Secjuice Squeeze 55

Welcome to the Secjuice Squeeze, a curated selection of security articles and news that you may have missed.

Secjuice Squeeze 55

Welcome to the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week. This week's volume was curated by Secjuice writers Andy74, Prasanna, Tony Kelly, Ross Moore, Miguel Calles, Sinwindie, and Alesanco.

In this edition we have news articles, blog posts, and learning.

News

Hacker Tried to Poison Florida City's Water Supply

The hacker tried to drastically increase sodium hydroxide levels in the water, Pinellas County, Florida, officials said on Monday.

Learn more at vice.com and theverge.com
Curated by Prasanna and Tony Kelly

Iran 'hides spyware in wallpaper, restaurant and games apps'

More than 1,000 dissidents and others have been targeted by two active campaigns, researchers say.

Learn more at bbc.com
Curated by Tony Kelly

We uncovered a Facebook phishing campaign that tricked nearly 500,000 users in two weeks

The scam begins as a Facebook message sent by one of your friends that leads you through a chain of malicious websites.

Learn more at cybernews.com
Curated by Tony Kelly

Critical vulnerability fixed in WordPress plugin with 800K installs

The NextGen Gallery development team has addressed two severe CSRF vulnerabilities to protect sites from potential takeover attacks.

Learn more at bleepingcomputer.com
Curated by Andy74

New phishing attack uses Morse code to hide malicious URLs

A new targeted phishing campaign includes the novel obfuscation technique of using Morse code to hide malicious URLs in an email attachment.

Learn more at bleepingcomputer.com
Curated by Ross Moore

Microsoft February 2021 Patch Tuesday fixes 56 flaws, 1 zero-day

Today is Microsoft's February 2021 Patch Tuesday, so please be buy your Windows administrators some snacks to keep their energy up throughout the day.

Learn more at bleepingcomputer.com and thehackernews.com
Curated by Tony Kelly and Andy74

Android Devices Newest Target of LodaRAT Windows Malware

The LodaRAT – known for targeting Windows devices – has been discovered also targeting Android devices in a new espionage campaign.

Learn more at threatpost.com
Curated by Andy74

HelloKitty ransomware behind CD Projekt Red cyberattack, data theft

The ransomware attack against CD Projekt Red was conducted by a ransomware group that goes by the name 'HelloKitty,' and yes, that's the name the threat actors utilize.

Learn more at bleepingcomputer.com
Curated by Andy74

Brits arrested for SIM swapping attacks on U.S. celebs

Eight men have been arrested in England and Scotland as part of an investigation into a series of SIM swapping attacks, in which criminals illegally gained access to the phones of high-profile victims in the U.S.

Learn more at secretservice.gov
Curated by Sinwindie

Another Cyber Incident Headache: Forensic Breach Reports Can Be Discoverable

The shield of attorney-client privilege that protects breach forensics reports from becoming a liability during litigation isn't absolute. As a result, companies and their firms may have to take a much more strategic approach to how these reports are structured.

Learn more at law.com
Curated by Ross Moore

Chrome Blocks The Great Suspender, But There's Hope for Your Lost Tabs

Google has reportedly blocked the popular extension The Great Suspender and removed it from its Chrome Web Store for containing malware. But if you were one of the many users who relied on the tab manager to keep your browser running smoothly, don’t freak out just yet. You may still be able to recover your lost tabs thanks to a workaround uncovered by the extension’s community.

Learn more at gizmodo.com
Curated by Miguel Calles

A Windows Defender Vulnerability Lurked Undetected for 12 Years

Microsoft has finally patched the bug in its antivirus program after researchers spotted it last fall.

Learn more at wired.com
Curated by Andy74

PayPal fixes reflected XSS vulnerability in user wallet currency converter

The currency conversion endpoint was susceptible to attacks.

Learn more at zdnet.com
Curated by Andy74

Following Oldsmar attack, FBI warns about using TeamViewer and Windows 7

An FBI alert sent on Tuesday warns companies about the use of out-of-date Windows 7 systems, poor account passwords, and desktop sharing software TeamViewer.

Learn more at zdnet.com
Curated by Andy74

Just 270 crypto addresses laundered $1.3 billion in dirty funds last year, research shows

Criminals are using a small group of cryptocurrency brokers and services to launder hundreds of millions of dollars of dirty virtual money, research shared with Reuters showed on Thursday.

Learn more at reuters.com
Curated by Sinwindie

Blocked accounts abused in Evolution CMS SQL injection attacks

Details of duo of flaws in management portal made public weeks after fix.

Learn more at portswigger.net
Curated by Andy74

Secret Chat in Telegram Left Self-Destructing Media Files On Devices

Privacy Flaw: Secret Chat in Telegram Left Self-Destructing Media Files On Devices.

Learn more at thehackernews.com
Curated by Andy74

PSA: if you use Slack on Android, you might want to update your password

Why is changing your Slack password so hard?

Learn more at theverge.com
Curated by Ross Moore

Yandex suffers data breach after sysadmin sold access to user emails

Russian internet and search company Yandex announced today that one of its system administrators had enabled unauthorized access to thousands of user mailboxes.

Learn more at bleepingcomputer.com
Curated by Ross Moore

Vulnerability in Chess.com allowed access to 50 Million user records

The vulnerability could have been exploited to access any account on the site including the Chess.com administrator account.

Learn more at hackread.com
Curated by Andy74

Misconfigured Docker Containers Could Land You in Trouble

Cyber adversaries have been found injecting cryptomining malware via exposed Redis instances, that give full access to all the running containers on Docker Hub, in an ongoing campaign.

Learn more at cyware.com
Curated by Andy74

Blogs

Victims of Ziggy ransomware can recover their files for free

The Ziggy ransomware gang has shut down its operations and released the decryption keys fearing the ongoing investigation of law enforcement. Good news for the victims of the Ziggy ransomware, the ransomware operators have shut down their operations and released the victims’ decryption keys. The victims can now recover their encrypted files without needing to pay the ransom.

Learn more at securityaffairs.co
Curated by Andy74

Android devices caught in Matryosh botnet

The Matryosh botnet goes after Android devices that have ADB enabled and uses them in orchestrated DDoS attacks.

Learn more at blog.malwarebytes.com
Curated by Tony Kelly

Cybercrime and Valentine’s Day: What to Look Out For

Dating app cybercrime is a threat to online daters. Uncover three main threats linked to dating app security and ways to date (online) in a secure manner.

Learn more at digitalshadows.com
Curated by Ross Moore

What Is Cryptojacking? Prevention and Detection Tips

Learn how cryptocurrency, cryptomining and cryptojacking work — also included are tips to prevent and detect cryptojacking before it's too late.

Learn more at varonis.com
Curated by Alesanco

Learning

Shodan Pentesting Guide

Shodan is a tool for searching devices connected to the internet. Unlike search engines which help you find websites, Shodan helps you find information about desktops, servers, IoT devices, and more.

Learn more at community.turgensec.com
Curated by Tony Kelly

AWS Serverless Security using the Serverless Framework Mini-Course

Serverless security is an emerging concern within serverless computing. Serverless computing and frameworks make it easy to create serverless applications. The ease and speed of deployment could make a serverless application prone to cybersecurity risks. We should therefore pay attention to cybersecurity to avoid a data breach, an account takeover, data loss, or more.

Learn how to start securing your serverless application in this mini-course.

Learn more at serverless-security.thinkific.com
Curated by Miguel Calles

The awesome image used in this article was created by Adriaan van den Bos