Welcome to the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week. This week's volume was curated by Secjuice writers Tony Kelly, Ross Moore, Prasanna, Sinwindie, and Muhammad Luqman.
A crypto-mining botnet is now stealing Docker and AWS credentials
After if began stealing AWS credentials last summer, the TeamTNT botnet is now also stealing Docker API logins, making the use of firewalls mandatory for all internet-exposed Docker interfaces.
Hackers leak stolen Pfizer COVID-19 vaccine data online
The European Medicines Agency (EMA) today revealed that some of the Pfizer/BioNTech COVID-19 vaccine data stolen from its servers in December was leaked online.
Google reveals sophisticated Windows and Android hacking operation
The attackers used a combination of Android, Chrome, and Windows vulnerabilities, including both zero-days and n-days exploits.
Indianapolis neighborhoods scanning visitors' license plates
Homeowners associations across Indianapolis are increasingly partnering with private companies to surveil their neighborhoods with automated license plate readers.
Capitol attack's cybersecurity fallout: Stolen laptops, lost data and possible espionage
The January 6 attack on Election Day certification proceedings in the US Capitol Building has deep cybersecurity ramifications.
Vendor Management Fail: FTC Settles with Mortgage Analytics Company following Vendor Security Issues
An oft-used business management concept is to “hire people smarter than you.” The concept also applies to hiring vendors – hire vendors that are better than you (especially when it comes to information security).
SolarLeaks site claims to sell data stolen in SolarWinds attacks
A website named 'SolarLeaks' is selling data they claim was stolen from companies confirmed to have been breached in the SolarWinds attack.
Scam-as-a-Service operation made more than $6.5 million in 2020
"Classiscam" operation is made up of around 40 groups operating in the US and across several European countries.
Microsoft to fix Windows 10 bug that can corrupt a hard drive just by looking at an icon
All you have to do is look at a malicious Windows shortcut and it can corrupt an NTFS drive.
Ledger Adds Bitcoin Bounty and New Data Security After Hack
After the largest hack in company history, Ledger announced measures to not only address the data breach but also offer a bitcoin bounty.
An Absurdly Basic Bug Let Anyone Grab All of Parler's Data
The “free speech” social network also allowed unlimited access to every public post, image, and video.
So Many People Are Using Signal It Caused An Outage
Concerns about WhatsApp and the influence of Big Tech have caused users to flock to the encrypted messaging app.
Cybercriminals Could be Coming After Your Coffee
Researchers show no IoT device is too small to fall victim to ransomware techniques.
Joker's Stash, the internet's largest carding forum, is shutting down
Joker's Stash to shut down on February 15, 2021.
Iranian hacker group becomes first known APT to weaponize DNS-over-HTTPS (DoH)
Kaspersky says Oilrig (APT34) group has been using DoH to silently exfiltrate data from hacked networks.
Blog Posts and Reports
Top 16 Active Directory Vulnerabilities
List of 16 common Active Directory vulnerabilities found during penetration tests with detailed command examples on how to find them and exploit them.
My 3 Favorite Facebook OSINT Tips & Tricks
You’d be hard pressed to find an information rich source as robust as Facebook. With over 2.7 Billion active users (including my own grandma), it has to be a first stop for anyone conducting online research.
Hunting for Open Secrets: How OSINT Can Help You Intercept a Scandal
For centuries, access to information was limited by human, geographic, and technological limitations. Corruption was typically a conversation behind closed doors.
Strengthening Security Configurations to Defend Against Attackers Targeting Cloud Services
The information in this report is derived exclusively from several CISA incident response engagements and provides the tactics, techniques, and procedures; indicators of compromise (IOCs) that CISA observed as part of these engagements; and recommended mitigations for organization to strengthen their cloud environment configuration to protect against, detect, and respond to potential attacks.
Massachusetts Cybersecurity Mentorship Program
Student and Mentor applications for Spring 2021 are now open!
Open-Source Intelligence (OSINT) Summit | SANS Cyber Security and OSINT Training
Summit: February 11-12 | Training: February 8-10 & 15-20
The OSINT Summit & Training will bring together leading security practitioners and investigators to share proven techniques and tools that can be applied to OSINT gathering and analysis. Learn how to collect information across the Internet, analyze the results, and utilize key data to reach your objectives.
OSINT Onboarding Season hosted by Henk Van Ess and Social Links
Webinars: January 12 @ 4 PM UTC | February 16 @ 4 PM UTC | March 16 @ 4 PM UTC
This course will change the way you conduct internet research, regardless of your job title.
About The Images Used In This Article
This weeks image theme is 'places we would rather be than our bedroom offices' and in the picture below we can see the Faroe Islands. If you haven't heard of the Faroe Islands, you definitely will soon. With its grass-roofed houses, rocky coastlines, and abundance of puffins, the self-governed group of 18 volcanic islands is basically one giant photo op. Mulafossur Waterfall might be the archipelago's most famous site—the cascade is like something from a fantasy novel, falling over the rocky cliffs of Vagar Island to the ocean below, with the green hills of Gásadalur village as a backdrop.