Infosec News 20200522
Top News
-
These things may be cool, but are they safe?
"In the rush to embrace IoT devices, we shouldn’t trade in our privacy and security for the added convenience "
TLP1 : Green
-
Santander, one of the biggest European banks, was leaking sensitive data on their website
"Santander Consumer Bank, the Belgian branch of the bank, had a misconfiguration in its blog domain that was allowing its files to be indexed."
TLP1 : Green
-
Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware
"Hackers attempted to exploit a zero-day flaw in the Sophos XG firewall to distribute ransomware to Windows machines, but the attack was blocked."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
REvil hackers allegedly sold Trump’s data now targeting food distributors
"REvil hackers are now demanding $7.5 million ransom.
TLP1 : Green
-
Ukraine Nabs Suspect in 773M Password ‘Megabreach’
"In January 2019, dozens of media outlets raised the alarm about a new “megabreach” involving the release of some 773 million stolen usernames and passwords"
TLP1 : Green
Breaches: Data Breaches and Hacks
-
BlockFi hacked following SIM swap attack, but says no funds lost
"For just under 90 minutes last Thursday, hackers were able to compromise the systems of cryptocurrency lending platform BlockFi"
TLP1 : Green
-
Hacker leaks 2.3 million Indonesian citizenship data for download
" The stolen Indonesian citizenship and electoral data is currently available for free download on a hacker forum.”"
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Cisco IOS Network Address Translation IPv4 Packet denial of service
"A vulnerability was found in Cisco IOS (Router Operating System) (the affected version unknown)."
TLP1 : Green
-
‘Privilege escalation in Microsoft Edge (Chromium-based)
" This security advisory describes one low risk vulnerability. 1) Permissions, Privileges, and Access Controls. "
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
A Beginner’s Guide to Staying Safe/Anonymous Online
"It is probably safe to assume you have heard of OSINT at some point (Open Source INTelligence).
TLP1 : Green
-
The Future of the Email Security Market: The Importance of the Secure Email Gateway
"Welcome to the first in a series of blogs on the future of the email security market and how you can leverage the latest technologies to secure your cloud email deployments."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Update: oledump.py Version 0.0.50
"This new version brings updates to plugin plugin_biff.py."
TLP1 : Green
-
Web Hacker's Weapons - A Collection Of Cool Tools Used By Web Hackers
"A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.