Infosec News 20200903

  • Publicado: Qui, 03/09/2020 - 11:46

Top News

  • AlphaBay dark web marketplace moderator was sentenced to 11 years of prison time

"Bryan Connor Herrell from Colorado, was sentenced to 11 years of prison time for being one of the moderators on the dark web marketplace AlphaBay."

Link

TLP1 : Green

  • KryptoCibule: The multitasking multicurrency cryptostealer

"ESET researchers analyze a previously undocumented trojan that is spread via malicious torrents and uses multiple tricks to squeeze as many cryptocoins as possible from its victims while staying under the radar"

Link

TLP1 : Green

  • Chinese Hackers Target Europe, Tibetans With 'Sepulcher' Malware

"A Chinese threat actor was observed targeting both European diplomatic entities and the Tibetan community with the same strain of malware."

Link

TLP1 : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

  • U.S. Secret Service joining investigation of Miami-Dade schools’ cyber attack

"Questions swirl around $15.3 million contract for the K-12 platform"

Link

TLP1 : Green

  • Indian Prime Minister Modi Twitter account hacked

"Twitter has said that an account for the personal website of Indian Prime Minister Narendra Modi has been hacked."

Link

TLP1 : Green

  • Navy CIO: ‘Malicious Cyber Actors’ Attacking Military Telework Infrastructure

"Speaking at the Department of the Navy’s Gold Coast Small Business Procurement event today, Navy CIO Aaron Weis said the service saw a jump in malicious activity as employees began teleworking to prevent the spread of COVID-19."

Link

TLP1 : Green

  • Hypothesis: Cyber Attackers Are After Your Scientific Research

"From COVID-19 treatment to academic studies, keeping research secure is more important than ever. The ResearchSOC at Indiana University intends to help."

Link

TLP1 : Green

Breaches: Data Breaches and Hacks

  • Private Intel Firm Buys Location Data to Track People to their 'Doorstep'

"A threat intelligence firm called HYAS, a private company that tries to prevent or investigates hacks against its clients, is buying location data harvested from ordinary apps installed on peoples' phones around the world, and using it to unmask hackers. "

Link

TLP1 : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

  • Cisco Jabber Bug Could Let Hackers Target Windows Systems Remotely

"Networking equipment maker Cisco has released a new version of its Jabber video conferencing and messaging app for Windows that includes patches for multiple vulnerabilities—which, if exploited, could allow an authenticated, remote attacker to execute arbitrary code."

Link

TLP1 : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

  • The Hidden Costs of Losing Security Talent

"Companies know that security talent costs money and good people are hard to find. But what they don't always consider are the hidden costs of losing an experienced security analyst."

Link

TLP1 : Green

  • Government Backed 'MDBR' Service Blocks Connections to Malicious Domains

"A new Malicious Domain Blocking and Reporting (MDBR) service will help organizations improve security by preventing IT systems from connecting to malicious domains."

Link

TLP1 : Green

  • 5 Tips for Triaging Risk from Exposed Credentials

"Not all exposed usernames and passwords present a threat. Here's how to quickly identify the ones that do."

Link

TLP1 : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

  • SpaceSiren - A Honey Token Manager And Alert System For AWS

"SpaceSiren is a honey token manager and alert system for AWS. With this fully serverless application, you can create and manage honey tokens at scale -- up to 10,000 per SpaceSiren instance -- at close to no cost."

Link

TLP1 : Green

  • LOLBITS v2.0.0 - C2 Framework That Uses Background Intelligent Transfer Service (BITS)

"LOLBITS is a C2 framework that uses Microsoft's Background Intelligent Transfer Service (BITS) to establish the communication channel between the compromised host and the backend. "

Link

TLP1 : Green

  • Lucifer Malware Comes Back Targeting Linux Systems

"Lucifer malware emerged a few months ago as a typical Windows malware. However, it has now returned with greater power and new capabilities - enabling it to target Linux systems."

Link

TLP1 : Green

  • Beware of FritzFrog, a nasty piece of malware

"A new form of peer-to-peer (P2P) malware has been discovered that sets a new bar for nastiness. Called FritzFrog, it has been found in various networks since the beginning of the year. "

Link

TLP1 : Green

 

 

 

1Traffic Light Protocol (TLP) [1] for information sharing:

 

 

  • Red:Not for disclosure, restricted to participants only.
  • Amber: Limited disclosure, restricted to participants organizations.
  • Green: Limited disclosure, restricted to the community.

 

[1]https://www.first.org/tlp

Infosec News