Daily brief for 2018-09-21

ASIA

1. Off-the-shelf RATs Targeting Pakistan
2. Malicious Documents from Lazarus Group Targeting South Korea
3. GZipDe: An Encrypted Downloader Serving Metasploit
4. More Details on an ActiveX Vulnerability Recently Used to Target Users in South Korea
5. The most dangerous mobile spyware, Pegasus that has infected 45 countries
6. Singapore to offer bug bounty, set up Asean cybersecurity centre

WORLD

7. Operator of 'VirusTotal for criminals' gets 14-year prison sentence
8. Newegg leaked credit card information for more than a month
9. Fully 61 percent of ASX100 exposed as email fraud gets personal
10. Virobot Ransomware with Botnet Capability Breaks Through
11. DMARC Fully Implemented on Two Thirds of U.S. Government Domains
12. Guilty: The Romanian ransomware mastermind who infected Trump inauguration CCTV cams
13. What's that smell? Oh, it's Newegg cracked open by card slurpers
14. Who ate all the PII? Not the blockchain, thankfully
15. Card-stealing code that pwned British Airways, Ticketmaster pops up on more sites via hacked JS
16. Law firm seeking leak victims to launch £500m suit at British Airways
17. 'Magecart' Card-Sniffing Gang Cracks Newegg
18. MassMiner Malware Targeting Web Servers
19. Malware Analysis using Osquery Part 1
20. The most dangerous mobile spyware, Pegasus that has infected 45 countries
21. #SecurityNews: The Information Commissioner’s Office (ICO) has fined #Equifax £500K after the 2017 #databreach. For the 2nd time the #ICO has issued a max fine after the credit agency exposed data on 15 million UK customers. Read more here:   #
22. CVE-2018-14829: Rockwell Automation Stack Overflow High Risk Vulnerability
23. ICO Slaps Equifax with Maximum Fine for the 2017 Data Breach
24. Magecart’s Next Attack Resulted In ABS-CBN Data Breach
25. The most used email subjects used in phishing attacks
26. £500k fine for Equifax 2017 data breach

ATTACKS

27. What Are Honeywords? Password Protection for Database Breaches
28. Snap! Microsoft database flaw, internet to split? Plus, asteroid probed
29. Spam or Phish? How to Tell the Difference Between a Marketing Email and a Malicious Spam Email
30. Twitter Flaw Exposed Direct Messages To External Developers
31. Twitter Flaw Exposed Direct Messages To External Developers
32. Phishing finance apps make way back into Google Play
33. Twitter API bug leaked private data to other accounts
34. The @aberdeengroup analyzed the likelihood and business impact of #phishing attacks based on lost productivity of 1,000 users with a confirmed #databreach of between 100k - 1m records, for 10 different industries. Download the @cyreninc #whitepaper here
35. Independence Blue Cross Breach Exposed 17K Records
36. Independence Blue Cross Breach Exposed 17K Records  …
37. New Virobot Ransomware and Botnet Emerges
38. Newegg leaked credit card information for more than a month
39. ZDI Shares Details of Microsoft JET Database Zero-Day
40. New Virobot ransomware will also log keystrokes, add PC to a spam botnet
41. Fully 61 percent of ASX100 exposed as email fraud gets personal
42. Pegasus spyware spotted in 45 countries, many with questionable human rights records
43. ICO to Fine Equifax £500,000 for 2017 Data Breach   via @DMBisson #GDPR #databreach
44. Adams County clerk resigns over role in data breach
45. This blog post explores how #malvertising works and identifies key defense strategies for #businesses  … #malware #cyberattacks
46. SC Media September Product Reviews: Threat Intelligence Recorded Future l
47. Apache Struts and SonicWall Targeted by Mirai and Gafgyt Botnets
48. Virobot Ransomware with Botnet Capability Breaks Through
49. 0Day Windows JET Database Vulnerability disclosed by Zero Day Initiative
50. Securing industrial IoT passwords: For Pete's sake, engineers, don't all jump in at once
51. No, the Mirai botnet masters aren't going to jail. Why? 'Cos they help Feds nab cyber-crims
52. Who ate all the PII? Not the blockchain, thankfully
53. Tick-tock, tick-tock. Oh, that's just the sound of compromised logins waiting to ruin your day
54. Equifax IT staff had to rerun hackers' database queries to work out what was nicked – audit
55. Veeam holds its hands up, admits database leak was plain 'complacency'
56. Solid password practice on Capital One's site? Don't bank on it
57. Back up a minute: Veeam database config snafu exposed millions of customer records
58. When is a patch not a patch? When it's for this McAfee password bug
59. Law firm seeking leak victims to launch £500m suit at British Airways
60. ZombieBoy
61. Warning issued as Netflix subscribers hit by phishing attack
62. The makers of the Mirai IoT-hijacking botnet are sentenced   via @gcluley #DDoS #FBI
63. #SecurityNews: The Information Commissioner’s Office (ICO) has fined #Equifax £500K after the 2017 #databreach. For the 2nd time the #ICO has issued a max fine after the credit agency exposed data on 15 million UK customers. Read more here:   #
64. SingHealth data breach reveals several 'inadequate' security measures
65. Cisco releases fixes for remote code execution flaws in Webex Network Recording Player
66. Mirai Botnet Creators To Help Law Enforcement Agencies On Cybercrime Investigations
67. ICO Slaps Equifax with Maximum Fine for the 2017 Data Breach
68. Cisco fixes Remote Code Execution flaws in Webex Network Recording Player
69. MageCart Hacked Customers’ In NewEgg Credit Card Data Breach
70. ZDI Exposed Unpatched Microsoft RCE Zero-day Flaw in Public After it Crossed the 120 Days Deadline
71. Security data reveals worldwide malicious login attempts are on the rise
72. AD FS 2016 Password Change from non workplace joined devices
73. ICO to Fine Equifax £500,000 for 2017 Data Breach   via @DMBisson #databreach #GDPR
74. Magecart’s Next Attack Resulted In ABS-CBN Data Breach
75. The most used email subjects used in phishing attacks
76. £500k fine for Equifax 2017 data breach
77. AdGuard resets all user passwords after credential stuffing attack
78. The makers of the Mirai IoT-hijacking botnet are sentenced   via @gcluley #botnets #Mirai

THREATS

79. Brewery breach: Not even beer is safe from ransomware
80. Western Digital Releases Hotfix for My Cloud Auth Bypass Vulnerability
81. The Week in Ransomware – September 21st 2018 – Beer, Airports, & Dharma
82. PMP®️ Domain Information & Overview
83. Critical Vulnerability Found in Cisco Video Surveillance Manager
84. Critical Vulnerability Found in Cisco Video Surveillance Manager
85. Expert disclosed an unpatched zero-day flaw in all supported versions of Microsoft Windows
86. Gamma, Bkp, & Monro Dharma Ransomware Variants Released in One Week
87. Snap! Microsoft database flaw, internet to split? Plus, asteroid probed
88. Bug allowing unlimited spiceups in "Answer Question" section
89. Optional Cumulative Update KB4457139 for Windows 7 Released With Bug Fixes
90. Spam or Phish? How to Tell the Difference Between a Marketing Email and a Malicious Spam Email
91. Romanian Citizen Admits Guilt in Police Department Ransomware Attack   via @DMBisson #police #ransomware
92. Twitter Flaw Exposed Direct Messages To External Developers
93. Malware Disguised as Job Offers Distributed on Freelance Sites
94. Twitter Flaw Exposed Direct Messages To External Developers
95. Romanian Hacker Pleads Guilty for Role in Inauguration Surveillance Ransomware
96. Proofpoint: One month out from deadline, half of agency domains are #DMARC compliant   via CyberScoopNews #FinSec
97. Twitter API bug leaked private data to other accounts
98. Delphi Packer Looks for Human Behavior Before Deploying Payload
99. Delphi Packer Looks for Human Behavior Before Deploying Payload
100. Western Digital Releases Hotfix for My Cloud Auth Bypass Vulnerability
101. Twitter notifies users about API bug that shared DMs with wrong devs
102. The Week in Ransomware - September 21st 2018 - Beer, Airports, & Dharma
103. Operator of 'VirusTotal for criminals' gets 14-year prison sentence
104. Gamma, Bkp, & Monro Dharma Ransomware Variants Released in One Week
105. New Virobot Ransomware and Botnet Emerges
106. Optional Cumulative Update KB4457139 for Windows 7 Released With Bug Fixes
107. Staying King Krab: GandCrab Malware Keeps a Step Ahead of Network Defenses
108. Malware Disguised as Job Offers Distributed on Freelance Sites
109. ZDI Shares Details of Microsoft JET Database Zero-Day
110. New Virobot ransomware will also log keystrokes, add PC to a spam botnet
111. Security news: All-in-one malware out, GovPayNow drops the ball on security, and Newegg suffers a crack | Avast
112. Romanian Hacker Pleads Guilty for Role in Inauguration Surveillance Ransomware
113. Flaw in Western Digital My Cloud exposes the content to hackers
114. Twitter Bug May Have Sent your Direct Messages to Twitter Developers As Well
115. Unpatched Microsoft Zero-Day in JET Allows Remote Code-Execution
116. Pegasus spyware spotted in 45 countries, many with questionable human rights records
117. Discover how Tripwire Malware Detection... - Protects against zero-day exploits and other known threats. - Offers an enterprise view of suspicious malware objects across all monitored systems. - Protects from repeat #malware attacks. Learn more here:
118. Legitimate RATs Pose Serious Risk to Industrial Systems
119. Crooks turn to Delphi packers to evade malware detection
120. This blog post explores how #malvertising works and identifies key defense strategies for #businesses  … #malware #cyberattacks
121. Malware Businesses Blending the Legitimate and the Illegitimate
122. Bitcoin flaw could have allowed dreaded 51% takeover
123. Avoidable mistakes lead to iOS cryptomining attacks
124. Romanian Citizen Admits Guilt in Police Department Ransomware Attack   via @DMBisson #ransomware #police
125. Thousands of WordPress sites backdoored with malicious code
126. Virobot Ransomware with Botnet Capability Breaks Through
127. DMARC Fully Implemented on Two Thirds of U.S. Government Domains
128. 0Day Windows JET Database Vulnerability disclosed by Zero Day Initiative
129. Guilty: The Romanian ransomware mastermind who infected Trump inauguration CCTV cams
130. Microsoft's Jet crash: Zero-day flaw drops after deadline passes
131. Sealed with an XSS: IT pros urge Lloyds Group to avoid web cross talk
132. Patch for EE's 4G Wi-Fi mini modem nails local privilege escalation flaw
133. 'I am admin' bug turns WD's My Cloud boxes into Everyone's Cloud
134. Docker fave Alpine Linux suffers bug miscreants can exploit to poison containers
135. When is a patch not a patch? When it's for this McAfee password bug
136. New Hacker Exploits and How to Fight Them
137. FDIC: Supervisory Approach to Payment Processing Relationships with Merchant Customers
138. MassMiner Malware Targeting Web Servers
139. Malware Analysis using Osquery Part 2
140. Off-the-shelf RATs Targeting Pakistan
141. Malware Analysis using Osquery Part 1
142. Malicious Documents from Lazarus Group Targeting South Korea
143. GZipDe: An Encrypted Downloader Serving Metasploit
144. More Details on an ActiveX Vulnerability Recently Used to Target Users in South Korea
145. Satan Ransomware Spawns New Methods to Spread
146. Woman Pleads Guilty to DC CCTV Ransomware Blitz
147. Woman Pleads Guilty to DC CCTV Ransomware Blitz  …
148. Report: Cryptomining malware detections up more than 459 percent since 2017
149. Researcher Discloses New Zero-Day Affecting All Versions of Windows
150. The most dangerous mobile spyware, Pegasus that has infected 45 countries
151. Rockwell Automation Patches Severe Flaws in Communications Software
152. Cisco releases fixes for remote code execution flaws in Webex Network Recording Player
153. Google Cloud Service launches automatic scanning of container vulnerabilities to enhance cloud environment security
154. CVE-2018-14829: Rockwell Automation Stack Overflow High Risk Vulnerability
155. Adobe Addresses a Number of Critical Remote Execution Vulnerabilities
156. Trend Micro Zero Day team discloses unpatched Microsoft Jet RCE vulnerability
157. Singapore to offer bug bounty, set up Asean cybersecurity centre
158. Cisco fixes Remote Code Execution flaws in Webex Network Recording Player
159. ZDI Exposed Unpatched Microsoft RCE Zero-day Flaw in Public After it Crossed the 120 Days Deadline
160. Security data reveals worldwide malicious login attempts are on the rise
161. Why voice fraud rates continue to rise with no signs of slowing down
162. iOS Webkit flaw found that forces iPhone restart
163. Flaw in 4GEE WiFi Modem Could Leave Your Computer Vulnerable
164. Authentication Bypass Vulnerability Disclosed in Western Digital My Cloud NAS Devices

CRIME

165. Spam or Phish? How to Tell the Difference Between a Marketing Email and a Malicious Spam Email
166. Romanian Hacker Pleads Guilty for Role in Inauguration Surveillance Ransomware
167. Operator of 'VirusTotal for criminals' gets 14-year prison sentence
168. Newegg leaked credit card information for more than a month
169. Fully 61 percent of ASX100 exposed as email fraud gets personal
170. Romanian Hacker Pleads Guilty for Role in Inauguration Surveillance Ransomware
171. Bitcoin flaw could have allowed dreaded 51% takeover
172. Avoidable mistakes lead to iOS cryptomining attacks
173. Guilty: The Romanian ransomware mastermind who infected Trump inauguration CCTV cams
174. Sealed with an XSS: IT pros urge Lloyds Group to avoid web cross talk
175. What's that smell? Oh, it's Newegg cracked open by card slurpers
176. Solid password practice on Capital One's site? Don't bank on it
177. Card-stealing code that pwned British Airways, Ticketmaster pops up on more sites via hacked JS
178. Law firm seeking leak victims to launch £500m suit at British Airways
179. 'Magecart' Card-Sniffing Gang Cracks Newegg
180. FDIC: Supervisory Approach to Payment Processing Relationships with Merchant Customers
181. MassMiner Malware Targeting Web Servers
182. Malware Analysis using Osquery Part 2
183. Malware Analysis using Osquery Part 1
184. ZombieBoy
185. Malicious Documents from Lazarus Group Targeting South Korea
186. Woman Pleads Guilty to DC CCTV Ransomware Blitz
187. Woman Pleads Guilty to DC CCTV Ransomware Blitz  …
188. Report: Cryptomining malware detections up more than 459 percent since 2017
189. The makers of the Mirai IoT-hijacking botnet are sentenced   via @gcluley #DDoS #FBI
190. Mirai Botnet Creators To Help Law Enforcement Agencies On Cybercrime Investigations
191. MageCart Hacked Customers’ In NewEgg Credit Card Data Breach
192. The makers of the Mirai IoT-hijacking botnet are sentenced   via @gcluley #botnets #Mirai

POLITICS

Nothing to report