Top Security News for 22/07/2022
Apple Releases Security Patches for all Devices Fixing Dozens of New Vulnerabilities
https://thehackernews.com/2022/07/apple-releases-security-patches-for-all.html
Official: White House to Meet with Rail Industry Before Issuing Cybersecurity Rules
https://malware.news/t/official-white-house-to-meet-with-rail-industry-before-issuing-cybersecurity-rules/62018/1
TA4563 group leverages EvilNum malware to target European financial and investment entities
https://securityaffairs.co/wordpress/133535/apt/ta4563-group-evilnum-malware.html
Vulnerabilities in GPS tracker could have “life-threatening” implications
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/07/vulnerabilities-in-gps-tracker-could-have-life-threatening-implications/
The Return of Candiru: Zero-days in the Middle East
https://www.reddit.com/r/netsec/comments/w4fhyu/the_return_of_candiru_zerodays_in_the_middle_east/
DHS buys phone location data. Hacker lets Neopets’ cat out of the bag. Black Basta takes credit for attack on Knauf Insulation.
https://thecyberwire.com/podcasts/privacy-briefing/630/notes
BrandPost: Identity-first Security: How to Keep Your Security Team Strategic
https://www.csoonline.com/article/3667474/identity-first-security-how-to-keep-your-security-team-strategic.html#tk.rss_all
New Linux Malware Framework Lets Attackers Install Rootkit on Targeted Systems
https://thehackernews.com/2022/07/new-linux-malware-framework-let.html
FBI Seizes $500,000 Ransomware Payments and Crypto from North Korean Hackers
https://thehackernews.com/2022/07/fbi-seizes-500000-ransomware-payments.html
Deloitte expands its managed XDR platform
https://www.csoonline.com/article/3668129/deloitte-expands-its-managed-xdr-platform.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Apple Releases Security Patches for all Devices Fixing Dozens of New Vulnerabilities
https://thehackernews.com/2022/07/apple-releases-security-patches-for-all.html
Official: White House to Meet with Rail Industry Before Issuing Cybersecurity Rules
https://malware.news/t/official-white-house-to-meet-with-rail-industry-before-issuing-cybersecurity-rules/62018/1
TA4563 group leverages EvilNum malware to target European financial and investment entities
https://securityaffairs.co/wordpress/133535/apt/ta4563-group-evilnum-malware.html
Vulnerabilities in GPS tracker could have “life-threatening” implications
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/07/vulnerabilities-in-gps-tracker-could-have-life-threatening-implications/
The Return of Candiru: Zero-days in the Middle East
https://www.reddit.com/r/netsec/comments/w4fhyu/the_return_of_candiru_zerodays_in_the_middle_east/
DHS buys phone location data. Hacker lets Neopets’ cat out of the bag. Black Basta takes credit for attack on Knauf Insulation.
https://thecyberwire.com/podcasts/privacy-briefing/630/notes
BrandPost: Identity-first Security: How to Keep Your Security Team Strategic
https://www.csoonline.com/article/3667474/identity-first-security-how-to-keep-your-security-team-strategic.html#tk.rss_all
New Linux Malware Framework Lets Attackers Install Rootkit on Targeted Systems
https://thehackernews.com/2022/07/new-linux-malware-framework-let.html
FBI Seizes $500,000 Ransomware Payments and Crypto from North Korean Hackers
https://thehackernews.com/2022/07/fbi-seizes-500000-ransomware-payments.html
Deloitte expands its managed XDR platform
https://www.csoonline.com/article/3668129/deloitte-expands-its-managed-xdr-platform.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Official: White House to Meet with Rail Industry Before Issuing Cybersecurity Rules
The meeting comes as the Office of the National Cyber Director prepares a more comprehensive approach to securing privately owned and operated critical infrastructure. Article Link: Official: White House to Meet with Rail Industry Before Issuing Cybersecurity…
Top Security News for 23/07/2022
Ukraine at D+148: Spycraft, traditional and cyber.
https://thecyberwire.com/stories/83498ea4e93148a7878ff84539c9a01a/ukraine-at-d148
vSMTP : an alternative to current MTAs. Fully written in Rust, vSMTP now includes SPF and open relay filters in addition to vSL, an email scripting language that allows full traffic control.
https://www.reddit.com/r/netsec/comments/w54xm7/vsmtp_an_alternative_to_current_mtas_fully/
[Control systems] Johnson Controls security advisory (AV22-410)
https://malware.news/t/control-systems-johnson-controls-security-advisory-av22-410/62050/1
‘There’s a Recession Coming’: The Rich Rush to Offload Luxury Properties
https://www.vice.com/en_us/article/epzx5j/theres-a-recession-coming-the-tech-bloodbath-comes-for-the-luxury-housing-market
Report: Mercenary spyware exploited Google Chrome zero-day to target journalists
https://malware.news/t/report-mercenary-spyware-exploited-google-chrome-zero-day-to-target-journalists/62047/1
Ukrainian Radio Stations Hacked to Broadcast Fake News About Zelenskyy's Health
https://thehackernews.com/2022/07/ukrainian-radio-stations-hacked-to.html
[Control systems] Rockwell Automation security advisory (AV22-411)
https://malware.news/t/control-systems-rockwell-automation-security-advisory-av22-411/62051/1
Defeating Javascript Obfuscation
https://www.reddit.com/r/netsec/comments/w5hpqv/defeating_javascript_obfuscation/
SonicWall fixed critical SQLi in Analytics and GMS products
https://securityaffairs.co/wordpress/133579/security/sonicwall-critical-sqli.html
Thailand's use of intercept tools. San Francisco PD’s proposed use of surveillance footage. Candiru exploits Chrome zero-day.
https://thecyberwire.com/newsletters/privacy-briefing/4/140
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Ukraine at D+148: Spycraft, traditional and cyber.
https://thecyberwire.com/stories/83498ea4e93148a7878ff84539c9a01a/ukraine-at-d148
vSMTP : an alternative to current MTAs. Fully written in Rust, vSMTP now includes SPF and open relay filters in addition to vSL, an email scripting language that allows full traffic control.
https://www.reddit.com/r/netsec/comments/w54xm7/vsmtp_an_alternative_to_current_mtas_fully/
[Control systems] Johnson Controls security advisory (AV22-410)
https://malware.news/t/control-systems-johnson-controls-security-advisory-av22-410/62050/1
‘There’s a Recession Coming’: The Rich Rush to Offload Luxury Properties
https://www.vice.com/en_us/article/epzx5j/theres-a-recession-coming-the-tech-bloodbath-comes-for-the-luxury-housing-market
Report: Mercenary spyware exploited Google Chrome zero-day to target journalists
https://malware.news/t/report-mercenary-spyware-exploited-google-chrome-zero-day-to-target-journalists/62047/1
Ukrainian Radio Stations Hacked to Broadcast Fake News About Zelenskyy's Health
https://thehackernews.com/2022/07/ukrainian-radio-stations-hacked-to.html
[Control systems] Rockwell Automation security advisory (AV22-411)
https://malware.news/t/control-systems-rockwell-automation-security-advisory-av22-411/62051/1
Defeating Javascript Obfuscation
https://www.reddit.com/r/netsec/comments/w5hpqv/defeating_javascript_obfuscation/
SonicWall fixed critical SQLi in Analytics and GMS products
https://securityaffairs.co/wordpress/133579/security/sonicwall-critical-sqli.html
Thailand's use of intercept tools. San Francisco PD’s proposed use of surveillance footage. Candiru exploits Chrome zero-day.
https://thecyberwire.com/newsletters/privacy-briefing/4/140
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Ukraine at D+148: Spycraft, traditional and cyber.
Russia's offensives remain stalled, as MI6 and CIA think the Russian army has "run out of steam." Russian cyberespionage continues as traditional espionage runs up against apparently effective European counterespionage measures. And hackers spread disinformation…
👍1
Top Security News for 24/07/2022
Turning Open Reporting Into Detections
https://malware.news/t/turning-open-reporting-into-detections/62053/1
The people behind Chengdu 404
https://malware.news/t/the-people-behind-chengdu-404/62054/1
FBI seized $500,000 worth of bitcoin obtained from Maui ransomware attacks
https://securityaffairs.co/wordpress/133587/cyber-warfare-2/fbi-seized-bitcoin-maui-ransomware.html
Here are the top phone security threats in 2022 and how to avoid them
https://malware.news/t/here-are-the-top-phone-security-threats-in-2022-and-how-to-avoid-them/62055/1
Analysis of SSH Honeypot Data with PowerBI, (Sat, Jul 23rd)
https://isc.sans.edu/diary/rss/28872
Analysis of SSH Honeypot Data with PowerBI, (Sat, Jul 23rd)
https://malware.news/t/analysis-of-ssh-honeypot-data-with-powerbi-sat-jul-23rd/62056/1
BEST GROUP ON TELEGRAM:https://t.me/letsrobthebank
https://0x00sec.org/t/best-group-on-telegram-t-me-letsrobthebank/30362
A DGA Seeded by the Bitcoin Genesis Block
https://malware.news/t/a-dga-seeded-by-the-bitcoin-genesis-block/62057/1
An informal review of CTF abuse
https://gynvael.coldwind.pl/?id=750
Update: oledump.py Version 0.0.69
https://malware.news/t/update-oledump-py-version-0-0-69/62052/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Turning Open Reporting Into Detections
https://malware.news/t/turning-open-reporting-into-detections/62053/1
The people behind Chengdu 404
https://malware.news/t/the-people-behind-chengdu-404/62054/1
FBI seized $500,000 worth of bitcoin obtained from Maui ransomware attacks
https://securityaffairs.co/wordpress/133587/cyber-warfare-2/fbi-seized-bitcoin-maui-ransomware.html
Here are the top phone security threats in 2022 and how to avoid them
https://malware.news/t/here-are-the-top-phone-security-threats-in-2022-and-how-to-avoid-them/62055/1
Analysis of SSH Honeypot Data with PowerBI, (Sat, Jul 23rd)
https://isc.sans.edu/diary/rss/28872
Analysis of SSH Honeypot Data with PowerBI, (Sat, Jul 23rd)
https://malware.news/t/analysis-of-ssh-honeypot-data-with-powerbi-sat-jul-23rd/62056/1
BEST GROUP ON TELEGRAM:https://t.me/letsrobthebank
https://0x00sec.org/t/best-group-on-telegram-t-me-letsrobthebank/30362
A DGA Seeded by the Bitcoin Genesis Block
https://malware.news/t/a-dga-seeded-by-the-bitcoin-genesis-block/62057/1
An informal review of CTF abuse
https://gynvael.coldwind.pl/?id=750
Update: oledump.py Version 0.0.69
https://malware.news/t/update-oledump-py-version-0-0-69/62052/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Turning Open Reporting Into Detections
I saw this tweet from Ankit recently, and as soon as I read through it, I thought I was watching “The Matrix” again. Instead of seeing the “blonde, brunette, redhead” that Cypher saw, I was seeing actionable detection opportunities and pivot points. How you…
Top Security News for 25/07/2022
Security Affairs newsletter Round 375 by Pierluigi Paganini
https://securityaffairs.co/wordpress/133601/breaking-news/security-affairs-newsletter-round-375-by-pierluigi-paganini.html
Video: Maldoc: non-ASCII VBA Identifiers, (Sun, Jul 24th)
https://isc.sans.edu/diary/rss/28874
PowerShell Script with Fileless Capability, (Mon, Jul 25th)
https://isc.sans.edu/diary/rss/28878
Roaming Mantis Financial Hackers Targeting Android and iPhone Users in France
https://thehackernews.com/2022/07/roaming-mantis-financial-hackers.html
A database containing data of 5.4 million Twitter accounts available for sale
https://securityaffairs.co/wordpress/133593/data-breach/twitter-leaked-data.html
ISC Stormcast For Monday, July 25th, 2022 https://isc.sans.edu/podcastdetail.html?id=8100, (Mon, Jul 25th)
https://malware.news/t/isc-stormcast-for-monday-july-25th-2022-https-isc-sans-edu-podcastdetail-html-id-8100-mon-jul-25th/62065/1
Amadey malware spreads via software cracks laced with SmokeLoader
https://securityaffairs.co/wordpress/133617/cyber-crime/amadey-malware-spreads-smokeloader.html
ISC StormCast for Monday, July 25th, 2022
https://isc.sans.edu/podcastdetail.html?id=8100
PowerShell Script with Fileless Capability, (Mon, Jul 25th)
https://malware.news/t/powershell-script-with-fileless-capability-mon-jul-25th/62071/1
Drupal developers fixed a code execution flaw in the popular CMS
https://securityaffairs.co/wordpress/133625/security/drupal-flaws-2.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs newsletter Round 375 by Pierluigi Paganini
https://securityaffairs.co/wordpress/133601/breaking-news/security-affairs-newsletter-round-375-by-pierluigi-paganini.html
Video: Maldoc: non-ASCII VBA Identifiers, (Sun, Jul 24th)
https://isc.sans.edu/diary/rss/28874
PowerShell Script with Fileless Capability, (Mon, Jul 25th)
https://isc.sans.edu/diary/rss/28878
Roaming Mantis Financial Hackers Targeting Android and iPhone Users in France
https://thehackernews.com/2022/07/roaming-mantis-financial-hackers.html
A database containing data of 5.4 million Twitter accounts available for sale
https://securityaffairs.co/wordpress/133593/data-breach/twitter-leaked-data.html
ISC Stormcast For Monday, July 25th, 2022 https://isc.sans.edu/podcastdetail.html?id=8100, (Mon, Jul 25th)
https://malware.news/t/isc-stormcast-for-monday-july-25th-2022-https-isc-sans-edu-podcastdetail-html-id-8100-mon-jul-25th/62065/1
Amadey malware spreads via software cracks laced with SmokeLoader
https://securityaffairs.co/wordpress/133617/cyber-crime/amadey-malware-spreads-smokeloader.html
ISC StormCast for Monday, July 25th, 2022
https://isc.sans.edu/podcastdetail.html?id=8100
PowerShell Script with Fileless Capability, (Mon, Jul 25th)
https://malware.news/t/powershell-script-with-fileless-capability-mon-jul-25th/62071/1
Drupal developers fixed a code execution flaw in the popular CMS
https://securityaffairs.co/wordpress/133625/security/drupal-flaws-2.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Security Affairs newsletter Round 375 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you
Top Security News for 26/07/2022
U.S. Cybersecurity Policy Has Changed Since the Colonial Pipeline Attack
https://securityintelligence.com/articles/cybersecurity-policy-changed-since-colonial-pipeline-attack/
How is Your macOS Security Posture?, (Tue, Jul 26th)
https://isc.sans.edu/diary/rss/28882
Experts Uncover New 'CosmicStrand' UEFI Firmware Rootkit Used by Chinese Hackers
https://thehackernews.com/2022/07/experts-uncover-new-cosmicstrand-uefi.html
NTX Keto Gummies Reviews 2022 (Scam or Legit) Gummy or Real Results?
https://www.bleepingcomputer.com/forums/t/775058/ntx-keto-gummies-reviews-2022-scam-or-legit-gummy-or-real-results/
9 tips to prevent phishing
https://www.csoonline.com/article/2132618/9-tips-to-prevent-phishing.html#tk.rss_all
Zero Day attacks target online stores using PrestaShop
https://securityaffairs.co/wordpress/133669/hacking/prestashop-zero-day.html
Hit by ransomware? No More Ransom now offers 136 free tools to rescue your files
https://malware.news/t/hit-by-ransomware-no-more-ransom-now-offers-136-free-tools-to-rescue-your-files/62106/1
How cybercriminals are using messaging apps to launch malware schemes
https://malware.news/t/how-cybercriminals-are-using-messaging-apps-to-launch-malware-schemes/62107/1
Multiple vulnerabilities in Nuki smart locks
https://www.reddit.com/r/netsec/comments/w7n12r/multiple_vulnerabilities_in_nuki_smart_locks/
Pulsar — an open-source runtime security framework powered by Rust & eBPF for IoT
https://www.reddit.com/r/netsec/comments/w7oi8c/pulsar_an_opensource_runtime_security_framework/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
U.S. Cybersecurity Policy Has Changed Since the Colonial Pipeline Attack
https://securityintelligence.com/articles/cybersecurity-policy-changed-since-colonial-pipeline-attack/
How is Your macOS Security Posture?, (Tue, Jul 26th)
https://isc.sans.edu/diary/rss/28882
Experts Uncover New 'CosmicStrand' UEFI Firmware Rootkit Used by Chinese Hackers
https://thehackernews.com/2022/07/experts-uncover-new-cosmicstrand-uefi.html
NTX Keto Gummies Reviews 2022 (Scam or Legit) Gummy or Real Results?
https://www.bleepingcomputer.com/forums/t/775058/ntx-keto-gummies-reviews-2022-scam-or-legit-gummy-or-real-results/
9 tips to prevent phishing
https://www.csoonline.com/article/2132618/9-tips-to-prevent-phishing.html#tk.rss_all
Zero Day attacks target online stores using PrestaShop
https://securityaffairs.co/wordpress/133669/hacking/prestashop-zero-day.html
Hit by ransomware? No More Ransom now offers 136 free tools to rescue your files
https://malware.news/t/hit-by-ransomware-no-more-ransom-now-offers-136-free-tools-to-rescue-your-files/62106/1
How cybercriminals are using messaging apps to launch malware schemes
https://malware.news/t/how-cybercriminals-are-using-messaging-apps-to-launch-malware-schemes/62107/1
Multiple vulnerabilities in Nuki smart locks
https://www.reddit.com/r/netsec/comments/w7n12r/multiple_vulnerabilities_in_nuki_smart_locks/
Pulsar — an open-source runtime security framework powered by Rust & eBPF for IoT
https://www.reddit.com/r/netsec/comments/w7oi8c/pulsar_an_opensource_runtime_security_framework/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Intelligence
U.S. Cybersecurity Policy Has Changed Since the Colonial Pipeline Attack
How has the cybersecurity landscape changed since the Colonial Pipeline shutdown in 2021? See new and expanded policies and today's defenses.
Top Security News for 27/07/2022
VRChat Security Update Throws the Metaverse Into Chaos
https://www.vice.com/en_us/article/y3pv8v/vrchat-security-update-throws-the-metaverse-into-chaos
Zyxel authentication bypass patch analysis (CVE-2022-0342)
https://www.reddit.com/r/netsec/comments/w8few6/zyxel_authentication_bypass_patch_analysis/
What’s New in the 2022 Cost of a Data Breach Report
https://securityintelligence.com/posts/whats-new-2022-cost-of-a-data-breach-report/
Experts Find Similarities Between New LockBit 3.0 and BlackMatter Ransomware
https://thehackernews.com/2022/07/experts-find-similarities-between.html
Hackers Increasingly Using WebAssembly Coded Cryptominers to Evade Detection
https://thehackernews.com/2022/07/hackers-increasingly-using-webassembly.html
Hunting For Mass Assignment Vulnerabilities Using GitHub CodeSearch and grep.app
https://www.reddit.com/r/netsec/comments/w8qn2n/hunting_for_mass_assignment_vulnerabilities_using/
Bypass AMSI in local process hooking NtCreateSection
https://www.reddit.com/r/netsec/comments/w8ehda/bypass_amsi_in_local_process_hooking/
LockBit Ransomware Claims Pwn Of Italy's Tax Agency
https://packetstormsecurity.com/news/view/33667/LockBit-Ransomware-Claims-Pwn-Of-Italys-Tax-Agency.html
ISC StormCast for Wednesday, July 27th, 2022
https://isc.sans.edu/podcastdetail.html?id=8104
CVE-2022-31813: Forwarding addresses is hard
https://www.reddit.com/r/netsec/comments/w8llor/cve202231813_forwarding_addresses_is_hard/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
VRChat Security Update Throws the Metaverse Into Chaos
https://www.vice.com/en_us/article/y3pv8v/vrchat-security-update-throws-the-metaverse-into-chaos
Zyxel authentication bypass patch analysis (CVE-2022-0342)
https://www.reddit.com/r/netsec/comments/w8few6/zyxel_authentication_bypass_patch_analysis/
What’s New in the 2022 Cost of a Data Breach Report
https://securityintelligence.com/posts/whats-new-2022-cost-of-a-data-breach-report/
Experts Find Similarities Between New LockBit 3.0 and BlackMatter Ransomware
https://thehackernews.com/2022/07/experts-find-similarities-between.html
Hackers Increasingly Using WebAssembly Coded Cryptominers to Evade Detection
https://thehackernews.com/2022/07/hackers-increasingly-using-webassembly.html
Hunting For Mass Assignment Vulnerabilities Using GitHub CodeSearch and grep.app
https://www.reddit.com/r/netsec/comments/w8qn2n/hunting_for_mass_assignment_vulnerabilities_using/
Bypass AMSI in local process hooking NtCreateSection
https://www.reddit.com/r/netsec/comments/w8ehda/bypass_amsi_in_local_process_hooking/
LockBit Ransomware Claims Pwn Of Italy's Tax Agency
https://packetstormsecurity.com/news/view/33667/LockBit-Ransomware-Claims-Pwn-Of-Italys-Tax-Agency.html
ISC StormCast for Wednesday, July 27th, 2022
https://isc.sans.edu/podcastdetail.html?id=8104
CVE-2022-31813: Forwarding addresses is hard
https://www.reddit.com/r/netsec/comments/w8llor/cve202231813_forwarding_addresses_is_hard/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Vice
VRChat Security Update Throws the Metaverse Into Chaos
The popular virtual reality social platform is testing a security update that would make the game harder to mod and the community is pissed.
👍1
Top Security News for 28/07/2022
US Government Review of the December 2021 Log4j Event
https://www.reddit.com/r/netsec/comments/w86y4v/us_government_review_of_the_december_2021_log4j/
Railway cybersecurity in the era of interconnected systems
https://www.reddit.com/r/netsec/comments/wa08rs/railway_cybersecurity_in_the_era_of/
Passkeys: a push to take WebAuthn to the masses
https://www.reddit.com/r/netsec/comments/w9z2us/passkeys_a_push_to_take_webauthn_to_the_masses/
Vulnerable by Design: Azure Red Team Attack and Detect Workshop
https://www.reddit.com/r/netsec/comments/wa03lh/vulnerable_by_design_azure_red_team_attack_and/
Woman Tells Congress What It's Liked To Be Hacked By NSO's Pegasus
https://packetstormsecurity.com/news/view/33672/Woman-Tells-Congress-What-Its-Liked-To-Be-Hacked-By-NSOs-Pegasus.html
Malicious IIS Extensions Gaining Popularity Among Cyber Criminals for Persistent Access
https://thehackernews.com/2022/07/malicious-iis-extensions-gaining.html
Sophisticated UEFI rootkit of Chinese origin shows up again in the wild after 3 years
https://www.csoonline.com/article/3668172/sophisticated-uefi-rootkit-of-chinese-origin-shows-up-again-in-the-wild-after-3-years.html#tk.rss_all
DUCKTAIL operation targets Facebook’s Business and Ad accounts
https://securityaffairs.co/wordpress/133715/malware/ducktail-operation-facebook-business.html
Taking the Risk-Based Approach to Vulnerability Patching
https://thehackernews.com/2022/07/taking-risk-based-approach-to.html
Transitioning to a Holistic Approach to Data Protection
https://thecyberwire.com/podcasts/uncovering-hidden-risks/1/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
US Government Review of the December 2021 Log4j Event
https://www.reddit.com/r/netsec/comments/w86y4v/us_government_review_of_the_december_2021_log4j/
Railway cybersecurity in the era of interconnected systems
https://www.reddit.com/r/netsec/comments/wa08rs/railway_cybersecurity_in_the_era_of/
Passkeys: a push to take WebAuthn to the masses
https://www.reddit.com/r/netsec/comments/w9z2us/passkeys_a_push_to_take_webauthn_to_the_masses/
Vulnerable by Design: Azure Red Team Attack and Detect Workshop
https://www.reddit.com/r/netsec/comments/wa03lh/vulnerable_by_design_azure_red_team_attack_and/
Woman Tells Congress What It's Liked To Be Hacked By NSO's Pegasus
https://packetstormsecurity.com/news/view/33672/Woman-Tells-Congress-What-Its-Liked-To-Be-Hacked-By-NSOs-Pegasus.html
Malicious IIS Extensions Gaining Popularity Among Cyber Criminals for Persistent Access
https://thehackernews.com/2022/07/malicious-iis-extensions-gaining.html
Sophisticated UEFI rootkit of Chinese origin shows up again in the wild after 3 years
https://www.csoonline.com/article/3668172/sophisticated-uefi-rootkit-of-chinese-origin-shows-up-again-in-the-wild-after-3-years.html#tk.rss_all
DUCKTAIL operation targets Facebook’s Business and Ad accounts
https://securityaffairs.co/wordpress/133715/malware/ducktail-operation-facebook-business.html
Taking the Risk-Based Approach to Vulnerability Patching
https://thehackernews.com/2022/07/taking-risk-based-approach-to.html
Transitioning to a Holistic Approach to Data Protection
https://thecyberwire.com/podcasts/uncovering-hidden-risks/1/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
US Government Review of the December 2021 Log4j Event
Posted in r/netsec by u/ScottContini • 2 points and 0 comments
Top Security News for 29/07/2022
U.S. Offers $10 Million Reward for Information on North Korean Hackers
https://thehackernews.com/2022/07/us-offers-10-million-reward-for.html
Attacks using Office macros decline in wake of Microsoft action
https://www.csoonline.com/article/3668532/attacks-using-office-macros-decline-in-wake-of-microsoft-action.html#tk.rss_all
ISC Stormcast For Friday, July 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8108, (Fri, Jul 29th)
https://malware.news/t/isc-stormcast-for-friday-july-29th-2022-https-isc-sans-edu-podcastdetail-html-id-8108-fri-jul-29th/62224/1
Hackers Opting New Attack Methods After Microsoft Blocked Macros by Default
https://thehackernews.com/2022/07/hackers-opting-new-attack-methods-after.html
nanopb Protobuf Decompiler - Anvil Secure
https://www.reddit.com/r/netsec/comments/waly67/nanopb_protobuf_decompiler_anvil_secure/
Radioactivity monitoring and warning system hacked, disabled by attackers
https://blog.malwarebytes.com/reports/2022/07/radioactivity-monitoring-and-warning-system-hacked-disabled-by-attackers/
Signals & Space: Space Force acquisitionplans. Wartime lessons about space capability. Rogozin is out at Roscosmos. The starry heavens above (seen through the Webb telescope);
https://thecyberwire.com/newsletters/signals-and-space/6/13
ISC StormCast for Friday, July 29th, 2022
https://isc.sans.edu/podcastdetail.html?id=8108
WordFly data breach impacts clients in the arts. Wawa reaches settlement for 2019 cyberattack. New PhaaS platform boasts 24/7 customer service.
https://thecyberwire.com/podcasts/privacy-briefing/635/notes
APT trends report Q2 2022
https://securelist.com/apt-trends-report-q2-2022/106995/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
U.S. Offers $10 Million Reward for Information on North Korean Hackers
https://thehackernews.com/2022/07/us-offers-10-million-reward-for.html
Attacks using Office macros decline in wake of Microsoft action
https://www.csoonline.com/article/3668532/attacks-using-office-macros-decline-in-wake-of-microsoft-action.html#tk.rss_all
ISC Stormcast For Friday, July 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8108, (Fri, Jul 29th)
https://malware.news/t/isc-stormcast-for-friday-july-29th-2022-https-isc-sans-edu-podcastdetail-html-id-8108-fri-jul-29th/62224/1
Hackers Opting New Attack Methods After Microsoft Blocked Macros by Default
https://thehackernews.com/2022/07/hackers-opting-new-attack-methods-after.html
nanopb Protobuf Decompiler - Anvil Secure
https://www.reddit.com/r/netsec/comments/waly67/nanopb_protobuf_decompiler_anvil_secure/
Radioactivity monitoring and warning system hacked, disabled by attackers
https://blog.malwarebytes.com/reports/2022/07/radioactivity-monitoring-and-warning-system-hacked-disabled-by-attackers/
Signals & Space: Space Force acquisitionplans. Wartime lessons about space capability. Rogozin is out at Roscosmos. The starry heavens above (seen through the Webb telescope);
https://thecyberwire.com/newsletters/signals-and-space/6/13
ISC StormCast for Friday, July 29th, 2022
https://isc.sans.edu/podcastdetail.html?id=8108
WordFly data breach impacts clients in the arts. Wawa reaches settlement for 2019 cyberattack. New PhaaS platform boasts 24/7 customer service.
https://thecyberwire.com/podcasts/privacy-briefing/635/notes
APT trends report Q2 2022
https://securelist.com/apt-trends-report-q2-2022/106995/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO Online
Attacks using Office macros decline in wake of Microsoft action
Researchers see 66% decline in attacks over eight months since Microsoft turned off macros by default.
Top Security News for 30/07/2022
US DOJ investigating Federal court records data breach. CNIL ends investigation into Facebook’s cookie settings. Daughter of Rwandan activist testifies in spyware hearing. New report on consumer identity theft.
https://thecyberwire.com/podcasts/privacy-briefing/636/notes
Researchers Warns of Increase in Phishing Attacks Using Decentralized IPFS Network
https://thehackernews.com/2022/07/researchers-warns-of-increase-in.html
July was a hot month for cybersecurity research
https://www.csoonline.com/article/3668070/july-was-a-hot-month-for-cybersecurity-research.html#tk.rss_all
Music streaming platform victim of a crypto theft – Week in security with Tony Anscombe
https://malware.news/t/music-streaming-platform-victim-of-a-crypto-theft-week-in-security-with-tony-anscombe/62256/1
ImHex - A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM
https://www.reddit.com/r/netsec/comments/wbbyfn/imhex_a_hex_editor_for_reverse_engineers/
Threat Actors Pivot Around Microsoft's Macro-Blocking In Office
https://packetstormsecurity.com/news/view/33682/Threat-Actors-Pivot-Around-Microsofts-Macro-Blocking-In-Office.html
Microsoft experts linked the Raspberry Robin malware to Evil Corp operation
https://securityaffairs.co/wordpress/133810/cyber-crime/raspberry-robin-linked-evil-corp.html
BrandPost: Understanding SSE: Components, Process, and Advantages
https://www.csoonline.com/article/3668691/understanding-sse-components-process-and-advantages.html#tk.rss_all
Ransomware Hit The American Dental Association
https://packetstormsecurity.com/news/view/33680/Ransomware-Hit-The-American-Dental-Association.html
The global Anti Chip Coating
https://www.bleepingcomputer.com/forums/t/775245/the-global-anti-chip-coating/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
US DOJ investigating Federal court records data breach. CNIL ends investigation into Facebook’s cookie settings. Daughter of Rwandan activist testifies in spyware hearing. New report on consumer identity theft.
https://thecyberwire.com/podcasts/privacy-briefing/636/notes
Researchers Warns of Increase in Phishing Attacks Using Decentralized IPFS Network
https://thehackernews.com/2022/07/researchers-warns-of-increase-in.html
July was a hot month for cybersecurity research
https://www.csoonline.com/article/3668070/july-was-a-hot-month-for-cybersecurity-research.html#tk.rss_all
Music streaming platform victim of a crypto theft – Week in security with Tony Anscombe
https://malware.news/t/music-streaming-platform-victim-of-a-crypto-theft-week-in-security-with-tony-anscombe/62256/1
ImHex - A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM
https://www.reddit.com/r/netsec/comments/wbbyfn/imhex_a_hex_editor_for_reverse_engineers/
Threat Actors Pivot Around Microsoft's Macro-Blocking In Office
https://packetstormsecurity.com/news/view/33682/Threat-Actors-Pivot-Around-Microsofts-Macro-Blocking-In-Office.html
Microsoft experts linked the Raspberry Robin malware to Evil Corp operation
https://securityaffairs.co/wordpress/133810/cyber-crime/raspberry-robin-linked-evil-corp.html
BrandPost: Understanding SSE: Components, Process, and Advantages
https://www.csoonline.com/article/3668691/understanding-sse-components-process-and-advantages.html#tk.rss_all
Ransomware Hit The American Dental Association
https://packetstormsecurity.com/news/view/33680/Ransomware-Hit-The-American-Dental-Association.html
The global Anti Chip Coating
https://www.bleepingcomputer.com/forums/t/775245/the-global-anti-chip-coating/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
US DOJ investigating Federal court records data breach. CNIL ends investigation into Facebook’s cookie settings. Daughter of Rwandan…
Top Security News for 31/07/2022
Treebox - Python AST sandbox challenge from Google CTF 2022
https://gynvael.coldwind.pl/?id=751
Reading the “ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS” report
https://securityaffairs.co/wordpress/133827/malware/enisa-threat-landscape-for-ransomware-attacks.html
Sitecore third party form inside the sitecore form
https://www.bleepingcomputer.com/forums/t/775251/sitecore-third-party-form-inside-the-sitecore-form/
Stop Putting Your Accounts At Risk, and Start Using a Password Manager
https://thehackernews.com/2022/07/stop-putting-your-accounts-at-risk-and.html
Wireshark 3.6.7 Released, (Sat, Jul 30th)
https://isc.sans.edu/diary/rss/28896
Malware Analysis - Using Hybrid Analysis for Initial Malware Assessment
https://malware.news/t/malware-analysis-using-hybrid-analysis-for-initial-malware-assessment/62257/1
CISA orders to patch an actively exploited flaw in Confluence servers
https://securityaffairs.co/wordpress/133819/security/cisa-confluence-cve-2022-26138-catalog.html
Prima Weight Loss UK Dragons Den Reviews- Capsules Price or Ingredients
https://www.bleepingcomputer.com/forums/t/775260/prima-weight-loss-uk-dragons-den-reviews-capsules-price-or-ingredients/
Microsoft Links Raspberry Robin USB Worm to Russian Evil Corp Hackers
https://thehackernews.com/2022/07/microsoft-links-raspberry-robin-usb.html
Running Exploit As Protected Process Ligh From Userland
https://www.reddit.com/r/netsec/comments/wc6euk/running_exploit_as_protected_process_ligh_from/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Treebox - Python AST sandbox challenge from Google CTF 2022
https://gynvael.coldwind.pl/?id=751
Reading the “ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS” report
https://securityaffairs.co/wordpress/133827/malware/enisa-threat-landscape-for-ransomware-attacks.html
Sitecore third party form inside the sitecore form
https://www.bleepingcomputer.com/forums/t/775251/sitecore-third-party-form-inside-the-sitecore-form/
Stop Putting Your Accounts At Risk, and Start Using a Password Manager
https://thehackernews.com/2022/07/stop-putting-your-accounts-at-risk-and.html
Wireshark 3.6.7 Released, (Sat, Jul 30th)
https://isc.sans.edu/diary/rss/28896
Malware Analysis - Using Hybrid Analysis for Initial Malware Assessment
https://malware.news/t/malware-analysis-using-hybrid-analysis-for-initial-malware-assessment/62257/1
CISA orders to patch an actively exploited flaw in Confluence servers
https://securityaffairs.co/wordpress/133819/security/cisa-confluence-cve-2022-26138-catalog.html
Prima Weight Loss UK Dragons Den Reviews- Capsules Price or Ingredients
https://www.bleepingcomputer.com/forums/t/775260/prima-weight-loss-uk-dragons-den-reviews-capsules-price-or-ingredients/
Microsoft Links Raspberry Robin USB Worm to Russian Evil Corp Hackers
https://thehackernews.com/2022/07/microsoft-links-raspberry-robin-usb.html
Running Exploit As Protected Process Ligh From Userland
https://www.reddit.com/r/netsec/comments/wc6euk/running_exploit_as_protected_process_ligh_from/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
gynvael.coldwind.pl
Treebox - Python AST sandbox challenge from Google CTF 2022
Top Security News for 01/08/2022
Free cybercrime intelligence tool - check any company domain and see how many of their employees and clients were compromised by info-stealers
https://www.reddit.com/r/Malware/comments/wci0ty/free_cybercrime_intelligence_tool_check_any/
ISC StormCast for Monday, August 1st, 2022
https://isc.sans.edu/podcastdetail.html?id=8110
ISC Stormcast For Monday, August 1st, 2022 https://isc.sans.edu/podcastdetail.html?id=8110, (Mon, Aug 1st)
https://malware.news/t/isc-stormcast-for-monday-august-1st-2022-https-isc-sans-edu-podcastdetail-html-id-8110-mon-aug-1st/62265/1
A flaw in Dahua IP Cameras allows full take over of the devices
https://securityaffairs.co/wordpress/133877/security/dahua-severe-flaw.html
17 Android Apps on Google Play Store, dubbed DawDropper, were serving banking malware
https://securityaffairs.co/wordpress/133853/malware/dawdropper-apps-google-play.html
Weekend Wrap-up of Infosec News
https://www.reddit.com/r/netsec/comments/wcm8z3/weekend_wrapup_of_infosec_news/
ISC Stormcast For Monday, August 1st, 2022 https://isc.sans.edu/podcastdetail.html?id=8110, (Mon, Aug 1st)
https://isc.sans.edu/diary/rss/28898
Threat actor claims to have hacked European manufacturer of missiles MBDA
https://securityaffairs.co/wordpress/133881/data-breach/mbda-alleged-data-breach.html
CQ, a code security scanner
https://www.reddit.com/r/netsec/comments/wcjt86/cq_a_code_security_scanner/
Orchestrating the security stack and cybersecurity first principles, with Rick Howard.
https://thecyberwire.com/podcasts/cso-perspectives-public/55/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Free cybercrime intelligence tool - check any company domain and see how many of their employees and clients were compromised by info-stealers
https://www.reddit.com/r/Malware/comments/wci0ty/free_cybercrime_intelligence_tool_check_any/
ISC StormCast for Monday, August 1st, 2022
https://isc.sans.edu/podcastdetail.html?id=8110
ISC Stormcast For Monday, August 1st, 2022 https://isc.sans.edu/podcastdetail.html?id=8110, (Mon, Aug 1st)
https://malware.news/t/isc-stormcast-for-monday-august-1st-2022-https-isc-sans-edu-podcastdetail-html-id-8110-mon-aug-1st/62265/1
A flaw in Dahua IP Cameras allows full take over of the devices
https://securityaffairs.co/wordpress/133877/security/dahua-severe-flaw.html
17 Android Apps on Google Play Store, dubbed DawDropper, were serving banking malware
https://securityaffairs.co/wordpress/133853/malware/dawdropper-apps-google-play.html
Weekend Wrap-up of Infosec News
https://www.reddit.com/r/netsec/comments/wcm8z3/weekend_wrapup_of_infosec_news/
ISC Stormcast For Monday, August 1st, 2022 https://isc.sans.edu/podcastdetail.html?id=8110, (Mon, Aug 1st)
https://isc.sans.edu/diary/rss/28898
Threat actor claims to have hacked European manufacturer of missiles MBDA
https://securityaffairs.co/wordpress/133881/data-breach/mbda-alleged-data-breach.html
CQ, a code security scanner
https://www.reddit.com/r/netsec/comments/wcjt86/cq_a_code_security_scanner/
Orchestrating the security stack and cybersecurity first principles, with Rick Howard.
https://thecyberwire.com/podcasts/cso-perspectives-public/55/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Free cybercrime intelligence tool - check any company domain and...
Check domains for free across our database of over 6,200,000 computers compromised with info-stealers world wide -...
Top Security News for 02/08/2022
A week in security (July 25 – July 31)
https://blog.malwarebytes.com/a-week-in-security/2022/08/a-week-in-security-july-25-july-31/
ALPHV/BlackCat ransomware gang claims to have stolen data from Creos Luxembourg S.A.
https://securityaffairs.co/wordpress/133899/cyber-crime/alphv-blackcat-ransomware-creos-luxembourg.html
Australian man charged with creating and selling the Imminent Monitor spyware
https://securityaffairs.co/wordpress/133893/cyber-crime/imminent-monitor-spyware-author-arrested.html
Why cybercriminals are flocking to Telegram
https://malware.news/t/why-cybercriminals-are-flocking-to-telegram/62298/1
ISC Stormcast For Tuesday, August 2nd, 2022 https://isc.sans.edu/podcastdetail.html?id=8112, (Tue, Aug 2nd)
https://isc.sans.edu/diary/rss/28902
Word File Provided as External Link When Replying to Attacker’s Email (Kimsuky)
https://malware.news/t/word-file-provided-as-external-link-when-replying-to-attacker-s-email-kimsuky/62297/1
Malicious Npm Packages Tapped Again To Target Discord Users
https://packetstormsecurity.com/news/view/33683/Malicious-Npm-Packages-Tapped-Again-To-Target-Discord-Users.html
BrandPost: How to Minimize Misconfigurations Across Your Systems
https://www.csoonline.com/article/3668648/how-to-minimize-misconfigurations-across-your-systems.html#tk.rss_all
ISC StormCast for Tuesday, August 2nd, 2022
https://isc.sans.edu/podcastdetail.html?id=8112
Why TikTok Is Obsessed With Pink Sauce
https://www.vice.com/en_us/article/epzzzk/why-tiktok-is-obsessed-with-pink-sauce
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
A week in security (July 25 – July 31)
https://blog.malwarebytes.com/a-week-in-security/2022/08/a-week-in-security-july-25-july-31/
ALPHV/BlackCat ransomware gang claims to have stolen data from Creos Luxembourg S.A.
https://securityaffairs.co/wordpress/133899/cyber-crime/alphv-blackcat-ransomware-creos-luxembourg.html
Australian man charged with creating and selling the Imminent Monitor spyware
https://securityaffairs.co/wordpress/133893/cyber-crime/imminent-monitor-spyware-author-arrested.html
Why cybercriminals are flocking to Telegram
https://malware.news/t/why-cybercriminals-are-flocking-to-telegram/62298/1
ISC Stormcast For Tuesday, August 2nd, 2022 https://isc.sans.edu/podcastdetail.html?id=8112, (Tue, Aug 2nd)
https://isc.sans.edu/diary/rss/28902
Word File Provided as External Link When Replying to Attacker’s Email (Kimsuky)
https://malware.news/t/word-file-provided-as-external-link-when-replying-to-attacker-s-email-kimsuky/62297/1
Malicious Npm Packages Tapped Again To Target Discord Users
https://packetstormsecurity.com/news/view/33683/Malicious-Npm-Packages-Tapped-Again-To-Target-Discord-Users.html
BrandPost: How to Minimize Misconfigurations Across Your Systems
https://www.csoonline.com/article/3668648/how-to-minimize-misconfigurations-across-your-systems.html#tk.rss_all
ISC StormCast for Tuesday, August 2nd, 2022
https://isc.sans.edu/podcastdetail.html?id=8112
Why TikTok Is Obsessed With Pink Sauce
https://www.vice.com/en_us/article/epzzzk/why-tiktok-is-obsessed-with-pink-sauce
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
A week in security (July 25 - July 31)
The most important and interesting computer security stories from the last week.
Top Security News for 03/08/2022
Making Faster Javascript — BUN Intended!
https://malware.news/t/making-faster-javascript-bun-intended/62330/1
Using process creation properties to catch evasion techniques
https://www.reddit.com/r/netsec/comments/weozh7/using_process_creation_properties_to_catch/
Detection Rules for Lightning Framework (and How to Make Them With Osquery)
https://malware.news/t/detection-rules-for-lightning-framework-and-how-to-make-them-with-osquery/62331/1
LockBit Ransomware Abuses Windows Defender to Deploy Cobalt Strike Payload
https://thehackernews.com/2022/08/lockbit-ransomware-abuses-windows.html
German power electronics manufacturer Semikron has disclosed that it was hit by a ransomware attack that partially encrypted the company's network.
https://www.reddit.com/r/Malware/comments/weuxix/german_power_electronics_manufacturer_semikron/
BrandPost: Security Leaders Share 5 Steps to Strengthening Cyber Resilience
https://www.csoonline.com/article/3668555/security-leaders-share-5-steps-to-strengthening-cyber-resilience.html#tk.rss_all
Android security advisory – August 2022 monthly rollup (AV22-430)
https://malware.news/t/android-security-advisory-august-2022-monthly-rollup-av22-430/62325/1
Chinese Hackers Using New Manjusaka Hacking Framework Similar to Cobalt Strike
https://thehackernews.com/2022/08/chinese-hackers-using-new-manjusaka.html
Verizon's Mobile Security Index. New attack framework. Ransomware report.
https://thecyberwire.com/newsletters/research-briefing/4/31
ASEC Weekly Malware Statistics (July 25th, 2022 – July 31st, 2022)
https://malware.news/t/asec-weekly-malware-statistics-july-25th-2022-july-31st-2022/62328/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Making Faster Javascript — BUN Intended!
https://malware.news/t/making-faster-javascript-bun-intended/62330/1
Using process creation properties to catch evasion techniques
https://www.reddit.com/r/netsec/comments/weozh7/using_process_creation_properties_to_catch/
Detection Rules for Lightning Framework (and How to Make Them With Osquery)
https://malware.news/t/detection-rules-for-lightning-framework-and-how-to-make-them-with-osquery/62331/1
LockBit Ransomware Abuses Windows Defender to Deploy Cobalt Strike Payload
https://thehackernews.com/2022/08/lockbit-ransomware-abuses-windows.html
German power electronics manufacturer Semikron has disclosed that it was hit by a ransomware attack that partially encrypted the company's network.
https://www.reddit.com/r/Malware/comments/weuxix/german_power_electronics_manufacturer_semikron/
BrandPost: Security Leaders Share 5 Steps to Strengthening Cyber Resilience
https://www.csoonline.com/article/3668555/security-leaders-share-5-steps-to-strengthening-cyber-resilience.html#tk.rss_all
Android security advisory – August 2022 monthly rollup (AV22-430)
https://malware.news/t/android-security-advisory-august-2022-monthly-rollup-av22-430/62325/1
Chinese Hackers Using New Manjusaka Hacking Framework Similar to Cobalt Strike
https://thehackernews.com/2022/08/chinese-hackers-using-new-manjusaka.html
Verizon's Mobile Security Index. New attack framework. Ransomware report.
https://thecyberwire.com/newsletters/research-briefing/4/31
ASEC Weekly Malware Statistics (July 25th, 2022 – July 31st, 2022)
https://malware.news/t/asec-weekly-malware-statistics-july-25th-2022-july-31st-2022/62328/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Making Faster Javascript — BUN Intended!
Making Faster Javascript — BUN Intended!!!BUN JS Evolution of JS and ToolsJavaScript was invented by Brendan Eich in 1995. It was developed for Netscape 2, and became the ECMA-262 standard in 1997. Nodejs released in 2009. By this time JavaScript was a…
Top Security News for 04/08/2022
ISC Stormcast For Thursday, August 4th, 2022 https://isc.sans.edu/podcastdetail.html?id=8116, (Thu, Aug 4th)
https://malware.news/t/isc-stormcast-for-thursday-august-4th-2022-https-isc-sans-edu-podcastdetail-html-id-8116-thu-aug-4th/62369/1
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/03-08-2022
Researchers Warns of Large-Scale AiTM Attacks Targeting Enterprise Users
https://thehackernews.com/2022/08/researchers-warns-of-large-scale-aitm.html
ISC StormCast for Thursday, August 4th, 2022
https://isc.sans.edu/podcastdetail.html?id=8116
How to detect Brute Ratel C2 (beacons & server deployments)
https://www.reddit.com/r/netsec/comments/wf1kbn/how_to_detect_brute_ratel_c2_beacons_server/
IcedID leverages PrivateLoader
https://malware.news/t/icedid-leverages-privateloader/62370/1
Old Men Confused Gen Z Isn’t Making TikToks About Assassination of al-Zawahri
https://www.vice.com/en_us/article/k7bbxw/old-men-confused-gen-z-isnt-making-tiktoks-about-assassination-of-al-zawahri
VirusTotal Reveals Most Impersonated Software in Malware Attacks
https://thehackernews.com/2022/08/virustotal-reveals-most-impersonated.html
Google fixed Critical Remote Code Execution flaw in Android
https://securityaffairs.co/wordpress/133956/security/android-critical-flaw-cve-2022-20345.html
How to protect yourself and your kids against device theft
https://blog.malwarebytes.com/awareness/2022/08/how-to-protect-yourself-and-your-kids-against-device-theft/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Thursday, August 4th, 2022 https://isc.sans.edu/podcastdetail.html?id=8116, (Thu, Aug 4th)
https://malware.news/t/isc-stormcast-for-thursday-august-4th-2022-https-isc-sans-edu-podcastdetail-html-id-8116-thu-aug-4th/62369/1
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/03-08-2022
Researchers Warns of Large-Scale AiTM Attacks Targeting Enterprise Users
https://thehackernews.com/2022/08/researchers-warns-of-large-scale-aitm.html
ISC StormCast for Thursday, August 4th, 2022
https://isc.sans.edu/podcastdetail.html?id=8116
How to detect Brute Ratel C2 (beacons & server deployments)
https://www.reddit.com/r/netsec/comments/wf1kbn/how_to_detect_brute_ratel_c2_beacons_server/
IcedID leverages PrivateLoader
https://malware.news/t/icedid-leverages-privateloader/62370/1
Old Men Confused Gen Z Isn’t Making TikToks About Assassination of al-Zawahri
https://www.vice.com/en_us/article/k7bbxw/old-men-confused-gen-z-isnt-making-tiktoks-about-assassination-of-al-zawahri
VirusTotal Reveals Most Impersonated Software in Malware Attacks
https://thehackernews.com/2022/08/virustotal-reveals-most-impersonated.html
Google fixed Critical Remote Code Execution flaw in Android
https://securityaffairs.co/wordpress/133956/security/android-critical-flaw-cve-2022-20345.html
How to protect yourself and your kids against device theft
https://blog.malwarebytes.com/awareness/2022/08/how-to-protect-yourself-and-your-kids-against-device-theft/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Thursday, August 4th, 2022 - SANS ISC
Top Security News for 05/08/2022
Ransomware review: July 2022
https://blog.malwarebytes.com/threat-intelligence/2022/08/ransomware-review-july-2022/
Hackers Exploited Atlassian Confluence Bug to Deploy Ljl Backdoor for Espionage
https://thehackernews.com/2022/08/hackers-exploited-atlassian-confluence.html
Ransomware protection with Malwarebytes EDR: Your FAQs, answered!
https://blog.malwarebytes.com/business/2022/08/ransomware-protection-with-malwarebytes-edr-your-faqs-answered/
Three Common Mistakes That May Sabotage Your Security Training
https://thehackernews.com/2022/08/three-common-mistakes-that-may-sabotage.html
ISC StormCast for Friday, August 5th, 2022
https://isc.sans.edu/podcastdetail.html?id=8118
Wordfence Intelligence Launching at Black Hat 2022 in Las Vegas Next Week
https://malware.news/t/wordfence-intelligence-launching-at-black-hat-2022-in-las-vegas-next-week/62397/1
Ransomware review: July 2022
https://malware.news/t/ransomware-review-july-2022/62398/1
Ransomware Task Force Releases SMB Blueprint For Defense And Mitigation
https://packetstormsecurity.com/news/view/33695/Ransomware-Task-Force-Releases-SMB-Blueprint-For-Defense-And-Mitigation.html
How To Implement JSON Web Token (JWT) in Java Spring Boot
https://www.reddit.com/r/netsec/comments/wgd157/how_to_implement_json_web_token_jwt_in_java/
11 stakeholder strategies for red team success
https://www.csoonline.com/article/3668536/11-stakeholder-strategies-for-red-team-success-from-a-red-teamer.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Ransomware review: July 2022
https://blog.malwarebytes.com/threat-intelligence/2022/08/ransomware-review-july-2022/
Hackers Exploited Atlassian Confluence Bug to Deploy Ljl Backdoor for Espionage
https://thehackernews.com/2022/08/hackers-exploited-atlassian-confluence.html
Ransomware protection with Malwarebytes EDR: Your FAQs, answered!
https://blog.malwarebytes.com/business/2022/08/ransomware-protection-with-malwarebytes-edr-your-faqs-answered/
Three Common Mistakes That May Sabotage Your Security Training
https://thehackernews.com/2022/08/three-common-mistakes-that-may-sabotage.html
ISC StormCast for Friday, August 5th, 2022
https://isc.sans.edu/podcastdetail.html?id=8118
Wordfence Intelligence Launching at Black Hat 2022 in Las Vegas Next Week
https://malware.news/t/wordfence-intelligence-launching-at-black-hat-2022-in-las-vegas-next-week/62397/1
Ransomware review: July 2022
https://malware.news/t/ransomware-review-july-2022/62398/1
Ransomware Task Force Releases SMB Blueprint For Defense And Mitigation
https://packetstormsecurity.com/news/view/33695/Ransomware-Task-Force-Releases-SMB-Blueprint-For-Defense-And-Mitigation.html
How To Implement JSON Web Token (JWT) in Java Spring Boot
https://www.reddit.com/r/netsec/comments/wgd157/how_to_implement_json_web_token_jwt_in_java/
11 stakeholder strategies for red team success
https://www.csoonline.com/article/3668536/11-stakeholder-strategies-for-red-team-success-from-a-red-teamer.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Ransomware review: July 2022
BlackBasta lined up behind LockBit as the second most prevalent ransomware in July, a number of new gangs appeared, and an old one reappeared
Top Security News for 06/08/2022
Nancy Pelosi’s Beijing Arrest for 'Hooliganism' Is Trending on Weibo
https://www.vice.com/en_us/article/7k883e/nancy-pelosis-beijing-arrest-for-hooliganism-is-trending-on-weibo
Cyber Insurance Market 2022: FAQs & Updates with iBynd
https://malware.news/t/cyber-insurance-market-2022-faqs-updates-with-ibynd/62415/1
How Passwordless Works
https://www.reddit.com/r/netsec/comments/wh4dcq/how_passwordless_works/
A Growing Number of Malware Attacks Leveraging Dark Utilities 'C2-as-a-Service'
https://thehackernews.com/2022/08/a-growing-number-of-malware-attacks.html
Vulnerable Antivirus Driver Used by Ransomware - We Reverse Engineer How!?
https://malware.news/t/vulnerable-antivirus-driver-used-by-ransomware-we-reverse-engineer-how/62418/1
New Linux botnet RapperBot brute-forces SSH servers
https://securityaffairs.co/wordpress/134023/malware/rapperbot-linux-botnet.html
CISA Alert AA22-216A – 2021 top malware strains.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/26/notes
Digital censorship in democratic nations. New York becomes first state to require cybersecurity training for attorneys.
https://thecyberwire.com/newsletters/policy-briefing/4/150
Reverse Engineering Windows Printer Drivers (Part 1)
https://www.reddit.com/r/netsec/comments/wh1wzr/reverse_engineering_windows_printer_drivers_part_1/
Ukraine claims to have taken down a massive Russian bot farm. Cyberattacks affect three official sites in Taiwan. Major cryptocurrency thefts.
https://thecyberwire.com/newsletters/week-that-was/6/31
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Nancy Pelosi’s Beijing Arrest for 'Hooliganism' Is Trending on Weibo
https://www.vice.com/en_us/article/7k883e/nancy-pelosis-beijing-arrest-for-hooliganism-is-trending-on-weibo
Cyber Insurance Market 2022: FAQs & Updates with iBynd
https://malware.news/t/cyber-insurance-market-2022-faqs-updates-with-ibynd/62415/1
How Passwordless Works
https://www.reddit.com/r/netsec/comments/wh4dcq/how_passwordless_works/
A Growing Number of Malware Attacks Leveraging Dark Utilities 'C2-as-a-Service'
https://thehackernews.com/2022/08/a-growing-number-of-malware-attacks.html
Vulnerable Antivirus Driver Used by Ransomware - We Reverse Engineer How!?
https://malware.news/t/vulnerable-antivirus-driver-used-by-ransomware-we-reverse-engineer-how/62418/1
New Linux botnet RapperBot brute-forces SSH servers
https://securityaffairs.co/wordpress/134023/malware/rapperbot-linux-botnet.html
CISA Alert AA22-216A – 2021 top malware strains.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/26/notes
Digital censorship in democratic nations. New York becomes first state to require cybersecurity training for attorneys.
https://thecyberwire.com/newsletters/policy-briefing/4/150
Reverse Engineering Windows Printer Drivers (Part 1)
https://www.reddit.com/r/netsec/comments/wh1wzr/reverse_engineering_windows_printer_drivers_part_1/
Ukraine claims to have taken down a massive Russian bot farm. Cyberattacks affect three official sites in Taiwan. Major cryptocurrency thefts.
https://thecyberwire.com/newsletters/week-that-was/6/31
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Vice
Nancy Pelosi’s Beijing Arrest for 'Hooliganism' Is Trending on Weibo
Weibo users are using this newly unearthed fact to highlight their perception of Pelosi’s visit of Taiwan as part of a long held anti-China sentiment.
Top Security News for 08/08/2022
Amazon’s One-Stop Shop for Identity Thieves
https://www.reddit.com/r/netsec/comments/wihywi/amazons_onestop_shop_for_identity_thieves/
Serious cyberattack hits German Chambers of Industry and Commerce (DIHK)
https://securityaffairs.co/wordpress/134121/hacking/dihk-cyberattack.html
WinAPi Search - Recursively Search PE Binaries by Win32 Function Name
https://www.reddit.com/r/netsec/comments/wiqjjn/winapi_search_recursively_search_pe_binaries_by/
Fintech Ecosystem
https://thecyberwire.com/podcasts/cso-perspectives/83/notes
Monero CoinMiner Being Distributed via Webhards
https://malware.news/t/monero-coinminer-being-distributed-via-webhards/62426/1
ISC Stormcast For Monday, August 8th, 2022 https://isc.sans.edu/podcastdetail.html?id=8120, (Mon, Aug 8th)
https://isc.sans.edu/diary/rss/28918
GwisinLocker ransomware exclusively targets South Korea
https://securityaffairs.co/wordpress/134105/cyber-crime/gwisinlocker-ransowmare-south-korea.html
Patch now! Cisco VPN routers are vulnerable to remote control
https://malware.news/t/patch-now-cisco-vpn-routers-are-vulnerable-to-remote-control/62424/1
Orchestrating the security stack around the Hash Table, with Rick Howard, Bob Turner, and Kevin Magee.
https://thecyberwire.com/podcasts/cso-perspectives-public/56/notes
Codewarrior - open source SAST
https://www.reddit.com/r/netsec/comments/wizih6/codewarrior_open_source_sast/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Amazon’s One-Stop Shop for Identity Thieves
https://www.reddit.com/r/netsec/comments/wihywi/amazons_onestop_shop_for_identity_thieves/
Serious cyberattack hits German Chambers of Industry and Commerce (DIHK)
https://securityaffairs.co/wordpress/134121/hacking/dihk-cyberattack.html
WinAPi Search - Recursively Search PE Binaries by Win32 Function Name
https://www.reddit.com/r/netsec/comments/wiqjjn/winapi_search_recursively_search_pe_binaries_by/
Fintech Ecosystem
https://thecyberwire.com/podcasts/cso-perspectives/83/notes
Monero CoinMiner Being Distributed via Webhards
https://malware.news/t/monero-coinminer-being-distributed-via-webhards/62426/1
ISC Stormcast For Monday, August 8th, 2022 https://isc.sans.edu/podcastdetail.html?id=8120, (Mon, Aug 8th)
https://isc.sans.edu/diary/rss/28918
GwisinLocker ransomware exclusively targets South Korea
https://securityaffairs.co/wordpress/134105/cyber-crime/gwisinlocker-ransowmare-south-korea.html
Patch now! Cisco VPN routers are vulnerable to remote control
https://malware.news/t/patch-now-cisco-vpn-routers-are-vulnerable-to-remote-control/62424/1
Orchestrating the security stack around the Hash Table, with Rick Howard, Bob Turner, and Kevin Magee.
https://thecyberwire.com/podcasts/cso-perspectives-public/56/notes
Codewarrior - open source SAST
https://www.reddit.com/r/netsec/comments/wizih6/codewarrior_open_source_sast/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Amazon’s One-Stop Shop for Identity Thieves
Posted in r/netsec by u/moxofoxo • 51 points and 0 comments
Top Security News for 09/08/2022
A week in security (August 1 - August 7)
https://www.malwarebytes.com/blog/news/2022/08/a-week-in-security-august-1-august-7
SimpleX Chat - the first messaging platform that has no user identifiers (not even random numbers) - v3.1 of iOS and Android apps released - with secret chat groups and server access via Tor.
https://www.reddit.com/r/netsec/comments/wjczks/simplex_chat_the_first_messaging_platform_that/
Security Guide for Startups: How to think about security while moving quickly | LunaSec
https://www.reddit.com/r/netsec/comments/wjdkej/security_guide_for_startups_how_to_think_about/
Pivoting on a SharpExt to profile Kimusky panels for great good
https://malware.news/t/pivoting-on-a-sharpext-to-profile-kimusky-panels-for-great-good/62462/1
Hacker Finds Kill Switch for Submachine Gun–Wielding Robot Dog
https://www.vice.com/en_us/article/akeexk/hacker-finds-kill-switch-for-submachine-gun-wielding-robot-dog
Patch now! Cisco VPN routers are vulnerable to remote control
https://www.malwarebytes.com/blog/news/2022/08/patch-now-cisco-vpn-routers-are-vulnerable-to-remote-control
Cybersecurity is a team sport.
https://thecyberwire.com/podcasts/cyberwire-x/35/notes
ISC Stormcast For Tuesday, August 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8122, (Tue, Aug 9th)
https://isc.sans.edu/diary/rss/28922
A week in security (August 1 – 7)
https://blog.malwarebytes.com/a-week-in-security/2022/08/a-week-in-security-august-1-7/
LogoKit update – The phishing kit leveraging Open Redirect Vulnerabilities
https://securityaffairs.co/wordpress/134141/hacking/logokit-phishing-open-redirect.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
A week in security (August 1 - August 7)
https://www.malwarebytes.com/blog/news/2022/08/a-week-in-security-august-1-august-7
SimpleX Chat - the first messaging platform that has no user identifiers (not even random numbers) - v3.1 of iOS and Android apps released - with secret chat groups and server access via Tor.
https://www.reddit.com/r/netsec/comments/wjczks/simplex_chat_the_first_messaging_platform_that/
Security Guide for Startups: How to think about security while moving quickly | LunaSec
https://www.reddit.com/r/netsec/comments/wjdkej/security_guide_for_startups_how_to_think_about/
Pivoting on a SharpExt to profile Kimusky panels for great good
https://malware.news/t/pivoting-on-a-sharpext-to-profile-kimusky-panels-for-great-good/62462/1
Hacker Finds Kill Switch for Submachine Gun–Wielding Robot Dog
https://www.vice.com/en_us/article/akeexk/hacker-finds-kill-switch-for-submachine-gun-wielding-robot-dog
Patch now! Cisco VPN routers are vulnerable to remote control
https://www.malwarebytes.com/blog/news/2022/08/patch-now-cisco-vpn-routers-are-vulnerable-to-remote-control
Cybersecurity is a team sport.
https://thecyberwire.com/podcasts/cyberwire-x/35/notes
ISC Stormcast For Tuesday, August 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8122, (Tue, Aug 9th)
https://isc.sans.edu/diary/rss/28922
A week in security (August 1 – 7)
https://blog.malwarebytes.com/a-week-in-security/2022/08/a-week-in-security-august-1-7/
LogoKit update – The phishing kit leveraging Open Redirect Vulnerabilities
https://securityaffairs.co/wordpress/134141/hacking/logokit-phishing-open-redirect.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
A week in security (August 1 - August 7)
The most important and interesting computer security stories from the last week.
Top Security News for 10/08/2022
Twilio discloses a data breach. Social engineering at Klaviyo exposes customer data.
https://thecyberwire.com/podcasts/privacy-briefing/643/notes
Cyberespionage targets industrial entities. Woody RAT used against Russian organizations. Dark Utilities facilitates attacks.
https://thecyberwire.com/newsletters/research-briefing/4/32
Security Best Practices in PHP
https://www.reddit.com/r/netsec/comments/wjzhso/security_best_practices_in_php/
Recommended methods for a physical lab with 3 PCs
https://www.reddit.com/r/Malware/comments/wkd922/recommended_methods_for_a_physical_lab_with_3_pcs/
BrandPost: Choosing the Right Security Service Edge Platform
https://www.csoonline.com/article/3668636/choosing-the-right-security-service-edge-platform.html#tk.rss_all
ISC StormCast for Wednesday, August 10th, 2022
https://isc.sans.edu/podcastdetail.html?id=8124
Control Panel Version 6.30.0.0 (upcoming release)
https://malware.news/t/control-panel-version-6-30-0-0-upcoming-release/62510/1
Discovering Domains via a Timing Attack on Certificate Transparency
https://www.reddit.com/r/netsec/comments/wkczlq/discovering_domains_via_a_timing_attack_on/
5 cybersecurity tips for students going back to school
https://www.malwarebytes.com/blog/news/2022/08/5-cybersecurity-tips-for-students-going-back-to-school
A Novel SIP Based Distributed Reflection Denial-of-Service Attack and an Effective Defense Mechanism
https://www.reddit.com/r/netsec/comments/wklym3/a_novel_sip_based_distributed_reflection/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Twilio discloses a data breach. Social engineering at Klaviyo exposes customer data.
https://thecyberwire.com/podcasts/privacy-briefing/643/notes
Cyberespionage targets industrial entities. Woody RAT used against Russian organizations. Dark Utilities facilitates attacks.
https://thecyberwire.com/newsletters/research-briefing/4/32
Security Best Practices in PHP
https://www.reddit.com/r/netsec/comments/wjzhso/security_best_practices_in_php/
Recommended methods for a physical lab with 3 PCs
https://www.reddit.com/r/Malware/comments/wkd922/recommended_methods_for_a_physical_lab_with_3_pcs/
BrandPost: Choosing the Right Security Service Edge Platform
https://www.csoonline.com/article/3668636/choosing-the-right-security-service-edge-platform.html#tk.rss_all
ISC StormCast for Wednesday, August 10th, 2022
https://isc.sans.edu/podcastdetail.html?id=8124
Control Panel Version 6.30.0.0 (upcoming release)
https://malware.news/t/control-panel-version-6-30-0-0-upcoming-release/62510/1
Discovering Domains via a Timing Attack on Certificate Transparency
https://www.reddit.com/r/netsec/comments/wkczlq/discovering_domains_via_a_timing_attack_on/
5 cybersecurity tips for students going back to school
https://www.malwarebytes.com/blog/news/2022/08/5-cybersecurity-tips-for-students-going-back-to-school
A Novel SIP Based Distributed Reflection Denial-of-Service Attack and an Effective Defense Mechanism
https://www.reddit.com/r/netsec/comments/wklym3/a_novel_sip_based_distributed_reflection/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Twilio discloses a data breach. Social engineering at Klaviyo exposes customer data.
Top Security News for 11/08/2022
HPE security advisory (AV22-449)
https://malware.news/t/hpe-security-advisory-av22-449/62545/1
CISA should split from DHS or made part of broader ‘Digital Agency’: Fmr Director Chris Krebs
https://malware.news/t/cisa-should-split-from-dhs-or-made-part-of-broader-digital-agency-fmr-director-chris-krebs/62547/1
8 tips to secure printers on your network
https://www.csoonline.com/article/3669233/8-tips-to-secure-printers-on-your-network.html#tk.rss_all
Get Dashlane Premium password manager for 3 mo for $1
https://malware.news/t/get-dashlane-premium-password-manager-for-3-mo-for-1/62546/1
Former Twitter Employee Found Guilty of Spying for Saudi Arabia
https://thehackernews.com/2022/08/former-twitter-employee-found-guilty-of.html
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/10-08-2022
Ex Twitter employee found guilty of spying for Saudi Arabian government
https://securityaffairs.co/wordpress/134266/intelligence/ex-twitter-employee-guilty.html
Cyber Threats Warrant a Government Reorganization, Former CISA Head Says
https://malware.news/t/cyber-threats-warrant-a-government-reorganization-former-cisa-head-says/62548/1
ISC StormCast for Thursday, August 11th, 2022
https://isc.sans.edu/podcastdetail.html?id=8126
The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I)
https://googleprojectzero.blogspot.com/2022/08/the-quantum-state-of-linux-kernel.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
HPE security advisory (AV22-449)
https://malware.news/t/hpe-security-advisory-av22-449/62545/1
CISA should split from DHS or made part of broader ‘Digital Agency’: Fmr Director Chris Krebs
https://malware.news/t/cisa-should-split-from-dhs-or-made-part-of-broader-digital-agency-fmr-director-chris-krebs/62547/1
8 tips to secure printers on your network
https://www.csoonline.com/article/3669233/8-tips-to-secure-printers-on-your-network.html#tk.rss_all
Get Dashlane Premium password manager for 3 mo for $1
https://malware.news/t/get-dashlane-premium-password-manager-for-3-mo-for-1/62546/1
Former Twitter Employee Found Guilty of Spying for Saudi Arabia
https://thehackernews.com/2022/08/former-twitter-employee-found-guilty-of.html
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/10-08-2022
Ex Twitter employee found guilty of spying for Saudi Arabian government
https://securityaffairs.co/wordpress/134266/intelligence/ex-twitter-employee-guilty.html
Cyber Threats Warrant a Government Reorganization, Former CISA Head Says
https://malware.news/t/cyber-threats-warrant-a-government-reorganization-former-cisa-head-says/62548/1
ISC StormCast for Thursday, August 11th, 2022
https://isc.sans.edu/podcastdetail.html?id=8126
The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I)
https://googleprojectzero.blogspot.com/2022/08/the-quantum-state-of-linux-kernel.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
HPE security advisory (AV22-449)
Article Link: HPE security advisory (AV22-449) - Canadian Centre for Cyber Security
Top Security News for 12/08/2022
Critical Flaws Disclosed in Device42 IT Asset Management Software
https://thehackernews.com/2022/08/critical-flaws-disclosed-in-device42-it.html
Update now! Microsoft fixes two zero-days in August's Patch Tuesday
https://www.malwarebytes.com/blog/news/2022/08/update-now-patch-tuesday-august-2022
Slack flaw exposed users' hashed passwords
https://www.malwarebytes.com/blog/news/2022/08/slack-flaw-exposed-users-hashed-passwords
CISA Alert AA22-223A – #StopRansomware: Zeppelin Ransomware.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/27/notes
Summer of exploitation leads to healthcare under fire
https://www.malwarebytes.com/blog/news/2022/08/summer-of-exploitation-leads-to-healthcare-under-fire
How a Venezuelan disinformation campaign swayed voters in Colombia
https://www.csoonline.com/article/3669392/how-a-venezuelan-disinformation-campaign-swayed-voters-in-colombia.html#tk.rss_all
DHS says to update your Emergency Alert Systems immediately
https://www.malwarebytes.com/blog/news/2022/08/dhs-says-to-update-your-emergency-alert-systems-immediately
NHS IT Supplier Held To Ransom By Hackers
https://packetstormsecurity.com/news/view/33724/NHS-IT-Supplier-Held-To-Ransom-By-Hackers.html
Monster Libra (TA551/Shathak) pushes IcedID (Bokbot) with Dark VNC and Cobalt Strike, (Fri, Aug 12th)
https://malware.news/t/monster-libra-ta551-shathak-pushes-icedid-bokbot-with-dark-vnc-and-cobalt-strike-fri-aug-12th/62585/1
Cisco Confirms It's Been Hacked by Yanluowang Ransomware Gang
https://thehackernews.com/2022/08/cisco-confirms-its-been-hacked-by.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Critical Flaws Disclosed in Device42 IT Asset Management Software
https://thehackernews.com/2022/08/critical-flaws-disclosed-in-device42-it.html
Update now! Microsoft fixes two zero-days in August's Patch Tuesday
https://www.malwarebytes.com/blog/news/2022/08/update-now-patch-tuesday-august-2022
Slack flaw exposed users' hashed passwords
https://www.malwarebytes.com/blog/news/2022/08/slack-flaw-exposed-users-hashed-passwords
CISA Alert AA22-223A – #StopRansomware: Zeppelin Ransomware.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/27/notes
Summer of exploitation leads to healthcare under fire
https://www.malwarebytes.com/blog/news/2022/08/summer-of-exploitation-leads-to-healthcare-under-fire
How a Venezuelan disinformation campaign swayed voters in Colombia
https://www.csoonline.com/article/3669392/how-a-venezuelan-disinformation-campaign-swayed-voters-in-colombia.html#tk.rss_all
DHS says to update your Emergency Alert Systems immediately
https://www.malwarebytes.com/blog/news/2022/08/dhs-says-to-update-your-emergency-alert-systems-immediately
NHS IT Supplier Held To Ransom By Hackers
https://packetstormsecurity.com/news/view/33724/NHS-IT-Supplier-Held-To-Ransom-By-Hackers.html
Monster Libra (TA551/Shathak) pushes IcedID (Bokbot) with Dark VNC and Cobalt Strike, (Fri, Aug 12th)
https://malware.news/t/monster-libra-ta551-shathak-pushes-icedid-bokbot-with-dark-vnc-and-cobalt-strike-fri-aug-12th/62585/1
Cisco Confirms It's Been Hacked by Yanluowang Ransomware Gang
https://thehackernews.com/2022/08/cisco-confirms-its-been-hacked-by.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Update now! Patch Tuesday August 2022 fixes two zero-days
Patch Tuesday of August 2022 has come around. We take a look at the most important vulnerabilities that Microsoft fix and a brief look at what other vendors did.
👍1