Secjuice Squeeze 51

Welcome to the Secjuice Squeeze, a curated selection of security articles and news that you may have missed.

Secjuice Squeeze 51

Welcome to the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week. This week's volume was curated by Secjuice writers Tony Kelly, Ross Moore, Prasanna, Sinwindie, and Muhammad Luqman.

News

A crypto-mining botnet is now stealing Docker and AWS credentials

After if began stealing AWS credentials last summer, the TeamTNT botnet is now also stealing Docker API logins, making the use of firewalls mandatory for all internet-exposed Docker interfaces.

Source & Link: zdnet.com
Curator: Tony Kelly

Hackers leak stolen Pfizer COVID-19 vaccine data online

The European Medicines Agency (EMA) today revealed that some of the Pfizer/BioNTech COVID-19 vaccine data stolen from its servers in December was leaked online.

Source & Link: bleepingcomputer.com
Curator: Tony Kelly

Google reveals sophisticated Windows and Android hacking operation

The attackers used a combination of Android, Chrome, and Windows vulnerabilities, including both zero-days and n-days exploits.

Source & Link: zdnet.com
Curator: Tony Kelly

Indianapolis neighborhoods scanning visitors' license plates

Homeowners associations across Indianapolis are increasingly partnering with private companies to surveil their neighborhoods with automated license plate readers.

Source & Link: wlfi.com
Curator: Ross Moore

Capitol attack's cybersecurity fallout: Stolen laptops, lost data and possible espionage

The January 6 attack on Election Day certification proceedings in the US Capitol Building has deep cybersecurity ramifications.

Source & Link: zdnet.com
Curator: Ross Moore

Vendor Management Fail: FTC Settles with Mortgage Analytics Company following Vendor Security Issues

An oft-used business management concept is to “hire people smarter than you.”  The concept also applies to hiring vendors – hire vendors that are better than you (especially when it comes to information security).

Source & Link: natlawreview.com
Curator: Ross Moore

SolarLeaks site claims to sell data stolen in SolarWinds attacks

A website named 'SolarLeaks' is selling data they claim was stolen from companies confirmed to have been breached in the SolarWinds attack.

Source & Link: bleepingcomputer.com
Curator: Prasanna

Scam-as-a-Service operation made more than $6.5 million in 2020

"Classiscam" operation is made up of around 40 groups operating in the US and across several European countries.

Source & Link: zdnet.com
Curator: Prasanna

Microsoft to fix Windows 10 bug that can corrupt a hard drive just by looking at an icon

All you have to do is look at a malicious Windows shortcut and it can corrupt an NTFS drive.

Source & Link: theverge.com
Curator: Ross Moore

Ledger Adds Bitcoin Bounty and New Data Security After Hack

After the largest hack in company history, Ledger announced measures to not only address the data breach but also offer a bitcoin bounty.

Source & Link: coindesk.com
Curator: Sinwindie

An Absurdly Basic Bug Let Anyone Grab All of Parler's Data

The “free speech” social network also allowed unlimited access to every public post, image, and video.

Source & Link: wired.com
Curator: Sinwindie

So Many People Are Using Signal It Caused An Outage

Concerns about WhatsApp and the influence of Big Tech have caused users to flock to the encrypted messaging app.

Source & Link: forbes.com
Curator: Sinwindie

Cybercriminals Could be Coming After Your Coffee

Researchers show no IoT device is too small to fall victim to ransomware techniques.

Source & Link: darkreading.com
Curator: Muhammad Luqman

Joker's Stash, the internet's largest carding forum, is shutting down

Joker's Stash to shut down on February 15, 2021.

Source & Link: zdnet.com
Curator: Sinwindie

Iranian hacker group becomes first known APT to weaponize DNS-over-HTTPS (DoH)

Kaspersky says Oilrig (APT34) group has been using DoH to silently exfiltrate data from hacked networks.

Source & Link: zdnet.com
Curator: Muhammad Luqman

Blog Posts and Reports

Top 16 Active Directory Vulnerabilities

List of 16 common Active Directory vulnerabilities found during penetration tests with detailed command examples on how to find them and exploit them.

Source & Link: infosecmatter.com
Curator: Tony Kelly

WhatsApp Privacy Policy Changes Analysis

WhatsApp Privacy Policy Changes Analysis: A post on 'AtomicNicos's Blog at the end of the universe, talking all things infosec, IoT, development and personal.

Source & Link: atomicnicos.me
Curator: Tony Kelly

My 3 Favorite Facebook OSINT Tips & Tricks

You’d be hard pressed to find an information rich source as robust as Facebook. With over 2.7 Billion active users (including my own grandma), it has to be a first stop for anyone conducting online research.

Source & Link: hatless1der.com
Curator: Tony Kelly

Hunting for Open Secrets: How OSINT Can Help You Intercept a Scandal

For centuries, access to information was limited by human, geographic, and technological limitations. Corruption was typically a conversation behind closed doors.

Source & Link: skopenow.com
Curator: Tony Kelly

Strengthening Security Configurations to Defend Against Attackers Targeting Cloud Services

The information in this report is derived exclusively from several CISA incident response engagements and provides the tactics, techniques, and procedures; indicators of compromise (IOCs) that CISA observed as part of these engagements; and recommended mitigations for organization to strengthen their cloud environment configuration to protect against, detect, and respond to potential attacks.

Source & Link: us-cert.cisa.gov
Curator: Ross Moore

Programs

Massachusetts Cybersecurity Mentorship Program

Student and Mentor applications for Spring 2021 are now open!

Source & Link: masscybercenter.org
Curator: Tony Kelly

Events

Open-Source Intelligence (OSINT) Summit | SANS Cyber Security and OSINT Training

Summit: February 11-12 | Training: February 8-10 & 15-20

The OSINT Summit & Training will bring together leading security practitioners and investigators to share proven techniques and tools that can be applied to OSINT gathering and analysis. Learn how to collect information across the Internet, analyze the results, and utilize key data to reach your objectives.

Source & Link: sans.org
Curator: Sinwindie

Webinars: January 12 @ 4 PM UTC | February 16 @ 4 PM UTC | March 16 @ 4 PM UTC

This course will change the way you conduct internet research, regardless of your job title.

Source & Link: mtg-bi.com
Curator: Tony Kelly

About The Images Used In This Article

This weeks image theme is 'places we would rather be than our bedroom offices' and in the picture below we can see the Faroe Islands. If you haven't heard of the Faroe Islands, you definitely will soon. With its grass-roofed houses, rocky coastlines, and abundance of puffins, the self-governed group of 18 volcanic islands is basically one giant photo op. Mulafossur Waterfall might be the archipelago's most famous site—the cascade is like something from a fantasy novel, falling over the rocky cliffs of Vagar Island to the ocean below, with the green hills of Gásadalur village as a backdrop.