InfoSec News 20210323
Top News
-
Thousands of Exchange servers breached prior to patching, CISA boss says
"A U.S. government cybersecurity official on Monday warned organizations not to have a false sense of security when it comes to vulnerabilities in Microsoft Exchange Server software, noting that “thousands” of computer servers with updated software had already been breached."
TLP1 : Green
-
Researchers Raise Alarm for F5 BIG-IP Malware Attacks
"The urgency to patch gaping security holes in F5 Networks BIG-IP and BIG-IQ products escalated over the weekend after researchers spotted malicious in-the-wild attack activity."
TLP1 : Green
-
UK Unveils Plan for Smaller, More High-Tech Armed Forces
"Britain plans to cut the size of its army and boost spending on drones, robots and a new “cyber force” under defense plans announced by the government on Monday."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Ransomware gang says it targets firms who have cyber insurance
"The Record published an interesting interview last week with “Unknown”, a representative of the notorious REvil ransomware gang."
TLP1 : Green
-
RedTorch Formed from Ashes of Norse Corp.
"Remember Norse Corp., the company behind the interactive “pew-pew” cyber attack map shown in the image below? Norse imploded rather suddenly in 2016 following a series of managerial missteps and funding debacles."
TLP1 : Green
-
Researchers Discover Two Dozen Malicious Chrome Extensions
"Extensions are being used to serve up unwanted adds, steal data, and divert users to malicious sites, Cato Networks says."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Shell Says Personal, Corporate Data Stolen in Accellion Security Incident
"Oil and gas giant Royal Dutch Shell (Shell) is the latest company to have confirmed impact from the December 2020 cyber-attack on Accellion’s File Transfer Appliance (FTA) file sharing service."
TLP1 : Green
-
MangaDex website taken offline following cyber-attack, data breach
"Owners of manga fan site are rebuilding the codebase following series of security incidents"
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
WARNING: A New Android Zero-Day Vulnerability Is Under Active Attack
"Google has disclosed that a now-patched vulnerability affecting Android devices that use Qualcomm chipsets is being weaponized by attackers to launch targeted attacks."
TLP1 : Green
-
Microsoft Exchange servers now targeted by Black Kingdom ransomware
"Another ransomware operation known as 'Black Kingdom' is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers."
TLP1 : Green
-
Remote Code Execution Vulnerability Patched in Apache OFBiz
"One of the vulnerabilities addressed by the latest update for Apache OFBiz is an unsafe Java deserialization issue that could be exploited to execute code remotely, without authentication."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
When & How to Report Security Incidents
"The European Union Agency for Cybersecurity (ENISA) releases new guidelines to facilitate the reporting of security incidents by national telecom security authorities. "
TLP1 : Green
-
Critical code execution vulnerability fixed in Adobe ColdFusion
"Adobe has released out-of-band security updates to address a critical vulnerability impacting ColdFusion versions 2021, 2016, and 2018."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Mole - A Framework For Identifying And Exploiting Out-Of-Band Application Vulnerabilities
"A framework for identifying and exploiting out-of-band (OOB) vulnerabilities."
TLP1 : Green
-
ProxyLogon - PoC Exploit for Microsoft Exchange
"PoC Exploit for Microsoft Exchange"
TLP1 : Green
-
Only 14% of domains worldwide truly protected from spoofing with DMARC enforcement
"While the DMARC enforcement rate increases, 3 billion messages per day are still spoofing the sender’s identity, Valimail reveals."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.