CYBER NEWS UPDATE #58

This podcast will give you a summary of the latest news related to cyber intelligence and proactive cyber security in only a few minutes.

The podcast is aimed at professionals who are short on time, or for anyone who would like to know a bit more about what is REALLY happening out there in the cyber world.

The focus of this podcast will be on the latest cyber events for non-technical people; anyone can listen and understand.


malvuln.com is a new web site, it is a unique web site which offers a different view on vulnerabilities in software.

It is the first website exclusively dedicated to the research of security vulnerabilities within Malware itself.

For the non technical listeners we will explain in more details what it means.

Many cyberattack have a phase where the attacker is installing some type of backdoor of a malware on the remote computer. 

This is done in order to preserve the access even after the hacker log off from the computer. The malware can send data like keystrokes or files and it can also listen to commands arriving from the attacker in different ways.

The new site malvuln is dedicated to finding and publishing vulnerabilities that lay inside malware developed by hackers. 

There are many websites already offering information about Malware like Hashes, Indicators Of Compromise and etc. 

However, none dedicated to research and analysis of vulnerabilities within Malware samples.

Using this data security researchers dealing with cyber intelligence can research further in order to reach conclusions that might help investigating and remediating different cyber attacks.

The site is free for use but its recommended to use the data there only if you understand the implications of what might happens.


Dutch energy supplier Eneco has warned tens of thousands of clients, including business partners, to change their passwords amid a recent data breach.

Eneco, a producer and supplier of natural gas, electricity and heat in the Netherlands, serves more than 2 million business and residential customers.

In a recent statement, the company said that “cyber ​​criminals have used email addresses and passwords from previous thefts at other websites to gain access to approximately 1,700 private and small business My Eneco accounts, the online environment for Eneco customers.”

All affected customers have been sent an email with instructions on how to create a new My Eneco account.

It seems the company place the burden on users to create a new account and password when it should have automatically reset all affected users passwords as soon as it learned of the intrusion.

The attackers apparently used a classical credential stuffing technique leveraging stolen data from previous breaches.

Credential stuffing is a new form of attack to accomplish account takeover through automated web injection of user name and passwords. 

For example attacker hack into popular web site and takes a list of emails and passwords used to perform login, the attacker than use the same email address and passwords on a different web site or network connected devices in order to gain access.

Such attacks could have been prevented as easily as by enforcing multi-factor authentication for customer accounts, for example sending SMS to a phone when login.

Thats why its important to use different passwords and change them frequently!

—–

That’s it for this podcast, stay safe and see you in the next podcast.

Don’t forget to visit www.nucleon.sh for the latest podcasts on cyber intelligence.

댓글 남기기