Top News

• New BBC ‘dark web’ Tor mirror site aims to beat censorship

"A mirror copy of the BBC’s international news website is now available to users on the so-called dark web."

Link

TLP¹ : Green

• Top Linux developer on Intel chip security problems: 'They're not going away.'

"Greg Kroah-Hartman, the stable Linux kernel maintainer, says we're going to see Intel chip security problems for years to come."

Link

TLP¹ : Green

• New cyberattacks targeting sporting and anti-doping organizations

"Today we’re sharing that the Microsoft Threat Intelligence Center has recently tracked significant cyberattacks originating from a group we call Strontium, also known as Fancy Bear/APT28, targeting anti-doping authorities and sporting organizations around the world. As the world looks forward with anticipation to the Tokyo Summer Games in 2020, we thought it important to share information about this new round of activity."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• How Facebook helps an abusive ex-partner find out your new identity, even after you’ve blocked them

"David Mathews, originally from Canada, currently based in London, contacted me a few weeks ago with his discovery that even if you block someone on Facebook your name remains dynamically linked to their profile."

Link

TLP¹ : Green

• Ransomware hit TrialWorks, law firms and lawyers were not able to access court documents

"TrialWorks, one of the most established providers of legal case management software for law firms and attorneys, was hit by ransomware."

Link

TLP¹ : Green

• Fake French Police Sextortion Scam

"There has been a noted increase in the number of sextortion scams during 2019. These scam campaigns are commonly distributed through email, but any method of digital communication can be used to deliver the blackmail threat to the victim."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Details for 1.3 million Indian payment cards available on the dark web, its the biggest single card database ever

"Group-IB discovered details for 1.3 million Indian payment cards available for sale on Joker’s Stash, it is the largest card database ever"

Link

TLP¹ : Green

• UniCredit Bank Suffers 'Data Incident' Exposing 3 Million Italian Customer Records

"UniCredit, an Italian global banking and financial services company, announced today that it suffered a security incident that leaked some personal information belonging to at least 3 million of its domestic customers."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• NFC False Tag Vulnerability – CVE-2019-9295

"This report details a vulnerability submitted to Google about the Tags application (app), shipped with the Android OS that is responsible for reading NFC (Near Field Communication) tags, parsing them, and forwarding the results to the relevant application according to its contents."

Link

TLP¹ : Green

• Update your iPhone 5 before November 3 2019, or lose its internet access

"Listen up if you’re still using an iPhone 5 – you need to update to iOS 10.3.4 before Sunday November 3, or you may find your smartphone loses access to the internet."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Incident Response Ransomware Series: Part 1

"In this three-part blog post series, we will provide an introduction into what ransomware is, how it works, and how it spreads to systems within an organization. We will also provide examples of different types of ransomware and variation of ransomware tactics."

Link

TLP¹ : Green

• Introduction to fileless malware

"Fileless malware is malware authors’ response to traditional malware identification and analysis techniques. Many antiviruses operate by using signature-based analysis to identify malicious files on a computer. By ensuring that a malicious file is never saved on the filesystem, malware authors can make their attacks much more difficult to detect and remediate using traditional analysis techniques."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• KTRW: The journey to build a debuggable iPhone

"In my role here at Project Zero, I do not use some of the tooling used by some external iOS security researchers, in particular development-fused iPhones with hardware debugging capabilities like JTAG enabled. I believe that access to such devices puts those who can obtain them at a significant advantage over researchers who can not or do not wish to use them. Thus, early this year I decided I would try to find a way to build such a capability using regular iPhones you can buy at an Apple store. I identified iBoot and KTRR as primary areas for research, and spent several months looking for vulnerabilities."

Link

TLP¹ : Green

• New Ransomware CCryptor struck, which can encrypt 362 file types

"Recently, 360 Security Center captured a new type of ransomware CCryptor. The attacker spread the virus by delivering phishing emails, and the CVE-2017-11882 vulnerability was used to release the ransomware to the victim machine."

Link

TLP¹ : Green

• CloudUnflare - Reconnaissance Real IP Address For Cloudflare Bypass

"Reconnaissance Real IP address for Cloudflare Bypass."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp