E6F5 4D49 5B3F 4783 DEF1 1494 6199 BFDA 457D 1C5F
-
University of California San Francisco pays ransomware gang $1.14m as BBC publishes ‘dark web negotiations’ [Gareth Corfield, The Register]
-
Applying the 80-20 Rule to Cybersecurity [Dan Blum, Dark Reading / Informa]
- see also: Framing the Security Story: The Simplest Threats Are the Most Dangerous
-
Over 100 Wi-Fi routers fail major security test — protect yourself now [Paul Wagenseil, Tom’s Guide]
- Full report: www.fkie.fraunhofer.de/content/dam/fkie/de/documents/HomeRouter/HomeRouterSecurity_2020_Bericht.pdf
-
Palo Alto Networks patches critical vulnerability in firewall OS [Sergiu Gatlan, Bleeping Computer]
-
First reported Russian BEC scam gang targets Fortune 500 firms [Ionut Ilascu, Bleeping Computer]
-
‘Keeper’ hacking group behind hacks at 570 online stores [Catalin Cimpanu, Zero Day]
- If you entered card / account details on any of these sites post the dates given, consider your information compromised!
-
Google open-sources Tsunami vulnerability scanner [Catalin Cimpanu, Zero Day]
-
Toward trusted sensing for the cloud: Introducing Project Freta [Mike Walker, Microsoft]
-
Intel Owl Release v1.0.0 [Eshaan Bansal, The Honeynet Project]
-
AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals [Lindsey O’Donnell, Threatpost]
-
Redirect auction [Dmitry Kondratyev, Kaspersky]
-
WastedLocker Goes “Big-Game Hunting” in 2020 [Ben Baker et al, Talos / Cisco]
-
Ireland launches COVID-19 contact tracing app based on Apple-Google API [Mike Peterson, Apple Insider]
-
How Police Secretly Took Over a Global Phone Network for Organized Crime [Joseph Cox, Motherboard / Vice]
-
Update on IT Security Incident at UCSF [UCSF CISO]
-
Evil Corp blocked from deploying ransomware on 30 major US firms [Sergiu Gatlan, Bleeping Computer]
-
New Mac ransomware spreading through piracy [Thomas Reed, Malwarebyte]
More information:
-
New Mac Ransomware Is Even More Sinister Than It Appears [Lily Hay Newman, Wired]
-
Hacker ransoms 23k MongoDB databases and threatens to contact GDPR authorities [Catalin Cimpanu, ZDNet]
-
Apple strong-arms entire CA industry into one-year certificate lifespans [Catalin Cimpanu, ZDNet]
-
Online Learning Platform Exposes Data on One Million Students [Phil Muncaster, Infosecurity Magazine]
-
Security lapse at South Africa’s LogBox exposed user accounts and medical data [Jake Bright, Techcrunch]
-
Ransomware Awareness [Lenny Zeltser, SANS]
-
AA20-183A: Defending Against Malicious Cyber Activity Originating from Tor [US Cert]
-
Netgear Starts Patching Serious Vulnerabilities Affecting Tens of Products [Eduard Kovacs, Security Week]
-
Cisco Releases Security Updates for Multiple Products [US Cert]
-
Serious Vulnerabilities in F5’s BIG-IP Allow Full System Compromise [Eduard Kovacs , Security Week]
-
Commencement of certain sections of the Protection of Personal Information Act, 2013 [The Presidency]
- see also: GDPR vs POPIA
-
Largest Ever Recorded Packet Per Second-Based DDoS Attack Mitigated by Akamai [Tom Emmons, Akamai]
-
List of Ripple20 vulnerability advisories, patches, and updates [Ionut Ilascu, Bleeping Computer]
-
Privacy-Focused OS Wants to Know How Facebook and the FBI Hacked it [Lorenzo Franceschi-Bicchierai, Motherboard / Vice Media]
-
Defending Exchange servers under attack [Microsoft Defender ATP Research Team]
-
Turn on MFA Before Crooks Do It For You [Brian Krebs]
-
Australian PM says nation under serious state-run ‘cyber attack’ – Microsoft, Citrix, Telerik UI bugs ‘exploited’ [Simon Sharwood, The Register]
- official advisory here
-
Glupteba – the malware that gets secret messages from the Bitcoin blockchain [Paul Ducklin, Naked Security / Sophos]
-
Adobe Flash Player EOL General Information Page [Adobe]
– and everyone in infosec rejoices :) [now we just need that pesky Java to EOL ;)]
-
If a Cyber Security Report Falls in a Forest, Is Anyone Listening? [Ian Trump, HackRead]
-
To evade detection, hackers are requiring targets to complete CAPTCHAs [Dan Goodin, Ars Technica]
-
New technique protects consumers from voice spoofing attacks [Help Net Security]
-
Academics studied DDoS takedowns and said they’re ineffective, recommend patching vulnerable servers [Catalin Cimpanu, Zero Day]
-
Cyberbunker 2.0: Analysis of the Remnants of a Bullet Proof Hosting Provider [Karim Lalji and Johannes Ullrich, SANS ISC]
-
Guy Who Reverse-Engineered TikTok Reveals The Scary Things He Learned, Advises People To Stay Away From It [Rokas Laurinavičius and Ilona Baliūnaitė, Bored Panda]
-
My Adventures Hacking the iParcelBox [Sam Quinn, McAfee]
- Phishing Attacks:
-
Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com [Krebs on Security]
- Breaches:
-
South African bank to replace 12m cards after employees stole master key [Catalin Cimpanu, ZDNet]
- Developments in Video Conferencing Systems Security:
-
New Cisco Webex Meetings flaw lets attackers steal auth tokens [Sergiu Gatlan, Bleeping Computer]
-
End-to-End Encryption Update [Zoom] [Eric S. Yuan, Zoom]
- Ransomware:
-
City of Knoxville shuts down network after ransomware attack [Sergiu Gatlan, Bleeping Computer]
- General Security Interest:
-
After a breach, users rarely change their passwords, and when they do, they’re often weaker [Daniel Tkacik, Tech Xplore]
-
The Impending Doom of Expiring Root CAs and Legacy Clients [Scott Helme]
-
FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy [Krebs on Security]
- New Vulnerabilities:
-
Zero-day flaws in widespread TCP/IP library open millions of IoT devices to remote attack [Zeljka Zorz, Help Net Security]
- List of known vulnerable vendors/devices: Overview- Ripple20
-
SMBleedingGhost Writeup: Chaining SMBleed (CVE-2020-1206) with SMBGhost [ZecOps Blog]
- Vulnerabilities in Home Routers:
-
WFH Alert: Critical Bug Found in Old D-Link Router Models [Tom Spring, Threat Post]
-
Unpatched vulnerability identified in 79 Netgear router models [Catalin Cimpanu, ZDNet]
-
South Africa’s Life Healthcare hit by cyber attack [Aniruddha Ghosh, Reuters]
- see also: Hackers strike at Life Healthcare, extent of data breach yet to be assessed
-
Ransomware attackers threaten to leak Telkom client database [Jan Vermeulen, MyBroadband]
-
Exploit code for wormable flaw on unpatched Windows devices published online [Dan Goodin, Ars Technica]
- see also: SMBleed could allow a remote attacker to leak kernel memory
-
3 phishing trends organizations should watch out for [Kacey C, Digital Shadows]
- see also: Abnormal Attack Stories: COVID-19 Relief Phishing Through Dropbox Transfer
-
OUCH! Newsletter: Creating a Cyber Secure Home [Randy Marchany, Virginia Tech / SANS]
-
The Hitchhiker’s Guide to Web App Pen Testing [Vanessa Sauter, Dark Reading]
-
How Threat Actors Are Adapting to the Cloud [Charles DeBeck, IBM Security Intelligence]
-
Email threat types: Conversation hijacking [Christine Barry, Barracuda]
-
New Skill Testing Platform For 6 Most In-Demand Cybersecurity Jobs [The Hacker News]
-
uBlock Origin ad blocker now blocks port scans on most sites [Lawrence Abrams, Bleeping Computer]
-
VPNs are dead. Long Live Identity-Aware Proxies [Sat G, Medium]
-
Another Intel Speculative Execution Vulnerability [Bruce Schneier]
-
When Your Biggest Security and Privacy Threats Come From the Ones You Love [Ericka Chickowski, Dark Reading]
-
Information Security and Privacy Perspectives on the EDUCAUSE 2020 Top 10 IT Issues [Brian Kelly et al, EDUCAUSE]
- see also: EDUCAUSE COVID-19 QuickPoll Results: Information Security During the Pandemic
-
Netwalker ransomware continues assault on US colleges, hits UCSF [Lawrence Abrams, Bleeping Computer]
-
Threat Spotlight: Tycoon Ransomware Targets Education and Software Sectors [BlackBerry & KPMG]
-
REvil ransomware gang launches auction site to sell stolen data [Catalin Cimpanu, Zero Day]
- see also: REvil ransomware gang publishes ‘Elexon staff’s passports’ after UK electrical middleman shrugs off attack
-
CISA releases new Cyber Essentials Toolkit [CISA]
-
The ransomware that attacks you from inside a virtual machine [Mark Stockley, Naked Security / Sophos]
-
Securing SSH: What To Do and What Not To Do [Ed Williams, Trustwave]
-
Why is This Website Port Scanning me? [Charlie Belmer, Null Sweep]
-
Cisco warns: These Nexus switches have been hit by a serious security flaw [Liam Tung, Zero Day]
-
Evolution of Excel 4.0 Macro Weaponization [James Haughom and Stefano Ortolani, Lastline]
-
The mystery of the expiring Sectigo web certificate [Paul Ducklin, Naked Security / Sophos]
-
G Suite Marketplace primed for a privacy scandal, researchers warn [Catalin Cimpanu, Zero Day]
-
What is pretexting? Definition, examples and prevention [Josh Fruhlinger, CSO / IDG Communications]
-
Risk Assessment & the Human Condition [Joshua Goldfarb, Dark Reading]
-
Incident Of The Week: Educational Infrastructures At Risk Of Invasive Breaches [Seth Adler, Cyber Security Hub / IQPC]
-
Sharing Threat Intelligence in Higher Ed [Meg Lloyd, Campus Technology / Ed-Tech Group]
- see also: Predicting the Future of the SOC Analyst
-
European supercomputers hacked in mysterious cyberattacks [Ionut Ilascu, Bleeping Computer]
- see also: Supercomputers hacked across Europe to mine cryptocurrency
-
The 3 Top Cybersecurity Myths & What You Should Know [Zack Schuler, Dark Reading / Informa Tech]
- see also: Cybersecurity Extends Far Beyond Security Teams & Everyone Plays a Part
-
Verizon: Breaches Targeting Cloud-Based Data Doubled in 2019 [Doug Olenick, Bank Info Security / ISMG]
- see also: 6 ways to be more secure in the cloud
-
Security News This Week: Hackers Claim to Have ‘Dirty Laundry’ About Donald Trump [Brian Barrett, WIRED / Condé Nast]
- see also: REvil Ransomware found buyer for Trump data, now targeting Madonna
-
Microsoft warns of ‘massive’ phishing attack pushing legit RAT [Lawrence Abrams, Bleeping Computer]
- see also: Response Playbooks » RP0001: Phishing email
-
Smartphones, laptops, IoT devices vulnerable to new BIAS Bluetooth attack [ROOTDAEMON]
-
Digital Ethics in Higher Education: 2020 [John O’Brien, EDUCAUSE]
-
Why You May Not Need to Monitor the Dark Web [Idan Aharoni, Security Week / Wired Business Media]
-
Pingcastle – Active Directory Security Assessment Tool [Vincent Letoux, Darknet]
-
Enhanced Safe Browsing Protection now available in Chrome [Nathan Parker et al, Google]
-
This Service Helps Malware Authors Fix Flaws in their Code [Brain Krebs, Krebs on Security]
-
US officials say they’ve cracked Pensacola shooter’s iPhones, blast Apple [Sean Lyngaas, Cyberscoop, Scoop News Group]
-
Military And Intelligence Personnel Can Be Tracked With The Untappd Beer App [Foeke Postma, Bellingcat]
-
Ruhr University Bochum shuts down servers after ransomware attack [Sergiu Gatlan, Bleeping Computer]
-
Pandemic Could Accelerate Passwordless Authentication [Steve Zurier, Dark Reading / Informa]
- see also: 5 common password mistakes you should avoid
- and: Protect your accounts with smarter ways to sign in on World Passwordless Day
-
Apple, Google push makers of coronavirus apps not to record user location [David Ingram, NBC News]
-
Zoom acquires Keybase to beef up encryption, ease security questions [Jeff Stone, Cyberscoop / Scoop News Group]
-
Cyber Subterfuge and Curious Sharks Threaten the World’s Subsea Fiber-Optic Cables [Alison Diana, Dark Reading / Informa]
-
Maze Ransomware and its Various Campaigns Continue to Threaten the Cyber World – E Hacking News [Rootdaemon]
- see also: Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents
-
Microsoft and Intel project converts malware into images before analyzing it [Catalin Cimpanu, Zero Day]
-
GitHub Code Scanning aims to prevent vulnerabilities in open source software [Zeljka Zorz, Help Net Security]
-
6 common container security mistakes to avoid [Bob Violino, CSO / IDG Communications]
-
Build a Culture of Holistic Risk Awareness Throughout Your Workforce [Michelle Greenlee, Security Intelligence / IBM]
-
The 4 Stages to a Successful Vulnerability Management Program [Mitch Parker, Tripwire]
-
For 8 years, a hacker operated a massive IoT botnet just to download Anime videos [Catalin Cimpanu, Zero Day]
-
Resource Guide for Cybersecurity During the COVID-19 Pandemic [Center for Internet Security]
- see also: Privacy Preserving Protocols to Trace Covid19 Exposure
- and: Cyber volunteers release blocklists for 26,000 COVID-19 threats
-
Learning from Home While School’s Out: Cybersecurity Education for Kids [Greg Herbold and Kim Yohannan, Palo Alto Networks]
- see also: Cybersecurity Lab – highly recommended for kids Gr8-12
- PBS Kids Cyberchase – for the younger ones
- Cyber School – Free to attend, live & online cyber security school for school pupils around the world
- KnowBe4 Children’s Interactive Cybersecurity Activity Kit – offline activity books
-
Nearly a Million WP Sites Targeted in Large-Scale Attacks [Ram Gall , Wordfence]
- see also: Critical WordPress e-Learning Plugin Bugs Open Door to Cheating
-
Convincing Office 365 phishing uses fake Microsoft Teams alerts [Sergiu Gatlan, Bleeping Computer]
- original report: Abnormal Attack Stories: Microsoft Teams Impersonation
-
Cisco Webex phishing uses fake cert errors to steal credentials [Sergiu Gatlan, Bleeping Computer]
-
LockBit, the new ransomware for hire: A sad and cautionary tale [Dan Goodin, Ars Technica / Condé Nast]
-
Hackers exploit Salt RCE bugs in widespread attacks, PoCs public [Ionut Ilascu, Bleeping Computer]
- see also: Search provider Algolia discloses security incident due to Salt vulnerability
-
What to do when you receive an extortion email [Thomas Reed, Malwarebytes]
-
Can you trust attachments with unfamiliar extensions? [Zeljka Zorz, Help Net Security]
-
Exclusive: Warning Over Chinese Mobile Giant Xiaomi Recording Millions Of People’s ‘Private’ Web And Phone Use [Thomas Brewster, Forbes]
-
Samsung patches 0-click vulnerability impacting all smartphones sold since 2014 [Catalin Cimpanu, Zero Day]
-
Windows 7 end-of-life security mitigation [John Zage, Trusted CI]
-
The Shadowserver Foundation Threat Report: A Spotlight on Africa [Shadowserver]
-
Mobile as Attack Vector Using MDM [Aviran Hazum et al, Check Point Research]
-
Honeysploit: Exploiting the Exploiters [Curtis Brazzell, Medium]
- see also: Professional data leakage: How did that security vendor get my personal data?
-
COVID-19 Security Resource Library [Stay Safe Online / NCSA]
- see also: How to avoid a coronavirus scam
-
Consumers benefit as video call vendors scramble to revamp security in a COVID-19 world [Charlie Osborne, Zero Day]
-
Contact-Tracing Apps Must Respect Privacy, Scientists Warn [Mathew J. Schwartz, Information Security Media Group]
-
Cybersecurity Prep for the 2020s [Dave Meltzer, Dark Reading / Informa Tech]
- see also: 10 ways to get more from your security budget
- and: The Key to Successfully Managing Cyber Risk: Speed
-
Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk [Threat Protection Intelligence Team, Microsoft]
- see also: Phishing kit prices skyrocketed in 2019 by 149%
-
The Windows 10 security guide: How to protect your business [Ed Bott, The Ed Bott Report / Zero Day]
-
The Evolution of AppSec: Past, Present and Future [Veracode / IDG Communications]
-
Hackers selling 267 million Facebook records on hacker forum [Waqas / HackRead]
-
Warwick University was hacked and kept breach secret from students and staff [Alexander Martin, Sky News]
-
The missing MITRE ATT&CK matrix for Linux cloud servers [Intezer]
-
Taiwan High-Tech Ecosystem Targeted by Foreign APT Group [CyCraft Technology Corp, Medium]
-
Mastering Communication in Cyber Intelligence Activities: A Concise User Guide [Boris Giannetto and Pierluigi Paganini, Security Affairs]