Top News

• The spyware business is booming despite government crackdowns

"The commercial spyware economy – despite government and big tech's efforts to crack down – appears to be booming."

Link

TLP¹ : Green

• Police to launch phishing investigation division to fight growing crimes

"Police will establish a new investigation division exclusively dedicated to phishing crimes in a bid to better fight increasingly sophisticated phishing attacks, officials said Wednesday."

Link

TLP¹ : Green

• 'Netanyahu is the target': Microsoft report reveals Iran's cyber war on Israel

"Undermine Israel and its supporters in an attempt to create general confusion and mistrust - that's how the system worked."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Global Coalition and Tech Giants Unite Against Commercial Spyware Abuse

"A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse of commercial spyware to commit human rights abuses."

Link

TLP¹ : Green

• Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network

"Chinese state-backed hackers broke into a computer network that's used by the Dutch armed forces by targeting Fortinet FortiGate devices."

Link

TLP¹ : Green

• Anonymous Sudan hacks IGAD countries over alleged RSF support

"Anonymous Sudan, a hacking group believed to hold religious and political motivations, has launched cyberattacks against three East African nations in recent days, accusing them of supporting the Rapid Support Forces (RSF) in Sudan’s ongoing conflict."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Verizon employee compromises personal data of 63,000 colleagues

"The compromised personal information includes names, addresses, Social Security Number or other national identifier, gender, union affiliation, date of birth, and compensation information."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Critical JetBrains TeamCity On-Premises Flaw Exposes Servers to Takeover - Patch Now

"JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over susceptible instances."

Link

TLP¹ : Green

• iPhone users targeted by govt hackers with 0-days vulnerabilities: Google

"Google has said that government hackers last year used three undiscovered flaws in Apple’s iPhone operating system to target users with spyware created by a European startup."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• New Webinar: 5 Steps to vCISO Success for MSPs and MSSPs

"2024 will be the year of the vCISO. An incredible 45% of MSPs and MSSPs are planning to start offering vCISO services in 2024. As an MSP/MSSP providing vCISO services, you own the organization's cybersecurity infrastructure and strategy."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• BounceBack - Stealth Redirector For Your Red Team Operation Security

"BounceBack is a powerful, highly customizable and configurable reverse proxy with WAF functionality for hiding your C2/phishing/etc infrastructure from blue teams, sandboxes, scanners, etc."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp