InfoSec News 20190909
Top News
-
In First, Cyberattack Takes Wikipedia Offline; Outages Still Reported Across Globe
"Millions across the world could not access Wikipedia over the weekend in what some say was the first successful cyber attack against the online encyclopedia."
TLP1 : Green
-
Experts found Joker Spyware in 24 apps in the Google Play store
"Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as "the Joker"."
TLP1 : Green
-
Fake PayPal Site Spreads Nemty Ransomware
"A web page pretending to offer an official application from PayPal is currently spreading a new variant of Nemty ransomware to unsuspecting users."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Crypto-Jacking Virus Infects 850,000 Servers, Hackers Run off With Millions
"French authorities shut down a botnet army responsible for crypto-jacking thousands of computers across 140 countries."
TLP1 : Green
-
China’s APT3 Pilfers Cyberweapons from the NSA
"Large portions of APT3’s remote code-execution package were likely reverse-engineered from prior attack artifacts."
TLP1 : Green
-
Thousands Of Linux Servers Infected By Lilu (Lilocked) Ransomware
"A new strain of ransomware named Lilocked or Lilu has affected thousands of Linux-based servers all over the world. The ransomware started infecting servers back in mid-July but in the last two weeks, the attacks have become more frequent."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
In systemic breach, hackers steal millions of Bulgarians' financial data
"Bulgaria’s finance minister apologized to the country on Tuesday after admitting hackers had stolen millions of taxpayers’ financial data in an attack that one researcher said may have compromised nearly every adult’s personal records."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
WordPress 5.2.3 fixes multiple issues, including some severe XSS flaws
"The WordPress development team released version 5.2.3 that includes 29 fixes, enhancements, and several security patches."
TLP1 : Green
-
Facebook Patches "Memory Disclosure Using JPEG Images" Flaws in HHVM Servers
"Facebook has patched two high-severity vulnerabilities in its server application that could have allowed remote attackers to unauthorisedly obtain sensitive information or cause a denial of service just by uploading a maliciously constructed JPEG image file."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
BLUESPAWN - Windows Based Active Defense Tool To Empower Blue Teams
"BLUESPAWN helps blue teams monitor Windows systems in real-time against active attackers by detecting anomalous activity"
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Initial Metasploit Exploit Module for BlueKeep (CVE-2019-0708)
"Today, Metasploit is releasing an initial public exploit module for CVE-2019-0708, also known as BlueKeep, as a pull request on Metasploit Framework."
TLP1 : Green
-
EMAGNET - Tool For Find Leaked Databases With 97.1% Accurate To Grab Mail + Password Together From Pastebin Leaks
"Emagnet is a very powerful tool for it's purpose wich is to capture email addresses and passwords from leaked databases uploaded on pastebin."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.