Top News

• Remote Hacker Caught Poisoning Florida City Water Supply

"Hacker Remotely Increased Sodium Hydroxide Levels in Florida City’s Water from 100 Parts Per Million to 11,100 Parts Per Million."

Link

TLP¹ : Green

• Over 1,200 Iranians Targeted in Domestic Surveillance Campaign

"More than 1,200 Iranian citizens have been targeted in extensive cyber-surveillance operations backed by the Iranian government, researchers with cybersecurity firm Check Point report."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Follow-up: SonicWall Zero-Day

"In an email, an NCC Group spokeswoman wrote: “Our team has observed signs of an attempted exploitation of a vulnerabilitythat affects the SonicWall SMA 100 series devices."

Link

TLP¹ : Green

• Microsoft to add 'nation-state activity alerts' to Defender for Office 365

"Microsoft is working on adding a new security alert to the dashboard of Microsoft Defender for Office 365 (formerly Office 365 Advanced Threat Protection) that will notify companies when their employees are being targeted by nation-state threat actors."

Link

TLP¹ : Green

• Private messages between Mensa forum members are leaked onto the internet

"There’s still some confusion about precisely what has been going on at the British branch of Mensa, the club for people who have scored highly in an IQ test but who feel their social lives would be improved by hanging out with other people who chose to join a club after scoring highly in an IQ test."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Hundred thousand Spotify accounts leaked in credential stuffing attack

"It was recently revealed that Spotify has suffered its second credential stuffing attack in three months. It is estimated that almost a hundred thousand accounts can face a takeover."

Link

TLP¹ : Green

• CD Projekt RED hit by cyber attack with ransom note from hackers

"Polish developer CD Projekt RED has been hit by a cyber attack with some internal systems compromised as hacker sends ransom note."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

"According to this comprehensive breakdown of the phishing toolkit, the U-Admin control panel isn’t sold on its own, but rather it is included when customers contact the developer and purchase a set of phishing pages designed to mimic a specific brand — such as a bank website or social media platform."

Link

TLP¹ : Green

• Android App Infects Millions of Devices With a Single Update

"The popular Barcode Scanner app, which as been available on Google Play for years, turned malicious with one software update."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Google last week announced the launch of OSV (Open Source Vulnerabilities)

"OSV should make it easier for the users of open source software to find out which vulnerabilities impact them. It can also help maintainers of open source software accurately identify all versions and commits impacted by a flaw across all their branches."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• White Hat, Black Hat, and Grey Hat Hackers: What Do They Do, and What Is the Difference Between Them?

"Picture this: a young person is in a dark room. The only thing visible is their figure, as it is just barely lit by the blinding LEDs of their computer screen."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp