Top Security News for 08/04/2023

US officials testify against TikTok before the House. Should the US follow in Australia’s cybersecurity footsteps? CISA director warns about the dangers of AI.
https://thecyberwire.com/newsletters/policy-briefing/5/67

I Went to Maggie Rogers' Ticketmasterless, In-Person Presale
https://www.vice.com/en_us/article/7kx9nq/i-went-to-maggie-rogers-ticketmasterless-in-person-presale

MERCURY and DEV-1084: Destructive attack on hybrid environment
https://www.microsoft.com/en-us/security/blog/2023/04/07/mercury-and-dev-1084-destructive-attack-on-hybrid-environment/

Microsoft aims at stopping cybercriminals from using cracked copies of Cobalt Strike
https://securityaffairs.com/144537/hacking/microsoft-vs-cracked-copies-cobalt-strike.html

Researchers Uncover Thriving Phishing Kit Market on Telegram Channels
https://thehackernews.com/2023/04/researchers-uncover-thriving-phishing.html

Apple Releases Updates to Address Zero-Day Flaws in iOS, iPadOS, macOS, and Safari
https://thehackernews.com/2023/04/apple-releases-updates-to-address-zero.html

Genymotion – Proxying Android App Traffic Through Burp Suite | Cameron Cartier
https://malware.news/t/genymotion-proxying-android-app-traffic-through-burp-suite-cameron-cartier/68565#post_1

Your Ultimate Wiki for Learning INFOSEC & Pentesting
https://0x00sec.org/t/your-ultimate-wiki-for-learning-infosec-pentesting/34389

Pentagon’s Ukraine War Plans Leaked on Minecraft Discord Before Telegram and Twitter
https://www.vice.com/en_us/article/pkadnb/pentagons-ukraine-war-plans-leaked-on-minecraft-discord-before-telegram-and-twitter

U.K.'s ACRO investigating cybersecurity incident
https://malware.news/t/u-k-s-acro-investigating-cybersecurity-incident/68568#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 09/04/2023

CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/144561/security/veritas-backup-exec-known-exploited-vulnerabilities-catalog.html

advanced malware analysis at OMSCS Georgia Tech
https://www.reddit.com/r/Malware/comments/12foygx/advanced_malware_analysis_at_omscs_georgia_tech/

Security Challenges in Cloud Computing
https://0x00sec.org/t/security-challenges-in-cloud-computing/34416

Karen Worstell: Keep your feet planted. [Strategy]
https://thecyberwire.com/podcasts/career-notes/144/notes

Vulnerable version of WordPress that is provided monthly.
https://www.reddit.com/r/netsec/comments/12fljhg/vulnerable_version_of_wordpress_that_is_provided/

Update: dnsresolver.py Version 0.0.3
https://malware.news/t/update-dnsresolver-py-version-0-0-3/68574#post_1

Using Python to Operate in EDR blind spots
https://www.reddit.com/r/netsec/comments/12fmhya/using_python_to_operate_in_edr_blind_spots/

Iran-Based Hackers Caught Carrying Out Destructive Attacks Under Ransomware Guise
https://thehackernews.com/2023/04/iran-based-hackers-caught-carrying-out.html

Nonsense, mayhem, SameSite, cors and CSRF - Part 2
https://www.reddit.com/r/netsec/comments/12fgng7/nonsense_mayhem_samesite_cors_and_csrf_part_2/

🚀 Cilium Tetragon - eBPF-based Security Observability and Runtime Enforcement in Kubernetes Goat 🐐
https://www.reddit.com/r/netsec/comments/12fukqz/cilium_tetragon_ebpfbased_security_observability/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 10/04/2023

ISC Stormcast For Monday, April 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8446, (Mon, Apr 10th)
https://malware.news/t/isc-stormcast-for-monday-april-10th-2023-https-isc-sans-edu-podcastdetail-html-id-8446-mon-apr-10th/68577#post_1

ISC Stormcast For Monday, April 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8446, (Mon, Apr 10th)
https://isc.sans.edu/diary/rss/29732

Researchers disclose critical sandbox escape bug in vm2 sandbox library
https://securityaffairs.com/144582/hacking/vm2-rce-sandbox-escape.html

Securing Kubernetes Clusters using Kyverno Policy Engine - New Kubernetes Goat Scenario 🚀
https://www.reddit.com/r/netsec/comments/12gov4l/securing_kubernetes_clusters_using_kyverno_policy/

3CX DesktopApp Supply Chain Attack Also Detected in Korea
https://malware.news/t/3cx-desktopapp-supply-chain-attack-also-detected-in-korea/68576#post_1

Catching Threat Actors using honeypots
https://www.reddit.com/r/netsec/comments/12h2j8x/catching_threat_actors_using_honeypots/

CISA Warns of 5 Actively Exploited Security Flaws: Urgent Action Required
https://thehackernews.com/2023/04/cisa-warns-of-5-actively-exploited.html

Opinion: Time is crucial when building secure components or infrastructures
https://diablohorn.com/2023/04/09/opinion-time-is-crucial-when-building-secure-components-or-infrastructures/

Cybercrime: be careful what you tell your chatbot helper…
https://www.theguardian.com/technology/2023/apr/09/cybercrime-chatbot-privacy-security-helper-chatgpt-google-bard-microsoft-bing-chat

Extracting Insights from Data: How to Build a Metadata Scraper for Digital Forensics (In Python)
https://0x00sec.org/t/extracting-insights-from-data-how-to-build-a-metadata-scraper-for-digital-forensics-in-python/34436


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 11/04/2023

hunt forward operations (noun)
https://thecyberwire.com/podcasts/word-notes/143/notes

Leaked Classified Documents Also Include Roleplaying Game Character Stats
https://www.vice.com/en_us/article/ak3d5z/leaked-classified-documents-also-include-roleplaying-game-character-stats

Ukraine at D+410: Static, sanguinary lines.
https://thecyberwire.com/stories/0f5fbff2ed65489c95cc4c972570127f/ukraine-at-d410

A look at Iran’s MERCURY APT. Updates on Russia's hybrid war, including some apparent leaks and some apparent doxing. And notes on cloud security trends.
https://thecyberwire.com/podcasts/daily-podcast/1798/notes

Firewalls and Internet Security: Repelling the Wily Hacker -- now released under a Creative Commons license
https://www.reddit.com/r/netsec/comments/12i2vdz/firewalls_and_internet_security_repelling_the/

Samsung employees leak company data on ChatGPT. Update on Queensland University of Technology attack.
https://thecyberwire.com/podcasts/privacy-briefing/504/notes

CISA adds zero-day bugs in iPhones, Macs, and iPads to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/144638/security/apple-flaws-cisa-known-exploited-vulnerabilities-catalog.html

Hacking play-to-earn blockchain games: The case of Manarium
https://www.reddit.com/r/netsec/comments/12hnwmm/hacking_playtoearn_blockchain_games_the_case_of/

BrandPost: Evolving identity and permissions management for the multicloud world
https://www.csoonline.com/article/3693111/evolving-identity-and-permissions-management-for-the-multicloud-world.html#tk.rss_all

What is the true potential impact of artificial intelligence on cybersecurity?
https://www.csoonline.com/article/3692868/what-is-artificial-intelligence-s-true-potential-impact-on-cybersecurity.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 12/04/2023

As the west tries to limit TikTok’s reach, what about China’s other apps?
https://www.theguardian.com/technology/2023/apr/12/tiktok-china-apps-national-security-wechat-shein

Iranian APT group launches destructive attacks in hybrid Azure AD environments
https://www.csoonline.com/article/3692918/iranian-apt-group-launches-destructive-attacks-in-hybrid-azure-ad-environments.html#tk.rss_all

ZeroFox partners with Google Cloud to warn users against phishing domains
https://www.csoonline.com/article/3693016/zerofox-partners-with-google-cloud-to-warn-users-against-phishing-domains.html#tk.rss_all

Awesome Hacker Search Engines
https://www.reddit.com/r/netsec/comments/12in7ew/awesome_hacker_search_engines/

Top 10 Most Useful Pentesting tools
https://0x00sec.org/t/top-10-most-useful-pentesting-tools/34472

Why reporting an incident only makes the cybersecurity community stronger
https://www.csoonline.com/article/3692815/why-reporting-an-incident-only-makes-the-cybersecurity-community-stronger.html#tk.rss_all

Security Alert: Microsoft Releases April 2023 Security Updates
https://malware.news/t/security-alert-microsoft-releases-april-2023-security-updates/68664#post_1

Microsoft April 2023 Patch Tuesday, (Tue, Apr 11th)
https://isc.sans.edu/diary/rss/29736

Stowaway -- Multi-hop Proxy Tool for pentesters
https://www.reddit.com/r/netsec/comments/12hh8ve/stowaway_multihop_proxy_tool_for_pentesters/

Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign
https://www.microsoft.com/en-us/security/blog/2023/04/11/guidance-for-investigating-attacks-using-cve-2022-21894-the-blacklotus-campaign/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 13/04/2023

An emperical and practical guide to LLM hacking
https://www.reddit.com/r/netsec/comments/12jrurl/an_emperical_and_practical_guide_to_llm_hacking/

Why does it take so long for security teams to remediate vulnerabilities?
https://malware.news/t/why-does-it-take-so-long-for-security-teams-to-remediate-vulnerabilities/68702#post_1

Urgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit
https://thehackernews.com/2023/04/urgent-microsoft-issues-patches-for-97.html

Rooting a Common-Criteria Certified Printer to Improve OPSEC
https://www.reddit.com/r/netsec/comments/12jkjeq/rooting_a_commoncriteria_certified_printer_to/

AI Tasked With 'Destroying Humanity' Now 'Working on Control Over Humanity Through Manipulation'
https://www.vice.com/en_us/article/z3mxe3/ai-tasked-with-destroying-humanity-now-working-on-control-over-humanity-through-manipulation

[CVE-2023-21554] MSMQ (tcp/1801) Remote Code Execution (CVSS 9.8)
https://www.reddit.com/r/netsec/comments/12jet9f/cve202321554_msmq_tcp1801_remote_code_execution/

Addressing National Cyber Strategy.
https://thecyberwire.com/podcasts/caveat/168/notes

Following the Lazarus group by tracking DeathNote campaign
https://www.reddit.com/r/netsec/comments/12jnxa4/following_the_lazarus_group_by_tracking_deathnote/

Qakbot Being Distributed in Korea Through Email Hijacking
https://malware.news/t/qakbot-being-distributed-in-korea-through-email-hijacking/68698#post_1

Botconf 2023 Wrap-Up Day #1
https://blog.rootshell.be/2023/04/12/botconf-2023-wrap-up-day-1/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 14/04/2023

The FBI warns of juicejacking and other risks of public tech.
https://thecyberwire.com/stories/5cce3eded6df4a059dd9b383c4341b98/the-fbi-warns-of-juicejacking-and-other-risks-of-public-tech

Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign
https://thehackernews.com/2023/04/lazarus-hacker-group-evolves-tactics.html

Microsoft patches vulnerability used in Nokoyawa ransomware attacks
https://www.csoonline.com/article/3693351/microsoft-patches-vulnerability-used-in-nokoyawa-ransomware-attacks.html#tk.rss_all

Former TSB chief information officer fined £81,000 over IT meltdown in 2018
https://www.theguardian.com/business/2023/apr/13/former-tsb-bank-chief-information-officer-fined-2018

Dissecting threat intelligence lifecycle problems
https://www.csoonline.com/article/3692921/dissecting-threat-intelligence-lifecycle-problems.html#tk.rss_all

4 strategies to help reduce the risk of DNS tunneling
https://www.csoonline.com/article/3692876/4-strategies-to-help-reduce-the-risk-of-dns-tunneling.html#tk.rss_all

ShmooCon 2023 Conference Videos
https://www.reddit.com/r/netsec/comments/12kr8ha/shmoocon_2023_conference_videos/

HTTP: What's Left of it and the OCSP Problem, (Thu, Apr 13th)
https://isc.sans.edu/diary/rss/29744

WhatsApp adds key transparency for all users to strengthen the security of end-to-end encrypted messaging
https://www.reddit.com/r/netsec/comments/12kojo2/whatsapp_adds_key_transparency_for_all_users_to/

Cisco to offer Webex air-gapped cloud system for security, defense work
https://www.computerworld.com/article/3693449/cisco-to-offer-webex-air-gapped-cloud-system-for-security-defense-work.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 15/04/2023

Detection Methods: Do You Know Where Your Credentials are?
https://securityintelligence.com/posts/detection-methods-do-you-know-where-your-credentials-are/

Lost in ChatGPT's memories: escaping ChatGPT-3.5 memory issues to write CVE PoCs
https://www.reddit.com/r/netsec/comments/12menep/lost_in_chatgpts_memories_escaping_chatgpt35/

Is AI being used for virtual kidnapping scams?
https://malware.news/t/is-ai-being-used-for-virtual-kidnapping-scams/68761#post_1

Escalating file write into RCE in Python
https://www.reddit.com/r/netsec/comments/12lplzy/escalating_file_write_into_rce_in_python/

"Read the Manual" and the ransomware-as-a-service market. Bitter APT against energy companies. Cozy Bear sighting. Hacktivist auxiliaries hit Canadian targets. Aan arrest in the Discord Papers case.
https://thecyberwire.com/podcasts/daily-podcast/1802/notes

PCI DSS reporting details to ensure when contracting quarterly CDE tests
https://malware.news/t/pci-dss-reporting-details-to-ensure-when-contracting-quarterly-cde-tests/68759#post_1

A cyberattack on the Cornwall Community Hospital in Ontario is causing treatment delays
https://securityaffairs.com/144811/cyber-crime/cyberattack-cornwall-community-hospital-ontario.html

uni-due-syssec/efcf-framework: Extremely Fast smart Contract Fuzzing
https://www.reddit.com/r/netsec/comments/12m8bqa/uniduesyssecefcfframework_extremely_fast_smart/

Google fixed the first Chrome zero-day of 2023
https://securityaffairs.com/144805/security/google-chrome-zero-day-2023.html

Botconf 2023 Wrap-Up Day #3
https://malware.news/t/botconf-2023-wrap-up-day-3/68764#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 16/04/2023

Own a Windows Keyboard
https://0x00sec.org/t/own-a-windows-keyboard/34534

Can we find the WannaCry source code?
https://0x00sec.org/t/can-we-find-the-wannacry-source-code/34528

The Proposal of Chat-GPT for an “AI Guardian” to Protect Privacy in Legal Cases
https://malware.news/t/the-proposal-of-chat-gpt-for-an-ai-guardian-to-protect-privacy-in-legal-cases/68765#post_1

Mandiant’s new solution allows exposure hunting for a proactive defense
https://www.csoonline.com/article/3693452/mandiants-new-solution-allows-exposure-hunting-for-a-proactive-defense.html#tk.rss_all

Remote Code Execution Vulnerability in Google They Are Not Willing To Fix
https://www.reddit.com/r/netsec/comments/12mtclt/remote_code_execution_vulnerability_in_google/

Vulnerability scanner for AWS customer-managed policies using ChatGPT w/ built-in account redaction.
https://www.reddit.com/r/netsec/comments/12nsrz1/vulnerability_scanner_for_aws_customermanaged/

Siemens Metaverse exposes sensitive corporate data
https://securityaffairs.com/144832/security/siemens-metaverse-data-leak.html

New Android malicious library Goldoson found in 60 apps +100M downloads
https://securityaffairs.com/144838/malware/goldoson-malicious-library-google-play.html

Jack Chapman: Shielding against the bad guys. [Threat Intelligence]
https://thecyberwire.com/podcasts/career-notes/145/notes

CISA adds bugs in Android and Novi Survey to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/144822/security/android-flaws-cisa-known-exploited-vulnerabilities-catalog.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 17/04/2023

10th April – Threat Intelligence Report
https://malware.news/t/10th-april-threat-intelligence-report/68768#post_1

IDA Memory Snapshot - Amadey Malware Unpacking & Initterm Poisoning
https://malware.news/t/ida-memory-snapshot-amadey-malware-unpacking-initterm-poisoning/68766#post_1

Australians report record $3.1bn losses to scams, with real amount even higher, ACCC says
https://www.theguardian.com/australia-news/2023/apr/17/australians-report-record-31bn-losses-to-scams-with-real-amount-even-higher-accc-says

NCR was the victim of BlackCat/ALPHV ransomware gang
https://securityaffairs.com/144866/cyber-crime/ncr-blackcat-alphv-ransomware.html

Security Affairs newsletter Round 415 by Pierluigi Paganini – International edition
https://securityaffairs.com/144863/breaking-news/security-affairs-newsletter-round-415-by-pierluigi-paganini.html

Could any of you be a hacker and not tell a soul?
https://0x00sec.org/t/could-any-of-you-be-a-hacker-and-not-tell-a-soul/34548

Trigona Ransomware Attacking MS-SQL Servers
https://malware.news/t/trigona-ransomware-attacking-ms-sql-servers/68771#post_1

WorLLMs
https://www.reddit.com/r/netsec/comments/12o1x14/worllms/

ISC Stormcast For Monday, April 17th, 2023 https://isc.sans.edu/podcastdetail.html?id=8456, (Mon, Apr 17th)
https://malware.news/t/isc-stormcast-for-monday-april-17th-2023-https-isc-sans-edu-podcastdetail-html-id-8456-mon-apr-17th/68770#post_1

Additional Activities of the Tick Group That Attacks with a Modified Q-Dir and Their Ties with Operation Triple Tiang
https://malware.news/t/additional-activities-of-the-tick-group-that-attacks-with-a-modified-q-dir-and-their-ties-with-operation-triple-tiang/68772#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 18/04/2023

Israeli Spyware Vendor QuaDream to Shut Down Following Citizen Lab and Microsoft Expose
https://thehackernews.com/2023/04/israeli-spyware-vendor-quadream-to-shut.html

A Practical, AI-Generated Phishing PoC with ChatGPT
https://www.reddit.com/r/netsec/comments/12ps1zb/a_practical_aigenerated_phishing_poc_with_chatgpt/

Woman tracks down and turns table on Airbnb scammer
https://www.malwarebytes.com/blog/news/2023/04/woman-tracks-down-and-turns-table-on-airbnb-scammer

ASEC Weekly Malware Statistics (April 10th, 2023 – April 16th, 2023)
https://malware.news/t/asec-weekly-malware-statistics-april-10th-2023-april-16th-2023/68806#post_1

Ransomware in Germany, April 2022 – March 2023
https://www.malwarebytes.com/blog/threat-intelligence/2023/04/ransomware-review-germany

Vice Society Ransomware Using Stealthy PowerShell Tool for Data Exfiltration
https://thehackernews.com/2023/04/vice-society-ransomware-using-stealthy.html

Developments in the Discord Papers, including notes on influencers and why they seek influence. Tax season scams. KillNet’s selling, but is anyone buying?
https://thecyberwire.com/podcasts/daily-podcast/1803/notes

Hey, I wrote a GCP pentesting guide, check it out if you are interested in cloud security and please lmk your thoughts. Appreciate it.
https://www.reddit.com/r/netsec/comments/12prarf/hey_i_wrote_a_gcp_pentesting_guide_check_it_out/

Security Operations Center (SOC) (noun)
https://thecyberwire.com/podcasts/word-notes/144/notes

7 cybersecurity mindsets that undermine practitioners and how to avoid them
https://www.csoonline.com/article/3693255/7-cybersecurity-mindsets-that-undermine-practitioners-and-how-to-avoid-them.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 27/04/2023

Cyber Risk Quantification, Level 6 Cybersecurity, & Intel Briefing
https://thecyberwire.com/podcasts/rh-isac/26/notes

VMware Releases Critical Patches for Workstation and Fusion Software
https://thehackernews.com/2023/04/vmware-releases-critical-patches-for.html

ISC Stormcast For Thursday, April 27th, 2023 https://isc.sans.edu/podcastdetail.html?id=8472, (Thu, Apr 27th)
https://malware.news/t/isc-stormcast-for-thursday-april-27th-2023-https-isc-sans-edu-podcastdetail-html-id-8472-thu-apr-27th/69032#post_1

How AIoT Will Reshape the Security Industry in 2023
https://securityintelligence.com/articles/how-aiot-will-reshape-security-2023/

Iranian cyberspies deploy new malware implant on Microsoft Exchange Servers
https://www.csoonline.com/article/3694850/iranian-cyberspies-deploy-new-malware-implant-on-microsoft-exchange-servers.html#tk.rss_all

Avast detected some harmful apps.
https://www.reddit.com/r/Malware/comments/130agyn/avast_detected_some_harmful_apps/

Fake Flipper Zero sellers are after your money
https://www.malwarebytes.com/blog/news/2023/04/fake-flipper-zero-sellers-are-after-your-money

Chinese Hackers Using MgBot Malware to Target International NGOs in Mainland China
https://thehackernews.com/2023/04/chinese-hackers-using-mgbot-malware-to.html

Threat Actor Selling New Atomic macOS (AMOS) Stealer on Telegram
https://www.reddit.com/r/Malware/comments/12zz7x6/threat_actor_selling_new_atomic_macos_amos/

Palantir Demos AI to Fight Wars But Says It Will Be Totally Ethical Don’t Worry About It
https://www.vice.com/en_us/article/qjvb4x/palantir-demos-ai-to-fight-wars-but-says-it-will-be-totally-ethical-dont-worry-about-it


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 28/04/2023

Android greybox fuzzing with AFL++ Frida mode
https://www.reddit.com/r/netsec/comments/130uxye/android_greybox_fuzzing_with_afl_frida_mode/

User impersonation via stolen UUID code in KeyCloak (CVE-2023-0264)
https://www.reddit.com/r/netsec/comments/130km04/user_impersonation_via_stolen_uuid_code_in/

RTM Locker's First Linux Ransomware Strain Targeting NAS and ESXi Hosts
https://thehackernews.com/2023/04/rtm-lockers-first-linux-ransomware.html

Zero Trust Data Security: It’s Time To Make the Shift
https://securityintelligence.com/articles/zero-trust-data-security-time-to-shift/

ISC StormCast for Friday, April 28th, 2023
https://isc.sans.edu/podcastdetail.html?id=8474

API and application attacks rising: Akamai.
https://thecyberwire.com

ISC Stormcast For Friday, April 28th, 2023 https://isc.sans.edu/podcastdetail.html?id=8474, (Fri, Apr 28th)
https://isc.sans.edu/diary/rss/29786

Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware
https://thehackernews.com/2023/04/microsoft-confirms-papercut-servers.html

Why you should practice rollbacks to prevent data loss in a ransomware attack
https://www.microsoft.com/en-us/security/blog/2023/04/27/why-you-should-practice-rollbacks-to-prevent-data-loss-in-a-ransomware-attack/

Smash PostScript Interpreters Using a Syntax-Aware Fuzzer
https://www.reddit.com/r/netsec/comments/130fg5s/smash_postscript_interpreters_using_a_syntaxaware/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 29/04/2023

Why Your Detection-First Security Approach Isn't Working
https://thehackernews.com/2023/04/why-your-detection-first-security.html

CVE-2022-37955: Vulnerability in Microsoft Windows Group Policy Updates Leads to Improper Link Resolution Before File Access (Privilege Escalation CWE-59)
https://www.reddit.com/r/netsec/comments/131mes1/cve202237955_vulnerability_in_microsoft_windows/

Attacks On PaperCut Servers Tied To Ransomware Groups
https://packetstormsecurity.com/news/view/34561/Attacks-On-PaperCut-Servers-Tied-To-Ransomware-Groups.html

Chinese Alloy Taurus Updates PingPull Malware
https://www.reddit.com/r/netsec/comments/131qxn8/chinese_alloy_taurus_updates_pingpull_malware/

What’s now being traded in the C2C markets. CISA would like comments on its software self-attestation form. And in Russia’s hybrid war, are there cyber war crimes, or real hacktivists?
https://thecyberwire.com/podcasts/daily-podcast/1812/notes

State of DNS Rebinding in 2023
https://www.reddit.com/r/netsec/comments/132ewi3/state_of_dns_rebinding_in_2023/

The UN's new cybercrime treaty raises human rights concerns. How China's new counter-espionage law could impact cyber business.
https://thecyberwire.com/newsletters/policy-briefing/5/82

CISA Warns of Critical Flaws in Illumina's DNA Sequencing Instruments
https://thehackernews.com/2023/04/cisa-warns-of-critical-flaws-in.html

LockBit and Cl0p ransomware gangs actively exploiting Papercut vulnerabilities
https://www.malwarebytes.com/blog/news/2023/04/lockbit-and-cl0p-are-actively-exploiting-papercut-vulnerabilities

Breach roundup. Hackers steal more than hearts.
https://thecyberwire.com/podcasts/privacy-briefing/517/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 01/05/2023

ISC StormCast for Monday, May 1st, 2023
https://isc.sans.edu/podcastdetail.html?id=8476

Update: zipdump.py Version 0.0.25
https://malware.news/t/update-zipdump-py-version-0-0-25/69074#post_1

Cybersecurity in space: not as far out as you’d think.
https://thecyberwire.com/stories/b4e997c1d2364e1180242df611d9c2a7/cybersecurity-in-space-not-as-far-out-as-youd-think

ISC Stormcast For Monday, May 1st, 2023 https://isc.sans.edu/podcastdetail.html?id=8476, (Mon, May 1st)
https://isc.sans.edu/diary/rss/29796

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition
https://securityaffairs.com/145479/breaking-news/security-affairs-newsletter-round-417.html

Elastic Security Labs discovers the LOBSHOT malware
https://www.reddit.com/r/Malware/comments/133nj1u/elastic_security_labs_discovers_the_lobshot/

Perry Carpenter: Turning composition into computing. [Strategy]
https://thecyberwire.com/podcasts/career-notes/147/notes

SANS.edu Research Journal Volume 3 Released into the Wild. https://www.sans.edu/cyber-security-research @sans_edu #cybersecurity #research, (Sun, Apr 30th)
https://malware.news/t/sans-edu-research-journal-volume-3-released-into-the-wild-https-www-sans-edu-cyber-security-research-x40-sans-x5f-edu-cybersecurity-research-sun-apr-30th/69076#post_1

Sharing a tool I developed to help Blue Teamers discover Persistence on Windows - please check it out!
https://www.reddit.com/r/netsec/comments/133s5h6/sharing_a_tool_i_developed_to_help_blue_teamers/

Crooks broke into AT&T email accounts to empty their cryptocurrency wallets
https://securityaffairs.com/145508/hacking/att-email-accounts-hacked.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 02/05/2023

Azure DevOps CICD Pipelines - Command Injection with Parameters, Variables and a discussion on Runner hijacking
https://www.reddit.com/r/netsec/comments/134gv4v/azure_devops_cicd_pipelines_command_injection/

Is misinformation the newest malware?
https://www.csoonline.com/article/3695014/is-misinformation-the-newest-malware.html#tk.rss_all

APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails
https://thehackernews.com/2023/05/apt28-targets-ukrainian-government.html

A week in security (April 24 -30)
https://malware.news/t/a-week-in-security-april-24-30/69096#post_1

Ukraine Is Now Using Steam Decks to Control Machine Gun Turrets
https://www.vice.com/en_us/article/5d9g9z/ukraine-is-now-using-steam-decks-to-control-machine-gun-turrets

1st May – Threat Intelligence Report
https://malware.news/t/1st-may-threat-intelligence-report/69098#post_1

The hidden security risks in tech layoffs and how to mitigate them
https://www.csoonline.com/article/3695070/the-hidden-security-risks-in-tech-layoffs-and-how-to-mitigate-them.html#tk.rss_all

Get in the game for your next leadership opportunity.
https://thecyberwire.com/stories/d974309ec4264b5f9c79711cc64459a4/get-in-the-game-for-your-next-leadership-opportunity

What does ChatGPT know about phishing?
https://securelist.com/chatgpt-anti-phishing/109590/

FDA warns of biomed device vulnerability. Ransomware's effects continue at US Marshals Service fugitive tracking. US DoJ shifts to disruption of cybercrime. GRU phishing. KillNet’s ask-me-anything.
https://thecyberwire.com/podcasts/daily-podcast/1813/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 03/05/2023

ISC Stormcast For Wednesday, May 3rd, 2023 https://isc.sans.edu/podcastdetail.html?id=8480, (Wed, May 3rd)
https://malware.news/t/isc-stormcast-for-wednesday-may-3rd-2023-https-isc-sans-edu-podcastdetail-html-id-8480-wed-may-3rd/69130#post_1

Ransomware recovery still underway at US Marshals Service
https://malware.news/t/ransomware-recovery-still-underway-at-us-marshals-service/69136#post_1

Rationalizing Your Hybrid Cloud Security Tools
https://securityintelligence.com/posts/rationalizing-your-hybrid-cloud-security-tools/

Veza releases access security, governance solution for SaaS applications
https://www.csoonline.com/article/3694897/veza-releases-access-security-governance-solution-for-saas-applications.html#tk.rss_all

Three Thoughts On The OT Security Workforce
https://dale-peterson.com/2023/05/02/three-thoughts-on-ot-security-workforce/?utm_source=rss&utm_medium=rss&utm_campaign=three-thoughts-on-ot-security-workforce

Windows devices under attack from novel LOBSHOT malware
https://malware.news/t/windows-devices-under-attack-from-novel-lobshot-malware/69131#post_1

Databricks platform root privilege escalation and bypassing cluster isolation
https://www.reddit.com/r/netsec/comments/135kulv/databricks_platform_root_privilege_escalation_and/

Over 500K devices compromised in malverposting campaign
https://malware.news/t/over-500k-devices-compromised-in-malverposting-campaign/69135#post_1

North Korea's ScarCruft Deploys RokRAT Malware via LNK File Infection Chains
https://thehackernews.com/2023/05/north-koreas-scarcruft-deploys-rokrat.html

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/02-05-2023


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 04/05/2023

The AI message at RSAC was long on hype and short on specifics
https://malware.news/t/the-ai-message-at-rsac-was-long-on-hype-and-short-on-specifics/69196#post_1

Reverse engineering tricks: identifying opaque network protocols
https://www.reddit.com/r/netsec/comments/136n7bg/reverse_engineering_tricks_identifying_opaque/

Operation SpecTor: $53.4 Million Seized, 288 Vendors Arrested in Dark Web Drug Bust
https://thehackernews.com/2023/05/operation-spector-534-million-seized.html

Infostealer Embedded in a Word Document, (Thu, May 4th)
https://malware.news/t/infostealer-embedded-in-a-word-document-thu-may-4th/69197#post_1

Google rolls out passkey support across accounts on all major platforms
https://www.csoonline.com/article/3695173/google-rolls-out-passkey-support-across-accounts-on-all-major-platforms.html#tk.rss_all

GPT-4 Can’t Replace Striking TV Writers, But Studios Are Going to Try
https://www.vice.com/en_us/article/pkap3m/gpt-4-cant-replace-striking-tv-writers-but-studios-are-going-to-try

Forrester names Microsoft a Leader in 2023 Infrastructure-as-a-Service Platform Native Security report
https://www.microsoft.com/en-us/security/blog/2023/05/03/forrester-names-microsoft-a-leader-in-2023-infrastructure-as-a-service-platform-native-security-report/

Vulnerability Spotlight: Vulnerabilities in IBM AIX could lead to command injection with elevated privileges
https://www.reddit.com/r/netsec/comments/136qw54/vulnerability_spotlight_vulnerabilities_in_ibm/

Your approach to efficient security compliance.
https://thecyberwire.com/podcasts/caveat/170/notes

Create slackbot using slack bolt API and Node.js
https://malware.news/t/create-slackbot-using-slack-bolt-api-and-node-js/69195#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 05/05/2023

White House unveils AI rules to address safety and privacy
https://www.computerworld.com/article/3695731/white-house-unveils-ai-rules-to-address-safety-and-privacy.html#tk.rss_all

ISC Stormcast For Friday, May 5th, 2023 https://isc.sans.edu/podcastdetail.html?id=8484, (Fri, May 5th)
https://malware.news/t/isc-stormcast-for-friday-may-5th-2023-https-isc-sans-edu-podcastdetail-html-id-8484-fri-may-5th/69237#post_1

Cisco Warns of Vulnerability in Popular Phone Adapter, Urges Migration to Newer Model
https://thehackernews.com/2023/05/cisco-warns-of-vulnerability-in-popular.html

Introducing SpiderSuite: Advance web security crawler
https://www.reddit.com/r/netsec/comments/137kbsj/introducing_spidersuite_advance_web_security/

How Microsoft can help you go passwordless this World Password Day
https://www.microsoft.com/en-us/security/blog/2023/05/04/how-microsoft-can-help-you-go-passwordless-this-world-password-day/

RansomHouse attack compromises AvidXchange
https://malware.news/t/ransomhouse-attack-compromises-avidxchange/69235#post_1

Not quite an Easter egg: a new family of Trojan subscribers on Google Play
https://securelist.com/fleckpe-a-new-family-of-trojan-subscribers-on-google-play/109643/

Verified Twitter Accounts Spread Misinfo About Imminent Nuclear Strike
https://www.vice.com/en_us/article/wxjd4y/verified-twitter-accounts-spread-misinfo-about-imminent-nuclear-strike

Researchers Discover 3 Vulnerabilities in Microsoft Azure API Management Service
https://thehackernews.com/2023/05/researchers-discover-3-vulnerabilities.html

ISC Stormcast For Friday, May 5th, 2023 https://isc.sans.edu/podcastdetail.html?id=8484, (Fri, May 5th)
https://isc.sans.edu/diary/rss/29812


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 06/05/2023

BrandPost: Effective Security Relies on Effective Communication
https://www.csoonline.com/article/3695848/effective-security-relies-on-effective-communication.html#tk.rss_all

Why Robot Vacuums Have Cameras (and What to Know About Them)
https://securityintelligence.com/articles/why-robot-vacuums-have-cameras-what-to-know/

Apple releases first Rapid Security Response update for iOS, iPadOS, and macOS users
https://malware.news/t/apple-releases-first-rapid-security-response-update-for-ios-ipados-and-macos-users/69270#post_1

Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit DrIBAN
https://thehackernews.com/2023/05/hackers-targeting-italian-corporate.html

New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks
https://thehackernews.com/2023/05/new-vulnerability-in-popular-wordpress.html

Redash SAML Authentication Bypass
https://www.reddit.com/r/netsec/comments/138gg7h/redash_saml_authentication_bypass/

Google launches entry-level cybersecurity certificate to teach threat detection skills
https://www.csoonline.com/article/3695575/google-launches-entry-level-cybersecurity-certificate-to-teach-threat-detection-skills.html#tk.rss_all

N. Korean Kimsuky Hackers Using New Recon Tool ReconShark in Latest Cyberattacks
https://thehackernews.com/2023/05/n-korean-kimsuky-hackers-using-new.html

Newspaper evades Russian censors, hides news in Counter-Strike map
https://www.malwarebytes.com/blog/news/2023/05/evading-russian-media-restrictions-with-custom-video-game-maps

Phishing campaign takes the energy out of Chinese nuclear industry.
https://thecyberwire.com/podcasts/research-saturday/280/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 07/05/2023

Google and Apple cooperate to address unwanted tracking
https://malware.news/t/google-and-apple-cooperate-to-address-unwanted-tracking/69279#post_1

FBI seized other domains used by the shadow eBook library Z-Library
https://securityaffairs.com/145854/cyber-crime/z-library-domains-seized.html

Google and Apple cooperate to address unwanted tracking
https://www.malwarebytes.com/blog/news/2023/05/google-and-apple-take-initiative-to-address-unwanted-tracking

Cookie Bugs - Smuggling & Injection
https://www.reddit.com/r/netsec/comments/139h4hd/cookie_bugs_smuggling_injection/

I created a GitHub repo for learning application security from scratch. It's perfect for beginners and includes a comprehensive list of reference links. But it's not complete yet! Contributors are welcome to add more details.
https://www.reddit.com/r/netsec/comments/139xxiv/i_created_a_github_repo_for_learning_application/

Dependabot Confusion: Gaining Access to Private GitHub Repositories using Dependabot
https://www.reddit.com/r/netsec/comments/139zv0d/dependabot_confusion_gaining_access_to_private/

Twitter confirmed that a security incident publicly exposed Circle tweets
https://securityaffairs.com/145865/social-networks/twitter-circle-security-incident.html

Twitter admits to ‘security incident’ involving Circles tweets
https://www.theguardian.com/technology/2023/may/06/twitter-admits-to-security-incident-involving-circles-tweets

Shelley Ma: The mystery behind cybersecurity. [Response Lead]
https://thecyberwire.com/podcasts/career-notes/148/notes

Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry
https://thehackernews.com/2023/05/dragon-breath-apt-group-using-double.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman