Top News

• Hackers disrupt Chicago police radios with anti-cop songs

"Apparently, Anonymous hackers are behind the attack."

Link

TLP¹ : Green

• Coincheck cryptocurrency exchange targeted by hackers, customer emails exposed

"Japanese cryptocurrency exchange Coincheck has announced that earlier this week hackers managed to access some emails sent to the firm by its customers. "

Link

TLP¹ : Green

• Lawsuit accuses Google of tracking users in Incognito mode

"Are you a Google Chrome user? Have you heard that a proposed class action lawsuit filed against Google is accusing the company of violating federal wiretap laws by tracking users' online activities even when they're in Incognito mode? "

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Russia-linked APT exploited at least 3 Exim flaws in recent attacks

"Several flaws in the Exim mail transfer agent (MTA) have been exploited by Russia-linked hackers, hundreds of thousands of servers are still unpatched.

Link

TLP¹ : Green

• Sodinokibi ransomware gang launches auction site to sell stolen data

"REvil /Sodinokibi ransomware operators launch an auction site to sell data stolen from victims that have chosen to not pay the ransom."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• The Unattributable "Lead Hunter" Data Breach

"Pwned again. Damn. That's me who's pwned again because my personal data has just turned up in yet another incident from a source I can't attribute. #34;

Link

TLP¹ : Green

• Analysing the (Alleged) Minneapolis Police Department "Hack"

"The situation in Minneapolis at the moment (and many other places in the US) following George Floyd's death is, I think it's fair to say, extremely volatile."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Two issues in Zoom could have allowed code execution

"Researchers from Cisco Talos disclosed two critical flaws in the Zoom software that could have allowed attackers to hack into the systems via chat. "

Link

TLP¹ : Green

• Wallpaper that Crashes Android Phones

" The image, a seemingly innocuous sunset (or dawn) sky above placid waters, may be viewed without harm. But if loaded as wallpaper, the phone will crash. "

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Detect and Track Threats Through UEBA and Incident Governance

   

"Most organizations are predicting an increased remote workforce and adoption of SaaS apps in the coming years.

Link

TLP¹ : Green

• Cybersecurity Maturity Model Certification (CMMC) Part 2: Process Maturity's Role in Cybersecurity

"Process maturity represents an organization's ability to institutionalize their practices."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Sophisticated Info-Stealer Targets Air-Gapped Devices via USB

"The newly discovered USBCulprit malware is part of the arsenal of an APT known as Cycldek, which targets government entities. "

Link

TLP¹ : Green

• Eviloffice - Inject Macro And DDE Code Into Excel And Word Documents (Reverse Shell)

"Win python script to inject Macro and DDE code into Excel and Word documents (reverse shell)"

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp