Infosec News 20210628
Top News
-
Crackonosh Monero miner made $2M after infecting 222,000 Win systems
"Researchers have discovered a strain of cryptocurrency-mining malware, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. "
TLP1 : Green
-
Microsoft: Russia-linked SolarWinds hackers breached three new entities
"Microsoft discovered that Russia-linked SolarWinds hackers, tracked as Nobelium, have breached the network of three new organizations"
TLP1 : Green
-
Microsoft signed a driver called Netfilter, turns out it contained malware
"Microsoft acknowledged the incident and currently investigating the issue but at the same time downplaying its impact."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Hackers target Cisco ASA devices after a PoC exploit code was published online
"Experts warn of attacks against Cisco ASA devices after researchers have published a PoC exploit code on Twitter for a known XSS vulnerability."
TLP1 : Green
-
The WhatsApp-SMS Hijack Scam Claims More Victims
"Some scams come and go while others come and go and then return. So is the story of the WhatsApp-SMS scam. It has been around for a while, but, for some reason, it has been seeing a recent resurgence. Here is how it works."
TLP1 : Green
-
Western Digital My Book Live hard drives remotely wiped by hackers
"In recent news, people are shocked to find out all of their data stored on their Western Digital My Book Live hard drives has been wiped out through a factory reset. "
TLP1 : Green
Breaches: Data Breaches and Hacks
-
MSO app vendor hit by 'cyber incident', OneService app users not affected
"A Municipal Services Office (MSO) vendor has been affected by a "cyber incident", in which a "malicious actor" deleted data related to push notifications for MSO’s OneService application."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Inkdrop CVE-2021-20745
"Inkdrop versions prior to v5.3.1 allows an attacker to execute arbitrary OS commands on the system where it runs by loading a file or code snippet containing an invalid iframe into Inkdrop."
TLP1 : Green
-
WordPress CVE-2021-20746
"Cross-site scripting vulnerability in WordPress Popular Posts 5.3.2 and earlier allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
7 keys to evaluating zero trust security frameworks
"Zero trust as a framework for securing modern enterprises has been around for years, but is drawing renewed attention with the increase in cyberattacks."
TLP1 : Green
-
EU, U.S. Partner on Malware, Cybersecurity Defense
"Last week, the world’s major democratic governments took steps to coordinate cybersecurity defenses, with the European Union and the United States launching an initiative to combat ransomware, which has become an increasingly critical national security issue."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
HoneyCreds - Network Credential Injection To Detect Responder And Other Network Poisoners
"HoneyCreds network credential injection to detect responder and other network poisoners. "
TLP1 : Green
-
Mythic - A Collaborative, Multi-Platform, Red Teaming Framework
"A cross-platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI. It's designed to provide a collaborative and user friendly interface for operators, managers, and reporting throughout red teaming."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.