Secjuice Squeeze 55
Welcome to the Secjuice Squeeze, a curated selection of security articles and news that you may have missed.
Welcome to the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week. This week's volume was curated by Secjuice writers Andy74, Prasanna, Tony Kelly, Ross Moore, Miguel Calles, Sinwindie, and Alesanco.
In this edition we have news articles, blog posts, and learning.
News
Hacker Tried to Poison Florida City's Water Supply
The hacker tried to drastically increase sodium hydroxide levels in the water, Pinellas County, Florida, officials said on Monday.
Learn more at vice.com and theverge.com
Curated by Prasanna and Tony Kelly
Iran 'hides spyware in wallpaper, restaurant and games apps'
More than 1,000 dissidents and others have been targeted by two active campaigns, researchers say.
Learn more at bbc.com
Curated by Tony Kelly
We uncovered a Facebook phishing campaign that tricked nearly 500,000 users in two weeks
The scam begins as a Facebook message sent by one of your friends that leads you through a chain of malicious websites.
Learn more at cybernews.com
Curated by Tony Kelly
Critical vulnerability fixed in WordPress plugin with 800K installs
The NextGen Gallery development team has addressed two severe CSRF vulnerabilities to protect sites from potential takeover attacks.
Learn more at bleepingcomputer.com
Curated by Andy74
New phishing attack uses Morse code to hide malicious URLs
A new targeted phishing campaign includes the novel obfuscation technique of using Morse code to hide malicious URLs in an email attachment.
Learn more at bleepingcomputer.com
Curated by Ross Moore
Microsoft February 2021 Patch Tuesday fixes 56 flaws, 1 zero-day
Today is Microsoft's February 2021 Patch Tuesday, so please be buy your Windows administrators some snacks to keep their energy up throughout the day.
Learn more at bleepingcomputer.com and thehackernews.com
Curated by Tony Kelly and Andy74
Android Devices Newest Target of LodaRAT Windows Malware
The LodaRAT – known for targeting Windows devices – has been discovered also targeting Android devices in a new espionage campaign.
Learn more at threatpost.com
Curated by Andy74
HelloKitty ransomware behind CD Projekt Red cyberattack, data theft
The ransomware attack against CD Projekt Red was conducted by a ransomware group that goes by the name 'HelloKitty,' and yes, that's the name the threat actors utilize.
Learn more at bleepingcomputer.com
Curated by Andy74
Brits arrested for SIM swapping attacks on U.S. celebs
Eight men have been arrested in England and Scotland as part of an investigation into a series of SIM swapping attacks, in which criminals illegally gained access to the phones of high-profile victims in the U.S.
Learn more at secretservice.gov
Curated by Sinwindie
Another Cyber Incident Headache: Forensic Breach Reports Can Be Discoverable
The shield of attorney-client privilege that protects breach forensics reports from becoming a liability during litigation isn't absolute. As a result, companies and their firms may have to take a much more strategic approach to how these reports are structured.
Learn more at law.com
Curated by Ross Moore
Chrome Blocks The Great Suspender, But There's Hope for Your Lost Tabs
Google has reportedly blocked the popular extension The Great Suspender and removed it from its Chrome Web Store for containing malware. But if you were one of the many users who relied on the tab manager to keep your browser running smoothly, don’t freak out just yet. You may still be able to recover your lost tabs thanks to a workaround uncovered by the extension’s community.
Learn more at gizmodo.com
Curated by Miguel Calles
A Windows Defender Vulnerability Lurked Undetected for 12 Years
Microsoft has finally patched the bug in its antivirus program after researchers spotted it last fall.
Learn more at wired.com
Curated by Andy74
PayPal fixes reflected XSS vulnerability in user wallet currency converter
The currency conversion endpoint was susceptible to attacks.
Learn more at zdnet.com
Curated by Andy74
Following Oldsmar attack, FBI warns about using TeamViewer and Windows 7
An FBI alert sent on Tuesday warns companies about the use of out-of-date Windows 7 systems, poor account passwords, and desktop sharing software TeamViewer.
Learn more at zdnet.com
Curated by Andy74
Just 270 crypto addresses laundered $1.3 billion in dirty funds last year, research shows
Criminals are using a small group of cryptocurrency brokers and services to launder hundreds of millions of dollars of dirty virtual money, research shared with Reuters showed on Thursday.
Learn more at reuters.com
Curated by Sinwindie
Blocked accounts abused in Evolution CMS SQL injection attacks
Details of duo of flaws in management portal made public weeks after fix.
Learn more at portswigger.net
Curated by Andy74
Secret Chat in Telegram Left Self-Destructing Media Files On Devices
Privacy Flaw: Secret Chat in Telegram Left Self-Destructing Media Files On Devices.
Learn more at thehackernews.com
Curated by Andy74
PSA: if you use Slack on Android, you might want to update your password
Why is changing your Slack password so hard?
Learn more at theverge.com
Curated by Ross Moore
Yandex suffers data breach after sysadmin sold access to user emails
Russian internet and search company Yandex announced today that one of its system administrators had enabled unauthorized access to thousands of user mailboxes.
Learn more at bleepingcomputer.com
Curated by Ross Moore
Vulnerability in Chess.com allowed access to 50 Million user records
The vulnerability could have been exploited to access any account on the site including the Chess.com administrator account.
Learn more at hackread.com
Curated by Andy74
Misconfigured Docker Containers Could Land You in Trouble
Cyber adversaries have been found injecting cryptomining malware via exposed Redis instances, that give full access to all the running containers on Docker Hub, in an ongoing campaign.
Learn more at cyware.com
Curated by Andy74
Blogs
Victims of Ziggy ransomware can recover their files for free
The Ziggy ransomware gang has shut down its operations and released the decryption keys fearing the ongoing investigation of law enforcement. Good news for the victims of the Ziggy ransomware, the ransomware operators have shut down their operations and released the victims’ decryption keys. The victims can now recover their encrypted files without needing to pay the ransom.
Learn more at securityaffairs.co
Curated by Andy74
Android devices caught in Matryosh botnet
The Matryosh botnet goes after Android devices that have ADB enabled and uses them in orchestrated DDoS attacks.
Learn more at blog.malwarebytes.com
Curated by Tony Kelly
Cybercrime and Valentine’s Day: What to Look Out For
Dating app cybercrime is a threat to online daters. Uncover three main threats linked to dating app security and ways to date (online) in a secure manner.
Learn more at digitalshadows.com
Curated by Ross Moore
What Is Cryptojacking? Prevention and Detection Tips
Learn how cryptocurrency, cryptomining and cryptojacking work — also included are tips to prevent and detect cryptojacking before it's too late.
Learn more at varonis.com
Curated by Alesanco
Learning
Shodan Pentesting Guide
Shodan is a tool for searching devices connected to the internet. Unlike search engines which help you find websites, Shodan helps you find information about desktops, servers, IoT devices, and more.
Learn more at community.turgensec.com
Curated by Tony Kelly
AWS Serverless Security using the Serverless Framework Mini-Course
Serverless security is an emerging concern within serverless computing. Serverless computing and frameworks make it easy to create serverless applications. The ease and speed of deployment could make a serverless application prone to cybersecurity risks. We should therefore pay attention to cybersecurity to avoid a data breach, an account takeover, data loss, or more.
Learn how to start securing your serverless application in this mini-course.
Learn more at serverless-security.thinkific.com
Curated by Miguel Calles