Top News

• U.S. charges Russian suspects with operating Z-Library e-Book site

"Anton Napolsky (33) and Valeriia Ermakova (27), two Russian nationals, were charged with intellectual property crimes linked to Z-Library, a pirate online eBook repository. The defendants were arrested on November 3, 2022, in Argentina by the country's authorities at the request of U.S. law enforcement."

Link

TLP¹ : Green

• French agency warns World Cup fans to get burner phones for Qatar apps

"If you’re going to Qatar for the World Cup, you had better get a burner phone. And don’t take any photos that might fall foul of the Gulf state’s strict morality laws. France’s influential data protection authority CNIL is telling football fans how they should protect themselves from the Qatar World Cup apps’ snooping. "

Link

TLP¹ : Green

• Top Zeus Botnet Suspect “Tank” Arrested in Geneva

"Vyacheslav “Tank” Penchukov, the accused 40-year-old Ukrainian leader of a prolific cybercriminal group that stole tens of millions of dollars from small to mid-sized businesses in the United States and Europe, has been arrested in Switzerland, according to multiple sources."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Google Wins Lawsuit Against Glupteba Botnet Operators

"Google announced in December 2021 that it had taken action to disrupt the botnet’s C&C infrastructure. The company said at the time that even if its actions may not completely stop the botnet, they should still affect its operators’ ability to conduct future operations. It’s unclear if the botnet is currently active."

Link

TLP¹ : Green

• Twitter source code indicates end-to-end encrypted DMs are coming

"Twitter is reportedly working on finally adding end-to-end encryption (E2EE) for direct messages (DMs) exchanged between users on the social media platform.  This is a sought-after and massively requested feature that will help protect private communications from anyone sitting between the conversation parties or even legal requests."

Link

TLP¹ : Green

• Russia’s cyber personnel has ‘underperformed’ in Ukraine: U.S. Defense official

"A senior Pentagon official on Wednesday said that Russia’s cyber personnel “underperformed” during the initial invasion of Ukraine, prompting it to ultimately rely less on digital attacks during the now months-long conflict than was expected."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Misconfigured Server Exposed PHI of 600,000 Inmates

"A server misconfiguration at a firm that provides medical claims processing for correctional facilities exposed sensitive information of nearly 600,000 inmates who received medical care during the last decade while incarcerated."

Link

TLP¹ : Green

• US: Iranian Hackers Breached Government with Log4Shell

"The US authorities have urged all agencies to patch VMware systems after revealing that Iranian state-backed actors exploited the Log4Shell bug to compromise a government organization. The alert from the Cybersecurity and Infrastructure Security Agency (CISA) claimed the unnamed Federal Civilian Executive Branch (FCEB) organization was compromised as long ago as February 2022."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days, Patches and Exploits

• Microsoft urges devs to migrate away from .NET Core 3.1 ASAP

"Microsoft has urged developers still using the long-term support (LTS) release of .NET Core 3.1 to migrate to the latest .NET Core versions until it reaches the end of support (EOS) next month.  The company warned customers on the Windows message center to upgrade to .NET 6 (LTS) or .NET 7 "as soon as possible" before .NET Core 3.1 (LTS) reaches EOS on December 13, 2022."

Link

TLP¹ : Green

• Microsoft fixes bug behind Windows 10 freezes, desktop issues

"Microsoft has resolved a known issue triggering errors and temporarily causing the taskbar and desktop to disappear on Windows 10 systems.  The company also linked the same issue with instances where the users' devices would stop responding to input and freeze."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Why companies can no longer hide keys under the doormat

"For good reason, companies trust in encryption, blockchain, zero trust access, distributed or multi-party strategies, and other core technologies. At the same time, companies are effectively hiding the keys that could undermine all these protections under a (figurative) doormat."

Link

TLP¹ : Green

• Robotic Process Automation (RPA) adoption hindered by security concerns

"Robotic Process Automation (RPA) promises numerous benefits to organizations investing in it, including increased worker productivity, the automation of tedious and monotonous tasks, and improved efficiency. According to Deloitte, it’s a market that will reach a value of more than $2.9 billion globally prior to 2023."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• 5 Kali Linux tools you should learn how to use

"Kali Linux also comes with several hundred specialized tools for carrying out penetration testing, security research, computer forensics, reverse engineering, vulnerability management, and red team testing. Here are 5 you should learn how to use."

Link

TLP¹ : Green

• nuvola - Tool To Dump And Perform Automatic And Manual Security Analysis On Aws Environments Configurations And Services

"nuvola (with the lowercase n) is a tool to dump and perform automatic and manual security analysis on AWS environments configurations and services using predefined, extensible and custom rules created using a simple Yaml syntax. "

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp