InfoSec News 20191008

  • Publicado: Ter, 08/10/2019 - 09:35

Top News

  • Information Warfare: Chinese Hackers Caught Down Under

" Recently leaked details of a Chinese hacking campaign on the Australian government earlier this year revealed embarrassing (for all concerned) details about continued Chinese Internet mischief."

Link

TLP1 : Green

  • Cisco Warns 500,000 Routers Have Been Hacked By Russian Hackers

"Security analysts from Cisco's cyber intelligence unit Talos on Wednesday have cautioned that Russian hackers have infected more than 500,000 routers with a modern malware and have plans to dispatch a cyber attack on Ukraine."

Link

TLP1 : Green

  • Hackers continue to exploit the Drupalgeddon2 flaw in attacks in the wild

"Researchers from Akamai uncovered a new campaign targeting the Drupalgeddon2 vulnerability to deliver malware."

Link

TLP1 : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

  • Malware Smominru still active, infects 4,700 PCs a day

"Malware Smominru, whose incidence was first reported in 2017, continues to infect computers in a big way. The fact that infected 4,700 computers a day shows how fast it is spreading."

Link

TLP1 : Green

  • Victoria named nation's cybercrime hotspot

"Australians are reporting incidents of cybercrime about every 10 minutes, according to statistics released by the nation's cyber security watchdog."

Link

TLP1 : Green

  • Toms Shoes newsletter "hacked by a nice man"

"Footwear retailer Toms has had its email newsletter compromised by someone who calls himself "a nice man"."

Link

TLP1 : Green

Breaches: Data Breaches and Hacks

  • New Zealand Breach May Affect 1 Million

"While the most recent cyber intrusion was discovered in August, it appears that attackers began accessing the Tū Ora Compass Health network as early as 2016 and continued until March of this year, authorities say."

Link

TLP1 : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

  • NSA Releases Advisory on Mitigating Recent VPN Vulnerabilities

"The National Security Agency (NSA) has released an advisory on advanced persistent threat (APT) actors exploiting multiple vulnerabilities in Virtual Private Network (VPN) applications"

Link

TLP1 : Green

  • Users reported problems with patches for CVE-2019-1367 IE zero-day

"Microsoft released a new set of patches for a zero-day flaw in Internet Explorer recently fixed due to problems reported by users with the previous patch."

Link

TLP1 : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

  • A new civilian cyber warfare position for the Army

"In the past, the civilians on either and offensive or defensive teams were given additional training from either their IT or intelligence work roles they came to, which meant they didn't receive the holistic training of their military counterparts."

Link

TLP1 : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

  • MMD-0064-2019 - Linux/AirDropBot

"There are a lot of botnet aiming multiple architecture of Linux basis internet of thing, and this story is just one of them,"

Link

TLP1 : Green

 

1Traffic Light Protocol (TLP) [1] for information sharing:

  • Red:Not for disclosure, restricted to participants only.
  • Amber: Limited disclosure, restricted to participants organizations.
  • Green: Limited disclosure, restricted to the community.

 

[1]https://www.first.org/tlp

Infosec News