Top News

• Microsoft Introduces Linux-Like 'sudo' Command to Windows 11

"Microsoft said it's introducing Sudo for Windows 11 as part of an early preview version to help users execute commands with administrator privileges."

Link

TLP¹ : Green

• UN Investigating Crypto Attacks by North Korea Hacking Groups Totalling $3B

"The United Nations (UN) is cracking down on North Korea's suspected misuse of cryptocurrency, launching an investigation into hacking groups linked to the nation. These groups are accused of orchestrating cyberattacks on cryptocurrency firms over the past six years, amassing a staggering $3 billion in stolen funds to allegedly support their weapons of mass destruction (WMD) program."

Link

TLP¹ : Green

• 4 Ways Hackers use Social Engineering to Bypass MFA

"When it comes to access security, one recommendation stands out above the rest: multi-factor authentication (MFA). With passwords alone being simple work for hackers, MFA provides an essential layer of protection against breaches. However, it's important to remember that MFA isn't foolproof. It can be bypassed, and it often is."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• U.S. Offers $10 Million Bounty for Info Leading to Arrest of Hive Ransomware Leaders

"The U.S. Department of State has announced monetary rewards of up to $10 million for information about individuals holding key positions within the Hive ransomware operation."

Link

TLP¹ : Green

• U.S. DoJ Dismantles Warzone RAT Infrastructure, Arrests Key Operators

"The U.S. Justice Department (DoJ) on Friday announced the seizure of online infrastructure that was used to sell a remote access trojan (RAT) called Warzone RAT."

Link

TLP¹ : Green

• Executives must face down state-sponsored hacking groups targeting firmware

"The geopolitical landscape is increasingly fractured, and corporations are being sucked into the vortex. Senior executives aren’t just facing down threats from uncoordinated criminals – they’re increasingly the target of cyber attacks from state-backed hacking groups."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Mon Dieu! Nearly half the French population have data nabbed in massive breach

"Nearly half the citizens of France have had their data exposed in a massive security breach at two third-party healthcare payment servicers, the French data privacy watchdog disclosed last week."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Outdated switches targeted by China-linked hacking campaign

"The FBI thwarted a hacking group backed by the Chinese government that was targeting hundreds of routers and had been working to compromise U.S. cyber infrastructure, according to FBI Director Christopher Wray."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• CISA and OpenSSF Release Framework for Package Repository Security

"The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that it's partnering with the Open Source Security Foundation (OpenSSF) Securing Software Repositories Working Group to publish a new framework to secure package repositories."

Link

TLP¹ : Green

• Why Are Compromised Identities the Nightmare to IR Speed and Efficiency?

"Incident response (IR) is a race against time. You engage your internal or external team because there's enough evidence that something bad is happening, but you're still blind to the scope, the impact, and the root cause."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• SqliSniper - Advanced Time-based Blind SQL Injection Fuzzer For HTTP Headers

"SqliSniper is a robust Python tool designed to detect time-based blind SQL injections in HTTP request headers. It enhances the security assessment process by rapidly scanning and identifying potential vulnerabilities using multi-threaded, ensuring speed and efficiency. Unlike other scanners, SqliSniper is designed to eliminates false positives through and send alerts upon detection, with the built-in Discord notification functionality."

Link

TLP¹ : Green

• SiCat: Open-source exploit finder

"SiCat is an open-source tool for exploit research designed to source and compile information about exploits from open channels and internal databases. Its primary aim is to assist in cybersecurity, enabling users to search the internet for potential vulnerabilities and corresponding exploits."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp