Top News

• Cybercriminals Leak ExecuPharm Internal Documents After Ransomware Attack

"Unlike typical ransomware attacks, where bad actors encrypt data and demand payment in exchange for the decryption keys, the perps have also started leaking confidential information found on ExecuPharm’s network"

Link

TLP¹ : Green

• Sophisticated Android Spyware Attack Spreads via Google Play

"The PhantomLance espionage campaign is targeting specific victims, mainly in Southeast Asia — and could be the work of the OceanLotus APT"

Link

TLP¹ : Green

• Researchers Uncover Novel Way to De-anonymize Device IDs to Users' Biometrics

"Researchers have uncovered a potential means to profile and track online users using a novel approach that combines device identifiers with their biometric information"

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Ransomware attack on Zaha Hadid Architects

"Zaha Hadid Architects (ZHA), a London based Architects syndicate recognized internationally all over the world is reported to have become a victim of a ransomware attack last week"

Link

TLP¹ : Green

• Moscow’s Fraudsters Sell Fake #COVID19 Travel Passes

"Muscovite fraudsters are capitalizing on the city’s COVID-19 lockdown by offering to sell desperate citizens the digital passes they now need to travel around the city"

Link

TLP¹ : Green

• Swiss CERT warns of spear-phishing campaign targeting webmasters

"Switzerland’s Computer Emergency Response Team (GovCERT) has warned website administrators to exercise additional caution when it comes to handling emails, following a spike in targeted phishing attacks"

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• GDPR Compliance Site Leaks Git Data, Passwords

"Researchers discovered a .git folder exposing passwords and more for a website that gives advice to organizations about complying with the General Data Protection Regulation (GDPR) rules"

Link

TLP¹ : Green

• Warwick Uni Under Fire After Reported Breach Cover-Up

"A leading UK university has come under fire after reportedly failing to notify those affected after hackers breached its administrative network last year"

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Apple macOS up to 10.13.4 Out-of-Bounds memory corruption

"A vulnerability was found in Apple macOS up to 10.13.4 (Operating System). It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation with an unknown input leads to a memory corruption vulnerability (Out-of-Bounds)"

Link

TLP¹ : Green

• Cyber security researchers find hundreds of trusted computing vulnerabilities in Air Force hacker challenge

"So far, ethical hackers have discovered 12,000 vulnerabilities through the Department of Defense’s Hack the Pentagon initiative"

Link

TLP¹ : Green

• Critical Adobe Illustrator, Bridge and Magento Flaws Patched

"Adobe fixed critical flaws in Illustrator, Magento and Bridge in an out-of-band security update"

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Kaspersky report: Nearly half of employees don’t know how to respond to ransomware attacks

"In its survey, Kaspersky stressed that raising employee awareness on ransomware, as well as cybersecurity practices in general, is one of the best ways to prevent a ransomware attack"

Link

TLP¹ : Green

• Facebook’s Specialized Cyber Security Team Blows The Whistle, Says They’re Victims Of Automation

"Current and former Facebook employees who are responsible for heading off cyber attacks say the Silicon Valley giant is replacing them with machines, according to a new report"

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• How To Audit Windows 10 Application Logs

"The Audit feature in Windows 10 is a useful carryover from prior Windows versions. It allows Windows 10 users and administrators to view security events in an audit log for the purpose of tracking, system and security events"

Link

TLP¹ : Green

• Terrier - A Image And Container Analysis Tool To Identify And Verify The Presence Of Specific Files According To Their Hashes

"Terrier is a Image and Container analysis tool that can be used to scan OCI images and Containers to identify and verify the presence of specific files according to their hashes"

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp