Top News

•  TikTok is being discouraged and the app may be banned

"In recent news retail giant Amazon sent a memo to employees telling them to delete the popular social media app TikTok from their phones. In the memo it stated that the app would pose a security risk without going into details. Later the memo was withdrawn without an explanation except that it was sent in error. "

Link

TLP¹ : Green

• Source code of Cerberus Android Trojan offered for sale for $100,000

"The authors of the Android Cerberus banking trojan are auctioning the project for a price starting at $50,000, with $100K the deal could be immediately closed."

Link

TLP¹ : Green

• FBI warns of disruptive DDoS amplification attacks

"The Federal Bureau of Investigation (FBI) has issued an alert warning private sector organizations in the United States about a ramp-up in the use of built-in network protocols for large-scale distributed denial-of-service (DDoS) amplification attacks."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• North Korea-Linked Lazarus APT is behind the VHD ransomware

"Security experts from Kaspersky Lab reported that North Korea-linked hackers are attempting to spread a new ransomware strain known as VHD."

Link

TLP¹ : Green

• Several New Mac Malware Families Attributed to North Korean Hackers.

"North Korean-linked threat actor Lazarus has been employing at least four new Mac-targeting malware families in recent attacks, SentinelOne security researchers reveal."

Link

TLP¹ : Green

• Phishers Using Fake Sharepoint Messages to Target Office 365 Details

"Phishers leveraged fake automated messages from collaborative platform Sharepoint as a means to target users’ Office 365 credentials."

Link

TLP¹ : Green

• Instacart Account Data Found on Dark Web, but Company Says it Wasn’t Hacked

"(...)As reported by SCMagazine, two prominent Dark Web stores that are used for purchasing stolen data have Instacart accounts data. There were roughly 278,000 accounts found on the Dark Web criminal marketplaces, according to a report in BuzzFeed."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

•  Cosmetics Giant Avon Leaks 19 Million Records

"A misconfigured cloud server at global cosmetics brand Avon was recently discovered leaking 19 million records including personal information and technical logs."

Link

TLP¹ : Green

• Athlete Recruiting Software Company Discloses Data Breach 7 Months after Student-Athlete Data is Exposed

"In January 2020, a security researcher discovered an exposed server belonging to Front Rush, an athlete-recruiting software company offering solutions to more than 9,500 college teams at over 850 institutions across the United States. Yesterday, however, Front Rush disclosed that it has started informing potentially affected individuals about the security incident that was overlooked 7 months ago. "

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Google Releases Security Updates for Chrome

"Google has released Chrome version 84.0.4147.105 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system."

Link

TLP¹ : Green

• Firefox 79 is out – it’s a double-update month so patch now!

"28 July 2020 is a Blue Firefox Update event – the second major security fix of the month, given that Mozilla now uses an every-four-weeks-on-Tuesday rhythm, and Firefox 78.0 came out on the first day of the month."

Link

TLP¹ : Green

• Industrial Systems Can Be Hacked Remotely via VPN Vulnerabilities

"Vulnerabilities discovered by researchers in VPN products primarily used for remote access to operational technology (OT) networks can allow hackers to compromise industrial control systems (ICS) and possibly cause physical damage."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• How Cloud Mitigation Techniques Can Help Prevent Ransomware and Phishing Attacks

"The COVID-19 pandemic revealed flaws in the American healthcare system that were always there. The only difference now is that those flaws have been brought to light. It’s been a difficult time for healthcare institutions, but fortunately, there are cloud mitigation techniques available to protect data and prevent the spread of false information."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• The Ultimate Guide to Using Data Encryption on Linux

"It’s only natural that many of us want to start encrypting our sensitive data – both at work and at home. But how exactly should you go about it? This blog aims to answer that question by showing Linux users how to install and set up encryption on their systems."

Link

TLP¹ : Green

• Becoming an All-Around Defender: Social Engineering Your Way to Success

"You’ve got the technical skills, now learn the soft skills you need to go even further in your career."

Link

TLP¹ : Green

• Survey of Supply Chain Attacks

"The Atlantic Council has a released a report that looks at the history of computer supply chain attacks."

Link

TLP¹ : Green

• Why is smartphone security so important?

"Let’s pause for a second here and think about the astonishingly smart palm-sized device – that is our phone. A decade or two ago it would have been impossible to imagine all the things that a modern-day smartphone can do. A day without our smartphone is quite unimaginable. From remembering our meeting schedules to the directions to the new restaurant in town, the phone has it all."

Link

TLP¹ : Green

• Ensiko – A PHP Based Web Shell with Ransomware Capabilities Attacks PHP Installation

"Researchers observed a new PHP web shell dubbed Ensiko with ransomware capabilities that attack PHP installed on platforms such as Linux, Windows, macOS, and others."

Link

TLP¹ : Green

• Researchers Foil Phishing Attempt on Netflix Customers

"Hackers use two stolen domains to steal credentials from Netflix users and then send them to the real Netflix site."

Link

TLP¹ : Green

• NTLMRecon : Tool To Find Out Information About NTLM Endpoints

"NTLMRecon is built with flexibilty in mind. Need to run recon on a single URL, an IP address, an entire CIDR range or combination of all of it all put in a single input file? No problem! NTLMRecon got you covered."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp