InfoSec News 20250331

  • Publicado: Seg, 31/03/2025 - 14:38

Top News

  • Phishing-as-a-service operation uses DNS-over-HTTPS for evasion

"A newly discovered phishing-as-a-service (PhaaS) operation that researchers call Morphing Meerkat, has been using the DNS over HTTPS (DoH) protocol to evade detection."

Link

TLP1 : Green

  • New Crocodilus malware steals Android users’ crypto wallet keys

"A newly discovered Android malware dubbed Crocodilus tricks users into providing the seed phrase for the cryptocurrency wallet using a warning to back up the key to avoid losing access."

Link

TLP1 : Green

  • New Issuance Requirements Improve HTTPS Certificate Validation

"HTTPS certificate issuance now requires Multi-Perspective Issuance Corroboration and linting to improve validation."

Link

TLP1 : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

  • U.S. seized $8.2 million in crypto linked to 'Romance Baiting' scams

"The U.S. Department of Justice (DOJ) has seized over $8.2 million worth of USDT (Tether) cryptocurrency that was stolen via 'romance baiting' scams."

Link

TLP1 : Green

Breaches: Data Breaches and Hacks

  • Retail giant Sam’s Club investigates Clop ransomware breach claims

​"Sam's Club, an American warehouse supermarket chain owned by U.S. retail giant Walmart, is investigating claims of a Clop ransomware breach."

Link

TLP1 : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

  • CVE-2025-22398: Dell Unity Hit by 9.8 CVSS Root-Level Command Injection Flaw

"Dell has released a security update for Unity OS version 5.4 and earlier, addressing a set of critical vulnerabilities that expose the popular enterprise storage systems—Unity, UnityVSA, and Unity XT—to unauthenticated remote command execution, file deletion, open redirects, and privilege escalation."

Link

TLP1 : Green

  • Canon Fixes Critical Printer Driver Flaw: CVE-2025-1268 Alert

"Canon has issued a security notice regarding a critical vulnerability found in certain printer drivers for its production printers, office/small office multifunction printers, and laser printers."

Link

TLP1 : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

  • Train to become an ethical hacker from home for $35 in this deal

"If you’ve ever thought about getting into the always-growing world of cybersecurity, there’s literally no better time to start. The All-in-One Super-Sized Ethical Hacking Bundle is packed with everything you need to get your foot in the door—or to kick that door wide open."

Link

TLP1 : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

  • SnakeKeylogger: A Multistage Info Stealer Malware Campaign

"Info-stealer malware has become a growing threat, with attackers constantly refining their techniques to evade detection. Among these threats, SnakeKeylogger has emerged as one of the highly active credential-stealing malware, targeting individuals and businesses."

Link

TLP1 : Green

 

 

1Traffic Light Protocol (TLP) [1] for information sharing:

 

 

  • Red:Not for disclosure, restricted to participants only.
  • Amber: Limited disclosure, restricted to participants organizations.
  • Green: Limited disclosure, restricted to the community.

 

[1]https://www.first.org/tlp

Infosec News