InfoSec News 20210216
Top News
-
French and Ukrainian police arrested Egregor ransomware affiliates/partners in Ukraine
"An international operation conducted in Ukraine and France lead to the arrest of criminals believed to be affiliated with the Egregor RaaS"
TLP1 : Green
-
France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers
"French agency ANSSI attributes a series of attacks targeting Centreon servers to the Russia-linked Sandworm APT group"
TLP1 : Green
-
Court docs show FBI can unlock iPhones, access Signal messages
"Court documents obtained by media have revealed the FBI has specific tools that allow the bureau to access private Signal messages even on locked iPhones"
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
The malicious code in SolarWinds attack was the work of 1,000+ developers
"Microsoft says it found 1,000-plus developers’ fingerprints on the SolarWinds attack. Microsoft’s analysis of the SolarWinds supply chain attack revealed that the code used by the threat actors was the work of a thousand developers"
TLP1 : Green
-
The kingpin behind Joker’s Stash retires with a billionaire exit
"The administrators of the most popular carding marketplace on the dark web Joker’s Stash announced his retirement"
TLP1 : Green
-
Turkey’s Free Speech Clampdown Hits Twitter, Clubhouse -- But Most of All, The Turkish People
"EFF has been tracking the Turkish government’s crackdown on tech platforms and its continuing efforts to force them to comply with draconian rules on content control and access to users’ data"
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Dax-Côte d’Argent hospital in France hit by ransomware attack
"A hospital in southwest France is scrambling to recover from a ransomware attack that has caused significant operational disruption"
TLP1 : Green
-
DarkSide Ransomware gang hits Canadian rental car company
"Canadian Discount Car and Truck Rentals hit by DarkSide ransomware gang where the hackers claim to have stolen 120 GB of data"
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days, Patches and Exploits
-
VMware fixes command injection issue in vSphere Replication
"VMware released security patches for a potentially serious vulnerability affecting the vSphere Replication product"
TLP1 : Green
-
NurseryCam has serious security issues, claims researcher
"Security consultant Andrew Tierney, perhaps better known by the moniker “Cybergibbons”, has found disturbing security holes in a widely-used CCTV service designed to let parents remotely watch their children playing at nursery"
TLP1 : Green
-
Vendor Ships Unofficial Patch for IE Zero-Day Vulnerability
"Slovenia-based cybersecurity research company ACROS Security last week announced the release of an unofficial micro-patch for a zero-day vulnerability in Microsoft Internet Explorer (IE) that North Korean hackers are believed to have exploited in a campaign targeting security researchers"
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Network Segmentation Series: What is It?
"Network segmentation is the process of breaking a network into smaller networks"
TLP1 : Green
-
How to choose a Zero Trust architecture: SDP or Reverse-Proxy?
"Zero Trust Network Access (ZTNA) is the next generation access solution that is set to be a key part of IT administrators toolkits, displacing longstanding Virtual Private Networks (VPN)"
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Gitlab-Watchman - Monitoring GitLab For Sensitive Data Shared Publicly
"GitLab Watchman is an application that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.