Q-CERT Weekly Newsletter2020-07-26

Vulnerabilities & Patches

CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal Vulnerability: What You Need to Know - Read more

New 'Shadow Attack' can replace content in digitally signed PDF files - Read more

Citrix Workspace flaw can allow remote hack of devices running vulnerable app - Read more

Security updates available for Adobe Photoshop - Read more

Microsoft to Retire TLS 1.0/1.1 in Office 365 Starting October 15 - Read more

Cyber Crime & Incidents

Garmin outage caused by confirmed WastedLocker ransomware attack - Read more

Blackbaud Hack: Universities lose data to ransomware attack - Read more

New 'Meow' attack has deleted almost 4,000 unsecured databases - Read more

Leak Exposes Private Data of Genealogy Service Users - Read more

BadPower: Fast chargers can be modified to damage mobile devices - Read more

Hackers obtained Twitter DMs for 36 high-profile account holders - Read more

Twilio: Someone waltzed into our unsecured AWS S3 silo, added dodgy code to our JavaScript SDK for customers - Read more

Threats

OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory - Read more

Telerik Vulnerability (CVE-2019-18935) Creates Surge in Web Compromise and Cryptomining Attacks - Read more

Chinese APT group targets India and Hong Kong using new variant of MgBot malware - Read more

Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902 - Read more

Prometei botnet and its quest for Monero - Read more

Tools

Rustscan - faster nmap scanning - Read more

dazzleUP - detects EoP vulnerabilities caused by misconfigurations and missing updates in the Windows OS - Read more

Purple Team Exercise Framework (PTEF) - facilitate the creation of a formal Purple Team Program by performing adversary emulations as Purple Team Exercises - Read more

Reports

The Cyber Threat to Sports Organisations - Read more

Rapid7's 2020 National / Industry / Cloud Exposure Report - Read more

THE CONNECTED HOME'S NEXT WAVE - Read more

MATA: Multi-platform targeted malware framework - Read more

Papers

Timeless Timing Attacks: Exploiting Concurrency to Leak Secrets over Remote Connections - Read more

ENTERPRISE RISK MANAGEMENT FOR REMOTE WORK IN THE PUBLIC SECTOR - Read more

The Hacker Infrastructure and Underground Hosting - An Overview of the Cybercriminal Market - Read more

Events Materials

hitblockdown002 - Read more

HITB Lockdown002 - Read more

PrivacyCon 2020 - Read more

Guidelines

NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems - Read more

Webcasts / Podcasts

New threats in a changing world: APT trends in Q2, 2020 - Read more

IPv6: How to Securely Start Deploying - Read more

Unique Threats to Operational Technology and Cyber Physical Systems - Read more

How to

Cyber security in schools: questions for governors and trustees - Read more

Privacy

DJI Privacy Analysis Validation - Read more

Let's Talk About TikTok - Read more

Q-CERT Weekly Newsletter Service is prepared by Cyber Security Intelligence Team, all concerns, recommendations and complaints are welcomed.The views and opinions expressed in media article are those of the authors and media organizations alone.

Q-CERT | Ministry of Transport and Communications, State of Qatar | Doha P.O.Box 24514 | Qatar