Top News

• New EvilQuest ransomware hits Mac devices through pirated software

"There are more than 100 million Mac users around the globe and these figures alone make Apple a lucrative target for hackers and cybercriminals."

Link

TLP¹ : Green

• Netgear is releasing fixes for ten issues affecting 79 products

"Netgear is addressing ten vulnerabilities affecting nearly 80 of its products, including issues discovered at the Pwn2Own hacking competition."

Link

TLP¹ : Green

• Vulnerability Spotlight: Information disclosure vulnerability in Mozilla Firefox

"Cisco Talos recently discovered an information disclosure vulnerability in Mozilla Firefox. An attacker can exploit this bug by tricking a user into visiting a specially crafted web page through the browser."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• SonicWall Appoints Tristan Bateup as Country Manager for Ireland

"Cybersecurity solutions company SonicWall has announced the appointment of Tristan Bateup as country manager for Ireland as the firm seeks to expand its presence and capabilities in the country."

Link

TLP¹ : Green

• ENISA Leads Cybersecurity Seminar for the Hellenic Ministry of Digital Governance

"The European Union Agency for Cybersecurity delivered Infodays for the National Cybersecurity Authority (NCA) of the Hellenic Ministry of Digital Governance to increase the country’s cybersecurity capacity."

Link

TLP¹ : Green

• DuckDuckGo Banned In India Following Government Orders: Reports

"The crusader of user privacy in search engines, DuckDuckGo has gone down in India for several users, according to the reports and DownDetector."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Facebook Privacy Snafu Exposes User Data to Thousands of Apps

"Facebook has discovered another back-end privacy issue which meant that thousands of apps continued to receive users’ personal information even after access should have automatically expired."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking

"A new research has uncovered multiple critical reverse RDP vulnerabilities in Apache Guacamole, a popular remote desktop application used by system administrators to access and manage Windows and Linux machines remotely."

Link

TLP¹ : Green

• Microsoft releases emergency update to fix two serious Windows flaws

"The out-of-band update plugs two remote code execution bugs in the Windows Codecs library, including one rated as critical."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• US authorities issue guidance on how to defend against cyber attacks via Tor

"The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a security advisory for organizations that provides a series of recommendations on how to protect against malicious activities originating fr om or routed through the Tor anonymity network. "

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• IIS-Raid - A Native Backdoor Module For Microsoft IIS (Internet Information Services)

"IS Raid is a native IIS module that abuses the extendibility of IIS to backdoor the web server and carry out custom actions defined by an attacker."

Link

TLP¹ : Green

• How AI and Voice Technology is Similar to a Service Dog

"Can a more complex comparison be made? AI and voice assistance are similar to a seeing-eye dog."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp