Infosec News 20200824
Top News
-
Phishing attacks became more targeted this year: Report
"Hackers have been targeting delivery, postal, financial services and human resources."
TLP1 : Green
-
China, Russia to form closer partnership on 5G in defiance of US
"Russia and China are strengthening strategic high tech partnership on 5G as the US initiated a tech cold war against China and constantly accused Russia of cyberattacks."
TLP1 : Green
-
Nuclear deterrence needed to prevent cyberattacks from paralyzing China’s nuclear response
"The US' maximum pressure campaign against China now has extended to cyberspace. After the Trump administration's ban of TikTok and the Clean Network program that aims at Chinese companies, news on Sunday said that TikTok plans to sue the Trump administration over its executive order banning the app."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
MITRE Publishes 2020 List Of Top 25 Most Dangerous Software Weaknesses
"The Homeland Security Systems Engineering and Development Institute, sponsored by the Department of Homeland Security and operated by MITRE, today released the 2020 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list."
TLP1 : Green
-
As cars grow vulnerable to cyberattacks, Israeli company takes lead in new solutions
"The Cybellum automatic cybersecurity company is teaming up with a lab opened by Renault and Nissan to identity and deal with onboard car computer vulnerabilities."
TLP1 : Green
-
Security Awareness: Preventing Another Dark Web Horror Story
"As the world transitioned to widespread remote work, the accompanying move online presented countless new avenues for cybercriminals to attack."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
FBI investigating COVID-19 data breach in South Dakota
"The FBI is investigating a data breach that may have compromised the identity of people with the COVID-19 virus in South Dakota."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
A Google Drive 'Feature' Could Let Attackers Trick You Into Installing Malware
"An unpatched security weakness in Google Drive could be exploited by malware attackers to distribute malicious files disguised as legitimate documents or images."
TLP1 : Green
-
Gmail fixes dangerous bug – Steps to protect your account now
"Google has more power and pull on the web than you might think. This company, now one of the largest in the world, controls a significant majority of the internet’s ad power and revenue."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
How to Prevent and Protect Yourself from Cyber Attacks
"Cybersecurity, without a doubt, is an important part of our lives. With the advent of many technological developments, work and communication have become faster than ever."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Inside a counterfeit 8086 processor
"Intel introduced the 8086 processor in 1978, leading to the x86 architecture in use today. I'm currently reverse-engineering the circuitry of the 8086 so I've been purchasing vintage 8086 chips off eBay."
TLP1 : Green
-
MFA Mistakes: 6 Ways to Screw Up Multifactor Authentication
"Multifactor authentication (MFA), which requires users to authenticate their identities with at least two factors in order to access an application, appears to be gaining ground in the enterprise. "
TLP1 : Green
-
Arcane – Tool To Backdoor iOS Packages (iPhone ARM)
"Arcane is a simple script tool to backdoor iOS packages (iPhone ARM) and create the necessary resources for APT repositories."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.