Infosec News 20200603
Top News
-
Hackers use Github bot to steal $1,200 in ETH within 100 seconds
"Hackers are remotely stealing cryptocurrencies using bots on Github."
TLP1 : Green
-
Mitron app removed from Google Play store for violating policy
"Mitron app -- the popular Indian alternative for TikTok -- has been removed from Google Play store. We recommend you to beware of all the clones of Mitron available on Google Play store."
TLP1 : Green
-
Inside hackers' pivot to medical espionage
"A wave of cyber-spying around COVID-19 medical research is once more demonstrating the perils of treating cybersecurity as a separate, walled-off realm."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Aarogya Setu open source code: Experts, IT Ministry spar over suggestions on changes & process
"The government had on May 27 released the source code of its contact tracing app Aarogya Setu and announced cash prizes for those who find a bug or vulnerability in it."
TLP1 : Green
-
Can Cloud Access Security Broker Solve Growing Threat of Security Breaches in 2020?
"Digital security breaches have become a growing concern in recent years. Between 2005 and 2020, over 10 billion data breacheshave occurred in the United States alone."
TLP1 : Green
-
Spike in attempts to hijack computers for cryptocurrency mining: Cyber-security firm
"SINGAPORE - Digital hijackers are taking over computers to mine for cryptocurrency, with cyber-security firm Kaspersky saying that Singapore has had a spike in cryptojacking attempts in the first three months of 2020."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Amtrak Breach Rolls Over Frequent Travelers
"The breach exposed usernames and passwords of an undisclosed number of program members."
TLP1 : Green
-
Ransomware gang says it breached one of NASA's IT contractors
"DopplePaymer ransomware gang claims to have breached DMI, a major US IT and cybersecurity provider, and one of NASA IT contractors."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Class Action against Google for Tracking Private Browsing
"Google is the subject of a class action, and the accusations are regarding the invasion of the privacy of millions of users."
TLP1 : Green
-
Two Critical Android Bugs Open Door to RCE
"Google and Qualcomm both addressed significant vulnerabilities in their June updates."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Machine Learning Security Evasion Competition 2020 Invites Researchers to Defend and Attack
"Machine learning (ML) is an increasingly valuable tool in cyber security as adversaries continually evolve their tactics and techniques to evade detection. "
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
GhostShell - Malware Indetectable, With AV Bypass Techniques, Anti-Disassembly, And More
"In this malware, are used some techniques to try bypass the AVs, VMs, and Sandboxes, with only porpuse to learning more. I'm not responsible for your actions."
TLP1 : Green
-
Inshackle - Instagram Hacks: Track Unfollowers, Increase Your Followers, Download Stories, Etc
"Instagram hacks: Track unfollowers, Increase your followers, Download Stories, etc"
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.