has found a way to bypass the security checks to be published in the official Play Store.
The is able to steal SMS messages, contact lists, and device information and to sign victims up for premium service subscriptions.
securityaffairs.co/wordpress/9

programming language: Now you can take NSA's free course for beginners
NSA releases Python course after receiving a Freedom of Information Act (FOIA) request for its training materials.
zdnet.com/article/python-progr

La région Grand-Est paralysée plusieurs jours par un rançongiciel.
Les postes de travail utilisés par quelque 7 500 agents ont été touchés « sur les différents sites de la région en Champagne-Ardenne, en Lorraine, et bien sûr en Alsace, au siège du Grand-Est à Strasbourg. Mais les postes informatiques des lycées, gérés par la région, sont aussi concernés ».
lemonde.fr/pixels/article/2020

The US Defence Information Systems Agency (DISA) has confirmed it has been hacked and the personal data of 200,000 people has been compromised.
silicon.co.uk/security/cyberwa

Analysis of an Unusual Sample.
Swiss CERT: Currently, we are observing HawkEye samples being distributed by large malspam waves. HawkEye is a keylogger which has been around quite a long time (since 2013) and has evolved since then and gained more functionality. There are several good blog posts about HawkEye in general. Recently we observed an interesting obfuscation method in a HawkEye binary, which we are going to describe in this blog post.
govcert.ch/blog/analysis-of-an

MIGRATION: Server Migration Service (SMS) from AWS is an agentless service that enables customers to simplify the AWS Migration process by automatically replicating live server volumes from their on premises servers in to AWS.

logicata.com/blog/aws-migratio

Give your system's firewall a boost.
Firewalls are great but they're ineffective if something goes wrong with them. The /etc/hosts.allow and /etc/hosts.deny files are the second line of defense against intruders.
redhat.com/sysadmin/firewall-s

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.