Top News

• China hacked Asian telcos to spy on Uighur travelers: sources

"LONDON (Reuters) - Hackers working for the Chinese government have broken into telecoms networks to track Uighur travelers in Central and Southeast Asia, two intelligence officials and two security consultants who investigated the attacks told Reuters."

Link

TLP¹ : Green

• How to Protect Your Small Business from Cyber Attacks

"When asked whether SME businesses need to protect themselves from cyber attacks, the response is easy: 43% of cyber attacks are aimed at small businesses."

Link

TLP¹ : Green

• GhIDA: Ghidra decompiler for IDA Pro

"GhIDA is an IDA Pro plugin that integrates the Ghidra decompiler in the IDA workflow, giving users the ability to rename and highlight symbols and improved navigation and comments."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Annotated Bibliography

"As cybersecurity issues have mounted, dual-use technologies have proliferated. These technologies can be used for legitimate and socially beneficial purposes. However, they can also undermine human rights depending on how they are deployed."

Link

TLP¹ : Green

•  How to Share the Security Responsibility Between the CSP and Customer

"The behemoths of cloud service providers (CSPs) have released shared security responsibility related papers and articles, explaining their roles and responsibilities in cloud provisioning. Although they share similar concepts, in reality, there are different interpretations and implementations among CSPs."

Link

TLP¹ : Green

• Google Fined $170 Million For Violating Kids' Privacy On YouTube

"Google has finally agreed to pay $170 million fine to settle allegations by the Federal Trade Commission and the New York attorney general that its YouTube service earned millions by illegally harvesting personal information from children without their parents' consent."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Indians lead the world as Facebook big bug hunters

"Indian experts receive the biggest bounty in Facebook reward scheme for reporting breaches."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Multiple vulnerabilities in Oniguruma

"The vulnerability exists due to a use-after-free error within the onig_new_deluxe() function in regext.c in Oniguruma library when processing regular expressions. A remote attacker can pass specially crafted input to the application using the vulnerable library version, trigger use-after-free error and perform denial of service attack or execute arbitrary code on the system."

Link

TLP¹ : Green

• Vulnerability round-up: Mozilla, Cisco and Samba issue security updates

""The Mozilla Foundation, Cisco Systems and the Samba development team yesterday all issued security updates for their respective products, fixing a multitude of software vulnerabilities.""

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• 11 Schools with the Best Cybersecurity Degrees in the World

"Want the best cyber security degree? Take a look at the top 11 best schools to decide where you'd like to get one."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Spam In your Calendar? Here’s What to Do.

"Many spam trends are cyclical: Spammers tend to switch tactics when one method of hijacking your time and attention stops working."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp