Infosec News 20200608
Top News
-
Alerta: Conheça os templates das campanhas de phishing lançadas desde o inicio do ano personificando bancos Portugueses
"Desde o inicio do ano que inúmeras campanhas têm sido registadas no 0xSI_f33d, uma ferramenta que compila campanhas a decorrer/ocorridas no ciberespaço Português"
TLP1 : Green
-
Owners of DDoS-for-Hire Service vDOS Get 6 Months Community Service
"A judge in Israel handed down the sentences plus fines and probation against Yarden Bidani and Itay Huri, both Israeli citizens arrested in 2016 at age 18 in connection with an FBI investigation into vDOS"
TLP1 : Green
-
Critical flaw could have allowed attackers to control traffic lights
"A critical vulnerability in traffic light controllers manufactured by SWARCO could have been exploited by attackers to disrupt traffic lights"
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Google reveals that foreign hackers are already targeting Trump and Biden campaigns
"Google researchers revealed that campaign staffs for both President Donald Trump and Joe Biden have been targeted recently by foreign hackers"
TLP1 : Green
-
IT Services Firm Conduent Felled by Maze Ransomware
"A multi-billion-dollar IT services firm has become the latest victim of the infamous Maze ransomware group after it appeared to target a widely publicized Citrix vulnerability"
TLP1 : Green
-
Stealthworker botnet targets Windows and Linux servers
"Researchers uncovered a malware campaign that is targeting Windows and Linux servers with a Golang-based malicious code called Stealthworker"
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Top US aerospace services provider suffers breach, loses 1.5 TB of data
"The hackers behind this breach are Maze ransomware operators who also leaked some of the company’s data as proof of hack"
TLP1 : Green
-
eCh0raix ransomware is back and targets QNAP NAS devices again
"eCh0raix Ransomware operators are back after months of apparent inactivity, now are targeting QNAP storage devices in a new campaignt"
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
How secure is your phone’s lock screen?
"From the humble passcode to biometric authentication, there are quite a few options to lock your Android phone. But which of them are more secure than the others?"
TLP1 : Green
-
Exploit code for wormable flaw on unpatched Windows devices published online
"A researcher has published exploit code for a Microsoft Windows vulnerability that, when left unpatched, has the potential to spread from computer to computer with no user interaction"
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Scam Spotter launches with practical advice
"Last week, Google and the Cybercrime Support Network launched a public service site called Scam Spotter that aims to bring scam awareness and fraud protection to all users, including the least tech-savvy"
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Words Scraper
"Selenium based web scraper to generate passwords list"
TLP1 : Green
-
JSshell - A JavaScript Reverse Shell For Exploiting XSS Remotely Or Finding Blind XSS, Working With Both Unix And Windows OS
"This tool works for both Unix and Windows operating system and it can running with both Python 2 and Python 3. This is a big update of JShell - a tool to get a JavaScript shell with XSS by s0med3v. JSshell also doesn't require Netcat (different from other javascript shells)"
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.