Word of the Week
“House of Cards”
Outdated Software Components
How many? Nine in 10 Applications!
Almost every application uses open-source components and 91% use libraries that are out of date or that have been abandoned altogether
Crypto challenge of the week
Hacky Easter Archive
[Browsers, Office365, Cisco and many others]
US Accuses China of Cyberattacks Aimed at Stealing COVID-19 Research
Book of the month
CHILDREN IN CYBER SECURITY RESOURCE GUIDE
Jeff Bezos: The electricity metaphor
Not a book
Comic of the week
##Some OWASP stuff first
-OWASP Top 10 Maturity Categories for Security Champions – new proposed project
You have heard of this term – Security Champions or was it Satellites (that sounds weird..)?
-Video: API Hacking for the Actually Pretty Inexperienced hacker
On the latest episode of the OWASP DevSlop show, Katie Paxton-Fear gave a talk on REST API hacking. Her talk focused on the following vulnerabilities from the OWASP API Security Top 10 list:
-A look at OWASP’s top automated threats to web apps
OWASP events HERE
ASC Webinars: CTFs and Bug Bounty Hunting and Their Relation To Professional Work – Ibrahim Mosaad
ASC Webinars: Cybersecurity from Zero to Hero – Mohammad Khreesha
ASC2019 – Human Vs A.I – Offensive Security Modern Combat – Mohamed Gamal
ASC2019 – Cloud applications security challenges – Ayman Al-Rifaei
ASC2019 – Social Engineering Attack: Lessons learned – Mohanned Momani
Global ALERT level
BLUE or GUARDED indicates a general risk of increased hacking, virus, or other malicious activity. The potential exists for malicious cyber activities, but no known exploits have been identified, or known exploits have been identified but no significant impact has occurred.
Incident data HERE Find your country
NCSC Weekly Threat Report
New survey highlights the state of remote working in the UK
A survey of 2,000 UK SME employees working from home in April has found that only 9% had checked whether their antivirus software had been updated.
Cyber attacks target organisations supporting COVID-19 response
API Security Issue 83: India’s COVID-19 tracing app, OAuth2 API attacks
Vulnerability: India’s coronavirus tracing app
Attack scenarios: OAuth Mix-Up, Revisited
Basic mix-up attack
Mix-up attacks with OAuth metadata
Mix-up attacks with Pushed Authorization Request (PAR) endpoint
Integrity of the Authorization Request with PAR
Incidents & events detail
GitLab disclosed on HackerOne: Arbitrary file read via the UploadsRewriter when moving and issue
Ramsay Cyberespionage Toolkit Targets Air-Gapped Networks
Researchers at ESET have found samples of malware that steals information from air-gapped networks. The cyber-espionage toolkit, dubbed Ramsay, appears to be under development; each of the three samples contains new features. Each of the three has been used to conduct attacks through varying attack vectors
Report: Estimated 24,000 Android apps expose user data through Firebase blunders
How Spies Snuck Malware Into the Google Play Store—Again and Again
Malicious Android apps from the so-called PhantomLance campaign targeted hundreds of users, and at least two slipped past Google’s defences
Backtracking MageCart infections
Windows Insiders can now test DNS over HTTPS
Thunderbolt Flaws Expose Millions of PCs to Hands-On Hacking
The so-called Thunderspy attack takes less than five minutes to pull off with physical access to a device, and it affects any PC manufactured before 2019
Used Tesla Components Contain Personal Information
LinkedIn Phish Walk Through
A quick walkthrough of a phishing scam that was propagating via LinkedIn messages
COVID-themed phishing – infocenter
Link HERE – thanks to Syl
Pandemic in geeky way
Research of the week
Featuring – The Continuous Application Security Handbook
Annual per-application security cost?
The Dacls RAT …now on macOS!
deconstructing the mac variant of a Lazarus group implant
CISA Lists Top 10 Most Exploited Vulnerabilities
The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has released a list of the 10 vulnerabilities most commonly exploited by foreign hackers between 2016 and 2019. CISA has also listed the vulnerabilities that are most frequently being exploited in 2020. The alert includes a listing of indicators of compromise and mitigations for each of the vulnerabilities. CISA notes that “a concerted campaign to patch these vulnerabilities would introduce friction into foreign adversaries’ operational tradecraft and force them to develop or acquire exploits that are more costly and less widely effective.”
U.S. Government reporting has identified the top 10 most exploited vulnerabilities by state, nonstate, and unattributed cyber actors from 2016 to 2019 as follows: CVE-2017-11882, CVE-2017-0199, CVE-2017-5638, CVE-2012-0158, CVE-2019-0604, CVE-2017-0143, CVE-2018-4878, CVE-2017-8759, CVE-2015-1641, and CVE-2018-7600.
Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents
Targeted ransomware incidents have brought a threat of disruptive and destructive attacks to organizations across industries and geographies. FireEye Mandiant Threat Intelligence has previously documented this threat in our investigations of trends across ransomware incidents, FIN6 activity, implications for OT networks, and other aspects of post-compromise ransomware deployment. Since November 2019, we’ve seen the MAZE ransomware being used in attacks that combine targeted ransomware use, public exposure of victim data, and an affiliate model.
Malicious actors have been actively deploying MAZE ransomware since at least May 2019. The ransomware was initially distributed via spam emails and exploit kits before later shifting to being deployed post-compromise. Multiple actors are involved in MAZE ransomware operations, based on our observations of alleged users in underground forums and distinct tactics, techniques, and procedures across Mandiant incident response engagements. Actors behind MAZE also maintain a public-facing website where they post data stolen from victims who refuse to pay an extortion fee
Tool of the week
Top 10 tools for working from home (WFH) securely in 2020-2021
Tools recommended by a security professional
From last week: Microsoft Secure Score for Microsoft 365
Other interesting articles
##Security and Cryptography Mistakes You Are Probably Doing All The Time
##The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet
At 22, he single-handedly put a stop to the worst cyberattack the world had ever seen. Then he was arrested by the FBI. This is his untold story
##And finally, the dark web: Not so anonymous after all
The dark web is sometimes portrayed as a mysterious and anonymous environment. Yet, studies in recent years suggest we should perhaps rethink those preconceptions
##HACKING, TOOLS and FUN – CHECK BELOW!
Description: This is the story of how I found $20k Facebook DOM XSS.
Description: DOM-Based XSS at accounts.google.com by Google Voice Extension.