Welcome to the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week. This week's volume was curated by Secjuice writers Tony Kelly, Andy74, Sinwindie, Ross Moore, Prasanna, hatless1der, Alesanco, Muhammad Luqman, and Miguel Calles
In this edition, we have news articles, blog posts, and events.
Egregor ransomware operators arrested in Ukraine
Arrested suspects are believed to be clients of the Egregor RaaS, not the Egregor gang itself.
Is it time to ban ransomware insurance payments?
The former head of the NCSC recently called for a dialogue over whether or not it is time to ban insurers from covering ransomware payments. Is he on the right track?
Vulnerability in VMware vSphere Replication Can Facilitate Attacks on Enterprises
VMware has patched a vulnerability in its vSphere Replication product that can facilitate attacks on enterprises.
Palo Alto firewall software vulnerability quartet revealed
Researchers unveil details of security flaws in enterprise firewall technology.
France identifies Russia-linked hackers in large cyberattack
Hackers breached software firm that listed Airbus, Orange and the French Ministry of Justice as its clients.
Microsoft says it found 1,000-plus developers' fingerprints on the SolarWinds attack
As FireEye reveals how suspicious second phone signed up for 2FA gave the game away.
A Sticker Sent On Telegram Could Have Exposed Your Secret Chats
A flaw in Telegram messaging app could have exposed users' secret messages, photos, and videos.
Half of phishing attacks cause ransomware infections: report
Not only did bad actors ask for additional ransoms but more companies are also paying them.
CISA, FBI, and Treasury Expose Latest Tool in North Korea’s Cryptocurrency Theft Scheme: AppleJeus - Homeland Security Today
In most instances, the malicious application—seen on both Windows and Mac operating systems—appears to be from a legitimate cryptocurrency trading company, thus fooling individuals into downloading it.
14 million Amazon and eBay accounts sold online in new leak
The data of 14 million Amazon and eBay accounts are for sale on a popular hacking forum, for accounts active from 2014-2021 in 18 countries.
Three New Vulnerabilities Patched in OpenSSL
OpenSSL updates patch three vulnerabilities, including two DoS flaws and one incorrect SSL rollback protection issue.
Misconfigured Baby Monitors Allow Unauthorized Viewing
Hundreds of thousands of individuals are potentially affected by this vulnerability.
Agora SDK Bug Left Several Video Calling Apps Vulnerable to Snooping
A vulnerability in a popular video calling software development kit (SDK) could have allowed attackers to spy on video and audio calls.
Malvertisers Exploited WebKit 0-Day to Redirect Browser Users to Scam Sites
A malvertising exploited a zero-day vulnerability in WebKit-based browsers to inject malicious payloads that redirected users to fraudulent websites.
The M1 Malware Has Arrived
Now that Apple has officially begun the transition to Apple Silicon, so has malware.
Discord: A New Paradise for Cybercrime
In a new report, Zscaler revealed the widespread use of Discord to host multiple payloads, including the Epsilon ransomware, Redline stealer, XMRig miner, and Discord token grabbers.
Ninja Forms WordPress Plugin Opens Websites to Hacks
The popular plugin is installed on more than 1 million websites, and has four flaws that allow various kinds of serious attacks, including site takeover and email hijacking.
Tracker pixels in emails are now an ‘endemic’ privacy concern
Critics suggest the practice is marketing gone too far.
Jamaica’s immigration website exposed thousands of travelers’ data
Exclusive: Months of immigration documents and COVID-19 lab results were left on an unprotected server.
Hackers target Myanmar government websites in coup protest
Hackers attacked military-run government websites in Myanmar on Thursday as a cyber war erupted after authorities shut down the internet for a fourth straight night.
US charges two more members of the 'Lazarus' North Korean hacking group
The US DOJ described the North Korean hackers as "the world's leading bank robbers" and "a criminal syndicate with a flag."
Malaysia arrests 11 suspects for hacking government sites
A similar government website defacement campaign is also taking place this week in Myanmar, in support of the country's jailed elected leader.
Dutch police post 'friendly' warnings on hacking forums
Dutch police: "Hosting criminal infrastructure in The Netherlands is a lost cause."
France Ties Russia's Sandworm to a Multiyear Hacking Spree
A French security agency warns that the destructively minded group has exploited an IT monitoring tool from Centreon.
Privacy Bug in Brave Browser Exposes Dark-Web Browsing History of Its Users
Brave has fixed a privacy issue in its browser that sent queries for .onion domains to public internet DNS resolvers rather than routing them through Tor nodes, thus exposing users' visits to dark web websites.
New Hack Lets Attackers Bypass MasterCard PIN by Using Them As Visa Card
A new hack lets criminals bypass PIN for a Mastercard contactless card by tricking terminals into believing it to be a Visa card.
White House now says 100 companies hit by SolarWinds hack, but more may be impacted
The attack is ‘likely of Russian origin.’
US announces charges against North Korean hackers for sweeping hacking scheme
DOJ expands its Sony Pictures hacking case.
Let’s Encrypt completes huge upgrade, can now rip and replace 200 million security certs in ‘worst case scenario’
In brief Internet Security Research Group nonprofit Let’s Encrypt has massively upgraded its certification hardware and software so that it can delete and reissue all its certs in less than 24 hours.
A warning to users of NurseryCam
This blog post is intended for a less technical audience – specifically parents and nurseries using the NurseryCam system.
Endpoint Detection and Response: How Hackers Have Evolved
This post identifies systemic endpoint detection and response issues and examines how attackers can bypass any EDR product.
Here’s Why Quantum Computing Will Not Break Cryptocurrencies
Quantum computing isn't going to suddenly end the security of cryptocurrencies and bitcoin. Here's why.
Shining some light on Solarwinds and ICS
This blog discusses the Solarwinds breach and its impact on industrial control systems (ICS).
Cyber42 Game Day: Vulnerability Management Simulation
Tuesday, February 23, 2021 at 10:30 AM EST (2021-02-23 15:30:00 UTC)
In this special session you will play to win the Cyber42 Vulnerability Management Simulation! In this 90-minute Game Day you will play as part of a team to improve the state of a fictional organization and more effectively handle the vulnerability management.
Think Red, Act Blue - Hacking Proprietary Protocols
Tuesday, February 23, 2021 at 10:30 AM EST (2021-02-23 15:30:00 UTC)
In this webinar, Douglas McKee and Ismael Valenzuela, using their combined 30 years of experience in cybersecurity, will walk through how an adversary can dissect and understand proprietary protocols on your network to find vulnerabilities or leak sensitive information.