Top News

• TikTok Faces Massive €345 Million Fine Over Child Data Violations in E.U.

"The Irish Data Protection Commission (DPC) slapped TikTok with a €345 million (about $368 million) fine for violating the European Union's General Data Protection Regulation (GDPR) in relation to its handling of children's data."

Link

TLP¹ : Green

• Financially Motivated UNC3944 Threat Actor Shifts Focus to Ransomware Attacks

"The financially motivated threat actor known as UNC3944 is pivoting to ransomware deployment as part of an expansion to its monetization strategies, Mandiant has revealed."

Link

TLP¹ : Green

• New AMBERSQUID Cryptojacking Operation Targets Uncommon AWS Services

"Software development company Retool has disclosed that the accounts of 27 of its cloud customers were compromised following a targeted and SMS-based social engineering attack."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• North Korea's Lazarus Group Suspected in $31 Million CoinEx Heist

"The North Korea-affiliated Lazarus Group has stolen nearly $240 million in cryptocurrency since June 2023, marking a significant escalation of its hacks."

Link

TLP¹ : Green

• BlackCat invade armazenamento do Azure com criptografador

"A gangue de ransomware BlackCat — também conhecida como ALPHV — agora usa contas roubadas da Microsoft e o criptografador Sphynx para encriptar o armazenamento em nuvem do Azure dos alvos. Ao investigar uma violação recente, a equipe de resposta a incidentes do Sophos X-Ops descobriu que os invasores usaram uma nova variante do Sphynx com suporte adicional para o uso de credenciais personalizadas."

Link

TLP¹ : Green

• Iranian hackers target defence, satellite firms to gather secrets: Microsoft

"Microsoft analysts have said that Iranian state-backed hackers targeted satellite, defence, and pharmaceutical companies around the world in order to gather intelligence and perhaps build up domestic production in these industries amid heavy US sanctions."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Dymocks links data breach to "external data partner"

"Book retailer Dymocks has identified the source of a data breach, affecting 1.24 million customer records, as an “external data partner”."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Streamers receiving fake $100 million donations due to suspected Streamlabs exploit

"Twitch streamers have been seen receiving $100 million donations last weekend, Sept. 16-18. Users suspect a new Streamlabs exploit to be the root of it."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Think Your MFA and PAM Solutions Protect You? Think Again

"When you roll out a security product, you assume it will fulfill its purpose. Unfortunately, however, this often turns out not to be the case."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• ADCSKiller - An ADCS Exploitation Automation Tool Weaponizing Certipy And Coercer

"ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp