Top News

• Malware campaign employs fake security certificate updates

"Crooks are using a new phishing technique to trick victims into accepting the installation of a security certificate update and deliver malware."

Link

TLP¹ : Green

• Security of Health Information

"The world is racing to contain the new COVID-19 virus that is spreading around the globe with alarming speed. Right now, pandemic disease experts at the World Health Organization (WHO), the US Centers for Disease Control and Prevention (CDC), and other public-health agencies are gathering information to learn how and where the virus is spreading. To do so, they are using a variety of digital communications and surveillance systems. Like much of the medical infrastructure, these systems are highly vulnerable to hacking and interference."

Link

TLP¹ : Green

• One billion Android devices at risk of hacking

"More than a billion Android devices are at risk of being hacked because they are no longer protected by security updates, watchdog Which? has suggested."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Ethical hackers swarm Pentagon websites

"Hackers are crawling all over the US Department of Defense’s websites. Don’t worry, though: they’re white hats, and DoD officials are quite happy about the whole thing."

Link

TLP¹ : Green

• Rootkit in the Cloud: Hacker Group Breaches AWS Servers

"A sophisticated hacker group pwned Amazon Web Services (AWS) servers, set up a rootkit that let them remotely control servers, then merrily funnelled sensitive corporate data home to its command and control (C2) servers from a range of compromised Windows and Linux machines inside an AWS data centre."

Link

TLP¹ : Green

• US, UK and Estonia call out Russia over cyber attacks against Georgia in UN Security Council first

"The U.S., U.K. and Estonia condemned last year’s cyber attacks against Georgia, part of the former Soviet Union, by Russian military intelligence today during a closed-door meeting of the UN Security Council. The meeting marked the first time cyber attacks were brought up in the council as its own specific item."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Hackers gained access to T-Mobile customers and employee personal info

"New problems for the wireless carrier T-Mobile that disclosed a data breach that exposed some of the customers’ personal information."

Link

TLP¹ : Green

• Virgin Media, an UK broadband ISP spills 900,000 customers' records

"Virgin Media, one of the UK's biggest ISPs, on Thursday admitted it accidentally spilled 900,000 of its subscribers' personal information onto the internet via a poorly secured database. "

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days, Patches and Exploits

• Cisco Releases Security Updates

"Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities"

Link

TLP¹ : Green

• Oracle 8.0.4/8.0.5 Logging memory corruption

"A vulnerability was found in Oracle Financial Services Loan Loss Forecasting and Provisioning 8.0.4/8.0.5 (Financial Software). It has been classified as very critical. Affected is an unknown function of the component Logging. The manipulation with an unknown input leads to a memory corruption vulnerability. CWE is classifying the issue as CWE-502."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Coronavirus: Apple and Google clamp down on COVID-19 apps

"A lie gets halfway around the world before the truth has a chance to get its pants on, so the saying goes, and as with a particular virus that’s on a similar journey just now, misinformation is turning out to be a big part of the outbreak."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Enhancing Pwned Passwords Privacy with Padding

"Since launching version 2 of Pwned Passwords with the k-anonymity model just over 2 years ago now, the thing has really gone nuts (read that blog post for background otherwise nothing from here on will make much sense). All sorts of organisations are employing the service to keep passwords from previous data breaches from being used again and subsequently, putting their customers at heightened risk."

Link

TLP¹ : Green

• What is ISO/IEC 27701?

"Most recently, ISO and IEC have come out with a new addition, ISO/IEC 27701:2019 (27701). This is not a completely new framework; consider it more like an expansion pack to a game. It adds amendments and controls that address privacy by design and by default."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp