Top News

• Iranian APT group hits schools, universities in global spear phishing attacks

"The APT group known as Silent Librarian has increased its spear phishing attacks as schools and universities are back."

Link

TLP¹ : Green

• London Borough of Hackney Investigates 'Serious' Cyberattack

"London's Hackney Council says some services may be slow or unavailable as it looks into a cyberattack affecting services and IT systems."

Link

TLP¹ : Green

• Police Raided German Spyware Company FinFisher Offices

"German investigating authorities have raided the offices of Munich-based company FinFisher that sells the infamous commercial surveillance spyware dubbed 'FinSpy,' reportedly in suspicion of illegally exporting the software to abroad without the required authorization."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• State and local governments under siege from cyber threats

"With both security budgets and talent pools negatively affected by the ongoing pandemic, state and local governments are struggling to cope with the constant wave of cyber threats more than ever before, a Deloitte study reveals."

Link

TLP¹ : Green

• OCIE Issues Second Cybersecurity Risk Alert of Q3-2020

"On September 15, 2020, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a cybersecurity risk alert highlighting the increased use of “credential stuffing” attacks against investment advisers and broker dealers. (In July, OCIE issued a cybersecurity risk alert regarding ransomware.)"

Link

TLP¹ : Green

• Twitter hack probe leads to call for cybersecurity rules for social media giants

"An investigation into Twitter hack by the New York State Department of Financial Services (NYSDFS) has ended with a stinging rebuke for how easily Twitter let itself be duped by a “simple” social engineering technique — and with a wider call for key social media platforms to be regulated on security."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Travelex, Other Orgs Face DDoS Threats as Extortion Campaign Rages On

"Organizations worldwide – including Travelex – have been sent letters threatening to launch DDoS attacks on their network unless a $230K ransom is paid."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Microsoft Patches New Windows 'Ping of Death' Vulnerability

"One of the vulnerabilities that Microsoft addressed as part of the October 2020 Patch Tuesday is a critical bug in Windows’ TCP/IP driver that could lead to the remote execution of code."

Link

TLP¹ : Green

• FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks

"A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion."

Link

TLP¹ : Green

• BleedingTooth: Vulnerabilities in Linux Bluetooth Allow Zero-Click Attacks

"Bluetooth vulnerabilities that a Google security researcher has identified in the Linux kernel could be exploited to run arbitrary code or access sensitive information."

Link

TLP¹ : Green

• SAP Patches Critical Vulnerability in CA Introscope Enterprise Manager

"The updates released by SAP for October 2020 include 15 Security Notes, including one that addresses a critical vulnerability. Six previously released Patch Day Security Notes were updated."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• The Important Difference Between Cybersecurity And Cyber Resilience (And Why You Need Both)

"Cyber threats like hacking, phishing, ransomware, and distributed denial-of-service (DDoS) attacks have the potential to cause enormous problems for organizations. Not only can companies suffer serious service disruption and reputational damage, but the loss of personal data can also result in huge fines from regulators."

Link

TLP¹ : Green

• Microsoft Office 365 Accounts a Big Target for Attackers

"Just as they did with PowerShell for Windows, threat actors are abusing native O365 capabilities for lateral movement, command-and-control communication, and other malicious activity."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Zoom Announces Rollout of End-to-End Encryption

"Zoom, the videoconferencing service that has practically become a household name since the pandemic took hold, has announced the rollout of end-to-end encryption (E2EE), beginning next week. According to the company, this is the first of a four-phase deployment, available both free and paid users."

Link

TLP¹ : Green

• Mikrot8Over - Fast Exploitation Tool For Mikrotik RouterOS

"mikrot8over: Fast exploitation tool for Mikrotik RouterOS up to 6.38.4. This is reworked original Mikrotik Exploit. Added Python 2 compatibility and multithreading scan features."

Link

TLP¹ : Green

• Maskcrafter: 1.1: Vulnhub Walkthrough

"Vulnerable machine called Maskcrafter: 1.1. It is created by evdaez. It is a simple Boot to root kind of challenge. We need to get root privilege on the machine and read the root flag to complete the challenge. Overall, it was an intermediate machine to crack."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp