Top News

• More Links Found Between North Korean and Russian Hacking Operations

"Security researchers with Intel 471 have identified connections between cyber-activities attributed to North Korean hackers and those of Russian cybercriminals."

Link

TLP¹ : Green

• DDoS Attacks Rose 151% in First Half of 2020

"Attacks grew in number, size, and sophistication as the coronavirus pandemic took hold."

Link

TLP¹ : Green

• Cerberus banking Trojan source code released for free to cyberattackers

"The source code of the Cerberus banking Trojan has been released as free malware on underground hacking forums following a failed auction."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Two Russians Charged in $17M Cryptocurrency Phishing Spree

"U.S. authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges."

Link

TLP¹ : Green

• New MrbMiner malware has infected thousands of MSSQL databases

"A new malware gang has made a name for itself over the past few months by hacking into Microsoft SQL Servers (MSSQL) and installing a crypto-miner.."

Link

TLP¹ : Green

• LockBit ransomware launches data leak site to double-extort victims

"The LockBit ransomware gang has launched a new data leak site to be used as part of their double extortion strategy to scare victims into paying a ransom."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Flaws in Philips Patient Monitoring Products Can Lead to Patient Data Exposure

"Multiple vulnerabilities identified in Philips patient monitoring solutions could provide attackers with unauthorized access to patient data."

Link

TLP¹ : Green

• Blackbaud hack: US healthcare organizations confirm data breach impacted 190,000 patients

"Separate incidents at two US healthcare organizations may have resulted in the personal data of more than 190,000 patients being compromised following a high-profile cyber-attack against a third-party cloud software provider."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Wireshark 3.3.0 Released With New Features, Protocols & Capture File Support

"Wireshark 3.3.0 was released with a fix for vulnerabilities that results in the BACapp dissector crash and fix for other bugs."

Link

TLP¹ : Green

• h2c Smuggling: A New 'Devastating' Kind of HTTP Request Smuggling

"The newly discovered form of HTTP request smuggling could have widespread impact because any proxy can be affected, researchers say. Here's what infosec pros should know. "

Link

TLP¹ : Green

• Billions of devices vulnerable to new 'BLESA' Bluetooth security flaw

"TNew BLESA attack goes after the often ignored Bluetooth reconnection process, unlike previous vulnerabilities, most found in the pairing operation."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• CISA Joins MITRE to Issue Vulnerability Identifiers

"The Cybersecurity and Infrastructure Security Agency will become a peer of MITRE in the CVE program, likely leading to continued increases in disclosed vulnerabilities."

Link

TLP¹ : Green

• Dark Web monitoring and scanning explained

"Shady deals often occur in darkness – criminal activities require secrecy to cloak their illicit nature. Today, you can find those dark places on the fringes of the internet, known as the Dark Web. More often than not, this is the place where cybercriminals go to monetize the data they’ve acquired as the result of a breach."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Loly: 1 Vulnhub Walkthrough

"Hello Folks, in this article, we are going to solve a Capture the Flag (CTF) challenge of LOLY:1 from Vulnhub and the URL for this CTF is https://vulnhub.com/entry/loly-1,538/. This CTF is posted by SunSCR Team and aimed for Beginners"

Link

TLP¹ : Green

• NSA Publishes Guidance on UEFI Secure Boot Customization

"The United States National Security Agency (NSA) this week published guidance on how the Unified Extensible Firmware Interface (UEFI) Secure Boot feature can be customized to fit an organization’s needs."

Link

TLP¹ : Green

• Deploying & Securing Kubernetes Clusters

"Kubernetes is an open-source platform that allows you to manage workloads that are in a container. This enables you to have a clear understanding of the Kubernetes cluster state and how it can make changes to configuration to manage elements such as automated rollbacks and rollouts, load balancing, self-healing, and more."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp