Top Security News for 17/04/2023

10th April – Threat Intelligence Report
https://malware.news/t/10th-april-threat-intelligence-report/68768#post_1

IDA Memory Snapshot - Amadey Malware Unpacking & Initterm Poisoning
https://malware.news/t/ida-memory-snapshot-amadey-malware-unpacking-initterm-poisoning/68766#post_1

Australians report record $3.1bn losses to scams, with real amount even higher, ACCC says
https://www.theguardian.com/australia-news/2023/apr/17/australians-report-record-31bn-losses-to-scams-with-real-amount-even-higher-accc-says

NCR was the victim of BlackCat/ALPHV ransomware gang
https://securityaffairs.com/144866/cyber-crime/ncr-blackcat-alphv-ransomware.html

Security Affairs newsletter Round 415 by Pierluigi Paganini – International edition
https://securityaffairs.com/144863/breaking-news/security-affairs-newsletter-round-415-by-pierluigi-paganini.html

Could any of you be a hacker and not tell a soul?
https://0x00sec.org/t/could-any-of-you-be-a-hacker-and-not-tell-a-soul/34548

Trigona Ransomware Attacking MS-SQL Servers
https://malware.news/t/trigona-ransomware-attacking-ms-sql-servers/68771#post_1

WorLLMs
https://www.reddit.com/r/netsec/comments/12o1x14/worllms/

ISC Stormcast For Monday, April 17th, 2023 https://isc.sans.edu/podcastdetail.html?id=8456, (Mon, Apr 17th)
https://malware.news/t/isc-stormcast-for-monday-april-17th-2023-https-isc-sans-edu-podcastdetail-html-id-8456-mon-apr-17th/68770#post_1

Additional Activities of the Tick Group That Attacks with a Modified Q-Dir and Their Ties with Operation Triple Tiang
https://malware.news/t/additional-activities-of-the-tick-group-that-attacks-with-a-modified-q-dir-and-their-ties-with-operation-triple-tiang/68772#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 18/04/2023

Israeli Spyware Vendor QuaDream to Shut Down Following Citizen Lab and Microsoft Expose
https://thehackernews.com/2023/04/israeli-spyware-vendor-quadream-to-shut.html

A Practical, AI-Generated Phishing PoC with ChatGPT
https://www.reddit.com/r/netsec/comments/12ps1zb/a_practical_aigenerated_phishing_poc_with_chatgpt/

Woman tracks down and turns table on Airbnb scammer
https://www.malwarebytes.com/blog/news/2023/04/woman-tracks-down-and-turns-table-on-airbnb-scammer

ASEC Weekly Malware Statistics (April 10th, 2023 – April 16th, 2023)
https://malware.news/t/asec-weekly-malware-statistics-april-10th-2023-april-16th-2023/68806#post_1

Ransomware in Germany, April 2022 – March 2023
https://www.malwarebytes.com/blog/threat-intelligence/2023/04/ransomware-review-germany

Vice Society Ransomware Using Stealthy PowerShell Tool for Data Exfiltration
https://thehackernews.com/2023/04/vice-society-ransomware-using-stealthy.html

Developments in the Discord Papers, including notes on influencers and why they seek influence. Tax season scams. KillNet’s selling, but is anyone buying?
https://thecyberwire.com/podcasts/daily-podcast/1803/notes

Hey, I wrote a GCP pentesting guide, check it out if you are interested in cloud security and please lmk your thoughts. Appreciate it.
https://www.reddit.com/r/netsec/comments/12prarf/hey_i_wrote_a_gcp_pentesting_guide_check_it_out/

Security Operations Center (SOC) (noun)
https://thecyberwire.com/podcasts/word-notes/144/notes

7 cybersecurity mindsets that undermine practitioners and how to avoid them
https://www.csoonline.com/article/3693255/7-cybersecurity-mindsets-that-undermine-practitioners-and-how-to-avoid-them.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 27/04/2023

Cyber Risk Quantification, Level 6 Cybersecurity, & Intel Briefing
https://thecyberwire.com/podcasts/rh-isac/26/notes

VMware Releases Critical Patches for Workstation and Fusion Software
https://thehackernews.com/2023/04/vmware-releases-critical-patches-for.html

ISC Stormcast For Thursday, April 27th, 2023 https://isc.sans.edu/podcastdetail.html?id=8472, (Thu, Apr 27th)
https://malware.news/t/isc-stormcast-for-thursday-april-27th-2023-https-isc-sans-edu-podcastdetail-html-id-8472-thu-apr-27th/69032#post_1

How AIoT Will Reshape the Security Industry in 2023
https://securityintelligence.com/articles/how-aiot-will-reshape-security-2023/

Iranian cyberspies deploy new malware implant on Microsoft Exchange Servers
https://www.csoonline.com/article/3694850/iranian-cyberspies-deploy-new-malware-implant-on-microsoft-exchange-servers.html#tk.rss_all

Avast detected some harmful apps.
https://www.reddit.com/r/Malware/comments/130agyn/avast_detected_some_harmful_apps/

Fake Flipper Zero sellers are after your money
https://www.malwarebytes.com/blog/news/2023/04/fake-flipper-zero-sellers-are-after-your-money

Chinese Hackers Using MgBot Malware to Target International NGOs in Mainland China
https://thehackernews.com/2023/04/chinese-hackers-using-mgbot-malware-to.html

Threat Actor Selling New Atomic macOS (AMOS) Stealer on Telegram
https://www.reddit.com/r/Malware/comments/12zz7x6/threat_actor_selling_new_atomic_macos_amos/

Palantir Demos AI to Fight Wars But Says It Will Be Totally Ethical Don’t Worry About It
https://www.vice.com/en_us/article/qjvb4x/palantir-demos-ai-to-fight-wars-but-says-it-will-be-totally-ethical-dont-worry-about-it


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 28/04/2023

Android greybox fuzzing with AFL++ Frida mode
https://www.reddit.com/r/netsec/comments/130uxye/android_greybox_fuzzing_with_afl_frida_mode/

User impersonation via stolen UUID code in KeyCloak (CVE-2023-0264)
https://www.reddit.com/r/netsec/comments/130km04/user_impersonation_via_stolen_uuid_code_in/

RTM Locker's First Linux Ransomware Strain Targeting NAS and ESXi Hosts
https://thehackernews.com/2023/04/rtm-lockers-first-linux-ransomware.html

Zero Trust Data Security: It’s Time To Make the Shift
https://securityintelligence.com/articles/zero-trust-data-security-time-to-shift/

ISC StormCast for Friday, April 28th, 2023
https://isc.sans.edu/podcastdetail.html?id=8474

API and application attacks rising: Akamai.
https://thecyberwire.com

ISC Stormcast For Friday, April 28th, 2023 https://isc.sans.edu/podcastdetail.html?id=8474, (Fri, Apr 28th)
https://isc.sans.edu/diary/rss/29786

Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware
https://thehackernews.com/2023/04/microsoft-confirms-papercut-servers.html

Why you should practice rollbacks to prevent data loss in a ransomware attack
https://www.microsoft.com/en-us/security/blog/2023/04/27/why-you-should-practice-rollbacks-to-prevent-data-loss-in-a-ransomware-attack/

Smash PostScript Interpreters Using a Syntax-Aware Fuzzer
https://www.reddit.com/r/netsec/comments/130fg5s/smash_postscript_interpreters_using_a_syntaxaware/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 29/04/2023

Why Your Detection-First Security Approach Isn't Working
https://thehackernews.com/2023/04/why-your-detection-first-security.html

CVE-2022-37955: Vulnerability in Microsoft Windows Group Policy Updates Leads to Improper Link Resolution Before File Access (Privilege Escalation CWE-59)
https://www.reddit.com/r/netsec/comments/131mes1/cve202237955_vulnerability_in_microsoft_windows/

Attacks On PaperCut Servers Tied To Ransomware Groups
https://packetstormsecurity.com/news/view/34561/Attacks-On-PaperCut-Servers-Tied-To-Ransomware-Groups.html

Chinese Alloy Taurus Updates PingPull Malware
https://www.reddit.com/r/netsec/comments/131qxn8/chinese_alloy_taurus_updates_pingpull_malware/

What’s now being traded in the C2C markets. CISA would like comments on its software self-attestation form. And in Russia’s hybrid war, are there cyber war crimes, or real hacktivists?
https://thecyberwire.com/podcasts/daily-podcast/1812/notes

State of DNS Rebinding in 2023
https://www.reddit.com/r/netsec/comments/132ewi3/state_of_dns_rebinding_in_2023/

The UN's new cybercrime treaty raises human rights concerns. How China's new counter-espionage law could impact cyber business.
https://thecyberwire.com/newsletters/policy-briefing/5/82

CISA Warns of Critical Flaws in Illumina's DNA Sequencing Instruments
https://thehackernews.com/2023/04/cisa-warns-of-critical-flaws-in.html

LockBit and Cl0p ransomware gangs actively exploiting Papercut vulnerabilities
https://www.malwarebytes.com/blog/news/2023/04/lockbit-and-cl0p-are-actively-exploiting-papercut-vulnerabilities

Breach roundup. Hackers steal more than hearts.
https://thecyberwire.com/podcasts/privacy-briefing/517/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 01/05/2023

ISC StormCast for Monday, May 1st, 2023
https://isc.sans.edu/podcastdetail.html?id=8476

Update: zipdump.py Version 0.0.25
https://malware.news/t/update-zipdump-py-version-0-0-25/69074#post_1

Cybersecurity in space: not as far out as you’d think.
https://thecyberwire.com/stories/b4e997c1d2364e1180242df611d9c2a7/cybersecurity-in-space-not-as-far-out-as-youd-think

ISC Stormcast For Monday, May 1st, 2023 https://isc.sans.edu/podcastdetail.html?id=8476, (Mon, May 1st)
https://isc.sans.edu/diary/rss/29796

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition
https://securityaffairs.com/145479/breaking-news/security-affairs-newsletter-round-417.html

Elastic Security Labs discovers the LOBSHOT malware
https://www.reddit.com/r/Malware/comments/133nj1u/elastic_security_labs_discovers_the_lobshot/

Perry Carpenter: Turning composition into computing. [Strategy]
https://thecyberwire.com/podcasts/career-notes/147/notes

SANS.edu Research Journal Volume 3 Released into the Wild. https://www.sans.edu/cyber-security-research @sans_edu #cybersecurity #research, (Sun, Apr 30th)
https://malware.news/t/sans-edu-research-journal-volume-3-released-into-the-wild-https-www-sans-edu-cyber-security-research-x40-sans-x5f-edu-cybersecurity-research-sun-apr-30th/69076#post_1

Sharing a tool I developed to help Blue Teamers discover Persistence on Windows - please check it out!
https://www.reddit.com/r/netsec/comments/133s5h6/sharing_a_tool_i_developed_to_help_blue_teamers/

Crooks broke into AT&T email accounts to empty their cryptocurrency wallets
https://securityaffairs.com/145508/hacking/att-email-accounts-hacked.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 02/05/2023

Azure DevOps CICD Pipelines - Command Injection with Parameters, Variables and a discussion on Runner hijacking
https://www.reddit.com/r/netsec/comments/134gv4v/azure_devops_cicd_pipelines_command_injection/

Is misinformation the newest malware?
https://www.csoonline.com/article/3695014/is-misinformation-the-newest-malware.html#tk.rss_all

APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails
https://thehackernews.com/2023/05/apt28-targets-ukrainian-government.html

A week in security (April 24 -30)
https://malware.news/t/a-week-in-security-april-24-30/69096#post_1

Ukraine Is Now Using Steam Decks to Control Machine Gun Turrets
https://www.vice.com/en_us/article/5d9g9z/ukraine-is-now-using-steam-decks-to-control-machine-gun-turrets

1st May – Threat Intelligence Report
https://malware.news/t/1st-may-threat-intelligence-report/69098#post_1

The hidden security risks in tech layoffs and how to mitigate them
https://www.csoonline.com/article/3695070/the-hidden-security-risks-in-tech-layoffs-and-how-to-mitigate-them.html#tk.rss_all

Get in the game for your next leadership opportunity.
https://thecyberwire.com/stories/d974309ec4264b5f9c79711cc64459a4/get-in-the-game-for-your-next-leadership-opportunity

What does ChatGPT know about phishing?
https://securelist.com/chatgpt-anti-phishing/109590/

FDA warns of biomed device vulnerability. Ransomware's effects continue at US Marshals Service fugitive tracking. US DoJ shifts to disruption of cybercrime. GRU phishing. KillNet’s ask-me-anything.
https://thecyberwire.com/podcasts/daily-podcast/1813/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 03/05/2023

ISC Stormcast For Wednesday, May 3rd, 2023 https://isc.sans.edu/podcastdetail.html?id=8480, (Wed, May 3rd)
https://malware.news/t/isc-stormcast-for-wednesday-may-3rd-2023-https-isc-sans-edu-podcastdetail-html-id-8480-wed-may-3rd/69130#post_1

Ransomware recovery still underway at US Marshals Service
https://malware.news/t/ransomware-recovery-still-underway-at-us-marshals-service/69136#post_1

Rationalizing Your Hybrid Cloud Security Tools
https://securityintelligence.com/posts/rationalizing-your-hybrid-cloud-security-tools/

Veza releases access security, governance solution for SaaS applications
https://www.csoonline.com/article/3694897/veza-releases-access-security-governance-solution-for-saas-applications.html#tk.rss_all

Three Thoughts On The OT Security Workforce
https://dale-peterson.com/2023/05/02/three-thoughts-on-ot-security-workforce/?utm_source=rss&utm_medium=rss&utm_campaign=three-thoughts-on-ot-security-workforce

Windows devices under attack from novel LOBSHOT malware
https://malware.news/t/windows-devices-under-attack-from-novel-lobshot-malware/69131#post_1

Databricks platform root privilege escalation and bypassing cluster isolation
https://www.reddit.com/r/netsec/comments/135kulv/databricks_platform_root_privilege_escalation_and/

Over 500K devices compromised in malverposting campaign
https://malware.news/t/over-500k-devices-compromised-in-malverposting-campaign/69135#post_1

North Korea's ScarCruft Deploys RokRAT Malware via LNK File Infection Chains
https://thehackernews.com/2023/05/north-koreas-scarcruft-deploys-rokrat.html

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/02-05-2023


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 04/05/2023

The AI message at RSAC was long on hype and short on specifics
https://malware.news/t/the-ai-message-at-rsac-was-long-on-hype-and-short-on-specifics/69196#post_1

Reverse engineering tricks: identifying opaque network protocols
https://www.reddit.com/r/netsec/comments/136n7bg/reverse_engineering_tricks_identifying_opaque/

Operation SpecTor: $53.4 Million Seized, 288 Vendors Arrested in Dark Web Drug Bust
https://thehackernews.com/2023/05/operation-spector-534-million-seized.html

Infostealer Embedded in a Word Document, (Thu, May 4th)
https://malware.news/t/infostealer-embedded-in-a-word-document-thu-may-4th/69197#post_1

Google rolls out passkey support across accounts on all major platforms
https://www.csoonline.com/article/3695173/google-rolls-out-passkey-support-across-accounts-on-all-major-platforms.html#tk.rss_all

GPT-4 Can’t Replace Striking TV Writers, But Studios Are Going to Try
https://www.vice.com/en_us/article/pkap3m/gpt-4-cant-replace-striking-tv-writers-but-studios-are-going-to-try

Forrester names Microsoft a Leader in 2023 Infrastructure-as-a-Service Platform Native Security report
https://www.microsoft.com/en-us/security/blog/2023/05/03/forrester-names-microsoft-a-leader-in-2023-infrastructure-as-a-service-platform-native-security-report/

Vulnerability Spotlight: Vulnerabilities in IBM AIX could lead to command injection with elevated privileges
https://www.reddit.com/r/netsec/comments/136qw54/vulnerability_spotlight_vulnerabilities_in_ibm/

Your approach to efficient security compliance.
https://thecyberwire.com/podcasts/caveat/170/notes

Create slackbot using slack bolt API and Node.js
https://malware.news/t/create-slackbot-using-slack-bolt-api-and-node-js/69195#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 05/05/2023

White House unveils AI rules to address safety and privacy
https://www.computerworld.com/article/3695731/white-house-unveils-ai-rules-to-address-safety-and-privacy.html#tk.rss_all

ISC Stormcast For Friday, May 5th, 2023 https://isc.sans.edu/podcastdetail.html?id=8484, (Fri, May 5th)
https://malware.news/t/isc-stormcast-for-friday-may-5th-2023-https-isc-sans-edu-podcastdetail-html-id-8484-fri-may-5th/69237#post_1

Cisco Warns of Vulnerability in Popular Phone Adapter, Urges Migration to Newer Model
https://thehackernews.com/2023/05/cisco-warns-of-vulnerability-in-popular.html

Introducing SpiderSuite: Advance web security crawler
https://www.reddit.com/r/netsec/comments/137kbsj/introducing_spidersuite_advance_web_security/

How Microsoft can help you go passwordless this World Password Day
https://www.microsoft.com/en-us/security/blog/2023/05/04/how-microsoft-can-help-you-go-passwordless-this-world-password-day/

RansomHouse attack compromises AvidXchange
https://malware.news/t/ransomhouse-attack-compromises-avidxchange/69235#post_1

Not quite an Easter egg: a new family of Trojan subscribers on Google Play
https://securelist.com/fleckpe-a-new-family-of-trojan-subscribers-on-google-play/109643/

Verified Twitter Accounts Spread Misinfo About Imminent Nuclear Strike
https://www.vice.com/en_us/article/wxjd4y/verified-twitter-accounts-spread-misinfo-about-imminent-nuclear-strike

Researchers Discover 3 Vulnerabilities in Microsoft Azure API Management Service
https://thehackernews.com/2023/05/researchers-discover-3-vulnerabilities.html

ISC Stormcast For Friday, May 5th, 2023 https://isc.sans.edu/podcastdetail.html?id=8484, (Fri, May 5th)
https://isc.sans.edu/diary/rss/29812


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 06/05/2023

BrandPost: Effective Security Relies on Effective Communication
https://www.csoonline.com/article/3695848/effective-security-relies-on-effective-communication.html#tk.rss_all

Why Robot Vacuums Have Cameras (and What to Know About Them)
https://securityintelligence.com/articles/why-robot-vacuums-have-cameras-what-to-know/

Apple releases first Rapid Security Response update for iOS, iPadOS, and macOS users
https://malware.news/t/apple-releases-first-rapid-security-response-update-for-ios-ipados-and-macos-users/69270#post_1

Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit DrIBAN
https://thehackernews.com/2023/05/hackers-targeting-italian-corporate.html

New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks
https://thehackernews.com/2023/05/new-vulnerability-in-popular-wordpress.html

Redash SAML Authentication Bypass
https://www.reddit.com/r/netsec/comments/138gg7h/redash_saml_authentication_bypass/

Google launches entry-level cybersecurity certificate to teach threat detection skills
https://www.csoonline.com/article/3695575/google-launches-entry-level-cybersecurity-certificate-to-teach-threat-detection-skills.html#tk.rss_all

N. Korean Kimsuky Hackers Using New Recon Tool ReconShark in Latest Cyberattacks
https://thehackernews.com/2023/05/n-korean-kimsuky-hackers-using-new.html

Newspaper evades Russian censors, hides news in Counter-Strike map
https://www.malwarebytes.com/blog/news/2023/05/evading-russian-media-restrictions-with-custom-video-game-maps

Phishing campaign takes the energy out of Chinese nuclear industry.
https://thecyberwire.com/podcasts/research-saturday/280/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 07/05/2023

Google and Apple cooperate to address unwanted tracking
https://malware.news/t/google-and-apple-cooperate-to-address-unwanted-tracking/69279#post_1

FBI seized other domains used by the shadow eBook library Z-Library
https://securityaffairs.com/145854/cyber-crime/z-library-domains-seized.html

Google and Apple cooperate to address unwanted tracking
https://www.malwarebytes.com/blog/news/2023/05/google-and-apple-take-initiative-to-address-unwanted-tracking

Cookie Bugs - Smuggling & Injection
https://www.reddit.com/r/netsec/comments/139h4hd/cookie_bugs_smuggling_injection/

I created a GitHub repo for learning application security from scratch. It's perfect for beginners and includes a comprehensive list of reference links. But it's not complete yet! Contributors are welcome to add more details.
https://www.reddit.com/r/netsec/comments/139xxiv/i_created_a_github_repo_for_learning_application/

Dependabot Confusion: Gaining Access to Private GitHub Repositories using Dependabot
https://www.reddit.com/r/netsec/comments/139zv0d/dependabot_confusion_gaining_access_to_private/

Twitter confirmed that a security incident publicly exposed Circle tweets
https://securityaffairs.com/145865/social-networks/twitter-circle-security-incident.html

Twitter admits to ‘security incident’ involving Circles tweets
https://www.theguardian.com/technology/2023/may/06/twitter-admits-to-security-incident-involving-circles-tweets

Shelley Ma: The mystery behind cybersecurity. [Response Lead]
https://thecyberwire.com/podcasts/career-notes/148/notes

Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry
https://thehackernews.com/2023/05/dragon-breath-apt-group-using-double.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 08/05/2023

Quickly Finding Encoded Payloads in Office Documents, (Sun, May 7th)
https://malware.news/t/quickly-finding-encoded-payloads-in-office-documents-sun-may-7th/69281#post_1

CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine
https://thehackernews.com/2023/05/cert-ua-warns-of-smokeloader-and.html

After multiple cleanings with multiple antivirus programs I still get redirected to Bing. Assistance needed!
https://www.reddit.com/r/Malware/comments/13az2kv/after_multiple_cleanings_with_multiple_antivirus/

Cybersecurity teams hampered by economic downturn
https://malware.news/t/cybersecurity-teams-hampered-by-economic-downturn/69280#post_1

Quickly Finding Encoded Payloads in Office Documents, (Sun, May 7th)
https://isc.sans.edu/diary/rss/29818

AhnLab EDR Tracks and Responds against Link File (*.lnk) Distributing RokRAT
https://malware.news/t/ahnlab-edr-tracks-and-responds-against-link-file-lnk-distributing-rokrat/69284#post_1

ISC StormCast for Monday, May 8th, 2023
https://isc.sans.edu/podcastdetail.html?id=8486

ISC Stormcast For Monday, May 8th, 2023 https://isc.sans.edu/podcastdetail.html?id=8486, (Mon, May 8th)
https://isc.sans.edu/diary/rss/29820

ISC Stormcast For Monday, May 8th, 2023 https://isc.sans.edu/podcastdetail.html?id=8486, (Mon, May 8th)
https://malware.news/t/isc-stormcast-for-monday-may-8th-2023-https-isc-sans-edu-podcastdetail-html-id-8486-mon-may-8th/69286#post_1

Three ways to leverage cyberpsychology to prevent attacks
https://malware.news/t/three-ways-to-leverage-cyberpsychology-to-prevent-attacks/69287#post_1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 10/05/2023

ISC Stormcast For Wednesday, May 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8490, (Wed, May 10th)
https://isc.sans.edu/diary/rss/29830

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/09-05-2023

Malwarebytes releases Mobile Security for OneView to secure Chromebooks, Android, iOS devices
https://www.csoonline.com/article/3695774/malwarebytes-releases-mobile-security-for-oneview-to-secure-chromebooks-android-ios-devices.html#tk.rss_all

U.S. Authorities Seize 13 Domains Offering Criminal DDoS-for-Hire Services
https://thehackernews.com/2023/05/us-authorities-seize-13-domains.html

Passwordless authentication gaining traction among IT leaders
https://malware.news/t/passwordless-authentication-gaining-traction-among-it-leaders/69388#post_1

Ransomware attack on MSI led to compromised Intel Boot Guard private keys
https://www.malwarebytes.com/blog/news/2023/05/ransomware-attack-on-msi-led-to-compromised-intel-boot-guard-private-keys

Unwarranted Confidence On Mount Stupid
https://dale-peterson.com/2023/05/09/unwarranted-confidence-on-mount-stupid/?utm_source=rss&utm_medium=rss&utm_campaign=unwarranted-confidence-on-mount-stupid

Fortinet warns of a spike of the activity linked to AndoryuBot DDoS botnet
https://securityaffairs.com/145980/cyber-crime/andoryubot-ddos-botnet.html

Microsoft's May Patch Tuesday Fixes 38 Flaws, Including Active Zero-Day Bug
https://thehackernews.com/2023/05/microsofts-may-patch-tuesday-fixes-38.html

Is Your Cybersecurity “Too” Good?
https://securityintelligence.com/articles/is-your-cybersecurity-too-good/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 11/05/2023

IBM unveils end-to-end, quantum-safe tools to secure business, government data
https://www.csoonline.com/article/3695538/ibm-unveils-end-to-end-quantum-safe-tools-to-secure-business-government-data.html#tk.rss_all

Google Announces New Privacy, Safety, and Security Features Across Its Services
https://thehackernews.com/2023/05/google-announces-new-privacy-safety-and.html

Latest Developments in Unblob (Firmware Extraction Tool)
https://www.reddit.com/r/netsec/comments/13disgk/latest_developments_in_unblob_firmware_extraction/

Shareholder Arrested After Ranting at Warren Buffet for His Contributions to 'Woke Culture'
https://www.vice.com/en_us/article/ak3vp5/shareholder-arrested-after-ranting-at-warren-buffet-for-his-contributions-to-woke-culture

Stockfish, a very popular chess engine, has a buffer overflow vulnerability due to unsanatized input
https://www.reddit.com/r/netsec/comments/13dod03/stockfish_a_very_popular_chess_engine_has_a/

Twitter Finally Rolling Out Encrypted Direct Messages — Starting with Verified Users
https://thehackernews.com/2023/05/twitter-finally-rolling-out-encrypted.html

Dell pushes security, devops integration in storage updates
https://www.networkworld.com/article/3696269/dell-pushes-security-devops-integration-in-storage-updates.html#tk.rss_all

Navigating mobile malware trends: Crucial insights and predictions for MSPs
https://www.malwarebytes.com/blog/business/2023/05/navigating-mobile-malware-trends-crucial-insights-and-predictions-for-msps

GitHub Extends Push Protection to Prevent Accidental Leaks of Keys and Other Secrets
https://thehackernews.com/2023/05/github-extends-push-protection-to.html

Experts Detail New Zero-Click Windows Vulnerability for NTLM Credential Theft
https://thehackernews.com/2023/05/experts-detail-new-zero-click-windows.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 12/05/2023

Ransomware and social engineering trends. Expired certificate addressed. Ransomware groups target schools. Cyber updates in the hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1821/notes

Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems
https://thehackernews.com/2023/05/babuk-source-code-sparks-9-new.html

New ransomware trends in 2023
https://securelist.com/new-ransomware-trends-in-2023/109660/

New DownEx malware campaign targets Central Asia
https://www.csoonline.com/article/3696429/new-downex-malware-campaign-targets-central-asia.html#tk.rss_all

Open Operational Technology Testing Guide (OOTTG)
https://www.reddit.com/r/netsec/comments/13ehg4d/open_operational_technology_testing_guide_oottg/

Volcanoes, resources, and living space in the world island. Bypassing censorship. Victory Day reviewed. Not disinformation, but persuasion.
https://thecyberwire.com/newsletters/disinformation-briefing/5/19

Healthcare cyberattacks cited in call to renew pandemic preparedness law
https://malware.news/t/healthcare-cyberattacks-cited-in-call-to-renew-pandemic-preparedness-law/69460#post_1

VOLUME 39 OF THE HACKER DIGEST RELEASED
https://www.2600.com/content/volume-39-hacker-digest-released

On Ashton Kutcher and Secure Multi-Party Computation
https://www.reddit.com/r/netsec/comments/13ett6a/on_ashton_kutcher_and_secure_multiparty/

ISC StormCast for Friday, May 12th, 2023
https://isc.sans.edu/podcastdetail/8494


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 14/05/2023

All roads lead back to Wuhan… Xiaoruizhi Science and Technology Company
https://malware.news/t/all-roads-lead-back-to-wuhan-xiaoruizhi-science-and-technology-company/69505#post_1

Personal info of 90k hikers leaked by French tourism company La Malle Postale
https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Crypter .Net/Native
https://0x00sec.org/t/crypter-net-native/35035

First Look: Ghidra 10.3 Emulator
https://www.reddit.com/r/netsec/comments/13gnfat/first_look_ghidra_103_emulator/

Intel Issues New CPU Microcode Going Back To Gen8 For New, Undisclosed Security Updates
https://www.reddit.com/r/netsec/comments/13ghgpr/intel_issues_new_cpu_microcode_going_back_to_gen8/

Data of more than 2M Toyota customers exposed in ten years-long data breach
https://securityaffairs.com/146178/data-breach/toyota-10-years-data-breach.html

Google adds unwanted tracker detection to Find My Device network
https://www.malwarebytes.com/blog/news/2023/05/google-adds-unwanted-tracker-detection-to-find-my-device-network

Steve Benton: Mixing like a DJ. [VP]
https://thecyberwire.com/podcasts/career-notes/149/notes

Russia-affiliated CheckMate ransomware quietly targets popular file-sharing protocol
https://securityaffairs.com/146166/malware/checkmate-ransomware-file-sharing.html

Anonymous Sudan Targets Israeli Citizens, Leaks Info-stealers Data
https://www.reddit.com/r/Malware/comments/13gh2og/anonymous_sudan_targets_israeli_citizens_leaks/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 15/05/2023

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition
https://securityaffairs.com/146195/breaking-news/security-affairs-newsletter-round-419.html

LokiLocker, a Ransomware Similar to BlackBit Being Distributed in Korea
https://malware.news/t/lokilocker-a-ransomware-similar-to-blackbit-being-distributed-in-korea/69511#post_1

Having trouble with evilginx2, need help
https://0x00sec.org/t/having-trouble-with-evilginx2-need-help/35055

The latest variant of the RapperBot botnet adds cryptojacking capabilities
https://securityaffairs.com/146207/malware/rapperbot-botnet-adds-cryptojacking.html

Dynamic debugging of Dot Net without source code
https://www.reddit.com/r/netsec/comments/13hpnpg/dynamic_debugging_of_dot_net_without_source_code/

VMware Aria Operations addresses multiple Local Privilege Escalations and a Deserialization issue, (Sun, May 14th)
https://isc.sans.edu/diary/rss/29842

VMware Aria Operations addresses multiple Local Privilege Escalations and a Deserialization issue, (Sun, May 14th)
https://malware.news/t/vmware-aria-operations-addresses-multiple-local-privilege-escalations-and-a-deserialization-issue-sun-may-14th/69506#post_1

ISC Stormcast For Monday, May 15th, 2023 https://isc.sans.edu/podcastdetail/8496, (Mon, May 15th)
https://isc.sans.edu/diary/rss/29846

Flare-on 2022 - darn_mice - Solving 4th challenge
https://malware.news/t/flare-on-2022-darn-mice-solving-4th-challenge/69508#post_1

Capita warns customers to assume that their data was stolen
https://securityaffairs.com/146200/data-breach/capita-warns-customers.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 16/05/2023

New 'MichaelKors' Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems
https://thehackernews.com/2023/05/new-michaelkors-ransomware-as-service.html

Windows 11 is showing its first signs of Rust
https://www.malwarebytes.com/blog/news/2023/05/microsoft-introduces-rust-into-kernel-in-windows-11

Missing temporal metrics (Exploit Code Maturity and Remediation Level) in certain CVEs using NVD API for CVSS v3 and v3.1
https://www.reddit.com/r/netsec/comments/13i75pc/missing_temporal_metrics_exploit_code_maturity/

A week in security (May 8-14)
https://www.malwarebytes.com/blog/news/2023/05/a-week-in-security-may-8-14

ISC StormCast for Tuesday, May 16th, 2023
https://isc.sans.edu/podcastdetail/8498

AI Hacking Games (Jailbreak CTFs)
https://www.reddit.com/r/netsec/comments/13i3k0j/ai_hacking_games_jailbreak_ctfs/

Brightly Software's online platform impacted by data breach
https://malware.news/t/brightly-softwares-online-platform-impacted-by-data-breach/69566#post_1

CLR SqlShell Malware Targets MS SQL Servers for Crypto Mining and Ransomware
https://thehackernews.com/2023/05/clr-sqlshell-malware-targets-ms-sql.html

QR code phishing (noun)
https://thecyberwire.com/podcasts/word-notes/148/notes

Microsoft Security highlights from RSA Conference 2023
https://www.microsoft.com/en-us/security/blog/2023/05/15/microsoft-security-highlights-from-rsa-conference-2023/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 17/05/2023

University admission platform Leverage EDU exposed student passports
https://securityaffairs.com/146329/data-breach/university-admission-platform-leverage-edu-exposed-student-passports.html

Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems
https://thehackernews.com/2023/05/hackers-using-golang-variant-of-cobalt.html

Microsoft Is Scanning The Inside Of Password Protected Zip Files For Malware
https://packetstormsecurity.com/news/view/34624/Microsoft-Is-Scanning-The-Inside-Of-Password-Protected-Zip-Files-For-Malware.html

The nature of cyberincidents in 2022
https://securelist.com/kaspersky-incident-response-report-2022/109680/

Aqua Security releases Real-Time CSPM to tackle multi-cloud security risks
https://www.csoonline.com/article/3696355/aqua-security-releases-real-time-cspm-to-tackle-multi-cloud-security-risks.html#tk.rss_all

Increase in Malicious RAR SFX files, (Wed, May 17th)
https://isc.sans.edu/diary/rss/29852

U.S. Offers $10 Million Bounty for Capture of Notorious Russian Ransomware Operator
https://thehackernews.com/2023/05/us-offers-10-million-bounty-for-capture.html

web2shell - Automate converting webshells into reverse shells
https://www.reddit.com/r/netsec/comments/13jiur8/web2shell_automate_converting_webshells_into/

Arnica's real-time, code-risk scanning tools aim to secure supply chain
https://www.csoonline.com/article/3696436/arnicas-real-time-code-risk-scanning-tools-aim-to-secure-supply-chain.html#tk.rss_all

ISC StormCast for Wednesday, May 17th, 2023
https://isc.sans.edu/podcastdetail/8500


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 18/05/2023

Threat Group UNC3944 Abusing Azure Serial Console for Total VM Takeover
https://thehackernews.com/2023/05/threat-group-unc3944-abusing-azure.html

(Duplicate from /r/redteamsec) Active Directory Spotlight: Attacking The Microsoft Configuration Manager (SCCM/MECM)
https://www.reddit.com/r/netsec/comments/13k0u58/duplicate_from_rredteamsec_active_directory/

Emerging information-stealing malware families examined
https://malware.news/t/emerging-information-stealing-malware-families-examined/69682#post_1

In the wake of layoffs, how to solve the security issues off-boarding creates
https://malware.news/t/in-the-wake-of-layoffs-how-to-solve-the-security-issues-off-boarding-creates/69689#post_1

State-Sponsored Sidewinder Hacker Group's Covert Attack Infrastructure Uncovered
https://thehackernews.com/2023/05/state-sponsored-sidewinder-hacker.html

ISC Stormcast For Thursday, May 18th, 2023 https://isc.sans.edu/podcastdetail/8502, (Thu, May 18th)
https://isc.sans.edu/diary/rss/29856

Multiple flaws in Teltonika industrial cellular router expose OT networks to hack
https://securityaffairs.com/146317/hacking/teltonika-industrial-cellular-routers-flaws.html

“Malverposting” — With Over 500K Estimated Infections, Facebook Ads Fuel This Evolving Stealer Campaign
https://www.reddit.com/r/netsec/comments/13jynqh/malverposting_with_over_500k_estimated_infections/

Shadow API threats, attacks spike
https://malware.news/t/shadow-api-threats-attacks-spike/69686#post_1

Researchers show ways to abuse Microsoft Teams accounts for lateral movement
https://www.csoonline.com/article/3696969/researchers-show-ways-to-abuse-microsoft-teams-accounts-for-lateral-movement.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman