Cyber snippets

Cyber snippets
The summaries below are a snapshot of the cybersecurity news, updates, risks and threat actor activities to improve the awareness the sector.

Sections

  1. Older cyber snippets

Latest cyber snippets

Date
Category
Summary
Notes
Link/ source
08 March 2021
Legislation/ standards
The NSW government will conduct a second round of consultations on its proposed mandatory data breach notification regime later this year, with the scheme now not expected to be up and running until 2022.

08 March 2021
Phishing/ Malware
Researchers detail two new types of ransomware - AlumniLocker and Humble. Both are new and have very different ways of doing things, demonstrating the diversity in a space attackers are keep to get involved in.

08 March 2021
Phishing/ Malware
Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked! In what's a case of hackers getting hacked, a prominent underground online criminal forum by the name of Maza has been compromised by unknown attackers, making it the fourth forum to have been breached since the start of the year.

08 March 2021
Phishing/ Malware
A mysterious cybercrime group apparently driven by profit has been targeting industrial organizations in Europe, Asia and North America as part of an information theft campaign. The campaign was detailed in September 2020 by cybersecurity firm Zscaler, which warned at the time that the hackers had been targeting oil and gas supply chain industries in the Middle East using the trojan known as AZORult.

08 March 2021
System and cloud (including patches)
Patch management and testing are different, exactly the same, and completely out of hand. Here are tips from the experts on how to wrangle patches in a time of malicious software updates.

08 March 2021
Phishing/ Malware
At least 30,000 organizations across the United States -- including a significant number of small businesses, towns, cities and local governments -- have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that's focused on stealing email from victim organizations. The espionage group is exploiting four newly-discovered flaws in Microsoft Exchange Server email software, and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total, remote control over affected systems.

08 March 2021
Legislation/ standards
White House Cybersecurity Adviser Wants a ‘Cleanliness Rating’ for Software Security.  Policymakers are considering a number of changes to the nation’s cybersecurity posture as a result of the SolarWinds supply chain attack discovered late last year, including data breach notification laws and greater oversight of the nation’s critical infrastructure.

08 March 2021
Fraud/ Crime
The US Department of Justice has indicted today John McAfee, the founder of cybersecurity firm McAfee, on fraud and money laundering charges stemming from schemes that netted the infosec veteran more than $13 million.

05 March 2021
Phishing/ Malware
'ObliqueRAT' Now Hides Behind Images on Compromised Websites. 'Transparent Tribe' has switched its tactics for distributing the remote access Trojan, researchers found.

05 March 2021
System and cloud (including patches)
More Details Emerge on the Microsoft Exchange Server Attacks. The attacks seem more widespread than initially reported, researchers say, and a look at why the Microsoft Exchange Server zero-days patched this week are so dangerous.

05 March 2021
Cyber good practice, articles, guides and updates
The Rochester Institute of Technology announced a $3.3 million in-kind gift from IBM to enhance the capabilities and workforce development programs at the Upstate New York school’s cyber range.

04 March 2021
System and cloud (including patches)
Privacy-conscious internet company Brave Software is creating its own search engine that will offer an alternative to Google’s personalised search results.

04 March 2021
System and cloud (including patches)
Cybersecurity firm Qualys is likely the latest victim to have suffered a data breach after a zero-day vulnerability in their Accellion FTA server was exploited to steal hosted files.

04 March 2021
System and cloud (including patches)
Red Hat Security Advisory 2021-0637-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include XML injection and information leakage vulnerabilities.

04 March 2021
System and cloud (including patches)
Following an independent IT forensic investigation, Oxfam Australia announced today that it has found supporters’ information on one of its databases was unlawfully accessed by an external party on 20 January 2021.
Picked up from: AusCERT Daily Intelligence Report
04 March 2021
System and cloud (including patches)
Microsoft fixes multiple Exchange Server vulnerabilities being weaponized in attacks from a group it believes operates out of China

04 March 2021
System and cloud (including patches)
Google this week announced the availability of Chrome 89 in the stable channel, with patches for a total of 47 vulnerabilities, including one that has been exploited in the wild.

04 March 2021
Phishing/ Malware
After analyzing millions of emails, Cofense researchers have summarized some key patterns used during the attacks in the past year. According to them, cybercriminals are relying on both brand-specific lures as well as weaponized emails to target their victims.

04 March 2021
Nation State
Nation-state actors are now getting help from professional hacking groups that are offering Cybercrime-as-a-Service (CaaS) to carry out their operations. One of the biggest advantages provided by this tactic is anonymity. BlackBerry has released a detailed report on the emergence of such mercenary APT groups.

04 March 2021
System and cloud (including patches)
Fully recovering from the SolarWinds hack will take the US government from a year to as long as 18 months, according to the head of the agency that is leading Washington’s recovery.

03 March 2021
System and cloud (including patches)
Microsoft raised the alarm after discovering Chinese cyber-espionage operators chaining multiple zero-day exploits to siphon e-mail data from corporate Microsoft Exchange servers. Redmond's warning includes the release of emergency out-of-band patches for four distinct zero-day vulnerabilities that formed part of the threat actor's arsenal.

03 March 2021
System and cloud (including patches)
The latest version of the Unc0ver jailbreak leverages a vulnerability that Apple said had been exploited before it released a patch in January.

03 March 2021
System and cloud (including patches)
Google this week announced the release of patches for 37 vulnerabilities as part of the Android security updates for March 2021, including a fix for a critical flaw in the System component.

03 March 2021
System and cloud (including patches)
The Perl.com domain was hijacked in January 2021, but hackers seemingly took control of it four months prior, in September 2020.

03 March 2021
Phishing/ Malware
In early 2021, security researchers identified a variant of the infamous Ryuk ransomware that is capable of lateral movement within the infected networks.

03 March 2021
Cyber good practice, articles, guides and updates
Many in higher education believe that students who have grown up using digital technologies ("digital natives") have little concern for the privacy of their data. Research proves otherwise.



03 March 2021
Cyber good practice, articles, guides and updates
How common is the use of remote proctoring among North American colleges and universities? Should the higher education community be concerned?

03 March 2021
System and cloud (including patches)
A network outage forced Pennsylvania’s Millersville University to cancel classes Monday, the university announced on Twitter over the weekend.

02 March 2021
System and cloud (including patches)
Hackers claiming to have access to data stolen from the NSW transport department, including a demand for documents and correspondence by disgraced former Liberal MP Daryl Maguire, have put snippets of information online to promote a ransom or sale.

afr.com/technology/hackers-offer-stolen-nsw-government-data-for-sale-20210302-p576ym
02 March 2021
System and cloud (including patches)
Someone was silly enough to upload a working spectre (CVE-2017-5753) exploit for Linux (there is also a Windows one with symbols that I didn't look at.) on VirusTotal last month, so here is my quick Sunday afternoon lazy analysis.
Picked up from: AusCERT Daily Intelligence Report
02 March 2021
System and cloud (including patches)
Four Things We Learned (And Four Things That Remain Unclear) About the Russia Hack. The U.S. Senate and House of Representatives hauled the CEOs of SolarWinds, FireEye, CrowdStrike and Microsoft onto (semi-virtual) Capitol Hill last week to answer questions about the sweeping Russian compromise of U.S. government and corporate networks—the first public hearings dedicated to the campaign to date. The Record watched 7.5 hours of testimony so you didn’t have to.

02 March 2021
Cyber good practice, articles, guides and updates
The iPhone’s locked-down approach to security is spreading, but advanced hackers have found that higher barriers are great for avoiding capture.

02 March 2021
System and cloud (including patches)
Oxford University said it was investigating a digital intrusion after a researcher said he had seen evidence that a laboratory researching Covid-19 had been hacked.