Infosec News 20210217
Top News
-
Microsoft: Web Shells Attacks Spreading Like Wildfire
"According to Microsoft, web shells are among critical tools used by hackers as it records around 140,000 web shells a month between August 2020 and January 2021."
TLP1 : Green
-
Automating scam call blocking sees Telstra prevent up to 500,000 calls a day
"Telstra said it is now blocking 6.5 million suspected scam calls a month, at times up to 500,000 a day, thanks to automating the former manual process that sat at around 1 million monthly scam calls."
TLP1 : Green
-
Hacker claims to have stolen files from law firm tied to Trump: WSJ
"A hacker is claiming to have stolen files from prominent law firm Jones Day, The files were posted to the dark web, according to the Journal, and included some documents that were reviewed by the newspaper."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Threat Actors Unite Against Healthcare Sector
"As if double extortion was not enough, the triple extortion tactic is here to be the next nightmare, especially for the healthcare sector."
TLP1 : Green
-
North Korea 'Tried to Hack' Pfizer for Vaccine Info - South's Spies: Reports
"North Korean hackers tried to break into the systems of Pfizer in a search for information on a COVID-19 vaccine and treatment technology, South Korea's spy agency said Tuesday, according to reports."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
A Sticker Sent On Telegram Could Have Exposed Your Secret Chats
"Cybersecurity researchers on Monday disclosed details of a now-patched flaw in the Telegram messaging app that could have exposed users' secret messages, photos, and videos to remote malicious actors."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Two vulnerabilities in Advantech WebAccess/SCADA
"A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure."
TLP1 : Green
-
Security Flaws Left Unpatched in SHAREit Android App with One Billion Downloads
"The bugs can be exploited to run malicious code on smartphones where the SHAREit app is installed, Echo Duan, a mobile threats analyst for security firm Trend Micro, said in a report on Monday."
TLP1 : Green
-
Malvertisers Exploited WebKit 0-Day to Redirect Browser Users to Scam Sites
"A malvertising group known as "ScamClub" exploited a zero-day vulnerability in WebKit-based browsers to inject malicious payloads that redirected users to fraudulent websites gift card scams."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Organizations need to be able to predict cyberattacks
" Cybersecurity efforts continue to be largely reactive – security teams detect intrusions after the fact, when cybercriminals have already breached the company’s network and stolen data or inserted malware that will do further damage later."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Microsoft will alert Office 365 admins of Forms phishing attempts
"Microsoft is adding new security warnings to the Security and Compliance Center (SCC) default alert policies to inform IT admins of detected phishing attempts abusing Microsoft Forms in their tenants."
TLP1 : Green
-
Chimera - A (Shiny And Very Hack-Ish) PowerShell Obfuscation Script Designed To Bypass AMSI And Commercial Antivirus Solutions
"Chimera is a (shiny and ver y hack-ish) PowerShell obfuscation script designed to bypass AMSI and antivirus solutions. It digests malicious PS1's known to trigger AV and uses string substitution and variable concatenation to evade common detection signatures."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.