Top News

• Managing Privileged Access to Secure the Post-COVID Perimeter

"Joseph Carson, chief security scientist & advisory CISO at ThycoticCentrify, discusses how to implement advanced privileged-access practices."

Link

TLP¹ : Green

• DLL side-loading Attack Takes Advantage of Windows Search Order to Inject Malicious DLL

"Dynamic-link library (DLL) side-loading is an increasingly popular cyberattack method that takes advantage of how Microsoft Windows applications handle DLL files. "

Link

TLP¹ : Green

• Navigating Vendor Risk Management as IT Professionals

"One of the great resources available to businesses today is the large ecosystem of value-added services and solutions. Especially in technology solutions, there is no end to the services of which organizations can avail themselves."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Researchers Detail Modus Operandi of ShinyHunters Cyber Crime Group

"ShinyHunters, a notorious cybercriminal underground group that's been on a data breach spree since last year, has been observed searching companies' GitHub repository source code for vulnerabilities that can be abused to stage larger scale attacks, an analysis of the hackers' modus operandi has revealed."

Link

TLP¹ : Green

• Attackers Actively Exploiting Realtek SDK Flaws

"Multiple vulnerabilities in software used by 65 vendors under active attack."

Link

TLP¹ : Green

• Attackers Increasingly Target Linux in the Cloud

"Linux has been the favored operating system of system administrators and hackers, but now the operating system has become a significant target of cybercriminals as well, with malware — such as Web shells and coin miners — running from Linux containers and about 200 different Linux vulnerabilities targeted in attacks."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Top 15 Vulnerabilities Attackers Exploited Millions of Times to Hack Linux Systems

"Close to 14 million Linux-based systems are directly exposed to the Internet, making them a lucrative target for an array of real-world attacks that could result in the deployment of malicious web shells, coin miners, ransomware, and other trojans."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days, Patches and Exploits

• CISA recommends immediately patch Exchange ProxyShell flaws

"The US Cybersecurity and Infrastructure Security Agency (CISA) issued an alert to warn admins to address actively exploited ProxyShell vulnerabilities on-premises Microsoft Exchange servers."

Link

TLP¹ : Green

• Are you using a Sophos UTM appliance? Be sure it is up to date!

"A researcher disclosed technical details of a critical remote code execution vulnerability, tracked as CVE-2020-25223, patched last year. "

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Elastic to Acquire build.security for Cloud Security Expansion

"Elastic to Acquire build.security for CSearch software giant Elastic NV is continuing its march into the cybersecurity business with Monday’s announcement of plans to acquire build.security, a red-hot Israeli startup that helps businesses enforce cloud security authorization policies.loud Security Expansion"

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• A Complete Guide to Perform External Penetration Testing on Your Client Network | Step-by-Step Methods

"This write-up walks us through one of my many journeys in my external penetration testing and how I compromised the organization in this write-up"

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp