Secjuice Squeeze Volume 25
Welcome to the 25th edition of the Secjuice Squeeze, a curated selection of interesting security articles that you may have missed, and upcoming events.
Welcome to the 25th edition of the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you on a weekly basis. This week's volume compiled by Secjuice writers Prasanna, Devesh Chande, Mike Peterson, Manmeet Singh Bhatia, Sinwindie, Thunder-Son, Miguel Calles, and Hartoyo Wahyu.
Articles
Apple iOS 13.5 Hacked: Zero-Day Flaw Exploited By iPhone Jailbreakers
Hacking group exploits iOS zero-day vulnerability to unlock any iPhone.
Source: forbes.com
Curator: Sinwindie
Huge Rise In Hacking Attacks On Home Workers During Lockdown
Cybercriminals are exploiting fears and chaos caused by coronavirus.
Source: theguardian.com
Curator: Sinwindie
Documenting The Impossible: Unexploitable XSS labs
Have you ever found some risky behavior, but couldn't prove it was exploitable?
Source: portswigger.net
Curator: Thunder-Son
Hoaxcalls Botnet Exploits Symantec Secure Web Gateways
The fast-moving botnet has added an exploit for an unpatched bug in an unsupported version of the security gateway.
Source: threatpost.com
Curator: Prasanna
Norfund Scammed Out Of $10 Million By Hackers Who Used Spoofed Email Addresses
The Norwegian Investment Fund, more commonly known as Norfund, announced that scammers stole £8.2 million ($10 million) by spoofing an email address.
Source: https://www.cyberscoop.com/norfund-hacked-wealth-fund-10-million/
Curator: Devesh Chande
Signal To Move Away From Using Phone Nmbers As User IDs
Signal launches profile PINs, the first step in supporting Signal user accounts that are not tied to phone numbers.
Source: zdnet.com
Curator: Mike Peterson
How Cybersecurity Enables Government, Health, EduTech To Cope With COVID-19
Cybersecurity is proving increasingly essential to protect government, health, and edutech websites in the wake of growing reliance on remote working apps during the Covid-19 crisis.
Source: thehackernews.com
Curator: Manmeet Singh Bhatia
EasyJet Admits Data Of Nine Million Hacked
The attack was "sophisticated" the airline said, adding that some credit card details had been accessed.
Source: bbc.com
Curator: Sinwindie
Commander Discusses a Decade of DOD Cyber Power
While the U.S. Cyber Command's mission has evolved over the last decade, defense of the nation in cyberspace remains as important as ever.
Source: defense.gov
Curator: Sinwindie
Israel Hack of Iran Port Is Latest Salvo in Exchange of Cyberattacks
Israel was behind a cyberattack that disrupted a major port in Iran, done in response to an attempt by the Revolutionary Guards to infiltrate an Israeli water facility.
Source: nytimes.com
Curator: Sinwindie
Florida’s Unemployment System Breached
No information was released on when the hack took place, how many accounts were opened or if the breach will affect people being able to receive unemployment benefits.
Source: tampabay.com
Curator: Sinwindie
ShinyHunters Is a Hacking Group on a Data Breach Spree
In the first two weeks of May, they've hit the dark web, hawking 200 million stolen records from over a dozen companies.
Source: wired.com
Curator: Sinwindie
How To Stay Mentally Healthy While Doing OSINT
Listen to a podcast where OSINT specialist discuss a range of practical techniques that OSINT practitioners can apply – both on an individual basis and in teams - to keep mentally healthy while conducting investigations, and also talk about the impact of social media research on mental health.
Source: janes.com
Curator: Sinwindie
Upcoming Events, Webcasts, Conferences, etc.
LASCON 20/20 - Call for Papers and Training
When: Now thru June 30, 2020
Source: lascon.org
DockerCon LIVE 2020 with theCUBE
When: May 28, 2020 @ 09:00 AM - 05:00 PM Pacific (04:00 PM to 12:00 AM UTC)
Location: Online
Source: cube365.net
Curator: Hartoyo Wahyu
Zero Trust: Fast forwarding into working without boundaries
When: May 29, 2020 at 10:30 AM EDT (2020-05-29 14:30:00 UTC)
Location: Online
Source: sans.org
Curator: Miguel Calles
The State of AI in Financial Services
When: Jun 2, 2020 @ 01:00 PM in Eastern Time (05:00 PM UTC)
Location: Online
Source: zoom.us
Curator: Miguel Calles
Winning in the Dark - Defending Serverless Infrastructure in the Cloud
When: June 03, 2020 at 10:30 AM EDT (2020-06-03 14:30:00 UTC)
Location: Online
Source: sans.org
Curator: Miguel Calles
Shift Left: Integrate security in your DevOps lifecycle
When: June 04, 2020 at 1:00 PM EDT (2020-06-04 17:00:00 UTC)
Location: Online
Source: sans.org
Curator: Miguel Calles
CSA EU Summit 2020
When: June 9-12, 2020
Location: Online
Source: cvent.com
Curator: Miguel Calles
Putting Your SOC to the Test
When: June 10, 2020 at 10:30 AM EDT (2020-06-10 14:30:00 UTC)
Location: Online
Source: sans.org
Curator: Miguel Calles
CloudOps Summit
When: June 10th, 2020 - 10am PT (2020-06-10 17:00 UTC)
Location: Online
Source: cloudopsummit.com
Curator: Miguel Calles
SANS@MIC - Shellcode Analysis 101
When: June 10, 2020 at 3:30 PM EDT (2020-06-10 19:30:00 UTC)
Location: Online
Source: sans.org
Curator: Miguel Calles
SANS@MIC - Leveraging Telegram for OSINT purposes
When: June 10, 2020 at 8:30 PM EDT (2020-06-11 00:30:00 UTC)
Location: Online
Source: sans.org
Curator: Miguel Calles
DevSecCon24
When: June 15-16, 2020
Location: Online
Source: devseccon.com
Curator: Miguel Calles
You Can Write an Infosec Book!
When: June 15, 2020 at 1:00 PM EDT (2020-06-15 17:00:00 UTC)
Location: Online
Source: sans.org
Curator: Miguel Calles
SANS@MIC - The 14 Absolute Truths of Security
When: July 06, 2020 at 8:30 PM EDT (2020-07-07 00:30:00 UTC)
Location: Online
Source: sans.org
Curator: Miguel Calles
Ai4 2020
When: September 1-2, 2020
Location: MGM Grand, Las Vegas
Cost: $595 (early registration)
Source: ai4.io
Curator: Miguel Calles
Open Source Digital Forensics Conference
When: October 20-22, 2020
Location: Herndon, VA
Cost: $0-$350 + $499 optional training
Source: osdfcon.org
Curator: Hartoyo Wahyu
LASCON 20/20
When: October 29-30, 2020
Location: Austin, TX
Cost: $199 (early registration)
Source: lascon.org
Curator: Miguel Calles