Welcome to the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week. This week's volume was curated by Secjuice writers Andy74, Prasanna, Tony Kelly, Ross Moore, Miguel Calles, Sinwindie, and Alesanco.
In this edition we have news articles, blog posts, and learning.
Hacker Tried to Poison Florida City's Water Supply
The hacker tried to drastically increase sodium hydroxide levels in the water, Pinellas County, Florida, officials said on Monday.
Iran 'hides spyware in wallpaper, restaurant and games apps'
More than 1,000 dissidents and others have been targeted by two active campaigns, researchers say.
We uncovered a Facebook phishing campaign that tricked nearly 500,000 users in two weeks
The scam begins as a Facebook message sent by one of your friends that leads you through a chain of malicious websites.
Critical vulnerability fixed in WordPress plugin with 800K installs
The NextGen Gallery development team has addressed two severe CSRF vulnerabilities to protect sites from potential takeover attacks.
New phishing attack uses Morse code to hide malicious URLs
A new targeted phishing campaign includes the novel obfuscation technique of using Morse code to hide malicious URLs in an email attachment.
Microsoft February 2021 Patch Tuesday fixes 56 flaws, 1 zero-day
Today is Microsoft's February 2021 Patch Tuesday, so please be buy your Windows administrators some snacks to keep their energy up throughout the day.
Android Devices Newest Target of LodaRAT Windows Malware
The LodaRAT – known for targeting Windows devices – has been discovered also targeting Android devices in a new espionage campaign.
HelloKitty ransomware behind CD Projekt Red cyberattack, data theft
The ransomware attack against CD Projekt Red was conducted by a ransomware group that goes by the name 'HelloKitty,' and yes, that's the name the threat actors utilize.
Brits arrested for SIM swapping attacks on U.S. celebs
Eight men have been arrested in England and Scotland as part of an investigation into a series of SIM swapping attacks, in which criminals illegally gained access to the phones of high-profile victims in the U.S.
Another Cyber Incident Headache: Forensic Breach Reports Can Be Discoverable
The shield of attorney-client privilege that protects breach forensics reports from becoming a liability during litigation isn't absolute. As a result, companies and their firms may have to take a much more strategic approach to how these reports are structured.
Chrome Blocks The Great Suspender, But There's Hope for Your Lost Tabs
Google has reportedly blocked the popular extension The Great Suspender and removed it from its Chrome Web Store for containing malware. But if you were one of the many users who relied on the tab manager to keep your browser running smoothly, don’t freak out just yet. You may still be able to recover your lost tabs thanks to a workaround uncovered by the extension’s community.
A Windows Defender Vulnerability Lurked Undetected for 12 Years
Microsoft has finally patched the bug in its antivirus program after researchers spotted it last fall.
PayPal fixes reflected XSS vulnerability in user wallet currency converter
The currency conversion endpoint was susceptible to attacks.
Following Oldsmar attack, FBI warns about using TeamViewer and Windows 7
An FBI alert sent on Tuesday warns companies about the use of out-of-date Windows 7 systems, poor account passwords, and desktop sharing software TeamViewer.
Just 270 crypto addresses laundered $1.3 billion in dirty funds last year, research shows
Criminals are using a small group of cryptocurrency brokers and services to launder hundreds of millions of dollars of dirty virtual money, research shared with Reuters showed on Thursday.
Blocked accounts abused in Evolution CMS SQL injection attacks
Details of duo of flaws in management portal made public weeks after fix.
Secret Chat in Telegram Left Self-Destructing Media Files On Devices
Privacy Flaw: Secret Chat in Telegram Left Self-Destructing Media Files On Devices.
PSA: if you use Slack on Android, you might want to update your password
Why is changing your Slack password so hard?
Yandex suffers data breach after sysadmin sold access to user emails
Russian internet and search company Yandex announced today that one of its system administrators had enabled unauthorized access to thousands of user mailboxes.
Vulnerability in Chess.com allowed access to 50 Million user records
The vulnerability could have been exploited to access any account on the site including the Chess.com administrator account.
Misconfigured Docker Containers Could Land You in Trouble
Cyber adversaries have been found injecting cryptomining malware via exposed Redis instances, that give full access to all the running containers on Docker Hub, in an ongoing campaign.
Victims of Ziggy ransomware can recover their files for free
The Ziggy ransomware gang has shut down its operations and released the decryption keys fearing the ongoing investigation of law enforcement. Good news for the victims of the Ziggy ransomware, the ransomware operators have shut down their operations and released the victims’ decryption keys. The victims can now recover their encrypted files without needing to pay the ransom.
Android devices caught in Matryosh botnet
The Matryosh botnet goes after Android devices that have ADB enabled and uses them in orchestrated DDoS attacks.
Cybercrime and Valentine’s Day: What to Look Out For
Dating app cybercrime is a threat to online daters. Uncover three main threats linked to dating app security and ways to date (online) in a secure manner.
What Is Cryptojacking? Prevention and Detection Tips
Learn how cryptocurrency, cryptomining and cryptojacking work — also included are tips to prevent and detect cryptojacking before it's too late.
Shodan Pentesting Guide
Shodan is a tool for searching devices connected to the internet. Unlike search engines which help you find websites, Shodan helps you find information about desktops, servers, IoT devices, and more.
AWS Serverless Security using the Serverless Framework Mini-Course
Serverless security is an emerging concern within serverless computing. Serverless computing and frameworks make it easy to create serverless applications. The ease and speed of deployment could make a serverless application prone to cybersecurity risks. We should therefore pay attention to cybersecurity to avoid a data breach, an account takeover, data loss, or more.
Learn how to start securing your serverless application in this mini-course.