InfoSec News 20240301
Top News
-
Saudi Arabia sees surge in demand for cybersecurity experts amid global threat
"Saudi Arabia has seen a surge in demand for cybersecurity specialists amid growing concerns about cyber threats within the Kingdom, according to a recent report by leading security software company Qrator Labs."
TLP1 : Green
-
New BIFROSE Linux Malware Variant Using Deceptive VMware Domain for Evasion
"Cybersecurity researchers have discovered a new Linux variant of a remote access trojan (RAT) called BIFROSE (aka Bifrost) that uses a deceptive domain mimicking VMware."
TLP1 : Green
-
GitHub Rolls Out Default Secret Scanning Push Protection for Public Repositories
"GitHub on Thursday announced that it's enabling secret scanning push protection by default for all pushes to public repositories."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
US Charges Iranian Over Cyberattacks on Government, Defense Organizations
"The US Justice Department on Thursday announced charges against an Iranian national allegedly involved in hacking operations, including ones aimed at government and private sector organizations. "
TLP1 : Green
-
New Phishing Kit Leverages SMS, Voice Calls to Target Cryptocurrency Users
"A novel phishing kit has been observed impersonating the login pages of well-known cryptocurrency services as part of an attack cluster designed to primarily target mobile devices."
TLP1 : Green
-
UnitedHealth cyber attack causes medical payment processing freeze US-wide
"UnitedHealth cyberAccording to new reports, the attack on the UnitedHealth subsidiary resulted in payment processing outages for healthcare organisations across the country. attack causes medical payment processing freeze US-wide"
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Massive Data Breach at YX International Exposes 2FA Codes for Google, Facebook, TikTok Users
"In a startling revelation, a security loophole at YX International has compromised the privacy of countless users by leaking their two-factor authentication (2FA) codes, putting accounts on platforms like Google, Facebook, and TikTok at risk. Security researcher Anurag Sen's discovery of an unprotected database highlights a significant breach of user trust and data protection norms."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Five Eyes Agencies Warn of Active Exploitation of Ivanti Gateway Vulnerabilities
"The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure gateways, noting that the Integrity Checker Tool (ICT) can be deceived to provide a false sense of security."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
4 Instructive Postmortems on Data Downtime and Loss
"John Allspaw, who coined the term during his tenure at Etsy, argued postmortems were all about controlling our natural reaction to an incident, which is to point fingers: "One option is to assume the single cause is incompetence and scream at engineers to make them 'pay attention!' or 'be more careful!' Another option is to take a hard look at how the accident actually happened, treat the engineers involved with respect, and learn from the event.""
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
RKS - A Script To Automate Keystrokes Through A Graphical Desktop Program
"A script to automate keystrokes through an active remote desktop session that assists offensive operators in combination with living off the land techniques."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.