Infosec News 20210701
Top News
-
DevOps platform JFrog acquires AI-based IoT and connected device security specialist Vdoo for $300M
"The company is acquiring Vdoo, which has built an AI-based platform that can be used to detect and fix vulnerabilities in the software systems that work with and sit on IoT and connected devices. The deal — in a mix of cash and stock — is valued at approximately $300 million, JFrog confirmed to me."
TLP1 : Green
-
Facebook Sues 4 Vietnamese for Hacking Accounts and $36 Million Ad Fraud
"Facebook on Tuesday revealed it filed two separate legal actions against perpetrators who abused its ad platform to run deceptive advertisements in violation of the company's Terms and Advertising Policies."
TLP1 : Green
-
Received a WhatsApp verification code without requesting it? Beware – you might be about to have your account stolen.
"Police in the UK are warning WhatsApp users of a surge they have seen in attempts made by fraudsters to steal accounts."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
This crooked VPN service was collecting user data the whole time
"A Russian-based VPN service that was popular among cybercriminals has been seized by an international law enforcement operation led by the Dutch National Police with support from Europol and Eurojust."
TLP1 : Green
-
Cybersecurity Workers Flood Twitter With Bikini Pics to Protest Harassment
"After a woman got harassed for posting a bikini selfie, several members of the cybersecurity community posted their own selfies to show solidarity. "
TLP1 : Green
-
UK arm of international charity the Salvation Army hit by ransomware attack
"Criminals infected the Salvation Army in the UK with ransomware and siphoned the organisation's data, The Register has learned."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Follow-up: LinkedIn denies exposure of 700 million user records is a data breach
"LinkedIn has forcefully denied the exposure of data relating to 700 million users of its workplace networking platform – over 90% of its total user base – which has been offered for sale on the dark web, is a data breach, insisting that since the data was scraped by malicious actors it is not at fault."
TLP1 : Green
-
White House Plans to Attribute the Microsoft Exchange Hack Soon
"Microsoft has already attributed the broad-scale compromise of its on-premises mail servers to Chinese nation-state actors."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Vulnerability Found in Industrial Remote Access Product From Claroty
"The Secure Remote Access (SRA) product of industrial cybersecurity firm Claroty is affected by a vulnerability that could be useful to threat actors targeting industrial organizations."
TLP1 : Green
-
Zero-Day Vulnerability Exploited in Recent Attacks on WD Storage Devices
"Western Digital (WD) on Tuesday confirmed that the recent attacks targeting some of its older network-attached storage (NAS) devices involved the exploitation of a zero-day vulnerability."
TLP1 : Green
-
Major Linux RPM problem uncovered
"Red Hat has used RPM for software package distribution for decades, but we now know RPM contained a nasty hidden security bug since Day One. It's now been unveiled and a repair patch has been submitted."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
GAO Offers Recommendations to Improve Space Agency's Cyber Protections
"A government watchdog is urging NASA's administrator to make multiple improvements to its cybersecurity and risk management policies to counter threats to the space agency's network infrastructure and data, according to a report released this week.."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
CISA’s CSET Tool Sets Sights on Ransomware Threat
"CISA has released a new module in its Cyber Security Evaluation Tool (CSET): the Ransomware Readiness Assessment (RRA). CSET is a desktop software tool that guides network defenders through a step-by-step process to evaluate their cybersecurity practices on their networks."
TLP1 : Green
-
Wireless Penetration Testing: Airgeddon
"You’ll discover how to use airgeddon for Wi-Fi hacking in this article. It enables the capture of the WPA/WPA2 and PKMID handshakes in order to start a brute force assault on the Wi-Fi password key. It also aids in the creation of a fictitious AP for launching Evil Twin Attack by luring clients into the captive portal."
TLP1 : Green
-
Twitter now lets you set a security key as your only two-factor authentication method
"YIn March, Twitter said it would soon let you use a security key as your only two-factor authentication method, and on Wednesday, it announced that feature was live on both mobile and web.
Being able to use a security key as one of your two-factor authentication methods isn’t new, but now you can make it the only one, if you want to. Physical security keys have advantages over other two-factor methods like an authenticator app or SMS because they don’t rely on a code that a bad actor could intercept."
TLP1 : Green
-
Red-Shadow - Lightspin AWS IAM Vulnerability Scanner
"Scan your AWS IAM Configuration for shadow admins in AWS IAM based on misconfigured deny policies not affecting users in groups discovered by Lightspin's Security Research Team."
TLP1 : Green
-
Forblaze - A Python Mac Steganography Payload Generator
"Forblaze is a project designed to provide steganography capabilities to Mac OS payloads. Using python3, it will build an Obj-C file for you which will be compiled to pull desired encrypted URLs out of the stego file, fetch payloads over https, and execute them directly into memory."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.