Secjuice Squeeze Volume 29

Welcome to the 29th edition of the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly prepared for you every week. We have been away for a few weeks and this edition will be longer than usual. This week's volume compiled by Secjuice writers Prasanna, Sinwindie, Devesh Chande, Hartoyo Wahyu, and Miguel Calles.

Articles

Business Giant Xerox Allegedly Suffers Ransomware Attack

Maze ransomware operators have updated their list of victims adding Xerox Corporation to the roster. It appears that the encryption routine had completed on June 25.

Source: bleepingcomputer.com
Curator: Prasanna

Police Arrest 746 As Encrypted Message Platform Hack Disrupts Organized Crime In Europe

The cracking of an encrypted global communications network used by organized criminals leads to biggest ever law enforcement operation in the U.K.

Source: forbes.com
Curator: Sinwindie

Critical Flaw Opens Palo Alto Networks Firewalls and VPN Appliances To Attack, Patch ASAP!

Palo Alto Networks has patched a critical and easily exploitable vulnerability (CVE-2020-2021) affecting PAN-OS and is urging users to update ASAP.

Source: helpnetsecurity.com
Curator: Sinwindie

GW Announces Launch of ‘ISIS Files’ Public Digital Repository

GW launched its ISIS Files repository, a virtual public repository features a selection of the 15,000 digitized pages from the documents collected in Iraq by New York Times journalist Rukmini Callimachi and a team of Iraqi translators.

Source: gwu.edu
Curator: Devesh Chande

Zimperium Discovers MobOk Malware Left Undetected by Mobile AV Industry for Months

zLabs researchers discovered a new variant of the MobOk campaign. Samples found evaded VirusTotal; some are still available on Google Play Store.

Source: zimperium.com
Curator: Prasanna

Operators of Android hacking kit impersonate postal services in US and Europe - CyberScoop

Cybereason has revealed how FakeSpy’s operators have been impersonating various postal services in attacks on users in the U.S., China and Europe.

Source: cyberscoop.com
Curator: Devesh Chande

Upcoming Events, Webcasts, Conferences, etc.

SANS@MIC - The 14 Absolute Truths of Security

When: July 06, 2020 at 8:30 PM EDT (2020-07-07 00:30:00 UTC)
Location: Online
Source: sans.org
Curator: Miguel Calles

OWASP Virtual AppSec Days Summer of Security

When: July 28-29, 2020 (12:00pm to 4:00pm EDT/1800pm to 2200pm CET)
Location: Online
Source: appsecdays.org
Curator: Hartoyo Wahyu

Ai4 2020

When: September 1-2, 2020
Location: MGM Grand, Las Vegas
Cost: $595 (early registration)
Source: ai4.io
Curator: Miguel Calles

Open Source Digital Forensics Conference

When: October 20-22, 2020
Location: Herndon, VA
Cost: $0-$350 + $499 optional training
Source: osdfcon.org
Curator: Hartoyo Wahyu