Top News

• Flaws in SanDisk SSD Dashboard Present Malware & Data Loss Risks

"Organizations using the utility should immediately install the latest version of the software, security vendor Trustwave says."

Link

TLP¹ : Green

• Cisco settles with cybersecurity whistleblower, setting a precedent

"Cisco has settled with federal, state and local agencies for  $8.6 million in a first-of-its-kind whistleblower case involving cybersecurity issues."

Link

TLP¹ : Green

• Gurucul Network Behavior Analytics solution provides identification of advanced and unknown cyber threats

"Gurucul, a leader in behavior based security and fraud analytics technology for on-premises and the cloud, announced the Gurucul Network Behavior Analytics (NBA) solution, the industry’s most advanced Network Traffic Analysis product. "

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• North Korea Cyber Attacks being copied by other hacking groups in the world

"Filand based Cybersecurity startup F-Secure claims that cyberattacks launched by hacking groups linked to the nNorth Korean government are now being copied by other hacking groups across the world. "

Link

TLP¹ : Green

• New Android ransomware uses pornographic posts to infect devices

"The new Android ransomware was initially being spread through Reddit and XDA-Developers’ forum"

Link

TLP¹ : Green

• Cyberspace watchdog closes 3,000 websites over illegal services

"China's cyberspace watchdog has shut down nearly 3,000 websites and more than 200,000 accounts in the second quarter of the year for illegally providing news services or spreading pornographic or gambling content"

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Honda’s Security ‘Soft Spots’ Exposed in Unsecured Database

"A researcher said that he found a Honda ElasticSearch database exposing 40GB of internal system and device data."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• CVE-2019-14378 QEMU: slirp: heap buffer overflow during packet reassembly

"A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator."

Link

TLP¹ : Green

• CVE-2019-14400

"cPanel before 78.0.18 allows local users to escalate to root access because of userdata cache misparsing"

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• CySa+: Renewal Requirements

" The CompTIA Cybersecurity Analyst (CySA+) certification is valid for three years from the day of passing the exam "

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Buster - Find Emails Of A Person And Return Info Associated With Them

" Buster is a simple OSINT tool "

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp