Top Security News for 26/06/2022

Duoli̇ngo plus apk
https://0x00sec.org/t/duoli-ngo-plus-apk/29933

Learn NIST Inside Out With 21 Hours of Training @ 86% OFF
https://thehackernews.com/2022/06/learn-nist-inside-out-with-21-hours-of.html

5 ways to avoid being catfished
https://blog.malwarebytes.com/personal/2022/06/5-ways-to-avoid-being-catfished/

Setting up Whonix Gateway in VMWare Workstation
https://malware.news/t/setting-up-whonix-gateway-in-vmware-workstation/61279/1

Oracle spent 6 months to fix ‘Mega’ flaws in the Fusion Middleware
https://securityaffairs.co/wordpress/132603/breaking-news/oracle-mega-flaw-cve-202221445.html

Malicious Code Passed to PowerShell via the Clipboard, (Sat, Jun 25th)
https://malware.news/t/malicious-code-passed-to-powershell-via-the-clipboard-sat-jun-25th/61280/1

Cyberattack suspected of causing rocket-attack false alarms in Israel. Risk surface assessments. Fitness app's geolocation feature may be a privacy and security risk.
https://thecyberwire.com/newsletters/week-that-was/6/25

Rules of Thumb War 101- ism's+hacks+cheets, cheats
https://www.bleepingcomputer.com/forums/t/773838/rules-of-thumb-war-101-ismshackscheets-cheats/

Apple Pegasus ransomware attack is giving people the option to freely remove their data from the leak
https://www.reddit.com/r/Malware/comments/vkiox1/apple_pegasus_ransomware_attack_is_giving_people/

Basic WebAssembly buffer overflow exploitation
https://www.reddit.com/r/netsec/comments/vkn5mn/basic_webassembly_buffer_overflow_exploitation/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 27/06/2022

ISC StormCast for Monday, June 27th, 2022
https://isc.sans.edu/podcastdetail.html?id=8064

My Paste Command, (Sun, Jun 26th)
https://isc.sans.edu/diary/rss/28786

What’s happening in Ukraine on the Internet? – Data from Shodan Trends
https://malware.news/t/what-s-happening-in-ukraine-on-the-internet-data-from-shodan-trends/61289/1

ISC Stormcast For Monday, June 27th, 2022 https://isc.sans.edu/podcastdetail.html?id=8064, (Mon, Jun 27th)
https://malware.news/t/isc-stormcast-for-monday-june-27th-2022-https-isc-sans-edu-podcastdetail-html-id-8064-mon-jun-27th/61288/1

ISC Stormcast For Monday, June 27th, 2022 https://isc.sans.edu/podcastdetail.html?id=8064, (Mon, Jun 27th)
https://isc.sans.edu/diary/rss/28790

Quickpost: Cracking PDF Owner Passwords
https://malware.news/t/quickpost-cracking-pdf-owner-passwords/61287/1

China-linked APT Bronze Starlight deploys ransomware as a smokescreen
https://securityaffairs.co/wordpress/132624/apt/bronze-starlight-deploy-ransomware.html

CxO professional development.
https://thecyberwire.com/podcasts/cso-perspectives-public/50/notes

linx - Reveals invisible links within JavaScript files
https://www.reddit.com/r/netsec/comments/vlgei9/linx_reveals_invisible_links_within_javascript/

More Decoding Analysis, (Sun, Jun 26th)
https://malware.news/t/more-decoding-analysis-sun-jun-26th/61283/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 28/06/2022

What Are Shadow IDs, and How Are They Crucial in 2022?
https://thehackernews.com/2022/06/what-are-shadow-ids-and-how-are-they.html

‘Valorant’ Will Use Your Voice to Train AI to Detect ‘Disruptive Behavior’
https://www.vice.com/en_us/article/epzdxa/valorant-will-use-your-voice-to-train-ai-to-detect-disruptive-behavior

Conti retires its brand, and LockBit 2.0 is now #1 in ransomware. Ransomware often skips encryption. Notes from Russia's hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/122

The 7 common traits among highly-successful cybercriminals: Part II
https://malware.news/t/the-7-common-traits-among-highly-successful-cybercriminals-part-ii/61326/1

Italy Data Protection Authority Warns Websites Against Use of Google Analytics
https://thehackernews.com/2022/06/italy-data-protection-authority-warns.html

ASEC Weekly Malware Statistics (June 13th, 2022 – June 19th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-june-13th-2022-june-19th-2022/61324/1

ISC StormCast for Tuesday, June 28th, 2022
https://isc.sans.edu/podcastdetail.html?id=8066

Security startup Cerby debuts with platform to manage shadow IT
https://www.csoonline.com/article/3664856/security-startup-cerby-debuts-with-platform-to-manage-shadow-it.html#tk.rss_all

Congress Wants to Spend $45 Million on Nukes the Navy Said it Doesn’t Need
https://www.vice.com/en_us/article/akedz4/congress-wants-to-spend-dollar45-million-on-nukes-the-navy-said-it-doesnt-need

South Korea to take part in US cyber drill exercise. US states establish cybersecurity task forces. White House focuses on cybersecurity. US senators seek answers on TikTok security review.
https://thecyberwire.com/newsletters/policy-briefing/4/122


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 29/06/2022

Zimbra unauthenticated RCE via unrar path traversal (CVE-2022-30333)
https://www.reddit.com/r/netsec/comments/vmy6ut/zimbra_unauthenticated_rce_via_unrar_path/

2022-06-27 - TA578 IcedID (Bokbot) with DarkVNC and Cobalt Strike
https://malware.news/t/2022-06-27-ta578-icedid-bokbot-with-darkvnc-and-cobalt-strike/61361/1

LockBit 3.0 introduces important novelties, including a bug bounty program
https://securityaffairs.co/wordpress/132701/cyber-crime/lockbit-3-0.html

Intune hacking: when is a "wipe" not a wipe
https://www.reddit.com/r/netsec/comments/vmhsfj/intune_hacking_when_is_a_wipe_not_a_wipe/

ASEC Weekly Malware Statistics (June 20th, 2022 – June 26th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-june-20th-2022-june-26th-2022/61369/1

[Control Systems] Motorola Solutions security advisory (AV22-356)
https://malware.news/t/control-systems-motorola-solutions-security-advisory-av22-356/61365/1

How to Evade Windows Defender and Commercial AV with Msfvenom Payloads
https://www.reddit.com/r/netsec/comments/vn4uo2/how_to_evade_windows_defender_and_commercial_av/

[Control Systems] Omron security advisory (AV22-358)
https://malware.news/t/control-systems-omron-security-advisory-av22-358/61363/1

Chinese threat actor uses ransomware as a distraction. Scalpers sell appointments for Israeli government services. Lyceum uses drone-themed phishbait. The Bumblebee loader's growing importance in C2C markets.
https://thecyberwire.com/podcasts/research-briefing/123/notes

APT Hackers Targeting Industrial Control Systems with ShadowPad Backdoor
https://thehackernews.com/2022/06/apt-hackers-targeting-industrial.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 30/06/2022

Can't block tiktok on windows 10 pc
https://www.bleepingcomputer.com/forums/t/774000/cant-block-tiktok-on-windows-10-pc/

How and why threat actors target Microsoft Active Directory
https://www.csoonline.com/article/3665051/how-and-why-threat-actors-target-microsoft-active-directory.html#tk.rss_all

What3Words
https://www.bleepingcomputer.com/forums/t/774017/what3words/

ISC Stormcast For Thursday, June 30th, 2022 https://isc.sans.edu/podcastdetail.html?id=8070, (Thu, Jun 30th)
https://malware.news/t/isc-stormcast-for-thursday-june-30th-2022-https-isc-sans-edu-podcastdetail-html-id-8070-thu-jun-30th/61405/1

Canadian Admits To Hacking Spree With Russian Cyber-Gang
https://packetstormsecurity.com/news/view/33588/Canadian-Admits-To-Hacking-Spree-With-Russian-Cyber-Gang.html

Unpacking encrypted router firmware
https://0x00sec.org/t/unpacking-encrypted-router-firmware/29996

Exploiting Intel Graphics Kernel Extensions on macOS to Escape the Safari Sandbox
https://www.reddit.com/r/netsec/comments/vnivsw/exploiting_intel_graphics_kernel_extensions_on/

YTStealer info-stealing malware targets YouTube content creators
https://securityaffairs.co/wordpress/132743/malware/ytstealer-malware-dark-web.html

CVE-2022-28219: Unauthenticated XXE to RCE and Domain Compromise in ManageEngine ADAudit Plus
https://www.reddit.com/r/netsec/comments/vnftlm/cve202228219_unauthenticated_xxe_to_rce_and/

Bumblebee Fast Becoming Favorite For Ransomware Gangs
https://packetstormsecurity.com/news/view/33590/Bumblebee-Fast-Becoming-Favorite-For-Ransomware-Gangs.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 01/07/2022

US TSA issues relaxed pipeline cybersecurity directives. A new approach to the development of international cyber norms. CISA issues guidance on migrating to Modern auth in Microsoft Exchange Online.
https://thecyberwire.com/newsletters/policy-briefing/4/125

Key takeaways from CSA’s SaaS Governance Best Practices guide
https://www.csoonline.com/article/3664935/key-takeaways-from-csa-s-saas-governance-best-practices-guide.html#tk.rss_all

C2C market differentiation and commodification. Hacktivists tied to Russia's government. New cyber phases of a hybrid war.
https://thecyberwire.com/newsletters/daily-briefing/11/125

Ex-Canadian Government Employee Pleads Guilty Over NetWalker Ransomware Attacks
https://thehackernews.com/2022/06/ex-canadian-government-employee-pleads.html

Microsoft Warns of Cryptomining Malware Campaign Targeting Linux Servers
https://thehackernews.com/2022/06/microsoft-warns-of-cryptomining-malware.html

North Korean Hackers Suspected to be Behind $100M Horizon Bridge Hack
https://thehackernews.com/2022/06/north-korean-hackers-suspected-to-be.html

Influence ops for economic advantage. Targeting think tanks. Russia dismisses its missile strike on a shopping mall as a Ukrainian provocation. Leaving Snake Island.
https://thecyberwire.com/newsletters/disinformation-briefing/4/26

Weaponizing and Abusing Hidden Functionalities Contained in Office Document Properties
https://www.reddit.com/r/netsec/comments/voetlt/weaponizing_and_abusing_hidden_functionalities/

Case of Attack Exploiting AnyDesk Remote Tool (Cobalt Strike and Meterpreter)
https://malware.news/t/case-of-attack-exploiting-anydesk-remote-tool-cobalt-strike-and-meterpreter/61456/1

Pro-Russian hackers launched a massive DDoS attack against Norway
https://securityaffairs.co/wordpress/132765/hacking/legion-ddos-norway.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 02/07/2022

RanSim: a ransomware simulation script written in PowerShell. Useful for testing your defenses and backups in a controlled simulation. The same script is used for encryption and decryption.
https://www.reddit.com/r/netsec/comments/voii89/ransim_a_ransomware_simulation_script_written_in/

Are reverse search warrants a violation of privacy? NFT marketplace involved in massive user data breach. Renter, beware. CISA on MedusaLocker ransomware.
https://thecyberwire.com/podcasts/privacy-briefing/617/notes

CISA Alert AA22-181A – #StopRansomware: MedusaLocker.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/23/notes

Dining table set George
https://www.bleepingcomputer.com/forums/t/774072/dining-table-set-george/

DPRK hacking for profit. MedusaLocker warning. C2C market notes. Cyber conflict in the Middle East and in Russia's war.
https://thecyberwire.com/newsletters/daily-briefing/11/126

It’s Been Zero Days Since BIND9 Crashed
https://www.reddit.com/r/netsec/comments/voxiu2/its_been_zero_days_since_bind9_crashed/

Microsoft Warns About Evolving Capabilities of Toll Fraud Android Malware Apps
https://thehackernews.com/2022/07/microsoft-warns-about-evolving.html

Google Improves Its Password Manager to Boost Security Across All Platforms
https://thehackernews.com/2022/07/google-improves-its-password-manager-to.html

CVE-2022-28219 Detection: Critical RCE Vulnerability in Zoho ManageEngine ADAudit Plus
https://www.reddit.com/r/Malware/comments/vp20nc/cve202228219_detection_critical_rce_vulnerability/

Java Serialisation - the gift that keeps on taking (Part 3)
https://malware.news/t/java-serialisation-the-gift-that-keeps-on-taking-part-3/61475/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 04/07/2022

Malware keeps opening and closing Google Chrome
https://www.reddit.com/r/Malware/comments/vqwtnw/malware_keeps_opening_and_closing_google_chrome/

DS620slim tiny home server
https://malware.news/t/ds620slim-tiny-home-server/61479/1

Half of actively exploited zero-day issues in H1 2022 are variants of previous flaws
https://securityaffairs.co/wordpress/132813/security/h1-2022-zero-day-variants-previous-flaws.html

Microsoft: Raspberry Robin worm already infected hundreds of networks
https://securityaffairs.co/wordpress/132826/malware/microsoft-raspberry-robin-spreading.html

HackerOne Employee Caught Stealing Vulnerability Reports for Personal Gains
https://thehackernews.com/2022/07/hackerone-employee-caught-stealing.html

7-Zip & MoW, (Sun, Jul 3rd)
https://isc.sans.edu/diary/rss/28810

Tens of Jenkins plugins are affected by zero-day vulnerabilities
https://securityaffairs.co/wordpress/132836/security/jenkins-plugins-zero-day-flaws.html

Enterprise encryption and cybersecurity first principles, with Rick Howard.
https://thecyberwire.com/podcasts/cso-perspectives-public/51/notes

Over 900k Kubernetes Clusters Were Found Exposed Online
https://www.reddit.com/r/netsec/comments/vqd9ya/over_900k_kubernetes_clusters_were_found_exposed/

Bypassing Firefox's HTML Sanitizer API
https://www.reddit.com/r/netsec/comments/vqo7xq/bypassing_firefoxs_html_sanitizer_api/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 05/07/2022

Unfaithful HackerOne employee steals bug reports to claim additional bounties
https://securityaffairs.co/wordpress/132846/cyber-crime/hackerone-incident.html

Google fixes the fourth Chrome zero-day in 2022
https://securityaffairs.co/wordpress/132863/hacking/4th-chrome-zero-day.html

ISC Stormcast For Tuesday, July 5th, 2022 https://isc.sans.edu/podcastdetail.html?id=8074, (Tue, Jul 5th)
https://malware.news/t/isc-stormcast-for-tuesday-july-5th-2022-https-isc-sans-edu-podcastdetail-html-id-8074-tue-jul-5th/61501/1

When good-faith hacking gets people arrested, with Harley Geiger: Lock and Code S03E14
https://blog.malwarebytes.com/podcast/2022/07/when-good-faith-hacking-gets-people-arrested-with-harley-geiger-lock-and-code-s03e14/

HackerOne insider fired for trying to claim other people’s bounties
https://malware.news/t/hackerone-insider-fired-for-trying-to-claim-other-people-s-bounties/61499/1

Insider Threat: Employees indicted for stealing $88 million of license keys
https://blog.malwarebytes.com/cybercrime/2022/07/insider-threat-employees-indicted-for-stealing-88-million-of-license-keys/

From Misconfigured Certificate Template to Windows Domain Admin
https://www.reddit.com/r/netsec/comments/vrgs55/from_misconfigured_certificate_template_to/

Ukrainian Authorities Arrested Phishing Gang That Stole 100 Million UAH
https://thehackernews.com/2022/07/ukrainian-authorities-arrested-phishing.html

Data of a billion Chinese residents available for sale on the dark web
https://securityaffairs.co/wordpress/132860/data-breach/chinese-residents-data-dark-web.html

Threat Report Portugal: Q2 2022
https://securityaffairs.co/wordpress/132842/security/threat-report-portugal-q2-2022.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 06/07/2022

Researchers Share Techniques to Uncover Anonymized Ransomware Sites on Dark Web
https://thehackernews.com/2022/07/researchers-share-techniques-to-uncover.html

putlocker and similar websites
https://www.reddit.com/r/Malware/comments/vsbzen/putlocker_and_similar_websites/

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/05-07-2022

变脸, Teng Snake (a.k.a. Code Core)
https://malware.news/t/teng-snake-a-k-a-code-core/61543/1

#McAfeePride2022
https://malware.news/t/mcafeepride2022/61540/1

Smart or Stupid? Cybercriminal Group Names Decoded!
https://cisomag.com/smart-or-stupid-cybercriminal-group-names-decoded/

TikTok is “unacceptable security risk” and should be removed from app stores, says FCC
https://blog.malwarebytes.com/privacy-2/2022/07/tiktok-is-unacceptable-security-risk-and-should-be-removed-from-app-stores-says-fcc/

ISC StormCast for Wednesday, July 6th, 2022
https://isc.sans.edu/podcastdetail.html?id=8076

From NtObjectManager to PetitPotam
https://www.reddit.com/r/netsec/comments/vrz3xy/from_ntobjectmanager_to_petitpotam/

A Tech Millionaire Bought a Giant Cold War Radar to ‘Find UFOs’
https://www.vice.com/en_us/article/k7ba9x/a-tech-millionaire-bought-a-giant-cold-war-radar-to-find-ufos


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 07/07/2022

Is the American Innovation and Online Choice Act beneficial?
https://thecyberwire.com/podcasts/caveat/132/notes

NIST names new post-quantum cryptography standards
https://www.csoonline.com/article/3665695/nist-names-new-post-quantum-cryptography-standards.html#tk.rss_all

Apple to launch ‘lockdown mode’ to protect against Pegasus-style hacks
https://www.theguardian.com/technology/2022/jul/06/apple-to-launch-lockdown-mode-to-protect-against-pegasus-style-hacks

Human errors and why they're made.
https://thecyberwire.com/podcasts/hacking-humans/203/notes

Attacker groups adopt new penetration testing tool Brute Ratel
https://www.csoonline.com/article/3666508/attacker-groups-adopt-new-penetration-testing-tool-brute-ratel.html#tk.rss_all

Optimizing CI/CD Credential Hygiene – A Comparison of CI/CD Solutions
https://www.reddit.com/r/netsec/comments/vsqi5l/optimizing_cicd_credential_hygiene_a_comparison/

NIST Announces First Four Quantum-Resistant Cryptographic Algorithms
https://thehackernews.com/2022/07/nist-announces-first-four-quantum.html

YamaBot Malware Used by Lazarus
https://malware.news/t/yamabot-malware-used-by-lazarus/61590/1

Georgia’s Conspiracy-Magnet Guidestones Monument Has Been Bombed
https://www.vice.com/en_us/article/dy7v8x/georgias-conspiracy-magnet-guidestones-monument-has-been-bombed

Safe way to warn a business that their website URL has been hijacked?
https://www.bleepingcomputer.com/forums/t/774271/safe-way-to-warn-a-business-that-their-website-url-has-been-hijacked/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 08/07/2022

ENISA released the Threat Landscape Methodology
https://securityaffairs.co/wordpress/132973/security/enis-athreat-landscape-methodology.html

FBI and MI-5 warn of Chinese industrial espionage. Trickbot's privateering. Cozy Bear sighting. Chinese APTs target Russia.
https://thecyberwire.com/newsletters/daily-briefing/11/129

Over 1,200 NPM Packages Found Involved in "CuteBoi" Cryptomining Campaign
https://thehackernews.com/2022/07/over-1200-npm-packages-found-involved.html

What to Look for in a Network Vulnerability Scanner
https://malware.news/t/what-to-look-for-in-a-network-vulnerability-scanner/61628/1

Automating binary vulnerability discovery with Ghidra and Semgrep
https://www.reddit.com/r/netsec/comments/vtcsdv/automating_binary_vulnerability_discovery_with/

New NIST Software Supply Chain Security Guidance Recommends Use of Security Ratings
https://malware.news/t/new-nist-software-supply-chain-security-guidance-recommends-use-of-security-ratings/61629/1

Apple Lockdown Mode helps protect users from spyware
https://blog.malwarebytes.com/malwarebytes-news/2022/07/apple-lockdown-mode-helps-protect-users-from-spyware/

5 things security pros want from XDR platforms
https://www.csoonline.com/article/3665913/5-things-security-pros-want-from-xdr-platforms.html#tk.rss_all

Revelstoke’s SOAR to improve case management with replicable sub-workflows
https://www.csoonline.com/article/3666728/revelstokes-soar-to-improve-case-management-with-replicable-sub-workflows.html#tk.rss_all

What is Malware and How to Avoid Becoming a Victim
https://malware.news/t/what-is-malware-and-how-to-avoid-becoming-a-victim/61626/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 09/07/2022

How to Find a Mortgage Expert in the UK
https://www.bleepingcomputer.com/forums/t/774340/how-to-find-a-mortgage-expert-in-the-uk/

Evolution of the LockBit Ransomware operation relies on new techniques
https://securityaffairs.co/wordpress/133027/cyber-crime/lockbit-2-0-evolution.html

Avoid travel digital disasters – Week in security with Tony Anscombe
https://malware.news/t/avoid-travel-digital-disasters-week-in-security-with-tony-anscombe/61653/1

Shanghaied data. Update on the Marriott breach. California college suffers cyberattack. Maui ransomware. NPM supply chain attack update.
https://thecyberwire.com/podcasts/privacy-briefing/621/notes

Thread hijacking operation linked to TA578. Gun owner data leaked by California Justice Department.
https://thecyberwire.com/newsletters/privacy-briefing/4/130

Dell security advisory (AV22-381)
https://malware.news/t/dell-security-advisory-av22-381/61657/1

Researchers Detail Techniques LockBit Ransomware Using to Infect its Targets
https://thehackernews.com/2022/07/researchers-detail-techniques-lockbit.html

Royal Army accounts hijacked. A hacktivist group claims to have hit Iranian sites. Very large database of PII for sale on the dark web.
https://thecyberwire.com/newsletters/week-that-was/6/27

Thread hijacking operation linked to TA578. Gun owner data leaked by California Justice Department.
https://thecyberwire.com/podcasts/research-saturday/621/notes

Recorded Future closes acquisition of malware analysis firm Hatching
https://www.csoonline.com/article/3666693/recorded-future-closes-acquisition-of-malware-analysis-firm-hatching.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 10/07/2022

Simple_listener.py
https://malware.news/t/simple-listener-py/61662/1

Weekly News Roundup — July 3 to July 9
https://malware.news/t/weekly-news-roundup-july-3-to-july-9/61660/1

Ongoing Raspberry Robin campaign leverages compromised QNAP devices
https://securityaffairs.co/wordpress/133039/cyber-crime/raspberry-robin-infection-attacks.html

Cyberpunk Future
https://0x00sec.org/t/cyberpunk-future/30127

Simone Petrella: Fake it, until you make it. [CEO]
https://thecyberwire.com/podcasts/career-notes/107/notes

Hackers Exploiting Follina Bug to Deploy Rozena Backdoor
https://thehackernews.com/2022/07/hackers-exploiting-follina-bug-to.html

Does "Autostart" Really Mean "Autostart"?
https://malware.news/t/does-autostart-really-mean-autostart/61661/1

Fortinet addressed multiple vulnerabilities in several products
https://securityaffairs.co/wordpress/133059/security/fortinet-multiple-issues-several-products.html

Rozena backdoor delivered by exploiting the Follina bug
https://securityaffairs.co/wordpress/133051/hacking/follina-bug-rozena-backdoor.html

Apple Lockdown Mode will protect users against highly targeted cyberattacks
https://securityaffairs.co/wordpress/133065/mobile-2/apple-lockdown-mode.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 11/07/2022

PyPI Repository Makes 2FA Security Mandatory for Critical Python Projects
https://thehackernews.com/2022/07/pypi-repository-makes-2af-security.html

Private 5G Network Security Expectations Part 3
https://malware.news/t/private-5g-network-security-expectations-part-3/61674/1

Hackers Used Fake Job Offer to Hack and Steal $540 Million from Axie Infinity
https://thehackernews.com/2022/07/hackers-used-fake-job-offer-to-hack-and.html

WAF from the scratch
https://www.reddit.com/r/netsec/comments/vw9utw/waf_from_the_scratch/

How the FBI quietly added itself to criminals’ instant message conversations
https://blog.malwarebytes.com/reports/2022/07/how-the-fbi-quietly-added-itself-to-criminals-instant-message-conversations/

Totmania.net DO NOT OPEN
https://www.reddit.com/r/Malware/comments/vw4lg8/totmanianet_do_not_open/

4 ways businesses can save money on cyber insurance
https://malware.news/t/4-ways-businesses-can-save-money-on-cyber-insurance/61669/1

North Korean APT targets US healthcare sector with Maui ransomware
https://blog.malwarebytes.com/ransomware/2022/07/north-korean-apt-targets-us-healthcare-sector-with-maui-ransomware/

Meterpreter Distributed to Vulnerable Server of Korean Medical Institution
https://malware.news/t/meterpreter-distributed-to-vulnerable-server-of-korean-medical-institution/61671/1

Debug Log: Why is my M.2 SSD so slow?
https://gynvael.coldwind.pl/?id=749


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 12/07/2022

Sneaky Orbit Malware Backdoors Linux Devices
https://packetstormsecurity.com/news/view/33618/Sneaky-Orbit-Malware-Backdoors-Linux-Devices.html

One Year After the Colonial Pipeline Attack, Regulation Is Still a Problem
https://securityintelligence.com/articles/colonial-pipeline-federal-regulation-update/

Anubis Networks is back with new C2 server
https://securityaffairs.co/wordpress/133115/hacking/anubis-networks-new-c2.html

Australian incident reporting law comes into effect. UK agencies recommend (strongly) against paying ransom.
https://thecyberwire.com/newsletters/policy-briefing/4/131

Cloud-based Cryptocurrency Miners Targeting GitHub Actions and Azure VMs
https://thehackernews.com/2022/07/cloud-based-cryptocurrency-miners.html

Text-based fraud: from 419 scams to vishing
https://securelist.com/mail-text-scam/106926/

Microsoft Windows Autopatch is Now Generally Available for Enterprise Systems
https://thehackernews.com/2022/07/microsoft-windows-autopatch-is-now.html

Accounts getting hacked
https://www.reddit.com/r/Malware/comments/vwuz3v/accounts_getting_hacked/

‘Don’t Ask Me Why’: NYC Releases Video About What to Do in Case of Nuclear War
https://www.vice.com/en_us/article/pkgbq7/dont-ask-me-why-nyc-releases-video-about-what-to-do-in-case-of-nuclear-war

ISC StormCast for Tuesday, July 12th, 2022
https://isc.sans.edu/podcastdetail.html?id=8082


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 13/07/2022

Large-scale AiTM phishing campaign targeted +10,000 orgs since 2021
https://securityaffairs.co/wordpress/133154/hacking/aitm-phishing-campaigns.html

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/12-07-2022

Microsoft Azure Site Recovery DLL Hijacking ($10,000 Bug Bounty)
https://www.reddit.com/r/netsec/comments/vxg4f9/microsoft_azure_site_recovery_dll_hijacking_10000/

Shitposting Shiba Inu Accounts Chased a Russian Diplomat Offline
https://www.vice.com/en_us/article/y3pd5y/shitposting-shiba-inu-accounts-chased-a-russian-diplomat-offline

The dangers of real time bidding. Round-up of recent US healthcare breaches. Threat groups just made it easier to find stolen data on leak sites.
https://thecyberwire.com/podcasts/privacy-briefing/623/notes

Concentric launches new data privacy and cybersecurity solution Eclipse
https://www.csoonline.com/article/3666696/concentric-launches-new-data-privacy-and-cybersecurity-solution-eclipse.html#tk.rss_all

Barracuda report: Almost everyone faced an industrial attack in the last year
https://www.csoonline.com/article/3666523/barracuda-report-almost-everyone-faced-an-industrial-attack-in-the-last-year.html#tk.rss_all

Microsoft announced the general availability of Windows Autopatch feature
https://securityaffairs.co/wordpress/133139/security/microsoft-autopatch.html

Misconfiguration on Digital Guardian Endpoint DLP
https://www.reddit.com/r/netsec/comments/vwc2d4/misconfiguration_on_digital_guardian_endpoint_dlp/

Avoiding Death by a Thousand Scripts: Using Automated Content Security Policies
https://thehackernews.com/2022/07/avoiding-death-by-thousand-scripts.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 14/07/2022

Three UEFI Firmware flaws found in tens of Lenovo Notebook models
https://securityaffairs.co/wordpress/133186/security/lenovo-uefi-firmware-flaws.html

U.S. FTC Vows to Crack Down on illegal Use and Sharing of Citizens' Sensitive Data
https://thehackernews.com/2022/07/us-ftc-vows-to-crack-down-on-illegal.html

Why Threat Analysis Will Continue to Play a Vital Role in Security
https://securityintelligence.com/posts/threat-analysis-vital-role-security/

Ransomware rolled through business defenses in Q2 2022
https://blog.malwarebytes.com/business/2022/07/ransomware-rolled-through-business-defenses-in-q2-2022/

Update now—July Patch Tuesday patches include fix for exploited zero-day
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/07/update-now-july-patch-tuesday-patches-include-fix-for-exploited-zero-day/

Researchers Uncover New Variants of the ChromeLoader Browser Hijacking Malware
https://thehackernews.com/2022/07/researchers-uncover-new-variants-of.html

New UEFI Firmware Vulnerabilities Impact Several Lenovo Notebook Models
https://thehackernews.com/2022/07/new-uefi-firmware-vulnerabilities.html

Exostar launches CMMC 2.0-compliant Microsoft 365, other solutions for SMBs
https://www.csoonline.com/article/3666832/exostar-launches-new-microsoft-365-cmmc-2-0-solutions-for-smbs.html#tk.rss_all

NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/13-07-2022

Dealing with Failure: Failure Escalation Policy in CLR Hosts
https://www.reddit.com/r/netsec/comments/vybzbn/dealing_with_failure_failure_escalation_policy_in/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 18/07/2022

Open source security needs automation as usage climbs amongst organisations
https://malware.news/t/open-source-security-needs-automation-as-usage-climbs-amongst-organisations/61862/1

Build your first LLVM Obfuscator
https://www.reddit.com/r/netsec/comments/w14fsr/build_your_first_llvm_obfuscator/

StartupApproved\Run, pt II
https://malware.news/t/startupapproved-run-pt-ii/61859/1

Google is going to remove App Permissions List from the Play Store
https://securityaffairs.co/wordpress/133334/mobile-2/google-removes-app-permissions-list-play-store.html

Python: Files In Use By Another Process, (Sun, Jul 17th)
https://isc.sans.edu/diary/rss/28848

Adding Your Own Keywords To My PDF Tools, (Mon, Jul 18th)
https://isc.sans.edu/diary/rss/28852

Going beyond Alert with XSS
https://zdresearch.com/going-beyond-alert-with-xss/

Enterprise backups and cybersecurity first principles, with Rick Howard.
https://thecyberwire.com/podcasts/cso-perspectives-public/53/notes

Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever
https://securityaffairs.co/wordpress/133339/cyber-crime/crooks-stole-375k-from-premint-nft-it-is-one-of-the-biggest-nft-hacks-ever.html

Adding Your Own Keywords To My PDF Tools, (Mon, Jul 18th)
https://malware.news/t/adding-your-own-keywords-to-my-pdf-tools-mon-jul-18th/61865/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 19/07/2022

A Deep Dive Into ALPHV/BlackCat Ransomware
https://www.reddit.com/r/Malware/comments/w26smy/a_deep_dive_into_alphvblackcat_ransomware/

A Deep Dive Into ALPHV/BlackCat Ransomware
https://www.reddit.com/r/netsec/comments/w20ai0/a_deep_dive_into_alphvblackcat_ransomware/

new privesc on AWS (DataScientist policy)
https://www.reddit.com/r/netsec/comments/w29e8l/new_privesc_on_aws_datascientist_policy/

ISC Stormcast For Tuesday, July 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8092, (Tue, Jul 19th)
https://isc.sans.edu/diary/rss/28854

Mind the Gap – How to Ensure Your Vulnerability Detection Methods are up to Scratch
https://thehackernews.com/2022/07/mind-gap-how-to-ensure-your.html

Lending Tree says leaked data aren’t theirs. One year after the Pegasus Project, the spyware remains at large. US child privacy legislation updates.
https://thecyberwire.com/newsletters/privacy-briefing/4/136

chip-red-pill/MicrocodeDecryptor - understand how Intel mitigated spectre vulnerability, explore the implementation of Intel TXT, SGX,VT-x technologies
https://www.reddit.com/r/netsec/comments/w2gcuu/chipredpillmicrocodedecryptor_understand_how/

Auth0’s OpenFGA explained: Open source universal authorization
https://www.csoonline.com/article/3667268/auth0-s-openfga-explained-open-source-universal-authorization.html#tk.rss_all

New Study Finds Most Enterprise Vendors Failing to Mitigate Speculative Execution Attacks
https://thehackernews.com/2022/07/new-study-finds-most-enterprise-vendors.html

Ukraine at D+144: Firing for whatever effect.
https://thecyberwire.com/stories/b3116afd3de447209bff4d030315f834/ukraine-at-d144


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 20/07/2022

BrandPost: How CSPs can Future Proof 5G Mobile Networks
https://www.csoonline.com/article/3667438/how-csps-can-future-proof-5g-mobile-networks.html#tk.rss_all

Darktrace launches new PREVENT AI security products to pre-empt cyberthreats
https://www.csoonline.com/article/3667494/darktrace-launches-new-prevent-ai-security-products-to-pre-empt-cyberthreats.html#tk.rss_all

ISC Stormcast For Wednesday, July 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8094, (Wed, Jul 20th)
https://isc.sans.edu/diary/rss/28858

GPS trackers used for vehicle fleet management can be hijacked by hackers
https://www.csoonline.com/article/3667316/gps-trackers-used-for-vehicle-fleet-management-can-be-hijacked-by-hackers.html#tk.rss_all

EU warns of risks of spillover effects associated with the ongoing war in Ukraine
https://securityaffairs.co/wordpress/133436/cyber-warfare-2/eu-warns-ukraine-spillover.html

New Air-Gap Attack Uses SATA Cable as an Antenna to Transfer Radio Signals
https://thehackernews.com/2022/07/new-air-gap-attack-uses-sata-cable-as.html

Several apps on the Play Store used to spread Joker, Facestealer and Coper malware
https://securityaffairs.co/wordpress/133394/malware/play-store-apps-joker-facestealer-coper.html

Malicious Python Script Behaving Like a Rubber Ducky, (Wed, Jul 20th)
https://isc.sans.edu/diary/rss/28860

PayPal phishing campaign goes after more than just your login credentials
https://blog.malwarebytes.com/social-engineering/2022/07/paypal-phishing-campaign-goes-after-more-than-just-your-login-credentials/

Security Alert: Oracle Releases Critical Patch Update, July 2022
https://malware.news/t/security-alert-oracle-releases-critical-patch-update-july-2022/61935/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman