C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F
-
‘BootHole’ attack impacts Windows and Linux systems using GRUB2 and Secure Boot [Catalin Cimpanu, ZDNet Zero Day]
-
BootHole issue allows installing a stealthy and persistent malware [Pierluigi Paganini, Security Affairs]
-
Zoom bug allowed attackers to crack private meeting passwords [Sergiu Gatlan, Bleeping Computer]
-
Multiple Tor security issues disclosed, more to come [Catalin Cimpanu, ZDNet Zero Day]
-
Open source F5 Big-IP exploit detector released [Juha Saarinen, it news]
-
Expanse Researchers Show More Than 8,000 F5 BIG-IP TMUIs Are Still Exposed on the Internet [Expanse]
-
CISA: Attackers Are Exploiting F5 BIG-IP Vulnerability [Prajeet Nair, Data Breach Today]
-
Cisco fixes severe flaws in data center management solution [Sergiu Gatlan, Bleeping Computer]
-
Patch now: Cisco warns of nasty bug in its data center software [Liam Tung, ZDNet]
-
If you own one of these 45 Netgear devices, replace it [Gareth Corfield, The Register]
-
Over Half of Universities Suffered Data Breach in Past Year [Phil Muncaster, Infosecurity Magazine]
-
Introducing PhishingKitTracker [Marco Ramilli]
-
Microsoft releases open-source Linux version of Procmon tool [Lawrence Abrams, Bleeping Computer]
-
University of York discloses [third-party] data breach, staff and student records stolen [Charlie Osborne, Zero Day]
-
‘Crypto’ Scammers Weren’t the First to Crack Twitter [Mathew J. Schwartz, Information Security Media Group]
- see also: Twitter Hacking for Profit and the LoLs
-
Details and PoC for critical SharePoint RCE flaw released [Zeljka Zorz, Help Net Security]
- see also: SharePoint and Pwn :: Remote Code Execution Against SharePoint Server Abusing DataSet
-
Critical SIGred Windows DNS bug gets micropatch after PoCs released [Ionut Ilascu, Bleeping Computer]
-
New ‘Meow’ attack has wiped dozens of unsecured databases [Ionut Ilascu, Bleeping Computer]
-
Data Leaks in Online Education: Almost 1 Million Records Exposed [Chase Williams, WizCase]
-
TLS 1.0 and 1.1 deprecation for Office 365 [Microsoft]
-
OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory [Robert Falcone, Unit 42 / Palo Alto Networks]
-
Report: No-Log VPNs Exposed Users’ Logs and Personal Details for All to See [vpnMentor]
-
How to use MITRE ATT&CK [Mark Dufresne, Elastic Security]
-
Understanding the Benefits of the Capability Maturity Model Integration [Nigel Sampson (guest author) / Tripwire]
-
Why Cyber Ranges Are Effective To Train Your Teams [Mark Stone, IBM / Security Intelligence]
-
The InfoSec Barrier to AI [Praful Krishna, Dark Reading]
-
Europeans Aren’t Really Using COVID-19 Contact-Tracing Apps [Gabriel Geiger, Motherboard / VICE]
-
University of California San Francisco pays ransomware gang $1.14m as BBC publishes ‘dark web negotiations’ [Gareth Corfield, The Register]
-
Applying the 80-20 Rule to Cybersecurity [Dan Blum, Dark Reading / Informa]
- see also: Framing the Security Story: The Simplest Threats Are the Most Dangerous
-
Over 100 Wi-Fi routers fail major security test — protect yourself now [Paul Wagenseil, Tom’s Guide]
- Full report: www.fkie.fraunhofer.de/content/dam/fkie/de/documents/HomeRouter/HomeRouterSecurity_2020_Bericht.pdf
-
Palo Alto Networks patches critical vulnerability in firewall OS [Sergiu Gatlan, Bleeping Computer]
-
First reported Russian BEC scam gang targets Fortune 500 firms [Ionut Ilascu, Bleeping Computer]
-
‘Keeper’ hacking group behind hacks at 570 online stores [Catalin Cimpanu, Zero Day]
- If you entered card / account details on any of these sites post the dates given, consider your information compromised!
-
Google open-sources Tsunami vulnerability scanner [Catalin Cimpanu, Zero Day]
-
Toward trusted sensing for the cloud: Introducing Project Freta [Mike Walker, Microsoft]
-
Intel Owl Release v1.0.0 [Eshaan Bansal, The Honeynet Project]
-
AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals [Lindsey O’Donnell, Threatpost]
-
Redirect auction [Dmitry Kondratyev, Kaspersky]
-
WastedLocker Goes “Big-Game Hunting” in 2020 [Ben Baker et al, Talos / Cisco]
-
Ireland launches COVID-19 contact tracing app based on Apple-Google API [Mike Peterson, Apple Insider]
-
How Police Secretly Took Over a Global Phone Network for Organized Crime [Joseph Cox, Motherboard / Vice]
-
Update on IT Security Incident at UCSF [UCSF CISO]
-
Evil Corp blocked from deploying ransomware on 30 major US firms [Sergiu Gatlan, Bleeping Computer]
-
New Mac ransomware spreading through piracy [Thomas Reed, Malwarebyte]
More information:
-
New Mac Ransomware Is Even More Sinister Than It Appears [Lily Hay Newman, Wired]
-
Hacker ransoms 23k MongoDB databases and threatens to contact GDPR authorities [Catalin Cimpanu, ZDNet]
-
Apple strong-arms entire CA industry into one-year certificate lifespans [Catalin Cimpanu, ZDNet]
-
Online Learning Platform Exposes Data on One Million Students [Phil Muncaster, Infosecurity Magazine]
-
Security lapse at South Africa’s LogBox exposed user accounts and medical data [Jake Bright, Techcrunch]
-
Ransomware Awareness [Lenny Zeltser, SANS]
-
AA20-183A: Defending Against Malicious Cyber Activity Originating from Tor [US Cert]
-
Netgear Starts Patching Serious Vulnerabilities Affecting Tens of Products [Eduard Kovacs, Security Week]
-
Cisco Releases Security Updates for Multiple Products [US Cert]
-
Serious Vulnerabilities in F5’s BIG-IP Allow Full System Compromise [Eduard Kovacs , Security Week]
-
Commencement of certain sections of the Protection of Personal Information Act, 2013 [The Presidency]
- see also: GDPR vs POPIA
-
Largest Ever Recorded Packet Per Second-Based DDoS Attack Mitigated by Akamai [Tom Emmons, Akamai]
-
List of Ripple20 vulnerability advisories, patches, and updates [Ionut Ilascu, Bleeping Computer]
-
Privacy-Focused OS Wants to Know How Facebook and the FBI Hacked it [Lorenzo Franceschi-Bicchierai, Motherboard / Vice Media]
-
Defending Exchange servers under attack [Microsoft Defender ATP Research Team]
-
Turn on MFA Before Crooks Do It For You [Brian Krebs]
-
Australian PM says nation under serious state-run ‘cyber attack’ – Microsoft, Citrix, Telerik UI bugs ‘exploited’ [Simon Sharwood, The Register]
- official advisory here
-
Glupteba – the malware that gets secret messages from the Bitcoin blockchain [Paul Ducklin, Naked Security / Sophos]
-
Adobe Flash Player EOL General Information Page [Adobe]
– and everyone in infosec rejoices :) [now we just need that pesky Java to EOL ;)]
-
If a Cyber Security Report Falls in a Forest, Is Anyone Listening? [Ian Trump, HackRead]
-
To evade detection, hackers are requiring targets to complete CAPTCHAs [Dan Goodin, Ars Technica]
-
New technique protects consumers from voice spoofing attacks [Help Net Security]
-
Academics studied DDoS takedowns and said they’re ineffective, recommend patching vulnerable servers [Catalin Cimpanu, Zero Day]
-
Cyberbunker 2.0: Analysis of the Remnants of a Bullet Proof Hosting Provider [Karim Lalji and Johannes Ullrich, SANS ISC]
-
Guy Who Reverse-Engineered TikTok Reveals The Scary Things He Learned, Advises People To Stay Away From It [Rokas Laurinavičius and Ilona Baliūnaitė, Bored Panda]
-
My Adventures Hacking the iParcelBox [Sam Quinn, McAfee]
- Phishing Attacks:
-
Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com [Krebs on Security]
- Breaches:
-
South African bank to replace 12m cards after employees stole master key [Catalin Cimpanu, ZDNet]
- Developments in Video Conferencing Systems Security:
-
New Cisco Webex Meetings flaw lets attackers steal auth tokens [Sergiu Gatlan, Bleeping Computer]
-
End-to-End Encryption Update [Zoom] [Eric S. Yuan, Zoom]
- Ransomware:
-
City of Knoxville shuts down network after ransomware attack [Sergiu Gatlan, Bleeping Computer]
- General Security Interest:
-
After a breach, users rarely change their passwords, and when they do, they’re often weaker [Daniel Tkacik, Tech Xplore]
-
The Impending Doom of Expiring Root CAs and Legacy Clients [Scott Helme]
-
FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy [Krebs on Security]
- New Vulnerabilities:
-
Zero-day flaws in widespread TCP/IP library open millions of IoT devices to remote attack [Zeljka Zorz, Help Net Security]
- List of known vulnerable vendors/devices: Overview- Ripple20
-
SMBleedingGhost Writeup: Chaining SMBleed (CVE-2020-1206) with SMBGhost [ZecOps Blog]
- Vulnerabilities in Home Routers:
-
WFH Alert: Critical Bug Found in Old D-Link Router Models [Tom Spring, Threat Post]
-
Unpatched vulnerability identified in 79 Netgear router models [Catalin Cimpanu, ZDNet]
-
South Africa’s Life Healthcare hit by cyber attack [Aniruddha Ghosh, Reuters]
- see also: Hackers strike at Life Healthcare, extent of data breach yet to be assessed
-
Ransomware attackers threaten to leak Telkom client database [Jan Vermeulen, MyBroadband]
-
Exploit code for wormable flaw on unpatched Windows devices published online [Dan Goodin, Ars Technica]
- see also: SMBleed could allow a remote attacker to leak kernel memory
-
3 phishing trends organizations should watch out for [Kacey C, Digital Shadows]
- see also: Abnormal Attack Stories: COVID-19 Relief Phishing Through Dropbox Transfer
-
OUCH! Newsletter: Creating a Cyber Secure Home [Randy Marchany, Virginia Tech / SANS]
-
The Hitchhiker’s Guide to Web App Pen Testing [Vanessa Sauter, Dark Reading]
-
How Threat Actors Are Adapting to the Cloud [Charles DeBeck, IBM Security Intelligence]
-
Email threat types: Conversation hijacking [Christine Barry, Barracuda]
-
New Skill Testing Platform For 6 Most In-Demand Cybersecurity Jobs [The Hacker News]
-
uBlock Origin ad blocker now blocks port scans on most sites [Lawrence Abrams, Bleeping Computer]
-
VPNs are dead. Long Live Identity-Aware Proxies [Sat G, Medium]
-
Another Intel Speculative Execution Vulnerability [Bruce Schneier]
-
When Your Biggest Security and Privacy Threats Come From the Ones You Love [Ericka Chickowski, Dark Reading]
-
Information Security and Privacy Perspectives on the EDUCAUSE 2020 Top 10 IT Issues [Brian Kelly et al, EDUCAUSE]
- see also: EDUCAUSE COVID-19 QuickPoll Results: Information Security During the Pandemic
-
Netwalker ransomware continues assault on US colleges, hits UCSF [Lawrence Abrams, Bleeping Computer]
-
Threat Spotlight: Tycoon Ransomware Targets Education and Software Sectors [BlackBerry & KPMG]
-
REvil ransomware gang launches auction site to sell stolen data [Catalin Cimpanu, Zero Day]
- see also: REvil ransomware gang publishes ‘Elexon staff’s passports’ after UK electrical middleman shrugs off attack
-
CISA releases new Cyber Essentials Toolkit [CISA]
-
The ransomware that attacks you from inside a virtual machine [Mark Stockley, Naked Security / Sophos]
-
Securing SSH: What To Do and What Not To Do [Ed Williams, Trustwave]
-
Why is This Website Port Scanning me? [Charlie Belmer, Null Sweep]
-
Cisco warns: These Nexus switches have been hit by a serious security flaw [Liam Tung, Zero Day]
-
Evolution of Excel 4.0 Macro Weaponization [James Haughom and Stefano Ortolani, Lastline]
-
The mystery of the expiring Sectigo web certificate [Paul Ducklin, Naked Security / Sophos]
-
G Suite Marketplace primed for a privacy scandal, researchers warn [Catalin Cimpanu, Zero Day]
-
What is pretexting? Definition, examples and prevention [Josh Fruhlinger, CSO / IDG Communications]
-
Risk Assessment & the Human Condition [Joshua Goldfarb, Dark Reading]
-
Incident Of The Week: Educational Infrastructures At Risk Of Invasive Breaches [Seth Adler, Cyber Security Hub / IQPC]
-
Sharing Threat Intelligence in Higher Ed [Meg Lloyd, Campus Technology / Ed-Tech Group]
- see also: Predicting the Future of the SOC Analyst
-
European supercomputers hacked in mysterious cyberattacks [Ionut Ilascu, Bleeping Computer]
- see also: Supercomputers hacked across Europe to mine cryptocurrency
-
The 3 Top Cybersecurity Myths & What You Should Know [Zack Schuler, Dark Reading / Informa Tech]
- see also: Cybersecurity Extends Far Beyond Security Teams & Everyone Plays a Part
-
Verizon: Breaches Targeting Cloud-Based Data Doubled in 2019 [Doug Olenick, Bank Info Security / ISMG]
- see also: 6 ways to be more secure in the cloud
-
Security News This Week: Hackers Claim to Have ‘Dirty Laundry’ About Donald Trump [Brian Barrett, WIRED / Condé Nast]
- see also: REvil Ransomware found buyer for Trump data, now targeting Madonna
-
Microsoft warns of ‘massive’ phishing attack pushing legit RAT [Lawrence Abrams, Bleeping Computer]
- see also: Response Playbooks » RP0001: Phishing email
-
Smartphones, laptops, IoT devices vulnerable to new BIAS Bluetooth attack [ROOTDAEMON]
-
Digital Ethics in Higher Education: 2020 [John O’Brien, EDUCAUSE]
-
Why You May Not Need to Monitor the Dark Web [Idan Aharoni, Security Week / Wired Business Media]
-
Pingcastle – Active Directory Security Assessment Tool [Vincent Letoux, Darknet]
-
Enhanced Safe Browsing Protection now available in Chrome [Nathan Parker et al, Google]
-
This Service Helps Malware Authors Fix Flaws in their Code [Brain Krebs, Krebs on Security]
-
US officials say they’ve cracked Pensacola shooter’s iPhones, blast Apple [Sean Lyngaas, Cyberscoop, Scoop News Group]
-
Military And Intelligence Personnel Can Be Tracked With The Untappd Beer App [Foeke Postma, Bellingcat]