Hello and welcome to Sec Soup, where the weekly newsletter has a collection of infosec links to Tools & Tips, Threat Research, and more! The focus trends toward DFIR and threat intelligence, but general information security and hacking-related topics are included as well. This list is not vetted nor intended to be an exhaustive source. Keeping up with the enormous volume of security-related information is a daunting task, but this is my way of filtering the most useful items and improving the signal to noise ratio. Happy Reading!
Industry Reports, News, and Miscellany
- Red Canary: Take action with Red Canary’s 2021 Threat Detection Report
- Netskope: Threat Labs Report – March 2021
- CIS: White Paper: Security Primer – TrickBot
- CIS: Cybersecurity Quarterly Spring 2021
- Google: Update on campaign targeting security researchers
- IBM: Threat Actors’ Most Targeted Industries in 2020: Finance, Manufacturing, and Energy
- Recorded Future: The Business of Fraud: Fraud Tutorials and Courses
- Kaspersky: Financial Cyberthreats in 2020
- Bleeping Computer: Microsoft outage caused by overloaded Azure DNS servers
- F-Secure: Attack landscape update: Ransomware 2.0, automated recon, and supply chain attacks
Threat Research
- CrowdStrike: Adversary Quest: 4 CATAPULT SPIDER eCrime Challenges
- Proofpoint: BadBlood: TA453 Targets US and Israeli Medical Research Personnel in Credential Phishing Campaigns
- Zscaler: Ares Malware: The Grandson of the Kronos Banking Trojan
- Palo Unit 42: Recent Hancitor Infections Use Cobalt Strike and a Network Ping Tool
- Fortinet: Did You File Your Taxes Yet?
- Kaspersky: Browser lockers: extortion disguised as a fine
- Kaspersky: APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign
- Talos: Cheating the cheater: How adversaries are using backdoored video game cheat engines and modding tools
- Cybereason: Cybereason vs. DarkSide Ransomware
- Morphisec: The “Fair” Upgrade Variant of Phobos Ransomware
- The DFIR Report: Sodinokibi (aka REvil) Ransomware
- PC’s Xcetra Support: SunCrypt, PowerShell obfuscation, shellcode and more yara
- Bleeping Computer: BazarCall malware uses malicious call centers to infect victims
Tools and Tips
- Flashpoint: The Threat Intelligence Lifecycle for Physical Security
- SANS: 3MinMax Series Topic Review – Using KAPE in Forensics
- SANS ISC: April 2021 Forensic Quiz
- Red Canary: Testing and validation in the modern security operations center
- FireEye: Back in a Bit: Attacker Use of the Windows Background Intelligent Transfer Service
- Trustwave: You Just Received 25k USD in Your BTC Account! A Practical Phishing Defense Tutorial
- Outflank: Our reasoning for Outflank security Tooling
- MichaelKoczqara: Awesome-CobaltStrike-Defence: Defences against Cobalt Strike
- Alexandreborges: Malwoverview is a first response tool used for threat hunting and offers intel information
- Ninoseki: shodan-dojo: Learning Shodan through katas
Breaches, Government, and Law Enforcement
- Krebs: Whistleblower: Ubiquiti Breach “Catastrophic”
- AP News: SolarWinds hack got emails of top DHS officials
- Malwerebytes: Malicious commits found in PHP code repository: What you need to know
- Politico: ‘Time is not on our side’ — Biden navigates cyber attacks without a cyber czar
- Politico: America’s digital defender is underfunded, outmatched and ‘exhausted’
- The Record: Phone numbers for 533 million Facebook users leaked on hacking forum
- DOJ: DeepDotWeb Administrator Pleads Guilty to Money Laundering Conspiracy
- DOJ: Former Intelligence Analyst Pleads Guilty to Disclosing Classified Information
Vulnerabilities and Exploits
- CrowdStrike: Vulnerability Roundup: 10 Critical CVEs of 2020
- VMware: Multiple Vulnerabilities in vRealize Operations Manager
- Symantec: Newly-Discovered Vulnerabilities Could Allow for Bypass of Spectre Mitigations in Linux
- CISA: Vulnerability Summary for the Week of March 22, 2021
- CISA: CISA Releases Supplemental Direction on Emergency Directive for Microsoft Exchange Server Vulnerabilities
- FBI: APT Actors Exploit Vulnerabilities to Gain Initial Access for Future Attacks
- Threatpost: Legacy QNAP NAS Devices Vulnerable to Zero-Day Attack
The post Weekly News Roundup — March 28 to April 3 appeared first on Malware Devil.
https://malwaredevil.com/2021/04/03/weekly-news-roundup-march-28-to-april-3/?utm_source=rss&utm_medium=rss&utm_campaign=weekly-news-roundup-march-28-to-april-3
No comments:
Post a Comment