Secjuice Squeeze Volume 42
Welcome to the Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated weekly.
Welcome to the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week. This week's volume was curated by Secjuice writers Sinwindie, Prasanna, Miguel Calles, Muhammad Luqman.
Articles
US charges Russian hackers behind NotPetya, KillDisk, OlympicDestroyer attacks
The US Department of Justice has unsealed today charges against six GRU officers believed to be members of Sandworm, one of today's most advanced state-sponsored hacking groups.
Source & Link: zdnet.com
Curator: Sinwindie
GravityRAT Comes Back to Earth with Android, macOS Spyware
The espionage tool masquerades as legitimate applications and robs victims blind of their data.
Source & Link: threatpost.com
Curator: Prasanna
Mysterious 'Robin Hood' hackers donating stolen money
Experts and charities are puzzled by hackers who've started donating stolen money.
Source & Link: bbc.com
Curator: Prasanna
Activists Turn Facial Recognition Tools Against the Police
“We’re now approaching the technological threshold where the little guys can do it to the big guys,” one researcher said.
Source & Link: nytimes.com
Curator: Sinwindie
Dutch Ethical Hacker Logs into Trump’s Twitter Account
Last week a Dutch security researcher succeeded in logging into the Twitter account of the American President Donald Trump.
Source & Link: volkskrant.nl
Curator: Sinwindie
Bug Parade: NSA Warns on Cresting China-Backed Cyberattacks
The Feds have published a Top 25 exploits list, rife with big names like BlueKeep, Zerologon and other notorious security vulnerabilities.
Source & Link: threatpost.com
Curator: Miguel Calles
A massive spam attack is ruining public 'Among Us' games
Among Us is struggling to contain a spam attack that is affecting most of its community.
Source & Link: engadget.com
Curator: Sinwindie
RIAA blitz takes down 18 GitHub projects used for downloading YouTube videos
Main target of the takedown was the youtube-dl project, a Python library that had amassed more than 72k stars on GitHub and was used in many YouTube video ripping tools and services.
Source & Link: zdnet.com
Curator: Sinwindie
Botnet Infects Hundreds of Thousands of Websites
KashmirBlack has been targeting popular content management systems, such as WordPress, Joomla, and Drupal, and using Dropbox and GitHub for communication to hide its presence.
Source & Link: darkreading.com
Curator: Muhammad Luqman
NSA Reveals the Top 25 Vulnerabilities Exploited by Chinese Nation-State Hackers
Officials urge organizations to patch the vulnerabilities most commonly scanned for, and exploited by, Chinese attackers.
Source & Link: darkreading.com
Curator: Muhammad Luqman
Upcoming Events, Webcasts, Conferences, etc.
GrayHat (formerly the Texas Cyber Summit)
When: October 29, 2020
Location: Virtual
Cost: Free
Source & Link: https://grayhat.co
Curator: Miguel Calles
BIG List of Virtual Cybersecurity Conferences
Source & Link: https://github.com/santosomar/virtualseccons
Curator: Guise Bule