Secjuice Squeeze 53
Welcome to the Secjuice Squeeze, a curated selection of security articles and news that you may have missed.
Welcome to the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week. This week's volume was curated by Secjuice writers Prasanna, Ross Moore, Muhammad Luqman, Andy74, Sinwindie, and Tony Kelly.
In this edition we have news articles, blog posts, learning content, and events.
News
Hacker leaks data of 2.28 million dating site users
Data belongs to dating site MeetMindful and includes everything from real names to Facebook account tokens, and from email addresses and geo-location information.
Learn more at zdnet.com
Curated by Prasanna
Historic victory for privacy as dating app receives gigantic fine
The Norwegian Data Protection Authority issued an advance notification of a 100 million NOK (€ 9 600 000) fine to the dating app Grindr, as a result of a legal complaint filed by the Norwegian Consumer Council.
Learn more at forbrukerradet.no
Curated by Prasanna
Google: North Korean hackers have targeted security researchers via social media
Google TAG warns security researchers to be on the lookout when approached by unknown individuals on social media.
Learn more at zdnet.com
Curated by Ross Moore
Environmental Regulator Suffers Ransomware Blow
SEPA warns it will take some time to restore all services.
Learn more at infosecurity-magazine.com
Curated by Tony Kelly
Apple Warns of 3 iOS Zero-Day Security Vulnerabilities Exploited in the Wild
Apple releases security updates for iOS, iPadOS, and tvOS with fixes for three security vulnerabilities actively exploited in the wild.
Learn more at thehackernews.com
Curated by Muhammad Luqman
New Attack Could Let Remote Hackers Target Devices On Internal Networks
A newly devised variant of the NAT Slipstreaming attack can be leveraged to compromise and expose any device in an internal network, according to the latest research.
Learn more at thehackernews.com
Curated by Andy74
New Docker Container Escape Bug Affects Microsoft Azure Functions
Cybersecurity researcher Paul Litvak today disclosed an unpatched vulnerability in Microsoft Azure Functions that could be used by an attacker to escalate privileges and escape the Docker container used for hosting them.
Learn more at thehackernews.com
Curated by Andy74
ADT Security Camera Flaws Open Homes to Eavesdropping
Researchers publicly disclosed flaws in ADT's LifeShield DIY HD Video Doorbell, which could have allowed local attackers to access credentials, video feeds and more.
Learn more at threatpost.com
Curated by Ross Moore
Windows Installer zero-day vulnerability gets free micropatch
A vulnerability in the Windows Installer component, which Microsoft attempted to fix several times to no avail, today received a micropatch to deny hackers the option of gaining the highest privileges on a compromised system.
Learn more at bleepingcomputer.com
Curated by Ross Moore
Perl.com domain stolen, now using IP address tied to malware
The domain name perl.com was stolen this week and is now points to an IP address associated with malware campaigns.
Learn more at bleepingcomputer.com
Curated by Tony Kelly
Blogs
Operation Dream Job by Lazarus - JPCERT/CC Eyes
Lazarus (also known as Hidden Cobra) is known to use various kinds of malware in its attack operations, and we have introduced some of them in our past articles. In this article, we present two more; Torisma and LCPDot.
Learn more at blogs.jpcert.or.jp
Curated by Tony Kelly
CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)
The Qualys Research Team has discovered a heap overflow vulnerability in sudo, a near-ubiquitous utility available on major Unix-like operating systems. Any unprivileged user can gain root privileges.
Learn more at blog.qualys.com
Curated by Andy74
Elasticsearch and Kibana are now business risks
If your organisation uses the open source versions of either Elasticsearch or Kibana in its products or projects, it is now at risk of being forced to release its intellectual property under terms dictated by another.
Learn more at anonymoushash.vmbrasseur.com
Curated by Tony Kelly
Wormable Android malware spreads via WhatsApp messages
Android users should watch out for malware that spreads via WhatsApp and lures the targets into downloading an app from a website posing as Google Play.
Learn more at welivesecurity.com
Curated by Andy74
Three key documents you need BEFORE you have a security breach
Every minute you waste during a crisis reduces your chances of recovery and wastes valuable resources. Wasted time can be avoided with the creation of three documents.
Learn more at itworldcanada.com
Curated by Ross Moore
Machine-in-the-Middle (MitM) BLE Attack
Ray Felch // Introduction Continuing with my ongoing Smart Lock attack research (see blog Reverse Engineering a Smart Lock), I decided to move my focus to a different type of attack technique, namely a relay attack. The relay attack is a form of MitM attack, not to be confused with the more well-known replay attack.
Learn more at blackhillsinfosec.com
Curated by Tony Kelly
Learning
Free Cybersecurity Training | Free Online Cybersecurity Program
Get access to 20 free cybersecurity training modules from RangeForce to help upskill your cyber skills, or provide access to your IT team.
Learn more at rangeforce.com
Curated by Ross Moore
Events
Open-Source Intelligence (OSINT) Summit | SANS Cyber Security and OSINT Training
Summit: February 11-12 | Training: February 8-10 & 15-20
The OSINT Summit & Training will bring together leading security practitioners and investigators to share proven techniques and tools that can be applied to OSINT gathering and analysis. Learn how to collect information across the Internet, analyze the results, and utilize key data to reach your objectives.