Está aqui

InfoSec News 20191028

Publicado: Seg, 28/10/2019 - 11:16

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

SWEED targets precision engineering companies in Italy

"Security expert Marco Ramilli published a quick analysis of an interesting attack carried out by SWEED threat actor targeting precision engineering firms in Italy."

Link

TLP¹ : Green

Phishers strike at mobile wellness app company

"If you don’t believe that you could ever fall victim to a social engineering attack, take heed. Last week, a mobile healthcare application vendor reportedly fell victim to a scam that saw criminals send fraudulent mails to everyone in a director’s account."

Link

TLP¹ : Green

Firefox Privacy Protection makes website trackers visible

"Mozilla has added another privacy tweak to Firefox version 70 – the ability to quickly see how often websites are tracking users. The company calls it the Firefox Privacy Protection and users can access it by clicking on the address bar shield icon."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

Unsecured Adobe Server Exposes Data for 7.5 Million Creative Cloud Users

"The U.S. multinational computer software company Adobe has suffered a serious security breach earlier this month that exposed user records' database belonging to the company's popular Creative Cloud service."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

CVE-2019-11043 exposes Web servers using nginx and PHP-FPM to hack

"Experts warn of a remote code execution vulnerability in PHP7, tracked as CVE-2019-11043, has been exploited in attacks in the wild."

Link

TLP¹ : Green

Oracle MICROS Workstation 650 BIOS memory corruption

"A vulnerability has been found in Oracle MICROS Workstation 650 (the affected version is unknown) and classified as very critical. This vulnerability affects an unknown function of the component BIOS. The manipulation with an unknown input leads to a memory corruption vulnerability. The CWE definition for the vulnerability is CWE-264. As an impact it is known to affect confidentiality, integrity, and availability. "

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

Keep Adversaries at Bay With the MITRE ATT&CK Framework

"Organizations are adopting the MITRE ATT&CK framework to map their cybersecurity threat detection, prevention and response capabilities to attack scenarios. MITRE, a nonprofit organization that has worked closely with the U.S. government to strengthen its cyberdefenses for more than four decades, developed the model after years of observing how real-world adversary groups operate."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

Discovering the Anti-Virus Signature and Bypassing It

"In this post, I am going to go over how to find the specific Anti-Virus signature using manual testing and then show techniques that can be used to bypass them."

Link

TLP¹ : Green

AutoSploit v4.0 - Automated Mass Exploiter

"As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets can be collected automatically through Shodan, Censys or Zoomeye. But options to add your custom targets and host lists have been included as well. The available Metasploit modules have been selected to facilitate Remote Code Execution and to attempt to gain Reverse TCP Shells and/or Meterpreter sessions. Workspace, local host and local port for MSF facilitated back connections are configured by filling out the dialog that comes up before the exploit component is started."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing: