Top News

• Experts: False Claims on Voting Machines Obscure Real Flaws

"The aftermath of the election put an intense spotlight on voting machines as supporters of former President Donald Trump claimed victory was stolen from him. While the theories were unproven — and many outlandish and blatantly false — election security experts say there are real concerns that need to be addressed."

Link

TLP¹ : Green

• Facebook Adds End-to-End Encryption to Calls in Messenger

"Messenger has been offering support for end-to-end encrypted text chats for roughly five years, and Facebook has decided to expand the security feature to voice and video calling as well, after observing an increase in the use of these capabilities over the past year."

Link

TLP¹ : Green

• [Follow Up] T-Mobile USA investigates possible breach after hacker offers to sell customer data

"A hacker is offering for sale what they claim to be the personal data of over 100 million people, stolen from the servers of T-Mobile USA.As first reported by Joseph Cox of Vice, information including the names, phone numbers, physical addresses, IMEI device numbers, driving license information, and social security numbers of T-Mobile customers is being offered for sale after an alleged breach of multiple servers at T-Mobile USA.The person claiming to have hacked T-Mobile says that they are part of a gang that had access to the telecom operator’s systems for 2-3 weeks until this weekend."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Hacker Pleads Guilty to SIM Swapping Attacks, Cryptocurrency Theft

"The man, Declan Harrington, 21, together with co-conspirator Eric Meiggs and others, targeted people who were believed to have significant amounts of cryptocurrency or high-value social media accounts, also referred to as OG (Original Gangster) accounts, through a method called SIM swapping."

Link

TLP¹ : Green

• Colonial Pipeline Confirms Personal Information Impacted in Ransomware Attack

"Colonial Pipeline has started sending out notification letters to inform more than 5000 people that their personal information was compromised in a ransomware attack earlier this year."

Link

TLP¹ : Green

• A job ad published by the UK’s Ministry of Defence revealed a secret hacking squad

"The existence of a secret SAS mobile hacker squad, named MAB5 and under the control of the Computer Network Operations (CNO) Exploitation, was revealed by a job ad published by the UK’s Ministry of Defence on an external website, reported Alan Turnbull of Secret Bases."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• 1.9 million+ records from the FBI’s terrorist watchlist available online

"A security researcher discovered that a secret FBI’s terrorist watchlist was accidentally exposed on the internet for three weeks between July and August 2021."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Voltage Glitching Attack on AMD Chips Poses Risk to Cloud Environments

"Researchers have described a voltage glitching attack that shows AMD’s Secure Encrypted Virtualization (SEV) technology may not provide proper protection for confidential data in cloud environments."

Link

TLP¹ : Green

• Cloud Foundry UAA Server up to 75.3.x redirect

A vulnerability, which was classified as problematic, was found in Cloud Foundry UAA Server up to 75.3.x (Cloud Software). Affected is an unknown functionality. The manipulation with an unknown input leads to a redirect vulnerability. CWE is classifying the issue as CWE-601."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Can your SOC neutralize 5th generation cyber threats?

"The scale and complexity of cyber threats have evolved significantly over the years. At the same time, businesses have updated their security infrastructure to counter new threats and vulnerabilities. In the 1980s the first-generation attacks targeted standalone PCs, and security vendors offered several antivirus software to counter these attacks. Post the internet era, the second-generation attack came in the picture when individual hackers started communicating and sharing their skills as they saw financial benefits in targeting businesses. In the third -generation application attacks, cyberbullies began exploiting security flaws or backdoors in the corporate security frameworks and applications."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Linux Kernel Defence Map

"Linux kernel security is a very complex topic. Some defence technologies are provided by the Linux kernel mainline. Others are going out‑of‑tree for various reasons (some of them are commercial, for example). Plus there are kernel defences that depend on special hardware features."

Link

TLP¹ : Green

• 25 Useful IPtable Firewall Rules Every Linux Administrator Should Know

"This is where iptables come in handy. Iptables is a Linux command line firewall that allows system administrators to manage incoming and outgoing traffic via a set of configurable table rules. Iptables uses a set of tables which have chains that contain set of built-in or user defined rules. Thanks to them a system administrator can properly filter the network traffic of his system."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp