Top News

• Cisco Released IOS XR Software Security Advisory

"Cisco Systems, Inc., announced the release of its semiannual security advisory bundle, which addresses critical vulnerabilities in its IOS XR Software."

Link

TLP¹ : Green

• Hackers Abuse Venmo Payment Service to Steal Login Details

"Venmo, a mobile payment service owned by PayPal, has become a household name in the United States. It facilitates a convenient way for friends to exchange money and for businesses to transact with customers."

Link

TLP¹ : Green

• Google Introduces Enhanced Real-Time URL Protection for Chrome Users

"Google on Thursday announced an enhanced version of Safe Browsing to provide real-time, privacy-preserving URL protection and safeguard users from visiting potentially malicious sites."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Malicious Ads Targeting Chinese Users with Fake Notepad++ and VNote Installers

"Chinese users looking for legitimate software such as Notepad++ and VNote on search engines like Baidu are being targeted with malicious ads and bogus links to distribute trojanized versions of the software and ultimately deploy Geacon, a Golang-based implementation of Cobalt Strike."

Link

TLP¹ : Green

• LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada

"A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation."

Link

TLP¹ : Green

• Lazarus Group Uses Tornado Cash To Launder $12M From Heco Hack

"Infamous North Korean Hacking Group Lazarus has resumed using Tornado Cash, using the mixing service to launder $12 million worth of ETH. "

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Over 15,000 hacked Roku accounts sold for 50¢ each to buy hardware

"Roku has disclosed a data breach impacting over 15,000 customers after hacked accounts were used to make fraudulent purchases of hardware and streaming subscriptions."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• GhostRace Attack: Major CPU and Software Giants Flaw Let Attackers Steal Passwords

"Race conditions arise when there is no insufficient synchronization with a shared resource allowing multiple threads to access it simultaneously."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Cado Security Launches Collection and Analysis Support of SaaS Environments to Expedite Response to Microsoft 365 Compromises

"Cado Security, provider of the first cloud forensics and incident response platform, today announced that the Cado platform now enables customers to acquire Microsoft 365 Unified Audit Log (UAL) to help investigate and respond to Microsoft 365 compromises such as business email compromise (BEC), account takeover (ATO), and insider threats."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Pyradm - Python Remote Administration Tool Via Telegram

"Remote administration crossplatfrom tool via telegram"

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp