InfoSec News 20190409
Top News
-
Planetary Ransomware Victims Can Now Recover Their Files for Free
"Security researchers have released a decryptor that enables victims of the Planetary ransomware family to recover their files for free. Released by Emsisoft, this decryptor requires a victim to have a copy of the ransom note. It’s not hard to find."
TLP1 : Green
-
Operators of Three Pirate Sites Face Prison & $560 Million in Damages
"While there are potentially hundreds of pirate sites scattered around Europe, the operators of relatively few of them ever see the inside of a court room.
The same cannot be said of four men previously connected to the once hugely popular but now-defunct pirate sites SeriesYonkis, PeliculasYonkis and VideosYonkis (Series, Film, and Video Junkies)."
TLP1 : Green
-
Home Office Error to Blame for Windrush Privacy Snafu
"The Home Office has apologized after an “administrative error” led to the personal details of hundreds of historic migrants to the UK being exposed.
Around 500 private email addresses were accidentally shared with other applicants of a government compensation scheme for the so-called “Windrush” generation."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
A Year Later, Cybercrime Groups Still Rampant on Facebook
"Almost exactly one year ago, KrebsOnSecurity reported that a mere two hours of searching revealed more than 100 Facebook groups with some 300,000 members openly advertising services to support all types of cybercrime, including spam, credit card fraud and identity theft. Facebook responded by deleting those groups. Last week, a similar analysis led to the takedown of 74 cybercrime groups operating openly on Facebook with more than 385,000 members."
TLP1 : Green
-
'Exodus' Surveillance Malware Found Targeting Apple iOS Users
"Cybersecurity researchers have discovered an iOS version of the powerful mobile phone surveillance app that was initially targeting Android devices through apps on the official Google Play Store. Dubbed Exodus, as the malware is called, the iOS version of the spyware was discovered by security researchers at LookOut during their analysis of its Android samples they had found last year."
TLP1 : Green
-
Cybercrime market selling full digital fingerprints of over 60,000 users
"Genesis service is selling users' personal data, complete with digital fingerprints, such as account credentials, cookies, browser user-agent details, and more."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Two 14-year-old Boys Hacked School WiFi Network to Avoid Exam
" In this case, they used an app or a computer program to take down the entire school WiFi network to on multiple occasions to get out of taking exams, said. Secaucus police Most of the U.S school’s curriculum is internet-based, the lack of Wi-Fi connection disrupted the students’ daily assignments. "
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Samba Releases Security Updates
"The Samba Team has released security updates to address vulnerabilities in Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system."
TLP1 : Green
-
TP-Link Routers Vulnerable to Zero-Day Buffer Overflow Attack
"Consumer router models allowed authenticated users to take unrestricted remote control over TL-WR940N and TL-WR941ND routers. "
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Beagle - An Incident Response And Digital Forensics Tool Which Transforms Security Logs And Data Into Graphs
"Beagle is an incident response and digital forensics tool which transforms data sources and logs into graphs. Supported data sources include FireEye HX Triages, Windows EVTX files, SysMon logs and Raw Windows memory images. The resulting Graphs can be sent to graph databases such as Neo4J or DGraph, or they can be kept locally as Python NetworkX objects.
Beagle can be used directly as a python library, or through a provided web interface."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
More than 2 million Apache HTTP servers still affected by CVE-2019-0211 flaw
"Security experts at Rapid7 have discovered that over 2 million Apache HTTP servers are still affected by the CVE-2019-0211 critical privilege escalation flaw."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.