Sep 19, 2018

Threat report for 2018-09-18

Data Breach

  1. US Dept of State says attack on email system exposed employees’ personal data
  2. State Department email breach leaks employee PII
  3. 14 million customer records exposed in GovPayNow leak
  4. Xbash Malware Deletes Databases on Linux, Mines for Coins on Windows
  5. Survey: Nearly one-third of breached companies reported job losses after data breach
  6. Insiders Continue to be Data Theft’s Best Friend
  7. Symantec offers political campaigns service to guard against website spoofing
  8. Huge E-marketing Database that Contains 11 Million Sensitive Personal Records Exposed Online
  9. GovPayNow Leak of 14M+ Records Dates Back to 2012
  10. MongoDB server leaks 11 million user records from e-marketing service
  11. GovPayNow payment portal may have exposed over 14 million customer records
  12. Database with 11 Million Email Records Exposed
  13. UK watchdog has not issued any GDPR data breach-related fines yet
  14. Political Figures Differ Online: Names of Trump, Obama, Merkel Attached to Ransomware Campaigns
  15. 900,000 Australians opt out of My Health Record

Denial-of-Service

  1. Bizarre botnet infects your PC to scrub away cryptocurrency mining malware
  2. New Xbash Malware Attack on Linux & Windows with Botnet, Ransomware & Coinminer Capabilities
  3. New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms

Malvertising

  1. Nothing to report

Data Leak

  1. Nothing to report

Phishing

  1. Here’s a Free Turnkey Phishing Awareness Program for National Cybersecurity Awareness Month
  2. Hackers selling research phished from universities on WhatsApp

Web Defacement

  1. Nothing to report

Malware

  1. NSO mobile Pegasus Spyware used in operations in 45 countries
  2. ThreatList: Malware Samples Targeting IoT More Than Double in 2018
  3. Xbash Malware Deletes Databases on Linux, Mines for Coins on Windows
  4. Chinese-speaking cybercrime group launches destructive malware family
  5. Pegasus spyware active in 45 countries, Citizen Lab says
  6. Destructive Xbash Linux Malware Targets Enterprise Intranets
  7. Dangerous Pegasus Spyware Has Spread to 45 Countries
  8. "Lawful intercept" Pegasus spyware found deployed in 45 countries
  9. Cybercrime: Ransomware remains a 'key' malware threat says Europol
  10. HIDE AND SEEK: Tracking NSO Group’s Pegasus Spyware to Operations in 45 Countries
  11. Bizarre botnet infects your PC to scrub away cryptocurrency mining malware
  12. Powerful Android and iOS Spyware Found Deployed in 45 Countries
  13. New Xbash Malware Attack on Linux & Windows with Botnet, Ransomware & Coinminer Capabilities
  14. New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms
  15. Political Figures Differ Online: Names of Trump, Obama, Merkel Attached to Ransomware Campaigns
  16. Ransomware attack causes blackout on screens of Bristol Airport

Exploit

  1. 91 “child friendly” Android apps accused of exploitation
  2. Cracked Windows installations are serially infected with EternalBlue exploit code

Vulnerability

  1. Facebook Bug Bounty opens to reward access token exposure
  2. iOS Webkit flaw found that forces iPhone restart
  3. The NUUO Peekaboo vulnerability gives hackers your camera feed | Avast
  4. Intel releases firmware update for ME flaw
  5. Critical Vulnerability Impacts Hundreds of Thousands of IoT Cameras
  6. iOS 12 Brings Patches for 16 Security Vulnerabilities
  7. A flaw in Alpine Linux could allow executing arbitrary code
  8. Windows 10 Build 17763 Released As Microsoft Continues to Squash Bugs
  9. Hackers acknowledge Windows flaws but prefer social engineering tricks
  10. Critical RCE Peekaboo Bug in NVR Surveillance System, PoC Available
  11. Facebook Offers Rewards for Access Token Exposure Flaws
  12. Response Guide of IBM WebSphere Code Execution Vulnerability
at
Labels: