Top Security News for 06/07/2022

Researchers Share Techniques to Uncover Anonymized Ransomware Sites on Dark Web
https://thehackernews.com/2022/07/researchers-share-techniques-to-uncover.html

putlocker and similar websites
https://www.reddit.com/r/Malware/comments/vsbzen/putlocker_and_similar_websites/

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/05-07-2022

变脸, Teng Snake (a.k.a. Code Core)
https://malware.news/t/teng-snake-a-k-a-code-core/61543/1

#McAfeePride2022
https://malware.news/t/mcafeepride2022/61540/1

Smart or Stupid? Cybercriminal Group Names Decoded!
https://cisomag.com/smart-or-stupid-cybercriminal-group-names-decoded/

TikTok is “unacceptable security risk” and should be removed from app stores, says FCC
https://blog.malwarebytes.com/privacy-2/2022/07/tiktok-is-unacceptable-security-risk-and-should-be-removed-from-app-stores-says-fcc/

ISC StormCast for Wednesday, July 6th, 2022
https://isc.sans.edu/podcastdetail.html?id=8076

From NtObjectManager to PetitPotam
https://www.reddit.com/r/netsec/comments/vrz3xy/from_ntobjectmanager_to_petitpotam/

A Tech Millionaire Bought a Giant Cold War Radar to ‘Find UFOs’
https://www.vice.com/en_us/article/k7ba9x/a-tech-millionaire-bought-a-giant-cold-war-radar-to-find-ufos


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 07/07/2022

Is the American Innovation and Online Choice Act beneficial?
https://thecyberwire.com/podcasts/caveat/132/notes

NIST names new post-quantum cryptography standards
https://www.csoonline.com/article/3665695/nist-names-new-post-quantum-cryptography-standards.html#tk.rss_all

Apple to launch ‘lockdown mode’ to protect against Pegasus-style hacks
https://www.theguardian.com/technology/2022/jul/06/apple-to-launch-lockdown-mode-to-protect-against-pegasus-style-hacks

Human errors and why they're made.
https://thecyberwire.com/podcasts/hacking-humans/203/notes

Attacker groups adopt new penetration testing tool Brute Ratel
https://www.csoonline.com/article/3666508/attacker-groups-adopt-new-penetration-testing-tool-brute-ratel.html#tk.rss_all

Optimizing CI/CD Credential Hygiene – A Comparison of CI/CD Solutions
https://www.reddit.com/r/netsec/comments/vsqi5l/optimizing_cicd_credential_hygiene_a_comparison/

NIST Announces First Four Quantum-Resistant Cryptographic Algorithms
https://thehackernews.com/2022/07/nist-announces-first-four-quantum.html

YamaBot Malware Used by Lazarus
https://malware.news/t/yamabot-malware-used-by-lazarus/61590/1

Georgia’s Conspiracy-Magnet Guidestones Monument Has Been Bombed
https://www.vice.com/en_us/article/dy7v8x/georgias-conspiracy-magnet-guidestones-monument-has-been-bombed

Safe way to warn a business that their website URL has been hijacked?
https://www.bleepingcomputer.com/forums/t/774271/safe-way-to-warn-a-business-that-their-website-url-has-been-hijacked/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 08/07/2022

ENISA released the Threat Landscape Methodology
https://securityaffairs.co/wordpress/132973/security/enis-athreat-landscape-methodology.html

FBI and MI-5 warn of Chinese industrial espionage. Trickbot's privateering. Cozy Bear sighting. Chinese APTs target Russia.
https://thecyberwire.com/newsletters/daily-briefing/11/129

Over 1,200 NPM Packages Found Involved in "CuteBoi" Cryptomining Campaign
https://thehackernews.com/2022/07/over-1200-npm-packages-found-involved.html

What to Look for in a Network Vulnerability Scanner
https://malware.news/t/what-to-look-for-in-a-network-vulnerability-scanner/61628/1

Automating binary vulnerability discovery with Ghidra and Semgrep
https://www.reddit.com/r/netsec/comments/vtcsdv/automating_binary_vulnerability_discovery_with/

New NIST Software Supply Chain Security Guidance Recommends Use of Security Ratings
https://malware.news/t/new-nist-software-supply-chain-security-guidance-recommends-use-of-security-ratings/61629/1

Apple Lockdown Mode helps protect users from spyware
https://blog.malwarebytes.com/malwarebytes-news/2022/07/apple-lockdown-mode-helps-protect-users-from-spyware/

5 things security pros want from XDR platforms
https://www.csoonline.com/article/3665913/5-things-security-pros-want-from-xdr-platforms.html#tk.rss_all

Revelstoke’s SOAR to improve case management with replicable sub-workflows
https://www.csoonline.com/article/3666728/revelstokes-soar-to-improve-case-management-with-replicable-sub-workflows.html#tk.rss_all

What is Malware and How to Avoid Becoming a Victim
https://malware.news/t/what-is-malware-and-how-to-avoid-becoming-a-victim/61626/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 09/07/2022

How to Find a Mortgage Expert in the UK
https://www.bleepingcomputer.com/forums/t/774340/how-to-find-a-mortgage-expert-in-the-uk/

Evolution of the LockBit Ransomware operation relies on new techniques
https://securityaffairs.co/wordpress/133027/cyber-crime/lockbit-2-0-evolution.html

Avoid travel digital disasters – Week in security with Tony Anscombe
https://malware.news/t/avoid-travel-digital-disasters-week-in-security-with-tony-anscombe/61653/1

Shanghaied data. Update on the Marriott breach. California college suffers cyberattack. Maui ransomware. NPM supply chain attack update.
https://thecyberwire.com/podcasts/privacy-briefing/621/notes

Thread hijacking operation linked to TA578. Gun owner data leaked by California Justice Department.
https://thecyberwire.com/newsletters/privacy-briefing/4/130

Dell security advisory (AV22-381)
https://malware.news/t/dell-security-advisory-av22-381/61657/1

Researchers Detail Techniques LockBit Ransomware Using to Infect its Targets
https://thehackernews.com/2022/07/researchers-detail-techniques-lockbit.html

Royal Army accounts hijacked. A hacktivist group claims to have hit Iranian sites. Very large database of PII for sale on the dark web.
https://thecyberwire.com/newsletters/week-that-was/6/27

Thread hijacking operation linked to TA578. Gun owner data leaked by California Justice Department.
https://thecyberwire.com/podcasts/research-saturday/621/notes

Recorded Future closes acquisition of malware analysis firm Hatching
https://www.csoonline.com/article/3666693/recorded-future-closes-acquisition-of-malware-analysis-firm-hatching.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 10/07/2022

Simple_listener.py
https://malware.news/t/simple-listener-py/61662/1

Weekly News Roundup — July 3 to July 9
https://malware.news/t/weekly-news-roundup-july-3-to-july-9/61660/1

Ongoing Raspberry Robin campaign leverages compromised QNAP devices
https://securityaffairs.co/wordpress/133039/cyber-crime/raspberry-robin-infection-attacks.html

Cyberpunk Future
https://0x00sec.org/t/cyberpunk-future/30127

Simone Petrella: Fake it, until you make it. [CEO]
https://thecyberwire.com/podcasts/career-notes/107/notes

Hackers Exploiting Follina Bug to Deploy Rozena Backdoor
https://thehackernews.com/2022/07/hackers-exploiting-follina-bug-to.html

Does "Autostart" Really Mean "Autostart"?
https://malware.news/t/does-autostart-really-mean-autostart/61661/1

Fortinet addressed multiple vulnerabilities in several products
https://securityaffairs.co/wordpress/133059/security/fortinet-multiple-issues-several-products.html

Rozena backdoor delivered by exploiting the Follina bug
https://securityaffairs.co/wordpress/133051/hacking/follina-bug-rozena-backdoor.html

Apple Lockdown Mode will protect users against highly targeted cyberattacks
https://securityaffairs.co/wordpress/133065/mobile-2/apple-lockdown-mode.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 11/07/2022

PyPI Repository Makes 2FA Security Mandatory for Critical Python Projects
https://thehackernews.com/2022/07/pypi-repository-makes-2af-security.html

Private 5G Network Security Expectations Part 3
https://malware.news/t/private-5g-network-security-expectations-part-3/61674/1

Hackers Used Fake Job Offer to Hack and Steal $540 Million from Axie Infinity
https://thehackernews.com/2022/07/hackers-used-fake-job-offer-to-hack-and.html

WAF from the scratch
https://www.reddit.com/r/netsec/comments/vw9utw/waf_from_the_scratch/

How the FBI quietly added itself to criminals’ instant message conversations
https://blog.malwarebytes.com/reports/2022/07/how-the-fbi-quietly-added-itself-to-criminals-instant-message-conversations/

Totmania.net DO NOT OPEN
https://www.reddit.com/r/Malware/comments/vw4lg8/totmanianet_do_not_open/

4 ways businesses can save money on cyber insurance
https://malware.news/t/4-ways-businesses-can-save-money-on-cyber-insurance/61669/1

North Korean APT targets US healthcare sector with Maui ransomware
https://blog.malwarebytes.com/ransomware/2022/07/north-korean-apt-targets-us-healthcare-sector-with-maui-ransomware/

Meterpreter Distributed to Vulnerable Server of Korean Medical Institution
https://malware.news/t/meterpreter-distributed-to-vulnerable-server-of-korean-medical-institution/61671/1

Debug Log: Why is my M.2 SSD so slow?
https://gynvael.coldwind.pl/?id=749


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 12/07/2022

Sneaky Orbit Malware Backdoors Linux Devices
https://packetstormsecurity.com/news/view/33618/Sneaky-Orbit-Malware-Backdoors-Linux-Devices.html

One Year After the Colonial Pipeline Attack, Regulation Is Still a Problem
https://securityintelligence.com/articles/colonial-pipeline-federal-regulation-update/

Anubis Networks is back with new C2 server
https://securityaffairs.co/wordpress/133115/hacking/anubis-networks-new-c2.html

Australian incident reporting law comes into effect. UK agencies recommend (strongly) against paying ransom.
https://thecyberwire.com/newsletters/policy-briefing/4/131

Cloud-based Cryptocurrency Miners Targeting GitHub Actions and Azure VMs
https://thehackernews.com/2022/07/cloud-based-cryptocurrency-miners.html

Text-based fraud: from 419 scams to vishing
https://securelist.com/mail-text-scam/106926/

Microsoft Windows Autopatch is Now Generally Available for Enterprise Systems
https://thehackernews.com/2022/07/microsoft-windows-autopatch-is-now.html

Accounts getting hacked
https://www.reddit.com/r/Malware/comments/vwuz3v/accounts_getting_hacked/

‘Don’t Ask Me Why’: NYC Releases Video About What to Do in Case of Nuclear War
https://www.vice.com/en_us/article/pkgbq7/dont-ask-me-why-nyc-releases-video-about-what-to-do-in-case-of-nuclear-war

ISC StormCast for Tuesday, July 12th, 2022
https://isc.sans.edu/podcastdetail.html?id=8082


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 13/07/2022

Large-scale AiTM phishing campaign targeted +10,000 orgs since 2021
https://securityaffairs.co/wordpress/133154/hacking/aitm-phishing-campaigns.html

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/12-07-2022

Microsoft Azure Site Recovery DLL Hijacking ($10,000 Bug Bounty)
https://www.reddit.com/r/netsec/comments/vxg4f9/microsoft_azure_site_recovery_dll_hijacking_10000/

Shitposting Shiba Inu Accounts Chased a Russian Diplomat Offline
https://www.vice.com/en_us/article/y3pd5y/shitposting-shiba-inu-accounts-chased-a-russian-diplomat-offline

The dangers of real time bidding. Round-up of recent US healthcare breaches. Threat groups just made it easier to find stolen data on leak sites.
https://thecyberwire.com/podcasts/privacy-briefing/623/notes

Concentric launches new data privacy and cybersecurity solution Eclipse
https://www.csoonline.com/article/3666696/concentric-launches-new-data-privacy-and-cybersecurity-solution-eclipse.html#tk.rss_all

Barracuda report: Almost everyone faced an industrial attack in the last year
https://www.csoonline.com/article/3666523/barracuda-report-almost-everyone-faced-an-industrial-attack-in-the-last-year.html#tk.rss_all

Microsoft announced the general availability of Windows Autopatch feature
https://securityaffairs.co/wordpress/133139/security/microsoft-autopatch.html

Misconfiguration on Digital Guardian Endpoint DLP
https://www.reddit.com/r/netsec/comments/vwc2d4/misconfiguration_on_digital_guardian_endpoint_dlp/

Avoiding Death by a Thousand Scripts: Using Automated Content Security Policies
https://thehackernews.com/2022/07/avoiding-death-by-thousand-scripts.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 14/07/2022

Three UEFI Firmware flaws found in tens of Lenovo Notebook models
https://securityaffairs.co/wordpress/133186/security/lenovo-uefi-firmware-flaws.html

U.S. FTC Vows to Crack Down on illegal Use and Sharing of Citizens' Sensitive Data
https://thehackernews.com/2022/07/us-ftc-vows-to-crack-down-on-illegal.html

Why Threat Analysis Will Continue to Play a Vital Role in Security
https://securityintelligence.com/posts/threat-analysis-vital-role-security/

Ransomware rolled through business defenses in Q2 2022
https://blog.malwarebytes.com/business/2022/07/ransomware-rolled-through-business-defenses-in-q2-2022/

Update now—July Patch Tuesday patches include fix for exploited zero-day
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/07/update-now-july-patch-tuesday-patches-include-fix-for-exploited-zero-day/

Researchers Uncover New Variants of the ChromeLoader Browser Hijacking Malware
https://thehackernews.com/2022/07/researchers-uncover-new-variants-of.html

New UEFI Firmware Vulnerabilities Impact Several Lenovo Notebook Models
https://thehackernews.com/2022/07/new-uefi-firmware-vulnerabilities.html

Exostar launches CMMC 2.0-compliant Microsoft 365, other solutions for SMBs
https://www.csoonline.com/article/3666832/exostar-launches-new-microsoft-365-cmmc-2-0-solutions-for-smbs.html#tk.rss_all

NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/13-07-2022

Dealing with Failure: Failure Escalation Policy in CLR Hosts
https://www.reddit.com/r/netsec/comments/vybzbn/dealing_with_failure_failure_escalation_policy_in/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 18/07/2022

Open source security needs automation as usage climbs amongst organisations
https://malware.news/t/open-source-security-needs-automation-as-usage-climbs-amongst-organisations/61862/1

Build your first LLVM Obfuscator
https://www.reddit.com/r/netsec/comments/w14fsr/build_your_first_llvm_obfuscator/

StartupApproved\Run, pt II
https://malware.news/t/startupapproved-run-pt-ii/61859/1

Google is going to remove App Permissions List from the Play Store
https://securityaffairs.co/wordpress/133334/mobile-2/google-removes-app-permissions-list-play-store.html

Python: Files In Use By Another Process, (Sun, Jul 17th)
https://isc.sans.edu/diary/rss/28848

Adding Your Own Keywords To My PDF Tools, (Mon, Jul 18th)
https://isc.sans.edu/diary/rss/28852

Going beyond Alert with XSS
https://zdresearch.com/going-beyond-alert-with-xss/

Enterprise backups and cybersecurity first principles, with Rick Howard.
https://thecyberwire.com/podcasts/cso-perspectives-public/53/notes

Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever
https://securityaffairs.co/wordpress/133339/cyber-crime/crooks-stole-375k-from-premint-nft-it-is-one-of-the-biggest-nft-hacks-ever.html

Adding Your Own Keywords To My PDF Tools, (Mon, Jul 18th)
https://malware.news/t/adding-your-own-keywords-to-my-pdf-tools-mon-jul-18th/61865/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 19/07/2022

A Deep Dive Into ALPHV/BlackCat Ransomware
https://www.reddit.com/r/Malware/comments/w26smy/a_deep_dive_into_alphvblackcat_ransomware/

A Deep Dive Into ALPHV/BlackCat Ransomware
https://www.reddit.com/r/netsec/comments/w20ai0/a_deep_dive_into_alphvblackcat_ransomware/

new privesc on AWS (DataScientist policy)
https://www.reddit.com/r/netsec/comments/w29e8l/new_privesc_on_aws_datascientist_policy/

ISC Stormcast For Tuesday, July 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8092, (Tue, Jul 19th)
https://isc.sans.edu/diary/rss/28854

Mind the Gap – How to Ensure Your Vulnerability Detection Methods are up to Scratch
https://thehackernews.com/2022/07/mind-gap-how-to-ensure-your.html

Lending Tree says leaked data aren’t theirs. One year after the Pegasus Project, the spyware remains at large. US child privacy legislation updates.
https://thecyberwire.com/newsletters/privacy-briefing/4/136

chip-red-pill/MicrocodeDecryptor - understand how Intel mitigated spectre vulnerability, explore the implementation of Intel TXT, SGX,VT-x technologies
https://www.reddit.com/r/netsec/comments/w2gcuu/chipredpillmicrocodedecryptor_understand_how/

Auth0’s OpenFGA explained: Open source universal authorization
https://www.csoonline.com/article/3667268/auth0-s-openfga-explained-open-source-universal-authorization.html#tk.rss_all

New Study Finds Most Enterprise Vendors Failing to Mitigate Speculative Execution Attacks
https://thehackernews.com/2022/07/new-study-finds-most-enterprise-vendors.html

Ukraine at D+144: Firing for whatever effect.
https://thecyberwire.com/stories/b3116afd3de447209bff4d030315f834/ukraine-at-d144


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 20/07/2022

BrandPost: How CSPs can Future Proof 5G Mobile Networks
https://www.csoonline.com/article/3667438/how-csps-can-future-proof-5g-mobile-networks.html#tk.rss_all

Darktrace launches new PREVENT AI security products to pre-empt cyberthreats
https://www.csoonline.com/article/3667494/darktrace-launches-new-prevent-ai-security-products-to-pre-empt-cyberthreats.html#tk.rss_all

ISC Stormcast For Wednesday, July 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8094, (Wed, Jul 20th)
https://isc.sans.edu/diary/rss/28858

GPS trackers used for vehicle fleet management can be hijacked by hackers
https://www.csoonline.com/article/3667316/gps-trackers-used-for-vehicle-fleet-management-can-be-hijacked-by-hackers.html#tk.rss_all

EU warns of risks of spillover effects associated with the ongoing war in Ukraine
https://securityaffairs.co/wordpress/133436/cyber-warfare-2/eu-warns-ukraine-spillover.html

New Air-Gap Attack Uses SATA Cable as an Antenna to Transfer Radio Signals
https://thehackernews.com/2022/07/new-air-gap-attack-uses-sata-cable-as.html

Several apps on the Play Store used to spread Joker, Facestealer and Coper malware
https://securityaffairs.co/wordpress/133394/malware/play-store-apps-joker-facestealer-coper.html

Malicious Python Script Behaving Like a Rubber Ducky, (Wed, Jul 20th)
https://isc.sans.edu/diary/rss/28860

PayPal phishing campaign goes after more than just your login credentials
https://blog.malwarebytes.com/social-engineering/2022/07/paypal-phishing-campaign-goes-after-more-than-just-your-login-credentials/

Security Alert: Oracle Releases Critical Patch Update, July 2022
https://malware.news/t/security-alert-oracle-releases-critical-patch-update-july-2022/61935/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 21/07/2022

Malware Being Distributed by Disguising Itself as Icon of V3 Lite
https://malware.news/t/malware-being-distributed-by-disguising-itself-as-icon-of-v3-lite/61979/1

Session On Android – An App Wrapped in Signal
https://www.reddit.com/r/netsec/comments/w3du6v/session_on_android_an_app_wrapped_in_signal/

ISC Stormcast For Thursday, July 21st, 2022 https://isc.sans.edu/podcastdetail.html?id=8096, (Thu, Jul 21st)
https://isc.sans.edu/diary/rss/28864

RE-AOL Is a Faithful Recreation of AOL 3.0
https://www.vice.com/en_us/article/93aby3/re-aol-is-a-faithful-recreation-of-aol-30

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers
https://securityaffairs.co/wordpress/133445/hacking/micodus-tracker-flaws.html

DNS-over-HTTP/3 in Android
https://www.reddit.com/r/netsec/comments/w3i930/dnsoverhttp3_in_android/

Microsoft Azure Arc Logging Passwords in Plaintext
https://www.reddit.com/r/netsec/comments/w2tuqh/microsoft_azure_arc_logging_passwords_in_plaintext/

ISC Stormcast For Thursday, July 21st, 2022 https://isc.sans.edu/podcastdetail.html?id=8096, (Thu, Jul 21st)
https://malware.news/t/isc-stormcast-for-thursday-july-21st-2022-https-isc-sans-edu-podcastdetail-html-id-8096-thu-jul-21st/61981/1

[SANS ISC] Malicious Python Script Behaving Like a Rubber Ducky
https://blog.rootshell.be/2022/07/20/sans-isc-malicious-python-script-behaving-like-a-rubber-ducky/

Robot Dog Not So Cute With Submachine Gun Strapped to Its Back
https://www.vice.com/en_us/article/m7gv33/robot-dog-not-so-cute-with-submachine-gun-strapped-to-its-back


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 22/07/2022

Apple Releases Security Patches for all Devices Fixing Dozens of New Vulnerabilities
https://thehackernews.com/2022/07/apple-releases-security-patches-for-all.html

Official: White House to Meet with Rail Industry Before Issuing Cybersecurity Rules
https://malware.news/t/official-white-house-to-meet-with-rail-industry-before-issuing-cybersecurity-rules/62018/1

TA4563 group leverages EvilNum malware to target European financial and investment entities
https://securityaffairs.co/wordpress/133535/apt/ta4563-group-evilnum-malware.html

Vulnerabilities in GPS tracker could have “life-threatening” implications
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/07/vulnerabilities-in-gps-tracker-could-have-life-threatening-implications/

The Return of Candiru: Zero-days in the Middle East
https://www.reddit.com/r/netsec/comments/w4fhyu/the_return_of_candiru_zerodays_in_the_middle_east/

DHS buys phone location data. Hacker lets Neopets’ cat out of the bag. Black Basta takes credit for attack on Knauf Insulation.
https://thecyberwire.com/podcasts/privacy-briefing/630/notes

BrandPost: Identity-first Security: How to Keep Your Security Team Strategic
https://www.csoonline.com/article/3667474/identity-first-security-how-to-keep-your-security-team-strategic.html#tk.rss_all

New Linux Malware Framework Lets Attackers Install Rootkit on Targeted Systems
https://thehackernews.com/2022/07/new-linux-malware-framework-let.html

FBI Seizes $500,000 Ransomware Payments and Crypto from North Korean Hackers
https://thehackernews.com/2022/07/fbi-seizes-500000-ransomware-payments.html

Deloitte expands its managed XDR platform
https://www.csoonline.com/article/3668129/deloitte-expands-its-managed-xdr-platform.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 23/07/2022

Ukraine at D+148: Spycraft, traditional and cyber.
https://thecyberwire.com/stories/83498ea4e93148a7878ff84539c9a01a/ukraine-at-d148

vSMTP : an alternative to current MTAs. Fully written in Rust, vSMTP now includes SPF and open relay filters in addition to vSL, an email scripting language that allows full traffic control.
https://www.reddit.com/r/netsec/comments/w54xm7/vsmtp_an_alternative_to_current_mtas_fully/

[Control systems] Johnson Controls security advisory (AV22-410)
https://malware.news/t/control-systems-johnson-controls-security-advisory-av22-410/62050/1

‘There’s a Recession Coming’: The Rich Rush to Offload Luxury Properties
https://www.vice.com/en_us/article/epzx5j/theres-a-recession-coming-the-tech-bloodbath-comes-for-the-luxury-housing-market

Report: Mercenary spyware exploited Google Chrome zero-day to target journalists
https://malware.news/t/report-mercenary-spyware-exploited-google-chrome-zero-day-to-target-journalists/62047/1

Ukrainian Radio Stations Hacked to Broadcast Fake News About Zelenskyy's Health
https://thehackernews.com/2022/07/ukrainian-radio-stations-hacked-to.html

[Control systems] Rockwell Automation security advisory (AV22-411)
https://malware.news/t/control-systems-rockwell-automation-security-advisory-av22-411/62051/1

Defeating Javascript Obfuscation
https://www.reddit.com/r/netsec/comments/w5hpqv/defeating_javascript_obfuscation/

SonicWall fixed critical SQLi in Analytics and GMS products
https://securityaffairs.co/wordpress/133579/security/sonicwall-critical-sqli.html

Thailand's use of intercept tools. San Francisco PD’s proposed use of surveillance footage. Candiru exploits Chrome zero-day.
https://thecyberwire.com/newsletters/privacy-briefing/4/140


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 24/07/2022

Turning Open Reporting Into Detections
https://malware.news/t/turning-open-reporting-into-detections/62053/1

The people behind Chengdu 404
https://malware.news/t/the-people-behind-chengdu-404/62054/1

FBI seized $500,000 worth of bitcoin obtained from Maui ransomware attacks
https://securityaffairs.co/wordpress/133587/cyber-warfare-2/fbi-seized-bitcoin-maui-ransomware.html

Here are the top phone security threats in 2022 and how to avoid them
https://malware.news/t/here-are-the-top-phone-security-threats-in-2022-and-how-to-avoid-them/62055/1

Analysis of SSH Honeypot Data with PowerBI, (Sat, Jul 23rd)
https://isc.sans.edu/diary/rss/28872

Analysis of SSH Honeypot Data with PowerBI, (Sat, Jul 23rd)
https://malware.news/t/analysis-of-ssh-honeypot-data-with-powerbi-sat-jul-23rd/62056/1

BEST GROUP ON TELEGRAM:https://t.me/letsrobthebank
https://0x00sec.org/t/best-group-on-telegram-t-me-letsrobthebank/30362

A DGA Seeded by the Bitcoin Genesis Block
https://malware.news/t/a-dga-seeded-by-the-bitcoin-genesis-block/62057/1

An informal review of CTF abuse
https://gynvael.coldwind.pl/?id=750

Update: oledump.py Version 0.0.69
https://malware.news/t/update-oledump-py-version-0-0-69/62052/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 25/07/2022

Security Affairs newsletter Round 375 by Pierluigi Paganini
https://securityaffairs.co/wordpress/133601/breaking-news/security-affairs-newsletter-round-375-by-pierluigi-paganini.html

Video: Maldoc: non-ASCII VBA Identifiers, (Sun, Jul 24th)
https://isc.sans.edu/diary/rss/28874

PowerShell Script with Fileless Capability, (Mon, Jul 25th)
https://isc.sans.edu/diary/rss/28878

Roaming Mantis Financial Hackers Targeting Android and iPhone Users in France
https://thehackernews.com/2022/07/roaming-mantis-financial-hackers.html

A database containing data of 5.4 million Twitter accounts available for sale
https://securityaffairs.co/wordpress/133593/data-breach/twitter-leaked-data.html

ISC Stormcast For Monday, July 25th, 2022 https://isc.sans.edu/podcastdetail.html?id=8100, (Mon, Jul 25th)
https://malware.news/t/isc-stormcast-for-monday-july-25th-2022-https-isc-sans-edu-podcastdetail-html-id-8100-mon-jul-25th/62065/1

Amadey malware spreads via software cracks laced with SmokeLoader
https://securityaffairs.co/wordpress/133617/cyber-crime/amadey-malware-spreads-smokeloader.html

ISC StormCast for Monday, July 25th, 2022
https://isc.sans.edu/podcastdetail.html?id=8100

PowerShell Script with Fileless Capability, (Mon, Jul 25th)
https://malware.news/t/powershell-script-with-fileless-capability-mon-jul-25th/62071/1

Drupal developers fixed a code execution flaw in the popular CMS
https://securityaffairs.co/wordpress/133625/security/drupal-flaws-2.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 26/07/2022

U.S. Cybersecurity Policy Has Changed Since the Colonial Pipeline Attack
https://securityintelligence.com/articles/cybersecurity-policy-changed-since-colonial-pipeline-attack/

How is Your macOS Security Posture?, (Tue, Jul 26th)
https://isc.sans.edu/diary/rss/28882

Experts Uncover New 'CosmicStrand' UEFI Firmware Rootkit Used by Chinese Hackers
https://thehackernews.com/2022/07/experts-uncover-new-cosmicstrand-uefi.html

NTX Keto Gummies Reviews 2022 (Scam or Legit) Gummy or Real Results?
https://www.bleepingcomputer.com/forums/t/775058/ntx-keto-gummies-reviews-2022-scam-or-legit-gummy-or-real-results/

9 tips to prevent phishing
https://www.csoonline.com/article/2132618/9-tips-to-prevent-phishing.html#tk.rss_all

Zero Day attacks target online stores using PrestaShop
https://securityaffairs.co/wordpress/133669/hacking/prestashop-zero-day.html

Hit by ransomware? No More Ransom now offers 136 free tools to rescue your files
https://malware.news/t/hit-by-ransomware-no-more-ransom-now-offers-136-free-tools-to-rescue-your-files/62106/1

How cybercriminals are using messaging apps to launch malware schemes
https://malware.news/t/how-cybercriminals-are-using-messaging-apps-to-launch-malware-schemes/62107/1

Multiple vulnerabilities in Nuki smart locks
https://www.reddit.com/r/netsec/comments/w7n12r/multiple_vulnerabilities_in_nuki_smart_locks/

Pulsar — an open-source runtime security framework powered by Rust & eBPF for IoT
https://www.reddit.com/r/netsec/comments/w7oi8c/pulsar_an_opensource_runtime_security_framework/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 27/07/2022

VRChat Security Update Throws the Metaverse Into Chaos
https://www.vice.com/en_us/article/y3pv8v/vrchat-security-update-throws-the-metaverse-into-chaos

Zyxel authentication bypass patch analysis (CVE-2022-0342)
https://www.reddit.com/r/netsec/comments/w8few6/zyxel_authentication_bypass_patch_analysis/

What’s New in the 2022 Cost of a Data Breach Report
https://securityintelligence.com/posts/whats-new-2022-cost-of-a-data-breach-report/

Experts Find Similarities Between New LockBit 3.0 and BlackMatter Ransomware
https://thehackernews.com/2022/07/experts-find-similarities-between.html

Hackers Increasingly Using WebAssembly Coded Cryptominers to Evade Detection
https://thehackernews.com/2022/07/hackers-increasingly-using-webassembly.html

Hunting For Mass Assignment Vulnerabilities Using GitHub CodeSearch and grep.app
https://www.reddit.com/r/netsec/comments/w8qn2n/hunting_for_mass_assignment_vulnerabilities_using/

Bypass AMSI in local process hooking NtCreateSection
https://www.reddit.com/r/netsec/comments/w8ehda/bypass_amsi_in_local_process_hooking/

LockBit Ransomware Claims Pwn Of Italy's Tax Agency
https://packetstormsecurity.com/news/view/33667/LockBit-Ransomware-Claims-Pwn-Of-Italys-Tax-Agency.html

ISC StormCast for Wednesday, July 27th, 2022
https://isc.sans.edu/podcastdetail.html?id=8104

CVE-2022-31813: Forwarding addresses is hard
https://www.reddit.com/r/netsec/comments/w8llor/cve202231813_forwarding_addresses_is_hard/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 28/07/2022

US Government Review of the December 2021 Log4j Event
https://www.reddit.com/r/netsec/comments/w86y4v/us_government_review_of_the_december_2021_log4j/

Railway cybersecurity in the era of interconnected systems
https://www.reddit.com/r/netsec/comments/wa08rs/railway_cybersecurity_in_the_era_of/

Passkeys: a push to take WebAuthn to the masses
https://www.reddit.com/r/netsec/comments/w9z2us/passkeys_a_push_to_take_webauthn_to_the_masses/

Vulnerable by Design: Azure Red Team Attack and Detect Workshop
https://www.reddit.com/r/netsec/comments/wa03lh/vulnerable_by_design_azure_red_team_attack_and/

Woman Tells Congress What It's Liked To Be Hacked By NSO's Pegasus
https://packetstormsecurity.com/news/view/33672/Woman-Tells-Congress-What-Its-Liked-To-Be-Hacked-By-NSOs-Pegasus.html

Malicious IIS Extensions Gaining Popularity Among Cyber Criminals for Persistent Access
https://thehackernews.com/2022/07/malicious-iis-extensions-gaining.html

Sophisticated UEFI rootkit of Chinese origin shows up again in the wild after 3 years
https://www.csoonline.com/article/3668172/sophisticated-uefi-rootkit-of-chinese-origin-shows-up-again-in-the-wild-after-3-years.html#tk.rss_all

DUCKTAIL operation targets Facebook’s Business and Ad accounts
https://securityaffairs.co/wordpress/133715/malware/ducktail-operation-facebook-business.html

Taking the Risk-Based Approach to Vulnerability Patching
https://thehackernews.com/2022/07/taking-risk-based-approach-to.html

Transitioning to a Holistic Approach to Data Protection
https://thecyberwire.com/podcasts/uncovering-hidden-risks/1/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 29/07/2022

U.S. Offers $10 Million Reward for Information on North Korean Hackers
https://thehackernews.com/2022/07/us-offers-10-million-reward-for.html

Attacks using Office macros decline in wake of Microsoft action
https://www.csoonline.com/article/3668532/attacks-using-office-macros-decline-in-wake-of-microsoft-action.html#tk.rss_all

ISC Stormcast For Friday, July 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8108, (Fri, Jul 29th)
https://malware.news/t/isc-stormcast-for-friday-july-29th-2022-https-isc-sans-edu-podcastdetail-html-id-8108-fri-jul-29th/62224/1

Hackers Opting New Attack Methods After Microsoft Blocked Macros by Default
https://thehackernews.com/2022/07/hackers-opting-new-attack-methods-after.html

nanopb Protobuf Decompiler - Anvil Secure
https://www.reddit.com/r/netsec/comments/waly67/nanopb_protobuf_decompiler_anvil_secure/

Radioactivity monitoring and warning system hacked, disabled by attackers
https://blog.malwarebytes.com/reports/2022/07/radioactivity-monitoring-and-warning-system-hacked-disabled-by-attackers/

Signals & Space: Space Force acquisitionplans. Wartime lessons about space capability. Rogozin is out at Roscosmos. The starry heavens above (seen through the Webb telescope);
https://thecyberwire.com/newsletters/signals-and-space/6/13

ISC StormCast for Friday, July 29th, 2022
https://isc.sans.edu/podcastdetail.html?id=8108

WordFly data breach impacts clients in the arts. Wawa reaches settlement for 2019 cyberattack. New PhaaS platform boasts 24/7 customer service.
https://thecyberwire.com/podcasts/privacy-briefing/635/notes

APT trends report Q2 2022
https://securelist.com/apt-trends-report-q2-2022/106995/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman