Top Security New for 16/05/2022
The 2023 Nissan Z first drive
https://arstechnica.com/?p=1854343
Using Stolen IAM Credentials - Hacking The Cloud
https://www.reddit.com/r/netsec/comments/uqgfe5/using_stolen_iam_credentials_hacking_the_cloud/
ISC StormCast for Monday, May 16th, 2022
https://isc.sans.edu/podcastdetail.html?id=8008
Singapore launches safety rating scheme for e-commerce sites
https://malware.news/t/singapore-launches-safety-rating-scheme-for-e-commerce-sites/60144/1
Nasty Zyxel remote execution bug is being exploited
https://malware.news/t/nasty-zyxel-remote-execution-bug-is-being-exploited/60150/1
Crypters - Some questions
https://0x00sec.org/t/crypters-some-questions/29335
mp3 file random corruption
https://www.reddit.com/r/Malware/comments/uq9ord/mp3_file_random_corruption/
How to spot the signs of a virtual kidnap scam
https://blog.malwarebytes.com/scams/2022/05/how-to-spot-the-signs-of-a-virtual-kidnap-scam/
The tech sector teardown is more catharsis than crisis
https://arstechnica.com/?p=1854178
How to spot the signs of a virtual kidnap scam
https://malware.news/t/how-to-spot-the-signs-of-a-virtual-kidnap-scam/60148/1
For more information, feel free to follow me at @ShayaFeedman on Twitter
The 2023 Nissan Z first drive
https://arstechnica.com/?p=1854343
Using Stolen IAM Credentials - Hacking The Cloud
https://www.reddit.com/r/netsec/comments/uqgfe5/using_stolen_iam_credentials_hacking_the_cloud/
ISC StormCast for Monday, May 16th, 2022
https://isc.sans.edu/podcastdetail.html?id=8008
Singapore launches safety rating scheme for e-commerce sites
https://malware.news/t/singapore-launches-safety-rating-scheme-for-e-commerce-sites/60144/1
Nasty Zyxel remote execution bug is being exploited
https://malware.news/t/nasty-zyxel-remote-execution-bug-is-being-exploited/60150/1
Crypters - Some questions
https://0x00sec.org/t/crypters-some-questions/29335
mp3 file random corruption
https://www.reddit.com/r/Malware/comments/uq9ord/mp3_file_random_corruption/
How to spot the signs of a virtual kidnap scam
https://blog.malwarebytes.com/scams/2022/05/how-to-spot-the-signs-of-a-virtual-kidnap-scam/
The tech sector teardown is more catharsis than crisis
https://arstechnica.com/?p=1854178
How to spot the signs of a virtual kidnap scam
https://malware.news/t/how-to-spot-the-signs-of-a-virtual-kidnap-scam/60148/1
For more information, feel free to follow me at @ShayaFeedman on Twitter
Ars Technica
The 2023 Nissan Z first drive
Is it a remastered classic or an old platform pushed too far?
Top Security New for 17/05/2022
Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls RCE Vulnerability
https://thehackernews.com/2022/05/watch-out-hackers-begin-exploiting.html
Why MRG-Effitas matters to SMBs
https://blog.malwarebytes.com/malwarebytes-news/2022/05/why-mrg-effitas-matters-to-smbs/
Users advised to patch actively exploited Zyxel vulnerability. Hacktivism and influence ops in Russia’s hybrid war. Ransomware notes. Indiscriminate hacktivism? Alt-coin sanctions case will proceed.
https://thecyberwire.com/podcasts/daily-podcast/1579/notes
A dev's critique of OAUTH2, based on their experience. "OAUTH2 ... places the viability of [client developers'] products in the hands of corporate entities who are in no way accountable to anyone except their major shareholders."
https://www.reddit.com/r/netsec/comments/urfk8m/a_devs_critique_of_oauth2_based_on_their/
Army’s New ‘Psyop’ Recruitment Ad Looks Like a Terrifying Video Game Cutscene
https://www.vice.com/en_us/article/93bxwz/armys-new-recruitment-ad-looks-like-a-terrifying-video-game-cutscene
ISC Stormcast For Tuesday, May 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8010, (Tue, May 17th)
https://isc.sans.edu/diary/rss/28656
Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis
https://blog.malwarebytes.com/threat-intelligence/2022/05/custom-powershell-rat-targets-germans-seeking-information-about-the-ukraine-crisis/
BrandPost: The Cyberwar Against Pro-Ukrainian Countries is Real. Here’s What to Do
https://www.csoonline.com/article/3660576/the-cyberwar-against-pro-ukrainian-countries-is-real-here-s-what-to-do.html#tk.rss_all
12 steps to building a top-notch vulnerability management program
https://www.csoonline.com/article/3659838/12-steps-to-building-a-top-notch-vulnerability-management-program.html#tk.rss_all
SMM Callouts in HP Products
https://www.reddit.com/r/netsec/comments/uquoz6/smm_callouts_in_hp_products/
For more information, feel free to follow me at @ShayaFeedman on Twitter
Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls RCE Vulnerability
https://thehackernews.com/2022/05/watch-out-hackers-begin-exploiting.html
Why MRG-Effitas matters to SMBs
https://blog.malwarebytes.com/malwarebytes-news/2022/05/why-mrg-effitas-matters-to-smbs/
Users advised to patch actively exploited Zyxel vulnerability. Hacktivism and influence ops in Russia’s hybrid war. Ransomware notes. Indiscriminate hacktivism? Alt-coin sanctions case will proceed.
https://thecyberwire.com/podcasts/daily-podcast/1579/notes
A dev's critique of OAUTH2, based on their experience. "OAUTH2 ... places the viability of [client developers'] products in the hands of corporate entities who are in no way accountable to anyone except their major shareholders."
https://www.reddit.com/r/netsec/comments/urfk8m/a_devs_critique_of_oauth2_based_on_their/
Army’s New ‘Psyop’ Recruitment Ad Looks Like a Terrifying Video Game Cutscene
https://www.vice.com/en_us/article/93bxwz/armys-new-recruitment-ad-looks-like-a-terrifying-video-game-cutscene
ISC Stormcast For Tuesday, May 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8010, (Tue, May 17th)
https://isc.sans.edu/diary/rss/28656
Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis
https://blog.malwarebytes.com/threat-intelligence/2022/05/custom-powershell-rat-targets-germans-seeking-information-about-the-ukraine-crisis/
BrandPost: The Cyberwar Against Pro-Ukrainian Countries is Real. Here’s What to Do
https://www.csoonline.com/article/3660576/the-cyberwar-against-pro-ukrainian-countries-is-real-here-s-what-to-do.html#tk.rss_all
12 steps to building a top-notch vulnerability management program
https://www.csoonline.com/article/3659838/12-steps-to-building-a-top-notch-vulnerability-management-program.html#tk.rss_all
SMM Callouts in HP Products
https://www.reddit.com/r/netsec/comments/uquoz6/smm_callouts_in_hp_products/
For more information, feel free to follow me at @ShayaFeedman on Twitter
Malwarebytes
Why MRG-Effitas matters to SMBs
The 360° Assessment & Certification from MRG-Effitas can offer guidance to SMBs looking for a simple, effective cybersecurity product.
Top Security New for 18/05/2022
Update now! Apple patches zero-day vulnerability affecting Macs, Apple Watch, and Apple TV
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/update-now-apple-patches-zero-day-vulnerability-affecting-macs-apple-watch-and-apple-tv/
Over 200 Apps on Play Store Caught Spying on Android Users Using Facestealer
https://thehackernews.com/2022/05/over-200-apps-on-play-store-caught.html
Gmail-linked Facebook accounts vulnerable to attack using a chain of bugs—now fixed
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/gmail-linked-facebook-accounts-vulnerable-to-attack-using-a-chain-of-bugs-now-fixed/
Long lost @ symbol gets new life obscuring malicious URLs
https://blog.malwarebytes.com/social-engineering/2022/05/long-lost-symbol-gets-new-life-obscuring-malicious-urls/
A dev's critique of OAUTH2, based on their experience. "OAUTH2 ... places the viability of [client developers'] products in the hands of corporate entities who are in no way accountable to anyone except their major shareholders."
https://www.reddit.com/r/netsec/comments/urfk8m/a_devs_critique_of_oauth2_based_on_their/
Kids 5 to 11 get FDA OK for COVID-19 booster doses
https://arstechnica.com/?p=1854632
Stealing Google Drive OAuth tokens from Dropbox
https://www.reddit.com/r/netsec/comments/urvcip/stealing_google_drive_oauth_tokens_from_dropbox/
“Look what I found here” phish targets Facebook users
https://blog.malwarebytes.com/scams/2022/05/look-what-i-found-here-phish-targets-facebook-users/
BrandPost: DDos Extortion Takes VoIP Providers Offline
https://www.csoonline.com/article/3660514/ddos-extortion-takes-voip-providers-offline.html#tk.rss_all
Car owners warned of another theft-enabling relay attack
https://blog.malwarebytes.com/hacking-2/2022/05/car-owners-warned-of-another-theft-enabling-relay-attack/
For more information, feel free to follow me at @ShayaFeedman on Twitter
Update now! Apple patches zero-day vulnerability affecting Macs, Apple Watch, and Apple TV
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/update-now-apple-patches-zero-day-vulnerability-affecting-macs-apple-watch-and-apple-tv/
Over 200 Apps on Play Store Caught Spying on Android Users Using Facestealer
https://thehackernews.com/2022/05/over-200-apps-on-play-store-caught.html
Gmail-linked Facebook accounts vulnerable to attack using a chain of bugs—now fixed
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/gmail-linked-facebook-accounts-vulnerable-to-attack-using-a-chain-of-bugs-now-fixed/
Long lost @ symbol gets new life obscuring malicious URLs
https://blog.malwarebytes.com/social-engineering/2022/05/long-lost-symbol-gets-new-life-obscuring-malicious-urls/
A dev's critique of OAUTH2, based on their experience. "OAUTH2 ... places the viability of [client developers'] products in the hands of corporate entities who are in no way accountable to anyone except their major shareholders."
https://www.reddit.com/r/netsec/comments/urfk8m/a_devs_critique_of_oauth2_based_on_their/
Kids 5 to 11 get FDA OK for COVID-19 booster doses
https://arstechnica.com/?p=1854632
Stealing Google Drive OAuth tokens from Dropbox
https://www.reddit.com/r/netsec/comments/urvcip/stealing_google_drive_oauth_tokens_from_dropbox/
“Look what I found here” phish targets Facebook users
https://blog.malwarebytes.com/scams/2022/05/look-what-i-found-here-phish-targets-facebook-users/
BrandPost: DDos Extortion Takes VoIP Providers Offline
https://www.csoonline.com/article/3660514/ddos-extortion-takes-voip-providers-offline.html#tk.rss_all
Car owners warned of another theft-enabling relay attack
https://blog.malwarebytes.com/hacking-2/2022/05/car-owners-warned-of-another-theft-enabling-relay-attack/
For more information, feel free to follow me at @ShayaFeedman on Twitter
Malwarebytes
Update now! Apple patches zero-day vulnerability affecting Macs, Apple Watch, and Apple TV
If you're an Apple user, make sure you patch for CVE-2022-22675, a zero-day flaw actively exported in the wild.
👍1
Top Security New for 19/05/2022
Researchers Expose Inner Workings of Billion-Dollar Wizard Spider Cybercrime Gang
https://thehackernews.com/2022/05/researchers-expose-inner-working-of.html
BrandPost: How a Culture of Learning Can Help Close the Cybersecurity Skills Gap
https://www.csoonline.com/article/3661228/how-a-culture-of-learning-can-help-close-the-cybersecurity-skills-gap.html#tk.rss_all
Google Russia forced to declare bankruptcy after bank account seizure
https://arstechnica.com/?p=1854920
U.S. Warns Against North Korean Hackers Posing as IT Freelancers
https://thehackernews.com/2022/05/us-warns-against-north-korean-hackers.html
What Microsoft Defender can tell you about your network
https://www.csoonline.com/article/3660494/what-microsoft-defender-can-tell-you-about-your-network.html#tk.rss_all
ISC Stormcast For Thursday, May 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8014, (Thu, May 19th)
https://malware.news/t/isc-stormcast-for-thursday-may-19th-2022-https-isc-sans-edu-podcastdetail-html-id-8014-thu-may-19th/60274/1
ISC Stormcast For Thursday, May 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8014, (Thu, May 19th)
https://isc.sans.edu/diary/rss/28666
2022-05-18 - Pcap and malware for ISC diary: EXOTIC LILY --> Bumblebee --> Cobalt Strike
https://malware.news/t/2022-05-18-pcap-and-malware-for-isc-diary-exotic-lily-bumblebee-cobalt-strike/60276/1
Ransomware: What’s in a Name?
https://malware.news/t/ransomware-what-s-in-a-name/60270/1
2022-05-18 - TA578 thread-hijacked emails and ISO example for Bumblebee
https://malware.news/t/2022-05-18-ta578-thread-hijacked-emails-and-iso-example-for-bumblebee/60273/1
For more information, feel free to follow me at https://twitter.com/ShayaFeedman
Researchers Expose Inner Workings of Billion-Dollar Wizard Spider Cybercrime Gang
https://thehackernews.com/2022/05/researchers-expose-inner-working-of.html
BrandPost: How a Culture of Learning Can Help Close the Cybersecurity Skills Gap
https://www.csoonline.com/article/3661228/how-a-culture-of-learning-can-help-close-the-cybersecurity-skills-gap.html#tk.rss_all
Google Russia forced to declare bankruptcy after bank account seizure
https://arstechnica.com/?p=1854920
U.S. Warns Against North Korean Hackers Posing as IT Freelancers
https://thehackernews.com/2022/05/us-warns-against-north-korean-hackers.html
What Microsoft Defender can tell you about your network
https://www.csoonline.com/article/3660494/what-microsoft-defender-can-tell-you-about-your-network.html#tk.rss_all
ISC Stormcast For Thursday, May 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8014, (Thu, May 19th)
https://malware.news/t/isc-stormcast-for-thursday-may-19th-2022-https-isc-sans-edu-podcastdetail-html-id-8014-thu-may-19th/60274/1
ISC Stormcast For Thursday, May 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8014, (Thu, May 19th)
https://isc.sans.edu/diary/rss/28666
2022-05-18 - Pcap and malware for ISC diary: EXOTIC LILY --> Bumblebee --> Cobalt Strike
https://malware.news/t/2022-05-18-pcap-and-malware-for-isc-diary-exotic-lily-bumblebee-cobalt-strike/60276/1
Ransomware: What’s in a Name?
https://malware.news/t/ransomware-what-s-in-a-name/60270/1
2022-05-18 - TA578 thread-hijacked emails and ISO example for Bumblebee
https://malware.news/t/2022-05-18-ta578-thread-hijacked-emails-and-iso-example-for-bumblebee/60273/1
For more information, feel free to follow me at https://twitter.com/ShayaFeedman
CSO Online
How a Culture of Learning Can Help Close the Cybersecurity Skills Gap
Whether it’s building an understanding of cybersecurity best practices or advancing highly technical cyber skills, training and certifications are ways organizations are ensuring the skills gap isn’t compromising their security.
Top Security New for 20/05/2022
Uber CISO's trial underscores the importance of truth, transparency, and trust
https://www.csoonline.com/article/3660560/uber-cisos-trial-underscores-the-importance-of-truth-transparency-and-trust.html#tk.rss_all
Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
https://www.reddit.com/r/netsec/comments/ut76ps/rise_in_xorddos_a_deeper_look_at_the_stealthy/
QuSecure launches end-to-end post-quantum cybersecurity solution
https://www.csoonline.com/article/3660775/qusecure-launches-end-to-end-post-quantum-cybersecurity-solution.html#tk.rss_all
10 ways attackers gain access to networks
https://blog.malwarebytes.com/hacking-2/2022/05/10-ways-attackers-gain-access-to-networks/
ISC Stormcast For Friday, May 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8016, (Fri, May 20th)
https://isc.sans.edu/diary/rss/28668
WannaCry 5 years on: Still a top threat
https://www.csoonline.com/article/3660575/wannacry-5-years-on-still-a-top-threat.html#tk.rss_all
Is Hack the Kernel a great way to learn operating systems?
https://www.reddit.com/r/lowlevel/comments/utf4ij/is_hack_the_kernel_a_great_way_to_learn_operating/
Enterprises report rise in risk events, yet risk management lags
https://www.csoonline.com/article/3661350/enterprises-report-rise-in-risk-events-yet-risk-management-lags.html#tk.rss_all
Web Trackers Caught Intercepting Online Forms Even Before Users Hit Submit
https://thehackernews.com/2022/05/web-trackers-caught-intercepting-online.html
[RE027] China-based APT Mustang Panda might have still continued their attack activities against organizations in Vietnam
https://malware.news/t/re027-china-based-apt-mustang-panda-might-have-still-continued-their-attack-activities-against-organizations-in-vietnam/60324/1
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Uber CISO's trial underscores the importance of truth, transparency, and trust
https://www.csoonline.com/article/3660560/uber-cisos-trial-underscores-the-importance-of-truth-transparency-and-trust.html#tk.rss_all
Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
https://www.reddit.com/r/netsec/comments/ut76ps/rise_in_xorddos_a_deeper_look_at_the_stealthy/
QuSecure launches end-to-end post-quantum cybersecurity solution
https://www.csoonline.com/article/3660775/qusecure-launches-end-to-end-post-quantum-cybersecurity-solution.html#tk.rss_all
10 ways attackers gain access to networks
https://blog.malwarebytes.com/hacking-2/2022/05/10-ways-attackers-gain-access-to-networks/
ISC Stormcast For Friday, May 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8016, (Fri, May 20th)
https://isc.sans.edu/diary/rss/28668
WannaCry 5 years on: Still a top threat
https://www.csoonline.com/article/3660575/wannacry-5-years-on-still-a-top-threat.html#tk.rss_all
Is Hack the Kernel a great way to learn operating systems?
https://www.reddit.com/r/lowlevel/comments/utf4ij/is_hack_the_kernel_a_great_way_to_learn_operating/
Enterprises report rise in risk events, yet risk management lags
https://www.csoonline.com/article/3661350/enterprises-report-rise-in-risk-events-yet-risk-management-lags.html#tk.rss_all
Web Trackers Caught Intercepting Online Forms Even Before Users Hit Submit
https://thehackernews.com/2022/05/web-trackers-caught-intercepting-online.html
[RE027] China-based APT Mustang Panda might have still continued their attack activities against organizations in Vietnam
https://malware.news/t/re027-china-based-apt-mustang-panda-might-have-still-continued-their-attack-activities-against-organizations-in-vietnam/60324/1
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO Online
Uber CISO's trial underscores the importance of truth, transparency, and trust
The criminal trial offers a lesson in the value of both CISOs and organizations adhering to a policy of truth, transparency and trust when it comes to security.
Top Security New for 21/05/2022
[SANS ISC] A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes
https://blog.rootshell.be/2022/05/20/sans-isc-a-zip-bomb-to-bypass-security-controls-sandboxes/
When eBPF meets TLS! A Security Focused Introduction to eBPF
https://www.reddit.com/r/netsec/comments/uu9agd/when_ebpf_meets_tls_a_security_focused/
Tesla, Microsoft and Ubuntu bugs found during Pwn2Own hacking competition
https://malware.news/t/tesla-microsoft-and-ubuntu-bugs-found-during-pwn2own-hacking-competition/60356/1
Shift left is only part of secure software delivery
https://malware.news/t/shift-left-is-only-part-of-secure-software-delivery/60354/1
Canada bans Huawei, ZTE in 5G networks
https://www.networkworld.com/article/3661691/canada-bans-huawei-zte-in-5g-networks.html#tk.rss_all
Microsoft Warns Rise in XorDdos Malware Targeting Linux Devices
https://thehackernews.com/2022/05/microsoft-warns-rise-in-xorddos-malware.html
Matryoshka Trap: Recursive MMIO Flaws Lead to VM Escape
https://www.reddit.com/r/netsec/comments/uuaeqm/matryoshka_trap_recursive_mmio_flaws_lead_to_vm/
Cytrox's Predator Spyware Target Android Users with Zero-Day Exploits
https://thehackernews.com/2022/05/cytroxs-predator-spyware-target-android.html
Is Conti rebranding? Commercial spyware scrutinized. Notes from the cyber phases of a hybrid war. Notes on the underworld. Software supply chain attack. Canada will exclude Huawei from 5G.
https://thecyberwire.com/podcasts/daily-podcast/1583/notes
Raytheon’s John DeSimone on building the offensive line
https://www.csoonline.com/article/3660638/raytheon-s-john-desimone-on-building-the-offensive-line.html#tk.rss_all
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
[SANS ISC] A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes
https://blog.rootshell.be/2022/05/20/sans-isc-a-zip-bomb-to-bypass-security-controls-sandboxes/
When eBPF meets TLS! A Security Focused Introduction to eBPF
https://www.reddit.com/r/netsec/comments/uu9agd/when_ebpf_meets_tls_a_security_focused/
Tesla, Microsoft and Ubuntu bugs found during Pwn2Own hacking competition
https://malware.news/t/tesla-microsoft-and-ubuntu-bugs-found-during-pwn2own-hacking-competition/60356/1
Shift left is only part of secure software delivery
https://malware.news/t/shift-left-is-only-part-of-secure-software-delivery/60354/1
Canada bans Huawei, ZTE in 5G networks
https://www.networkworld.com/article/3661691/canada-bans-huawei-zte-in-5g-networks.html#tk.rss_all
Microsoft Warns Rise in XorDdos Malware Targeting Linux Devices
https://thehackernews.com/2022/05/microsoft-warns-rise-in-xorddos-malware.html
Matryoshka Trap: Recursive MMIO Flaws Lead to VM Escape
https://www.reddit.com/r/netsec/comments/uuaeqm/matryoshka_trap_recursive_mmio_flaws_lead_to_vm/
Cytrox's Predator Spyware Target Android Users with Zero-Day Exploits
https://thehackernews.com/2022/05/cytroxs-predator-spyware-target-android.html
Is Conti rebranding? Commercial spyware scrutinized. Notes from the cyber phases of a hybrid war. Notes on the underworld. Software supply chain attack. Canada will exclude Huawei from 5G.
https://thecyberwire.com/podcasts/daily-podcast/1583/notes
Raytheon’s John DeSimone on building the offensive line
https://www.csoonline.com/article/3660638/raytheon-s-john-desimone-on-building-the-offensive-line.html#tk.rss_all
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
/dev/random
[SANS ISC] A 'Zip Bomb' to Bypass Security Controls & Sandboxes - /dev/random
I published the following diary on isc.sans.edu: “A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes“: Yesterday, I analyzed a malicious archive for a customer. It was delivered to the mailbox of a user who, hopefully, was security-aware and reported it.…
👍1
Top Security New for 22/05/2022
Biden administration lays out plan for four carbon-capture facilities
https://arstechnica.com/?p=1855569
Asian media company Nikkei suffered a ransomware attack
https://securityaffairs.co/wordpress/131533/data-breach/nikkei-data-breach.html
Russia-linked Sandworm continues to conduct attacks against Ukraine
https://securityaffairs.co/wordpress/131523/apt/sandworm-attacks-against-ukraine.html
Metastealer – filling the Racoon void
https://www.reddit.com/r/Malware/comments/uuhier/metastealer_filling_the_racoon_void/
AutoWarp bug leads to Automation headaches.
https://thecyberwire.com/podcasts/research-saturday/233/notes
SolarWinds ready to move past breach and help customers manage theirs
https://malware.news/t/solarwinds-ready-to-move-past-breach-and-help-customers-manage-theirs/60360/1
Researchers Find Backdoor in School Management Plugin for WordPress
https://thehackernews.com/2022/05/researchers-find-backdoor-in-school.html
Metastealer – filling the Racoon void
https://www.reddit.com/r/netsec/comments/uuob6i/metastealer_filling_the_racoon_void/
$547 Worth of 18 Books on Python Coding by Starch Press for $18 (-97% oFF)
https://www.reddit.com/r/netsec/comments/uul1lw/547_worth_of_18_books_on_python_coding_by_starch/
network configuration for malware analysis
https://www.reddit.com/r/Malware/comments/uuuwv3/network_configuration_for_malware_analysis/
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Biden administration lays out plan for four carbon-capture facilities
https://arstechnica.com/?p=1855569
Asian media company Nikkei suffered a ransomware attack
https://securityaffairs.co/wordpress/131533/data-breach/nikkei-data-breach.html
Russia-linked Sandworm continues to conduct attacks against Ukraine
https://securityaffairs.co/wordpress/131523/apt/sandworm-attacks-against-ukraine.html
Metastealer – filling the Racoon void
https://www.reddit.com/r/Malware/comments/uuhier/metastealer_filling_the_racoon_void/
AutoWarp bug leads to Automation headaches.
https://thecyberwire.com/podcasts/research-saturday/233/notes
SolarWinds ready to move past breach and help customers manage theirs
https://malware.news/t/solarwinds-ready-to-move-past-breach-and-help-customers-manage-theirs/60360/1
Researchers Find Backdoor in School Management Plugin for WordPress
https://thehackernews.com/2022/05/researchers-find-backdoor-in-school.html
Metastealer – filling the Racoon void
https://www.reddit.com/r/netsec/comments/uuob6i/metastealer_filling_the_racoon_void/
$547 Worth of 18 Books on Python Coding by Starch Press for $18 (-97% oFF)
https://www.reddit.com/r/netsec/comments/uul1lw/547_worth_of_18_books_on_python_coding_by_starch/
network configuration for malware analysis
https://www.reddit.com/r/Malware/comments/uuuwv3/network_configuration_for_malware_analysis/
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Ars Technica
Biden administration lays out plan for four carbon-capture facilities
Big infrastructure package includes funds for the underdeveloped technology.
Top Security New for 23/05/2022
North Korea-linked Lazarus APT uses Log4J to target VMware servers
https://securityaffairs.co/wordpress/131483/apt/lazarus-apt-log4j-vmware-servers.html
Charity Wright: Pursue what you love. [Threat intelligence]
https://thecyberwire.com/podcasts/career-notes/101/notes
Android SMS catcher
https://0x00sec.org/t/android-sms-catcher/29445
ASEC Weekly Malware Statistics (May 9th, 2022 – May 15th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-may-9th-2022-may-15th-2022/60364/1
How to program watch OS
https://www.reddit.com/r/lowlevel/comments/uv88mc/how_to_program_watch_os/
Conscerned
https://www.reddit.com/r/Malware/comments/uvaxu5/conscerned/
Misinformation needs tackling and it would help if politicians stopped muddying the water
https://malware.news/t/misinformation-needs-tackling-and-it-would-help-if-politicians-stopped-muddying-the-water/60362/1
ISC StormCast for Monday, May 23rd, 2022
https://isc.sans.edu/podcastdetail.html?id=8018
A year after report, task force urges U.S. to keep ransomware on front burner
https://www.reddit.com/r/Malware/comments/uv37s6/a_year_after_report_task_force_urges_us_to_keep/
ISC Stormcast For Monday, May 23rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8018, (Mon, May 23rd)
https://malware.news/t/isc-stormcast-for-monday-may-23rd-2022-https-isc-sans-edu-podcastdetail-html-id-8018-mon-may-23rd/60363/1
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
North Korea-linked Lazarus APT uses Log4J to target VMware servers
https://securityaffairs.co/wordpress/131483/apt/lazarus-apt-log4j-vmware-servers.html
Charity Wright: Pursue what you love. [Threat intelligence]
https://thecyberwire.com/podcasts/career-notes/101/notes
Android SMS catcher
https://0x00sec.org/t/android-sms-catcher/29445
ASEC Weekly Malware Statistics (May 9th, 2022 – May 15th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-may-9th-2022-may-15th-2022/60364/1
How to program watch OS
https://www.reddit.com/r/lowlevel/comments/uv88mc/how_to_program_watch_os/
Conscerned
https://www.reddit.com/r/Malware/comments/uvaxu5/conscerned/
Misinformation needs tackling and it would help if politicians stopped muddying the water
https://malware.news/t/misinformation-needs-tackling-and-it-would-help-if-politicians-stopped-muddying-the-water/60362/1
ISC StormCast for Monday, May 23rd, 2022
https://isc.sans.edu/podcastdetail.html?id=8018
A year after report, task force urges U.S. to keep ransomware on front burner
https://www.reddit.com/r/Malware/comments/uv37s6/a_year_after_report_task_force_urges_us_to_keep/
ISC Stormcast For Monday, May 23rd, 2022 https://isc.sans.edu/podcastdetail.html?id=8018, (Mon, May 23rd)
https://malware.news/t/isc-stormcast-for-monday-may-23rd-2022-https-isc-sans-edu-podcastdetail-html-id-8018-mon-may-23rd/60363/1
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
North Korea-linked Lazarus APT uses Log4J to target VMware servers
North Korea-linked Lazarus APT is exploiting the Log4J remote code execution (RCE) in attacks aimed at VMware Horizon servers.
Top Security New for 24/05/2022
A week in security (May 16 – 22)
https://blog.malwarebytes.com/a-week-in-security/2022/05/a-week-in-security-may-16-22/
Canada's ban on Huawei and ZTE. Ransomware task forces. NSF advocates threat intelligence sharing.
https://thecyberwire.com/newsletters/policy-briefing/4/99
Data protection concerns spike as states get ready to outlaw abortion
https://www.csoonline.com/article/3661689/data-protection-concerns-spike-as-states-get-ready-to-outlaw-abortion.html#tk.rss_all
Hiding MSFVENOM Payloads in USB NIC EEPROM
https://www.reddit.com/r/netsec/comments/uw4feh/hiding_msfvenom_payloads_in_usb_nic_eeprom/
ISC StormCast for Tuesday, May 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8020
mx-takeover focuses DNS MX records and detects misconfigured MX records.
https://www.reddit.com/r/netsec/comments/uw2s73/mxtakeover_focuses_dns_mx_records_and_detects/
Beneath the surface: Uncovering the shift in web skimming
https://www.reddit.com/r/netsec/comments/uw42x0/beneath_the_surface_uncovering_the_shift_in_web/
Cyber developments in Russia's hybrid war against Ukraine. Conti's dissolution.
https://thecyberwire.com/newsletters/daily-briefing/11/99
VOLUME 38 OF THE HACKER DIGEST RELEASED
https://www.2600.com/content/volume-38-hacker-digest-released
DEADLINE FOR SUBMITTING HOPE TALK PROPOSALS IS MAY 31, 2022!
https://www.2600.com/content/deadline-submitting-hope-talk-proposals-may-31-2022
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
A week in security (May 16 – 22)
https://blog.malwarebytes.com/a-week-in-security/2022/05/a-week-in-security-may-16-22/
Canada's ban on Huawei and ZTE. Ransomware task forces. NSF advocates threat intelligence sharing.
https://thecyberwire.com/newsletters/policy-briefing/4/99
Data protection concerns spike as states get ready to outlaw abortion
https://www.csoonline.com/article/3661689/data-protection-concerns-spike-as-states-get-ready-to-outlaw-abortion.html#tk.rss_all
Hiding MSFVENOM Payloads in USB NIC EEPROM
https://www.reddit.com/r/netsec/comments/uw4feh/hiding_msfvenom_payloads_in_usb_nic_eeprom/
ISC StormCast for Tuesday, May 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8020
mx-takeover focuses DNS MX records and detects misconfigured MX records.
https://www.reddit.com/r/netsec/comments/uw2s73/mxtakeover_focuses_dns_mx_records_and_detects/
Beneath the surface: Uncovering the shift in web skimming
https://www.reddit.com/r/netsec/comments/uw42x0/beneath_the_surface_uncovering_the_shift_in_web/
Cyber developments in Russia's hybrid war against Ukraine. Conti's dissolution.
https://thecyberwire.com/newsletters/daily-briefing/11/99
VOLUME 38 OF THE HACKER DIGEST RELEASED
https://www.2600.com/content/volume-38-hacker-digest-released
DEADLINE FOR SUBMITTING HOPE TALK PROPOSALS IS MAY 31, 2022!
https://www.2600.com/content/deadline-submitting-hope-talk-proposals-may-31-2022
Follow Top Cyber News on https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes Labs
A week in security (May 16 – 22)
The most important and interesting computer security stories from the last seven days.