Top Security News for 11/04/2023
hunt forward operations (noun)
https://thecyberwire.com/podcasts/word-notes/143/notes
Leaked Classified Documents Also Include Roleplaying Game Character Stats
https://www.vice.com/en_us/article/ak3d5z/leaked-classified-documents-also-include-roleplaying-game-character-stats
Ukraine at D+410: Static, sanguinary lines.
https://thecyberwire.com/stories/0f5fbff2ed65489c95cc4c972570127f/ukraine-at-d410
A look at Iran’s MERCURY APT. Updates on Russia's hybrid war, including some apparent leaks and some apparent doxing. And notes on cloud security trends.
https://thecyberwire.com/podcasts/daily-podcast/1798/notes
Firewalls and Internet Security: Repelling the Wily Hacker -- now released under a Creative Commons license
https://www.reddit.com/r/netsec/comments/12i2vdz/firewalls_and_internet_security_repelling_the/
Samsung employees leak company data on ChatGPT. Update on Queensland University of Technology attack.
https://thecyberwire.com/podcasts/privacy-briefing/504/notes
CISA adds zero-day bugs in iPhones, Macs, and iPads to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/144638/security/apple-flaws-cisa-known-exploited-vulnerabilities-catalog.html
Hacking play-to-earn blockchain games: The case of Manarium
https://www.reddit.com/r/netsec/comments/12hnwmm/hacking_playtoearn_blockchain_games_the_case_of/
BrandPost: Evolving identity and permissions management for the multicloud world
https://www.csoonline.com/article/3693111/evolving-identity-and-permissions-management-for-the-multicloud-world.html#tk.rss_all
What is the true potential impact of artificial intelligence on cybersecurity?
https://www.csoonline.com/article/3692868/what-is-artificial-intelligence-s-true-potential-impact-on-cybersecurity.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
hunt forward operations (noun)
https://thecyberwire.com/podcasts/word-notes/143/notes
Leaked Classified Documents Also Include Roleplaying Game Character Stats
https://www.vice.com/en_us/article/ak3d5z/leaked-classified-documents-also-include-roleplaying-game-character-stats
Ukraine at D+410: Static, sanguinary lines.
https://thecyberwire.com/stories/0f5fbff2ed65489c95cc4c972570127f/ukraine-at-d410
A look at Iran’s MERCURY APT. Updates on Russia's hybrid war, including some apparent leaks and some apparent doxing. And notes on cloud security trends.
https://thecyberwire.com/podcasts/daily-podcast/1798/notes
Firewalls and Internet Security: Repelling the Wily Hacker -- now released under a Creative Commons license
https://www.reddit.com/r/netsec/comments/12i2vdz/firewalls_and_internet_security_repelling_the/
Samsung employees leak company data on ChatGPT. Update on Queensland University of Technology attack.
https://thecyberwire.com/podcasts/privacy-briefing/504/notes
CISA adds zero-day bugs in iPhones, Macs, and iPads to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/144638/security/apple-flaws-cisa-known-exploited-vulnerabilities-catalog.html
Hacking play-to-earn blockchain games: The case of Manarium
https://www.reddit.com/r/netsec/comments/12hnwmm/hacking_playtoearn_blockchain_games_the_case_of/
BrandPost: Evolving identity and permissions management for the multicloud world
https://www.csoonline.com/article/3693111/evolving-identity-and-permissions-management-for-the-multicloud-world.html#tk.rss_all
What is the true potential impact of artificial intelligence on cybersecurity?
https://www.csoonline.com/article/3692868/what-is-artificial-intelligence-s-true-potential-impact-on-cybersecurity.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
hunt forward operations (noun)
Defensive cyber operations carried out by U.S. Cyber Command's Cyber National Mission Force, CNMF at the request of allied nations.
Top Security News for 12/04/2023
As the west tries to limit TikTok’s reach, what about China’s other apps?
https://www.theguardian.com/technology/2023/apr/12/tiktok-china-apps-national-security-wechat-shein
Iranian APT group launches destructive attacks in hybrid Azure AD environments
https://www.csoonline.com/article/3692918/iranian-apt-group-launches-destructive-attacks-in-hybrid-azure-ad-environments.html#tk.rss_all
ZeroFox partners with Google Cloud to warn users against phishing domains
https://www.csoonline.com/article/3693016/zerofox-partners-with-google-cloud-to-warn-users-against-phishing-domains.html#tk.rss_all
Awesome Hacker Search Engines
https://www.reddit.com/r/netsec/comments/12in7ew/awesome_hacker_search_engines/
Top 10 Most Useful Pentesting tools
https://0x00sec.org/t/top-10-most-useful-pentesting-tools/34472
Why reporting an incident only makes the cybersecurity community stronger
https://www.csoonline.com/article/3692815/why-reporting-an-incident-only-makes-the-cybersecurity-community-stronger.html#tk.rss_all
Security Alert: Microsoft Releases April 2023 Security Updates
https://malware.news/t/security-alert-microsoft-releases-april-2023-security-updates/68664#post_1
Microsoft April 2023 Patch Tuesday, (Tue, Apr 11th)
https://isc.sans.edu/diary/rss/29736
Stowaway -- Multi-hop Proxy Tool for pentesters
https://www.reddit.com/r/netsec/comments/12hh8ve/stowaway_multihop_proxy_tool_for_pentesters/
Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign
https://www.microsoft.com/en-us/security/blog/2023/04/11/guidance-for-investigating-attacks-using-cve-2022-21894-the-blacklotus-campaign/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
As the west tries to limit TikTok’s reach, what about China’s other apps?
https://www.theguardian.com/technology/2023/apr/12/tiktok-china-apps-national-security-wechat-shein
Iranian APT group launches destructive attacks in hybrid Azure AD environments
https://www.csoonline.com/article/3692918/iranian-apt-group-launches-destructive-attacks-in-hybrid-azure-ad-environments.html#tk.rss_all
ZeroFox partners with Google Cloud to warn users against phishing domains
https://www.csoonline.com/article/3693016/zerofox-partners-with-google-cloud-to-warn-users-against-phishing-domains.html#tk.rss_all
Awesome Hacker Search Engines
https://www.reddit.com/r/netsec/comments/12in7ew/awesome_hacker_search_engines/
Top 10 Most Useful Pentesting tools
https://0x00sec.org/t/top-10-most-useful-pentesting-tools/34472
Why reporting an incident only makes the cybersecurity community stronger
https://www.csoonline.com/article/3692815/why-reporting-an-incident-only-makes-the-cybersecurity-community-stronger.html#tk.rss_all
Security Alert: Microsoft Releases April 2023 Security Updates
https://malware.news/t/security-alert-microsoft-releases-april-2023-security-updates/68664#post_1
Microsoft April 2023 Patch Tuesday, (Tue, Apr 11th)
https://isc.sans.edu/diary/rss/29736
Stowaway -- Multi-hop Proxy Tool for pentesters
https://www.reddit.com/r/netsec/comments/12hh8ve/stowaway_multihop_proxy_tool_for_pentesters/
Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign
https://www.microsoft.com/en-us/security/blog/2023/04/11/guidance-for-investigating-attacks-using-cve-2022-21894-the-blacklotus-campaign/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
the Guardian
As the west tries to limit TikTok’s reach, what about China’s other apps?
With government concerns over national security growing, Beijing’s influence over platforms such as WeChat and Shein could come under scrutiny
Top Security News for 13/04/2023
An emperical and practical guide to LLM hacking
https://www.reddit.com/r/netsec/comments/12jrurl/an_emperical_and_practical_guide_to_llm_hacking/
Why does it take so long for security teams to remediate vulnerabilities?
https://malware.news/t/why-does-it-take-so-long-for-security-teams-to-remediate-vulnerabilities/68702#post_1
Urgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit
https://thehackernews.com/2023/04/urgent-microsoft-issues-patches-for-97.html
Rooting a Common-Criteria Certified Printer to Improve OPSEC
https://www.reddit.com/r/netsec/comments/12jkjeq/rooting_a_commoncriteria_certified_printer_to/
AI Tasked With 'Destroying Humanity' Now 'Working on Control Over Humanity Through Manipulation'
https://www.vice.com/en_us/article/z3mxe3/ai-tasked-with-destroying-humanity-now-working-on-control-over-humanity-through-manipulation
[CVE-2023-21554] MSMQ (tcp/1801) Remote Code Execution (CVSS 9.8)
https://www.reddit.com/r/netsec/comments/12jet9f/cve202321554_msmq_tcp1801_remote_code_execution/
Addressing National Cyber Strategy.
https://thecyberwire.com/podcasts/caveat/168/notes
Following the Lazarus group by tracking DeathNote campaign
https://www.reddit.com/r/netsec/comments/12jnxa4/following_the_lazarus_group_by_tracking_deathnote/
Qakbot Being Distributed in Korea Through Email Hijacking
https://malware.news/t/qakbot-being-distributed-in-korea-through-email-hijacking/68698#post_1
Botconf 2023 Wrap-Up Day #1
https://blog.rootshell.be/2023/04/12/botconf-2023-wrap-up-day-1/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
An emperical and practical guide to LLM hacking
https://www.reddit.com/r/netsec/comments/12jrurl/an_emperical_and_practical_guide_to_llm_hacking/
Why does it take so long for security teams to remediate vulnerabilities?
https://malware.news/t/why-does-it-take-so-long-for-security-teams-to-remediate-vulnerabilities/68702#post_1
Urgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit
https://thehackernews.com/2023/04/urgent-microsoft-issues-patches-for-97.html
Rooting a Common-Criteria Certified Printer to Improve OPSEC
https://www.reddit.com/r/netsec/comments/12jkjeq/rooting_a_commoncriteria_certified_printer_to/
AI Tasked With 'Destroying Humanity' Now 'Working on Control Over Humanity Through Manipulation'
https://www.vice.com/en_us/article/z3mxe3/ai-tasked-with-destroying-humanity-now-working-on-control-over-humanity-through-manipulation
[CVE-2023-21554] MSMQ (tcp/1801) Remote Code Execution (CVSS 9.8)
https://www.reddit.com/r/netsec/comments/12jet9f/cve202321554_msmq_tcp1801_remote_code_execution/
Addressing National Cyber Strategy.
https://thecyberwire.com/podcasts/caveat/168/notes
Following the Lazarus group by tracking DeathNote campaign
https://www.reddit.com/r/netsec/comments/12jnxa4/following_the_lazarus_group_by_tracking_deathnote/
Qakbot Being Distributed in Korea Through Email Hijacking
https://malware.news/t/qakbot-being-distributed-in-korea-through-email-hijacking/68698#post_1
Botconf 2023 Wrap-Up Day #1
https://blog.rootshell.be/2023/04/12/botconf-2023-wrap-up-day-1/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: An emperical and practical guide to LLM hacking
Posted by u/alxjsn - 24 votes and 1 comment
Top Security News for 14/04/2023
The FBI warns of juicejacking and other risks of public tech.
https://thecyberwire.com/stories/5cce3eded6df4a059dd9b383c4341b98/the-fbi-warns-of-juicejacking-and-other-risks-of-public-tech
Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign
https://thehackernews.com/2023/04/lazarus-hacker-group-evolves-tactics.html
Microsoft patches vulnerability used in Nokoyawa ransomware attacks
https://www.csoonline.com/article/3693351/microsoft-patches-vulnerability-used-in-nokoyawa-ransomware-attacks.html#tk.rss_all
Former TSB chief information officer fined £81,000 over IT meltdown in 2018
https://www.theguardian.com/business/2023/apr/13/former-tsb-bank-chief-information-officer-fined-2018
Dissecting threat intelligence lifecycle problems
https://www.csoonline.com/article/3692921/dissecting-threat-intelligence-lifecycle-problems.html#tk.rss_all
4 strategies to help reduce the risk of DNS tunneling
https://www.csoonline.com/article/3692876/4-strategies-to-help-reduce-the-risk-of-dns-tunneling.html#tk.rss_all
ShmooCon 2023 Conference Videos
https://www.reddit.com/r/netsec/comments/12kr8ha/shmoocon_2023_conference_videos/
HTTP: What's Left of it and the OCSP Problem, (Thu, Apr 13th)
https://isc.sans.edu/diary/rss/29744
WhatsApp adds key transparency for all users to strengthen the security of end-to-end encrypted messaging
https://www.reddit.com/r/netsec/comments/12kojo2/whatsapp_adds_key_transparency_for_all_users_to/
Cisco to offer Webex air-gapped cloud system for security, defense work
https://www.computerworld.com/article/3693449/cisco-to-offer-webex-air-gapped-cloud-system-for-security-defense-work.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The FBI warns of juicejacking and other risks of public tech.
https://thecyberwire.com/stories/5cce3eded6df4a059dd9b383c4341b98/the-fbi-warns-of-juicejacking-and-other-risks-of-public-tech
Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign
https://thehackernews.com/2023/04/lazarus-hacker-group-evolves-tactics.html
Microsoft patches vulnerability used in Nokoyawa ransomware attacks
https://www.csoonline.com/article/3693351/microsoft-patches-vulnerability-used-in-nokoyawa-ransomware-attacks.html#tk.rss_all
Former TSB chief information officer fined £81,000 over IT meltdown in 2018
https://www.theguardian.com/business/2023/apr/13/former-tsb-bank-chief-information-officer-fined-2018
Dissecting threat intelligence lifecycle problems
https://www.csoonline.com/article/3692921/dissecting-threat-intelligence-lifecycle-problems.html#tk.rss_all
4 strategies to help reduce the risk of DNS tunneling
https://www.csoonline.com/article/3692876/4-strategies-to-help-reduce-the-risk-of-dns-tunneling.html#tk.rss_all
ShmooCon 2023 Conference Videos
https://www.reddit.com/r/netsec/comments/12kr8ha/shmoocon_2023_conference_videos/
HTTP: What's Left of it and the OCSP Problem, (Thu, Apr 13th)
https://isc.sans.edu/diary/rss/29744
WhatsApp adds key transparency for all users to strengthen the security of end-to-end encrypted messaging
https://www.reddit.com/r/netsec/comments/12kojo2/whatsapp_adds_key_transparency_for_all_users_to/
Cisco to offer Webex air-gapped cloud system for security, defense work
https://www.computerworld.com/article/3693449/cisco-to-offer-webex-air-gapped-cloud-system-for-security-defense-work.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
The FBI warns of juicejacking and other risks of public tech.
The FBI is warning against using public charging stations for fear of “juicejacking:” the introduction of malware via those ports.
Top Security News for 15/04/2023
Detection Methods: Do You Know Where Your Credentials are?
https://securityintelligence.com/posts/detection-methods-do-you-know-where-your-credentials-are/
Lost in ChatGPT's memories: escaping ChatGPT-3.5 memory issues to write CVE PoCs
https://www.reddit.com/r/netsec/comments/12menep/lost_in_chatgpts_memories_escaping_chatgpt35/
Is AI being used for virtual kidnapping scams?
https://malware.news/t/is-ai-being-used-for-virtual-kidnapping-scams/68761#post_1
Escalating file write into RCE in Python
https://www.reddit.com/r/netsec/comments/12lplzy/escalating_file_write_into_rce_in_python/
"Read the Manual" and the ransomware-as-a-service market. Bitter APT against energy companies. Cozy Bear sighting. Hacktivist auxiliaries hit Canadian targets. Aan arrest in the Discord Papers case.
https://thecyberwire.com/podcasts/daily-podcast/1802/notes
PCI DSS reporting details to ensure when contracting quarterly CDE tests
https://malware.news/t/pci-dss-reporting-details-to-ensure-when-contracting-quarterly-cde-tests/68759#post_1
A cyberattack on the Cornwall Community Hospital in Ontario is causing treatment delays
https://securityaffairs.com/144811/cyber-crime/cyberattack-cornwall-community-hospital-ontario.html
uni-due-syssec/efcf-framework: Extremely Fast smart Contract Fuzzing
https://www.reddit.com/r/netsec/comments/12m8bqa/uniduesyssecefcfframework_extremely_fast_smart/
Google fixed the first Chrome zero-day of 2023
https://securityaffairs.com/144805/security/google-chrome-zero-day-2023.html
Botconf 2023 Wrap-Up Day #3
https://malware.news/t/botconf-2023-wrap-up-day-3/68764#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Detection Methods: Do You Know Where Your Credentials are?
https://securityintelligence.com/posts/detection-methods-do-you-know-where-your-credentials-are/
Lost in ChatGPT's memories: escaping ChatGPT-3.5 memory issues to write CVE PoCs
https://www.reddit.com/r/netsec/comments/12menep/lost_in_chatgpts_memories_escaping_chatgpt35/
Is AI being used for virtual kidnapping scams?
https://malware.news/t/is-ai-being-used-for-virtual-kidnapping-scams/68761#post_1
Escalating file write into RCE in Python
https://www.reddit.com/r/netsec/comments/12lplzy/escalating_file_write_into_rce_in_python/
"Read the Manual" and the ransomware-as-a-service market. Bitter APT against energy companies. Cozy Bear sighting. Hacktivist auxiliaries hit Canadian targets. Aan arrest in the Discord Papers case.
https://thecyberwire.com/podcasts/daily-podcast/1802/notes
PCI DSS reporting details to ensure when contracting quarterly CDE tests
https://malware.news/t/pci-dss-reporting-details-to-ensure-when-contracting-quarterly-cde-tests/68759#post_1
A cyberattack on the Cornwall Community Hospital in Ontario is causing treatment delays
https://securityaffairs.com/144811/cyber-crime/cyberattack-cornwall-community-hospital-ontario.html
uni-due-syssec/efcf-framework: Extremely Fast smart Contract Fuzzing
https://www.reddit.com/r/netsec/comments/12m8bqa/uniduesyssecefcfframework_extremely_fast_smart/
Google fixed the first Chrome zero-day of 2023
https://securityaffairs.com/144805/security/google-chrome-zero-day-2023.html
Botconf 2023 Wrap-Up Day #3
https://malware.news/t/botconf-2023-wrap-up-day-3/68764#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Intelligence
Detection Methods: Do You Know Where Your Credentials are?
Information-stealing malware has created a host of new problems for organizations. CredInt offers a way to detect a potential breach.
Top Security News for 16/04/2023
Own a Windows Keyboard
https://0x00sec.org/t/own-a-windows-keyboard/34534
Can we find the WannaCry source code?
https://0x00sec.org/t/can-we-find-the-wannacry-source-code/34528
The Proposal of Chat-GPT for an “AI Guardian” to Protect Privacy in Legal Cases
https://malware.news/t/the-proposal-of-chat-gpt-for-an-ai-guardian-to-protect-privacy-in-legal-cases/68765#post_1
Mandiant’s new solution allows exposure hunting for a proactive defense
https://www.csoonline.com/article/3693452/mandiants-new-solution-allows-exposure-hunting-for-a-proactive-defense.html#tk.rss_all
Remote Code Execution Vulnerability in Google They Are Not Willing To Fix
https://www.reddit.com/r/netsec/comments/12mtclt/remote_code_execution_vulnerability_in_google/
Vulnerability scanner for AWS customer-managed policies using ChatGPT w/ built-in account redaction.
https://www.reddit.com/r/netsec/comments/12nsrz1/vulnerability_scanner_for_aws_customermanaged/
Siemens Metaverse exposes sensitive corporate data
https://securityaffairs.com/144832/security/siemens-metaverse-data-leak.html
New Android malicious library Goldoson found in 60 apps +100M downloads
https://securityaffairs.com/144838/malware/goldoson-malicious-library-google-play.html
Jack Chapman: Shielding against the bad guys. [Threat Intelligence]
https://thecyberwire.com/podcasts/career-notes/145/notes
CISA adds bugs in Android and Novi Survey to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/144822/security/android-flaws-cisa-known-exploited-vulnerabilities-catalog.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Own a Windows Keyboard
https://0x00sec.org/t/own-a-windows-keyboard/34534
Can we find the WannaCry source code?
https://0x00sec.org/t/can-we-find-the-wannacry-source-code/34528
The Proposal of Chat-GPT for an “AI Guardian” to Protect Privacy in Legal Cases
https://malware.news/t/the-proposal-of-chat-gpt-for-an-ai-guardian-to-protect-privacy-in-legal-cases/68765#post_1
Mandiant’s new solution allows exposure hunting for a proactive defense
https://www.csoonline.com/article/3693452/mandiants-new-solution-allows-exposure-hunting-for-a-proactive-defense.html#tk.rss_all
Remote Code Execution Vulnerability in Google They Are Not Willing To Fix
https://www.reddit.com/r/netsec/comments/12mtclt/remote_code_execution_vulnerability_in_google/
Vulnerability scanner for AWS customer-managed policies using ChatGPT w/ built-in account redaction.
https://www.reddit.com/r/netsec/comments/12nsrz1/vulnerability_scanner_for_aws_customermanaged/
Siemens Metaverse exposes sensitive corporate data
https://securityaffairs.com/144832/security/siemens-metaverse-data-leak.html
New Android malicious library Goldoson found in 60 apps +100M downloads
https://securityaffairs.com/144838/malware/goldoson-malicious-library-google-play.html
Jack Chapman: Shielding against the bad guys. [Threat Intelligence]
https://thecyberwire.com/podcasts/career-notes/145/notes
CISA adds bugs in Android and Novi Survey to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/144822/security/android-flaws-cisa-known-exploited-vulnerabilities-catalog.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
0x00sec - The Home of the Hacker
Own a Windows Keyboard
Windows 10 Keylogger written in C++ FOREWORD I am a beginner in C/C++ and especially malware development in Windows. So I have made a keylogger for Windows, that is pretty basic, but probably a bit different from others. Please note that it was written…
Top Security News for 17/04/2023
10th April – Threat Intelligence Report
https://malware.news/t/10th-april-threat-intelligence-report/68768#post_1
IDA Memory Snapshot - Amadey Malware Unpacking & Initterm Poisoning
https://malware.news/t/ida-memory-snapshot-amadey-malware-unpacking-initterm-poisoning/68766#post_1
Australians report record $3.1bn losses to scams, with real amount even higher, ACCC says
https://www.theguardian.com/australia-news/2023/apr/17/australians-report-record-31bn-losses-to-scams-with-real-amount-even-higher-accc-says
NCR was the victim of BlackCat/ALPHV ransomware gang
https://securityaffairs.com/144866/cyber-crime/ncr-blackcat-alphv-ransomware.html
Security Affairs newsletter Round 415 by Pierluigi Paganini – International edition
https://securityaffairs.com/144863/breaking-news/security-affairs-newsletter-round-415-by-pierluigi-paganini.html
Could any of you be a hacker and not tell a soul?
https://0x00sec.org/t/could-any-of-you-be-a-hacker-and-not-tell-a-soul/34548
Trigona Ransomware Attacking MS-SQL Servers
https://malware.news/t/trigona-ransomware-attacking-ms-sql-servers/68771#post_1
WorLLMs
https://www.reddit.com/r/netsec/comments/12o1x14/worllms/
ISC Stormcast For Monday, April 17th, 2023 https://isc.sans.edu/podcastdetail.html?id=8456, (Mon, Apr 17th)
https://malware.news/t/isc-stormcast-for-monday-april-17th-2023-https-isc-sans-edu-podcastdetail-html-id-8456-mon-apr-17th/68770#post_1
Additional Activities of the Tick Group That Attacks with a Modified Q-Dir and Their Ties with Operation Triple Tiang
https://malware.news/t/additional-activities-of-the-tick-group-that-attacks-with-a-modified-q-dir-and-their-ties-with-operation-triple-tiang/68772#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
10th April – Threat Intelligence Report
https://malware.news/t/10th-april-threat-intelligence-report/68768#post_1
IDA Memory Snapshot - Amadey Malware Unpacking & Initterm Poisoning
https://malware.news/t/ida-memory-snapshot-amadey-malware-unpacking-initterm-poisoning/68766#post_1
Australians report record $3.1bn losses to scams, with real amount even higher, ACCC says
https://www.theguardian.com/australia-news/2023/apr/17/australians-report-record-31bn-losses-to-scams-with-real-amount-even-higher-accc-says
NCR was the victim of BlackCat/ALPHV ransomware gang
https://securityaffairs.com/144866/cyber-crime/ncr-blackcat-alphv-ransomware.html
Security Affairs newsletter Round 415 by Pierluigi Paganini – International edition
https://securityaffairs.com/144863/breaking-news/security-affairs-newsletter-round-415-by-pierluigi-paganini.html
Could any of you be a hacker and not tell a soul?
https://0x00sec.org/t/could-any-of-you-be-a-hacker-and-not-tell-a-soul/34548
Trigona Ransomware Attacking MS-SQL Servers
https://malware.news/t/trigona-ransomware-attacking-ms-sql-servers/68771#post_1
WorLLMs
https://www.reddit.com/r/netsec/comments/12o1x14/worllms/
ISC Stormcast For Monday, April 17th, 2023 https://isc.sans.edu/podcastdetail.html?id=8456, (Mon, Apr 17th)
https://malware.news/t/isc-stormcast-for-monday-april-17th-2023-https-isc-sans-edu-podcastdetail-html-id-8456-mon-apr-17th/68770#post_1
Additional Activities of the Tick Group That Attacks with a Modified Q-Dir and Their Ties with Operation Triple Tiang
https://malware.news/t/additional-activities-of-the-tick-group-that-attacks-with-a-modified-q-dir-and-their-ties-with-operation-triple-tiang/68772#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
10th April – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 10th April, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES Taiwanese computing hardware giant MSI has suffered a ransomware attack by the recently-founded group Money…
Top Security News for 18/04/2023
Israeli Spyware Vendor QuaDream to Shut Down Following Citizen Lab and Microsoft Expose
https://thehackernews.com/2023/04/israeli-spyware-vendor-quadream-to-shut.html
A Practical, AI-Generated Phishing PoC with ChatGPT
https://www.reddit.com/r/netsec/comments/12ps1zb/a_practical_aigenerated_phishing_poc_with_chatgpt/
Woman tracks down and turns table on Airbnb scammer
https://www.malwarebytes.com/blog/news/2023/04/woman-tracks-down-and-turns-table-on-airbnb-scammer
ASEC Weekly Malware Statistics (April 10th, 2023 – April 16th, 2023)
https://malware.news/t/asec-weekly-malware-statistics-april-10th-2023-april-16th-2023/68806#post_1
Ransomware in Germany, April 2022 – March 2023
https://www.malwarebytes.com/blog/threat-intelligence/2023/04/ransomware-review-germany
Vice Society Ransomware Using Stealthy PowerShell Tool for Data Exfiltration
https://thehackernews.com/2023/04/vice-society-ransomware-using-stealthy.html
Developments in the Discord Papers, including notes on influencers and why they seek influence. Tax season scams. KillNet’s selling, but is anyone buying?
https://thecyberwire.com/podcasts/daily-podcast/1803/notes
Hey, I wrote a GCP pentesting guide, check it out if you are interested in cloud security and please lmk your thoughts. Appreciate it.
https://www.reddit.com/r/netsec/comments/12prarf/hey_i_wrote_a_gcp_pentesting_guide_check_it_out/
Security Operations Center (SOC) (noun)
https://thecyberwire.com/podcasts/word-notes/144/notes
7 cybersecurity mindsets that undermine practitioners and how to avoid them
https://www.csoonline.com/article/3693255/7-cybersecurity-mindsets-that-undermine-practitioners-and-how-to-avoid-them.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Israeli Spyware Vendor QuaDream to Shut Down Following Citizen Lab and Microsoft Expose
https://thehackernews.com/2023/04/israeli-spyware-vendor-quadream-to-shut.html
A Practical, AI-Generated Phishing PoC with ChatGPT
https://www.reddit.com/r/netsec/comments/12ps1zb/a_practical_aigenerated_phishing_poc_with_chatgpt/
Woman tracks down and turns table on Airbnb scammer
https://www.malwarebytes.com/blog/news/2023/04/woman-tracks-down-and-turns-table-on-airbnb-scammer
ASEC Weekly Malware Statistics (April 10th, 2023 – April 16th, 2023)
https://malware.news/t/asec-weekly-malware-statistics-april-10th-2023-april-16th-2023/68806#post_1
Ransomware in Germany, April 2022 – March 2023
https://www.malwarebytes.com/blog/threat-intelligence/2023/04/ransomware-review-germany
Vice Society Ransomware Using Stealthy PowerShell Tool for Data Exfiltration
https://thehackernews.com/2023/04/vice-society-ransomware-using-stealthy.html
Developments in the Discord Papers, including notes on influencers and why they seek influence. Tax season scams. KillNet’s selling, but is anyone buying?
https://thecyberwire.com/podcasts/daily-podcast/1803/notes
Hey, I wrote a GCP pentesting guide, check it out if you are interested in cloud security and please lmk your thoughts. Appreciate it.
https://www.reddit.com/r/netsec/comments/12prarf/hey_i_wrote_a_gcp_pentesting_guide_check_it_out/
Security Operations Center (SOC) (noun)
https://thecyberwire.com/podcasts/word-notes/144/notes
7 cybersecurity mindsets that undermine practitioners and how to avoid them
https://www.csoonline.com/article/3693255/7-cybersecurity-mindsets-that-undermine-practitioners-and-how-to-avoid-them.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: A Practical, AI-Generated Phishing PoC with ChatGPT
Posted by u/IndySecMan - 2 votes and no comments
Top Security News for 27/04/2023
Cyber Risk Quantification, Level 6 Cybersecurity, & Intel Briefing
https://thecyberwire.com/podcasts/rh-isac/26/notes
VMware Releases Critical Patches for Workstation and Fusion Software
https://thehackernews.com/2023/04/vmware-releases-critical-patches-for.html
ISC Stormcast For Thursday, April 27th, 2023 https://isc.sans.edu/podcastdetail.html?id=8472, (Thu, Apr 27th)
https://malware.news/t/isc-stormcast-for-thursday-april-27th-2023-https-isc-sans-edu-podcastdetail-html-id-8472-thu-apr-27th/69032#post_1
How AIoT Will Reshape the Security Industry in 2023
https://securityintelligence.com/articles/how-aiot-will-reshape-security-2023/
Iranian cyberspies deploy new malware implant on Microsoft Exchange Servers
https://www.csoonline.com/article/3694850/iranian-cyberspies-deploy-new-malware-implant-on-microsoft-exchange-servers.html#tk.rss_all
Avast detected some harmful apps.
https://www.reddit.com/r/Malware/comments/130agyn/avast_detected_some_harmful_apps/
Fake Flipper Zero sellers are after your money
https://www.malwarebytes.com/blog/news/2023/04/fake-flipper-zero-sellers-are-after-your-money
Chinese Hackers Using MgBot Malware to Target International NGOs in Mainland China
https://thehackernews.com/2023/04/chinese-hackers-using-mgbot-malware-to.html
Threat Actor Selling New Atomic macOS (AMOS) Stealer on Telegram
https://www.reddit.com/r/Malware/comments/12zz7x6/threat_actor_selling_new_atomic_macos_amos/
Palantir Demos AI to Fight Wars But Says It Will Be Totally Ethical Don’t Worry About It
https://www.vice.com/en_us/article/qjvb4x/palantir-demos-ai-to-fight-wars-but-says-it-will-be-totally-ethical-dont-worry-about-it
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Cyber Risk Quantification, Level 6 Cybersecurity, & Intel Briefing
https://thecyberwire.com/podcasts/rh-isac/26/notes
VMware Releases Critical Patches for Workstation and Fusion Software
https://thehackernews.com/2023/04/vmware-releases-critical-patches-for.html
ISC Stormcast For Thursday, April 27th, 2023 https://isc.sans.edu/podcastdetail.html?id=8472, (Thu, Apr 27th)
https://malware.news/t/isc-stormcast-for-thursday-april-27th-2023-https-isc-sans-edu-podcastdetail-html-id-8472-thu-apr-27th/69032#post_1
How AIoT Will Reshape the Security Industry in 2023
https://securityintelligence.com/articles/how-aiot-will-reshape-security-2023/
Iranian cyberspies deploy new malware implant on Microsoft Exchange Servers
https://www.csoonline.com/article/3694850/iranian-cyberspies-deploy-new-malware-implant-on-microsoft-exchange-servers.html#tk.rss_all
Avast detected some harmful apps.
https://www.reddit.com/r/Malware/comments/130agyn/avast_detected_some_harmful_apps/
Fake Flipper Zero sellers are after your money
https://www.malwarebytes.com/blog/news/2023/04/fake-flipper-zero-sellers-are-after-your-money
Chinese Hackers Using MgBot Malware to Target International NGOs in Mainland China
https://thehackernews.com/2023/04/chinese-hackers-using-mgbot-malware-to.html
Threat Actor Selling New Atomic macOS (AMOS) Stealer on Telegram
https://www.reddit.com/r/Malware/comments/12zz7x6/threat_actor_selling_new_atomic_macos_amos/
Palantir Demos AI to Fight Wars But Says It Will Be Totally Ethical Don’t Worry About It
https://www.vice.com/en_us/article/qjvb4x/palantir-demos-ai-to-fight-wars-but-says-it-will-be-totally-ethical-dont-worry-about-it
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Cyber Risk Quantification, Level 6 Cybersecurity, & Intel Briefing
In this episode of the Retail & Hospitality ISAC podcast, host Luke Vander Linden is joined by Cam Sabatini, senior analyst of information security, planning, and architecture at Abercrombie & Fitch Co., and Kristen Dalton, director of strategic cyber engagement…
Top Security News for 28/04/2023
Android greybox fuzzing with AFL++ Frida mode
https://www.reddit.com/r/netsec/comments/130uxye/android_greybox_fuzzing_with_afl_frida_mode/
User impersonation via stolen UUID code in KeyCloak (CVE-2023-0264)
https://www.reddit.com/r/netsec/comments/130km04/user_impersonation_via_stolen_uuid_code_in/
RTM Locker's First Linux Ransomware Strain Targeting NAS and ESXi Hosts
https://thehackernews.com/2023/04/rtm-lockers-first-linux-ransomware.html
Zero Trust Data Security: It’s Time To Make the Shift
https://securityintelligence.com/articles/zero-trust-data-security-time-to-shift/
ISC StormCast for Friday, April 28th, 2023
https://isc.sans.edu/podcastdetail.html?id=8474
API and application attacks rising: Akamai.
https://thecyberwire.com
ISC Stormcast For Friday, April 28th, 2023 https://isc.sans.edu/podcastdetail.html?id=8474, (Fri, Apr 28th)
https://isc.sans.edu/diary/rss/29786
Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware
https://thehackernews.com/2023/04/microsoft-confirms-papercut-servers.html
Why you should practice rollbacks to prevent data loss in a ransomware attack
https://www.microsoft.com/en-us/security/blog/2023/04/27/why-you-should-practice-rollbacks-to-prevent-data-loss-in-a-ransomware-attack/
Smash PostScript Interpreters Using a Syntax-Aware Fuzzer
https://www.reddit.com/r/netsec/comments/130fg5s/smash_postscript_interpreters_using_a_syntaxaware/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Android greybox fuzzing with AFL++ Frida mode
https://www.reddit.com/r/netsec/comments/130uxye/android_greybox_fuzzing_with_afl_frida_mode/
User impersonation via stolen UUID code in KeyCloak (CVE-2023-0264)
https://www.reddit.com/r/netsec/comments/130km04/user_impersonation_via_stolen_uuid_code_in/
RTM Locker's First Linux Ransomware Strain Targeting NAS and ESXi Hosts
https://thehackernews.com/2023/04/rtm-lockers-first-linux-ransomware.html
Zero Trust Data Security: It’s Time To Make the Shift
https://securityintelligence.com/articles/zero-trust-data-security-time-to-shift/
ISC StormCast for Friday, April 28th, 2023
https://isc.sans.edu/podcastdetail.html?id=8474
API and application attacks rising: Akamai.
https://thecyberwire.com
ISC Stormcast For Friday, April 28th, 2023 https://isc.sans.edu/podcastdetail.html?id=8474, (Fri, Apr 28th)
https://isc.sans.edu/diary/rss/29786
Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware
https://thehackernews.com/2023/04/microsoft-confirms-papercut-servers.html
Why you should practice rollbacks to prevent data loss in a ransomware attack
https://www.microsoft.com/en-us/security/blog/2023/04/27/why-you-should-practice-rollbacks-to-prevent-data-loss-in-a-ransomware-attack/
Smash PostScript Interpreters Using a Syntax-Aware Fuzzer
https://www.reddit.com/r/netsec/comments/130fg5s/smash_postscript_interpreters_using_a_syntaxaware/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: Android greybox fuzzing with AFL++ Frida mode
Posted by u/jeandrew - 7 votes and no comments
👍1
Top Security News for 29/04/2023
Why Your Detection-First Security Approach Isn't Working
https://thehackernews.com/2023/04/why-your-detection-first-security.html
CVE-2022-37955: Vulnerability in Microsoft Windows Group Policy Updates Leads to Improper Link Resolution Before File Access (Privilege Escalation CWE-59)
https://www.reddit.com/r/netsec/comments/131mes1/cve202237955_vulnerability_in_microsoft_windows/
Attacks On PaperCut Servers Tied To Ransomware Groups
https://packetstormsecurity.com/news/view/34561/Attacks-On-PaperCut-Servers-Tied-To-Ransomware-Groups.html
Chinese Alloy Taurus Updates PingPull Malware
https://www.reddit.com/r/netsec/comments/131qxn8/chinese_alloy_taurus_updates_pingpull_malware/
What’s now being traded in the C2C markets. CISA would like comments on its software self-attestation form. And in Russia’s hybrid war, are there cyber war crimes, or real hacktivists?
https://thecyberwire.com/podcasts/daily-podcast/1812/notes
State of DNS Rebinding in 2023
https://www.reddit.com/r/netsec/comments/132ewi3/state_of_dns_rebinding_in_2023/
The UN's new cybercrime treaty raises human rights concerns. How China's new counter-espionage law could impact cyber business.
https://thecyberwire.com/newsletters/policy-briefing/5/82
CISA Warns of Critical Flaws in Illumina's DNA Sequencing Instruments
https://thehackernews.com/2023/04/cisa-warns-of-critical-flaws-in.html
LockBit and Cl0p ransomware gangs actively exploiting Papercut vulnerabilities
https://www.malwarebytes.com/blog/news/2023/04/lockbit-and-cl0p-are-actively-exploiting-papercut-vulnerabilities
Breach roundup. Hackers steal more than hearts.
https://thecyberwire.com/podcasts/privacy-briefing/517/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Why Your Detection-First Security Approach Isn't Working
https://thehackernews.com/2023/04/why-your-detection-first-security.html
CVE-2022-37955: Vulnerability in Microsoft Windows Group Policy Updates Leads to Improper Link Resolution Before File Access (Privilege Escalation CWE-59)
https://www.reddit.com/r/netsec/comments/131mes1/cve202237955_vulnerability_in_microsoft_windows/
Attacks On PaperCut Servers Tied To Ransomware Groups
https://packetstormsecurity.com/news/view/34561/Attacks-On-PaperCut-Servers-Tied-To-Ransomware-Groups.html
Chinese Alloy Taurus Updates PingPull Malware
https://www.reddit.com/r/netsec/comments/131qxn8/chinese_alloy_taurus_updates_pingpull_malware/
What’s now being traded in the C2C markets. CISA would like comments on its software self-attestation form. And in Russia’s hybrid war, are there cyber war crimes, or real hacktivists?
https://thecyberwire.com/podcasts/daily-podcast/1812/notes
State of DNS Rebinding in 2023
https://www.reddit.com/r/netsec/comments/132ewi3/state_of_dns_rebinding_in_2023/
The UN's new cybercrime treaty raises human rights concerns. How China's new counter-espionage law could impact cyber business.
https://thecyberwire.com/newsletters/policy-briefing/5/82
CISA Warns of Critical Flaws in Illumina's DNA Sequencing Instruments
https://thehackernews.com/2023/04/cisa-warns-of-critical-flaws-in.html
LockBit and Cl0p ransomware gangs actively exploiting Papercut vulnerabilities
https://www.malwarebytes.com/blog/news/2023/04/lockbit-and-cl0p-are-actively-exploiting-papercut-vulnerabilities
Breach roundup. Hackers steal more than hearts.
https://thecyberwire.com/podcasts/privacy-briefing/517/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
r/netsec on Reddit: CVE-2022-37955: Vulnerability in Microsoft Windows Group Policy Updates Leads to Improper Link Resolution Before…
Posted by u/usdAG - 16 votes and 2 comments
Top Security News for 01/05/2023
ISC StormCast for Monday, May 1st, 2023
https://isc.sans.edu/podcastdetail.html?id=8476
Update: zipdump.py Version 0.0.25
https://malware.news/t/update-zipdump-py-version-0-0-25/69074#post_1
Cybersecurity in space: not as far out as you’d think.
https://thecyberwire.com/stories/b4e997c1d2364e1180242df611d9c2a7/cybersecurity-in-space-not-as-far-out-as-youd-think
ISC Stormcast For Monday, May 1st, 2023 https://isc.sans.edu/podcastdetail.html?id=8476, (Mon, May 1st)
https://isc.sans.edu/diary/rss/29796
Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition
https://securityaffairs.com/145479/breaking-news/security-affairs-newsletter-round-417.html
Elastic Security Labs discovers the LOBSHOT malware
https://www.reddit.com/r/Malware/comments/133nj1u/elastic_security_labs_discovers_the_lobshot/
Perry Carpenter: Turning composition into computing. [Strategy]
https://thecyberwire.com/podcasts/career-notes/147/notes
SANS.edu Research Journal Volume 3 Released into the Wild. https://www.sans.edu/cyber-security-research @sans_edu #cybersecurity #research, (Sun, Apr 30th)
https://malware.news/t/sans-edu-research-journal-volume-3-released-into-the-wild-https-www-sans-edu-cyber-security-research-x40-sans-x5f-edu-cybersecurity-research-sun-apr-30th/69076#post_1
Sharing a tool I developed to help Blue Teamers discover Persistence on Windows - please check it out!
https://www.reddit.com/r/netsec/comments/133s5h6/sharing_a_tool_i_developed_to_help_blue_teamers/
Crooks broke into AT&T email accounts to empty their cryptocurrency wallets
https://securityaffairs.com/145508/hacking/att-email-accounts-hacked.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC StormCast for Monday, May 1st, 2023
https://isc.sans.edu/podcastdetail.html?id=8476
Update: zipdump.py Version 0.0.25
https://malware.news/t/update-zipdump-py-version-0-0-25/69074#post_1
Cybersecurity in space: not as far out as you’d think.
https://thecyberwire.com/stories/b4e997c1d2364e1180242df611d9c2a7/cybersecurity-in-space-not-as-far-out-as-youd-think
ISC Stormcast For Monday, May 1st, 2023 https://isc.sans.edu/podcastdetail.html?id=8476, (Mon, May 1st)
https://isc.sans.edu/diary/rss/29796
Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition
https://securityaffairs.com/145479/breaking-news/security-affairs-newsletter-round-417.html
Elastic Security Labs discovers the LOBSHOT malware
https://www.reddit.com/r/Malware/comments/133nj1u/elastic_security_labs_discovers_the_lobshot/
Perry Carpenter: Turning composition into computing. [Strategy]
https://thecyberwire.com/podcasts/career-notes/147/notes
SANS.edu Research Journal Volume 3 Released into the Wild. https://www.sans.edu/cyber-security-research @sans_edu #cybersecurity #research, (Sun, Apr 30th)
https://malware.news/t/sans-edu-research-journal-volume-3-released-into-the-wild-https-www-sans-edu-cyber-security-research-x40-sans-x5f-edu-cybersecurity-research-sun-apr-30th/69076#post_1
Sharing a tool I developed to help Blue Teamers discover Persistence on Windows - please check it out!
https://www.reddit.com/r/netsec/comments/133s5h6/sharing_a_tool_i_developed_to_help_blue_teamers/
Crooks broke into AT&T email accounts to empty their cryptocurrency wallets
https://securityaffairs.com/145508/hacking/att-email-accounts-hacked.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Monday, May 1st, 2023 - SANS ISC
Top Security News for 02/05/2023
Azure DevOps CICD Pipelines - Command Injection with Parameters, Variables and a discussion on Runner hijacking
https://www.reddit.com/r/netsec/comments/134gv4v/azure_devops_cicd_pipelines_command_injection/
Is misinformation the newest malware?
https://www.csoonline.com/article/3695014/is-misinformation-the-newest-malware.html#tk.rss_all
APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails
https://thehackernews.com/2023/05/apt28-targets-ukrainian-government.html
A week in security (April 24 -30)
https://malware.news/t/a-week-in-security-april-24-30/69096#post_1
Ukraine Is Now Using Steam Decks to Control Machine Gun Turrets
https://www.vice.com/en_us/article/5d9g9z/ukraine-is-now-using-steam-decks-to-control-machine-gun-turrets
1st May – Threat Intelligence Report
https://malware.news/t/1st-may-threat-intelligence-report/69098#post_1
The hidden security risks in tech layoffs and how to mitigate them
https://www.csoonline.com/article/3695070/the-hidden-security-risks-in-tech-layoffs-and-how-to-mitigate-them.html#tk.rss_all
Get in the game for your next leadership opportunity.
https://thecyberwire.com/stories/d974309ec4264b5f9c79711cc64459a4/get-in-the-game-for-your-next-leadership-opportunity
What does ChatGPT know about phishing?
https://securelist.com/chatgpt-anti-phishing/109590/
FDA warns of biomed device vulnerability. Ransomware's effects continue at US Marshals Service fugitive tracking. US DoJ shifts to disruption of cybercrime. GRU phishing. KillNet’s ask-me-anything.
https://thecyberwire.com/podcasts/daily-podcast/1813/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Azure DevOps CICD Pipelines - Command Injection with Parameters, Variables and a discussion on Runner hijacking
https://www.reddit.com/r/netsec/comments/134gv4v/azure_devops_cicd_pipelines_command_injection/
Is misinformation the newest malware?
https://www.csoonline.com/article/3695014/is-misinformation-the-newest-malware.html#tk.rss_all
APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails
https://thehackernews.com/2023/05/apt28-targets-ukrainian-government.html
A week in security (April 24 -30)
https://malware.news/t/a-week-in-security-april-24-30/69096#post_1
Ukraine Is Now Using Steam Decks to Control Machine Gun Turrets
https://www.vice.com/en_us/article/5d9g9z/ukraine-is-now-using-steam-decks-to-control-machine-gun-turrets
1st May – Threat Intelligence Report
https://malware.news/t/1st-may-threat-intelligence-report/69098#post_1
The hidden security risks in tech layoffs and how to mitigate them
https://www.csoonline.com/article/3695070/the-hidden-security-risks-in-tech-layoffs-and-how-to-mitigate-them.html#tk.rss_all
Get in the game for your next leadership opportunity.
https://thecyberwire.com/stories/d974309ec4264b5f9c79711cc64459a4/get-in-the-game-for-your-next-leadership-opportunity
What does ChatGPT know about phishing?
https://securelist.com/chatgpt-anti-phishing/109590/
FDA warns of biomed device vulnerability. Ransomware's effects continue at US Marshals Service fugitive tracking. US DoJ shifts to disruption of cybercrime. GRU phishing. KillNet’s ask-me-anything.
https://thecyberwire.com/podcasts/daily-podcast/1813/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Azure DevOps CICD Pipelines - Command Injection with Parameters, Variables and a discussion…
Posted by MysteriousHotel3017 - 103 votes and 5 comments
Top Security News for 03/05/2023
ISC Stormcast For Wednesday, May 3rd, 2023 https://isc.sans.edu/podcastdetail.html?id=8480, (Wed, May 3rd)
https://malware.news/t/isc-stormcast-for-wednesday-may-3rd-2023-https-isc-sans-edu-podcastdetail-html-id-8480-wed-may-3rd/69130#post_1
Ransomware recovery still underway at US Marshals Service
https://malware.news/t/ransomware-recovery-still-underway-at-us-marshals-service/69136#post_1
Rationalizing Your Hybrid Cloud Security Tools
https://securityintelligence.com/posts/rationalizing-your-hybrid-cloud-security-tools/
Veza releases access security, governance solution for SaaS applications
https://www.csoonline.com/article/3694897/veza-releases-access-security-governance-solution-for-saas-applications.html#tk.rss_all
Three Thoughts On The OT Security Workforce
https://dale-peterson.com/2023/05/02/three-thoughts-on-ot-security-workforce/?utm_source=rss&utm_medium=rss&utm_campaign=three-thoughts-on-ot-security-workforce
Windows devices under attack from novel LOBSHOT malware
https://malware.news/t/windows-devices-under-attack-from-novel-lobshot-malware/69131#post_1
Databricks platform root privilege escalation and bypassing cluster isolation
https://www.reddit.com/r/netsec/comments/135kulv/databricks_platform_root_privilege_escalation_and/
Over 500K devices compromised in malverposting campaign
https://malware.news/t/over-500k-devices-compromised-in-malverposting-campaign/69135#post_1
North Korea's ScarCruft Deploys RokRAT Malware via LNK File Infection Chains
https://thehackernews.com/2023/05/north-koreas-scarcruft-deploys-rokrat.html
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/02-05-2023
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Wednesday, May 3rd, 2023 https://isc.sans.edu/podcastdetail.html?id=8480, (Wed, May 3rd)
https://malware.news/t/isc-stormcast-for-wednesday-may-3rd-2023-https-isc-sans-edu-podcastdetail-html-id-8480-wed-may-3rd/69130#post_1
Ransomware recovery still underway at US Marshals Service
https://malware.news/t/ransomware-recovery-still-underway-at-us-marshals-service/69136#post_1
Rationalizing Your Hybrid Cloud Security Tools
https://securityintelligence.com/posts/rationalizing-your-hybrid-cloud-security-tools/
Veza releases access security, governance solution for SaaS applications
https://www.csoonline.com/article/3694897/veza-releases-access-security-governance-solution-for-saas-applications.html#tk.rss_all
Three Thoughts On The OT Security Workforce
https://dale-peterson.com/2023/05/02/three-thoughts-on-ot-security-workforce/?utm_source=rss&utm_medium=rss&utm_campaign=three-thoughts-on-ot-security-workforce
Windows devices under attack from novel LOBSHOT malware
https://malware.news/t/windows-devices-under-attack-from-novel-lobshot-malware/69131#post_1
Databricks platform root privilege escalation and bypassing cluster isolation
https://www.reddit.com/r/netsec/comments/135kulv/databricks_platform_root_privilege_escalation_and/
Over 500K devices compromised in malverposting campaign
https://malware.news/t/over-500k-devices-compromised-in-malverposting-campaign/69135#post_1
North Korea's ScarCruft Deploys RokRAT Malware via LNK File Infection Chains
https://thehackernews.com/2023/05/north-koreas-scarcruft-deploys-rokrat.html
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/02-05-2023
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Wednesday, May 3rd, 2023 - SANS ISC
Top Security News for 04/05/2023
The AI message at RSAC was long on hype and short on specifics
https://malware.news/t/the-ai-message-at-rsac-was-long-on-hype-and-short-on-specifics/69196#post_1
Reverse engineering tricks: identifying opaque network protocols
https://www.reddit.com/r/netsec/comments/136n7bg/reverse_engineering_tricks_identifying_opaque/
Operation SpecTor: $53.4 Million Seized, 288 Vendors Arrested in Dark Web Drug Bust
https://thehackernews.com/2023/05/operation-spector-534-million-seized.html
Infostealer Embedded in a Word Document, (Thu, May 4th)
https://malware.news/t/infostealer-embedded-in-a-word-document-thu-may-4th/69197#post_1
Google rolls out passkey support across accounts on all major platforms
https://www.csoonline.com/article/3695173/google-rolls-out-passkey-support-across-accounts-on-all-major-platforms.html#tk.rss_all
GPT-4 Can’t Replace Striking TV Writers, But Studios Are Going to Try
https://www.vice.com/en_us/article/pkap3m/gpt-4-cant-replace-striking-tv-writers-but-studios-are-going-to-try
Forrester names Microsoft a Leader in 2023 Infrastructure-as-a-Service Platform Native Security report
https://www.microsoft.com/en-us/security/blog/2023/05/03/forrester-names-microsoft-a-leader-in-2023-infrastructure-as-a-service-platform-native-security-report/
Vulnerability Spotlight: Vulnerabilities in IBM AIX could lead to command injection with elevated privileges
https://www.reddit.com/r/netsec/comments/136qw54/vulnerability_spotlight_vulnerabilities_in_ibm/
Your approach to efficient security compliance.
https://thecyberwire.com/podcasts/caveat/170/notes
Create slackbot using slack bolt API and Node.js
https://malware.news/t/create-slackbot-using-slack-bolt-api-and-node-js/69195#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The AI message at RSAC was long on hype and short on specifics
https://malware.news/t/the-ai-message-at-rsac-was-long-on-hype-and-short-on-specifics/69196#post_1
Reverse engineering tricks: identifying opaque network protocols
https://www.reddit.com/r/netsec/comments/136n7bg/reverse_engineering_tricks_identifying_opaque/
Operation SpecTor: $53.4 Million Seized, 288 Vendors Arrested in Dark Web Drug Bust
https://thehackernews.com/2023/05/operation-spector-534-million-seized.html
Infostealer Embedded in a Word Document, (Thu, May 4th)
https://malware.news/t/infostealer-embedded-in-a-word-document-thu-may-4th/69197#post_1
Google rolls out passkey support across accounts on all major platforms
https://www.csoonline.com/article/3695173/google-rolls-out-passkey-support-across-accounts-on-all-major-platforms.html#tk.rss_all
GPT-4 Can’t Replace Striking TV Writers, But Studios Are Going to Try
https://www.vice.com/en_us/article/pkap3m/gpt-4-cant-replace-striking-tv-writers-but-studios-are-going-to-try
Forrester names Microsoft a Leader in 2023 Infrastructure-as-a-Service Platform Native Security report
https://www.microsoft.com/en-us/security/blog/2023/05/03/forrester-names-microsoft-a-leader-in-2023-infrastructure-as-a-service-platform-native-security-report/
Vulnerability Spotlight: Vulnerabilities in IBM AIX could lead to command injection with elevated privileges
https://www.reddit.com/r/netsec/comments/136qw54/vulnerability_spotlight_vulnerabilities_in_ibm/
Your approach to efficient security compliance.
https://thecyberwire.com/podcasts/caveat/170/notes
Create slackbot using slack bolt API and Node.js
https://malware.news/t/create-slackbot-using-slack-bolt-api-and-node-js/69195#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
The AI message at RSAC was long on hype and short on specifics
Overall, cybersecurity pros who attended RSAC tend to believe they have more to gain from AI than the threat actors – let’s hope that’s true. Article Link: The AI message at RSAC was long on hype and short on specifics | SC Media
Top Security News for 05/05/2023
White House unveils AI rules to address safety and privacy
https://www.computerworld.com/article/3695731/white-house-unveils-ai-rules-to-address-safety-and-privacy.html#tk.rss_all
ISC Stormcast For Friday, May 5th, 2023 https://isc.sans.edu/podcastdetail.html?id=8484, (Fri, May 5th)
https://malware.news/t/isc-stormcast-for-friday-may-5th-2023-https-isc-sans-edu-podcastdetail-html-id-8484-fri-may-5th/69237#post_1
Cisco Warns of Vulnerability in Popular Phone Adapter, Urges Migration to Newer Model
https://thehackernews.com/2023/05/cisco-warns-of-vulnerability-in-popular.html
Introducing SpiderSuite: Advance web security crawler
https://www.reddit.com/r/netsec/comments/137kbsj/introducing_spidersuite_advance_web_security/
How Microsoft can help you go passwordless this World Password Day
https://www.microsoft.com/en-us/security/blog/2023/05/04/how-microsoft-can-help-you-go-passwordless-this-world-password-day/
RansomHouse attack compromises AvidXchange
https://malware.news/t/ransomhouse-attack-compromises-avidxchange/69235#post_1
Not quite an Easter egg: a new family of Trojan subscribers on Google Play
https://securelist.com/fleckpe-a-new-family-of-trojan-subscribers-on-google-play/109643/
Verified Twitter Accounts Spread Misinfo About Imminent Nuclear Strike
https://www.vice.com/en_us/article/wxjd4y/verified-twitter-accounts-spread-misinfo-about-imminent-nuclear-strike
Researchers Discover 3 Vulnerabilities in Microsoft Azure API Management Service
https://thehackernews.com/2023/05/researchers-discover-3-vulnerabilities.html
ISC Stormcast For Friday, May 5th, 2023 https://isc.sans.edu/podcastdetail.html?id=8484, (Fri, May 5th)
https://isc.sans.edu/diary/rss/29812
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
White House unveils AI rules to address safety and privacy
https://www.computerworld.com/article/3695731/white-house-unveils-ai-rules-to-address-safety-and-privacy.html#tk.rss_all
ISC Stormcast For Friday, May 5th, 2023 https://isc.sans.edu/podcastdetail.html?id=8484, (Fri, May 5th)
https://malware.news/t/isc-stormcast-for-friday-may-5th-2023-https-isc-sans-edu-podcastdetail-html-id-8484-fri-may-5th/69237#post_1
Cisco Warns of Vulnerability in Popular Phone Adapter, Urges Migration to Newer Model
https://thehackernews.com/2023/05/cisco-warns-of-vulnerability-in-popular.html
Introducing SpiderSuite: Advance web security crawler
https://www.reddit.com/r/netsec/comments/137kbsj/introducing_spidersuite_advance_web_security/
How Microsoft can help you go passwordless this World Password Day
https://www.microsoft.com/en-us/security/blog/2023/05/04/how-microsoft-can-help-you-go-passwordless-this-world-password-day/
RansomHouse attack compromises AvidXchange
https://malware.news/t/ransomhouse-attack-compromises-avidxchange/69235#post_1
Not quite an Easter egg: a new family of Trojan subscribers on Google Play
https://securelist.com/fleckpe-a-new-family-of-trojan-subscribers-on-google-play/109643/
Verified Twitter Accounts Spread Misinfo About Imminent Nuclear Strike
https://www.vice.com/en_us/article/wxjd4y/verified-twitter-accounts-spread-misinfo-about-imminent-nuclear-strike
Researchers Discover 3 Vulnerabilities in Microsoft Azure API Management Service
https://thehackernews.com/2023/05/researchers-discover-3-vulnerabilities.html
ISC Stormcast For Friday, May 5th, 2023 https://isc.sans.edu/podcastdetail.html?id=8484, (Fri, May 5th)
https://isc.sans.edu/diary/rss/29812
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Computerworld
White House unveils AI rules to address safety and privacy
President Biden's rules are not legally binding, but they do offer guidance and begin a conversation at the national level about real and existential threats posed by generative AI technologies such as ChatGPT.
Top Security News for 06/05/2023
BrandPost: Effective Security Relies on Effective Communication
https://www.csoonline.com/article/3695848/effective-security-relies-on-effective-communication.html#tk.rss_all
Why Robot Vacuums Have Cameras (and What to Know About Them)
https://securityintelligence.com/articles/why-robot-vacuums-have-cameras-what-to-know/
Apple releases first Rapid Security Response update for iOS, iPadOS, and macOS users
https://malware.news/t/apple-releases-first-rapid-security-response-update-for-ios-ipados-and-macos-users/69270#post_1
Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit DrIBAN
https://thehackernews.com/2023/05/hackers-targeting-italian-corporate.html
New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks
https://thehackernews.com/2023/05/new-vulnerability-in-popular-wordpress.html
Redash SAML Authentication Bypass
https://www.reddit.com/r/netsec/comments/138gg7h/redash_saml_authentication_bypass/
Google launches entry-level cybersecurity certificate to teach threat detection skills
https://www.csoonline.com/article/3695575/google-launches-entry-level-cybersecurity-certificate-to-teach-threat-detection-skills.html#tk.rss_all
N. Korean Kimsuky Hackers Using New Recon Tool ReconShark in Latest Cyberattacks
https://thehackernews.com/2023/05/n-korean-kimsuky-hackers-using-new.html
Newspaper evades Russian censors, hides news in Counter-Strike map
https://www.malwarebytes.com/blog/news/2023/05/evading-russian-media-restrictions-with-custom-video-game-maps
Phishing campaign takes the energy out of Chinese nuclear industry.
https://thecyberwire.com/podcasts/research-saturday/280/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
BrandPost: Effective Security Relies on Effective Communication
https://www.csoonline.com/article/3695848/effective-security-relies-on-effective-communication.html#tk.rss_all
Why Robot Vacuums Have Cameras (and What to Know About Them)
https://securityintelligence.com/articles/why-robot-vacuums-have-cameras-what-to-know/
Apple releases first Rapid Security Response update for iOS, iPadOS, and macOS users
https://malware.news/t/apple-releases-first-rapid-security-response-update-for-ios-ipados-and-macos-users/69270#post_1
Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit DrIBAN
https://thehackernews.com/2023/05/hackers-targeting-italian-corporate.html
New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks
https://thehackernews.com/2023/05/new-vulnerability-in-popular-wordpress.html
Redash SAML Authentication Bypass
https://www.reddit.com/r/netsec/comments/138gg7h/redash_saml_authentication_bypass/
Google launches entry-level cybersecurity certificate to teach threat detection skills
https://www.csoonline.com/article/3695575/google-launches-entry-level-cybersecurity-certificate-to-teach-threat-detection-skills.html#tk.rss_all
N. Korean Kimsuky Hackers Using New Recon Tool ReconShark in Latest Cyberattacks
https://thehackernews.com/2023/05/n-korean-kimsuky-hackers-using-new.html
Newspaper evades Russian censors, hides news in Counter-Strike map
https://www.malwarebytes.com/blog/news/2023/05/evading-russian-media-restrictions-with-custom-video-game-maps
Phishing campaign takes the energy out of Chinese nuclear industry.
https://thecyberwire.com/podcasts/research-saturday/280/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
Effective Security Relies on Effective Communication
Taking a critical view of information from multiple viewpoints will help generate more comprehensive opinions and increase confidence in any decisions made based on them.
Top Security News for 07/05/2023
Google and Apple cooperate to address unwanted tracking
https://malware.news/t/google-and-apple-cooperate-to-address-unwanted-tracking/69279#post_1
FBI seized other domains used by the shadow eBook library Z-Library
https://securityaffairs.com/145854/cyber-crime/z-library-domains-seized.html
Google and Apple cooperate to address unwanted tracking
https://www.malwarebytes.com/blog/news/2023/05/google-and-apple-take-initiative-to-address-unwanted-tracking
Cookie Bugs - Smuggling & Injection
https://www.reddit.com/r/netsec/comments/139h4hd/cookie_bugs_smuggling_injection/
I created a GitHub repo for learning application security from scratch. It's perfect for beginners and includes a comprehensive list of reference links. But it's not complete yet! Contributors are welcome to add more details.
https://www.reddit.com/r/netsec/comments/139xxiv/i_created_a_github_repo_for_learning_application/
Dependabot Confusion: Gaining Access to Private GitHub Repositories using Dependabot
https://www.reddit.com/r/netsec/comments/139zv0d/dependabot_confusion_gaining_access_to_private/
Twitter confirmed that a security incident publicly exposed Circle tweets
https://securityaffairs.com/145865/social-networks/twitter-circle-security-incident.html
Twitter admits to ‘security incident’ involving Circles tweets
https://www.theguardian.com/technology/2023/may/06/twitter-admits-to-security-incident-involving-circles-tweets
Shelley Ma: The mystery behind cybersecurity. [Response Lead]
https://thecyberwire.com/podcasts/career-notes/148/notes
Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry
https://thehackernews.com/2023/05/dragon-breath-apt-group-using-double.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Google and Apple cooperate to address unwanted tracking
https://malware.news/t/google-and-apple-cooperate-to-address-unwanted-tracking/69279#post_1
FBI seized other domains used by the shadow eBook library Z-Library
https://securityaffairs.com/145854/cyber-crime/z-library-domains-seized.html
Google and Apple cooperate to address unwanted tracking
https://www.malwarebytes.com/blog/news/2023/05/google-and-apple-take-initiative-to-address-unwanted-tracking
Cookie Bugs - Smuggling & Injection
https://www.reddit.com/r/netsec/comments/139h4hd/cookie_bugs_smuggling_injection/
I created a GitHub repo for learning application security from scratch. It's perfect for beginners and includes a comprehensive list of reference links. But it's not complete yet! Contributors are welcome to add more details.
https://www.reddit.com/r/netsec/comments/139xxiv/i_created_a_github_repo_for_learning_application/
Dependabot Confusion: Gaining Access to Private GitHub Repositories using Dependabot
https://www.reddit.com/r/netsec/comments/139zv0d/dependabot_confusion_gaining_access_to_private/
Twitter confirmed that a security incident publicly exposed Circle tweets
https://securityaffairs.com/145865/social-networks/twitter-circle-security-incident.html
Twitter admits to ‘security incident’ involving Circles tweets
https://www.theguardian.com/technology/2023/may/06/twitter-admits-to-security-incident-involving-circles-tweets
Shelley Ma: The mystery behind cybersecurity. [Response Lead]
https://thecyberwire.com/podcasts/career-notes/148/notes
Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry
https://thehackernews.com/2023/05/dragon-breath-apt-group-using-double.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Google and Apple cooperate to address unwanted tracking
Google and Apple have announced that they are looking for input from industry participants and advocacy groups on a draft specification to alert users in the event of suspected unwanted tracking. Samsung, Tile, Chipolo, eufy Security, and Pebblebee have stated…
Top Security News for 08/05/2023
Quickly Finding Encoded Payloads in Office Documents, (Sun, May 7th)
https://malware.news/t/quickly-finding-encoded-payloads-in-office-documents-sun-may-7th/69281#post_1
CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine
https://thehackernews.com/2023/05/cert-ua-warns-of-smokeloader-and.html
After multiple cleanings with multiple antivirus programs I still get redirected to Bing. Assistance needed!
https://www.reddit.com/r/Malware/comments/13az2kv/after_multiple_cleanings_with_multiple_antivirus/
Cybersecurity teams hampered by economic downturn
https://malware.news/t/cybersecurity-teams-hampered-by-economic-downturn/69280#post_1
Quickly Finding Encoded Payloads in Office Documents, (Sun, May 7th)
https://isc.sans.edu/diary/rss/29818
AhnLab EDR Tracks and Responds against Link File (*.lnk) Distributing RokRAT
https://malware.news/t/ahnlab-edr-tracks-and-responds-against-link-file-lnk-distributing-rokrat/69284#post_1
ISC StormCast for Monday, May 8th, 2023
https://isc.sans.edu/podcastdetail.html?id=8486
ISC Stormcast For Monday, May 8th, 2023 https://isc.sans.edu/podcastdetail.html?id=8486, (Mon, May 8th)
https://isc.sans.edu/diary/rss/29820
ISC Stormcast For Monday, May 8th, 2023 https://isc.sans.edu/podcastdetail.html?id=8486, (Mon, May 8th)
https://malware.news/t/isc-stormcast-for-monday-may-8th-2023-https-isc-sans-edu-podcastdetail-html-id-8486-mon-may-8th/69286#post_1
Three ways to leverage cyberpsychology to prevent attacks
https://malware.news/t/three-ways-to-leverage-cyberpsychology-to-prevent-attacks/69287#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Quickly Finding Encoded Payloads in Office Documents, (Sun, May 7th)
https://malware.news/t/quickly-finding-encoded-payloads-in-office-documents-sun-may-7th/69281#post_1
CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine
https://thehackernews.com/2023/05/cert-ua-warns-of-smokeloader-and.html
After multiple cleanings with multiple antivirus programs I still get redirected to Bing. Assistance needed!
https://www.reddit.com/r/Malware/comments/13az2kv/after_multiple_cleanings_with_multiple_antivirus/
Cybersecurity teams hampered by economic downturn
https://malware.news/t/cybersecurity-teams-hampered-by-economic-downturn/69280#post_1
Quickly Finding Encoded Payloads in Office Documents, (Sun, May 7th)
https://isc.sans.edu/diary/rss/29818
AhnLab EDR Tracks and Responds against Link File (*.lnk) Distributing RokRAT
https://malware.news/t/ahnlab-edr-tracks-and-responds-against-link-file-lnk-distributing-rokrat/69284#post_1
ISC StormCast for Monday, May 8th, 2023
https://isc.sans.edu/podcastdetail.html?id=8486
ISC Stormcast For Monday, May 8th, 2023 https://isc.sans.edu/podcastdetail.html?id=8486, (Mon, May 8th)
https://isc.sans.edu/diary/rss/29820
ISC Stormcast For Monday, May 8th, 2023 https://isc.sans.edu/podcastdetail.html?id=8486, (Mon, May 8th)
https://malware.news/t/isc-stormcast-for-monday-may-8th-2023-https-isc-sans-edu-podcastdetail-html-id-8486-mon-may-8th/69286#post_1
Three ways to leverage cyberpsychology to prevent attacks
https://malware.news/t/three-ways-to-leverage-cyberpsychology-to-prevent-attacks/69287#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Quickly Finding Encoded Payloads in Office Documents, (Sun, May 7th)
Malicious documents like this RevengeRAT ppam file found on MalwareBazaar contain VBA code that you can analyze with oledump.py. Article Link: https://isc.sans.edu/diary/rss/29818
Top Security News for 10/05/2023
ISC Stormcast For Wednesday, May 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8490, (Wed, May 10th)
https://isc.sans.edu/diary/rss/29830
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/09-05-2023
Malwarebytes releases Mobile Security for OneView to secure Chromebooks, Android, iOS devices
https://www.csoonline.com/article/3695774/malwarebytes-releases-mobile-security-for-oneview-to-secure-chromebooks-android-ios-devices.html#tk.rss_all
U.S. Authorities Seize 13 Domains Offering Criminal DDoS-for-Hire Services
https://thehackernews.com/2023/05/us-authorities-seize-13-domains.html
Passwordless authentication gaining traction among IT leaders
https://malware.news/t/passwordless-authentication-gaining-traction-among-it-leaders/69388#post_1
Ransomware attack on MSI led to compromised Intel Boot Guard private keys
https://www.malwarebytes.com/blog/news/2023/05/ransomware-attack-on-msi-led-to-compromised-intel-boot-guard-private-keys
Unwarranted Confidence On Mount Stupid
https://dale-peterson.com/2023/05/09/unwarranted-confidence-on-mount-stupid/?utm_source=rss&utm_medium=rss&utm_campaign=unwarranted-confidence-on-mount-stupid
Fortinet warns of a spike of the activity linked to AndoryuBot DDoS botnet
https://securityaffairs.com/145980/cyber-crime/andoryubot-ddos-botnet.html
Microsoft's May Patch Tuesday Fixes 38 Flaws, Including Active Zero-Day Bug
https://thehackernews.com/2023/05/microsofts-may-patch-tuesday-fixes-38.html
Is Your Cybersecurity “Too” Good?
https://securityintelligence.com/articles/is-your-cybersecurity-too-good/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Wednesday, May 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8490, (Wed, May 10th)
https://isc.sans.edu/diary/rss/29830
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/09-05-2023
Malwarebytes releases Mobile Security for OneView to secure Chromebooks, Android, iOS devices
https://www.csoonline.com/article/3695774/malwarebytes-releases-mobile-security-for-oneview-to-secure-chromebooks-android-ios-devices.html#tk.rss_all
U.S. Authorities Seize 13 Domains Offering Criminal DDoS-for-Hire Services
https://thehackernews.com/2023/05/us-authorities-seize-13-domains.html
Passwordless authentication gaining traction among IT leaders
https://malware.news/t/passwordless-authentication-gaining-traction-among-it-leaders/69388#post_1
Ransomware attack on MSI led to compromised Intel Boot Guard private keys
https://www.malwarebytes.com/blog/news/2023/05/ransomware-attack-on-msi-led-to-compromised-intel-boot-guard-private-keys
Unwarranted Confidence On Mount Stupid
https://dale-peterson.com/2023/05/09/unwarranted-confidence-on-mount-stupid/?utm_source=rss&utm_medium=rss&utm_campaign=unwarranted-confidence-on-mount-stupid
Fortinet warns of a spike of the activity linked to AndoryuBot DDoS botnet
https://securityaffairs.com/145980/cyber-crime/andoryubot-ddos-botnet.html
Microsoft's May Patch Tuesday Fixes 38 Flaws, Including Active Zero-Day Bug
https://thehackernews.com/2023/05/microsofts-may-patch-tuesday-fixes-38.html
Is Your Cybersecurity “Too” Good?
https://securityintelligence.com/articles/is-your-cybersecurity-too-good/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Wednesday, May 10th, 2023 - SANS ISC
Top Security News for 11/05/2023
IBM unveils end-to-end, quantum-safe tools to secure business, government data
https://www.csoonline.com/article/3695538/ibm-unveils-end-to-end-quantum-safe-tools-to-secure-business-government-data.html#tk.rss_all
Google Announces New Privacy, Safety, and Security Features Across Its Services
https://thehackernews.com/2023/05/google-announces-new-privacy-safety-and.html
Latest Developments in Unblob (Firmware Extraction Tool)
https://www.reddit.com/r/netsec/comments/13disgk/latest_developments_in_unblob_firmware_extraction/
Shareholder Arrested After Ranting at Warren Buffet for His Contributions to 'Woke Culture'
https://www.vice.com/en_us/article/ak3vp5/shareholder-arrested-after-ranting-at-warren-buffet-for-his-contributions-to-woke-culture
Stockfish, a very popular chess engine, has a buffer overflow vulnerability due to unsanatized input
https://www.reddit.com/r/netsec/comments/13dod03/stockfish_a_very_popular_chess_engine_has_a/
Twitter Finally Rolling Out Encrypted Direct Messages — Starting with Verified Users
https://thehackernews.com/2023/05/twitter-finally-rolling-out-encrypted.html
Dell pushes security, devops integration in storage updates
https://www.networkworld.com/article/3696269/dell-pushes-security-devops-integration-in-storage-updates.html#tk.rss_all
Navigating mobile malware trends: Crucial insights and predictions for MSPs
https://www.malwarebytes.com/blog/business/2023/05/navigating-mobile-malware-trends-crucial-insights-and-predictions-for-msps
GitHub Extends Push Protection to Prevent Accidental Leaks of Keys and Other Secrets
https://thehackernews.com/2023/05/github-extends-push-protection-to.html
Experts Detail New Zero-Click Windows Vulnerability for NTLM Credential Theft
https://thehackernews.com/2023/05/experts-detail-new-zero-click-windows.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
IBM unveils end-to-end, quantum-safe tools to secure business, government data
https://www.csoonline.com/article/3695538/ibm-unveils-end-to-end-quantum-safe-tools-to-secure-business-government-data.html#tk.rss_all
Google Announces New Privacy, Safety, and Security Features Across Its Services
https://thehackernews.com/2023/05/google-announces-new-privacy-safety-and.html
Latest Developments in Unblob (Firmware Extraction Tool)
https://www.reddit.com/r/netsec/comments/13disgk/latest_developments_in_unblob_firmware_extraction/
Shareholder Arrested After Ranting at Warren Buffet for His Contributions to 'Woke Culture'
https://www.vice.com/en_us/article/ak3vp5/shareholder-arrested-after-ranting-at-warren-buffet-for-his-contributions-to-woke-culture
Stockfish, a very popular chess engine, has a buffer overflow vulnerability due to unsanatized input
https://www.reddit.com/r/netsec/comments/13dod03/stockfish_a_very_popular_chess_engine_has_a/
Twitter Finally Rolling Out Encrypted Direct Messages — Starting with Verified Users
https://thehackernews.com/2023/05/twitter-finally-rolling-out-encrypted.html
Dell pushes security, devops integration in storage updates
https://www.networkworld.com/article/3696269/dell-pushes-security-devops-integration-in-storage-updates.html#tk.rss_all
Navigating mobile malware trends: Crucial insights and predictions for MSPs
https://www.malwarebytes.com/blog/business/2023/05/navigating-mobile-malware-trends-crucial-insights-and-predictions-for-msps
GitHub Extends Push Protection to Prevent Accidental Leaks of Keys and Other Secrets
https://thehackernews.com/2023/05/github-extends-push-protection-to.html
Experts Detail New Zero-Click Windows Vulnerability for NTLM Credential Theft
https://thehackernews.com/2023/05/experts-detail-new-zero-click-windows.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
IBM unveils end-to-end, quantum-safe tools to secure business, government data
Quantum Safe Technology combines expertise across cryptography and critical infrastructure to address the future security risks posed by quantum computing.