Secjuice Squeeze Volume 31

Welcome to the 31st edition of the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week. This week's volume was curated by Secjuice writers Prasanna, Sinwindie, Mike Peterson, ThunderSon, and Devesh Chande.

Articles

Hackers Tell the Story of the Twitter Attack From the Inside

Several people involved in the events that took down Twitter this week spoke with The Times, giving the first account of what happened as a pursuit of Bitcoin spun out of control.

Source & Link: nytimes.com
Curator: ThunderSon

Iranian Spies Accidentally Leaked Videos of Themselves Hacking

IBM's X-Force security team obtained five hours of APT35 hacking operations, showing exactly how the group steals data from email accounts—and who it's targeting.

Source & Link: wired.com
Curator: Sinwindie

Zoom Addresses Vanity URL Zero-Day

An attacker could pose as a company employee, invite customers or partners to meetings, then use socially engineered conversation to extract sensitive information.

Source & Link: threatpost.com
Curator: Mike Peterson

A Twitter Hacking Spree Hits Elon Musk, Obama, Apple, and More

An unprecedented “security incident” has rocked Twitter—and scammers are making off with huge amounts of bitcoin.

Source & Link: wired.com
Curator: Mike Peterson

Russia trying to steal COVID-19 vaccine data, say UK, U.S. and Canada

Hackers backed by the Russian state are trying to steal COVID-19 vaccine and treatment research from academic and pharmaceutical institutions around the world, Britain's National Cyber Security Centre (NCSC) said on Thursday.

Source & Link: reuters.com
Curator: Sinwindie

Bazar malware may be new tool in Trickbot arsenal

Cybereason’s Nocturnus research team uncovers new Bazar malware, which shares some similarities with other varieties.

Source & Link: computerweekly.com
Curator: Sinwindie

Microsoft wants to kill off Linux malware for good

Project Freta detects Linux malware for free.

Source & Link: techradar.com
Curator: Sinwindie

VPN firm that claims zero logs policy leaks 20 million user logs

Perhaps, the most ironic moments in the cybersecurity world occur when those who promise to protect your online privacy cannot guard their own turf. We’ve seen this happen from time to time with security firms getting hacked themselves.

Another similar case has emerged recently when the database of a Hong Kong-based VPN provider called UFO VPN was exposed with more than 20 million users logs.

Source & Link: hackread.com
Curator: Prasanna

Issue with Cloudflare's DNS service shuts down half the web

Scores of websites and services went down Friday afternoon due to problems with Cloudflare’s DNS service, sparking rampant speculation about the cause. After all, a global DDOS attack would totally fit the real-life apocalypse movie that 2020 is increasingly turning into.

Source & Link: gizmodo.com
Curator: Sinwindie

ATMs in Europe Hacked

Diebold Nixdorf, a major manufacturer of ATMs, has issued an alert about "jackpotting" or "cash-out" attacks that are draining cash.

Source & Link: bankinfosecurity.com
Curator: ThunderSon

An update on the Twitter's security incident

At this time, we believe attackers targeted certain Twitter employees through a social engineering scheme. What does this mean? In this context, social engineering is the intentional manipulation of people into performing certain actions and divulging confidential information.

Source & Link: https://blog.twitter.com/en_us/topics/company/2020/an-update-on-our-security-incident.html
Curator: ThunderSon

Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices | ZDNet

The list was shared by the operator of a DDoS booter service.

Source & Link: zdnet.com
Curator: Prasanna

Internet Explorer CVE-2019–1367 In the wild Exploitation — prelude

CVE-2019–1367 background and in-the-wild exploitations

Source & Link: confiant.com
Curator: Prasanna

Accused Cypriot scammer threatened to publish stolen data if victims didn't pay huge extortion fees - CyberScoop

The government of Cyprus has extradited a 21-year-old accused cybercriminal to the United States after he was accused of breaching a number of U.S. companies as part of a years-long extortion effort.

Source & Link: cyberscoop.com
Curator: Devesh Chande

ASUS Home Router Bugs Open Consumers to Snooping Attacks

The two flaws allow man-in-the-middle attacks that would give an attacker access to all data flowing through the router.

Source & Link: threatpost.com
Curator: Prasanna

Garmin outage caused by confirmed WastedLocker ransomware attack

Wearable device maker Garmin today had to shut down some of its connected services and call centers following what the company calls a worldwide outage.

Source & Link: bleepingcomputer.com
Curator: Sinwindie

A vigilante is sabotaging the Emotet botnet by replacing malware payloads with GIFs

Emotet botnet activity goes down as Emotet admins are wrestling with a vigilante for control over parts of their infrastructure.

Source & Link: zdnet.com
Curator: Sinwindie

Russia's GRU Hackers Hit US Government and Energy Targets

A previously unreported Fancy Bear campaign persisted for well over a year—and indicates that the notorious group has broadened its focus.

Source & Link: wired.com
Curator: Sinwindie

Upcoming Events, Webcasts, Conferences, etc.

OWASP Virtual AppSec Days Summer of Security

When: July 28-29, 2020 (12:00pm to 4:00pm EDT/1800pm to 2200pm CET)
Location: Online
Source & Link: appsecdays.org
Curator: Hartoyo Wahyu

Ai4 2020

When: September 1-2, 2020
Location: MGM Grand, Las Vegas
Cost: $595 (early registration)
Source & Link: ai4.io
Curator: Miguel Calles

Open Source Digital Forensics Conference

When: October 20-22, 2020
Location: Herndon, VA
Cost: $0-$350 + $499 optional training
Source & Link: osdfcon.org
Curator: Hartoyo Wahyu