Está aqui

InfoSec News 20210820

Publicado: Sex, 20/08/2021 - 10:21

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

Wanted: Disgruntled Employees to Deploy Ransomware

"Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection. Apparently now that includes emailing employees directly and asking them to unleash the malware inside their employer’s network in exchange for a percentage of any ransom amount paid by the victim company."

Link

TLP¹ : Green

If encryption is so good at protecting data, why do so many businesses succumb to cyberattacks?

"Cybercriminals use increasingly complex deception methods, and cybersecurity can be unfamiliar, unintuitive, or inconvenient to operate, recent Mimecast research reveals. No wonder most successful cyberattacks are due to human error."

Link

TLP¹ : Green

Attackers rapidly adopting new techniques to target users

"ShinyHunters, the notorious hacker is claiming to have access to the AT&T database containing personal and sensitive records of more than 70 million customers."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

AT&T breach? ShinyHunters selling AT&T database with 70 million SSN

"ShinyHunters, the notorious hacker is claiming to have access to the AT&T database containing personal and sensitive records of more than 70 million customers."

Link

TLP¹ : Green

637 flaws in industrial control system (ICS) products were published in H1 2021

"During the first half of 2021, 637 vulnerabilities affecting industrial control system (ICS) products were published, affecting products from 76 vendors. "

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

New Ubuntu Linux Security Patches Fix Up to Seven Vulnerabilities, Update Now

"The new Ubuntu Linux security patches are available for the Ubuntu 21.04 (Hirsute Hippo), Ubuntu 20.04 LTS (Focal Fossa), and Ubuntu 18.04 LTS (Bionic Beaver) operating system series, and addresses three security issues related to the Bluetooth subsystem and NFC implementation affecting all three releases."

Link

TLP¹ : Green

Linux Kernel 2.4.5 all memory corruption

"A vulnerability was found in Linux Kernel 2.4.5 (Operating System) and classified as critical. This issue affects the function all. The manipulation with an unknown input leads to a memory corruption vulnerability. Using CWE to declare the problem leads to CWE-119. Impacted is confidentiality, integrity, and availability."

Link

TLP¹ : Green

Researchers patch Microsoft's 'Petitpotam' vulnerability patch

"After false starts this August both by themselves and Microsoft with patches released for the PetitPotam bug not covering all attack vectors, security vendor 0Patch has released free fixes that address the vulnerability. "

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

CISA shares guidance on how to prevent ransomware data breaches

"The US Cybersecurity and Infrastructure Security Agency (CISA) has released guidance to help government and private sector organizations prevent data breaches resulting from ransomware double extortion schemes."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

REW-sploit - Emulate And Dissect MSF And *Other* Attacks

"Need help in analyzing Windows shellcode or attack coming from Metasploit Framework or Cobalt Strike (or may be also other malicious or obfuscated code)? Do you need to automate tasks with simple scripting? Do you want help to decrypt MSF generated traffic by extracting keys from payloads?
REW-sploit is here to help Blue Teams!"

Link

TLP¹ : Green

Allstar - GitHub App To Set And Enforce Security Policies

"Allstar is a GitHub App installed on organizations or repositories to set and enforce security policies. Its goal is to be able to continuously monitor and detect any GitHub setting or repository file contents that may be risky or do not follow security best practices."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

Red:Not for disclosure, restricted to participants only.
Amber: Limited disclosure, restricted to participants organizations.
Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp

Infosec News

Análise / Investigações

Campanha Social Engineering

Analise ao Emotet

Campanha Smishing CTT

Campanha de Phishing BBVA

Campanha de phishing/ malware Millennium BCP

Newsletters

Para subscrever ou anular a subscrição da nossa newsletter InfoSec, seleccione a opção e preencha os campos abaixo.

CSIRT.MAI

InfoSec News 20210820

Top News

Cloudflare says it mitigated a record-breaking 17.2M rps DDoS attack

Fake Cryptomining Apps Infect Users’ Phones via Google Play

New York charges ex-Kushner associate with cyberstalking months after Trump pardon

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

Wanted: Disgruntled Employees to Deploy Ransomware

If encryption is so good at protecting data, why do so many businesses succumb to cyberattacks?

Attackers rapidly adopting new techniques to target users

Breaches: Data Breaches and Hacks

AT&T breach? ShinyHunters selling AT&T database with 70 million SSN

637 flaws in industrial control system (ICS) products were published in H1 2021

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

New Ubuntu Linux Security Patches Fix Up to Seven Vulnerabilities, Update Now

Linux Kernel 2.4.5 all memory corruption

Researchers patch Microsoft's 'Petitpotam' vulnerability patch

Incident Response: Infrastructure, Training, SIEM and Incident Handling

CISA shares guidance on how to prevent ransomware data breaches

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

REW-sploit - Emulate And Dissect MSF And Other Attacks

Allstar - GitHub App To Set And Enforce Security Policies

Está aqui

InfoSec News 20210820

Top News

Cloudflare says it mitigated a record-breaking 17.2M rps DDoS attack

Fake Cryptomining Apps Infect Users’ Phones via Google Play

New York charges ex-Kushner associate with cyberstalking months after Trump pardon

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

Wanted: Disgruntled Employees to Deploy Ransomware

If encryption is so good at protecting data, why do so many businesses succumb to cyberattacks?

Attackers rapidly adopting new techniques to target users

Breaches: Data Breaches and Hacks

AT&T breach? ShinyHunters selling AT&T database with 70 million SSN

637 flaws in industrial control system (ICS) products were published in H1 2021

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

New Ubuntu Linux Security Patches Fix Up to Seven Vulnerabilities, Update Now

Linux Kernel 2.4.5 all memory corruption

Researchers patch Microsoft's 'Petitpotam' vulnerability patch

Incident Response: Infrastructure, Training, SIEM and Incident Handling

CISA shares guidance on how to prevent ransomware data breaches

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

REW-sploit - Emulate And Dissect MSF And *Other* Attacks

Allstar - GitHub App To Set And Enforce Security Policies

REW-sploit - Emulate And Dissect MSF And Other Attacks