Infosec News 20210407
Top News
-
Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof
"Days after a massive Facebook data leak made the headlines, it seems like we’re in for another one, this time involving LinkedIn."
TLP1 : Green
-
Microsoft Teams, Exchange Server, Windows 10 Hacked in Pwn2Own 2021
"Pwn2Own 2021 kicked off this week with successful attempts against Apple's Safari browser and Microsoft Teams, Microsoft Exchange, and Windows 10 on the first day of competition."
TLP1 : Green
-
After A Major Hack, U.S. Looks To Fix A Cyber 'Blind Spot'
"The National Security Agency considers itself the world's most formidable cyber power, with an army of computer warriors who constantly scan the wired world. Yet by law, the NSA only collects intelligence abroad, and not inside the U.S."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Sophos Links Mount Locker to Astro Locker Ransomware
"Security experts have uncovered a series of close links between ransomware groups Mount Locker and Astro Locker Team, in a new report that will be of interest to incident responders.."
TLP1 : Green
-
Cybercrimes at its peak! New techniques used for financial frauds
" There has been a surge in the cases of financial fraud in Bihar as cybercriminals have resorted to the hacking of phones to commit these crimes. "
TLP1 : Green
-
Smart TV tech loophole allowed miscreants to view private YouTube videos
"A security researcher earned a $6,000 bug bounty after uncovering a set of web security flaws that allowed attackers to play supposedly private YouTube videos."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Too slow! Booking.com fined for not reporting data breach fast enough
"The Dutch Data Protection Authority (DPA) – the country’s data protection regulator – has fined online travel and hotel booking company Booking.com almost half a million Euros over a data breach."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days, Patches and Exploits
-
Windows XP makes ransomware gangs work harder for their money
" A recently created ransomware decryptor illustrates how threat actors have to support Windows XP, even when Microsoft dropped supporting it seven years ago."
TLP1 : Green
-
Pre-installed auto installer threat found on Android mobile devices in Germany
"Users primarily located in Germany are experiencing malware that downloads and installs on their Gigaset mobile devices right out of the box"
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
LogRhythm NextGen SIEM Platform 7.7 offers enhanced detection and response capabilities
" The update introduces new features designed to streamline the threat detection and response process, including a new Timeline View that provides analysts with an easy-to-follow security narrative when investigating an incident."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
What's New in Fedora 34? 8 Reasons to Upgrade or Switch
"Considering Fedora? Now may be the time to switch. The new beta for Fedora 34 has been released with a selection of new features and improvements."
TLP1 : Green
-
All Eyes on PCAP: The Gold Standard of Traffic Analysis
"Considering Fedora? Now may be the time to switch. The new beta for Fedora 34 has been released with a selection of new features and improvements."
TLP1 : Green
-
WTF: Signal Adds Cryptocurrency Support
"According to Wired, Signal is adding support for the cryptocurrency MobileCoin, “a form of digital cash designed to work efficiently on mobile devices while protecting users’ privacy and even their anonymity.”"
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.