Weekly News Roundup — June 20 to June 26

Hello and welcome to Sec Soup, where the weekly newsletter has a collection of infosec links to Tools & Tips, Threat Research, and more! The focus trends toward DFIR and threat intelligence, but general information security and hacking-related topics are included as well. This list is not vetted nor intended to be an exhaustive source. Keeping up with the enormous volume of security-related information is a daunting task, but this is my way of filtering the most useful items and improving the signal to noise ratio. Happy Reading!

Industry Reports, News, and Miscellany

Fortinet: The Ghosts of MiraiMcAfee: McAfee Labs Report Highlights Ransomware ThreatsPhishLabs: Breaking Down Phishing Site TLDs and Certificate Abuse in Q1The Record: Cyber insurance market faces a reckoning as losses pile upKaspersky: Malicious spam campaigns delivering banking TrojansCrowdStrike: How Falcon Complete Disrupts eCrime Operators (WIZARD SPIDER)

Threat Research 

Proofpoint: JSSLoader: Recoded and ReloadedBlackberry: PYSA Loves ChaChi: a New GoLang RATIBM: Ursnif Leverages Cerberus Android Malware to Automate Fraudulent Bank Transfers in ItalySymantec: Ransomware: Growing Number of Attackers Using Virtual MachinesTalos: Attackers in Executive Clothing – BEC continues to separate orgs from their moneyGData: Microsoft signed a malicious Netfilter rootkitTrustwave: Yet Another Archive Format Smuggling MalwareSentinel One: Evasive Maneuvers | Massive IcedID Campaign Aims For Stealth with Benign MacrosAvast: Crackonosh: A New Malware Distributed in Cracked SoftwareThe DFIR Report: From Word to Lateral Movement in 1 Hour

Tools and Tips

SpecterOps: Learning from our MythsCrowdStrike: The Myth of Part-time Hunting, Part 1: The Race Against Ever-diminishing Breakout TimesProofpoint: BEC Taxonomy: Lures and TasksFlashpoint: Facing Five Types of Ransomware and Cyber ExtortionNSA: NSA Funds Development, Release of D3FENDSANS ISC: Video: oledump Cheat SheetFalconForce: FalconFriday — Certified Pre-Owned— 0xFF12AhmedS Kasmani: Analysis of malware dropped by Nobelium.Eli Salem: Dissecting and automating Hancitor’s config extractionMalwareAficionado: Walkthrough – HackyBird.exe

Breaches, Government, and Law Enforcement 

Zyxel: Security Incident Alert – Firewall SeriesMalwarebytes: Atomic research institute breached via VPN vulnerabilityPolitico: EU, US launch initiative against ransomwareKrebs: MyBook Users Urged to Unplug Devices from Internet

Vulnerabilities and Exploits

Checkpoint: A supply-chain breach: Taking over an Atlassian account SANS ISC: CVE-2019-9670: Zimbra Collaboration Suite XXE vulnerabilityCISA: Vulnerability Summary for the Week of June 14, 2021Threatpost: Cisco ASA Bug Now Actively Exploited as PoC Drops Read More

The post Weekly News Roundup — June 20 to June 26 appeared first on Malware Devil.

https://malwaredevil.com/2021/06/26/weekly-news-roundup-june-20-to-june-26/?utm_source=rss&utm_medium=rss&utm_campaign=weekly-news-roundup-june-20-to-june-26