InfoSec News 20230922
Top News
-
Mysterious 'Sandman' Threat Actor Targets Telecom Providers Across Three Continents
"A previously undocumented threat actor dubbed Sandman has been attributed to a set of cyber attacks targeting telecommunic koation providers in the Middle East, Western Europe, and the South Asian subcontinent."
TLP1 : Green
-
Portugal: 961 cyber attacks by pro-Russia hackers on west in six months – VisionWare
"The VisionWare Threat Intelligence Centre (VTIC) detected 961 cyber attacks by pro-Russian hackers on Western countries and organisations between October 2022 and March 2023, an official report sent to the Lusa news agency said on Thursday."
TLP1 : Green
-
New T-Mobile hack allegedly exposes 90GB of data
"T-Mobile, the global telecoms giant, could be facing a third data breach in less than 12 months. Cybercriminals say they’ve exposed employee credentials, customer info, and other sensitive data."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Iranian Nation-State Actor OilRig Targets Israeli Organizations
"Israeli organizations were targeted as part of two different campaigns orchestrated by the Iranian nation-state actor known as OilRig in 2021 and 2022."
TLP1 : Green
-
Mexican diocese denounces hacking of several of its social media accounts
"Different social media accounts related to the Diocese of Irapuato in the Mexican state of Guanajuato were hacked and inappropriate content was posted on the accounts."
TLP1 : Green
-
Canada Confirms DDoS Attack Disrupted Airport Arrival Kiosks
"A recent, brief disruption at Canadian airports is a reminder that Russia-aligned hacking groups' bark remains worse than their bite."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
U of M: Data breach may involve Social Security numbers, license and passport information
"The University of Minnesota has released new details about a data breach investigation that began earlier this year."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server
"Atlassian and the Internet Systems Consortium (ISC) have disclosed several security flaws impacting their products that could be exploited to achieve denial-of-service (DoS) and remote code execution."
TLP1 : Green
-
Apple Rushes to Patch 3 New Zero-Day Flaws: iOS, macOS, Safari, and More Vulnerable
"Apple has released yet another round of security patches to address three actively exploited zero-day flaws impacting iOS, iPadOS, macOS, watchOS, and Safari, taking the total tally of zero-day bugs discovered in its software this year to 16."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
How to Interpret the 2023 MITRE ATT&CK Evaluation Results
"Thorough, independent tests are a vital resource for analyzing provider's capabilities to guard against increasingly sophisticated threats to their organization. And perhaps no assessment is more widely trusted than the annual MITRE Engenuity ATT&CK Evaluation."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Dynmx - Signature-based Detection Of Malware Features Based On Windows API Call Sequences
"dynmx (spoken dynamics) is a signature-based detection approach for behavioural malware features based on Windows API call sequences. In a simplified way, you can think of dynmx as a sort of YARA for API call traces (so called function logs) originating from malware sandboxes. "
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.