Security daily (21-07-2020)

Using ACM Private Certificate Authority in a multi-account environment by using IAM roles

In this post, we show you how you can use AWS Certificate Manager (ACM) Private Certificate Authority (CA) to request or issue private certificates across a multi-account environment by using IAM roles. This solution allows you to centralize your ACM Private CA inside your AWS Organization, which reduces the complexity and the cost of having […] (AWS Security Blog)

US accuses two Chinese hackers of global hacking campaign, targeting coronavirus vaccine research

Two men conspired with Chinese intelligence agencies to steal data from a range of U.S. targets in the medical and defense sectors, including an effort to breach firms working on a potential vaccine for the coronavirus, U.S. Department of Justice officials said Tuesday. The suspects, Li Xiaoyu and Dong Jiazhi, stole terabytes of information from computers around the world while based in China, according to an indictment unsealed Tuesday. The espionage campaign predates the COVID-19 pandemic, officials said. For more than a decade, the pair allegedly targeted health care firms, pharmaceutical companies, U.S. universities, maritime engineering firms, biotechnology innovation centers and a range of other targets. The suspects worked with the Chinese Ministry of State Security, said Assistant Attorney General John Demers, though they also hacked for personal profit. Attackers also targeted Chinese dissidents and human rights activists in the U.S., according to the indictment. The scheme began no later than September 2009 and continued […] The post US accuses two Chinese hackers of global hacking campaign, targeting coronavirus vaccine research appeared first on CyberScoop. (CyberScoop)

Coinbase stopped scammers from stealing an extra $280,000 during Twitter hack

Maybe Coinbase should send Twitter an invoice, because it certainly sounds like their quick thinking helped prevent last week’s hack from leaving a lot more Twitter users with empty wallets. Read more in my article on the Hot for Security blog. (Graham Cluley)

UK Government chose not to investigate if Russian hackers interfered in Brexit referendum, report reveals

No-one in Government knew if Russia had interfered in the EU vote, and they actively avoided any effort to ask questions to find out… (Graham Cluley)

How to Control Electronics from a Browser Using MicroPython in Jupyter Notebook

If you want to control electronic devices, such as a relay or motor, you can do so using MicroPython with an ESP8266 and web browser. Usually, you'd program an ESP8266 using Arduino, but C++, which Arduino uses, is not always the easiest programming language for beginners to learn.

MicroPython is much simpler to program in. Plus, it's a great way to utilize Python code on a microcontroller, such as an ESP8266 or ESP32, to control basically any electronic component you want from your computer running Jupyter Notebook in a browser. If you're new to MicroPython, check out our previous guides on... more (Null Byte « WonderHowTo)

NYT Says Krebs Wrongly Implicated Briton In Twitter Hack

(News ≈ Packet Storm)

Diebold ATM Terminals Jackpotted Using Machine's Own Software

(News ≈ Packet Storm)

ICE Questions Admin Of The-Eye About BlueLeaks

(News ≈ Packet Storm)

Facebook's NSO Group Lawsuit Over WhatsApp Spying Set To Proceed

(News ≈ Packet Storm)

Russian Cyberattacks An Urgent Threat To National Security

(News ≈ Packet Storm)

Malicious Magento User Creator

We recently found a simple malicious script leveraging Magento’s internal functions to create a new admin user with the admin role “Inchoo” ⁠— probably referring to a Croatian Magento consulting company. The script is simple but very effective and can easily be overlooked as another Magento file without closer inspection. It’s based on a sample that has been circulating the Internet since 2012 and provides a boilerplate for attackers to easily specify user details. Continue reading Malicious Magento User Creator at Sucuri Blog. (Sucuri Blog)

Chinese Hackers Escalate Attacks Against India and Hong Kong Amid Tensions

An emerging threat actor out of China has been traced to a new hacking campaign aimed at government agencies in India and residents of Hong Kong intending to steal sensitive information, cybersecurity firm Malwarebytes revealed in the latest report shared with The Hacker News.

The attacks were observed during the first week of July, coinciding the passage of controversial security law in Hong (The Hacker News)

Emotet Returns in Malspam Attacks Dropping TrickBot, QakBot

Emotet has resurfaced after a five-month hiatus, with more than 250,000 malspam messages being sent to email recipients worldwide. (Threatpost)

Chris Vickery: AI Will Drive Tomorrow’s Data Breaches

Chris Vickery talks about his craziest data breach discoveries and why "vishing" is the next top threat no one's ready for. (Threatpost)

Critical Adobe Photoshop Flaws Patched in Emergency Update

Adobe issued out-of-band patches for critical flaws tied to 12 CVEs in Photoshop and other applications. (Threatpost)

Diebold ATM Terminals Jackpotted Using Machine’s Own Software

The company warned that cybercriminals are using a black box with proprietary code in attacks to illegally dispense cash across Europe. (Threatpost)


/security-daily/ 22-07-2020 23:44:21