Top Security News for 21/03/2023
ShellBot Malware Being Distributed to Linux SSH Servers
https://www.reddit.com/r/netsec/comments/11x4rvs/shellbot_malware_being_distributed_to_linux_ssh/
DataSurgeon – Extract Sensitive Information (PII) From Logs
https://www.darknet.org.uk/2023/03/datasurgeon-extract-sensitive-information-pii-from-logs/
A week in security (March 13 - 19)
https://www.malwarebytes.com/blog/news/2023/03/a-week-in-security-march-13-19
2023-03-17 - Emotet Epoch 5 activity
https://malware.news/t/2023-03-17-emotet-epoch-5-activity/68004#post_1
Persistence – Service Control Manager
https://www.reddit.com/r/netsec/comments/11wn7vj/persistence_service_control_manager/
Find Threats in Event Logs with Hayabusa
https://www.reddit.com/r/netsec/comments/11x4gws/find_threats_in_event_logs_with_hayabusa/
Mispadu Banking Trojan Targets Latin America: 90,000+ Credentials Stolen
https://thehackernews.com/2023/03/mispadu-banking-trojan-targets-latin.html
7 guidelines for identifying and mitigating AI-enabled phishing campaigns
https://www.csoonline.com/article/3690418/7-guidelines-for-identifying-and-mitigating-ai-enabled-phishing-campaigns.html#tk.rss_all
Uncovering HinataBot: A Deep Dive into a Go-Based Threat
https://www.reddit.com/r/netsec/comments/11x4tra/uncovering_hinatabot_a_deep_dive_into_a_gobased/
From Phishing Kit To Telegram... or Not!, (Mon, Mar 20th)
https://isc.sans.edu/diary/rss/29650
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ShellBot Malware Being Distributed to Linux SSH Servers
https://www.reddit.com/r/netsec/comments/11x4rvs/shellbot_malware_being_distributed_to_linux_ssh/
DataSurgeon – Extract Sensitive Information (PII) From Logs
https://www.darknet.org.uk/2023/03/datasurgeon-extract-sensitive-information-pii-from-logs/
A week in security (March 13 - 19)
https://www.malwarebytes.com/blog/news/2023/03/a-week-in-security-march-13-19
2023-03-17 - Emotet Epoch 5 activity
https://malware.news/t/2023-03-17-emotet-epoch-5-activity/68004#post_1
Persistence – Service Control Manager
https://www.reddit.com/r/netsec/comments/11wn7vj/persistence_service_control_manager/
Find Threats in Event Logs with Hayabusa
https://www.reddit.com/r/netsec/comments/11x4gws/find_threats_in_event_logs_with_hayabusa/
Mispadu Banking Trojan Targets Latin America: 90,000+ Credentials Stolen
https://thehackernews.com/2023/03/mispadu-banking-trojan-targets-latin.html
7 guidelines for identifying and mitigating AI-enabled phishing campaigns
https://www.csoonline.com/article/3690418/7-guidelines-for-identifying-and-mitigating-ai-enabled-phishing-campaigns.html#tk.rss_all
Uncovering HinataBot: A Deep Dive into a Go-Based Threat
https://www.reddit.com/r/netsec/comments/11x4tra/uncovering_hinatabot_a_deep_dive_into_a_gobased/
From Phishing Kit To Telegram... or Not!, (Mon, Mar 20th)
https://isc.sans.edu/diary/rss/29650
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: ShellBot Malware Being Distributed to Linux SSH Servers
Posted by u/montouesto - No votes and no comments
Top Security News for 22/03/2023
Malware creator who compromised 10,000 computers arrested
https://www.malwarebytes.com/blog/news/2023/03/creator-of-rat-disguised-as-fake-game-application-arrested
9 attack surface discovery and management tools
https://www.csoonline.com/article/3691110/9-attack-surface-discovery-and-management-tools.html#tk.rss_all
Mitigating SSRF in 2023
https://www.reddit.com/r/netsec/comments/11ximoh/mitigating_ssrf_in_2023/
Cloud Native Data Loss Prevention: The Future of Data Security
https://thecyberwire.com/podcasts/uncovering-hidden-risks/7/notes
Hi I am new … also inquiry into getting help for some items
https://0x00sec.org/t/hi-i-am-new-also-inquiry-into-getting-help-for-some-items/34067
Burp Suite Enterprise Edition Power Tools: Unleashing the power to the command line, Python, and more
https://portswigger.net/blog/burp-suite-enterprise-edition-power-tools-unleashing-the-power-to-the-command-line-python-and-more
New 'Bad Magic' Cyber Threat Disrupt Ukraine's Key Sectors Amid War
https://thehackernews.com/2023/03/new-bad-magic-cyber-threat-disrupt.html
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/21-03-2023
From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022
https://thehackernews.com/2023/03/from-ransomware-to-cyber-espionage-55.html
Bluehat 2023: Android Malware Obfuscation (Laurie Kirk)
https://www.reddit.com/r/Malware/comments/11xvvd4/bluehat_2023_android_malware_obfuscation_laurie/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware creator who compromised 10,000 computers arrested
https://www.malwarebytes.com/blog/news/2023/03/creator-of-rat-disguised-as-fake-game-application-arrested
9 attack surface discovery and management tools
https://www.csoonline.com/article/3691110/9-attack-surface-discovery-and-management-tools.html#tk.rss_all
Mitigating SSRF in 2023
https://www.reddit.com/r/netsec/comments/11ximoh/mitigating_ssrf_in_2023/
Cloud Native Data Loss Prevention: The Future of Data Security
https://thecyberwire.com/podcasts/uncovering-hidden-risks/7/notes
Hi I am new … also inquiry into getting help for some items
https://0x00sec.org/t/hi-i-am-new-also-inquiry-into-getting-help-for-some-items/34067
Burp Suite Enterprise Edition Power Tools: Unleashing the power to the command line, Python, and more
https://portswigger.net/blog/burp-suite-enterprise-edition-power-tools-unleashing-the-power-to-the-command-line-python-and-more
New 'Bad Magic' Cyber Threat Disrupt Ukraine's Key Sectors Amid War
https://thehackernews.com/2023/03/new-bad-magic-cyber-threat-disrupt.html
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/21-03-2023
From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022
https://thehackernews.com/2023/03/from-ransomware-to-cyber-espionage-55.html
Bluehat 2023: Android Malware Obfuscation (Laurie Kirk)
https://www.reddit.com/r/Malware/comments/11xvvd4/bluehat_2023_android_malware_obfuscation_laurie/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Malware creator who compromised 10,000 computers arrested
We take a look at news of an arrest in Ukraine regarding the creator of a remote access trojan.
Top Security News for 23/03/2023
ChatGPT said that AI could hack the world! A DFIR analyst perspective.
https://www.reddit.com/r/netsec/comments/11ypcwj/chatgpt_said_that_ai_could_hack_the_world_a_dfir/
Landmark UK-Israeli agreement to boost mutual cybersecurity development, tackle shared threats
https://www.csoonline.com/article/3691138/landmark-uk-israeli-agreement-to-boost-mutual-cybersecurity-development-tackle-shared-threats.html#tk.rss_all
Google's AI Explains Google's Monopolistic Practices in Great Detail
https://www.vice.com/en_us/article/z3meyj/googles-ai-explains-googles-monopolistic-practices-in-great-detail
Brute Ratel Analysis
https://www.reddit.com/r/netsec/comments/11yvbxg/brute_ratel_analysis/
FCC Fines 15 Year-Old Pirate Radio Station in NYC $2 Million
https://www.vice.com/en_us/article/93k535/fcc-fines-15-year-old-nyc-pirate-radio-station-dollar2-million
BrandPost: Why intelligent privilege controls are essential for identity security
https://www.csoonline.com/article/3691014/why-intelligent-privilege-controls-are-essential-for-identity-security.html#tk.rss_all
Warning for Certification Solution (VestCert) Vulnerability and Update Recommendation
https://malware.news/t/warning-for-certification-solution-vestcert-vulnerability-and-update-recommendation/68068#post_1
Detecting Unlinked Windows Services with Volatility 3
https://www.reddit.com/r/netsec/comments/11yvnws/detecting_unlinked_windows_services_with/
YARA rule for rapid detection of PNG images affected by Acropalypse - CVE-2023-21036
https://www.reddit.com/r/netsec/comments/11ytm9k/yara_rule_for_rapid_detection_of_png_images/
Microsoft recognized as a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023
https://www.microsoft.com/en-us/security/blog/2023/03/22/microsoft-recognized-as-a-leader-in-the-forrester-wave-data-security-platforms-q1-2023/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ChatGPT said that AI could hack the world! A DFIR analyst perspective.
https://www.reddit.com/r/netsec/comments/11ypcwj/chatgpt_said_that_ai_could_hack_the_world_a_dfir/
Landmark UK-Israeli agreement to boost mutual cybersecurity development, tackle shared threats
https://www.csoonline.com/article/3691138/landmark-uk-israeli-agreement-to-boost-mutual-cybersecurity-development-tackle-shared-threats.html#tk.rss_all
Google's AI Explains Google's Monopolistic Practices in Great Detail
https://www.vice.com/en_us/article/z3meyj/googles-ai-explains-googles-monopolistic-practices-in-great-detail
Brute Ratel Analysis
https://www.reddit.com/r/netsec/comments/11yvbxg/brute_ratel_analysis/
FCC Fines 15 Year-Old Pirate Radio Station in NYC $2 Million
https://www.vice.com/en_us/article/93k535/fcc-fines-15-year-old-nyc-pirate-radio-station-dollar2-million
BrandPost: Why intelligent privilege controls are essential for identity security
https://www.csoonline.com/article/3691014/why-intelligent-privilege-controls-are-essential-for-identity-security.html#tk.rss_all
Warning for Certification Solution (VestCert) Vulnerability and Update Recommendation
https://malware.news/t/warning-for-certification-solution-vestcert-vulnerability-and-update-recommendation/68068#post_1
Detecting Unlinked Windows Services with Volatility 3
https://www.reddit.com/r/netsec/comments/11yvnws/detecting_unlinked_windows_services_with/
YARA rule for rapid detection of PNG images affected by Acropalypse - CVE-2023-21036
https://www.reddit.com/r/netsec/comments/11ytm9k/yara_rule_for_rapid_detection_of_png_images/
Microsoft recognized as a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023
https://www.microsoft.com/en-us/security/blog/2023/03/22/microsoft-recognized-as-a-leader-in-the-forrester-wave-data-security-platforms-q1-2023/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: ChatGPT said that AI could hack the world! A DFIR analyst perspective.
Posted by u/chaign_c - No votes and no comments
Top Security News for 24/03/2023
What could this hidden authorization token/cookie be?
https://0x00sec.org/t/what-could-this-hidden-authorization-token-cookie-be/34098
Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers
https://thehackernews.com/2023/03/operation-soft-cell-chinese-hackers.html
ISC StormCast for Friday, March 24th, 2023
https://isc.sans.edu/podcastdetail.html?id=8424
OneNote Malware Disguised as Compensation Form (Kimsuky)
https://malware.news/t/onenote-malware-disguised-as-compensation-form-kimsuky/68128#post_1
The National Cybersecurity Strategy teaches us that collaboration must reign supreme
https://malware.news/t/the-national-cybersecurity-strategy-teaches-us-that-collaboration-must-reign-supreme/68126#post_1
Microsoft continues to innovate to help secure small businesses
https://www.microsoft.com/en-us/security/blog/2023/03/23/microsoft-continues-to-innovate-to-help-secure-small-businesses/
TikTok goes to Washington. US lawmakers propose pilot programs to address cybersecurity staffing shortage.
https://thecyberwire.com/newsletters/policy-briefing/5/56
The technology challenges of national archives regulations.
https://thecyberwire.com/podcasts/caveat/165/notes
Critical flaw in AI testing framework MLflow can lead to server and data compromise
https://www.csoonline.com/article/3691612/critical-flaw-in-ai-testing-framework-mlflow-can-lead-to-server-and-data-compromise.html#tk.rss_all
How training and recognition can reduce cybersecurity stress and burnout
https://www.csoonline.com/article/3691649/how-training-and-recognition-can-reduce-cybersecurity-stress-and-burnout.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
What could this hidden authorization token/cookie be?
https://0x00sec.org/t/what-could-this-hidden-authorization-token-cookie-be/34098
Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers
https://thehackernews.com/2023/03/operation-soft-cell-chinese-hackers.html
ISC StormCast for Friday, March 24th, 2023
https://isc.sans.edu/podcastdetail.html?id=8424
OneNote Malware Disguised as Compensation Form (Kimsuky)
https://malware.news/t/onenote-malware-disguised-as-compensation-form-kimsuky/68128#post_1
The National Cybersecurity Strategy teaches us that collaboration must reign supreme
https://malware.news/t/the-national-cybersecurity-strategy-teaches-us-that-collaboration-must-reign-supreme/68126#post_1
Microsoft continues to innovate to help secure small businesses
https://www.microsoft.com/en-us/security/blog/2023/03/23/microsoft-continues-to-innovate-to-help-secure-small-businesses/
TikTok goes to Washington. US lawmakers propose pilot programs to address cybersecurity staffing shortage.
https://thecyberwire.com/newsletters/policy-briefing/5/56
The technology challenges of national archives regulations.
https://thecyberwire.com/podcasts/caveat/165/notes
Critical flaw in AI testing framework MLflow can lead to server and data compromise
https://www.csoonline.com/article/3691612/critical-flaw-in-ai-testing-framework-mlflow-can-lead-to-server-and-data-compromise.html#tk.rss_all
How training and recognition can reduce cybersecurity stress and burnout
https://www.csoonline.com/article/3691649/how-training-and-recognition-can-reduce-cybersecurity-stress-and-burnout.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
0x00sec - The Home of the Hacker
What could this hidden authorization token/cookie be?
Im not sure if this is a forum for only posting or also asking questions? Anyways there is this target in a BBP i was working on a while back, where there are one GET and one POST request if i remember correctly on this login form, where i found a authorization…
Top Security News for 25/03/2023
Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites
https://thehackernews.com/2023/03/critical-woocommerce-payments-plugin.html
Critical flaw in WooCommerce can be used to compromise WordPress websites
https://www.csoonline.com/article/3691637/critical-flaw-in-woocommerce-can-be-used-to-compromise-wordpress-websites.html#tk.rss_all
Researchers Uncover Chinese Nation State Hackers' Deceptive Attack Strategies
https://thehackernews.com/2023/03/researchers-uncover-chinese-nation.html
Guidance for investigating attacks using CVE-2023-23397
https://www.microsoft.com/en-us/security/blog/2023/03/24/guidance-for-investigating-attacks-using-cve-2023-23397/
Pwn2Own Vancouver 2023 Day 2: Microsoft Teams, Oracle VirtualBox, and Tesla hacked
https://securityaffairs.com/143950/hacking/pwn2own-vancouver-2023-day-2.html
Remote unauthenticated system and cloud takeover found in major AI tool
https://www.reddit.com/r/netsec/comments/120hymk/remote_unauthenticated_system_and_cloud_takeover/
THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
https://thehackernews.com/2023/03/thn-webinar-inside-high-risk-of-3rd.html
Data exposure at Kroger's prescription service. iD Tech breach. Incident a UK healthcare trust. Phishing trip. Cl0p update.
https://thecyberwire.com/podcasts/privacy-briefing/793/notes
How to Conduct a Physical Penetration Test + Tips
https://0x00sec.org/t/how-to-conduct-a-physical-penetration-test-tips/34132
New Attack Targets Online Customer Service Channels
https://securityintelligence.com/articles/new-attack-targets-online-customer-service-channels/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites
https://thehackernews.com/2023/03/critical-woocommerce-payments-plugin.html
Critical flaw in WooCommerce can be used to compromise WordPress websites
https://www.csoonline.com/article/3691637/critical-flaw-in-woocommerce-can-be-used-to-compromise-wordpress-websites.html#tk.rss_all
Researchers Uncover Chinese Nation State Hackers' Deceptive Attack Strategies
https://thehackernews.com/2023/03/researchers-uncover-chinese-nation.html
Guidance for investigating attacks using CVE-2023-23397
https://www.microsoft.com/en-us/security/blog/2023/03/24/guidance-for-investigating-attacks-using-cve-2023-23397/
Pwn2Own Vancouver 2023 Day 2: Microsoft Teams, Oracle VirtualBox, and Tesla hacked
https://securityaffairs.com/143950/hacking/pwn2own-vancouver-2023-day-2.html
Remote unauthenticated system and cloud takeover found in major AI tool
https://www.reddit.com/r/netsec/comments/120hymk/remote_unauthenticated_system_and_cloud_takeover/
THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
https://thehackernews.com/2023/03/thn-webinar-inside-high-risk-of-3rd.html
Data exposure at Kroger's prescription service. iD Tech breach. Incident a UK healthcare trust. Phishing trip. Cl0p update.
https://thecyberwire.com/podcasts/privacy-briefing/793/notes
How to Conduct a Physical Penetration Test + Tips
https://0x00sec.org/t/how-to-conduct-a-physical-penetration-test-tips/34132
New Attack Targets Online Customer Service Channels
https://securityintelligence.com/articles/new-attack-targets-online-customer-service-channels/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
Critical flaw in WooCommerce can be used to compromise WordPress websites
The vulnerability could allow unauthenticated administrative takeover of websites. WooCommerce has released an update.
👍1
Top Security News for 26/03/2023
USB bombs sent to news organizations
https://www.malwarebytes.com/blog/news/2023/03/5-news-stations-receive-explosive-usb-stick-letter-bombs
InjectGPT: remote code execution by asking nicely (literally)
https://www.reddit.com/r/netsec/comments/121gpay/injectgpt_remote_code_execution_by_asking_nicely/
Breaking Pedersen Hashes in Practice
https://www.reddit.com/r/netsec/comments/1227v2f/breaking_pedersen_hashes_in_practice/
ChatGPT leaks bits of users' chat history
https://malware.news/t/chatgpt-leaks-bits-of-users-chat-history/68153#post_1
Password Hash Leakage
https://malware.news/t/password-hash-leakage/68149#post_1
The "Why" Behind Tactics
https://malware.news/t/the-why-behind-tactics/68148#post_1
U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals
https://thehackernews.com/2023/03/uk-national-crime-agency-sets-up-fake.html
Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days
https://securityaffairs.com/144001/hacking/pwn2own-vancouver-2023-results.html
Tanya Janca: Find a community who supports you. [CEO]
https://thecyberwire.com/podcasts/career-notes/142/notes
ChatGPT leaks bits of users' chat history
https://www.malwarebytes.com/blog/news/2023/03/chatgpt-reveals-chat-history-of-other-users
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
USB bombs sent to news organizations
https://www.malwarebytes.com/blog/news/2023/03/5-news-stations-receive-explosive-usb-stick-letter-bombs
InjectGPT: remote code execution by asking nicely (literally)
https://www.reddit.com/r/netsec/comments/121gpay/injectgpt_remote_code_execution_by_asking_nicely/
Breaking Pedersen Hashes in Practice
https://www.reddit.com/r/netsec/comments/1227v2f/breaking_pedersen_hashes_in_practice/
ChatGPT leaks bits of users' chat history
https://malware.news/t/chatgpt-leaks-bits-of-users-chat-history/68153#post_1
Password Hash Leakage
https://malware.news/t/password-hash-leakage/68149#post_1
The "Why" Behind Tactics
https://malware.news/t/the-why-behind-tactics/68148#post_1
U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals
https://thehackernews.com/2023/03/uk-national-crime-agency-sets-up-fake.html
Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days
https://securityaffairs.com/144001/hacking/pwn2own-vancouver-2023-results.html
Tanya Janca: Find a community who supports you. [CEO]
https://thecyberwire.com/podcasts/career-notes/142/notes
ChatGPT leaks bits of users' chat history
https://www.malwarebytes.com/blog/news/2023/03/chatgpt-reveals-chat-history-of-other-users
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
USB bombs sent to news organizations
USB sticks repurposed as explosive devices provide a dramatic reminder of how little you know about unknown USB devices.
Top Security News for 27/03/2023
The rising trend of malicious packages in open source ecosystems | Snyk
https://www.reddit.com/r/netsec/comments/122eu5r/the_rising_trend_of_malicious_packages_in_open/
US threatens to ban TikTok unless Chinese owners divest
https://www.theguardian.com/technology/2023/mar/15/us-joe-biden-tiktok-ban-chinese-owners-divest
Extra: "String Obfuscation: Character Pair Reversal", (Sun, Mar 26th)
https://malware.news/t/extra-string-obfuscation-character-pair-reversal-sun-mar-26th/68156#post_1
Update: python-per-line.py version 0.0.10
https://malware.news/t/update-python-per-line-py-version-0-0-10/68154#post_1
shortest input that will trick GPT to reveal the secret key
https://www.reddit.com/r/netsec/comments/122ixvz/shortest_input_that_will_trick_gpt_to_reveal_the/
ISC StormCast for Monday, March 27th, 2023
https://isc.sans.edu/podcastdetail.html?id=8426
Exploit Development 101
https://0x00sec.org/t/exploit-development-101/34164
Monthly Threat Actor Group Intelligence Report, February 2023 (KOR)
https://malware.news/t/monthly-threat-actor-group-intelligence-report-february-2023-kor/68158#post_1
OpenAI: A Redis bug caused a recent ChatGPT data exposure incident
https://securityaffairs.com/144057/data-breach/openai-chatgpt-redis-bug-data-leak.html
Extra: "String Obfuscation: Character Pair Reversal", (Sun, Mar 26th)
https://isc.sans.edu/diary/rss/29656
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The rising trend of malicious packages in open source ecosystems | Snyk
https://www.reddit.com/r/netsec/comments/122eu5r/the_rising_trend_of_malicious_packages_in_open/
US threatens to ban TikTok unless Chinese owners divest
https://www.theguardian.com/technology/2023/mar/15/us-joe-biden-tiktok-ban-chinese-owners-divest
Extra: "String Obfuscation: Character Pair Reversal", (Sun, Mar 26th)
https://malware.news/t/extra-string-obfuscation-character-pair-reversal-sun-mar-26th/68156#post_1
Update: python-per-line.py version 0.0.10
https://malware.news/t/update-python-per-line-py-version-0-0-10/68154#post_1
shortest input that will trick GPT to reveal the secret key
https://www.reddit.com/r/netsec/comments/122ixvz/shortest_input_that_will_trick_gpt_to_reveal_the/
ISC StormCast for Monday, March 27th, 2023
https://isc.sans.edu/podcastdetail.html?id=8426
Exploit Development 101
https://0x00sec.org/t/exploit-development-101/34164
Monthly Threat Actor Group Intelligence Report, February 2023 (KOR)
https://malware.news/t/monthly-threat-actor-group-intelligence-report-february-2023-kor/68158#post_1
OpenAI: A Redis bug caused a recent ChatGPT data exposure incident
https://securityaffairs.com/144057/data-breach/openai-chatgpt-redis-bug-data-leak.html
Extra: "String Obfuscation: Character Pair Reversal", (Sun, Mar 26th)
https://isc.sans.edu/diary/rss/29656
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: The rising trend of malicious packages in open source ecosystems | Snyk
Posted by u/lirantal - No votes and no comments
Top Security News for 28/03/2023
20-Year-Old BreachForums Founder Faces Up to 5 Years in Prison
https://thehackernews.com/2023/03/20-year-old-breachforums-founder-faces.html
Adopting the CIS Controls Framework: The Biggest Benefits & Challenges - Joe Alapat, Matt Miller - CFH #14
https://malware.news/t/adopting-the-cis-controls-framework-the-biggest-benefits-challenges-joe-alapat-matt-miller-cfh-14/68197#post_1
GitHub accidentally exposes RSA SSH key
https://www.malwarebytes.com/blog/news/2023/03/github-changes-its-compromised-ssh-key
Another Malicious HTA File Analysis - Part 1, (Mon, Mar 27th)
https://isc.sans.edu/diary/rss/29674
Solving the password’s hardest problem with passkeys, featuring Anna Pobletts
https://www.malwarebytes.com/blog/podcast/2023/03/solving-the-passwords-hardest-problem-with-passkeys-featuring-anna-pobletts
Proposed TikTok ban legislation to move forward in House
https://malware.news/t/proposed-tiktok-ban-legislation-to-move-forward-in-house/68195#post_1
Watch a Coder Use ChatGPT on a Computer from 1984 Running DOS
https://www.vice.com/en_us/article/n7ewx7/watch-a-coder-use-chatgpt-on-a-computer-from-1984-running-dos
New OST2 class: "Vulnerabilities 1002: C-Family Software Implementation Vulnerabilities"
https://www.reddit.com/r/netsec/comments/123ldeb/new_ost2_class_vulnerabilities_1002_cfamily/
France bans TikTok, all social media apps from government devices
https://www.csoonline.com/article/3691710/france-bans-tiktok-all-social-media-apps-from-government-devices.html#tk.rss_all
Apple Issues Urgent Security Update for Older iOS and iPadOS Models
https://thehackernews.com/2023/03/apple-issues-urgent-security-update-for.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
20-Year-Old BreachForums Founder Faces Up to 5 Years in Prison
https://thehackernews.com/2023/03/20-year-old-breachforums-founder-faces.html
Adopting the CIS Controls Framework: The Biggest Benefits & Challenges - Joe Alapat, Matt Miller - CFH #14
https://malware.news/t/adopting-the-cis-controls-framework-the-biggest-benefits-challenges-joe-alapat-matt-miller-cfh-14/68197#post_1
GitHub accidentally exposes RSA SSH key
https://www.malwarebytes.com/blog/news/2023/03/github-changes-its-compromised-ssh-key
Another Malicious HTA File Analysis - Part 1, (Mon, Mar 27th)
https://isc.sans.edu/diary/rss/29674
Solving the password’s hardest problem with passkeys, featuring Anna Pobletts
https://www.malwarebytes.com/blog/podcast/2023/03/solving-the-passwords-hardest-problem-with-passkeys-featuring-anna-pobletts
Proposed TikTok ban legislation to move forward in House
https://malware.news/t/proposed-tiktok-ban-legislation-to-move-forward-in-house/68195#post_1
Watch a Coder Use ChatGPT on a Computer from 1984 Running DOS
https://www.vice.com/en_us/article/n7ewx7/watch-a-coder-use-chatgpt-on-a-computer-from-1984-running-dos
New OST2 class: "Vulnerabilities 1002: C-Family Software Implementation Vulnerabilities"
https://www.reddit.com/r/netsec/comments/123ldeb/new_ost2_class_vulnerabilities_1002_cfamily/
France bans TikTok, all social media apps from government devices
https://www.csoonline.com/article/3691710/france-bans-tiktok-all-social-media-apps-from-government-devices.html#tk.rss_all
Apple Issues Urgent Security Update for Older iOS and iPadOS Models
https://thehackernews.com/2023/03/apple-issues-urgent-security-update-for.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Adopting the CIS Controls Framework: The Biggest Benefits & Challenges - Joe Alapat, Matt Miller - CFH #14
Article Link: Adopting the CIS Controls Framework: The Biggest Benefits & Challenges – Joe Alapat, Matt Miller – CFH #14 | SC Media
Top Security News for 29/03/2023
Remote Employees: Update Your Routers (and More WFH IT Tips)
https://securityintelligence.com/articles/remote-employees-update-routers/
The curl quirk that exposed Burp Suite & Google Chrome
https://www.reddit.com/r/netsec/comments/124oq9m/the_curl_quirk_that_exposed_burp_suite_google/
5 ways to tell you are not CISO material
https://www.csoonline.com/article/3691772/5-ways-to-tell-you-are-not-ciso-material.html#tk.rss_all
President Biden Signs Executive Order Restricting Use of Commercial Spyware
https://thehackernews.com/2023/03/president-biden-signs-executive-order.html
ICS/OT Cybersecurity 2022 TXOne Annual Report Insights
https://malware.news/t/ics-ot-cybersecurity-2022-txone-annual-report-insights/68246#post_1
JSAC2023 -Day 2 Workshop-
https://malware.news/t/jsac2023-day-2-workshop/68244#post_1
Microsoft Office Outlook Vulnerability (CVE-2023-23397) Appearance and Manual Measure Guide
https://malware.news/t/microsoft-office-outlook-vulnerability-cve-2023-23397-appearance-and-manual-measure-guide/68241#post_1
Kimsuky Group Distributes Malware Disguised as Profile Template (GitHub)
https://malware.news/t/kimsuky-group-distributes-malware-disguised-as-profile-template-github/68242#post_1
ISC StormCast for Wednesday, March 29th, 2023
https://isc.sans.edu/podcastdetail.html?id=8430
Legacy, password-based authentication systems are failing enterprise security, says study
https://www.csoonline.com/article/3691781/legacy-password-based-authentication-systems-are-failing-enterprise-security-says-study.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Remote Employees: Update Your Routers (and More WFH IT Tips)
https://securityintelligence.com/articles/remote-employees-update-routers/
The curl quirk that exposed Burp Suite & Google Chrome
https://www.reddit.com/r/netsec/comments/124oq9m/the_curl_quirk_that_exposed_burp_suite_google/
5 ways to tell you are not CISO material
https://www.csoonline.com/article/3691772/5-ways-to-tell-you-are-not-ciso-material.html#tk.rss_all
President Biden Signs Executive Order Restricting Use of Commercial Spyware
https://thehackernews.com/2023/03/president-biden-signs-executive-order.html
ICS/OT Cybersecurity 2022 TXOne Annual Report Insights
https://malware.news/t/ics-ot-cybersecurity-2022-txone-annual-report-insights/68246#post_1
JSAC2023 -Day 2 Workshop-
https://malware.news/t/jsac2023-day-2-workshop/68244#post_1
Microsoft Office Outlook Vulnerability (CVE-2023-23397) Appearance and Manual Measure Guide
https://malware.news/t/microsoft-office-outlook-vulnerability-cve-2023-23397-appearance-and-manual-measure-guide/68241#post_1
Kimsuky Group Distributes Malware Disguised as Profile Template (GitHub)
https://malware.news/t/kimsuky-group-distributes-malware-disguised-as-profile-template-github/68242#post_1
ISC StormCast for Wednesday, March 29th, 2023
https://isc.sans.edu/podcastdetail.html?id=8430
Legacy, password-based authentication systems are failing enterprise security, says study
https://www.csoonline.com/article/3691781/legacy-password-based-authentication-systems-are-failing-enterprise-security-says-study.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Intelligence
Remote Employees: Update Your Routers (and More WFH IT Tips)
In the era of working from home, it's important for businesses to consider cybersecurity in regard to their remote employees.
Top Security News for 30/03/2023
QNAP fixed Sudo privilege escalation bug in NAS devices
https://securityaffairs.com/144200/security/qnap-sudo-flaw.html
Latitude Financial data breach hits more customers than previously thought
https://malware.news/t/latitude-financial-data-breach-hits-more-customers-than-previously-thought/68284#post_1
The Intersection of Apple’s USB Lower Filter and iPhone-WPD Integration
https://www.reddit.com/r/netsec/comments/125zi5o/the_intersection_of_apples_usb_lower_filter_and/
US Federal agencies banned from using foreign spyware
https://malware.news/t/us-federal-agencies-banned-from-using-foreign-spyware/68290#post_1
Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices
https://thehackernews.com/2023/03/spyware-vendors-caught-exploiting-zero.html
How to Build a Research Lab for Reverse Engineering — 4 Ways
https://thehackernews.com/2023/03/how-to-build-research-lab-for-reverse.html
Spyware vendors use 0-days and n-days against popular platforms
https://www.reddit.com/r/netsec/comments/125oxbl/spyware_vendors_use_0days_and_ndays_against/
🔒Beyond Firmware Encryption: Enhancing Embedded Device Security
https://www.reddit.com/r/netsec/comments/125nqvq/beyond_firmware_encryption_enhancing_embedded/
Managing security in the cloud through Microsoft Intune
https://www.csoonline.com/article/3691793/managing-security-in-the-cloud-through-microsoft-intune.html#tk.rss_all
"Log-out king" Instagram scammer gets accounts taken down, then charges to reinstate them
https://www.malwarebytes.com/blog/news/2023/03/log-out-king-instagram-scammer-gets-accounts-taken-down-then-charges-to-reinstate-them
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
QNAP fixed Sudo privilege escalation bug in NAS devices
https://securityaffairs.com/144200/security/qnap-sudo-flaw.html
Latitude Financial data breach hits more customers than previously thought
https://malware.news/t/latitude-financial-data-breach-hits-more-customers-than-previously-thought/68284#post_1
The Intersection of Apple’s USB Lower Filter and iPhone-WPD Integration
https://www.reddit.com/r/netsec/comments/125zi5o/the_intersection_of_apples_usb_lower_filter_and/
US Federal agencies banned from using foreign spyware
https://malware.news/t/us-federal-agencies-banned-from-using-foreign-spyware/68290#post_1
Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices
https://thehackernews.com/2023/03/spyware-vendors-caught-exploiting-zero.html
How to Build a Research Lab for Reverse Engineering — 4 Ways
https://thehackernews.com/2023/03/how-to-build-research-lab-for-reverse.html
Spyware vendors use 0-days and n-days against popular platforms
https://www.reddit.com/r/netsec/comments/125oxbl/spyware_vendors_use_0days_and_ndays_against/
🔒Beyond Firmware Encryption: Enhancing Embedded Device Security
https://www.reddit.com/r/netsec/comments/125nqvq/beyond_firmware_encryption_enhancing_embedded/
Managing security in the cloud through Microsoft Intune
https://www.csoonline.com/article/3691793/managing-security-in-the-cloud-through-microsoft-intune.html#tk.rss_all
"Log-out king" Instagram scammer gets accounts taken down, then charges to reinstate them
https://www.malwarebytes.com/blog/news/2023/03/log-out-king-instagram-scammer-gets-accounts-taken-down-then-charges-to-reinstate-them
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
QNAP fixed Sudo privilege escalation bug in NAS devices
Taiwanese vendor QNAP warns customers to patch a high-severity Sudo privilege escalation bug affecting network-attached storage (NAS) devices.
Top Security News for 31/03/2023
Revisiting Heaven's Gate with Lumma Stealer
https://www.reddit.com/r/netsec/comments/126o0hv/revisiting_heavens_gate_with_lumma_stealer/
'He Would Still Be Here': Man Dies by Suicide After Talking with AI Chatbot, Widow Says
https://www.vice.com/en_us/article/pkadgm/man-dies-by-suicide-after-talking-with-ai-chatbot-widow-says
Latest Microsoft Entra advancements strengthen identity security
https://www.microsoft.com/en-us/security/blog/2023/03/30/latest-microsoft-entra-advancements-strengthen-identity-security/
X-Force Prevents Zero Day from Going Anywhere
https://securityintelligence.com/posts/x-force-prevents-zero-day-from-going-anywhere/
We scanned every NPM and PyPI package for malware with ChatGPT
https://www.reddit.com/r/netsec/comments/12747u0/we_scanned_every_npm_and_pypi_package_for_malware/
With KEYPLUG, China’s RedGolf Spies On, Steals From Wide Field of Targets
https://www.reddit.com/r/netsec/comments/126lk1v/with_keyplug_chinas_redgolf_spies_on_steals_from/
‘Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics
https://www.theguardian.com/technology/2023/mar/30/vulkan-files-leak-reveals-putins-global-and-domestic-cyberwarfare-tactics
ISC StormCast for Friday, March 31st, 2023
https://isc.sans.edu/podcastdetail.html?id=8434
New: Burp Suite Enterprise Edition Unlimited pricing
https://portswigger.net/blog/new-burp-suite-enterprise-edition-unlimited-pricing
Medical data exposed in latest GoAnywhere hack. Toyota Italy accidentally leaks (phishing) fuel. Meriton becomes latest Australian company targeted by hackers.
https://thecyberwire.com/podcasts/privacy-briefing/497/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Revisiting Heaven's Gate with Lumma Stealer
https://www.reddit.com/r/netsec/comments/126o0hv/revisiting_heavens_gate_with_lumma_stealer/
'He Would Still Be Here': Man Dies by Suicide After Talking with AI Chatbot, Widow Says
https://www.vice.com/en_us/article/pkadgm/man-dies-by-suicide-after-talking-with-ai-chatbot-widow-says
Latest Microsoft Entra advancements strengthen identity security
https://www.microsoft.com/en-us/security/blog/2023/03/30/latest-microsoft-entra-advancements-strengthen-identity-security/
X-Force Prevents Zero Day from Going Anywhere
https://securityintelligence.com/posts/x-force-prevents-zero-day-from-going-anywhere/
We scanned every NPM and PyPI package for malware with ChatGPT
https://www.reddit.com/r/netsec/comments/12747u0/we_scanned_every_npm_and_pypi_package_for_malware/
With KEYPLUG, China’s RedGolf Spies On, Steals From Wide Field of Targets
https://www.reddit.com/r/netsec/comments/126lk1v/with_keyplug_chinas_redgolf_spies_on_steals_from/
‘Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics
https://www.theguardian.com/technology/2023/mar/30/vulkan-files-leak-reveals-putins-global-and-domestic-cyberwarfare-tactics
ISC StormCast for Friday, March 31st, 2023
https://isc.sans.edu/podcastdetail.html?id=8434
New: Burp Suite Enterprise Edition Unlimited pricing
https://portswigger.net/blog/new-burp-suite-enterprise-edition-unlimited-pricing
Medical data exposed in latest GoAnywhere hack. Toyota Italy accidentally leaks (phishing) fuel. Meriton becomes latest Australian company targeted by hackers.
https://thecyberwire.com/podcasts/privacy-briefing/497/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Revisiting Heaven's Gate with Lumma Stealer
Explore this post and more from the netsec community
Top Security News for 01/04/2023
Russian APT group Winter Vivern targets email portals of NATO and diplomats
https://securityaffairs.com/144263/intelligence/winter-vivern-email-portals-nato.html
3 tips to raise your backup game
https://www.malwarebytes.com/blog/news/2023/03/3-things-you-should-do-on-world-backup-day
Any antivirus related software automatically closes right after I open it
https://www.reddit.com/r/Malware/comments/12819jk/any_antivirus_related_software_automatically/
BOB DYLAN'S LOST SONG ABOUT HACKERS
https://www.2600.com/content/bob-dylans-lost-song-about-hackers
Hackers Exploiting WordPress Elementor Pro Vulnerability: Millions of Sites at Risk!
https://thehackernews.com/2023/04/hackers-exploiting-wordpress-elementor.html
2023-03-31 - Qakbot (Qbot), obama247 distribution tag
https://malware.news/t/2023-03-31-qakbot-qbot-obama247-distribution-tag/68368#post_1
It’s hunting season for tax fraudsters. Judge rules against class action lawsuit for CareFirst breach. Top FBI official speaks out in support of Section 702.
https://thecyberwire.com/newsletters/privacy-briefing/5/62
3CX Supply Chain Attack Campaign
https://malware.news/t/3cx-supply-chain-attack-campaign/68365#post_1
A glimpse into Mr. Putin’s cyber war room. 3CXDesktopAppsupply chain risk. XSS flaw in Azure SFX can lead to remote code execution. AlienFox targets misconfigured servers.
https://thecyberwire.com/podcasts/daily-podcast/1792/notes
THE 28TH AMENDMENT TO THE UNITED STATES CONSTITUTION
https://www.2600.com/content/28th-amendment-united-states-constitution
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Russian APT group Winter Vivern targets email portals of NATO and diplomats
https://securityaffairs.com/144263/intelligence/winter-vivern-email-portals-nato.html
3 tips to raise your backup game
https://www.malwarebytes.com/blog/news/2023/03/3-things-you-should-do-on-world-backup-day
Any antivirus related software automatically closes right after I open it
https://www.reddit.com/r/Malware/comments/12819jk/any_antivirus_related_software_automatically/
BOB DYLAN'S LOST SONG ABOUT HACKERS
https://www.2600.com/content/bob-dylans-lost-song-about-hackers
Hackers Exploiting WordPress Elementor Pro Vulnerability: Millions of Sites at Risk!
https://thehackernews.com/2023/04/hackers-exploiting-wordpress-elementor.html
2023-03-31 - Qakbot (Qbot), obama247 distribution tag
https://malware.news/t/2023-03-31-qakbot-qbot-obama247-distribution-tag/68368#post_1
It’s hunting season for tax fraudsters. Judge rules against class action lawsuit for CareFirst breach. Top FBI official speaks out in support of Section 702.
https://thecyberwire.com/newsletters/privacy-briefing/5/62
3CX Supply Chain Attack Campaign
https://malware.news/t/3cx-supply-chain-attack-campaign/68365#post_1
A glimpse into Mr. Putin’s cyber war room. 3CXDesktopAppsupply chain risk. XSS flaw in Azure SFX can lead to remote code execution. AlienFox targets misconfigured servers.
https://thecyberwire.com/podcasts/daily-podcast/1792/notes
THE 28TH AMENDMENT TO THE UNITED STATES CONSTITUTION
https://www.2600.com/content/28th-amendment-united-states-constitution
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Russian APT group Winter Vivern targets email portals of NATO and diplomats
Russian hacking group Winter Vivern has been actively exploiting Zimbra flaws to steal the emails of NATO and diplomats.
Top Security News for 02/04/2023
The Defender's Guide to the 3CX Supply Chain Attack - How it happened, why it matters, and what's being done about it
https://www.reddit.com/r/netsec/comments/128iamx/the_defenders_guide_to_the_3cx_supply_chain/
How to avoid the aCropalypse
https://www.reddit.com/r/netsec/comments/128bk1k/how_to_avoid_the_acropalypse/
Avoiding data backup failures – Week in security with Tony Anscombe
https://malware.news/t/avoiding-data-backup-failures-week-in-security-with-tony-anscombe/68369#post_1
Exploiting Hibernate Injection in "Order by" Clause (Oracle database)
https://www.reddit.com/r/netsec/comments/128hhao/exploiting_hibernate_injection_in_order_by_clause/
Using Linux grep and Windows findstr to Manipulate Files, (Fri, Mar 31st)
https://isc.sans.edu/diary/rss/29696
Leveraging LLMs for solving bounty hunting pain points
https://www.reddit.com/r/netsec/comments/128eokl/leveraging_llms_for_solving_bounty_hunting_pain/
Announcing Fibratus 1.10.0 - a modern Windows kernel tracing and threat detection engine
https://www.reddit.com/r/Malware/comments/128ejid/announcing_fibratus_1100_a_modern_windows_kernel/
Microsoft Fixes New Azure AD Vulnerability Impacting Bing Search and Major Apps
https://thehackernews.com/2023/04/microsoft-fixes-new-azure-ad.html
The Crazy Story Of The Pirate Bay
https://0x00sec.org/t/the-crazy-story-of-the-pirate-bay/34281
Developing a Robust Vulnerability Detection Tool for ink!
https://www.reddit.com/r/netsec/comments/128mtmj/developing_a_robust_vulnerability_detection_tool/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The Defender's Guide to the 3CX Supply Chain Attack - How it happened, why it matters, and what's being done about it
https://www.reddit.com/r/netsec/comments/128iamx/the_defenders_guide_to_the_3cx_supply_chain/
How to avoid the aCropalypse
https://www.reddit.com/r/netsec/comments/128bk1k/how_to_avoid_the_acropalypse/
Avoiding data backup failures – Week in security with Tony Anscombe
https://malware.news/t/avoiding-data-backup-failures-week-in-security-with-tony-anscombe/68369#post_1
Exploiting Hibernate Injection in "Order by" Clause (Oracle database)
https://www.reddit.com/r/netsec/comments/128hhao/exploiting_hibernate_injection_in_order_by_clause/
Using Linux grep and Windows findstr to Manipulate Files, (Fri, Mar 31st)
https://isc.sans.edu/diary/rss/29696
Leveraging LLMs for solving bounty hunting pain points
https://www.reddit.com/r/netsec/comments/128eokl/leveraging_llms_for_solving_bounty_hunting_pain/
Announcing Fibratus 1.10.0 - a modern Windows kernel tracing and threat detection engine
https://www.reddit.com/r/Malware/comments/128ejid/announcing_fibratus_1100_a_modern_windows_kernel/
Microsoft Fixes New Azure AD Vulnerability Impacting Bing Search and Major Apps
https://thehackernews.com/2023/04/microsoft-fixes-new-azure-ad.html
The Crazy Story Of The Pirate Bay
https://0x00sec.org/t/the-crazy-story-of-the-pirate-bay/34281
Developing a Robust Vulnerability Detection Tool for ink!
https://www.reddit.com/r/netsec/comments/128mtmj/developing_a_robust_vulnerability_detection_tool/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: The Defender's Guide to the 3CX Supply Chain Attack - How it happened, why it matters, and what's being done…
Posted by u/SuaveHobo - 146 votes and 13 comments
Top Security News for 03/04/2023
Update: re-search.py Version 0.0.22
https://malware.news/t/update-re-search-py-version-0-0-22/68375#post_1
Wipeout! Part Deux – Determining How an Android Was Setup
https://malware.news/t/wipeout-part-deux-determining-how-an-android-was-setup/68377#post_1
ASEC Weekly Phishing Email Threat Trends (March 19th, 2023 – March 25th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-march-19th-2023-march-25th-2023/68381#post_1
Update: oledump & MSI Files, (Sun, Apr 2nd)
https://malware.news/t/update-oledump-msi-files-sun-apr-2nd/68373#post_1
Darktrace/Email upgrade enhances generative AI email attack defense
https://www.csoonline.com/article/3692450/darktrace-email-upgrade-enhances-generative-ai-email-attack-defense.html#tk.rss_all
YARA v4.3.0 Release, (Sun, Apr 2nd)
https://malware.news/t/yara-v4-3-0-release-sun-apr-2nd/68374#post_1
Pinduoduo Is Straight Up Malware
https://packetstormsecurity.com/news/view/34486/Pinduoduo-Is-Straight-Up-Malware.html
Need help installing hackazon
https://www.reddit.com/r/netsec/comments/12a89je/need_help_installing_hackazon/
Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition
https://securityaffairs.com/144366/breaking-news/security-affairs-newsletter-round-413-by-pierluigi-paganini.html
Malicious ISO File Leads to Domain Wide Ransomware
https://www.reddit.com/r/netsec/comments/12a5epa/malicious_iso_file_leads_to_domain_wide_ransomware/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Update: re-search.py Version 0.0.22
https://malware.news/t/update-re-search-py-version-0-0-22/68375#post_1
Wipeout! Part Deux – Determining How an Android Was Setup
https://malware.news/t/wipeout-part-deux-determining-how-an-android-was-setup/68377#post_1
ASEC Weekly Phishing Email Threat Trends (March 19th, 2023 – March 25th, 2023)
https://malware.news/t/asec-weekly-phishing-email-threat-trends-march-19th-2023-march-25th-2023/68381#post_1
Update: oledump & MSI Files, (Sun, Apr 2nd)
https://malware.news/t/update-oledump-msi-files-sun-apr-2nd/68373#post_1
Darktrace/Email upgrade enhances generative AI email attack defense
https://www.csoonline.com/article/3692450/darktrace-email-upgrade-enhances-generative-ai-email-attack-defense.html#tk.rss_all
YARA v4.3.0 Release, (Sun, Apr 2nd)
https://malware.news/t/yara-v4-3-0-release-sun-apr-2nd/68374#post_1
Pinduoduo Is Straight Up Malware
https://packetstormsecurity.com/news/view/34486/Pinduoduo-Is-Straight-Up-Malware.html
Need help installing hackazon
https://www.reddit.com/r/netsec/comments/12a89je/need_help_installing_hackazon/
Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition
https://securityaffairs.com/144366/breaking-news/security-affairs-newsletter-round-413-by-pierluigi-paganini.html
Malicious ISO File Leads to Domain Wide Ransomware
https://www.reddit.com/r/netsec/comments/12a5epa/malicious_iso_file_leads_to_domain_wide_ransomware/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Update: re-search.py Version 0.0.22
This update to re-search.py, my tool to search text files with regular expressions, brings several new regular expressions. There are 4 new regular expressions for cryptographic hashes: md5, sha1, sha256, sha512. And one new name that groups these 4 regular…
Top Security News for 04/04/2023
Why we must hit 'pause' on generative AI experiments
https://malware.news/t/why-we-must-hit-pause-on-generative-ai-experiments/68430#post_1
Multiple vulnerabilities in Aten PE8108 power distribution unit - There is no security firmware update, yet.
https://www.reddit.com/r/netsec/comments/12ag7yw/multiple_vulnerabilities_in_aten_pe8108_power/
Bypassing Amazon Kids+ Parental Controls
https://www.reddit.com/r/netsec/comments/12alyxj/bypassing_amazon_kids_parental_controls/
Oregon college cyberattack claimed by Vice Society
https://malware.news/t/oregon-college-cyberattack-claimed-by-vice-society/68427#post_1
Israeli cybersecurity firm launches managed services offering for MSPs
https://www.csoonline.com/article/3692628/israeli-cybersecurity-firm-launches-managed-services-offering-for-msps.html#tk.rss_all
Vice Society takes credit for Lewis & Clark cyberattack. BetterHelp agrees to settlement for sharing customer data without consent. Capita system outage stokes fears of data breach.
https://thecyberwire.com/podcasts/privacy-briefing/499/notes
TikTok: What’s going on and should I be worried?
https://www.malwarebytes.com/blog/news/2023/04/tiktok-whats-going-on-and-should-i-be-worried
What’s Fueling Growth for MSSPs Today? - Jessica C. Davis - CFH #15
https://malware.news/t/what-s-fueling-growth-for-mssps-today-jessica-c-davis-cfh-15/68429#post_1
Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack
https://securelist.com/gopuram-backdoor-deployed-through-3cx-supply-chain-attack/109344/
Big changes to Twitter verification: How to spot a verified account
https://www.malwarebytes.com/blog/news/2023/04/big-changes-to-twitter-verification-how-to-spot-a-verified-account
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Why we must hit 'pause' on generative AI experiments
https://malware.news/t/why-we-must-hit-pause-on-generative-ai-experiments/68430#post_1
Multiple vulnerabilities in Aten PE8108 power distribution unit - There is no security firmware update, yet.
https://www.reddit.com/r/netsec/comments/12ag7yw/multiple_vulnerabilities_in_aten_pe8108_power/
Bypassing Amazon Kids+ Parental Controls
https://www.reddit.com/r/netsec/comments/12alyxj/bypassing_amazon_kids_parental_controls/
Oregon college cyberattack claimed by Vice Society
https://malware.news/t/oregon-college-cyberattack-claimed-by-vice-society/68427#post_1
Israeli cybersecurity firm launches managed services offering for MSPs
https://www.csoonline.com/article/3692628/israeli-cybersecurity-firm-launches-managed-services-offering-for-msps.html#tk.rss_all
Vice Society takes credit for Lewis & Clark cyberattack. BetterHelp agrees to settlement for sharing customer data without consent. Capita system outage stokes fears of data breach.
https://thecyberwire.com/podcasts/privacy-briefing/499/notes
TikTok: What’s going on and should I be worried?
https://www.malwarebytes.com/blog/news/2023/04/tiktok-whats-going-on-and-should-i-be-worried
What’s Fueling Growth for MSSPs Today? - Jessica C. Davis - CFH #15
https://malware.news/t/what-s-fueling-growth-for-mssps-today-jessica-c-davis-cfh-15/68429#post_1
Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack
https://securelist.com/gopuram-backdoor-deployed-through-3cx-supply-chain-attack/109344/
Big changes to Twitter verification: How to spot a verified account
https://www.malwarebytes.com/blog/news/2023/04/big-changes-to-twitter-verification-how-to-spot-a-verified-account
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Why we must hit 'pause' on generative AI experiments
The potential impact on job losses and dangerous cybersecurity incidents alone warrant a short pause. Article Link: Why we must hit ‘pause’ on generative AI experiments | SC Media
Top Security News for 05/04/2023
3CX software supply chain attack analysis
https://www.reddit.com/r/netsec/comments/12bbk6v/3cx_software_supply_chain_attack_analysis/
We put GPT-4 in Semgrep to point out false positives & fix code
https://www.reddit.com/r/netsec/comments/12byp4l/we_put_gpt4_in_semgrep_to_point_out_false/
Views of a hot cyberwar — the Ukrainian perspective on Russia’s online assault
https://www.csoonline.com/article/3692534/a-report-from-ukraine-s-cybersecurity-service-reveals-insight-into-what-the-country-has-been-facing.html#tk.rss_all
Pentah0wnage: Pre-Auth RCE in Pentaho Business Analytics Server · Aura Research Division
https://www.reddit.com/r/netsec/comments/12ba6lr/pentah0wnage_preauth_rce_in_pentaho_business/
Rorschach ransomware has the fastest file-encrypting routine to date
https://securityaffairs.com/144425/cyber-crime/rorschach-ransomware-fast-encryption.html
New Generation of Phishing Hides Behind Trusted Services
https://securityintelligence.com/articles/new-phishing-hides-behind-trusted-services/
AI - to create complex and new code, its limits and your opinion?
https://0x00sec.org/t/ai-to-create-complex-and-new-code-its-limits-and-your-opinion/34324
UK data regulator issues warning over generative AI data protection concerns
https://www.csoonline.com/article/3692438/uk-data-regulator-issues-warning-over-generative-ai-data-protection-concerns.html#tk.rss_all
TrustCloud releases TrustRegister to help gauge business impact of risks
https://www.csoonline.com/article/3692551/trustcloud-releases-trustregister-to-help-gauge-business-impact-of-risks.html#tk.rss_all
Proxyjacking - How attackers are monetizing internet bandwidth post exploitation
https://www.reddit.com/r/netsec/comments/12bikr1/proxyjacking_how_attackers_are_monetizing/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
3CX software supply chain attack analysis
https://www.reddit.com/r/netsec/comments/12bbk6v/3cx_software_supply_chain_attack_analysis/
We put GPT-4 in Semgrep to point out false positives & fix code
https://www.reddit.com/r/netsec/comments/12byp4l/we_put_gpt4_in_semgrep_to_point_out_false/
Views of a hot cyberwar — the Ukrainian perspective on Russia’s online assault
https://www.csoonline.com/article/3692534/a-report-from-ukraine-s-cybersecurity-service-reveals-insight-into-what-the-country-has-been-facing.html#tk.rss_all
Pentah0wnage: Pre-Auth RCE in Pentaho Business Analytics Server · Aura Research Division
https://www.reddit.com/r/netsec/comments/12ba6lr/pentah0wnage_preauth_rce_in_pentaho_business/
Rorschach ransomware has the fastest file-encrypting routine to date
https://securityaffairs.com/144425/cyber-crime/rorschach-ransomware-fast-encryption.html
New Generation of Phishing Hides Behind Trusted Services
https://securityintelligence.com/articles/new-phishing-hides-behind-trusted-services/
AI - to create complex and new code, its limits and your opinion?
https://0x00sec.org/t/ai-to-create-complex-and-new-code-its-limits-and-your-opinion/34324
UK data regulator issues warning over generative AI data protection concerns
https://www.csoonline.com/article/3692438/uk-data-regulator-issues-warning-over-generative-ai-data-protection-concerns.html#tk.rss_all
TrustCloud releases TrustRegister to help gauge business impact of risks
https://www.csoonline.com/article/3692551/trustcloud-releases-trustregister-to-help-gauge-business-impact-of-risks.html#tk.rss_all
Proxyjacking - How attackers are monetizing internet bandwidth post exploitation
https://www.reddit.com/r/netsec/comments/12bikr1/proxyjacking_how_attackers_are_monetizing/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: 3CX software supply chain attack analysis
Posted by u/ntknn - No votes and no comments
Top Security News for 06/04/2023
The Uninvited Guest: IDORs, Garage Doors, and Stolen Secrets
https://www.reddit.com/r/netsec/comments/12chcn5/the_uninvited_guest_idors_garage_doors_and_stolen/
Hackers Using Self-Extracting Archives Exploit for Stealthy Backdoor Attacks
https://thehackernews.com/2023/04/hackers-using-self-extracting-archives.html
Canada launches probe into OpenAI. The dangers of the AI race. A proposed Cyber Service.
https://thecyberwire.com/newsletters/policy-briefing/5/65
Western Digital confirms breach, affects My Cloud and SanDisk users
https://www.malwarebytes.com/blog/news/2023/04/western-digital-confirms-breach-affects-my-cloud-and-sandisk-users
X-Force Identifies Vulnerability in IoT Platform
https://securityintelligence.com/posts/x-force-identifies-vulnerability-iot-platform/
CryptoClippy: New Clipper Malware Targeting Portuguese Cryptocurrency Users
https://thehackernews.com/2023/04/cryptoclippy-new-clipper-malware.html
Google Mandates Android Apps to Offer Easy Account Deletion In-App and Online
https://thehackernews.com/2023/04/google-mandates-android-apps-to-offer.html
Strategic risk analysis is key to ensure customer trust in product, customer-facing app security
https://www.csoonline.com/article/3692351/cisos-need-strategic-risk-analysis-to-balance-internal-and-external-cybersecurity-demands.html#tk.rss_all
The Telegram phishing market
https://securelist.com/telegram-phishing-services/109383/
The Telegram phishing market
https://securelist.com/telegram-phishing-services/109383/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The Uninvited Guest: IDORs, Garage Doors, and Stolen Secrets
https://www.reddit.com/r/netsec/comments/12chcn5/the_uninvited_guest_idors_garage_doors_and_stolen/
Hackers Using Self-Extracting Archives Exploit for Stealthy Backdoor Attacks
https://thehackernews.com/2023/04/hackers-using-self-extracting-archives.html
Canada launches probe into OpenAI. The dangers of the AI race. A proposed Cyber Service.
https://thecyberwire.com/newsletters/policy-briefing/5/65
Western Digital confirms breach, affects My Cloud and SanDisk users
https://www.malwarebytes.com/blog/news/2023/04/western-digital-confirms-breach-affects-my-cloud-and-sandisk-users
X-Force Identifies Vulnerability in IoT Platform
https://securityintelligence.com/posts/x-force-identifies-vulnerability-iot-platform/
CryptoClippy: New Clipper Malware Targeting Portuguese Cryptocurrency Users
https://thehackernews.com/2023/04/cryptoclippy-new-clipper-malware.html
Google Mandates Android Apps to Offer Easy Account Deletion In-App and Online
https://thehackernews.com/2023/04/google-mandates-android-apps-to-offer.html
Strategic risk analysis is key to ensure customer trust in product, customer-facing app security
https://www.csoonline.com/article/3692351/cisos-need-strategic-risk-analysis-to-balance-internal-and-external-cybersecurity-demands.html#tk.rss_all
The Telegram phishing market
https://securelist.com/telegram-phishing-services/109383/
The Telegram phishing market
https://securelist.com/telegram-phishing-services/109383/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: The Uninvited Guest: IDORs, Garage Doors, and Stolen Secrets
Posted by u/uniqualykerd - 10 votes and 4 comments
Top Security News for 07/04/2023
Visitors of tax return e-file service may have downloaded malware
https://www.malwarebytes.com/blog/news/2023/04/visitors-of-tax-return-e-file-service-may-have-downloaded-malware
Microsoft Takes Legal Action to Disrupt Cybercriminals' Illegal Use of Cobalt Strike Tool
https://thehackernews.com/2023/04/microsoft-takes-legal-action-to-disrupt.html
Default static key in ThingsBoard IoT platform can give attackers admin access
https://www.csoonline.com/article/3692818/default-static-key-in-thingsboard-iot-platform-can-give-attackers-admin-access.html#tk.rss_all
Detecting Suspicious API Usage with YARA Rules, (Fri, Apr 7th)
https://malware.news/t/detecting-suspicious-api-usage-with-yara-rules-fri-apr-7th/68556#post_1
Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data
https://www.malwarebytes.com/blog/business/2023/04/do-cyber-regulations-actually-make-k12-schools-safer--navigating-compliance-while-securing-school-and-student-data
FBI Cracks Down on Genesis Market: 119 Arrested in Cybercrime Operation
https://thehackernews.com/2023/04/fbi-cracks-down-on-genesis-market-119.html
CyberGhostVPN Linux client vulnerable to MITM, RCE, LPE writeup
https://www.reddit.com/r/netsec/comments/12d8qp0/cyberghostvpn_linux_client_vulnerable_to_mitm_rce/
IoT garage door exploit allows for remote opening attack
https://www.malwarebytes.com/blog/news/2023/04/iot-garage-door-exploit-allows-for-remote-opening-attack
Supply Chain Attacks and Critical Infrastructure: How CISA Helps Secure a Nation's Crown Jewels
https://thehackernews.com/2023/04/supply-chain-attacks-and-critical.html
The challenges of content moderation. Disinformation in Russia's hybrid war, and propaganda of the deed.
https://thecyberwire.com/podcasts/privacy-briefing/502/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Visitors of tax return e-file service may have downloaded malware
https://www.malwarebytes.com/blog/news/2023/04/visitors-of-tax-return-e-file-service-may-have-downloaded-malware
Microsoft Takes Legal Action to Disrupt Cybercriminals' Illegal Use of Cobalt Strike Tool
https://thehackernews.com/2023/04/microsoft-takes-legal-action-to-disrupt.html
Default static key in ThingsBoard IoT platform can give attackers admin access
https://www.csoonline.com/article/3692818/default-static-key-in-thingsboard-iot-platform-can-give-attackers-admin-access.html#tk.rss_all
Detecting Suspicious API Usage with YARA Rules, (Fri, Apr 7th)
https://malware.news/t/detecting-suspicious-api-usage-with-yara-rules-fri-apr-7th/68556#post_1
Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data
https://www.malwarebytes.com/blog/business/2023/04/do-cyber-regulations-actually-make-k12-schools-safer--navigating-compliance-while-securing-school-and-student-data
FBI Cracks Down on Genesis Market: 119 Arrested in Cybercrime Operation
https://thehackernews.com/2023/04/fbi-cracks-down-on-genesis-market-119.html
CyberGhostVPN Linux client vulnerable to MITM, RCE, LPE writeup
https://www.reddit.com/r/netsec/comments/12d8qp0/cyberghostvpn_linux_client_vulnerable_to_mitm_rce/
IoT garage door exploit allows for remote opening attack
https://www.malwarebytes.com/blog/news/2023/04/iot-garage-door-exploit-allows-for-remote-opening-attack
Supply Chain Attacks and Critical Infrastructure: How CISA Helps Secure a Nation's Crown Jewels
https://thehackernews.com/2023/04/supply-chain-attacks-and-critical.html
The challenges of content moderation. Disinformation in Russia's hybrid war, and propaganda of the deed.
https://thecyberwire.com/podcasts/privacy-briefing/502/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Visitors of tax return e-file service may have downloaded malware
Cybercriminals have compromised eFile.com to host malicious code that allows for the download of Trojans.
Top Security News for 08/04/2023
US officials testify against TikTok before the House. Should the US follow in Australia’s cybersecurity footsteps? CISA director warns about the dangers of AI.
https://thecyberwire.com/newsletters/policy-briefing/5/67
I Went to Maggie Rogers' Ticketmasterless, In-Person Presale
https://www.vice.com/en_us/article/7kx9nq/i-went-to-maggie-rogers-ticketmasterless-in-person-presale
MERCURY and DEV-1084: Destructive attack on hybrid environment
https://www.microsoft.com/en-us/security/blog/2023/04/07/mercury-and-dev-1084-destructive-attack-on-hybrid-environment/
Microsoft aims at stopping cybercriminals from using cracked copies of Cobalt Strike
https://securityaffairs.com/144537/hacking/microsoft-vs-cracked-copies-cobalt-strike.html
Researchers Uncover Thriving Phishing Kit Market on Telegram Channels
https://thehackernews.com/2023/04/researchers-uncover-thriving-phishing.html
Apple Releases Updates to Address Zero-Day Flaws in iOS, iPadOS, macOS, and Safari
https://thehackernews.com/2023/04/apple-releases-updates-to-address-zero.html
Genymotion – Proxying Android App Traffic Through Burp Suite | Cameron Cartier
https://malware.news/t/genymotion-proxying-android-app-traffic-through-burp-suite-cameron-cartier/68565#post_1
Your Ultimate Wiki for Learning INFOSEC & Pentesting
https://0x00sec.org/t/your-ultimate-wiki-for-learning-infosec-pentesting/34389
Pentagon’s Ukraine War Plans Leaked on Minecraft Discord Before Telegram and Twitter
https://www.vice.com/en_us/article/pkadnb/pentagons-ukraine-war-plans-leaked-on-minecraft-discord-before-telegram-and-twitter
U.K.'s ACRO investigating cybersecurity incident
https://malware.news/t/u-k-s-acro-investigating-cybersecurity-incident/68568#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
US officials testify against TikTok before the House. Should the US follow in Australia’s cybersecurity footsteps? CISA director warns about the dangers of AI.
https://thecyberwire.com/newsletters/policy-briefing/5/67
I Went to Maggie Rogers' Ticketmasterless, In-Person Presale
https://www.vice.com/en_us/article/7kx9nq/i-went-to-maggie-rogers-ticketmasterless-in-person-presale
MERCURY and DEV-1084: Destructive attack on hybrid environment
https://www.microsoft.com/en-us/security/blog/2023/04/07/mercury-and-dev-1084-destructive-attack-on-hybrid-environment/
Microsoft aims at stopping cybercriminals from using cracked copies of Cobalt Strike
https://securityaffairs.com/144537/hacking/microsoft-vs-cracked-copies-cobalt-strike.html
Researchers Uncover Thriving Phishing Kit Market on Telegram Channels
https://thehackernews.com/2023/04/researchers-uncover-thriving-phishing.html
Apple Releases Updates to Address Zero-Day Flaws in iOS, iPadOS, macOS, and Safari
https://thehackernews.com/2023/04/apple-releases-updates-to-address-zero.html
Genymotion – Proxying Android App Traffic Through Burp Suite | Cameron Cartier
https://malware.news/t/genymotion-proxying-android-app-traffic-through-burp-suite-cameron-cartier/68565#post_1
Your Ultimate Wiki for Learning INFOSEC & Pentesting
https://0x00sec.org/t/your-ultimate-wiki-for-learning-infosec-pentesting/34389
Pentagon’s Ukraine War Plans Leaked on Minecraft Discord Before Telegram and Twitter
https://www.vice.com/en_us/article/pkadnb/pentagons-ukraine-war-plans-leaked-on-minecraft-discord-before-telegram-and-twitter
U.K.'s ACRO investigating cybersecurity incident
https://malware.news/t/u-k-s-acro-investigating-cybersecurity-incident/68568#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
US officials testify against TikTok before the House. Should the US follow in Australia’s cybersecurity footsteps? CISA director…
US officials testify against TikTok before the House. Should the US follow in Australia’s cybersecurity footsteps? CISA director warns about the dangers of AI. CMMC-like program in the works for civilian contractors.
Top Security News for 09/04/2023
CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/144561/security/veritas-backup-exec-known-exploited-vulnerabilities-catalog.html
advanced malware analysis at OMSCS Georgia Tech
https://www.reddit.com/r/Malware/comments/12foygx/advanced_malware_analysis_at_omscs_georgia_tech/
Security Challenges in Cloud Computing
https://0x00sec.org/t/security-challenges-in-cloud-computing/34416
Karen Worstell: Keep your feet planted. [Strategy]
https://thecyberwire.com/podcasts/career-notes/144/notes
Vulnerable version of WordPress that is provided monthly.
https://www.reddit.com/r/netsec/comments/12fljhg/vulnerable_version_of_wordpress_that_is_provided/
Update: dnsresolver.py Version 0.0.3
https://malware.news/t/update-dnsresolver-py-version-0-0-3/68574#post_1
Using Python to Operate in EDR blind spots
https://www.reddit.com/r/netsec/comments/12fmhya/using_python_to_operate_in_edr_blind_spots/
Iran-Based Hackers Caught Carrying Out Destructive Attacks Under Ransomware Guise
https://thehackernews.com/2023/04/iran-based-hackers-caught-carrying-out.html
Nonsense, mayhem, SameSite, cors and CSRF - Part 2
https://www.reddit.com/r/netsec/comments/12fgng7/nonsense_mayhem_samesite_cors_and_csrf_part_2/
🚀 Cilium Tetragon - eBPF-based Security Observability and Runtime Enforcement in Kubernetes Goat 🐐
https://www.reddit.com/r/netsec/comments/12fukqz/cilium_tetragon_ebpfbased_security_observability/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/144561/security/veritas-backup-exec-known-exploited-vulnerabilities-catalog.html
advanced malware analysis at OMSCS Georgia Tech
https://www.reddit.com/r/Malware/comments/12foygx/advanced_malware_analysis_at_omscs_georgia_tech/
Security Challenges in Cloud Computing
https://0x00sec.org/t/security-challenges-in-cloud-computing/34416
Karen Worstell: Keep your feet planted. [Strategy]
https://thecyberwire.com/podcasts/career-notes/144/notes
Vulnerable version of WordPress that is provided monthly.
https://www.reddit.com/r/netsec/comments/12fljhg/vulnerable_version_of_wordpress_that_is_provided/
Update: dnsresolver.py Version 0.0.3
https://malware.news/t/update-dnsresolver-py-version-0-0-3/68574#post_1
Using Python to Operate in EDR blind spots
https://www.reddit.com/r/netsec/comments/12fmhya/using_python_to_operate_in_edr_blind_spots/
Iran-Based Hackers Caught Carrying Out Destructive Attacks Under Ransomware Guise
https://thehackernews.com/2023/04/iran-based-hackers-caught-carrying-out.html
Nonsense, mayhem, SameSite, cors and CSRF - Part 2
https://www.reddit.com/r/netsec/comments/12fgng7/nonsense_mayhem_samesite_cors_and_csrf_part_2/
🚀 Cilium Tetragon - eBPF-based Security Observability and Runtime Enforcement in Kubernetes Goat 🐐
https://www.reddit.com/r/netsec/comments/12fukqz/cilium_tetragon_ebpfbased_security_observability/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog
US CISA has added Veritas Backup Exec flaws, which were exploited in ransomware attacks, to its Known Exploited Vulnerabilities catalog.
Top Security News for 10/04/2023
ISC Stormcast For Monday, April 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8446, (Mon, Apr 10th)
https://malware.news/t/isc-stormcast-for-monday-april-10th-2023-https-isc-sans-edu-podcastdetail-html-id-8446-mon-apr-10th/68577#post_1
ISC Stormcast For Monday, April 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8446, (Mon, Apr 10th)
https://isc.sans.edu/diary/rss/29732
Researchers disclose critical sandbox escape bug in vm2 sandbox library
https://securityaffairs.com/144582/hacking/vm2-rce-sandbox-escape.html
Securing Kubernetes Clusters using Kyverno Policy Engine - New Kubernetes Goat Scenario 🚀
https://www.reddit.com/r/netsec/comments/12gov4l/securing_kubernetes_clusters_using_kyverno_policy/
3CX DesktopApp Supply Chain Attack Also Detected in Korea
https://malware.news/t/3cx-desktopapp-supply-chain-attack-also-detected-in-korea/68576#post_1
Catching Threat Actors using honeypots
https://www.reddit.com/r/netsec/comments/12h2j8x/catching_threat_actors_using_honeypots/
CISA Warns of 5 Actively Exploited Security Flaws: Urgent Action Required
https://thehackernews.com/2023/04/cisa-warns-of-5-actively-exploited.html
Opinion: Time is crucial when building secure components or infrastructures
https://diablohorn.com/2023/04/09/opinion-time-is-crucial-when-building-secure-components-or-infrastructures/
Cybercrime: be careful what you tell your chatbot helper…
https://www.theguardian.com/technology/2023/apr/09/cybercrime-chatbot-privacy-security-helper-chatgpt-google-bard-microsoft-bing-chat
Extracting Insights from Data: How to Build a Metadata Scraper for Digital Forensics (In Python)
https://0x00sec.org/t/extracting-insights-from-data-how-to-build-a-metadata-scraper-for-digital-forensics-in-python/34436
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Monday, April 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8446, (Mon, Apr 10th)
https://malware.news/t/isc-stormcast-for-monday-april-10th-2023-https-isc-sans-edu-podcastdetail-html-id-8446-mon-apr-10th/68577#post_1
ISC Stormcast For Monday, April 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8446, (Mon, Apr 10th)
https://isc.sans.edu/diary/rss/29732
Researchers disclose critical sandbox escape bug in vm2 sandbox library
https://securityaffairs.com/144582/hacking/vm2-rce-sandbox-escape.html
Securing Kubernetes Clusters using Kyverno Policy Engine - New Kubernetes Goat Scenario 🚀
https://www.reddit.com/r/netsec/comments/12gov4l/securing_kubernetes_clusters_using_kyverno_policy/
3CX DesktopApp Supply Chain Attack Also Detected in Korea
https://malware.news/t/3cx-desktopapp-supply-chain-attack-also-detected-in-korea/68576#post_1
Catching Threat Actors using honeypots
https://www.reddit.com/r/netsec/comments/12h2j8x/catching_threat_actors_using_honeypots/
CISA Warns of 5 Actively Exploited Security Flaws: Urgent Action Required
https://thehackernews.com/2023/04/cisa-warns-of-5-actively-exploited.html
Opinion: Time is crucial when building secure components or infrastructures
https://diablohorn.com/2023/04/09/opinion-time-is-crucial-when-building-secure-components-or-infrastructures/
Cybercrime: be careful what you tell your chatbot helper…
https://www.theguardian.com/technology/2023/apr/09/cybercrime-chatbot-privacy-security-helper-chatgpt-google-bard-microsoft-bing-chat
Extracting Insights from Data: How to Build a Metadata Scraper for Digital Forensics (In Python)
https://0x00sec.org/t/extracting-insights-from-data-how-to-build-a-metadata-scraper-for-digital-forensics-in-python/34436
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Monday, April 10th, 2023 - SANS ISC