Infosec News 20201214
Top News
-
Facebook Takedown Infrastructure of Hacker Groups Targeting Various Government Entities
"Bangladesh and Vietnam based hackers were caught by Facebook recently for hacking into its users’ accounts and taking control of the pages. APT32, a Vietnamese group, and an unnamed Bangladeshi group were the groups that had gained unauthorized access to people’s accounts across the social media platform."
TLP1 : Green
-
Russian APT28 Hackers Uses COVID-19 Lures to Deliver Zebrocy Malware via VHD File
"The security firm Intezer revealed COVID-19 phishing lures that were used to deliver the Go version of Zebrocy. Zebrocy is mainly used against governments and commercial organizations engaged in foreign affairs."
TLP1 : Green
-
'MountLocker' Ransomware Adds to Affiliate Extortion Racket
"Latest Ransomware-As-A-Service Scheme First Appeared In July."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
US Government Confirms Cyberattack
"The US government on Sunday confirmed that its computer networks had been hit by a cyberattack, as The Washington Post reported at least two departments including the Treasury had been targeted by Russian state hackers."
TLP1 : Green
-
City of London Police Appoints Assistant Commissioner with Responsibility for Cybercrime
"Angela McLaren has been announced as the new assistant commissioner of the City of London Police, with responsibility for economic and cybercrime."
TLP1 : Green
-
Huawei worked on several surveillance systems promoted to identify ethnicity, documents show
"Facing international outcry over its testing of a ‘Uighur alarm’ system, Huawei says it is committed to human rights ‘at the highest level.’ But the tech giant has worked with others to build products touted as capable of identifying ethnicity."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Spotify resets passwords after a security bug exposed users’ private account information
"Spotify said it has reset an undisclosed number of user passwords after blaming a software vulnerability in its systems for exposing private account information to its business partners."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
US Calls On Federal Agencies To Power Down SolarWinds Orion Due To Security Breach
"An emergency directive issued by the U.S. government calls on all federal civilian agencies to disconnect or power down SolarWinds Orion IT management tools because they are being used to facilitate an active exploit."
TLP1 : Green
-
Cisco Releases Security Updates for Jabber Desktop and Mobile Client Software
"Cisco has released security updates to address vulnerabilities in Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms. A remote attacker could exploit some of these vulnerabilities to take control of an affected system."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Assessing the New Normal for Cybersecurity
"As work from home continues, cyberthreats related to the new normal will remain even post-pandemic."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
How I hacked Facebook: Part One
"I never found a vulnerability on one of Facebook subdomains, and I took a look at some writeups and I saw one writeup in one of Facebook subdomains which It got all my attention."
TLP1 : Green
-
Portable Data exFiltration: XSS for PDFs
"PDF documents and PDF generators are ubiquitous on the web, and so are injection vulnerabilities. Did you know that controlling a measly HTTP hyperlink can provide a foothold into the inner workings of a PDF?"
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.