Top Security News for 03/08/2022
Making Faster Javascript — BUN Intended!
https://malware.news/t/making-faster-javascript-bun-intended/62330/1
Using process creation properties to catch evasion techniques
https://www.reddit.com/r/netsec/comments/weozh7/using_process_creation_properties_to_catch/
Detection Rules for Lightning Framework (and How to Make Them With Osquery)
https://malware.news/t/detection-rules-for-lightning-framework-and-how-to-make-them-with-osquery/62331/1
LockBit Ransomware Abuses Windows Defender to Deploy Cobalt Strike Payload
https://thehackernews.com/2022/08/lockbit-ransomware-abuses-windows.html
German power electronics manufacturer Semikron has disclosed that it was hit by a ransomware attack that partially encrypted the company's network.
https://www.reddit.com/r/Malware/comments/weuxix/german_power_electronics_manufacturer_semikron/
BrandPost: Security Leaders Share 5 Steps to Strengthening Cyber Resilience
https://www.csoonline.com/article/3668555/security-leaders-share-5-steps-to-strengthening-cyber-resilience.html#tk.rss_all
Android security advisory – August 2022 monthly rollup (AV22-430)
https://malware.news/t/android-security-advisory-august-2022-monthly-rollup-av22-430/62325/1
Chinese Hackers Using New Manjusaka Hacking Framework Similar to Cobalt Strike
https://thehackernews.com/2022/08/chinese-hackers-using-new-manjusaka.html
Verizon's Mobile Security Index. New attack framework. Ransomware report.
https://thecyberwire.com/newsletters/research-briefing/4/31
ASEC Weekly Malware Statistics (July 25th, 2022 – July 31st, 2022)
https://malware.news/t/asec-weekly-malware-statistics-july-25th-2022-july-31st-2022/62328/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Making Faster Javascript — BUN Intended!
https://malware.news/t/making-faster-javascript-bun-intended/62330/1
Using process creation properties to catch evasion techniques
https://www.reddit.com/r/netsec/comments/weozh7/using_process_creation_properties_to_catch/
Detection Rules for Lightning Framework (and How to Make Them With Osquery)
https://malware.news/t/detection-rules-for-lightning-framework-and-how-to-make-them-with-osquery/62331/1
LockBit Ransomware Abuses Windows Defender to Deploy Cobalt Strike Payload
https://thehackernews.com/2022/08/lockbit-ransomware-abuses-windows.html
German power electronics manufacturer Semikron has disclosed that it was hit by a ransomware attack that partially encrypted the company's network.
https://www.reddit.com/r/Malware/comments/weuxix/german_power_electronics_manufacturer_semikron/
BrandPost: Security Leaders Share 5 Steps to Strengthening Cyber Resilience
https://www.csoonline.com/article/3668555/security-leaders-share-5-steps-to-strengthening-cyber-resilience.html#tk.rss_all
Android security advisory – August 2022 monthly rollup (AV22-430)
https://malware.news/t/android-security-advisory-august-2022-monthly-rollup-av22-430/62325/1
Chinese Hackers Using New Manjusaka Hacking Framework Similar to Cobalt Strike
https://thehackernews.com/2022/08/chinese-hackers-using-new-manjusaka.html
Verizon's Mobile Security Index. New attack framework. Ransomware report.
https://thecyberwire.com/newsletters/research-briefing/4/31
ASEC Weekly Malware Statistics (July 25th, 2022 – July 31st, 2022)
https://malware.news/t/asec-weekly-malware-statistics-july-25th-2022-july-31st-2022/62328/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
Making Faster Javascript — BUN Intended!
Making Faster Javascript — BUN Intended!!!BUN JS Evolution of JS and ToolsJavaScript was invented by Brendan Eich in 1995. It was developed for Netscape 2, and became the ECMA-262 standard in 1997. Nodejs released in 2009. By this time JavaScript was a…
Top Security News for 04/08/2022
ISC Stormcast For Thursday, August 4th, 2022 https://isc.sans.edu/podcastdetail.html?id=8116, (Thu, Aug 4th)
https://malware.news/t/isc-stormcast-for-thursday-august-4th-2022-https-isc-sans-edu-podcastdetail-html-id-8116-thu-aug-4th/62369/1
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/03-08-2022
Researchers Warns of Large-Scale AiTM Attacks Targeting Enterprise Users
https://thehackernews.com/2022/08/researchers-warns-of-large-scale-aitm.html
ISC StormCast for Thursday, August 4th, 2022
https://isc.sans.edu/podcastdetail.html?id=8116
How to detect Brute Ratel C2 (beacons & server deployments)
https://www.reddit.com/r/netsec/comments/wf1kbn/how_to_detect_brute_ratel_c2_beacons_server/
IcedID leverages PrivateLoader
https://malware.news/t/icedid-leverages-privateloader/62370/1
Old Men Confused Gen Z Isn’t Making TikToks About Assassination of al-Zawahri
https://www.vice.com/en_us/article/k7bbxw/old-men-confused-gen-z-isnt-making-tiktoks-about-assassination-of-al-zawahri
VirusTotal Reveals Most Impersonated Software in Malware Attacks
https://thehackernews.com/2022/08/virustotal-reveals-most-impersonated.html
Google fixed Critical Remote Code Execution flaw in Android
https://securityaffairs.co/wordpress/133956/security/android-critical-flaw-cve-2022-20345.html
How to protect yourself and your kids against device theft
https://blog.malwarebytes.com/awareness/2022/08/how-to-protect-yourself-and-your-kids-against-device-theft/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
ISC Stormcast For Thursday, August 4th, 2022 https://isc.sans.edu/podcastdetail.html?id=8116, (Thu, Aug 4th)
https://malware.news/t/isc-stormcast-for-thursday-august-4th-2022-https-isc-sans-edu-podcastdetail-html-id-8116-thu-aug-4th/62369/1
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/03-08-2022
Researchers Warns of Large-Scale AiTM Attacks Targeting Enterprise Users
https://thehackernews.com/2022/08/researchers-warns-of-large-scale-aitm.html
ISC StormCast for Thursday, August 4th, 2022
https://isc.sans.edu/podcastdetail.html?id=8116
How to detect Brute Ratel C2 (beacons & server deployments)
https://www.reddit.com/r/netsec/comments/wf1kbn/how_to_detect_brute_ratel_c2_beacons_server/
IcedID leverages PrivateLoader
https://malware.news/t/icedid-leverages-privateloader/62370/1
Old Men Confused Gen Z Isn’t Making TikToks About Assassination of al-Zawahri
https://www.vice.com/en_us/article/k7bbxw/old-men-confused-gen-z-isnt-making-tiktoks-about-assassination-of-al-zawahri
VirusTotal Reveals Most Impersonated Software in Malware Attacks
https://thehackernews.com/2022/08/virustotal-reveals-most-impersonated.html
Google fixed Critical Remote Code Execution flaw in Android
https://securityaffairs.co/wordpress/133956/security/android-critical-flaw-cve-2022-20345.html
How to protect yourself and your kids against device theft
https://blog.malwarebytes.com/awareness/2022/08/how-to-protect-yourself-and-your-kids-against-device-theft/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
ISC StormCast for Thursday, August 4th, 2022 - SANS ISC
Top Security News for 05/08/2022
Ransomware review: July 2022
https://blog.malwarebytes.com/threat-intelligence/2022/08/ransomware-review-july-2022/
Hackers Exploited Atlassian Confluence Bug to Deploy Ljl Backdoor for Espionage
https://thehackernews.com/2022/08/hackers-exploited-atlassian-confluence.html
Ransomware protection with Malwarebytes EDR: Your FAQs, answered!
https://blog.malwarebytes.com/business/2022/08/ransomware-protection-with-malwarebytes-edr-your-faqs-answered/
Three Common Mistakes That May Sabotage Your Security Training
https://thehackernews.com/2022/08/three-common-mistakes-that-may-sabotage.html
ISC StormCast for Friday, August 5th, 2022
https://isc.sans.edu/podcastdetail.html?id=8118
Wordfence Intelligence Launching at Black Hat 2022 in Las Vegas Next Week
https://malware.news/t/wordfence-intelligence-launching-at-black-hat-2022-in-las-vegas-next-week/62397/1
Ransomware review: July 2022
https://malware.news/t/ransomware-review-july-2022/62398/1
Ransomware Task Force Releases SMB Blueprint For Defense And Mitigation
https://packetstormsecurity.com/news/view/33695/Ransomware-Task-Force-Releases-SMB-Blueprint-For-Defense-And-Mitigation.html
How To Implement JSON Web Token (JWT) in Java Spring Boot
https://www.reddit.com/r/netsec/comments/wgd157/how_to_implement_json_web_token_jwt_in_java/
11 stakeholder strategies for red team success
https://www.csoonline.com/article/3668536/11-stakeholder-strategies-for-red-team-success-from-a-red-teamer.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Ransomware review: July 2022
https://blog.malwarebytes.com/threat-intelligence/2022/08/ransomware-review-july-2022/
Hackers Exploited Atlassian Confluence Bug to Deploy Ljl Backdoor for Espionage
https://thehackernews.com/2022/08/hackers-exploited-atlassian-confluence.html
Ransomware protection with Malwarebytes EDR: Your FAQs, answered!
https://blog.malwarebytes.com/business/2022/08/ransomware-protection-with-malwarebytes-edr-your-faqs-answered/
Three Common Mistakes That May Sabotage Your Security Training
https://thehackernews.com/2022/08/three-common-mistakes-that-may-sabotage.html
ISC StormCast for Friday, August 5th, 2022
https://isc.sans.edu/podcastdetail.html?id=8118
Wordfence Intelligence Launching at Black Hat 2022 in Las Vegas Next Week
https://malware.news/t/wordfence-intelligence-launching-at-black-hat-2022-in-las-vegas-next-week/62397/1
Ransomware review: July 2022
https://malware.news/t/ransomware-review-july-2022/62398/1
Ransomware Task Force Releases SMB Blueprint For Defense And Mitigation
https://packetstormsecurity.com/news/view/33695/Ransomware-Task-Force-Releases-SMB-Blueprint-For-Defense-And-Mitigation.html
How To Implement JSON Web Token (JWT) in Java Spring Boot
https://www.reddit.com/r/netsec/comments/wgd157/how_to_implement_json_web_token_jwt_in_java/
11 stakeholder strategies for red team success
https://www.csoonline.com/article/3668536/11-stakeholder-strategies-for-red-team-success-from-a-red-teamer.html#tk.rss_all
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Ransomware review: July 2022
BlackBasta lined up behind LockBit as the second most prevalent ransomware in July, a number of new gangs appeared, and an old one reappeared
Top Security News for 06/08/2022
Nancy Pelosi’s Beijing Arrest for 'Hooliganism' Is Trending on Weibo
https://www.vice.com/en_us/article/7k883e/nancy-pelosis-beijing-arrest-for-hooliganism-is-trending-on-weibo
Cyber Insurance Market 2022: FAQs & Updates with iBynd
https://malware.news/t/cyber-insurance-market-2022-faqs-updates-with-ibynd/62415/1
How Passwordless Works
https://www.reddit.com/r/netsec/comments/wh4dcq/how_passwordless_works/
A Growing Number of Malware Attacks Leveraging Dark Utilities 'C2-as-a-Service'
https://thehackernews.com/2022/08/a-growing-number-of-malware-attacks.html
Vulnerable Antivirus Driver Used by Ransomware - We Reverse Engineer How!?
https://malware.news/t/vulnerable-antivirus-driver-used-by-ransomware-we-reverse-engineer-how/62418/1
New Linux botnet RapperBot brute-forces SSH servers
https://securityaffairs.co/wordpress/134023/malware/rapperbot-linux-botnet.html
CISA Alert AA22-216A – 2021 top malware strains.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/26/notes
Digital censorship in democratic nations. New York becomes first state to require cybersecurity training for attorneys.
https://thecyberwire.com/newsletters/policy-briefing/4/150
Reverse Engineering Windows Printer Drivers (Part 1)
https://www.reddit.com/r/netsec/comments/wh1wzr/reverse_engineering_windows_printer_drivers_part_1/
Ukraine claims to have taken down a massive Russian bot farm. Cyberattacks affect three official sites in Taiwan. Major cryptocurrency thefts.
https://thecyberwire.com/newsletters/week-that-was/6/31
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Nancy Pelosi’s Beijing Arrest for 'Hooliganism' Is Trending on Weibo
https://www.vice.com/en_us/article/7k883e/nancy-pelosis-beijing-arrest-for-hooliganism-is-trending-on-weibo
Cyber Insurance Market 2022: FAQs & Updates with iBynd
https://malware.news/t/cyber-insurance-market-2022-faqs-updates-with-ibynd/62415/1
How Passwordless Works
https://www.reddit.com/r/netsec/comments/wh4dcq/how_passwordless_works/
A Growing Number of Malware Attacks Leveraging Dark Utilities 'C2-as-a-Service'
https://thehackernews.com/2022/08/a-growing-number-of-malware-attacks.html
Vulnerable Antivirus Driver Used by Ransomware - We Reverse Engineer How!?
https://malware.news/t/vulnerable-antivirus-driver-used-by-ransomware-we-reverse-engineer-how/62418/1
New Linux botnet RapperBot brute-forces SSH servers
https://securityaffairs.co/wordpress/134023/malware/rapperbot-linux-botnet.html
CISA Alert AA22-216A – 2021 top malware strains.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/26/notes
Digital censorship in democratic nations. New York becomes first state to require cybersecurity training for attorneys.
https://thecyberwire.com/newsletters/policy-briefing/4/150
Reverse Engineering Windows Printer Drivers (Part 1)
https://www.reddit.com/r/netsec/comments/wh1wzr/reverse_engineering_windows_printer_drivers_part_1/
Ukraine claims to have taken down a massive Russian bot farm. Cyberattacks affect three official sites in Taiwan. Major cryptocurrency thefts.
https://thecyberwire.com/newsletters/week-that-was/6/31
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Vice
Nancy Pelosi’s Beijing Arrest for 'Hooliganism' Is Trending on Weibo
Weibo users are using this newly unearthed fact to highlight their perception of Pelosi’s visit of Taiwan as part of a long held anti-China sentiment.
Top Security News for 08/08/2022
Amazon’s One-Stop Shop for Identity Thieves
https://www.reddit.com/r/netsec/comments/wihywi/amazons_onestop_shop_for_identity_thieves/
Serious cyberattack hits German Chambers of Industry and Commerce (DIHK)
https://securityaffairs.co/wordpress/134121/hacking/dihk-cyberattack.html
WinAPi Search - Recursively Search PE Binaries by Win32 Function Name
https://www.reddit.com/r/netsec/comments/wiqjjn/winapi_search_recursively_search_pe_binaries_by/
Fintech Ecosystem
https://thecyberwire.com/podcasts/cso-perspectives/83/notes
Monero CoinMiner Being Distributed via Webhards
https://malware.news/t/monero-coinminer-being-distributed-via-webhards/62426/1
ISC Stormcast For Monday, August 8th, 2022 https://isc.sans.edu/podcastdetail.html?id=8120, (Mon, Aug 8th)
https://isc.sans.edu/diary/rss/28918
GwisinLocker ransomware exclusively targets South Korea
https://securityaffairs.co/wordpress/134105/cyber-crime/gwisinlocker-ransowmare-south-korea.html
Patch now! Cisco VPN routers are vulnerable to remote control
https://malware.news/t/patch-now-cisco-vpn-routers-are-vulnerable-to-remote-control/62424/1
Orchestrating the security stack around the Hash Table, with Rick Howard, Bob Turner, and Kevin Magee.
https://thecyberwire.com/podcasts/cso-perspectives-public/56/notes
Codewarrior - open source SAST
https://www.reddit.com/r/netsec/comments/wizih6/codewarrior_open_source_sast/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Amazon’s One-Stop Shop for Identity Thieves
https://www.reddit.com/r/netsec/comments/wihywi/amazons_onestop_shop_for_identity_thieves/
Serious cyberattack hits German Chambers of Industry and Commerce (DIHK)
https://securityaffairs.co/wordpress/134121/hacking/dihk-cyberattack.html
WinAPi Search - Recursively Search PE Binaries by Win32 Function Name
https://www.reddit.com/r/netsec/comments/wiqjjn/winapi_search_recursively_search_pe_binaries_by/
Fintech Ecosystem
https://thecyberwire.com/podcasts/cso-perspectives/83/notes
Monero CoinMiner Being Distributed via Webhards
https://malware.news/t/monero-coinminer-being-distributed-via-webhards/62426/1
ISC Stormcast For Monday, August 8th, 2022 https://isc.sans.edu/podcastdetail.html?id=8120, (Mon, Aug 8th)
https://isc.sans.edu/diary/rss/28918
GwisinLocker ransomware exclusively targets South Korea
https://securityaffairs.co/wordpress/134105/cyber-crime/gwisinlocker-ransowmare-south-korea.html
Patch now! Cisco VPN routers are vulnerable to remote control
https://malware.news/t/patch-now-cisco-vpn-routers-are-vulnerable-to-remote-control/62424/1
Orchestrating the security stack around the Hash Table, with Rick Howard, Bob Turner, and Kevin Magee.
https://thecyberwire.com/podcasts/cso-perspectives-public/56/notes
Codewarrior - open source SAST
https://www.reddit.com/r/netsec/comments/wizih6/codewarrior_open_source_sast/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Amazon’s One-Stop Shop for Identity Thieves
Posted in r/netsec by u/moxofoxo • 51 points and 0 comments
Top Security News for 09/08/2022
A week in security (August 1 - August 7)
https://www.malwarebytes.com/blog/news/2022/08/a-week-in-security-august-1-august-7
SimpleX Chat - the first messaging platform that has no user identifiers (not even random numbers) - v3.1 of iOS and Android apps released - with secret chat groups and server access via Tor.
https://www.reddit.com/r/netsec/comments/wjczks/simplex_chat_the_first_messaging_platform_that/
Security Guide for Startups: How to think about security while moving quickly | LunaSec
https://www.reddit.com/r/netsec/comments/wjdkej/security_guide_for_startups_how_to_think_about/
Pivoting on a SharpExt to profile Kimusky panels for great good
https://malware.news/t/pivoting-on-a-sharpext-to-profile-kimusky-panels-for-great-good/62462/1
Hacker Finds Kill Switch for Submachine Gun–Wielding Robot Dog
https://www.vice.com/en_us/article/akeexk/hacker-finds-kill-switch-for-submachine-gun-wielding-robot-dog
Patch now! Cisco VPN routers are vulnerable to remote control
https://www.malwarebytes.com/blog/news/2022/08/patch-now-cisco-vpn-routers-are-vulnerable-to-remote-control
Cybersecurity is a team sport.
https://thecyberwire.com/podcasts/cyberwire-x/35/notes
ISC Stormcast For Tuesday, August 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8122, (Tue, Aug 9th)
https://isc.sans.edu/diary/rss/28922
A week in security (August 1 – 7)
https://blog.malwarebytes.com/a-week-in-security/2022/08/a-week-in-security-august-1-7/
LogoKit update – The phishing kit leveraging Open Redirect Vulnerabilities
https://securityaffairs.co/wordpress/134141/hacking/logokit-phishing-open-redirect.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
A week in security (August 1 - August 7)
https://www.malwarebytes.com/blog/news/2022/08/a-week-in-security-august-1-august-7
SimpleX Chat - the first messaging platform that has no user identifiers (not even random numbers) - v3.1 of iOS and Android apps released - with secret chat groups and server access via Tor.
https://www.reddit.com/r/netsec/comments/wjczks/simplex_chat_the_first_messaging_platform_that/
Security Guide for Startups: How to think about security while moving quickly | LunaSec
https://www.reddit.com/r/netsec/comments/wjdkej/security_guide_for_startups_how_to_think_about/
Pivoting on a SharpExt to profile Kimusky panels for great good
https://malware.news/t/pivoting-on-a-sharpext-to-profile-kimusky-panels-for-great-good/62462/1
Hacker Finds Kill Switch for Submachine Gun–Wielding Robot Dog
https://www.vice.com/en_us/article/akeexk/hacker-finds-kill-switch-for-submachine-gun-wielding-robot-dog
Patch now! Cisco VPN routers are vulnerable to remote control
https://www.malwarebytes.com/blog/news/2022/08/patch-now-cisco-vpn-routers-are-vulnerable-to-remote-control
Cybersecurity is a team sport.
https://thecyberwire.com/podcasts/cyberwire-x/35/notes
ISC Stormcast For Tuesday, August 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8122, (Tue, Aug 9th)
https://isc.sans.edu/diary/rss/28922
A week in security (August 1 – 7)
https://blog.malwarebytes.com/a-week-in-security/2022/08/a-week-in-security-august-1-7/
LogoKit update – The phishing kit leveraging Open Redirect Vulnerabilities
https://securityaffairs.co/wordpress/134141/hacking/logokit-phishing-open-redirect.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
A week in security (August 1 - August 7)
The most important and interesting computer security stories from the last week.
Top Security News for 10/08/2022
Twilio discloses a data breach. Social engineering at Klaviyo exposes customer data.
https://thecyberwire.com/podcasts/privacy-briefing/643/notes
Cyberespionage targets industrial entities. Woody RAT used against Russian organizations. Dark Utilities facilitates attacks.
https://thecyberwire.com/newsletters/research-briefing/4/32
Security Best Practices in PHP
https://www.reddit.com/r/netsec/comments/wjzhso/security_best_practices_in_php/
Recommended methods for a physical lab with 3 PCs
https://www.reddit.com/r/Malware/comments/wkd922/recommended_methods_for_a_physical_lab_with_3_pcs/
BrandPost: Choosing the Right Security Service Edge Platform
https://www.csoonline.com/article/3668636/choosing-the-right-security-service-edge-platform.html#tk.rss_all
ISC StormCast for Wednesday, August 10th, 2022
https://isc.sans.edu/podcastdetail.html?id=8124
Control Panel Version 6.30.0.0 (upcoming release)
https://malware.news/t/control-panel-version-6-30-0-0-upcoming-release/62510/1
Discovering Domains via a Timing Attack on Certificate Transparency
https://www.reddit.com/r/netsec/comments/wkczlq/discovering_domains_via_a_timing_attack_on/
5 cybersecurity tips for students going back to school
https://www.malwarebytes.com/blog/news/2022/08/5-cybersecurity-tips-for-students-going-back-to-school
A Novel SIP Based Distributed Reflection Denial-of-Service Attack and an Effective Defense Mechanism
https://www.reddit.com/r/netsec/comments/wklym3/a_novel_sip_based_distributed_reflection/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Twilio discloses a data breach. Social engineering at Klaviyo exposes customer data.
https://thecyberwire.com/podcasts/privacy-briefing/643/notes
Cyberespionage targets industrial entities. Woody RAT used against Russian organizations. Dark Utilities facilitates attacks.
https://thecyberwire.com/newsletters/research-briefing/4/32
Security Best Practices in PHP
https://www.reddit.com/r/netsec/comments/wjzhso/security_best_practices_in_php/
Recommended methods for a physical lab with 3 PCs
https://www.reddit.com/r/Malware/comments/wkd922/recommended_methods_for_a_physical_lab_with_3_pcs/
BrandPost: Choosing the Right Security Service Edge Platform
https://www.csoonline.com/article/3668636/choosing-the-right-security-service-edge-platform.html#tk.rss_all
ISC StormCast for Wednesday, August 10th, 2022
https://isc.sans.edu/podcastdetail.html?id=8124
Control Panel Version 6.30.0.0 (upcoming release)
https://malware.news/t/control-panel-version-6-30-0-0-upcoming-release/62510/1
Discovering Domains via a Timing Attack on Certificate Transparency
https://www.reddit.com/r/netsec/comments/wkczlq/discovering_domains_via_a_timing_attack_on/
5 cybersecurity tips for students going back to school
https://www.malwarebytes.com/blog/news/2022/08/5-cybersecurity-tips-for-students-going-back-to-school
A Novel SIP Based Distributed Reflection Denial-of-Service Attack and an Effective Defense Mechanism
https://www.reddit.com/r/netsec/comments/wklym3/a_novel_sip_based_distributed_reflection/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Twilio discloses a data breach. Social engineering at Klaviyo exposes customer data.
Top Security News for 11/08/2022
HPE security advisory (AV22-449)
https://malware.news/t/hpe-security-advisory-av22-449/62545/1
CISA should split from DHS or made part of broader ‘Digital Agency’: Fmr Director Chris Krebs
https://malware.news/t/cisa-should-split-from-dhs-or-made-part-of-broader-digital-agency-fmr-director-chris-krebs/62547/1
8 tips to secure printers on your network
https://www.csoonline.com/article/3669233/8-tips-to-secure-printers-on-your-network.html#tk.rss_all
Get Dashlane Premium password manager for 3 mo for $1
https://malware.news/t/get-dashlane-premium-password-manager-for-3-mo-for-1/62546/1
Former Twitter Employee Found Guilty of Spying for Saudi Arabia
https://thehackernews.com/2022/08/former-twitter-employee-found-guilty-of.html
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/10-08-2022
Ex Twitter employee found guilty of spying for Saudi Arabian government
https://securityaffairs.co/wordpress/134266/intelligence/ex-twitter-employee-guilty.html
Cyber Threats Warrant a Government Reorganization, Former CISA Head Says
https://malware.news/t/cyber-threats-warrant-a-government-reorganization-former-cisa-head-says/62548/1
ISC StormCast for Thursday, August 11th, 2022
https://isc.sans.edu/podcastdetail.html?id=8126
The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I)
https://googleprojectzero.blogspot.com/2022/08/the-quantum-state-of-linux-kernel.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
HPE security advisory (AV22-449)
https://malware.news/t/hpe-security-advisory-av22-449/62545/1
CISA should split from DHS or made part of broader ‘Digital Agency’: Fmr Director Chris Krebs
https://malware.news/t/cisa-should-split-from-dhs-or-made-part-of-broader-digital-agency-fmr-director-chris-krebs/62547/1
8 tips to secure printers on your network
https://www.csoonline.com/article/3669233/8-tips-to-secure-printers-on-your-network.html#tk.rss_all
Get Dashlane Premium password manager for 3 mo for $1
https://malware.news/t/get-dashlane-premium-password-manager-for-3-mo-for-1/62546/1
Former Twitter Employee Found Guilty of Spying for Saudi Arabia
https://thehackernews.com/2022/08/former-twitter-employee-found-guilty-of.html
NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/10-08-2022
Ex Twitter employee found guilty of spying for Saudi Arabian government
https://securityaffairs.co/wordpress/134266/intelligence/ex-twitter-employee-guilty.html
Cyber Threats Warrant a Government Reorganization, Former CISA Head Says
https://malware.news/t/cyber-threats-warrant-a-government-reorganization-former-cisa-head-says/62548/1
ISC StormCast for Thursday, August 11th, 2022
https://isc.sans.edu/podcastdetail.html?id=8126
The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I)
https://googleprojectzero.blogspot.com/2022/08/the-quantum-state-of-linux-kernel.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
HPE security advisory (AV22-449)
Article Link: HPE security advisory (AV22-449) - Canadian Centre for Cyber Security
Top Security News for 12/08/2022
Critical Flaws Disclosed in Device42 IT Asset Management Software
https://thehackernews.com/2022/08/critical-flaws-disclosed-in-device42-it.html
Update now! Microsoft fixes two zero-days in August's Patch Tuesday
https://www.malwarebytes.com/blog/news/2022/08/update-now-patch-tuesday-august-2022
Slack flaw exposed users' hashed passwords
https://www.malwarebytes.com/blog/news/2022/08/slack-flaw-exposed-users-hashed-passwords
CISA Alert AA22-223A – #StopRansomware: Zeppelin Ransomware.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/27/notes
Summer of exploitation leads to healthcare under fire
https://www.malwarebytes.com/blog/news/2022/08/summer-of-exploitation-leads-to-healthcare-under-fire
How a Venezuelan disinformation campaign swayed voters in Colombia
https://www.csoonline.com/article/3669392/how-a-venezuelan-disinformation-campaign-swayed-voters-in-colombia.html#tk.rss_all
DHS says to update your Emergency Alert Systems immediately
https://www.malwarebytes.com/blog/news/2022/08/dhs-says-to-update-your-emergency-alert-systems-immediately
NHS IT Supplier Held To Ransom By Hackers
https://packetstormsecurity.com/news/view/33724/NHS-IT-Supplier-Held-To-Ransom-By-Hackers.html
Monster Libra (TA551/Shathak) pushes IcedID (Bokbot) with Dark VNC and Cobalt Strike, (Fri, Aug 12th)
https://malware.news/t/monster-libra-ta551-shathak-pushes-icedid-bokbot-with-dark-vnc-and-cobalt-strike-fri-aug-12th/62585/1
Cisco Confirms It's Been Hacked by Yanluowang Ransomware Gang
https://thehackernews.com/2022/08/cisco-confirms-its-been-hacked-by.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Critical Flaws Disclosed in Device42 IT Asset Management Software
https://thehackernews.com/2022/08/critical-flaws-disclosed-in-device42-it.html
Update now! Microsoft fixes two zero-days in August's Patch Tuesday
https://www.malwarebytes.com/blog/news/2022/08/update-now-patch-tuesday-august-2022
Slack flaw exposed users' hashed passwords
https://www.malwarebytes.com/blog/news/2022/08/slack-flaw-exposed-users-hashed-passwords
CISA Alert AA22-223A – #StopRansomware: Zeppelin Ransomware.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/27/notes
Summer of exploitation leads to healthcare under fire
https://www.malwarebytes.com/blog/news/2022/08/summer-of-exploitation-leads-to-healthcare-under-fire
How a Venezuelan disinformation campaign swayed voters in Colombia
https://www.csoonline.com/article/3669392/how-a-venezuelan-disinformation-campaign-swayed-voters-in-colombia.html#tk.rss_all
DHS says to update your Emergency Alert Systems immediately
https://www.malwarebytes.com/blog/news/2022/08/dhs-says-to-update-your-emergency-alert-systems-immediately
NHS IT Supplier Held To Ransom By Hackers
https://packetstormsecurity.com/news/view/33724/NHS-IT-Supplier-Held-To-Ransom-By-Hackers.html
Monster Libra (TA551/Shathak) pushes IcedID (Bokbot) with Dark VNC and Cobalt Strike, (Fri, Aug 12th)
https://malware.news/t/monster-libra-ta551-shathak-pushes-icedid-bokbot-with-dark-vnc-and-cobalt-strike-fri-aug-12th/62585/1
Cisco Confirms It's Been Hacked by Yanluowang Ransomware Gang
https://thehackernews.com/2022/08/cisco-confirms-its-been-hacked-by.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malwarebytes
Update now! Patch Tuesday August 2022 fixes two zero-days
Patch Tuesday of August 2022 has come around. We take a look at the most important vulnerabilities that Microsoft fix and a brief look at what other vendors did.
👍1
Top Security News for 13/08/2022
Twitter exploit may have compromised more than 5 million accounts. Cyberattack disrupts NHS 111. Twilio discloses data breach.
https://thecyberwire.com/newsletters/week-that-was/6/32
Seller, beware. College network intrusion results in data compromise. AT&T denies stolen data came from an internal breach.
https://thecyberwire.com/podcasts/privacy-briefing/646/notes
‘It Could Be Anything’: Experts Tell Us What Kind of Nuclear Secrets Could Trump Steal
https://www.vice.com/en_us/article/wxnjz9/it-could-be-anything-experts-tell-us-what-kind-of-nuclear-secrets-could-trump-steal
Matthew Warner from Blumira CTO discusses avoiding burnout in the IT industry.
https://thecyberwire.com/podcasts/interview-selects/123/notes
CISA orders civilian agencies to patch Zimbra bug after mass exploitation
https://malware.news/t/cisa-orders-civilian-agencies-to-patch-zimbra-bug-after-mass-exploitation/62605/1
Ukraine at D+169: Partisans, both kinetic and cyber.
https://thecyberwire.com/stories/c311954525a64eaaa0d316de77a3e302/ukraine-at-d169-partisans-both-kinetic-and-cyber
‘We Plan to Run Over the Child on Saturday’: Elon Musk Stans Are Trying to Debunk a Tesla Full Self-Driving Safety Video
https://www.vice.com/en_us/article/88qx8z/tesla-fans-mad-over-video-of-tesla-mowing-down-toddler-mannequin-in-full-self-driving-mode
AT&T denies connection to database of 23 million SSNs, says it may be tied to credit agency breach
https://malware.news/t/at-t-denies-connection-to-database-of-23-million-ssns-says-it-may-be-tied-to-credit-agency-breach/62602/1
Researchers Warn of Ongoing Mass Exploitation of Zimbra RCE Vulnerability
https://thehackernews.com/2022/08/researchers-warn-of-ongoing-mass.html
Black Hat 2022‑ Cyberdefense in a global threats era
https://malware.news/t/black-hat-2022-cyberdefense-in-a-global-threats-era/62607/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Twitter exploit may have compromised more than 5 million accounts. Cyberattack disrupts NHS 111. Twilio discloses data breach.
https://thecyberwire.com/newsletters/week-that-was/6/32
Seller, beware. College network intrusion results in data compromise. AT&T denies stolen data came from an internal breach.
https://thecyberwire.com/podcasts/privacy-briefing/646/notes
‘It Could Be Anything’: Experts Tell Us What Kind of Nuclear Secrets Could Trump Steal
https://www.vice.com/en_us/article/wxnjz9/it-could-be-anything-experts-tell-us-what-kind-of-nuclear-secrets-could-trump-steal
Matthew Warner from Blumira CTO discusses avoiding burnout in the IT industry.
https://thecyberwire.com/podcasts/interview-selects/123/notes
CISA orders civilian agencies to patch Zimbra bug after mass exploitation
https://malware.news/t/cisa-orders-civilian-agencies-to-patch-zimbra-bug-after-mass-exploitation/62605/1
Ukraine at D+169: Partisans, both kinetic and cyber.
https://thecyberwire.com/stories/c311954525a64eaaa0d316de77a3e302/ukraine-at-d169-partisans-both-kinetic-and-cyber
‘We Plan to Run Over the Child on Saturday’: Elon Musk Stans Are Trying to Debunk a Tesla Full Self-Driving Safety Video
https://www.vice.com/en_us/article/88qx8z/tesla-fans-mad-over-video-of-tesla-mowing-down-toddler-mannequin-in-full-self-driving-mode
AT&T denies connection to database of 23 million SSNs, says it may be tied to credit agency breach
https://malware.news/t/at-t-denies-connection-to-database-of-23-million-ssns-says-it-may-be-tied-to-credit-agency-breach/62602/1
Researchers Warn of Ongoing Mass Exploitation of Zimbra RCE Vulnerability
https://thehackernews.com/2022/08/researchers-warn-of-ongoing-mass.html
Black Hat 2022‑ Cyberdefense in a global threats era
https://malware.news/t/black-hat-2022-cyberdefense-in-a-global-threats-era/62607/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Twitter exploit may have compromised more than 5 million accounts. Cyberattack disrupts NHS 111. Twilio discloses data breach.
Top Security News for 14/08/2022
How I Hacked my Car
https://www.reddit.com/r/netsec/comments/wneyca/how_i_hacked_my_car/
Christian Lees: it's not always textbook. [CTO]
https://thecyberwire.com/podcasts/career-notes/112/notes
Starlink-FI: Starlink User Terminal Modchip
https://www.reddit.com/r/lowlevel/comments/wnxvi0/starlinkfi_starlink_user_terminal_modchip/
Malware sandbox evasion in x64 assembly by checking ram size - Part 1
https://www.reddit.com/r/Malware/comments/wnmsik/malware_sandbox_evasion_in_x64_assembly_by/
Phishing HTML Attachment as Voicemail Audio Transcription, (Sat, Aug 13th)
https://malware.news/t/phishing-html-attachment-as-voicemail-audio-transcription-sat-aug-13th/62611/1
Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users
https://thehackernews.com/2022/08/chinese-hackers-backdoored-mimi-chat.html
How Can I be a Professional Hacker
https://0x00sec.org/t/how-can-i-be-a-professional-hacker/30680
Three flaws allow attackers to bypass UEFI Secure Boot feature
https://securityaffairs.co/wordpress/134334/hacking/uefi-secure-boot-feature-flaw.html
Send raw requests via sockets
https://0x00sec.org/t/send-raw-requests-via-sockets/30670
Who "Owns" Your Infrastructure?
https://malware.news/t/who-owns-your-infrastructure/62610/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
How I Hacked my Car
https://www.reddit.com/r/netsec/comments/wneyca/how_i_hacked_my_car/
Christian Lees: it's not always textbook. [CTO]
https://thecyberwire.com/podcasts/career-notes/112/notes
Starlink-FI: Starlink User Terminal Modchip
https://www.reddit.com/r/lowlevel/comments/wnxvi0/starlinkfi_starlink_user_terminal_modchip/
Malware sandbox evasion in x64 assembly by checking ram size - Part 1
https://www.reddit.com/r/Malware/comments/wnmsik/malware_sandbox_evasion_in_x64_assembly_by/
Phishing HTML Attachment as Voicemail Audio Transcription, (Sat, Aug 13th)
https://malware.news/t/phishing-html-attachment-as-voicemail-audio-transcription-sat-aug-13th/62611/1
Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users
https://thehackernews.com/2022/08/chinese-hackers-backdoored-mimi-chat.html
How Can I be a Professional Hacker
https://0x00sec.org/t/how-can-i-be-a-professional-hacker/30680
Three flaws allow attackers to bypass UEFI Secure Boot feature
https://securityaffairs.co/wordpress/134334/hacking/uefi-secure-boot-feature-flaw.html
Send raw requests via sockets
https://0x00sec.org/t/send-raw-requests-via-sockets/30670
Who "Owns" Your Infrastructure?
https://malware.news/t/who-owns-your-infrastructure/62610/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
How I Hacked my Car
Posted in r/netsec by u/CyberMasterV • 72 points and 9 comments
Top Security News for 15/08/2022
Adversary playbooks and cybersecurity first principles, with Rick Howard.
https://thecyberwire.com/podcasts/cso-perspectives-public/57/notes
Process injection: breaking all macOS security layers with a single vulnerability
https://www.reddit.com/r/netsec/comments/woki2o/process_injection_breaking_all_macos_security/
Privilege escalation.
https://thecyberwire.com/stories/5f7c0bc7edba4759b0ba1935a9aa1992/privilege-escalation
From Oscilloscope to Wireshark
https://www.reddit.com/r/netsec/comments/wojl4m/from_oscilloscope_to_wireshark/
wtfis - A commandline tool that gathers information about a domain or FQDN using various OSINT services and displays them formatted for human consumption.
https://www.reddit.com/r/netsec/comments/wojqnv/wtfis_a_commandline_tool_that_gathers_information/
ISC StormCast for Monday, August 15th, 2022
https://isc.sans.edu/podcastdetail.html?id=8130
Just starting out
https://www.reddit.com/r/Malware/comments/woicue/just_starting_out/
HijackLibs: an open-source, community-driven project tracking DLL Hijacking opportunities in in Windows
https://www.reddit.com/r/netsec/comments/wonmht/hijacklibs_an_opensource_communitydriven_project/
The 5 best identity theft protection and credit monitoring services of 2022
https://malware.news/t/the-5-best-identity-theft-protection-and-credit-monitoring-services-of-2022/62615/1
NthLink VPN found to be regular shadowsocks using same pre-shared keys for all users
https://www.reddit.com/r/netsec/comments/wolk9s/nthlink_vpn_found_to_be_regular_shadowsocks_using/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Adversary playbooks and cybersecurity first principles, with Rick Howard.
https://thecyberwire.com/podcasts/cso-perspectives-public/57/notes
Process injection: breaking all macOS security layers with a single vulnerability
https://www.reddit.com/r/netsec/comments/woki2o/process_injection_breaking_all_macos_security/
Privilege escalation.
https://thecyberwire.com/stories/5f7c0bc7edba4759b0ba1935a9aa1992/privilege-escalation
From Oscilloscope to Wireshark
https://www.reddit.com/r/netsec/comments/wojl4m/from_oscilloscope_to_wireshark/
wtfis - A commandline tool that gathers information about a domain or FQDN using various OSINT services and displays them formatted for human consumption.
https://www.reddit.com/r/netsec/comments/wojqnv/wtfis_a_commandline_tool_that_gathers_information/
ISC StormCast for Monday, August 15th, 2022
https://isc.sans.edu/podcastdetail.html?id=8130
Just starting out
https://www.reddit.com/r/Malware/comments/woicue/just_starting_out/
HijackLibs: an open-source, community-driven project tracking DLL Hijacking opportunities in in Windows
https://www.reddit.com/r/netsec/comments/wonmht/hijacklibs_an_opensource_communitydriven_project/
The 5 best identity theft protection and credit monitoring services of 2022
https://malware.news/t/the-5-best-identity-theft-protection-and-credit-monitoring-services-of-2022/62615/1
NthLink VPN found to be regular shadowsocks using same pre-shared keys for all users
https://www.reddit.com/r/netsec/comments/wolk9s/nthlink_vpn_found_to_be_regular_shadowsocks_using/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Adversary playbooks and cybersecurity first principles, with Rick Howard.
Adversary playbooks as a cybersecurity first principle strategy. Rick Howard proves that proactive defense and adversary playbooks give the advantage to the defender.
Top Security News for 15/08/2022
Privilege escalation.
https://thecyberwire.com/stories/5f7c0bc7edba4759b0ba1935a9aa1992/privilege-escalation
Adversary playbooks and cybersecurity first principles, with Rick Howard.
https://thecyberwire.com/podcasts/cso-perspectives-public/57/notes
NthLink VPN found to be regular shadowsocks using same pre-shared keys for all users
https://www.reddit.com/r/netsec/comments/wolk9s/nthlink_vpn_found_to_be_regular_shadowsocks_using/
Just starting out
https://www.reddit.com/r/Malware/comments/woicue/just_starting_out/
ISC StormCast for Monday, August 15th, 2022
https://isc.sans.edu/podcastdetail.html?id=8130
wtfis - A commandline tool that gathers information about a domain or FQDN using various OSINT services and displays them formatted for human consumption.
https://www.reddit.com/r/netsec/comments/wojqnv/wtfis_a_commandline_tool_that_gathers_information/
ISC Stormcast For Monday, August 15th, 2022 https://isc.sans.edu/podcastdetail.html?id=8130, (Mon, Aug 15th)
https://isc.sans.edu/diary/rss/28942
STrace: MIT Licensed Windows Reimplementation of DTrace
https://www.reddit.com/r/netsec/comments/won53u/strace_mit_licensed_windows_reimplementation_of/
Tornado Cash Developer Arrested After U.S. Sanctions the Cryptocurrency Mixer
https://thehackernews.com/2022/08/tornado-cash-developer-arrested-after.html
Process injection: breaking all macOS security layers with a single vulnerability
https://www.reddit.com/r/netsec/comments/woki2o/process_injection_breaking_all_macos_security/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Privilege escalation.
https://thecyberwire.com/stories/5f7c0bc7edba4759b0ba1935a9aa1992/privilege-escalation
Adversary playbooks and cybersecurity first principles, with Rick Howard.
https://thecyberwire.com/podcasts/cso-perspectives-public/57/notes
NthLink VPN found to be regular shadowsocks using same pre-shared keys for all users
https://www.reddit.com/r/netsec/comments/wolk9s/nthlink_vpn_found_to_be_regular_shadowsocks_using/
Just starting out
https://www.reddit.com/r/Malware/comments/woicue/just_starting_out/
ISC StormCast for Monday, August 15th, 2022
https://isc.sans.edu/podcastdetail.html?id=8130
wtfis - A commandline tool that gathers information about a domain or FQDN using various OSINT services and displays them formatted for human consumption.
https://www.reddit.com/r/netsec/comments/wojqnv/wtfis_a_commandline_tool_that_gathers_information/
ISC Stormcast For Monday, August 15th, 2022 https://isc.sans.edu/podcastdetail.html?id=8130, (Mon, Aug 15th)
https://isc.sans.edu/diary/rss/28942
STrace: MIT Licensed Windows Reimplementation of DTrace
https://www.reddit.com/r/netsec/comments/won53u/strace_mit_licensed_windows_reimplementation_of/
Tornado Cash Developer Arrested After U.S. Sanctions the Cryptocurrency Mixer
https://thehackernews.com/2022/08/tornado-cash-developer-arrested-after.html
Process injection: breaking all macOS security layers with a single vulnerability
https://www.reddit.com/r/netsec/comments/woki2o/process_injection_breaking_all_macos_security/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Privilege escalation.
Host Rick Howard explains Identity and Access Management (IAM).
Top Security News for 16/08/2022
Attacking Google's Titan M Security Key with Only One Byte
https://www.reddit.com/r/netsec/comments/woqida/attacking_googles_titan_m_security_key_with_only/
SOVA Android Banking Trojan Returns With New Capabilities and Targets
https://thehackernews.com/2022/08/sova-android-banking-trojan-returns-new.html
EvilPLC Attack: Using a PLC to Gain Code Execution on Engineering Workstation
https://www.reddit.com/r/netsec/comments/woybqk/evilplc_attack_using_a_plc_to_gain_code_execution/
Iron Tiger's supply chain campaign. TikTok and espionage. Shuckworm's focus on Ukraine. Killnet's dubious proof-of-work.
https://thecyberwire.com/newsletters/daily-briefing/11/156
SOVA Android malware now also encrypts victims’ files
https://securityaffairs.co/wordpress/134392/malware/sova-android-malware-v5.html
Shuckworm and Killnet continue to hack in the interest of Russia. Iron Tiger's supply chain campaign. TikTok and national security. And an arrest in the case of the Tornado Cash crypto mixer.
https://thecyberwire.com/podcasts/daily-podcast/1641/notes
A week in security (August 8 - August 14)
https://www.malwarebytes.com/blog/news/2022/08/a-week-in-security-august-8-august-14
Google pays up for misrepresenting customer data handling. Update on the alleged AT&T data breach. Outdated Veterans Affairs platform putting patient data at risk.
https://thecyberwire.com/newsletters/privacy-briefing/4/156
Signals and Space: USAF and NRO coordinate space operations as they expand use of commercial services. Space conflict. Small business opportunities.
https://thecyberwire.com/newsletters/signals-and-space/6/15
Tracking Internet facing Industrial Control System devices
https://www.reddit.com/r/netsec/comments/wp5dhh/tracking_internet_facing_industrial_control/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Attacking Google's Titan M Security Key with Only One Byte
https://www.reddit.com/r/netsec/comments/woqida/attacking_googles_titan_m_security_key_with_only/
SOVA Android Banking Trojan Returns With New Capabilities and Targets
https://thehackernews.com/2022/08/sova-android-banking-trojan-returns-new.html
EvilPLC Attack: Using a PLC to Gain Code Execution on Engineering Workstation
https://www.reddit.com/r/netsec/comments/woybqk/evilplc_attack_using_a_plc_to_gain_code_execution/
Iron Tiger's supply chain campaign. TikTok and espionage. Shuckworm's focus on Ukraine. Killnet's dubious proof-of-work.
https://thecyberwire.com/newsletters/daily-briefing/11/156
SOVA Android malware now also encrypts victims’ files
https://securityaffairs.co/wordpress/134392/malware/sova-android-malware-v5.html
Shuckworm and Killnet continue to hack in the interest of Russia. Iron Tiger's supply chain campaign. TikTok and national security. And an arrest in the case of the Tornado Cash crypto mixer.
https://thecyberwire.com/podcasts/daily-podcast/1641/notes
A week in security (August 8 - August 14)
https://www.malwarebytes.com/blog/news/2022/08/a-week-in-security-august-8-august-14
Google pays up for misrepresenting customer data handling. Update on the alleged AT&T data breach. Outdated Veterans Affairs platform putting patient data at risk.
https://thecyberwire.com/newsletters/privacy-briefing/4/156
Signals and Space: USAF and NRO coordinate space operations as they expand use of commercial services. Space conflict. Small business opportunities.
https://thecyberwire.com/newsletters/signals-and-space/6/15
Tracking Internet facing Industrial Control System devices
https://www.reddit.com/r/netsec/comments/wp5dhh/tracking_internet_facing_industrial_control/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
reddit
Attacking Google's Titan M Security Key with Only One Byte
Posted in r/netsec by u/sanitybit • 171 points and 10 comments
Top Security News for 16/08/2022
Credential Theft Is (Still) A Top Attack Method
https://thehackernews.com/2022/08/credential-theft-is-still-top-attack.html
3 ways China's access to TikTok data is a security risk
https://www.csoonline.com/article/3670110/3-ways-chinas-access-to-tiktok-data-is-a-security-risk.html#tk.rss_all
Why Action Bias Is Damaging Your Security Response
https://www.reddit.com/r/netsec/comments/wp32zn/why_action_bias_is_damaging_your_security_response/
Signals and Space: USAF and NRO coordinate space operations as they expand use of commercial services. Space conflict. Small business opportunities.
https://thecyberwire.com/newsletters/signals-and-space/6/15
Top 5 security risks of Open RAN
https://www.csoonline.com/article/3670078/top-5-security-risks-of-open-ran.html#tk.rss_all
Newly Uncovered PyPI Package Drops Fileless Cryptominer to Linux Systems
https://thehackernews.com/2022/08/newly-uncovered-pypi-package-drops.html
EvilPLC Attack: Using a PLC to Gain Code Execution on Engineering Workstation
https://www.reddit.com/r/netsec/comments/woybqk/evilplc_attack_using_a_plc_to_gain_code_execution/
Viral video drives malvertising on social media platform
https://www.malwarebytes.com/blog/threat-intelligence/2022/08/viral-video-drives-malvertising-on-social-media-platform
IT threat evolution in Q2 2022. Mobile statistics
https://securelist.com/it-threat-evolution-in-q2-2022-mobile-statistics/107123/
Tracking Internet facing Industrial Control System devices
https://www.reddit.com/r/netsec/comments/wp5dhh/tracking_internet_facing_industrial_control/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Credential Theft Is (Still) A Top Attack Method
https://thehackernews.com/2022/08/credential-theft-is-still-top-attack.html
3 ways China's access to TikTok data is a security risk
https://www.csoonline.com/article/3670110/3-ways-chinas-access-to-tiktok-data-is-a-security-risk.html#tk.rss_all
Why Action Bias Is Damaging Your Security Response
https://www.reddit.com/r/netsec/comments/wp32zn/why_action_bias_is_damaging_your_security_response/
Signals and Space: USAF and NRO coordinate space operations as they expand use of commercial services. Space conflict. Small business opportunities.
https://thecyberwire.com/newsletters/signals-and-space/6/15
Top 5 security risks of Open RAN
https://www.csoonline.com/article/3670078/top-5-security-risks-of-open-ran.html#tk.rss_all
Newly Uncovered PyPI Package Drops Fileless Cryptominer to Linux Systems
https://thehackernews.com/2022/08/newly-uncovered-pypi-package-drops.html
EvilPLC Attack: Using a PLC to Gain Code Execution on Engineering Workstation
https://www.reddit.com/r/netsec/comments/woybqk/evilplc_attack_using_a_plc_to_gain_code_execution/
Viral video drives malvertising on social media platform
https://www.malwarebytes.com/blog/threat-intelligence/2022/08/viral-video-drives-malvertising-on-social-media-platform
IT threat evolution in Q2 2022. Mobile statistics
https://securelist.com/it-threat-evolution-in-q2-2022-mobile-statistics/107123/
Tracking Internet facing Industrial Control System devices
https://www.reddit.com/r/netsec/comments/wp5dhh/tracking_internet_facing_industrial_control/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO Online
3 ways China's access to TikTok data is a security risk
The security community weighs in on real-world scenarios in which China or other nations could operationalize data collected by online platforms and how to mitigate the risk.
👍1
Top Security News for 17/08/2022
RubyGems Makes Multi-Factor Authentication Mandatory for Top Package Maintainers
https://thehackernews.com/2022/08/rubygems-makes-multi-factor.html
ASEC Weekly Malware Statistics (August 1st, 2022 – August 7th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-august-1st-2022-august-7th-2022/62673/1
Russian State Hackers Continue to Attack Ukrainian Entities with Infostealer Malware
https://thehackernews.com/2022/08/russian-state-hackers-continue-to.html
Microsoft Warns About Phishing Attacks by Russia-linked Hackers
https://thehackernews.com/2022/08/microsoft-warns-about-phishing-attacks.html
Two more malicious Python packages in the PyPI
https://securelist.com/two-more-malicious-python-packages-in-the-pypi/107218/
Signal informs customers of third-party data breach. North Carolina healthcare system says Meta Pixel exposed patient data. Shanghai COVID-19 app allegedly hacked.
https://thecyberwire.com/podcasts/privacy-briefing/648/notes
U.K. Water Supplier Hit With Clop Ransomware Attack
https://packetstormsecurity.com/news/view/33738/U.K.-Water-Supplier-Hit-With-Clop-Ransomware-Attack.html
New Evil PLC Attack Weaponizes PLCs to Breach OT and Enterprise Networks
https://thehackernews.com/2022/08/new-evil-plc-attack-weaponizes-plcs-to.html
A Deep Dive Into Black Basta Ransomware
https://www.reddit.com/r/netsec/comments/wpv3r0/a_deep_dive_into_black_basta_ransomware/
RedAlpha targets think tanks and humanitarian organizations. Golden Chickens operator discovered. BlueSky ransomware rapidly encrypts data.
https://thecyberwire.com/podcasts/research-briefing/130/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
RubyGems Makes Multi-Factor Authentication Mandatory for Top Package Maintainers
https://thehackernews.com/2022/08/rubygems-makes-multi-factor.html
ASEC Weekly Malware Statistics (August 1st, 2022 – August 7th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-august-1st-2022-august-7th-2022/62673/1
Russian State Hackers Continue to Attack Ukrainian Entities with Infostealer Malware
https://thehackernews.com/2022/08/russian-state-hackers-continue-to.html
Microsoft Warns About Phishing Attacks by Russia-linked Hackers
https://thehackernews.com/2022/08/microsoft-warns-about-phishing-attacks.html
Two more malicious Python packages in the PyPI
https://securelist.com/two-more-malicious-python-packages-in-the-pypi/107218/
Signal informs customers of third-party data breach. North Carolina healthcare system says Meta Pixel exposed patient data. Shanghai COVID-19 app allegedly hacked.
https://thecyberwire.com/podcasts/privacy-briefing/648/notes
U.K. Water Supplier Hit With Clop Ransomware Attack
https://packetstormsecurity.com/news/view/33738/U.K.-Water-Supplier-Hit-With-Clop-Ransomware-Attack.html
New Evil PLC Attack Weaponizes PLCs to Breach OT and Enterprise Networks
https://thehackernews.com/2022/08/new-evil-plc-attack-weaponizes-plcs-to.html
A Deep Dive Into Black Basta Ransomware
https://www.reddit.com/r/netsec/comments/wpv3r0/a_deep_dive_into_black_basta_ransomware/
RedAlpha targets think tanks and humanitarian organizations. Golden Chickens operator discovered. BlueSky ransomware rapidly encrypts data.
https://thecyberwire.com/podcasts/research-briefing/130/notes
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
ASEC Weekly Malware Statistics (August 1st, 2022 – August 7th, 2022)
The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from August 1st, 2022 (Monday) to August 7th, 2022 (Sunday). For the main category, info…
Top Security News for 17/08/2022
Suing Spam Texters for Fun and Profit
https://www.vice.com/en_us/article/jgp5ak/suing-spam-texters-for-fun-and-profit
Vulnerability eXploitability Exchange explained: How VEX makes SBOMs actionable
https://www.csoonline.com/article/3669810/vulnerability-exploitability-exchange-explained-how-vex-makes-sboms-actionable.html#tk.rss_all
ISC Stormcast For Wednesday, August 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8134, (Wed, Aug 17th)
https://isc.sans.edu/diary/rss/28948
What is Private DNS Mode on Android and how do you enable it?
https://malware.news/t/what-is-private-dns-mode-on-android-and-how-do-you-enable-it/62671/1
Threat in your browser: what dangers innocent-looking extensions hold for users
https://securelist.com/threat-in-your-browser-extensions/107181/
U.K. Water Supplier Hit With Clop Ransomware Attack
https://packetstormsecurity.com/news/view/33738/U.K.-Water-Supplier-Hit-With-Clop-Ransomware-Attack.html
ISC StormCast for Wednesday, August 17th, 2022
https://isc.sans.edu/podcastdetail.html?id=8134
ASEC Weekly Malware Statistics (August 1st, 2022 – August 7th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-august-1st-2022-august-7th-2022/62673/1
RedAlpha update. Evil PLC proof-of-concept . Cl0p hits English water utility. "SEABORGIUM" Russian cyberespionage activity.
https://thecyberwire.com/newsletters/daily-briefing/11/157
SOVA malware is back and is evolving rapidly
https://www.reddit.com/r/netsec/comments/wpognw/sova_malware_is_back_and_is_evolving_rapidly/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Suing Spam Texters for Fun and Profit
https://www.vice.com/en_us/article/jgp5ak/suing-spam-texters-for-fun-and-profit
Vulnerability eXploitability Exchange explained: How VEX makes SBOMs actionable
https://www.csoonline.com/article/3669810/vulnerability-exploitability-exchange-explained-how-vex-makes-sboms-actionable.html#tk.rss_all
ISC Stormcast For Wednesday, August 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8134, (Wed, Aug 17th)
https://isc.sans.edu/diary/rss/28948
What is Private DNS Mode on Android and how do you enable it?
https://malware.news/t/what-is-private-dns-mode-on-android-and-how-do-you-enable-it/62671/1
Threat in your browser: what dangers innocent-looking extensions hold for users
https://securelist.com/threat-in-your-browser-extensions/107181/
U.K. Water Supplier Hit With Clop Ransomware Attack
https://packetstormsecurity.com/news/view/33738/U.K.-Water-Supplier-Hit-With-Clop-Ransomware-Attack.html
ISC StormCast for Wednesday, August 17th, 2022
https://isc.sans.edu/podcastdetail.html?id=8134
ASEC Weekly Malware Statistics (August 1st, 2022 – August 7th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-august-1st-2022-august-7th-2022/62673/1
RedAlpha update. Evil PLC proof-of-concept . Cl0p hits English water utility. "SEABORGIUM" Russian cyberespionage activity.
https://thecyberwire.com/newsletters/daily-briefing/11/157
SOVA malware is back and is evolving rapidly
https://www.reddit.com/r/netsec/comments/wpognw/sova_malware_is_back_and_is_evolving_rapidly/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Vice
Suing Spam Texters for Fun and Profit
An interview with David Weekly, the man who sued a spam texter for $1,200 and won.
Top Security News for 23/08/2022
Keylogger or debugger? Data breach adds insult to injury for injured workers. US medical data breaches rise.
https://thecyberwire.com/podcasts/privacy-briefing/652/notes
"As Nasty as Dirty Pipe" — 8 Year Old Linux Kernel Vulnerability Uncovered
https://thehackernews.com/2022/08/as-nasty-as-dirty-pipe-8-year-old-linux.html
New Air-Gap Attack Uses MEMS Gyroscope Ultrasonic Covert Channel to Leak Data
https://thehackernews.com/2022/08/new-air-gap-attack-uses-mems-gyroscope.html
STRIDE Threat Modelling vs DREAD Threat Modelling
https://www.reddit.com/r/netsec/comments/wune8n/stride_threat_modelling_vs_dread_threat_modelling/
Criminals socially engineer their way to bank details with fake arrest warrants
https://www.malwarebytes.com/blog/news/2022/08/criminals-socially-engineer-their-way-to-bank-details-with-fake-arrest-warrants
Cyber Signals: Defend against the new ransomware landscape
https://www.microsoft.com/security/blog/2022/08/22/cyber-signals-defend-against-the-new-ransomware-landscape/
Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools
https://www.microsoft.com/security/blog/2022/08/22/microsoft-recognized-as-a-leader-in-the-2022-gartner-magic-quadrant-for-unified-endpoint-management-tools/
Information Security Checklist for Small to Medium Organizations
https://www.reddit.com/r/netsec/comments/wv81pp/information_security_checklist_for_small_to/
Trivy: Enhanced with AWS scan integration
https://www.reddit.com/r/netsec/comments/wumn8c/trivy_enhanced_with_aws_scan_integration/
Hackers Stole Crypto from Bitcoin ATMs by Exploiting Zero-Day Vulnerability
https://thehackernews.com/2022/08/hackers-stole-crypto-from-bitcoin-atms.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Keylogger or debugger? Data breach adds insult to injury for injured workers. US medical data breaches rise.
https://thecyberwire.com/podcasts/privacy-briefing/652/notes
"As Nasty as Dirty Pipe" — 8 Year Old Linux Kernel Vulnerability Uncovered
https://thehackernews.com/2022/08/as-nasty-as-dirty-pipe-8-year-old-linux.html
New Air-Gap Attack Uses MEMS Gyroscope Ultrasonic Covert Channel to Leak Data
https://thehackernews.com/2022/08/new-air-gap-attack-uses-mems-gyroscope.html
STRIDE Threat Modelling vs DREAD Threat Modelling
https://www.reddit.com/r/netsec/comments/wune8n/stride_threat_modelling_vs_dread_threat_modelling/
Criminals socially engineer their way to bank details with fake arrest warrants
https://www.malwarebytes.com/blog/news/2022/08/criminals-socially-engineer-their-way-to-bank-details-with-fake-arrest-warrants
Cyber Signals: Defend against the new ransomware landscape
https://www.microsoft.com/security/blog/2022/08/22/cyber-signals-defend-against-the-new-ransomware-landscape/
Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools
https://www.microsoft.com/security/blog/2022/08/22/microsoft-recognized-as-a-leader-in-the-2022-gartner-magic-quadrant-for-unified-endpoint-management-tools/
Information Security Checklist for Small to Medium Organizations
https://www.reddit.com/r/netsec/comments/wv81pp/information_security_checklist_for_small_to/
Trivy: Enhanced with AWS scan integration
https://www.reddit.com/r/netsec/comments/wumn8c/trivy_enhanced_with_aws_scan_integration/
Hackers Stole Crypto from Bitcoin ATMs by Exploiting Zero-Day Vulnerability
https://thehackernews.com/2022/08/hackers-stole-crypto-from-bitcoin-atms.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The CyberWire
Keylogger or debugger? Data breach adds insult to injury for injured workers. US medical data breaches rise.
TikTok’s in-app browser includes a keylogger…but the app says it’s only for debugging. Data breach adds insult to injury for wounded workers. US medical data breaches continue to rise.
Top Security News for 23/08/2022
Trivy: Enhanced with AWS scan integration
https://www.reddit.com/r/netsec/comments/wumn8c/trivy_enhanced_with_aws_scan_integration/
CISA wants you to patch these actively exploited vulnerabilities before September 8
https://www.malwarebytes.com/blog/news/2022/08/cisa-wants-you-to-patch-these-actively-exploited-vulnerabilities-before-september-8
Criminals socially engineer their way to bank details with fake arrest warrants
https://www.malwarebytes.com/blog/news/2022/08/criminals-socially-engineer-their-way-to-bank-details-with-fake-arrest-warrants
7 critical steps for successful security onboarding
https://www.csoonline.com/article/3669849/7-critical-steps-for-successful-security-onboarding.html#tk.rss_all
Reddit users crowdsourcing explicit images and identities
https://www.malwarebytes.com/blog/news/2022/08/reddit-users-crowdsourcing-explicit-images-and-identities
RTLS Systems Found Vulnerable to MiTM Attacks and Location Tampering
https://thehackernews.com/2022/08/rtls-systems-found-vulnerable-to-mitm.html
Dell security advisory (AV22-465)
https://malware.news/t/dell-security-advisory-av22-465/62798/1
A week in security (August 15 - August 21)
https://www.malwarebytes.com/blog/news/2022/08/a-week-in-security-august-15-august-21
Microsegmentation (noun)
https://thecyberwire.com/podcasts/word-notes/113/notes
IBM security advisory (AV22-464)
https://malware.news/t/ibm-security-advisory-av22-464/62799/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Trivy: Enhanced with AWS scan integration
https://www.reddit.com/r/netsec/comments/wumn8c/trivy_enhanced_with_aws_scan_integration/
CISA wants you to patch these actively exploited vulnerabilities before September 8
https://www.malwarebytes.com/blog/news/2022/08/cisa-wants-you-to-patch-these-actively-exploited-vulnerabilities-before-september-8
Criminals socially engineer their way to bank details with fake arrest warrants
https://www.malwarebytes.com/blog/news/2022/08/criminals-socially-engineer-their-way-to-bank-details-with-fake-arrest-warrants
7 critical steps for successful security onboarding
https://www.csoonline.com/article/3669849/7-critical-steps-for-successful-security-onboarding.html#tk.rss_all
Reddit users crowdsourcing explicit images and identities
https://www.malwarebytes.com/blog/news/2022/08/reddit-users-crowdsourcing-explicit-images-and-identities
RTLS Systems Found Vulnerable to MiTM Attacks and Location Tampering
https://thehackernews.com/2022/08/rtls-systems-found-vulnerable-to-mitm.html
Dell security advisory (AV22-465)
https://malware.news/t/dell-security-advisory-av22-465/62798/1
A week in security (August 15 - August 21)
https://www.malwarebytes.com/blog/news/2022/08/a-week-in-security-august-15-august-21
Microsegmentation (noun)
https://thecyberwire.com/podcasts/word-notes/113/notes
IBM security advisory (AV22-464)
https://malware.news/t/ibm-security-advisory-av22-464/62799/1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Trivy: Enhanced with AWS scan integration
Explore this post and more from the netsec community
Top Security News for 24/08/2022
Chainsaw 2.0: Allows users to rapidly search through Windows event logs and hunt for threats using Sigma detection rules.
https://www.reddit.com/r/netsec/comments/wvs9e7/chainsaw_20_allows_users_to_rapidly_search/
Google Uncovers Tool Used by Iranian Hackers to Steal Data from Email Accounts
https://thehackernews.com/2022/08/google-uncovers-tool-used-by-iranian.html
But You Told Me You Were Safe: Attacking the Mozilla Firefox Renderer (Part 2)
https://www.reddit.com/r/netsec/comments/wvzq0t/but_you_told_me_you_were_safe_attacking_the/
Here’s how to use Intel 471 with existing intelligence frameworks
https://malware.news/t/here-s-how-to-use-intel-471-with-existing-intelligence-frameworks/62838/1
AsyncRAT Being Distributed in Fileless Form
https://malware.news/t/asyncrat-being-distributed-in-fileless-form/62837/1
BrandPost: 5 Signs the World Isn’t Paying Enough Attention to 5G Security
https://www.csoonline.com/article/3670573/5-signs-the-world-isn-t-paying-enough-attention-to-5g-security.html#tk.rss_all
A multidimensional approach to journalism security
https://www.microsoft.com/security/blog/2022/08/23/a-multidimensional-approach-to-journalism-security/
XCSSET Malware Updates with Python 3 to Target macOS Monterey Users
https://thehackernews.com/2022/08/xcsset-malware-updates-with-python-3-to.html
HTTP header Blind SQL injection Example
https://www.reddit.com/r/netsec/comments/wvhkyt/http_header_blind_sql_injection_example/
bomber - a vulnerability scanner for SBOMs
https://www.reddit.com/r/netsec/comments/wvzdt5/bomber_a_vulnerability_scanner_for_sboms/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Chainsaw 2.0: Allows users to rapidly search through Windows event logs and hunt for threats using Sigma detection rules.
https://www.reddit.com/r/netsec/comments/wvs9e7/chainsaw_20_allows_users_to_rapidly_search/
Google Uncovers Tool Used by Iranian Hackers to Steal Data from Email Accounts
https://thehackernews.com/2022/08/google-uncovers-tool-used-by-iranian.html
But You Told Me You Were Safe: Attacking the Mozilla Firefox Renderer (Part 2)
https://www.reddit.com/r/netsec/comments/wvzq0t/but_you_told_me_you_were_safe_attacking_the/
Here’s how to use Intel 471 with existing intelligence frameworks
https://malware.news/t/here-s-how-to-use-intel-471-with-existing-intelligence-frameworks/62838/1
AsyncRAT Being Distributed in Fileless Form
https://malware.news/t/asyncrat-being-distributed-in-fileless-form/62837/1
BrandPost: 5 Signs the World Isn’t Paying Enough Attention to 5G Security
https://www.csoonline.com/article/3670573/5-signs-the-world-isn-t-paying-enough-attention-to-5g-security.html#tk.rss_all
A multidimensional approach to journalism security
https://www.microsoft.com/security/blog/2022/08/23/a-multidimensional-approach-to-journalism-security/
XCSSET Malware Updates with Python 3 to Target macOS Monterey Users
https://thehackernews.com/2022/08/xcsset-malware-updates-with-python-3-to.html
HTTP header Blind SQL injection Example
https://www.reddit.com/r/netsec/comments/wvhkyt/http_header_blind_sql_injection_example/
bomber - a vulnerability scanner for SBOMs
https://www.reddit.com/r/netsec/comments/wvzdt5/bomber_a_vulnerability_scanner_for_sboms/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Chainsaw 2.0: Allows users to rapidly search through Windows event logs and hunt for threats…
Explore this post and more from the netsec community
Top Security News for 24/08/2022
BrandPost: Securing Critical Applications Running in the Cloud
https://www.csoonline.com/article/3670555/securing-critical-applications-running-in-the-cloud.html#tk.rss_all
Security Alert: Alert Regarding Vulnerability in Movable Type XMLRPC API
https://malware.news/t/security-alert-alert-regarding-vulnerability-in-movable-type-xmlrpc-api/62839/1
AsyncRAT Being Distributed in Fileless Form
https://malware.news/t/asyncrat-being-distributed-in-fileless-form/62837/1
BitRAT and XMRig CoinMiner Being Distributed via Windows License Verification Tool
https://malware.news/t/bitrat-and-xmrig-coinminer-being-distributed-via-windows-license-verification-tool/62836/1
SUMMER ISSUE OF 2600 RELEASED
https://www.2600.com/content/summer-issue-2600-released-17
Iranian APT data extraction tool described. LockBit gang comes under DDoS. Twitter whistleblower security claims made public. Greek natural gas supplier under cyberattack. Updates on a hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1647/notes
ISC StormCast for Wednesday, August 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8144
SBOM 101 - All the questions you were afraid to ask Software Bill of Materials
https://www.reddit.com/r/netsec/comments/wvr7g8/sbom_101_all_the_questions_you_were_afraid_to_ask/
How Twitter’s whistleblower could boost Elon Musk’s legal battle
https://www.theguardian.com/technology/2022/aug/23/twitter-whistleblower-elon-musk-termination-penalty
Cybersecurity researchers have discovered multiple ongoing malware distribution campaigns that target internet users who seek to download copies of pirated software.
https://www.reddit.com/r/Malware/comments/ww640p/cybersecurity_researchers_have_discovered/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
BrandPost: Securing Critical Applications Running in the Cloud
https://www.csoonline.com/article/3670555/securing-critical-applications-running-in-the-cloud.html#tk.rss_all
Security Alert: Alert Regarding Vulnerability in Movable Type XMLRPC API
https://malware.news/t/security-alert-alert-regarding-vulnerability-in-movable-type-xmlrpc-api/62839/1
AsyncRAT Being Distributed in Fileless Form
https://malware.news/t/asyncrat-being-distributed-in-fileless-form/62837/1
BitRAT and XMRig CoinMiner Being Distributed via Windows License Verification Tool
https://malware.news/t/bitrat-and-xmrig-coinminer-being-distributed-via-windows-license-verification-tool/62836/1
SUMMER ISSUE OF 2600 RELEASED
https://www.2600.com/content/summer-issue-2600-released-17
Iranian APT data extraction tool described. LockBit gang comes under DDoS. Twitter whistleblower security claims made public. Greek natural gas supplier under cyberattack. Updates on a hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1647/notes
ISC StormCast for Wednesday, August 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8144
SBOM 101 - All the questions you were afraid to ask Software Bill of Materials
https://www.reddit.com/r/netsec/comments/wvr7g8/sbom_101_all_the_questions_you_were_afraid_to_ask/
How Twitter’s whistleblower could boost Elon Musk’s legal battle
https://www.theguardian.com/technology/2022/aug/23/twitter-whistleblower-elon-musk-termination-penalty
Cybersecurity researchers have discovered multiple ongoing malware distribution campaigns that target internet users who seek to download copies of pirated software.
https://www.reddit.com/r/Malware/comments/ww640p/cybersecurity_researchers_have_discovered/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
CSO
Securing Critical Applications Running in the Cloud
According to the 2022 Cloud Security Report, 40% of enterprises now run more than half of their workloads in the cloud. And that percentage is expected to increase to nearly 60% by 2024.