Top News

• Outlook Breach: Microsoft Reveals How a Crash Dump Led to a Major Security Breach

"Microsoft on Wednesday revealed that a China-based threat actor known as Storm-0558 acquired the inactive consumer signing key to forge tokens and access Outlook by compromising an engineer's corporate account."

Link

TLP¹ : Green

• Mirai Botnet Variant 'Pandora' Hijacks Android TVs for Cyberattacks

"A Mirai botnet variant called Pandora has been observed infiltrating inexpensive Android-based TV sets and TV boxes and using them as part of a botnet to perform distributed denial-of-service (DDoS) attacks."

Link

TLP¹ : Green

• North Korea hackers going after Russian targets, Microsoft says

"North Korean hackers targeted Russian diplomats and successfully breached a Russian aerospace research institute earlier this year, Microsoft Corp (MSFT.O) said in a blog post published Thursday."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• UK sanctions members of Russian cybercrime gang

"UK sanctions members of Russian cybercrime gang responsible for attacks on hospitals and critical infrastructure."

Link

TLP¹ : Green

• Ukraine Fights Back: High-Tech Tactics Against Russian Aggression

"Amidst the turmoil of war, Ukraine’s cyber-operators stand firmly on the front lines, their heated exchanges with Russian counterparts transforming the battlefield into a new high-tech arena of combat."

Link

TLP¹ : Green

• Beware: Phishing Campaign Impersonating Spain’s National Police

"Spain’s International Security Office (OSI) has recently issued a stark warning about a cunning phishing campaign that masquerades as the country’s National Police, cunningly exploiting the trust many place in law enforcement."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• New ransomware group takes responsibility for Sabre data breach

"The ransomware group posted a portion of the allegedly stolen files, claiming that the entire cache would be made "available soon""

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Alert: Apache SuperSet Vulnerabilities Expose Servers to Remote Code Execution Attacks

"Patches have been released to address two new security vulnerabilities in Apache SuperSet that could be exploited by an attacker to gain remote code execution on affected systems."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• 6 Effective Antidotes to Modern Cyber Adversaries

"In the ever-evolving landscape of cybersecurity, it’s evident that we’re no longer facing the hackers of yesteryears but a formidable breed of modern adversaries."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• DorXNG - Next Generation DorX. Built By Dorks, For Dorks

"DorXNG is a modern solution for harvesting OSINT data using advanced search engine operators through multiple upstream search providers. On the backend it leverages a purpose built containerized image of SearXNG, a self-hosted, hackable, privacy focused, meta-search engine."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp