InfoSec News 20250115
Top News
-
Google OAuth Vulnerability Exposes Millions via Failed Startup Domains
New research has pulled back the curtain on a "deficiency" in Google's "Sign in with Google" authentication flow that exploits a quirk in domain ownership to gain access to sensitive data.
TLP1 : Green
-
Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws
Today is Microsoft's January 2025 Patch Tuesday, which includes security updates for 159 flaws, including eight zero-day vulnerabilities, with three actively exploited in attacks.
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Russia's largest platform for state procurement hit by cyberattack from pro-Ukraine group
Russia’s main electronic trading platform for government and corporate procurement confirmed on Monday that it had been targeted by a cyberattack after initially claiming that outages were caused by “maintenance work.”
TLP1 : Green
-
Russian nationals arrested by US, accused of running crypto mixers Blender and Sinbad
Three Russian nationals have been indicted for their alleged roles in running two popular cryptocurrency mixing services called Blender.io and Sinbad.io.
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Illicit HuiOne Telegram Market Surpasses Hydra, Hits $24 Billion in Crypto Transactions
The Telegram-based online marketplace known as HuiOne Guarantee and its vendors have cumulatively received at least $24 billion in cryptocurrency, dwarfing the now-defunct Hydra to become the largest online illicit marketplace to have ever operated.
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
New macOS Exploit Revealed: PoC for CVE-2024-54498 Breaks Sandbox Security
Recently, security researcher @wh1te4ever has revealed a proof of concept (PoC) exploit for CVE-2024-54498, a vulnerability that allows applications to escape the confines of the macOS Sandbox.
TLP1 : Green
-
CVE-2024-56511: Critical Authentication Bypass Vulnerability in DataEase
The DataEase project has issued an urgent advisory regarding a critical vulnerability (CVE-2024-56511) affecting its popular open-source BI tool. This flaw, rated 9.3 on the CVSSv4 scale, allows unauthorized access to sensitive data by bypassing authentication mechanisms.
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results
Researchers from Trend Micro uncovered the activity on the video-sharing platform, on which threat actors are posing as "guides" offering legitimate software installation tutorials to lure viewers into reading the video descriptions or comments, where they then include links to fake software downloads that lead to malware, they revealed in a recent blog post.
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Attackers are encrypting AWS S3 data without using ransomware
A ransomware gang dubbed Codefinger is encrypting data stored in target organizations’ AWS S3 buckets with AWS’s server-side encryption option with customer-provided keys (SSE-C), and asking for money to hand over the key they used.
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.