Secjuice Squeeze Volume 41
Welcome to the Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated weekly.
Welcome to the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week. This week's volume was curated by Secjuice writers Thunder-Son, Sinwindie, Muhammad Luqman, Prasanna, Mike Peterson and Miguel Calles.
Articles
Software AG Data Released After Clop Ransomware Strike
The Clop group attacked Software AG, a German conglomerate with operations in more than 70 countries, threatening to dump stolen data if the whopping $23 million ransom isn’t paid.
Source & link: ThreatPost
Curator: Prasanna
Microsoft Patches Critical, Wormable RCE Bug
There were 11 critical bugs and six that were unpatched but publicly known in this month’s regularly scheduled Microsoft updates and one of them is wormable.
Source & link: ThreatPost
Curator: Prasanna
20 ARRESTS IN QQAAZZ MULTI-MILLION CYBERCRIMINAL MONEY LAUNDERING CASE
An unprecedented international law enforcement operation involving 16 countries has resulted in the arrest of 20 individuals suspected of belonging to the QQAAZZ criminal network which attempted to launder tens of millions of euros on behalf of the world’s foremost cybercriminals.
Source & link: Europol
Curator: ThunderSon
GHunt OSINT Tool Sniffs Out Google Users’ Account Information Using Just Their Email Address
A new open source tool allows security teams to explore data created by Google accounts. GHunt lets individuals, or security experts, analyze a target’s Google “footprint” based just on an email.
Source & link: PortSwigger
Curator: Muhammad Luqman
Cybercriminals Gamble With Victims' Livelihoods To Pass the Covid-19 Blues
An interesting look at the online leisure activities of cybercriminals. Cybercriminals seem to favor certain types of online competitions, which have increased in frequency in 2020 as the pandemic progressed. These include online rap battles, poker tournaments, poem contests and in-person sport tournaments.
Source & link: Trend Micro
Curator: Mike Peterson
Fancy Bear Imposters Are on a Hacking Extortion Spree
Nice looking website you've got there. It'd be a shame if someone DDoS'd it.
Source & link: Wired
Curator: Sinwindie
Hackers Are Using A Severe Windows Bug To Backdoor Unpatched Servers
One of the most critical Windows vulnerabilities disclosed this year is under active attack by hackers who are trying to backdoor servers that store credentials for every user and administrative account on a network.
Source & link: Ars Technica
Curator: Sinwindie
Robinhood Kicks Cybersecurity Month Off By Getting Hacked
Approximately 2,000 Robinhood accounts were accessed by hackers and looted during the week of October 5, according to Bloomberg1. Victims told Bloomberg that their trading accounts were hacked in spite of already having set up account protection.
Source & link: Investopedia
Curator: Sinwindie
Iranian State Hacker Group Linked To Ransomware Deployments
Security researchers said they found clues linking recent attacks with the Thanos ransomware to a group of Iranian state-sponsored hackers. While investigating incidents at several Israeli prominent organizations, security researchers said they linked the intrusions to MuddyWater, an Iranian state-sponsored hacking group
Source & link: ZDNET
Curator: Sinwindie
Upcoming Events, Webcasts, Conferences, etc.
Stop attacks and reduce security operations workload with automated cross-domain (XDR) security
When: Thursday, October 15, 2020 at 1:00 PM EDT (2020-10-15 17:00:00 UTC)
Location: Online
Cost: Free
Source & link: sans.org
Curator: Miguel Calles
Cyber42 Game Day: CISO For A Day
When: Wednesday, October 21, 2020 at 12:00 PM EST (2020-10-21 16:00:00 UTC)
Location: Online
Cost: Free
Source & link: sans.org
Curator: Miguel Calles
Open Source Digital Forensics Conference
When: October 20-22, 2020
Location: Herndon, VA
Cost: $0-$350 + $499 optional training
Source & Link: osdfcon.org
Curator: Hartoyo Wahyu
GrayHat (formerly the Texas Cyber Summit)
When: October 29, 2020
Location: Virtual
Cost: Free
Source & Link: https://grayhat.co
Curator: Miguel Calles
BIG List of Virtual Cybersecurity Conferences
Source & Link: https://github.com/santosomar/virtualseccons
Curator: Guise Bule