Está aqui

InfoSec News 20230517

Publicado: Qua, 17/05/2023 - 15:52

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

FBI confirms BianLian ransomware switch to extortion only attacks

"A joint Cybersecurity Advisory from government agencies in the U.S. and Australia, and published by the Cybersecurity and Infrastructure Security Agency (CISA,) is warning organizations of the latest tactics, techniques, and procedures (TTPs) used by the BianLian ransomware group."

Link

TLP¹ : Green

Lacroix Group shut down three facilities after a ‘targeted cyberattack’

"French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack."

Link

TLP¹ : Green

U.S. Offers $10 Million Bounty for Capture of Notorious Russian Ransomware Operator

"A Russian national has been charged and indicted by the U.S. Department of Justice (DoJ) for launching ransomware attacks against "thousands of victims" in the country and across the world."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

Debt Collection Firm Credit Control Corporation Hit by Major Data Breach

"Credit Control Corporation (CCC), a debt collection services company, recently fell victim to a cyber attack leading to a data breach that compromised the personal data of numerous healthcare institutions."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days, Patches and Exploits

Serious Unpatched Vulnerability Uncovered in Popular Belkin Wemo Smart Plugs

"The second generation version of Belkin's Wemo Mini Smart Plug has been found to contain a buffer overflow vulnerability that could be weaponized by a threat actor to inject arbitrary commands remotely."

Link

TLP¹ : Green

China's Mustang Panda Hackers Exploit TP-Link Routers for Persistent Attacks

"The Chinese nation-state actor known as Mustang Panda has been linked to a new set of sophisticated and targeted attacks aimed at European foreign affairs entities since January 2023."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

Identifying a Patch Management Solution: Overview of Key Criteria

"Software is rarely a one-and-done proposition.

In fact, any application available today will likely need to be updated – or patched – to fix bugs, address vulnerabilities, and update key features at multiple points in the future."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

The Dragon Who Sold His Camaro: Analyzing Custom Router Implant

"Over the past few months, Check Point Research has closely monitored a series of targeted attacks aimed at European foreign affairs entities. These campaigns have been linked to a Chinese state-sponsored APT group we track as Camaro Dragon, which shares similarities with previously reported activities conducted by state-sponsored Chinese threat actors, namely Mustang Panda."

Link

TLP¹ : Green

It’s All in the Name: How Unit 42 Defines and Tracks Threat Adversaries

"Within Unit 42 Threat Intelligence, we are often asked, “How does Unit 42 define and track actor activity?” To answer this question, we’ll give you a glimpse into our day-to-day activities, specifically focusing on how Unit 42 Threat Intelligence tracks behavior-based activity clusters."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing: