Secjuice Squeeze 53

Welcome to the Secjuice Squeeze, a curated selection of security articles and news that you may have missed.

Secjuice Squeeze 53

Welcome to the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week. This week's volume was curated by Secjuice writers Prasanna, Ross Moore, Muhammad Luqman, Andy74, Sinwindie, and Tony Kelly.

In this edition we have news articles, blog posts, learning content, and events.

News

Hacker leaks data of 2.28 million dating site users

Data belongs to dating site MeetMindful and includes everything from real names to Facebook account tokens, and from email addresses and geo-location information.

Learn more at zdnet.com
Curated by Prasanna

Historic victory for privacy as dating app receives gigantic fine

The Norwegian Data Protection Authority issued an advance notification of a 100 million NOK (€ 9 600 000) fine to the dating app Grindr, as a result of a legal complaint filed by the Norwegian Consumer Council.

Learn more at forbrukerradet.no
Curated by Prasanna

Google: North Korean hackers have targeted security researchers via social media

Google TAG warns security researchers to be on the lookout when approached by unknown individuals on social media.

Learn more at zdnet.com
Curated by Ross Moore

Environmental Regulator Suffers Ransomware Blow

SEPA warns it will take some time to restore all services.

Learn more at infosecurity-magazine.com
Curated by Tony Kelly

Apple Warns of 3 iOS Zero-Day Security Vulnerabilities Exploited in the Wild

Apple releases security updates for iOS, iPadOS, and tvOS with fixes for three security vulnerabilities actively exploited in the wild.

Learn more at thehackernews.com
Curated by Muhammad Luqman

New Attack Could Let Remote Hackers Target Devices On Internal Networks

A newly devised variant of the NAT Slipstreaming attack can be leveraged to compromise and expose any device in an internal network, according to the latest research.

Learn more at thehackernews.com
Curated by Andy74

New Docker Container Escape Bug Affects Microsoft Azure Functions

Cybersecurity researcher Paul Litvak today disclosed an unpatched vulnerability in Microsoft Azure Functions that could be used by an attacker to escalate privileges and escape the Docker container used for hosting them.

Learn more at thehackernews.com
Curated by Andy74

ADT Security Camera Flaws Open Homes to Eavesdropping

Researchers publicly disclosed flaws in ADT's LifeShield DIY HD Video Doorbell, which could have allowed local attackers to access credentials, video feeds and more.

Learn more at threatpost.com
Curated by Ross Moore

Windows Installer zero-day vulnerability gets free micropatch

A vulnerability in the Windows Installer component, which Microsoft attempted to fix several times to no avail, today received a micropatch to deny hackers the option of gaining the highest privileges on a compromised system.

Learn more at bleepingcomputer.com
Curated by Ross Moore

Perl.com domain stolen, now using IP address tied to malware

The domain name perl.com was stolen this week and is now points to an IP address associated with malware campaigns.

Learn more at bleepingcomputer.com
Curated by Tony Kelly

Blogs

Operation Dream Job by Lazarus - JPCERT/CC Eyes

Lazarus (also known as Hidden Cobra) is known to use various kinds of malware in its attack operations, and we have introduced some of them in our past articles. In this article, we present two more; Torisma and LCPDot.

Learn more at blogs.jpcert.or.jp
Curated by Tony Kelly

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)

The Qualys Research Team has discovered a heap overflow vulnerability in sudo, a near-ubiquitous utility available on major Unix-like operating systems. Any unprivileged user can gain root privileges.

Learn more at blog.qualys.com
Curated by Andy74

Elasticsearch and Kibana are now business risks

If your organisation uses the open source versions of either Elasticsearch or Kibana in its products or projects, it is now at risk of being forced to release its intellectual property under terms dictated by another.

Learn more at anonymoushash.vmbrasseur.com
Curated by Tony Kelly

Wormable Android malware spreads via WhatsApp messages

Android users should watch out for malware that spreads via WhatsApp and lures the targets into downloading an app from a website posing as Google Play.

Learn more at welivesecurity.com
Curated by Andy74

Three key documents you need BEFORE you have a security breach

Every minute you waste during a crisis reduces your chances of recovery and wastes valuable resources. Wasted time can be avoided with the creation of three documents.

Learn more at itworldcanada.com
Curated by Ross Moore

Machine-in-the-Middle (MitM) BLE Attack

Ray Felch // Introduction Continuing with my ongoing Smart Lock attack research (see blog Reverse Engineering a Smart Lock), I decided to move my focus to a different type of attack technique, namely a relay attack. The relay attack is a form of MitM attack, not to be confused with the more well-known replay attack.

Learn more at blackhillsinfosec.com
Curated by Tony Kelly

Learning

Free Cybersecurity Training | Free Online Cybersecurity Program

Get access to 20 free cybersecurity training modules from RangeForce to help upskill your cyber skills, or provide access to your IT team.

Learn more at rangeforce.com
Curated by Ross Moore

Events

Open-Source Intelligence (OSINT) Summit | SANS Cyber Security and OSINT Training

Summit: February 11-12 | Training: February 8-10 & 15-20

The OSINT Summit & Training will bring together leading security practitioners and investigators to share proven techniques and tools that can be applied to OSINT gathering and analysis. Learn how to collect information across the Internet, analyze the results, and utilize key data to reach your objectives.

Source & Link: sans.org
Curator: Sinwindie

The awesome image used in this article dikoz.