Top Security News for 09/07/2022

How to Find a Mortgage Expert in the UK
https://www.bleepingcomputer.com/forums/t/774340/how-to-find-a-mortgage-expert-in-the-uk/

Evolution of the LockBit Ransomware operation relies on new techniques
https://securityaffairs.co/wordpress/133027/cyber-crime/lockbit-2-0-evolution.html

Avoid travel digital disasters – Week in security with Tony Anscombe
https://malware.news/t/avoid-travel-digital-disasters-week-in-security-with-tony-anscombe/61653/1

Shanghaied data. Update on the Marriott breach. California college suffers cyberattack. Maui ransomware. NPM supply chain attack update.
https://thecyberwire.com/podcasts/privacy-briefing/621/notes

Thread hijacking operation linked to TA578. Gun owner data leaked by California Justice Department.
https://thecyberwire.com/newsletters/privacy-briefing/4/130

Dell security advisory (AV22-381)
https://malware.news/t/dell-security-advisory-av22-381/61657/1

Researchers Detail Techniques LockBit Ransomware Using to Infect its Targets
https://thehackernews.com/2022/07/researchers-detail-techniques-lockbit.html

Royal Army accounts hijacked. A hacktivist group claims to have hit Iranian sites. Very large database of PII for sale on the dark web.
https://thecyberwire.com/newsletters/week-that-was/6/27

Thread hijacking operation linked to TA578. Gun owner data leaked by California Justice Department.
https://thecyberwire.com/podcasts/research-saturday/621/notes

Recorded Future closes acquisition of malware analysis firm Hatching
https://www.csoonline.com/article/3666693/recorded-future-closes-acquisition-of-malware-analysis-firm-hatching.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 10/07/2022

Simple_listener.py
https://malware.news/t/simple-listener-py/61662/1

Weekly News Roundup — July 3 to July 9
https://malware.news/t/weekly-news-roundup-july-3-to-july-9/61660/1

Ongoing Raspberry Robin campaign leverages compromised QNAP devices
https://securityaffairs.co/wordpress/133039/cyber-crime/raspberry-robin-infection-attacks.html

Cyberpunk Future
https://0x00sec.org/t/cyberpunk-future/30127

Simone Petrella: Fake it, until you make it. [CEO]
https://thecyberwire.com/podcasts/career-notes/107/notes

Hackers Exploiting Follina Bug to Deploy Rozena Backdoor
https://thehackernews.com/2022/07/hackers-exploiting-follina-bug-to.html

Does "Autostart" Really Mean "Autostart"?
https://malware.news/t/does-autostart-really-mean-autostart/61661/1

Fortinet addressed multiple vulnerabilities in several products
https://securityaffairs.co/wordpress/133059/security/fortinet-multiple-issues-several-products.html

Rozena backdoor delivered by exploiting the Follina bug
https://securityaffairs.co/wordpress/133051/hacking/follina-bug-rozena-backdoor.html

Apple Lockdown Mode will protect users against highly targeted cyberattacks
https://securityaffairs.co/wordpress/133065/mobile-2/apple-lockdown-mode.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 11/07/2022

PyPI Repository Makes 2FA Security Mandatory for Critical Python Projects
https://thehackernews.com/2022/07/pypi-repository-makes-2af-security.html

Private 5G Network Security Expectations Part 3
https://malware.news/t/private-5g-network-security-expectations-part-3/61674/1

Hackers Used Fake Job Offer to Hack and Steal $540 Million from Axie Infinity
https://thehackernews.com/2022/07/hackers-used-fake-job-offer-to-hack-and.html

WAF from the scratch
https://www.reddit.com/r/netsec/comments/vw9utw/waf_from_the_scratch/

How the FBI quietly added itself to criminals’ instant message conversations
https://blog.malwarebytes.com/reports/2022/07/how-the-fbi-quietly-added-itself-to-criminals-instant-message-conversations/

Totmania.net DO NOT OPEN
https://www.reddit.com/r/Malware/comments/vw4lg8/totmanianet_do_not_open/

4 ways businesses can save money on cyber insurance
https://malware.news/t/4-ways-businesses-can-save-money-on-cyber-insurance/61669/1

North Korean APT targets US healthcare sector with Maui ransomware
https://blog.malwarebytes.com/ransomware/2022/07/north-korean-apt-targets-us-healthcare-sector-with-maui-ransomware/

Meterpreter Distributed to Vulnerable Server of Korean Medical Institution
https://malware.news/t/meterpreter-distributed-to-vulnerable-server-of-korean-medical-institution/61671/1

Debug Log: Why is my M.2 SSD so slow?
https://gynvael.coldwind.pl/?id=749


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 12/07/2022

Sneaky Orbit Malware Backdoors Linux Devices
https://packetstormsecurity.com/news/view/33618/Sneaky-Orbit-Malware-Backdoors-Linux-Devices.html

One Year After the Colonial Pipeline Attack, Regulation Is Still a Problem
https://securityintelligence.com/articles/colonial-pipeline-federal-regulation-update/

Anubis Networks is back with new C2 server
https://securityaffairs.co/wordpress/133115/hacking/anubis-networks-new-c2.html

Australian incident reporting law comes into effect. UK agencies recommend (strongly) against paying ransom.
https://thecyberwire.com/newsletters/policy-briefing/4/131

Cloud-based Cryptocurrency Miners Targeting GitHub Actions and Azure VMs
https://thehackernews.com/2022/07/cloud-based-cryptocurrency-miners.html

Text-based fraud: from 419 scams to vishing
https://securelist.com/mail-text-scam/106926/

Microsoft Windows Autopatch is Now Generally Available for Enterprise Systems
https://thehackernews.com/2022/07/microsoft-windows-autopatch-is-now.html

Accounts getting hacked
https://www.reddit.com/r/Malware/comments/vwuz3v/accounts_getting_hacked/

‘Don’t Ask Me Why’: NYC Releases Video About What to Do in Case of Nuclear War
https://www.vice.com/en_us/article/pkgbq7/dont-ask-me-why-nyc-releases-video-about-what-to-do-in-case-of-nuclear-war

ISC StormCast for Tuesday, July 12th, 2022
https://isc.sans.edu/podcastdetail.html?id=8082


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 13/07/2022

Large-scale AiTM phishing campaign targeted +10,000 orgs since 2021
https://securityaffairs.co/wordpress/133154/hacking/aitm-phishing-campaigns.html

NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/12-07-2022

Microsoft Azure Site Recovery DLL Hijacking ($10,000 Bug Bounty)
https://www.reddit.com/r/netsec/comments/vxg4f9/microsoft_azure_site_recovery_dll_hijacking_10000/

Shitposting Shiba Inu Accounts Chased a Russian Diplomat Offline
https://www.vice.com/en_us/article/y3pd5y/shitposting-shiba-inu-accounts-chased-a-russian-diplomat-offline

The dangers of real time bidding. Round-up of recent US healthcare breaches. Threat groups just made it easier to find stolen data on leak sites.
https://thecyberwire.com/podcasts/privacy-briefing/623/notes

Concentric launches new data privacy and cybersecurity solution Eclipse
https://www.csoonline.com/article/3666696/concentric-launches-new-data-privacy-and-cybersecurity-solution-eclipse.html#tk.rss_all

Barracuda report: Almost everyone faced an industrial attack in the last year
https://www.csoonline.com/article/3666523/barracuda-report-almost-everyone-faced-an-industrial-attack-in-the-last-year.html#tk.rss_all

Microsoft announced the general availability of Windows Autopatch feature
https://securityaffairs.co/wordpress/133139/security/microsoft-autopatch.html

Misconfiguration on Digital Guardian Endpoint DLP
https://www.reddit.com/r/netsec/comments/vwc2d4/misconfiguration_on_digital_guardian_endpoint_dlp/

Avoiding Death by a Thousand Scripts: Using Automated Content Security Policies
https://thehackernews.com/2022/07/avoiding-death-by-thousand-scripts.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 14/07/2022

Three UEFI Firmware flaws found in tens of Lenovo Notebook models
https://securityaffairs.co/wordpress/133186/security/lenovo-uefi-firmware-flaws.html

U.S. FTC Vows to Crack Down on illegal Use and Sharing of Citizens' Sensitive Data
https://thehackernews.com/2022/07/us-ftc-vows-to-crack-down-on-illegal.html

Why Threat Analysis Will Continue to Play a Vital Role in Security
https://securityintelligence.com/posts/threat-analysis-vital-role-security/

Ransomware rolled through business defenses in Q2 2022
https://blog.malwarebytes.com/business/2022/07/ransomware-rolled-through-business-defenses-in-q2-2022/

Update now—July Patch Tuesday patches include fix for exploited zero-day
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/07/update-now-july-patch-tuesday-patches-include-fix-for-exploited-zero-day/

Researchers Uncover New Variants of the ChromeLoader Browser Hijacking Malware
https://thehackernews.com/2022/07/researchers-uncover-new-variants-of.html

New UEFI Firmware Vulnerabilities Impact Several Lenovo Notebook Models
https://thehackernews.com/2022/07/new-uefi-firmware-vulnerabilities.html

Exostar launches CMMC 2.0-compliant Microsoft 365, other solutions for SMBs
https://www.csoonline.com/article/3666832/exostar-launches-new-microsoft-365-cmmc-2-0-solutions-for-smbs.html#tk.rss_all

NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/13-07-2022

Dealing with Failure: Failure Escalation Policy in CLR Hosts
https://www.reddit.com/r/netsec/comments/vybzbn/dealing_with_failure_failure_escalation_policy_in/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 18/07/2022

Open source security needs automation as usage climbs amongst organisations
https://malware.news/t/open-source-security-needs-automation-as-usage-climbs-amongst-organisations/61862/1

Build your first LLVM Obfuscator
https://www.reddit.com/r/netsec/comments/w14fsr/build_your_first_llvm_obfuscator/

StartupApproved\Run, pt II
https://malware.news/t/startupapproved-run-pt-ii/61859/1

Google is going to remove App Permissions List from the Play Store
https://securityaffairs.co/wordpress/133334/mobile-2/google-removes-app-permissions-list-play-store.html

Python: Files In Use By Another Process, (Sun, Jul 17th)
https://isc.sans.edu/diary/rss/28848

Adding Your Own Keywords To My PDF Tools, (Mon, Jul 18th)
https://isc.sans.edu/diary/rss/28852

Going beyond Alert with XSS
https://zdresearch.com/going-beyond-alert-with-xss/

Enterprise backups and cybersecurity first principles, with Rick Howard.
https://thecyberwire.com/podcasts/cso-perspectives-public/53/notes

Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever
https://securityaffairs.co/wordpress/133339/cyber-crime/crooks-stole-375k-from-premint-nft-it-is-one-of-the-biggest-nft-hacks-ever.html

Adding Your Own Keywords To My PDF Tools, (Mon, Jul 18th)
https://malware.news/t/adding-your-own-keywords-to-my-pdf-tools-mon-jul-18th/61865/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 19/07/2022

A Deep Dive Into ALPHV/BlackCat Ransomware
https://www.reddit.com/r/Malware/comments/w26smy/a_deep_dive_into_alphvblackcat_ransomware/

A Deep Dive Into ALPHV/BlackCat Ransomware
https://www.reddit.com/r/netsec/comments/w20ai0/a_deep_dive_into_alphvblackcat_ransomware/

new privesc on AWS (DataScientist policy)
https://www.reddit.com/r/netsec/comments/w29e8l/new_privesc_on_aws_datascientist_policy/

ISC Stormcast For Tuesday, July 19th, 2022 https://isc.sans.edu/podcastdetail.html?id=8092, (Tue, Jul 19th)
https://isc.sans.edu/diary/rss/28854

Mind the Gap – How to Ensure Your Vulnerability Detection Methods are up to Scratch
https://thehackernews.com/2022/07/mind-gap-how-to-ensure-your.html

Lending Tree says leaked data aren’t theirs. One year after the Pegasus Project, the spyware remains at large. US child privacy legislation updates.
https://thecyberwire.com/newsletters/privacy-briefing/4/136

chip-red-pill/MicrocodeDecryptor - understand how Intel mitigated spectre vulnerability, explore the implementation of Intel TXT, SGX,VT-x technologies
https://www.reddit.com/r/netsec/comments/w2gcuu/chipredpillmicrocodedecryptor_understand_how/

Auth0’s OpenFGA explained: Open source universal authorization
https://www.csoonline.com/article/3667268/auth0-s-openfga-explained-open-source-universal-authorization.html#tk.rss_all

New Study Finds Most Enterprise Vendors Failing to Mitigate Speculative Execution Attacks
https://thehackernews.com/2022/07/new-study-finds-most-enterprise-vendors.html

Ukraine at D+144: Firing for whatever effect.
https://thecyberwire.com/stories/b3116afd3de447209bff4d030315f834/ukraine-at-d144


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 20/07/2022

BrandPost: How CSPs can Future Proof 5G Mobile Networks
https://www.csoonline.com/article/3667438/how-csps-can-future-proof-5g-mobile-networks.html#tk.rss_all

Darktrace launches new PREVENT AI security products to pre-empt cyberthreats
https://www.csoonline.com/article/3667494/darktrace-launches-new-prevent-ai-security-products-to-pre-empt-cyberthreats.html#tk.rss_all

ISC Stormcast For Wednesday, July 20th, 2022 https://isc.sans.edu/podcastdetail.html?id=8094, (Wed, Jul 20th)
https://isc.sans.edu/diary/rss/28858

GPS trackers used for vehicle fleet management can be hijacked by hackers
https://www.csoonline.com/article/3667316/gps-trackers-used-for-vehicle-fleet-management-can-be-hijacked-by-hackers.html#tk.rss_all

EU warns of risks of spillover effects associated with the ongoing war in Ukraine
https://securityaffairs.co/wordpress/133436/cyber-warfare-2/eu-warns-ukraine-spillover.html

New Air-Gap Attack Uses SATA Cable as an Antenna to Transfer Radio Signals
https://thehackernews.com/2022/07/new-air-gap-attack-uses-sata-cable-as.html

Several apps on the Play Store used to spread Joker, Facestealer and Coper malware
https://securityaffairs.co/wordpress/133394/malware/play-store-apps-joker-facestealer-coper.html

Malicious Python Script Behaving Like a Rubber Ducky, (Wed, Jul 20th)
https://isc.sans.edu/diary/rss/28860

PayPal phishing campaign goes after more than just your login credentials
https://blog.malwarebytes.com/social-engineering/2022/07/paypal-phishing-campaign-goes-after-more-than-just-your-login-credentials/

Security Alert: Oracle Releases Critical Patch Update, July 2022
https://malware.news/t/security-alert-oracle-releases-critical-patch-update-july-2022/61935/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 21/07/2022

Malware Being Distributed by Disguising Itself as Icon of V3 Lite
https://malware.news/t/malware-being-distributed-by-disguising-itself-as-icon-of-v3-lite/61979/1

Session On Android – An App Wrapped in Signal
https://www.reddit.com/r/netsec/comments/w3du6v/session_on_android_an_app_wrapped_in_signal/

ISC Stormcast For Thursday, July 21st, 2022 https://isc.sans.edu/podcastdetail.html?id=8096, (Thu, Jul 21st)
https://isc.sans.edu/diary/rss/28864

RE-AOL Is a Faithful Recreation of AOL 3.0
https://www.vice.com/en_us/article/93aby3/re-aol-is-a-faithful-recreation-of-aol-30

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers
https://securityaffairs.co/wordpress/133445/hacking/micodus-tracker-flaws.html

DNS-over-HTTP/3 in Android
https://www.reddit.com/r/netsec/comments/w3i930/dnsoverhttp3_in_android/

Microsoft Azure Arc Logging Passwords in Plaintext
https://www.reddit.com/r/netsec/comments/w2tuqh/microsoft_azure_arc_logging_passwords_in_plaintext/

ISC Stormcast For Thursday, July 21st, 2022 https://isc.sans.edu/podcastdetail.html?id=8096, (Thu, Jul 21st)
https://malware.news/t/isc-stormcast-for-thursday-july-21st-2022-https-isc-sans-edu-podcastdetail-html-id-8096-thu-jul-21st/61981/1

[SANS ISC] Malicious Python Script Behaving Like a Rubber Ducky
https://blog.rootshell.be/2022/07/20/sans-isc-malicious-python-script-behaving-like-a-rubber-ducky/

Robot Dog Not So Cute With Submachine Gun Strapped to Its Back
https://www.vice.com/en_us/article/m7gv33/robot-dog-not-so-cute-with-submachine-gun-strapped-to-its-back


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 22/07/2022

Apple Releases Security Patches for all Devices Fixing Dozens of New Vulnerabilities
https://thehackernews.com/2022/07/apple-releases-security-patches-for-all.html

Official: White House to Meet with Rail Industry Before Issuing Cybersecurity Rules
https://malware.news/t/official-white-house-to-meet-with-rail-industry-before-issuing-cybersecurity-rules/62018/1

TA4563 group leverages EvilNum malware to target European financial and investment entities
https://securityaffairs.co/wordpress/133535/apt/ta4563-group-evilnum-malware.html

Vulnerabilities in GPS tracker could have “life-threatening” implications
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/07/vulnerabilities-in-gps-tracker-could-have-life-threatening-implications/

The Return of Candiru: Zero-days in the Middle East
https://www.reddit.com/r/netsec/comments/w4fhyu/the_return_of_candiru_zerodays_in_the_middle_east/

DHS buys phone location data. Hacker lets Neopets’ cat out of the bag. Black Basta takes credit for attack on Knauf Insulation.
https://thecyberwire.com/podcasts/privacy-briefing/630/notes

BrandPost: Identity-first Security: How to Keep Your Security Team Strategic
https://www.csoonline.com/article/3667474/identity-first-security-how-to-keep-your-security-team-strategic.html#tk.rss_all

New Linux Malware Framework Lets Attackers Install Rootkit on Targeted Systems
https://thehackernews.com/2022/07/new-linux-malware-framework-let.html

FBI Seizes $500,000 Ransomware Payments and Crypto from North Korean Hackers
https://thehackernews.com/2022/07/fbi-seizes-500000-ransomware-payments.html

Deloitte expands its managed XDR platform
https://www.csoonline.com/article/3668129/deloitte-expands-its-managed-xdr-platform.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 23/07/2022

Ukraine at D+148: Spycraft, traditional and cyber.
https://thecyberwire.com/stories/83498ea4e93148a7878ff84539c9a01a/ukraine-at-d148

vSMTP : an alternative to current MTAs. Fully written in Rust, vSMTP now includes SPF and open relay filters in addition to vSL, an email scripting language that allows full traffic control.
https://www.reddit.com/r/netsec/comments/w54xm7/vsmtp_an_alternative_to_current_mtas_fully/

[Control systems] Johnson Controls security advisory (AV22-410)
https://malware.news/t/control-systems-johnson-controls-security-advisory-av22-410/62050/1

‘There’s a Recession Coming’: The Rich Rush to Offload Luxury Properties
https://www.vice.com/en_us/article/epzx5j/theres-a-recession-coming-the-tech-bloodbath-comes-for-the-luxury-housing-market

Report: Mercenary spyware exploited Google Chrome zero-day to target journalists
https://malware.news/t/report-mercenary-spyware-exploited-google-chrome-zero-day-to-target-journalists/62047/1

Ukrainian Radio Stations Hacked to Broadcast Fake News About Zelenskyy's Health
https://thehackernews.com/2022/07/ukrainian-radio-stations-hacked-to.html

[Control systems] Rockwell Automation security advisory (AV22-411)
https://malware.news/t/control-systems-rockwell-automation-security-advisory-av22-411/62051/1

Defeating Javascript Obfuscation
https://www.reddit.com/r/netsec/comments/w5hpqv/defeating_javascript_obfuscation/

SonicWall fixed critical SQLi in Analytics and GMS products
https://securityaffairs.co/wordpress/133579/security/sonicwall-critical-sqli.html

Thailand's use of intercept tools. San Francisco PD’s proposed use of surveillance footage. Candiru exploits Chrome zero-day.
https://thecyberwire.com/newsletters/privacy-briefing/4/140


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 24/07/2022

Turning Open Reporting Into Detections
https://malware.news/t/turning-open-reporting-into-detections/62053/1

The people behind Chengdu 404
https://malware.news/t/the-people-behind-chengdu-404/62054/1

FBI seized $500,000 worth of bitcoin obtained from Maui ransomware attacks
https://securityaffairs.co/wordpress/133587/cyber-warfare-2/fbi-seized-bitcoin-maui-ransomware.html

Here are the top phone security threats in 2022 and how to avoid them
https://malware.news/t/here-are-the-top-phone-security-threats-in-2022-and-how-to-avoid-them/62055/1

Analysis of SSH Honeypot Data with PowerBI, (Sat, Jul 23rd)
https://isc.sans.edu/diary/rss/28872

Analysis of SSH Honeypot Data with PowerBI, (Sat, Jul 23rd)
https://malware.news/t/analysis-of-ssh-honeypot-data-with-powerbi-sat-jul-23rd/62056/1

BEST GROUP ON TELEGRAM:https://t.me/letsrobthebank
https://0x00sec.org/t/best-group-on-telegram-t-me-letsrobthebank/30362

A DGA Seeded by the Bitcoin Genesis Block
https://malware.news/t/a-dga-seeded-by-the-bitcoin-genesis-block/62057/1

An informal review of CTF abuse
https://gynvael.coldwind.pl/?id=750

Update: oledump.py Version 0.0.69
https://malware.news/t/update-oledump-py-version-0-0-69/62052/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 25/07/2022

Security Affairs newsletter Round 375 by Pierluigi Paganini
https://securityaffairs.co/wordpress/133601/breaking-news/security-affairs-newsletter-round-375-by-pierluigi-paganini.html

Video: Maldoc: non-ASCII VBA Identifiers, (Sun, Jul 24th)
https://isc.sans.edu/diary/rss/28874

PowerShell Script with Fileless Capability, (Mon, Jul 25th)
https://isc.sans.edu/diary/rss/28878

Roaming Mantis Financial Hackers Targeting Android and iPhone Users in France
https://thehackernews.com/2022/07/roaming-mantis-financial-hackers.html

A database containing data of 5.4 million Twitter accounts available for sale
https://securityaffairs.co/wordpress/133593/data-breach/twitter-leaked-data.html

ISC Stormcast For Monday, July 25th, 2022 https://isc.sans.edu/podcastdetail.html?id=8100, (Mon, Jul 25th)
https://malware.news/t/isc-stormcast-for-monday-july-25th-2022-https-isc-sans-edu-podcastdetail-html-id-8100-mon-jul-25th/62065/1

Amadey malware spreads via software cracks laced with SmokeLoader
https://securityaffairs.co/wordpress/133617/cyber-crime/amadey-malware-spreads-smokeloader.html

ISC StormCast for Monday, July 25th, 2022
https://isc.sans.edu/podcastdetail.html?id=8100

PowerShell Script with Fileless Capability, (Mon, Jul 25th)
https://malware.news/t/powershell-script-with-fileless-capability-mon-jul-25th/62071/1

Drupal developers fixed a code execution flaw in the popular CMS
https://securityaffairs.co/wordpress/133625/security/drupal-flaws-2.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 26/07/2022

U.S. Cybersecurity Policy Has Changed Since the Colonial Pipeline Attack
https://securityintelligence.com/articles/cybersecurity-policy-changed-since-colonial-pipeline-attack/

How is Your macOS Security Posture?, (Tue, Jul 26th)
https://isc.sans.edu/diary/rss/28882

Experts Uncover New 'CosmicStrand' UEFI Firmware Rootkit Used by Chinese Hackers
https://thehackernews.com/2022/07/experts-uncover-new-cosmicstrand-uefi.html

NTX Keto Gummies Reviews 2022 (Scam or Legit) Gummy or Real Results?
https://www.bleepingcomputer.com/forums/t/775058/ntx-keto-gummies-reviews-2022-scam-or-legit-gummy-or-real-results/

9 tips to prevent phishing
https://www.csoonline.com/article/2132618/9-tips-to-prevent-phishing.html#tk.rss_all

Zero Day attacks target online stores using PrestaShop
https://securityaffairs.co/wordpress/133669/hacking/prestashop-zero-day.html

Hit by ransomware? No More Ransom now offers 136 free tools to rescue your files
https://malware.news/t/hit-by-ransomware-no-more-ransom-now-offers-136-free-tools-to-rescue-your-files/62106/1

How cybercriminals are using messaging apps to launch malware schemes
https://malware.news/t/how-cybercriminals-are-using-messaging-apps-to-launch-malware-schemes/62107/1

Multiple vulnerabilities in Nuki smart locks
https://www.reddit.com/r/netsec/comments/w7n12r/multiple_vulnerabilities_in_nuki_smart_locks/

Pulsar — an open-source runtime security framework powered by Rust & eBPF for IoT
https://www.reddit.com/r/netsec/comments/w7oi8c/pulsar_an_opensource_runtime_security_framework/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 27/07/2022

VRChat Security Update Throws the Metaverse Into Chaos
https://www.vice.com/en_us/article/y3pv8v/vrchat-security-update-throws-the-metaverse-into-chaos

Zyxel authentication bypass patch analysis (CVE-2022-0342)
https://www.reddit.com/r/netsec/comments/w8few6/zyxel_authentication_bypass_patch_analysis/

What’s New in the 2022 Cost of a Data Breach Report
https://securityintelligence.com/posts/whats-new-2022-cost-of-a-data-breach-report/

Experts Find Similarities Between New LockBit 3.0 and BlackMatter Ransomware
https://thehackernews.com/2022/07/experts-find-similarities-between.html

Hackers Increasingly Using WebAssembly Coded Cryptominers to Evade Detection
https://thehackernews.com/2022/07/hackers-increasingly-using-webassembly.html

Hunting For Mass Assignment Vulnerabilities Using GitHub CodeSearch and grep.app
https://www.reddit.com/r/netsec/comments/w8qn2n/hunting_for_mass_assignment_vulnerabilities_using/

Bypass AMSI in local process hooking NtCreateSection
https://www.reddit.com/r/netsec/comments/w8ehda/bypass_amsi_in_local_process_hooking/

LockBit Ransomware Claims Pwn Of Italy's Tax Agency
https://packetstormsecurity.com/news/view/33667/LockBit-Ransomware-Claims-Pwn-Of-Italys-Tax-Agency.html

ISC StormCast for Wednesday, July 27th, 2022
https://isc.sans.edu/podcastdetail.html?id=8104

CVE-2022-31813: Forwarding addresses is hard
https://www.reddit.com/r/netsec/comments/w8llor/cve202231813_forwarding_addresses_is_hard/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 28/07/2022

US Government Review of the December 2021 Log4j Event
https://www.reddit.com/r/netsec/comments/w86y4v/us_government_review_of_the_december_2021_log4j/

Railway cybersecurity in the era of interconnected systems
https://www.reddit.com/r/netsec/comments/wa08rs/railway_cybersecurity_in_the_era_of/

Passkeys: a push to take WebAuthn to the masses
https://www.reddit.com/r/netsec/comments/w9z2us/passkeys_a_push_to_take_webauthn_to_the_masses/

Vulnerable by Design: Azure Red Team Attack and Detect Workshop
https://www.reddit.com/r/netsec/comments/wa03lh/vulnerable_by_design_azure_red_team_attack_and/

Woman Tells Congress What It's Liked To Be Hacked By NSO's Pegasus
https://packetstormsecurity.com/news/view/33672/Woman-Tells-Congress-What-Its-Liked-To-Be-Hacked-By-NSOs-Pegasus.html

Malicious IIS Extensions Gaining Popularity Among Cyber Criminals for Persistent Access
https://thehackernews.com/2022/07/malicious-iis-extensions-gaining.html

Sophisticated UEFI rootkit of Chinese origin shows up again in the wild after 3 years
https://www.csoonline.com/article/3668172/sophisticated-uefi-rootkit-of-chinese-origin-shows-up-again-in-the-wild-after-3-years.html#tk.rss_all

DUCKTAIL operation targets Facebook’s Business and Ad accounts
https://securityaffairs.co/wordpress/133715/malware/ducktail-operation-facebook-business.html

Taking the Risk-Based Approach to Vulnerability Patching
https://thehackernews.com/2022/07/taking-risk-based-approach-to.html

Transitioning to a Holistic Approach to Data Protection
https://thecyberwire.com/podcasts/uncovering-hidden-risks/1/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 29/07/2022

U.S. Offers $10 Million Reward for Information on North Korean Hackers
https://thehackernews.com/2022/07/us-offers-10-million-reward-for.html

Attacks using Office macros decline in wake of Microsoft action
https://www.csoonline.com/article/3668532/attacks-using-office-macros-decline-in-wake-of-microsoft-action.html#tk.rss_all

ISC Stormcast For Friday, July 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8108, (Fri, Jul 29th)
https://malware.news/t/isc-stormcast-for-friday-july-29th-2022-https-isc-sans-edu-podcastdetail-html-id-8108-fri-jul-29th/62224/1

Hackers Opting New Attack Methods After Microsoft Blocked Macros by Default
https://thehackernews.com/2022/07/hackers-opting-new-attack-methods-after.html

nanopb Protobuf Decompiler - Anvil Secure
https://www.reddit.com/r/netsec/comments/waly67/nanopb_protobuf_decompiler_anvil_secure/

Radioactivity monitoring and warning system hacked, disabled by attackers
https://blog.malwarebytes.com/reports/2022/07/radioactivity-monitoring-and-warning-system-hacked-disabled-by-attackers/

Signals & Space: Space Force acquisitionplans. Wartime lessons about space capability. Rogozin is out at Roscosmos. The starry heavens above (seen through the Webb telescope);
https://thecyberwire.com/newsletters/signals-and-space/6/13

ISC StormCast for Friday, July 29th, 2022
https://isc.sans.edu/podcastdetail.html?id=8108

WordFly data breach impacts clients in the arts. Wawa reaches settlement for 2019 cyberattack. New PhaaS platform boasts 24/7 customer service.
https://thecyberwire.com/podcasts/privacy-briefing/635/notes

APT trends report Q2 2022
https://securelist.com/apt-trends-report-q2-2022/106995/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 30/07/2022

US DOJ investigating Federal court records data breach. CNIL ends investigation into Facebook’s cookie settings. Daughter of Rwandan activist testifies in spyware hearing. New report on consumer identity theft.
https://thecyberwire.com/podcasts/privacy-briefing/636/notes

Researchers Warns of Increase in Phishing Attacks Using Decentralized IPFS Network
https://thehackernews.com/2022/07/researchers-warns-of-increase-in.html

July was a hot month for cybersecurity research
https://www.csoonline.com/article/3668070/july-was-a-hot-month-for-cybersecurity-research.html#tk.rss_all

Music streaming platform victim of a crypto theft – Week in security with Tony Anscombe
https://malware.news/t/music-streaming-platform-victim-of-a-crypto-theft-week-in-security-with-tony-anscombe/62256/1

ImHex - A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM
https://www.reddit.com/r/netsec/comments/wbbyfn/imhex_a_hex_editor_for_reverse_engineers/

Threat Actors Pivot Around Microsoft's Macro-Blocking In Office
https://packetstormsecurity.com/news/view/33682/Threat-Actors-Pivot-Around-Microsofts-Macro-Blocking-In-Office.html

Microsoft experts linked the Raspberry Robin malware to Evil Corp operation
https://securityaffairs.co/wordpress/133810/cyber-crime/raspberry-robin-linked-evil-corp.html

BrandPost: Understanding SSE: Components, Process, and Advantages
https://www.csoonline.com/article/3668691/understanding-sse-components-process-and-advantages.html#tk.rss_all

Ransomware Hit The American Dental Association
https://packetstormsecurity.com/news/view/33680/Ransomware-Hit-The-American-Dental-Association.html

The global Anti Chip Coating
https://www.bleepingcomputer.com/forums/t/775245/the-global-anti-chip-coating/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 31/07/2022

Treebox - Python AST sandbox challenge from Google CTF 2022
https://gynvael.coldwind.pl/?id=751

Reading the “ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS” report
https://securityaffairs.co/wordpress/133827/malware/enisa-threat-landscape-for-ransomware-attacks.html

Sitecore third party form inside the sitecore form
https://www.bleepingcomputer.com/forums/t/775251/sitecore-third-party-form-inside-the-sitecore-form/

Stop Putting Your Accounts At Risk, and Start Using a Password Manager
https://thehackernews.com/2022/07/stop-putting-your-accounts-at-risk-and.html

Wireshark 3.6.7 Released, (Sat, Jul 30th)
https://isc.sans.edu/diary/rss/28896

Malware Analysis - Using Hybrid Analysis for Initial Malware Assessment
https://malware.news/t/malware-analysis-using-hybrid-analysis-for-initial-malware-assessment/62257/1

CISA orders to patch an actively exploited flaw in Confluence servers
https://securityaffairs.co/wordpress/133819/security/cisa-confluence-cve-2022-26138-catalog.html

Prima Weight Loss UK Dragons Den Reviews- Capsules Price or Ingredients
https://www.bleepingcomputer.com/forums/t/775260/prima-weight-loss-uk-dragons-den-reviews-capsules-price-or-ingredients/

Microsoft Links Raspberry Robin USB Worm to Russian Evil Corp Hackers
https://thehackernews.com/2022/07/microsoft-links-raspberry-robin-usb.html

Running Exploit As Protected Process Ligh From Userland
https://www.reddit.com/r/netsec/comments/wc6euk/running_exploit_as_protected_process_ligh_from/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 01/08/2022

Free cybercrime intelligence tool - check any company domain and see how many of their employees and clients were compromised by info-stealers
https://www.reddit.com/r/Malware/comments/wci0ty/free_cybercrime_intelligence_tool_check_any/

ISC StormCast for Monday, August 1st, 2022
https://isc.sans.edu/podcastdetail.html?id=8110

ISC Stormcast For Monday, August 1st, 2022 https://isc.sans.edu/podcastdetail.html?id=8110, (Mon, Aug 1st)
https://malware.news/t/isc-stormcast-for-monday-august-1st-2022-https-isc-sans-edu-podcastdetail-html-id-8110-mon-aug-1st/62265/1

A flaw in Dahua IP Cameras allows full take over of the devices
https://securityaffairs.co/wordpress/133877/security/dahua-severe-flaw.html

17 Android Apps on Google Play Store, dubbed DawDropper, were serving banking malware
https://securityaffairs.co/wordpress/133853/malware/dawdropper-apps-google-play.html

Weekend Wrap-up of Infosec News
https://www.reddit.com/r/netsec/comments/wcm8z3/weekend_wrapup_of_infosec_news/

ISC Stormcast For Monday, August 1st, 2022 https://isc.sans.edu/podcastdetail.html?id=8110, (Mon, Aug 1st)
https://isc.sans.edu/diary/rss/28898

Threat actor claims to have hacked European manufacturer of missiles MBDA
https://securityaffairs.co/wordpress/133881/data-breach/mbda-alleged-data-breach.html

CQ, a code security scanner
https://www.reddit.com/r/netsec/comments/wcjt86/cq_a_code_security_scanner/

Orchestrating the security stack and cybersecurity first principles, with Rick Howard.
https://thecyberwire.com/podcasts/cso-perspectives-public/55/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman