Daily brief for 2018-09-28

ASIA

1. No Patches for Critical Flaws in Fuji Electric Servo System, Drives
2. Google first confirmed the existence of the Dragonfly program for returning to China

WORLD

3. Facebook leaks data (including private conversations) from 50 million accounts
4. Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild
5. Aspire Health, Another Healthcare Firm as a Phishing Victim
6. 7 new modules for VPNFilter malware, Hide & Seek botnet targets Android, and house oversight takes on AI | Avast
7. New Phishing Campaign Targets US Employees' Online Payrolls
8. IC3 Alerts of Increasing Danger of RDP Exploitation Attacks
9. QRecorder app in the Play Store was hiding a Banking Trojan that targets European banks
10. Magecart campaign remains active
11. Researchers: 11-Year-Old Flaw in Vote Scanner Still Unfixed
12. Who’s behind DDoS attacks at UK universities?
13. Fancy Bear Attacks Governments Using LoJax UEFI Rootkit
14. Resident evil: Inside a UEFI rootkit used to spy on govts, made by you-know-who (hi, Russia)
15. Vulnerabilities and architectural considerations in industrial control systems

ATTACKS

16. Facebook leaks data (including private conversations) from 50 million accounts
17. Facebook leaks data (including private conversations) from 50 million accounts
18. Facebook hacked – 50 Million Users’ Data exposed in the security breach
19. Big Facebook data breach: 50 million accounts affected
20. Facebook Data Breach Impacts Almost 50 Million Accounts
21. Vulnerabilities in PureVPN Client Leak User Credentials
22. Aspire Health, Another Healthcare Firm as a Phishing Victim
23. 7 new modules for VPNFilter malware, Hide & Seek botnet targets Android, and house oversight takes on AI | Avast
24. New Phishing Campaign Targets US Employees' Online Payrolls
25. Learn how our @PhishingAI successfully detected a custom #phishing kit targeted at the DNC last month:
26. 3 GOP senators doxed during Kavanaugh hearing
27. Chegg forces password reset on 40 million users
28. Torii malware could be gateway to more sophisticated IoT botnet attacks
29. SHEIN breach exposes emails, encrypted passwords of 6.42M customers
30. Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
31. Android App Verification Issues Pave Way For Phishing Attacks
32. Facebook Resets 90 Million User Passwords as Flaw is Discovered
33. Facebook Resets 90 Million User Passwords as Flaw is Discovered
34. Meet Torii, a Stealthy, Versatile and Highly Persistent IoT Botnet
35. Chegg Resets Passwords After Data Breach That Affected 40 Million Users
36. Facebook Discloses Data Breach, 50 Million User Accounts Affected
37. United Nations data found exposed on web: researcher
38. Hide 'N Seek IoT Botnet Now Targets Android Devices
39. Magecart campaign remains active
40. Android password managers vulnerable to phishing apps
41. “Firefox Monitor” will allow users to check whether their personal information and passwords have been part of a data breach
42. Bupa fined £175,000 for 2017 data breach affecting 547,000 customers
43. The @ironscales #whitepaper explores how modern #phishing techniques, such as business email compromise (#BEC), #ransomware, spear-phishing and advanced persistent threats
44. Power to the people! Google backtracks (a bit) on forced Chrome logins
45. Who’s behind DDoS attacks at UK universities?
46. Microsoft is trying to kill passwords in Azure AD application
47. Android password managers not as secure as desktop counterparts
48. Stealthy and Persistent Torii IoT Botnet Infects Devices via Telnet
49. United Nations data found exposed on web: researcher
50. Meet Torii, a new IoT botnet far more sophisticated than Mirai variants
51. How can live chat widgets leak personal employee data?
52. Chegg Data Breach Affects 40 Million Customers
53. 7 Most Prevalent Phishing Subject Lines
54. New "Torii" Botnet's Sophisticated Techniques Set It Apart From Mirai
55. Phorpiex bots target remote access servers to deliver ransomware
56. New Iot Botnet Torii Uses Six Methods for Persistence, Has No Clear Purpose
57. New "Torii" Botnet's Sophisticated Techniques Set It Apart From Mirai

THREATS

58. CVE-2018-11776 RCE Flaw in Apache Struts Could Be Root Cause of Clamorous Hacks
59. Port of San Diego suffers ransomware attack | Avast
60. Port of San Diego suffers ransomware attack | Avast
61. Critical Security Vulnerability in Facebook Affects 50 million Users!
62. Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild
63. Facebook Security Bug Affects 90M Users
64. Zoho Was Blacklisted by Domain Registrar TierraNet
65. [SingCERT] Alert on 14 High-Severity Vulnerabilities in Cisco Products
66. Another Linux Kernel Bug Surfaces, Allowing Root Access
67. Vulnerabilities in PureVPN Client Leak User Credentials
68. The Week in Ransomware - September 28th 2018 - RDP and gandCrab
69. 7 new modules for VPNFilter malware, Hide & Seek botnet targets Android, and house oversight takes on AI | Avast
70. 'Torii' Breaks New Ground For IoT Malware
71. FBI IC3 Warns of RDP Vulnerability
72. Tripwire Patch Priority Index for September 2018
73. Port of San Diego, The Newest Victim of Ransomware Attack
74. Powerful Ransomware Attack Hit on Port of San Diego
75. IC3 Alerts of Increasing Danger of RDP Exploitation Attacks
76. Torii malware could be gateway to more sophisticated IoT botnet attacks
77. Docs reveal how Fruitfly Mac spyware initially spread
78. Facebook Vulnerability Affecting 50 Million Users Allowed Account Takeover
79. Fancy Bear’s Lojax is First UEFI Rootkit in the Wild
80. FBI solves mystery surrounding 15-year-old Fruitfly Mac malware
81. USB malware and cryptominers are threat to emerging markets
82. Facebook Resets 90 Million User Passwords as Flaw is Discovered
83. Potential Misuse of Legitimate Websites to Avoid Malware Detection
84. Facebook Resets 90 Million User Passwords as Flaw is Discovered
85. Port of San Diego Suffers Ransomware Attack
86. Delphi Packer Increasingly Used to Evade Malware Classification
87. QRecorder app in the Play Store was hiding a Banking Trojan that targets European banks
88. Hackers Stole 50 Million Facebook Users' Access Tokens Using Zero-Day Flaw
89. The @ironscales #whitepaper explores how modern #phishing techniques, such as business email compromise (#BEC), #ransomware, spear-phishing and advanced persistent threats
90. Researchers: 11-Year-Old Flaw in Vote Scanner Still Unfixed
91. Port of San Diego Hit by Ransomware
92. Facebook: 50 million accounts impacted by security flaw
93. Fancy Bear Attacks Governments Using LoJax UEFI Rootkit
94. Windows 10 security: Here's how we're hitting back at fileless malware, says Microsoft
95. Resident evil: Inside a UEFI rootkit used to spy on govts, made by you-know-who (hi, Russia)
96. Sunny Cali goes ballistic, this ransomware is atrocious. Even our IT bill will be something quite ferocious
97. Fancy Bear still Putin out new modules for VPNFilter malware
98. 'Mutagen Astronomy' Linux kernel vulnerability sighted
99. How Data Security Improves When You Engage Employees in the Process
100. SECURITY UPDATE: Facebook said a breach affected 50 million people on the social network. The vulnerability stemmed from Facebook's "View As"
101. Connected car cyber-security getting better, fewer critical vulnerabilities found
102. Users Clicking Through Warnings, Leading to RAT Infections
103. No Patches for Critical Flaws in Fuji Electric Servo System, Drives
104. CVE-2018-1718 -Google Project Zero reports a new Linux Kernel flaw
105. Google Play Store Swarmed with Malware
106. Phorpiex bots target remote access servers to deliver ransomware
107. Vulnerabilities and architectural considerations in industrial control systems
108. Google Project Zero Discloses New Linux Kernel Flaw
109. Port of San Diego Suffers Ransomware Attack
110. ICS Cybersecurity: Visibility, Protective Controls & Continuous Monitoring
111. Google Hacker Discloses New Linux Kernel Vulnerability and PoC Exploit
112. Tripwire Patch Priority Index for September 2018
113. ICS Cybersecurity: Visibility, Protective Controls & Continuous Monitoring

CRIME

114. Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild
115. Aspire Health, Another Healthcare Firm as a Phishing Victim
116. New Phishing Campaign Targets US Employees' Online Payrolls
117. IC3 Alerts of Increasing Danger of RDP Exploitation Attacks
118. Potential Misuse of Legitimate Websites to Avoid Malware Detection
119. QRecorder app in the Play Store was hiding a Banking Trojan that targets European banks
120. Magecart campaign remains active
121. The @ironscales #whitepaper explores how modern #phishing techniques, such as business email compromise (#BEC), #ransomware, spear-phishing and advanced persistent threats
122. Stealthy and Persistent Torii IoT Botnet Infects Devices via Telnet

POLITICS

123. Facebook leaks data (including private conversations) from 50 million accounts
124. Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild
125. Aspire Health, Another Healthcare Firm as a Phishing Victim
126. Hackers Stole 50 Million Facebook Users' Access Tokens Using Zero-Day Flaw
127. Resident evil: Inside a UEFI rootkit used to spy on govts, made by you-know-who (hi, Russia)