Infosec News 20210630
Top News
-
Russia intends to sign agreements with a number of countries in the field of cybersecurity
"Deputy Secretary of the Security Council of the Russian Federation Oleg Khramov named several countries with which Moscow plans to sign agreements on cooperation in the field of cybersecurity"
TLP1 : Green
-
Russian-based DoubleVPN seized by law enforcement
"Law enforcement seized the servers and customer logs for DoubleVPN, a double-encryption service widely used by threat actors for malicious purposes"
-
Follow-up: SolarWinds hackers remained hidden in Denmark’s central bank for months
"Russia-linked threat actors compromised Denmark’s central bank (Danmarks Nationalbank) and remained in its systems for months. Russia-linked threat actors infected the systems of Denmark’s central bank (Danmarks Nationalbank) and maintained access to its network for more than six months. The security breach is the result of the SolarWinds supply chain attack that was carried out"
TLP1 : Green
-
Pirated Games Spreading Cryptojacking Malware
"A new Monero cryptojacking malware has been discovered spreading via cracked versions of well-known online games. According to researchers, the threat is identified as Crackonosh. It wipes out antivirus programs, along with mining cryptocurrency in more than a dozen countries"
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Colombia Catches Hacker Wanted in the U.S. for 'Gozi' Virus
"Colombian officials say they have arrested a Romanian hacker who is wanted in the U.S. for distributing a virus that infected more than a million computers from 2007 to 2012"
TLP1 : Green
-
Malvuln Project Catalogues 260 Vulnerabilities Found in Malware
"Malvuln has catalogued hundreds of vulnerabilities discovered in malware, and while the project has yet to actually prove useful to anyone, its developer is not discouraged"
TLP1 : Green
-
Cryptocurrency-related cyberattacks are on the rise: Report
"Cyberattacks are quickly followed by impersonation attacks, which led to its growth by 192 per cent"
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Microsoft's Halo dev site breached using dependency hijacking
"Microsoft has once again been successfully hit by a dependency hijacking attack"
TLP1 : Green
-
New LinkedIn breach exposes data of 700 Million users
"A new massive LinkedIn breach made the headlines, the leak reportedly exposes the data of 700M users, more than 92% of the total 756M users"
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Authentication Bypass in Adobe Experience Manager Impacts Large Organizations
"Multiple large organizations were found to be impacted by an authentication bypass in Adobe Experience Manager CRX Package Manager, according to a warning from security vendor Detectify"
TLP1 : Green
-
NFC flaws let researchers hack an ATM by waving a phone
"Flaws in card-reader technology can wreak havoc with point-of-sale systems and more"
TLP1 : Green
-
PoC exploit accidentally leaks for dangerous Windows PrintNightmare bug
"Proof-of-concept exploit code has been published online today for a vulnerability in the Windows Print Spooler service that can allow a total compromise of Windows systems"
-
Denial of service in Apache Traffic Server
"The vulnerability exists due to insufficient validation of user-supplied input in the experimental Slicer plugin. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack"
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Nefilim Ransomware Attack Through a MITRE Att&ck Lens
"Nefilim is among a new breed of ransomware families that use advanced techniques for a more targeted and virulent attack. It is operated by a group that we track under the intrusion set "Water Roc". This group combines advanced techniques with legitimate tools to make them significantly harder to detect and respond before it is too late"
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
WAF-A-MoLE - A Guided Mutation-Based Fuzzer For ML-based Web Application Firewalls
" guided mutation-based fuzzer for ML-based Web Application Firewalls, inspired by AFL and based on the FuzzingBook by Andreas Zeller et al"
TLP1 : Green
-
Covenant for Pentester: Basics
" This article will showcase the installation, process for compromising a Windows Machine, and the various attacks and tasks that can be performed on that compromised machine through Covenant."
TLP1 : Green
-
Risks of Evidentiary Software
" Over at Lawfare, Susan Landau has an excellent essay on the risks posed by software used to collect evidence (a Breathalyzer is probably the most obvious example).
Bugs and vulnerabilities can lead to inaccurate evidence, but the proprietary nature of software makes it hard for defendants to examine it."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.