Secjuice Squeeze Volume 30
Welcome to the Secjuice Squeeze, a curated selection of interesting infosec articles and news that you may have missed. Now with upcoming events!
Welcome to the 30th edition of the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week. This week's volume was curated by Secjuice writers Prasanna, Sinwindie, Devesh Chande, ThunderSon and Miguel Calles.
Articles
Lazarus APT Stole Credit Card Data From US and EU Stores
North Korea-linked Lazarus APT has been stealing payment card data from customers of large retailers in the U.S. and Europe for at least a year. Sansec researchers reported that North Korea-linked Lazarus APT group has been stealing payment card information from customers of large retailers in the U.S. and Europe for at least a year.
Source & Link: Security Affairs
Curator: Prasanna
Ex-Yahoo Employee Avoids Jail, Despite Hacking 6000 Accounts and Stealing Explicit Photos and Videos
A former employee of Yahoo has been sentenced and ordered to pay a fine after exploiting his privileged access to hack into the personal accounts of thousands of Yahoo users, in his hunt for naked photographs and videos of young women.
Source & Link: Security Boulevard
Curator: Sinwindie
US Secret Service reports an increase in hacked managed service providers (MSPs) | ZDNet
US Secret Service says hackers are breaching MSPs to orchestrate ransomware attacks, point-of-sale intrusions, and business email compromise (BEC) scams.
Source & Link: ZDNet
Curator: Sinwindie
Hacking Tensions With Iran Surging After Nuclear Site Fire
Following a mysterious outbreak of fire at an Iranian nuclear site, Iran has threatened to retaliate for the possible cyberattack but not officially blamed the U.S. or Israel.
Source & Link: Washington Post
Curator: Sinwindie
Email Fraud Campaign Aimed at Fortune 500 Linked to Russian Scammers
A group of scammers masquerading as legitimate business executives is behind more than 200 email-based attacks that aim to swindle hundreds of thousands of dollars from companies. Dubbed “Cosmic Lynx” by the email security firm Agari, the group has targeted individuals in 46 countries since July 2019, often victimizing senior leaders in Fortune 500 or Global 2000 firms.
Source & Link: CyberScoop
Curator: Devesh Chande
Ransomware Attack On Insurance MSP Affects Clients
Global IT services and solutions provider DXC Technology announced over the weekend a ransomware attack on systems from its Xchanging subsidiary. An undisclosed number of customers was impacted by the cyberattack, denying access to their operating environment.
Source & Link: Bleeping Computer
Curator: Miguel Calles
Home Routers Are Riddled With Known Flaws and Run Ancient, Unpatched Linux Operating Systems
Germany's Fraunhofer Institute for Communication (FKIE) has carried out a study involving 127 home routers from seven brands to check for the presence of known security vulnerabilities in the latest firmware. The results are appalling, there are no routers in the study without known security flaws.
Source & Link: ZDNet
Curator: Miguel Calles
Citrix Bugs Allow Unauthenticated Code Injection & Data Theft
Multiple vulnerabilities in the Citrix Application Delivery Controller (ADC) and Gateway would allow code injection, information disclosure and denial of service, the networking vendor announced Tuesday. Four of the bugs are exploitable by an unauthenticated, remote attacker. The Citrix products are installed in at least 80,000 companies in 158 countries.
Source & Link: ThreatPost
Curator: ThunderSon
Police Are Buying Access to Hacked Website Data
Companies are selling the police and government agencies access to data stolen from websites in the hope that it can generate investigative leads, with the data including passwords, email addresses, IP addresses, and more. One company claimed to "empower investigators from law enforcement agencies and enterprises around the world to more quickly and efficiently bring malicious actors to justice."
Source & Link: Vice
Curator: Sinwindie
Citizen of Kazakhstan Charged With Computer Fraud and Wire Fraud For Hacking Hundreds Of Corporate Networks In More Than 40 Countries Worldwide
An indictment was unsealed today in the Western District of Washington charging a citizen of Kazakhstan with various federal crimes related to a prolific, financially motivated cybercrime group that hacked the computer networks of a broad array of corporate entities, educational institutions, and governments throughout the world.
Source & Link: Department Of Justice
Curator: Sinwindie
Whitepaper: From Exposure to Takeover: The 15 billion stolen credentials allowing account takeover
Over the past 2.5 years, the Digital Shadows Photon Research team has been analyzing how cybercriminals conspire to prey upon users of online services by “taking over” the accounts they all use on an everyday basis―for banks, to stream videos or music, for work―the list goes on. For this paper we closely examine this ubiquitous problem, including how attackers approach account takeovers (ATO).
Source & Link: Digital Shadows
Curator: Devesh Chande
Upcoming Events, Webcasts, Conferences, etc.
OWASP Virtual AppSec Days Summer of Security
When: July 28-29, 2020 (12:00pm to 4:00pm EDT/1800pm to 2200pm CET)
Location: Online
Source & Link: appsecdays.org
Curator: Hartoyo Wahyu
Ai4 2020
When: September 1-2, 2020
Location: MGM Grand, Las Vegas
Cost: $595 (early registration)
Source & Link: ai4.io
Curator: Miguel Calles
Open Source Digital Forensics Conference
When: October 20-22, 2020
Location: Herndon, VA
Cost: $0-$350 + $499 optional training
Source & Link: osdfcon.org
Curator: Hartoyo Wahyu