InfoSec News 20230801
Top News
-
Abyss Locker Ransomware Looks to Drown VMware's ESXi Servers
"The 4-month-old ransomware gang is now actively targeting VMware's virtual environments with a second variant of its custom malware."
TLP1 : Green
-
Cybercriminals Renting WikiLoader to Target Italian Organizations with Banking Trojan
"Organizations in Italy are the target of a new phishing campaign that leverages a new strain of malware called WikiLoader with an ultimate aim to install a banking trojan, stealer, and spyware called Ursnif (aka Gozi)."
TLP1 : Green
-
Tel Aviv-based firm uncovers Mexico phishing campaign
"Israeli cybersecurity company Perception Point recently revealed it has uncovered a widespread phishing campaign in Mexico that lasted for nearly two years and left behind over 4,000 victims."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor
"Threat actors associated with the hacking crew known as Patchwork have been spotted targeting universities and research organizations in China as part of a recently observed campaign.
The activity, according to KnownSec 404 Team, entailed the use of a backdoor codenamed EyeShell."
TLP1 : Green
-
Hackers could be Walmart's new defense vs. cybercrime
"The openness of Walmart and other organizations to hiring non-traditional employees for such jobs could help address a growing problem in the U.S.: A lack of people on the frontlines to fight cybercrime."
TLP1 : Green
-
Curve Stablecoin Exchange Hit by $50 Million Cyber Attack Due to Vyper Vulnerability
"Curve stablecoin exchange suffered a cyber attack leading to losses of $50 million due to vulnerabilities in some version of Vyper programming language."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Wakefield man victim of widespread North Kingstown data breach
"NORTH KINGSTOWN, R.I. — A South Kingstown resident is speaking out after learning his personal information may be in jeopardy from a cyberattack in North Kingstown, a town he has never lived in."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Multiple Flaws Found in Ninja Forms Plugin Leave 800,000 Sites Vulnerable
"Multiple security vulnerabilities have been disclosed in the Ninja Forms plugin for WordPress that could be exploited by threat actors to escalate privileges and steal sensitive data."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Webinar: Riding the vCISO Wave: How to Provide vCISO Services
"Demand for Virtual CISO services is soaring. According to Gartner, the use of vCISO services among small and mid-size businesses and non-regulated enterprises was expected to grow by a whopping 1900% in just one year, from only 1% in 2021 to 20% in 2022!"
TLP1 : Green
-
How South Korea is Revolutionizing Malware Analysis with NAMA Solutions
"South Korea, a global leader in technology and innovation, is revolutionizing the field of malware analysis with the introduction of NAMA (Network Analysis Malware Alert) solutions. This groundbreaking technology is transforming the way cybersecurity experts detect, analyze, and neutralize malware threats, thereby enhancing the security of digital systems worldwide."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
New P2PInfect Worm Targets Redis Servers with Undocumented Breach Methods
"The P2PInfect peer-to-peer (P2) worm has been observed employing previously undocumented initial access methods to breach susceptible Redis servers and rope them into a botnet."
TLP1 : Green
-
TelegramRAT - Cross Platform Telegram Based RAT That Communicates Via Telegram To Evade Network Restrictions
"Cross Platform Telegram based RAT that communicates via telegram to evade network restrictions"
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.