Infosec News 20200918

  • Publicado: Sex, 18/09/2020 - 10:24

Top News

  • Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

"The U.S. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm."

Link

TLP1 : Green

  • US Air Force adds electronic warfare to new intel, cyber office

"In 2019, the deputy chief of staff for intelligence, surveillance and reconnaissance added in cyber effects operations when creating the A2/6. It’s leader, Lt. Gen. Mary O’Brien, said Tuesday that while cyber and ISR are the primary focus, there are other capabilities that must converge to deliver effects in the information environment."

Link

TLP1 : Green

  • Google Ups Malware Protection for 'Advanced Protection' Users

"Google this week announced improved malware protection capabilities for all users who are enrolled in its Advanced Protection Program."

Link

TLP1 : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

  • German Hospital Hacked, Patient Taken to Another City Dies

"German authorities said Thursday that what appears to have been a misdirected hacker attack caused the failure of IT systems at a major hospital in Duesseldorf, and a woman who needed urgent admission died after she had to be taken to another city for treatment."

Link

TLP1 : Green

  • Iranian Hackers Indicted for Stealing Aerospace & Satellite Tracking Data

"The US Department of Justice today charged three Iranian hackers for their role in a campaign intended to steal critical data related to United States' aerospace and satellite technology and resources. This marks the third time in three days the DoJ has charged Iranian cyberattackers."

Link

TLP1 : Green

  • Anonymous Site Ramps Up 'Doxxing' Campaign Against HK Activists

"Since her personal phone number was posted online, Hong Kong pro-democracy activist Carol Ng has received menacing calls from strangers and been bombarded with messages calling her a "cockroach"."

Link

TLP1 : Green

Breaches: Data Breaches and Hacks

  • University Hospital New Jersey hit by SunCrypt ransomware, data leaked

"University Hospital New Jersey (UHNJ) has suffered a massive 48,000 document data breach after a ransomware operation leaked their stolen data."

Link

TLP1 : Green

  • Popular shopping site leaks miners’ data in 6TB of database mess up

"The company in the discussion is German shopping giant Windeln.de who did not secure its database despite being alerted by researchers."

Link

TLP1 : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

  • Information Disclosure, XSS Vulnerabilities Patched in Drupal

"Several information disclosure and cross-site scripting (XSS) vulnerabilities, including one rated critical, have been patched this week in the Drupal content management system (CMS)."

Link

TLP1 : Green

  • iOS 14 and iPadOS 14 Patch Vulnerabilities, Introduce New Privacy Features

"Apple has patched nearly a dozen vulnerabilities and it has introduced new privacy features with the release of iOS 14 and iPadOS 14 this week."

Link

TLP1 : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

  • The Crucial Component of Detection and Response: Intelligence Pivoting

"Pivot. It’s a word we’re hearing more frequently since the pandemic and I find it interesting for its dual meaning. One on the one hand it means “turn.” Schools are pivoting to online learning. But it also means “crucial.” Measures like these are pivotal to keeping Covid-19 infection rates down. While it may be a trendy term, in cybersecurity, intelligence pivoting is pivotal to detection and response."

Link

TLP1 : Green

  • Enterprise Threat Visibility Versus Real-World Operational Constraints

"The phrase “assume breach” has been transformational to enterprise security investment and defensive strategy for a few years but may now be close to retirement. "

Link

TLP1 : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

  • Tomato: 1 Vulnhub Walkthrough

"Today we are going to solve another boot2root challenge called “Tomato: 1“.  It’s available at VulnHub for penetration testing and you can download it from here."

Link

TLP1 : Green

  • The evolution of backup: Interview with Altaro’s Simon Attard

"Backup solutions may not be sexy, but they’re as important as food and water when it comes to keeping your business alive and healthy. Altaro is one of the leading vendors in this area, and they offer a wide range of different backup solutions for companies, organizations, and managed service providers (MSPs)."

Link

TLP1 : Green

 

1Traffic Light Protocol (TLP) [1] for information sharing:

 

 

  • Red:Not for disclosure, restricted to participants only.
  • Amber: Limited disclosure, restricted to participants organizations.
  • Green: Limited disclosure, restricted to the community.

 

[1]https://www.first.org/tlp

 

Infosec News