Infosec News 20200730

  • Publicado: Qui, 30/07/2020 - 10:37

Top News

  • Vatican Infiltrated by Chinese Hackers Ahead of Sensitive Talks

"The Vatican’s computer networks have allegedly been infiltrated"

Link

TLP1 : Green

  • Dussmann Group Data Leaked After Ransomware Attack

"German giant Dussmann Group has become the latest company to fall victim to a ransomware-data breach attack"

Link

TLP1 : Green

  • India found cybersecurity lapses at National Payments Corp in 2019 - government document

"India found cybersecurity lapses at National Payments Corp in 2019 - government document"

Link

TLP1 : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

  • Social Engineering: Hacking Brains…It’s Easier than Hacking Computers

"The contestant is in a small plexiglass booth with nothing but a phone, a laptop computer and some notes"

Link

TLP1 : Green

  • Cybercriminals Use Enterprise Cloud to Create Phishing Hooks

"A recent phishing campaign has been spotted that uses a trio of enterprise cloud services to steal your credentials"

Link

TLP1 : Green

  • DDoS Botnets Spreading their Net in Asia

"According to a report by A10 Networks, China, Vietnam, and Taiwan were the top sources of distributed denial-of-service (DDoS) botnet activity in Q2 2020"

Link

TLP1 : Green

Breaches: Data Breaches and Hacks

  • Thousands of websites at risk from critical WordPress plugin vulnerability

"A critical vulnerability in a third-party plugin installed on over 70,000 websites running WordPress could allow hackers to execute malicious code remotely"

Link

TLP1 : Green

  • Zoom Flaw Let Hackers to Crack Private Meeting Passwords

"A new Zoom Flaw allows hackers to crack the 6 digits numeric password that used to secure Zoom private meetings"

Link

TLP1 : Green

 

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

  • Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems

"A team of cybersecurity researchers today disclosed details of a new high-risk vulnerability affecting billions of devices worldwide"

Link

TLP1 : Green

  • Critical Bugs in Utilities VPNs Could Cause Physical Damage

"Gear from Secomea, Moxa and HMS Networks are affected by remote code-execution flaws, researchers warn"

Link

TLP1 : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

  • SEC510: Multicloud Security Assessment and Defense

"New course explores the nuances of securing the top 3 most popular cloud platforms"

Link

TLP1 : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

  • Commit Stream - OSINT Tool For Finding Github Repositories By Extracting Commit Logs In Real Time From The Github Event API

"commit-stream drinks commit logs from the Github event firehose exposing the author details (name and email address) associated with Github repositories in real time."

Link

TLP1 : Green

 

 

1Traffic Light Protocol (TLP) [1] for information sharing:

 

 

  • Red:Not for disclosure, restricted to participants only.
  • Amber: Limited disclosure, restricted to participants organizations.
  • Green: Limited disclosure, restricted to the community.

 

[1]https://www.first.org/tlp

Infosec News