Infosec News 20210302
Top News
-
Key Trends: eCrime and Nation-State Activities
"CrowdStrike revealed that there has been a humongous increase in interactive intrusion activity. There has been a fourfold increase in these activities in the last two years. "
TLP1 : Green
-
Attacks Against Education Sector Persist
"The attacks increased as academic institutions shifted to remote learning and teaching, leaving their networks vulnerable to threat actors. "
TLP1 : Green
-
A Global Cyber Warfare on America is on the cards says FireEye
"FireEye CEO Kevin Mandio told to Axios on HBO that a cyberwar fare is on the cards and mostly likely it is going to target America first for reasons."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Cybercriminals Demand Ransom From Tether Crypto Token to Avoid Leaking Sensitive Documents
"The unverified email screenshots appear to relate to Bahamas-based Deltec, which has a banking relationship with Tether, and a discussion over asset backing. Tether says the documents are "bogus." "
TLP1 : Green
-
H10 Indian Power Generation and Transmission Entities Targeted by Chinese Hackers Amid Geopolitical Tensions
"A new study shows that as the standoff continued in the Himalayas between India and China, Chinese malware was flowing into the control systems that manage electric supply across India. "
TLP1 : Green
Breaches: Data Breaches and Hacks
-
DDoSecrets Leaks 70GB of Gab Data Online Including User Profiles, Posts, Messages, Passwords
"DDoSecrets, a group of hacktivists has leaked a massive trove of data belonging to Gab.com. In total, DDoSecrets has leaked 70 GB worth of sensitive data belonging to registered Gab users. "
TLP1 : Green
-
Data of 21 million users from 3 Android VPNs put for sale online
"A user on a popular hacker forum is selling three databases purportedly containing user credentials and device data stolen from three different Android VPN services – SuperVPN, GeckoVPN, and ChatVPN. "
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
OpenSSL up to 1.0.2x/1.1.1i length return value
"A vulnerability classified as critical was found in OpenSSL up to 1.0.2x/1.1.1i (Network Encryption Software)"
TLP1 : Green
-
Hackers use a vulnerability present in iOS 11-14.3 to jailbreak iPhones
" Cal Jeffrey Jailbreaking iPhones has become something of a game between hackers and Apple."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Self-Assessment Tool Launches to Enhance Small Biz Security
"The free service is being provided by the GCHQ-backed National Cyber Security Center to the UK’s smallest businesses who, like most others, have been working remotely during the pandemic. "
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Multi-payload Gootloader platform stealthily delivers malware and ransomware
"Multi-payload Gootloader platform stealthily delivers malware and ransomware The delivery method for the six-year-old Gootkit financial malware"
TLP1 : Green
-
Halogen - Automatically Create YARA Rules From Malicious Documents
"Halogen is a tool to automate the creation of yara rules against image files embedded within a malicious document."
TLP1 : Green
-
Ryuk Ransomware With Worm-Like Capabilities Spotted in the Wild
"In early 2021, security researchers identified a variant of the infamous Ryuk ransomware that is capable of lateral movement within the infected networks."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.