Infosec News 20210623
Top News
-
Russian security chief says Moscow will cooperate with US against hackers
"Russia will work together with the United States to locate cyber criminals, the RIA news agency quoted FSB security service chief Alexander Bortnikov as saying on Wednesday."
TLP1 : Green
-
US Takes Down Iran-linked News Sites, Alleges Disinformation
" American authorities seized a range of Iran’s state-linked news website domains they accused of spreading disinformation, the U.S. Justice Department said Tuesday, a move that appeared to be a far-reaching crackdown on Iranian media amid heightened tensions between the two countries."
TLP1 : Green
-
How Big Tech created a data ‘treasure trove’ for police, IT News, ET CIO
"When U.S. law enforcement officials need to cast a wide net for information, they’re increasingly turning to the vast digital ponds of personal data..."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
DarkRadiation Ransomware and an SSH Worm
"DarkRadiation ransomware has started targeting Linux and Docker containers."
TLP1 : Green
-
RedFoxtrot Group Linked to Unit 69010 from China
"Cyberespionage campaigns spread across several years were linked to the Chinese military group PLA Unit 69010."
TLP1 : Green
-
Much of Malware Found by Industrial Firms on USB Drives in 2020 Targeted OT
"Much of the malware discovered last year by industrial organizations on USB drives was capable of causing disruption to industrial control systems (ICS), according to a new report from Honeywell."
TLP1 : Green
-
Mollitiam Industries is the Newest Cyberweapons Arms Manufacturer
"Wired is reporting on a company called Mollitiam Industries:
Marketing materials left exposed online by a third-party claim Mollitiam’s interception products, dubbed “Invisible Man” and “Night Crawler,” are capable of remotely accessing a target’s files, location, and covertly turning on a device’s camera and microphone."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Millions of medical images, patient data remain exposed via PACS flaws
"In September 2019, ProPublica revealed millions of medical images were being exposed online through unsecured Picture Archiving and Communication Systems (PACS)."
TLP1 : Green
-
Ohio Medicaid Provider Suffers Data Breach
"A security incident at an Ohio Medicaid provider last month may have resulted in the theft of personal data."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Cross-site scripting in WordPress Popular Posts plugin
"The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks. The vulnerability exists due to insufficient sanitization of user-supplied data"
TLP1 : Green
-
VMware Patches Privilege Escalation Vulnerability in Tools for Windows
" A high-severity vulnerability that VMware patched this week in VMware Tools for Windows could be exploited to execute arbitrary code with elevated privileges."
TLP1 : Green
-
Palo Alto Networks Patches Critical Vulnerability in Cortex XSOAR
"A security advisory published on Tuesday by Palo Alto Networks informs customers about the availability of patches for a critical vulnerability affecting the company’s Cortex XSOAR product."
TLP1 : Green
-
Tor Browser Patches Application Probing Vulnerability
"A new version of the open-source Tor Browser was released this week with patches for multiple vulnerabilities, including one that could allow malicious websites to track users across browsers by identifying applications running on their devices."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
"While the debate rages on over an infrastructure bill aiming to shore up aging, ailing, and unsecured infrastructure, utility companies are looking for ways to stop the hemorrhaging now. Breaches like the Colonial Pipeline clearly demonstrate how cyberattacks are having widespread and real-world impacts on the industry."
TLP1 : Green
-
I Triggered a Ransomware Attack – Here’s What I Learned
"Ransomware attacks are perceived as complicated, confusing and dangerous."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
MITRE Adds D3FEND Countermeasures to ATT&CK Framework
"The U.S. government’s National Security Agency (NSA) on Tuesday announced plans to fund the development of a knowledge base of defensive countermeasures for the most common techniques used by malicious hackers."
TLP1 : Green
-
Vulnerabilities in Zephyr's Bluetooth LE Stack May Lead to DoS Attacks
"Multiple vulnerabilities recently patched in Zephyr's Bluetooth LE stack could be exploited to cause denial of service conditions, prevent further connections, or even leak sensitive information, according to a warning from researchers at the Synopsys Cybersecurity Research Center (CyRC)."
TLP1 : Green
-
VISHING ATTACKS ON THE RISE WITH NEWEST CAMPAIGN
"A research blog post from Armorblox is showing that voice phishing (or vishing) attacks are seeing a rise in activity. Vishing simply takes the concepts found in social engineering attacks like phishing emails and applies them to voice interactions. That shady man on the phone claiming to be an IRS agent so that he can steal your personal data? That’s a vishing attack."
TLP1 : Green
-
SASE Firm Cato Networks Revamps Managed Detection and Response Solution
"Cato Networks has released its managed detection and response solution – MDR 2.0 – built on its Secure Access Service Edge (SASE) platform. SASE effectively removes (it doesn’t eliminate) security into the cloud. Ideal for distributed environments and remote working, it channels work traffic from source to destination via its own cloud platform, where security and visibility is applied."
TLP1 : Green
-
Ioccheck - A Tool For Simplifying The Process Of Researching IOCs
"A tool for simplifying the process of researching file hashes, IP addresses, and other indicators of compromise (IOCs)."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.