Top News

• Teheran: U.S. has started 'Cyber War' against Iran

"Iran's Passive Defense Organization chief Gholamreza Jalali declared that the US government has started its cyber war against the country."

Link

TLP¹ : Green

• Ten hospitals in Alabama and Australia have been hit with ransomware attacks

"A new wave of ransomware attacks hit US and Australian hospitals and health service providers causing the paralysis of their systems."

Link

TLP¹ : Green

• Researchers Find New Hack to Read Content Of Password Protected PDF Files

"Set of attacking techniques that could allow attackers to access the entire content of a password-protected or encrypted PDF file"

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Attackers Targeting U.S. Petroleum Companies with Adwind RAT

"Digital criminals have launched a new attack campaign that they're using to target U.S. petroleum companies with the Adwind RAT."

Link

TLP¹ : Green

• A Look Into Continuous Efforts By Chinese Hackers to Target Foreign Governments

"A Chinese hacking group, known as Rancor, has been found conducting very targeted and extensive attacks against Southeast Asian government entities from December 2018 to June 2019."

Link

TLP¹ : Green

• South Africa Bans Bulk Collection. Will the U.S. Courts Follow Suit?

"The High Court in South Africa has issued a watershed ruling: holding that South African law currently does not authorize bulk surveillance. The decision is a model that we hope other courts, including those in the United States, will follow."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Hack strikes Words with Friends and Draw Something, amid claims 218 million players' details breached

"Players of the popular Words with Friends and Draw Something smartphone games are being advised to change their passwords following what sounds like a security breach at game developer Zynga."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Multiple Jenkins Plugins Multiple Security Vulnerabilities

"The following Jenkins plugins versions are vulnerable: Dingding Plugin through 1.9 HTML Publisher Plugin through 1.20 LDAP Email Plugin through 0.8 Script Security Plugin through 1.64 SourceGear Vault Plugin through 1.1.1"

Link

TLP¹ : Green

• 9 Android Zero-day Vulnerabilities Affects Billions of Android Devices – Hackers Perform DOS, RCE, Make, Deny & Spoof Calls

"Exclusive research found 9 critical system-level Android VoIP Zero-day vulnerabilities that allow attackers to perform malicious operations, including denying voice calls, caller ID spoofing, unauthorized call operations, DOS attack, and remote code execution."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Who do I escalate my cyber emergency to?

"A business continuity and IT disaster recovery company offers advice, on how to escalate a cyber incident in the UK"

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• CryptonDie - A Ransomware Developed For Study Purposes

"CryptonDie is a ransomware developed for study purposes."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp