Top Security News for 25/10/2023
CVE-2023-33466 - Exploiting Healthcare Servers with Polyglot Files
https://www.reddit.com/r/netsec/comments/17f9yci/cve202333466_exploiting_healthcare_servers_with/
[Crypto] Why authenticated encryption and MAC is so important
https://www.reddit.com/r/netsec/comments/17fg28x/crypto_why_authenticated_encryption_and_mac_is_so/
Ex-NSA Employee Pleads Guilty to Leaking Classified Data to Russia
https://thehackernews.com/2023/10/ex-nsa-employee-pleads-guilty-to.html
AI vs. human deceit: Unravelling the new age of phishing tactics
https://securityintelligence.com/posts/ai-vs-human-deceit-unravelling-new-age-phishing-tactics/
ISC StormCast for Wednesday, October 25th, 2023
https://isc.sans.edu/podcastdetail/8716
Make API Management Less Scary for Your Organization
https://thehackernews.com/2023/10/make-api-management-less-scary-for-your.html
Two new things to worry about: how long it takes to read the fine print, and bed bug disinformation.
https://thecyberwire.com/podcasts/daily-podcast/1933/notes
Google Chrome wants to hide your IP address
https://www.malwarebytes.com/blog/news/2023/10/google-wants-to-introduce-ip-protection-feature-for-chrome
Amazon adds passkeys so you can sign in without a pesky password
https://malware.news/t/amazon-adds-passkeys-so-you-can-sign-in-without-a-pesky-password/74898#post_1
Now Android and Windows devices aren't safe from Flipper Zero either
https://malware.news/t/now-android-and-windows-devices-arent-safe-from-flipper-zero-either/74897#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CVE-2023-33466 - Exploiting Healthcare Servers with Polyglot Files
https://www.reddit.com/r/netsec/comments/17f9yci/cve202333466_exploiting_healthcare_servers_with/
[Crypto] Why authenticated encryption and MAC is so important
https://www.reddit.com/r/netsec/comments/17fg28x/crypto_why_authenticated_encryption_and_mac_is_so/
Ex-NSA Employee Pleads Guilty to Leaking Classified Data to Russia
https://thehackernews.com/2023/10/ex-nsa-employee-pleads-guilty-to.html
AI vs. human deceit: Unravelling the new age of phishing tactics
https://securityintelligence.com/posts/ai-vs-human-deceit-unravelling-new-age-phishing-tactics/
ISC StormCast for Wednesday, October 25th, 2023
https://isc.sans.edu/podcastdetail/8716
Make API Management Less Scary for Your Organization
https://thehackernews.com/2023/10/make-api-management-less-scary-for-your.html
Two new things to worry about: how long it takes to read the fine print, and bed bug disinformation.
https://thecyberwire.com/podcasts/daily-podcast/1933/notes
Google Chrome wants to hide your IP address
https://www.malwarebytes.com/blog/news/2023/10/google-wants-to-introduce-ip-protection-feature-for-chrome
Amazon adds passkeys so you can sign in without a pesky password
https://malware.news/t/amazon-adds-passkeys-so-you-can-sign-in-without-a-pesky-password/74898#post_1
Now Android and Windows devices aren't safe from Flipper Zero either
https://malware.news/t/now-android-and-windows-devices-arent-safe-from-flipper-zero-either/74897#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: CVE-2023-33466 - Exploiting Healthcare Servers with Polyglot Files
Explore this post and more from the netsec community
Top Security News for 26/10/2023
dup()'s shared file IO offset is a necessary part of Unix
https://www.reddit.com/r/lowlevel/comments/17g4ucp/dups_shared_file_io_offset_is_a_necessary_part_of/
StripedFly: Perennially flying under the radar
https://malware.news/t/stripedfly-perennially-flying-under-the-radar/74952#post_1
Unveil Data Security Paradoxes
https://thecyberwire.com/podcasts/uncovering-hidden-risks/13/notes
Expanding audit logging and retention within Microsoft Purview for increased security visibility
https://www.microsoft.com/en-us/security/blog/2023/10/18/expanding-audit-logging-and-retention-within-microsoft-purview-for-increased-security-visibility/
RTX (formerly known as Raytheon) is selling its cybersecurity business. Accenture acquires MNEMO Mexico. CISO challenges, across sectors.
https://thecyberwire.com/newsletters/business-briefing/5/43
Privacy landscapes for children.
https://thecyberwire.com/podcasts/caveat/192/notes
Perfect DLL Hijacking
https://www.reddit.com/r/Malware/comments/17go4v5/perfect_dll_hijacking/
Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction
https://www.reddit.com/r/netsec/comments/17g98dn/octo_tempest_crosses_boundaries_to_facilitate/
N2K Cyber and Microsoft expand collaboration with the launch of The Microsoft Threat Intelligence Podcast.
https://thecyberwire.com/stories/e29c68e1cd9a4660a0a65da33e95393a/n2k-cyber-and-microsoft-expand-collaboration-with-the-launch-of-the-microsoft-threat-intelligence-podcast
Application Security Posture Management: Providing AppSec (and DevOps) a big assist
https://malware.news/t/application-security-posture-management-providing-appsec-and-devops-a-big-assist/74950#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
dup()'s shared file IO offset is a necessary part of Unix
https://www.reddit.com/r/lowlevel/comments/17g4ucp/dups_shared_file_io_offset_is_a_necessary_part_of/
StripedFly: Perennially flying under the radar
https://malware.news/t/stripedfly-perennially-flying-under-the-radar/74952#post_1
Unveil Data Security Paradoxes
https://thecyberwire.com/podcasts/uncovering-hidden-risks/13/notes
Expanding audit logging and retention within Microsoft Purview for increased security visibility
https://www.microsoft.com/en-us/security/blog/2023/10/18/expanding-audit-logging-and-retention-within-microsoft-purview-for-increased-security-visibility/
RTX (formerly known as Raytheon) is selling its cybersecurity business. Accenture acquires MNEMO Mexico. CISO challenges, across sectors.
https://thecyberwire.com/newsletters/business-briefing/5/43
Privacy landscapes for children.
https://thecyberwire.com/podcasts/caveat/192/notes
Perfect DLL Hijacking
https://www.reddit.com/r/Malware/comments/17go4v5/perfect_dll_hijacking/
Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction
https://www.reddit.com/r/netsec/comments/17g98dn/octo_tempest_crosses_boundaries_to_facilitate/
N2K Cyber and Microsoft expand collaboration with the launch of The Microsoft Threat Intelligence Podcast.
https://thecyberwire.com/stories/e29c68e1cd9a4660a0a65da33e95393a/n2k-cyber-and-microsoft-expand-collaboration-with-the-launch-of-the-microsoft-threat-intelligence-podcast
Application Security Posture Management: Providing AppSec (and DevOps) a big assist
https://malware.news/t/application-security-posture-management-providing-appsec-and-devops-a-big-assist/74950#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the lowlevel community on Reddit: dup()'s shared file IO offset is a necessary part of Unix
Posted by skeeto - 7 votes and no comments
Top Security News for 27/10/2023
Why cybersecurity training isn’t working (and how to fix it)
https://securityintelligence.com/articles/why-cybersecurity-training-isnt-working-and-how-to-fix-it/
6 steps to accelerate cybersecurity incident response
https://malware.news/t/6-steps-to-accelerate-cybersecurity-incident-response/75002#post_1
F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution
https://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html
CVE-2023-46747: Pre-Auth Remote Code Execution in F5-BIGIP via AJP Request Smuggling
https://www.reddit.com/r/netsec/comments/17h253u/cve202346747_preauth_remote_code_execution_in/
A cascade of compromise: unveiling Lazarus’ new campaign
https://malware.news/t/a-cascade-of-compromise-unveiling-lazarus-new-campaign/75004#post_1
A cascade of compromise: unveiling Lazarus’ new campaign
https://securelist.com/unveiling-lazarus-new-campaign/110888/
Workflow of a zkSync Era transaction: from generation to finalization
http://blog.quarkslab.com/zksync-transaction-workflow.html
Critical Flaw in NextGen's Mirth Connect Could Expose Healthcare Data
https://thehackernews.com/2023/10/critical-flaw-in-nextgens-mirth-connect.html
CVE-2023-46747: Pre-Auth Remote Code Execution in F5-BIGIP via AJP Request Smuggling
https://www.reddit.com/r/netsec/comments/17h253u/cve202346747_preauth_remote_code_execution_in/
StripedFly reclassified from petty larceny to APT.
https://thecyberwire.com/stories/e41efe29905a42dc86888a014624baf9/stripedfly-reclassified-from-petty-larceny-to-apt
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Why cybersecurity training isn’t working (and how to fix it)
https://securityintelligence.com/articles/why-cybersecurity-training-isnt-working-and-how-to-fix-it/
6 steps to accelerate cybersecurity incident response
https://malware.news/t/6-steps-to-accelerate-cybersecurity-incident-response/75002#post_1
F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution
https://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html
CVE-2023-46747: Pre-Auth Remote Code Execution in F5-BIGIP via AJP Request Smuggling
https://www.reddit.com/r/netsec/comments/17h253u/cve202346747_preauth_remote_code_execution_in/
A cascade of compromise: unveiling Lazarus’ new campaign
https://malware.news/t/a-cascade-of-compromise-unveiling-lazarus-new-campaign/75004#post_1
A cascade of compromise: unveiling Lazarus’ new campaign
https://securelist.com/unveiling-lazarus-new-campaign/110888/
Workflow of a zkSync Era transaction: from generation to finalization
http://blog.quarkslab.com/zksync-transaction-workflow.html
Critical Flaw in NextGen's Mirth Connect Could Expose Healthcare Data
https://thehackernews.com/2023/10/critical-flaw-in-nextgens-mirth-connect.html
CVE-2023-46747: Pre-Auth Remote Code Execution in F5-BIGIP via AJP Request Smuggling
https://www.reddit.com/r/netsec/comments/17h253u/cve202346747_preauth_remote_code_execution_in/
StripedFly reclassified from petty larceny to APT.
https://thecyberwire.com/stories/e41efe29905a42dc86888a014624baf9/stripedfly-reclassified-from-petty-larceny-to-apt
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Intelligence
Why cybersecurity training isn’t working (and how to fix it)
Don’t look now, but cybersecurity training isn’t good enough. Here's what it tends to get wrong, and how to get it right.
Top Security News for 28/10/2023
An integrated incident response solution with Microsoft and PwC
https://www.microsoft.com/en-us/security/blog/2023/10/26/an-integrated-incident-response-solution-with-microsoft-and-pwc/
The evolution of 20 years of cybersecurity awareness
https://securityintelligence.com/articles/20-years-of-cybersecurity-awareness/
N. Korean Lazarus Group Targets Software Vendor Using Known Flaws
https://thehackernews.com/2023/10/n-korean-lazarus-group-targets-software.html
A new ransomware uses virtual machine to dodge security
https://www.reddit.com/r/netsec/comments/17hyw24/a_new_ransomware_uses_virtual_machine_to_dodge/
An integrated incident response solution with Microsoft and PwC
https://www.microsoft.com/en-us/security/blog/2023/10/26/an-integrated-incident-response-solution-with-microsoft-and-pwc/
No rest for the wicked HiatusRAT.
https://thecyberwire.com/podcasts/research-saturday/305/notes
Top insights and best practices from the new Microsoft Data Security Index report
https://www.microsoft.com/en-us/security/blog/2023/10/25/top-insights-and-best-practices-from-the-new-microsoft-data-security-index-report/
Federal network vulnerabilities curbed by CISA KEV catalog
https://malware.news/t/federal-network-vulnerabilities-curbed-by-cisa-kev-catalog/75043#post_1
Wade Baker from Cyentia Institute is sharing their latest IRIS report.
https://thecyberwire.com/podcasts/interview-selects/183/notes
De4py: Toolkit for python reverse engineering
https://www.reddit.com/r/netsec/comments/17hy8ga/de4py_toolkit_for_python_reverse_engineering/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
An integrated incident response solution with Microsoft and PwC
https://www.microsoft.com/en-us/security/blog/2023/10/26/an-integrated-incident-response-solution-with-microsoft-and-pwc/
The evolution of 20 years of cybersecurity awareness
https://securityintelligence.com/articles/20-years-of-cybersecurity-awareness/
N. Korean Lazarus Group Targets Software Vendor Using Known Flaws
https://thehackernews.com/2023/10/n-korean-lazarus-group-targets-software.html
A new ransomware uses virtual machine to dodge security
https://www.reddit.com/r/netsec/comments/17hyw24/a_new_ransomware_uses_virtual_machine_to_dodge/
An integrated incident response solution with Microsoft and PwC
https://www.microsoft.com/en-us/security/blog/2023/10/26/an-integrated-incident-response-solution-with-microsoft-and-pwc/
No rest for the wicked HiatusRAT.
https://thecyberwire.com/podcasts/research-saturday/305/notes
Top insights and best practices from the new Microsoft Data Security Index report
https://www.microsoft.com/en-us/security/blog/2023/10/25/top-insights-and-best-practices-from-the-new-microsoft-data-security-index-report/
Federal network vulnerabilities curbed by CISA KEV catalog
https://malware.news/t/federal-network-vulnerabilities-curbed-by-cisa-kev-catalog/75043#post_1
Wade Baker from Cyentia Institute is sharing their latest IRIS report.
https://thecyberwire.com/podcasts/interview-selects/183/notes
De4py: Toolkit for python reverse engineering
https://www.reddit.com/r/netsec/comments/17hy8ga/de4py_toolkit_for_python_reverse_engineering/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Microsoft Security Blog
An integrated incident response solution with Microsoft and PwC | Microsoft Security Blog
Microsoft Incident Response and PwC have announced a new global alliance to expand their joint Incident Response and Recovery capability, providing a more comprehensive and seamless incident response experience.
Top Security News for 29/10/2023
First time seeing this app
https://www.reddit.com/r/Malware/comments/17iek36/first_time_seeing_this_app/
Size Matters for Many Security Controls, (Sat, Oct 28th)
https://isc.sans.edu/diary/rss/30352
Turning a boring file move into a privilege escalation on Mac
https://www.reddit.com/r/netsec/comments/17ibj2e/turning_a_boring_file_move_into_a_privilege/
Finally a Offsec ML Framework
https://www.reddit.com/r/netsec/comments/17ietm0/finally_a_offsec_ml_framework/
Researchers Uncover Wiretapping of XMPP-Based Instant Messaging Service
https://thehackernews.com/2023/10/researchers-uncover-wiretapping-of-xmpp.html
Octo Tempest cybercriminal group is "a growing concern"—Microsoft
https://www.malwarebytes.com/blog/news/2023/10/ransomware-affiliate-octo-tempest-is-a-growing-concern-for-organizations-across-multiple-industries
Finally a Offsec ML Framework
https://www.reddit.com/r/netsec/comments/17ietm0/finally_a_offsec_ml_framework/
Isp>vpn>whoami>proxychain>tor
https://0x00sec.org/t/isp-vpn-whoami-proxychain-tor/37626
Bug hunters earned $1,038,250 for 58 unique 0-days at Pwn2Own Toronto 2023
https://securityaffairs.com/153169/hacking/pwn2own-toronto-2023-ended.html
Spooky, scary, skeletons at the movies.
https://thecyberwire.com/podcasts/hacking-humans-goes-to-the-movies/23/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
First time seeing this app
https://www.reddit.com/r/Malware/comments/17iek36/first_time_seeing_this_app/
Size Matters for Many Security Controls, (Sat, Oct 28th)
https://isc.sans.edu/diary/rss/30352
Turning a boring file move into a privilege escalation on Mac
https://www.reddit.com/r/netsec/comments/17ibj2e/turning_a_boring_file_move_into_a_privilege/
Finally a Offsec ML Framework
https://www.reddit.com/r/netsec/comments/17ietm0/finally_a_offsec_ml_framework/
Researchers Uncover Wiretapping of XMPP-Based Instant Messaging Service
https://thehackernews.com/2023/10/researchers-uncover-wiretapping-of-xmpp.html
Octo Tempest cybercriminal group is "a growing concern"—Microsoft
https://www.malwarebytes.com/blog/news/2023/10/ransomware-affiliate-octo-tempest-is-a-growing-concern-for-organizations-across-multiple-industries
Finally a Offsec ML Framework
https://www.reddit.com/r/netsec/comments/17ietm0/finally_a_offsec_ml_framework/
Isp>vpn>whoami>proxychain>tor
https://0x00sec.org/t/isp-vpn-whoami-proxychain-tor/37626
Bug hunters earned $1,038,250 for 58 unique 0-days at Pwn2Own Toronto 2023
https://securityaffairs.com/153169/hacking/pwn2own-toronto-2023-ended.html
Spooky, scary, skeletons at the movies.
https://thecyberwire.com/podcasts/hacking-humans-goes-to-the-movies/23/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the Malware community on Reddit: First time seeing this app
Explore this post and more from the Malware community
👍1
Top Security News for 30/10/2023
Hackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE Malware
https://thehackernews.com/2023/10/hackers-using-msix-app-packages-to.html
remote access trojan
https://www.reddit.com/r/Malware/comments/17j47j5/remote_access_trojan/
'Accidental' malvertising via Dynamic Search Ads delivers malware frenzy
https://malware.news/t/accidental-malvertising-via-dynamic-search-ads-delivers-malware-frenzy/75055#post_1
IT Army of Ukraine disrupted internet providers in territories occupied by Russia
https://securityaffairs.com/153192/hacktivism/it-army-of-ukraine-hit-russia-isp.html
Security Affairs newsletter Round 443 by Pierluigi Paganini – INTERNATIONAL EDITION
https://securityaffairs.com/153186/breaking-news/security-affairs-newsletter-round-443-by-pierluigi-paganini-international-edition.html

Spam or Phishing? Looking for Credentials & Passwords, (Sun, Oct 29th)
https://isc.sans.edu/diary/rss/30354
Seeking Guidance on Writing a Malware Builder
https://0x00sec.org/t/seeking-guidance-on-writing-a-malware-builder/37630
ISC Stormcast For Monday, October 30th, 2023 https://isc.sans.edu/podcastdetail/8722, (Mon, Oct 30th)
https://malware.news/t/isc-stormcast-for-monday-october-30th-2023-https-isc-sans-edu-podcastdetail-8722-mon-oct-30th/75052#post_1
Help Everyone Do Better Security
https://www.reddit.com/r/netsec/comments/17jo8tx/help_everyone_do_better_security/
Spam or Phishing? Looking for Credentials & Passwords, (Sun, Oct 29th)
https://malware.news/t/spam-or-phishing-x3f-looking-for-credentials-passwords-sun-oct-29th/75050#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Hackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE Malware
https://thehackernews.com/2023/10/hackers-using-msix-app-packages-to.html
remote access trojan
https://www.reddit.com/r/Malware/comments/17j47j5/remote_access_trojan/
'Accidental' malvertising via Dynamic Search Ads delivers malware frenzy
https://malware.news/t/accidental-malvertising-via-dynamic-search-ads-delivers-malware-frenzy/75055#post_1
IT Army of Ukraine disrupted internet providers in territories occupied by Russia
https://securityaffairs.com/153192/hacktivism/it-army-of-ukraine-hit-russia-isp.html
Security Affairs newsletter Round 443 by Pierluigi Paganini – INTERNATIONAL EDITION
https://securityaffairs.com/153186/breaking-news/security-affairs-newsletter-round-443-by-pierluigi-paganini-international-edition.html

Spam or Phishing? Looking for Credentials & Passwords, (Sun, Oct 29th)
https://isc.sans.edu/diary/rss/30354
Seeking Guidance on Writing a Malware Builder
https://0x00sec.org/t/seeking-guidance-on-writing-a-malware-builder/37630
ISC Stormcast For Monday, October 30th, 2023 https://isc.sans.edu/podcastdetail/8722, (Mon, Oct 30th)
https://malware.news/t/isc-stormcast-for-monday-october-30th-2023-https-isc-sans-edu-podcastdetail-8722-mon-oct-30th/75052#post_1
Help Everyone Do Better Security
https://www.reddit.com/r/netsec/comments/17jo8tx/help_everyone_do_better_security/
Spam or Phishing? Looking for Credentials & Passwords, (Sun, Oct 29th)
https://malware.news/t/spam-or-phishing-x3f-looking-for-credentials-passwords-sun-oct-29th/75050#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the Malware community on Reddit: remote access trojan
Posted by young-jayy - 2 votes and 3 comments
Top Security News for 31/10/2023
New Webinar: 5 Must-Know Trends Impacting AppSec
https://thehackernews.com/2023/10/new-webinar-5-must-know-trends.html
What keeps incident responders up at night: Common pitfalls that cyber responders encounter when arriving at the scene
https://securityintelligence.com/posts/what-keeps-incident-responders-up-at-night-common-pitfalls-cyber-responders-encounter/
Flying under the Radar: The Privacy Impact of multicast DNS, (Mon, Oct 30th)
https://isc.sans.edu/diary/rss/30358
Pro-Hamas Hacktivists Targeting Israeli Entities with Wiper Malware
https://thehackernews.com/2023/10/pro-hamas-hacktivists-targeting-israeli.html
LockBit claims a cyberattack against Boeing.
https://thecyberwire.com/stories/fe240f10e10049b9b2b9407216696e1b/lockbit-claims-a-cyberattack-against-boeing
Virtual credit card fraud: An old scam reinvented
https://securityintelligence.com/posts/virtual-credit-card-fraud-old-scam-reinvented/
ISC StormCast for Tuesday, October 31st, 2023
https://isc.sans.edu/podcastdetail/8724
ISC Stormcast For Tuesday, October 31st, 2023 https://isc.sans.edu/podcastdetail/8724, (Tue, Oct 31st)
https://isc.sans.edu/diary/rss/30360
Ukraine at D+613: ISPs disrupted in occupied territories.
https://thecyberwire.com/stories/9e6a9dfd309a4b1283d464c396ab9747/ukraine-at-d613
A week in security (October 16 – October 22)
https://www.malwarebytes.com/blog/news/2023/10/a-week-in-security-october-16-october-22-2
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
New Webinar: 5 Must-Know Trends Impacting AppSec
https://thehackernews.com/2023/10/new-webinar-5-must-know-trends.html
What keeps incident responders up at night: Common pitfalls that cyber responders encounter when arriving at the scene
https://securityintelligence.com/posts/what-keeps-incident-responders-up-at-night-common-pitfalls-cyber-responders-encounter/
Flying under the Radar: The Privacy Impact of multicast DNS, (Mon, Oct 30th)
https://isc.sans.edu/diary/rss/30358
Pro-Hamas Hacktivists Targeting Israeli Entities with Wiper Malware
https://thehackernews.com/2023/10/pro-hamas-hacktivists-targeting-israeli.html
LockBit claims a cyberattack against Boeing.
https://thecyberwire.com/stories/fe240f10e10049b9b2b9407216696e1b/lockbit-claims-a-cyberattack-against-boeing
Virtual credit card fraud: An old scam reinvented
https://securityintelligence.com/posts/virtual-credit-card-fraud-old-scam-reinvented/
ISC StormCast for Tuesday, October 31st, 2023
https://isc.sans.edu/podcastdetail/8724
ISC Stormcast For Tuesday, October 31st, 2023 https://isc.sans.edu/podcastdetail/8724, (Tue, Oct 31st)
https://isc.sans.edu/diary/rss/30360
Ukraine at D+613: ISPs disrupted in occupied territories.
https://thecyberwire.com/stories/9e6a9dfd309a4b1283d464c396ab9747/ukraine-at-d613
A week in security (October 16 – October 22)
https://www.malwarebytes.com/blog/news/2023/10/a-week-in-security-october-16-october-22-2
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Intelligence
What keeps incident responders up at night: Common pitfalls that cyber responders encounter when arriving at the scene
What does the worst day look like for incident responders? What keeps them up at night, and what makes their jobs more difficult? Unpack the scary stories.
Top Security News for 01/11/2023
Supercharging Red-Teaming with Infrastructure as Code Integration
https://www.reddit.com/r/netsec/comments/17ks4u7/supercharging_redteaming_with_infrastructure_as/
Multiple Layers of Anti-Sandboxing Techniques, (Tue, Oct 31st)
https://isc.sans.edu/diary/rss/30362
Impersonating Slack Users - Red Team Tradecraft
https://www.reddit.com/r/netsec/comments/17l5qbg/impersonating_slack_users_red_team_tradecraft/
Not sure if this is the right place to post this but
https://www.reddit.com/r/Malware/comments/17l10gp/not_sure_if_this_is_the_right_place_to_post_this/
Canada Bans WeChat and Kaspersky Apps On Government Devices
https://thehackernews.com/2023/10/canada-bans-wechat-and-kaspersky-apps.html
Warning Against Infostealer Infections Upon Executing Legitimate EXE Files (DLL Hijacking)
https://malware.news/t/warning-against-infostealer-infections-upon-executing-legitimate-exe-files-dll-hijacking/75158#post_1
Atlassian Warns of New Critical Confluence Vulnerability Threatening Data Loss
https://thehackernews.com/2023/10/atlassian-warns-of-new-critical.html
Patch now! BIG-IP Configuration utility is vulnerable for an authentication bypass
https://www.malwarebytes.com/blog/exploits-and-vulnerabilities/2023/10/patch-now-big-ip-configuration-utility-is-vulnerable-for-an-authentication-bypass
What would it take to get you kids into a nice, late-model malware mealkit?
https://thecyberwire.com/podcasts/daily-podcast/1938/notes
ISC Stormcast For Wednesday, November 1st, 2023 https://isc.sans.edu/podcastdetail/8726, (Wed, Nov 1st)
https://malware.news/t/isc-stormcast-for-wednesday-november-1st-2023-https-isc-sans-edu-podcastdetail-8726-wed-nov-1st/75157#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Supercharging Red-Teaming with Infrastructure as Code Integration
https://www.reddit.com/r/netsec/comments/17ks4u7/supercharging_redteaming_with_infrastructure_as/
Multiple Layers of Anti-Sandboxing Techniques, (Tue, Oct 31st)
https://isc.sans.edu/diary/rss/30362
Impersonating Slack Users - Red Team Tradecraft
https://www.reddit.com/r/netsec/comments/17l5qbg/impersonating_slack_users_red_team_tradecraft/
Not sure if this is the right place to post this but
https://www.reddit.com/r/Malware/comments/17l10gp/not_sure_if_this_is_the_right_place_to_post_this/
Canada Bans WeChat and Kaspersky Apps On Government Devices
https://thehackernews.com/2023/10/canada-bans-wechat-and-kaspersky-apps.html
Warning Against Infostealer Infections Upon Executing Legitimate EXE Files (DLL Hijacking)
https://malware.news/t/warning-against-infostealer-infections-upon-executing-legitimate-exe-files-dll-hijacking/75158#post_1
Atlassian Warns of New Critical Confluence Vulnerability Threatening Data Loss
https://thehackernews.com/2023/10/atlassian-warns-of-new-critical.html
Patch now! BIG-IP Configuration utility is vulnerable for an authentication bypass
https://www.malwarebytes.com/blog/exploits-and-vulnerabilities/2023/10/patch-now-big-ip-configuration-utility-is-vulnerable-for-an-authentication-bypass
What would it take to get you kids into a nice, late-model malware mealkit?
https://thecyberwire.com/podcasts/daily-podcast/1938/notes
ISC Stormcast For Wednesday, November 1st, 2023 https://isc.sans.edu/podcastdetail/8726, (Wed, Nov 1st)
https://malware.news/t/isc-stormcast-for-wednesday-november-1st-2023-https-isc-sans-edu-podcastdetail-8726-wed-nov-1st/75157#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Supercharging Red-Teaming with Infrastructure as Code Integration
Explore this post and more from the netsec community
Top Security News for 02/11/2023
UEFI and The Digital Supply Chain - Dick Wilkins - BTS #16
https://malware.news/t/uefi-and-the-digital-supply-chain-dick-wilkins-bts-16/75190#post_1
ISC Stormcast For Thursday, November 2nd, 2023 https://isc.sans.edu/podcastdetail/8728, (Thu, Nov 2nd)
https://malware.news/t/isc-stormcast-for-thursday-november-2nd-2023-https-isc-sans-edu-podcastdetail-8728-thu-nov-2nd/75195#post_1
Pentagon 'Strongly' Urges Military Members to Report UFO Sightings With New Website
https://www.vice.com/en_us/article/bvjpaz/us-pentagon-ufo-uap-reporting-website-aaro
Critical phpFox RCE Vulnerability Risked Social Networks
https://www.reddit.com/r/netsec/comments/17l9uju/critical_phpfox_rce_vulnerability_risked_social/
Critical phpFox RCE Vulnerability Risked Social Networks
https://www.reddit.com/r/netsec/comments/17l9uju/critical_phpfox_rce_vulnerability_risked_social/
Official release of CVSS v4.0
https://www.reddit.com/r/netsec/comments/17lic7r/official_release_of_cvss_v40/
Weaponizing your out-of-office replies.
https://thecyberwire.com/podcasts/hacking-humans/264/notes
EKS Cluster Games: An EKS-focused CTF Challenge
https://www.reddit.com/r/netsec/comments/17lhfee/eks_cluster_games_an_eksfocused_ctf_challenge/
Hacktivism in two hybrid wars (with an excursus on gastropods).
https://thecyberwire.com/podcasts/daily-podcast/1939/notes
How to crack Windows Password
https://www.reddit.com/r/netsec/comments/17l2oea/how_to_crack_windows_password/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
UEFI and The Digital Supply Chain - Dick Wilkins - BTS #16
https://malware.news/t/uefi-and-the-digital-supply-chain-dick-wilkins-bts-16/75190#post_1
ISC Stormcast For Thursday, November 2nd, 2023 https://isc.sans.edu/podcastdetail/8728, (Thu, Nov 2nd)
https://malware.news/t/isc-stormcast-for-thursday-november-2nd-2023-https-isc-sans-edu-podcastdetail-8728-thu-nov-2nd/75195#post_1
Pentagon 'Strongly' Urges Military Members to Report UFO Sightings With New Website
https://www.vice.com/en_us/article/bvjpaz/us-pentagon-ufo-uap-reporting-website-aaro
Critical phpFox RCE Vulnerability Risked Social Networks
https://www.reddit.com/r/netsec/comments/17l9uju/critical_phpfox_rce_vulnerability_risked_social/
Critical phpFox RCE Vulnerability Risked Social Networks
https://www.reddit.com/r/netsec/comments/17l9uju/critical_phpfox_rce_vulnerability_risked_social/
Official release of CVSS v4.0
https://www.reddit.com/r/netsec/comments/17lic7r/official_release_of_cvss_v40/
Weaponizing your out-of-office replies.
https://thecyberwire.com/podcasts/hacking-humans/264/notes
EKS Cluster Games: An EKS-focused CTF Challenge
https://www.reddit.com/r/netsec/comments/17lhfee/eks_cluster_games_an_eksfocused_ctf_challenge/
Hacktivism in two hybrid wars (with an excursus on gastropods).
https://thecyberwire.com/podcasts/daily-podcast/1939/notes
How to crack Windows Password
https://www.reddit.com/r/netsec/comments/17l2oea/how_to_crack_windows_password/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
UEFI and The Digital Supply Chain - Dick Wilkins - BTS #16
Article Link: UEFI and The Digital Supply Chain – Dick Wilkins – BTS #16 | SC Media
Top Security News for 03/11/2023
The beginning of an international consensus on AI governance may be emerging from Bletchley Park.
https://thecyberwire.com/podcasts/daily-podcast/1940/notes
Iran's MuddyWater Targets Israel in New Spear-Phishing Cyber Campaign
https://thehackernews.com/2023/11/irans-muddywater-targets-israel-in-new.html
Vulnerable Apache ActiveMQ servers subjected to HelloKitty ransomware attack
https://malware.news/t/vulnerable-apache-activemq-servers-subjected-to-hellokitty-ransomware-attack/75247#post_1
Novel macOS malware launched by North Korean hackers
https://malware.news/t/novel-macos-malware-launched-by-north-korean-hackers/75245#post_1
ISC StormCast for Friday, November 3rd, 2023
https://isc.sans.edu/podcastdetail/8730
Advice For Catching a RedLine Stealer - includes tools to identify C2 protocol
https://www.reddit.com/r/netsec/comments/17m7dsr/advice_for_catching_a_redline_stealer_includes/
ISC Stormcast For Friday, November 3rd, 2023 https://isc.sans.edu/podcastdetail/8730, (Fri, Nov 3rd)
https://malware.news/t/isc-stormcast-for-friday-november-3rd-2023-https-isc-sans-edu-podcastdetail-8730-fri-nov-3rd/75248#post_1
Lazarus Group prospects blockchain engineers with KANDYKORN.
https://thecyberwire.com/stories/2fadf6cb2f084714ab3ae40bb8b2f889/lazarus-group-prospects-blockchain-engineers-with-kandykorn
Quick Tip For Artificially Inflated PE Files, (Thu, Nov 2nd)
https://isc.sans.edu/diary/rss/30370
FIRST Announces CVSS 4.0 - New Vulnerability Scoring System
https://thehackernews.com/2023/11/first-announces-cvss-40-new.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The beginning of an international consensus on AI governance may be emerging from Bletchley Park.
https://thecyberwire.com/podcasts/daily-podcast/1940/notes
Iran's MuddyWater Targets Israel in New Spear-Phishing Cyber Campaign
https://thehackernews.com/2023/11/irans-muddywater-targets-israel-in-new.html
Vulnerable Apache ActiveMQ servers subjected to HelloKitty ransomware attack
https://malware.news/t/vulnerable-apache-activemq-servers-subjected-to-hellokitty-ransomware-attack/75247#post_1
Novel macOS malware launched by North Korean hackers
https://malware.news/t/novel-macos-malware-launched-by-north-korean-hackers/75245#post_1
ISC StormCast for Friday, November 3rd, 2023
https://isc.sans.edu/podcastdetail/8730
Advice For Catching a RedLine Stealer - includes tools to identify C2 protocol
https://www.reddit.com/r/netsec/comments/17m7dsr/advice_for_catching_a_redline_stealer_includes/
ISC Stormcast For Friday, November 3rd, 2023 https://isc.sans.edu/podcastdetail/8730, (Fri, Nov 3rd)
https://malware.news/t/isc-stormcast-for-friday-november-3rd-2023-https-isc-sans-edu-podcastdetail-8730-fri-nov-3rd/75248#post_1
Lazarus Group prospects blockchain engineers with KANDYKORN.
https://thecyberwire.com/stories/2fadf6cb2f084714ab3ae40bb8b2f889/lazarus-group-prospects-blockchain-engineers-with-kandykorn
Quick Tip For Artificially Inflated PE Files, (Thu, Nov 2nd)
https://isc.sans.edu/diary/rss/30370
FIRST Announces CVSS 4.0 - New Vulnerability Scoring System
https://thehackernews.com/2023/11/first-announces-cvss-40-new.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
The beginning of an international consensus on AI governance may be emerging from Bletchley Park.
Bletchley Declaration represents a consensus starting point for AI governance. Lazarus Group prospects blockchain engineers with KANDYKORN. Boeing investigates ‘cyber incident’ affecting parts business. NodeStealer’s use in attacks against Facebook accounts.…
Top Security News for 04/11/2023
Okta employee data compromised in third-party breach
https://malware.news/t/okta-employee-data-compromised-in-third-party-breach/75289#post_1
Immediate patching of Atlassian Confluence flaw urged
https://malware.news/t/immediate-patching-of-atlassian-confluence-flaw-urged/75284#post_1
Keylogger keyboard leaks passwords via Apple's "Find My" location network
https://www.reddit.com/r/netsec/comments/17mv6a9/keylogger_keyboard_leaks_passwords_via_apples/
First handset with MTE on the market
https://googleprojectzero.blogspot.com/2023/11/first-handset-with-mte-on-market.html
Sandman doesn't slow malware down.
https://thecyberwire.com/podcasts/research-saturday/305/notes
Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments
https://thehackernews.com/2023/11/kinsing-actors-exploit-linux-flaw-to.html
Israel subjected to new MuddyWater spear-phishing attacks
https://malware.news/t/israel-subjected-to-new-muddywater-spear-phishing-attacks/75290#post_1
ZDI discloses four zero-day flaws in Microsoft Exchange
https://securityaffairs.com/153599/hacking/microsoft-exchange-zero-day-flaws.html
ram usage went high all of a sudden without using programs and i found this second explorer task which i cant close
https://www.reddit.com/r/Malware/comments/17n8np5/ram_usage_went_high_all_of_a_sudden_without_using/
CanesSpy Spyware Discovered in Modified WhatsApp Versions
https://thehackernews.com/2023/11/canesspy-spyware-discovered-in-modified.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Okta employee data compromised in third-party breach
https://malware.news/t/okta-employee-data-compromised-in-third-party-breach/75289#post_1
Immediate patching of Atlassian Confluence flaw urged
https://malware.news/t/immediate-patching-of-atlassian-confluence-flaw-urged/75284#post_1
Keylogger keyboard leaks passwords via Apple's "Find My" location network
https://www.reddit.com/r/netsec/comments/17mv6a9/keylogger_keyboard_leaks_passwords_via_apples/
First handset with MTE on the market
https://googleprojectzero.blogspot.com/2023/11/first-handset-with-mte-on-market.html
Sandman doesn't slow malware down.
https://thecyberwire.com/podcasts/research-saturday/305/notes
Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments
https://thehackernews.com/2023/11/kinsing-actors-exploit-linux-flaw-to.html
Israel subjected to new MuddyWater spear-phishing attacks
https://malware.news/t/israel-subjected-to-new-muddywater-spear-phishing-attacks/75290#post_1
ZDI discloses four zero-day flaws in Microsoft Exchange
https://securityaffairs.com/153599/hacking/microsoft-exchange-zero-day-flaws.html
ram usage went high all of a sudden without using programs and i found this second explorer task which i cant close
https://www.reddit.com/r/Malware/comments/17n8np5/ram_usage_went_high_all_of_a_sudden_without_using/
CanesSpy Spyware Discovered in Modified WhatsApp Versions
https://thehackernews.com/2023/11/canesspy-spyware-discovered-in-modified.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Okta employee data compromised in third-party breach
Okta had 4,961 current and former employees' data, including names, health insurance plan numbers, and Social Security numbers, compromised following a breach at its third-party vendor Rightway Healthcare, reports The Register. Article Link: Okta employee…
Top Security News for 05/11/2023
Frameworks for DE-Friendly CTI (Part 5) [Medium Backup]
https://malware.news/t/frameworks-for-de-friendly-cti-part-5-medium-backup/75293#post_1
Smashing the TLB for fun and profit - ekoparty 2023
https://www.reddit.com/r/netsec/comments/17o24gf/smashing_the_tlb_for_fun_and_profit_ekoparty_2023/
Talkin’ About Infosec News – 11/4/2023
https://malware.news/t/talkin-about-infosec-news-11-4-2023/75296#post_1
Google Play Store Introduces 'Independent Security Review' Badge for Apps
https://thehackernews.com/2023/11/google-play-store-introduces.html
Threat Roundup for October 27 to November 3
https://malware.news/t/threat-roundup-for-october-27-to-november-3/75295#post_1
Riks around Chrome cache
https://www.reddit.com/r/Malware/comments/17nw3i4/riks_around_chrome_cache/
Kinsing threat actors probed the Looney Tunables flaws in recent attacks
https://securityaffairs.com/153610/hacking/kinsing-hackers-probe-looney-tunables.html
CyberCon 2023: A unique mix of critical infrastructure and cybersecurity.
https://thecyberwire.com/podcasts/special-edition/55/notes
Jeffrey Wheatman: Sometimes you just need to open the raincoat.
https://thecyberwire.com/podcasts/career-notes/174/notes
Google Cybersecurity Action Team Threat Horizons Report #8 Is Out! [Medium Backup]
https://malware.news/t/google-cybersecurity-action-team-threat-horizons-report-8-is-out-medium-backup/75292#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Frameworks for DE-Friendly CTI (Part 5) [Medium Backup]
https://malware.news/t/frameworks-for-de-friendly-cti-part-5-medium-backup/75293#post_1
Smashing the TLB for fun and profit - ekoparty 2023
https://www.reddit.com/r/netsec/comments/17o24gf/smashing_the_tlb_for_fun_and_profit_ekoparty_2023/
Talkin’ About Infosec News – 11/4/2023
https://malware.news/t/talkin-about-infosec-news-11-4-2023/75296#post_1
Google Play Store Introduces 'Independent Security Review' Badge for Apps
https://thehackernews.com/2023/11/google-play-store-introduces.html
Threat Roundup for October 27 to November 3
https://malware.news/t/threat-roundup-for-october-27-to-november-3/75295#post_1
Riks around Chrome cache
https://www.reddit.com/r/Malware/comments/17nw3i4/riks_around_chrome_cache/
Kinsing threat actors probed the Looney Tunables flaws in recent attacks
https://securityaffairs.com/153610/hacking/kinsing-hackers-probe-looney-tunables.html
CyberCon 2023: A unique mix of critical infrastructure and cybersecurity.
https://thecyberwire.com/podcasts/special-edition/55/notes
Jeffrey Wheatman: Sometimes you just need to open the raincoat.
https://thecyberwire.com/podcasts/career-notes/174/notes
Google Cybersecurity Action Team Threat Horizons Report #8 Is Out! [Medium Backup]
https://malware.news/t/google-cybersecurity-action-team-threat-horizons-report-8-is-out-medium-backup/75292#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Frameworks for DE-Friendly CTI (Part 5) [Medium Backup]
This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. In this blog (#5 in the series), we will build a quick “framework-lite” for making CTI to DE flows better. Detection…
Top Security News for 06/11/2023
A week in security (October 30 – November 5)
https://www.malwarebytes.com/blog/news/2023/11/a-week-in-security-october-30-november-5-2
ISC Stormcast For Monday, November 6th, 2023 https://isc.sans.edu/podcastdetail/8732, (Mon, Nov 6th)
https://isc.sans.edu/diary/rss/30374
Lazarus targets blockchain engineers with new KandyKorn macOS Malware
https://securityaffairs.com/153622/hacking/lazarus-kandykorn-malware.html
U.S. Treasury Sanctions Russian Money Launderer in Cybercrime Crackdown
https://thehackernews.com/2023/11/us-treasury-targets-russian-money.html
Malware Analysis - ZPAQ to .NET downloader to Injector DLL unpacking
https://malware.news/t/malware-analysis-zpaq-to-net-downloader-to-injector-dll-unpacking/75298#post_1
I’m not sure if this is the correct place but please read
https://www.reddit.com/r/Malware/comments/17o68b1/im_not_sure_if_this_is_the_correct_place_but/
How do I capture all network traffic on a phone
https://0x00sec.org/t/how-do-i-capture-all-network-traffic-on-a-phone/37733
ISC StormCast for Monday, November 6th, 2023
https://isc.sans.edu/podcastdetail/8732
Ledger Live Crypto Wallet Attack
https://malware.news/t/ledger-live-crypto-wallet-attack/75299#post_1
Create own malware, ransomware, trojans and more
https://www.reddit.com/r/Malware/comments/17omgum/create_own_malware_ransomware_trojans_and_more/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
A week in security (October 30 – November 5)
https://www.malwarebytes.com/blog/news/2023/11/a-week-in-security-october-30-november-5-2
ISC Stormcast For Monday, November 6th, 2023 https://isc.sans.edu/podcastdetail/8732, (Mon, Nov 6th)
https://isc.sans.edu/diary/rss/30374
Lazarus targets blockchain engineers with new KandyKorn macOS Malware
https://securityaffairs.com/153622/hacking/lazarus-kandykorn-malware.html
U.S. Treasury Sanctions Russian Money Launderer in Cybercrime Crackdown
https://thehackernews.com/2023/11/us-treasury-targets-russian-money.html
Malware Analysis - ZPAQ to .NET downloader to Injector DLL unpacking
https://malware.news/t/malware-analysis-zpaq-to-net-downloader-to-injector-dll-unpacking/75298#post_1
I’m not sure if this is the correct place but please read
https://www.reddit.com/r/Malware/comments/17o68b1/im_not_sure_if_this_is_the_correct_place_but/
How do I capture all network traffic on a phone
https://0x00sec.org/t/how-do-i-capture-all-network-traffic-on-a-phone/37733
ISC StormCast for Monday, November 6th, 2023
https://isc.sans.edu/podcastdetail/8732
Ledger Live Crypto Wallet Attack
https://malware.news/t/ledger-live-crypto-wallet-attack/75299#post_1
Create own malware, ransomware, trojans and more
https://www.reddit.com/r/Malware/comments/17omgum/create_own_malware_ransomware_trojans_and_more/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
A week in security (October 30 - November 5) | Malwarebytes
A list of topics we covered in the week of October 30 to November 5 of 2023
Top Security News for 07/11/2023
ISC StormCast for Monday, October 30th, 2023
https://isc.sans.edu/podcastdetail/8722
Anyone have the link to the real hahaha your a idoit malware
https://www.reddit.com/r/Malware/comments/17pnem6/anyone_have_the_link_to_the_real_hahaha_your_a/
Persistence – Windows Telemetry
https://www.reddit.com/r/netsec/comments/17oyq8g/persistence_windows_telemetry/
Threat Landscape During the Holidays & Michael Francess Member Spotlight
https://thecyberwire.com/podcasts/rh-isac/39/notes
Automatic Conditional Access policies in Microsoft Entra streamline identity protection
https://www.microsoft.com/en-us/security/blog/2023/11/06/automatic-conditional-access-policies-in-microsoft-entra-streamline-identity-protection/
Critical Flaws Discovered in Veeam ONE IT Monitoring Software – Patch Now
https://thehackernews.com/2023/11/critical-flaws-discovered-in-veeam-one.html
ISC StormCast for Thursday, November 2nd, 2023
https://isc.sans.edu/podcastdetail/8728
ISC StormCast for Monday, November 6th, 2023
https://isc.sans.edu/podcastdetail/8732
Veterans Impacting Cybersecurity - David Cross - CSP #147
https://malware.news/t/veterans-impacting-cybersecurity-david-cross-csp-147/75349#post_1
ISC Stormcast For Tuesday, November 7th, 2023 https://isc.sans.edu/podcastdetail/8734, (Tue, Nov 7th)
https://isc.sans.edu/diary/rss/30378
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC StormCast for Monday, October 30th, 2023
https://isc.sans.edu/podcastdetail/8722
Anyone have the link to the real hahaha your a idoit malware
https://www.reddit.com/r/Malware/comments/17pnem6/anyone_have_the_link_to_the_real_hahaha_your_a/
Persistence – Windows Telemetry
https://www.reddit.com/r/netsec/comments/17oyq8g/persistence_windows_telemetry/
Threat Landscape During the Holidays & Michael Francess Member Spotlight
https://thecyberwire.com/podcasts/rh-isac/39/notes
Automatic Conditional Access policies in Microsoft Entra streamline identity protection
https://www.microsoft.com/en-us/security/blog/2023/11/06/automatic-conditional-access-policies-in-microsoft-entra-streamline-identity-protection/
Critical Flaws Discovered in Veeam ONE IT Monitoring Software – Patch Now
https://thehackernews.com/2023/11/critical-flaws-discovered-in-veeam-one.html
ISC StormCast for Thursday, November 2nd, 2023
https://isc.sans.edu/podcastdetail/8728
ISC StormCast for Monday, November 6th, 2023
https://isc.sans.edu/podcastdetail/8732
Veterans Impacting Cybersecurity - David Cross - CSP #147
https://malware.news/t/veterans-impacting-cybersecurity-david-cross-csp-147/75349#post_1
ISC Stormcast For Tuesday, November 7th, 2023 https://isc.sans.edu/podcastdetail/8734, (Tue, Nov 7th)
https://isc.sans.edu/diary/rss/30378
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
SANS ISC Stormcast: Daily Network Security News Summary; Cyber Security Podcast
SANS Daily Network Security Podcast (Stormcast) for Monday, October 30th, 2023
Top Security News for 08/11/2023
Example of Phishing Campaign Project File, (Wed, Nov 8th)
https://malware.news/t/example-of-phishing-campaign-project-file-wed-nov-8th/75408#post_1
[Kimsuky] Operation Covert Stalker
https://malware.news/t/kimsuky-operation-covert-stalker/75403#post_1
What the new ‘iLeakage’ research tells us about potential security flaws in Apple Arm chips
https://malware.news/t/what-the-new-ileakage-research-tells-us-about-potential-security-flaws-in-apple-arm-chips/75405#post_1
ISC Stormcast For Wednesday, November 8th, 2023 https://isc.sans.edu/podcastdetail/8736, (Wed, Nov 8th)
https://isc.sans.edu/diary/rss/30382
ISC Stormcast For Wednesday, November 8th, 2023 https://isc.sans.edu/podcastdetail/8736, (Wed, Nov 8th)
https://malware.news/t/isc-stormcast-for-wednesday-november-8th-2023-https-isc-sans-edu-podcastdetail-8736-wed-nov-8th/75402#post_1
Creating Connections: Breaking through.
https://thecyberwire.com/newsletters/creating-connections/4/7
OST2, Zephyr RTOS, and a bunch of CVEs
https://www.reddit.com/r/netsec/comments/17pp4c2/ost2_zephyr_rtos_and_a_bunch_of_cves/
Did Israel Finally Confirm It Has Nuclear Weapons by Threatening Gaza?
https://www.vice.com/en_us/article/g5ymaw/did-israel-finally-confirm-it-has-nuclear-weapons-by-threatening-gaza
ISC StormCast for Wednesday, November 8th, 2023
https://isc.sans.edu/podcastdetail/8736
Advice for women in cybersecurity or those aspiring to join the industry.
https://thecyberwire.com/stories/042043040981448db309b22a1392cb40/advice-for-women-in-cybersecurity-or-those-aspiring-to-join-the-industry
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Example of Phishing Campaign Project File, (Wed, Nov 8th)
https://malware.news/t/example-of-phishing-campaign-project-file-wed-nov-8th/75408#post_1
[Kimsuky] Operation Covert Stalker
https://malware.news/t/kimsuky-operation-covert-stalker/75403#post_1
What the new ‘iLeakage’ research tells us about potential security flaws in Apple Arm chips
https://malware.news/t/what-the-new-ileakage-research-tells-us-about-potential-security-flaws-in-apple-arm-chips/75405#post_1
ISC Stormcast For Wednesday, November 8th, 2023 https://isc.sans.edu/podcastdetail/8736, (Wed, Nov 8th)
https://isc.sans.edu/diary/rss/30382
ISC Stormcast For Wednesday, November 8th, 2023 https://isc.sans.edu/podcastdetail/8736, (Wed, Nov 8th)
https://malware.news/t/isc-stormcast-for-wednesday-november-8th-2023-https-isc-sans-edu-podcastdetail-8736-wed-nov-8th/75402#post_1
Creating Connections: Breaking through.
https://thecyberwire.com/newsletters/creating-connections/4/7
OST2, Zephyr RTOS, and a bunch of CVEs
https://www.reddit.com/r/netsec/comments/17pp4c2/ost2_zephyr_rtos_and_a_bunch_of_cves/
Did Israel Finally Confirm It Has Nuclear Weapons by Threatening Gaza?
https://www.vice.com/en_us/article/g5ymaw/did-israel-finally-confirm-it-has-nuclear-weapons-by-threatening-gaza
ISC StormCast for Wednesday, November 8th, 2023
https://isc.sans.edu/podcastdetail/8736
Advice for women in cybersecurity or those aspiring to join the industry.
https://thecyberwire.com/stories/042043040981448db309b22a1392cb40/advice-for-women-in-cybersecurity-or-those-aspiring-to-join-the-industry
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Example of Phishing Campaign Project File, (Wed, Nov 8th)
We all have a love and hate relation with emails. When newcomers on the Internet starts to get emails, they are so happy but their feeling changes quickly. Then, they hope to reduce the flood of emails received daily… Good luck! Of course, tools have been…
Top Security News for 09/11/2023
avoidr - masscan with exclusive exclusions
https://www.reddit.com/r/netsec/comments/17qve37/avoidr_masscan_with_exclusive_exclusions/
QNAP warns about critical vulnerabilities in NAS systems
https://www.malwarebytes.com/blog/exploits-and-vulnerabilities/2023/11/qnap-warns-about-critical-vulnerabilities-in-nas-systems
50 Shades of Vulnerabilities: Uncovering Flaws in Open-Source Vulnerability Disclosures
https://www.reddit.com/r/netsec/comments/17qlat2/50_shades_of_vulnerabilities_uncovering_flaws_in/
North Korea-linked APT BlueNoroff used new macOS malware ObjCShellz
https://securityaffairs.com/153842/apt/bluenoroff-apt-objcshellz-macos-malware.html
Cyberattack on Marina Bay Sands.
https://thecyberwire.com
Using Github as C2
https://www.reddit.com/r/netsec/comments/17r79xv/using_github_as_c2/
CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation
https://thehackernews.com/2023/11/cisa-alerts-high-severity-slp.html
Digital security sessions at Microsoft Ignite to prepare you for the era of AI
https://www.microsoft.com/en-us/security/blog/2023/11/07/digital-security-sessions-at-microsoft-ignite-to-prepare-you-for-the-era-of-ai/
"No credible threats" to yesterday's US elections.
https://thecyberwire.com/newsletters/daily-briefing/12/214
Our Pwn2Own journey against time and randomness (part 2) | Quarkslab
https://www.reddit.com/r/netsec/comments/17qm17j/our_pwn2own_journey_against_time_and_randomness/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
avoidr - masscan with exclusive exclusions
https://www.reddit.com/r/netsec/comments/17qve37/avoidr_masscan_with_exclusive_exclusions/
QNAP warns about critical vulnerabilities in NAS systems
https://www.malwarebytes.com/blog/exploits-and-vulnerabilities/2023/11/qnap-warns-about-critical-vulnerabilities-in-nas-systems
50 Shades of Vulnerabilities: Uncovering Flaws in Open-Source Vulnerability Disclosures
https://www.reddit.com/r/netsec/comments/17qlat2/50_shades_of_vulnerabilities_uncovering_flaws_in/
North Korea-linked APT BlueNoroff used new macOS malware ObjCShellz
https://securityaffairs.com/153842/apt/bluenoroff-apt-objcshellz-macos-malware.html
Cyberattack on Marina Bay Sands.
https://thecyberwire.com
Using Github as C2
https://www.reddit.com/r/netsec/comments/17r79xv/using_github_as_c2/
CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation
https://thehackernews.com/2023/11/cisa-alerts-high-severity-slp.html
Digital security sessions at Microsoft Ignite to prepare you for the era of AI
https://www.microsoft.com/en-us/security/blog/2023/11/07/digital-security-sessions-at-microsoft-ignite-to-prepare-you-for-the-era-of-ai/
"No credible threats" to yesterday's US elections.
https://thecyberwire.com/newsletters/daily-briefing/12/214
Our Pwn2Own journey against time and randomness (part 2) | Quarkslab
https://www.reddit.com/r/netsec/comments/17qm17j/our_pwn2own_journey_against_time_and_randomness/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: avoidr - masscan with exclusive exclusions
Explore this post and more from the netsec community
Top Security News for 10/11/2023
Ukraine at D+263: Russia's 2022 grid attacks as foreshadowing.
https://thecyberwire.com/stories/920091fb7ffb4023978aebe54c771daa/ukraine-at-d263
AWS IoT Core: A Compromised Device Perspective
https://www.reddit.com/r/netsec/comments/17rg45u/aws_iot_core_a_compromised_device_perspective/
Three proactive ways to prepare for the coming regulatory climate around AI
https://malware.news/t/three-proactive-ways-to-prepare-for-the-coming-regulatory-climate-around-ai/75513#post_1
Routers Targeted for Gafgyt Botnet [Guest Diary], (Thu, Nov 9th)
https://isc.sans.edu/diary/rss/30390
Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability
https://thehackernews.com/2023/11/zero-day-alert-lace-tempest-exploits.html
ISC Stormcast For Friday, November 10th, 2023 https://isc.sans.edu/podcastdetail/8740, (Fri, Nov 10th)
https://malware.news/t/isc-stormcast-for-friday-november-10th-2023-https-isc-sans-edu-podcastdetail-8740-fri-nov-10th/75512#post_1
BugBountyGPT - Now GPT helps to find vulnerabilities!
https://www.reddit.com/r/netsec/comments/17rnrte/bugbountygpt_now_gpt_helps_to_find_vulnerabilities/
Shields Ready, as infrastructure operators look to threats and vulnerabilities.
https://thecyberwire.com/newsletters/daily-briefing/12/215
Visual Examples of Code Injection, (Thu, Nov 9th)
https://isc.sans.edu/diary/rss/30388
Send Bluetooth LE Spam impersonating 219 devices just using Android app instead of Flipper Zero
https://www.reddit.com/r/netsec/comments/17rbo99/send_bluetooth_le_spam_impersonating_219_devices/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Ukraine at D+263: Russia's 2022 grid attacks as foreshadowing.
https://thecyberwire.com/stories/920091fb7ffb4023978aebe54c771daa/ukraine-at-d263
AWS IoT Core: A Compromised Device Perspective
https://www.reddit.com/r/netsec/comments/17rg45u/aws_iot_core_a_compromised_device_perspective/
Three proactive ways to prepare for the coming regulatory climate around AI
https://malware.news/t/three-proactive-ways-to-prepare-for-the-coming-regulatory-climate-around-ai/75513#post_1
Routers Targeted for Gafgyt Botnet [Guest Diary], (Thu, Nov 9th)
https://isc.sans.edu/diary/rss/30390
Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability
https://thehackernews.com/2023/11/zero-day-alert-lace-tempest-exploits.html
ISC Stormcast For Friday, November 10th, 2023 https://isc.sans.edu/podcastdetail/8740, (Fri, Nov 10th)
https://malware.news/t/isc-stormcast-for-friday-november-10th-2023-https-isc-sans-edu-podcastdetail-8740-fri-nov-10th/75512#post_1
BugBountyGPT - Now GPT helps to find vulnerabilities!
https://www.reddit.com/r/netsec/comments/17rnrte/bugbountygpt_now_gpt_helps_to_find_vulnerabilities/
Shields Ready, as infrastructure operators look to threats and vulnerabilities.
https://thecyberwire.com/newsletters/daily-briefing/12/215
Visual Examples of Code Injection, (Thu, Nov 9th)
https://isc.sans.edu/diary/rss/30388
Send Bluetooth LE Spam impersonating 219 devices just using Android app instead of Flipper Zero
https://www.reddit.com/r/netsec/comments/17rbo99/send_bluetooth_le_spam_impersonating_219_devices/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Ukraine at D+623: Russia's 2022 grid attacks as foreshadowing.
Ukraine maintains its counteroffensive pressure. Russian milbloggers channel Tolstoi. And Sandworm's attacks on Ukrainian infrastructure in October 2022 suggest what may be in store for this winter.
Top Security News for 11/11/2023
Cyber phases of hybrid wars remain opportunistic, but some signs of combined arms ops emerge.
https://thecyberwire.com/newsletters/week-that-was/7/43
Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers
https://thehackernews.com/2023/11/alert-effluence-backdoor-persists.html
Iran-Linked Imperial Kitten Cyber Group Targeting Middle East's Tech Sectors
https://thehackernews.com/2023/11/iran-linked-imperial-kitten-cyber-group.html
Israel subjected to Charming Kitten attacks
https://malware.news/t/israel-subjected-to-charming-kitten-attacks/75548#post_1
Microsoft shares threat intelligence at CYBERWARCON 2023
https://www.microsoft.com/en-us/security/blog/2023/11/09/microsoft-shares-threat-intelligence-at-cyberwarcon-2023/
Dissecting Intel’s Explanation of Key Usage in Integrated Firmware Images (IFWI)
https://www.reddit.com/r/lowlevel/comments/17s9jt9/dissecting_intels_explanation_of_key_usage_in/
MuddyWater attacks against Israel involve novel C2 framework
https://malware.news/t/muddywater-attacks-against-israel-involve-novel-c2-framework/75547#post_1
Over 39K affected by Kyocera AVX ransomware-related breach
https://malware.news/t/over-39k-affected-by-kyocera-avx-ransomware-related-breach/75546#post_1
The New 80/20 Rule for SecOps: Customize Where it Matters, Automate the Rest
https://thehackernews.com/2023/11/the-new-8020-rule-for-secops-customize.html
AOL's 92M records database leak in 2003 - A Retroactive Examination
https://www.reddit.com/r/netsec/comments/17s5bq9/aols_92m_records_database_leak_in_2003_a/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Cyber phases of hybrid wars remain opportunistic, but some signs of combined arms ops emerge.
https://thecyberwire.com/newsletters/week-that-was/7/43
Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers
https://thehackernews.com/2023/11/alert-effluence-backdoor-persists.html
Iran-Linked Imperial Kitten Cyber Group Targeting Middle East's Tech Sectors
https://thehackernews.com/2023/11/iran-linked-imperial-kitten-cyber-group.html
Israel subjected to Charming Kitten attacks
https://malware.news/t/israel-subjected-to-charming-kitten-attacks/75548#post_1
Microsoft shares threat intelligence at CYBERWARCON 2023
https://www.microsoft.com/en-us/security/blog/2023/11/09/microsoft-shares-threat-intelligence-at-cyberwarcon-2023/
Dissecting Intel’s Explanation of Key Usage in Integrated Firmware Images (IFWI)
https://www.reddit.com/r/lowlevel/comments/17s9jt9/dissecting_intels_explanation_of_key_usage_in/
MuddyWater attacks against Israel involve novel C2 framework
https://malware.news/t/muddywater-attacks-against-israel-involve-novel-c2-framework/75547#post_1
Over 39K affected by Kyocera AVX ransomware-related breach
https://malware.news/t/over-39k-affected-by-kyocera-avx-ransomware-related-breach/75546#post_1
The New 80/20 Rule for SecOps: Customize Where it Matters, Automate the Rest
https://thehackernews.com/2023/11/the-new-8020-rule-for-secops-customize.html
AOL's 92M records database leak in 2003 - A Retroactive Examination
https://www.reddit.com/r/netsec/comments/17s5bq9/aols_92m_records_database_leak_in_2003_a/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
N2K CyberWire
Cyber phases of hybrid wars remain opportunistic, but some signs of combined arms ops emerge.
Election security: no major incidents in US off-year voting. The cyber front in the Hamas-Israel war. Sandworm and Ukraine's power grid: 2022 attacks described and analyzed. A major Chinese cyberespionage effort against Cambodia. Current BlueNoroff activity.…
Top Security News for 12/11/2023
Police seized BulletProftLink phishing-as-a-service (PhaaS) platform
https://securityaffairs.com/154041/cyber-crime/bulletproftlink-phaas-platform-seized.html
Basic Command and Control (C2) setup with Mythic C2
https://www.reddit.com/r/netsec/comments/17sw87w/basic_command_and_control_c2_setup_with_mythic_c2/
Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers
https://thehackernews.com/2023/11/microsoft-warns-of-fake-skills.html
Geopolitical Cybercrime: LockBit attack on the ICBC
https://malware.news/t/geopolitical-cybercrime-lockbit-attack-on-the-icbc/75556#post_1
Malware Analysis of Pegasus Spyware
https://www.reddit.com/r/Malware/comments/17stpho/malware_analysis_of_pegasus_spyware/
Chinese APT Infrastructure Mimics Cloud Backup Services
https://malware.news/t/chinese-apt-infrastructure-mimics-cloud-backup-services/75554#post_1
Private UK health data donated for medical research shared with insurance companies
https://www.theguardian.com/technology/2023/nov/12/private-uk-health-data-donated-medical-research-shared-insurance-companies
The Power of Complex Binary Analysis
https://malware.news/t/the-power-of-complex-binary-analysis/75555#post_1
Maine says 1.3M people affected by data breach
https://www.reddit.com/r/Malware/comments/17t0rbd/maine_says_13m_people_affected_by_data_breach/
Can FM Radio Receivers Be Physically Tracked or Exploited? Can Devices in Airplane Mode Be Physically Tracked or Exploited?
https://www.reddit.com/r/Malware/comments/17t7bkz/can_fm_radio_receivers_be_physically_tracked_or/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Police seized BulletProftLink phishing-as-a-service (PhaaS) platform
https://securityaffairs.com/154041/cyber-crime/bulletproftlink-phaas-platform-seized.html
Basic Command and Control (C2) setup with Mythic C2
https://www.reddit.com/r/netsec/comments/17sw87w/basic_command_and_control_c2_setup_with_mythic_c2/
Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers
https://thehackernews.com/2023/11/microsoft-warns-of-fake-skills.html
Geopolitical Cybercrime: LockBit attack on the ICBC
https://malware.news/t/geopolitical-cybercrime-lockbit-attack-on-the-icbc/75556#post_1
Malware Analysis of Pegasus Spyware
https://www.reddit.com/r/Malware/comments/17stpho/malware_analysis_of_pegasus_spyware/
Chinese APT Infrastructure Mimics Cloud Backup Services
https://malware.news/t/chinese-apt-infrastructure-mimics-cloud-backup-services/75554#post_1
Private UK health data donated for medical research shared with insurance companies
https://www.theguardian.com/technology/2023/nov/12/private-uk-health-data-donated-medical-research-shared-insurance-companies
The Power of Complex Binary Analysis
https://malware.news/t/the-power-of-complex-binary-analysis/75555#post_1
Maine says 1.3M people affected by data breach
https://www.reddit.com/r/Malware/comments/17t0rbd/maine_says_13m_people_affected_by_data_breach/
Can FM Radio Receivers Be Physically Tracked or Exploited? Can Devices in Airplane Mode Be Physically Tracked or Exploited?
https://www.reddit.com/r/Malware/comments/17t7bkz/can_fm_radio_receivers_be_physically_tracked_or/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Police seized BulletProftLink phishing-as-a-service (PhaaS) platform
The Royal Malaysian Police announced the seizure of the notorious BulletProftLink phishing-as-a-service (PhaaS) platform.
Top Security News for 13/11/2023
Major Phishing-as-a-Service Syndicate 'BulletProofLink' Dismantled by Malaysian Authorities
https://thehackernews.com/2023/11/major-phishing-as-service-syndicate.html
The Lorenz ransomware group hit Texas-based Cogdell Memorial Hospital
https://securityaffairs.com/154101/data-breach/the-lorenz-ransomware-group-hit-texas-based-cogdell-memorial-hospital.html
Security Affairs newsletter Round 445 by Pierluigi Paganini – INTERNATIONAL EDITION
https://securityaffairs.com/154056/breaking-news/security-affairs-newsletter-round-445-by-pierluigi-paganini-international-edition.html
GPTs & Assistants API - Code Interpreter Data Exfiltration
https://www.reddit.com/r/netsec/comments/17they7/gpts_assistants_api_code_interpreter_data/
ISC Stormcast For Monday, November 13th, 2023 https://isc.sans.edu/podcastdetail/8742, (Mon, Nov 13th)
https://malware.news/t/isc-stormcast-for-monday-november-13th-2023-https-isc-sans-edu-podcastdetail-8742-mon-nov-13th/75562#post_1
2023 Sep – Deep Web and Dark Web Threat Trend Report
https://malware.news/t/2023-sep-deep-web-and-dark-web-threat-trend-report/75561#post_1
A week in security (November 06 – November 12)
https://www.malwarebytes.com/blog/news/2023/11/a-week-in-security-november-06-november-12
Veterans Day Special.
https://thecyberwire.com/stories/fa745f711e5540a6969ae1be66b86152/veterans-day-special
New BiBi-Windows Wiper Targets Windows Systems in Pro-Hamas Attacks
https://thehackernews.com/2023/11/new-bibi-windows-wiper-targets-windows.html
ISC Stormcast For Monday, November 13th, 2023 https://isc.sans.edu/podcastdetail/8742, (Mon, Nov 13th)
https://isc.sans.edu/diary/rss/30394
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Major Phishing-as-a-Service Syndicate 'BulletProofLink' Dismantled by Malaysian Authorities
https://thehackernews.com/2023/11/major-phishing-as-service-syndicate.html
The Lorenz ransomware group hit Texas-based Cogdell Memorial Hospital
https://securityaffairs.com/154101/data-breach/the-lorenz-ransomware-group-hit-texas-based-cogdell-memorial-hospital.html
Security Affairs newsletter Round 445 by Pierluigi Paganini – INTERNATIONAL EDITION
https://securityaffairs.com/154056/breaking-news/security-affairs-newsletter-round-445-by-pierluigi-paganini-international-edition.html
GPTs & Assistants API - Code Interpreter Data Exfiltration
https://www.reddit.com/r/netsec/comments/17they7/gpts_assistants_api_code_interpreter_data/
ISC Stormcast For Monday, November 13th, 2023 https://isc.sans.edu/podcastdetail/8742, (Mon, Nov 13th)
https://malware.news/t/isc-stormcast-for-monday-november-13th-2023-https-isc-sans-edu-podcastdetail-8742-mon-nov-13th/75562#post_1
2023 Sep – Deep Web and Dark Web Threat Trend Report
https://malware.news/t/2023-sep-deep-web-and-dark-web-threat-trend-report/75561#post_1
A week in security (November 06 – November 12)
https://www.malwarebytes.com/blog/news/2023/11/a-week-in-security-november-06-november-12
Veterans Day Special.
https://thecyberwire.com/stories/fa745f711e5540a6969ae1be66b86152/veterans-day-special
New BiBi-Windows Wiper Targets Windows Systems in Pro-Hamas Attacks
https://thehackernews.com/2023/11/new-bibi-windows-wiper-targets-windows.html
ISC Stormcast For Monday, November 13th, 2023 https://isc.sans.edu/podcastdetail/8742, (Mon, Nov 13th)
https://isc.sans.edu/diary/rss/30394
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
The Lorenz ransomware group hit Texas-based Cogdell Memorial Hospital
The Lorenz extortion group leaked the data stolen from the Texas-based Cogdell Memorial Hospital.
Top Security News for 14/11/2023
Warhammer Fan Now In Charge of Overseeing Crumbling Remnant of Vast Empire
https://www.vice.com/en_us/article/93k8wy/warhammer-fan-now-in-charge-of-overseeing-crumbling-remnant-of-vast-empire
ISC Stormcast For Tuesday, November 14th, 2023 https://isc.sans.edu/podcastdetail/8744, (Tue, Nov 14th)
https://isc.sans.edu/diary/rss/30398
Ransomware and DDoS hit diverse sectors. The DDoS is a nuisance, the ransomware more serious.
https://thecyberwire.com/podcasts/daily-podcast/1946/notes
CISA Sets a Deadline - Patch Juniper Junos OS Flaws Before November 17
https://thehackernews.com/2023/11/cisa-sets-deadline-patch-juniper-junos.html
ISC StormCast for Tuesday, November 14th, 2023
https://isc.sans.edu/podcastdetail/8744
Ghidra reverse engineering malware filled with empty space.
https://www.reddit.com/r/Malware/comments/17upd9l/ghidra_reverse_engineering_malware_filled_with/
Ukraine at D+267: Infantry assaults and shifting narratives.
https://thecyberwire.com/stories/0e18135cff5e4a0ea2ba9051bdc9f9ab/ukraine-at-d267
SolarWinds Fallout: Why CISOs need proof of resilience to avoid fines – or worse
https://malware.news/t/solarwinds-fallout-why-cisos-need-proof-of-resilience-to-avoid-fines-or-worse/75618#post_1
National Cyber Security Center has detected influence operations exploiting China’s “disguised…
https://malware.news/t/national-cyber-security-center-has-detected-influence-operations-exploiting-china-s-disguised/75617#post_1
A variety of threats to critical infrastructure.
https://thecyberwire.com/newsletters/daily-briefing/12/216
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Warhammer Fan Now In Charge of Overseeing Crumbling Remnant of Vast Empire
https://www.vice.com/en_us/article/93k8wy/warhammer-fan-now-in-charge-of-overseeing-crumbling-remnant-of-vast-empire
ISC Stormcast For Tuesday, November 14th, 2023 https://isc.sans.edu/podcastdetail/8744, (Tue, Nov 14th)
https://isc.sans.edu/diary/rss/30398
Ransomware and DDoS hit diverse sectors. The DDoS is a nuisance, the ransomware more serious.
https://thecyberwire.com/podcasts/daily-podcast/1946/notes
CISA Sets a Deadline - Patch Juniper Junos OS Flaws Before November 17
https://thehackernews.com/2023/11/cisa-sets-deadline-patch-juniper-junos.html
ISC StormCast for Tuesday, November 14th, 2023
https://isc.sans.edu/podcastdetail/8744
Ghidra reverse engineering malware filled with empty space.
https://www.reddit.com/r/Malware/comments/17upd9l/ghidra_reverse_engineering_malware_filled_with/
Ukraine at D+267: Infantry assaults and shifting narratives.
https://thecyberwire.com/stories/0e18135cff5e4a0ea2ba9051bdc9f9ab/ukraine-at-d267
SolarWinds Fallout: Why CISOs need proof of resilience to avoid fines – or worse
https://malware.news/t/solarwinds-fallout-why-cisos-need-proof-of-resilience-to-avoid-fines-or-worse/75618#post_1
National Cyber Security Center has detected influence operations exploiting China’s “disguised…
https://malware.news/t/national-cyber-security-center-has-detected-influence-operations-exploiting-china-s-disguised/75617#post_1
A variety of threats to critical infrastructure.
https://thecyberwire.com/newsletters/daily-briefing/12/216
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Vice
Warhammer Fan Now In Charge of Overseeing Crumbling Remnant of Vast Empire
James Cleverly, Britain’s new Home Secretary, is a big fan of the franchise that depicts a fascist humanity serving a zombie Emperor.