Top News

• Microsoft Patch Tuesday, May 2020 Edition

"Microsoft today issued software updates to plug at least 111 security holes in Windows and Windows-based programs"

Link

TLP¹ : Green

• WannaCryptor remains a global threat three years on

"WannaCryptor is still alive and kicking, so much so that it sits atop the list of the most commonly detected ransomware familie"

Link

TLP¹ : Green

• Over 4000 Android Apps Expose Users' Data via Misconfigured Firebase Databases

"More than 4,000 Android apps that use Google's cloud-hosted Firebase databases are 'unknowingly' leaking sensitive information on their users, including their email addresses, usernames, passwords, phone numbers, full names, chat messages and location data."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Cybersecurity firm links Chinese group to cyber espionage in Southeast Asia

"A China-based group has quietly carried out cyber espionage against Southeast Asian governments during the past few years, collecting “specific documents,” among other data, from infected computers, a cybersecurity company said in a report."

Link

TLP¹ : Green

• Governments Shouldn’t Use “Centralized” Proximity Tracking Technology

"Companies and governments across the world are building and deploying a dizzying number of systems and apps to fight COVID-19."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Cybercriminals used the REvil ransomware to attack a law firm.

"A popular law firm that works with several A-list celebrities, including Lady Gaga, Drake and Madonna, has been hit by a ransomware attack."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Dutch DPA Fines Company 750,000 Euros for Unlawful Employee Fingerprint Processing

"The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, the “Dutch DPA”) recently imposed a €750,000 fine on a company for unlawful processing of employees’ fingerprints for attendance taking and time registration purposes."

Link

TLP¹ : Green

• Anubis Malware Upgrade Logs When Victims Look at Their Screens

"Threat actors are cooking up new features for the sophisticated banking trojan that targets Google Android apps and devices."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Exploit Database SearchSploit Update

"The Exploit Database, one of our community projects, is still actively under development with updates coming even after a decade of existence!"

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Kali Linux 2020.2 Release - Penetration Testing and Ethical Hacking Linux Distribution

"We are incredibly excited to announce the second release of 2020, Kali Linux 2020.1.2"

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp