Top News

• Hackers selling access to FIFA matchmaking servers and other games after EA attack

"According to a message from attackers, 780 GB were stolen from EA during the hack."

Link

TLP¹ : Green

• Huawei reveals 'cybersecurity framework' with launch of China transparency centre

"Chinese tech giant kicks into PR overdrive, pledging its commitment to cybersecurity with the opening of its latest transparency centre in Dongguan, adding to similar sites in Belgium and the UK, and release of a security baseline framework that it adopts for its products."

Link

TLP¹ : Green

• ALPACA: New TLS Attack Allows User Data Extraction, Code Execution

"Researchers from three universities in Germany have identified a new TLS attack method that can allow a man-in-the-middle (MitM) attacker to extract user data or execute arbitrary code."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• This new hacking group has a nasty surprise for African, Middle East diplomats

"The newly-discovered APT pulls no punches when it comes to cyberespionage."

Link

TLP¹ : Green

• Russia-linked APT breached the network of Dutch police in 2017

"Russia-linked cyberspies breached the internal network of Dutch police in 2017 while the authorities were investigating the crash of the MH-17."

Link

TLP¹ : Green

• Hackers hit Spain’s Ministry of Labor and Social Economy

"The Spanish Ministry of Labor and Social Economy (MITES) was hit by a cyberattack and is working to restore impacted services."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Ransomware: Meat firm JBS says it paid out $11m after attack

"Global meatpacker JBS USA has paid $11 million in Bitcoin to cyberattackers that encrypted its files and disrupted operations in the US and Australia with ransomware, the company has said. "

Link

TLP¹ : Green

• U.S. Authorities Shut Down Slilpp—Largest Marketplace for Stolen Logins

"The U.S. Department of Justice (DoJ) Thursday said it disrupted and took down the infrastructure of an underground marketplace known as "Slilpp" that specialized in trading stolen login credentials as part of an international law enforcement operation."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Intel Releases 29 Advisories to Describe 73 Vulnerabilities Affecting Its Products

"Intel this week announced the availability of patches for 73 vulnerabilities identified across multiple products, including several high-severity flaws that can be exploited to escalate privileges."

Link

TLP¹ : Green

• Google Patches Chrome zero-day actively exploited

"Google this week addressed 14 vulnerabilities in the Chrome browser, including a zero-day flaw that has been exploited in the wild."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Prometheus Ransomware Gang: A Group of REvil?

"Unit 42 has spent the past four months following the activities of Prometheus, a new player in the ransomware world that uses similar malware and tactics to ransomware veteran Thanos."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug

"polkit is a system service installed by default on many Linux distributions. It’s used by systemd, so any Linux distribution that uses systemd also uses polkit. As a member of GitHub Security Lab, my job is to help improve the security of open source software by finding and reporting vulnerabilities. A few weeks ago, I found a privilege escalation vulnerability in polkit. I coordinated the disclosure of the vulnerability with the polkit maintainers and with Red Hat’s security team. It was publicly disclosed, the fix was released on June 3, 2021, and it was assigned CVE-2021-3560."

Link

TLP¹ : Green

• Fuzzing the Office Ecosystem

"Microsoft Office is a very commonly used software that can be found on almost any standard computer. It is also integrated inside many products of the Microsoft / Windows ecosystem such as Office itself, Outlook and Office Online. In this blog, we describe our attempts to fuzz a specific component in Microsoft Office and how the results affect this whole ecosystem. We also evaluate the pros and cons of the different fuzzing solutions we experimented with in the course of our research."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp