Top News

• Cambridgeshire crowned the UK’s cyber crime capital

"Cambridgeshire has the unwanted distinction of being the UK’s fastest-growing hotspot for cyber crime, after the number of attacks in the county increased by 49% over a three-year period."

Link

TLP¹ : Green

• NCSC warns of a surge in ransomware attacks on education institutions

"The U.K. National Cyber Security Centre (NCSC) has issued an alert about a surge in ransomware attacks targeting education institutions."

Link

TLP¹ : Green

• DHS CISA orders federal agencies to fix Zerologon flaw by Monday

"DHS CISA issued an emergency directive to tells government agencies to address the Zerologon vulnerability (CVE-2020-1472) by Monday."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• IPG Photonics high-performance laser developer hit with ransomware

"IPG Photonics, a leading U.S. manufacturer of high-performance fiber lasers for diverse applications and industries was hit by a ransomware attack that disrupted its operations."

Link

TLP¹ : Green

• Mozi Botnet is responsible for most of the IoT Traffic

"The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported."

Link

TLP¹ : Green

• The ransomware crisis is getting worse. We need to make these four big changes

"The cruel march of ransomware has apparently reached a grim new milestone."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Anglicare Sydney says 17GB data transmitted to 'remote location' after attack

"Anglicare Sydney has revealed 17GB of its data was transmitted “to a remote location” after a ransomware attack but claims “there is no current evidence that data has been stolen”."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Hijacking nearby Firefox mobile browsers via WiFi by exploiting a bug

"Mozilla addressed a bug that can be exploited by attackers to hijack all the Firefox for Android browsers that share the same WiFi network."

Link

TLP¹ : Green

• Privilege escalation in Advantech WebAccess Node

"The vulnerability allows a local user to escalate privileges on the system. The vulnerability exists due to the affected product has incorrect permissions set for resources used by specific services, which leads to code execution with system privileges."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Excel Maldocs Avoid Spam Filters and Antivirus Software

"Everyone receives phishing emails with shady attachments, but most people never see them because they are shunted into the spam folder. Even if you go to the spam folder, it is unlikely you’ll ever see the attachments themselves."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Offensive Security released Win-KeX Version 2.0 that Brings Kali Desktop Experience in Windows

"Win-Kex was first introduced with Kali Linux 2020.3, it provides a Kali Desktop Experience for Windows Subsystem for Linux (WSL 2). Version 2.0 was released with several new features and fix for the issues with the previous versions."

Link

TLP¹ : Green

• PKI: The ‘key’ to secure data authentication and encryption

"A solution to ransomware attacks."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp