Infosec News 20200624
Top News
-
40,000 cases in 5 days': India sees spurt in cyber attacks from China
"The spurt in online attacks from across the border was noticed after tensions rose between the two countries in eastern Ladakh, said Yashasvi Yadav, Special Inspector General of Police, cyber wing."
TLP1 : Green
-
Fxmsp hackers made $1.5M selling access to corporate networks
"New details have emerged on the activity of the infamous Fxmsp hacker that last year was advertising access to the networks of three cybersecurity vendors."
TLP1 : Green
-
Attackers are compromising large companies with the Cobalt Strike malware, and then deploying the Sodinokibi ransomware.
"Cybercriminals behind recent Sodinokibi ransomware attacks are now upping their ante and scanning their victims’ networks for credit card or point of sale (PoS) software. Researchers believe this is a new tactic designed to allow attackers to get the biggest bang for their buck – ransom payments and credit card data."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Time for the government — and media — to tell the truth about cyber hysteria
"The government has no right to lecture anyone about cybersecurity while it is party to making the world's IT networks less secure — all in the name of spying for western corporations."
TLP1 : Green
-
ScoMo's secret cyber weapon: PM hires Trump cabinet secretary who led global campaign against Huawei to protect Australia against hacking attacks
"One of Donald Trump's former cabinet secretaries who led the fight against tech giant Huawei is advising Australia on how to combat Chinese espionage."
TLP1 : Green
-
Claranet Cyber Security wants to help businesses secure their endpoints
"Endpoint protection can help organizations detect attacks in real-time to prevent or contain breaches."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Twitter Data Leak Exposes Business Clients
"Twitter has contacted its business clients to warn them of a potential breach of their data."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
REvil ransomware scans victim's network for Point of Sale systems
"REvil ransomware operators have been observed while scanning one of their victim's network for Point of Sale (PoS) servers by researchers with Symantec's Threat Intelligence team."
TLP1 : Green
-
New WastedLocker Ransomware distributed via fake program updates
"The Russian cybercrime group known as Evil Corp has added a new ransomware to its arsenal called WastedLocker. This ransomware is used in targeted attacks against the enterprise."
TLP1 : Green
-
Vulnerability in Bitdefender Anti-Virus Let Hackers Run The Malicious Arbitrary Code Remotely
"We all know that there are different security solutions are available to keep a firm or an organization safe and secure from cyber threats."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
NSW govt sets up vulnerability tracking centre in Bathurst
"The NSW government has set up a cyber security vulnerability management centre in Bathurst, which will start operating next month."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
InQL - A Burp Extension For GraphQL Security Testing
"A security testing tool to facilitate GraphQL technology security auditing efforts."
TLP1 : Green
-
TokenBreaker - JSON RSA To HMAC And None Algorithm Vulnerability POC
"Token Breaker is focused on 2 particular vulnerability related to JWT tokens."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.