InfoSec News 20200106

  • Publicado: Seg, 06/01/2020 - 09:37

Top News

  • Top Cybersecurity Companies

" Cybersecurity is the hottest area of IT spending. That's why so many vendors have entered this lucrative $100 billion+ market. But who are the leaders? To find out, eSecurity Planet routinely conducts an analysis of the world's largest cybersecurity vendors and ranks the top 15."

Link

TLP1 : Green

  • BusKill Cable Starts a Self-Destruct Routine on Stolen Laptops

" A USB cable and some scripting can save sensitive data on your laptop from grab-and-go thieving situations when working in a public place. "

Link

TLP1 : Green

  • 8 Cybersecurity Risks in Android’s VoIP Components

"A team of Chinese researchers has recently revealed the findings of a ground-breaking investigation into Android’s voice-over-internet-protocol (VoIP) components. The team from OPPO ZIWU Cyber Security Lab, the Chinese University of Hong Kong and Singapore Management University, found no fewer than eight vulnerabilities."

Link

TLP1 : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

  • Iran's 'forceful revenge' against the US is likely to include cyber warfare, and experts warn cyberattacks could bring US infrastructure to a grinding halt

"Iran has promised "a forceful revenge" in response to the US-ordered drone strike that killed Iranian Quds Force head Qassem Soleimani on Friday. Cybersecurity experts warn that Iran spent years establishing itself as an "intelligent cyber opponent" and is likely to leverage cyberattacks against the US."

Link

TLP1 : Green

  • Cyber Attack on Austria and suspect is Russia Fancy Bear

"Austria’s foreign ministry has issued a press statement yesterday admitting that a serious cyberattack took place on the database of its Ministry on Saturday and the suspect happens to be Russia’s Fancy Bear."

Link

TLP1 : Green

Breaches: Data Breaches and Hacks

  • Federal Depository Library Program Govn agency breached by Iranian hackers

"A group of alleged Iranian hackers claims to have breached the website of a US government agency, Federal Depository Library Program, on Saturday after the killing of Qasem Soleimani. "

Link

TLP1 : Green

  • School software provider Active Network discloses data breach

"According to Active Network data breach notice, parents who accessed Blue Bear-based web store to pay school fees or buy books and other material between October 1, 2019, and November 13, 2019, might have had their personal data stolen."

Link

TLP1 : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

  • HPE Intelligent Management Center 7.3 E0504P04 privilege escalation

"A vulnerability has been found in HPE Intelligent Management Center 7.3 E0504P04 (Log Management Software) and classified as very critical. This vulnerability affects some unknown functionality. The manipulation with an unknown input leads to a privilege escalation vulnerability. The CWE definition for the vulnerability is CWE-20. As an impact it is known to affect confidentiality, integrity, and availability."

Link

TLP1 : Green

  • HPE Network Node Manager i 10.0x/10.1x/10.2x Bypass privilege escalation

"A vulnerability was found in HPE Network Node Manager i 10.0x/10.1x/10.2x. It has been classified as very critical. This affects some unknown functionality. The manipulation with an unknown input leads to a privilege escalation vulnerability (Bypass). CWE is classifying the issue as CWE-254. This is going to have an impact on confidentiality, integrity, and availability."

Link

TLP1 : Green

  • HPE SiteScope 11.2x/11.3x information disclosure

"A vulnerability classified as problematic was found in HPE SiteScope 11.2x/11.3x. Affected by this vulnerability is some unknown processing. The manipulation with an unknown input leads to a information disclosure vulnerability. The CWE definition for the vulnerability is CWE-200. As an impact it is known to affect confidentiality."

Link

TLP1 : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

  • The F.B.I. Will Help Companies Identify Malicious Insiders

"F.B.I. wants to help enterprises identify malicious insiders before they can begin their attacks."

Link

TLP1 : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

  • Analysis Of Unusual ZIP Files

"Intrigued by a blog post from SpiderLabs on a special ZIP file they found, Didier Stevens took a closer.

That special ZIP file is a concatenation of 2 ZIP files, the first containing a single PNG file (with extension .jpg) and the second a single EXE file (malware). Various archive managers and security products handle this file differently, some “seeing” only the PNG file, others only the EXE file."

Link

TLP1 : Green

 

 

1Traffic Light Protocol (TLP) [1] for information sharing:

 

 

  • Red:Not for disclosure, restricted to participants only.
  • Amber: Limited disclosure, restricted to participants organizations.
  • Green: Limited disclosure, restricted to the community.

 

[1]https://www.first.org/tlp

Infosec News