IMPORTANT: Patch it ASAP!

A newly spotted SolarWinds Orion API authentication bypass flaw allows remote attackers to execute commands and was likely also exploited as 0-day to install the 2nd backdoor 'SUPERNOVA.'

Details: https://thehackernews.com/2020/12/a-new-solarwinds-flaw-likely-had-let.html

Account Takeover via login with OTP 🏆

https://medium.com/@surajbhosale_67721/account-takeover-via-login-with-otp-ba4a33fb1b6f

#mehran_p51

💢21 members of WeLeakInfo site arrested.

👨🏻‍💻21 people across the UK have been arrested by police as part of a high-profile cybercriminal who is a former client and top admin of WeLeakInfo.com.

N The NCA said: "The suspects are using stolen personal funds to commit more cybercrimes and fraud. Out of 21 wanted persons, 18 have been arrested, all of whom are between 18 and 38 years old and 41,000 in the process. "Bitcoin was seized."

Earlier this January, the FBI NCA, the Dutch National Cyber ​​Force, the German Bundescriminal and the Northern Ireland Police jointly took over the Weleakinfo.com domain.

The service was launched in 2017 and sells more than 12 billion stolen data, including names, email addresses, usernames, phone numbers and passwords for online accounts.

"Cybercriminals are well aware that people repeat their passwords on multiple sites, giving scammers the opportunity to exploit them," said Paul Crawfield of the NCA.


@World_Of_Security 🌐

Top disclosed reports from HackerOne: https://github.com/reddelexc/hackerone-reports
#mehran_p51

Account Takeover via Web Cache Poisoning based Reflected XSS

https://lutfumertceylan.com.tr/posts/acc-takeover-web-cache-xss/
#mehran_p51

🔥 BREAKING: British court has rejected the U.S. government's request to extradite Wikileaks founder Julian Assange on charges pertaining to illegally obtaining & sharing classified material related to national security.

https://thehackernews.com/2021/01/british-court-rejects-us-request-to.html

Google's Own Speech-to-Text API Can Help Attackers Easily Bypass Google reCAPTCHA Security Plugin — With 97% Accuracy.

Read Details: https://thehackernews.com/2021/01/google-speech-to-text-api-can-help.html

Cyberattacks targeting healthcare organizations have spiked by 45% since November 2020 as COVID19 cases continue to increase globally.

Read: https://thehackernews.com/2021/01/healthcare-industry-witnessed-45-spike.html

WATCH OUT!!!

A widespread Electron and Golang-based cross-platform RAT malware is targeting cryptocurrency users with 'undetected' trojanized apps for Windows, Linux, and macOS systems.

Details: https://thehackernews.com/2021/01/warning-cross-platform-electrorat.html

In a joint statement, FBI, CISA, NSA officially blamed the Russian government for orchestrating the massive SolarWinds supply chain cyberattack.

https://thehackernews.com/2021/01/fbi-cisa-nsa-officially-blames-russia.html

WhatsApp updated its Privacy Policy and Terms of Services, making data-sharing with Facebook mandatory for all.

IMPORTANT — You must accept it before February 8; otherwise, your account will be DELETED.

Details: https://thehackernews.com/2021/01/whatsapp-will-delete-your-account-if.html

U.S. Department of Justice admits its Microsoft Office 365 email server was also compromised as part of the SolarWinds supply chain attack.

Read details: https://thehackernews.com/2021/01/solarwinds-hackers-also-accessed-us.html

ALERT: A North Korean hacking group is targeting the South Korean government with a new spear-phishing campaign deploying RokRat Trojan.

Read: https://thehackernews.com/2021/01/alert-north-korean-hackers-targeting.html

🔥 A new side-channel attack (CVE-2021-3011) could let hackers extract your secret 2-factor authentication encryption keys from Google Titan, or other FIDO-enabled hardware security keys, and clone them for unauthorized access.

Read details — https://thehackernews.com/2021/01/new-attack-could-let-hackers-clone-your.html

NTFS Remote Code Execution (CVE-2020-17096) Analysis
https://blog.zecops.com/vulnerabilities/ntfs-remote-code-execution-cve-2020-17096-analysis/
#mehran_p51

Android Security
Supplementary material for Android Trainings:
1) Deep Dive Android
2) Xtreme Android Hacking
3) Android Pentesting
https://github.com/anantshri/Android_Security
#mehran_p51

Russian hacker 'Andrei Tyurin' gets 12-years of prison for the massive J.P. Morgan Chase hack & stealing a trove of personal information from several other financial institutions, brokerage firms, and financial news publishers.

Read: https://thehackernews.com/2021/01/russian-hacker-gets-12-years-prison-for.html

Researchers find several similarities and code overlap between the Sunburst backdoor and a previously identified Turla group's Kazuar malware.

Read details: https://thehackernews.com/2021/01/researchers-find-links-between-sunburst.html

The U.S. government has also officially blamed Russian hackers for SolarWinds cyberattack

—— Unveiled ——

Researchers finally discovered how SUNBURST backdoor was inserted into the SolarWinds software.

Hackers used a 3rd malware strain, dubbed 'SUNSPOT,' that was deployed into the Orion platform's build environment.

Read details: https://thehackernews.com/2021/01/unveiled-sunspot-malware-was-used-to.html

Getting root on a 4G LTE mobile hotspot (Alcatel MW41)
https://alex.studer.dev/2021/01/04/mw41-1
#mehran_p51

In a Europol-led operation, authorities have taken down—DarkMarket—the world's largest illegal marketplace on the dark web, specialized in the sales of drugs, counterfeit money, stolen credit card data, anonymous SIM cards, and off-the-shelf malware.

https://thehackernews.com/2021/01/authorities-take-down-worlds-largest.html