Top News

• Fraudsters Employ Amazon Voice Phishing Attacks in Fake Order Scams

"In case studies published by Armorblox, it highlighted two Amazon vishing attacks intent on stealing customer credit card details -- and how the use of voice messages can bypass existing spam filters."

Link

TLP¹ : Green

• Member of Russian Gang That Hacked Tax Prep Firms Sentenced to Prison in U.S.

"The United States Department of Justice this week announced the sentencing of a Russian national for his role in a group that attempted to obtain $1.5 million in tax refunds from the Department of the Treasury."

Link

TLP¹ : Green

• Alaska Health Department Website Targeted in Malware Attack

"The health department in a statement late Tuesday said its website was taken offline Monday while an investigation takes place. The statement did not say when the cyberattack was discovered, and Clinton Bennett, a department spokesperson, by email Wednesday said the department could not release that information “due to security reasons, and so we do not jeopardize the investigation.”"

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Cyber attack: Tool to restore stolen Irish health data tested

"A decryption tool that could enable Irish health authorities to restore data stolen in a cyber attack is being tested."

Link

TLP¹ : Green

• Followup:CISA, FBI release indicators of compromise for Colonial Pipeline attack

"The US Cybersecurity and Infrastructure Security Agency (CISA) Computer Emergency Response Team (CERT) has released the indicators of compromise for the ransomware attack that impacted Colonial Pipeline Company earlier this month."

Link

TLP¹ : Green

• Censorship, Surveillance and Profits: A Hard Bargain for Apple in China

"Good investigative reporting on how Apple is participating in and assisting with Chinese censorship and surveillance."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• UK recruitment firm exposed sensitive applicants data for months

"This data breach majorly affected the applicants whose CVs containing personal information were leaked due to misconfigured AWS S3 buckets, reports the research team at Website Planet."

Link

TLP¹ : Green

• Misconfigurations in 23 Android Apps Expose Over 100,000,000 Users' Personal Data

"The findings come from a study of 23 Android apps on the Google Play Store, some of which garnered 10,000 to 10 million downloads, such as Astro Guru, iFax, Logo Maker, Screen Recorder, and T'Leva. "

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Heap-based buffer overflow in Google Chrome could lead to code execution

"Proper heap grooming can give an attacker full control of this heap overflow vulnerability (CVE-2021-21160)"

Link

TLP¹ : Green

• Nmap 6.25 http-domino-enum-passwords.nse unrestricted upload

"A vulnerability has been found in Nmap 6.25 (Security Testing Software) and classified as critical."

Link

TLP¹ : Green

• Lessons Learned From High-Profile Exploits

"In 2020, malicious actors took full advantage of the expanded threat landscape created by the increase in remote work. We saw the reappearance of older malware targeting older, unpatched devices in home networks, a seven-fold increase in ransomware attacks, and one of the most significant supply chain hacks in recent years."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Cybersecurity Training: Raising Awareness And Securing Your Business

"A New Approach to Cybersecurity; Advice for Next Generation of CISOs The latest edition of the ISMG Security Report features highlights from RSA Conference 2021."

Link

TLP¹ : Green

• IMPLEMENTING QUALITY OF SERVICE MANAGEMENT FOR HYPER-V

"One of the big problems that virtualization admins sometimes encounter is the so-called noisy neighbor syndrome. The idea behind this is that a virtual machine may consume a disproportionate share of system resources to the point that it begins to degrade the performance of other virtual machines running on the host."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• ABPTTS - TCP Tunneling Over HTTP/HTTPS For Web Application Servers

"ABPTTS uses a Python client script and a web application server page/package[1] to tunnel TCP traffic over an HTTP/HTTPS connection to a web application server."

Link

TLP¹ : Green

• Etherblob-Explorer - Search And Extract Blob Files On The Ethereum Blockchain Network

"Search and extract blob files on the Ethereum network using Etherscan.io API."

Link

TLP¹ : Green

• Microsoft and Google Cloud Platforms Leveraged for Phishing Attacks

"With the global population moving to a more remote office structure because of the COVID-19 pandemic, it was inevitable for cybercriminals to take advantage of the situation. Security researchers have noticed an overall uptick in various schemes, many of them successful, like phishing attacks in the past year or so."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp