catalog.html

Second Grader Version by Chat GPT of the Blog Earlier Today “Four Generations of Predictive Coding Software, from 2009 to Today”
https://malware.news/t/second-grader-version-by-chat-gpt-of-the-blog-earlier-today-four-generations-of-predictive-coding-software-from-2009-to-today/67116#post_1

New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool
https://thehackernews.com/2023/02/new-esxiargs-ransomware-variant-emerges.html

ESXiArgs Ransomware Analysis with @fwosar
https://malware.news/t/esxiargs-ransomware-analysis-with-fwosar/67115#post_1

PCAP Data Analysis with Zeek, (Sun, Feb 12th)
https://malware.news/t/pcap-data-analysis-with-zeek-sun-feb-12th/67117#post_1

Understanding auditd logs for threat hunting
https://www.reddit.com/r/netsec/comments/10zfc1s/understanding_auditd_logs_for_threat_hunting/

Jaden Dicks: It is never too early to start. [CyberVista intern]
https://thecyberwire.com/podcasts/career-notes/136/notes

GitHub - dwisiswant0/gfx: A wrapper around grep, to help you grep for things! - Improved version of gf by @tomnomnom.
https://www.reddit.com/r/netsec/comments/10zn48n/github_dwisiswant0gfx_a_wrapper_around_grep_to/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 13/02/2023

Security Affairs newsletter Round 406 by Pierluigi Paganini
https://securityaffairs.com/142136/breaking-news/security-affairs-newsletter-round-406-by-pierluigi-paganini.html

Russian Government evaluates the immunity to hackers acting in the interests of Russia
https://securityaffairs.com/142139/cyber-warfare-2/russian-government-crooks-immunity.html

Hacktivists hacked Iranian State TV during President’s speech on Revolution Day
https://securityaffairs.com/142172/hacktivism/iranian-state-tv-hacked.html

Prior research on cybersecurity first principles.
https://thecyberwire.com/podcasts/cso-perspectives/99/notes

AsyncRAT Being Distributed as Windows Help File (*.chm)
https://malware.news/t/asyncrat-being-distributed-as-windows-help-file-chm/67121#post_1

HWSyscalls is a new method to execute indirect syscalls using hardware breakpoints, HalosGate and a synthetic trampoline on kernel32 with hardware breakpoints.
https://www.reddit.com/r/netsec/comments/110jego/hwsyscalls_is_a_new_method_to_execute_indirect/

ASEC Weekly Phishing Email Threat Trends (January 29th, 2023 – February 4th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-january-29th-2023-february-4th-2023/67119#post_1

Prior research on cybersecurity first principles.
https://thecyberwire.com/stories/4c2978fc087f48df955f19f71c7c18de/prior-research-on-cybersecurity-first-principles

Hackers Targeting U.S. and German Firms Monitor Victims' Desktops with Screenshotter
https://thehackernews.com/2023/02/hackers-targeting-us-and-german-firms.html

ClamAV on Linux Systems
https://www.reddit.com/r/netsec/comments/110xwut/clamav_on_linux_systems/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 14/02/2023

PLC vulnerabilities can enable deep lateral movement inside OT networks
https://www.csoonline.com/article/3687991/plc-vulnerabilities-can-enable-deep-lateral-movement-inside-ot-networks.html#tk.rss_all

Verified Security Test: Malicious File vs EDR
https://www.reddit.com/r/netsec/comments/111cm2y/verified_security_test_malicious_file_vs_edr/

Apple fixes the first zero-day in iPhones and Macs this year
https://securityaffairs.com/142200/hacking/apple-zero-day-iphones-macs.html

Consent to gather data is a "misguided" solution, study reveals
https://www.malwarebytes.com/blog/news/2023/02/consent-to-gather-data-is-a-misguided-solution-study-reveals

Artificial Intelligence Allows Three Ages of Ralph to Promote His Next Two Blogs on the Connection Between Plato’s Cave and E-Discovery
https://malware.news/t/artificial-intelligence-allows-three-ages-of-ralph-to-promote-his-next-two-blogs-on-the-connection-between-plato-s-cave-and-e-discovery/67161#post_1

Training and CTFs
https://malware.news/t/training-and-ctfs/67159#post_1

Plan now to avoid a communications failure after a cyberattack
https://www.csoonline.com/article/3687808/the-role-of-cisos-in-the-communication-response-following-an-incident.html#tk.rss_all

ChatGPT (noun)
https://thecyberwire.com/podcasts/word-notes/135/notes

Apple Patches Exploited Vulnerability, (Mon, Feb 13th)
https://isc.sans.edu/diary/rss/29544

Jailbreaking ChatGPT and other large language models while we can
https://www.malwarebytes.com/blog/news/2023/02/jailbreaking-large-language-models-like-chatgp-while-we-still-can


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 15/02/2023

Threat activity in the industrial sector. New information-stealing malware targets Ukraine. MortalKombat ransomware.
https://thecyberwire.com/podcasts/research-briefing/155/notes

A Different Payload for ManageEngine's CVE-2022-47966
https://www.reddit.com/r/netsec/comments/1127arf/a_different_payload_for_manageengines_cve202247966/

PYbot DDoS Malware Being Distributed Disguised as a Discord Nitro Code Generator
https://malware.news/t/pybot-ddos-malware-being-distributed-disguised-as-a-discord-nitro-code-generator/67209#post_1

Measuring cybersecurity: The what, why, and how
https://www.csoonline.com/article/3687733/measuring-cybersecurity-the-what-why-and-how.html#tk.rss_all

ISC Stormcast For Wednesday, February 15th, 2023 https://isc.sans.edu/podcastdetail.html?id=8370, (Wed, Feb 15th)
https://isc.sans.edu/diary/rss/29550

Should you share passwords with your partner?
https://www.malwarebytes.com/blog/news/2023/02/should-you-share-passwords-with-your-partner

Expel announces MDR for Kubernetes with MITRE ATT&CK framework alignment
https://www.csoonline.com/article/3687677/expel-announces-mdr-for-kubernetes-with-mitre-attandck-framework-alignment.html#tk.rss_all

The Pixel phones may be getting a long overdue feature
https://malware.news/t/the-pixel-phones-may-be-getting-a-long-overdue-feature/67206#post_1

EnterpriseDB adds Transparent Data Encryption to PostgreSQL
https://www.infoworld.com/article/3687813/enterprisedb-adds-transparent-data-encryption-to-postgresql.html#tk.rss_all

How to deal with developers' fatigue? - Having a long list of vulnerabilities to fix
https://www.reddit.com/r/netsec/comments/11291qt/how_to_deal_with_developers_fatigue_having_a_long/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 16/02/2023

Cybersecurity startup Oligo debuts with new application security tech
https://www.csoonline.com/article/3687617/cybersecurity-startup-oligo-debuts-with-new-application-security-tech.html#tk.rss_all

Update: process-binary-file Version 0.0.9
https://malware.news/t/update-process-binary-file-version-0-0-9/67241#post_1

Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware
https://thehackernews.com/2023/02/financially-motivated-threat-actor.html

5 biggest risks of using third-party services providers
https://www.csoonline.com/article/3687812/5-major-risks-third-party-services-may-bring-along-with-them.html#tk.rss_all

Defending against attacks on Azure AD: Goodbye firewall, hello identity protection
https://www.csoonline.com/article/3688108/defending-against-attacks-on-azure-ad-goodbye-firewall-hello-identity-protection.html#tk.rss_all

Google Rolling Out Privacy Sandbox Beta on Android 13 Devices
https://thehackernews.com/2023/02/google-rolling-out-privacy-sandbox-beta.html

Security tool adoption jumps, Okta report shows
https://www.computerworld.com/article/3688350/security-tool-adoption-jumps-okta-report-shows.html#tk.rss_all

Sophos introduces 5G support for desktop firewalls
https://malware.news/t/sophos-introduces-5g-support-for-desktop-firewalls/67245#post_1

Firewall performance for the campus edge with the new XGS 7500 and XGS 8500
https://malware.news/t/firewall-performance-for-the-campus-edge-with-the-new-xgs-7500-and-xgs-8500/67244#post_1

Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar
https://thehackernews.com/2023/02/experts-warn-of-beep-new-evasive.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 17/02/2023

Bing Is Not Sentient, Does Not Have Feelings, Is Not Alive, and Does Not Want to Be Alive
https://www.vice.com/en_us/article/k7bmmx/bing-ai-chatbot-meltdown-sentience

ISC Stormcast For Friday, February 17th, 2023 https://isc.sans.edu/podcastdetail.html?id=8374, (Fri, Feb 17th)
https://isc.sans.edu/diary/rss/29558

ISC StormCast for Friday, February 17th, 2023
https://isc.sans.edu/podcastdetail.html?id=8374

Tile steps up measures against thieves and stalkers, criticizes Apple's AirTag approach
https://malware.news/t/tile-steps-up-measures-against-thieves-and-stalkers-criticizes-apples-airtag-approach/67294#post_1

Evolving cyberattacks, alert fatigue creating DFIR burnout, regulatory risk
https://www.csoonline.com/article/3688228/evolving-cyberattacks-alert-fatigue-creating-dfir-burnout-regulatory-risk.html#tk.rss_all

New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle East
https://thehackernews.com/2023/02/new-threat-actor-wip26-targeting.html

How automation in CSPM can improve cloud security
https://www.csoonline.com/article/3687745/how-automation-in-cspm-can-improve-cloud-security.html#tk.rss_all

Critical RCE Vulnerability Discovered in ClamAV Open-Source Antivirus Software
https://thehackernews.com/2023/02/critical-rce-vulnerability-discovered.html

No More Access Denied - I Am the TrustedInstaller
https://www.reddit.com/r/netsec/comments/113xm49/no_more_access_denied_i_am_the_trustedinstaller/

Malware authors leverage more attack techniques that enable lateral movement
https://www.csoonline.com/article/3688568/malware-authors-leverage-more-attack-techniques-that-enable-lateral-movement.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 18/02/2023

German airport websites hit by DDos attacks once again
https://securityaffairs.com/142373/breaking-news/german-airports-websites-failures.html

Data corruption incident affects New Hampshire medical center. Atlassian discloses data breach. PayPal impersonation scam seeks personal information.
https://thecyberwire.com/podcasts/privacy-briefing/769/notes

iPhone calendar spam: What it is, and how to remove it
https://www.malwarebytes.com/blog/news/2023/02/iphone-calendar-spam-what-it-is-and-how-to-remove-it

Armenian Entities Hit by New Version of OxtaRAT Spying Tool
https://thehackernews.com/2023/02/armenian-entities-hit-by-new-version-of.html

Implementing and achieving security resilience.
https://thecyberwire.com/podcasts/research-saturday/269/notes

Mortal Kombat ransomware forms tag team with crypto-stealing malware
https://www.malwarebytes.com/blog/news/2023/02/mortal-kombat-ransomware-forms-tag-team-partnership-with-laplas-clipper

Guide For Beginners: Syslog Configuration on Cisco Devices
https://www.reddit.com/r/netsec/comments/114d8r6/guide_for_beginners_syslog_configuration_on_cisco/

New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices
https://thehackernews.com/2023/02/new-mirai-botnet-variant-v3g4.html

Quickpost: Fixing A Duplicate Key
https://malware.news/t/quickpost-fixing-a-duplicate-key/67326#post_1

Ghidra Golf: A Reverse Engineering CTF
https://www.reddit.com/r/netsec/comments/114ih63/ghidra_golf_a_reverse_engineering_ctf/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 19/02/2023

mast1c0re: Part 3 – Escaping the PS5 emulator
https://www.reddit.com/r/netsec/comments/115u6xc/mast1c0re_part_3_escaping_the_ps5_emulator/

Return of the 0ktapus? Coinbase fend of UNC3944/ScatteredSpider attack that used SMS Phishing and attempted MFA bypass
https://www.reddit.com/r/netsec/comments/11616j4/return_of_the_0ktapus_coinbase_fend_of/

Twitter Limits SMS-Based 2-Factor Authentication to Blue Subscribers Only
https://thehackernews.com/2023/02/twitter-limits-sms-based-2-factor.html

GoDaddy discloses a new data breach
https://securityaffairs.com/142405/data-breach/godaddy-discloses-data-breach-2.html

Fortinet Issues Patches for 40 Flaws Affecting FortiWeb, FortiOS, FortiOS, and FortiProxy
https://thehackernews.com/2023/02/fortinet-issues-patches-for-40-flaws.html

Small utility to chunk up a large BloodHound JSON file into smaller files for faster importing.
https://www.reddit.com/r/netsec/comments/115u8q9/small_utility_to_chunk_up_a_large_bloodhound_json/

Twitter will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers
https://securityaffairs.com/142416/security/twitter-sms-based-2fa.html

GoDaddy Discloses Multi-Year Security Breach Causing Malware Installations and Source Code Theft
https://thehackernews.com/2023/02/godaddy-discloses-multi-year-security.html

Rachel Tobac: Find a way to laugh. [CEO]
https://thecyberwire.com/podcasts/career-notes/137/notes

Watching a Crypto Investment Scam WhatsApp Group
https://malware.news/t/watching-a-crypto-investment-scam-whatsapp-group/67330#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 20/02/2023

Moldova, facing cyberattacks as part of alleged Russian coup plan, asks for Western support
https://malware.news/t/moldova-facing-cyberattacks-as-part-of-alleged-russian-coup-plan-asks-for-western-support/67332#post_1

Frebniis malware abuses Microsoft IIS feature to create a backdoor
https://securityaffairs.com/142466/malware/frebniis-malware-iis.html

email spam
https://www.reddit.com/r/Malware/comments/116y042/email_spam/

Abraham Lincoln, America’s First Tech-Lawyer
https://malware.news/t/abraham-lincoln-america-s-first-tech-lawyer/67333#post_1

ENISA and CERT-EU warns Chinese APTs targeting EU organizations
https://securityaffairs.com/142452/apt/chinese-apts-targets-eu.html

Hackers disclose Atlassian data after the theft of an employee’s credentials
https://securityaffairs.com/142424/data-breach/atlassian-data-leak.html

New OpenSecurityTraining2 class, "Hardware 1101: Intel SPI Analysis"
https://www.reddit.com/r/netsec/comments/116vny7/new_opensecuritytraining2_class_hardware_1101/

Security Affairs newsletter Round 407 by Pierluigi Paganini
https://securityaffairs.com/142430/breaking-news/security-affairs-newsletter-round-407-by-pierluigi-paganini.html

Modernizing the U.S. Navy's cybersecurity posture.
https://thecyberwire.com/podcasts/special-edition/49/notes

ISC Stormcast For Monday, February 20th, 2023 https://isc.sans.edu/podcastdetail.html?id=8376, (Mon, Feb 20th)
https://malware.news/t/isc-stormcast-for-monday-february-20th-2023-https-isc-sans-edu-podcastdetail-html-id-8376-mon-feb-20th/67334#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 21/02/2023

Legitify added support for GPT-based security recommendations for GitHub & GitLab assets
https://www.reddit.com/r/netsec/comments/117a2ue/legitify_added_support_for_gptbased_security/

Ukraine at D+361: Diplomacy on the eve of the war's first anniversary.
https://thecyberwire.com/stories/17be92af3aa7447a969f896ab420e11e/ukraine-at-d361

Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity
https://www.reddit.com/r/Malware/comments/117g4h9/stealc_a_copycat_of_vidar_and_raccoon/

GoDaddy connects a slew of past attacks to a multi-year hacking campaign
https://www.csoonline.com/article/3688333/godaddy-connects-a-slew-of-past-attacks-to-a-multi-year-hacking-campaign.html#tk.rss_all

Chip company loses $250m after ransomware hits supply chain
https://www.malwarebytes.com/blog/news/2023/02/chip-company-loses-250m-after-ransomware-hits-supply-chain

A sophisticated threat actor hit cryptocurrency exchange Coinbase
https://securityaffairs.com/142507/cyber-crime/coinbase-smishing-attack.html

GitHub - zblurx/dploot: DPAPI looting remotely in Python
https://www.reddit.com/r/netsec/comments/1179msr/github_zblurxdploot_dpapi_looting_remotely_in/

WEVTX Event IDs
https://malware.news/t/wevtx-event-ids/67356#post_1

ASEC Weekly Phishing Email Threat Trends (February 5th, 2023 – February 11th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-february-5th-2023-february-11th-2023/67359#post_1

GoAnywhere zero-day opened door to Clop ransomware
https://www.malwarebytes.com/blog/news/2023/02/goanywhere-zero-day-opened-door-to-clop-ransomware


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 25/02/2023

CISA warns of disruptive attacks amid the anniversary of Russia’s invasion of Ukraine
https://securityaffairs.com/142662/cyber-warfare-2/cisa-attacks-anniversary-russia-invasion-ukraine.html

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space
https://securityintelligence.com/cybersecurity-in-the-next-generation-space-age-pt-3-securing-new-space/

Fake Amazon Prime email abuses LinkedIn's URL shortener
https://malware.news/t/fake-amazon-prime-email-abuses-linkedins-url-shortener/67498#post_1

With 40% of Log4j Downloads Still Vulnerable, Security Retrofitting Needs to Be a Full-Time Job
https://securityintelligence.com/articles/log4j-downloads-vulnerable/

SSO Gadgets: Escalate (Self-)XSS to ATO
https://www.reddit.com/r/netsec/comments/11ao0tb/sso_gadgets_escalate_selfxss_to_ato/

Ukraine Invasion Blew Up Russian Cybercrime Alliances
https://packetstormsecurity.com/news/view/34359/Ukraine-Invasion-Blew-Up-Russian-Cybercrime-Alliances.html

How to Tackle the Top SaaS Challenges of 2023
https://thehackernews.com/2023/02/how-to-tackle-top-saas-challenges-of.html

Shields stay up at the first anniversary of Russia's war against Ukraine. Dole continues its recovery from ransomware.
https://thecyberwire.com/newsletters/daily-briefing/12/37

A Review of Attacks Against Language-Based Package Managers
https://www.reddit.com/r/netsec/comments/11aq4ps/a_review_of_attacks_against_languagebased_package/

Arrested: Fearmongering data thieves who victimized thousands of businesses
https://malware.news/t/arrested-fearmongering-data-thieves-who-victimized-thousands-of-businesses/67497#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 26/02/2023

Comments on NIST's Cybersecurity Framework 2.0 are due March 3rd.
https://thecyberwire.com/stories/39e87e6262144a3684db4ef2d3044a05/comments-on-nists-cybersecurity-framework-20-are-due-march-3rd

Mike Fey: Highs are high and lows are low. [CEO]
https://thecyberwire.com/podcasts/career-notes/138/notes

PureCrypter malware hits govt orgs with ransomware, info-stealers
https://www.reddit.com/r/Malware/comments/11boxpv/purecrypter_malware_hits_govt_orgs_with/

Clasiopa group targets materials research in Asia
https://securityaffairs.com/142689/hacking/clasiopa-targets-materials-research-orgs-asia.html

CERT of Ukraine says Russia-linked APT backdoored multiple govt sites
https://securityaffairs.com/142678/cyber-warfare-2/cert-of-ukraine-russia-backdoors.html

Reverse Engineering Mixed Mode Assemblies (IDA, DnSpyEx)
https://malware.news/t/reverse-engineering-mixed-mode-assemblies-ida-dnspyex/67502#post_1

The best security keys of 2023: Expert tested
https://malware.news/t/the-best-security-keys-of-2023-expert-tested/67501#post_1

What’s In A Name
https://dale-peterson.com/2023/01/24/whats-in-a-name/?utm_source=rss&utm_medium=rss&utm_campaign=whats-in-a-name

Homage to Richard Braman and The Sedona Conference
https://malware.news/t/homage-to-richard-braman-and-the-sedona-conference/67503#post_1

Awesome Security Newsletters
https://www.reddit.com/r/netsec/comments/11c4r5o/awesome_security_newsletters/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 27/02/2023

Scripts for playing with WinDbg JS API (hugsy/windbg_js_scripts)
https://www.reddit.com/r/netsec/comments/11cz06j/scripts_for_playing_with_windbg_js_api/

Attacker floods PyPI with 450+ malicious packages that drop Windows trojan via Dropbox
https://malware.news/t/attacker-floods-pypi-with-450-malicious-packages-that-drop-windows-trojan-via-dropbox/67510#post_1

Oledump & MSI Files, (Sun, Feb 26th)
https://malware.news/t/oledump-msi-files-sun-feb-26th/67506#post_1

ISC Stormcast For Monday, February 27th, 2023 https://isc.sans.edu/podcastdetail.html?id=8386, (Mon, Feb 27th)
https://isc.sans.edu/diary/rss/29586

ASEC Weekly Phishing Email Threat Trends (February 12th, 2023 – February 18th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-february-12th-2023-february-18th-2023/67507#post_1

Intelligence sharing: A Rick the Toolman episode.
https://thecyberwire.com/podcasts/cso-perspectives-public/79/notes

Dutch Police Arrest 3 Hackers Involved in Massive Data Theft and Extortion Scheme
https://thehackernews.com/2023/02/dutch-police-arrest-3-hackers-involved.html

open-appsec provides ML-based API Security add-on for Kong API Gateways
https://www.reddit.com/r/netsec/comments/11cbabv/openappsec_provides_mlbased_api_security_addon/

Crypto Inside a Browser, (Sat, Feb 25th)
https://isc.sans.edu/diary/rss/29582

News Corp says hackers first breached its systems between Feb 2020 and Jan 2022
https://securityaffairs.com/142701/data-breach/news-corp-security-breach.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 28/02/2023

Decrypting Cyber Risk Quantification
https://malware.news/t/decrypting-cyber-risk-quantification/67544#post_1

The Future of Cyber Threat Intelligence
https://malware.news/t/the-future-of-cyber-threat-intelligence/67545#post_1

Lastpass Quietly indicates that Enterprise Users' K2s were accessed
https://www.reddit.com/r/netsec/comments/11dksij/lastpass_quietly_indicates_that_enterprise_users/

Australian and US cyber strategies. US Treasury sanctions Russian disinformation operators. CISA retires US-CERT and ICS-CERT websites.
https://thecyberwire.com/newsletters/policy-briefing/5/38

5 reasons to adopt a Zero Trust security strategy for your business
https://www.microsoft.com/en-us/security/blog/2023/02/27/5-reasons-to-adopt-a-zero-trust-security-strategy-for-your-business/

ChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks
https://thehackernews.com/2023/02/chromeloader-malware-targeting-gamers.html

ISC StormCast for Tuesday, February 28th, 2023
https://isc.sans.edu/podcastdetail.html?id=8388

Researchers Share New Insights Into RIG Exploit Kit Malware's Operations
https://thehackernews.com/2023/02/researchers-share-new-insights-into-rig.html

ParamAngler - tool for testing specific payload on each parameter
https://www.reddit.com/r/netsec/comments/11dkwj3/paramangler_tool_for_testing_specific_payload_on/

TikTok probed over child privacy practices
https://www.malwarebytes.com/blog/news/2023/02/tiktok-probed-over-child-privacy-practices


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 01/03/2023

How to de-risk your digital ecosystem
https://www.csoonline.com/article/3689012/how-to-de-risk-your-digital-ecosystem.html#tk.rss_all

Malicious package flood on PyPI might be sign of new attacks to come
https://www.csoonline.com/article/3688956/malicious-package-flood-on-pypi-might-be-sign-of-new-attacks-to-come.html#tk.rss_all

Empowering weak primitives: file truncation to code execution with Git
https://www.reddit.com/r/netsec/comments/11ec277/empowering_weak_primitives_file_truncation_to/

Software supply chain security and SBOM automation: The next big step in risk management
https://malware.news/t/software-supply-chain-security-and-sbom-automation-the-next-big-step-in-risk-management/67582#post_1

BB17 distribution Qakbot (Qbot) activity, (Tue, Feb 28th)
https://malware.news/t/bb17-distribution-qakbot-qbot-activity-tue-feb-28th/67584#post_1

First steps in CHERIoT Security Research | MSRC Blog
https://www.reddit.com/r/netsec/comments/11eeza0/first_steps_in_cheriot_security_research_msrc_blog/

Is It Really A Threat To Critical Infrastructure? (2 Parts)
https://dale-peterson.com/2023/02/28/is-it-really-a-threat-to-critical-infrastructure-2-parts/?utm_source=rss&utm_medium=rss&utm_campaign=is-it-really-a-threat-to-critical-infrastructure-2-parts

Zero-Day Exploits: The Anatomy of Unexpected Attacks
https://securityintelligence.com/articles/zero-day-exploits-unexpected-attacks/

A Scammer Is Pretending to Be Andrew Tate on TikTok and Racking Up Millions of Views
https://www.vice.com/en_us/article/5d3n8z/a-scammer-is-pretending-to-be-andrew-tate-on-tiktok-and-racking-up-millions-of-views

Dish Multi-Day Outage Rolls On As Ransomware Fears Grow
https://packetstormsecurity.com/news/view/34373/Dish-Multi-Day-Outage-Rolls-On-As-Ransomware-Fears-Grow.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman