Top Security News for 04/03/2023
The U.S. CISA and FBI warn of Royal ransomware operation
https://securityaffairs.com/142941/malware/cisa-fbi-royal-ransomware-alert.html
New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprise Devices
https://thehackernews.com/2023/03/new-flaws-in-tpm-20-library-pose-threat.html
BrandPost: It’s Time to Create More Opportunities for Women in Cybersecurity
https://www.csoonline.com/article/3689878/it-s-time-to-create-more-opportunities-for-women-in-cybersecurity.html#tk.rss_all
EPA Releases Water Systems Cyber Requirement in Tandem with National Strategy
https://malware.news/t/epa-releases-water-systems-cyber-requirement-in-tandem-with-national-strategy/67679#post_1
Chinese Hackers Targeting European Entities with New MQsTTang Backdoor
https://thehackernews.com/2023/03/chinese-hackers-targeting-european.html
More industry perspective on the US National Cybersecurity Strategy.
https://thecyberwire.com/stories/2b0034777a104104ad9ce191e3dd84bd/continued-industry-perspectives-on-the-us-national-cybersecurity-strategy-release
New exploits are tricking Chrome.
https://thecyberwire.com/podcasts/research-saturday/271/notes
Hackers Can Turn Bing's AI Chatbot Into a Convincing Scammer, Researchers Say
https://www.vice.com/en_us/article/7kxzzz/hackers-bing-ai-scammer
YouTube under fire for allegedly gathering children's data
https://www.malwarebytes.com/blog/news/2023/03/youtube-under-fire-for-allegedly-gathering-uk-childrens-data
What is the Future of Cyberattacks in 2030 (and Beyond)?
https://securityintelligence.com/articles/what-is-the-future-of-cyberattacks/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The U.S. CISA and FBI warn of Royal ransomware operation
https://securityaffairs.com/142941/malware/cisa-fbi-royal-ransomware-alert.html
New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprise Devices
https://thehackernews.com/2023/03/new-flaws-in-tpm-20-library-pose-threat.html
BrandPost: It’s Time to Create More Opportunities for Women in Cybersecurity
https://www.csoonline.com/article/3689878/it-s-time-to-create-more-opportunities-for-women-in-cybersecurity.html#tk.rss_all
EPA Releases Water Systems Cyber Requirement in Tandem with National Strategy
https://malware.news/t/epa-releases-water-systems-cyber-requirement-in-tandem-with-national-strategy/67679#post_1
Chinese Hackers Targeting European Entities with New MQsTTang Backdoor
https://thehackernews.com/2023/03/chinese-hackers-targeting-european.html
More industry perspective on the US National Cybersecurity Strategy.
https://thecyberwire.com/stories/2b0034777a104104ad9ce191e3dd84bd/continued-industry-perspectives-on-the-us-national-cybersecurity-strategy-release
New exploits are tricking Chrome.
https://thecyberwire.com/podcasts/research-saturday/271/notes
Hackers Can Turn Bing's AI Chatbot Into a Convincing Scammer, Researchers Say
https://www.vice.com/en_us/article/7kxzzz/hackers-bing-ai-scammer
YouTube under fire for allegedly gathering children's data
https://www.malwarebytes.com/blog/news/2023/03/youtube-under-fire-for-allegedly-gathering-uk-childrens-data
What is the Future of Cyberattacks in 2030 (and Beyond)?
https://securityintelligence.com/articles/what-is-the-future-of-cyberattacks/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
The U.S. CISA and FBI warn of Royal ransomware operation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of the capabilities of the recently emerged Royal ransomware.
Top Security News for 05/03/2023
Access Token Manipulation: SID-History Injection
https://www.reddit.com/r/Malware/comments/11hyj2m/access_token_manipulation_sidhistory_injection/
A year of wipers: How the Kremlin-backed Sandworm has attacked Ukraine during the war
https://malware.news/t/a-year-of-wipers-how-the-kremlin-backed-sandworm-has-attacked-ukraine-during-the-war/67684#post_1
Hacking the Nintendo DSi Browser
https://www.reddit.com/r/netsec/comments/11hss7h/hacking_the_nintendo_dsi_browser/
Gabriela Smith-Sherman: Thriving in the chaos. [Cyber governance]
https://thecyberwire.com/podcasts/career-notes/139/notes
BidenCash leaks 2.1M stolen credit/debit cards
https://securityaffairs.com/143006/cyber-crime/bidencash-leaks-2-1m-cards.html
Security Affairs newsletter Round 409 by Pierluigi Paganini
https://securityaffairs.com/143047/breaking-news/security-affairs-newsletter-round-409-by-pierluigi-paganini.html
New FiXS ATM Malware Targeting Mexican Banks
https://thehackernews.com/2023/03/new-fixs-atm-malware-targeting-mexican.html
Looking for an iOS Remote Access Tool RAT)
https://www.reddit.com/r/Malware/comments/11ioyva/looking_for_an_ios_remote_access_tool_rat/
FiXS, a new ATM malware that is targeting Mexican banks
https://securityaffairs.com/143022/malware/fixs-atm-malware-mexican-banks.html
This Time i asked ChatGPT to code ransomware using chacha20 encryption and here are the results.
https://www.reddit.com/r/Malware/comments/11ih2f7/this_time_i_asked_chatgpt_to_code_ransomware/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Access Token Manipulation: SID-History Injection
https://www.reddit.com/r/Malware/comments/11hyj2m/access_token_manipulation_sidhistory_injection/
A year of wipers: How the Kremlin-backed Sandworm has attacked Ukraine during the war
https://malware.news/t/a-year-of-wipers-how-the-kremlin-backed-sandworm-has-attacked-ukraine-during-the-war/67684#post_1
Hacking the Nintendo DSi Browser
https://www.reddit.com/r/netsec/comments/11hss7h/hacking_the_nintendo_dsi_browser/
Gabriela Smith-Sherman: Thriving in the chaos. [Cyber governance]
https://thecyberwire.com/podcasts/career-notes/139/notes
BidenCash leaks 2.1M stolen credit/debit cards
https://securityaffairs.com/143006/cyber-crime/bidencash-leaks-2-1m-cards.html
Security Affairs newsletter Round 409 by Pierluigi Paganini
https://securityaffairs.com/143047/breaking-news/security-affairs-newsletter-round-409-by-pierluigi-paganini.html
New FiXS ATM Malware Targeting Mexican Banks
https://thehackernews.com/2023/03/new-fixs-atm-malware-targeting-mexican.html
Looking for an iOS Remote Access Tool RAT)
https://www.reddit.com/r/Malware/comments/11ioyva/looking_for_an_ios_remote_access_tool_rat/
FiXS, a new ATM malware that is targeting Mexican banks
https://securityaffairs.com/143022/malware/fixs-atm-malware-mexican-banks.html
This Time i asked ChatGPT to code ransomware using chacha20 encryption and here are the results.
https://www.reddit.com/r/Malware/comments/11ih2f7/this_time_i_asked_chatgpt_to_code_ransomware/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/Malware on Reddit: Access Token Manipulation: SID-History Injection
Posted by u/vyasarvenkat - No votes and no comments
Top Security News for 06/03/2023
Obfuscating Rubeus using Codecepticon
https://www.reddit.com/r/netsec/comments/11ivncl/obfuscating_rubeus_using_codecepticon/
Lord Of The Ring0 - Part 4 is out!
https://www.reddit.com/r/netsec/comments/11ivjyx/lord_of_the_ring0_part_4_is_out/
Colour-Blind, a fully featured info stealer and RAT in PyPI
https://securityaffairs.com/143066/cyber-crime/colour-blind-malware-pypi.html
2022 Year in Review
https://malware.news/t/2022-year-in-review/67685#post_1
ISC Stormcast For Monday, March 6th, 2023 https://isc.sans.edu/podcastdetail.html?id=8396, (Mon, Mar 6th)
https://isc.sans.edu/diary/rss/29604
An unknown file that is possibly a trojan
https://www.reddit.com/r/Malware/comments/11jhnvp/an_unknown_file_that_is_possibly_a_trojan/
“StreamJacking” - Hijacking Hundreds of YouTube Channels Per Day Propagating Elon Musk Branded Crypto Giveaway Scams
https://www.reddit.com/r/netsec/comments/11isw84/streamjacking_hijacking_hundreds_of_youtube/
ISC Stormcast For Monday, March 6th, 2023 https://isc.sans.edu/podcastdetail.html?id=8396, (Mon, Mar 6th)
https://malware.news/t/isc-stormcast-for-monday-march-6th-2023-https-isc-sans-edu-podcastdetail-html-id-8396-mon-mar-6th/67686#post_1
Passive Takeover - uncovering (and emulating) an expensive subdomain takeover campaign
https://www.reddit.com/r/netsec/comments/11ivu90/passive_takeover_uncovering_and_emulating_an/
ASEC Weekly Phishing Email Threat Trends (February 19th, 2023 – February 25th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-february-19th-2023-february-25th-2023/67687#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Obfuscating Rubeus using Codecepticon
https://www.reddit.com/r/netsec/comments/11ivncl/obfuscating_rubeus_using_codecepticon/
Lord Of The Ring0 - Part 4 is out!
https://www.reddit.com/r/netsec/comments/11ivjyx/lord_of_the_ring0_part_4_is_out/
Colour-Blind, a fully featured info stealer and RAT in PyPI
https://securityaffairs.com/143066/cyber-crime/colour-blind-malware-pypi.html
2022 Year in Review
https://malware.news/t/2022-year-in-review/67685#post_1
ISC Stormcast For Monday, March 6th, 2023 https://isc.sans.edu/podcastdetail.html?id=8396, (Mon, Mar 6th)
https://isc.sans.edu/diary/rss/29604
An unknown file that is possibly a trojan
https://www.reddit.com/r/Malware/comments/11jhnvp/an_unknown_file_that_is_possibly_a_trojan/
“StreamJacking” - Hijacking Hundreds of YouTube Channels Per Day Propagating Elon Musk Branded Crypto Giveaway Scams
https://www.reddit.com/r/netsec/comments/11isw84/streamjacking_hijacking_hundreds_of_youtube/
ISC Stormcast For Monday, March 6th, 2023 https://isc.sans.edu/podcastdetail.html?id=8396, (Mon, Mar 6th)
https://malware.news/t/isc-stormcast-for-monday-march-6th-2023-https-isc-sans-edu-podcastdetail-html-id-8396-mon-mar-6th/67686#post_1
Passive Takeover - uncovering (and emulating) an expensive subdomain takeover campaign
https://www.reddit.com/r/netsec/comments/11ivu90/passive_takeover_uncovering_and_emulating_an/
ASEC Weekly Phishing Email Threat Trends (February 19th, 2023 – February 25th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-february-19th-2023-february-25th-2023/67687#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: Obfuscating Rubeus using Codecepticon
Posted by u/h0wlett - No votes and no comments
Top Security News for 07/03/2023
How to Hack VNC with Metasploit – Ethical Hacking Tutorial
https://0x00sec.org/t/how-to-hack-vnc-with-metasploit-ethical-hacking-tutorial/33755
Experts Discover Flaw in U.S. Govt's Chosen Quantum-Resistant Encryption Algorithm
https://thehackernews.com/2023/03/experts-discover-flaw-in-us-govts.html
Municipal CISOs grapple with challenges as cyber threats soar
https://www.csoonline.com/article/3688958/municipal-cisos-grapple-with-challenges-as-cyber-threats-soar.html#tk.rss_all
Experts Reveal Google Cloud Platform's Blind Spot for Data Exfiltration Attacks
https://thehackernews.com/2023/03/experts-reveal-google-cloud-platforms.html
Device trust (noun)
https://thecyberwire.com/podcasts/word-notes/138/notes
Hackers could play fetch with pet app user data. Booking.com says it wasn’t compromised by recently discovered bugs.
https://thecyberwire.com/podcasts/privacy-briefing/779/notes
Lazarus Group Attack Case Using Vulnerability of Certificate Software Commonly Used by Public Institutions and Universities
https://malware.news/t/lazarus-group-attack-case-using-vulnerability-of-certificate-software-commonly-used-by-public-institutions-and-universities/67715#post_1
Security Patch Management Strengthens Ransomware Defense
https://malware.news/t/security-patch-management-strengthens-ransomware-defense/67714#post_1
ISC Stormcast For Tuesday, March 7th, 2023 https://isc.sans.edu/podcastdetail.html?id=8398, (Tue, Mar 7th)
https://isc.sans.edu/diary/rss/29608
PayPal sued for negligence in data breach that affected 35,000 users
https://www.csoonline.com/article/3689883/paypal-sued-for-negligence-in-data-breach-that-affected-35000-users.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
How to Hack VNC with Metasploit – Ethical Hacking Tutorial
https://0x00sec.org/t/how-to-hack-vnc-with-metasploit-ethical-hacking-tutorial/33755
Experts Discover Flaw in U.S. Govt's Chosen Quantum-Resistant Encryption Algorithm
https://thehackernews.com/2023/03/experts-discover-flaw-in-us-govts.html
Municipal CISOs grapple with challenges as cyber threats soar
https://www.csoonline.com/article/3688958/municipal-cisos-grapple-with-challenges-as-cyber-threats-soar.html#tk.rss_all
Experts Reveal Google Cloud Platform's Blind Spot for Data Exfiltration Attacks
https://thehackernews.com/2023/03/experts-reveal-google-cloud-platforms.html
Device trust (noun)
https://thecyberwire.com/podcasts/word-notes/138/notes
Hackers could play fetch with pet app user data. Booking.com says it wasn’t compromised by recently discovered bugs.
https://thecyberwire.com/podcasts/privacy-briefing/779/notes
Lazarus Group Attack Case Using Vulnerability of Certificate Software Commonly Used by Public Institutions and Universities
https://malware.news/t/lazarus-group-attack-case-using-vulnerability-of-certificate-software-commonly-used-by-public-institutions-and-universities/67715#post_1
Security Patch Management Strengthens Ransomware Defense
https://malware.news/t/security-patch-management-strengthens-ransomware-defense/67714#post_1
ISC Stormcast For Tuesday, March 7th, 2023 https://isc.sans.edu/podcastdetail.html?id=8398, (Tue, Mar 7th)
https://isc.sans.edu/diary/rss/29608
PayPal sued for negligence in data breach that affected 35,000 users
https://www.csoonline.com/article/3689883/paypal-sued-for-negligence-in-data-breach-that-affected-35000-users.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
0x00sec - The Home of the Hacker
How to Hack VNC with Metasploit – Ethical Hacking Tutorial
Welcome back, fellow hackers! This post continues our Pre-Exploitation Phase, well it kind of, because chances are that we actually find a way to get inside of a system here. Today we will talk about how to hack VNC with Metasploit. VNC is a popular tool…
Top Security News for 08/03/2023
BrandPost: Protecting yourself from DDoS attacks
https://www.csoonline.com/article/3689812/protecting-yourself-from-ddos-attacks.html#tk.rss_all
This Website Wants to Use AI to Make Models Obsolete
https://www.vice.com/en_us/article/93k933/this-website-wants-to-use-ai-to-make-models-obsolete
Chat GPT gets its first bug bounty
https://www.reddit.com/r/netsec/comments/11lmrzo/chat_gpt_gets_its_first_bug_bounty/
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/07-03-2023
ISC StormCast for Wednesday, March 8th, 2023
https://isc.sans.edu/podcastdetail.html?id=8400
I made a VS Code extension to view nmap results in a graph view. Helpful if you like to keep notes in MarkDown. Let me know what you think about it.
https://www.reddit.com/r/netsec/comments/11l5ark/i_made_a_vs_code_extension_to_view_nmap_results/
SYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure Firms
https://thehackernews.com/2023/03/sys01stealer-new-threat-using-facebook.html
Authentication Bypass Vulnerability in Mura CMS and Masa CMS
https://www.reddit.com/r/netsec/comments/11l4m4h/authentication_bypass_vulnerability_in_mura_cms/
Meeting Today’s Complex Data Privacy Challenges
https://securityintelligence.com/posts/meeting-todays-complex-data-privacy-challenges/
BlackMamba: Using AI to Generate Polymorphic Malware
https://malware.news/t/blackmamba-using-ai-to-generate-polymorphic-malware/67742#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
BrandPost: Protecting yourself from DDoS attacks
https://www.csoonline.com/article/3689812/protecting-yourself-from-ddos-attacks.html#tk.rss_all
This Website Wants to Use AI to Make Models Obsolete
https://www.vice.com/en_us/article/93k933/this-website-wants-to-use-ai-to-make-models-obsolete
Chat GPT gets its first bug bounty
https://www.reddit.com/r/netsec/comments/11lmrzo/chat_gpt_gets_its_first_bug_bounty/
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/07-03-2023
ISC StormCast for Wednesday, March 8th, 2023
https://isc.sans.edu/podcastdetail.html?id=8400
I made a VS Code extension to view nmap results in a graph view. Helpful if you like to keep notes in MarkDown. Let me know what you think about it.
https://www.reddit.com/r/netsec/comments/11l5ark/i_made_a_vs_code_extension_to_view_nmap_results/
SYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure Firms
https://thehackernews.com/2023/03/sys01stealer-new-threat-using-facebook.html
Authentication Bypass Vulnerability in Mura CMS and Masa CMS
https://www.reddit.com/r/netsec/comments/11l4m4h/authentication_bypass_vulnerability_in_mura_cms/
Meeting Today’s Complex Data Privacy Challenges
https://securityintelligence.com/posts/meeting-todays-complex-data-privacy-challenges/
BlackMamba: Using AI to Generate Polymorphic Malware
https://malware.news/t/blackmamba-using-ai-to-generate-polymorphic-malware/67742#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
Protecting yourself from DDoS attacks
Proactive planning and preparation can help you more effectively defend against a DDoS attack. Consider these tips to strengthen your protection and deal with potential attacks.
👍1
Top Security News for 09/03/2023
ISC Stormcast For Thursday, March 9th, 2023 https://isc.sans.edu/podcastdetail.html?id=8402, (Thu, Mar 9th)
https://isc.sans.edu/diary/rss/29616
The Threat on Your Desk: Building an Evil USB-C Dock
https://www.reddit.com/r/netsec/comments/11melvr/the_threat_on_your_desk_building_an_evil_usbc_dock/
Beating an old PHP source code protector
https://www.reddit.com/r/netsec/comments/11luraq/beating_an_old_php_source_code_protector/
Data breaches and IP. Current cyberespionage campaigns. A warning that the cyber phases of the hybrid war can’t be expected to be over, yet. Exfiltration via machine learning inference.
https://thecyberwire.com/podcasts/daily-podcast/1775/notes
Ransomware review: March 2023
https://www.malwarebytes.com/blog/threat-intelligence/2023/03/ransomware-review-march-2023
Jailbreaking LLM (ChatGPT) Sandboxes Using Linguistic Hacks
https://www.reddit.com/r/netsec/comments/11m60r0/jailbreaking_llm_chatgpt_sandboxes_using/
PlugX Malware Being Distributed via Vulnerability Exploitation
https://malware.news/t/plugx-malware-being-distributed-via-vulnerability-exploitation/67774#post_1
CorePlague: Severe Vulnerabilities in Jenkins Server Lead to Remote Code Execution
https://www.reddit.com/r/netsec/comments/11m090x/coreplague_severe_vulnerabilities_in_jenkins/
Today I Learned .. a new thing about GREP, (Thu, Mar 9th)
https://malware.news/t/today-i-learned-a-new-thing-about-grep-thu-mar-9th/67777#post_1
DeepStreamer: Illegal movie streaming platforms hide lucrative ad fraud operation
https://www.malwarebytes.com/blog/threat-intelligence/2023/03/deepstreamer-illegal-movie-streaming-platforms-hide-lucrative-ad-fraud-operation
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Thursday, March 9th, 2023 https://isc.sans.edu/podcastdetail.html?id=8402, (Thu, Mar 9th)
https://isc.sans.edu/diary/rss/29616
The Threat on Your Desk: Building an Evil USB-C Dock
https://www.reddit.com/r/netsec/comments/11melvr/the_threat_on_your_desk_building_an_evil_usbc_dock/
Beating an old PHP source code protector
https://www.reddit.com/r/netsec/comments/11luraq/beating_an_old_php_source_code_protector/
Data breaches and IP. Current cyberespionage campaigns. A warning that the cyber phases of the hybrid war can’t be expected to be over, yet. Exfiltration via machine learning inference.
https://thecyberwire.com/podcasts/daily-podcast/1775/notes
Ransomware review: March 2023
https://www.malwarebytes.com/blog/threat-intelligence/2023/03/ransomware-review-march-2023
Jailbreaking LLM (ChatGPT) Sandboxes Using Linguistic Hacks
https://www.reddit.com/r/netsec/comments/11m60r0/jailbreaking_llm_chatgpt_sandboxes_using/
PlugX Malware Being Distributed via Vulnerability Exploitation
https://malware.news/t/plugx-malware-being-distributed-via-vulnerability-exploitation/67774#post_1
CorePlague: Severe Vulnerabilities in Jenkins Server Lead to Remote Code Execution
https://www.reddit.com/r/netsec/comments/11m090x/coreplague_severe_vulnerabilities_in_jenkins/
Today I Learned .. a new thing about GREP, (Thu, Mar 9th)
https://malware.news/t/today-i-learned-a-new-thing-about-grep-thu-mar-9th/67777#post_1
DeepStreamer: Illegal movie streaming platforms hide lucrative ad fraud operation
https://www.malwarebytes.com/blog/threat-intelligence/2023/03/deepstreamer-illegal-movie-streaming-platforms-hide-lucrative-ad-fraud-operation
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Thursday, March 9th, 2023 - SANS ISC
Top Security News for 10/03/2023
Stolen credentials increasingly empower the cybercrime underground
https://www.csoonline.com/article/3690409/stolen-credentials-increasingly-empower-the-cybercrime-underground.html#tk.rss_all
Congressional health insurance service hit by data breach
https://www.csoonline.com/article/3690512/congressional-health-insurance-service-hit-by-data-breach.html#tk.rss_all
GitHub begins 2FA rollout for code contributors
https://www.csoonline.com/article/3690329/github-begins-2fa-rollout-for-code-contributors.html#tk.rss_all
EJS - Server Side Prototype Pollution gadgets to RCE
https://www.reddit.com/r/netsec/comments/11n80cn/ejs_server_side_prototype_pollution_gadgets_to_rce/
8220 Gang used new ScrubCrypt crypter in recent cryptojacking attacks
https://securityaffairs.com/143252/hacking/scrubcrypt-crypter-cryptojacking-attacks.html
2023-03-08 - IcedID (Bokbot) infection with BackConnect and VNC traffic
https://malware.news/t/2023-03-08-icedid-bokbot-infection-with-backconnect-and-vnc-traffic/67805#post_1
Pwning Akuvox E11 Smart Intercom
https://www.reddit.com/r/netsec/comments/11n0hvr/pwning_akuvox_e11_smart_intercom/
Lazarus group infiltrated South Korean finance firm twice last year
https://www.csoonline.com/article/3690330/lazarus-group-infiltrated-south-korean-finance-firm-twice-last-year.html#tk.rss_all
ISC Stormcast For Friday, March 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8404, (Fri, Mar 10th)
https://isc.sans.edu/diary/rss/29622
Malvertising through search engines
https://securelist.com/malvertising-through-search-engines/108996/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Stolen credentials increasingly empower the cybercrime underground
https://www.csoonline.com/article/3690409/stolen-credentials-increasingly-empower-the-cybercrime-underground.html#tk.rss_all
Congressional health insurance service hit by data breach
https://www.csoonline.com/article/3690512/congressional-health-insurance-service-hit-by-data-breach.html#tk.rss_all
GitHub begins 2FA rollout for code contributors
https://www.csoonline.com/article/3690329/github-begins-2fa-rollout-for-code-contributors.html#tk.rss_all
EJS - Server Side Prototype Pollution gadgets to RCE
https://www.reddit.com/r/netsec/comments/11n80cn/ejs_server_side_prototype_pollution_gadgets_to_rce/
8220 Gang used new ScrubCrypt crypter in recent cryptojacking attacks
https://securityaffairs.com/143252/hacking/scrubcrypt-crypter-cryptojacking-attacks.html
2023-03-08 - IcedID (Bokbot) infection with BackConnect and VNC traffic
https://malware.news/t/2023-03-08-icedid-bokbot-infection-with-backconnect-and-vnc-traffic/67805#post_1
Pwning Akuvox E11 Smart Intercom
https://www.reddit.com/r/netsec/comments/11n0hvr/pwning_akuvox_e11_smart_intercom/
Lazarus group infiltrated South Korean finance firm twice last year
https://www.csoonline.com/article/3690330/lazarus-group-infiltrated-south-korean-finance-firm-twice-last-year.html#tk.rss_all
ISC Stormcast For Friday, March 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8404, (Fri, Mar 10th)
https://isc.sans.edu/diary/rss/29622
Malvertising through search engines
https://securelist.com/malvertising-through-search-engines/108996/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
Stolen credentials increasingly empower the cybercrime underground
New research shows that criminal gangs are focusing more on acquiring stolen credentials to bypass security measures.
Top Security News for 19/03/2023
Earth Kitsune Delivers New WhiskerSpy Backdoor via Watering Hole Attack
https://www.reddit.com/r/Malware/comments/11v8v1r/earth_kitsune_delivers_new_whiskerspy_backdoor/
Kaspersky released a new decryptor for Conti-based ransomware
https://securityaffairs.com/143687/cyber-crime/kaspersky-decryptor-conti-based-ransomware.html
Fake Calls Android malware makes a comeback with advanced hiding techniques
https://www.reddit.com/r/Malware/comments/11urbk7/fake_calls_android_malware_makes_a_comeback_with/
VBA: resolving exports in runtime without NtQueryInformationProcess or GetProcAddress
https://www.reddit.com/r/netsec/comments/11utmnc/vba_resolving_exports_in_runtime_without/
Undocumented behavior change in Android 10: mode "w" no longer truncates
https://www.reddit.com/r/netsec/comments/11unesy/undocumented_behavior_change_in_android_10_mode_w/
The slow Tick‑ing time bomb: Tick APT group compromise of a DLP software developer in East Asia
https://www.reddit.com/r/Malware/comments/11v8pte/the_slow_ticking_time_bomb_tick_apt_group/
Feds arrested Pompompurin, the alleged owner of BreachForums
https://securityaffairs.com/143656/cyber-crime/breachforums-owner-pompompurin-arrested.html
Iron Tiger’s SysUpdate Reappears, Adds Linux Targeting
https://www.reddit.com/r/Malware/comments/11uofz2/iron_tigers_sysupdate_reappears_adds_linux/
US govt agencies released a joint alert on the Lockbit 3.0 ransomware
https://securityaffairs.com/143668/breaking-news/lockbit-3-0-ransomware-joint-alert.html
Havoc Across the Cyberspace
https://www.reddit.com/r/Malware/comments/11uohdt/havoc_across_the_cyberspace/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Earth Kitsune Delivers New WhiskerSpy Backdoor via Watering Hole Attack
https://www.reddit.com/r/Malware/comments/11v8v1r/earth_kitsune_delivers_new_whiskerspy_backdoor/
Kaspersky released a new decryptor for Conti-based ransomware
https://securityaffairs.com/143687/cyber-crime/kaspersky-decryptor-conti-based-ransomware.html
Fake Calls Android malware makes a comeback with advanced hiding techniques
https://www.reddit.com/r/Malware/comments/11urbk7/fake_calls_android_malware_makes_a_comeback_with/
VBA: resolving exports in runtime without NtQueryInformationProcess or GetProcAddress
https://www.reddit.com/r/netsec/comments/11utmnc/vba_resolving_exports_in_runtime_without/
Undocumented behavior change in Android 10: mode "w" no longer truncates
https://www.reddit.com/r/netsec/comments/11unesy/undocumented_behavior_change_in_android_10_mode_w/
The slow Tick‑ing time bomb: Tick APT group compromise of a DLP software developer in East Asia
https://www.reddit.com/r/Malware/comments/11v8pte/the_slow_ticking_time_bomb_tick_apt_group/
Feds arrested Pompompurin, the alleged owner of BreachForums
https://securityaffairs.com/143656/cyber-crime/breachforums-owner-pompompurin-arrested.html
Iron Tiger’s SysUpdate Reappears, Adds Linux Targeting
https://www.reddit.com/r/Malware/comments/11uofz2/iron_tigers_sysupdate_reappears_adds_linux/
US govt agencies released a joint alert on the Lockbit 3.0 ransomware
https://securityaffairs.com/143668/breaking-news/lockbit-3-0-ransomware-joint-alert.html
Havoc Across the Cyberspace
https://www.reddit.com/r/Malware/comments/11uohdt/havoc_across_the_cyberspace/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/Malware on Reddit: Earth Kitsune Delivers New WhiskerSpy Backdoor via Watering Hole Attack
Posted by u/montouesto - No votes and no comments
Top Security News for 20/03/2023
Got my OSCP!
https://www.reddit.com/r/netsec/comments/11vk71h/got_my_oscp/
NBA is warning fans of a data breach after a third-party newsletter service hack
https://securityaffairs.com/143693/data-breach/nba-data-breach.html
ISC Stormcast For Monday, March 20th, 2023 https://isc.sans.edu/podcastdetail.html?id=8416, (Mon, Mar 20th)
https://malware.news/t/isc-stormcast-for-monday-march-20th-2023-https-isc-sans-edu-podcastdetail-html-id-8416-mon-mar-20th/67980#post_1
LLM + Clean Room: Will LLMs be the death of code copyrights?
https://gynvael.coldwind.pl/?id=764
Security Affairs newsletter Round 411 by Pierluigi Paganini
https://securityaffairs.com/143707/breaking-news/security-affairs-newsletter-round-411-by-pierluigi-paganini.html
ISC Stormcast For Monday, March 20th, 2023 https://isc.sans.edu/podcastdetail.html?id=8416, (Mon, Mar 20th)
https://isc.sans.edu/diary/rss/29648
The emperor has no clothes - RSA conference prep.
https://thecyberwire.com/podcasts/cso-perspectives/103/notes
Emotet Rises Again: Evades Macro Security via OneNote Attachments
https://thehackernews.com/2023/03/emotet-rises-again-evades-macro.html
The emperor has no clothes: the current state of the CISO - RSA conference presentation prep.
https://thecyberwire.com/stories/7631ffa9662743069ec8732adf296883/the-emperor-has-no-clothes-the-current-state-of-the-ciso---rsa-conference-presentation-prep
Bitwarden PINs can be brute-forced, a how-to and reason for stronger master passwords.
https://www.reddit.com/r/netsec/comments/11vpnku/bitwarden_pins_can_be_bruteforced_a_howto_and/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Got my OSCP!
https://www.reddit.com/r/netsec/comments/11vk71h/got_my_oscp/
NBA is warning fans of a data breach after a third-party newsletter service hack
https://securityaffairs.com/143693/data-breach/nba-data-breach.html
ISC Stormcast For Monday, March 20th, 2023 https://isc.sans.edu/podcastdetail.html?id=8416, (Mon, Mar 20th)
https://malware.news/t/isc-stormcast-for-monday-march-20th-2023-https-isc-sans-edu-podcastdetail-html-id-8416-mon-mar-20th/67980#post_1
LLM + Clean Room: Will LLMs be the death of code copyrights?
https://gynvael.coldwind.pl/?id=764
Security Affairs newsletter Round 411 by Pierluigi Paganini
https://securityaffairs.com/143707/breaking-news/security-affairs-newsletter-round-411-by-pierluigi-paganini.html
ISC Stormcast For Monday, March 20th, 2023 https://isc.sans.edu/podcastdetail.html?id=8416, (Mon, Mar 20th)
https://isc.sans.edu/diary/rss/29648
The emperor has no clothes - RSA conference prep.
https://thecyberwire.com/podcasts/cso-perspectives/103/notes
Emotet Rises Again: Evades Macro Security via OneNote Attachments
https://thehackernews.com/2023/03/emotet-rises-again-evades-macro.html
The emperor has no clothes: the current state of the CISO - RSA conference presentation prep.
https://thecyberwire.com/stories/7631ffa9662743069ec8732adf296883/the-emperor-has-no-clothes-the-current-state-of-the-ciso---rsa-conference-presentation-prep
Bitwarden PINs can be brute-forced, a how-to and reason for stronger master passwords.
https://www.reddit.com/r/netsec/comments/11vpnku/bitwarden_pins_can_be_bruteforced_a_howto_and/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: Got my OSCP!
Posted by u/andy-codes - 53 votes and 7 comments
Top Security News for 21/03/2023
ShellBot Malware Being Distributed to Linux SSH Servers
https://www.reddit.com/r/netsec/comments/11x4rvs/shellbot_malware_being_distributed_to_linux_ssh/
DataSurgeon – Extract Sensitive Information (PII) From Logs
https://www.darknet.org.uk/2023/03/datasurgeon-extract-sensitive-information-pii-from-logs/
A week in security (March 13 - 19)
https://www.malwarebytes.com/blog/news/2023/03/a-week-in-security-march-13-19
2023-03-17 - Emotet Epoch 5 activity
https://malware.news/t/2023-03-17-emotet-epoch-5-activity/68004#post_1
Persistence – Service Control Manager
https://www.reddit.com/r/netsec/comments/11wn7vj/persistence_service_control_manager/
Find Threats in Event Logs with Hayabusa
https://www.reddit.com/r/netsec/comments/11x4gws/find_threats_in_event_logs_with_hayabusa/
Mispadu Banking Trojan Targets Latin America: 90,000+ Credentials Stolen
https://thehackernews.com/2023/03/mispadu-banking-trojan-targets-latin.html
7 guidelines for identifying and mitigating AI-enabled phishing campaigns
https://www.csoonline.com/article/3690418/7-guidelines-for-identifying-and-mitigating-ai-enabled-phishing-campaigns.html#tk.rss_all
Uncovering HinataBot: A Deep Dive into a Go-Based Threat
https://www.reddit.com/r/netsec/comments/11x4tra/uncovering_hinatabot_a_deep_dive_into_a_gobased/
From Phishing Kit To Telegram... or Not!, (Mon, Mar 20th)
https://isc.sans.edu/diary/rss/29650
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ShellBot Malware Being Distributed to Linux SSH Servers
https://www.reddit.com/r/netsec/comments/11x4rvs/shellbot_malware_being_distributed_to_linux_ssh/
DataSurgeon – Extract Sensitive Information (PII) From Logs
https://www.darknet.org.uk/2023/03/datasurgeon-extract-sensitive-information-pii-from-logs/
A week in security (March 13 - 19)
https://www.malwarebytes.com/blog/news/2023/03/a-week-in-security-march-13-19
2023-03-17 - Emotet Epoch 5 activity
https://malware.news/t/2023-03-17-emotet-epoch-5-activity/68004#post_1
Persistence – Service Control Manager
https://www.reddit.com/r/netsec/comments/11wn7vj/persistence_service_control_manager/
Find Threats in Event Logs with Hayabusa
https://www.reddit.com/r/netsec/comments/11x4gws/find_threats_in_event_logs_with_hayabusa/
Mispadu Banking Trojan Targets Latin America: 90,000+ Credentials Stolen
https://thehackernews.com/2023/03/mispadu-banking-trojan-targets-latin.html
7 guidelines for identifying and mitigating AI-enabled phishing campaigns
https://www.csoonline.com/article/3690418/7-guidelines-for-identifying-and-mitigating-ai-enabled-phishing-campaigns.html#tk.rss_all
Uncovering HinataBot: A Deep Dive into a Go-Based Threat
https://www.reddit.com/r/netsec/comments/11x4tra/uncovering_hinatabot_a_deep_dive_into_a_gobased/
From Phishing Kit To Telegram... or Not!, (Mon, Mar 20th)
https://isc.sans.edu/diary/rss/29650
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: ShellBot Malware Being Distributed to Linux SSH Servers
Posted by u/montouesto - No votes and no comments
Top Security News for 22/03/2023
Malware creator who compromised 10,000 computers arrested
https://www.malwarebytes.com/blog/news/2023/03/creator-of-rat-disguised-as-fake-game-application-arrested
9 attack surface discovery and management tools
https://www.csoonline.com/article/3691110/9-attack-surface-discovery-and-management-tools.html#tk.rss_all
Mitigating SSRF in 2023
https://www.reddit.com/r/netsec/comments/11ximoh/mitigating_ssrf_in_2023/
Cloud Native Data Loss Prevention: The Future of Data Security
https://thecyberwire.com/podcasts/uncovering-hidden-risks/7/notes
Hi I am new … also inquiry into getting help for some items
https://0x00sec.org/t/hi-i-am-new-also-inquiry-into-getting-help-for-some-items/34067
Burp Suite Enterprise Edition Power Tools: Unleashing the power to the command line, Python, and more
https://portswigger.net/blog/burp-suite-enterprise-edition-power-tools-unleashing-the-power-to-the-command-line-python-and-more
New 'Bad Magic' Cyber Threat Disrupt Ukraine's Key Sectors Amid War
https://thehackernews.com/2023/03/new-bad-magic-cyber-threat-disrupt.html
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/21-03-2023
From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022
https://thehackernews.com/2023/03/from-ransomware-to-cyber-espionage-55.html
Bluehat 2023: Android Malware Obfuscation (Laurie Kirk)
https://www.reddit.com/r/Malware/comments/11xvvd4/bluehat_2023_android_malware_obfuscation_laurie/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware creator who compromised 10,000 computers arrested
https://www.malwarebytes.com/blog/news/2023/03/creator-of-rat-disguised-as-fake-game-application-arrested
9 attack surface discovery and management tools
https://www.csoonline.com/article/3691110/9-attack-surface-discovery-and-management-tools.html#tk.rss_all
Mitigating SSRF in 2023
https://www.reddit.com/r/netsec/comments/11ximoh/mitigating_ssrf_in_2023/
Cloud Native Data Loss Prevention: The Future of Data Security
https://thecyberwire.com/podcasts/uncovering-hidden-risks/7/notes
Hi I am new … also inquiry into getting help for some items
https://0x00sec.org/t/hi-i-am-new-also-inquiry-into-getting-help-for-some-items/34067
Burp Suite Enterprise Edition Power Tools: Unleashing the power to the command line, Python, and more
https://portswigger.net/blog/burp-suite-enterprise-edition-power-tools-unleashing-the-power-to-the-command-line-python-and-more
New 'Bad Magic' Cyber Threat Disrupt Ukraine's Key Sectors Amid War
https://thehackernews.com/2023/03/new-bad-magic-cyber-threat-disrupt.html
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/21-03-2023
From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022
https://thehackernews.com/2023/03/from-ransomware-to-cyber-espionage-55.html
Bluehat 2023: Android Malware Obfuscation (Laurie Kirk)
https://www.reddit.com/r/Malware/comments/11xvvd4/bluehat_2023_android_malware_obfuscation_laurie/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Malware creator who compromised 10,000 computers arrested
We take a look at news of an arrest in Ukraine regarding the creator of a remote access trojan.
Top Security News for 23/03/2023
ChatGPT said that AI could hack the world! A DFIR analyst perspective.
https://www.reddit.com/r/netsec/comments/11ypcwj/chatgpt_said_that_ai_could_hack_the_world_a_dfir/
Landmark UK-Israeli agreement to boost mutual cybersecurity development, tackle shared threats
https://www.csoonline.com/article/3691138/landmark-uk-israeli-agreement-to-boost-mutual-cybersecurity-development-tackle-shared-threats.html#tk.rss_all
Google's AI Explains Google's Monopolistic Practices in Great Detail
https://www.vice.com/en_us/article/z3meyj/googles-ai-explains-googles-monopolistic-practices-in-great-detail
Brute Ratel Analysis
https://www.reddit.com/r/netsec/comments/11yvbxg/brute_ratel_analysis/
FCC Fines 15 Year-Old Pirate Radio Station in NYC $2 Million
https://www.vice.com/en_us/article/93k535/fcc-fines-15-year-old-nyc-pirate-radio-station-dollar2-million
BrandPost: Why intelligent privilege controls are essential for identity security
https://www.csoonline.com/article/3691014/why-intelligent-privilege-controls-are-essential-for-identity-security.html#tk.rss_all
Warning for Certification Solution (VestCert) Vulnerability and Update Recommendation
https://malware.news/t/warning-for-certification-solution-vestcert-vulnerability-and-update-recommendation/68068#post_1
Detecting Unlinked Windows Services with Volatility 3
https://www.reddit.com/r/netsec/comments/11yvnws/detecting_unlinked_windows_services_with/
YARA rule for rapid detection of PNG images affected by Acropalypse - CVE-2023-21036
https://www.reddit.com/r/netsec/comments/11ytm9k/yara_rule_for_rapid_detection_of_png_images/
Microsoft recognized as a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023
https://www.microsoft.com/en-us/security/blog/2023/03/22/microsoft-recognized-as-a-leader-in-the-forrester-wave-data-security-platforms-q1-2023/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ChatGPT said that AI could hack the world! A DFIR analyst perspective.
https://www.reddit.com/r/netsec/comments/11ypcwj/chatgpt_said_that_ai_could_hack_the_world_a_dfir/
Landmark UK-Israeli agreement to boost mutual cybersecurity development, tackle shared threats
https://www.csoonline.com/article/3691138/landmark-uk-israeli-agreement-to-boost-mutual-cybersecurity-development-tackle-shared-threats.html#tk.rss_all
Google's AI Explains Google's Monopolistic Practices in Great Detail
https://www.vice.com/en_us/article/z3meyj/googles-ai-explains-googles-monopolistic-practices-in-great-detail
Brute Ratel Analysis
https://www.reddit.com/r/netsec/comments/11yvbxg/brute_ratel_analysis/
FCC Fines 15 Year-Old Pirate Radio Station in NYC $2 Million
https://www.vice.com/en_us/article/93k535/fcc-fines-15-year-old-nyc-pirate-radio-station-dollar2-million
BrandPost: Why intelligent privilege controls are essential for identity security
https://www.csoonline.com/article/3691014/why-intelligent-privilege-controls-are-essential-for-identity-security.html#tk.rss_all
Warning for Certification Solution (VestCert) Vulnerability and Update Recommendation
https://malware.news/t/warning-for-certification-solution-vestcert-vulnerability-and-update-recommendation/68068#post_1
Detecting Unlinked Windows Services with Volatility 3
https://www.reddit.com/r/netsec/comments/11yvnws/detecting_unlinked_windows_services_with/
YARA rule for rapid detection of PNG images affected by Acropalypse - CVE-2023-21036
https://www.reddit.com/r/netsec/comments/11ytm9k/yara_rule_for_rapid_detection_of_png_images/
Microsoft recognized as a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023
https://www.microsoft.com/en-us/security/blog/2023/03/22/microsoft-recognized-as-a-leader-in-the-forrester-wave-data-security-platforms-q1-2023/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: ChatGPT said that AI could hack the world! A DFIR analyst perspective.
Posted by u/chaign_c - No votes and no comments
Top Security News for 24/03/2023
What could this hidden authorization token/cookie be?
https://0x00sec.org/t/what-could-this-hidden-authorization-token-cookie-be/34098
Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers
https://thehackernews.com/2023/03/operation-soft-cell-chinese-hackers.html
ISC StormCast for Friday, March 24th, 2023
https://isc.sans.edu/podcastdetail.html?id=8424
OneNote Malware Disguised as Compensation Form (Kimsuky)
https://malware.news/t/onenote-malware-disguised-as-compensation-form-kimsuky/68128#post_1
The National Cybersecurity Strategy teaches us that collaboration must reign supreme
https://malware.news/t/the-national-cybersecurity-strategy-teaches-us-that-collaboration-must-reign-supreme/68126#post_1
Microsoft continues to innovate to help secure small businesses
https://www.microsoft.com/en-us/security/blog/2023/03/23/microsoft-continues-to-innovate-to-help-secure-small-businesses/
TikTok goes to Washington. US lawmakers propose pilot programs to address cybersecurity staffing shortage.
https://thecyberwire.com/newsletters/policy-briefing/5/56
The technology challenges of national archives regulations.
https://thecyberwire.com/podcasts/caveat/165/notes
Critical flaw in AI testing framework MLflow can lead to server and data compromise
https://www.csoonline.com/article/3691612/critical-flaw-in-ai-testing-framework-mlflow-can-lead-to-server-and-data-compromise.html#tk.rss_all
How training and recognition can reduce cybersecurity stress and burnout
https://www.csoonline.com/article/3691649/how-training-and-recognition-can-reduce-cybersecurity-stress-and-burnout.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
What could this hidden authorization token/cookie be?
https://0x00sec.org/t/what-could-this-hidden-authorization-token-cookie-be/34098
Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers
https://thehackernews.com/2023/03/operation-soft-cell-chinese-hackers.html
ISC StormCast for Friday, March 24th, 2023
https://isc.sans.edu/podcastdetail.html?id=8424
OneNote Malware Disguised as Compensation Form (Kimsuky)
https://malware.news/t/onenote-malware-disguised-as-compensation-form-kimsuky/68128#post_1
The National Cybersecurity Strategy teaches us that collaboration must reign supreme
https://malware.news/t/the-national-cybersecurity-strategy-teaches-us-that-collaboration-must-reign-supreme/68126#post_1
Microsoft continues to innovate to help secure small businesses
https://www.microsoft.com/en-us/security/blog/2023/03/23/microsoft-continues-to-innovate-to-help-secure-small-businesses/
TikTok goes to Washington. US lawmakers propose pilot programs to address cybersecurity staffing shortage.
https://thecyberwire.com/newsletters/policy-briefing/5/56
The technology challenges of national archives regulations.
https://thecyberwire.com/podcasts/caveat/165/notes
Critical flaw in AI testing framework MLflow can lead to server and data compromise
https://www.csoonline.com/article/3691612/critical-flaw-in-ai-testing-framework-mlflow-can-lead-to-server-and-data-compromise.html#tk.rss_all
How training and recognition can reduce cybersecurity stress and burnout
https://www.csoonline.com/article/3691649/how-training-and-recognition-can-reduce-cybersecurity-stress-and-burnout.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
0x00sec - The Home of the Hacker
What could this hidden authorization token/cookie be?
Im not sure if this is a forum for only posting or also asking questions? Anyways there is this target in a BBP i was working on a while back, where there are one GET and one POST request if i remember correctly on this login form, where i found a authorization…
Top Security News for 25/03/2023
Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites
https://thehackernews.com/2023/03/critical-woocommerce-payments-plugin.html
Critical flaw in WooCommerce can be used to compromise WordPress websites
https://www.csoonline.com/article/3691637/critical-flaw-in-woocommerce-can-be-used-to-compromise-wordpress-websites.html#tk.rss_all
Researchers Uncover Chinese Nation State Hackers' Deceptive Attack Strategies
https://thehackernews.com/2023/03/researchers-uncover-chinese-nation.html
Guidance for investigating attacks using CVE-2023-23397
https://www.microsoft.com/en-us/security/blog/2023/03/24/guidance-for-investigating-attacks-using-cve-2023-23397/
Pwn2Own Vancouver 2023 Day 2: Microsoft Teams, Oracle VirtualBox, and Tesla hacked
https://securityaffairs.com/143950/hacking/pwn2own-vancouver-2023-day-2.html
Remote unauthenticated system and cloud takeover found in major AI tool
https://www.reddit.com/r/netsec/comments/120hymk/remote_unauthenticated_system_and_cloud_takeover/
THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
https://thehackernews.com/2023/03/thn-webinar-inside-high-risk-of-3rd.html
Data exposure at Kroger's prescription service. iD Tech breach. Incident a UK healthcare trust. Phishing trip. Cl0p update.
https://thecyberwire.com/podcasts/privacy-briefing/793/notes
How to Conduct a Physical Penetration Test + Tips
https://0x00sec.org/t/how-to-conduct-a-physical-penetration-test-tips/34132
New Attack Targets Online Customer Service Channels
https://securityintelligence.com/articles/new-attack-targets-online-customer-service-channels/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites
https://thehackernews.com/2023/03/critical-woocommerce-payments-plugin.html
Critical flaw in WooCommerce can be used to compromise WordPress websites
https://www.csoonline.com/article/3691637/critical-flaw-in-woocommerce-can-be-used-to-compromise-wordpress-websites.html#tk.rss_all
Researchers Uncover Chinese Nation State Hackers' Deceptive Attack Strategies
https://thehackernews.com/2023/03/researchers-uncover-chinese-nation.html
Guidance for investigating attacks using CVE-2023-23397
https://www.microsoft.com/en-us/security/blog/2023/03/24/guidance-for-investigating-attacks-using-cve-2023-23397/
Pwn2Own Vancouver 2023 Day 2: Microsoft Teams, Oracle VirtualBox, and Tesla hacked
https://securityaffairs.com/143950/hacking/pwn2own-vancouver-2023-day-2.html
Remote unauthenticated system and cloud takeover found in major AI tool
https://www.reddit.com/r/netsec/comments/120hymk/remote_unauthenticated_system_and_cloud_takeover/
THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
https://thehackernews.com/2023/03/thn-webinar-inside-high-risk-of-3rd.html
Data exposure at Kroger's prescription service. iD Tech breach. Incident a UK healthcare trust. Phishing trip. Cl0p update.
https://thecyberwire.com/podcasts/privacy-briefing/793/notes
How to Conduct a Physical Penetration Test + Tips
https://0x00sec.org/t/how-to-conduct-a-physical-penetration-test-tips/34132
New Attack Targets Online Customer Service Channels
https://securityintelligence.com/articles/new-attack-targets-online-customer-service-channels/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
Critical flaw in WooCommerce can be used to compromise WordPress websites
The vulnerability could allow unauthenticated administrative takeover of websites. WooCommerce has released an update.
👍1
Top Security News for 26/03/2023
USB bombs sent to news organizations
https://www.malwarebytes.com/blog/news/2023/03/5-news-stations-receive-explosive-usb-stick-letter-bombs
InjectGPT: remote code execution by asking nicely (literally)
https://www.reddit.com/r/netsec/comments/121gpay/injectgpt_remote_code_execution_by_asking_nicely/
Breaking Pedersen Hashes in Practice
https://www.reddit.com/r/netsec/comments/1227v2f/breaking_pedersen_hashes_in_practice/
ChatGPT leaks bits of users' chat history
https://malware.news/t/chatgpt-leaks-bits-of-users-chat-history/68153#post_1
Password Hash Leakage
https://malware.news/t/password-hash-leakage/68149#post_1
The "Why" Behind Tactics
https://malware.news/t/the-why-behind-tactics/68148#post_1
U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals
https://thehackernews.com/2023/03/uk-national-crime-agency-sets-up-fake.html
Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days
https://securityaffairs.com/144001/hacking/pwn2own-vancouver-2023-results.html
Tanya Janca: Find a community who supports you. [CEO]
https://thecyberwire.com/podcasts/career-notes/142/notes
ChatGPT leaks bits of users' chat history
https://www.malwarebytes.com/blog/news/2023/03/chatgpt-reveals-chat-history-of-other-users
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
USB bombs sent to news organizations
https://www.malwarebytes.com/blog/news/2023/03/5-news-stations-receive-explosive-usb-stick-letter-bombs
InjectGPT: remote code execution by asking nicely (literally)
https://www.reddit.com/r/netsec/comments/121gpay/injectgpt_remote_code_execution_by_asking_nicely/
Breaking Pedersen Hashes in Practice
https://www.reddit.com/r/netsec/comments/1227v2f/breaking_pedersen_hashes_in_practice/
ChatGPT leaks bits of users' chat history
https://malware.news/t/chatgpt-leaks-bits-of-users-chat-history/68153#post_1
Password Hash Leakage
https://malware.news/t/password-hash-leakage/68149#post_1
The "Why" Behind Tactics
https://malware.news/t/the-why-behind-tactics/68148#post_1
U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals
https://thehackernews.com/2023/03/uk-national-crime-agency-sets-up-fake.html
Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days
https://securityaffairs.com/144001/hacking/pwn2own-vancouver-2023-results.html
Tanya Janca: Find a community who supports you. [CEO]
https://thecyberwire.com/podcasts/career-notes/142/notes
ChatGPT leaks bits of users' chat history
https://www.malwarebytes.com/blog/news/2023/03/chatgpt-reveals-chat-history-of-other-users
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
USB bombs sent to news organizations
USB sticks repurposed as explosive devices provide a dramatic reminder of how little you know about unknown USB devices.
Top Security News for 27/03/2023
The rising trend of malicious packages in open source ecosystems | Snyk
https://www.reddit.com/r/netsec/comments/122eu5r/the_rising_trend_of_malicious_packages_in_open/
US threatens to ban TikTok unless Chinese owners divest
https://www.theguardian.com/technology/2023/mar/15/us-joe-biden-tiktok-ban-chinese-owners-divest
Extra: "String Obfuscation: Character Pair Reversal", (Sun, Mar 26th)
https://malware.news/t/extra-string-obfuscation-character-pair-reversal-sun-mar-26th/68156#post_1
Update: python-per-line.py version 0.0.10
https://malware.news/t/update-python-per-line-py-version-0-0-10/68154#post_1
shortest input that will trick GPT to reveal the secret key
https://www.reddit.com/r/netsec/comments/122ixvz/shortest_input_that_will_trick_gpt_to_reveal_the/
ISC StormCast for Monday, March 27th, 2023
https://isc.sans.edu/podcastdetail.html?id=8426
Exploit Development 101
https://0x00sec.org/t/exploit-development-101/34164
Monthly Threat Actor Group Intelligence Report, February 2023 (KOR)
https://malware.news/t/monthly-threat-actor-group-intelligence-report-february-2023-kor/68158#post_1
OpenAI: A Redis bug caused a recent ChatGPT data exposure incident
https://securityaffairs.com/144057/data-breach/openai-chatgpt-redis-bug-data-leak.html
Extra: "String Obfuscation: Character Pair Reversal", (Sun, Mar 26th)
https://isc.sans.edu/diary/rss/29656
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The rising trend of malicious packages in open source ecosystems | Snyk
https://www.reddit.com/r/netsec/comments/122eu5r/the_rising_trend_of_malicious_packages_in_open/
US threatens to ban TikTok unless Chinese owners divest
https://www.theguardian.com/technology/2023/mar/15/us-joe-biden-tiktok-ban-chinese-owners-divest
Extra: "String Obfuscation: Character Pair Reversal", (Sun, Mar 26th)
https://malware.news/t/extra-string-obfuscation-character-pair-reversal-sun-mar-26th/68156#post_1
Update: python-per-line.py version 0.0.10
https://malware.news/t/update-python-per-line-py-version-0-0-10/68154#post_1
shortest input that will trick GPT to reveal the secret key
https://www.reddit.com/r/netsec/comments/122ixvz/shortest_input_that_will_trick_gpt_to_reveal_the/
ISC StormCast for Monday, March 27th, 2023
https://isc.sans.edu/podcastdetail.html?id=8426
Exploit Development 101
https://0x00sec.org/t/exploit-development-101/34164
Monthly Threat Actor Group Intelligence Report, February 2023 (KOR)
https://malware.news/t/monthly-threat-actor-group-intelligence-report-february-2023-kor/68158#post_1
OpenAI: A Redis bug caused a recent ChatGPT data exposure incident
https://securityaffairs.com/144057/data-breach/openai-chatgpt-redis-bug-data-leak.html
Extra: "String Obfuscation: Character Pair Reversal", (Sun, Mar 26th)
https://isc.sans.edu/diary/rss/29656
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: The rising trend of malicious packages in open source ecosystems | Snyk
Posted by u/lirantal - No votes and no comments
Top Security News for 28/03/2023
20-Year-Old BreachForums Founder Faces Up to 5 Years in Prison
https://thehackernews.com/2023/03/20-year-old-breachforums-founder-faces.html
Adopting the CIS Controls Framework: The Biggest Benefits & Challenges - Joe Alapat, Matt Miller - CFH #14
https://malware.news/t/adopting-the-cis-controls-framework-the-biggest-benefits-challenges-joe-alapat-matt-miller-cfh-14/68197#post_1
GitHub accidentally exposes RSA SSH key
https://www.malwarebytes.com/blog/news/2023/03/github-changes-its-compromised-ssh-key
Another Malicious HTA File Analysis - Part 1, (Mon, Mar 27th)
https://isc.sans.edu/diary/rss/29674
Solving the password’s hardest problem with passkeys, featuring Anna Pobletts
https://www.malwarebytes.com/blog/podcast/2023/03/solving-the-passwords-hardest-problem-with-passkeys-featuring-anna-pobletts
Proposed TikTok ban legislation to move forward in House
https://malware.news/t/proposed-tiktok-ban-legislation-to-move-forward-in-house/68195#post_1
Watch a Coder Use ChatGPT on a Computer from 1984 Running DOS
https://www.vice.com/en_us/article/n7ewx7/watch-a-coder-use-chatgpt-on-a-computer-from-1984-running-dos
New OST2 class: "Vulnerabilities 1002: C-Family Software Implementation Vulnerabilities"
https://www.reddit.com/r/netsec/comments/123ldeb/new_ost2_class_vulnerabilities_1002_cfamily/
France bans TikTok, all social media apps from government devices
https://www.csoonline.com/article/3691710/france-bans-tiktok-all-social-media-apps-from-government-devices.html#tk.rss_all
Apple Issues Urgent Security Update for Older iOS and iPadOS Models
https://thehackernews.com/2023/03/apple-issues-urgent-security-update-for.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
20-Year-Old BreachForums Founder Faces Up to 5 Years in Prison
https://thehackernews.com/2023/03/20-year-old-breachforums-founder-faces.html
Adopting the CIS Controls Framework: The Biggest Benefits & Challenges - Joe Alapat, Matt Miller - CFH #14
https://malware.news/t/adopting-the-cis-controls-framework-the-biggest-benefits-challenges-joe-alapat-matt-miller-cfh-14/68197#post_1
GitHub accidentally exposes RSA SSH key
https://www.malwarebytes.com/blog/news/2023/03/github-changes-its-compromised-ssh-key
Another Malicious HTA File Analysis - Part 1, (Mon, Mar 27th)
https://isc.sans.edu/diary/rss/29674
Solving the password’s hardest problem with passkeys, featuring Anna Pobletts
https://www.malwarebytes.com/blog/podcast/2023/03/solving-the-passwords-hardest-problem-with-passkeys-featuring-anna-pobletts
Proposed TikTok ban legislation to move forward in House
https://malware.news/t/proposed-tiktok-ban-legislation-to-move-forward-in-house/68195#post_1
Watch a Coder Use ChatGPT on a Computer from 1984 Running DOS
https://www.vice.com/en_us/article/n7ewx7/watch-a-coder-use-chatgpt-on-a-computer-from-1984-running-dos
New OST2 class: "Vulnerabilities 1002: C-Family Software Implementation Vulnerabilities"
https://www.reddit.com/r/netsec/comments/123ldeb/new_ost2_class_vulnerabilities_1002_cfamily/
France bans TikTok, all social media apps from government devices
https://www.csoonline.com/article/3691710/france-bans-tiktok-all-social-media-apps-from-government-devices.html#tk.rss_all
Apple Issues Urgent Security Update for Older iOS and iPadOS Models
https://thehackernews.com/2023/03/apple-issues-urgent-security-update-for.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Adopting the CIS Controls Framework: The Biggest Benefits & Challenges - Joe Alapat, Matt Miller - CFH #14
Article Link: Adopting the CIS Controls Framework: The Biggest Benefits & Challenges – Joe Alapat, Matt Miller – CFH #14 | SC Media
Top Security News for 29/03/2023
Remote Employees: Update Your Routers (and More WFH IT Tips)
https://securityintelligence.com/articles/remote-employees-update-routers/
The curl quirk that exposed Burp Suite & Google Chrome
https://www.reddit.com/r/netsec/comments/124oq9m/the_curl_quirk_that_exposed_burp_suite_google/
5 ways to tell you are not CISO material
https://www.csoonline.com/article/3691772/5-ways-to-tell-you-are-not-ciso-material.html#tk.rss_all
President Biden Signs Executive Order Restricting Use of Commercial Spyware
https://thehackernews.com/2023/03/president-biden-signs-executive-order.html
ICS/OT Cybersecurity 2022 TXOne Annual Report Insights
https://malware.news/t/ics-ot-cybersecurity-2022-txone-annual-report-insights/68246#post_1
JSAC2023 -Day 2 Workshop-
https://malware.news/t/jsac2023-day-2-workshop/68244#post_1
Microsoft Office Outlook Vulnerability (CVE-2023-23397) Appearance and Manual Measure Guide
https://malware.news/t/microsoft-office-outlook-vulnerability-cve-2023-23397-appearance-and-manual-measure-guide/68241#post_1
Kimsuky Group Distributes Malware Disguised as Profile Template (GitHub)
https://malware.news/t/kimsuky-group-distributes-malware-disguised-as-profile-template-github/68242#post_1
ISC StormCast for Wednesday, March 29th, 2023
https://isc.sans.edu/podcastdetail.html?id=8430
Legacy, password-based authentication systems are failing enterprise security, says study
https://www.csoonline.com/article/3691781/legacy-password-based-authentication-systems-are-failing-enterprise-security-says-study.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Remote Employees: Update Your Routers (and More WFH IT Tips)
https://securityintelligence.com/articles/remote-employees-update-routers/
The curl quirk that exposed Burp Suite & Google Chrome
https://www.reddit.com/r/netsec/comments/124oq9m/the_curl_quirk_that_exposed_burp_suite_google/
5 ways to tell you are not CISO material
https://www.csoonline.com/article/3691772/5-ways-to-tell-you-are-not-ciso-material.html#tk.rss_all
President Biden Signs Executive Order Restricting Use of Commercial Spyware
https://thehackernews.com/2023/03/president-biden-signs-executive-order.html
ICS/OT Cybersecurity 2022 TXOne Annual Report Insights
https://malware.news/t/ics-ot-cybersecurity-2022-txone-annual-report-insights/68246#post_1
JSAC2023 -Day 2 Workshop-
https://malware.news/t/jsac2023-day-2-workshop/68244#post_1
Microsoft Office Outlook Vulnerability (CVE-2023-23397) Appearance and Manual Measure Guide
https://malware.news/t/microsoft-office-outlook-vulnerability-cve-2023-23397-appearance-and-manual-measure-guide/68241#post_1
Kimsuky Group Distributes Malware Disguised as Profile Template (GitHub)
https://malware.news/t/kimsuky-group-distributes-malware-disguised-as-profile-template-github/68242#post_1
ISC StormCast for Wednesday, March 29th, 2023
https://isc.sans.edu/podcastdetail.html?id=8430
Legacy, password-based authentication systems are failing enterprise security, says study
https://www.csoonline.com/article/3691781/legacy-password-based-authentication-systems-are-failing-enterprise-security-says-study.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Intelligence
Remote Employees: Update Your Routers (and More WFH IT Tips)
In the era of working from home, it's important for businesses to consider cybersecurity in regard to their remote employees.
Top Security News for 30/03/2023
QNAP fixed Sudo privilege escalation bug in NAS devices
https://securityaffairs.com/144200/security/qnap-sudo-flaw.html
Latitude Financial data breach hits more customers than previously thought
https://malware.news/t/latitude-financial-data-breach-hits-more-customers-than-previously-thought/68284#post_1
The Intersection of Apple’s USB Lower Filter and iPhone-WPD Integration
https://www.reddit.com/r/netsec/comments/125zi5o/the_intersection_of_apples_usb_lower_filter_and/
US Federal agencies banned from using foreign spyware
https://malware.news/t/us-federal-agencies-banned-from-using-foreign-spyware/68290#post_1
Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices
https://thehackernews.com/2023/03/spyware-vendors-caught-exploiting-zero.html
How to Build a Research Lab for Reverse Engineering — 4 Ways
https://thehackernews.com/2023/03/how-to-build-research-lab-for-reverse.html
Spyware vendors use 0-days and n-days against popular platforms
https://www.reddit.com/r/netsec/comments/125oxbl/spyware_vendors_use_0days_and_ndays_against/
🔒Beyond Firmware Encryption: Enhancing Embedded Device Security
https://www.reddit.com/r/netsec/comments/125nqvq/beyond_firmware_encryption_enhancing_embedded/
Managing security in the cloud through Microsoft Intune
https://www.csoonline.com/article/3691793/managing-security-in-the-cloud-through-microsoft-intune.html#tk.rss_all
"Log-out king" Instagram scammer gets accounts taken down, then charges to reinstate them
https://www.malwarebytes.com/blog/news/2023/03/log-out-king-instagram-scammer-gets-accounts-taken-down-then-charges-to-reinstate-them
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
QNAP fixed Sudo privilege escalation bug in NAS devices
https://securityaffairs.com/144200/security/qnap-sudo-flaw.html
Latitude Financial data breach hits more customers than previously thought
https://malware.news/t/latitude-financial-data-breach-hits-more-customers-than-previously-thought/68284#post_1
The Intersection of Apple’s USB Lower Filter and iPhone-WPD Integration
https://www.reddit.com/r/netsec/comments/125zi5o/the_intersection_of_apples_usb_lower_filter_and/
US Federal agencies banned from using foreign spyware
https://malware.news/t/us-federal-agencies-banned-from-using-foreign-spyware/68290#post_1
Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices
https://thehackernews.com/2023/03/spyware-vendors-caught-exploiting-zero.html
How to Build a Research Lab for Reverse Engineering — 4 Ways
https://thehackernews.com/2023/03/how-to-build-research-lab-for-reverse.html
Spyware vendors use 0-days and n-days against popular platforms
https://www.reddit.com/r/netsec/comments/125oxbl/spyware_vendors_use_0days_and_ndays_against/
🔒Beyond Firmware Encryption: Enhancing Embedded Device Security
https://www.reddit.com/r/netsec/comments/125nqvq/beyond_firmware_encryption_enhancing_embedded/
Managing security in the cloud through Microsoft Intune
https://www.csoonline.com/article/3691793/managing-security-in-the-cloud-through-microsoft-intune.html#tk.rss_all
"Log-out king" Instagram scammer gets accounts taken down, then charges to reinstate them
https://www.malwarebytes.com/blog/news/2023/03/log-out-king-instagram-scammer-gets-accounts-taken-down-then-charges-to-reinstate-them
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
QNAP fixed Sudo privilege escalation bug in NAS devices
Taiwanese vendor QNAP warns customers to patch a high-severity Sudo privilege escalation bug affecting network-attached storage (NAS) devices.
Top Security News for 31/03/2023
Revisiting Heaven's Gate with Lumma Stealer
https://www.reddit.com/r/netsec/comments/126o0hv/revisiting_heavens_gate_with_lumma_stealer/
'He Would Still Be Here': Man Dies by Suicide After Talking with AI Chatbot, Widow Says
https://www.vice.com/en_us/article/pkadgm/man-dies-by-suicide-after-talking-with-ai-chatbot-widow-says
Latest Microsoft Entra advancements strengthen identity security
https://www.microsoft.com/en-us/security/blog/2023/03/30/latest-microsoft-entra-advancements-strengthen-identity-security/
X-Force Prevents Zero Day from Going Anywhere
https://securityintelligence.com/posts/x-force-prevents-zero-day-from-going-anywhere/
We scanned every NPM and PyPI package for malware with ChatGPT
https://www.reddit.com/r/netsec/comments/12747u0/we_scanned_every_npm_and_pypi_package_for_malware/
With KEYPLUG, China’s RedGolf Spies On, Steals From Wide Field of Targets
https://www.reddit.com/r/netsec/comments/126lk1v/with_keyplug_chinas_redgolf_spies_on_steals_from/
‘Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics
https://www.theguardian.com/technology/2023/mar/30/vulkan-files-leak-reveals-putins-global-and-domestic-cyberwarfare-tactics
ISC StormCast for Friday, March 31st, 2023
https://isc.sans.edu/podcastdetail.html?id=8434
New: Burp Suite Enterprise Edition Unlimited pricing
https://portswigger.net/blog/new-burp-suite-enterprise-edition-unlimited-pricing
Medical data exposed in latest GoAnywhere hack. Toyota Italy accidentally leaks (phishing) fuel. Meriton becomes latest Australian company targeted by hackers.
https://thecyberwire.com/podcasts/privacy-briefing/497/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Revisiting Heaven's Gate with Lumma Stealer
https://www.reddit.com/r/netsec/comments/126o0hv/revisiting_heavens_gate_with_lumma_stealer/
'He Would Still Be Here': Man Dies by Suicide After Talking with AI Chatbot, Widow Says
https://www.vice.com/en_us/article/pkadgm/man-dies-by-suicide-after-talking-with-ai-chatbot-widow-says
Latest Microsoft Entra advancements strengthen identity security
https://www.microsoft.com/en-us/security/blog/2023/03/30/latest-microsoft-entra-advancements-strengthen-identity-security/
X-Force Prevents Zero Day from Going Anywhere
https://securityintelligence.com/posts/x-force-prevents-zero-day-from-going-anywhere/
We scanned every NPM and PyPI package for malware with ChatGPT
https://www.reddit.com/r/netsec/comments/12747u0/we_scanned_every_npm_and_pypi_package_for_malware/
With KEYPLUG, China’s RedGolf Spies On, Steals From Wide Field of Targets
https://www.reddit.com/r/netsec/comments/126lk1v/with_keyplug_chinas_redgolf_spies_on_steals_from/
‘Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics
https://www.theguardian.com/technology/2023/mar/30/vulkan-files-leak-reveals-putins-global-and-domestic-cyberwarfare-tactics
ISC StormCast for Friday, March 31st, 2023
https://isc.sans.edu/podcastdetail.html?id=8434
New: Burp Suite Enterprise Edition Unlimited pricing
https://portswigger.net/blog/new-burp-suite-enterprise-edition-unlimited-pricing
Medical data exposed in latest GoAnywhere hack. Toyota Italy accidentally leaks (phishing) fuel. Meriton becomes latest Australian company targeted by hackers.
https://thecyberwire.com/podcasts/privacy-briefing/497/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Revisiting Heaven's Gate with Lumma Stealer
Explore this post and more from the netsec community
Top Security News for 01/04/2023
Russian APT group Winter Vivern targets email portals of NATO and diplomats
https://securityaffairs.com/144263/intelligence/winter-vivern-email-portals-nato.html
3 tips to raise your backup game
https://www.malwarebytes.com/blog/news/2023/03/3-things-you-should-do-on-world-backup-day
Any antivirus related software automatically closes right after I open it
https://www.reddit.com/r/Malware/comments/12819jk/any_antivirus_related_software_automatically/
BOB DYLAN'S LOST SONG ABOUT HACKERS
https://www.2600.com/content/bob-dylans-lost-song-about-hackers
Hackers Exploiting WordPress Elementor Pro Vulnerability: Millions of Sites at Risk!
https://thehackernews.com/2023/04/hackers-exploiting-wordpress-elementor.html
2023-03-31 - Qakbot (Qbot), obama247 distribution tag
https://malware.news/t/2023-03-31-qakbot-qbot-obama247-distribution-tag/68368#post_1
It’s hunting season for tax fraudsters. Judge rules against class action lawsuit for CareFirst breach. Top FBI official speaks out in support of Section 702.
https://thecyberwire.com/newsletters/privacy-briefing/5/62
3CX Supply Chain Attack Campaign
https://malware.news/t/3cx-supply-chain-attack-campaign/68365#post_1
A glimpse into Mr. Putin’s cyber war room. 3CXDesktopAppsupply chain risk. XSS flaw in Azure SFX can lead to remote code execution. AlienFox targets misconfigured servers.
https://thecyberwire.com/podcasts/daily-podcast/1792/notes
THE 28TH AMENDMENT TO THE UNITED STATES CONSTITUTION
https://www.2600.com/content/28th-amendment-united-states-constitution
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Russian APT group Winter Vivern targets email portals of NATO and diplomats
https://securityaffairs.com/144263/intelligence/winter-vivern-email-portals-nato.html
3 tips to raise your backup game
https://www.malwarebytes.com/blog/news/2023/03/3-things-you-should-do-on-world-backup-day
Any antivirus related software automatically closes right after I open it
https://www.reddit.com/r/Malware/comments/12819jk/any_antivirus_related_software_automatically/
BOB DYLAN'S LOST SONG ABOUT HACKERS
https://www.2600.com/content/bob-dylans-lost-song-about-hackers
Hackers Exploiting WordPress Elementor Pro Vulnerability: Millions of Sites at Risk!
https://thehackernews.com/2023/04/hackers-exploiting-wordpress-elementor.html
2023-03-31 - Qakbot (Qbot), obama247 distribution tag
https://malware.news/t/2023-03-31-qakbot-qbot-obama247-distribution-tag/68368#post_1
It’s hunting season for tax fraudsters. Judge rules against class action lawsuit for CareFirst breach. Top FBI official speaks out in support of Section 702.
https://thecyberwire.com/newsletters/privacy-briefing/5/62
3CX Supply Chain Attack Campaign
https://malware.news/t/3cx-supply-chain-attack-campaign/68365#post_1
A glimpse into Mr. Putin’s cyber war room. 3CXDesktopAppsupply chain risk. XSS flaw in Azure SFX can lead to remote code execution. AlienFox targets misconfigured servers.
https://thecyberwire.com/podcasts/daily-podcast/1792/notes
THE 28TH AMENDMENT TO THE UNITED STATES CONSTITUTION
https://www.2600.com/content/28th-amendment-united-states-constitution
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Russian APT group Winter Vivern targets email portals of NATO and diplomats
Russian hacking group Winter Vivern has been actively exploiting Zimbra flaws to steal the emails of NATO and diplomats.