Top News

•  UN Rights Expert Urges Trump to Pardon Assange

"A UN rights expert on Tuesday urged outgoing US President Donald Trump to pardon Julian Assange, saying the WikiLeaks founder is not "an enemy of the American people"."

Link

TLP¹ : Green

• SolarWinds Campaign Focuses Attention on 'Golden SAML' Attack Vector

"Adversaries that successfully execute attack can achieve persistent anytime, anywhere access to a victim network, security researchers say."

Link

TLP¹ : Green

• Tech Giants Show Support for WhatsApp in Lawsuit Against Spyware Firm

"Microsoft, Cisco, GitHub, Google, LinkedIn, VMware and the Internet Association have filed an amicus brief in support of WhatsApp in the legal case against the NSO Group."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Law Enforcement Disrupts VPN Services Enabling Cybercrime

"The United States and international partners shut down three bulletproof hosting services used to facilitate criminal activity."

Link

TLP¹ : Green

• Emotet Campaign Restarts After Seven-Week Hiatus

"Multiple security researchers note the return of an email campaign attempting to spread the malware, which is often used to drop the Ryuk ransomware and Trickbot banking Trojan."

Link

TLP¹ : Green

• Crypto Exchange EXMO Says Funds Stolen in Security Incident

"UK-based cryptocurrency exchange EXMO informed customers on Monday that it discovered large withdrawals from its hot wallets."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Huntsville City Schools warns about personal information possibly compromised in cyber attack

"On Monday, Huntsville City Schools warned parents about personal information being compromised in the school system's ransomware attack."

Link

TLP¹ : Green

• Trucking giant Forward Air hit by new Hades ransomware gang

"Trucking and freight logistics company Forward Air has suffered a ransomware attack by a new ransomware gang that has impacted the company's business operations."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days, Patches and Exploits

• Critical Dell Wyse Bugs Let Attackers to Execute Code and Access Files and Credentials

"The giant Dell Wyse is affected by two Critical Vulnerabilities CVE-2020-29491 and CVE-2020-29492 which targets thin client devices."

Link

TLP¹ : Green

• Wordpress Epsilon Framework Multiple Themes - Unauthenticated Function Injection

"Fifteen WordPress themes use a vulnerable version of epsilon-framework that vulnerable to a critical unauthenticated function injection vulnerability, due to the lack of capability and CSRF nonce checks in AJAX actions."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Security as Code: How Repeatable Policy-Driven Deployment Improves Security

"The SaC approach lets users codify and enforce a secure state of application configuration deployment that limits risk."

Link

TLP¹ : Green

• 5 Email Threat Predictions for 2021

"As domains get cheaper, account takeovers get easier, and cloud computing usage expands, email-borne attacks will take advantage."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• ToRat : A Remote Administration Tool Written In Go Using Tor As A Transport Mechanism & RPC For Communication

"ToRat is a Cross Platform Remote Administration tool written in Go using Tor as its transport mechanism currently supporting Windows, Linux, MacOS clients."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp