Infosec News 20200629
Top News
-
Office 365 users that are returning to the workplace targeted with Coronavirus training resources
"Experts are warning of a new phishing campaign aimed at Office 365 users that are returning to the workplace with Coronavirus training resources."
TLP1 : Green
-
E-learning Platform Exposes Personal Information of Over 1 Million North American Students
"Security researchers have recently discovered a leaky database belonging to the e-learning platform One Class, a remote learning tool that provides educational assistance and study guides to millions of North American students."
TLP1 : Green
-
University of California San Francisco Pays $1 Million to Ransomware Operators after June 1 Attack
"NetWalker ransomware operators have persuaded the University of California San Francisco to pay over $1 million in an extortion scheme using data-encrypting malware."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
REvil operators threaten to leak files stolen from Australian firm Lion
"The Australian brewery and dairy conglomerate Lion suffered two cyber attacks in a few days this month."
TLP1 : Green
-
Ransomware is now your biggest online security nightmare. And it's about to get worse
"Ransomware is rapidly shaping up to be the defining online security issue of our era."
TLP1 : Green
-
Blast from the past: Cyber attacks in India
"In the wake of the coronavirus pandemic, and increasing cyber-threats from China, the internet has become a messy battlefield, as the former has led people to look for easy money, while the latter is using it as a form of warfare. Worst cyber-attacks that happened in India."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Synology Photo Station up to 6.8.11 synophoto_csPhotoDB.php type sql injection
"A vulnerability was found in Synology Photo Station up to 6.8.11 (Network Attached Storage Software)."
TLP1 : Green
-
HaboMalHunter up to 2.0.0.3 PIE Compilation privilege escalation
"This vulnerability affects an unknown function of the component PIE Compilation Handler. The manipulation with an unknown input leads to a privilege escalation vulnerability."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Exiv2 up to 0.27.1 HTTP Server http.c Response denial of service
"A vulnerability, which was classified as problematic, was found in Exiv2 up to 0.27.1 (Image Processing Software)."
TLP1 : Green
-
CSZ CMS up to 1.2.1 core/MY_Security.php csrf_csz sql injection
"A vulnerability, which was classified as critical, has been found in CSZ CMS up to 1.2.1 (Content Management System)."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Cyber Threat Scores – What do you need to know?
"Yesterday’s defenses cannot be compared to today’s threats."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
How To Perform External Black-box Penetration Testing in Organization with “ZERO” Information
"See how susceptible an organization is from an external point of view and test the effectiveness of the security controls that are managed enterprise-wide."
TLP1 : Green
-
Xeexe - Undetectable And XOR Encrypting With Custom KEY (FUD Metasploit RAT)
"Undetectable Reverse shell & Xor encrypting with custom KEY(FUD Metasploit Rat) bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,...(PYTHON 3)."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.