Welcome to the 31st edition of the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week. This week's volume was curated by Secjuice writers Prasanna, Sinwindie, Mike Peterson, ThunderSon, and Devesh Chande.
Hackers Tell the Story of the Twitter Attack From the Inside
Several people involved in the events that took down Twitter this week spoke with The Times, giving the first account of what happened as a pursuit of Bitcoin spun out of control.
Iranian Spies Accidentally Leaked Videos of Themselves Hacking
IBM's X-Force security team obtained five hours of APT35 hacking operations, showing exactly how the group steals data from email accounts—and who it's targeting.
Zoom Addresses Vanity URL Zero-Day
An attacker could pose as a company employee, invite customers or partners to meetings, then use socially engineered conversation to extract sensitive information.
A Twitter Hacking Spree Hits Elon Musk, Obama, Apple, and More
An unprecedented “security incident” has rocked Twitter—and scammers are making off with huge amounts of bitcoin.
Russia trying to steal COVID-19 vaccine data, say UK, U.S. and Canada
Hackers backed by the Russian state are trying to steal COVID-19 vaccine and treatment research from academic and pharmaceutical institutions around the world, Britain's National Cyber Security Centre (NCSC) said on Thursday.
Bazar malware may be new tool in Trickbot arsenal
Cybereason’s Nocturnus research team uncovers new Bazar malware, which shares some similarities with other varieties.
Microsoft wants to kill off Linux malware for good
Project Freta detects Linux malware for free.
VPN firm that claims zero logs policy leaks 20 million user logs
Perhaps, the most ironic moments in the cybersecurity world occur when those who promise to protect your online privacy cannot guard their own turf. We’ve seen this happen from time to time with security firms getting hacked themselves.
Another similar case has emerged recently when the database of a Hong Kong-based VPN provider called UFO VPN was exposed with more than 20 million users logs.
Issue with Cloudflare's DNS service shuts down half the web
Scores of websites and services went down Friday afternoon due to problems with Cloudflare’s DNS service, sparking rampant speculation about the cause. After all, a global DDOS attack would totally fit the real-life apocalypse movie that 2020 is increasingly turning into.
ATMs in Europe Hacked
Diebold Nixdorf, a major manufacturer of ATMs, has issued an alert about "jackpotting" or "cash-out" attacks that are draining cash.
An update on the Twitter's security incident
At this time, we believe attackers targeted certain Twitter employees through a social engineering scheme. What does this mean? In this context, social engineering is the intentional manipulation of people into performing certain actions and divulging confidential information.
Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices | ZDNet
The list was shared by the operator of a DDoS booter service.
Internet Explorer CVE-2019–1367 In the wild Exploitation — prelude
CVE-2019–1367 background and in-the-wild exploitations
Accused Cypriot scammer threatened to publish stolen data if victims didn't pay huge extortion fees - CyberScoop
The government of Cyprus has extradited a 21-year-old accused cybercriminal to the United States after he was accused of breaching a number of U.S. companies as part of a years-long extortion effort.
ASUS Home Router Bugs Open Consumers to Snooping Attacks
The two flaws allow man-in-the-middle attacks that would give an attacker access to all data flowing through the router.
Garmin outage caused by confirmed WastedLocker ransomware attack
Wearable device maker Garmin today had to shut down some of its connected services and call centers following what the company calls a worldwide outage.
A vigilante is sabotaging the Emotet botnet by replacing malware payloads with GIFs
Emotet botnet activity goes down as Emotet admins are wrestling with a vigilante for control over parts of their infrastructure.
Russia's GRU Hackers Hit US Government and Energy Targets
A previously unreported Fancy Bear campaign persisted for well over a year—and indicates that the notorious group has broadened its focus.