InfoSec News 20240201
Top News
-
HeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto Mining
"Cybersecurity researchers have detailed an updated version of the malware HeadCrab that's known to target Redis database servers across the world since early September 2021."
TLP1 : Green
-
Exposed Docker APIs Under Attack in 'Commando Cat' Cryptojacking Campaign
"Exposed Docker API endpoints over the internet are under assault from a sophisticated cryptojacking campaign called Commando Cat."
TLP1 : Green
-
Hackers Use Compromised Routers to Attack Government Organizations
"Attackers continue to use compromised routers as malicious infrastructure to target government organizations in Europe and the Caucasus region."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
US disrupts botnet operated by Chinese state-sponsored hacking group
"The U.S. government has disrupted a botnet, or network of malware-laden devices, that was used by a Chinese state-sponsored hacking group to disguise its activities."
TLP1 : Green
-
POLICE SEIZED 50,000 BITCOIN FROM OPERATOR OF THE NOW-DEFUNCT PIRACY SITE MOVIE2K
"German police seized 50,000 Bitcoin from the former operator of the now-defunct piracy website movie2k.to."
TLP1 : Green
-
Hyderabad Cybercrime police detect frauds in investment, FedEx parcel; arrest two persons
"The Hyderabad Cyber Crime Police have apprehended two individuals involved in separate cases of cyber fraud, exposing intricate schemes preying on innocent victims."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Players’ passports, contracts exposed in Football Australia data leak
"Australian soccer players have had their passports, contracts and other personal information leaked online in a cybersecurity incident that has potentially also affected every local customer or fan, researchers say."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
RunC Flaws Enable Container Escapes, Granting Attackers Host Access
"Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage follow-on attacks."
TLP1 : Green
-
cIsA Warns of active exploitation of flaw in apple iOS and macos
"The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and watchOS to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Why the Right Metrics Matter When it Comes to Vulnerability Management
"How's your vulnerability management program doing? Is it effective? A success? Let's be honest, without the right metrics or analytics, how can you tell how well you're doing, progressing, or if you're getting ROI? If you're not measuring, how do you know it's working?"
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Sncscan - Tool For Analyzing SAP Secure Network Communications (SNC)
"SAP protocols, such as DIAG or RFC, do not provide high security themselves. To increase security and ensure Authentication, Integrity and Encryption, the use of SNC (Secure Network Communications) is required."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.