Top Security News for 07/05/2023
Google and Apple cooperate to address unwanted tracking
https://malware.news/t/google-and-apple-cooperate-to-address-unwanted-tracking/69279#post_1
FBI seized other domains used by the shadow eBook library Z-Library
https://securityaffairs.com/145854/cyber-crime/z-library-domains-seized.html
Google and Apple cooperate to address unwanted tracking
https://www.malwarebytes.com/blog/news/2023/05/google-and-apple-take-initiative-to-address-unwanted-tracking
Cookie Bugs - Smuggling & Injection
https://www.reddit.com/r/netsec/comments/139h4hd/cookie_bugs_smuggling_injection/
I created a GitHub repo for learning application security from scratch. It's perfect for beginners and includes a comprehensive list of reference links. But it's not complete yet! Contributors are welcome to add more details.
https://www.reddit.com/r/netsec/comments/139xxiv/i_created_a_github_repo_for_learning_application/
Dependabot Confusion: Gaining Access to Private GitHub Repositories using Dependabot
https://www.reddit.com/r/netsec/comments/139zv0d/dependabot_confusion_gaining_access_to_private/
Twitter confirmed that a security incident publicly exposed Circle tweets
https://securityaffairs.com/145865/social-networks/twitter-circle-security-incident.html
Twitter admits to ‘security incident’ involving Circles tweets
https://www.theguardian.com/technology/2023/may/06/twitter-admits-to-security-incident-involving-circles-tweets
Shelley Ma: The mystery behind cybersecurity. [Response Lead]
https://thecyberwire.com/podcasts/career-notes/148/notes
Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry
https://thehackernews.com/2023/05/dragon-breath-apt-group-using-double.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Google and Apple cooperate to address unwanted tracking
https://malware.news/t/google-and-apple-cooperate-to-address-unwanted-tracking/69279#post_1
FBI seized other domains used by the shadow eBook library Z-Library
https://securityaffairs.com/145854/cyber-crime/z-library-domains-seized.html
Google and Apple cooperate to address unwanted tracking
https://www.malwarebytes.com/blog/news/2023/05/google-and-apple-take-initiative-to-address-unwanted-tracking
Cookie Bugs - Smuggling & Injection
https://www.reddit.com/r/netsec/comments/139h4hd/cookie_bugs_smuggling_injection/
I created a GitHub repo for learning application security from scratch. It's perfect for beginners and includes a comprehensive list of reference links. But it's not complete yet! Contributors are welcome to add more details.
https://www.reddit.com/r/netsec/comments/139xxiv/i_created_a_github_repo_for_learning_application/
Dependabot Confusion: Gaining Access to Private GitHub Repositories using Dependabot
https://www.reddit.com/r/netsec/comments/139zv0d/dependabot_confusion_gaining_access_to_private/
Twitter confirmed that a security incident publicly exposed Circle tweets
https://securityaffairs.com/145865/social-networks/twitter-circle-security-incident.html
Twitter admits to ‘security incident’ involving Circles tweets
https://www.theguardian.com/technology/2023/may/06/twitter-admits-to-security-incident-involving-circles-tweets
Shelley Ma: The mystery behind cybersecurity. [Response Lead]
https://thecyberwire.com/podcasts/career-notes/148/notes
Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry
https://thehackernews.com/2023/05/dragon-breath-apt-group-using-double.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Google and Apple cooperate to address unwanted tracking
Google and Apple have announced that they are looking for input from industry participants and advocacy groups on a draft specification to alert users in the event of suspected unwanted tracking. Samsung, Tile, Chipolo, eufy Security, and Pebblebee have stated…
Top Security News for 08/05/2023
Quickly Finding Encoded Payloads in Office Documents, (Sun, May 7th)
https://malware.news/t/quickly-finding-encoded-payloads-in-office-documents-sun-may-7th/69281#post_1
CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine
https://thehackernews.com/2023/05/cert-ua-warns-of-smokeloader-and.html
After multiple cleanings with multiple antivirus programs I still get redirected to Bing. Assistance needed!
https://www.reddit.com/r/Malware/comments/13az2kv/after_multiple_cleanings_with_multiple_antivirus/
Cybersecurity teams hampered by economic downturn
https://malware.news/t/cybersecurity-teams-hampered-by-economic-downturn/69280#post_1
Quickly Finding Encoded Payloads in Office Documents, (Sun, May 7th)
https://isc.sans.edu/diary/rss/29818
AhnLab EDR Tracks and Responds against Link File (*.lnk) Distributing RokRAT
https://malware.news/t/ahnlab-edr-tracks-and-responds-against-link-file-lnk-distributing-rokrat/69284#post_1
ISC StormCast for Monday, May 8th, 2023
https://isc.sans.edu/podcastdetail.html?id=8486
ISC Stormcast For Monday, May 8th, 2023 https://isc.sans.edu/podcastdetail.html?id=8486, (Mon, May 8th)
https://isc.sans.edu/diary/rss/29820
ISC Stormcast For Monday, May 8th, 2023 https://isc.sans.edu/podcastdetail.html?id=8486, (Mon, May 8th)
https://malware.news/t/isc-stormcast-for-monday-may-8th-2023-https-isc-sans-edu-podcastdetail-html-id-8486-mon-may-8th/69286#post_1
Three ways to leverage cyberpsychology to prevent attacks
https://malware.news/t/three-ways-to-leverage-cyberpsychology-to-prevent-attacks/69287#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Quickly Finding Encoded Payloads in Office Documents, (Sun, May 7th)
https://malware.news/t/quickly-finding-encoded-payloads-in-office-documents-sun-may-7th/69281#post_1
CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine
https://thehackernews.com/2023/05/cert-ua-warns-of-smokeloader-and.html
After multiple cleanings with multiple antivirus programs I still get redirected to Bing. Assistance needed!
https://www.reddit.com/r/Malware/comments/13az2kv/after_multiple_cleanings_with_multiple_antivirus/
Cybersecurity teams hampered by economic downturn
https://malware.news/t/cybersecurity-teams-hampered-by-economic-downturn/69280#post_1
Quickly Finding Encoded Payloads in Office Documents, (Sun, May 7th)
https://isc.sans.edu/diary/rss/29818
AhnLab EDR Tracks and Responds against Link File (*.lnk) Distributing RokRAT
https://malware.news/t/ahnlab-edr-tracks-and-responds-against-link-file-lnk-distributing-rokrat/69284#post_1
ISC StormCast for Monday, May 8th, 2023
https://isc.sans.edu/podcastdetail.html?id=8486
ISC Stormcast For Monday, May 8th, 2023 https://isc.sans.edu/podcastdetail.html?id=8486, (Mon, May 8th)
https://isc.sans.edu/diary/rss/29820
ISC Stormcast For Monday, May 8th, 2023 https://isc.sans.edu/podcastdetail.html?id=8486, (Mon, May 8th)
https://malware.news/t/isc-stormcast-for-monday-may-8th-2023-https-isc-sans-edu-podcastdetail-html-id-8486-mon-may-8th/69286#post_1
Three ways to leverage cyberpsychology to prevent attacks
https://malware.news/t/three-ways-to-leverage-cyberpsychology-to-prevent-attacks/69287#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Quickly Finding Encoded Payloads in Office Documents, (Sun, May 7th)
Malicious documents like this RevengeRAT ppam file found on MalwareBazaar contain VBA code that you can analyze with oledump.py. Article Link: https://isc.sans.edu/diary/rss/29818
Top Security News for 10/05/2023
ISC Stormcast For Wednesday, May 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8490, (Wed, May 10th)
https://isc.sans.edu/diary/rss/29830
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/09-05-2023
Malwarebytes releases Mobile Security for OneView to secure Chromebooks, Android, iOS devices
https://www.csoonline.com/article/3695774/malwarebytes-releases-mobile-security-for-oneview-to-secure-chromebooks-android-ios-devices.html#tk.rss_all
U.S. Authorities Seize 13 Domains Offering Criminal DDoS-for-Hire Services
https://thehackernews.com/2023/05/us-authorities-seize-13-domains.html
Passwordless authentication gaining traction among IT leaders
https://malware.news/t/passwordless-authentication-gaining-traction-among-it-leaders/69388#post_1
Ransomware attack on MSI led to compromised Intel Boot Guard private keys
https://www.malwarebytes.com/blog/news/2023/05/ransomware-attack-on-msi-led-to-compromised-intel-boot-guard-private-keys
Unwarranted Confidence On Mount Stupid
https://dale-peterson.com/2023/05/09/unwarranted-confidence-on-mount-stupid/?utm_source=rss&utm_medium=rss&utm_campaign=unwarranted-confidence-on-mount-stupid
Fortinet warns of a spike of the activity linked to AndoryuBot DDoS botnet
https://securityaffairs.com/145980/cyber-crime/andoryubot-ddos-botnet.html
Microsoft's May Patch Tuesday Fixes 38 Flaws, Including Active Zero-Day Bug
https://thehackernews.com/2023/05/microsofts-may-patch-tuesday-fixes-38.html
Is Your Cybersecurity “Too” Good?
https://securityintelligence.com/articles/is-your-cybersecurity-too-good/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Wednesday, May 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8490, (Wed, May 10th)
https://isc.sans.edu/diary/rss/29830
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/09-05-2023
Malwarebytes releases Mobile Security for OneView to secure Chromebooks, Android, iOS devices
https://www.csoonline.com/article/3695774/malwarebytes-releases-mobile-security-for-oneview-to-secure-chromebooks-android-ios-devices.html#tk.rss_all
U.S. Authorities Seize 13 Domains Offering Criminal DDoS-for-Hire Services
https://thehackernews.com/2023/05/us-authorities-seize-13-domains.html
Passwordless authentication gaining traction among IT leaders
https://malware.news/t/passwordless-authentication-gaining-traction-among-it-leaders/69388#post_1
Ransomware attack on MSI led to compromised Intel Boot Guard private keys
https://www.malwarebytes.com/blog/news/2023/05/ransomware-attack-on-msi-led-to-compromised-intel-boot-guard-private-keys
Unwarranted Confidence On Mount Stupid
https://dale-peterson.com/2023/05/09/unwarranted-confidence-on-mount-stupid/?utm_source=rss&utm_medium=rss&utm_campaign=unwarranted-confidence-on-mount-stupid
Fortinet warns of a spike of the activity linked to AndoryuBot DDoS botnet
https://securityaffairs.com/145980/cyber-crime/andoryubot-ddos-botnet.html
Microsoft's May Patch Tuesday Fixes 38 Flaws, Including Active Zero-Day Bug
https://thehackernews.com/2023/05/microsofts-may-patch-tuesday-fixes-38.html
Is Your Cybersecurity “Too” Good?
https://securityintelligence.com/articles/is-your-cybersecurity-too-good/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Wednesday, May 10th, 2023 - SANS ISC
Top Security News for 11/05/2023
IBM unveils end-to-end, quantum-safe tools to secure business, government data
https://www.csoonline.com/article/3695538/ibm-unveils-end-to-end-quantum-safe-tools-to-secure-business-government-data.html#tk.rss_all
Google Announces New Privacy, Safety, and Security Features Across Its Services
https://thehackernews.com/2023/05/google-announces-new-privacy-safety-and.html
Latest Developments in Unblob (Firmware Extraction Tool)
https://www.reddit.com/r/netsec/comments/13disgk/latest_developments_in_unblob_firmware_extraction/
Shareholder Arrested After Ranting at Warren Buffet for His Contributions to 'Woke Culture'
https://www.vice.com/en_us/article/ak3vp5/shareholder-arrested-after-ranting-at-warren-buffet-for-his-contributions-to-woke-culture
Stockfish, a very popular chess engine, has a buffer overflow vulnerability due to unsanatized input
https://www.reddit.com/r/netsec/comments/13dod03/stockfish_a_very_popular_chess_engine_has_a/
Twitter Finally Rolling Out Encrypted Direct Messages — Starting with Verified Users
https://thehackernews.com/2023/05/twitter-finally-rolling-out-encrypted.html
Dell pushes security, devops integration in storage updates
https://www.networkworld.com/article/3696269/dell-pushes-security-devops-integration-in-storage-updates.html#tk.rss_all
Navigating mobile malware trends: Crucial insights and predictions for MSPs
https://www.malwarebytes.com/blog/business/2023/05/navigating-mobile-malware-trends-crucial-insights-and-predictions-for-msps
GitHub Extends Push Protection to Prevent Accidental Leaks of Keys and Other Secrets
https://thehackernews.com/2023/05/github-extends-push-protection-to.html
Experts Detail New Zero-Click Windows Vulnerability for NTLM Credential Theft
https://thehackernews.com/2023/05/experts-detail-new-zero-click-windows.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
IBM unveils end-to-end, quantum-safe tools to secure business, government data
https://www.csoonline.com/article/3695538/ibm-unveils-end-to-end-quantum-safe-tools-to-secure-business-government-data.html#tk.rss_all
Google Announces New Privacy, Safety, and Security Features Across Its Services
https://thehackernews.com/2023/05/google-announces-new-privacy-safety-and.html
Latest Developments in Unblob (Firmware Extraction Tool)
https://www.reddit.com/r/netsec/comments/13disgk/latest_developments_in_unblob_firmware_extraction/
Shareholder Arrested After Ranting at Warren Buffet for His Contributions to 'Woke Culture'
https://www.vice.com/en_us/article/ak3vp5/shareholder-arrested-after-ranting-at-warren-buffet-for-his-contributions-to-woke-culture
Stockfish, a very popular chess engine, has a buffer overflow vulnerability due to unsanatized input
https://www.reddit.com/r/netsec/comments/13dod03/stockfish_a_very_popular_chess_engine_has_a/
Twitter Finally Rolling Out Encrypted Direct Messages — Starting with Verified Users
https://thehackernews.com/2023/05/twitter-finally-rolling-out-encrypted.html
Dell pushes security, devops integration in storage updates
https://www.networkworld.com/article/3696269/dell-pushes-security-devops-integration-in-storage-updates.html#tk.rss_all
Navigating mobile malware trends: Crucial insights and predictions for MSPs
https://www.malwarebytes.com/blog/business/2023/05/navigating-mobile-malware-trends-crucial-insights-and-predictions-for-msps
GitHub Extends Push Protection to Prevent Accidental Leaks of Keys and Other Secrets
https://thehackernews.com/2023/05/github-extends-push-protection-to.html
Experts Detail New Zero-Click Windows Vulnerability for NTLM Credential Theft
https://thehackernews.com/2023/05/experts-detail-new-zero-click-windows.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
IBM unveils end-to-end, quantum-safe tools to secure business, government data
Quantum Safe Technology combines expertise across cryptography and critical infrastructure to address the future security risks posed by quantum computing.
Top Security News for 12/05/2023
Ransomware and social engineering trends. Expired certificate addressed. Ransomware groups target schools. Cyber updates in the hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1821/notes
Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems
https://thehackernews.com/2023/05/babuk-source-code-sparks-9-new.html
New ransomware trends in 2023
https://securelist.com/new-ransomware-trends-in-2023/109660/
New DownEx malware campaign targets Central Asia
https://www.csoonline.com/article/3696429/new-downex-malware-campaign-targets-central-asia.html#tk.rss_all
Open Operational Technology Testing Guide (OOTTG)
https://www.reddit.com/r/netsec/comments/13ehg4d/open_operational_technology_testing_guide_oottg/
Volcanoes, resources, and living space in the world island. Bypassing censorship. Victory Day reviewed. Not disinformation, but persuasion.
https://thecyberwire.com/newsletters/disinformation-briefing/5/19
Healthcare cyberattacks cited in call to renew pandemic preparedness law
https://malware.news/t/healthcare-cyberattacks-cited-in-call-to-renew-pandemic-preparedness-law/69460#post_1
VOLUME 39 OF THE HACKER DIGEST RELEASED
https://www.2600.com/content/volume-39-hacker-digest-released
On Ashton Kutcher and Secure Multi-Party Computation
https://www.reddit.com/r/netsec/comments/13ett6a/on_ashton_kutcher_and_secure_multiparty/
ISC StormCast for Friday, May 12th, 2023
https://isc.sans.edu/podcastdetail/8494
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Ransomware and social engineering trends. Expired certificate addressed. Ransomware groups target schools. Cyber updates in the hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1821/notes
Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems
https://thehackernews.com/2023/05/babuk-source-code-sparks-9-new.html
New ransomware trends in 2023
https://securelist.com/new-ransomware-trends-in-2023/109660/
New DownEx malware campaign targets Central Asia
https://www.csoonline.com/article/3696429/new-downex-malware-campaign-targets-central-asia.html#tk.rss_all
Open Operational Technology Testing Guide (OOTTG)
https://www.reddit.com/r/netsec/comments/13ehg4d/open_operational_technology_testing_guide_oottg/
Volcanoes, resources, and living space in the world island. Bypassing censorship. Victory Day reviewed. Not disinformation, but persuasion.
https://thecyberwire.com/newsletters/disinformation-briefing/5/19
Healthcare cyberattacks cited in call to renew pandemic preparedness law
https://malware.news/t/healthcare-cyberattacks-cited-in-call-to-renew-pandemic-preparedness-law/69460#post_1
VOLUME 39 OF THE HACKER DIGEST RELEASED
https://www.2600.com/content/volume-39-hacker-digest-released
On Ashton Kutcher and Secure Multi-Party Computation
https://www.reddit.com/r/netsec/comments/13ett6a/on_ashton_kutcher_and_secure_multiparty/
ISC StormCast for Friday, May 12th, 2023
https://isc.sans.edu/podcastdetail/8494
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Ransomware and social engineering trends. Expired certificate addressed. Ransomware groups target schools. Cyber updates in the…
A Ransomware report highlights targeting and classification. Phishing remains a major threat. Cisco addresses an expired certificate issue. LockBit and Medusa hit school districts with ransomware. US and Canadian cyber units wrap up a hunt-forward mission…
Top Security News for 14/05/2023
All roads lead back to Wuhan… Xiaoruizhi Science and Technology Company
https://malware.news/t/all-roads-lead-back-to-wuhan-xiaoruizhi-science-and-technology-company/69505#post_1
Personal info of 90k hikers leaked by French tourism company La Malle Postale
https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Crypter .Net/Native
https://0x00sec.org/t/crypter-net-native/35035
First Look: Ghidra 10.3 Emulator
https://www.reddit.com/r/netsec/comments/13gnfat/first_look_ghidra_103_emulator/
Intel Issues New CPU Microcode Going Back To Gen8 For New, Undisclosed Security Updates
https://www.reddit.com/r/netsec/comments/13ghgpr/intel_issues_new_cpu_microcode_going_back_to_gen8/
Data of more than 2M Toyota customers exposed in ten years-long data breach
https://securityaffairs.com/146178/data-breach/toyota-10-years-data-breach.html
Google adds unwanted tracker detection to Find My Device network
https://www.malwarebytes.com/blog/news/2023/05/google-adds-unwanted-tracker-detection-to-find-my-device-network
Steve Benton: Mixing like a DJ. [VP]
https://thecyberwire.com/podcasts/career-notes/149/notes
Russia-affiliated CheckMate ransomware quietly targets popular file-sharing protocol
https://securityaffairs.com/146166/malware/checkmate-ransomware-file-sharing.html
Anonymous Sudan Targets Israeli Citizens, Leaks Info-stealers Data
https://www.reddit.com/r/Malware/comments/13gh2og/anonymous_sudan_targets_israeli_citizens_leaks/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
All roads lead back to Wuhan… Xiaoruizhi Science and Technology Company
https://malware.news/t/all-roads-lead-back-to-wuhan-xiaoruizhi-science-and-technology-company/69505#post_1
Personal info of 90k hikers leaked by French tourism company La Malle Postale
https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
Crypter .Net/Native
https://0x00sec.org/t/crypter-net-native/35035
First Look: Ghidra 10.3 Emulator
https://www.reddit.com/r/netsec/comments/13gnfat/first_look_ghidra_103_emulator/
Intel Issues New CPU Microcode Going Back To Gen8 For New, Undisclosed Security Updates
https://www.reddit.com/r/netsec/comments/13ghgpr/intel_issues_new_cpu_microcode_going_back_to_gen8/
Data of more than 2M Toyota customers exposed in ten years-long data breach
https://securityaffairs.com/146178/data-breach/toyota-10-years-data-breach.html
Google adds unwanted tracker detection to Find My Device network
https://www.malwarebytes.com/blog/news/2023/05/google-adds-unwanted-tracker-detection-to-find-my-device-network
Steve Benton: Mixing like a DJ. [VP]
https://thecyberwire.com/podcasts/career-notes/149/notes
Russia-affiliated CheckMate ransomware quietly targets popular file-sharing protocol
https://securityaffairs.com/146166/malware/checkmate-ransomware-file-sharing.html
Anonymous Sudan Targets Israeli Citizens, Leaks Info-stealers Data
https://www.reddit.com/r/Malware/comments/13gh2og/anonymous_sudan_targets_israeli_citizens_leaks/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
All roads lead back to Wuhan… Xiaoruizhi Science and Technology Company
As our readers know from our investigation into Hainan Xiandun Technology Development Company, the Intrusion Truth team have become quite adept at spotting a fishy front company when we see one. Typically, these are ‘companies’ with a generic-sounding ‘technology’…
Top Security News for 15/05/2023
Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition
https://securityaffairs.com/146195/breaking-news/security-affairs-newsletter-round-419.html
LokiLocker, a Ransomware Similar to BlackBit Being Distributed in Korea
https://malware.news/t/lokilocker-a-ransomware-similar-to-blackbit-being-distributed-in-korea/69511#post_1
Having trouble with evilginx2, need help
https://0x00sec.org/t/having-trouble-with-evilginx2-need-help/35055
The latest variant of the RapperBot botnet adds cryptojacking capabilities
https://securityaffairs.com/146207/malware/rapperbot-botnet-adds-cryptojacking.html
Dynamic debugging of Dot Net without source code
https://www.reddit.com/r/netsec/comments/13hpnpg/dynamic_debugging_of_dot_net_without_source_code/
VMware Aria Operations addresses multiple Local Privilege Escalations and a Deserialization issue, (Sun, May 14th)
https://isc.sans.edu/diary/rss/29842
VMware Aria Operations addresses multiple Local Privilege Escalations and a Deserialization issue, (Sun, May 14th)
https://malware.news/t/vmware-aria-operations-addresses-multiple-local-privilege-escalations-and-a-deserialization-issue-sun-may-14th/69506#post_1
ISC Stormcast For Monday, May 15th, 2023 https://isc.sans.edu/podcastdetail/8496, (Mon, May 15th)
https://isc.sans.edu/diary/rss/29846
Flare-on 2022 - darn_mice - Solving 4th challenge
https://malware.news/t/flare-on-2022-darn-mice-solving-4th-challenge/69508#post_1
Capita warns customers to assume that their data was stolen
https://securityaffairs.com/146200/data-breach/capita-warns-customers.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition
https://securityaffairs.com/146195/breaking-news/security-affairs-newsletter-round-419.html
LokiLocker, a Ransomware Similar to BlackBit Being Distributed in Korea
https://malware.news/t/lokilocker-a-ransomware-similar-to-blackbit-being-distributed-in-korea/69511#post_1
Having trouble with evilginx2, need help
https://0x00sec.org/t/having-trouble-with-evilginx2-need-help/35055
The latest variant of the RapperBot botnet adds cryptojacking capabilities
https://securityaffairs.com/146207/malware/rapperbot-botnet-adds-cryptojacking.html
Dynamic debugging of Dot Net without source code
https://www.reddit.com/r/netsec/comments/13hpnpg/dynamic_debugging_of_dot_net_without_source_code/
VMware Aria Operations addresses multiple Local Privilege Escalations and a Deserialization issue, (Sun, May 14th)
https://isc.sans.edu/diary/rss/29842
VMware Aria Operations addresses multiple Local Privilege Escalations and a Deserialization issue, (Sun, May 14th)
https://malware.news/t/vmware-aria-operations-addresses-multiple-local-privilege-escalations-and-a-deserialization-issue-sun-may-14th/69506#post_1
ISC Stormcast For Monday, May 15th, 2023 https://isc.sans.edu/podcastdetail/8496, (Mon, May 15th)
https://isc.sans.edu/diary/rss/29846
Flare-on 2022 - darn_mice - Solving 4th challenge
https://malware.news/t/flare-on-2022-darn-mice-solving-4th-challenge/69508#post_1
Capita warns customers to assume that their data was stolen
https://securityaffairs.com/146200/data-breach/capita-warns-customers.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Security Affairs newsletter Round 419 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you
Top Security News for 16/05/2023
New 'MichaelKors' Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems
https://thehackernews.com/2023/05/new-michaelkors-ransomware-as-service.html
Windows 11 is showing its first signs of Rust
https://www.malwarebytes.com/blog/news/2023/05/microsoft-introduces-rust-into-kernel-in-windows-11
Missing temporal metrics (Exploit Code Maturity and Remediation Level) in certain CVEs using NVD API for CVSS v3 and v3.1
https://www.reddit.com/r/netsec/comments/13i75pc/missing_temporal_metrics_exploit_code_maturity/
A week in security (May 8-14)
https://www.malwarebytes.com/blog/news/2023/05/a-week-in-security-may-8-14
ISC StormCast for Tuesday, May 16th, 2023
https://isc.sans.edu/podcastdetail/8498
AI Hacking Games (Jailbreak CTFs)
https://www.reddit.com/r/netsec/comments/13i3k0j/ai_hacking_games_jailbreak_ctfs/
Brightly Software's online platform impacted by data breach
https://malware.news/t/brightly-softwares-online-platform-impacted-by-data-breach/69566#post_1
CLR SqlShell Malware Targets MS SQL Servers for Crypto Mining and Ransomware
https://thehackernews.com/2023/05/clr-sqlshell-malware-targets-ms-sql.html
QR code phishing (noun)
https://thecyberwire.com/podcasts/word-notes/148/notes
Microsoft Security highlights from RSA Conference 2023
https://www.microsoft.com/en-us/security/blog/2023/05/15/microsoft-security-highlights-from-rsa-conference-2023/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
New 'MichaelKors' Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems
https://thehackernews.com/2023/05/new-michaelkors-ransomware-as-service.html
Windows 11 is showing its first signs of Rust
https://www.malwarebytes.com/blog/news/2023/05/microsoft-introduces-rust-into-kernel-in-windows-11
Missing temporal metrics (Exploit Code Maturity and Remediation Level) in certain CVEs using NVD API for CVSS v3 and v3.1
https://www.reddit.com/r/netsec/comments/13i75pc/missing_temporal_metrics_exploit_code_maturity/
A week in security (May 8-14)
https://www.malwarebytes.com/blog/news/2023/05/a-week-in-security-may-8-14
ISC StormCast for Tuesday, May 16th, 2023
https://isc.sans.edu/podcastdetail/8498
AI Hacking Games (Jailbreak CTFs)
https://www.reddit.com/r/netsec/comments/13i3k0j/ai_hacking_games_jailbreak_ctfs/
Brightly Software's online platform impacted by data breach
https://malware.news/t/brightly-softwares-online-platform-impacted-by-data-breach/69566#post_1
CLR SqlShell Malware Targets MS SQL Servers for Crypto Mining and Ransomware
https://thehackernews.com/2023/05/clr-sqlshell-malware-targets-ms-sql.html
QR code phishing (noun)
https://thecyberwire.com/podcasts/word-notes/148/notes
Microsoft Security highlights from RSA Conference 2023
https://www.microsoft.com/en-us/security/blog/2023/05/15/microsoft-security-highlights-from-rsa-conference-2023/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ThreatDown by Malwarebytes
Windows 11 is showing its first signs of Rust
We take a look at the slow introduction of programming language Rust into the Windows 11 kernel in an effort to make it more memory safe.
Top Security News for 17/05/2023
University admission platform Leverage EDU exposed student passports
https://securityaffairs.com/146329/data-breach/university-admission-platform-leverage-edu-exposed-student-passports.html
Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems
https://thehackernews.com/2023/05/hackers-using-golang-variant-of-cobalt.html
Microsoft Is Scanning The Inside Of Password Protected Zip Files For Malware
https://packetstormsecurity.com/news/view/34624/Microsoft-Is-Scanning-The-Inside-Of-Password-Protected-Zip-Files-For-Malware.html
The nature of cyberincidents in 2022
https://securelist.com/kaspersky-incident-response-report-2022/109680/
Aqua Security releases Real-Time CSPM to tackle multi-cloud security risks
https://www.csoonline.com/article/3696355/aqua-security-releases-real-time-cspm-to-tackle-multi-cloud-security-risks.html#tk.rss_all
Increase in Malicious RAR SFX files, (Wed, May 17th)
https://isc.sans.edu/diary/rss/29852
U.S. Offers $10 Million Bounty for Capture of Notorious Russian Ransomware Operator
https://thehackernews.com/2023/05/us-offers-10-million-bounty-for-capture.html
web2shell - Automate converting webshells into reverse shells
https://www.reddit.com/r/netsec/comments/13jiur8/web2shell_automate_converting_webshells_into/
Arnica's real-time, code-risk scanning tools aim to secure supply chain
https://www.csoonline.com/article/3696436/arnicas-real-time-code-risk-scanning-tools-aim-to-secure-supply-chain.html#tk.rss_all
ISC StormCast for Wednesday, May 17th, 2023
https://isc.sans.edu/podcastdetail/8500
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
University admission platform Leverage EDU exposed student passports
https://securityaffairs.com/146329/data-breach/university-admission-platform-leverage-edu-exposed-student-passports.html
Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems
https://thehackernews.com/2023/05/hackers-using-golang-variant-of-cobalt.html
Microsoft Is Scanning The Inside Of Password Protected Zip Files For Malware
https://packetstormsecurity.com/news/view/34624/Microsoft-Is-Scanning-The-Inside-Of-Password-Protected-Zip-Files-For-Malware.html
The nature of cyberincidents in 2022
https://securelist.com/kaspersky-incident-response-report-2022/109680/
Aqua Security releases Real-Time CSPM to tackle multi-cloud security risks
https://www.csoonline.com/article/3696355/aqua-security-releases-real-time-cspm-to-tackle-multi-cloud-security-risks.html#tk.rss_all
Increase in Malicious RAR SFX files, (Wed, May 17th)
https://isc.sans.edu/diary/rss/29852
U.S. Offers $10 Million Bounty for Capture of Notorious Russian Ransomware Operator
https://thehackernews.com/2023/05/us-offers-10-million-bounty-for-capture.html
web2shell - Automate converting webshells into reverse shells
https://www.reddit.com/r/netsec/comments/13jiur8/web2shell_automate_converting_webshells_into/
Arnica's real-time, code-risk scanning tools aim to secure supply chain
https://www.csoonline.com/article/3696436/arnicas-real-time-code-risk-scanning-tools-aim-to-secure-supply-chain.html#tk.rss_all
ISC StormCast for Wednesday, May 17th, 2023
https://isc.sans.edu/podcastdetail/8500
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
University admission platform Leverage EDU exposed student passports
University admission platform Leverage EDU leaked almost 240K sensitive files, including students’ passports, financial documents, and more.
Top Security News for 18/05/2023
Threat Group UNC3944 Abusing Azure Serial Console for Total VM Takeover
https://thehackernews.com/2023/05/threat-group-unc3944-abusing-azure.html
(Duplicate from /r/redteamsec) Active Directory Spotlight: Attacking The Microsoft Configuration Manager (SCCM/MECM)
https://www.reddit.com/r/netsec/comments/13k0u58/duplicate_from_rredteamsec_active_directory/
Emerging information-stealing malware families examined
https://malware.news/t/emerging-information-stealing-malware-families-examined/69682#post_1
In the wake of layoffs, how to solve the security issues off-boarding creates
https://malware.news/t/in-the-wake-of-layoffs-how-to-solve-the-security-issues-off-boarding-creates/69689#post_1
State-Sponsored Sidewinder Hacker Group's Covert Attack Infrastructure Uncovered
https://thehackernews.com/2023/05/state-sponsored-sidewinder-hacker.html
ISC Stormcast For Thursday, May 18th, 2023 https://isc.sans.edu/podcastdetail/8502, (Thu, May 18th)
https://isc.sans.edu/diary/rss/29856
Multiple flaws in Teltonika industrial cellular router expose OT networks to hack
https://securityaffairs.com/146317/hacking/teltonika-industrial-cellular-routers-flaws.html
“Malverposting” — With Over 500K Estimated Infections, Facebook Ads Fuel This Evolving Stealer Campaign
https://www.reddit.com/r/netsec/comments/13jynqh/malverposting_with_over_500k_estimated_infections/
Shadow API threats, attacks spike
https://malware.news/t/shadow-api-threats-attacks-spike/69686#post_1
Researchers show ways to abuse Microsoft Teams accounts for lateral movement
https://www.csoonline.com/article/3696969/researchers-show-ways-to-abuse-microsoft-teams-accounts-for-lateral-movement.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Threat Group UNC3944 Abusing Azure Serial Console for Total VM Takeover
https://thehackernews.com/2023/05/threat-group-unc3944-abusing-azure.html
(Duplicate from /r/redteamsec) Active Directory Spotlight: Attacking The Microsoft Configuration Manager (SCCM/MECM)
https://www.reddit.com/r/netsec/comments/13k0u58/duplicate_from_rredteamsec_active_directory/
Emerging information-stealing malware families examined
https://malware.news/t/emerging-information-stealing-malware-families-examined/69682#post_1
In the wake of layoffs, how to solve the security issues off-boarding creates
https://malware.news/t/in-the-wake-of-layoffs-how-to-solve-the-security-issues-off-boarding-creates/69689#post_1
State-Sponsored Sidewinder Hacker Group's Covert Attack Infrastructure Uncovered
https://thehackernews.com/2023/05/state-sponsored-sidewinder-hacker.html
ISC Stormcast For Thursday, May 18th, 2023 https://isc.sans.edu/podcastdetail/8502, (Thu, May 18th)
https://isc.sans.edu/diary/rss/29856
Multiple flaws in Teltonika industrial cellular router expose OT networks to hack
https://securityaffairs.com/146317/hacking/teltonika-industrial-cellular-routers-flaws.html
“Malverposting” — With Over 500K Estimated Infections, Facebook Ads Fuel This Evolving Stealer Campaign
https://www.reddit.com/r/netsec/comments/13jynqh/malverposting_with_over_500k_estimated_infections/
Shadow API threats, attacks spike
https://malware.news/t/shadow-api-threats-attacks-spike/69686#post_1
Researchers show ways to abuse Microsoft Teams accounts for lateral movement
https://www.csoonline.com/article/3696969/researchers-show-ways-to-abuse-microsoft-teams-accounts-for-lateral-movement.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: (Duplicate from /r/redteamsec) Active Directory Spotlight: Attacking The Microsoft Configuration…
Explore this post and more from the netsec community
Top Security News for 19/05/2023
ISC Stormcast For Friday, May 19th, 2023 https://isc.sans.edu/podcastdetail/8504, (Fri, May 19th)
https://isc.sans.edu/diary/rss/29862
Zip domains, a bad idea nobody asked for
https://www.malwarebytes.com/blog/news/2023/05/zip-domains
KeePass vulnerability allows attackers to access the master password
https://www.malwarebytes.com/blog/news/2023/05/keepass-vulnerability-allows-attackers-to-access-the-master-password
Three ways to improve collaborative risk management
https://malware.news/t/three-ways-to-improve-collaborative-risk-management/69726#post_1
Apple Thwarts $2 Billion in App Store Fraud, Rejects 1.7 Million App Submissions
https://thehackernews.com/2023/05/apple-thwarts-2-billion-in-app-store.html
Off-Boarding Cloud Builders and Security Practioners Poses Challenges for Companies With Cloud Environments
https://www.reddit.com/r/netsec/comments/13l5lax/offboarding_cloud_builders_and_security/
OX Security adds ChatGPT plugin for AppSec
https://www.csoonline.com/article/3697148/ox-security-adds-chatgpt-plugin-for-appsec.html#tk.rss_all
OSINT Industries - 180+ modules to do OSINT from an email address, free beta
https://www.reddit.com/r/netsec/comments/13lby3c/osint_industries_180_modules_to_do_osint_from_an/
APT attacks: Exploring Advanced Persistent Threats and their evasive techniques
https://www.malwarebytes.com/blog/business/2023/05/apt-attacks-exploring-advanced-persistent-threats-and-their-evasive-techniques
HEAT and EASM: What to Know About the Top Acronyms at RSA
https://securityintelligence.com/articles/heat-and-easm-what-to-know-top-acronyms-at-rsa/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Friday, May 19th, 2023 https://isc.sans.edu/podcastdetail/8504, (Fri, May 19th)
https://isc.sans.edu/diary/rss/29862
Zip domains, a bad idea nobody asked for
https://www.malwarebytes.com/blog/news/2023/05/zip-domains
KeePass vulnerability allows attackers to access the master password
https://www.malwarebytes.com/blog/news/2023/05/keepass-vulnerability-allows-attackers-to-access-the-master-password
Three ways to improve collaborative risk management
https://malware.news/t/three-ways-to-improve-collaborative-risk-management/69726#post_1
Apple Thwarts $2 Billion in App Store Fraud, Rejects 1.7 Million App Submissions
https://thehackernews.com/2023/05/apple-thwarts-2-billion-in-app-store.html
Off-Boarding Cloud Builders and Security Practioners Poses Challenges for Companies With Cloud Environments
https://www.reddit.com/r/netsec/comments/13l5lax/offboarding_cloud_builders_and_security/
OX Security adds ChatGPT plugin for AppSec
https://www.csoonline.com/article/3697148/ox-security-adds-chatgpt-plugin-for-appsec.html#tk.rss_all
OSINT Industries - 180+ modules to do OSINT from an email address, free beta
https://www.reddit.com/r/netsec/comments/13lby3c/osint_industries_180_modules_to_do_osint_from_an/
APT attacks: Exploring Advanced Persistent Threats and their evasive techniques
https://www.malwarebytes.com/blog/business/2023/05/apt-attacks-exploring-advanced-persistent-threats-and-their-evasive-techniques
HEAT and EASM: What to Know About the Top Acronyms at RSA
https://securityintelligence.com/articles/heat-and-easm-what-to-know-top-acronyms-at-rsa/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Friday, May 19th, 2023 - SANS ISC
Top Security News for 20/05/2023
Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware
https://thehackernews.com/2023/05/developer-alert-npm-packages-for-nodejs.html
Apple releases fixes for three zero-day exploits in Macs, iPhones
https://malware.news/t/apple-releases-fixes-for-three-zero-day-exploits-in-macs-iphones/69744#post_1
Release 0.2 · PyCript BurpSuite Extension
https://www.reddit.com/r/netsec/comments/13m24d8/release_02_pycript_burpsuite_extension/
Legitimate looking npm packages found hosting TurkoRat infostealer
https://www.csoonline.com/article/3697001/legitimate-looking-npm-packages-found-hosting-turkorat-infostealer.html#tk.rss_all
Fertility app overshared, the FTC alleges. Dunghill ransomware compromises Gentex data.
https://thecyberwire.com/podcasts/privacy-briefing/532/notes
[Control systems] Johnson Controls security advisory (AV23-282)
https://malware.news/t/control-systems-johnson-controls-security-advisory-av23-282/69748#post_1
Fertility app overshared, the FTC alleges. Dunghill ransomware compromises Gentex data.
https://thecyberwire.com/newsletters/privacy-briefing/5/97
Educating Your Board of Directors on Cybersecurity
https://securityintelligence.com/articles/educating-your-board-of-directors-on-cybersecurity/
Dr. Active Directory vs. Mr. Exposed Attack Surface: Who'll Win This Fight?
https://thehackernews.com/2023/05/dr-active-directory-vs-mr-exposed.html
Section 230 remains intact. FTC warns of biometric misuse. Satellite cybersecurity bill advances in the US Senate.
https://thecyberwire.com/newsletters/policy-briefing/5/97
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware
https://thehackernews.com/2023/05/developer-alert-npm-packages-for-nodejs.html
Apple releases fixes for three zero-day exploits in Macs, iPhones
https://malware.news/t/apple-releases-fixes-for-three-zero-day-exploits-in-macs-iphones/69744#post_1
Release 0.2 · PyCript BurpSuite Extension
https://www.reddit.com/r/netsec/comments/13m24d8/release_02_pycript_burpsuite_extension/
Legitimate looking npm packages found hosting TurkoRat infostealer
https://www.csoonline.com/article/3697001/legitimate-looking-npm-packages-found-hosting-turkorat-infostealer.html#tk.rss_all
Fertility app overshared, the FTC alleges. Dunghill ransomware compromises Gentex data.
https://thecyberwire.com/podcasts/privacy-briefing/532/notes
[Control systems] Johnson Controls security advisory (AV23-282)
https://malware.news/t/control-systems-johnson-controls-security-advisory-av23-282/69748#post_1
Fertility app overshared, the FTC alleges. Dunghill ransomware compromises Gentex data.
https://thecyberwire.com/newsletters/privacy-briefing/5/97
Educating Your Board of Directors on Cybersecurity
https://securityintelligence.com/articles/educating-your-board-of-directors-on-cybersecurity/
Dr. Active Directory vs. Mr. Exposed Attack Surface: Who'll Win This Fight?
https://thehackernews.com/2023/05/dr-active-directory-vs-mr-exposed.html
Section 230 remains intact. FTC warns of biometric misuse. Satellite cybersecurity bill advances in the US Senate.
https://thecyberwire.com/newsletters/policy-briefing/5/97
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Apple releases fixes for three zero-day exploits in Macs, iPhones
Apple released a slew of security updates on May 18, three of which are zero-day vulnerabilities in a number of its popular devices. Article Link: Apple releases fixes for three zero-day exploits in Macs, iPhones | SC Media
Top Security News for 21/05/2023
SparkRAT Being Distributed Within a Korean VPN Installer
https://www.reddit.com/r/Malware/comments/13my6l8/sparkrat_being_distributed_within_a_korean_vpn/
Being accused of triggering a ransomware attack...
https://www.reddit.com/r/Malware/comments/13mq3gx/being_accused_of_triggering_a_ransomware_attack/
Old Oracle WebLogic vulnerability leveraged in cryptomining attacks
https://malware.news/t/old-oracle-weblogic-vulnerability-leveraged-in-cryptomining-attacks/69752#post_1
PoC for Decrypting SAP Cloud Connector SSFS: Utilizing 'getRecord' Function to Decrypt SSFS Properties without Information of Encryption Algorithm
https://www.reddit.com/r/netsec/comments/13mwlse/poc_for_decrypting_sap_cloud_connector_ssfs/
Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware
https://securityaffairs.com/146465/cyber-crime/fin7-delivering-clop-ransomware.html
Phishing Kit Collecting Victim's IP Address, (Sat, May 20th)
https://malware.news/t/phishing-kit-collecting-victims-ip-address-sat-may-20th/69750#post_1
Who says the perfect heist doesn't exist?
https://thecyberwire.com/podcasts/hacking-humans-goes-to-the-movies/19/notes
SFX Gateway removal
https://www.reddit.com/r/Malware/comments/13mzfmu/sfx_gateway_removal/
Millions of Android devices pre-installed with Guerilla malware
https://malware.news/t/millions-of-android-devices-pre-installed-with-guerilla-malware/69753#post_1
US CISA warns of a Samsung vulnerability under active exploitation
https://securityaffairs.com/146457/security/cisa-warns-samsung-flaw.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SparkRAT Being Distributed Within a Korean VPN Installer
https://www.reddit.com/r/Malware/comments/13my6l8/sparkrat_being_distributed_within_a_korean_vpn/
Being accused of triggering a ransomware attack...
https://www.reddit.com/r/Malware/comments/13mq3gx/being_accused_of_triggering_a_ransomware_attack/
Old Oracle WebLogic vulnerability leveraged in cryptomining attacks
https://malware.news/t/old-oracle-weblogic-vulnerability-leveraged-in-cryptomining-attacks/69752#post_1
PoC for Decrypting SAP Cloud Connector SSFS: Utilizing 'getRecord' Function to Decrypt SSFS Properties without Information of Encryption Algorithm
https://www.reddit.com/r/netsec/comments/13mwlse/poc_for_decrypting_sap_cloud_connector_ssfs/
Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware
https://securityaffairs.com/146465/cyber-crime/fin7-delivering-clop-ransomware.html
Phishing Kit Collecting Victim's IP Address, (Sat, May 20th)
https://malware.news/t/phishing-kit-collecting-victims-ip-address-sat-may-20th/69750#post_1
Who says the perfect heist doesn't exist?
https://thecyberwire.com/podcasts/hacking-humans-goes-to-the-movies/19/notes
SFX Gateway removal
https://www.reddit.com/r/Malware/comments/13mzfmu/sfx_gateway_removal/
Millions of Android devices pre-installed with Guerilla malware
https://malware.news/t/millions-of-android-devices-pre-installed-with-guerilla-malware/69753#post_1
US CISA warns of a Samsung vulnerability under active exploitation
https://securityaffairs.com/146457/security/cisa-warns-samsung-flaw.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
[deleted by user] : r/Malware
77K subscribers in the Malware community. A place for malware reports and information.
Top Security News for 22/05/2023
PyPI Repository temporarily suspends user sign-ups and package uploads due to ongoing attacks
https://securityaffairs.com/146488/cyber-crime/pypi-repository-suspends-sign-ups-package-uploads.html
PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted
https://thehackernews.com/2023/05/pypi-repository-under-attack-user-sign.html
Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition
https://securityaffairs.com/146483/breaking-news/security-affairs-newsletter-round-420.html
ISC StormCast for Monday, May 22nd, 2023
https://isc.sans.edu/podcastdetail/8506
Distribution of Remcos RAT Exploiting sqlps.exe Utility of MS-SQL Servers
https://malware.news/t/distribution-of-remcos-rat-exploiting-sqlps-exe-utility-of-ms-sql-servers/69760#post_1
How the ILOVEYOU worm exposed human beings as the Achilles Heel of cybersecurity
https://malware.news/t/how-the-iloveyou-worm-exposed-human-beings-as-the-achilles-heel-of-cybersecurity/69764#post_1
Cybersecurity moneyball: First principles applied to the workforce gap.
https://thecyberwire.com/podcasts/cso-perspectives/104/notes
Another Malicious HTA File Analysis - Part 3, (Sun, May 21st)
https://malware.news/t/another-malicious-hta-file-analysis-part-3-sun-may-21st/69759#post_1
Ransomware with known Registry Persistence
https://www.reddit.com/r/Malware/comments/13nwu1c/ransomware_with_known_registry_persistence/
BatLoader campaign impersonates ChatGPT and Midjourney to deliver Redline Stealer
https://securityaffairs.com/146496/malware/batloader-campaign-impersonates-chatgpt-midjourney.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
PyPI Repository temporarily suspends user sign-ups and package uploads due to ongoing attacks
https://securityaffairs.com/146488/cyber-crime/pypi-repository-suspends-sign-ups-package-uploads.html
PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted
https://thehackernews.com/2023/05/pypi-repository-under-attack-user-sign.html
Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition
https://securityaffairs.com/146483/breaking-news/security-affairs-newsletter-round-420.html
ISC StormCast for Monday, May 22nd, 2023
https://isc.sans.edu/podcastdetail/8506
Distribution of Remcos RAT Exploiting sqlps.exe Utility of MS-SQL Servers
https://malware.news/t/distribution-of-remcos-rat-exploiting-sqlps-exe-utility-of-ms-sql-servers/69760#post_1
How the ILOVEYOU worm exposed human beings as the Achilles Heel of cybersecurity
https://malware.news/t/how-the-iloveyou-worm-exposed-human-beings-as-the-achilles-heel-of-cybersecurity/69764#post_1
Cybersecurity moneyball: First principles applied to the workforce gap.
https://thecyberwire.com/podcasts/cso-perspectives/104/notes
Another Malicious HTA File Analysis - Part 3, (Sun, May 21st)
https://malware.news/t/another-malicious-hta-file-analysis-part-3-sun-may-21st/69759#post_1
Ransomware with known Registry Persistence
https://www.reddit.com/r/Malware/comments/13nwu1c/ransomware_with_known_registry_persistence/
BatLoader campaign impersonates ChatGPT and Midjourney to deliver Redline Stealer
https://securityaffairs.com/146496/malware/batloader-campaign-impersonates-chatgpt-midjourney.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
PyPI Repository temporarily suspends user sign-ups and package uploads due to ongoing attacks
The Python Package Index (PyPI) maintainers have temporarily disabled the sign up and package upload processes due to an ongoing attack.
Top Security News for 23/05/2023
passkey (noun)
https://thecyberwire.com/podcasts/word-notes/149/notes
Verified Twitter Accounts Spread AI-Generated Hoax of Pentagon Explosion
https://www.vice.com/en_us/article/7kx84b/ai-generated-pentagon-explosion-hoax-twitter
US medical center employee abuses access to patient data. New York bank discloses third-party data breach.
https://thecyberwire.com/podcasts/privacy-briefing/533/notes
Critical Security Vulnerability In PowerVM Hypervisor
https://www.reddit.com/r/netsec/comments/13op2gj/critical_security_vulnerability_in_powervm/
ISC Stormcast For Tuesday, May 23rd, 2023 https://isc.sans.edu/podcastdetail/8508, (Tue, May 23rd)
https://isc.sans.edu/diary/rss/29872
ports.sh
https://www.reddit.com/r/netsec/comments/13ooxgk/portssh/
A week in security (May 15-21)
https://www.malwarebytes.com/blog/news/2023/05/a-week-in-security-may-15-21
U.S. Intelligence Building System to Track Mass Movement of People Around the World
https://www.vice.com/en_us/article/88xq54/us-intelligence-building-system-to-track-mass-movement-of-people-around-the-world
Microsoft reports jump in business email compromise activity
https://www.csoonline.com/article/3697152/microsoft-reports-jump-in-business-email-compromise-activity.html#tk.rss_all
I'm looking for a reverse engineer
https://0x00sec.org/t/im-looking-for-a-reverse-engineer/35175
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
passkey (noun)
https://thecyberwire.com/podcasts/word-notes/149/notes
Verified Twitter Accounts Spread AI-Generated Hoax of Pentagon Explosion
https://www.vice.com/en_us/article/7kx84b/ai-generated-pentagon-explosion-hoax-twitter
US medical center employee abuses access to patient data. New York bank discloses third-party data breach.
https://thecyberwire.com/podcasts/privacy-briefing/533/notes
Critical Security Vulnerability In PowerVM Hypervisor
https://www.reddit.com/r/netsec/comments/13op2gj/critical_security_vulnerability_in_powervm/
ISC Stormcast For Tuesday, May 23rd, 2023 https://isc.sans.edu/podcastdetail/8508, (Tue, May 23rd)
https://isc.sans.edu/diary/rss/29872
ports.sh
https://www.reddit.com/r/netsec/comments/13ooxgk/portssh/
A week in security (May 15-21)
https://www.malwarebytes.com/blog/news/2023/05/a-week-in-security-may-15-21
U.S. Intelligence Building System to Track Mass Movement of People Around the World
https://www.vice.com/en_us/article/88xq54/us-intelligence-building-system-to-track-mass-movement-of-people-around-the-world
Microsoft reports jump in business email compromise activity
https://www.csoonline.com/article/3697152/microsoft-reports-jump-in-business-email-compromise-activity.html#tk.rss_all
I'm looking for a reverse engineer
https://0x00sec.org/t/im-looking-for-a-reverse-engineer/35175
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
N2K CyberWire
passkey (noun)
A passwordless authentication protocol based on the FIDO2 standard.
Top Security News for 24/05/2023
Former Uber CSO Joe Sullivan and lessons learned from the infamous 2016 Uber breach
https://www.csoonline.com/article/3697136/former-uber-cso-joe-sullivan-and-lessons-learned-from-the-infamous-2016-uber-breach.html#tk.rss_all
ISC Stormcast For Wednesday, May 24th, 2023 https://isc.sans.edu/podcastdetail/8510, (Wed, May 24th)
https://malware.news/t/isc-stormcast-for-wednesday-may-24th-2023-https-isc-sans-edu-podcastdetail-8510-wed-may-24th/69856#post_1
Google to pay $40m for "deceptive and unfair" location tracking practices
https://www.malwarebytes.com/blog/news/2023/05/google-out-of-pocket-by-40m-after-location-tracking-lawsuit
March 2023 Deep Web & Dark Web Threat Trend Report
https://malware.news/t/march-2023-deep-web-dark-web-threat-trend-report/69853#post_1
Against the Clock: Cyber Incident Response Plan
https://malware.news/t/against-the-clock-cyber-incident-response-plan/69855#post_1
China Bans U.S. Chip Giant Micron, Citing "Serious Cybersecurity Problems"
https://thehackernews.com/2023/05/china-bans-us-chip-giant-micron-citing.html
Teleport releases Teleport 13 with automatic vulnerability patching, enhanced DevOps security
https://www.csoonline.com/article/3697017/teleport-releases-teleport-13-with-automatic-vulnerability-patching-enhanced-devops-security.html#tk.rss_all
BlackCat Ransomware affiliate uses signed kernel driver to evade detection
https://securityaffairs.com/146536/malware/blackcat-ransomware-uses-kernel-driver.html
ASEC Weekly Malware Statistics (May 15th, 2023 – May 21st, 2023)
https://malware.news/t/asec-weekly-malware-statistics-may-15th-2023-may-21st-2023/69857#post_1
BlackCat ransomware group uses signed kernel driver to evade detection. AhRat exfiltrates files and records audio on Android devices. ChatGPT-themed fleeceware.
https://thecyberwire.com/podcasts/research-briefing/169/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Former Uber CSO Joe Sullivan and lessons learned from the infamous 2016 Uber breach
https://www.csoonline.com/article/3697136/former-uber-cso-joe-sullivan-and-lessons-learned-from-the-infamous-2016-uber-breach.html#tk.rss_all
ISC Stormcast For Wednesday, May 24th, 2023 https://isc.sans.edu/podcastdetail/8510, (Wed, May 24th)
https://malware.news/t/isc-stormcast-for-wednesday-may-24th-2023-https-isc-sans-edu-podcastdetail-8510-wed-may-24th/69856#post_1
Google to pay $40m for "deceptive and unfair" location tracking practices
https://www.malwarebytes.com/blog/news/2023/05/google-out-of-pocket-by-40m-after-location-tracking-lawsuit
March 2023 Deep Web & Dark Web Threat Trend Report
https://malware.news/t/march-2023-deep-web-dark-web-threat-trend-report/69853#post_1
Against the Clock: Cyber Incident Response Plan
https://malware.news/t/against-the-clock-cyber-incident-response-plan/69855#post_1
China Bans U.S. Chip Giant Micron, Citing "Serious Cybersecurity Problems"
https://thehackernews.com/2023/05/china-bans-us-chip-giant-micron-citing.html
Teleport releases Teleport 13 with automatic vulnerability patching, enhanced DevOps security
https://www.csoonline.com/article/3697017/teleport-releases-teleport-13-with-automatic-vulnerability-patching-enhanced-devops-security.html#tk.rss_all
BlackCat Ransomware affiliate uses signed kernel driver to evade detection
https://securityaffairs.com/146536/malware/blackcat-ransomware-uses-kernel-driver.html
ASEC Weekly Malware Statistics (May 15th, 2023 – May 21st, 2023)
https://malware.news/t/asec-weekly-malware-statistics-may-15th-2023-may-21st-2023/69857#post_1
BlackCat ransomware group uses signed kernel driver to evade detection. AhRat exfiltrates files and records audio on Android devices. ChatGPT-themed fleeceware.
https://thecyberwire.com/podcasts/research-briefing/169/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
Former Uber CSO Joe Sullivan and lessons learned from the infamous 2016 Uber breach
Will Joe Sullivan’s conviction for obstruction in the reporting of the 2016 Uber privacy breach send a chill through the cybersecurity profession? Sullivan tells CSOs he’s worried it just might.
Top Security News for 25/05/2023
N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware
https://thehackernews.com/2023/05/n-korean-lazarus-group-targets.html
Hyatt’s CISO, Intel Briefing, & Third-Party Risk Management with Cyber GRX
https://thecyberwire.com/podcasts/rh-isac/28/notes
Iranian Agrius Hackers Targeting Israeli Organizations with Moneybird Ransomware
https://thehackernews.com/2023/05/iranian-agrius-hackers-targeting.html
Legion Malware Upgraded to Target SSH Servers and AWS Credentials
https://thehackernews.com/2023/05/legion-malware-upgraded-to-target-ssh.html
What if we had the SockPuppet vulnerability in iOS 16? - Apple Security Research
https://www.reddit.com/r/netsec/comments/13qgujz/what_if_we_had_the_sockpuppet_vulnerability_in/
Exploring P4 Protocol: Usage, Implementation, and CVE-2021-37535
https://www.reddit.com/r/netsec/comments/13qt3l9/exploring_p4_protocol_usage_implementation_and/
GitHub - avilum/secimport: seccomp Python sandbox, powered by eBPF and Dtrace
https://www.reddit.com/r/netsec/comments/13qfd5x/github_avilumsecimport_seccomp_python_sandbox/
Obsidian ORB Ransomware Demands Gift Cards as Payment
https://malware.news/t/obsidian-orb-ransomware-demands-gift-cards-as-payment/69886#post_1
Cyber Attacks Strike Ukraine's State Bodies in Espionage Operation
https://thehackernews.com/2023/05/cyber-attacks-strike-ukraines-state.html
BlackCat Ransomware Takes Control With New Kernel Driver
https://packetstormsecurity.com/news/view/34651/BlackCat-Ransomware-Takes-Control-With-New-Kernel-Driver.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware
https://thehackernews.com/2023/05/n-korean-lazarus-group-targets.html
Hyatt’s CISO, Intel Briefing, & Third-Party Risk Management with Cyber GRX
https://thecyberwire.com/podcasts/rh-isac/28/notes
Iranian Agrius Hackers Targeting Israeli Organizations with Moneybird Ransomware
https://thehackernews.com/2023/05/iranian-agrius-hackers-targeting.html
Legion Malware Upgraded to Target SSH Servers and AWS Credentials
https://thehackernews.com/2023/05/legion-malware-upgraded-to-target-ssh.html
What if we had the SockPuppet vulnerability in iOS 16? - Apple Security Research
https://www.reddit.com/r/netsec/comments/13qgujz/what_if_we_had_the_sockpuppet_vulnerability_in/
Exploring P4 Protocol: Usage, Implementation, and CVE-2021-37535
https://www.reddit.com/r/netsec/comments/13qt3l9/exploring_p4_protocol_usage_implementation_and/
GitHub - avilum/secimport: seccomp Python sandbox, powered by eBPF and Dtrace
https://www.reddit.com/r/netsec/comments/13qfd5x/github_avilumsecimport_seccomp_python_sandbox/
Obsidian ORB Ransomware Demands Gift Cards as Payment
https://malware.news/t/obsidian-orb-ransomware-demands-gift-cards-as-payment/69886#post_1
Cyber Attacks Strike Ukraine's State Bodies in Espionage Operation
https://thehackernews.com/2023/05/cyber-attacks-strike-ukraines-state.html
BlackCat Ransomware Takes Control With New Kernel Driver
https://packetstormsecurity.com/news/view/34651/BlackCat-Ransomware-Takes-Control-With-New-Kernel-Driver.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Hyatt’s CISO, Intel Briefing, & Third-Party Risk Management with Cyber GRX
In this episode of the Retail & Hospitality ISAC podcast, host Luke Vander Linden is joined by Ben Vaughn, senior vice president and CISO at Hyatt. During the second part of this interview, Ben reviews Hyatt’s guiding principles and how Hyatt optimizes cyber…
Top Security News for 26/05/2023
How to check for new exploits in real time? VulnCheck has an answer
https://www.csoonline.com/article/3697749/how-to-check-for-new-exploits-in-real-time-vulncheck-has-an-answer.html#tk.rss_all
6 ways generative AI chatbots and LLMs can enhance cybersecurity
https://www.csoonline.com/article/3697137/6-ways-generative-ai-chatbots-and-llms-can-enhance-cybersecurity.html#tk.rss_all
BrandPost: Adding the operation focus to OT security
https://www.csoonline.com/article/3697730/adding-the-operation-focus-to-ot-security.html#tk.rss_all
Inactive accounts pose significant account takeover security risks
https://www.csoonline.com/article/3696941/inactive-accounts-pose-significant-account-takeover-security-risks.html#tk.rss_all
China's Stealthy Hackers Infiltrate U.S. and Guam Critical Infrastructure Undetected
https://thehackernews.com/2023/05/chinas-stealthy-hackers-infiltrate-us.html
Volt Typhoon targets US critical infrastructure with living-off-the-land techniques
https://www.microsoft.com/en-us/security/blog/2023/05/24/volt-typhoon-targets-us-critical-infrastructure-with-living-off-the-land-techniques/
Alert: Brazilian Hackers Targeting Users of Over 30 Portuguese Banks
https://thehackernews.com/2023/05/alert-brazilian-hackers-targeting-users.html
APTs increasingly target SMBs, regional MSPs
https://malware.news/t/apts-increasingly-target-smbs-regional-msps/69931#post_1
"Beautiful Cookie Consent Banner" WordPress plugin vulnerability: Update now!
https://malware.news/t/beautiful-cookie-consent-banner-wordpress-plugin-vulnerability-update-now/69933#post_1
Eating Disorder Helpline Fires Staff, Transitions to Chatbot After Unionization
https://www.vice.com/en_us/article/n7ezkm/eating-disorder-helpline-fires-staff-transitions-to-chatbot-after-unionization
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
How to check for new exploits in real time? VulnCheck has an answer
https://www.csoonline.com/article/3697749/how-to-check-for-new-exploits-in-real-time-vulncheck-has-an-answer.html#tk.rss_all
6 ways generative AI chatbots and LLMs can enhance cybersecurity
https://www.csoonline.com/article/3697137/6-ways-generative-ai-chatbots-and-llms-can-enhance-cybersecurity.html#tk.rss_all
BrandPost: Adding the operation focus to OT security
https://www.csoonline.com/article/3697730/adding-the-operation-focus-to-ot-security.html#tk.rss_all
Inactive accounts pose significant account takeover security risks
https://www.csoonline.com/article/3696941/inactive-accounts-pose-significant-account-takeover-security-risks.html#tk.rss_all
China's Stealthy Hackers Infiltrate U.S. and Guam Critical Infrastructure Undetected
https://thehackernews.com/2023/05/chinas-stealthy-hackers-infiltrate-us.html
Volt Typhoon targets US critical infrastructure with living-off-the-land techniques
https://www.microsoft.com/en-us/security/blog/2023/05/24/volt-typhoon-targets-us-critical-infrastructure-with-living-off-the-land-techniques/
Alert: Brazilian Hackers Targeting Users of Over 30 Portuguese Banks
https://thehackernews.com/2023/05/alert-brazilian-hackers-targeting-users.html
APTs increasingly target SMBs, regional MSPs
https://malware.news/t/apts-increasingly-target-smbs-regional-msps/69931#post_1
"Beautiful Cookie Consent Banner" WordPress plugin vulnerability: Update now!
https://malware.news/t/beautiful-cookie-consent-banner-wordpress-plugin-vulnerability-update-now/69933#post_1
Eating Disorder Helpline Fires Staff, Transitions to Chatbot After Unionization
https://www.vice.com/en_us/article/n7ezkm/eating-disorder-helpline-fires-staff-transitions-to-chatbot-after-unionization
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
How to check for new exploits in real time? VulnCheck has an answer
VulnCheck’s new database tracks exploits for fresh vulnerabilities in real time and allows for search using CVE IDs.
Top Security News for 27/05/2023
New PowerExchange Backdoor linked to an Iranian APT group
https://securityaffairs.com/146690/apt/powerexchange-backdoor-iran.html
DocuSign-themed email leads to script-based infection, (Sat, May 27th)
https://isc.sans.edu/diary/rss/29888
Kevin Kirkwood, Deputy CISO from LogRhythm, joins to discuss how to overcome extortion attempts.
https://thecyberwire.com/podcasts/interview-selects/160/notes
Zyxel patches two critical vulnerabilities
https://malware.news/t/zyxel-patches-two-critical-vulnerabilities/69958#post_1
2023-05-24 - Bye bye Pikabot... We're back to Qak! (obama264 Qakbot infection)
https://malware.news/t/2023-05-24-bye-bye-pikabot-were-back-to-qak-obama264-qakbot-infection/69957#post_1
CosmicEnergy: OT and ICS malware from Russia, maybe for red teaming. Updates on Volt Typhoon. Legion malware upgraded for the cloud. Natural-disaster-themed online fraud.
https://thecyberwire.com/podcasts/daily-podcast/1832/notes
Researchers find new ICS malware toolkit designed to cause electric power outages
https://www.csoonline.com/article/3697850/researchers-find-new-ics-malware-toolkit-designed-to-cause-electric-power-outages.html#tk.rss_all
5 Must-Know Facts about 5G Network Security and Its Cloud Benefits
https://thehackernews.com/2023/05/5-must-know-facts-about-5g-network.html
BrandPost: New report reveals tips for building a skilled cybersecurity workforce
https://www.csoonline.com/article/3697790/new-report-reveals-tips-for-building-a-skilled-cybersecurity-workforce.html#tk.rss_all
GCP CloudSQL Vulnerability Leads to Internal Container Access and Data Exposure
https://www.reddit.com/r/netsec/comments/13smejr/gcp_cloudsql_vulnerability_leads_to_internal/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
New PowerExchange Backdoor linked to an Iranian APT group
https://securityaffairs.com/146690/apt/powerexchange-backdoor-iran.html
DocuSign-themed email leads to script-based infection, (Sat, May 27th)
https://isc.sans.edu/diary/rss/29888
Kevin Kirkwood, Deputy CISO from LogRhythm, joins to discuss how to overcome extortion attempts.
https://thecyberwire.com/podcasts/interview-selects/160/notes
Zyxel patches two critical vulnerabilities
https://malware.news/t/zyxel-patches-two-critical-vulnerabilities/69958#post_1
2023-05-24 - Bye bye Pikabot... We're back to Qak! (obama264 Qakbot infection)
https://malware.news/t/2023-05-24-bye-bye-pikabot-were-back-to-qak-obama264-qakbot-infection/69957#post_1
CosmicEnergy: OT and ICS malware from Russia, maybe for red teaming. Updates on Volt Typhoon. Legion malware upgraded for the cloud. Natural-disaster-themed online fraud.
https://thecyberwire.com/podcasts/daily-podcast/1832/notes
Researchers find new ICS malware toolkit designed to cause electric power outages
https://www.csoonline.com/article/3697850/researchers-find-new-ics-malware-toolkit-designed-to-cause-electric-power-outages.html#tk.rss_all
5 Must-Know Facts about 5G Network Security and Its Cloud Benefits
https://thehackernews.com/2023/05/5-must-know-facts-about-5g-network.html
BrandPost: New report reveals tips for building a skilled cybersecurity workforce
https://www.csoonline.com/article/3697790/new-report-reveals-tips-for-building-a-skilled-cybersecurity-workforce.html#tk.rss_all
GCP CloudSQL Vulnerability Leads to Internal Container Access and Data Exposure
https://www.reddit.com/r/netsec/comments/13smejr/gcp_cloudsql_vulnerability_leads_to_internal/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
New PowerExchange Backdoor linked to an Iranian APT group
An alleged Iran-linked APT group targeted an organization linked to the United Arab Emirates (U.A.E.) with the new PowerExchange backdoor.
Top Security News for 18/06/2023
How to find industrial control devices
https://0x00sec.org/t/how-to-find-industrial-control-devices/35620
Lorna Mahlock: Build bridges. [Combat support]
https://thecyberwire.com/podcasts/career-notes/154/notes
Reverse Engineering: iOS App Extraction & Analysis
https://www.reddit.com/r/netsec/comments/14bt9qe/reverse_engineering_ios_app_extraction_analysis/
From Cryptojacking to DDoS Attacks: Diicot Expands Tactics with Cayosin Botnet
https://thehackernews.com/2023/06/from-cryptojacking-to-ddos-attacks.html
The Week that Was: US Government discloses exploitation of MOVEit instances. An update on CosmicEnergy: it’s "not an immediate threat." AI-generated phishing attacks. A 2021 ransomware attack put a hospital under financial pressure that caused it to close.
https://thecyberwire.com/newsletters/week-that-was/7/23
CISA SBOM standards efforts stymied by confusion, inertia | TechTarget
https://www.reddit.com/r/netsec/comments/14bz3q5/cisa_sbom_standards_efforts_stymied_by_confusion/
Update: zipdump.py Version 0.0.26
https://malware.news/t/update-zipdump-py-version-0-0-26/70585#post_1
Explainer: Dominion vulnerabilities reported by Halderman
https://www.reddit.com/r/netsec/comments/14c6ep9/explainer_dominion_vulnerabilities_reported_by/
Law enforcement shutdown a long-standing DDoS-for-hire service
https://securityaffairs.com/147564/cyber-crime/ddos-for-eye-service-seized.html
harbian-audit v0.7 releases: security audit and hardening for Debian 12
https://www.reddit.com/r/netsec/comments/14boalg/harbianaudit_v07_releases_security_audit_and/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
How to find industrial control devices
https://0x00sec.org/t/how-to-find-industrial-control-devices/35620
Lorna Mahlock: Build bridges. [Combat support]
https://thecyberwire.com/podcasts/career-notes/154/notes
Reverse Engineering: iOS App Extraction & Analysis
https://www.reddit.com/r/netsec/comments/14bt9qe/reverse_engineering_ios_app_extraction_analysis/
From Cryptojacking to DDoS Attacks: Diicot Expands Tactics with Cayosin Botnet
https://thehackernews.com/2023/06/from-cryptojacking-to-ddos-attacks.html
The Week that Was: US Government discloses exploitation of MOVEit instances. An update on CosmicEnergy: it’s "not an immediate threat." AI-generated phishing attacks. A 2021 ransomware attack put a hospital under financial pressure that caused it to close.
https://thecyberwire.com/newsletters/week-that-was/7/23
CISA SBOM standards efforts stymied by confusion, inertia | TechTarget
https://www.reddit.com/r/netsec/comments/14bz3q5/cisa_sbom_standards_efforts_stymied_by_confusion/
Update: zipdump.py Version 0.0.26
https://malware.news/t/update-zipdump-py-version-0-0-26/70585#post_1
Explainer: Dominion vulnerabilities reported by Halderman
https://www.reddit.com/r/netsec/comments/14c6ep9/explainer_dominion_vulnerabilities_reported_by/
Law enforcement shutdown a long-standing DDoS-for-hire service
https://securityaffairs.com/147564/cyber-crime/ddos-for-eye-service-seized.html
harbian-audit v0.7 releases: security audit and hardening for Debian 12
https://www.reddit.com/r/netsec/comments/14boalg/harbianaudit_v07_releases_security_audit_and/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
0x00sec - The Home of the Hacker
How to find industrial control devices
How to find industrial control devices (e.g. Siemens) on the corporate intranet or internet, how to detect them and be able to access and control these industrial control devices.Whenever I do a penetration testing project, I am usually told by my collaborators…
Top Security News for 19/06/2023
Soft DDOS technique to bypass Play Store security measures
https://www.reddit.com/r/netsec/comments/14baa2t/soft_ddos_technique_to_bypass_play_store_security/
PentestGPT, a gpt-powered penetration testing tool, open source
https://www.reddit.com/r/netsec/comments/14d25yr/pentestgpt_a_gptpowered_penetration_testing_tool/
Brute-Force ZIP Password Cracking with zipdump.py, (Sun, Jun 18th)
https://isc.sans.edu/diary/rss/29948
US govt offers $10 million bounty for info linking Clop ransomware gang to a foreign government.
https://securityaffairs.com/147577/cyber-crime/clop-ransomware-reward.html
Three attacks against geth-based Ethereum clients: "Speculative Denial-of-Service Attacks in Ethereum"
https://www.reddit.com/r/netsec/comments/14che5g/three_attacks_against_gethbased_ethereum_clients/
How to create an hacking lab on apple silicon
https://www.reddit.com/r/netsec/comments/14cim3p/how_to_create_an_hacking_lab_on_apple_silicon/
Microsoft: June Outlook and cloud platform outages were caused by DDoS
https://securityaffairs.com/147605/hacking/microsoft-outages-ddos.html
Need advice on unpacking .dll
https://0x00sec.org/t/need-advice-on-unpacking-dll/35635
CrowdStrike Automates Zero-Day Malware Classification | CrowdStrike
https://www.reddit.com/r/Malware/comments/14cdvyy/crowdstrike_automates_zeroday_malware/
Easiest Way to learn the WinAPI for Malware (Embedding Shellcode)
https://www.reddit.com/r/Malware/comments/14cswu8/easiest_way_to_learn_the_winapi_for_malware/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Soft DDOS technique to bypass Play Store security measures
https://www.reddit.com/r/netsec/comments/14baa2t/soft_ddos_technique_to_bypass_play_store_security/
PentestGPT, a gpt-powered penetration testing tool, open source
https://www.reddit.com/r/netsec/comments/14d25yr/pentestgpt_a_gptpowered_penetration_testing_tool/
Brute-Force ZIP Password Cracking with zipdump.py, (Sun, Jun 18th)
https://isc.sans.edu/diary/rss/29948
US govt offers $10 million bounty for info linking Clop ransomware gang to a foreign government.
https://securityaffairs.com/147577/cyber-crime/clop-ransomware-reward.html
Three attacks against geth-based Ethereum clients: "Speculative Denial-of-Service Attacks in Ethereum"
https://www.reddit.com/r/netsec/comments/14che5g/three_attacks_against_gethbased_ethereum_clients/
How to create an hacking lab on apple silicon
https://www.reddit.com/r/netsec/comments/14cim3p/how_to_create_an_hacking_lab_on_apple_silicon/
Microsoft: June Outlook and cloud platform outages were caused by DDoS
https://securityaffairs.com/147605/hacking/microsoft-outages-ddos.html
Need advice on unpacking .dll
https://0x00sec.org/t/need-advice-on-unpacking-dll/35635
CrowdStrike Automates Zero-Day Malware Classification | CrowdStrike
https://www.reddit.com/r/Malware/comments/14cdvyy/crowdstrike_automates_zeroday_malware/
Easiest Way to learn the WinAPI for Malware (Embedding Shellcode)
https://www.reddit.com/r/Malware/comments/14cswu8/easiest_way_to_learn_the_winapi_for_malware/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
Soft DDOS technique to bypass Play Store security measures : r/netsec
482K subscribers in the netsec community. /r/netsec is a community-curated aggregator of technical information security content. Our mission is to…