Top News

• FaceApp: US Senator Asks FBI, FTC to Probe Viral Photo Editing App Over Security Concerns

"US Senate minority leader Chuck Schumer called on the FBI and the Federal Trade Commission to conduct a national security and privacy investigation into FaceApp, a face-editing photo app developed in Russia, in a letter sent on Wednesday."

Link

TLP¹ : Green

• 7 Spyware Apps with Over 130,000 Installation Found on Google Play

"These stalkerware apps allow users to spy on employees, romantic partners, kids, and other users. This can be done by simply installing those apps on the targeted device and to grant access to personal data."

Link

TLP¹ : Green

• Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

"The Gamaredon APT was first spotted in 2013, last year researchers at LookingGlass have shared the details of a cyber espionage campaign, tracked as Operation Armageddon, targeting Ukrainian entities."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Dutch Police Nab Macro Malware Suspect

"In a statement on Wednesday, the country's high-tech crime team (THTC) revealed it had apprehended a 20-year-old Utrecht man after monitoring his participation in hacking forums, with help from McAfee."

Link

TLP¹ : Green

• Security researcher arrested after data on every adult in Bulgaria hacked from government site

"Police in Bulgaria have arrested a 20-year-old man after a hack against the Bulgarian tax authority, known as the National Revenue Agency (NRA), which saw data on every single adult living in Bulgaria stolen, and offered to the media."

Link

TLP¹ : Green

• Police need intercept tools as mobile networks develop: Europol

"European police authorities are now able to listen to and track wanted criminals using mobile communication devices on the 4G network, but "we cannot use them in the 5G network," De Bolle said.

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• How Small Mistakes Lead to Major Data Breaches

"Four out of five of the top causes of data breaches are down to human or process error. In other words, human mistakes that could've been remedied with cybersecurity training or more careful consideration of security practices."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Bluetooth flaw allows hackers to track your devices

"The very technology that aims to keep your Bluetooth from being tracked and hacked is the very one that can make your devices vulnerable."

Link

TLP¹ : Green

• Vulnerability Allows Hackers to Take Control of Drupal 8 Websites

"The flaw, described as an access bypass issue that can be triggered when the experimental Workspaces module is enabled, can be exploited to take control of a targeted website."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Adoption rates of basic cloud security tools and practices still far too low

"This year's report found that 75 percent of organizations leverage multiple cloud solutions, but only 20 percent have visibility over cross-app anomalous behavior. "

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• New FinFisher spyware used to spy on iOS and Android users in 20 countries

"The new variants of FinFisher implement a broad range of feature to collect data from infected mobile phones, including SMS/MMS messages, emails, calendars, GPS location, photos, and data from the RAM memory of the device."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp