Infosec News 20200914
Top News
-
Leaked database indicates Chinese intelligence has probed senior Australian politicians
"The families of Australian politicians have been the target of open-source surveillance by a Chinese company that claims to have done work on behalf of Chinese intelligence, cyber security experts claim."
TLP1 : Green
-
Bank of Seychelles hit by a ransomware attack
"The Development Bank of Seychelles (DBS) was hit by a ransomware attack disclose the Central Bank of Seychelles (CBS)."
TLP1 : Green
-
Travel Industry Giants Failed to Secure their Websites Despite High-Profile Data Breaches
"Major airlines and hotel chains have failed to secure their online platforms even after previous data breaches and cyberattacks exposed information of millions of customers’ and drew fines from privacy regulators."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Spear-Phishers Leverage Office 365 Ecosystem to Validate Stolen Creds in Real Time
"New attack technique uses Office 365 APIs to cross-check credentials against Azure Active Directory as victim types them in."
TLP1 : Green
-
Fairfax County Public Schools hit by Maze ransomware
"Fairfax County Public Schools (FCPS), one of the largest school divisions in the US, was hit by Maze ransomware operators."
TLP1 : Green
-
University Project Tracks Ransomware Attacks on Critical Infrastructure
"A team at Temple University in Philadelphia has been tracking worldwide ransomware attacks on critical infrastructure, and anyone can request access to the data."
TLP1 : Green
-
Malàsmoke gang could infect your PC while you watch porn sites
"A cybercrime group named Malàsmoke has been targeting porn sites over the past months with malicious ads redirecting users to exploit kits."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Gaming hardware manufacturer Razer suffered a data leak
"Gaming hardware manufacturer Razer suffered a data leak, an unsecured database managed by the company containing gamers’ info was exposed online."
TLP1 : Green
-
Ransomware Hits US District Court in Louisiana
"The ransomware attack has exposed internal documents from the court and knocked its website offline."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Samsung Security Updates to Mobile Devices to Fix Critical Security Vulnerabilities
"Recently, Samsung has rolled out security updates for its mobile devices to fix some critical security vulnerabilities. In September, Samsung has published the official changelog mentioning many of the vulnerabilities of all the latest over-the-air."
TLP1 : Green
-
ICS Vendors Release Advisories for CodeMeter Vulnerabilities
"Several major industrial control system (ICS) vendors have released security advisories in response to the recently disclosed vulnerabilities affecting the CodeMeter licensing and DRM solution made by Germany-based Wibu-Systems."
TLP1 : Green
-
ZShlayer: New macOS malware variant obfuscates scripts to slip past security tools
"Researchers have discovered a new Shlayer macOS malware variant which obfuscates itself to sneak past security tools and compromise a target machine."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Fraud Prevention During the Pandemic
"When the economy is disrupted, fraud goes up, so let's not ignore the lessons we can learn from previous downturns."
TLP1 : Green
-
Reviewing the SOC visibility triad
"The model referred to “security visibility” as something that is broader than detection or investigation (response) alone. In fact, one can detect in any of the channels separately, or run detection content on a platform that has more than one type of data. Same for investigations: having all three security visibility pillars means that you won’t miss anything big during the incident response process."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Docker for Pentester: Image Vulnerability Assessment
"We are moving from virtualization to containerization and we are all familiar with the container services such as docking or quay.io. You can pick a dock image for a particular application by selecting several choices."
TLP1 : Green
-
HTTP-revshell - Powershell Reverse Shell Using HTTP/S Protocol With AMSI Bypass And Proxy Aware
"HTTP-revshell is a tool focused on redteam exercises and pentesters. This tool provides a reverse connection through the http/s protocol. It use a covert channel to gain control over the victim machine through web requests and thus evade solutions such as IDS, IPS and AV."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.