InfoSec / Cyber Security News

thehackernews.com

• Attackers Behind Trickbot Expanding Malware Distribution Channels
• Ad-Blocking Chrome Extension Caught Injecting Ads in Google Search Pages
• CISA Issues Warning On Cyber Threats Targeting Water and Wastewater Systems
• Google: We're Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries
• The Ultimate SaaS Security Posture Management (SSPM) Checklist
• Critical Remote Hacking Flaws Disclosed in Linphone and MicroSIP Softphones

bleepingcomputer.com

• Windows 11 build 22000.282 fixes CPU performance issues, taskbar bug
• Canon sued for disabling scanner when printers run out of ink
• The Week in Ransomware - October 15th 2021 - Disrupting ransoms
• US links $5.2 billion worth of Bitcoin transactions to ransomware
• New Windows 10 KB5006670 update breaks network printing
• Twitch downplays this month's hack, says it had minimal impact

wired.com

• Hackers Keep Targeting the US Water Supply
• Missouri Threatens to Sue a Reporter Over a Security Flaw
• A Telegram Bot Told Iranian Hackers When They Got a Hit
• Telegram Is Becoming a Cesspool of Anti-Semitic Content
• How to Permanently Delete Your Facebook Account
• Cloudflare Isn't Liable for Sites That Hawk Counterfeits

krebsonsecurity.com

• Missouri Governor Vows to Prosecute St. Louis Post-Dispatch for Reporting Security Vulnerability
• How Coinbase Phishers Steal One-Time Passwords
• Patch Tuesday, October 2021 Edition
• What Happened to Facebook, Instagram, & WhatsApp?
• FCC Proposal Targets SIM Swapping, Port-Out Fraud
• The Rise of One-Time Password Interception Bots

zerodayinitiative.com

• Adding a Beta NAS Device to Pwn2Own Austin
• The October 2021 Security Update Review
• CVE-2021-26420: Remote Code Execution in SharePoint via Workflow Compilation
• CVE-2021-26084: Details on the Recently Exploited Atlassian Confluence OGNL Injection Bug
• The September 2021 Security Update Review
• Analysis of a Parallels Desktop Stack Clash Vulnerability and Variant Hunting using Binary Ninja

reddit.com/r/InfoSecNews

• Accenture discloses data breach after LockBit ransomware attack
• Russia-Linked TA505 targets financial institutions in a new malspam campaign
• US Treasury FinCEN linked $5.2 billion in BTC transactions to ransomware payments
• Juniper Networks released +40 security advisories to fix +70 vulnerabilities
• Boffins devise a new side-channel attack affecting all AMD CPUs
• Thingiverse Data Leaked — Check Your Passwords

threatpost.com

• TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates
• Missouri Vows to Prosecute ‘Hacker’ Who Informed State About Data Leak
• Rickroll Grad Prank Exposes Exterity IPTV Bug
• Verizon’s Visible Wireless Carrier Confirms Credential-Stuffing Attack
• CryptoRom Scam Rakes in $1.4M by Exploiting Apple Enterprise Features
• Podcast: 67% of Orgs Have Been Hit by Ransomware at Least Once

reddit.com/r/cybersecurity

• Mentorship Monday
• Q4 All-Hands: Happy 300k (again)! We <3 this community, we're turning up our transparency even further, and we have some improvements for you to vote for!
• A step-by-step analysis of the new malware used by APT28/Sofacy called SkinnyBoy
• ICS Honeypots - do they exist?
• Hi All, I have made a detailed video on CISSP Endorsement process and different type of fee . Lots of aspirants ask me about the endorsement process after passing the exam. I have answered all the questions in this video . please go through it.
• New BlackByte ransomware strain is "clumsy" and "amateurish" - reusing the same encryption key for every victim

reddit.com/r/netsec

• /r/netsec's Q4 2021 Information Security Hiring Thread
• Compromising a Domain With the Help of a Spooler
• A step-by-step analysis of the new malware used by APT28/Sofacy called SkinnyBoy
• Creating a Basic Python Reverse Shell Listener
• This edition (Part 2 of the 4-part SAST primer) focuses on how SAST tools work. This one was interesting to write. There's so much detail that it's hard to abstract some (to keep it readable) and leave out the rest.
• GitHub - Arinerron/heaptrace - helps visualize heap operations for pwn and debugging

reddit.com/r/websec

• LinkedIn profile visit restrictions
• [1 Minute] Cool Tool Friday: How to Bypass ANY Paywall!
• Pentest network python tool
• Solving WeCTF Include (GET/POST Requests)
• Cisco Hyperflex: How We Got Remote Code Execution Through Login Form and Other Findings
• Bug reporting and blog writing workshop! Plus it's Pokémon themed 🙂

reddit.com/r/pwned

• Twitch hit by massive hack that reveals its entire source code and more
• Geico data breach exposed customers' driver's license numbers
• Codecov.io: "Unauthorized access and alterations to our Bash Uploader since Jan 31, 2021, which enabled them to potentially export information stored in our users' continuous integration (CI) environments"
• Mobikwik (India) KYC data leaked
• $5.7 Million Crypto Stolen Due To A Security Breach at Cryptocurrency platform Roll

embracethered.com

• Video: Understanding Image Scaling Attacks
• Sniffing Firefox traffic with bpftrace
• Video: What is Tabnabbing?
• What's in the bpfcc-tools box?
• Offensive BPF: Detection Ideas
• Offensive BPF: Using bpftrace to host backdoors

darkreading.com

• China's Hackers Crack Devices at Tianfu Cup for $1.5M in Prizes
• Cisco Duo Trusted Access Report: More Than 50% of Companies Plan Passwordless Move
• How Attackers Hack Humans
• 'Clumsy' BlackByte Malware Reuses Crypto Keys, Worms Into Networks
• Evolution Equity Partners Close $400M for Cybersecurity Investments
• From Help Desk to Head of SOC: Building a Cybersecurity Career on Empathy and Candor

trendmicro.com

• This Week in Security News – October 15, 2021
• Security Risks with Private 5G in Manufacturing Companies Part. 2
• Ransomware Operators Found Using New "Franchise" Business Model
• Demo: How to Build a Container Registry from a Container
• Analyzing Email Services Abused for Business Email Compromise

welivesecurity.com

• Week in security with Tony Anscombe
• Virus Bulletin: Old malware never dies – it just gets more targeted
• Employee offboarding: Why companies must close a crucial gap in their security strategy
• Don’t get phished! How to be the one that got away
• Microsoft thwarts record‑breaking DDoS attack
• Ransomware cost US companies almost $21 billion in downtime in 2020

helpnetsecurity.com

• Week in review: Strengthening firmware security, Help Net Security: XDR Report released
• TD SYNNEX expands cloud and cybersecurity offerings with Elisity’s zero trust platform
• Elastic acquires Optimyze to deliver visibility into cloud native environments
• Veritas InfoScale 8 provides storage optimization for stateful Kubernetes critical workloads
• Zimperium partners with PCI SSC to help secure payment data on mobile apps and devices

nakedsecurity.sophos.com

• LANtenna hack spies on your data from across the room! (Sort of)
• S3 Ep54: Another 0-day, double Apache patch, and Fight The Phish [Podcast]
• Romance scams with a cryptocurrency twist – new research from SophosLabs
• Apple quietly patches yet another iPhone 0-day – check you have 15.0.2
• Cybersecurity awareness month: Fight the phish!

insights.infosec-jobs.com

• A first update on our salary survey
• Share your salary and see what everyone else is making in InfoSec / the Cyber Security space
• The 10 most in-demand roles in the Information Security domain
• 2021 so far – A few Updates
• We launched “jobmarks”
• We now have “Dark Mode”

securityweek.com

• Cyberattack Disrupts Services at Ecuador's Largest Bank
• Twitch Says Hack Impacted 'Small Fraction of Users'
• Russia-Linked TA505 Back at Targeting Financial Institutions
• Nations Vow to Combat Ransomware at US-Led Summit
• Ransomware Hit SCADA Systems at 3 Water Facilities in U.S.

securityboulevard.com

• How to write good risk scenarios and statements
• DEF CON 29 ICS Village – Javier Perez’ & Juan Escobar’s ‘ICS Intrusion KillChain Explained’
• XKCD ‘Flag Map Sabotage’
• DEF CON 29 ICS Village – Mary Brooks’ ‘ICS Jeopardy’
• Farid’s Clear Explanation of Apple’s Client Side Scanning

siliconrepublic.com

• One in 10 Irish workers would not report malware to boss, survey finds
• ‘I believe zero trust is a big game changer’
• BT launches AI security platform to help firms prevent cyberattacks
• Kilkenny cybersecurity company BITS to create 20 new jobs
• New 1Password feature lets you share passwords with a link

csoonline.com

• BrandPost: Your Employees Aren’t the Problem—It’s Your Technology
• Top cybersecurity M&A deals for 2021
• How shape-shifting threat actors complicate attack attribution
• REvil ransomware explained: A widespread extortion operation
• Chinese APT group IronHusky exploits zero-day Windows Server privilege escalation
• BrandPost: Fighting Video Piracy Is Strengthened by Collaboration

kitploit.com

• Domain-Protect - Protect Against Subdomain Takeover
• Packet-Sniffer - A pure-Python Network Packet Sniffing Tool
• Crawlergo - A Powerful Browser Crawler For Web Vulnerability Scanners
• Networkit - A Growing Open-Source Toolkit For Large-Scale Network Analysis
• ForgeCert - "Golden" Certificates

grahamcluley.com

• Acer hacked (for the second time this year)
• Disrupt adversaries and prevent identity fraud with Recorded Future Identity Intelligence
• Analysis of 80 million ransomware samples reveals a world under attack
• Smashing Security podcast #247: Rickrolling submarine secrets
• Bank of America employee indicted for email scam that targeted businesses