Hello and welcome to Sec Soup, where the weekly newsletter has a collection of infosec links to Tools & Tips, Threat Research, and more! The focus trends toward DFIR and threat intelligence, but general information security and hacking-related topics are included as well. This list is not vetted nor intended to be an exhaustive source. Keeping up with the enormous volume of security-related information is a daunting task, but this is my way of filtering the most useful items and improving the signal to noise ratio. Happy Reading!
Industry Reports, News, and Miscellany
- Top 10 Malware July 2020
- Palo Alto Networks to acquire incident response firm Crypsis Group for $265M
- Profile and Exclusive Interview with Iraqi Shiite Insurgents Ashab al-Kahf
- Analyzing the Threat of Ransomware Attacks Against US Elections
- Lifting the veil on DeathStalker, a mercenary triumvirate
- Threat Landscape Trends – Q2 2020
- What to expect when you’re electing: The building blocks of disinformation campaigns
- Fall Of The Behemoth: Cybercriminal Underground Rocked By Empire’s Apparent Exit Scam
- Emotet Returns with Massive Volumes, New Languages, and QBot
- New Paper: “Future of the SOC: Forces shaping modern security operations”
Threat Research
- LinkedIn Job Seeker Phishing Campaign Spreads Agent Tesla
- Credit Card ‘Sniffers’ Pose Persistent Threat to Growing E-Commerce Industry
- Grandoreiro banking trojan impersonates Spain’s tax agency
- Hundreds of URLs Inside Microsoft Excel Spreads New Dridex Trojan Variant
- An Old Bot’s Nasty New Tricks: Exploring Qbot’s Latest Attack Methods
- Response When Minutes Matter: A Simple Clue Uncovers a Global Attack Campaign
- A Comprehensive Look at Emotet’s Summer 2020 Return
- Alert (AA20-239A) FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks
- QAKBOT (QBOT) MALDOC CAMPAIGN INTRODUCES TWO NEW TECHNIQUES INTO ITS ARSENAL
- Phishing Kit Exfiltration Methods
- BitRAT – The Latest in Copy-pasted Malware by Incompetent Developers
Tools and Tips
- Engineering Process Injection Detections — Part 3: Analytic Logic
- Finding Waldo: Leveraging the Apple Unified Log for Incident Response
- Keep An Eye on LOLBins
- Ransomware survival guide: A holistic approach to detection and mitigation
- Reverse Engineering and observing an IoT botnet
- Emulation of Malicious Shellcode With Speakeasy
- A Hands-On Introduction to Mandiant’s Approach to OT Red Teaming
- Detection in Depth
- Frequent Gaps in Log Data Can Hinder Incident Response
- Sandfly-processdecloak
- Linux Privilege Escalation: Quick and Dirty
- Intel Owl
- How to install IntelOwl
- FAQs on Getting Started in Cyber Threat Intelligence
- Phish2MISP v.1.0 released
- Setting up a “Testing Lab” of iOS and Android devices
- ZEEKURITY ZEN – PART VI: ZEEK FILE ANALYSIS FRAMEWORK
- Getting Started with MITRE Shield
- Security Infographics
Breaches, Government, and Law Enforcement
- San Jose Man Pleads Guilty To Damaging Cisco’s Network — Unauthorized Access Led to Deletion of 16,000 WebEx Teams Accounts
- University of Utah update on data security incident
- TikTok to challenge U.S. order banning transactions with the video app
- New Zealand stock exchange halted by cyber-attack
- Russian National Arrested For Conspiracy To Introduce Malware Into A Nevada Company’s (Tesla) Computer Network
- Leaders Of ‘We Build The Wall’ Online Fundraising Campaign Charged With Defrauding Hundreds Of Thousands Of Donors
- Former Uber Executive Charged With Paying ‘Hush Money’ To Conceal Massive Breach
Vulnerabilities and Exploits
- A Vulnerability with Cisco Small Business, Smart, and Managed Switches Could Allow for Denial of Service
- Stealing local files using Safari Web Share API
- Magento Multiversion (1.x/2.x) Backdoor
- Vulnerability Spotlight: Remote code execution, privilege escalation bugs in Microsoft Azure Sphere
- Make Memcpy Safe Again: CodeQL
- The State of Exploit Development: 80% of Exploits Publish Faster than CVEs
2 comments / Add your comment below