Top News

• Malvertisers Using Google Ads to Target Users Searching for Popular Software

"Details have emerged about a malvertising campaign that leverages Google Ads to direct users searching for popular software to fictitious landing pages and distribute next-stage payloads."

Link

TLP¹ : Green

• Brazil police arrest two intel agents for alleged illegal surveillance

"Brazil's federal police on Friday arrested two intelligence officials from the country's spy agency Abin for allegedly using phone hacking tools without judicial approval."

Link

TLP¹ : Green

• War crimes tribunal says hacking was espionage attempt

"The International Criminal Court says a cyber attack it suffered in September was a case of attempted espionage."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Vietnamese Hackers Target U.K., U.S., and India with DarkGate Malware

"Attacks leveraging the DarkGate commodity malware targeting entities in the U.K., the U.S., and India have been linked to Vietnamese actors associated with the use of the infamous Ducktail stealer."

Link

TLP¹ : Green

• ExelaStealer: A New Low-Cost Cybercrime Weapon Emerges

"A new information stealer named ExelaStealer has become the latest entrant to an already crowded landscape filled with various off-the-shelf malware designed to capture sensitive data from compromised Windows systems."

Link

TLP¹ : Green

• U.S. DoJ Cracks Down on North Korean IT Scammers Defrauding Global Businesses

"The U.S. government has announced the seizure of 17 website domains used by North Korean information technology (IT) workers as part of an illicit scheme to defraud businesses across the world, evade sanctions, and fund the country's ballistic missile program."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Data breach affects 1,943 Cape Fear Valley patients. How to check if your info was stolen

"A data breach has affected some patients at Fayetteville-based Cape Fear Valley Health, the hospital system said on Tuesday."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Critical flaw in JetBrains TeamCity exploited weeks after patch issued

"Microsoft researchers are warning about two North Korea state-linked threat actors abusing a critical vulnerability in JetBrains TeamCity, a widely used software development platform. "

Link

TLP¹ : Green

• Cisco Devices Face Cyber Attack as Hackers Exploit Unpatched Vulnerability

"In a concerning development, cybercriminals have seized upon an unpatched zero-day vulnerability in Cisco’s networking software, compromising an alarming number of devices. The breach has resulted in unauthorized access and potential unauthorized activity on tens of thousands of affected devices."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• 4 Tips for Retailers During Cybersecurity Awareness Month

"October is the 20th  Cybersecurity Awareness Month, a month dedicated to enhancing cybersecurity awareness, encouraging actions to reduce online risk and generating discussion on cyberthreats."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Aftermath – Swift-Powered Incident Response And Data Analysis

"Aftermath can be leveraged by defenders in order to collect and subsequently analyze the data from the compromised host. Aftermath can be deployed from an MDM (ideally), but it can also run independently from the infected user’s command line."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp