InfoSec News 20240410
Top News
-
French Football Club Ticketing System Targeted in Cyber Attack
"The club’s ticketing system was explicitly targeted, raising concerns over data security and the safety of fan information just as the Champions League quarter-finals loom on the horizon."
TLP1 : Green
-
Chrome Enterprise Will Charge You $6 For New AI Security Features
"Google has unveiled a significant upgrade to its enterprise browsing capabilities with the launch of Chrome Enterprise Premium."
TLP1 : Green
-
GitHub's Fake Popularity Scam Tricking Developers into Downloading Malware
"Threat actors are now taking advantage of GitHub's search functionality to trick unsuspecting users looking for popular repositories into downloading spurious counterparts that serve malware."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Hackers Attacking Infra Teams With Fake PuTTY & FileZilla Ads
"The attackers are using fake ads for popular system utilities to distribute a dangerous strain of malware known as Nitrogen."
TLP1 : Green
-
Hackers Targeting Human Rights Activists in Morocco and Western Sahara
"Human rights activists in Morocco and the Western Sahara region are the targets of a new threat actor that leverages phishing attacks to trick victims into installing bogus Android apps and serve credential harvesting pages for Windows users."
TLP1 : Green
-
10-Year-Old 'RUBYCARP' Romanian Hacker Group Surfaces with Botnet
"A threat group of suspected Romanian origin called RUBYCARP has been observed maintaining a long-running botnet for carrying out crypto mining, distributed denial-of-service (DDoS), and phishing attacks."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Microsoft data breach: Employees’ credentials like passwords leaked on internet
"Microsoft has allegedly faced a data breach that has exposed employees’ credentials and internal company files to the internet. This was revealed by security researchers Can Yoleri, Murat Özfidan and Egemen Koçhisarlı with SOCRadar, a cybersecurity company that helps organizations find security weaknesses. They discovered an open and public storage server hosted on Microsoft’s Azure cloud service that was storing internal information relating to Microsoft’s Bing search engine without being highlighted."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks
"A critical security flaw in the Rust standard library could be exploited to target Windows users and stage command injection attacks."
TLP1 : Green
-
Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel
"Cybersecurity researchers have disclosed what they say is the "first native Spectre v2 exploit" against the Linux kernel on Intel systems that could be exploited to read sensitive data from the memory."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Hands-on Review: Cynomi AI-powered vCISO Platform
"The need for vCISO services is growing. SMBs and SMEs are dealing with more third-party risks, tightening regulatory demands and stringent cyber insurance requirements than ever before. However, they often lack the resources and expertise to hire an in-house security executive team. By outsourcing security and compliance leadership to a vCISO, these organizations can more easily obtain cybersecurity expertise specialized for their industry and strengthen their cybersecurity posture."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
RemoteTLSCallbackInjection - Utilizing TLS Callbacks To Execute A Payload Without Spawning Any Threads In A Remote Process
"This method utilizes TLS callbacks to execute a payload without spawning any threads in a remote process. This method is inspired by Threadless Injection as RemoteTLSCallbackInjection does not invoke any API calls to trigger the injected payload."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.