InfoSec News 20240219
Top News
-
Digital Underworld Shaken: Ukrainian Developer Extradited to US for Pioneering Raccoon Malware
"Mark Sokolovsky, the mastermind behind the Raccoon Info Stealer Malware-as-a-Service, has been extradited to the US following his arrest in the Netherlands. The malware is responsible for stealing over 50 million unique credentials. Sokolovsky's arrest and the subsequent takedown of Raccoon highlight the importance of international cooperation in the fight against cybercrime."
TLP1 : Green
-
Google Chrome will soon block hacking attempts on your network
"Google is testing a new feature for Chrome that will eventually block malicious requests from websites that aim to hijack devices like printers and routers on your private network."
TLP1 : Green
-
Anatsa Android Trojan Bypasses Google Play Security, Expands Reach to New Countries
"The Android banking trojan known as Anatsa has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Russian-Linked Hackers Target 80+ Organizations via Roundcube Flaws
"Threat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers to target over 80 organizations."
TLP1 : Green
-
Iranian Hackers Target Middle East Policy Experts with New BASICSTAR Backdoor
"The Iranian-origin threat actor known as Charming Kitten has been linked to a new set of attacks aimed at Middle East policy experts with a new backdoor called BASICSTAR by creating a fake webinar portal."
TLP1 : Green
-
FBI's Most-Wanted Zeus and IcedID Malware Mastermind Pleads Guilty
"A Ukrainian national has pleaded guilty in the U.S. to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Bank of America data breach may have leaked SSN for thousands of NC customers
"Thousands of customers in North Carolina may have had their information leaked after a Bank of America data breach.
The North Carolina Attorney General’s Office says more than 3,200 Bank of America customers in the state could have had their social security numbers and names leaked."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
ESET Privilege Escalation Flaw Let Attackers Delete Arbitrary Files
"ESET, a cybersecurity firm, has released patches for a high-severity vulnerability identified in several Windows-based security products, including consumer, business, and server security."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
How to Achieve the Best Risk-Based Alerting (Bye-Bye SIEM)
"NDR massively upgrades your security through risk-based alerting, prioritizing alerts based on the potential risk to your organization's systems and data."
TLP1 : Green
-
How Businesses Can Safeguard Their Communication Channels Against Hackers
"Efficient communication is a cornerstone of business success. Internally, making sure your team communicates seamlessly helps you avoid friction losses, misunderstandings, delays, and overlaps. Externally, frustration-free customer communication is directly correlated to a positive customer experience and higher satisfaction."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Google Open Sources Magika: AI-Powered File Identification Tool
"Google has announced that it's open-sourcing Magika, an artificial intelligence (AI)-powered tool to identify file types, to help defenders accurately detect binary and textual file types."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.