Infosec News 20210826
Top News
-
Personal Data and docs of Swiss town Rolle available on the dark web
"Documents and personal details of residents of the small Swiss town Rolle, on the shores of Lake Geneva, were stolen in a ransomware attack."
TLP1 : Green
-
Nearly 73,500 patients' data affected in ransomware attack on eye clinic in S'pore
"A ransomware attack earlier this month has affected the personal data and clinical information of nearly 73,500 patients of a private eye clinic, the third such reported incident in a month."
TLP1 : Green
-
Man admits impersonating Apple support staff to steal 620,000 photos from iCloud accounts
"A 40-year-old man has agreed to plead guilty to US court charges that he broke into thousands of Apple iCloud accounts and stole hundreds of thousands of images and videos of young women."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Passwords on the dark web after the T-mobile breach? How to check what was leaked
"You might learn too late in the game that your data has been stolen. Here's how to keep pace with the hackers."
TLP1 : Green
-
Vulnerability allowed hackers to tamper medication in infusion pump
"McAfee Enterprise’s Advanced Threat Research Team disclosed five unreported security vulnerabilities that existed in German healthcare giant B. Braun’s Infusomat Space Large Volume Pump and SpaceStation."
TLP1 : Green
-
Surveillance of the Internet Backbone
"Vice has an article about how data brokers sell access to the Internet backbone. This is netflow data. It’s useful for cybersecurity forensics, but can also be used for things like tracing VPN activity."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Hack Exposes Personal Data of Entire Swiss Town: Report
"A small Swiss town acknowledged late Wednesday that it had underestimated the severity of a cyberattack, following reports the personal data of the entire population was exposed online."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Cisco Issues Critical Fixes for High-End Nexus Gear
"Cisco Systems released six security patches tied to its high-end 9000 series networking gear ranging in importance from critical, high and medium severity."
TLP1 : Green
-
Realtek SDK bugs targeted to spread Mirai bot variant
"The vulnerabilities are thought to affect about 200 IoT product lines offered by at least 65 hardware manufacturers"
TLP1 : Green
-
VMware Patches High-Severity Vulnerabilities in vRealize Operations
"VMware this week announced patches for a series of vulnerabilities in vRealize Operations, including four considered high severity."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
FBI Releases Indicators of Compromise Associated with OnePercent Group Ransomware
"The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) associated with ransomware attacks by the OnePercent Group, a cyber-criminal organization known since November 2020 for using Cobalt Strike in phishing attacks against U.S. companies."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
SLSA - Supply-chain Levels For Software Artifacts
"SLSA (pronounced "salsa") is security framework from source to service, giving anyone working with software a common language for increasing levels of software security and supply chain integrity."
TLP1 : Green
-
PSPKIAudit - PowerShell toolkit for auditing Active Directory Certificate Services (AD CS)
"PowerShell toolkit for auditing Active Directory Certificate Services (AD CS)."
TLP1 : Green
-
CISA Details Additional Malware Targeting Pulse Secure Appliances
"The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week released five new analysis reports detailing malware discovered on compromised Pulse Secure devices."
TLP1 : Green
-
Google, Microsoft Pledges $30 Billion to Cybersecurity After White House Event with POTUS Biden
"Google and Microsoft have both pledged into a combined $30 billion funds for Cybersecurity, following a White House event that involved President of the United States, Joe Biden."
TLP1 : Green
-
MSSQL for Pentester: Command Execution with xp_cmdshell
"This article is the series of MSSQL for pentester, here we will discover and exploit the security aspects of the xp_cmdshell functionality."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.