InfoSec News 20240508
Top News
-
Scattered Spider group a unique challenge for cyber cops, FBI leader says
"Identified by analysts in 2022, the hackers use social engineering to lure users into giving up their login credentials or one-time password codes to bypass multifactor authentication."
TLP1 : Green
-
AT&T Splits Cybersecurity Services Business, Launches LevelBlue
"AT&T has split its cybersecurity services business to form a new company called LevelBlue. It includes AT&T's managed security services business, cybersecurity consulting business, and assets from the acquisition of AlienVault in 2018."
TLP1 : Green
-
Supply Chain Breaches Up 68% Year Over Year, According to DBIR
"According to Verizon's latest Data Breach Investigations Report (DBIR), supply chain breaches increased by 68% year-over-year, primarily due to software vulnerabilities exploited in ransomware and extortion attacks."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Germany recalls ambassador to Russia over cyberattacks
"Germany has recalled its ambassador to Russia in response to alleged Moscow-backed cyberattacks targeting various sectors in Germany, including defense, aerospace, and IT companies, as well as the German Social Democratic Party."
TLP1 : Green
-
White House in talks with industry to build legal framework for software liability
"The White House is engaging with the tech industry to establish a legal framework for software liability as part of a broader cybersecurity strategy, aiming to incentivize software developers to create products without exploitable security flaws."
TLP1 : Green
-
Law Enforcement Agencies Identified LockBit Ransomware Admin and Sanctioned Him
"The FBI, UK National Crime Agency, and Europol have unmasked the identity of the admin of the LockBit ransomware operation, aka ‘LockBitSupp’ and ‘putinkrab’, and issued sanctions against him."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
UK confirms Ministry of Defence payroll data exposed in data breach
"The UK Government confirmed today that a threat actor recently breached the country’s Ministry of Defence and gained access to part of the Armed Forces payment network."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Hackers exploit LiteSpeed Cache flaw to create WordPress admins
"WPScan observed in April increased exploitation activity against WordPress sites with versions of the plugin older than 5.7.0.1, which are vulnerable to a high-severity (8.8) unauthenticated cross-site scripting flaw tracked as CVE-2023-40000."
TLP1 : Green
-
Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw
"A critical remote code execution (RCE) flaw, CVE-2023-49606, was found affecting nearly 52,000 Tinyproxy servers. This vulnerability was disclosed by Cisco Talos in December 2023, impacting versions 1.11.1 and 1.10.0 of Tinyproxy."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
What is IAM? Identity and access management explained
"IAM is a set of processes, policies, and tools for controlling user access to critical information within an organization."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Confronting quantum computers' cryptanalysis concerns
"The race to successfully build quantum computers is on. With the potential to solve all manner of problems for humanity, players across the globe -- from tech companies to academic institutions to governments -- have been busy investing significant resources into quantum computing initiatives for some years now."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.