Top Security News for 11/08/2022

HPE security advisory (AV22-449)
https://malware.news/t/hpe-security-advisory-av22-449/62545/1

CISA should split from DHS or made part of broader ‘Digital Agency’: Fmr Director Chris Krebs
https://malware.news/t/cisa-should-split-from-dhs-or-made-part-of-broader-digital-agency-fmr-director-chris-krebs/62547/1

8 tips to secure printers on your network
https://www.csoonline.com/article/3669233/8-tips-to-secure-printers-on-your-network.html#tk.rss_all

Get Dashlane Premium password manager for 3 mo for $1
https://malware.news/t/get-dashlane-premium-password-manager-for-3-mo-for-1/62546/1

Former Twitter Employee Found Guilty of Spying for Saudi Arabia
https://thehackernews.com/2022/08/former-twitter-employee-found-guilty-of.html

NEW 'Off The Hook' ONLINE
https://www.2600.com/hook/10-08-2022

Ex Twitter employee found guilty of spying for Saudi Arabian government
https://securityaffairs.co/wordpress/134266/intelligence/ex-twitter-employee-guilty.html

Cyber Threats Warrant a Government Reorganization, Former CISA Head Says
https://malware.news/t/cyber-threats-warrant-a-government-reorganization-former-cisa-head-says/62548/1

ISC StormCast for Thursday, August 11th, 2022
https://isc.sans.edu/podcastdetail.html?id=8126

The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I)
https://googleprojectzero.blogspot.com/2022/08/the-quantum-state-of-linux-kernel.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 12/08/2022

Critical Flaws Disclosed in Device42 IT Asset Management Software
https://thehackernews.com/2022/08/critical-flaws-disclosed-in-device42-it.html

Update now! Microsoft fixes two zero-days in August's Patch Tuesday
https://www.malwarebytes.com/blog/news/2022/08/update-now-patch-tuesday-august-2022

Slack flaw exposed users' hashed passwords
https://www.malwarebytes.com/blog/news/2022/08/slack-flaw-exposed-users-hashed-passwords

CISA Alert AA22-223A – #StopRansomware: Zeppelin Ransomware.
https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/27/notes

Summer of exploitation leads to healthcare under fire
https://www.malwarebytes.com/blog/news/2022/08/summer-of-exploitation-leads-to-healthcare-under-fire

How a Venezuelan disinformation campaign swayed voters in Colombia
https://www.csoonline.com/article/3669392/how-a-venezuelan-disinformation-campaign-swayed-voters-in-colombia.html#tk.rss_all

DHS says to update your Emergency Alert Systems immediately
https://www.malwarebytes.com/blog/news/2022/08/dhs-says-to-update-your-emergency-alert-systems-immediately

NHS IT Supplier Held To Ransom By Hackers
https://packetstormsecurity.com/news/view/33724/NHS-IT-Supplier-Held-To-Ransom-By-Hackers.html

Monster Libra (TA551/Shathak) pushes IcedID (Bokbot) with Dark VNC and Cobalt Strike, (Fri, Aug 12th)
https://malware.news/t/monster-libra-ta551-shathak-pushes-icedid-bokbot-with-dark-vnc-and-cobalt-strike-fri-aug-12th/62585/1

Cisco Confirms It's Been Hacked by Yanluowang Ransomware Gang
https://thehackernews.com/2022/08/cisco-confirms-its-been-hacked-by.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 13/08/2022

Twitter exploit may have compromised more than 5 million accounts. Cyberattack disrupts NHS 111. Twilio discloses data breach.
https://thecyberwire.com/newsletters/week-that-was/6/32

Seller, beware. College network intrusion results in data compromise. AT&T denies stolen data came from an internal breach.
https://thecyberwire.com/podcasts/privacy-briefing/646/notes

‘It Could Be Anything’: Experts Tell Us What Kind of Nuclear Secrets Could Trump Steal
https://www.vice.com/en_us/article/wxnjz9/it-could-be-anything-experts-tell-us-what-kind-of-nuclear-secrets-could-trump-steal

Matthew Warner from Blumira CTO discusses avoiding burnout in the IT industry.
https://thecyberwire.com/podcasts/interview-selects/123/notes

CISA orders civilian agencies to patch Zimbra bug after mass exploitation
https://malware.news/t/cisa-orders-civilian-agencies-to-patch-zimbra-bug-after-mass-exploitation/62605/1

Ukraine at D+169: Partisans, both kinetic and cyber.
https://thecyberwire.com/stories/c311954525a64eaaa0d316de77a3e302/ukraine-at-d169-partisans-both-kinetic-and-cyber

‘We Plan to Run Over the Child on Saturday’: Elon Musk Stans Are Trying to Debunk a Tesla Full Self-Driving Safety Video
https://www.vice.com/en_us/article/88qx8z/tesla-fans-mad-over-video-of-tesla-mowing-down-toddler-mannequin-in-full-self-driving-mode

AT&T denies connection to database of 23 million SSNs, says it may be tied to credit agency breach
https://malware.news/t/at-t-denies-connection-to-database-of-23-million-ssns-says-it-may-be-tied-to-credit-agency-breach/62602/1

Researchers Warn of Ongoing Mass Exploitation of Zimbra RCE Vulnerability
https://thehackernews.com/2022/08/researchers-warn-of-ongoing-mass.html

Black Hat 2022‑ Cyberdefense in a global threats era
https://malware.news/t/black-hat-2022-cyberdefense-in-a-global-threats-era/62607/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 14/08/2022

How I Hacked my Car
https://www.reddit.com/r/netsec/comments/wneyca/how_i_hacked_my_car/

Christian Lees: it's not always textbook. [CTO]
https://thecyberwire.com/podcasts/career-notes/112/notes

Starlink-FI: Starlink User Terminal Modchip
https://www.reddit.com/r/lowlevel/comments/wnxvi0/starlinkfi_starlink_user_terminal_modchip/

Malware sandbox evasion in x64 assembly by checking ram size - Part 1
https://www.reddit.com/r/Malware/comments/wnmsik/malware_sandbox_evasion_in_x64_assembly_by/

Phishing HTML Attachment as Voicemail Audio Transcription, (Sat, Aug 13th)
https://malware.news/t/phishing-html-attachment-as-voicemail-audio-transcription-sat-aug-13th/62611/1

Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users
https://thehackernews.com/2022/08/chinese-hackers-backdoored-mimi-chat.html

How Can I be a Professional Hacker
https://0x00sec.org/t/how-can-i-be-a-professional-hacker/30680

Three flaws allow attackers to bypass UEFI Secure Boot feature
https://securityaffairs.co/wordpress/134334/hacking/uefi-secure-boot-feature-flaw.html

Send raw requests via sockets
https://0x00sec.org/t/send-raw-requests-via-sockets/30670

Who "Owns" Your Infrastructure?
https://malware.news/t/who-owns-your-infrastructure/62610/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 15/08/2022

Adversary playbooks and cybersecurity first principles, with Rick Howard.
https://thecyberwire.com/podcasts/cso-perspectives-public/57/notes

Process injection: breaking all macOS security layers with a single vulnerability
https://www.reddit.com/r/netsec/comments/woki2o/process_injection_breaking_all_macos_security/

Privilege escalation.
https://thecyberwire.com/stories/5f7c0bc7edba4759b0ba1935a9aa1992/privilege-escalation

From Oscilloscope to Wireshark
https://www.reddit.com/r/netsec/comments/wojl4m/from_oscilloscope_to_wireshark/

wtfis - A commandline tool that gathers information about a domain or FQDN using various OSINT services and displays them formatted for human consumption.
https://www.reddit.com/r/netsec/comments/wojqnv/wtfis_a_commandline_tool_that_gathers_information/

ISC StormCast for Monday, August 15th, 2022
https://isc.sans.edu/podcastdetail.html?id=8130

Just starting out
https://www.reddit.com/r/Malware/comments/woicue/just_starting_out/

HijackLibs: an open-source, community-driven project tracking DLL Hijacking opportunities in in Windows
https://www.reddit.com/r/netsec/comments/wonmht/hijacklibs_an_opensource_communitydriven_project/

The 5 best identity theft protection and credit monitoring services of 2022
https://malware.news/t/the-5-best-identity-theft-protection-and-credit-monitoring-services-of-2022/62615/1

NthLink VPN found to be regular shadowsocks using same pre-shared keys for all users
https://www.reddit.com/r/netsec/comments/wolk9s/nthlink_vpn_found_to_be_regular_shadowsocks_using/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 15/08/2022

Privilege escalation.
https://thecyberwire.com/stories/5f7c0bc7edba4759b0ba1935a9aa1992/privilege-escalation

Adversary playbooks and cybersecurity first principles, with Rick Howard.
https://thecyberwire.com/podcasts/cso-perspectives-public/57/notes

NthLink VPN found to be regular shadowsocks using same pre-shared keys for all users
https://www.reddit.com/r/netsec/comments/wolk9s/nthlink_vpn_found_to_be_regular_shadowsocks_using/

Just starting out
https://www.reddit.com/r/Malware/comments/woicue/just_starting_out/

ISC StormCast for Monday, August 15th, 2022
https://isc.sans.edu/podcastdetail.html?id=8130

wtfis - A commandline tool that gathers information about a domain or FQDN using various OSINT services and displays them formatted for human consumption.
https://www.reddit.com/r/netsec/comments/wojqnv/wtfis_a_commandline_tool_that_gathers_information/

ISC Stormcast For Monday, August 15th, 2022 https://isc.sans.edu/podcastdetail.html?id=8130, (Mon, Aug 15th)
https://isc.sans.edu/diary/rss/28942

STrace: MIT Licensed Windows Reimplementation of DTrace
https://www.reddit.com/r/netsec/comments/won53u/strace_mit_licensed_windows_reimplementation_of/

Tornado Cash Developer Arrested After U.S. Sanctions the Cryptocurrency Mixer
https://thehackernews.com/2022/08/tornado-cash-developer-arrested-after.html

Process injection: breaking all macOS security layers with a single vulnerability
https://www.reddit.com/r/netsec/comments/woki2o/process_injection_breaking_all_macos_security/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 16/08/2022

Attacking Google's Titan M Security Key with Only One Byte
https://www.reddit.com/r/netsec/comments/woqida/attacking_googles_titan_m_security_key_with_only/

SOVA Android Banking Trojan Returns With New Capabilities and Targets
https://thehackernews.com/2022/08/sova-android-banking-trojan-returns-new.html

EvilPLC Attack: Using a PLC to Gain Code Execution on Engineering Workstation
https://www.reddit.com/r/netsec/comments/woybqk/evilplc_attack_using_a_plc_to_gain_code_execution/

Iron Tiger's supply chain campaign. TikTok and espionage. Shuckworm's focus on Ukraine. Killnet's dubious proof-of-work.
https://thecyberwire.com/newsletters/daily-briefing/11/156

SOVA Android malware now also encrypts victims’ files
https://securityaffairs.co/wordpress/134392/malware/sova-android-malware-v5.html

Shuckworm and Killnet continue to hack in the interest of Russia. Iron Tiger's supply chain campaign. TikTok and national security. And an arrest in the case of the Tornado Cash crypto mixer.
https://thecyberwire.com/podcasts/daily-podcast/1641/notes

A week in security (August 8 - August 14)
https://www.malwarebytes.com/blog/news/2022/08/a-week-in-security-august-8-august-14

Google pays up for misrepresenting customer data handling. Update on the alleged AT&T data breach. Outdated Veterans Affairs platform putting patient data at risk.
https://thecyberwire.com/newsletters/privacy-briefing/4/156

Signals and Space: USAF and NRO coordinate space operations as they expand use of commercial services. Space conflict. Small business opportunities.
https://thecyberwire.com/newsletters/signals-and-space/6/15

Tracking Internet facing Industrial Control System devices
https://www.reddit.com/r/netsec/comments/wp5dhh/tracking_internet_facing_industrial_control/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 16/08/2022

Credential Theft Is (Still) A Top Attack Method
https://thehackernews.com/2022/08/credential-theft-is-still-top-attack.html

3 ways China's access to TikTok data is a security risk
https://www.csoonline.com/article/3670110/3-ways-chinas-access-to-tiktok-data-is-a-security-risk.html#tk.rss_all

Why Action Bias Is Damaging Your Security Response
https://www.reddit.com/r/netsec/comments/wp32zn/why_action_bias_is_damaging_your_security_response/

Signals and Space: USAF and NRO coordinate space operations as they expand use of commercial services. Space conflict. Small business opportunities.
https://thecyberwire.com/newsletters/signals-and-space/6/15

Top 5 security risks of Open RAN
https://www.csoonline.com/article/3670078/top-5-security-risks-of-open-ran.html#tk.rss_all

Newly Uncovered PyPI Package Drops Fileless Cryptominer to Linux Systems
https://thehackernews.com/2022/08/newly-uncovered-pypi-package-drops.html

EvilPLC Attack: Using a PLC to Gain Code Execution on Engineering Workstation
https://www.reddit.com/r/netsec/comments/woybqk/evilplc_attack_using_a_plc_to_gain_code_execution/

Viral video drives malvertising on social media platform
https://www.malwarebytes.com/blog/threat-intelligence/2022/08/viral-video-drives-malvertising-on-social-media-platform

IT threat evolution in Q2 2022. Mobile statistics
https://securelist.com/it-threat-evolution-in-q2-2022-mobile-statistics/107123/

Tracking Internet facing Industrial Control System devices
https://www.reddit.com/r/netsec/comments/wp5dhh/tracking_internet_facing_industrial_control/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 17/08/2022

RubyGems Makes Multi-Factor Authentication Mandatory for Top Package Maintainers
https://thehackernews.com/2022/08/rubygems-makes-multi-factor.html

ASEC Weekly Malware Statistics (August 1st, 2022 – August 7th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-august-1st-2022-august-7th-2022/62673/1

Russian State Hackers Continue to Attack Ukrainian Entities with Infostealer Malware
https://thehackernews.com/2022/08/russian-state-hackers-continue-to.html

Microsoft Warns About Phishing Attacks by Russia-linked Hackers
https://thehackernews.com/2022/08/microsoft-warns-about-phishing-attacks.html

Two more malicious Python packages in the PyPI
https://securelist.com/two-more-malicious-python-packages-in-the-pypi/107218/

Signal informs customers of third-party data breach. North Carolina healthcare system says Meta Pixel exposed patient data. Shanghai COVID-19 app allegedly hacked.
https://thecyberwire.com/podcasts/privacy-briefing/648/notes

U.K. Water Supplier Hit With Clop Ransomware Attack
https://packetstormsecurity.com/news/view/33738/U.K.-Water-Supplier-Hit-With-Clop-Ransomware-Attack.html

New Evil PLC Attack Weaponizes PLCs to Breach OT and Enterprise Networks
https://thehackernews.com/2022/08/new-evil-plc-attack-weaponizes-plcs-to.html

A Deep Dive Into Black Basta Ransomware
https://www.reddit.com/r/netsec/comments/wpv3r0/a_deep_dive_into_black_basta_ransomware/

RedAlpha targets think tanks and humanitarian organizations. Golden Chickens operator discovered. BlueSky ransomware rapidly encrypts data.
https://thecyberwire.com/podcasts/research-briefing/130/notes


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 17/08/2022

Suing Spam Texters for Fun and Profit
https://www.vice.com/en_us/article/jgp5ak/suing-spam-texters-for-fun-and-profit

Vulnerability eXploitability Exchange explained: How VEX makes SBOMs actionable
https://www.csoonline.com/article/3669810/vulnerability-exploitability-exchange-explained-how-vex-makes-sboms-actionable.html#tk.rss_all

ISC Stormcast For Wednesday, August 17th, 2022 https://isc.sans.edu/podcastdetail.html?id=8134, (Wed, Aug 17th)
https://isc.sans.edu/diary/rss/28948

What is Private DNS Mode on Android and how do you enable it?
https://malware.news/t/what-is-private-dns-mode-on-android-and-how-do-you-enable-it/62671/1

Threat in your browser: what dangers innocent-looking extensions hold for users
https://securelist.com/threat-in-your-browser-extensions/107181/

U.K. Water Supplier Hit With Clop Ransomware Attack
https://packetstormsecurity.com/news/view/33738/U.K.-Water-Supplier-Hit-With-Clop-Ransomware-Attack.html

ISC StormCast for Wednesday, August 17th, 2022
https://isc.sans.edu/podcastdetail.html?id=8134

ASEC Weekly Malware Statistics (August 1st, 2022 – August 7th, 2022)
https://malware.news/t/asec-weekly-malware-statistics-august-1st-2022-august-7th-2022/62673/1

RedAlpha update. Evil PLC proof-of-concept . Cl0p hits English water utility. "SEABORGIUM" Russian cyberespionage activity.
https://thecyberwire.com/newsletters/daily-briefing/11/157

SOVA malware is back and is evolving rapidly
https://www.reddit.com/r/netsec/comments/wpognw/sova_malware_is_back_and_is_evolving_rapidly/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 23/08/2022

Keylogger or debugger? Data breach adds insult to injury for injured workers. US medical data breaches rise.
https://thecyberwire.com/podcasts/privacy-briefing/652/notes

"As Nasty as Dirty Pipe" — 8 Year Old Linux Kernel Vulnerability Uncovered
https://thehackernews.com/2022/08/as-nasty-as-dirty-pipe-8-year-old-linux.html

New Air-Gap Attack Uses MEMS Gyroscope Ultrasonic Covert Channel to Leak Data
https://thehackernews.com/2022/08/new-air-gap-attack-uses-mems-gyroscope.html

STRIDE Threat Modelling vs DREAD Threat Modelling
https://www.reddit.com/r/netsec/comments/wune8n/stride_threat_modelling_vs_dread_threat_modelling/

Criminals socially engineer their way to bank details with fake arrest warrants
https://www.malwarebytes.com/blog/news/2022/08/criminals-socially-engineer-their-way-to-bank-details-with-fake-arrest-warrants

Cyber Signals: Defend against the new ransomware landscape
https://www.microsoft.com/security/blog/2022/08/22/cyber-signals-defend-against-the-new-ransomware-landscape/

Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools
https://www.microsoft.com/security/blog/2022/08/22/microsoft-recognized-as-a-leader-in-the-2022-gartner-magic-quadrant-for-unified-endpoint-management-tools/

Information Security Checklist for Small to Medium Organizations
https://www.reddit.com/r/netsec/comments/wv81pp/information_security_checklist_for_small_to/

Trivy: Enhanced with AWS scan integration
https://www.reddit.com/r/netsec/comments/wumn8c/trivy_enhanced_with_aws_scan_integration/

Hackers Stole Crypto from Bitcoin ATMs by Exploiting Zero-Day Vulnerability
https://thehackernews.com/2022/08/hackers-stole-crypto-from-bitcoin-atms.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 23/08/2022

Trivy: Enhanced with AWS scan integration
https://www.reddit.com/r/netsec/comments/wumn8c/trivy_enhanced_with_aws_scan_integration/

CISA wants you to patch these actively exploited vulnerabilities before September 8
https://www.malwarebytes.com/blog/news/2022/08/cisa-wants-you-to-patch-these-actively-exploited-vulnerabilities-before-september-8

Criminals socially engineer their way to bank details with fake arrest warrants
https://www.malwarebytes.com/blog/news/2022/08/criminals-socially-engineer-their-way-to-bank-details-with-fake-arrest-warrants

7 critical steps for successful security onboarding
https://www.csoonline.com/article/3669849/7-critical-steps-for-successful-security-onboarding.html#tk.rss_all

Reddit users crowdsourcing explicit images and identities
https://www.malwarebytes.com/blog/news/2022/08/reddit-users-crowdsourcing-explicit-images-and-identities

RTLS Systems Found Vulnerable to MiTM Attacks and Location Tampering
https://thehackernews.com/2022/08/rtls-systems-found-vulnerable-to-mitm.html

Dell security advisory (AV22-465)
https://malware.news/t/dell-security-advisory-av22-465/62798/1

A week in security (August 15 - August 21)
https://www.malwarebytes.com/blog/news/2022/08/a-week-in-security-august-15-august-21

Microsegmentation (noun)
https://thecyberwire.com/podcasts/word-notes/113/notes

IBM security advisory (AV22-464)
https://malware.news/t/ibm-security-advisory-av22-464/62799/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 24/08/2022

Chainsaw 2.0: Allows users to rapidly search through Windows event logs and hunt for threats using Sigma detection rules.
https://www.reddit.com/r/netsec/comments/wvs9e7/chainsaw_20_allows_users_to_rapidly_search/

Google Uncovers Tool Used by Iranian Hackers to Steal Data from Email Accounts
https://thehackernews.com/2022/08/google-uncovers-tool-used-by-iranian.html

But You Told Me You Were Safe: Attacking the Mozilla Firefox Renderer (Part 2)
https://www.reddit.com/r/netsec/comments/wvzq0t/but_you_told_me_you_were_safe_attacking_the/

Here’s how to use Intel 471 with existing intelligence frameworks
https://malware.news/t/here-s-how-to-use-intel-471-with-existing-intelligence-frameworks/62838/1

AsyncRAT Being Distributed in Fileless Form
https://malware.news/t/asyncrat-being-distributed-in-fileless-form/62837/1

BrandPost: 5 Signs the World Isn’t Paying Enough Attention to 5G Security
https://www.csoonline.com/article/3670573/5-signs-the-world-isn-t-paying-enough-attention-to-5g-security.html#tk.rss_all

A multidimensional approach to journalism security
https://www.microsoft.com/security/blog/2022/08/23/a-multidimensional-approach-to-journalism-security/

XCSSET Malware Updates with Python 3 to Target macOS Monterey Users
https://thehackernews.com/2022/08/xcsset-malware-updates-with-python-3-to.html

HTTP header Blind SQL injection Example
https://www.reddit.com/r/netsec/comments/wvhkyt/http_header_blind_sql_injection_example/

bomber - a vulnerability scanner for SBOMs
https://www.reddit.com/r/netsec/comments/wvzdt5/bomber_a_vulnerability_scanner_for_sboms/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 24/08/2022

BrandPost: Securing Critical Applications Running in the Cloud
https://www.csoonline.com/article/3670555/securing-critical-applications-running-in-the-cloud.html#tk.rss_all

Security Alert: Alert Regarding Vulnerability in Movable Type XMLRPC API
https://malware.news/t/security-alert-alert-regarding-vulnerability-in-movable-type-xmlrpc-api/62839/1

AsyncRAT Being Distributed in Fileless Form
https://malware.news/t/asyncrat-being-distributed-in-fileless-form/62837/1

BitRAT and XMRig CoinMiner Being Distributed via Windows License Verification Tool
https://malware.news/t/bitrat-and-xmrig-coinminer-being-distributed-via-windows-license-verification-tool/62836/1

SUMMER ISSUE OF 2600 RELEASED
https://www.2600.com/content/summer-issue-2600-released-17

Iranian APT data extraction tool described. LockBit gang comes under DDoS. Twitter whistleblower security claims made public. Greek natural gas supplier under cyberattack. Updates on a hybrid war.
https://thecyberwire.com/podcasts/daily-podcast/1647/notes

ISC StormCast for Wednesday, August 24th, 2022
https://isc.sans.edu/podcastdetail.html?id=8144

SBOM 101 - All the questions you were afraid to ask Software Bill of Materials
https://www.reddit.com/r/netsec/comments/wvr7g8/sbom_101_all_the_questions_you_were_afraid_to_ask/

How Twitter’s whistleblower could boost Elon Musk’s legal battle
https://www.theguardian.com/technology/2022/aug/23/twitter-whistleblower-elon-musk-termination-penalty

Cybersecurity researchers have discovered multiple ongoing malware distribution campaigns that target internet users who seek to download copies of pirated software.
https://www.reddit.com/r/Malware/comments/ww640p/cybersecurity_researchers_have_discovered/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 25/08/2022

6 reasons MSPs need a patch management platform
https://www.malwarebytes.com/blog/business/2022/08/6-reasons-msps-need-a-patch-management-platform

How I was able to delete 13k+ Microsoft Translator Projects
https://www.reddit.com/r/netsec/comments/wwryrb/how_i_was_able_to_delete_13k_microsoft_translator/

Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks
https://www.microsoft.com/security/blog/2022/08/24/looking-for-the-sliver-lining-hunting-for-emerging-command-and-control-frameworks/

Attack surface of browser extension pages
https://www.reddit.com/r/netsec/comments/wwvoka/attack_surface_of_browser_extension_pages/

Twitter Whistleblower Document Archive
https://www.reddit.com/r/netsec/comments/wwps3l/twitter_whistleblower_document_archive/

New ransomware HavanaCrypt poses as Google software update
https://www.csoonline.com/article/3670574/new-ransomware-havanacrypt-poses-as-google-software-update.html#tk.rss_all

Misconfigured Resource-Based Policies - Hacking The Cloud
https://www.reddit.com/r/netsec/comments/wwl5ov/misconfigured_resourcebased_policies_hacking_the/

GitLab Issues Patch for Critical Flaw in its Community and Enterprise Software
https://thehackernews.com/2022/08/gitlab-issues-patch-for-critical-flaw.html

Hackers Using Fake DDoS Protection Pages to Distribute Malware
https://thehackernews.com/2022/08/hackers-using-fake-ddos-protection.html

Researchers warn of darkverse emerging from the metaverse
https://www.csoonline.com/article/3670576/researchers-warn-of-darkverse-emerging-from-the-metaverse.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 25/08/2022

Sophisticated BEC scammers bypass Microsoft 365 multi-factor authentication
https://www.csoonline.com/article/3670575/sophisticated-bec-scammers-bypass-microsoft-365-multi-factor-authentication.html#tk.rss_all

Hackers Using Fake DDoS Protection Pages to Distribute Malware
https://thehackernews.com/2022/08/hackers-using-fake-ddos-protection.html

Attack surface of browser extension pages
https://www.reddit.com/r/netsec/comments/wwvoka/attack_surface_of_browser_extension_pages/

Unlocking Serverless with AWS Lambda and IAM
https://malware.news/t/unlocking-serverless-with-aws-lambda-and-iam/62876/1

BrandPost: Beyond the Cyber Buzzwords: What Executives Should Know About SASE
https://www.csoonline.com/article/3671149/beyond-the-cyber-buzzwords-what-executives-should-know-about-sase.html#tk.rss_all

AiTM phishing campaign also targets G Suite users
https://securityaffairs.co/wordpress/134796/cyber-crime/aitm-phishing-g-suite.html

Kudos and Recognition
https://malware.news/t/kudos-and-recognition/62874/1

EtwSessionHijacking: Blocking Procmon from monitoring network events
https://www.reddit.com/r/netsec/comments/wwy97v/etwsessionhijacking_blocking_procmon_from/

Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks
https://www.microsoft.com/security/blog/2022/08/24/looking-for-the-sliver-lining-hunting-for-emerging-command-and-control-frameworks/

MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone
https://www.microsoft.com/security/blog/2022/08/24/magicweb-nobeliums-post-compromise-trick-to-authenticate-as-anyone/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 26/08/2022

BrandPost: Securing Your Cloud Supply Chain
https://www.csoonline.com/article/3671373/securing-your-cloud-supply-chain.html#tk.rss_all

Introducing Patch Management for OneView
https://www.malwarebytes.com/blog/business/2022/08/introducing-patch-management-for-oneview

BrandPost: Is Your Mobile Network’s Security Always On?
https://www.csoonline.com/article/3671372/is-your-mobile-network-s-security-always-on.html#tk.rss_all

BrandPost: How to Mitigate Data Protection Woes with SSE
https://www.csoonline.com/article/3671348/how-to-mitigate-data-protection-woes-with-sse.html#tk.rss_all

Twitter security under scrutiny after former executive turns whistleblower
https://www.malwarebytes.com/blog/news/2022/08/twitter-under-scrutiny-after-former-executive-turns-whistleblower

Free SANS Workshop: Building an Azure Pentest Lab for Red Teams
https://www.reddit.com/r/netsec/comments/wxkxde/free_sans_workshop_building_an_azure_pentest_lab/

Embrace change! Chris’s McAfee Journey
https://malware.news/t/embrace-change-chris-s-mcafee-journey/62912/1

2-byte DoS in freebsd-telnetd / netbsd-telnetd / netkit-telnetd / inetutils-telnetd / telnetd in Kerberos Version 5 Applications - Binary Golf Grand Prix 3
https://www.reddit.com/r/netsec/comments/wxb9j4/2byte_dos_in_freebsdtelnetd_netbsdtelnetd/

MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone - Microsoft Security Blog
https://www.reddit.com/r/netsec/comments/wxfj3l/magicweb_nobeliums_postcompromise_trick_to/

Why SBOMs alone aren’t enough for software supply chain security
https://www.csoonline.com/article/3670572/why-sboms-alone-aren-t-enough-for-software-supply-chain-security.html#tk.rss_all


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 26/08/2022

Here’s How to Steer Clear of Bot Accounts on Social Media
https://malware.news/t/here-s-how-to-steer-clear-of-bot-accounts-on-social-media/62911/1

Up to 35% more CVEs published so far this year compared to 2021
https://www.csoonline.com/article/3671369/up-to-35-more-cves-published-so-far-this-year-compared-to-2021.html#tk.rss_all

Paypal Phishing/Coinbase in One Image, (Fri, Aug 26th)
https://malware.news/t/paypal-phishing-coinbase-in-one-image-fri-aug-26th/62910/1

Mark Zuckerberg Tells Joe Rogan That Running Facebook Sucks, Metaverse Is Better
https://www.vice.com/en_us/article/m7g7px/mark-zuckerberg-tells-joe-rogan-that-running-facebook-sucks-metaverse-is-better

2-byte DoS in freebsd-telnetd / netbsd-telnetd / netkit-telnetd / inetutils-telnetd / telnetd in Kerberos Version 5 Applications - Binary Golf Grand Prix 3
https://www.reddit.com/r/netsec/comments/wxb9j4/2byte_dos_in_freebsdtelnetd_netbsdtelnetd/

Free SANS Workshop: Building an Azure Pentest Lab for Red Teams
https://www.reddit.com/r/netsec/comments/wxkxde/free_sans_workshop_building_an_azure_pentest_lab/

Microsoft Uncovers New Post-Compromise Malware Used by Nobelium Hackers
https://thehackernews.com/2022/08/microsoft-uncovers-new-post-compromise.html

ISC Stormcast For Friday, August 26th, 2022 https://isc.sans.edu/podcastdetail.html?id=8148, (Fri, Aug 26th)
https://malware.news/t/isc-stormcast-for-friday-august-26th-2022-https-isc-sans-edu-podcastdetail-html-id-8148-fri-aug-26th/62909/1

Embrace change! Chris’s McAfee Journey
https://malware.news/t/embrace-change-chris-s-mcafee-journey/62912/1

ISC Stormcast For Friday, August 26th, 2022 https://isc.sans.edu/podcastdetail.html?id=8148, (Fri, Aug 26th)
https://isc.sans.edu/diary/rss/28982


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 27/08/2022

Call for entry: Creating Connections.
https://thecyberwire.com/stories/f236d8b0aba54fe4a399e01bf9b315d3/call-for-entry-creating-connections

The Elastic Container Project for Security Research
https://www.reddit.com/r/netsec/comments/wyp2n4/the_elastic_container_project_for_security/

Adware found on Google Play — PDF Reader servicing up full screen ads
https://www.malwarebytes.com/blog/news/2022/08/adware-found-on-google-play-pdf-reader-servicing-up-full-screen-ads

Password manager LastPass reveals intrusion into development system
https://www.csoonline.com/article/3671152/password-manager-lastpass-reveals-intrusion-into-development-system.html#tk.rss_all

Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations
https://thehackernews.com/2022/08/iranian-hackers-exploiting-unpatched.html

Iran-linked Mercury APT exploited Log4Shell in SysAid Apps for initial access
https://securityaffairs.co/wordpress/134876/apt/mercury-exploit-log4shell-flaw.html

F5 security advisory (AV22-478)
https://malware.news/t/f5-security-advisory-av22-478/62929/1

Chris Handman from TerraTrue discusses how he works to transform legal teams into advocates and collaborators that can ensure privacy is baked in every step of the way.
https://thecyberwire.com/podcasts/interview-selects/125/notes

Labels: Not Just for People Anymore!
https://malware.news/t/labels-not-just-for-people-anymore/62933/1

Undetectable backdooring PE file
https://www.reddit.com/r/netsec/comments/wy6kpp/undetectable_backdooring_pe_file/


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 27/08/2022

Zimbra Open Bucket Data Leak – Responsible Disclosure
https://www.reddit.com/r/netsec/comments/wy75vh/zimbra_open_bucket_data_leak_responsible/

Undetectable backdooring PE file
https://www.reddit.com/r/netsec/comments/wy6kpp/undetectable_backdooring_pe_file/

Critical Vulnerability Discovered in Atlassian Bitbucket Server and Data Center
https://thehackernews.com/2022/08/critical-vulnerability-discovered-in.html

Cybercrime Groups Increasingly Adopting Sliver Command-and-Control Framework
https://thehackernews.com/2022/08/cybercrime-groups-increasingly-adopting.html

HTTP/2 Packet Analysis with Wireshark, (Fri, Aug 26th)
https://isc.sans.edu/diary/rss/28986

Microsoft: New UEFI CA memory mitigation requirements for signing
https://www.reddit.com/r/netsec/comments/wyp2z6/microsoft_new_uefi_ca_memory_mitigation/

Source code of password manager LastPass stolen by attacker
https://www.malwarebytes.com/blog/news/2022/08/source-code-of-password-manager-lastpass-stolen-by-attacker

Looking for insight on labelling portable executable (PE) malware files using a VirusTotal API response report.
https://www.reddit.com/r/Malware/comments/wyl0gu/looking_for_insight_on_labelling_portable/

Dominican government hit by ransomware. Lockdown Mode considered. Commercial spyware market. Privacy and proctoring. LastPass incident. Twilio update.
https://thecyberwire.com/podcasts/privacy-briefing/656/notes

Labels: Not Just for People Anymore!
https://malware.news/t/labels-not-just-for-people-anymore/62933/1


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman

Top Security News for 28/08/2022

Threat actor abuses Genshin Impact Anti-Cheat driver to disable antivirus
https://securityaffairs.co/wordpress/134884/malware/anti-cheat-driver-disable-antivirus.html

Command Injection in the GitHub Pages Build Pipeline
https://www.reddit.com/r/netsec/comments/wz633l/command_injection_in_the_github_pages_build/

Unprecedented cyber attack hit State Infrastructure of Montenegro
https://securityaffairs.co/wordpress/134900/cyber-warfare-2/montenegro-cyber-attack.html

Tetsuji: Remote Code Execution on a GameBoy Colour 22 Years Later - a critical vulnerability that will shake the very fabric of society
https://www.reddit.com/r/lowlevel/comments/wyyghu/tetsuji_remote_code_execution_on_a_gameboy_colour/

Update: 1768.py Version 0.0.16
https://malware.news/t/update-1768-py-version-0-0-16/62936/1

David Nosibor: Taking calculated risks. [Product Lead]
https://thecyberwire.com/podcasts/career-notes/114/notes

Twilio hackers also breached the food delivery firm DoorDash
https://securityaffairs.co/wordpress/134905/data-breach/twilio-hackers-breached-doordash.html

When Windows Lies
https://malware.news/t/when-windows-lies/62937/1

Weekly News Roundup — August 1 to August 27
https://malware.news/t/weekly-news-roundup-august-1-to-august-27/62938/1

New Agenda Ransomware appears in the threat landscape
https://securityaffairs.co/wordpress/134911/cyber-crime/agenda-ransomware.html


Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman