Welcome to the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week. This week's volume was curated by Secjuice writers Thunder-Son, Sinwindie, Muhammad Luqman, Prasanna, and Miguel Calles.

Articles

How To Unpack Malware

In this article Marco Ramilli quickly describes three (well, actually kind of four) of the main flows that takes me to succeed in unpacking malware.

Source & link: How To Unpack Malware
Curator: Guise Bule

Major Instagram App Bug Could've Given Hackers Remote Access to Your Phone

CVE-2020-1895: A critical vulnerability in Instagram's Android app that could have allowed remote attackers to take control over a targeted device.

Source & link: thehackernews.com
Curator: Thunder-Son

Over $150M Drained in KuCoin Crypto Exchange Hack

Crypto exchange KuCoin disclosed it was hacked and over $150 million worth-of assets have been drained from its hot wallets.

Source & link: coindesk.com
Curator:  Sinwindie

UHS hospitals hit by reported country-wide Ryuk ransomware attack

Universal Health Services (UHS), a Fortune 500 hospital and healthcare services provider, has reportedly shut down systems at healthcare facilities around the US after a cyber-attack that hit its network during early Sunday morning.

Source & link: bleepingcomputer.com
Curator: Thunder-Son

Two Men Charged in Social Media Account Takeover Schemes Involving Professional and Semi-Professional Athletes

Two men will appear in federal court to face charges that they were involved in the unauthorized takeover of social media and other personal online accounts belonging to professional and semi-professional athletes, U.S. Attorney Craig Carpenito announced.

Source & link: justice.gov
Curator:  Sinwindie

FBI adds 5 Chinese APT41 hackers to its Cyber's Most Wanted List

The United States announced charges against 5 alleged members of APT41 Chinese state-sponsored hacking group.

Source & link: thehackernews.com
Curator: Muhammad Luqman

How a Chinese malware gang defrauded Facebook users of $4 million

SilentFade group utilized a Windows rootkit, browser injections, clever scripting, and a Facebook zero-day to buy and post ads on behalf of hacked users.

Source & link: zdnet.com
Curator: Prasanna

Best OSINT Tools for 2020

OSINT or Open source intelligence refers to information about business or people that can be collected from online sources. However, it requires tools to do so, and here are 10 best OSINT Tools for 2020.

Source & link: hackread.com
Curator: Sinwindie

List of data breaches and cyber attacks in September 2020 – 267 million records breached

Take a look at the top data breaches and cyber attacks in September, as well as our full list of 102 incidents.

Source & link: itgovernance.co.uk
Curator: Prasanna

Steve Steinberg, hacker, writer, friend (1970-2020)

Steve Steinberg—hacker, writer, father, and my dear friend—died yesterday. He was 50 years old. Several weeks ago, Steve had a terrible accident while riding the e-bike that he built himself.

Source & link: boingboing.net
Curator: Sinwindie

Upcoming Events, Webcasts, Conferences, etc.

Stop attacks and reduce security operations workload with automated cross-domain (XDR) security

When: Thursday, October 15, 2020 at 1:00 PM EDT (2020-10-15 17:00:00 UTC)
Location: Online
Cost: Free
Source & link: sans.org
Curator: Miguel Calles

Cyber42 Game Day: CISO For A Day

When: Wednesday, October 21, 2020 at 12:00 PM EST (2020-10-21 16:00:00 UTC)
Location: Online
Cost: Free
Source & link: sans.org
Curator: Miguel Calles

Open Source Digital Forensics Conference

When: October 20-22, 2020
Location: Herndon, VA
Cost: $0-$350 + $499 optional training
Source & Link: osdfcon.org
Curator: Hartoyo Wahyu

GrayHat (formerly the Texas Cyber Summit)

When: October 29, 2020
Location: Virtual
Cost: Free
Source & Link: https://grayhat.co
Curator: Miguel Calles

BIG List of Virtual Cybersecurity Conferences

Source & Link: https://github.com/santosomar/virtualseccons
Curator: Guise Bule

The awesome GIF used in this article is Explosive Punch and was created by Blame Your Brother.