Top News

• 1.1M Emuparadise Accounts Exposed in Data Breach

"Unfortunately, news just broke that Emuparadise recently suffered a data breach in April 2018, exposing the data of about 1.1 million of their forum members."

Link

TLP¹ : Green

• Google Calendar Attacks Target Unwitting Mobile Users

"The campaign takes advantage of a common default feature for people using Gmail on their smartphone: Calendar invites automatically pop up on phones, prompting users to accept or decline them."

Link

TLP¹ : Green

• Radiohead refuses to pay $150,000 ransom for "hacked" recordings, releases them instead

"That's exactly how Radiohead has scuppered the plans of attempted extortionist who stole previously unreleased recordings and alternative takes made during the making of the band's classic album OK Computer in 1997."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Twenty years in prison for hackers/founders of Mariposa botnet and Bitcoin platform Nicehash

"In case of being found guilty of these new charges, each defendant faces a sentence of up to twenty years for conspiracy to commit fraud, and up to 30 years in prison for bank fraud."

Link

TLP¹ : Green

• Vietnam ramps up pressure on Google's YouTube advertisers

"Vietnam has asked companies not to advertise on videos hosted by Google's YouTube that contain "anti-state propaganda,""

Link

TLP¹ : Green

• Google confirms presence of Triada backdoor in cheap Android phones

"Google has revealed that cybercriminals indeed managed to compromise Android smartphones and installed a backdoor while the supply chain process of the phones was underway."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Shanghai Jiao Tong University data leak - 8.4TB in email metadata exposed

"Security expert discovered an exposed database belonging to Shanghai Jiao Tong University containing 8.4TB in email metadata."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• June's Patch Tuesday Fixes 88 Security Flaws, Including SandboxEscaper's Zero Days, HoloLens

"Microsoft's June Patch Tuesday announced the release of 88 vulnerability patches in this month's security bulletin, as well as four advisories and one servicing stack update."

Link

TLP¹ : Green

• Adobe Security Update fixes Critical Vulnerabilities in Flash Player, Campaign and ColdFusion

"The Security updates addressed a critical vulnerability in Adobe Flash Player that allows an attacker to execute arbitrary code on the vulnerable machine with the context of the current user."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Six Reasons You Don't Want to Miss SANS DFIR Summit & Training 2019

"The annual SANS DFIR Summit & Training is just around the corner!"

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Government Sector in Central Asia Targeted With New HAWKBALL Backdoor Delivered via Microsoft Office Vulnerabilities

"HAWKBALL is a backdoor that attackers can use to collect information from the victim, as well as to deliver payloads."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp