InfoSec News 20200113
Top News
-
API Security a Top Concern for Cybersecurity in 2020
"The role of the application programmable interface (API) keeps rising in prominence within the enterprise. And as that happens, so does the risk of APIs as an enterprise attack surface. According to security experts, API security will be a top concern for many cybersecurity organizations in the coming year."
TLP1 : Green
-
Google hackers successfully use remote exploit to hack iPhone
"From law enforcement to hacking firms everyone wants to hack iPhone. But Google, Apple’s arch-rival of sorts, has been hacking iPhone devices by identifying and exploiting critical vulnerabilities since last year."
TLP1 : Green
-
Take the Iranian Cyber Threat Seriously
"Many people fear that the death of Iranian General Qassim Suleimani could lead to a cyberwar between the U.S. and Iran. To those I say; where have you been for the past two years? In May of 2018, I predicted the beginning of the first world cyberwar which could draw in countries from throughout the region and the world."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Ransomware attack on Albany Airport on Christmas 2019
"Christmas 2019 went sour for a few of the staff members of the Albany International Airport as a ransomware attack is reported to have encrypted the entire database of the airport forcing the authorities to pay a ransom to a threat actor in exchange of the decryption key."
TLP1 : Green
-
Oil-and-Gas APT Pivots to U.S. Power Plants
" Researchers say that physically disruptive attacks aren’t imminent, but an increased focus on U.S. electrical-grid operators doesn’t bode well. "
TLP1 : Green
-
The U.S. Government Funded Smartphones Comes Pre-installed With Unremovable Malware
"Security researchers from Malwarebytes found pre-installed malware on UMX U683CL handsets. The phones are made under the Lifeline program to low-income consumers for Affordable Communications."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Maze Ransomware operators leak 14GB of files stolen from Southwire
"The Maze ransomware gang has released 14GB of files that they claim were stolen from one of its victims, the Southwire cable manufacturer."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Linux Kernel up to 4.15.9 mac80211_hwsim.c hwsim_new_radio_nl denial of service
"A vulnerability classified as problematic has been found in Linux Kernel up to 4.15.9 (Operating System). This affects the function hwsim_new_radio_nl of the file drivers/net/wireless/mac80211_hwsim.c. The manipulation with an unknown input leads to a denial of service vulnerability (Memory Leak). CWE is classifying the issue as CWE-399. This is going to have an impact on availability."
TLP1 : Green
-
Vulnerability CVE-2016-5346
"An Information Disclosure vulnerability exists in the Google Pixel/Pixel SL Qualcomm Avtimer Driver due to a NULL pointer dereference when processing an accept system call by the user process on AF_MSM_IPC sockets, which could let a local malicious user obtain sensitive information (Android Bug ID A-32551280)."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Vulnerability Scanning vs. Penetration Testing
" It amazes me how many people confuse the importance of vulnerability scanning with penetration testing. Vulnerability scanning cannot replace the importance of penetration testing, and penetration testing, on its own, cannot secure the entire network. "
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
LAVA - Large-scale Automated Vulnerability Addition
"Evaluating and improving bug-finding tools is currently difficult due to a shortage of ground truth corpora (i.e., software that has known bugs with triggering inputs). LAVA attempts to solve this problem by automatically injecting bugs into software."
TLP1 : Green
-
CHAPS - Configuration Hardening Assessment PowerShell Script
"CHAPS is a PowerShell script for checking system security settings where additional software and assessment tools, such as Microsoft Policy Analyzer, cannot be installed. The purpose of this script is to run it on a server or workstation to collect configuration information about that system."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.