Top News

• Signal Introduces Usernames, Allowing Users to Keep Their Phone Numbers Private

"End-to-end encrypted (E2EE) messaging app Signal said it's piloting a new feature that allows users to create unique usernames (not to be confused with profile names) and keep the phone numbers away from prying eyes."

Link

TLP¹ : Green

• Apple to upgrade iMessage with measures against future quantum computing hacking

"Apple is set to roll out PQ3 - a protocol upgrading iMessage with post-quantum cryptography to thwart even future quantum computer hacking attempts."

Link

TLP¹ : Green

• People 'disappeared' after Julian Assange and Wikileaks blended hacking with journalism, court hears

"People living under authoritarian regimes "disappeared" after Julian Assange blended hacking with reporting, "stole vast amounts" of classified documents and published them on his WikiLeaks website, a court has heard."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• New 'VietCredCare' Stealer Targeting Facebook Advertisers in Vietnam

"Facebook advertisers in Vietnam are the target of a previously unknown information stealer dubbed VietCredCare at least since August 2022."

Link

TLP¹ : Green

• Russian Hackers Target Ukraine with Disinformation and Credential-Harvesting Attacks

"Cybersecurity researchers have unearthed a new influence operation targeting Ukraine that leverages spam emails to propagate war-related disinformation."

Link

TLP¹ : Green

• Russia Announces Arrest of Medibank Hacker Tied to REvil

"Not for the first time, Russian authorities have busted Russian nationals accused of using malicious code against domestic targets. At least one of the suspects has also been tied by the U.S. and other countries to the massive 2022 hack attack against one of Australia's largest private health insurers, Medibank, although that doesn't appear to have been a factor in Russia's arrests."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Azure and Microsoft Exchange Servers Victim To Active Exploitation by Hackers

"Microsoft’s Azure platform has been subject to a major data breach, compromising several accounts, including that of senior company executives. Find out more about Microsoft’s security issues with Azure and Exchange servers."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• VMware Alert: Uninstall EAP Now - Critical Flaw Puts Active Directory at Risk

"VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) following the discovery of a critical security flaw."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• 6 Ways to Simplify SaaS Identity Governance

"With SaaS applications now making up the vast majority of technology used by employees in most organizations, tasks related to identity governance need to happen across a myriad of individual SaaS apps."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• SpeedyTest - Command-Line Tool For Measuring Internet Speed

"SpeedyTest is a powerful command-line tool for measuring internet speed. With its advanced features and intuitive interface, it provides accurate and comprehensive speed test results. Whether you're a network administrator, developer, or simply want to monitor your internet connection, SpeedyTest is the perfect tool for the job."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp