Top News

• Facebook says cyber spies in China targeted Uyghurs

"Facebook on Wednesday said it disrupted efforts by hackers in China to spy on supporters of the Uyghur minority living outside that country."

Link

TLP¹ : Green

• Total combined fraud losses climbed to $56 billion in 2020

"While total combined fraud losses climbed to $56 billion in 2020, identity fraud scams accounted for $43 billion of that cost. Traditional identity fraud losses totaled $13 billion, Javelin Strategy & Research reveals."

Link

TLP¹ : Green

• CNA insurance firm hit by a cyberattack, operations impacted

"CNA Financial, a leading US-based insurance company, has suffered a cyberattack impacting its business operations and shutting down its website."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Ransomware gangs have found another set of new targets: Schools and universities

"There's been a spike in ransomware attacks targeting schools, colleges and universities, the UK's National Cyber Security Centre (NCSC) has warned."

Link

TLP¹ : Green

• Microsoft: Ongoing, Expanding Campaign Bypassing Phishing Protections

"A phishing email campaign detailed earlier this month is expanding with the use of additional email services to hide malicious intent, according to a warning from software giant Microsoft."

Link

TLP¹ : Green

• Disrupting the Cybercriminal Supply Chain

"It is time to turn the tables on cybercriminals and use their own tactics against them."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Ransomware gang leaks data stolen from Colorado, Miami universities

"Grades and social security numbers for students at the University of Colorado and University of Miami patient data have been posted online by the Clop ransomware group."

Link

TLP¹ : Green

• High-availability server maker Stratus hit by ransomware

"Stratus Technologies has suffered a ransomware attack that required systems to be taken offline to prevent the attack's spread."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days, Patches and Exploits

• H2C smuggling proves effective against Azure, Cloudflare Access, and more

"Security researchers have harnessed the novel ‘H2C smuggling’ technique to achieve authentication, routing, and WAF bypasses on a number of leading cloud platforms."

Link

TLP¹ : Green

• Golang Bot Starts Targeting WordPress Websites

"Bitdefender researchers have identified a new version of an already-known vulnerability scanner that looks for a specific flaw in the “Ultimate GDPR & CCPA Compliance Toolkit” plugin for WordPress."

Link

TLP¹ : Green

• 5G network slicing vulnerability leaves enterprises exposed to cyberattacks

"AdaptiveMobile Security today publicly disclosed details of a major security flaw in the architecture of 5G network slicing and virtualized network functions."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Microsoft fixes Windows PSExec privilege elevation vulnerability

"Microsoft has fixed a vulnerability in the PsExec utility that allows local users to gain elevated privileges on Windows devices."

Link

TLP¹ : Green

• Cisco addresses critical bug in Windows, macOS Jabber clients

"Cisco has addressed a critical arbitrary program execution vulnerability impacting several versions of Cisco Jabber client software for Windows, macOS, Android, and iOS."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Software renewal scammers unmasked

"In this blog, we follow the trail from victim to scammer and identify one group running this shady business practice."

Link

TLP¹ : Green

• Tackling cross-site request forgery (CSRF) on company websites

"Everyone with half a mind for security will tell you not to click on links in emails, but few people can explain exactly why you shouldn’t do that (they will usually offer a canned ‘hackers can steal your credentials if you do’ explanation) Cross-Site Request Forgery (CSRF) is that reason."

Link

TLP¹ : Green

• The Case for Taking Down Dark Web Sites

"Ever since the first dark web monitoring services became available, around 2005, consumers of such services often asked – why aren’t these websites being taken down? After all, the sites that comprise the dark web are platforms and tools for illegal activities. The answer, which used to satisfy most, was that these sites are intelligence sources and taking them down means that the criminals will congregate somewhere else, somewhere that may not be known to those who monitor them.."

Link

TLP¹ : Green

• The Risks Of Dowloding APPS From Unauthorized APP Stores

"As an avid smartphone user, do you get frustrated at not finding the app you want on the official Google Play Store or App Store? For instance, if you are in India and wanted to check out TikTok, you won’t find it on either of these platforms as the Indian government has banned it for security reasons."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp