InfoSec News 20201001
Top News
-
Android Spyware Variant Snoops on WhatsApp, Telegram Messages
"The Android malware comes from threat group APT-C-23, also known as Two-Tailed Scorpion and Desert Scorpion."
TLP1 : Green
-
Attacks on Flight Tracking Services Possibly Linked to Armenia-Azerbaijan Conflict
"Distributed denial-of-service (DDoS) attacks launched in recent days against popular flight tracking services may be linked to the conflict between Armenia and Azerbaijan."
TLP1 : Green
-
CISA alert: Federal agency ‘compromised by malicious cyber actor’
"The Cybersecurity and Infrastructure Security Agency (CISA), which is a division of the Department of Homeland Security, has issued a lengthy security alert where it says that a federal agency was “compromised” by a “malicious cyber actor.”
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Russian Sentenced to Prison for Hacking LinkedIn, Dropbox
"A Russian national was sentenced to 88 months in prison in the United States for hacking LinkedIn, Dropbox, and Formspring"
TLP1 : Green
-
Phishing Attack Targets Microsoft 365 Users With Netflix & Amazon Lures
"Cyberattacker TA2552 primarily targets Spanish speakers with messages that leverage a narrow range of themes and popular brands."
TLP1 : Green
-
REvil Actor Dangles a Million to Attract Potential Affiliates
"REvil (aka Sodinokibi) ransomware group, one of the most active ransomware groups of our time, is apparently planning for something big. The group that focuses more on private Ransomware-as-a-Service (RaaS) operations has made a stunning declaration."
TLP1 : Green
-
Twitter Removes Iran-Linked Accounts Aimed at Disrupting U.S. Presidential Debate
"Twitter on Wednesday announced that it removed 130 accounts originating from Iran that were aimed at disrupting the first 2020 U.S. presidential debate"
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Kylie Jenner's Makeup Company Warns of Data Breach
Kylie Jenner's makeup company has warned customers that their information may have been compromised in a recently detected security incident at a Canadian e-commerce merchant."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Cisco Issues Patches For 2 High-Severity IOS XR Flaws Under Active Attacks
"Cisco released security patches for two high-severity vulnerabilities affecting its IOS XR software that were found exploited in the wild a month ago."
TLP1 : Green
-
Critical Vulnerabilities Found in Remote Access Software
" Researchers at an Israeli operational technology (OT) company have discovered multiple critical vulnerabilities in two popular industrial remote access software solutions."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
A Guide to the NIST Cybersecurity Framework
"With cybersecurity threats growing exponentially, it has never been more important to put together an efficient cyber-risk management policy, and NIST's framework can help."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Velociraptor : Endpoint Visibility and Collection Tool
"Velociraptor is a tool for collecting host based state information using Velocidex Query Language (VQL) queries."
TLP1 : Green
-
H2Csmuggler - HTTP Request Smuggling Over HTTP/2 Cleartext (H2C)
"h2cSmuggler smuggles HTTP traffic past insecure edge-server proxy_pass configurations by establishing HTTP/2 cleartext (h2c) communications with h2c-compatible back-end servers, allowing a bypass of proxy rules and access controls."
TLP1 : Green
-
Microsoft Publishes Guide to Securing Systems Vulnerable to Zerologon Attacks
"Microsoft has published a support article to provide guidance on what organizations need to do to ensure that they are not exposed to attacks targeting the Zerologon vulnerability."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.