My latest blog. "How to monitor your data breach exposure". This article contains some tips and tools you can use to stay informed about data breaches involving your accounts. medium.com/@john.opdenakker/ho

Good research by Check Point. "Both Microsoft’s client and one of the open-sourced clients, a malicious RDP server can leverage the vulnerabilities in the RDP clients to achieve remote code execution over the client’s computer"
research.checkpoint.com/revers

@j_opdenakker Checkpoints writeup can be found here (didn't see it linked from TP). There are some IOC's to check for there as well:

https://research.checkpoint.com/speakup-a-new-undetected-backdoor-linux-trojan/

Advanced malware discovered (by
CheckPoint Security) that can target on-premises and cloud-based servers. Also able to infect MacOS devices. At the moment it serves XMRig miners to infected servers but bigger threat most likely in the making
threatpost.com/speakup-linux-b

For people that are into , here's a blog with some useful resources. I regularly update it. If you have good resources that are missing please contribute!
medium.com/@john.opdenakker/so

Evil, Eviler, Evilest. After infecting the victims' machines with ransomware, criminals provide a link to a PayPal page to harvest their payment card details.
infosecurity-magazine.com/news

Yesterday I started with a series of short blogs. The plan is to do several of them each week. Here's the first one about secure previewing of shortened links.
medium.com/@john.opdenakker/in

Researcher pulls Black hat Asia talk on hacking apple's saying he was only able to reproduce hacks on iPhone X under certain conditions, but it did not work with iPhone XS and XS Max. Good PR for Apple, shitty PR for his company.
reuters.com/article/us-apple-c

18th century blockchain! AKA how I feel when someone is suggesting to use blockchain to solve the problem.

Junglesec ransomware originally reported in early November by Windows, Linux, and Mac users. Back then there was no indication how the attack was executed. Now several users reported being attacked via IPMI interface.
bleepingcomputer.com/news/secu

The latest varation in a series of extortion mails. The tone is getting more violent every time. A hitman is coming for you. But fear not, if you pay 4K in bitcoin the crooks will "remove the hitman". 😌
hackread.com/email-extortion-s

Nice! Microsoft launches throwaway sandbox fort Windows 10. An isolated, temporary, desktop environment where you can run untrusted software without the fear of lasting impact to your PC. techcommunity.microsoft.com/t5

PoC for bug available, based on test case from the commit that fixed the bug. Crashes the Chrome renderer process. worthdoingbadly.com/

⚠️ If you're using the 5.0 branch, update to version 5.0.1 now! ⚠️
Fixes for 7 vulnerabilities. Some allow site takeover, and also a pretty serious privacy leak.
zdnet.com/article/wordpress-pl

Good research by Checkpoint security researchers. Quit shocking results, they found over 50 vulnerabilities in reader in 50 days. One of the bugs was already reported and being exploited in the wild.
research.checkpoint.com/50-ado

Modus operandi:
1: attacker enters building and connects device to local network
2: remotely connect to device and scan network to gain access to additional resources
3: log into target system, use remote access SW to retain access
securelist.com/darkvishnya/891

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.