Top Security News for 13/02/2023
Security Affairs newsletter Round 406 by Pierluigi Paganini
https://securityaffairs.com/142136/breaking-news/security-affairs-newsletter-round-406-by-pierluigi-paganini.html
Russian Government evaluates the immunity to hackers acting in the interests of Russia
https://securityaffairs.com/142139/cyber-warfare-2/russian-government-crooks-immunity.html
Hacktivists hacked Iranian State TV during President’s speech on Revolution Day
https://securityaffairs.com/142172/hacktivism/iranian-state-tv-hacked.html
Prior research on cybersecurity first principles.
https://thecyberwire.com/podcasts/cso-perspectives/99/notes
AsyncRAT Being Distributed as Windows Help File (*.chm)
https://malware.news/t/asyncrat-being-distributed-as-windows-help-file-chm/67121#post_1
HWSyscalls is a new method to execute indirect syscalls using hardware breakpoints, HalosGate and a synthetic trampoline on kernel32 with hardware breakpoints.
https://www.reddit.com/r/netsec/comments/110jego/hwsyscalls_is_a_new_method_to_execute_indirect/
ASEC Weekly Phishing Email Threat Trends (January 29th, 2023 – February 4th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-january-29th-2023-february-4th-2023/67119#post_1
Prior research on cybersecurity first principles.
https://thecyberwire.com/stories/4c2978fc087f48df955f19f71c7c18de/prior-research-on-cybersecurity-first-principles
Hackers Targeting U.S. and German Firms Monitor Victims' Desktops with Screenshotter
https://thehackernews.com/2023/02/hackers-targeting-us-and-german-firms.html
ClamAV on Linux Systems
https://www.reddit.com/r/netsec/comments/110xwut/clamav_on_linux_systems/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs newsletter Round 406 by Pierluigi Paganini
https://securityaffairs.com/142136/breaking-news/security-affairs-newsletter-round-406-by-pierluigi-paganini.html
Russian Government evaluates the immunity to hackers acting in the interests of Russia
https://securityaffairs.com/142139/cyber-warfare-2/russian-government-crooks-immunity.html
Hacktivists hacked Iranian State TV during President’s speech on Revolution Day
https://securityaffairs.com/142172/hacktivism/iranian-state-tv-hacked.html
Prior research on cybersecurity first principles.
https://thecyberwire.com/podcasts/cso-perspectives/99/notes
AsyncRAT Being Distributed as Windows Help File (*.chm)
https://malware.news/t/asyncrat-being-distributed-as-windows-help-file-chm/67121#post_1
HWSyscalls is a new method to execute indirect syscalls using hardware breakpoints, HalosGate and a synthetic trampoline on kernel32 with hardware breakpoints.
https://www.reddit.com/r/netsec/comments/110jego/hwsyscalls_is_a_new_method_to_execute_indirect/
ASEC Weekly Phishing Email Threat Trends (January 29th, 2023 – February 4th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-january-29th-2023-february-4th-2023/67119#post_1
Prior research on cybersecurity first principles.
https://thecyberwire.com/stories/4c2978fc087f48df955f19f71c7c18de/prior-research-on-cybersecurity-first-principles
Hackers Targeting U.S. and German Firms Monitor Victims' Desktops with Screenshotter
https://thehackernews.com/2023/02/hackers-targeting-us-and-german-firms.html
ClamAV on Linux Systems
https://www.reddit.com/r/netsec/comments/110xwut/clamav_on_linux_systems/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Security Affairs newsletter Round 406 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you
Top Security News for 14/02/2023
PLC vulnerabilities can enable deep lateral movement inside OT networks
https://www.csoonline.com/article/3687991/plc-vulnerabilities-can-enable-deep-lateral-movement-inside-ot-networks.html#tk.rss_all
Verified Security Test: Malicious File vs EDR
https://www.reddit.com/r/netsec/comments/111cm2y/verified_security_test_malicious_file_vs_edr/
Apple fixes the first zero-day in iPhones and Macs this year
https://securityaffairs.com/142200/hacking/apple-zero-day-iphones-macs.html
Consent to gather data is a "misguided" solution, study reveals
https://www.malwarebytes.com/blog/news/2023/02/consent-to-gather-data-is-a-misguided-solution-study-reveals
Artificial Intelligence Allows Three Ages of Ralph to Promote His Next Two Blogs on the Connection Between Plato’s Cave and E-Discovery
https://malware.news/t/artificial-intelligence-allows-three-ages-of-ralph-to-promote-his-next-two-blogs-on-the-connection-between-plato-s-cave-and-e-discovery/67161#post_1
Training and CTFs
https://malware.news/t/training-and-ctfs/67159#post_1
Plan now to avoid a communications failure after a cyberattack
https://www.csoonline.com/article/3687808/the-role-of-cisos-in-the-communication-response-following-an-incident.html#tk.rss_all
ChatGPT (noun)
https://thecyberwire.com/podcasts/word-notes/135/notes
Apple Patches Exploited Vulnerability, (Mon, Feb 13th)
https://isc.sans.edu/diary/rss/29544
Jailbreaking ChatGPT and other large language models while we can
https://www.malwarebytes.com/blog/news/2023/02/jailbreaking-large-language-models-like-chatgp-while-we-still-can
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
PLC vulnerabilities can enable deep lateral movement inside OT networks
https://www.csoonline.com/article/3687991/plc-vulnerabilities-can-enable-deep-lateral-movement-inside-ot-networks.html#tk.rss_all
Verified Security Test: Malicious File vs EDR
https://www.reddit.com/r/netsec/comments/111cm2y/verified_security_test_malicious_file_vs_edr/
Apple fixes the first zero-day in iPhones and Macs this year
https://securityaffairs.com/142200/hacking/apple-zero-day-iphones-macs.html
Consent to gather data is a "misguided" solution, study reveals
https://www.malwarebytes.com/blog/news/2023/02/consent-to-gather-data-is-a-misguided-solution-study-reveals
Artificial Intelligence Allows Three Ages of Ralph to Promote His Next Two Blogs on the Connection Between Plato’s Cave and E-Discovery
https://malware.news/t/artificial-intelligence-allows-three-ages-of-ralph-to-promote-his-next-two-blogs-on-the-connection-between-plato-s-cave-and-e-discovery/67161#post_1
Training and CTFs
https://malware.news/t/training-and-ctfs/67159#post_1
Plan now to avoid a communications failure after a cyberattack
https://www.csoonline.com/article/3687808/the-role-of-cisos-in-the-communication-response-following-an-incident.html#tk.rss_all
ChatGPT (noun)
https://thecyberwire.com/podcasts/word-notes/135/notes
Apple Patches Exploited Vulnerability, (Mon, Feb 13th)
https://isc.sans.edu/diary/rss/29544
Jailbreaking ChatGPT and other large language models while we can
https://www.malwarebytes.com/blog/news/2023/02/jailbreaking-large-language-models-like-chatgp-while-we-still-can
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
PLC vulnerabilities can enable deep lateral movement inside OT networks
Researchers demonstrate how attackers can target PLCs to bypass authentication and perform remote code execution on industrial networks.
Top Security News for 15/02/2023
Threat activity in the industrial sector. New information-stealing malware targets Ukraine. MortalKombat ransomware.
https://thecyberwire.com/podcasts/research-briefing/155/notes
A Different Payload for ManageEngine's CVE-2022-47966
https://www.reddit.com/r/netsec/comments/1127arf/a_different_payload_for_manageengines_cve202247966/
PYbot DDoS Malware Being Distributed Disguised as a Discord Nitro Code Generator
https://malware.news/t/pybot-ddos-malware-being-distributed-disguised-as-a-discord-nitro-code-generator/67209#post_1
Measuring cybersecurity: The what, why, and how
https://www.csoonline.com/article/3687733/measuring-cybersecurity-the-what-why-and-how.html#tk.rss_all
ISC Stormcast For Wednesday, February 15th, 2023 https://isc.sans.edu/podcastdetail.html?id=8370, (Wed, Feb 15th)
https://isc.sans.edu/diary/rss/29550
Should you share passwords with your partner?
https://www.malwarebytes.com/blog/news/2023/02/should-you-share-passwords-with-your-partner
Expel announces MDR for Kubernetes with MITRE ATT&CK framework alignment
https://www.csoonline.com/article/3687677/expel-announces-mdr-for-kubernetes-with-mitre-attandck-framework-alignment.html#tk.rss_all
The Pixel phones may be getting a long overdue feature
https://malware.news/t/the-pixel-phones-may-be-getting-a-long-overdue-feature/67206#post_1
EnterpriseDB adds Transparent Data Encryption to PostgreSQL
https://www.infoworld.com/article/3687813/enterprisedb-adds-transparent-data-encryption-to-postgresql.html#tk.rss_all
How to deal with developers' fatigue? - Having a long list of vulnerabilities to fix
https://www.reddit.com/r/netsec/comments/11291qt/how_to_deal_with_developers_fatigue_having_a_long/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Threat activity in the industrial sector. New information-stealing malware targets Ukraine. MortalKombat ransomware.
https://thecyberwire.com/podcasts/research-briefing/155/notes
A Different Payload for ManageEngine's CVE-2022-47966
https://www.reddit.com/r/netsec/comments/1127arf/a_different_payload_for_manageengines_cve202247966/
PYbot DDoS Malware Being Distributed Disguised as a Discord Nitro Code Generator
https://malware.news/t/pybot-ddos-malware-being-distributed-disguised-as-a-discord-nitro-code-generator/67209#post_1
Measuring cybersecurity: The what, why, and how
https://www.csoonline.com/article/3687733/measuring-cybersecurity-the-what-why-and-how.html#tk.rss_all
ISC Stormcast For Wednesday, February 15th, 2023 https://isc.sans.edu/podcastdetail.html?id=8370, (Wed, Feb 15th)
https://isc.sans.edu/diary/rss/29550
Should you share passwords with your partner?
https://www.malwarebytes.com/blog/news/2023/02/should-you-share-passwords-with-your-partner
Expel announces MDR for Kubernetes with MITRE ATT&CK framework alignment
https://www.csoonline.com/article/3687677/expel-announces-mdr-for-kubernetes-with-mitre-attandck-framework-alignment.html#tk.rss_all
The Pixel phones may be getting a long overdue feature
https://malware.news/t/the-pixel-phones-may-be-getting-a-long-overdue-feature/67206#post_1
EnterpriseDB adds Transparent Data Encryption to PostgreSQL
https://www.infoworld.com/article/3687813/enterprisedb-adds-transparent-data-encryption-to-postgresql.html#tk.rss_all
How to deal with developers' fatigue? - Having a long list of vulnerabilities to fix
https://www.reddit.com/r/netsec/comments/11291qt/how_to_deal_with_developers_fatigue_having_a_long/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Threat activity in the industrial sector. New information-stealing malware targets Ukraine. MortalKombat ransomware.
Top Security News for 16/02/2023
Cybersecurity startup Oligo debuts with new application security tech
https://www.csoonline.com/article/3687617/cybersecurity-startup-oligo-debuts-with-new-application-security-tech.html#tk.rss_all
Update: process-binary-file Version 0.0.9
https://malware.news/t/update-process-binary-file-version-0-0-9/67241#post_1
Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware
https://thehackernews.com/2023/02/financially-motivated-threat-actor.html
5 biggest risks of using third-party services providers
https://www.csoonline.com/article/3687812/5-major-risks-third-party-services-may-bring-along-with-them.html#tk.rss_all
Defending against attacks on Azure AD: Goodbye firewall, hello identity protection
https://www.csoonline.com/article/3688108/defending-against-attacks-on-azure-ad-goodbye-firewall-hello-identity-protection.html#tk.rss_all
Google Rolling Out Privacy Sandbox Beta on Android 13 Devices
https://thehackernews.com/2023/02/google-rolling-out-privacy-sandbox-beta.html
Security tool adoption jumps, Okta report shows
https://www.computerworld.com/article/3688350/security-tool-adoption-jumps-okta-report-shows.html#tk.rss_all
Sophos introduces 5G support for desktop firewalls
https://malware.news/t/sophos-introduces-5g-support-for-desktop-firewalls/67245#post_1
Firewall performance for the campus edge with the new XGS 7500 and XGS 8500
https://malware.news/t/firewall-performance-for-the-campus-edge-with-the-new-xgs-7500-and-xgs-8500/67244#post_1
Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar
https://thehackernews.com/2023/02/experts-warn-of-beep-new-evasive.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Cybersecurity startup Oligo debuts with new application security tech
https://www.csoonline.com/article/3687617/cybersecurity-startup-oligo-debuts-with-new-application-security-tech.html#tk.rss_all
Update: process-binary-file Version 0.0.9
https://malware.news/t/update-process-binary-file-version-0-0-9/67241#post_1
Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware
https://thehackernews.com/2023/02/financially-motivated-threat-actor.html
5 biggest risks of using third-party services providers
https://www.csoonline.com/article/3687812/5-major-risks-third-party-services-may-bring-along-with-them.html#tk.rss_all
Defending against attacks on Azure AD: Goodbye firewall, hello identity protection
https://www.csoonline.com/article/3688108/defending-against-attacks-on-azure-ad-goodbye-firewall-hello-identity-protection.html#tk.rss_all
Google Rolling Out Privacy Sandbox Beta on Android 13 Devices
https://thehackernews.com/2023/02/google-rolling-out-privacy-sandbox-beta.html
Security tool adoption jumps, Okta report shows
https://www.computerworld.com/article/3688350/security-tool-adoption-jumps-okta-report-shows.html#tk.rss_all
Sophos introduces 5G support for desktop firewalls
https://malware.news/t/sophos-introduces-5g-support-for-desktop-firewalls/67245#post_1
Firewall performance for the campus edge with the new XGS 7500 and XGS 8500
https://malware.news/t/firewall-performance-for-the-campus-edge-with-the-new-xgs-7500-and-xgs-8500/67244#post_1
Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar
https://thehackernews.com/2023/02/experts-warn-of-beep-new-evasive.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
Cybersecurity startup Oligo debuts with new application security tech
An Israeli startup targets open source code vulnerabilities with advanced agentless filtering technology.
👍1
Top Security News for 17/02/2023
Bing Is Not Sentient, Does Not Have Feelings, Is Not Alive, and Does Not Want to Be Alive
https://www.vice.com/en_us/article/k7bmmx/bing-ai-chatbot-meltdown-sentience
ISC Stormcast For Friday, February 17th, 2023 https://isc.sans.edu/podcastdetail.html?id=8374, (Fri, Feb 17th)
https://isc.sans.edu/diary/rss/29558
ISC StormCast for Friday, February 17th, 2023
https://isc.sans.edu/podcastdetail.html?id=8374
Tile steps up measures against thieves and stalkers, criticizes Apple's AirTag approach
https://malware.news/t/tile-steps-up-measures-against-thieves-and-stalkers-criticizes-apples-airtag-approach/67294#post_1
Evolving cyberattacks, alert fatigue creating DFIR burnout, regulatory risk
https://www.csoonline.com/article/3688228/evolving-cyberattacks-alert-fatigue-creating-dfir-burnout-regulatory-risk.html#tk.rss_all
New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle East
https://thehackernews.com/2023/02/new-threat-actor-wip26-targeting.html
How automation in CSPM can improve cloud security
https://www.csoonline.com/article/3687745/how-automation-in-cspm-can-improve-cloud-security.html#tk.rss_all
Critical RCE Vulnerability Discovered in ClamAV Open-Source Antivirus Software
https://thehackernews.com/2023/02/critical-rce-vulnerability-discovered.html
No More Access Denied - I Am the TrustedInstaller
https://www.reddit.com/r/netsec/comments/113xm49/no_more_access_denied_i_am_the_trustedinstaller/
Malware authors leverage more attack techniques that enable lateral movement
https://www.csoonline.com/article/3688568/malware-authors-leverage-more-attack-techniques-that-enable-lateral-movement.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Bing Is Not Sentient, Does Not Have Feelings, Is Not Alive, and Does Not Want to Be Alive
https://www.vice.com/en_us/article/k7bmmx/bing-ai-chatbot-meltdown-sentience
ISC Stormcast For Friday, February 17th, 2023 https://isc.sans.edu/podcastdetail.html?id=8374, (Fri, Feb 17th)
https://isc.sans.edu/diary/rss/29558
ISC StormCast for Friday, February 17th, 2023
https://isc.sans.edu/podcastdetail.html?id=8374
Tile steps up measures against thieves and stalkers, criticizes Apple's AirTag approach
https://malware.news/t/tile-steps-up-measures-against-thieves-and-stalkers-criticizes-apples-airtag-approach/67294#post_1
Evolving cyberattacks, alert fatigue creating DFIR burnout, regulatory risk
https://www.csoonline.com/article/3688228/evolving-cyberattacks-alert-fatigue-creating-dfir-burnout-regulatory-risk.html#tk.rss_all
New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle East
https://thehackernews.com/2023/02/new-threat-actor-wip26-targeting.html
How automation in CSPM can improve cloud security
https://www.csoonline.com/article/3687745/how-automation-in-cspm-can-improve-cloud-security.html#tk.rss_all
Critical RCE Vulnerability Discovered in ClamAV Open-Source Antivirus Software
https://thehackernews.com/2023/02/critical-rce-vulnerability-discovered.html
No More Access Denied - I Am the TrustedInstaller
https://www.reddit.com/r/netsec/comments/113xm49/no_more_access_denied_i_am_the_trustedinstaller/
Malware authors leverage more attack techniques that enable lateral movement
https://www.csoonline.com/article/3688568/malware-authors-leverage-more-attack-techniques-that-enable-lateral-movement.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Vice
Bing Is Not Sentient, Does Not Have Feelings, Is Not Alive, and Does Not Want to Be Alive
Bing AI is just a glitchy chatbot, and we can never forget that.
Top Security News for 18/02/2023
German airport websites hit by DDos attacks once again
https://securityaffairs.com/142373/breaking-news/german-airports-websites-failures.html
Data corruption incident affects New Hampshire medical center. Atlassian discloses data breach. PayPal impersonation scam seeks personal information.
https://thecyberwire.com/podcasts/privacy-briefing/769/notes
iPhone calendar spam: What it is, and how to remove it
https://www.malwarebytes.com/blog/news/2023/02/iphone-calendar-spam-what-it-is-and-how-to-remove-it
Armenian Entities Hit by New Version of OxtaRAT Spying Tool
https://thehackernews.com/2023/02/armenian-entities-hit-by-new-version-of.html
Implementing and achieving security resilience.
https://thecyberwire.com/podcasts/research-saturday/269/notes
Mortal Kombat ransomware forms tag team with crypto-stealing malware
https://www.malwarebytes.com/blog/news/2023/02/mortal-kombat-ransomware-forms-tag-team-partnership-with-laplas-clipper
Guide For Beginners: Syslog Configuration on Cisco Devices
https://www.reddit.com/r/netsec/comments/114d8r6/guide_for_beginners_syslog_configuration_on_cisco/
New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices
https://thehackernews.com/2023/02/new-mirai-botnet-variant-v3g4.html
Quickpost: Fixing A Duplicate Key
https://malware.news/t/quickpost-fixing-a-duplicate-key/67326#post_1
Ghidra Golf: A Reverse Engineering CTF
https://www.reddit.com/r/netsec/comments/114ih63/ghidra_golf_a_reverse_engineering_ctf/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
German airport websites hit by DDos attacks once again
https://securityaffairs.com/142373/breaking-news/german-airports-websites-failures.html
Data corruption incident affects New Hampshire medical center. Atlassian discloses data breach. PayPal impersonation scam seeks personal information.
https://thecyberwire.com/podcasts/privacy-briefing/769/notes
iPhone calendar spam: What it is, and how to remove it
https://www.malwarebytes.com/blog/news/2023/02/iphone-calendar-spam-what-it-is-and-how-to-remove-it
Armenian Entities Hit by New Version of OxtaRAT Spying Tool
https://thehackernews.com/2023/02/armenian-entities-hit-by-new-version-of.html
Implementing and achieving security resilience.
https://thecyberwire.com/podcasts/research-saturday/269/notes
Mortal Kombat ransomware forms tag team with crypto-stealing malware
https://www.malwarebytes.com/blog/news/2023/02/mortal-kombat-ransomware-forms-tag-team-partnership-with-laplas-clipper
Guide For Beginners: Syslog Configuration on Cisco Devices
https://www.reddit.com/r/netsec/comments/114d8r6/guide_for_beginners_syslog_configuration_on_cisco/
New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices
https://thehackernews.com/2023/02/new-mirai-botnet-variant-v3g4.html
Quickpost: Fixing A Duplicate Key
https://malware.news/t/quickpost-fixing-a-duplicate-key/67326#post_1
Ghidra Golf: A Reverse Engineering CTF
https://www.reddit.com/r/netsec/comments/114ih63/ghidra_golf_a_reverse_engineering_ctf/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
German airport websites hit by DDos attacks once again
Experts are investigating the failures of several German airports after some media attributed them to a possible hacking campaign.
Top Security News for 19/02/2023
mast1c0re: Part 3 – Escaping the PS5 emulator
https://www.reddit.com/r/netsec/comments/115u6xc/mast1c0re_part_3_escaping_the_ps5_emulator/
Return of the 0ktapus? Coinbase fend of UNC3944/ScatteredSpider attack that used SMS Phishing and attempted MFA bypass
https://www.reddit.com/r/netsec/comments/11616j4/return_of_the_0ktapus_coinbase_fend_of/
Twitter Limits SMS-Based 2-Factor Authentication to Blue Subscribers Only
https://thehackernews.com/2023/02/twitter-limits-sms-based-2-factor.html
GoDaddy discloses a new data breach
https://securityaffairs.com/142405/data-breach/godaddy-discloses-data-breach-2.html
Fortinet Issues Patches for 40 Flaws Affecting FortiWeb, FortiOS, FortiOS, and FortiProxy
https://thehackernews.com/2023/02/fortinet-issues-patches-for-40-flaws.html
Small utility to chunk up a large BloodHound JSON file into smaller files for faster importing.
https://www.reddit.com/r/netsec/comments/115u8q9/small_utility_to_chunk_up_a_large_bloodhound_json/
Twitter will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers
https://securityaffairs.com/142416/security/twitter-sms-based-2fa.html
GoDaddy Discloses Multi-Year Security Breach Causing Malware Installations and Source Code Theft
https://thehackernews.com/2023/02/godaddy-discloses-multi-year-security.html
Rachel Tobac: Find a way to laugh. [CEO]
https://thecyberwire.com/podcasts/career-notes/137/notes
Watching a Crypto Investment Scam WhatsApp Group
https://malware.news/t/watching-a-crypto-investment-scam-whatsapp-group/67330#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
mast1c0re: Part 3 – Escaping the PS5 emulator
https://www.reddit.com/r/netsec/comments/115u6xc/mast1c0re_part_3_escaping_the_ps5_emulator/
Return of the 0ktapus? Coinbase fend of UNC3944/ScatteredSpider attack that used SMS Phishing and attempted MFA bypass
https://www.reddit.com/r/netsec/comments/11616j4/return_of_the_0ktapus_coinbase_fend_of/
Twitter Limits SMS-Based 2-Factor Authentication to Blue Subscribers Only
https://thehackernews.com/2023/02/twitter-limits-sms-based-2-factor.html
GoDaddy discloses a new data breach
https://securityaffairs.com/142405/data-breach/godaddy-discloses-data-breach-2.html
Fortinet Issues Patches for 40 Flaws Affecting FortiWeb, FortiOS, FortiOS, and FortiProxy
https://thehackernews.com/2023/02/fortinet-issues-patches-for-40-flaws.html
Small utility to chunk up a large BloodHound JSON file into smaller files for faster importing.
https://www.reddit.com/r/netsec/comments/115u8q9/small_utility_to_chunk_up_a_large_bloodhound_json/
Twitter will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers
https://securityaffairs.com/142416/security/twitter-sms-based-2fa.html
GoDaddy Discloses Multi-Year Security Breach Causing Malware Installations and Source Code Theft
https://thehackernews.com/2023/02/godaddy-discloses-multi-year-security.html
Rachel Tobac: Find a way to laugh. [CEO]
https://thecyberwire.com/podcasts/career-notes/137/notes
Watching a Crypto Investment Scam WhatsApp Group
https://malware.news/t/watching-a-crypto-investment-scam-whatsapp-group/67330#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: mast1c0re: Part 3 – Escaping the PS5 emulator
Posted by u/ArbitraryWrite - 211 votes and 7 comments
Top Security News for 20/02/2023
Moldova, facing cyberattacks as part of alleged Russian coup plan, asks for Western support
https://malware.news/t/moldova-facing-cyberattacks-as-part-of-alleged-russian-coup-plan-asks-for-western-support/67332#post_1
Frebniis malware abuses Microsoft IIS feature to create a backdoor
https://securityaffairs.com/142466/malware/frebniis-malware-iis.html
email spam
https://www.reddit.com/r/Malware/comments/116y042/email_spam/
Abraham Lincoln, America’s First Tech-Lawyer
https://malware.news/t/abraham-lincoln-america-s-first-tech-lawyer/67333#post_1
ENISA and CERT-EU warns Chinese APTs targeting EU organizations
https://securityaffairs.com/142452/apt/chinese-apts-targets-eu.html
Hackers disclose Atlassian data after the theft of an employee’s credentials
https://securityaffairs.com/142424/data-breach/atlassian-data-leak.html
New OpenSecurityTraining2 class, "Hardware 1101: Intel SPI Analysis"
https://www.reddit.com/r/netsec/comments/116vny7/new_opensecuritytraining2_class_hardware_1101/
Security Affairs newsletter Round 407 by Pierluigi Paganini
https://securityaffairs.com/142430/breaking-news/security-affairs-newsletter-round-407-by-pierluigi-paganini.html
Modernizing the U.S. Navy's cybersecurity posture.
https://thecyberwire.com/podcasts/special-edition/49/notes
ISC Stormcast For Monday, February 20th, 2023 https://isc.sans.edu/podcastdetail.html?id=8376, (Mon, Feb 20th)
https://malware.news/t/isc-stormcast-for-monday-february-20th-2023-https-isc-sans-edu-podcastdetail-html-id-8376-mon-feb-20th/67334#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Moldova, facing cyberattacks as part of alleged Russian coup plan, asks for Western support
https://malware.news/t/moldova-facing-cyberattacks-as-part-of-alleged-russian-coup-plan-asks-for-western-support/67332#post_1
Frebniis malware abuses Microsoft IIS feature to create a backdoor
https://securityaffairs.com/142466/malware/frebniis-malware-iis.html
email spam
https://www.reddit.com/r/Malware/comments/116y042/email_spam/
Abraham Lincoln, America’s First Tech-Lawyer
https://malware.news/t/abraham-lincoln-america-s-first-tech-lawyer/67333#post_1
ENISA and CERT-EU warns Chinese APTs targeting EU organizations
https://securityaffairs.com/142452/apt/chinese-apts-targets-eu.html
Hackers disclose Atlassian data after the theft of an employee’s credentials
https://securityaffairs.com/142424/data-breach/atlassian-data-leak.html
New OpenSecurityTraining2 class, "Hardware 1101: Intel SPI Analysis"
https://www.reddit.com/r/netsec/comments/116vny7/new_opensecuritytraining2_class_hardware_1101/
Security Affairs newsletter Round 407 by Pierluigi Paganini
https://securityaffairs.com/142430/breaking-news/security-affairs-newsletter-round-407-by-pierluigi-paganini.html
Modernizing the U.S. Navy's cybersecurity posture.
https://thecyberwire.com/podcasts/special-edition/49/notes
ISC Stormcast For Monday, February 20th, 2023 https://isc.sans.edu/podcastdetail.html?id=8376, (Mon, Feb 20th)
https://malware.news/t/isc-stormcast-for-monday-february-20th-2023-https-isc-sans-edu-podcastdetail-html-id-8376-mon-feb-20th/67334#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Moldova, facing cyberattacks as part of alleged Russian coup plan, asks for Western support
Maia Sandu, the pro-European president of Moldova who last week warned of an active Russian plot to overthrow her country’s government, told the Munich Security Conference on Saturday that she needed a range of support from other European nations to defend…
Top Security News for 21/02/2023
Legitify added support for GPT-based security recommendations for GitHub & GitLab assets
https://www.reddit.com/r/netsec/comments/117a2ue/legitify_added_support_for_gptbased_security/
Ukraine at D+361: Diplomacy on the eve of the war's first anniversary.
https://thecyberwire.com/stories/17be92af3aa7447a969f896ab420e11e/ukraine-at-d361
Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity
https://www.reddit.com/r/Malware/comments/117g4h9/stealc_a_copycat_of_vidar_and_raccoon/
GoDaddy connects a slew of past attacks to a multi-year hacking campaign
https://www.csoonline.com/article/3688333/godaddy-connects-a-slew-of-past-attacks-to-a-multi-year-hacking-campaign.html#tk.rss_all
Chip company loses $250m after ransomware hits supply chain
https://www.malwarebytes.com/blog/news/2023/02/chip-company-loses-250m-after-ransomware-hits-supply-chain
A sophisticated threat actor hit cryptocurrency exchange Coinbase
https://securityaffairs.com/142507/cyber-crime/coinbase-smishing-attack.html
GitHub - zblurx/dploot: DPAPI looting remotely in Python
https://www.reddit.com/r/netsec/comments/1179msr/github_zblurxdploot_dpapi_looting_remotely_in/
WEVTX Event IDs
https://malware.news/t/wevtx-event-ids/67356#post_1
ASEC Weekly Phishing Email Threat Trends (February 5th, 2023 – February 11th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-february-5th-2023-february-11th-2023/67359#post_1
GoAnywhere zero-day opened door to Clop ransomware
https://www.malwarebytes.com/blog/news/2023/02/goanywhere-zero-day-opened-door-to-clop-ransomware
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Legitify added support for GPT-based security recommendations for GitHub & GitLab assets
https://www.reddit.com/r/netsec/comments/117a2ue/legitify_added_support_for_gptbased_security/
Ukraine at D+361: Diplomacy on the eve of the war's first anniversary.
https://thecyberwire.com/stories/17be92af3aa7447a969f896ab420e11e/ukraine-at-d361
Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity
https://www.reddit.com/r/Malware/comments/117g4h9/stealc_a_copycat_of_vidar_and_raccoon/
GoDaddy connects a slew of past attacks to a multi-year hacking campaign
https://www.csoonline.com/article/3688333/godaddy-connects-a-slew-of-past-attacks-to-a-multi-year-hacking-campaign.html#tk.rss_all
Chip company loses $250m after ransomware hits supply chain
https://www.malwarebytes.com/blog/news/2023/02/chip-company-loses-250m-after-ransomware-hits-supply-chain
A sophisticated threat actor hit cryptocurrency exchange Coinbase
https://securityaffairs.com/142507/cyber-crime/coinbase-smishing-attack.html
GitHub - zblurx/dploot: DPAPI looting remotely in Python
https://www.reddit.com/r/netsec/comments/1179msr/github_zblurxdploot_dpapi_looting_remotely_in/
WEVTX Event IDs
https://malware.news/t/wevtx-event-ids/67356#post_1
ASEC Weekly Phishing Email Threat Trends (February 5th, 2023 – February 11th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-february-5th-2023-february-11th-2023/67359#post_1
GoAnywhere zero-day opened door to Clop ransomware
https://www.malwarebytes.com/blog/news/2023/02/goanywhere-zero-day-opened-door-to-clop-ransomware
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit
Legitify added support for GPT-based security recommendations for GitHub & GitLab assets
Top Security News for 25/02/2023
CISA warns of disruptive attacks amid the anniversary of Russia’s invasion of Ukraine
https://securityaffairs.com/142662/cyber-warfare-2/cisa-attacks-anniversary-russia-invasion-ukraine.html
Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space
https://securityintelligence.com/cybersecurity-in-the-next-generation-space-age-pt-3-securing-new-space/
Fake Amazon Prime email abuses LinkedIn's URL shortener
https://malware.news/t/fake-amazon-prime-email-abuses-linkedins-url-shortener/67498#post_1
With 40% of Log4j Downloads Still Vulnerable, Security Retrofitting Needs to Be a Full-Time Job
https://securityintelligence.com/articles/log4j-downloads-vulnerable/
SSO Gadgets: Escalate (Self-)XSS to ATO
https://www.reddit.com/r/netsec/comments/11ao0tb/sso_gadgets_escalate_selfxss_to_ato/
Ukraine Invasion Blew Up Russian Cybercrime Alliances
https://packetstormsecurity.com/news/view/34359/Ukraine-Invasion-Blew-Up-Russian-Cybercrime-Alliances.html
How to Tackle the Top SaaS Challenges of 2023
https://thehackernews.com/2023/02/how-to-tackle-top-saas-challenges-of.html
Shields stay up at the first anniversary of Russia's war against Ukraine. Dole continues its recovery from ransomware.
https://thecyberwire.com/newsletters/daily-briefing/12/37
A Review of Attacks Against Language-Based Package Managers
https://www.reddit.com/r/netsec/comments/11aq4ps/a_review_of_attacks_against_languagebased_package/
Arrested: Fearmongering data thieves who victimized thousands of businesses
https://malware.news/t/arrested-fearmongering-data-thieves-who-victimized-thousands-of-businesses/67497#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CISA warns of disruptive attacks amid the anniversary of Russia’s invasion of Ukraine
https://securityaffairs.com/142662/cyber-warfare-2/cisa-attacks-anniversary-russia-invasion-ukraine.html
Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space
https://securityintelligence.com/cybersecurity-in-the-next-generation-space-age-pt-3-securing-new-space/
Fake Amazon Prime email abuses LinkedIn's URL shortener
https://malware.news/t/fake-amazon-prime-email-abuses-linkedins-url-shortener/67498#post_1
With 40% of Log4j Downloads Still Vulnerable, Security Retrofitting Needs to Be a Full-Time Job
https://securityintelligence.com/articles/log4j-downloads-vulnerable/
SSO Gadgets: Escalate (Self-)XSS to ATO
https://www.reddit.com/r/netsec/comments/11ao0tb/sso_gadgets_escalate_selfxss_to_ato/
Ukraine Invasion Blew Up Russian Cybercrime Alliances
https://packetstormsecurity.com/news/view/34359/Ukraine-Invasion-Blew-Up-Russian-Cybercrime-Alliances.html
How to Tackle the Top SaaS Challenges of 2023
https://thehackernews.com/2023/02/how-to-tackle-top-saas-challenges-of.html
Shields stay up at the first anniversary of Russia's war against Ukraine. Dole continues its recovery from ransomware.
https://thecyberwire.com/newsletters/daily-briefing/12/37
A Review of Attacks Against Language-Based Package Managers
https://www.reddit.com/r/netsec/comments/11aq4ps/a_review_of_attacks_against_languagebased_package/
Arrested: Fearmongering data thieves who victimized thousands of businesses
https://malware.news/t/arrested-fearmongering-data-thieves-who-victimized-thousands-of-businesses/67497#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
CISA warns of disruptive attacks amid the anniversary of Russia’s invasion of Ukraine
One year after Russia's invasion of Ukraine, the U.S CISA is warning organizations and individuals to increase vigilance.
Top Security News for 26/02/2023
Comments on NIST's Cybersecurity Framework 2.0 are due March 3rd.
https://thecyberwire.com/stories/39e87e6262144a3684db4ef2d3044a05/comments-on-nists-cybersecurity-framework-20-are-due-march-3rd
Mike Fey: Highs are high and lows are low. [CEO]
https://thecyberwire.com/podcasts/career-notes/138/notes
PureCrypter malware hits govt orgs with ransomware, info-stealers
https://www.reddit.com/r/Malware/comments/11boxpv/purecrypter_malware_hits_govt_orgs_with/
Clasiopa group targets materials research in Asia
https://securityaffairs.com/142689/hacking/clasiopa-targets-materials-research-orgs-asia.html
CERT of Ukraine says Russia-linked APT backdoored multiple govt sites
https://securityaffairs.com/142678/cyber-warfare-2/cert-of-ukraine-russia-backdoors.html
Reverse Engineering Mixed Mode Assemblies (IDA, DnSpyEx)
https://malware.news/t/reverse-engineering-mixed-mode-assemblies-ida-dnspyex/67502#post_1
The best security keys of 2023: Expert tested
https://malware.news/t/the-best-security-keys-of-2023-expert-tested/67501#post_1
What’s In A Name
https://dale-peterson.com/2023/01/24/whats-in-a-name/?utm_source=rss&utm_medium=rss&utm_campaign=whats-in-a-name
Homage to Richard Braman and The Sedona Conference
https://malware.news/t/homage-to-richard-braman-and-the-sedona-conference/67503#post_1
Awesome Security Newsletters
https://www.reddit.com/r/netsec/comments/11c4r5o/awesome_security_newsletters/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Comments on NIST's Cybersecurity Framework 2.0 are due March 3rd.
https://thecyberwire.com/stories/39e87e6262144a3684db4ef2d3044a05/comments-on-nists-cybersecurity-framework-20-are-due-march-3rd
Mike Fey: Highs are high and lows are low. [CEO]
https://thecyberwire.com/podcasts/career-notes/138/notes
PureCrypter malware hits govt orgs with ransomware, info-stealers
https://www.reddit.com/r/Malware/comments/11boxpv/purecrypter_malware_hits_govt_orgs_with/
Clasiopa group targets materials research in Asia
https://securityaffairs.com/142689/hacking/clasiopa-targets-materials-research-orgs-asia.html
CERT of Ukraine says Russia-linked APT backdoored multiple govt sites
https://securityaffairs.com/142678/cyber-warfare-2/cert-of-ukraine-russia-backdoors.html
Reverse Engineering Mixed Mode Assemblies (IDA, DnSpyEx)
https://malware.news/t/reverse-engineering-mixed-mode-assemblies-ida-dnspyex/67502#post_1
The best security keys of 2023: Expert tested
https://malware.news/t/the-best-security-keys-of-2023-expert-tested/67501#post_1
What’s In A Name
https://dale-peterson.com/2023/01/24/whats-in-a-name/?utm_source=rss&utm_medium=rss&utm_campaign=whats-in-a-name
Homage to Richard Braman and The Sedona Conference
https://malware.news/t/homage-to-richard-braman-and-the-sedona-conference/67503#post_1
Awesome Security Newsletters
https://www.reddit.com/r/netsec/comments/11c4r5o/awesome_security_newsletters/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Comments on NIST's Cybersecurity Framework 2.0 are due March 3rd.
NIST issued a call for comments on proposed revisions to its Cybersecurity Framework back in January. They're now coming due.
Top Security News for 27/02/2023
Scripts for playing with WinDbg JS API (hugsy/windbg_js_scripts)
https://www.reddit.com/r/netsec/comments/11cz06j/scripts_for_playing_with_windbg_js_api/
Attacker floods PyPI with 450+ malicious packages that drop Windows trojan via Dropbox
https://malware.news/t/attacker-floods-pypi-with-450-malicious-packages-that-drop-windows-trojan-via-dropbox/67510#post_1
Oledump & MSI Files, (Sun, Feb 26th)
https://malware.news/t/oledump-msi-files-sun-feb-26th/67506#post_1
ISC Stormcast For Monday, February 27th, 2023 https://isc.sans.edu/podcastdetail.html?id=8386, (Mon, Feb 27th)
https://isc.sans.edu/diary/rss/29586
ASEC Weekly Phishing Email Threat Trends (February 12th, 2023 – February 18th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-february-12th-2023-february-18th-2023/67507#post_1
Intelligence sharing: A Rick the Toolman episode.
https://thecyberwire.com/podcasts/cso-perspectives-public/79/notes
Dutch Police Arrest 3 Hackers Involved in Massive Data Theft and Extortion Scheme
https://thehackernews.com/2023/02/dutch-police-arrest-3-hackers-involved.html
open-appsec provides ML-based API Security add-on for Kong API Gateways
https://www.reddit.com/r/netsec/comments/11cbabv/openappsec_provides_mlbased_api_security_addon/
Crypto Inside a Browser, (Sat, Feb 25th)
https://isc.sans.edu/diary/rss/29582
News Corp says hackers first breached its systems between Feb 2020 and Jan 2022
https://securityaffairs.com/142701/data-breach/news-corp-security-breach.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Scripts for playing with WinDbg JS API (hugsy/windbg_js_scripts)
https://www.reddit.com/r/netsec/comments/11cz06j/scripts_for_playing_with_windbg_js_api/
Attacker floods PyPI with 450+ malicious packages that drop Windows trojan via Dropbox
https://malware.news/t/attacker-floods-pypi-with-450-malicious-packages-that-drop-windows-trojan-via-dropbox/67510#post_1
Oledump & MSI Files, (Sun, Feb 26th)
https://malware.news/t/oledump-msi-files-sun-feb-26th/67506#post_1
ISC Stormcast For Monday, February 27th, 2023 https://isc.sans.edu/podcastdetail.html?id=8386, (Mon, Feb 27th)
https://isc.sans.edu/diary/rss/29586
ASEC Weekly Phishing Email Threat Trends (February 12th, 2023 – February 18th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-february-12th-2023-february-18th-2023/67507#post_1
Intelligence sharing: A Rick the Toolman episode.
https://thecyberwire.com/podcasts/cso-perspectives-public/79/notes
Dutch Police Arrest 3 Hackers Involved in Massive Data Theft and Extortion Scheme
https://thehackernews.com/2023/02/dutch-police-arrest-3-hackers-involved.html
open-appsec provides ML-based API Security add-on for Kong API Gateways
https://www.reddit.com/r/netsec/comments/11cbabv/openappsec_provides_mlbased_api_security_addon/
Crypto Inside a Browser, (Sat, Feb 25th)
https://isc.sans.edu/diary/rss/29582
News Corp says hackers first breached its systems between Feb 2020 and Jan 2022
https://securityaffairs.com/142701/data-breach/news-corp-security-breach.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: Scripts for playing with WinDbg JS API (hugsy/windbg_js_scripts)
Posted by u/Gallus - No votes and no comments
Top Security News for 28/02/2023
Decrypting Cyber Risk Quantification
https://malware.news/t/decrypting-cyber-risk-quantification/67544#post_1
The Future of Cyber Threat Intelligence
https://malware.news/t/the-future-of-cyber-threat-intelligence/67545#post_1
Lastpass Quietly indicates that Enterprise Users' K2s were accessed
https://www.reddit.com/r/netsec/comments/11dksij/lastpass_quietly_indicates_that_enterprise_users/
Australian and US cyber strategies. US Treasury sanctions Russian disinformation operators. CISA retires US-CERT and ICS-CERT websites.
https://thecyberwire.com/newsletters/policy-briefing/5/38
5 reasons to adopt a Zero Trust security strategy for your business
https://www.microsoft.com/en-us/security/blog/2023/02/27/5-reasons-to-adopt-a-zero-trust-security-strategy-for-your-business/
ChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks
https://thehackernews.com/2023/02/chromeloader-malware-targeting-gamers.html
ISC StormCast for Tuesday, February 28th, 2023
https://isc.sans.edu/podcastdetail.html?id=8388
Researchers Share New Insights Into RIG Exploit Kit Malware's Operations
https://thehackernews.com/2023/02/researchers-share-new-insights-into-rig.html
ParamAngler - tool for testing specific payload on each parameter
https://www.reddit.com/r/netsec/comments/11dkwj3/paramangler_tool_for_testing_specific_payload_on/
TikTok probed over child privacy practices
https://www.malwarebytes.com/blog/news/2023/02/tiktok-probed-over-child-privacy-practices
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Decrypting Cyber Risk Quantification
https://malware.news/t/decrypting-cyber-risk-quantification/67544#post_1
The Future of Cyber Threat Intelligence
https://malware.news/t/the-future-of-cyber-threat-intelligence/67545#post_1
Lastpass Quietly indicates that Enterprise Users' K2s were accessed
https://www.reddit.com/r/netsec/comments/11dksij/lastpass_quietly_indicates_that_enterprise_users/
Australian and US cyber strategies. US Treasury sanctions Russian disinformation operators. CISA retires US-CERT and ICS-CERT websites.
https://thecyberwire.com/newsletters/policy-briefing/5/38
5 reasons to adopt a Zero Trust security strategy for your business
https://www.microsoft.com/en-us/security/blog/2023/02/27/5-reasons-to-adopt-a-zero-trust-security-strategy-for-your-business/
ChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks
https://thehackernews.com/2023/02/chromeloader-malware-targeting-gamers.html
ISC StormCast for Tuesday, February 28th, 2023
https://isc.sans.edu/podcastdetail.html?id=8388
Researchers Share New Insights Into RIG Exploit Kit Malware's Operations
https://thehackernews.com/2023/02/researchers-share-new-insights-into-rig.html
ParamAngler - tool for testing specific payload on each parameter
https://www.reddit.com/r/netsec/comments/11dkwj3/paramangler_tool_for_testing_specific_payload_on/
TikTok probed over child privacy practices
https://www.malwarebytes.com/blog/news/2023/02/tiktok-probed-over-child-privacy-practices
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Decrypting Cyber Risk Quantification
Discover the evolution of cyber risk quantification, criteria for an accurate risk score, and its benefits across the organization. Article Link: Decrypting Cyber Risk Quantification
Top Security News for 01/03/2023
How to de-risk your digital ecosystem
https://www.csoonline.com/article/3689012/how-to-de-risk-your-digital-ecosystem.html#tk.rss_all
Malicious package flood on PyPI might be sign of new attacks to come
https://www.csoonline.com/article/3688956/malicious-package-flood-on-pypi-might-be-sign-of-new-attacks-to-come.html#tk.rss_all
Empowering weak primitives: file truncation to code execution with Git
https://www.reddit.com/r/netsec/comments/11ec277/empowering_weak_primitives_file_truncation_to/
Software supply chain security and SBOM automation: The next big step in risk management
https://malware.news/t/software-supply-chain-security-and-sbom-automation-the-next-big-step-in-risk-management/67582#post_1
BB17 distribution Qakbot (Qbot) activity, (Tue, Feb 28th)
https://malware.news/t/bb17-distribution-qakbot-qbot-activity-tue-feb-28th/67584#post_1
First steps in CHERIoT Security Research | MSRC Blog
https://www.reddit.com/r/netsec/comments/11eeza0/first_steps_in_cheriot_security_research_msrc_blog/
Is It Really A Threat To Critical Infrastructure? (2 Parts)
https://dale-peterson.com/2023/02/28/is-it-really-a-threat-to-critical-infrastructure-2-parts/?utm_source=rss&utm_medium=rss&utm_campaign=is-it-really-a-threat-to-critical-infrastructure-2-parts
Zero-Day Exploits: The Anatomy of Unexpected Attacks
https://securityintelligence.com/articles/zero-day-exploits-unexpected-attacks/
A Scammer Is Pretending to Be Andrew Tate on TikTok and Racking Up Millions of Views
https://www.vice.com/en_us/article/5d3n8z/a-scammer-is-pretending-to-be-andrew-tate-on-tiktok-and-racking-up-millions-of-views
Dish Multi-Day Outage Rolls On As Ransomware Fears Grow
https://packetstormsecurity.com/news/view/34373/Dish-Multi-Day-Outage-Rolls-On-As-Ransomware-Fears-Grow.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
How to de-risk your digital ecosystem
https://www.csoonline.com/article/3689012/how-to-de-risk-your-digital-ecosystem.html#tk.rss_all
Malicious package flood on PyPI might be sign of new attacks to come
https://www.csoonline.com/article/3688956/malicious-package-flood-on-pypi-might-be-sign-of-new-attacks-to-come.html#tk.rss_all
Empowering weak primitives: file truncation to code execution with Git
https://www.reddit.com/r/netsec/comments/11ec277/empowering_weak_primitives_file_truncation_to/
Software supply chain security and SBOM automation: The next big step in risk management
https://malware.news/t/software-supply-chain-security-and-sbom-automation-the-next-big-step-in-risk-management/67582#post_1
BB17 distribution Qakbot (Qbot) activity, (Tue, Feb 28th)
https://malware.news/t/bb17-distribution-qakbot-qbot-activity-tue-feb-28th/67584#post_1
First steps in CHERIoT Security Research | MSRC Blog
https://www.reddit.com/r/netsec/comments/11eeza0/first_steps_in_cheriot_security_research_msrc_blog/
Is It Really A Threat To Critical Infrastructure? (2 Parts)
https://dale-peterson.com/2023/02/28/is-it-really-a-threat-to-critical-infrastructure-2-parts/?utm_source=rss&utm_medium=rss&utm_campaign=is-it-really-a-threat-to-critical-infrastructure-2-parts
Zero-Day Exploits: The Anatomy of Unexpected Attacks
https://securityintelligence.com/articles/zero-day-exploits-unexpected-attacks/
A Scammer Is Pretending to Be Andrew Tate on TikTok and Racking Up Millions of Views
https://www.vice.com/en_us/article/5d3n8z/a-scammer-is-pretending-to-be-andrew-tate-on-tiktok-and-racking-up-millions-of-views
Dish Multi-Day Outage Rolls On As Ransomware Fears Grow
https://packetstormsecurity.com/news/view/34373/Dish-Multi-Day-Outage-Rolls-On-As-Ransomware-Fears-Grow.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
How to de-risk your digital ecosystem
Digital ecosystems are big, complicated, and a massive vector for exploits and attackers. Santha Subramoni, global head, cybersecurity business unit at Tata Consultancy Services discusses digital ecosystems security and how businesses can lower risk within…
Top Security News for 02/03/2023
Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack
https://thehackernews.com/2023/03/critical-flaw-in-cisco-ip-phone-series.html
Using JFrog Artifactory? Make sure it doesn't mistakenly expose your secrets, apparently it's not uncommon
https://www.reddit.com/r/netsec/comments/11ezoz5/using_jfrog_artifactory_make_sure_it_doesnt/
PlugX RAT Masquerades As Legit Windows Debugger To Slip Past Security
https://packetstormsecurity.com/news/view/34374/PlugX-RAT-Masquerades-As-Legit-Windows-Debugger-To-Slip-Past-Security.html
So You Want to Launch 5G — Is Your 5G Security Strategy Ready?
https://malware.news/t/so-you-want-to-launch-5g-is-your-5g-security-strategy-ready/67617#post_1
Top 10 open source software risks for 2023
https://www.csoonline.com/article/3688924/top-10-open-source-software-risks-for-2023.html#tk.rss_all
ISC StormCast for Thursday, March 2nd, 2023
https://isc.sans.edu/podcastdetail.html?id=8392
CyberMaxx has acquired CipherTechs. Metomic raises $20 million in Series A funding. Executive moves. Labor markets.
https://thecyberwire.com/newsletters/business-briefing/5/9
AI voice cracks telephone banking voice recognition
https://www.malwarebytes.com/blog/news/2023/02/ai-generated-voice-recording-grants-access-to-telephone-banking
How an attack led to a breach that enabled further social engineering. Forensic visibility in the Google Cloud Platform. Hacktivist auxiliaries. Two 8Ks and a free decryptor.
https://thecyberwire.com/podcasts/daily-podcast/1770/notes
The Digital World is Changing Fast: Data Discovery Can Help
https://securityintelligence.com/posts/digital-world-changing-data-discovery-can-help/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack
https://thehackernews.com/2023/03/critical-flaw-in-cisco-ip-phone-series.html
Using JFrog Artifactory? Make sure it doesn't mistakenly expose your secrets, apparently it's not uncommon
https://www.reddit.com/r/netsec/comments/11ezoz5/using_jfrog_artifactory_make_sure_it_doesnt/
PlugX RAT Masquerades As Legit Windows Debugger To Slip Past Security
https://packetstormsecurity.com/news/view/34374/PlugX-RAT-Masquerades-As-Legit-Windows-Debugger-To-Slip-Past-Security.html
So You Want to Launch 5G — Is Your 5G Security Strategy Ready?
https://malware.news/t/so-you-want-to-launch-5g-is-your-5g-security-strategy-ready/67617#post_1
Top 10 open source software risks for 2023
https://www.csoonline.com/article/3688924/top-10-open-source-software-risks-for-2023.html#tk.rss_all
ISC StormCast for Thursday, March 2nd, 2023
https://isc.sans.edu/podcastdetail.html?id=8392
CyberMaxx has acquired CipherTechs. Metomic raises $20 million in Series A funding. Executive moves. Labor markets.
https://thecyberwire.com/newsletters/business-briefing/5/9
AI voice cracks telephone banking voice recognition
https://www.malwarebytes.com/blog/news/2023/02/ai-generated-voice-recording-grants-access-to-telephone-banking
How an attack led to a breach that enabled further social engineering. Forensic visibility in the Google Cloud Platform. Hacktivist auxiliaries. Two 8Ks and a free decryptor.
https://thecyberwire.com/podcasts/daily-podcast/1770/notes
The Digital World is Changing Fast: Data Discovery Can Help
https://securityintelligence.com/posts/digital-world-changing-data-discovery-can-help/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: Using JFrog Artifactory? Make sure it doesn't mistakenly expose your secrets, apparently it's not uncommon
Posted by u/roy_6472 - No votes and no comments
Top Security News for 03/03/2023
ChatGPT made a ransomware in c# and it went undetected by windows defender
https://www.reddit.com/r/Malware/comments/11gswue/chatgpt_made_a_ransomware_in_c_and_it_went/
White House releases an ambitious National Cybersecurity Strategy
https://www.csoonline.com/article/3689911/white-house-releases-an-ambitious-national-cybersecurity-strategy.html#tk.rss_all
National Cyber Strategy Seeks to Shift Burden from Consumers to Tech Firms
https://malware.news/t/national-cyber-strategy-seeks-to-shift-burden-from-consumers-to-tech-firms/67656#post_1
Reverse SSH - A Fast, Stable Reverse Shell Handler
https://www.reddit.com/r/netsec/comments/11gm71o/reverse_ssh_a_fast_stable_reverse_shell_handler/
Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI
https://thehackernews.com/2023/03/experts-identify-fully-featured-info.html
Booking.com account takeover flaw shows possible pitfalls in OAuth implementations
https://www.csoonline.com/article/3689869/booking-com-account-takeover-flaw-shows-possible-pitfalls-in-oauth-implementations.html#tk.rss_all
S4x23 Review Part 1: What's New in OT Security
https://malware.news/t/s4x23-review-part-1-whats-new-in-ot-security/67657#post_1
2023 Browser Security Report Uncovers Major Browsing Risks and Blind Spots
https://thehackernews.com/2023/03/2023-browser-security-report-uncovers.html
Nosey Parker, a fast secrets detector, now enumerates GitHub repos, writes SARIF output, and has 90 default rules
https://www.reddit.com/r/netsec/comments/11gl8ov/nosey_parker_a_fast_secrets_detector_now/
Gitpod flaw shows cloud-based development environments need security assessments
https://www.csoonline.com/article/3689692/gitpod-flaw-shows-cloud-based-development-environments-need-security-assessments.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ChatGPT made a ransomware in c# and it went undetected by windows defender
https://www.reddit.com/r/Malware/comments/11gswue/chatgpt_made_a_ransomware_in_c_and_it_went/
White House releases an ambitious National Cybersecurity Strategy
https://www.csoonline.com/article/3689911/white-house-releases-an-ambitious-national-cybersecurity-strategy.html#tk.rss_all
National Cyber Strategy Seeks to Shift Burden from Consumers to Tech Firms
https://malware.news/t/national-cyber-strategy-seeks-to-shift-burden-from-consumers-to-tech-firms/67656#post_1
Reverse SSH - A Fast, Stable Reverse Shell Handler
https://www.reddit.com/r/netsec/comments/11gm71o/reverse_ssh_a_fast_stable_reverse_shell_handler/
Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI
https://thehackernews.com/2023/03/experts-identify-fully-featured-info.html
Booking.com account takeover flaw shows possible pitfalls in OAuth implementations
https://www.csoonline.com/article/3689869/booking-com-account-takeover-flaw-shows-possible-pitfalls-in-oauth-implementations.html#tk.rss_all
S4x23 Review Part 1: What's New in OT Security
https://malware.news/t/s4x23-review-part-1-whats-new-in-ot-security/67657#post_1
2023 Browser Security Report Uncovers Major Browsing Risks and Blind Spots
https://thehackernews.com/2023/03/2023-browser-security-report-uncovers.html
Nosey Parker, a fast secrets detector, now enumerates GitHub repos, writes SARIF output, and has 90 default rules
https://www.reddit.com/r/netsec/comments/11gl8ov/nosey_parker_a_fast_secrets_detector_now/
Gitpod flaw shows cloud-based development environments need security assessments
https://www.csoonline.com/article/3689692/gitpod-flaw-shows-cloud-based-development-environments-need-security-assessments.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/Malware on Reddit: ChatGPT made a ransomware in c# and it went undetected by windows defender
Posted by u/KamikazziiMusic - No votes and no comments
Top Security News for 04/03/2023
The U.S. CISA and FBI warn of Royal ransomware operation
https://securityaffairs.com/142941/malware/cisa-fbi-royal-ransomware-alert.html
New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprise Devices
https://thehackernews.com/2023/03/new-flaws-in-tpm-20-library-pose-threat.html
BrandPost: It’s Time to Create More Opportunities for Women in Cybersecurity
https://www.csoonline.com/article/3689878/it-s-time-to-create-more-opportunities-for-women-in-cybersecurity.html#tk.rss_all
EPA Releases Water Systems Cyber Requirement in Tandem with National Strategy
https://malware.news/t/epa-releases-water-systems-cyber-requirement-in-tandem-with-national-strategy/67679#post_1
Chinese Hackers Targeting European Entities with New MQsTTang Backdoor
https://thehackernews.com/2023/03/chinese-hackers-targeting-european.html
More industry perspective on the US National Cybersecurity Strategy.
https://thecyberwire.com/stories/2b0034777a104104ad9ce191e3dd84bd/continued-industry-perspectives-on-the-us-national-cybersecurity-strategy-release
New exploits are tricking Chrome.
https://thecyberwire.com/podcasts/research-saturday/271/notes
Hackers Can Turn Bing's AI Chatbot Into a Convincing Scammer, Researchers Say
https://www.vice.com/en_us/article/7kxzzz/hackers-bing-ai-scammer
YouTube under fire for allegedly gathering children's data
https://www.malwarebytes.com/blog/news/2023/03/youtube-under-fire-for-allegedly-gathering-uk-childrens-data
What is the Future of Cyberattacks in 2030 (and Beyond)?
https://securityintelligence.com/articles/what-is-the-future-of-cyberattacks/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The U.S. CISA and FBI warn of Royal ransomware operation
https://securityaffairs.com/142941/malware/cisa-fbi-royal-ransomware-alert.html
New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprise Devices
https://thehackernews.com/2023/03/new-flaws-in-tpm-20-library-pose-threat.html
BrandPost: It’s Time to Create More Opportunities for Women in Cybersecurity
https://www.csoonline.com/article/3689878/it-s-time-to-create-more-opportunities-for-women-in-cybersecurity.html#tk.rss_all
EPA Releases Water Systems Cyber Requirement in Tandem with National Strategy
https://malware.news/t/epa-releases-water-systems-cyber-requirement-in-tandem-with-national-strategy/67679#post_1
Chinese Hackers Targeting European Entities with New MQsTTang Backdoor
https://thehackernews.com/2023/03/chinese-hackers-targeting-european.html
More industry perspective on the US National Cybersecurity Strategy.
https://thecyberwire.com/stories/2b0034777a104104ad9ce191e3dd84bd/continued-industry-perspectives-on-the-us-national-cybersecurity-strategy-release
New exploits are tricking Chrome.
https://thecyberwire.com/podcasts/research-saturday/271/notes
Hackers Can Turn Bing's AI Chatbot Into a Convincing Scammer, Researchers Say
https://www.vice.com/en_us/article/7kxzzz/hackers-bing-ai-scammer
YouTube under fire for allegedly gathering children's data
https://www.malwarebytes.com/blog/news/2023/03/youtube-under-fire-for-allegedly-gathering-uk-childrens-data
What is the Future of Cyberattacks in 2030 (and Beyond)?
https://securityintelligence.com/articles/what-is-the-future-of-cyberattacks/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
The U.S. CISA and FBI warn of Royal ransomware operation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of the capabilities of the recently emerged Royal ransomware.
Top Security News for 05/03/2023
Access Token Manipulation: SID-History Injection
https://www.reddit.com/r/Malware/comments/11hyj2m/access_token_manipulation_sidhistory_injection/
A year of wipers: How the Kremlin-backed Sandworm has attacked Ukraine during the war
https://malware.news/t/a-year-of-wipers-how-the-kremlin-backed-sandworm-has-attacked-ukraine-during-the-war/67684#post_1
Hacking the Nintendo DSi Browser
https://www.reddit.com/r/netsec/comments/11hss7h/hacking_the_nintendo_dsi_browser/
Gabriela Smith-Sherman: Thriving in the chaos. [Cyber governance]
https://thecyberwire.com/podcasts/career-notes/139/notes
BidenCash leaks 2.1M stolen credit/debit cards
https://securityaffairs.com/143006/cyber-crime/bidencash-leaks-2-1m-cards.html
Security Affairs newsletter Round 409 by Pierluigi Paganini
https://securityaffairs.com/143047/breaking-news/security-affairs-newsletter-round-409-by-pierluigi-paganini.html
New FiXS ATM Malware Targeting Mexican Banks
https://thehackernews.com/2023/03/new-fixs-atm-malware-targeting-mexican.html
Looking for an iOS Remote Access Tool RAT)
https://www.reddit.com/r/Malware/comments/11ioyva/looking_for_an_ios_remote_access_tool_rat/
FiXS, a new ATM malware that is targeting Mexican banks
https://securityaffairs.com/143022/malware/fixs-atm-malware-mexican-banks.html
This Time i asked ChatGPT to code ransomware using chacha20 encryption and here are the results.
https://www.reddit.com/r/Malware/comments/11ih2f7/this_time_i_asked_chatgpt_to_code_ransomware/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Access Token Manipulation: SID-History Injection
https://www.reddit.com/r/Malware/comments/11hyj2m/access_token_manipulation_sidhistory_injection/
A year of wipers: How the Kremlin-backed Sandworm has attacked Ukraine during the war
https://malware.news/t/a-year-of-wipers-how-the-kremlin-backed-sandworm-has-attacked-ukraine-during-the-war/67684#post_1
Hacking the Nintendo DSi Browser
https://www.reddit.com/r/netsec/comments/11hss7h/hacking_the_nintendo_dsi_browser/
Gabriela Smith-Sherman: Thriving in the chaos. [Cyber governance]
https://thecyberwire.com/podcasts/career-notes/139/notes
BidenCash leaks 2.1M stolen credit/debit cards
https://securityaffairs.com/143006/cyber-crime/bidencash-leaks-2-1m-cards.html
Security Affairs newsletter Round 409 by Pierluigi Paganini
https://securityaffairs.com/143047/breaking-news/security-affairs-newsletter-round-409-by-pierluigi-paganini.html
New FiXS ATM Malware Targeting Mexican Banks
https://thehackernews.com/2023/03/new-fixs-atm-malware-targeting-mexican.html
Looking for an iOS Remote Access Tool RAT)
https://www.reddit.com/r/Malware/comments/11ioyva/looking_for_an_ios_remote_access_tool_rat/
FiXS, a new ATM malware that is targeting Mexican banks
https://securityaffairs.com/143022/malware/fixs-atm-malware-mexican-banks.html
This Time i asked ChatGPT to code ransomware using chacha20 encryption and here are the results.
https://www.reddit.com/r/Malware/comments/11ih2f7/this_time_i_asked_chatgpt_to_code_ransomware/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/Malware on Reddit: Access Token Manipulation: SID-History Injection
Posted by u/vyasarvenkat - No votes and no comments
Top Security News for 06/03/2023
Obfuscating Rubeus using Codecepticon
https://www.reddit.com/r/netsec/comments/11ivncl/obfuscating_rubeus_using_codecepticon/
Lord Of The Ring0 - Part 4 is out!
https://www.reddit.com/r/netsec/comments/11ivjyx/lord_of_the_ring0_part_4_is_out/
Colour-Blind, a fully featured info stealer and RAT in PyPI
https://securityaffairs.com/143066/cyber-crime/colour-blind-malware-pypi.html
2022 Year in Review
https://malware.news/t/2022-year-in-review/67685#post_1
ISC Stormcast For Monday, March 6th, 2023 https://isc.sans.edu/podcastdetail.html?id=8396, (Mon, Mar 6th)
https://isc.sans.edu/diary/rss/29604
An unknown file that is possibly a trojan
https://www.reddit.com/r/Malware/comments/11jhnvp/an_unknown_file_that_is_possibly_a_trojan/
“StreamJacking” - Hijacking Hundreds of YouTube Channels Per Day Propagating Elon Musk Branded Crypto Giveaway Scams
https://www.reddit.com/r/netsec/comments/11isw84/streamjacking_hijacking_hundreds_of_youtube/
ISC Stormcast For Monday, March 6th, 2023 https://isc.sans.edu/podcastdetail.html?id=8396, (Mon, Mar 6th)
https://malware.news/t/isc-stormcast-for-monday-march-6th-2023-https-isc-sans-edu-podcastdetail-html-id-8396-mon-mar-6th/67686#post_1
Passive Takeover - uncovering (and emulating) an expensive subdomain takeover campaign
https://www.reddit.com/r/netsec/comments/11ivu90/passive_takeover_uncovering_and_emulating_an/
ASEC Weekly Phishing Email Threat Trends (February 19th, 2023 – February 25th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-february-19th-2023-february-25th-2023/67687#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Obfuscating Rubeus using Codecepticon
https://www.reddit.com/r/netsec/comments/11ivncl/obfuscating_rubeus_using_codecepticon/
Lord Of The Ring0 - Part 4 is out!
https://www.reddit.com/r/netsec/comments/11ivjyx/lord_of_the_ring0_part_4_is_out/
Colour-Blind, a fully featured info stealer and RAT in PyPI
https://securityaffairs.com/143066/cyber-crime/colour-blind-malware-pypi.html
2022 Year in Review
https://malware.news/t/2022-year-in-review/67685#post_1
ISC Stormcast For Monday, March 6th, 2023 https://isc.sans.edu/podcastdetail.html?id=8396, (Mon, Mar 6th)
https://isc.sans.edu/diary/rss/29604
An unknown file that is possibly a trojan
https://www.reddit.com/r/Malware/comments/11jhnvp/an_unknown_file_that_is_possibly_a_trojan/
“StreamJacking” - Hijacking Hundreds of YouTube Channels Per Day Propagating Elon Musk Branded Crypto Giveaway Scams
https://www.reddit.com/r/netsec/comments/11isw84/streamjacking_hijacking_hundreds_of_youtube/
ISC Stormcast For Monday, March 6th, 2023 https://isc.sans.edu/podcastdetail.html?id=8396, (Mon, Mar 6th)
https://malware.news/t/isc-stormcast-for-monday-march-6th-2023-https-isc-sans-edu-podcastdetail-html-id-8396-mon-mar-6th/67686#post_1
Passive Takeover - uncovering (and emulating) an expensive subdomain takeover campaign
https://www.reddit.com/r/netsec/comments/11ivu90/passive_takeover_uncovering_and_emulating_an/
ASEC Weekly Phishing Email Threat Trends (February 19th, 2023 – February 25th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-february-19th-2023-february-25th-2023/67687#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: Obfuscating Rubeus using Codecepticon
Posted by u/h0wlett - No votes and no comments
Top Security News for 07/03/2023
How to Hack VNC with Metasploit – Ethical Hacking Tutorial
https://0x00sec.org/t/how-to-hack-vnc-with-metasploit-ethical-hacking-tutorial/33755
Experts Discover Flaw in U.S. Govt's Chosen Quantum-Resistant Encryption Algorithm
https://thehackernews.com/2023/03/experts-discover-flaw-in-us-govts.html
Municipal CISOs grapple with challenges as cyber threats soar
https://www.csoonline.com/article/3688958/municipal-cisos-grapple-with-challenges-as-cyber-threats-soar.html#tk.rss_all
Experts Reveal Google Cloud Platform's Blind Spot for Data Exfiltration Attacks
https://thehackernews.com/2023/03/experts-reveal-google-cloud-platforms.html
Device trust (noun)
https://thecyberwire.com/podcasts/word-notes/138/notes
Hackers could play fetch with pet app user data. Booking.com says it wasn’t compromised by recently discovered bugs.
https://thecyberwire.com/podcasts/privacy-briefing/779/notes
Lazarus Group Attack Case Using Vulnerability of Certificate Software Commonly Used by Public Institutions and Universities
https://malware.news/t/lazarus-group-attack-case-using-vulnerability-of-certificate-software-commonly-used-by-public-institutions-and-universities/67715#post_1
Security Patch Management Strengthens Ransomware Defense
https://malware.news/t/security-patch-management-strengthens-ransomware-defense/67714#post_1
ISC Stormcast For Tuesday, March 7th, 2023 https://isc.sans.edu/podcastdetail.html?id=8398, (Tue, Mar 7th)
https://isc.sans.edu/diary/rss/29608
PayPal sued for negligence in data breach that affected 35,000 users
https://www.csoonline.com/article/3689883/paypal-sued-for-negligence-in-data-breach-that-affected-35000-users.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
How to Hack VNC with Metasploit – Ethical Hacking Tutorial
https://0x00sec.org/t/how-to-hack-vnc-with-metasploit-ethical-hacking-tutorial/33755
Experts Discover Flaw in U.S. Govt's Chosen Quantum-Resistant Encryption Algorithm
https://thehackernews.com/2023/03/experts-discover-flaw-in-us-govts.html
Municipal CISOs grapple with challenges as cyber threats soar
https://www.csoonline.com/article/3688958/municipal-cisos-grapple-with-challenges-as-cyber-threats-soar.html#tk.rss_all
Experts Reveal Google Cloud Platform's Blind Spot for Data Exfiltration Attacks
https://thehackernews.com/2023/03/experts-reveal-google-cloud-platforms.html
Device trust (noun)
https://thecyberwire.com/podcasts/word-notes/138/notes
Hackers could play fetch with pet app user data. Booking.com says it wasn’t compromised by recently discovered bugs.
https://thecyberwire.com/podcasts/privacy-briefing/779/notes
Lazarus Group Attack Case Using Vulnerability of Certificate Software Commonly Used by Public Institutions and Universities
https://malware.news/t/lazarus-group-attack-case-using-vulnerability-of-certificate-software-commonly-used-by-public-institutions-and-universities/67715#post_1
Security Patch Management Strengthens Ransomware Defense
https://malware.news/t/security-patch-management-strengthens-ransomware-defense/67714#post_1
ISC Stormcast For Tuesday, March 7th, 2023 https://isc.sans.edu/podcastdetail.html?id=8398, (Tue, Mar 7th)
https://isc.sans.edu/diary/rss/29608
PayPal sued for negligence in data breach that affected 35,000 users
https://www.csoonline.com/article/3689883/paypal-sued-for-negligence-in-data-breach-that-affected-35000-users.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
0x00sec - The Home of the Hacker
How to Hack VNC with Metasploit – Ethical Hacking Tutorial
Welcome back, fellow hackers! This post continues our Pre-Exploitation Phase, well it kind of, because chances are that we actually find a way to get inside of a system here. Today we will talk about how to hack VNC with Metasploit. VNC is a popular tool…
Top Security News for 08/03/2023
BrandPost: Protecting yourself from DDoS attacks
https://www.csoonline.com/article/3689812/protecting-yourself-from-ddos-attacks.html#tk.rss_all
This Website Wants to Use AI to Make Models Obsolete
https://www.vice.com/en_us/article/93k933/this-website-wants-to-use-ai-to-make-models-obsolete
Chat GPT gets its first bug bounty
https://www.reddit.com/r/netsec/comments/11lmrzo/chat_gpt_gets_its_first_bug_bounty/
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/07-03-2023
ISC StormCast for Wednesday, March 8th, 2023
https://isc.sans.edu/podcastdetail.html?id=8400
I made a VS Code extension to view nmap results in a graph view. Helpful if you like to keep notes in MarkDown. Let me know what you think about it.
https://www.reddit.com/r/netsec/comments/11l5ark/i_made_a_vs_code_extension_to_view_nmap_results/
SYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure Firms
https://thehackernews.com/2023/03/sys01stealer-new-threat-using-facebook.html
Authentication Bypass Vulnerability in Mura CMS and Masa CMS
https://www.reddit.com/r/netsec/comments/11l4m4h/authentication_bypass_vulnerability_in_mura_cms/
Meeting Today’s Complex Data Privacy Challenges
https://securityintelligence.com/posts/meeting-todays-complex-data-privacy-challenges/
BlackMamba: Using AI to Generate Polymorphic Malware
https://malware.news/t/blackmamba-using-ai-to-generate-polymorphic-malware/67742#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
BrandPost: Protecting yourself from DDoS attacks
https://www.csoonline.com/article/3689812/protecting-yourself-from-ddos-attacks.html#tk.rss_all
This Website Wants to Use AI to Make Models Obsolete
https://www.vice.com/en_us/article/93k933/this-website-wants-to-use-ai-to-make-models-obsolete
Chat GPT gets its first bug bounty
https://www.reddit.com/r/netsec/comments/11lmrzo/chat_gpt_gets_its_first_bug_bounty/
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/07-03-2023
ISC StormCast for Wednesday, March 8th, 2023
https://isc.sans.edu/podcastdetail.html?id=8400
I made a VS Code extension to view nmap results in a graph view. Helpful if you like to keep notes in MarkDown. Let me know what you think about it.
https://www.reddit.com/r/netsec/comments/11l5ark/i_made_a_vs_code_extension_to_view_nmap_results/
SYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure Firms
https://thehackernews.com/2023/03/sys01stealer-new-threat-using-facebook.html
Authentication Bypass Vulnerability in Mura CMS and Masa CMS
https://www.reddit.com/r/netsec/comments/11l4m4h/authentication_bypass_vulnerability_in_mura_cms/
Meeting Today’s Complex Data Privacy Challenges
https://securityintelligence.com/posts/meeting-todays-complex-data-privacy-challenges/
BlackMamba: Using AI to Generate Polymorphic Malware
https://malware.news/t/blackmamba-using-ai-to-generate-polymorphic-malware/67742#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
Protecting yourself from DDoS attacks
Proactive planning and preparation can help you more effectively defend against a DDoS attack. Consider these tips to strengthen your protection and deal with potential attacks.
👍1