InfoSec News 20240205
Top News
-
LockBit Ransomware Group Demands $11 Million From Government to Unlock Files
"A devastating ransomware attack by Lockbit recently targeted the charming city of Calvià in Majorca, Spain, which is well-known for its tourism appeal."
TLP1 : Green
-
Pig Butchering Crypto Scams Advance to As-a-service Schemes
"Continued research from Sophos has revealed the advancement and expansion of crypto pig butchering schemes into an as-a-service model. "
TLP1 : Green
-
Video Call With Deepfakes Costs UK Firm $25m in Hong Kong
"Fraudsters used past meetings to create AI deepfakes of the firm’s chief financial officer and several other employees to an employee into transferring company funds"
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Pegasus Spyware Targeted iPhones of Journalists and Activists in Jordan
"The iPhones belonging to nearly three dozen journalists, activists, human rights lawyers, and civil society members in Jordan have been targeted with NSO Group's Pegasus spyware, according to joint findings from Access Now and the Citizen Lab."
TLP1 : Green
-
U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks
"The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical infrastructure entities in the U.S. and other countries."
TLP1 : Green
-
Super skimmers: The new way criminals are hacking your account, even if you don’t swipe your card
"Criminals are evolving and finding more sophisticated ways to steal your money – even with chip cards. Super skimmers are now being used, and security experts tell Boston 25 News, they’re much harder to detect. But there are things to watch out for to protect your money."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
AnyDesk Hacked: Popular Remote Desktop Software Mandates Password Reset
"Remote desktop software maker AnyDesk disclosed on Friday that it suffered a cyber attack that led to a compromise of its production systems."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw
"The threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico."
TLP1 : Green
-
Mastodon Vulnerability Allows Hackers to Hijack Any Decentralized Account
"The decentralized social network Mastodon has disclosed a critical security flaw that enables malicious actors to impersonate and take over any account."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Combined Security Practices Changing the Game for Risk Management
"A significant challenge within cyber security at present is that there are a lot of risk management platforms available in the market, but only some deal with cyber risks in a very good way. "
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Navgix - A Multi-Threaded Golang Tool That Will Check For Nginx Alias Traversal Vulnerabilities
"A Multi-Threaded Golang Tool That Will Check For Nginx Alias Traversal Vulnerabilities"
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.