Infosec News 20200727
Top News
-
Crimson RAT Malware Analysis
"Crimson is a Remote Access Trojan — a malware that is used to take remote control of infected systems and steal data. This particular RAT is known to be used by a Pakistani founded cybergang that targets Indian military objects to steal sensitive information."
TLP1 : Green
-
Threat actors are hijacking the infamous Emotet botnet
"A sort of vigilante is attempting to disrupt the operations of the Emotet botnet by hacking the supply chain of the malware."
TLP1 : Green
-
CISA Says Hackers Exploited BIG-IP Vulnerability in Attacks on U.S. Government
"The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on Friday to warn organizations about the risk posed by a recently patched vulnerability affecting F5 Networks’ BIG-IP application delivery controller (ADC)."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
NSA/CISA joint report warns on attacks on critical industrial systems
"NSA is warning of cyber attacks launched by foreign threat actors against organizations in the critical infrastructure sector across the U.S."
TLP1 : Green
-
New ‘Meow’ attack has deleted almost 4,000 unsecured databases
"Hundreds of unsecured databases exposed on the public web are the target of an automated 'meow' attack that destroys data without any explanation."
TLP1 : Green
-
India’s Second Digital Strike!! 47 More Chinese apps Banned for Data, Privacy Violations
"According to the sources the 47 apps are the cloned version like (“Tik Tok Light, Helo Lite, ShareIt Lite, Bigo Lite, and VFY Lite and Cam Scanner Advance”) of the previously banned apps. The order was issued on Friday, official notification and the list of the banned apps will be released soon."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Source code from dozens of companies leaked online
"Source code from exposed repositories of dozens of companies across various fields of activity (tech, finance, retail, food, eCommerce, manufacturing) is publicly available as a result of misconfigurations in their infrastructure."
TLP1 : Green
-
Poor Privacy Practices Sharply Boost Likelihood of a Data Breach, Study Shows
"Companies that don’t change their perception about data protection are increasing their odds of suffering a data breach by a whopping 80% and, in the event of a breach, will face fines seven times larger than companies with the best scores, according to a new report."
TLP1 : Green
-
Website Security Breach Exposes 1 Million DNA Profiles
"A genealogy website used to catch one of California’s most wanted serial killers remained shut down Thursday after a security breach exposed the DNA profiles of more than a million people to law enforcement agencies."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
D-Link addressed 5 flaws on some router models, some of them reached EoL
"D-Link disclosed five severe vulnerabilities affecting some router models which can be exploited by attackers to compromise a network. "
TLP1 : Green
-
K08105237: DNS /GTM configuration may go missing after upgrade
"GTM configuration may go missing after upgrade
You may observe GUI error ' not all configuration has loaded completely '"
TLP1 : Green
-
Hackers Exploited CVE-2020-3452 Flaw in Cisco ASA & FTD Within Hours After the Disclosure
"(...)Hours after the publication of PoC, at 23:31 ET attackers started exploiting the flaw. According to Rapid7’s Project Sonar discovered just over 85,000 ASA/FTD devices, 398 of which are spread across 17% of the Fortune 500.'"
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Thinking of a Cybersecurity Career? Read This
"Here’s a look at a recent survey that identified some of the bigger skills gaps, and some thoughts about how those seeking a career in these fields can better stand out from the crowd."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
REMnux 7, a Linux toolkit for malware analysts released
"A new version of the REMnux Linux toolkit for malware analysts is available for download, it includes a huge set of tools for professionals."
TLP1 : Green
-
AuthMatrix - A Burp Suite Extension That Provides A Simple Way To Test Authorization
"AuthMatrix is an extension to Burp Suite that provides a simple way to test authorization in web applications and web services."
TLP1 : Green
-
Update on NIST's Post-Quantum Cryptography Program
"After spending more than three years examining new approaches to encryption and data protection that could defeat an assault from a quantum computer, the National Institute of Standards and Technology (NIST) has winnowed the 69 submissions it initially received down to a final group of 15."
TLP1 : Green
-
Quantum Loop: US Unveils Blueprint for 'Virtually Unhackable' Internet
"US officials and scientists have begun laying the groundwork for a more secure "virtually unhackable" internet based on quantum computing technolog"
TLP1 : Green
-
Rise of the Robots: How You Should Secure RPA
"Robotic Process Automation (RPA) is the next big thing in innovation and digital strategy. But what security details are overlooked in the rush to implement bots?"
TLP1 : Green
-
Banning TikTok Won't Solve Our Privacy Problems
"Preventing the use of an apps based solely on its country of origin (no matter how hostile) is merely a Band-Aid that won't fully address all privacy and security concerns."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.