Trending

GPT-3

• News & Analysis | No. 275
• OpenAI's Text-Generating System GPT-3 is Now Spewing Out 4.5 Billion Words a Day
• The makers of Eleuther hope it will be an open source alternative to GPT-3
• OpenAI's Sam Altman: AI-Generated Wealth Will Enable a $13,500-a-Year Basic Income
• GPT-3 Powers the Next Generation of Apps
• Real World Examples of GPT-3 Plain Language Root Cause Summaries
• GPT-3 tries pickup lines
• AI Image Synthesis: What The Future Holds
• GPT-3 vs. 3M free-text trivia responses
• Scaling Kubernetes to 7,500 Nodes

Corona

• De: Another data breach in COVID-19 test centers
• Officials Use COVID To Create Statewide Vehicle Surveillance Programs Run By Rekor Systems
• Wormable Android Malware Spotted in Android Play Store Spreads Malware via WhatsApp
• Wochenrückblick KW 14: Im April ist nicht nur das Wetter durchwachsen
• The post-COVID world this week: Brazil’s latest wave, keys to Africa’s recovery, and how startups can play a role in an economic rebound
• Sicherheitslücke: Wieder Datenpanne in Corona-Testzentren
• India uses controversial Aadhaar facial biometrics to identify COVID vaccination recipients
• Android apps targeting JIO users in India
• Watch Out For United Nations COVID-19 Compensation Email Scams
• Berliner Datenschützer: Ärger mit Corona – und der Polizei

Zoom

• Critical Zoom Vulnerability Triggers Remote Code Execution Without User Input
• CVE-2021-30480
• Pwn2Own 2021: Zero-click Zoom exploit among winners as payout record smashed
• Pwn2Own 2021: participants earned $1,2M of the $1.5M prize pool
• Zoom zero-day discovery
• Gehackt: Windows, Ubuntu, Exchange, Teams, Zoom, Chrome, Safari und Edge
• 6 Simple Remote Work Security Mistakes and How to Avoid Them
• Critical Zoom vulnerability triggers remote code execution without user input
• These Zoom security flaws could allow hackers to hijack your device
• Windows 10 hacked again at Pwn2Own, Chrome and Zoom also fall

TikTok

• Adware Spreads via Fake TikTok App, Laptop Offers
• Android apps targeting JIO users in India
• 關於 TikTok 與抖音的常見問題
• YouTube Is Once Again the Most Popular Social Media Platform
• Emerging deepfake technology could have security implications for businesses
• Secjuice Squeeze 60
• EFF to Court: Don’t Let Pseudo-IP Thwart Speech, Innovation, and Competition
• Is TikTok Really a National Security Threat? New Report From University of Toronto Says No
• Christopher Parsons Delivers Testimony to Special Committee on Canada-China Relations
• Red Room Research for the BBC

Application Security

Tools

• Gotestwaf - Go Test WAF Is A Tool To Test Your WAF Detection Capabilities Against Different Types Of Attacks And By-Pass Techniques
• Study claims Facebook’s ad tools present gender inequality in its approach
• 5 Awesome Digital Tools That Will Make Your Business Grow
• SNOWCRASH - A Polyglot Payload Generator
• How To Improve Code Quality With Code Reviews and Refactoring
• PoisonApple - macOS Persistence Tool
• Monster Mash: A Sketch-Based Tool for Casual 3D Modeling and Animation
• GRAudit Grep Auditing Tool 2.9
• MDR Vendor Must-Haves, Part 5: Multiple Threat Detection Methodologies, Including Deep Attacker Behavior Analysis
• Fraudsters Flooding Collaboration Tools With Malware

Vulnerabilities

• Compiling C to printable x86 to make an executable research paper (2017) [video]
• Hotlinking and Cool Exploits
• Valve accused of ignoring existing RCE vulnerability in Source games for 2 years
• Ca: Durham Region hit by cyberattack
• Cyberthreat update from Acronis CPOCs: Week of April 5, 2021
• SerpScan -Automate your Recon using search engines
• Why was cycling not included in the ancient Olympics? (2004) [pdf]
• Critical Zoom Vulnerability Triggers Remote Code Execution Without User Input
• Financial industry preps for proposal that would require 36-hour breach notification
• Zerodium will pay $300K for WordPress RCE exploits

Exploits

• Hotlinking and Cool Exploits
• WhatsApp Two Factory-Auth 2FA Bypass
• Atlassian Jira Service Desk 4.9.1 Cross Site Scripting
• Ignition 2.5.1 Remote Code Execution
• Composr 10.0.36 | Remote Code Execution RCE
• Mmcct | SQL injection Vulnerability
• WhatsApp Two Factory-Auth (2FA) Bypass
• Ignition 2.5.1 Remote Code Execution
• Atlassian Jira Service Desk 4.9.1 Cross Site Scripting
• Composr 10.0.36 | Remote Code Execution (RCE)

Advisories

• DSA-4887 lib3mf
• Rewterz Threat Advisory – CVE-2021-24027 – WhatsApp for Android and WhatsApp Business for Android information disclosure
• CB-K20/1076 Update 21
• CB-K20/0644 Update 9
• CB-K21/0241 Update 5
• CB-K21/0362
• CB-K21/0081 Update 4
• CB-K20/1049 Update 15
• CB-K20/0038 Update 21
• CB-K20/0093 Update 12

Zero Days

• Google’s Project Zero Exposed Zero-Day Bugs Being Exploited by Western Counterterrorism Agencies
• Zoom zero-day discovery
• Digging Into the Third Zero-Day Chrome Flaw of 2021
• Zero-Day Bug Impacts Problem-Plagued Cisco SOHO Routers
• Google’s Project Zero Finds a Nation-State Zero-Day Operation
• Zoom zero-day discovery makes calls safer, hackers $200,000 richer
• Gods of cyberwar: the booming of an unregulated zero-day industry
• TIM’s Red Team Research (RTR) team found 5 zero-day flaws in the CA eHealth Performance Manager product
• Legacy QNAP NAS Devices Vulnerable to Zero-Day Attack
• Clean Sweep: A 30-Day Guide to a New Cybersecurity Plan

Privacy

Surveillance

• Facebook had ample warning about privacy problems with “contact import” feature
• Pihole-Antitelemetry
• Major Advertiser Works With China to Try Bypassing Apple's Privacy Rules
• Officials Use COVID To Create Statewide Vehicle Surveillance Programs Run By Rekor Systems
• Effective dates for amended Data Privacy law in Japan announced
• More privacy news from here and there…
• Cops Are Using Facial Recognition Technology More Than Previously Revealed
• Alaska’s Consumer Data Privacy Act: Another CCPA Copycat, but With Its Own Unanswered Questions
• Tracking the Russian military buildup near Ukraine
• Am I FLoCed? A New Site to Test Google's Invasive Experiment

Leaks

• De: Another data breach in COVID-19 test centers
• Br: Leak exposes 1.7 TB of customer data from Brazilian fintech iugu
• SG: Possible data breach involving 62,000 e-mails sent to Certis
• Clubhouse data leak: 1.3 million user records leaked online for free
• Cyber Breach Disclosures Still Take More Than a Month
• Follow-up: Adventist Health Physician’s Network fined $40,000 for 2018 breach incident
• Scientists who say the lab-leak hypothesis for SARS-CoV-2 shouldn't be ruled out
• 2 scraped LinkedIn databases with 500m and 827m records sold online
• Episode 112: Wix Takes Aim at WordPress With New Ad Campaign
• 310,000 Records Compromised In University Of Colorado Data Breach, Including Social Security Numbers & University Financial Information

OSINT

• 213-Hashes 101
• What is PII and how can you protect it?
• CA: Servers at El Monte City Hall being replaced; investigation of ‘unauthorized access’ continues
• Anatomy of a Twitter-augmented crypto scam
• Cybercriminals Continue to Exploit Human Nature Through Phishing and Spam Attacks
• DFRLab investigation leads to Facebook takedown of assets affiliated with Georgian March party
• Facebook data leak now under EU data regulator investigation
• Are You One of the 533M People Who Got Facebooked?
• Scylla - The Simplistic Information Gathering Engine | Find Advanced Information On A Username, Website, Phone Number, Etc...
• Ten Minute Tip: Image Geolocation Part 2

GDPR

• Deceptive Checkboxes Should Not Open Our Checkbooks
• Five Security Best Practices Public Sector Organisations Need to Consider
• Hefty Fine for Booking.com Due to Delayed Data Breach Notification; With Little Financial Information Stolen, Is the Amount Excessive?
• From California to Brazil: Europe’s privacy laws have created a recipe for the world
• Data protection officer career guide
• What is PII and how can you protect it?
• Emerging Edge Computing Use Cases
• Booking.com fined $560,000 for GDPR data breach violation
• Irish Regulator Probes 'Old' Facebook Data Dump
• Securing the Online Storefront: Digital Transformation for Growing eCommerce Businesses

Scams

Phishing

• Hotlinking and Cool Exploits
• Ca: Durham Region hit by cyberattack
• Clubhouse data leak: 1.3 million user records leaked online for free
• Attackers deliver legal threats, IcedID malware via contact form
• Episode 112: Wix Takes Aim at WordPress With New Ad Campaign
• Profiles and Associated Info of Half a Billion LinkedIn Users For Sale on Hacking Forum
• Attackers deliver legal threats, IcedID malware via contact forms
• A deep dive into Saint Bot, a new downloader
• Facebook ads dropped malware posing as Clubhouse app for PC
• Data belonging to over 500 million LinkedIn users sold online to hackers

SPAM

• Hotlinking and Cool Exploits
• Crooks abuse website contact forms to deliver IcedID malware
• Deceptive Checkboxes Should Not Open Our Checkbooks
• Rewterz Threat Alert – Nanocore – Active IoCs
• Android apps targeting JIO users in India
• SMS-Spam nach Datenleck: Facebook will Betroffene nicht informieren
• Rewterz Threat Alert – Active Nanocore IoCs
• Rewterz Threat Alert – LokiBot Malware – IOCs
• Threat Source Newsletter (April 8, 2021)
• Why E-Commerce Security Matters Now More Than Ever

Frauds

• How To Protect Yourself From Fraud and Identity Theft Online
• SEC Accuses Actor of $690 Million Fraud Based on Fake Netflix Deal
• Visa Describes New Skimming Attack Tactics
• Microsoft Open-Sources 'CyberBattleSim' Enterprise Environment Simulator
• CISA Releases Tool to Detect Microsoft 365 Compromise
• The Role of Predictive KYC in Fighting Money Laundering
• Online testing firm agrees to security audit after inquiry from senator
• 330K stolen payment cards and 895K stolen gift cards sold on dark web
• No honor among thieves: Scammers target stolen credit card hubs
• Swarmshop – What goes around comes around: hackers leak other hackers’ data online

Malware

Badware

• Android malware found embedded in APKPure store application
• Crooks abuse website contact forms to deliver IcedID malware
• Cyberthreat update from Acronis CPOCs: Week of April 5, 2021
• Attackers deliver legal threats, IcedID malware via contact form
• Ransomware attacks: Ansal fears data loss
• Wormable Android Malware Spotted in Android Play Store Spreads Malware via WhatsApp
• Fr: City of Isle-sur-la-Sorgue victim of ransomware; won’t pay €500,000 demand
• 2021-04-09 - IcedID (Bokbot) infection from zipped JS file
• The Week in Ransomware - April 9th 2021 - Massive ransom demands
• Maze/Egregor ransomware cartel estimated to have made $75 million

Antivirus (snakeoil)

• APKPure is not safe, distributes Trojans | Kaspersky official blog
• Coordinated Cyberattack Targets EU Institutions | Avast
• Text files weaponized by vulnerability in macOS | Kaspersky official blog
• CB-K21/0354
• CB-K21/0350
• Tech support scammers lure victims with fake antivirus billing emails
• What is PII and how can you protect it?
• CVE-2021-1404
• CVE-2021-1405
• CVE-2021-1252

Ransomware

• Crooks abuse website contact forms to deliver IcedID malware
• Cyberthreat update from Acronis CPOCs: Week of April 5, 2021
• Attackers deliver legal threats, IcedID malware via contact form
• Ransomware attacks: Ansal fears data loss
• Fr: City of Isle-sur-la-Sorgue victim of ransomware; won’t pay €500,000 demand
• The Week in Ransomware - April 9th 2021 - Massive ransom demands
• Maze/Egregor ransomware cartel estimated to have made $75 million
• CZ: Olomouc paralyzed by a cyberattack. All municipal services remain unavailable.
• Financial industry preps for proposal that would require 36-hour breach notification
• Dutch transport company Bakker Logistiek impacted by ransomware attack

Trojans, RATs

• PHP Team Averted a Supply Chain Attack After Hackers Compromised Their Self-Hosted Git Server and Inserted a Backdoor
• Malicious code in APKPure app
• APKPure is not safe, distributes Trojans | Kaspersky official blog
• Trojan.Win32.Hotkeychick.d / Insecure Permissions
• Trojan-Downloader.Win32.Genome.omht / Insecure Permissions
• Trojan.Win32.Hotkeychick.d / Insecure Permissions
• Trojan-Downloader.Win32.Genome.omht / Insecure Permissions
• Backdoor Added — But Found — in PHP
• No Python interpreter? this simple RAT installs its own copy
• Trojan detected in APKPure Android app store client software

Operating systems

Windows

• Gotestwaf - Go Test WAF Is A Tool To Test Your WAF Detection Capabilities Against Different Types Of Attacks And By-Pass Techniques
• Hands-on with Windows 10's new Google Discover-like news feature
• Windows 10 will soon let you tell Microsoft how you use your PC
• Windows 10 will soon let you configure six different usage modes
• Wormable Android Malware Spotted in Android Play Store Spreads Malware via WhatsApp
• SNOWCRASH - A Polyglot Payload Generator
• SerpScan -Automate your Recon using search engines
• Critical Zoom Vulnerability Triggers Remote Code Execution Without User Input
• CVE-2021-30480
• CVE-2021-21196

Linux

• Reactions to Arch Linux's New Guided Installer
• Stable kernels for the weekend
• Gotestwaf - Go Test WAF Is A Tool To Test Your WAF Detection Capabilities Against Different Types Of Attacks And By-Pass Techniques
• SNOWCRASH - A Polyglot Payload Generator
• Linux kernel incorrect computation of branch displacements in BPF JIT compiler
• CVE-2021-21199
• CVE-2021-21432
• Episode 112: Wix Takes Aim at WordPress With New Ad Campaign
• Rewterz Threat Advisory – CVE-2021-29154 – Linux Kernel privilege escalation
• Rewterz Threat Advisory – CVE-2021-3483 – Linux Kernel code execution

Android

• Android malware found embedded in APKPure store application
• Hackers compromised APKPure client to distribute infected Apps
• Wormable Android Malware Spotted in Android Play Store Spreads Malware via WhatsApp
• 7 Benefits of Using Flutter For Your Next Software Development Project
• Critical Zoom Vulnerability Triggers Remote Code Execution Without User Input
• CVE-2021-25373
• CVE-2021-25381
• CVE-2021-25374
• CVE-2021-25377
• CVE-2021-25357

Apple

• Last Week on My Mac: Big Sur’s broken clock
• Acorn 7.0
• Reactions to Arch Linux's New Guided Installer
• Major Advertiser Works With China to Try Bypassing Apple's Privacy Rules
• The patent troll that won a $308M jury trial against Apple
• PoisonApple - macOS Persistence Tool
• Episode 112: Wix Takes Aim at WordPress With New Ad Campaign
• ★ Et tu, Procter & Gamble?
• Samsung’s ‘iTest’ Lets You Try a Simulated Galaxy Device on Your iPhone
• Drought in Taiwan Pits Chip Makers Against Farmers

BSD

• FreeBSD/arm64 becoming Tier 1 in FreeBSD 13
• Tree.h in OpenBSD: dependency-free intrusive binary tree (2002)
• Run Bhyve in FreeBSD jails – The view from inside the forest (2020)
• OpenBSD OpenSMTPD 6.6 Remote Code Execution
• UAC - Unix-like Artifacts Collector
• I got the GNU Modula-2 compiler working on OpenBSD
• OpenBSD adds support for Coordinated Mars Time
• SharpDPAPI - A C# Port Of Some Mimikatz DPAPI Functionality
• Seatbelt - A C# Project That Performs A Number Of Security Oriented Host-Survey "Safety Checks" Relevant From Both Offensive And Defensive Security Perspectives
• Rubeus - C# Toolset For Raw Kerberos Interaction And Abuses

Emacs

• Weekly review: Week ending April 9, 2021
• formatting updates.
• Xah Talk Show 2021-04-09 beginner emacs lisp tutorial. xah-html-copy-change-relative-link
• Emacs: Undo/Redo Saga
• Native Compilation: Ready to Merge
• GLT21: Emacs Org mode Features You May Not Know
• Grabbing the Youtube auto-generated captions is pretty useful when making Emacs News
• Running a Shell Command from Emacs
• 2021-04-05 Emacs news
• Reading PDF Files with DocView