Top Security News for 01/06/2022
Code execution 0-day in Windows has been under active exploit for 7 weeks
https://arstechnica.com/?p=1857315
Is quantum teleportation the future of secure communications?
https://blog.malwarebytes.com/reports/2022/05/is-quantum-teleportation-the-future-of-secure-communications/
FBI warns of education sector credentials on dark web forums
https://blog.malwarebytes.com/privacy-2/2022/05/fbi-warns-of-education-sector-credentials-on-dark-web-forums/
Runescape phish claims your email has been changed
https://blog.malwarebytes.com/scams/2022/05/runescape-phish-claims-your-email-has-been-changed/
Microsoft Releases Workarounds for Office Vulnerability Under Active Exploitation
https://thehackernews.com/2022/05/microsoft-releases-workarounds-for.html
Marjorie Taylor Greene Says Bill Gates Will Force You to Eat Burgers Made in a ‘Peach Tree Dish’
https://www.vice.com/en_us/article/5dgne3/marjorie-taylor-greene-says-bill-gates-will-force-you-to-eat-burgers-made-in-a-peach-tree-dish
Technical Advisory: CVE-2022-30190 Zero-day Vulnerability “Follina” in Microsoft Support Diagnostic Tool
https://malware.news/t/technical-advisory-cve-2022-30190-zero-day-vulnerability-follina-in-microsoft-support-diagnostic-tool/60610/1
SideWinder Hackers Launched Over a 1,000 Cyber Attacks Over the Past 2 Years
https://thehackernews.com/2022/05/sidewinder-hackers-launched-over-1000.html
Interpol Nabs 3 Nigerian Scammers Behind Malware-based Attacks
https://thehackernews.com/2022/05/interpol-nabs-3-nigerian-scammers.html
The Internet needs to stop getting excited by vaporware EVs
https://arstechnica.com/?p=1857185
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Code execution 0-day in Windows has been under active exploit for 7 weeks
https://arstechnica.com/?p=1857315
Is quantum teleportation the future of secure communications?
https://blog.malwarebytes.com/reports/2022/05/is-quantum-teleportation-the-future-of-secure-communications/
FBI warns of education sector credentials on dark web forums
https://blog.malwarebytes.com/privacy-2/2022/05/fbi-warns-of-education-sector-credentials-on-dark-web-forums/
Runescape phish claims your email has been changed
https://blog.malwarebytes.com/scams/2022/05/runescape-phish-claims-your-email-has-been-changed/
Microsoft Releases Workarounds for Office Vulnerability Under Active Exploitation
https://thehackernews.com/2022/05/microsoft-releases-workarounds-for.html
Marjorie Taylor Greene Says Bill Gates Will Force You to Eat Burgers Made in a ‘Peach Tree Dish’
https://www.vice.com/en_us/article/5dgne3/marjorie-taylor-greene-says-bill-gates-will-force-you-to-eat-burgers-made-in-a-peach-tree-dish
Technical Advisory: CVE-2022-30190 Zero-day Vulnerability “Follina” in Microsoft Support Diagnostic Tool
https://malware.news/t/technical-advisory-cve-2022-30190-zero-day-vulnerability-follina-in-microsoft-support-diagnostic-tool/60610/1
SideWinder Hackers Launched Over a 1,000 Cyber Attacks Over the Past 2 Years
https://thehackernews.com/2022/05/sidewinder-hackers-launched-over-1000.html
Interpol Nabs 3 Nigerian Scammers Behind Malware-based Attacks
https://thehackernews.com/2022/05/interpol-nabs-3-nigerian-scammers.html
The Internet needs to stop getting excited by vaporware EVs
https://arstechnica.com/?p=1857185
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Is quantum teleportation the future of secure communications?
Dutch scientists have demonstrated the next step towards a quantum-based Internet that will make communications immediate and private
Top Security News for 02/06/2022
US Supreme Court puts a hold on enforcement of Texas social media law. INTERPOL issues warning about various forms of online extortion. US Commerce Department will restrict cyber exports to China.
https://thecyberwire.com/newsletters/policy-briefing/4/105
Unofficial patches for the 0-day vulnerability called Follina (CVE-2022-30190)
https://www.reddit.com/r/netsec/comments/v2maa4/unofficial_patches_for_the_0day_vulnerability/
Ransomware attack turns 2022 into 1977 for Somerset County
https://malware.news/t/ransomware-attack-turns-2022-into-1977-for-somerset-county/60662/1
Discord Is the Center of the Crypto World and That’s a Problem
https://www.vice.com/en_us/article/4awkew/discord-is-the-center-of-the-crypto-world-and-thats-a-problem
NASA still “pushing” for a Russian cosmonaut to fly on next SpaceX mission
https://arstechnica.com/?p=1856528
Information Security BASICS - Anvil Secure
https://www.reddit.com/r/netsec/comments/v2mrkd/information_security_basics_anvil_secure/
Minerva's evasion based CTF is open for registration
https://www.reddit.com/r/netsec/comments/v2ehz0/minervas_evasion_based_ctf_is_open_for/
NSIS Installer Malware Included with Various Malicious Files
https://malware.news/t/nsis-installer-malware-included-with-various-malicious-files/60663/1
Mass account takeover in Yunmai smartscale API (full disclosure)
https://www.reddit.com/r/netsec/comments/v0uv1g/mass_account_takeover_in_yunmai_smartscale_api/
OST2 Vulnerabilities 1001: C-Family Software Implementation Vulnerabilities (Taught via explaining > 3 dozen CVEs from the last 3 years)
https://www.reddit.com/r/netsec/comments/v2ep1m/ost2_vulnerabilities_1001_cfamily_software/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
US Supreme Court puts a hold on enforcement of Texas social media law. INTERPOL issues warning about various forms of online extortion. US Commerce Department will restrict cyber exports to China.
https://thecyberwire.com/newsletters/policy-briefing/4/105
Unofficial patches for the 0-day vulnerability called Follina (CVE-2022-30190)
https://www.reddit.com/r/netsec/comments/v2maa4/unofficial_patches_for_the_0day_vulnerability/
Ransomware attack turns 2022 into 1977 for Somerset County
https://malware.news/t/ransomware-attack-turns-2022-into-1977-for-somerset-county/60662/1
Discord Is the Center of the Crypto World and That’s a Problem
https://www.vice.com/en_us/article/4awkew/discord-is-the-center-of-the-crypto-world-and-thats-a-problem
NASA still “pushing” for a Russian cosmonaut to fly on next SpaceX mission
https://arstechnica.com/?p=1856528
Information Security BASICS - Anvil Secure
https://www.reddit.com/r/netsec/comments/v2mrkd/information_security_basics_anvil_secure/
Minerva's evasion based CTF is open for registration
https://www.reddit.com/r/netsec/comments/v2ehz0/minervas_evasion_based_ctf_is_open_for/
NSIS Installer Malware Included with Various Malicious Files
https://malware.news/t/nsis-installer-malware-included-with-various-malicious-files/60663/1
Mass account takeover in Yunmai smartscale API (full disclosure)
https://www.reddit.com/r/netsec/comments/v0uv1g/mass_account_takeover_in_yunmai_smartscale_api/
OST2 Vulnerabilities 1001: C-Family Software Implementation Vulnerabilities (Taught via explaining > 3 dozen CVEs from the last 3 years)
https://www.reddit.com/r/netsec/comments/v2ep1m/ost2_vulnerabilities_1001_cfamily_software/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
US Supreme Court puts a hold on enforcement of Texas social media law. INTERPOL issues warning about various forms of online extortion.…
Top Security News for 03/06/2022
Remotely Controlling Touchscreens
https://malware.news/t/remotely-controlling-touchscreens/60703/1
WinDealer dealing on the side
https://securelist.com/windealer-dealing-on-the-side/105946/
Analysis report on Log4j attack patterns
https://www.reddit.com/r/Malware/comments/v3p7l2/analysis_report_on_log4j_attack_patterns/
Ransomware roundup: System-locking malware dominates headlines
https://www.csoonline.com/article/3662038/ransomware-roundup-system-locking-malware-dominates-headlines.html#tk.rss_all
Analysis of the Massive NDSW/NDSX Malware Campaign
https://malware.news/t/analysis-of-the-massive-ndsw-ndsx-malware-campaign/60704/1
Sandbox Evasion... With Just a Filename!, (Fri, Jun 3rd)
https://isc.sans.edu/diary/rss/28708
Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks
https://thehackernews.com/2022/06/researchers-demonstrate-ransomware-for.html
10 of the hottest new cybersecurity startups at RSA 2022
https://www.csoonline.com/article/3662771/10-of-the-hottest-new-cybersecurity-startups-at-rsa-2022.html#tk.rss_all
ExpressVPN Removes Servers in India After Refusing to Comply with Government Order
https://thehackernews.com/2022/06/expressvpn-removes-servers-in-india.html
NASA just bought the rest of the space station crew flights from SpaceX
https://arstechnica.com/?p=1857926
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Remotely Controlling Touchscreens
https://malware.news/t/remotely-controlling-touchscreens/60703/1
WinDealer dealing on the side
https://securelist.com/windealer-dealing-on-the-side/105946/
Analysis report on Log4j attack patterns
https://www.reddit.com/r/Malware/comments/v3p7l2/analysis_report_on_log4j_attack_patterns/
Ransomware roundup: System-locking malware dominates headlines
https://www.csoonline.com/article/3662038/ransomware-roundup-system-locking-malware-dominates-headlines.html#tk.rss_all
Analysis of the Massive NDSW/NDSX Malware Campaign
https://malware.news/t/analysis-of-the-massive-ndsw-ndsx-malware-campaign/60704/1
Sandbox Evasion... With Just a Filename!, (Fri, Jun 3rd)
https://isc.sans.edu/diary/rss/28708
Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks
https://thehackernews.com/2022/06/researchers-demonstrate-ransomware-for.html
10 of the hottest new cybersecurity startups at RSA 2022
https://www.csoonline.com/article/3662771/10-of-the-hottest-new-cybersecurity-startups-at-rsa-2022.html#tk.rss_all
ExpressVPN Removes Servers in India After Refusing to Comply with Government Order
https://thehackernews.com/2022/06/expressvpn-removes-servers-in-india.html
NASA just bought the rest of the space station crew flights from SpaceX
https://arstechnica.com/?p=1857926
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Remotely Controlling Touchscreens
Researchers have demonstrated controlling touchscreens at a distance, at least in a laboratory setting: The core idea is to take advantage of the electromagnetic signals to execute basic touch events such as taps and swipes into targeted locations of the…
👍2
Top Security News for 04/06/2022
Chinese LuoYu Hackers Using Man-on-the-Side Attacks to Deploy WinDealer Backdoor
https://thehackernews.com/2022/06/chinese-luoyu-hackers-using-man-on-side.html
After remote-work ultimatum, Musk reveals plan to cut 10% of Tesla jobs
https://arstechnica.com/?p=1858044
Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies
https://thehackernews.com/2022/06/microsoft-blocks-iran-linked-lebanese.html
Hacktivism, nominal and (possibly) real. Cyber gangs rebrand and branch out. CISA alerts. Cyber phases of Russia's hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/107
[updated]Unpatched Atlassian Confluence vulnerability is actively exploited
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/06/unpatched-atlassian-confluence-vulnerability-is-actively-exploited/
Perry Carpenter on his new book "The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer"
https://thecyberwire.com/podcasts/interview-selects/113/notes
Critical Atlassian 0-day is under active exploit. You’re patched, right?
https://arstechnica.com/?p=1858307
Threat Roundup for May 27 to June 3
https://malware.news/t/threat-roundup-for-may-27-to-june-3/60734/1
SSO explained: Single sign-on definition, examples, and terminology
https://www.csoonline.com/article/2115776/sso-explained-single-sign-on-definition-examples-and-terminology.html#tk.rss_all
Americans want more electric vehicles, but 50% by 2030 looks unlikely
https://arstechnica.com/?p=1858024
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Chinese LuoYu Hackers Using Man-on-the-Side Attacks to Deploy WinDealer Backdoor
https://thehackernews.com/2022/06/chinese-luoyu-hackers-using-man-on-side.html
After remote-work ultimatum, Musk reveals plan to cut 10% of Tesla jobs
https://arstechnica.com/?p=1858044
Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies
https://thehackernews.com/2022/06/microsoft-blocks-iran-linked-lebanese.html
Hacktivism, nominal and (possibly) real. Cyber gangs rebrand and branch out. CISA alerts. Cyber phases of Russia's hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/107
[updated]Unpatched Atlassian Confluence vulnerability is actively exploited
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/06/unpatched-atlassian-confluence-vulnerability-is-actively-exploited/
Perry Carpenter on his new book "The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer"
https://thecyberwire.com/podcasts/interview-selects/113/notes
Critical Atlassian 0-day is under active exploit. You’re patched, right?
https://arstechnica.com/?p=1858307
Threat Roundup for May 27 to June 3
https://malware.news/t/threat-roundup-for-may-27-to-june-3/60734/1
SSO explained: Single sign-on definition, examples, and terminology
https://www.csoonline.com/article/2115776/sso-explained-single-sign-on-definition-examples-and-terminology.html#tk.rss_all
Americans want more electric vehicles, but 50% by 2030 looks unlikely
https://arstechnica.com/?p=1858024
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Hacktivism, nominal and (possibly) real. Cyber gangs rebrand and branch out. CISA alerts. Cyber phases of Russia's hybrid war.
Hacktivism: anti-Iran, and Iran-sponsored. Rebranding to evade sanctions. Conti's threat to firmware. Atlassian works on an actively exploited Confluence vulnerability. CISA releases ICS security advisories. Cyber phases of Russia's hybrid war against Ukraine.
👍1
Top Security News for 05/06/2022
Cyber phases of Russia's hybrid war. Microsoft hits Polonium and mitigates Follina. CISA and its partners warn about the Karakurt extortion group. Clipminer is out in the wild. Notes from the underworld.
https://thecyberwire.com/newsletters/week-that-was/6/22
LemonDucks evading detection.
https://thecyberwire.com/podcasts/research-saturday/235/notes
Technical Advisory – Multiple Vulnerabilities in U-Boot (CVE-2022-30790, CVE-2022-30552) - including remote write anywhere primitive in its IP stack
https://www.reddit.com/r/netsec/comments/v4ht0r/technical_advisory_multiple_vulnerabilities_in/
The Domain Generation Algorithms of SharkBot
https://malware.news/t/the-domain-generation-algorithms-of-sharkbot/60743/1
Smaller reactors may still have a big nuclear waste problem
https://arstechnica.com/?p=1858107
An actively exploited Microsoft 0-day flaw still doesn’t have a patch
https://arstechnica.com/?p=1858179
Protected: Biweekly Malware Challenge #1: Gozi/ISFB String Decryption
https://malware.news/t/protected-biweekly-malware-challenge-1-gozi-isfb-string-decryption/60740/1
Certificate Ripper released - tool to extract server certificates
https://www.reddit.com/r/netsec/comments/v4qegg/certificate_ripper_released_tool_to_extract/
Anonymous: Operation Russia after 100 days of war
https://securityaffairs.co/wordpress/131933/hacktivism/anonymous-operation-russia-100-days.html
Mind Map of Malware Mitigations
https://www.reddit.com/r/Malware/comments/v4vc7a/mind_map_of_malware_mitigations/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Cyber phases of Russia's hybrid war. Microsoft hits Polonium and mitigates Follina. CISA and its partners warn about the Karakurt extortion group. Clipminer is out in the wild. Notes from the underworld.
https://thecyberwire.com/newsletters/week-that-was/6/22
LemonDucks evading detection.
https://thecyberwire.com/podcasts/research-saturday/235/notes
Technical Advisory – Multiple Vulnerabilities in U-Boot (CVE-2022-30790, CVE-2022-30552) - including remote write anywhere primitive in its IP stack
https://www.reddit.com/r/netsec/comments/v4ht0r/technical_advisory_multiple_vulnerabilities_in/
The Domain Generation Algorithms of SharkBot
https://malware.news/t/the-domain-generation-algorithms-of-sharkbot/60743/1
Smaller reactors may still have a big nuclear waste problem
https://arstechnica.com/?p=1858107
An actively exploited Microsoft 0-day flaw still doesn’t have a patch
https://arstechnica.com/?p=1858179
Protected: Biweekly Malware Challenge #1: Gozi/ISFB String Decryption
https://malware.news/t/protected-biweekly-malware-challenge-1-gozi-isfb-string-decryption/60740/1
Certificate Ripper released - tool to extract server certificates
https://www.reddit.com/r/netsec/comments/v4qegg/certificate_ripper_released_tool_to_extract/
Anonymous: Operation Russia after 100 days of war
https://securityaffairs.co/wordpress/131933/hacktivism/anonymous-operation-russia-100-days.html
Mind Map of Malware Mitigations
https://www.reddit.com/r/Malware/comments/v4vc7a/mind_map_of_malware_mitigations/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Cyber phases of Russia's hybrid war. Microsoft hits Polonium and mitigates Follina. CISA and its partners warn about the Karakurt…
Cyber phases of Russia's hybrid war. Microsoft shuts down Tehran-directed threat actor. CISA and its partners warn about the Karakurt extortion group. Clipminer is out in the wild. Microsoft issues mitigations for Follina zero-day. Notes from the underworld.…
Top Security News for 06/06/2022
Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild
https://securityaffairs.co/wordpress/131942/security/atlassian-fixes-confluence-zero-day.html
ISC StormCast for Monday, June 6th, 2022
https://isc.sans.edu/podcastdetail.html?id=8036
Security Affairs newsletter Round 368 by Pierluigi Paganini
https://securityaffairs.co/wordpress/131958/breaking-news/security-affairs-newsletter-round-368-by-pierluigi-paganini.html
State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S
https://thehackernews.com/2022/06/state-backed-hackers-exploit-microsoft.html
ISC Stormcast For Monday, June 6th, 2022 https://isc.sans.edu/podcastdetail.html?id=8036, (Mon, Jun 6th)
https://isc.sans.edu/diary/rss/28716
OFFENSIVE C#
https://www.reddit.com/r/Malware/comments/v564kf/offensive_c/
Defining the intruder’s dilemma.
https://thecyberwire.com/podcasts/cyberwire-x/32/notes
Analysis Of An "ms-msdt" RTF Maldoc, (Sun, Jun 5th)
https://isc.sans.edu/diary/rss/28714
Analysis of a large brute force attack campaign against Windows Remote Desktop
https://www.reddit.com/r/netsec/comments/v58po4/analysis_of_a_large_brute_force_attack_campaign/
Making blockchain stop wasting energy by getting it to manage energy
https://arstechnica.com/?p=1858298
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild
https://securityaffairs.co/wordpress/131942/security/atlassian-fixes-confluence-zero-day.html
ISC StormCast for Monday, June 6th, 2022
https://isc.sans.edu/podcastdetail.html?id=8036
Security Affairs newsletter Round 368 by Pierluigi Paganini
https://securityaffairs.co/wordpress/131958/breaking-news/security-affairs-newsletter-round-368-by-pierluigi-paganini.html
State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S
https://thehackernews.com/2022/06/state-backed-hackers-exploit-microsoft.html
ISC Stormcast For Monday, June 6th, 2022 https://isc.sans.edu/podcastdetail.html?id=8036, (Mon, Jun 6th)
https://isc.sans.edu/diary/rss/28716
OFFENSIVE C#
https://www.reddit.com/r/Malware/comments/v564kf/offensive_c/
Defining the intruder’s dilemma.
https://thecyberwire.com/podcasts/cyberwire-x/32/notes
Analysis Of An "ms-msdt" RTF Maldoc, (Sun, Jun 5th)
https://isc.sans.edu/diary/rss/28714
Analysis of a large brute force attack campaign against Windows Remote Desktop
https://www.reddit.com/r/netsec/comments/v58po4/analysis_of_a_large_brute_force_attack_campaign/
Making blockchain stop wasting energy by getting it to manage energy
https://arstechnica.com/?p=1858298
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Atlassian rolled out fixes for Confluence zero-day actively exploited
Atlassian has addressed on Friday an actively exploited critical RCE flaw (CVE-2022-26134) in Confluence Server and Data Center products.
Top Security News for 07/06/2022
Solid-state batteries for EVs move a step closer to production
https://arstechnica.com/?p=1858366
Russia seeks to hijack German telescope on its X-ray spacecraft
https://arstechnica.com/?p=1858353
Observed In The Wild: Atlassian Confluence Server CVE-2022-26134
https://www.reddit.com/r/netsec/comments/v6iia0/observed_in_the_wild_atlassian_confluence_server/
Microsoft Seizes 41 Domains Used in Spear-Phishing Attacks by Bohrium Hackers
https://thehackernews.com/2022/06/microsoft-seizes-41-domains-used-in.html
Popping Eagle: How Global Analytics Uncovered a Stealthy Threat Actor
https://www.reddit.com/r/netsec/comments/v4aspa/popping_eagle_how_global_analytics_uncovered_a/
Passwordstate - Revoked its Digicert certificate used to sign the code
https://www.reddit.com/r/netsec/comments/v5xl0o/passwordstate_revoked_its_digicert_certificate/
Ukraine's SSSCIP discusses the cyber phases of Russia's war. Atlassian patches Confluence;. State actor exploits Follina.
https://thecyberwire.com/newsletters/daily-briefing/11/108
Big Tech pulls out all the stops to halt “self-preferencing” antitrust bill
https://arstechnica.com/?p=1858462
Microsoft Autopatch is here…but can you use it?
https://blog.malwarebytes.com/business-2/2022/06/microsoft-autopatch-is-here-but-can-you-use-it/
State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S
https://thehackernews.com/2022/06/state-backed-hackers-exploit-microsoft.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Solid-state batteries for EVs move a step closer to production
https://arstechnica.com/?p=1858366
Russia seeks to hijack German telescope on its X-ray spacecraft
https://arstechnica.com/?p=1858353
Observed In The Wild: Atlassian Confluence Server CVE-2022-26134
https://www.reddit.com/r/netsec/comments/v6iia0/observed_in_the_wild_atlassian_confluence_server/
Microsoft Seizes 41 Domains Used in Spear-Phishing Attacks by Bohrium Hackers
https://thehackernews.com/2022/06/microsoft-seizes-41-domains-used-in.html
Popping Eagle: How Global Analytics Uncovered a Stealthy Threat Actor
https://www.reddit.com/r/netsec/comments/v4aspa/popping_eagle_how_global_analytics_uncovered_a/
Passwordstate - Revoked its Digicert certificate used to sign the code
https://www.reddit.com/r/netsec/comments/v5xl0o/passwordstate_revoked_its_digicert_certificate/
Ukraine's SSSCIP discusses the cyber phases of Russia's war. Atlassian patches Confluence;. State actor exploits Follina.
https://thecyberwire.com/newsletters/daily-briefing/11/108
Big Tech pulls out all the stops to halt “self-preferencing” antitrust bill
https://arstechnica.com/?p=1858462
Microsoft Autopatch is here…but can you use it?
https://blog.malwarebytes.com/business-2/2022/06/microsoft-autopatch-is-here-but-can-you-use-it/
State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S
https://thehackernews.com/2022/06/state-backed-hackers-exploit-microsoft.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Ars Technica
Solid-state batteries for EVs move a step closer to production
Solid Power wants to give cells to BMW and Ford for testing later this year.
Top Security News for 08/06/2022
AI Trained on 4Chan Becomes ‘Hate Speech Machine’
https://www.vice.com/en_us/article/7k8zwx/ai-trained-on-4chan-becomes-hate-speech-machine
Network analysis of a targeted phish that got past Defender
https://www.reddit.com/r/netsec/comments/v707vn/network_analysis_of_a_targeted_phish_that_got/
Zero-day flaw in Atlassian Confluence exploited in the wild since May
https://www.csoonline.com/article/3662755/zero-day-flaw-in-atlassian-confluence-exploited-in-the-wild-since-may.html#tk.rss_all
Inside the $100K+ forgery scandal that’s roiling PC game collecting
https://arstechnica.com/?p=1858275
Apple's New Feature Will Install Security Updates Automatically Without Full OS Update
https://thehackernews.com/2022/06/apples-new-feature-will-install.html
Apple will allow Linux VMs to run Intel apps with Rosetta in macOS Ventura
https://arstechnica.com/?p=1859358
Ransomware Task Force priorities see progress in first year
https://malware.news/t/ransomware-task-force-priorities-see-progress-in-first-year/60817/1
You’ll shoot your eye out: Popped champagne cork ejects CO2 at supersonic speeds
https://arstechnica.com/?p=1859317
AWS S3 Scanner: Online tool for finding misconfigurations
https://www.reddit.com/r/netsec/comments/v756tm/aws_s3_scanner_online_tool_for_finding/
DOJ, FBI shut down marketplace for stolen Social Security numbers
https://malware.news/t/doj-fbi-shut-down-marketplace-for-stolen-social-security-numbers/60821/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
AI Trained on 4Chan Becomes ‘Hate Speech Machine’
https://www.vice.com/en_us/article/7k8zwx/ai-trained-on-4chan-becomes-hate-speech-machine
Network analysis of a targeted phish that got past Defender
https://www.reddit.com/r/netsec/comments/v707vn/network_analysis_of_a_targeted_phish_that_got/
Zero-day flaw in Atlassian Confluence exploited in the wild since May
https://www.csoonline.com/article/3662755/zero-day-flaw-in-atlassian-confluence-exploited-in-the-wild-since-may.html#tk.rss_all
Inside the $100K+ forgery scandal that’s roiling PC game collecting
https://arstechnica.com/?p=1858275
Apple's New Feature Will Install Security Updates Automatically Without Full OS Update
https://thehackernews.com/2022/06/apples-new-feature-will-install.html
Apple will allow Linux VMs to run Intel apps with Rosetta in macOS Ventura
https://arstechnica.com/?p=1859358
Ransomware Task Force priorities see progress in first year
https://malware.news/t/ransomware-task-force-priorities-see-progress-in-first-year/60817/1
You’ll shoot your eye out: Popped champagne cork ejects CO2 at supersonic speeds
https://arstechnica.com/?p=1859317
AWS S3 Scanner: Online tool for finding misconfigurations
https://www.reddit.com/r/netsec/comments/v756tm/aws_s3_scanner_online_tool_for_finding/
DOJ, FBI shut down marketplace for stolen Social Security numbers
https://malware.news/t/doj-fbi-shut-down-marketplace-for-stolen-social-security-numbers/60821/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Vice
AI Trained on 4Chan Becomes ‘Hate Speech Machine’
After 24 hours, the nine bots running on 4chan had posted 15,000 times.
👍1
Top Security News for 09/06/2022
People’s Republic of China State-Sponsored Actors Exploit Network Providers and Devices
https://www.reddit.com/r/netsec/comments/v7simm/peoples_republic_of_china_statesponsored_actors/
DoJ shuts down dark web marketplace. Two million patients impacted in healthcare breach. Employee email compromised. Pennsylvania’s proposed incident reporting bill.
https://thecyberwire.com/podcasts/privacy-briefing/601/notes
ISC Stormcast For Thursday, June 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8042, (Thu, Jun 9th)
https://isc.sans.edu/diary/rss/28726
CISA Alert AA22-158A – People’s Republic of China state-sponsored cyber actors exploit network providers and devices.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/21/notes
MakeMoney malvertising campaign adds fake update template
https://blog.malwarebytes.com/threat-intelligence/2022/06/makemoney-malvertising-campaign-adds-fake-update-template/
Control Loop OT Cybersecurity Briefing for 06.08.22
https://thecyberwire.com/newsletters/control-loop/1/1
A detailed analysis of the new malware used by the Russian APT28/Sofacy called SkinnyBoy
https://www.reddit.com/r/Malware/comments/v7y9e8/a_detailed_analysis_of_the_new_malware_used_by/
RSA: Intel reference design to accelerate SASE, other security tasks
https://www.networkworld.com/article/3663370/rsa-intel-reference-design-to-accelerate-sase-other-security-tasks.html#tk.rss_all
Free tool to discover if your company or supply chain has employees and clients infected with info-stealing malwares
https://www.reddit.com/r/Malware/comments/v826sv/free_tool_to_discover_if_your_company_or_supply/
Confluence Webshells being dropped into the honeypot
https://www.reddit.com/r/netsec/comments/v7kls9/confluence_webshells_being_dropped_into_the/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
People’s Republic of China State-Sponsored Actors Exploit Network Providers and Devices
https://www.reddit.com/r/netsec/comments/v7simm/peoples_republic_of_china_statesponsored_actors/
DoJ shuts down dark web marketplace. Two million patients impacted in healthcare breach. Employee email compromised. Pennsylvania’s proposed incident reporting bill.
https://thecyberwire.com/podcasts/privacy-briefing/601/notes
ISC Stormcast For Thursday, June 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8042, (Thu, Jun 9th)
https://isc.sans.edu/diary/rss/28726
CISA Alert AA22-158A – People’s Republic of China state-sponsored cyber actors exploit network providers and devices.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/21/notes
MakeMoney malvertising campaign adds fake update template
https://blog.malwarebytes.com/threat-intelligence/2022/06/makemoney-malvertising-campaign-adds-fake-update-template/
Control Loop OT Cybersecurity Briefing for 06.08.22
https://thecyberwire.com/newsletters/control-loop/1/1
A detailed analysis of the new malware used by the Russian APT28/Sofacy called SkinnyBoy
https://www.reddit.com/r/Malware/comments/v7y9e8/a_detailed_analysis_of_the_new_malware_used_by/
RSA: Intel reference design to accelerate SASE, other security tasks
https://www.networkworld.com/article/3663370/rsa-intel-reference-design-to-accelerate-sase-other-security-tasks.html#tk.rss_all
Free tool to discover if your company or supply chain has employees and clients infected with info-stealing malwares
https://www.reddit.com/r/Malware/comments/v826sv/free_tool_to_discover_if_your_company_or_supply/
Confluence Webshells being dropped into the honeypot
https://www.reddit.com/r/netsec/comments/v7kls9/confluence_webshells_being_dropped_into_the/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
People’s Republic of China State-Sponsored Actors Exploit Network...
Posted in r/netsec by u/ksr_malware • 214 points and 16 comments
Top Security News for 10/06/2022
ISC Stormcast For Friday, June 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8044, (Fri, Jun 10th)
https://isc.sans.edu/diary/rss/28730
8 zero-day vulnerabilities discovered in popular industrial control system from Carrier
https://malware.news/t/8-zero-day-vulnerabilities-discovered-in-popular-industrial-control-system-from-carrier/60886/1
ASyncRat surpasses Dridex, TrickBot and Emotet to become dominant email threat
https://blog.malwarebytes.com/threat-analysis/2022/06/asyncrat-surpasses-dridex-trickbot-and-emotet-to-become-dominant-email-threat/
The tech behind the 2022 US CSO50 winners: Celebrating the CSO50 Solutions Partners
https://www.csoonline.com/article/3663670/the-tech-behind-the-2022-us-cso50-winners-celebrating-the-cso50-solutions-partners.html#tk.rss_all
IDA Plugin for loading extracted firmware images (SVD loader alternative)
https://www.reddit.com/r/netsec/comments/v8h5gp/ida_plugin_for_loading_extracted_firmware_images/
Apple’s passkeys attempt to solve the password problem
https://blog.malwarebytes.com/privacy-2/2022/06/apples-passkeys-attempt-to-solve-the-password-problem/
Snowflake offers cybersecurity data platform with security app integrations
https://www.csoonline.com/article/3663673/snowflake-offers-cybersecurity-data-platform-with-security-app-integrations.html#tk.rss_all
Network Security
https://www.bleepingcomputer.com/forums/t/773112/network-security/
New Emotet Variant Stealing Users' Credit Card Information from Google Chrome
https://thehackernews.com/2022/06/new-emotet-variant-stealing-users.html
Hackers using stealthy Linux backdoor Symbiote to steal credentials
https://www.csoonline.com/article/3663510/hackers-using-stealthy-linux-backdoor-symbiote-to-steal-credentials.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Friday, June 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8044, (Fri, Jun 10th)
https://isc.sans.edu/diary/rss/28730
8 zero-day vulnerabilities discovered in popular industrial control system from Carrier
https://malware.news/t/8-zero-day-vulnerabilities-discovered-in-popular-industrial-control-system-from-carrier/60886/1
ASyncRat surpasses Dridex, TrickBot and Emotet to become dominant email threat
https://blog.malwarebytes.com/threat-analysis/2022/06/asyncrat-surpasses-dridex-trickbot-and-emotet-to-become-dominant-email-threat/
The tech behind the 2022 US CSO50 winners: Celebrating the CSO50 Solutions Partners
https://www.csoonline.com/article/3663670/the-tech-behind-the-2022-us-cso50-winners-celebrating-the-cso50-solutions-partners.html#tk.rss_all
IDA Plugin for loading extracted firmware images (SVD loader alternative)
https://www.reddit.com/r/netsec/comments/v8h5gp/ida_plugin_for_loading_extracted_firmware_images/
Apple’s passkeys attempt to solve the password problem
https://blog.malwarebytes.com/privacy-2/2022/06/apples-passkeys-attempt-to-solve-the-password-problem/
Snowflake offers cybersecurity data platform with security app integrations
https://www.csoonline.com/article/3663673/snowflake-offers-cybersecurity-data-platform-with-security-app-integrations.html#tk.rss_all
Network Security
https://www.bleepingcomputer.com/forums/t/773112/network-security/
New Emotet Variant Stealing Users' Credit Card Information from Google Chrome
https://thehackernews.com/2022/06/new-emotet-variant-stealing-users.html
Hackers using stealthy Linux backdoor Symbiote to steal credentials
https://www.csoonline.com/article/3663510/hackers-using-stealthy-linux-backdoor-symbiote-to-steal-credentials.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Friday, June 10th, 2022 - SANS ISC
👍1
Top Security News for 11/06/2022
Dell security advisory (AV22-316)
https://malware.news/t/dell-security-advisory-av22-316/60904/1
Vice Society ransomware gang adds the Italian City of Palermo to its data leak site
https://securityaffairs.co/wordpress/132122/cyber-crime/city-of-palermo-vice-society-ransomware.html
"Unpatchable" hardware flaw. Nation-state conflict in cyberspace. Threat actor Aoqin Dragon has been operating since 2013.
https://thecyberwire.com/newsletters/daily-briefing/11/112
Threat actors exploit recently disclosed Atlassian Confluence flaw in cryptomining campaign
https://securityaffairs.co/wordpress/132140/cyber-crime/cryptomining-campaign-atlassian-confluence-flaw.html
Atlassian patches Confluence. LockBit claims (implausibly) to have hit Mandiant. Effects of ransomware on businesses.
https://thecyberwire.com/newsletters/week-that-was/6/23
Cyber Security
https://www.bleepingcomputer.com/forums/t/773134/cyber-security/
RSA – APIs, your organization’s dedicated backdoors
https://malware.news/t/rsa-apis-your-organization-s-dedicated-backdoors/60901/1
Symbiote: A New, Hard-to-Detect Linux Threat
https://www.reddit.com/r/netsec/comments/v9awqq/symbiote_a_new_hardtodetect_linux_threat/
David Ring at RSAC discussing FBI Cyber Strategy/role in the cyber ecosystem and private sector engagement.
https://thecyberwire.com/podcasts/interview-selects/114/notes
Researchers Find Bluetooth Signals Can be Fingerprinted to Track Smartphones
https://thehackernews.com/2022/06/researchers-find-bluetooth-signals-can.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Dell security advisory (AV22-316)
https://malware.news/t/dell-security-advisory-av22-316/60904/1
Vice Society ransomware gang adds the Italian City of Palermo to its data leak site
https://securityaffairs.co/wordpress/132122/cyber-crime/city-of-palermo-vice-society-ransomware.html
"Unpatchable" hardware flaw. Nation-state conflict in cyberspace. Threat actor Aoqin Dragon has been operating since 2013.
https://thecyberwire.com/newsletters/daily-briefing/11/112
Threat actors exploit recently disclosed Atlassian Confluence flaw in cryptomining campaign
https://securityaffairs.co/wordpress/132140/cyber-crime/cryptomining-campaign-atlassian-confluence-flaw.html
Atlassian patches Confluence. LockBit claims (implausibly) to have hit Mandiant. Effects of ransomware on businesses.
https://thecyberwire.com/newsletters/week-that-was/6/23
Cyber Security
https://www.bleepingcomputer.com/forums/t/773134/cyber-security/
RSA – APIs, your organization’s dedicated backdoors
https://malware.news/t/rsa-apis-your-organization-s-dedicated-backdoors/60901/1
Symbiote: A New, Hard-to-Detect Linux Threat
https://www.reddit.com/r/netsec/comments/v9awqq/symbiote_a_new_hardtodetect_linux_threat/
David Ring at RSAC discussing FBI Cyber Strategy/role in the cyber ecosystem and private sector engagement.
https://thecyberwire.com/podcasts/interview-selects/114/notes
Researchers Find Bluetooth Signals Can be Fingerprinted to Track Smartphones
https://thehackernews.com/2022/06/researchers-find-bluetooth-signals-can.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Dell security advisory (AV22-316)
Article Link: Dell security advisory (AV22-316) - Canadian Centre for Cyber Security
Top Security News for 12/06/2022
Java for pentesting,malware?
https://0x00sec.org/t/java-for-pentesting-malware/29737
FBI, DOJ say less than 25% of NetWalker ransomware victims reported incidents
https://malware.news/t/fbi-doj-say-less-than-25-of-netwalker-ransomware-victims-reported-incidents/60908/1
Weekly News Roundup — June 5 to June 11
https://malware.news/t/weekly-news-roundup-june-5-to-june-11/60909/1
A Story of a Bug Found Fuzzing
https://www.reddit.com/r/netsec/comments/v9rhxf/a_story_of_a_bug_found_fuzzing/
New developments in the WSL attack.
https://thecyberwire.com/podcasts/research-saturday/236/notes
Iran-linked Lyceum APT adds a new .NET DNS Backdoor to its arsenal
https://securityaffairs.co/wordpress/132164/apt/lyceum-apt-target-energy-dns-backdoor.html
MIT researchers find new hardware vulnerability in the Apple M1 chip
https://malware.news/t/mit-researchers-find-new-hardware-vulnerability-in-the-apple-m1-chip/60910/1
Linternals: Memory Allocators [0x01]
https://www.reddit.com/r/lowlevel/comments/v9v6p1/linternals_memory_allocators_0x01/
PACMAN, a new attack technique against Apple M1 CPUs
https://securityaffairs.co/wordpress/132154/hacking/pacman-attack-apple-m1-cpus.html
Is process hollowing an objectively inferior approach to injecting a beacon?
https://www.reddit.com/r/lowlevel/comments/v9ujdp/is_process_hollowing_an_objectively_inferior/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Java for pentesting,malware?
https://0x00sec.org/t/java-for-pentesting-malware/29737
FBI, DOJ say less than 25% of NetWalker ransomware victims reported incidents
https://malware.news/t/fbi-doj-say-less-than-25-of-netwalker-ransomware-victims-reported-incidents/60908/1
Weekly News Roundup — June 5 to June 11
https://malware.news/t/weekly-news-roundup-june-5-to-june-11/60909/1
A Story of a Bug Found Fuzzing
https://www.reddit.com/r/netsec/comments/v9rhxf/a_story_of_a_bug_found_fuzzing/
New developments in the WSL attack.
https://thecyberwire.com/podcasts/research-saturday/236/notes
Iran-linked Lyceum APT adds a new .NET DNS Backdoor to its arsenal
https://securityaffairs.co/wordpress/132164/apt/lyceum-apt-target-energy-dns-backdoor.html
MIT researchers find new hardware vulnerability in the Apple M1 chip
https://malware.news/t/mit-researchers-find-new-hardware-vulnerability-in-the-apple-m1-chip/60910/1
Linternals: Memory Allocators [0x01]
https://www.reddit.com/r/lowlevel/comments/v9v6p1/linternals_memory_allocators_0x01/
PACMAN, a new attack technique against Apple M1 CPUs
https://securityaffairs.co/wordpress/132154/hacking/pacman-attack-apple-m1-cpus.html
Is process hollowing an objectively inferior approach to injecting a beacon?
https://www.reddit.com/r/lowlevel/comments/v9ujdp/is_process_hollowing_an_objectively_inferior/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
0x00sec - The Home of the Hacker
Java for pentesting,malware?
Currently, I am using 2 other languages. Is Java good for pentesting/networking ?
Top Security News for 13/06/2022
Iranian Hackers Spotted Using a new DNS Hijacking Malware in Recent Attacks
https://thehackernews.com/2022/06/iranian-hackers-spotted-using-new-dns.html
I wrote a non technical post on my blog regarding security specialists, nihilistic behavior, and how to stay positive. Sometimes we need a reminder that, after all, things are not that bad.
https://www.reddit.com/r/netsec/comments/vap5my/i_wrote_a_non_technical_post_on_my_blog_regarding/
NGINX security: Everything you may not need to know about NGINX error logs - complete guide
https://www.reddit.com/r/netsec/comments/vaf63c/nginx_security_everything_you_may_not_need_to/
Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers
https://securityaffairs.co/wordpress/132186/cyber-crime/ransomware-gangs-cve-2022-26134-rce-atlassian-confluence.html
Found 'phone-to-name.kvcache' in Mac Recovered Files folder
https://www.reddit.com/r/Malware/comments/valixl/found_phonetonamekvcache_in_mac_recovered_files/
ISC Stormcast For Monday, June 13th, 2022 https://isc.sans.edu/podcastdetail.html?id=8046, (Mon, Jun 13th)
https://isc.sans.edu/diary/rss/28736
Quickie: Follina, RTF & Explorer Preview Pane, (Sun, Jun 12th)
https://isc.sans.edu/diary/rss/28734
Quickie: Follina, RTF & Explorer Preview Pane, (Sun, Jun 12th)
https://malware.news/t/quickie-follina-rtf-explorer-preview-pane-sun-jun-12th/60911/1
ISC StormCast for Monday, June 13th, 2022
https://isc.sans.edu/podcastdetail.html?id=8046
ISC Stormcast For Monday, June 13th, 2022 https://isc.sans.edu/podcastdetail.html?id=8046, (Mon, Jun 13th)
https://malware.news/t/isc-stormcast-for-monday-june-13th-2022-https-isc-sans-edu-podcastdetail-html-id-8046-mon-jun-13th/60912/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Iranian Hackers Spotted Using a new DNS Hijacking Malware in Recent Attacks
https://thehackernews.com/2022/06/iranian-hackers-spotted-using-new-dns.html
I wrote a non technical post on my blog regarding security specialists, nihilistic behavior, and how to stay positive. Sometimes we need a reminder that, after all, things are not that bad.
https://www.reddit.com/r/netsec/comments/vap5my/i_wrote_a_non_technical_post_on_my_blog_regarding/
NGINX security: Everything you may not need to know about NGINX error logs - complete guide
https://www.reddit.com/r/netsec/comments/vaf63c/nginx_security_everything_you_may_not_need_to/
Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers
https://securityaffairs.co/wordpress/132186/cyber-crime/ransomware-gangs-cve-2022-26134-rce-atlassian-confluence.html
Found 'phone-to-name.kvcache' in Mac Recovered Files folder
https://www.reddit.com/r/Malware/comments/valixl/found_phonetonamekvcache_in_mac_recovered_files/
ISC Stormcast For Monday, June 13th, 2022 https://isc.sans.edu/podcastdetail.html?id=8046, (Mon, Jun 13th)
https://isc.sans.edu/diary/rss/28736
Quickie: Follina, RTF & Explorer Preview Pane, (Sun, Jun 12th)
https://isc.sans.edu/diary/rss/28734
Quickie: Follina, RTF & Explorer Preview Pane, (Sun, Jun 12th)
https://malware.news/t/quickie-follina-rtf-explorer-preview-pane-sun-jun-12th/60911/1
ISC StormCast for Monday, June 13th, 2022
https://isc.sans.edu/podcastdetail.html?id=8046
ISC Stormcast For Monday, June 13th, 2022 https://isc.sans.edu/podcastdetail.html?id=8046, (Mon, Jun 13th)
https://malware.news/t/isc-stormcast-for-monday-june-13th-2022-https-isc-sans-edu-podcastdetail-html-id-8046-mon-jun-13th/60912/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
I wrote a non technical post on my blog regarding security...
Posted in r/netsec by u/last0x00 • 185 points and 28 comments
Top Security News for 14/06/2022
Using WiFi connection probe requests to track users
https://securityaffairs.co/wordpress/132193/mobile-2/wifi-probe-requests-track-users.html
ASEC Weekly Malware Statistics (May 30th, 2022 – June 5th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-may-30th-2022-june-5th-2022/60950/1
A new RAT from Beijing. Muslim hacktivism in India. Ukraine reports a GRU spam campaign against media outlets. A Moscow court fines Wikimedia. And that UK cyber disaster was just a promo.
https://thecyberwire.com/podcasts/daily-podcast/1598/notes
Say goodbye to browser ads and malware with this $30 tool
https://malware.news/t/say-goodbye-to-browser-ads-and-malware-with-this-30-tool/60948/1
Taking down the IP2Scam tech support campaign
https://blog.malwarebytes.com/threat-intelligence/2022/06/taking-down-the-ip2scam-tech-support-campaign/
9 ways hackers will use machine learning to launch attacks
https://www.csoonline.com/article/3250144/6-ways-hackers-will-use-machine-learning-to-launch-attacks.html#tk.rss_all
ISC Stormcast For Tuesday, June 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8048, (Tue, Jun 14th)
https://isc.sans.edu/diary/rss/28740
The many lives of BlackCat ransomware
https://www.reddit.com/r/netsec/comments/vbgh61/the_many_lives_of_blackcat_ransomware/
Researchers Disclose Rooting Backdoor in Mitel IP Phones for Businesses
https://thehackernews.com/2022/06/researchers-disclose-rooting-backdoor.html
Experts spotted Syslogk, a Linux rootkit under development
https://securityaffairs.co/wordpress/132232/malware/syslogk-linux-rootkit.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Using WiFi connection probe requests to track users
https://securityaffairs.co/wordpress/132193/mobile-2/wifi-probe-requests-track-users.html
ASEC Weekly Malware Statistics (May 30th, 2022 – June 5th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-may-30th-2022-june-5th-2022/60950/1
A new RAT from Beijing. Muslim hacktivism in India. Ukraine reports a GRU spam campaign against media outlets. A Moscow court fines Wikimedia. And that UK cyber disaster was just a promo.
https://thecyberwire.com/podcasts/daily-podcast/1598/notes
Say goodbye to browser ads and malware with this $30 tool
https://malware.news/t/say-goodbye-to-browser-ads-and-malware-with-this-30-tool/60948/1
Taking down the IP2Scam tech support campaign
https://blog.malwarebytes.com/threat-intelligence/2022/06/taking-down-the-ip2scam-tech-support-campaign/
9 ways hackers will use machine learning to launch attacks
https://www.csoonline.com/article/3250144/6-ways-hackers-will-use-machine-learning-to-launch-attacks.html#tk.rss_all
ISC Stormcast For Tuesday, June 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8048, (Tue, Jun 14th)
https://isc.sans.edu/diary/rss/28740
The many lives of BlackCat ransomware
https://www.reddit.com/r/netsec/comments/vbgh61/the_many_lives_of_blackcat_ransomware/
Researchers Disclose Rooting Backdoor in Mitel IP Phones for Businesses
https://thehackernews.com/2022/06/researchers-disclose-rooting-backdoor.html
Experts spotted Syslogk, a Linux rootkit under development
https://securityaffairs.co/wordpress/132232/malware/syslogk-linux-rootkit.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Using WiFi connection probe requests to track users
Researchers at the University of Hamburg demonstrated that WiFi connection probe requests expose users to track.
Top Security News for 15/06/2022
Oblivious HTTP
https://www.reddit.com/r/netsec/comments/vc9bt7/oblivious_http/
Securing the World Cup. Australia's security regulator cautions boards on cybersecurity. CISA sends FEITs to help Federal network security.
https://thecyberwire.com/newsletters/policy-briefing/4/114
Introducing Malwarebytes Vulnerability Assessment for OneView: How to check for Common Vulnerabilities and Exposures (CVEs)
https://blog.malwarebytes.com/malwarebytes-news/2022/06/introducing-malwarebytes-vulnerability-assessment-for-oneview-how-to-check-for-common-vulnerabilities-and-exposures-cves/
TPM Sniffing Attacks Against Non-Bitlocker Targets
https://www.reddit.com/r/netsec/comments/vciv14/tpm_sniffing_attacks_against_nonbitlocker_targets/
Instagram scam steals your selfies to trick your friends
https://blog.malwarebytes.com/personal/scams-personal/2022/06/instagram-scam-steals-your-selfies-to-trick-your-friends/
Karakurt extortion group: Threat profile
https://blog.malwarebytes.com/cybercrime/2022/06/karakurt-extortion-group-threat-profile/
Zimbra Email - Stealing Clear-Text Credentials via Memcache injection
https://www.reddit.com/r/netsec/comments/vc77h9/zimbra_email_stealing_cleartext_credentials_via/
Unpatched Travis CI API Bug Exposes Thousands of Secret User Access Tokens
https://thehackernews.com/2022/06/unpatched-travis-ci-api-bug-exposes.html
“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/06/multiple-adversaries-exploiting-confluence-vulnerability-warns-microsoft/
Stealthy Linux malware. Aoqin Dragon targets Southeast Asia and Australia. Iranian spearphishing campaign. BlackCat RaaS described.
https://thecyberwire.com/podcasts/research-briefing/121/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Oblivious HTTP
https://www.reddit.com/r/netsec/comments/vc9bt7/oblivious_http/
Securing the World Cup. Australia's security regulator cautions boards on cybersecurity. CISA sends FEITs to help Federal network security.
https://thecyberwire.com/newsletters/policy-briefing/4/114
Introducing Malwarebytes Vulnerability Assessment for OneView: How to check for Common Vulnerabilities and Exposures (CVEs)
https://blog.malwarebytes.com/malwarebytes-news/2022/06/introducing-malwarebytes-vulnerability-assessment-for-oneview-how-to-check-for-common-vulnerabilities-and-exposures-cves/
TPM Sniffing Attacks Against Non-Bitlocker Targets
https://www.reddit.com/r/netsec/comments/vciv14/tpm_sniffing_attacks_against_nonbitlocker_targets/
Instagram scam steals your selfies to trick your friends
https://blog.malwarebytes.com/personal/scams-personal/2022/06/instagram-scam-steals-your-selfies-to-trick-your-friends/
Karakurt extortion group: Threat profile
https://blog.malwarebytes.com/cybercrime/2022/06/karakurt-extortion-group-threat-profile/
Zimbra Email - Stealing Clear-Text Credentials via Memcache injection
https://www.reddit.com/r/netsec/comments/vc77h9/zimbra_email_stealing_cleartext_credentials_via/
Unpatched Travis CI API Bug Exposes Thousands of Secret User Access Tokens
https://thehackernews.com/2022/06/unpatched-travis-ci-api-bug-exposes.html
“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/06/multiple-adversaries-exploiting-confluence-vulnerability-warns-microsoft/
Stealthy Linux malware. Aoqin Dragon targets Southeast Asia and Australia. Iranian spearphishing campaign. BlackCat RaaS described.
https://thecyberwire.com/podcasts/research-briefing/121/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Oblivious HTTP
Posted in r/netsec by u/nangaparbat • 2 points and 0 comments
Top Security News for 16/06/2022
For one software maker, an SBOM adds value to the product
https://www.csoonline.com/article/3663468/for-one-software-maker-an-sbom-adds-value-to-the-product.html#tk.rss_all
Email platform bug allows for theft of clear-text credentials. Update on the Kaiser Permanente breach. Arizona hospital suffers ransomware attack.
https://thecyberwire.com/newsletters/privacy-briefing/4/115
Hertzbleed - a new family of side-channel attacks
https://www.reddit.com/r/lowlevel/comments/vcf9ua/hertzbleed_a_new_family_of_sidechannel_attacks/
Email compromise leads to healthcare data breach at Kaiser Permanente
https://blog.malwarebytes.com/cybercrime/2022/06/email-compromise-leads-to-healthcare-data-breach-at-kaiser-permanente/
ISC Stormcast For Thursday, June 16th, 2022 https://isc.sans.edu/podcastdetail.html?id=8052, (Thu, Jun 16th)
https://isc.sans.edu/diary/rss/28750
Let’s give a look at the Dark Web Price Index 2022
https://securityaffairs.co/wordpress/132256/deep-web/dark-web-index-2022.html
Email platform bug allows for theft of clear-text credentials. Update on the Kaiser Permanente breach. Arizona hospital suffers ransomware attack.
https://thecyberwire.com/podcasts/privacy-briefing/605/notes
Sophos uncovers how APT groups carried out highly targeted attack
https://malware.news/t/sophos-uncovers-how-apt-groups-carried-out-highly-targeted-attack/61029/1
Update now! Microsoft patches Follina, and many other security updates
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/06/update-now-microsoft-patches-follina-and-many-other-security-updates/
Quick Malware Analysis: TA578 Thread-hijacked email, Bumblebee, and Cobalt Strike pcap from 2022-06-14
https://www.reddit.com/r/netsec/comments/vcvay2/quick_malware_analysis_ta578_threadhijacked_email/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
For one software maker, an SBOM adds value to the product
https://www.csoonline.com/article/3663468/for-one-software-maker-an-sbom-adds-value-to-the-product.html#tk.rss_all
Email platform bug allows for theft of clear-text credentials. Update on the Kaiser Permanente breach. Arizona hospital suffers ransomware attack.
https://thecyberwire.com/newsletters/privacy-briefing/4/115
Hertzbleed - a new family of side-channel attacks
https://www.reddit.com/r/lowlevel/comments/vcf9ua/hertzbleed_a_new_family_of_sidechannel_attacks/
Email compromise leads to healthcare data breach at Kaiser Permanente
https://blog.malwarebytes.com/cybercrime/2022/06/email-compromise-leads-to-healthcare-data-breach-at-kaiser-permanente/
ISC Stormcast For Thursday, June 16th, 2022 https://isc.sans.edu/podcastdetail.html?id=8052, (Thu, Jun 16th)
https://isc.sans.edu/diary/rss/28750
Let’s give a look at the Dark Web Price Index 2022
https://securityaffairs.co/wordpress/132256/deep-web/dark-web-index-2022.html
Email platform bug allows for theft of clear-text credentials. Update on the Kaiser Permanente breach. Arizona hospital suffers ransomware attack.
https://thecyberwire.com/podcasts/privacy-briefing/605/notes
Sophos uncovers how APT groups carried out highly targeted attack
https://malware.news/t/sophos-uncovers-how-apt-groups-carried-out-highly-targeted-attack/61029/1
Update now! Microsoft patches Follina, and many other security updates
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/06/update-now-microsoft-patches-follina-and-many-other-security-updates/
Quick Malware Analysis: TA578 Thread-hijacked email, Bumblebee, and Cobalt Strike pcap from 2022-06-14
https://www.reddit.com/r/netsec/comments/vcvay2/quick_malware_analysis_ta578_threadhijacked_email/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO Online
For one software maker, an SBOM adds value to the product
At Instant Connect, an SBOM has become part of the product offering, says Chief Product Officer Wes Wells.
Top Security News for 17/06/2022
ISC Stormcast For Friday, June 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8054, (Fri, Jun 17th)
https://malware.news/t/isc-stormcast-for-friday-june-17th-2022-https-isc-sans-edu-podcastdetail-html-id-8054-fri-jun-17th/61068/1
The Android kernel mitigations obstacle race
https://www.reddit.com/r/netsec/comments/vdprqx/the_android_kernel_mitigations_obstacle_race/
How to see the impact installing BApps might have on Burp Suite
https://portswigger.net/blog/how-to-see-the-impact-installing-bapps-might-have-on-burp-suite
Shadow Credentials - Red Teaming Experiments
https://www.reddit.com/r/netsec/comments/vdj28x/shadow_credentials_red_teaming_experiments/
This just in: there are more than 24 billion usernames. US healthcare data breach round-up.
https://thecyberwire.com/newsletters/privacy-briefing/4/116
Interpol scores against BEC, online fraud, and money laundering. Developments in C2C markets. Versioning vulnerability. Cyber war and cyber escalation.
https://thecyberwire.com/podcasts/daily-podcast/1601/notes
fast and furious OSCP monkeys doing weird things - learn how to exploit validate suid
https://www.reddit.com/r/netsec/comments/vd9l3v/fast_and_furious_oscp_monkeys_doing_weird_things/
VED (Vault Exploit Defense): Open source implementation
https://www.reddit.com/r/netsec/comments/vdm134/ved_vault_exploit_defense_open_source/
Photos of kids taken from spyware-ridden phones found exposed on the internet
https://blog.malwarebytes.com/stalkerware/2022/06/photos-of-kids-taken-from-spyware-ridden-phones-found-exposed-on-the-internet/
Think that a Ransomware cannot target your OneDrive and Sharepoint environments? Think again!
https://www.reddit.com/r/netsec/comments/vdjaju/think_that_a_ransomware_cannot_target_your/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Friday, June 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8054, (Fri, Jun 17th)
https://malware.news/t/isc-stormcast-for-friday-june-17th-2022-https-isc-sans-edu-podcastdetail-html-id-8054-fri-jun-17th/61068/1
The Android kernel mitigations obstacle race
https://www.reddit.com/r/netsec/comments/vdprqx/the_android_kernel_mitigations_obstacle_race/
How to see the impact installing BApps might have on Burp Suite
https://portswigger.net/blog/how-to-see-the-impact-installing-bapps-might-have-on-burp-suite
Shadow Credentials - Red Teaming Experiments
https://www.reddit.com/r/netsec/comments/vdj28x/shadow_credentials_red_teaming_experiments/
This just in: there are more than 24 billion usernames. US healthcare data breach round-up.
https://thecyberwire.com/newsletters/privacy-briefing/4/116
Interpol scores against BEC, online fraud, and money laundering. Developments in C2C markets. Versioning vulnerability. Cyber war and cyber escalation.
https://thecyberwire.com/podcasts/daily-podcast/1601/notes
fast and furious OSCP monkeys doing weird things - learn how to exploit validate suid
https://www.reddit.com/r/netsec/comments/vd9l3v/fast_and_furious_oscp_monkeys_doing_weird_things/
VED (Vault Exploit Defense): Open source implementation
https://www.reddit.com/r/netsec/comments/vdm134/ved_vault_exploit_defense_open_source/
Photos of kids taken from spyware-ridden phones found exposed on the internet
https://blog.malwarebytes.com/stalkerware/2022/06/photos-of-kids-taken-from-spyware-ridden-phones-found-exposed-on-the-internet/
Think that a Ransomware cannot target your OneDrive and Sharepoint environments? Think again!
https://www.reddit.com/r/netsec/comments/vdjaju/think_that_a_ransomware_cannot_target_your/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Friday, June 17th, 2022 - SANS ISC
Top Security News for 18/06/2022
Big tech platforms sign up to the EU Commission’s new Code of Practice on Disinformation
https://www.computerworld.com/article/3664135/big-tech-platforms-sign-up-to-the-eu-commission-s-new-code-of-practice-on-disinformation.html#tk.rss_all
Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity
https://thehackernews.com/2022/06/chinese-hackers-exploited-sophos.html
Researchers Uncover 'Hermit' Android Spyware Used in Kazakhstan, Syria, and Italy
https://thehackernews.com/2022/06/researchers-uncover-hermit-android.html
Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company
https://securityaffairs.co/wordpress/132363/malware/hermit-spyware-italian-surveillance-firm.html
Analysing RTF files from SideWinder APT
https://www.reddit.com/r/netsec/comments/vdt1ia/analysing_rtf_files_from_sidewinder_apt/
Credit Rating Agency: New EU Laws Will Improve Firms’ Cyber Resilience Globally
https://malware.news/t/credit-rating-agency-new-eu-laws-will-improve-firms-cyber-resilience-globally/61091/1
BrandPost: Is Stopping a Ransomware Attack More Important than Preventing One?
https://www.csoonline.com/article/3664071/is-stopping-a-ransomware-attack-more-important-than-preventing-one.html#tk.rss_all
15 vulnerabilities discovered in Siemens industrial control management system
https://malware.news/t/15-vulnerabilities-discovered-in-siemens-industrial-control-management-system/61089/1
Chinese APT deploys new cyberespionage tool. Hacktivism roils India after politician's remarks about the Prophet. Ukraine reports a "massive" spam campaign against the country's media organizations.
https://thecyberwire.com/newsletters/week-that-was/6/24
DOJ: Russian RSOCKS botnet disrupted in international operation
https://malware.news/t/doj-russian-rsocks-botnet-disrupted-in-international-operation/61088/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Big tech platforms sign up to the EU Commission’s new Code of Practice on Disinformation
https://www.computerworld.com/article/3664135/big-tech-platforms-sign-up-to-the-eu-commission-s-new-code-of-practice-on-disinformation.html#tk.rss_all
Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity
https://thehackernews.com/2022/06/chinese-hackers-exploited-sophos.html
Researchers Uncover 'Hermit' Android Spyware Used in Kazakhstan, Syria, and Italy
https://thehackernews.com/2022/06/researchers-uncover-hermit-android.html
Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company
https://securityaffairs.co/wordpress/132363/malware/hermit-spyware-italian-surveillance-firm.html
Analysing RTF files from SideWinder APT
https://www.reddit.com/r/netsec/comments/vdt1ia/analysing_rtf_files_from_sidewinder_apt/
Credit Rating Agency: New EU Laws Will Improve Firms’ Cyber Resilience Globally
https://malware.news/t/credit-rating-agency-new-eu-laws-will-improve-firms-cyber-resilience-globally/61091/1
BrandPost: Is Stopping a Ransomware Attack More Important than Preventing One?
https://www.csoonline.com/article/3664071/is-stopping-a-ransomware-attack-more-important-than-preventing-one.html#tk.rss_all
15 vulnerabilities discovered in Siemens industrial control management system
https://malware.news/t/15-vulnerabilities-discovered-in-siemens-industrial-control-management-system/61089/1
Chinese APT deploys new cyberespionage tool. Hacktivism roils India after politician's remarks about the Prophet. Ukraine reports a "massive" spam campaign against the country's media organizations.
https://thecyberwire.com/newsletters/week-that-was/6/24
DOJ: Russian RSOCKS botnet disrupted in international operation
https://malware.news/t/doj-russian-rsocks-botnet-disrupted-in-international-operation/61088/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Computerworld
Big tech platforms sign up to the EU Commission’s new Code of Practice on Disinformation
Major technology platforms have joined 34 signatories in committing to the EU Commission’s attempts to fight online disinformation by removing financial incentives and empowering researchers and fact checkers.
Top Security News for 19/06/2022
learn ethical hacking and bug bounty with free resources and with proper Guidance...
https://www.reddit.com/r/netsec/comments/vf5lmz/learn_ethical_hacking_and_bug_bounty_with_free/
US DoJ announced to have shut down the Russian RSOCKS Botnet
https://securityaffairs.co/wordpress/132403/cyber-crime/police-dismantled-rsocks-bitnet.html
Tinder Swindlers: How scammers steal your heart, then your money
https://malware.news/t/tinder-swindlers-how-scammers-steal-your-heart-then-your-money/61096/1
k C# over C++ for malware dev
https://www.reddit.com/r/Malware/comments/vfkcx6/k_c_over_c_for_malware_dev/
suspicious e-mail
https://www.bleepingcomputer.com/forums/t/773501/suspicious-e-mail/
Dangerous Repository of DoS, Red Teaming TTPs, and ICS Exploits
https://www.reddit.com/r/netsec/comments/vf7xsn/dangerous_repository_of_dos_red_teaming_ttps_and/
Lauren Van Wazer: You have to be your own North Star. [CISSP]
https://thecyberwire.com/podcasts/career-notes/105/notes
New Tool: sortcanon.py
https://malware.news/t/new-tool-sortcanon-py/61097/1
I have created a burp suite extension which allows pentester to keep track of each APIs, write test cases for individual APIs. Lastly the extension allows to map the vulnerable apis to the list of vulnerabilities using a custom checklist.
https://www.reddit.com/r/netsec/comments/vf365f/i_have_created_a_burp_suite_extension_which/
Scheduled Scaling Up & Down Of EC2 Server
https://www.reddit.com/r/netsec/comments/vf47te/scheduled_scaling_up_down_of_ec2_server/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
learn ethical hacking and bug bounty with free resources and with proper Guidance...
https://www.reddit.com/r/netsec/comments/vf5lmz/learn_ethical_hacking_and_bug_bounty_with_free/
US DoJ announced to have shut down the Russian RSOCKS Botnet
https://securityaffairs.co/wordpress/132403/cyber-crime/police-dismantled-rsocks-bitnet.html
Tinder Swindlers: How scammers steal your heart, then your money
https://malware.news/t/tinder-swindlers-how-scammers-steal-your-heart-then-your-money/61096/1
k C# over C++ for malware dev
https://www.reddit.com/r/Malware/comments/vfkcx6/k_c_over_c_for_malware_dev/
suspicious e-mail
https://www.bleepingcomputer.com/forums/t/773501/suspicious-e-mail/
Dangerous Repository of DoS, Red Teaming TTPs, and ICS Exploits
https://www.reddit.com/r/netsec/comments/vf7xsn/dangerous_repository_of_dos_red_teaming_ttps_and/
Lauren Van Wazer: You have to be your own North Star. [CISSP]
https://thecyberwire.com/podcasts/career-notes/105/notes
New Tool: sortcanon.py
https://malware.news/t/new-tool-sortcanon-py/61097/1
I have created a burp suite extension which allows pentester to keep track of each APIs, write test cases for individual APIs. Lastly the extension allows to map the vulnerable apis to the list of vulnerabilities using a custom checklist.
https://www.reddit.com/r/netsec/comments/vf365f/i_have_created_a_burp_suite_extension_which/
Scheduled Scaling Up & Down Of EC2 Server
https://www.reddit.com/r/netsec/comments/vf47te/scheduled_scaling_up_down_of_ec2_server/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
learn ethical hacking and bug bounty with free resources and with...
Posted in r/netsec by u/rootxd3vil • 0 points and 0 comments
Top Security News for 20/06/2022
Experts warn of a new eCh0raix ransomware campaign targeting QNAP NAS
https://securityaffairs.co/wordpress/132410/cyber-crime/ech0raix-ransomware-attacks.html
Weekly News Roundup — June 12 to June 18
https://malware.news/t/weekly-news-roundup-june-12-to-june-18/61100/1
Wireshark 3.6.6 Released, (Sun, Jun 19th)
https://isc.sans.edu/diary/rss/28756
ISC Stormcast For Monday, June 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8056, (Mon, Jun 20th)
https://malware.news/t/isc-stormcast-for-monday-june-20th-2022-https-isc-sans-edu-podcastdetail-html-id-8056-mon-jun-20th/61101/1
Video: Decoding Obfuscated BASE64 Statistically, (Sun, Jun 19th)
https://isc.sans.edu/diary/rss/28762
Video: Decoding Obfuscated BASE64 Statistically, (Sun, Jun 19th)
https://malware.news/t/video-decoding-obfuscated-base64-statistically-sun-jun-19th/61099/1
New blog - NMAP and CME 101 stuff
https://www.reddit.com/r/netsec/comments/vft533/new_blog_nmap_and_cme_101_stuff/
Securing the software supply chain, with Kim Lewandowski: Lock and Code S03E13
https://blog.malwarebytes.com/podcast/2022/06/securing-the-software-supply-chain-with-kim-lewandowski-lock-and-code-s03e13/
Wireshark 3.6.6 Released, (Sun, Jun 19th)
https://malware.news/t/wireshark-3-6-6-released-sun-jun-19th/61098/1
Securing the software supply chain, with Kim Lewandowski: Lock and Code S03E13
https://malware.news/t/securing-the-software-supply-chain-with-kim-lewandowski-lock-and-code-s03e13/61102/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Experts warn of a new eCh0raix ransomware campaign targeting QNAP NAS
https://securityaffairs.co/wordpress/132410/cyber-crime/ech0raix-ransomware-attacks.html
Weekly News Roundup — June 12 to June 18
https://malware.news/t/weekly-news-roundup-june-12-to-june-18/61100/1
Wireshark 3.6.6 Released, (Sun, Jun 19th)
https://isc.sans.edu/diary/rss/28756
ISC Stormcast For Monday, June 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8056, (Mon, Jun 20th)
https://malware.news/t/isc-stormcast-for-monday-june-20th-2022-https-isc-sans-edu-podcastdetail-html-id-8056-mon-jun-20th/61101/1
Video: Decoding Obfuscated BASE64 Statistically, (Sun, Jun 19th)
https://isc.sans.edu/diary/rss/28762
Video: Decoding Obfuscated BASE64 Statistically, (Sun, Jun 19th)
https://malware.news/t/video-decoding-obfuscated-base64-statistically-sun-jun-19th/61099/1
New blog - NMAP and CME 101 stuff
https://www.reddit.com/r/netsec/comments/vft533/new_blog_nmap_and_cme_101_stuff/
Securing the software supply chain, with Kim Lewandowski: Lock and Code S03E13
https://blog.malwarebytes.com/podcast/2022/06/securing-the-software-supply-chain-with-kim-lewandowski-lock-and-code-s03e13/
Wireshark 3.6.6 Released, (Sun, Jun 19th)
https://malware.news/t/wireshark-3-6-6-released-sun-jun-19th/61098/1
Securing the software supply chain, with Kim Lewandowski: Lock and Code S03E13
https://malware.news/t/securing-the-software-supply-chain-with-kim-lewandowski-lock-and-code-s03e13/61102/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Experts warn of a new eCh0raix ransomware campaign targeting QNAP NAS - Security Affairs
Experts warn of a new ech0raix ransomware campaign targeting QNAP Network Attached Storage (NAS) devices.
Top Security News for 21/06/2022
A detailed analysis on multi-function printer vulnerability. The reason why personal informations are on internet.
https://www.reddit.com/r/Malware/comments/vh1w7l/a_detailed_analysis_on_multifunction_printer/
Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited in the Wild
https://thehackernews.com/2022/06/google-researchers-detail-5-year-old.html
‘Unpacking’ technical attribution and challenges for ensuring stability in cyberspace
https://securelist.com/unpacking-technical-attribution/106791/
Finding client-side prototype pollution with DOM Invader
https://portswigger.net/blog/finding-client-side-prototype-pollution-with-dom-invader
DDoS-for-hire service provider jailed
https://blog.malwarebytes.com/cybercrime/2022/06/ddos-for-hire-service-provider-jailed/
Who Is Legally Responsible for a Cyber Incident?
https://securityintelligence.com/articles/who-is-legally-responsible-cyber-incident/
Announcing the new Trail of Bits podcast
https://malware.news/t/announcing-the-new-trail-of-bits-podcast/61129/1
Hacking into the worldwide Jacuzzi SmartTub network
https://www.reddit.com/r/netsec/comments/vgsr81/hacking_into_the_worldwide_jacuzzi_smarttub/
Cybercriminals Use Azure Front Door in Phishing Attacks
https://securityaffairs.co/wordpress/132458/cyber-crime/azure-front-door-phishing.html
ISC Stormcast For Tuesday, June 21st, 2022 https://isc.sans.edu/podcastdetail.html?id=8058, (Tue, Jun 21st)
https://isc.sans.edu/diary/rss/28768
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
A detailed analysis on multi-function printer vulnerability. The reason why personal informations are on internet.
https://www.reddit.com/r/Malware/comments/vh1w7l/a_detailed_analysis_on_multifunction_printer/
Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited in the Wild
https://thehackernews.com/2022/06/google-researchers-detail-5-year-old.html
‘Unpacking’ technical attribution and challenges for ensuring stability in cyberspace
https://securelist.com/unpacking-technical-attribution/106791/
Finding client-side prototype pollution with DOM Invader
https://portswigger.net/blog/finding-client-side-prototype-pollution-with-dom-invader
DDoS-for-hire service provider jailed
https://blog.malwarebytes.com/cybercrime/2022/06/ddos-for-hire-service-provider-jailed/
Who Is Legally Responsible for a Cyber Incident?
https://securityintelligence.com/articles/who-is-legally-responsible-cyber-incident/
Announcing the new Trail of Bits podcast
https://malware.news/t/announcing-the-new-trail-of-bits-podcast/61129/1
Hacking into the worldwide Jacuzzi SmartTub network
https://www.reddit.com/r/netsec/comments/vgsr81/hacking_into_the_worldwide_jacuzzi_smarttub/
Cybercriminals Use Azure Front Door in Phishing Attacks
https://securityaffairs.co/wordpress/132458/cyber-crime/azure-front-door-phishing.html
ISC Stormcast For Tuesday, June 21st, 2022 https://isc.sans.edu/podcastdetail.html?id=8058, (Tue, Jun 21st)
https://isc.sans.edu/diary/rss/28768
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
A detailed analysis on multi-function printer vulnerability. The...
Posted in r/Malware by u/Late_Ice_9288 • 1 point and 0 comments