Top News

• DDoS 2.0: IoT Sparks New DDoS Alert

"The Internet of Things (IoT) is transforming efficiency in various sectors like healthcare and logistics but has also introduced new security risks, particularly IoT-driven DDoS attacks. This article explores how these attacks work, why they're uniquely problematic, and how to mitigate them."

Link

TLP¹ : Green

• Data of Free internet and phone clients in France stolen and on sale

"The personal data of clients of Free, one of France’s largest providers of phone and broadband internet contracts, has been found for sale on an underground online forum."

Link

TLP¹ : Green

• NodeStealer Malware Now Targets Facebook Business Accounts on Multiple Browsers

"An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims' credentials using a variant of the Python-based NodeStealer and potentially take over their accounts for follow-on malicious activities."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Cybercriminals Combine Phishing and EV Certificates to Deliver Ransomware Payloads

"The threat actors behind RedLine and Vidar information stealers have been observed pivoting to ransomware through phishing campaigns that spread initial payloads signed with Extended Validation (EV) code signing certificates."

Link

TLP¹ : Green

• Iranian Nation-State Actors Employ Password Spray Attacks Targeting Multiple Sectors

"Iranian nation-state actors have been conducting password spray attacks against thousands of organizations globally between February and July 2023, new findings from Microsoft reveal."

Link

TLP¹ : Green

• Weather Network app can’t send alerts following 'malicious cyberattack'

"The Weather Network and MeteoMedia still can’t send weather alerts through push notifications from its app following a “malicious cyberattack” on Monday."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Vodafone investigating potential data breach after Twitter accounts compromised

"The telecoms operator has notified the Data Protection Commissioner about a potential breach after its main Twitter accounts were temporarily taken over by third parties."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Microsoft Uncovers Flaws in ncurses Library Affecting Linux and macOS Systems

"A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems."

Link

TLP¹ : Green

• Hacker Group Konni Uses WinRAR Vulnerability To Steal Crypto

"Konni, a hacker group from North Korea, has reportedly exploited the WinRAR vulnerability to attain their first attack targeting the crypto industry."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• 5 cyber hygiene strategies to help prevent cyber attacks

"The world of cybersecurity is constantly inundated with news on the latest data breaches, cybercriminal attack trends, and security measures. And while that information is critical for adapting to the ever-changing nature of cybercrime, it's also important to pay attention to foundational measures as well. Basic security hygiene still protects against 98% of attacks."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Z9 - PowerShell Script Analyzer

"This tools detects the artifact of the PowerShell based malware from the eventlog of PowerShell logging."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp