Top Security News for 06/06/2022

Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild
https://securityaffairs.co/wordpress/131942/security/atlassian-fixes-confluence-zero-day.html

ISC StormCast for Monday, June 6th, 2022
https://isc.sans.edu/podcastdetail.html?id=8036

Security Affairs newsletter Round 368 by Pierluigi Paganini
https://securityaffairs.co/wordpress/131958/breaking-news/security-affairs-newsletter-round-368-by-pierluigi-paganini.html

State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S
https://thehackernews.com/2022/06/state-backed-hackers-exploit-microsoft.html

ISC Stormcast For Monday, June 6th, 2022 https://isc.sans.edu/podcastdetail.html?id=8036, (Mon, Jun 6th)
https://isc.sans.edu/diary/rss/28716

OFFENSIVE C#
https://www.reddit.com/r/Malware/comments/v564kf/offensive_c/

Defining the intruder’s dilemma.
https://thecyberwire.com/podcasts/cyberwire-x/32/notes

Analysis Of An "ms-msdt" RTF Maldoc, (Sun, Jun 5th)
https://isc.sans.edu/diary/rss/28714

Analysis of a large brute force attack campaign against Windows Remote Desktop
https://www.reddit.com/r/netsec/comments/v58po4/analysis_of_a_large_brute_force_attack_campaign/

Making blockchain stop wasting energy by getting it to manage energy
https://arstechnica.com/?p=1858298


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 07/06/2022

Solid-state batteries for EVs move a step closer to production
https://arstechnica.com/?p=1858366

Russia seeks to hijack German telescope on its X-ray spacecraft
https://arstechnica.com/?p=1858353

Observed In The Wild: Atlassian Confluence Server CVE-2022-26134
https://www.reddit.com/r/netsec/comments/v6iia0/observed_in_the_wild_atlassian_confluence_server/

Microsoft Seizes 41 Domains Used in Spear-Phishing Attacks by Bohrium Hackers
https://thehackernews.com/2022/06/microsoft-seizes-41-domains-used-in.html

Popping Eagle: How Global Analytics Uncovered a Stealthy Threat Actor
https://www.reddit.com/r/netsec/comments/v4aspa/popping_eagle_how_global_analytics_uncovered_a/

Passwordstate - Revoked its Digicert certificate used to sign the code
https://www.reddit.com/r/netsec/comments/v5xl0o/passwordstate_revoked_its_digicert_certificate/

Ukraine's SSSCIP discusses the cyber phases of Russia's war. Atlassian patches Confluence;. State actor exploits Follina.
https://thecyberwire.com/newsletters/daily-briefing/11/108

Big Tech pulls out all the stops to halt “self-preferencing” antitrust bill
https://arstechnica.com/?p=1858462

Microsoft Autopatch is here…but can you use it?
https://blog.malwarebytes.com/business-2/2022/06/microsoft-autopatch-is-here-but-can-you-use-it/

State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S
https://thehackernews.com/2022/06/state-backed-hackers-exploit-microsoft.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 08/06/2022

AI Trained on 4Chan Becomes ‘Hate Speech Machine’
https://www.vice.com/en_us/article/7k8zwx/ai-trained-on-4chan-becomes-hate-speech-machine

Network analysis of a targeted phish that got past Defender
https://www.reddit.com/r/netsec/comments/v707vn/network_analysis_of_a_targeted_phish_that_got/

Zero-day flaw in Atlassian Confluence exploited in the wild since May
https://www.csoonline.com/article/3662755/zero-day-flaw-in-atlassian-confluence-exploited-in-the-wild-since-may.html#tk.rss_all

Inside the $100K+ forgery scandal that’s roiling PC game collecting
https://arstechnica.com/?p=1858275

Apple's New Feature Will Install Security Updates Automatically Without Full OS Update
https://thehackernews.com/2022/06/apples-new-feature-will-install.html

Apple will allow Linux VMs to run Intel apps with Rosetta in macOS Ventura
https://arstechnica.com/?p=1859358

Ransomware Task Force priorities see progress in first year
https://malware.news/t/ransomware-task-force-priorities-see-progress-in-first-year/60817/1

You’ll shoot your eye out: Popped champagne cork ejects CO2 at supersonic speeds
https://arstechnica.com/?p=1859317

AWS S3 Scanner: Online tool for finding misconfigurations
https://www.reddit.com/r/netsec/comments/v756tm/aws_s3_scanner_online_tool_for_finding/

DOJ, FBI shut down marketplace for stolen Social Security numbers
https://malware.news/t/doj-fbi-shut-down-marketplace-for-stolen-social-security-numbers/60821/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 09/06/2022

People’s Republic of China State-Sponsored Actors Exploit Network Providers and Devices
https://www.reddit.com/r/netsec/comments/v7simm/peoples_republic_of_china_statesponsored_actors/

DoJ shuts down dark web marketplace. Two million patients impacted in healthcare breach. Employee email compromised. Pennsylvania’s proposed incident reporting bill.
https://thecyberwire.com/podcasts/privacy-briefing/601/notes

ISC Stormcast For Thursday, June 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8042, (Thu, Jun 9th)
https://isc.sans.edu/diary/rss/28726

CISA Alert AA22-158A – People’s Republic of China state-sponsored cyber actors exploit network providers and devices.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/21/notes

MakeMoney malvertising campaign adds fake update template
https://blog.malwarebytes.com/threat-intelligence/2022/06/makemoney-malvertising-campaign-adds-fake-update-template/

Control Loop OT Cybersecurity Briefing for 06.08.22
https://thecyberwire.com/newsletters/control-loop/1/1

A detailed analysis of the new malware used by the Russian APT28/Sofacy called SkinnyBoy
https://www.reddit.com/r/Malware/comments/v7y9e8/a_detailed_analysis_of_the_new_malware_used_by/

RSA: Intel reference design to accelerate SASE, other security tasks
https://www.networkworld.com/article/3663370/rsa-intel-reference-design-to-accelerate-sase-other-security-tasks.html#tk.rss_all

Free tool to discover if your company or supply chain has employees and clients infected with info-stealing malwares
https://www.reddit.com/r/Malware/comments/v826sv/free_tool_to_discover_if_your_company_or_supply/

Confluence Webshells being dropped into the honeypot
https://www.reddit.com/r/netsec/comments/v7kls9/confluence_webshells_being_dropped_into_the/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 10/06/2022

ISC Stormcast For Friday, June 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=8044, (Fri, Jun 10th)
https://isc.sans.edu/diary/rss/28730

8 zero-day vulnerabilities discovered in popular industrial control system from Carrier
https://malware.news/t/8-zero-day-vulnerabilities-discovered-in-popular-industrial-control-system-from-carrier/60886/1

ASyncRat surpasses Dridex, TrickBot and Emotet to become dominant email threat
https://blog.malwarebytes.com/threat-analysis/2022/06/asyncrat-surpasses-dridex-trickbot-and-emotet-to-become-dominant-email-threat/

The tech behind the 2022 US CSO50 winners: Celebrating the CSO50 Solutions Partners
https://www.csoonline.com/article/3663670/the-tech-behind-the-2022-us-cso50-winners-celebrating-the-cso50-solutions-partners.html#tk.rss_all

IDA Plugin for loading extracted firmware images (SVD loader alternative)
https://www.reddit.com/r/netsec/comments/v8h5gp/ida_plugin_for_loading_extracted_firmware_images/

Apple’s passkeys attempt to solve the password problem
https://blog.malwarebytes.com/privacy-2/2022/06/apples-passkeys-attempt-to-solve-the-password-problem/

Snowflake offers cybersecurity data platform with security app integrations
https://www.csoonline.com/article/3663673/snowflake-offers-cybersecurity-data-platform-with-security-app-integrations.html#tk.rss_all

Network Security
https://www.bleepingcomputer.com/forums/t/773112/network-security/

New Emotet Variant Stealing Users' Credit Card Information from Google Chrome
https://thehackernews.com/2022/06/new-emotet-variant-stealing-users.html

Hackers using stealthy Linux backdoor Symbiote to steal credentials
https://www.csoonline.com/article/3663510/hackers-using-stealthy-linux-backdoor-symbiote-to-steal-credentials.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 11/06/2022

Dell security advisory (AV22-316)
https://malware.news/t/dell-security-advisory-av22-316/60904/1

Vice Society ransomware gang adds the Italian City of Palermo to its data leak site
https://securityaffairs.co/wordpress/132122/cyber-crime/city-of-palermo-vice-society-ransomware.html

"Unpatchable" hardware flaw. Nation-state conflict in cyberspace. Threat actor Aoqin Dragon has been operating since 2013.
https://thecyberwire.com/newsletters/daily-briefing/11/112

Threat actors exploit recently disclosed Atlassian Confluence flaw in cryptomining campaign
https://securityaffairs.co/wordpress/132140/cyber-crime/cryptomining-campaign-atlassian-confluence-flaw.html

Atlassian patches Confluence. LockBit claims (implausibly) to have hit Mandiant. Effects of ransomware on businesses.
https://thecyberwire.com/newsletters/week-that-was/6/23

Cyber Security
https://www.bleepingcomputer.com/forums/t/773134/cyber-security/

RSA – APIs, your organization’s dedicated backdoors
https://malware.news/t/rsa-apis-your-organization-s-dedicated-backdoors/60901/1

Symbiote: A New, Hard-to-Detect Linux Threat
https://www.reddit.com/r/netsec/comments/v9awqq/symbiote_a_new_hardtodetect_linux_threat/

David Ring at RSAC discussing FBI Cyber Strategy/role in the cyber ecosystem and private sector engagement.
https://thecyberwire.com/podcasts/interview-selects/114/notes

Researchers Find Bluetooth Signals Can be Fingerprinted to Track Smartphones
https://thehackernews.com/2022/06/researchers-find-bluetooth-signals-can.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 12/06/2022

Java for pentesting,malware?
https://0x00sec.org/t/java-for-pentesting-malware/29737

FBI, DOJ say less than 25% of NetWalker ransomware victims reported incidents
https://malware.news/t/fbi-doj-say-less-than-25-of-netwalker-ransomware-victims-reported-incidents/60908/1

Weekly News Roundup — June 5 to June 11
https://malware.news/t/weekly-news-roundup-june-5-to-june-11/60909/1

A Story of a Bug Found Fuzzing
https://www.reddit.com/r/netsec/comments/v9rhxf/a_story_of_a_bug_found_fuzzing/

New developments in the WSL attack.
https://thecyberwire.com/podcasts/research-saturday/236/notes

Iran-linked Lyceum APT adds a new .NET DNS Backdoor to its arsenal
https://securityaffairs.co/wordpress/132164/apt/lyceum-apt-target-energy-dns-backdoor.html

MIT researchers find new hardware vulnerability in the Apple M1 chip
https://malware.news/t/mit-researchers-find-new-hardware-vulnerability-in-the-apple-m1-chip/60910/1

Linternals: Memory Allocators [0x01]
https://www.reddit.com/r/lowlevel/comments/v9v6p1/linternals_memory_allocators_0x01/

PACMAN, a new attack technique against Apple M1 CPUs
https://securityaffairs.co/wordpress/132154/hacking/pacman-attack-apple-m1-cpus.html

Is process hollowing an objectively inferior approach to injecting a beacon?
https://www.reddit.com/r/lowlevel/comments/v9ujdp/is_process_hollowing_an_objectively_inferior/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 13/06/2022

Iranian Hackers Spotted Using a new DNS Hijacking Malware in Recent Attacks
https://thehackernews.com/2022/06/iranian-hackers-spotted-using-new-dns.html

I wrote a non technical post on my blog regarding security specialists, nihilistic behavior, and how to stay positive. Sometimes we need a reminder that, after all, things are not that bad.
https://www.reddit.com/r/netsec/comments/vap5my/i_wrote_a_non_technical_post_on_my_blog_regarding/

NGINX security: Everything you may not need to know about NGINX error logs - complete guide
https://www.reddit.com/r/netsec/comments/vaf63c/nginx_security_everything_you_may_not_need_to/

Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers
https://securityaffairs.co/wordpress/132186/cyber-crime/ransomware-gangs-cve-2022-26134-rce-atlassian-confluence.html

Found 'phone-to-name.kvcache' in Mac Recovered Files folder
https://www.reddit.com/r/Malware/comments/valixl/found_phonetonamekvcache_in_mac_recovered_files/

ISC Stormcast For Monday, June 13th, 2022 https://isc.sans.edu/podcastdetail.html?id=8046, (Mon, Jun 13th)
https://isc.sans.edu/diary/rss/28736

Quickie: Follina, RTF & Explorer Preview Pane, (Sun, Jun 12th)
https://isc.sans.edu/diary/rss/28734

Quickie: Follina, RTF & Explorer Preview Pane, (Sun, Jun 12th)
https://malware.news/t/quickie-follina-rtf-explorer-preview-pane-sun-jun-12th/60911/1

ISC StormCast for Monday, June 13th, 2022
https://isc.sans.edu/podcastdetail.html?id=8046

ISC Stormcast For Monday, June 13th, 2022 https://isc.sans.edu/podcastdetail.html?id=8046, (Mon, Jun 13th)
https://malware.news/t/isc-stormcast-for-monday-june-13th-2022-https-isc-sans-edu-podcastdetail-html-id-8046-mon-jun-13th/60912/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 14/06/2022

Using WiFi connection probe requests to track users
https://securityaffairs.co/wordpress/132193/mobile-2/wifi-probe-requests-track-users.html

ASEC Weekly Malware Statistics (May 30th, 2022 – June 5th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-may-30th-2022-june-5th-2022/60950/1

A new RAT from Beijing. Muslim hacktivism in India. Ukraine reports a GRU spam campaign against media outlets. A Moscow court fines Wikimedia. And that UK cyber disaster was just a promo.
https://thecyberwire.com/podcasts/daily-podcast/1598/notes

Say goodbye to browser ads and malware with this $30 tool
https://malware.news/t/say-goodbye-to-browser-ads-and-malware-with-this-30-tool/60948/1

Taking down the IP2Scam tech support campaign
https://blog.malwarebytes.com/threat-intelligence/2022/06/taking-down-the-ip2scam-tech-support-campaign/

9 ways hackers will use machine learning to launch attacks
https://www.csoonline.com/article/3250144/6-ways-hackers-will-use-machine-learning-to-launch-attacks.html#tk.rss_all

ISC Stormcast For Tuesday, June 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8048, (Tue, Jun 14th)
https://isc.sans.edu/diary/rss/28740

The many lives of BlackCat ransomware
https://www.reddit.com/r/netsec/comments/vbgh61/the_many_lives_of_blackcat_ransomware/

Researchers Disclose Rooting Backdoor in Mitel IP Phones for Businesses
https://thehackernews.com/2022/06/researchers-disclose-rooting-backdoor.html

Experts spotted Syslogk, a Linux rootkit under development
https://securityaffairs.co/wordpress/132232/malware/syslogk-linux-rootkit.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 15/06/2022

Oblivious HTTP
https://www.reddit.com/r/netsec/comments/vc9bt7/oblivious_http/

Securing the World Cup. Australia's security regulator cautions boards on cybersecurity. CISA sends FEITs to help Federal network security.
https://thecyberwire.com/newsletters/policy-briefing/4/114

Introducing Malwarebytes Vulnerability Assessment for OneView: How to check for Common Vulnerabilities and Exposures (CVEs)
https://blog.malwarebytes.com/malwarebytes-news/2022/06/introducing-malwarebytes-vulnerability-assessment-for-oneview-how-to-check-for-common-vulnerabilities-and-exposures-cves/

TPM Sniffing Attacks Against Non-Bitlocker Targets
https://www.reddit.com/r/netsec/comments/vciv14/tpm_sniffing_attacks_against_nonbitlocker_targets/

Instagram scam steals your selfies to trick your friends
https://blog.malwarebytes.com/personal/scams-personal/2022/06/instagram-scam-steals-your-selfies-to-trick-your-friends/

Karakurt extortion group: Threat profile
https://blog.malwarebytes.com/cybercrime/2022/06/karakurt-extortion-group-threat-profile/

Zimbra Email - Stealing Clear-Text Credentials via Memcache injection
https://www.reddit.com/r/netsec/comments/vc77h9/zimbra_email_stealing_cleartext_credentials_via/

Unpatched Travis CI API Bug Exposes Thousands of Secret User Access Tokens
https://thehackernews.com/2022/06/unpatched-travis-ci-api-bug-exposes.html

“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/06/multiple-adversaries-exploiting-confluence-vulnerability-warns-microsoft/

Stealthy Linux malware. Aoqin Dragon targets Southeast Asia and Australia. Iranian spearphishing campaign. BlackCat RaaS described.
https://thecyberwire.com/podcasts/research-briefing/121/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 16/06/2022

For one software maker, an SBOM adds value to the product
https://www.csoonline.com/article/3663468/for-one-software-maker-an-sbom-adds-value-to-the-product.html#tk.rss_all

Email platform bug allows for theft of clear-text credentials. Update on the Kaiser Permanente breach. Arizona hospital suffers ransomware attack.
https://thecyberwire.com/newsletters/privacy-briefing/4/115

Hertzbleed - a new family of side-channel attacks
https://www.reddit.com/r/lowlevel/comments/vcf9ua/hertzbleed_a_new_family_of_sidechannel_attacks/

Email compromise leads to healthcare data breach at Kaiser Permanente
https://blog.malwarebytes.com/cybercrime/2022/06/email-compromise-leads-to-healthcare-data-breach-at-kaiser-permanente/

ISC Stormcast For Thursday, June 16th, 2022 https://isc.sans.edu/podcastdetail.html?id=8052, (Thu, Jun 16th)
https://isc.sans.edu/diary/rss/28750

Let’s give a look at the Dark Web Price Index 2022
https://securityaffairs.co/wordpress/132256/deep-web/dark-web-index-2022.html

Email platform bug allows for theft of clear-text credentials. Update on the Kaiser Permanente breach. Arizona hospital suffers ransomware attack.
https://thecyberwire.com/podcasts/privacy-briefing/605/notes

Sophos uncovers how APT groups carried out highly targeted attack
https://malware.news/t/sophos-uncovers-how-apt-groups-carried-out-highly-targeted-attack/61029/1

Update now!  Microsoft patches Follina, and many other security updates
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/06/update-now-microsoft-patches-follina-and-many-other-security-updates/

Quick Malware Analysis: TA578 Thread-hijacked email, Bumblebee, and Cobalt Strike pcap from 2022-06-14
https://www.reddit.com/r/netsec/comments/vcvay2/quick_malware_analysis_ta578_threadhijacked_email/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 17/06/2022

ISC Stormcast For Friday, June 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8054, (Fri, Jun 17th)
https://malware.news/t/isc-stormcast-for-friday-june-17th-2022-https-isc-sans-edu-podcastdetail-html-id-8054-fri-jun-17th/61068/1

The Android kernel mitigations obstacle race
https://www.reddit.com/r/netsec/comments/vdprqx/the_android_kernel_mitigations_obstacle_race/

How to see the impact installing BApps might have on Burp Suite
https://portswigger.net/blog/how-to-see-the-impact-installing-bapps-might-have-on-burp-suite

Shadow Credentials - Red Teaming Experiments
https://www.reddit.com/r/netsec/comments/vdj28x/shadow_credentials_red_teaming_experiments/

This just in: there are more than 24 billion usernames. US healthcare data breach round-up.
https://thecyberwire.com/newsletters/privacy-briefing/4/116

Interpol scores against BEC, online fraud, and money laundering. Developments in C2C markets. Versioning vulnerability. Cyber war and cyber escalation.
https://thecyberwire.com/podcasts/daily-podcast/1601/notes

fast and furious OSCP monkeys doing weird things - learn how to exploit validate suid
https://www.reddit.com/r/netsec/comments/vd9l3v/fast_and_furious_oscp_monkeys_doing_weird_things/

VED (Vault Exploit Defense): Open source implementation
https://www.reddit.com/r/netsec/comments/vdm134/ved_vault_exploit_defense_open_source/

Photos of kids taken from spyware-ridden phones found exposed on the internet
https://blog.malwarebytes.com/stalkerware/2022/06/photos-of-kids-taken-from-spyware-ridden-phones-found-exposed-on-the-internet/

Think that a Ransomware cannot target your OneDrive and Sharepoint environments? Think again!
https://www.reddit.com/r/netsec/comments/vdjaju/think_that_a_ransomware_cannot_target_your/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 18/06/2022

Big tech platforms sign up to the EU Commission’s new Code of Practice on Disinformation
https://www.computerworld.com/article/3664135/big-tech-platforms-sign-up-to-the-eu-commission-s-new-code-of-practice-on-disinformation.html#tk.rss_all

Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity
https://thehackernews.com/2022/06/chinese-hackers-exploited-sophos.html

Researchers Uncover 'Hermit' Android Spyware Used in Kazakhstan, Syria, and Italy
https://thehackernews.com/2022/06/researchers-uncover-hermit-android.html

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company
https://securityaffairs.co/wordpress/132363/malware/hermit-spyware-italian-surveillance-firm.html

Analysing RTF files from SideWinder APT
https://www.reddit.com/r/netsec/comments/vdt1ia/analysing_rtf_files_from_sidewinder_apt/

Credit Rating Agency: New EU Laws Will Improve Firms’ Cyber Resilience Globally
https://malware.news/t/credit-rating-agency-new-eu-laws-will-improve-firms-cyber-resilience-globally/61091/1

BrandPost: Is Stopping a Ransomware Attack More Important than Preventing One?
https://www.csoonline.com/article/3664071/is-stopping-a-ransomware-attack-more-important-than-preventing-one.html#tk.rss_all

15 vulnerabilities discovered in Siemens industrial control management system
https://malware.news/t/15-vulnerabilities-discovered-in-siemens-industrial-control-management-system/61089/1

Chinese APT deploys new cyberespionage tool. Hacktivism roils India after politician's remarks about the Prophet. Ukraine reports a "massive" spam campaign against the country's media organizations.
https://thecyberwire.com/newsletters/week-that-was/6/24

DOJ: Russian RSOCKS botnet disrupted in international operation
https://malware.news/t/doj-russian-rsocks-botnet-disrupted-in-international-operation/61088/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 19/06/2022

learn ethical hacking and bug bounty with free resources and with proper Guidance...
https://www.reddit.com/r/netsec/comments/vf5lmz/learn_ethical_hacking_and_bug_bounty_with_free/

US DoJ announced to have shut down the Russian RSOCKS Botnet
https://securityaffairs.co/wordpress/132403/cyber-crime/police-dismantled-rsocks-bitnet.html

Tinder Swindlers: How scammers steal your heart, then your money
https://malware.news/t/tinder-swindlers-how-scammers-steal-your-heart-then-your-money/61096/1

k C# over C++ for malware dev
https://www.reddit.com/r/Malware/comments/vfkcx6/k_c_over_c_for_malware_dev/

suspicious e-mail
https://www.bleepingcomputer.com/forums/t/773501/suspicious-e-mail/

Dangerous Repository of DoS, Red Teaming TTPs, and ICS Exploits
https://www.reddit.com/r/netsec/comments/vf7xsn/dangerous_repository_of_dos_red_teaming_ttps_and/

Lauren Van Wazer: You have to be your own North Star. [CISSP]
https://thecyberwire.com/podcasts/career-notes/105/notes

New Tool: sortcanon.py
https://malware.news/t/new-tool-sortcanon-py/61097/1

I have created a burp suite extension which allows pentester to keep track of each APIs, write test cases for individual APIs. Lastly the extension allows to map the vulnerable apis to the list of vulnerabilities using a custom checklist.
https://www.reddit.com/r/netsec/comments/vf365f/i_have_created_a_burp_suite_extension_which/

Scheduled Scaling Up & Down Of EC2 Server
https://www.reddit.com/r/netsec/comments/vf47te/scheduled_scaling_up_down_of_ec2_server/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 20/06/2022

Experts warn of a new eCh0raix ransomware campaign targeting QNAP NAS
https://securityaffairs.co/wordpress/132410/cyber-crime/ech0raix-ransomware-attacks.html

Weekly News Roundup — June 12 to June 18
https://malware.news/t/weekly-news-roundup-june-12-to-june-18/61100/1

Wireshark 3.6.6 Released, (Sun, Jun 19th)
https://isc.sans.edu/diary/rss/28756

ISC Stormcast For Monday, June 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8056, (Mon, Jun 20th)
https://malware.news/t/isc-stormcast-for-monday-june-20th-2022-https-isc-sans-edu-podcastdetail-html-id-8056-mon-jun-20th/61101/1

Video: Decoding Obfuscated BASE64 Statistically, (Sun, Jun 19th)
https://isc.sans.edu/diary/rss/28762

Video: Decoding Obfuscated BASE64 Statistically, (Sun, Jun 19th)
https://malware.news/t/video-decoding-obfuscated-base64-statistically-sun-jun-19th/61099/1

New blog - NMAP and CME 101 stuff
https://www.reddit.com/r/netsec/comments/vft533/new_blog_nmap_and_cme_101_stuff/

Securing the software supply chain, with Kim Lewandowski: Lock and Code S03E13
https://blog.malwarebytes.com/podcast/2022/06/securing-the-software-supply-chain-with-kim-lewandowski-lock-and-code-s03e13/

Wireshark 3.6.6 Released, (Sun, Jun 19th)
https://malware.news/t/wireshark-3-6-6-released-sun-jun-19th/61098/1

Securing the software supply chain, with Kim Lewandowski: Lock and Code S03E13
https://malware.news/t/securing-the-software-supply-chain-with-kim-lewandowski-lock-and-code-s03e13/61102/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 21/06/2022

A detailed analysis on multi-function printer vulnerability. The reason why personal informations are on internet.
https://www.reddit.com/r/Malware/comments/vh1w7l/a_detailed_analysis_on_multifunction_printer/

Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited in the Wild
https://thehackernews.com/2022/06/google-researchers-detail-5-year-old.html

‘Unpacking’ technical attribution and challenges for ensuring stability in cyberspace
https://securelist.com/unpacking-technical-attribution/106791/

Finding client-side prototype pollution with DOM Invader
https://portswigger.net/blog/finding-client-side-prototype-pollution-with-dom-invader

DDoS-for-hire service provider jailed
https://blog.malwarebytes.com/cybercrime/2022/06/ddos-for-hire-service-provider-jailed/

Who Is Legally Responsible for a Cyber Incident?
https://securityintelligence.com/articles/who-is-legally-responsible-cyber-incident/

Announcing the new Trail of Bits podcast
https://malware.news/t/announcing-the-new-trail-of-bits-podcast/61129/1

Hacking into the worldwide Jacuzzi SmartTub network
https://www.reddit.com/r/netsec/comments/vgsr81/hacking_into_the_worldwide_jacuzzi_smarttub/

Cybercriminals Use Azure Front Door in Phishing Attacks
https://securityaffairs.co/wordpress/132458/cyber-crime/azure-front-door-phishing.html

ISC Stormcast For Tuesday, June 21st, 2022 https://isc.sans.edu/podcastdetail.html?id=8058, (Tue, Jun 21st)
https://isc.sans.edu/diary/rss/28768


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 22/06/2022

Mitigate Ransomware in a Remote-First World
https://thehackernews.com/2022/06/mitigate-ransomware-in-remote-first.html

Looking to develop virus removal skills
https://www.bleepingcomputer.com/forums/t/773612/looking-to-develop-virus-removal-skills/

ISC Stormcast For Wednesday, June 22nd, 2022 https://isc.sans.edu/podcastdetail.html?id=8060, (Wed, Jun 22nd)
https://isc.sans.edu/diary/rss/28774

BrandPost: The 3 Requirements of a Multi-Cloud IT Infrastructure
https://www.csoonline.com/article/3664419/the-3-requirements-of-a-multi-cloud-it-infrastructure.html#tk.rss_all

Researcher Hacks Into Backend for Network of Smart Jacuzzis
https://www.vice.com/en_us/article/88q9b5/researcher-hacks-into-backend-for-network-of-smart-jacuzzis

RIG Exploit Kit Now Infects Victims' PCs With Dridex Instead of Raccoon Stealer
https://thehackernews.com/2022/06/rig-exploit-kit-now-infects-victims-pcs.html

Security vulnerabilities: 5 times that organizations got hacked
https://blog.malwarebytes.com/business-2/2022/06/security-vulnerabilities-5-times-that-organizations-got-hacked/

CISA Plans to Hire Chief People Officer to Boost Cyber Workforce
https://malware.news/t/cisa-plans-to-hire-chief-people-officer-to-boost-cyber-workforce/61175/1

Cato Networks offers new capability for network-based ransomware protection
https://www.csoonline.com/article/3664121/cato-networks-offers-new-capability-for-network-based-ransomware-protection.html#tk.rss_all

Container escapes: Detecting abuses of Linux capabilities with Falco + Intro to CAP_SYS_ADMIN
https://www.reddit.com/r/netsec/comments/vhghx5/container_escapes_detecting_abuses_of_linux/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 23/06/2022

Critical PHP Vulnerability Exposes QNAP NAS Devices to Remote Attacks
https://thehackernews.com/2022/06/critical-php-vulnerability-exposes-qnap.html

DigiCert acquires DNS Made Easy and affiliated brands. Air Force Research Laboratory awards $950 million contract to five small businesses. SentinelOne opens office in India.
https://thecyberwire.com/newsletters/business-briefing/4/25

7-Zip gets Mark of the Web feature, increases protection for users
https://blog.malwarebytes.com/privacy-2/2022/06/7-zip-gets-mark-of-the-web-feature-increases-protection-for-users/

CISA experts propose ‘311’ cybersecurity emergency call line for small businesses
https://malware.news/t/cisa-experts-propose-311-cybersecurity-emergency-call-line-for-small-businesses/61209/1

[SANS ISC] Malicious PowerShell Targeting Cryptocurrency Browser Extensions
https://blog.rootshell.be/2022/06/22/sans-isc-malicious-powershell-targeting-cryptocurrency-browser-extensions/

House appropriators approve Pentagon’s $11.2 billion ask for cyber
https://malware.news/t/house-appropriators-approve-pentagon-s-11-2-billion-ask-for-cyber/61208/1

Dozens of insecure-by-design flaws found in OT products
https://www.csoonline.com/article/3664848/dozens-of-insecure-by-design-flaws-found-in-ot-products.html#tk.rss_all

US, UK, New Zealand argue against disabling PowerShell
https://malware.news/t/us-uk-new-zealand-argue-against-disabling-powershell/61207/1

2022-06-21 - aa distribution Qakbot with DarkVNC and Cobalt Strike
https://malware.news/t/2022-06-21-aa-distribution-qakbot-with-darkvnc-and-cobalt-strike/61210/1

Russian Hackers Exploiting Microsoft Follina Vulnerability Against Ukraine
https://thehackernews.com/2022/06/russian-hackers-exploiting-microsoft.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 25/06/2022

Auto Transport Companies, Best Car Shipping Company, Chicago car transport
https://www.bleepingcomputer.com/forums/t/773817/auto-transport-companies-best-car-shipping-company-chicago-car-transport/

Cybersecurity agencies: You don’t have to delete PowerShell to secure it
https://blog.malwarebytes.com/security-world/2022/06/cybersecurity-agencies-you-dont-have-to-delete-powershell-to-secure-it/

Hermit warning. Ransomware as misdirection. Cyber phases of a hybrid war. CISA's tabletop exercises. ICS advisories.
https://thecyberwire.com/newsletters/daily-briefing/11/121

American Data Privacy and Protection Act. US President signs three cybersecurity bills. US senator tasks Cybercom with election security reporting. US Navy sets its sights on cybersecurity.
https://thecyberwire.com/newsletters/policy-briefing/4/121

Ransomware groups targeting Mitel VoIP zero-day
https://malware.news/t/ransomware-groups-targeting-mitel-voip-zero-day/61274/1

Beijing-Backed Attackers Use Ransomware As Decoy While They Conduct Espionage
https://packetstormsecurity.com/news/view/33576/Beijing-Backed-Attackers-Use-Ransomware-As-Decoy-While-They-Conduct-Espionage.html

Decompile Malware EXE
https://www.bleepingcomputer.com/forums/t/773792/decompile-malware-exe/

Mitek launches MiVIP platform to fight identity theft
https://www.csoonline.com/article/3665133/mitek-launches-mivip-platform-to-fight-identity-theft.html#tk.rss_all

Google Warns Spyware Being Deployed Against Android, iOS
https://packetstormsecurity.com/news/view/33575/Google-Warns-Spyware-Being-Deployed-Against-Android-iOS.html

Hacker selling access to 50 vulnerable networks through Atlassian vulnerability
https://malware.news/t/hacker-selling-access-to-50-vulnerable-networks-through-atlassian-vulnerability/61275/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 26/06/2022

Duoli̇ngo plus apk
https://0x00sec.org/t/duoli-ngo-plus-apk/29933

Learn NIST Inside Out With 21 Hours of Training @ 86% OFF
https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html

5 ways to avoid being catfished
https://blog.malwarebytes.com/personal/2022/06/5-ways-to-avoid-being-catfished/

Setting up Whonix Gateway in VMWare Workstation
https://malware.news/t/setting-up-whonix-gateway-in-vmware-workstation/61279/1

Oracle spent 6 months to fix ‘Mega’ flaws in the Fusion Middleware
https://securityaffairs.co/wordpress/132603/breaking-news/oracle-mega-flaw-cve-202221445.html

Malicious Code Passed to PowerShell via the Clipboard, (Sat, Jun 25th)
https://malware.news/t/malicious-code-passed-to-powershell-via-the-clipboard-sat-jun-25th/61280/1

Cyberattack suspected of causing rocket-attack false alarms in Israel. Risk surface assessments. Fitness app's geolocation feature may be a privacy and security risk.
https://thecyberwire.com/newsletters/week-that-was/6/25

Rules of Thumb War 101- ism's+hacks+cheets, cheats
https://www.bleepingcomputer.com/forums/t/773838/rules-of-thumb-war-101-ismshackscheets-cheats/

Apple Pegasus ransomware attack is giving people the option to freely remove their data from the leak
https://www.reddit.com/r/Malware/comments/vkiox1/apple_pegasus_ransomware_attack_is_giving_people/

Basic WebAssembly buffer overflow exploitation
https://www.reddit.com/r/netsec/comments/vkn5mn/basic_webassembly_buffer_overflow_exploitation/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 27/06/2022

ISC StormCast for Monday, June 27th, 2022
https://isc.sans.edu/podcastdetail.html?id=8064

My Paste Command, (Sun, Jun 26th)
https://isc.sans.edu/diary/rss/28786

What’s happening in Ukraine on the Internet? – Data from Shodan Trends
https://malware.news/t/what-s-happening-in-ukraine-on-the-internet-data-from-shodan-trends/61289/1

ISC Stormcast For Monday, June 27th, 2022 https://isc.sans.edu/podcastdetail.html?id=8064, (Mon, Jun 27th)
https://malware.news/t/isc-stormcast-for-monday-june-27th-2022-https-isc-sans-edu-podcastdetail-html-id-8064-mon-jun-27th/61288/1

ISC Stormcast For Monday, June 27th, 2022 https://isc.sans.edu/podcastdetail.html?id=8064, (Mon, Jun 27th)
https://isc.sans.edu/diary/rss/28790

Quickpost: Cracking PDF Owner Passwords
https://malware.news/t/quickpost-cracking-pdf-owner-passwords/61287/1

China-linked APT Bronze Starlight deploys ransomware as a smokescreen
https://securityaffairs.co/wordpress/132624/apt/bronze-starlight-deploy-ransomware.html

CxO professional development.
https://thecyberwire.com/podcasts/cso-perspectives-public/50/notes

linx - Reveals invisible links within JavaScript files
https://www.reddit.com/r/netsec/comments/vlgei9/linx_reveals_invisible_links_within_javascript/

More Decoding Analysis, (Sun, Jun 26th)
https://malware.news/t/more-decoding-analysis-sun-jun-26th/61283/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman