Top News

• WhatsApp Flaw Opens Android Devices to Remote Code Execution

"A double-free bug could allow an attacker to achieve remote code execution; users are encouraged to update to a patched version of the messaging app."

Link

TLP¹ : Green

• FBI Issues 'High-Impact' Cyber Attack Warning-What You Need To Know

"One "high impact" and ongoing cyber threat has become such a critical concern that on October 2, the FBI issued a warning to U.S businesses and organizations."

Link

TLP¹ : Green

• Ramnit Targets Japanese Shoppers, Aiming at Top Fashion Brands

"Ramnit in Japan is nothing like the Ramnit we know from attacks on U.K. banks and Europe. Instead of targeting banks, in Japan, this malware's target list is all about e-commerce and, more specifically, top fashion brands from overseas."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• The MasterMana Botnet: Anatomy of the $160 Dollar Hack

"The team at Prevailion has uncovered new details concerning "MasterMana Botnet," an ongoing cyber-crime campaign that hits all of the cyber bingo buzzwords: business email compromise, backdoors, and cryptocurrency wallets. "

Link

TLP¹ : Green

• Of All State-Backed Hackers, the Chinese Hit Most Industries

"Hackers working for the Chinese government deployed attacks against the largest number of industry verticals in the first half of the year."

Link

TLP¹ : Green

• ANU data breach: How hackers got inside Australia's top university

"A cyber attack on Australia's top university, methodically planned and then adapted on the fly by an "A team" of hackers who cracked into the personal records of 200,000 students and staff and walked away leaving virtually no trace. "

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Trusted inside access': Sydney IT contractor arrested over Landmark White data breach

"The alleged fraud, involving at least two data breaches of 170,000 datasets this year, is estimated to have cost LMW at least $8 million."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Palo Alto Networks Zingbox Inspector CVE-2019-15023 Information Disclosure Vulnerability

"Palo Alto Networks Zingbox Inspector is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Versions prior to Zingbox Inspector 1.295 are vulnerable."

Link

TLP¹ : Green

• Cisco Firepower Management Center CVE-2019-12690 Command Injection Vulnerability

"Cisco Firepower Management Center is prone to a command-injection vulnerability. An attacker may exploit this issue to execute arbitrary commands on the underlying OS with root privileges. This issue is being tracked by Cisco Bug ID CSCvh03962."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• DoD's Cybersecurity Maturity Model Certification (CMMC) initiative

"Introduction: High-profile data breaches are hitting Defense Industrial Base (DIB) supply chains"

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Malware Tales: FTCODE

"Today we are talking about a new ransomware we spotted being distributed in the wild dubbed as FTCODE."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp