Está aqui

InfoSec News 20191025

Publicado: Sex, 25/10/2019 - 11:36

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

Experts attribute NukeSped RAT to North Korea-Linked hackers

"Experts at Fortinet analyzed NukeSped malware samples that share multiple similarities with malware associated with North Korea-linked APTs."

Link

TLP¹ : Green

Cachet Financial Reeling from MyPayrollHR Fraud

"When New York-based cloud payroll provider MyPayrollHR unexpectedly shuttered its doors last month and disappeared with $26 million worth of customer payroll deposits, its payment processor Cachet Financial Services ended up funding the bank accounts of MyPayrollHR client company employees anyway, graciously eating a $26 million loss which it is now suing to recover."

Link

TLP¹ : Green

12 year jail sentence for man who hacked Los Angeles Superior Court to send two million phishing emails

"A Texas man has been sentenced to over 12 years in prison after being found guilty of hacking into the computer system of the Los Angeles Superior Court and then using it to send two million phishing emails."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

Sensitive US government and military travel details left exposed online

"Significant amounts of sensitive data about employees of the US government military personnel data could now be in the public domain following its exposure in a data leak.Israeli security researchers Noam Rotem and Ran Locar discovered 179 GB of data on an unsecured AWS server, run – they believe – by a travel services firm."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

Mozilla Foundation Security Advisory 2019-35

"Security vulnerabilities fixed in - Thunderbird 68.2"

Link

TLP¹ : Green

Apple Removes 17 Malicious iOS Apps From App Store

"Researchers have uncovered malware in 17 iOS apps that were removed from Apple’s official App Store."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

Kaspersky opens threat intelligence portal to public

"Kaspersky has opened its threat intelligence portal to the general public with the intention of targeting incident responders and security operation centre (SOC) analysts, working in-house and at managed security service providers (MSSPs)."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

Don’t open that XML: XXE to RCE in XML plugins for VS Code, Eclipse, Theia, …

"LSP4XML, the library used to parse XML files in VSCode-XML, Eclipse’s wildwebdeveloper, theia-xml and more, was affected by an XXE (CVE-2019-18213) which lead to RCE (CVE-2019-18212) exploitable by just opening a malicious XML file."

Link

TLP¹ : Green

Technical analysis of the checkm8 exploit

"Most likely you've already heard about the famous exploit checkm8, which uses an unfixable vulnerability in the BootROM of most iDevices, including iPhone X. In this article, we'll provide a technical analysis of this exploit and figure out what causes the vulnerability."

Link

TLP¹ : Green

Femida - Automated Blind-Xss Search For Burp Suite

"An automated blind-xss search plugin for Burp Suite."

Link

TLP¹ : Green

HomePwn - Swiss Army Knife for Pentesting of IoT Devices

"HomePwn is a framework that provides features to audit and pentesting devices that company employees can use in their day-to-day work and inside the same working environment. It is designed to find devices in the home or office, take advantage of certain vulnerabilities to read or send data to those devices. With a strong library of modules you can use this tool to load new features and use them in a vast variety of devices."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing: