Infosec News 20210630

  • Publicado: Qua, 30/06/2021 - 09:16

Top News


  • Russia intends to sign agreements with a number of countries in the field of cybersecurity

"Deputy Secretary of the Security Council of the Russian Federation Oleg Khramov named several countries with which Moscow plans to sign agreements on cooperation in the field of cybersecurity"

Link

TLP1 : Green

  • Russian-based DoubleVPN seized by law enforcement

"Law enforcement seized the servers and customer logs for DoubleVPN, a double-encryption service widely used by threat actors for malicious purposes"

Link

  • Follow-up: SolarWinds hackers remained hidden in Denmark’s central bank for months

"Russia-linked threat actors compromised Denmark’s central bank (Danmarks Nationalbank) and remained in its systems for months. Russia-linked threat actors infected the systems of Denmark’s central bank (Danmarks Nationalbank) and maintained access to its network for more than six months. The security breach is the result of the SolarWinds supply chain attack that was carried out"

Link

TLP1 : Green

  • Pirated Games Spreading Cryptojacking Malware

"A new Monero cryptojacking malware has been discovered spreading via cracked versions of well-known online games. According to researchers, the threat is identified as Crackonosh. It wipes out antivirus programs, along with mining cryptocurrency in more than a dozen countries"

Link

TLP1 : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism


  • Colombia Catches Hacker Wanted in the U.S. for 'Gozi' Virus

"Colombian officials say they have arrested a Romanian hacker who is wanted in the U.S. for distributing a virus that infected more than a million computers from 2007 to 2012"

Link

TLP1 : Green

  • Malvuln Project Catalogues 260 Vulnerabilities Found in Malware

"Malvuln has catalogued hundreds of vulnerabilities discovered in malware, and while the project has yet to actually prove useful to anyone, its developer is not discouraged"

Link

TLP1 : Green

  • Cryptocurrency-related cyberattacks are on the rise: Report

"Cyberattacks are quickly followed by impersonation attacks, which led to its growth by 192 per cent"

Link

TLP1 : Green

Breaches: Data Breaches and Hacks


  • Microsoft's Halo dev site breached using dependency hijacking

"Microsoft has once again been successfully hit by a dependency hijacking attack"

Link

TLP1 : Green

  • New LinkedIn breach exposes data of 700 Million users

"A new massive LinkedIn breach made the headlines, the leak reportedly exposes the data of 700M users, more than 92% of the total 756M users"

Link

TLP1 : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits


  • Authentication Bypass in Adobe Experience Manager Impacts Large Organizations

"Multiple large organizations were found to be impacted by an authentication bypass in Adobe Experience Manager CRX Package Manager, according to a warning from security vendor Detectify"

Link

TLP1 : Green

  • NFC flaws let researchers hack an ATM by waving a phone

"Flaws in card-reader technology can wreak havoc with point-of-sale systems and more"

Link

TLP1 : Green

  • PoC exploit accidentally leaks for dangerous Windows PrintNightmare bug

"Proof-of-concept exploit code has been published online today for a vulnerability in the Windows Print Spooler service that can allow a total compromise of Windows systems"

Link

  • Denial of service in Apache Traffic Server

"The vulnerability exists due to insufficient validation of user-supplied input in the experimental Slicer plugin. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack"

Link

TLP1 : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling


  • Nefilim Ransomware Attack Through a MITRE Att&ck Lens

"Nefilim is among a new breed of ransomware families that use advanced techniques for a more targeted and virulent attack. It is operated by a group that we track under the intrusion set "Water Roc". This group combines advanced techniques with legitimate tools to make them significantly harder to detect and respond before it is too late"

Link

TLP1 : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography


  • WAF-A-MoLE - A Guided Mutation-Based Fuzzer For ML-based Web Application Firewalls

" guided mutation-based fuzzer for ML-based Web Application Firewalls, inspired by AFL and based on the FuzzingBook by Andreas Zeller et al"

Link

TLP1 : Green

  • Covenant for Pentester: Basics

" This article will showcase the installation, process for compromising a Windows Machine, and the various attacks and tasks that can be performed on that compromised machine through Covenant."

Link

TLP1 : Green

  • Risks of Evidentiary Software

" Over at Lawfare, Susan Landau has an excellent essay on the risks posed by software used to collect evidence (a Breathalyzer is probably the most obvious example).
Bugs and vulnerabilities can lead to inaccurate evidence, but the proprietary nature of software makes it hard for defendants to examine it."

Link

TLP1 : Green

 

1Traffic Light Protocol (TLP) [1] for information sharing:

 

 

  • Red:Not for disclosure, restricted to participants only.
  • Amber: Limited disclosure, restricted to participants organizations.
  • Green: Limited disclosure, restricted to the community.

 


[1]https://www.first.org/tlp