Infosec News 20200916
Top News
-
More Cyberattacks in the First Half of 2020 Than in All of 2019
"The pandemic-related shift to remote work and the growing availability of ransomware-as-a-service were two major drivers, CrowdStrike says."
TLP1 : Green
-
Voatz Under Fire From Infosec Community Over Its Views on Security Research
"Representatives of the infosec community have signed an open letter in response to an amicus brief that mobile elections platform developer Voatz filed with the U.S. Supreme Court in the case of Nathan Van Buren."
TLP1 : Green
-
Europe Tests Gateway for Tracing Apps to Work Across Borders
"Six European Union countries and the bloc’s executive Commission have begun testing a virtual “gateway” to ensure national coronavirus tracing apps can work across borders."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Chinese Hackers Using Publicly Available Resources in Attacks on U.S. Government
"Threat actors affiliated with the Chinese Ministry of State Security (MSS) continue to target U.S. government agencies, the Cybersecurity and Infrastructure Security Agency (CISA) says in a new alert."
TLP1 : Green
-
U.S. Charges Hackers for Defacing Sites in Response to Killing of Qasem Soleimani
"The United States on Tuesday announced charges against two men from Iran and Palestine accused of defacing websites in response to the killing of Qasem Soleimani."
TLP1 : Green
-
IRS Offers $625,000 Bounty for Anyone Who Can Break Privacy of Cryptocurrency
"Monero (XMR) is a famously privacy-centric cryptocurrency, with features built into it from its inception that claim to make transactions untraceable and completely private, hiding the details of movements of digital cash from prying eyes. Completely private by default, Monero is a lot more private than many other cryptocurrencies such as Bitcoin."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Personal Information of 46,000 U.S. Veterans Exposed in Data Breach
"The personal information of roughly 46,000 veterans was affected in a recent security incident, the U.S. Department of Veterans Affairs (VA) Office of Management said in a Monday statement."
TLP1 : Green
-
Research Finds Nearly 800,000 Access Keys Exposed Online
"When AWS keys were exposed in GitHub repositories, GitHub responded by invalidating those keys. Researchers at Digital Shadows have found that this proper action doesn't end the issue of exposed keys as they have found almost 800,000 keys available on the Web."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days, Patches and Exploits
-
TikTok Fixes Flaws That Opened Android App to Compromise
"The flaws are disclosed as Oracle reportedly partners with TikTok as concerns in the U.S. over spying continue."
TLP1 : Green
-
Windows 10 ‘Finger’ command can be abused to download or steal files
"The list of native executables in Windows that can download or run malicious code keeps growing as another one has been reported recently.These are known as living-off-the-land binaries (LoLBins) and can help attackers bypass security controls to fetch malware without triggering a security alert on the system."
TLP1 : Green
-
IPTV encoder devices contain multiple vulnerabilities
"Multiple vulnerabilities exist in various Video Over IP (Internet Protocol) encoder devices, also known as IPTV/H.264/H.265 video encoders. These vulnerabilities allow an unauthenticated remote attacker to execute arbitrary code and perform other unauthorized actions on a vulnerable system."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Rethinking Resilience: Tips for Your Disaster Recovery Plan
"As more organizations face disruptions, a defined approach to recovery is imperative so they can successfully recover, experts say."
TLP1 : Green
-
UK's NCSC Publishes Guide to Implementing a Vulnerability Disclosure Process
"The U.K.’s National Cyber Security Center (NCSC) has released a guide to help organizations get started with implementing a vulnerability disclosure process."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
CryptoBank: 1: Vulnhub Walkthrough
"Today we are going to crack this vulnerable virtual machine called CryptoBank 1. It was created by emaragkos. This is a Capture the Flag type of challenge. It contains one flag that is accessible after gaining root level privilege on the machine. It was an Intermediate level machine. It made me think and work on it a few times. It is an example that enumeration is key. It is not possible to root this machine without proper enumeration."
TLP1 : Green
-
Man Pleads Guilty to Role in $600K Malware Protection Scam
"Chirag Sachdeva, 30, participated in a telemarketing scheme that offered victims computer protection services after misleading them to believe that malware had been detected on their computers, according to a statement from the U.S. attorney’s office in Rhode Island."
TLP1 : Green
-
CISA Shares Details on Web Shells Employed by Iranian Hackers
"Web shells provide the hackers with the ability to execute code on the victim systems, enumerate directories, deploy additional payloads, steal data, and navigate the victim network. Additional components can be employed to expand the attacker’s command and control (C&C) capabilities."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.