Top Security News for 14/06/2022

Using WiFi connection probe requests to track users
https://securityaffairs.co/wordpress/132193/mobile-2/wifi-probe-requests-track-users.html

ASEC Weekly Malware Statistics (May 30th, 2022 – June 5th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-may-30th-2022-june-5th-2022/60950/1

A new RAT from Beijing. Muslim hacktivism in India. Ukraine reports a GRU spam campaign against media outlets. A Moscow court fines Wikimedia. And that UK cyber disaster was just a promo.
https://thecyberwire.com/podcasts/daily-podcast/1598/notes

Say goodbye to browser ads and malware with this $30 tool
https://malware.news/t/say-goodbye-to-browser-ads-and-malware-with-this-30-tool/60948/1

Taking down the IP2Scam tech support campaign
https://blog.malwarebytes.com/threat-intelligence/2022/06/taking-down-the-ip2scam-tech-support-campaign/

9 ways hackers will use machine learning to launch attacks
https://www.csoonline.com/article/3250144/6-ways-hackers-will-use-machine-learning-to-launch-attacks.html#tk.rss_all

ISC Stormcast For Tuesday, June 14th, 2022 https://isc.sans.edu/podcastdetail.html?id=8048, (Tue, Jun 14th)
https://isc.sans.edu/diary/rss/28740

The many lives of BlackCat ransomware
https://www.reddit.com/r/netsec/comments/vbgh61/the_many_lives_of_blackcat_ransomware/

Researchers Disclose Rooting Backdoor in Mitel IP Phones for Businesses
https://thehackernews.com/2022/06/researchers-disclose-rooting-backdoor.html

Experts spotted Syslogk, a Linux rootkit under development
https://securityaffairs.co/wordpress/132232/malware/syslogk-linux-rootkit.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 15/06/2022

Oblivious HTTP
https://www.reddit.com/r/netsec/comments/vc9bt7/oblivious_http/

Securing the World Cup. Australia's security regulator cautions boards on cybersecurity. CISA sends FEITs to help Federal network security.
https://thecyberwire.com/newsletters/policy-briefing/4/114

Introducing Malwarebytes Vulnerability Assessment for OneView: How to check for Common Vulnerabilities and Exposures (CVEs)
https://blog.malwarebytes.com/malwarebytes-news/2022/06/introducing-malwarebytes-vulnerability-assessment-for-oneview-how-to-check-for-common-vulnerabilities-and-exposures-cves/

TPM Sniffing Attacks Against Non-Bitlocker Targets
https://www.reddit.com/r/netsec/comments/vciv14/tpm_sniffing_attacks_against_nonbitlocker_targets/

Instagram scam steals your selfies to trick your friends
https://blog.malwarebytes.com/personal/scams-personal/2022/06/instagram-scam-steals-your-selfies-to-trick-your-friends/

Karakurt extortion group: Threat profile
https://blog.malwarebytes.com/cybercrime/2022/06/karakurt-extortion-group-threat-profile/

Zimbra Email - Stealing Clear-Text Credentials via Memcache injection
https://www.reddit.com/r/netsec/comments/vc77h9/zimbra_email_stealing_cleartext_credentials_via/

Unpatched Travis CI API Bug Exposes Thousands of Secret User Access Tokens
https://thehackernews.com/2022/06/unpatched-travis-ci-api-bug-exposes.html

“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/06/multiple-adversaries-exploiting-confluence-vulnerability-warns-microsoft/

Stealthy Linux malware. Aoqin Dragon targets Southeast Asia and Australia. Iranian spearphishing campaign. BlackCat RaaS described.
https://thecyberwire.com/podcasts/research-briefing/121/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 16/06/2022

For one software maker, an SBOM adds value to the product
https://www.csoonline.com/article/3663468/for-one-software-maker-an-sbom-adds-value-to-the-product.html#tk.rss_all

Email platform bug allows for theft of clear-text credentials. Update on the Kaiser Permanente breach. Arizona hospital suffers ransomware attack.
https://thecyberwire.com/newsletters/privacy-briefing/4/115

Hertzbleed - a new family of side-channel attacks
https://www.reddit.com/r/lowlevel/comments/vcf9ua/hertzbleed_a_new_family_of_sidechannel_attacks/

Email compromise leads to healthcare data breach at Kaiser Permanente
https://blog.malwarebytes.com/cybercrime/2022/06/email-compromise-leads-to-healthcare-data-breach-at-kaiser-permanente/

ISC Stormcast For Thursday, June 16th, 2022 https://isc.sans.edu/podcastdetail.html?id=8052, (Thu, Jun 16th)
https://isc.sans.edu/diary/rss/28750

Let’s give a look at the Dark Web Price Index 2022
https://securityaffairs.co/wordpress/132256/deep-web/dark-web-index-2022.html

Email platform bug allows for theft of clear-text credentials. Update on the Kaiser Permanente breach. Arizona hospital suffers ransomware attack.
https://thecyberwire.com/podcasts/privacy-briefing/605/notes

Sophos uncovers how APT groups carried out highly targeted attack
https://malware.news/t/sophos-uncovers-how-apt-groups-carried-out-highly-targeted-attack/61029/1

Update now!  Microsoft patches Follina, and many other security updates
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/06/update-now-microsoft-patches-follina-and-many-other-security-updates/

Quick Malware Analysis: TA578 Thread-hijacked email, Bumblebee, and Cobalt Strike pcap from 2022-06-14
https://www.reddit.com/r/netsec/comments/vcvay2/quick_malware_analysis_ta578_threadhijacked_email/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 17/06/2022

ISC Stormcast For Friday, June 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8054, (Fri, Jun 17th)
https://malware.news/t/isc-stormcast-for-friday-june-17th-2022-https-isc-sans-edu-podcastdetail-html-id-8054-fri-jun-17th/61068/1

The Android kernel mitigations obstacle race
https://www.reddit.com/r/netsec/comments/vdprqx/the_android_kernel_mitigations_obstacle_race/

How to see the impact installing BApps might have on Burp Suite
https://portswigger.net/blog/how-to-see-the-impact-installing-bapps-might-have-on-burp-suite

Shadow Credentials - Red Teaming Experiments
https://www.reddit.com/r/netsec/comments/vdj28x/shadow_credentials_red_teaming_experiments/

This just in: there are more than 24 billion usernames. US healthcare data breach round-up.
https://thecyberwire.com/newsletters/privacy-briefing/4/116

Interpol scores against BEC, online fraud, and money laundering. Developments in C2C markets. Versioning vulnerability. Cyber war and cyber escalation.
https://thecyberwire.com/podcasts/daily-podcast/1601/notes

fast and furious OSCP monkeys doing weird things - learn how to exploit validate suid
https://www.reddit.com/r/netsec/comments/vd9l3v/fast_and_furious_oscp_monkeys_doing_weird_things/

VED (Vault Exploit Defense): Open source implementation
https://www.reddit.com/r/netsec/comments/vdm134/ved_vault_exploit_defense_open_source/

Photos of kids taken from spyware-ridden phones found exposed on the internet
https://blog.malwarebytes.com/stalkerware/2022/06/photos-of-kids-taken-from-spyware-ridden-phones-found-exposed-on-the-internet/

Think that a Ransomware cannot target your OneDrive and Sharepoint environments? Think again!
https://www.reddit.com/r/netsec/comments/vdjaju/think_that_a_ransomware_cannot_target_your/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 18/06/2022

Big tech platforms sign up to the EU Commission’s new Code of Practice on Disinformation
https://www.computerworld.com/article/3664135/big-tech-platforms-sign-up-to-the-eu-commission-s-new-code-of-practice-on-disinformation.html#tk.rss_all

Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity
https://thehackernews.com/2022/06/chinese-hackers-exploited-sophos.html

Researchers Uncover 'Hermit' Android Spyware Used in Kazakhstan, Syria, and Italy
https://thehackernews.com/2022/06/researchers-uncover-hermit-android.html

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company
https://securityaffairs.co/wordpress/132363/malware/hermit-spyware-italian-surveillance-firm.html

Analysing RTF files from SideWinder APT
https://www.reddit.com/r/netsec/comments/vdt1ia/analysing_rtf_files_from_sidewinder_apt/

Credit Rating Agency: New EU Laws Will Improve Firms’ Cyber Resilience Globally
https://malware.news/t/credit-rating-agency-new-eu-laws-will-improve-firms-cyber-resilience-globally/61091/1

BrandPost: Is Stopping a Ransomware Attack More Important than Preventing One?
https://www.csoonline.com/article/3664071/is-stopping-a-ransomware-attack-more-important-than-preventing-one.html#tk.rss_all

15 vulnerabilities discovered in Siemens industrial control management system
https://malware.news/t/15-vulnerabilities-discovered-in-siemens-industrial-control-management-system/61089/1

Chinese APT deploys new cyberespionage tool. Hacktivism roils India after politician's remarks about the Prophet. Ukraine reports a "massive" spam campaign against the country's media organizations.
https://thecyberwire.com/newsletters/week-that-was/6/24

DOJ: Russian RSOCKS botnet disrupted in international operation
https://malware.news/t/doj-russian-rsocks-botnet-disrupted-in-international-operation/61088/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 19/06/2022

learn ethical hacking and bug bounty with free resources and with proper Guidance...
https://www.reddit.com/r/netsec/comments/vf5lmz/learn_ethical_hacking_and_bug_bounty_with_free/

US DoJ announced to have shut down the Russian RSOCKS Botnet
https://securityaffairs.co/wordpress/132403/cyber-crime/police-dismantled-rsocks-bitnet.html

Tinder Swindlers: How scammers steal your heart, then your money
https://malware.news/t/tinder-swindlers-how-scammers-steal-your-heart-then-your-money/61096/1

k C# over C++ for malware dev
https://www.reddit.com/r/Malware/comments/vfkcx6/k_c_over_c_for_malware_dev/

suspicious e-mail
https://www.bleepingcomputer.com/forums/t/773501/suspicious-e-mail/

Dangerous Repository of DoS, Red Teaming TTPs, and ICS Exploits
https://www.reddit.com/r/netsec/comments/vf7xsn/dangerous_repository_of_dos_red_teaming_ttps_and/

Lauren Van Wazer: You have to be your own North Star. [CISSP]
https://thecyberwire.com/podcasts/career-notes/105/notes

New Tool: sortcanon.py
https://malware.news/t/new-tool-sortcanon-py/61097/1

I have created a burp suite extension which allows pentester to keep track of each APIs, write test cases for individual APIs. Lastly the extension allows to map the vulnerable apis to the list of vulnerabilities using a custom checklist.
https://www.reddit.com/r/netsec/comments/vf365f/i_have_created_a_burp_suite_extension_which/

Scheduled Scaling Up & Down Of EC2 Server
https://www.reddit.com/r/netsec/comments/vf47te/scheduled_scaling_up_down_of_ec2_server/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 20/06/2022

Experts warn of a new eCh0raix ransomware campaign targeting QNAP NAS
https://securityaffairs.co/wordpress/132410/cyber-crime/ech0raix-ransomware-attacks.html

Weekly News Roundup — June 12 to June 18
https://malware.news/t/weekly-news-roundup-june-12-to-june-18/61100/1

Wireshark 3.6.6 Released, (Sun, Jun 19th)
https://isc.sans.edu/diary/rss/28756

ISC Stormcast For Monday, June 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8056, (Mon, Jun 20th)
https://malware.news/t/isc-stormcast-for-monday-june-20th-2022-https-isc-sans-edu-podcastdetail-html-id-8056-mon-jun-20th/61101/1

Video: Decoding Obfuscated BASE64 Statistically, (Sun, Jun 19th)
https://isc.sans.edu/diary/rss/28762

Video: Decoding Obfuscated BASE64 Statistically, (Sun, Jun 19th)
https://malware.news/t/video-decoding-obfuscated-base64-statistically-sun-jun-19th/61099/1

New blog - NMAP and CME 101 stuff
https://www.reddit.com/r/netsec/comments/vft533/new_blog_nmap_and_cme_101_stuff/

Securing the software supply chain, with Kim Lewandowski: Lock and Code S03E13
https://blog.malwarebytes.com/podcast/2022/06/securing-the-software-supply-chain-with-kim-lewandowski-lock-and-code-s03e13/

Wireshark 3.6.6 Released, (Sun, Jun 19th)
https://malware.news/t/wireshark-3-6-6-released-sun-jun-19th/61098/1

Securing the software supply chain, with Kim Lewandowski: Lock and Code S03E13
https://malware.news/t/securing-the-software-supply-chain-with-kim-lewandowski-lock-and-code-s03e13/61102/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 21/06/2022

A detailed analysis on multi-function printer vulnerability. The reason why personal informations are on internet.
https://www.reddit.com/r/Malware/comments/vh1w7l/a_detailed_analysis_on_multifunction_printer/

Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited in the Wild
https://thehackernews.com/2022/06/google-researchers-detail-5-year-old.html

‘Unpacking’ technical attribution and challenges for ensuring stability in cyberspace
https://securelist.com/unpacking-technical-attribution/106791/

Finding client-side prototype pollution with DOM Invader
https://portswigger.net/blog/finding-client-side-prototype-pollution-with-dom-invader

DDoS-for-hire service provider jailed
https://blog.malwarebytes.com/cybercrime/2022/06/ddos-for-hire-service-provider-jailed/

Who Is Legally Responsible for a Cyber Incident?
https://securityintelligence.com/articles/who-is-legally-responsible-cyber-incident/

Announcing the new Trail of Bits podcast
https://malware.news/t/announcing-the-new-trail-of-bits-podcast/61129/1

Hacking into the worldwide Jacuzzi SmartTub network
https://www.reddit.com/r/netsec/comments/vgsr81/hacking_into_the_worldwide_jacuzzi_smarttub/

Cybercriminals Use Azure Front Door in Phishing Attacks
https://securityaffairs.co/wordpress/132458/cyber-crime/azure-front-door-phishing.html

ISC Stormcast For Tuesday, June 21st, 2022 https://isc.sans.edu/podcastdetail.html?id=8058, (Tue, Jun 21st)
https://isc.sans.edu/diary/rss/28768


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 22/06/2022

Mitigate Ransomware in a Remote-First World
https://thehackernews.com/2022/06/mitigate-ransomware-in-remote-first.html

Looking to develop virus removal skills
https://www.bleepingcomputer.com/forums/t/773612/looking-to-develop-virus-removal-skills/

ISC Stormcast For Wednesday, June 22nd, 2022 https://isc.sans.edu/podcastdetail.html?id=8060, (Wed, Jun 22nd)
https://isc.sans.edu/diary/rss/28774

BrandPost: The 3 Requirements of a Multi-Cloud IT Infrastructure
https://www.csoonline.com/article/3664419/the-3-requirements-of-a-multi-cloud-it-infrastructure.html#tk.rss_all

Researcher Hacks Into Backend for Network of Smart Jacuzzis
https://www.vice.com/en_us/article/88q9b5/researcher-hacks-into-backend-for-network-of-smart-jacuzzis

RIG Exploit Kit Now Infects Victims' PCs With Dridex Instead of Raccoon Stealer
https://thehackernews.com/2022/06/rig-exploit-kit-now-infects-victims-pcs.html

Security vulnerabilities: 5 times that organizations got hacked
https://blog.malwarebytes.com/business-2/2022/06/security-vulnerabilities-5-times-that-organizations-got-hacked/

CISA Plans to Hire Chief People Officer to Boost Cyber Workforce
https://malware.news/t/cisa-plans-to-hire-chief-people-officer-to-boost-cyber-workforce/61175/1

Cato Networks offers new capability for network-based ransomware protection
https://www.csoonline.com/article/3664121/cato-networks-offers-new-capability-for-network-based-ransomware-protection.html#tk.rss_all

Container escapes: Detecting abuses of Linux capabilities with Falco + Intro to CAP_SYS_ADMIN
https://www.reddit.com/r/netsec/comments/vhghx5/container_escapes_detecting_abuses_of_linux/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 23/06/2022

Critical PHP Vulnerability Exposes QNAP NAS Devices to Remote Attacks
https://thehackernews.com/2022/06/critical-php-vulnerability-exposes-qnap.html

DigiCert acquires DNS Made Easy and affiliated brands. Air Force Research Laboratory awards $950 million contract to five small businesses. SentinelOne opens office in India.
https://thecyberwire.com/newsletters/business-briefing/4/25

7-Zip gets Mark of the Web feature, increases protection for users
https://blog.malwarebytes.com/privacy-2/2022/06/7-zip-gets-mark-of-the-web-feature-increases-protection-for-users/

CISA experts propose ‘311’ cybersecurity emergency call line for small businesses
https://malware.news/t/cisa-experts-propose-311-cybersecurity-emergency-call-line-for-small-businesses/61209/1

[SANS ISC] Malicious PowerShell Targeting Cryptocurrency Browser Extensions
https://blog.rootshell.be/2022/06/22/sans-isc-malicious-powershell-targeting-cryptocurrency-browser-extensions/

House appropriators approve Pentagon’s $11.2 billion ask for cyber
https://malware.news/t/house-appropriators-approve-pentagon-s-11-2-billion-ask-for-cyber/61208/1

Dozens of insecure-by-design flaws found in OT products
https://www.csoonline.com/article/3664848/dozens-of-insecure-by-design-flaws-found-in-ot-products.html#tk.rss_all

US, UK, New Zealand argue against disabling PowerShell
https://malware.news/t/us-uk-new-zealand-argue-against-disabling-powershell/61207/1

2022-06-21 - aa distribution Qakbot with DarkVNC and Cobalt Strike
https://malware.news/t/2022-06-21-aa-distribution-qakbot-with-darkvnc-and-cobalt-strike/61210/1

Russian Hackers Exploiting Microsoft Follina Vulnerability Against Ukraine
https://thehackernews.com/2022/06/russian-hackers-exploiting-microsoft.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 25/06/2022

Auto Transport Companies, Best Car Shipping Company, Chicago car transport
https://www.bleepingcomputer.com/forums/t/773817/auto-transport-companies-best-car-shipping-company-chicago-car-transport/

Cybersecurity agencies: You don’t have to delete PowerShell to secure it
https://blog.malwarebytes.com/security-world/2022/06/cybersecurity-agencies-you-dont-have-to-delete-powershell-to-secure-it/

Hermit warning. Ransomware as misdirection. Cyber phases of a hybrid war. CISA's tabletop exercises. ICS advisories.
https://thecyberwire.com/newsletters/daily-briefing/11/121

American Data Privacy and Protection Act. US President signs three cybersecurity bills. US senator tasks Cybercom with election security reporting. US Navy sets its sights on cybersecurity.
https://thecyberwire.com/newsletters/policy-briefing/4/121

Ransomware groups targeting Mitel VoIP zero-day
https://malware.news/t/ransomware-groups-targeting-mitel-voip-zero-day/61274/1

Beijing-Backed Attackers Use Ransomware As Decoy While They Conduct Espionage
https://packetstormsecurity.com/news/view/33576/Beijing-Backed-Attackers-Use-Ransomware-As-Decoy-While-They-Conduct-Espionage.html

Decompile Malware EXE
https://www.bleepingcomputer.com/forums/t/773792/decompile-malware-exe/

Mitek launches MiVIP platform to fight identity theft
https://www.csoonline.com/article/3665133/mitek-launches-mivip-platform-to-fight-identity-theft.html#tk.rss_all

Google Warns Spyware Being Deployed Against Android, iOS
https://packetstormsecurity.com/news/view/33575/Google-Warns-Spyware-Being-Deployed-Against-Android-iOS.html

Hacker selling access to 50 vulnerable networks through Atlassian vulnerability
https://malware.news/t/hacker-selling-access-to-50-vulnerable-networks-through-atlassian-vulnerability/61275/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 26/06/2022

Duoli̇ngo plus apk
https://0x00sec.org/t/duoli-ngo-plus-apk/29933

Learn NIST Inside Out With 21 Hours of Training @ 86% OFF
https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html

5 ways to avoid being catfished
https://blog.malwarebytes.com/personal/2022/06/5-ways-to-avoid-being-catfished/

Setting up Whonix Gateway in VMWare Workstation
https://malware.news/t/setting-up-whonix-gateway-in-vmware-workstation/61279/1

Oracle spent 6 months to fix ‘Mega’ flaws in the Fusion Middleware
https://securityaffairs.co/wordpress/132603/breaking-news/oracle-mega-flaw-cve-202221445.html

Malicious Code Passed to PowerShell via the Clipboard, (Sat, Jun 25th)
https://malware.news/t/malicious-code-passed-to-powershell-via-the-clipboard-sat-jun-25th/61280/1

Cyberattack suspected of causing rocket-attack false alarms in Israel. Risk surface assessments. Fitness app's geolocation feature may be a privacy and security risk.
https://thecyberwire.com/newsletters/week-that-was/6/25

Rules of Thumb War 101- ism's+hacks+cheets, cheats
https://www.bleepingcomputer.com/forums/t/773838/rules-of-thumb-war-101-ismshackscheets-cheats/

Apple Pegasus ransomware attack is giving people the option to freely remove their data from the leak
https://www.reddit.com/r/Malware/comments/vkiox1/apple_pegasus_ransomware_attack_is_giving_people/

Basic WebAssembly buffer overflow exploitation
https://www.reddit.com/r/netsec/comments/vkn5mn/basic_webassembly_buffer_overflow_exploitation/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 27/06/2022

ISC StormCast for Monday, June 27th, 2022
https://isc.sans.edu/podcastdetail.html?id=8064

My Paste Command, (Sun, Jun 26th)
https://isc.sans.edu/diary/rss/28786

What’s happening in Ukraine on the Internet? – Data from Shodan Trends
https://malware.news/t/what-s-happening-in-ukraine-on-the-internet-data-from-shodan-trends/61289/1

ISC Stormcast For Monday, June 27th, 2022 https://isc.sans.edu/podcastdetail.html?id=8064, (Mon, Jun 27th)
https://malware.news/t/isc-stormcast-for-monday-june-27th-2022-https-isc-sans-edu-podcastdetail-html-id-8064-mon-jun-27th/61288/1

ISC Stormcast For Monday, June 27th, 2022 https://isc.sans.edu/podcastdetail.html?id=8064, (Mon, Jun 27th)
https://isc.sans.edu/diary/rss/28790

Quickpost: Cracking PDF Owner Passwords
https://malware.news/t/quickpost-cracking-pdf-owner-passwords/61287/1

China-linked APT Bronze Starlight deploys ransomware as a smokescreen
https://securityaffairs.co/wordpress/132624/apt/bronze-starlight-deploy-ransomware.html

CxO professional development.
https://thecyberwire.com/podcasts/cso-perspectives-public/50/notes

linx - Reveals invisible links within JavaScript files
https://www.reddit.com/r/netsec/comments/vlgei9/linx_reveals_invisible_links_within_javascript/

More Decoding Analysis, (Sun, Jun 26th)
https://malware.news/t/more-decoding-analysis-sun-jun-26th/61283/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 28/06/2022

What Are Shadow IDs, and How Are They Crucial in 2022?
https://thehackernews.com/2022/06/what-are-shadow-ids-and-how-are-they.html

‘Valorant’ Will Use Your Voice to Train AI to Detect ‘Disruptive Behavior’
https://www.vice.com/en_us/article/epzdxa/valorant-will-use-your-voice-to-train-ai-to-detect-disruptive-behavior

Conti retires its brand, and LockBit 2.0 is now #1 in ransomware. Ransomware often skips encryption. Notes from Russia's hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/122

The 7 common traits among highly-successful cybercriminals: Part II
https://malware.news/t/the-7-common-traits-among-highly-successful-cybercriminals-part-ii/61326/1

Italy Data Protection Authority Warns Websites Against Use of Google Analytics
https://thehackernews.com/2022/06/italy-data-protection-authority-warns.html

ASEC Weekly Malware Statistics (June 13th, 2022 – June 19th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-june-13th-2022-june-19th-2022/61324/1

ISC StormCast for Tuesday, June 28th, 2022
https://isc.sans.edu/podcastdetail.html?id=8066

Security startup Cerby debuts with platform to manage shadow IT
https://www.csoonline.com/article/3664856/security-startup-cerby-debuts-with-platform-to-manage-shadow-it.html#tk.rss_all

Congress Wants to Spend $45 Million on Nukes the Navy Said it Doesn’t Need
https://www.vice.com/en_us/article/akedz4/congress-wants-to-spend-dollar45-million-on-nukes-the-navy-said-it-doesnt-need

South Korea to take part in US cyber drill exercise. US states establish cybersecurity task forces. White House focuses on cybersecurity. US senators seek answers on TikTok security review.
https://thecyberwire.com/newsletters/policy-briefing/4/122


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 29/06/2022

Zimbra unauthenticated RCE via unrar path traversal (CVE-2022-30333)
https://www.reddit.com/r/netsec/comments/vmy6ut/zimbra_unauthenticated_rce_via_unrar_path/

2022-06-27 - TA578 IcedID (Bokbot) with DarkVNC and Cobalt Strike
https://malware.news/t/2022-06-27-ta578-icedid-bokbot-with-darkvnc-and-cobalt-strike/61361/1

LockBit 3.0 introduces important novelties, including a bug bounty program
https://securityaffairs.co/wordpress/132701/cyber-crime/lockbit-3-0.html

Intune hacking: when is a "wipe" not a wipe
https://www.reddit.com/r/netsec/comments/vmhsfj/intune_hacking_when_is_a_wipe_not_a_wipe/

ASEC Weekly Malware Statistics (June 20th, 2022 – June 26th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-june-20th-2022-june-26th-2022/61369/1

[Control Systems] Motorola Solutions security advisory (AV22-356)
https://malware.news/t/control-systems-motorola-solutions-security-advisory-av22-356/61365/1

How to Evade Windows Defender and Commercial AV with Msfvenom Payloads
https://www.reddit.com/r/netsec/comments/vn4uo2/how_to_evade_windows_defender_and_commercial_av/

[Control Systems] Omron security advisory (AV22-358)
https://malware.news/t/control-systems-omron-security-advisory-av22-358/61363/1

Chinese threat actor uses ransomware as a distraction. Scalpers sell appointments for Israeli government services. Lyceum uses drone-themed phishbait. The Bumblebee loader's growing importance in C2C markets.
https://thecyberwire.com/podcasts/research-briefing/123/notes

APT Hackers Targeting Industrial Control Systems with ShadowPad Backdoor
https://thehackernews.com/2022/06/apt-hackers-targeting-industrial.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 30/06/2022

Can't block tiktok on windows 10 pc
https://www.bleepingcomputer.com/forums/t/774000/cant-block-tiktok-on-windows-10-pc/

How and why threat actors target Microsoft Active Directory
https://www.csoonline.com/article/3665051/how-and-why-threat-actors-target-microsoft-active-directory.html#tk.rss_all

What3Words
https://www.bleepingcomputer.com/forums/t/774017/what3words/

ISC Stormcast For Thursday, June 30th, 2022 https://isc.sans.edu/podcastdetail.html?id=8070, (Thu, Jun 30th)
https://malware.news/t/isc-stormcast-for-thursday-june-30th-2022-https-isc-sans-edu-podcastdetail-html-id-8070-thu-jun-30th/61405/1

Canadian Admits To Hacking Spree With Russian Cyber-Gang
https://packetstormsecurity.com/news/view/33588/Canadian-Admits-To-Hacking-Spree-With-Russian-Cyber-Gang.html

Unpacking encrypted router firmware
https://0x00sec.org/t/unpacking-encrypted-router-firmware/29996

Exploiting Intel Graphics Kernel Extensions on macOS to Escape the Safari Sandbox
https://www.reddit.com/r/netsec/comments/vnivsw/exploiting_intel_graphics_kernel_extensions_on/

YTStealer info-stealing malware targets YouTube content creators
https://securityaffairs.co/wordpress/132743/malware/ytstealer-malware-dark-web.html

CVE-2022-28219: Unauthenticated XXE to RCE and Domain Compromise in ManageEngine ADAudit Plus
https://www.reddit.com/r/netsec/comments/vnftlm/cve202228219_unauthenticated_xxe_to_rce_and/

Bumblebee Fast Becoming Favorite For Ransomware Gangs
https://packetstormsecurity.com/news/view/33590/Bumblebee-Fast-Becoming-Favorite-For-Ransomware-Gangs.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 01/07/2022

US TSA issues relaxed pipeline cybersecurity directives. A new approach to the development of international cyber norms. CISA issues guidance on migrating to Modern auth in Microsoft Exchange Online.
https://thecyberwire.com/newsletters/policy-briefing/4/125

Key takeaways from CSA’s SaaS Governance Best Practices guide
https://www.csoonline.com/article/3664935/key-takeaways-from-csa-s-saas-governance-best-practices-guide.html#tk.rss_all

C2C market differentiation and commodification. Hacktivists tied to Russia's government. New cyber phases of a hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/125

Ex-Canadian Government Employee Pleads Guilty Over NetWalker Ransomware Attacks
https://thehackernews.com/2022/06/ex-canadian-government-employee-pleads.html

Microsoft Warns of Cryptomining Malware Campaign Targeting Linux Servers
https://thehackernews.com/2022/06/microsoft-warns-of-cryptomining-malware.html

North Korean Hackers Suspected to be Behind $100M Horizon Bridge Hack
https://thehackernews.com/2022/06/north-korean-hackers-suspected-to-be.html

Influence ops for economic advantage. Targeting think tanks. Russia dismisses its missile strike on a shopping mall as a Ukrainian provocation. Leaving Snake Island.
https://thecyberwire.com/newsletters/disinformation-briefing/4/26

Weaponizing and Abusing Hidden Functionalities Contained in Office Document Properties
https://www.reddit.com/r/netsec/comments/voetlt/weaponizing_and_abusing_hidden_functionalities/

Case of Attack Exploiting AnyDesk Remote Tool (Cobalt Strike and Meterpreter)
https://malware.news/t/case-of-attack-exploiting-anydesk-remote-tool-cobalt-strike-and-meterpreter/61456/1

Pro-Russian hackers launched a massive DDoS attack against Norway
https://securityaffairs.co/wordpress/132765/hacking/legion-ddos-norway.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 02/07/2022

RanSim: a ransomware simulation script written in PowerShell. Useful for testing your defenses and backups in a controlled simulation. The same script is used for encryption and decryption.
https://www.reddit.com/r/netsec/comments/voii89/ransim_a_ransomware_simulation_script_written_in/

Are reverse search warrants a violation of privacy? NFT marketplace involved in massive user data breach. Renter, beware. CISA on MedusaLocker ransomware.
https://thecyberwire.com/podcasts/privacy-briefing/617/notes

CISA Alert AA22-181A – #StopRansomware: MedusaLocker.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/23/notes

Dining table set George
https://www.bleepingcomputer.com/forums/t/774072/dining-table-set-george/

DPRK hacking for profit. MedusaLocker warning. C2C market notes. Cyber conflict in the Middle East and in Russia's war.
https://thecyberwire.com/newsletters/daily-briefing/11/126

It’s Been Zero Days Since BIND9 Crashed
https://www.reddit.com/r/netsec/comments/voxiu2/its_been_zero_days_since_bind9_crashed/

Microsoft Warns About Evolving Capabilities of Toll Fraud Android Malware Apps
https://thehackernews.com/2022/07/microsoft-warns-about-evolving.html

Google Improves Its Password Manager to Boost Security Across All Platforms
https://thehackernews.com/2022/07/google-improves-its-password-manager-to.html

CVE-2022-28219 Detection: Critical RCE Vulnerability in Zoho ManageEngine ADAudit Plus
https://www.reddit.com/r/Malware/comments/vp20nc/cve202228219_detection_critical_rce_vulnerability/

Java Serialisation - the gift that keeps on taking (Part 3)
https://malware.news/t/java-serialisation-the-gift-that-keeps-on-taking-part-3/61475/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 04/07/2022

Malware keeps opening and closing Google Chrome
https://www.reddit.com/r/Malware/comments/vqwtnw/malware_keeps_opening_and_closing_google_chrome/

DS620slim tiny home server
https://malware.news/t/ds620slim-tiny-home-server/61479/1

Half of actively exploited zero-day issues in H1 2022 are variants of previous flaws
https://securityaffairs.co/wordpress/132813/security/h1-2022-zero-day-variants-previous-flaws.html

Microsoft: Raspberry Robin worm already infected hundreds of networks
https://securityaffairs.co/wordpress/132826/malware/microsoft-raspberry-robin-spreading.html

HackerOne Employee Caught Stealing Vulnerability Reports for Personal Gains
https://thehackernews.com/2022/07/hackerone-employee-caught-stealing.html

7-Zip & MoW, (Sun, Jul 3rd)
https://isc.sans.edu/diary/rss/28810

Tens of Jenkins plugins are affected by zero-day vulnerabilities
https://securityaffairs.co/wordpress/132836/security/jenkins-plugins-zero-day-flaws.html

Enterprise encryption and cybersecurity first principles, with Rick Howard.
https://thecyberwire.com/podcasts/cso-perspectives-public/51/notes

Over 900k Kubernetes Clusters Were Found Exposed Online
https://www.reddit.com/r/netsec/comments/vqd9ya/over_900k_kubernetes_clusters_were_found_exposed/

Bypassing Firefox's HTML Sanitizer API
https://www.reddit.com/r/netsec/comments/vqo7xq/bypassing_firefoxs_html_sanitizer_api/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 05/07/2022

Unfaithful HackerOne employee steals bug reports to claim additional bounties
https://securityaffairs.co/wordpress/132846/cyber-crime/hackerone-incident.html

Google fixes the fourth Chrome zero-day in 2022
https://securityaffairs.co/wordpress/132863/hacking/4th-chrome-zero-day.html

ISC Stormcast For Tuesday, July 5th, 2022 https://isc.sans.edu/podcastdetail.html?id=8074, (Tue, Jul 5th)
https://malware.news/t/isc-stormcast-for-tuesday-july-5th-2022-https-isc-sans-edu-podcastdetail-html-id-8074-tue-jul-5th/61501/1

When good-faith hacking gets people arrested, with Harley Geiger: Lock and Code S03E14
https://blog.malwarebytes.com/podcast/2022/07/when-good-faith-hacking-gets-people-arrested-with-harley-geiger-lock-and-code-s03e14/

HackerOne insider fired for trying to claim other people’s bounties
https://malware.news/t/hackerone-insider-fired-for-trying-to-claim-other-people-s-bounties/61499/1

Insider Threat: Employees indicted for stealing $88 million of license keys
https://blog.malwarebytes.com/cybercrime/2022/07/insider-threat-employees-indicted-for-stealing-88-million-of-license-keys/

From Misconfigured Certificate Template to Windows Domain Admin
https://www.reddit.com/r/netsec/comments/vrgs55/from_misconfigured_certificate_template_to/

Ukrainian Authorities Arrested Phishing Gang That Stole 100 Million UAH
https://thehackernews.com/2022/07/ukrainian-authorities-arrested-phishing.html

Data of a billion Chinese residents available for sale on the dark web
https://securityaffairs.co/wordpress/132860/data-breach/chinese-residents-data-dark-web.html

Threat Report Portugal: Q2 2022
https://securityaffairs.co/wordpress/132842/security/threat-report-portugal-q2-2022.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 06/07/2022

Researchers Share Techniques to Uncover Anonymized Ransomware Sites on Dark Web
https://thehackernews.com/2022/07/researchers-share-techniques-to-uncover.html

putlocker and similar websites
https://www.reddit.com/r/Malware/comments/vsbzen/putlocker_and_similar_websites/

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/05-07-2022

变脸, Teng Snake (a.k.a. Code Core)
https://malware.news/t/teng-snake-a-k-a-code-core/61543/1

#McAfeePride2022
https://malware.news/t/mcafeepride2022/61540/1

Smart or Stupid? Cybercriminal Group Names Decoded!
https://cisomag.com/smart-or-stupid-cybercriminal-group-names-decoded/

TikTok is “unacceptable security risk” and should be removed from app stores, says FCC
https://blog.malwarebytes.com/privacy-2/2022/07/tiktok-is-unacceptable-security-risk-and-should-be-removed-from-app-stores-says-fcc/

ISC StormCast for Wednesday, July 6th, 2022
https://isc.sans.edu/podcastdetail.html?id=8076

From NtObjectManager to PetitPotam
https://www.reddit.com/r/netsec/comments/vrz3xy/from_ntobjectmanager_to_petitpotam/

A Tech Millionaire Bought a Giant Cold War Radar to ‘Find UFOs’
https://www.vice.com/en_us/article/k7ba9x/a-tech-millionaire-bought-a-giant-cold-war-radar-to-find-ufos


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman