Daily brief for 2018-09-27

ASIA

1. APT10 Targeting Japanese Corporations Using Updated TTPs
2. New Torii Botnet uncovered, more sophisticated than Mirai | Avast
3. “Disturbing plans” in China revealed by a former Google employee

WORLD

4. Russians' stealthy 'LoJax' malware can infect on the firmware level
5. DEF CON report finds decade-old flaw in widely used ballot-counting machine
6. Russian Cyberspies Use UEFI Rootkit in Attacks
7. Threat-group Magecart - More Victims
8. Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild
9. GDPR: Data Breach Class Action Lawsuits Come to Europe
10. SheIn Data Breach Exposed Personal Details 6.4 Million Customers To Hackers
11. Norwegian state discusses vulnerabilities with IT sector
12. Seven additional modules make Fancy Bear's VPNFilter malware even more versatile
13. You should prepare for the next mega data breach
14. Uber agrees to pay $148 million in massive 2016 data breach settlement
15. VPNFilter Router Malware Adds 7 New Network Exploitation Modules
16. “Disturbing plans” in China revealed by a former Google employee

ATTACKS

17. Hide and Seek (HNS) IoT Botnet targets Android devices with ADB option enabled
18. Android password managers not as secure as desktop counterparts
19. Hide and seek Iot botnet updates include new Android ADB exploit
20. Twitter Bug May Have Exposed Millions of DMs
21. New "Torii" Botnet's Sophisticated Techniques Set It Apart From Mirai
22. DDoS attack on education vendor hinders access to districts’ online portals
23. Boffins bypass password protection with pilfering by phony programs
24. GDPR: Data Breach Class Action Lawsuits Come to Europe
25. Fancy Bear LoJax campaign reveals first documented use of UEFI rootkit in the wild
26. New Torii Botnet uncovered, more sophisticated than Mirai | Avast
27. SheIn Data Breach Exposed Personal Details 6.4 Million Customers To Hackers
28. Hide and seek Iot botnet updates include new Android ADB exploit
29. United Nations data found exposed on web: researcher
30. New GootKit Campaigns Target European Banks with Reconnaissance Attacks
31. Uber to Pay $148 Million as a Settlement for Data Breach Cover
32. Uber fined $148m for data breach cover-up
33. New "Torii" Botnet's Sophisticated Techniques Set It Apart From Mirai
34. You should prepare for the next mega data breach
35. Uber agrees to pay $148 million in massive 2016 data breach settlement
36. Are long passphrases the answer to password problems?
37. Chrome 70 will resolve cookies and login privacy issues
38. Endace launches petabyte network recording appliance

THREATS

39. APT Group Uses Dangerous LoJax Malware That Can Survive After OS Re-installation and Hard Disk Replacement
40. Russians' stealthy 'LoJax' malware can infect on the firmware level
41. CCSP Exam Details and Process
42. CCSP: Overview of Domains
43. Ransomware Attack Hits Port of San Diego
44. The PowerShell Boogeyman: How to Defend Against Malicious PowerShell Attacks
45. Chronicle Unveils VirusTotal Enterprise
46. Crooks turn to Delphi packers to evade malware detection
47. Chronicle announces VirusTotal Enterprise with greater search and analysis capabilities
48. Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV
49. Local-Privilege Escalation Flaw in Linux Kernel Allows Root Access
50. Alphabet launches VirusTotal Enterprise
51. DEF CON report finds decade-old flaw in widely used ballot-counting machine
52. Twitter fixes API bug that shared data with wrong developers
53. Is There Such a Thing as a Malicious PowerShell Command?
54. New KONNI Malware attacking Eurasia and Southeast Asia
55. New KONNI Malware attacking Eurasia and Southeast Asia
56. How to Keep Up Security in a Bug-Infested World
57. Pirated Game of Thrones episodes most popular TV bait for malware
58. Seven additional modules make Fancy Bear’s VPNFilter malware even more versatile
59. Hide and seek Iot botnet updates include new Android ADB exploit
60. Twitter Bug May Have Exposed Millions of DMs
61. Russian Cyberspies Use UEFI Rootkit in Attacks
62. Dirhunt – Search and Analyze Target Domain Directories
63. Port of San Diego Affected by a Ransomware Attack
64. Developers focus on wrong open source software vulnerabilities, research says
65. Phorpiex worm pivots to infect the enterprise with GandCrab ransomware
66. Security Flaw Found in Apple Mobile Device Enrollment Program
67. Crooks turn to Delphi packers to evade malware detection
68. Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild
69. LoJax: First-ever UEFI rootkit detected in a cyberattack
70. DanaBot trojan sets sights on Europe, new features
71. SC Media September Product Reviews: Threat Intelligence DomainTools Iris Investigation Platform l
72. #Malware classifcation, which encompasses both the identification and attribution of code, has the power to unlock many clues that aid
73. New VirusTotal Enterprise Offers Private Graphs, Faster Searches
74. Alphabet's Chronicle Releases VirusTotal Enterprise
75. Cisco Releases Alerts for 14 High Severity Bugs
76. Apple DEP vulnerability lets attackers access orgs’ resources, info
77. Cisco unearths 13 'High Impact' IOS vulnerabilities you need to patch now
78. Malware steals personal information from 6.4M SheIn customers
79. How automakers are tackling connected vehicle vulnerability management
80. Malware hits fashion giant SHEIN; 6.42 million online shoppers affected
81. Cybersecurity Researchers Spotted First-Ever UEFI Rootkit in the Wild
82. Emergence of new ransomware variants feature names of popular politicians
83. Now that Office 365 has become one of Microsoft's fastest-growing revenue streams, it has become a primary target for #ransomware.
84. Fancy Bear LoJax campaign reveals first documented use of UEFI rootkit in the wild
85. Tripwire Patch Priority Index for September 2018
86. Researchers find vulnerability in Apple's MDM DEP process
87. GNOME 3.30.1 released: bugfixes
88. Norwegian state discusses vulnerabilities with IT sector
89. Seven additional modules make Fancy Bear's VPNFilter malware even more versatile
90. Hide and seek Iot botnet updates include new Android ADB exploit
91. Cloudflare Becomes a Registrar, Sells Domains At Cost
92. APT28 Uses LoJax, First UEFI Rootkit Seen in the Wild
93. Mutagen Astronomy Linux Kernel vulnerability affects Red Hat, CentOS, and Debian distros
94. Alphabet's Chronicle Security Business Launches VirusTotal Enterprise
95. VPNFilter Router Malware Adds 7 New Network Exploitation Modules
96. Malware in the Cloud: What You Need to Know
97. KDE Plasma 5.12.7 LTS releases: fix bugs
98. Discover how Tripwire Malware Detection... - Protects against zero-day exploits and other known threats. - Offers an enterprise view of suspicious malware objects across all monitored systems. - Protects from repeat #malware attacks. Learn more here:
99. Malware in the Cloud: What You Need to Know
100. ex-NSA Hacker Discloses macOS Mojave 10.14 Zero-Day Vulnerability

CRIME

101. Russians' stealthy 'LoJax' malware can infect on the firmware level
102. Threat-group Magecart - More Victims
103. New GootKit Campaigns Target European Banks with Reconnaissance Attacks

POLITICS

104. DEF CON report finds decade-old flaw in widely used ballot-counting machine
105. Russian Cyberspies Use UEFI Rootkit in Attacks
106. APT10 Targeting Japanese Corporations Using Updated TTPs
107. APT28 Uses LoJax, First UEFI Rootkit Seen in the Wild