BugTraq Will Continue: Strong internal and community feedback cancels termination
CISA Publishes 2020 Chemical Security Presentations
www.cisa.gov/chemical-security-summit Topic include: cyber and physical security in manufacturing, cybersecurity evaluation tool and others.
Researchers Disclose Undocumented Chinese Malware Used in Recent Attacks
thehackernews.com/2021/01/researchers-disclose-undocumented.html Cybersecurity researchers have disclosed a series of attacks by a threat actor of Chinese origin that has targeted organizations in Russia and Hong Kong with malware including a previously undocumented backdoor. Attributing the campaign to Winnti (or APT41), Positive Technologies dated the first attack to May 12, 2020, when the APT used LNK shortcuts to extract and run the malware payload. A second attack detected on May 30 used a malicious RAR archive file consisting of shortcuts to two bait PDF documents claimed to be a curriculum vitae and an IELTS certificate.
Apple Kills MacOS Feature Allowing Apps to Bypass Firewalls
threatpost.com/apple-kills-macos-feature-allowing-apps-to-bypass-firewalls/163099/ The feature, first uncovered in November in a beta release of the macOS Big Sur feature, was called “ContentFilterExclusionList” and included a list of at least 50 Apple apps including Maps, Music, FaceTime, the App Store and its software update service. It has been recently removed in macOS Big Sur versions 11.2, Apple experts pointed out this week.
Windows Finger command abused by phishing to download malware
www.bleepingcomputer.com/news/security/windows-finger-command-abused-by-phishing-to-download-malware/ In September, we reported that security researchers discovered a way to use Finger as a way to download malware from a remote computer or exfiltrate data. This week, security researcher Kirk Sayre found a phishing campaign utilizing the Finger command to download the MineBridge backdoor malware.
A security researcher commandeered a Congo’s expired top-level domain nameserver’s domain to save it from hackers
techcrunch.com/2021/01/15/congo-comandeered/ In the end, the Congolese government didn’t bother asking for the domain back. It spun up an entirely new but similarly named domain scpt-network.net to replace the one now in Almroth’s possession.. The domain – scpt-network.com – was one of two nameservers for the.cd country code top-level domain, assigned to the Democratic Republic of Congo. If it fell into the wrong hands, an attacker could redirect millions of unknowing internet users to rogue websites of their choosing