Top News

• Microsoft Teams Phishing Attack Targets Office 365 Users

"Up to 50,000 Office 365 users are being targeted by a phishing campaign that purports to notify them of a “missed chat” from Microsoft Teams."

Link

TLP¹ : Green

• Botnet Infects Hundreds of Thousands of Websites

"KashmirBlack has been targeting popular content management systems, such as WordPress, Joomla, and Drupal, and using Dropbox and GitHub for communication to hide its presence."

Link

TLP¹ : Green

• Cybersecurity company finds hacker selling info on 186 million U.S. voters

"The cybersecurity company Trustwave said the hacker was offering 186 million U.S. voter records and 245 million records of other personal data."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• EU Council sanctions two Russian military intelligence officers over 2015 Bundestag hack

"The Council of the European Union announced sanctions imposed on Russian military intelligence officers for 2015 Bundestag hack."

Link

TLP¹ : Green

• US whistleblower Edward Snowden received permanent residency by Russian authorities

"The popular US whistleblower Edward Snowden has been granted permanent residency in Russia, the announcement was made by his lawyer."

Link

TLP¹ : Green

• Credential-Stuffing Attacks Plague Loyalty Programs

"But that's not the only type of web attack cybercriminals have been profiting from."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Hackers hold patient information for ransom in psychotherapy data breach

"The National Bureau of Investigations, and other agencies, have launched an investigation into how the data might have become compromised."

Link

TLP¹ : Green

• Data breach at Dr Reddy’s forces lab to temporarily shot operations across globe

"The Hyderabad-based lab is authorised to test and distribute the Russian Covid-19 vaccine in India"

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered

"Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe vulnerabilities that could be exploited by hackers."

Link

TLP¹ : Green

• 7 Mobile Browsers Vulnerable to Address-Bar Spoofing

"Flaws allow attackers to manipulate URLs users see on their mobile devices, Rapid7 says"

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Implementing Proactive Cyber Controls in OT: Myths vs. Reality

"Debunking the myths surrounding the implementation of proactive cyber controls in operational technology."

Link

TLP¹ : Green

• Cisco report: Remote working is here to stay, making cybersecurity a top priority

"More than one in two respondents stated that office laptops/desktops (58%) and personal devices (57%) posed a challenge to protect in a remote environment, followed by cloud applications at 52%."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• NTLMRawUnHide

"A Python3 Script Designed To Parse Network Packet Capture Files And Extract NTLMv2 Hashes In A Crackable Format "

Link

TLP¹ : Green

• Oregami

"IDA Plugins And Scripts For Analyzing Register Usage Frame"

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp