Top News

• X (Twitter) to Collect Biometric Data from Premium Users to Combat Impersonation

"X, the social media site formerly known as Twitter, has updated its privacy policy to collect users' biometric data to tackle fraud and impersonation on the platform."

Link

TLP¹ : Green

• Beware of MalDoc in PDF: A New Polyglot Attack Allowing Attackers to Evade Antivirus

"Cybersecurity researchers have called attention to a new antivirus evasion technique that involves embedding a malicious Microsoft Word file into a PDF file."

Link

TLP¹ : Green

• Russia-linked hack on Trident base sparks 'World War Three' warning from expert

"RELENTLESS cyberattacks could be the prelude to World War Three, an expert has warned in the aftermath of a hit on a Scottish nuclear base."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising

"Malicious actors associated with the Vietnamese cybercrime ecosystem are leveraging advertising-as-a-vector on social media platforms such as Meta-owned Facebook to distribute malware."

Link

TLP¹ : Green

• Chinese-Speaking Cybercriminals Launch Large-Scale iMessage Smishing Campaign in U.S.

"A new large-scale smishing campaign is targeting the U.S. by sending iMessages from compromised Apple iCloud accounts with an aim to conduct identity theft and financial fraud."

Link

TLP¹ : Green

• Okta Warns of Social Engineering Attacks Targeting Super Administrator Privileges

"Identity services provider Okta on Friday warned of social engineering attacks orchestrated by threat actors to obtain elevated administrator permissions."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Sensitive Data about UK Military Sites Potentially Leaked by LockBit

"Gigabytes of sensitive data related to British military and intelligence sites have been exposed by the infamous LockBit ransomware group."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• PoC Exploit Released for Critical VMware Aria's SSH Auth Bypass Vulnerability

"Proof-of-concept (PoC) exploit code has been made available for a recently disclosed and patched critical flaw impacting VMware Aria Operations for Networks (formerly vRealize Network Insight)."

Link

TLP¹ : Green

• Hackers Exploit MinIO Storage System Vulnerabilities to Compromise Servers

"An unknown threat actor has been observed weaponizing high-severity security flaws in the MinIO high-performance object storage system to achieve unauthorized code execution on affected servers."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• How to avoid paying the ransom with a robust four-step recovery plan

"Security teams are often torn over how to best respond to and recover from the latest ransomware threat to their organisation. Oftentimes individuals will lean on their experience asserting their know how to tackle the threat the right way."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Sandbox_Scryer - Tool For Producing Threat Hunting And Intelligence Data From Public Sandbox Detonation Output

"The Sandbox Scryer is an open-source tool for producing threat hunting and intelligence data from public sandbox detonation output The tool leverages the MITRE ATT&CK Framework to organize and prioritize findings, assisting in the assembly of IOCs, understanding attack movement and in threat hunting..."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp