54BD 783A 27D2 85C1 C46D 5A02 3651 ADE3 E402 9FC2

Infosec bits for week 49/20

  1. ABSA Data Leak
    1. Absa bank embroiled in data leak, rogue employee accused of theft [Charlie Osborne, ZDNet]
    2. Absa data leak update: ID numbers, vehicle details among stolen info [Business Insider]
    3. Details about person behind Absa data breach emerge [MyBroadband]
  2. Cybercrimess Bill Passed
    1. Parliament passes Cybercrimes Bill [MyBroadband via BusinessTech]
  3. Exploitable Vulnerabilities
    1. iPhone zero-click Wi-Fi exploit is one of the most breathtaking hacks ever [Dan Goodin, Ars Technica]
    2. FortiNet: Update Regarding CVE-2018-13379 [Carl Windsor, Fortinet]
    3. Multiple Botnets Exploiting Critical Oracle WebLogic Bug — PATCH NOW [Ravie Lakshmanan, The Hacker News]
    4. VMWare VMSA-2020-0027.2 Update [VMWare]
    5. Multiple vulnerabilities in WebKit [Jon Munshaw, Talos Intelligence]
  4. Education and Academia
    1. Ransomware halts classes for 115,000 Baltimore pupils [BBC News]
    2. University of Vermont Medical Center has yet to fully recover from October cyber attack [Pierluigi Paganini, Security Affairs]
    3. Alabama school district shut down by ransomware attack [Lawrence Abrams, Bleeping Computer]
  5. Hacker Techniques
    1. How attackers exploit Window Active Directory and Group Policy [Susan Bradley, CSO Online]
  6. Container Security
    1. A scan of 4 Million Docker images reveals 51% have critical flaws [Perluigi Paganini, Security Affairs]
    2. Half of all Docker Hub images have at least one critical vulnerability [Lucian Constantin, CSO Online]
    3. Misconfigured Docker Servers Under Attack by Xanthe Malware [Lindsey O’Donnell, Threat Post]
  7. Governance and the Year in Review
    1. Notable Enhancements to the New Version of NIST SP 800-53 [Steven Tipton, Tripwire]
    2. The NCSC Annual Review 2020 [NCSC]
    3. The biggest hacks, data breaches of 2020 [Charlie Osborne, ZDNet]

Infosec bits for week 48/20

  1. Higher Education
  2. Budget
  3. Social Engineering / Awareness
  4. Smart cars / IOT
  5. Webinars and trainings
  6. Advisories / Vulnerabilities
  7. DDoS Mitigation
  8. General

Infosec bits for week 46/20

  1. Patch EveryDay
    1. Intel fixes 95 vulnerabilities in November 2020 Platform Update [BleepingComputer, Sergiu Gatlan]
    2. Microsoft Exchange Server ExportExchangeCertificate WriteCertiricate File Write Remote Code Execution Vulnerability [SourceIncite]
    3. Office November security updates fix remote code execution bugs [BleepingComputer, Sergiu Gatlan]
    4. Remote kernel heap overflow in NFSv3 Windows Server [McAfee, Eoin Carroll and Steve Povolny]
    5. Microsoft Security Update Guide [Microsoft]
    6. Changes to Microsoft Security Bulletins [TripWire, Tyler Reguly]
  2. Attacks
    1. DNS cache poisoning, the Internet attack from 2008, is back from the dead [Ars Technica, Dan Goodin]
    2. How to get root on Ubuntu 20.04 by pretending nobody’s /home [Kevin Backhouse]
  3. Academia and Research
    1. Cyberattack on University of Vermont hospital IT network [CyberScoop, Sean Lyngaas]
    2. Price Dropped on Hacked Educational RDP Details [InfoSecurity Magazine, Dan Raywood]
    3. Open University Targeted With Over a Million Malicious Email Attacks So Far This Year [InfoSecurity Magazine, James Coker]
    4. European weather services hit by storm of malicious email attacks [NewScientist, Adam Vaughan]
  4. Sad News about the Arecibo Observatory
    1. Second Cable Fails at Arecibo Observatory – Massive Radio Telescope Used in the Search for Alien Life [SciTechDaily]

Infosec bits for week 45/20

  1. Operational network security – training sessions Aug 2020 to Feb 2021 [GÉANT/DFN]
  2. Interview: How the University of Duisburg-Essen (UDE) prevented a ransomware attack [Davina Luyten/Marius Mertens]
  3. Privacy Impact Assessment Toolkit [ucisa]
  4. Ransomware Protection and Containment Strategies [MANDIANT]
  5. Active Directory administrative tier model [Microsoft]
  6. OUCH! Newsletter: Social Engineering Attacks [Christian Nicholson]
  7. Cybersecurity as we know it will be ‘a thing of the past in the next decade,’ says Cloudflare’s COO, as security moves towards a ‘water treatment’ model [Rosalie Chan, Business Insider]
  8. Zoom Finally Has End-to-End Encryption. Here’s How to Use It [Brain Barrett, WIRED / Condé Nast]
    - see also: End-to-end (E2E) encryption for meetings
  9. Patch for Critical VMware ESXi Vulnerability Incomplete [Eduard Kovacs, SecurityWeek / Wired Business Media]
  10. PATCH NOW: CVE-2020-14882 Weblogic Actively Exploited Against Honeypots [Johannes Ullrich, SANS ISC]
    - see also: Security Alert CVE-2020-14750 Patch Availability Document for Oracle WebLogic Server
  11. Why Paying to Delete Stolen Data is Bonkers [Krebs on Security]
  12. NAT Slipstreaming [Samy Kamkar]
    - see also: news.ycombinator.com/item?id=24955891
  13. Dr. Strangenet—or, how I stopped worrying and embraced the WFH IT apocalypse [Sean Gallagher, Ars Technica / Condé Nast]
  14. ‘There’s a whole war going on’: the film tracing a decade of cyber-attacks [Adrian Horton, The Guardian]

Infosec bits for week 44/20

  1. Vulnerabilities
  2. Academic and Education Sector
  3. Botnet News
  4. Ransomware News
  5. Awareness and Conferences

Infosec bits for week 43/20

  1. ENISA Threat Landscape 2020: Cyber Attacks Becoming More Sophisticated, Targeted, Widespread and Undetected [ENISA]
  2. Privacy nightmare for Toledo Public Schools: Hackers dumped student and employee data [DISSENT]
  3. Where Do Security Awareness Programs Belong on the Org Chart? [Tonia Dudley, Cofense]
  4. 4 Tips For Protecting Intellectual Property In Academia [Mike Chapple, EdTech / CDW]
  5. Hacking Incident Has an Unusual Ending [Marianne Kolbasuk McGee, HealthcareInfoSecurity / ISMG]
    - see also: Ransomware gang donates part of ransom demands to charity organizations
  6. Quarterly Update: Ransomware Trends in Q3 [Jamie Hart, Digital Shadows]
  7. Cisco warns of attacks targeting high severity router vulnerability [Sergiu Gatlan, Bleeping Computer]
  8. VMware Security Advisories
  9. Government will force ISPs to crack down on piracy in South Africa [Jan Vermeulen, MyBroadband]
  10. Vodacom and MTN have not notified Information Regulator of location data breach [Jan Vermeulen, MyBroadband]
  11. What is confidential computing? How can you use it? [Mirko Zorz, Help Net Security]
  12. Hackers hijack Telegram, email accounts in SS7 mobile attack [Ionut Ilascu, Bleeping Computer]
  13. Popular Mobile Browsers Found Vulnerable To Address Bar Spoofing Attacks [Ravie Lakshmanan, The Hacker News]
  14. Robot’s parents very proud of her for finally passing CAPTCHA test [Mary Gillis, The Beaverton]