Secjuice Squeeze 57
Welcome to the Secjuice Squeeze, a curated selection of security articles and news that you may have missed.
Welcome to the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week. This week's volume was curated by Secjuice writers Ross Moore, Tony Kelly, Miguel Calles, Andy74, Muhammad Luqman, Prasanna, Sinwindie, discreti, Alesanco, and hatless1der.
In this edition, we have news articles, blog posts, and tools.
News
China Hijacked an NSA Hacking Tool—and Used It for Years
The hackers used the agency’s EpMe exploit to attack Windows devices years before the Shadow Brokers leaked the agency’s zero-day arsenal online.
Learn more at wired.com
Curated by Ross Moore and Tony Kelly
Web hosting provider shuts down after cyberattack
Two other UK web hosting providers also suffered similar hacks over the weekend, although it's unconfirmed if the attacks are related.
Learn more at zdnet.com
Curated by Tony Kelly
Server "fault" at online casino 32Red exposes partial customer card details
A server “fault” at online casino 32Red meant some of its customers were able to view other customers’ account balance and partial card details.
Learn more at verdict.co.uk
Curated by Tony Kelly
Nearly 30,000 Macs reportedly infected with mysterious malware
Nearly 30,000 Macs worldwide have been infected with mysterious malware, according to researchers at security firm Red Canary.
Learn more at cnn.com
Curated by Ross Moore
Remote Work May Transform Higher Education. But Will Printers and Alexa Undermine Its Privacy?
An “uber trend” of remote work for higher education information security is coming, at a time when more connections are being forged between higher ed and other state data. Plus: printers, smart speakers and privacy (oh my!).
Learn more at edsurge.com
Curated by Ross Moore
Virtual passport app presents real data risk, experts warn
Canadian privacy experts are concerned the federal government's plan to develop an online passport application process could put personal information at risk and open a new angle of attack for fraudsters.
Learn more at cbc.ca
Curated by Ross Moore
Experts Find a Way to Learn What You're Typing During Video Calls
A new attack framework aims to infer keystrokes typed by a target user at the opposite end of a video conference call by simply leveraging the video feed to correlate observable body movements to the text being typed.
Learn more at thehackernews.com
Curated by Andy74
10K Targeted in Phishing Attacks Spoofing FedEx, DHL Express
The two campaigns aimed to steal victims' business email account credentials by posing as the shipping companies.
Learn more at darkreading.com
Curated by Muhammad Luqman
Critical RCE Flaws Affect VMware ESXi and vSphere Client — Patch Now
VMware has addressed multiple critical remote code execution (RCE) vulnerabilities in VMware ESXi and vSphere Client virtual infrastructure management platform that may allow attackers to execute arbitrary commands and take control of affected systems.
Learn more at thehackernews.com and bleepingcomputer.com
Curated by Andy74
Twitter removes accounts of Russian government-backed actors
Twitter has removed dozens of accounts connected to Russian government-backed actors disseminating disinformation and targeting the European Union, the United States, and the NATO alliance.
Learn more at bleepingcomputer.com
Curated by Prasanna
Hackers Tied to Russia's GRU Targeted the US Grid for Years
A Sandworm-adjacent group has successfully breached US critical infrastructure a handful of times, according to new findings from the security firm Dragos.
Learn more at wired.com
Curated by Sinwindie
Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack
Ukraine is formally pointing fingers at Russian hackers for hacking into one of its government systems and attempting to plant and distribute malicious documents that would install malware on target systems of public authorities.
Learn more at thehackernews.com
Curated by discreti
‘Millions of people’s data is at risk’ — Amazon insiders sound alarm over security
Whistleblowers say they were forced out after flagging problems with e-commerce giant’s data security and compliance.
Learn more at politico.eu
Curated by Andy74
Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations
A new Chinese hacking attack aimed at spying on vulnerable Tibetan communities globally by deploying a malicious Firefox extension on target systems.
Learn more at thehackernews.com
Curated by discreti
Ransomware gang hacks Ecuador's largest private bank, Ministry of Finance
A hacking group called 'Hotarus Corp' has hacked Ecuador's Ministry of Finance and the country's largest bank, Banco Pichincha, where they claim to have stolen internal data.
Learn more at bleepingcomputer.com
Curated by Tony Kelly
Blogs
How Hackers Exploit Struts2 on Linux and Windows Servers
The Jakarta Multipart Parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts.
Learn more at neoslab.com
Curated by Tony Kelly
Caught by a CAPTCHA?
Be aware of being involved in malicious CAPTCHA solving.
Learn more at blog.knowbe4.com
Curated by Miguel Calles
Be on the Watch for W-2 Phishing Scams!
With tax season just around the corner, this simple, yet effective social engineering theme is perfect to get users to respond to phishing attacks exactly the way the bad guys want.
Learn more at blog.knowbe4.com
Curated by Miguel Calles
CyberheistNews Vol 11 #08 [Eye Opener] Major Video Game Maker Refuses to Negotiate With Ransomware Cyber Criminals
Video game studio CD Projekt Red, makers of The Witcher series and Cyberpunk 2077, have disclosed a ransomware attack, WIRED reports.
Learn more at blog.knowbe4.com
Curated by Miguel Calles
Physical cyber threats: What do criminals leave when they break in?
While orgs continued to fortify their networks against remote invaders, most have overlooked potential cyber threats from physical intruders.
Learn more at helpnetsecurity.com
Curated by Ross Moore
I’m an ethical hacker. Here’s how I could use social media to scam you.
Be careful about what you’re oversharing online, because it makes it easier for (unethical) hackers to target you.
Learn more at fastcompany.com
Curated by Sinwindie
Popular Node.js package vulnerable to command injection attacks
Developer of ‘systeminformation’ library addresses moderate severity flaw in security update.
Learn more at portswigger.net
Curated by Andy74
Part of Github Just Went Private
Social Networks want to be found, so they make some information – most notably, profiles – public, visible to search engines.
Learn more at booleanstrings.com
Curated by discreti
Who's hacking your smart home?
What can the average user do to secure their smart gadgets from attacks by cybercriminals?
Learn more at cybernews.com
Curated by Alesanco
CISOs report that ransomware is now the biggest cybersecurity concern in 2021
This blog was written by an independent guest blogger. As the number of remote working arrangements rose substantially in the last year, cybercriminals were quick to take advantage of these new opportunities. Spam and phishing emails increased in number even more rapidly than telecommuting, and company cybersecurity officers found themselves struggling to keep up. Phishing emails often came with a sinister sidekick - a ransomware attack.
Learn more at cybersecurity.att.com
Curated by Tony Kelly
FalconFriday — Recognizing Beaconing Traffic
In today’s edition, we’ll share a method of detecting beaconing C&C traffic from large data sets of proxy traffic.
Learn more at medium.com
Curated by Tony Kelly
Web Application Testing: An Essential Component of Red Team Activities
Web application vulnerabilities are a significant consequence of our current digital ecosystem. Check out CBI's ATS Team Technical Brief.
Learn more at cbisecure.com
Curated by Tony Kelly
Tools (Non-Sponsored)
SpiderFoot: OSINT Automation
Automate your OSINT for better reconnaissance, investigations and perimeter monitoring. Open source or SpiderFoot HX.
Learn more at spiderfoot.net
Curated by Tony Kelly