Security daily (08-05-2020)

Enabling AWS Security Hub integration with AWS Chatbot

In this post, we show you how to configure AWS Chatbot to send findings from AWS Security Hub to Slack. Security Hub gives you a comprehensive view of your security high-priority alerts and security posture across your Amazon Web Services (AWS) accounts. AWS Chatbot is an interactive agent that makes it easy to monitor and […] (AWS Security Blog)

Maksim Boiko, an accused money launderer and part-time rapper, to plead not guilty

A Russian man caught carrying $20,000 in cash through the Miami airport earlier this year will plead not guilty to laundering money on behalf of a transnational cybercriminal organization, his attorney said Friday. An FBI complaint unsealed in March charges that Maksim Boiko, 29, was a “significant cybercriminal” who converted stolen money into cryptocurrency for a group called QQAAZZ. Boiko was taken into custody in Florida earlier this year, though he’s due to be arraigned via teleconference in the Western District of Pennsylvania soon, defense attorney Arkady Bukh told CyberScoop. “My client will plead not guilty,” he said. Boiko, known as “gangass” among other accused cybercriminals, was arrested in March at a Miami condominium on March 28 after entering the U.S. with his wife through the Miami airport in January. An FBI complaint unsealed the next day included pictures of Boiko driving a BMW with bundles of U.S. cash on […] The post Maksim Boiko, an accused money launderer and part-time rapper, to plead not guilty appeared first on CyberScoop. (CyberScoop)

What one cybersecurity company has learned from responding to Maze ransomware

When hackers lock the computer systems of a big company with ransomware, the gears of corporate damage control kick into action. Lawyers are mobilized, spokespeople are tight-lipped, and negotiation experts are sometimes brought in to talk to the hackers. Those triage teams strictly limit the information on the incident available to the public. But forensic experts hired to salvage a company’s computers sometimes reveal the important data they collect on ransomware gangs. Case in point: A new report from cybersecurity company FireEye helps demystify Russian-speaking hackers behind a spate of recent ransomware attacks in hopes of making them easier to disrupt. Maze ransomware has wreaked havoc across North America and Europe in the last year, leading to warnings from the FBI and the Department of Homeland Security. They have hit over a dozen sectors, from construction to financial services to transportation. But some of the hackers’ most effective tactics are less novel than […] The post What one cybersecurity company has learned from responding to Maze ransomware appeared first on CyberScoop. (CyberScoop)

Could this be the world’s most harmless IoT botnet?

When researchers investigate suspected malware on an IoT device they normally expect to find a cryptominer to earn a hacker digital cash or perhaps botnet code to launch DDoS attacks against websites. But that wasn’t the case with the Cereals botnet. Read more in my article on the Bitdefender BOX blog. (Graham Cluley)

You won’t believe who’s heading up the UK’s Coronavirus tracing app…

Imagine you’re the UK Government in the middle of the biggest crisis the country has faced since World War II. How are you going to instill some confidence that citizens should install a new Coronavirus tracing app? (Graham Cluley)

Vote for Naked Security in the European Blogger Awards 2020!

If you enjoy what you read, hear and see from the Naked Security team, please vote for us - it means a lot! (Naked Security)

More crypto-stealing Chrome extensions swatted by Google

Google deleted more malicious extensions from the Chrome Web Store after they were found to be phishing cryptocurrency users. (Naked Security)

Hack Web Browsers with BeEF to Control Webcams, Phish for Credentials & More

People use browsers for all types of things, and in general, we trust a lot of personal information to them. That's why browsers are a perfect attack surface for a hacker, because the target may not even know they are infected and feed you all of the information you could want.

To do this, you need to first trick the user into clicking a link. To generate the link, you can use a tool called BeEF, which used to be preinstalled on Kali Linux.

Similar to Metasploit, BeEF, which stands for Browser Exploitation Framework, is a framework for launching attacks. Unlike with Metasploit, it's specific... more (Null Byte « WonderHowTo)

Harness the Power of Google Analytics with This $20 Training

No website, service, or platform is immune to being abused or exploited by hackers, and Google Analytics is no exception. To better understand how Google Analytics can help deliver payloads and bypass security protocols, one might want to learn how to use Google Analytics from a user's perspective first.

Google Analytics Abuse & Vulnerabilities

Detectify showed how Google Analytics could be used for data extraction by taking advantage of a site's Content Security Policy, where it's not abnormal to trust everything coming in or out from a google-analytics.com domain. Hackerone has even paid a... more (Null Byte « WonderHowTo)

Blue Mockingbird Monero-Mining Campaign Exploits Web Apps

(News ≈ Packet Storm)

Favicons Found Housing Credit Card Skimming Malware

(News ≈ Packet Storm)

Hacker Gains Access To Some Private Microsoft GitHub Repos

(News ≈ Packet Storm)

Hackers Turned Virginia Government Sites Into eBook Scam

(News ≈ Packet Storm)

Naikon APT Hid Five Year Espionage Attack Under Radar

(News ≈ Packet Storm)

Vulnerabilities In Two Schneider Electric ICS Products Reminiscent Of Stuxnet

(News ≈ Packet Storm)

DigitalOcean Data Leak Incident Exposed Some of Its Customers Data

DigitalOcean, one of the biggest modern web hosting platforms, recently hit with a concerning data leak incident that exposed some of its customers' data to unknown and unauthorized third parties.

Though the hosting company has not yet publicly released a statement, it did has started warning affected customers of the scope of the breach via an email.

According to the breach notification (The Hacker News)

Black Hat USA, DEF CON 28 Go Virtual

Due to the coronavirus pandemic, there will be no in-person Black Hat USA or DEF CON conferences this year. (Threatpost)

Hackers Breach 3.5 Million MobiFriends Dating App Credentials

The emails, hashed passwords and usernames of 3.5 million users of the dating app MobiFriends were put up for sale on an underground forum. (Threatpost)

Report: Microsoft’s GitHub Account Gets Hacked

The Shiny Hunters hacking group said it stole 500 GB of data from the tech giant’s repositories on the developer platform, which it owns. (Threatpost)

Podcast: Shifting Cloud Security Left With Infrastructure-as-Code

Companies are looking to "shift left" with Infrastructure-as-Code (IaC) security capabilities to improve developer productivity, avoid misconfigurations and prevent policy violations. (Threatpost)


/security-daily/ 09-05-2020 23:44:21