Top News

• Scanner Targets Reddit Users With Premium Account Racket

"Users of Reddit's popular /r/piracy sub-Reddit are being targeted by bots hoping to obtain their Google or Facebook account details."

Link

TLP¹ : Green

• Defense in Depth: Securing the New Network Edge

"The use of application-level network segmentation is growing in popularity to protect enterprise data center servers as they become the new network edge."

Link

TLP¹ : Green

• FIRST CSIRT Framework

"The CSIRT Services Framework is a high-level document describing a collection of cyber security services and associated functions in a structured way that Computer Security Incident Response Teams (CSIRTs) and other teams providing incident management related services may provide."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• This one hacked personal data of entire Bulgarian population

"Call it mother of cybercrimes but a hacker has more or less broken into the entire population of Bulgaria -- hacking personal data of more than five million of the total seven million residents."

Link

TLP¹ : Green

• Hackers Attacked the Websites of the Airports in Burgas and Varna

"Burgas and Varna airport sites have been attacked from another hacker, reported "24 hours" newspaper, citing the press center of the airport in Varna."

Link

TLP¹ : Green

• Crypto-attacks are rising in Asia – and cybersecurity AI may be the best way to fight the threat: Darktrace

"Cybersecurity company Darktrace says crypto-attackers have turned to more sophisticated and highly personalised methods to siphon tokens from victims."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Russian FSB Contractor Breach Reveals 7.5TB of Data

"Russia’s fearsome intelligence agency the FSB has been trying to decrypt Tor traffic since 2012, according to new reports stemming from a major breach of a Russian defense contractor."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Over 60 US Colleges Compromised by ERP Exploit

"Scores of US colleges and universities have been compromised after hackers exploited a vulnerability in popular ERP software, according to the Department of Education."

Link

TLP¹ : Green

• Bug in NVIDIA’s Tegra Chipset Opens Door to Malicious Code Execution

"A flaw impacting milions of mobile and internet of things (IoT) devices running NVIDIA´s Tegra processor opens the door for a variety of attacks."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Google Finds Cheap Way Out of Multibillion-Dollar 'Wi-Spy' Suit

" Google is poised to pay a modest $13 milion (roughy Rs. 90 crores) to end a 2010 privacy lawsuit that was once called the biggest US wiretap case ever and theatened the internet giant with bilions of dollars in damages."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Iran-Linked APT34 Invites Victims to LinkedIn for Fresh Malware Infections

"A recent phishing campaing by Iran -linked threat actor APT34 made use of a savvy approach: Asking victims to join their social network."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp