Threat report for 2018-09-20
DATA BREACH
- 14 million customer records exposed in GovPayNow leak
- State Department email breach leaks employee PII
- Magecart data breach possibly avoidable -magecart-data-breach-possibly-avoidable/ …
- Adams County clerk resigns over role in data breach
- ICO to Fine Equifax £500,000 for 2017 Data Breach via
- Pegasus spyware spotted in 45 countries, many with questionable human rights records
- State Department: Some Employee Info Possibly Exposed in Security Incident via
- This breach is a great example of how CT logs can be useful as an early indicator of an ongoing attack campaign. Orgs should be monitoring CT for certificates issued to look-alike domains to improve their situational awareness. -magazine.com/news/magecart-skimmed-newegg-cards/ …
- Data commissioner fines Equifax £500,000 for US data breach affecting UK customers
- Newegg Electronic Retailers Suffered a Data Breach and Hackers Stole Customers Credit Card Data
- LG V40 ThinQ Alleged Specifications Sheet Leaked; Reveals 8GB RAM Model With a 6.4-Inch Display, but No Triple-Rear-Camera
- ICO to Fine Equifax £500,000 for 2017 Data Breach via
- UK organisations’ email accounts used in mass phishing campaigns
- Threat Spotlight: Barracuda study finds account takeover incidents widespread, most commonly used for phishing campaigns
- 7GB of Medical Data Publicly Exposed Thanks to Misconfigured AWS S3 Bucket
- The public's trust, politics and race, and dignity for the LGBT community: MP Murali Pillai goes On the Record
- US State Department confirms data breach to unclassified email system
- Researcher discovers buffer overflow vulnerability in Microsoft's JET Database Engine
- HMRC Tax Refund Scam via Phishing Campaign
- China Arrests Suspect for Customer Data Leak at Accor Partner
- State Department Email Breach Exposed Personal Data Of Employees
- Equifax fined £500,000 over customer data breach
- Privacy advocates have failed to engage on My Health Record
- UK Regulator Fines Equifax £500,000 Over 2017 Data Breach
- GovPayNow Leak of 14M+ Records The All Time Low in Processing
- State Department: Some Employee Info Possibly Exposed in Security Incident via
DENIAL-OF-SERVICE
- Snap! Adobe patches, sneaky Android botnets, Alexa invasion, robot skins
- The makers of the Mirai IoT-hijacking botnet are sentenced via
- 3 Drivers Behind the Increasing Frequency of DDoS Attacks
- New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms
- : The 3 people suspected of the have escaped jail after agreeing to provide “substantial assistance” to the in ongoing cases. Read more about this story here: .twitter.com/Yzb9wM7KzU
- 3 Drivers Behind the Increasing Frequency of DDoS Attacks
- This Russian botnet mimics your click to prevent Android device factory resets
- FBI wants to keep “helpful” Mirai botnet authors around
- The makers of the Mirai IoT-hijacking botnet are sentenced via
- Mirai botnet developers collaborate with the FBI
- Identifying botnets before an attack: The new DARPA challenge
- US Signal partners with Cloudflare to deliver DDoS protection service
MALVERTISING
Nothing to report
DATA LEAK
- Hackers Uploaded Fake Apps into Google Play Store to Steal Credit card details and Login Credentials
PHISHING
- Account Takeover Attacks Become a Phishing Fave
- Account Takeover Attacks Result in Phishing Scams pic.twitter.com/hR2kSqlpCN
- Malicious Login Attempts Spike in Finance, Retail pic.twitter.com/OQPWqymDRB
- Account Takeover Attacks Result in Phishing Scams -magazine.com/news/account-takeover-attacks-result-in?utm_source=twitterfeed&utm_medium=twitter …
- Malicious Login Attempts Spike in Finance, Retail -magazine.com/news/malicious-login-attempts-spike-in?utm_source=twitterfeed&utm_medium=twitter …
- Account Takeover Attacks Become a Phishing Fave
- : malware detections have soared 273% since 2017 according to new stats from . The most popular way to spread is brute-forcing of passwords, used in 93% of detected attacks. Read more here: .twitter.com/Ct8Z7qckRC
- UK organisations’ email accounts used in mass phishing campaigns
- Threat Spotlight: Barracuda study finds account takeover incidents widespread, most commonly used for phishing campaigns
- Hackers Uploaded Fake Apps into Google Play Store to Steal Credit card details and Login Credentials
- HMRC Tax Refund Scam via Phishing Campaign
- Phishing finance apps make way back into Google Play
- Manipulation tactics that you fall for in phishing attacks
WEB DEFACEMENT
Nothing to report
MALWARE
- US authorities Have Pardoned Authors of Mirai Ransomware in Return For Government “Cooperation”
- Domain Joined Outlook 2016 Issues - 0x8004011D
- Report: Cryptomining malware detections up more than 459 percent since 2017
- Bad actors are sizing up systems via lightweight recon before attack, researchers at Proofpoint said:
- The rate at which new threats appear now requires a much greater reliance on threat intelligence. Learn more about its opportunities and challenges in our . pic.twitter.com/bEh9MKP6nS
- Malicious Login Attempts Spike in Finance, Retail pic.twitter.com/OQPWqymDRB
- Malicious Login Attempts Spike in Finance, Retail -magazine.com/news/malicious-login-attempts-spike-in?utm_source=twitterfeed&utm_medium=twitter …
- New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms
- Pegasus spyware spotted in 45 countries, many with questionable human rights records
- Book Review: Malware Data Science
- Increased Use of a Delphi Packer to Evade Malware Classification
- Hundreds of Indian Government Websites Hit with Cryptojacking Malware
- This breach is a great example of how CT logs can be useful as an early indicator of an ongoing attack campaign. Orgs should be monitoring CT for certificates issued to look-alike domains to improve their situational awareness. -magazine.com/news/magecart-skimmed-newegg-cards/ …
- Mitigate Risk From Malicious and Accidental Insiders
- : malware detections have soared 273% since 2017 according to new stats from . The most popular way to spread is brute-forcing of passwords, used in 93% of detected attacks. Read more here: .twitter.com/Ct8Z7qckRC
- Sustes Malware: CPU for Monero
- Report: Cryptomining malware detections up more than 459 percent since 2017
- Threats posed by using RATs in ICS
- Report Reveals Widespread Use of Pegasus Spyware
- GovPayNow Leak of 14M+ Records The All Time Low in Processing
- Evil Clone Attack – Hackers Injecting Crypto-mining Malware into Legitimate PDF Software
- Newegg hacked: The new victim of Magecart malware
- How to detect and remove a virus from your Android phone | Avast
EXPLOIT
- : Hackers say and have been the easiest attack vectors to exploit this year. 56% of said that social engineering is the fastest account seizing technique to use on them. Read more here: .twitter.com/e5ogD8VYWT
- Researcher discovers buffer overflow vulnerability in Microsoft's JET Database Engine
VULNERABILITY
- Android bug bounty tops $3m in third year, but pay flattens out
- Facebook Bug Bounty opens to reward access token exposure
- Bug hunters fail third year in a row to get top prize in Android hacking program
- Cisco Issues New Warning for 6-Month-Old Critical Bug in IOS XE
- Guarding the Gate: Cybersecurity De-Mystified
- Researcher discovers buffer overflow vulnerability in Microsoft's JET Database Engine
- Interview with Daniel Stenberg: His thoughts on the Curl Bug Bounty Program
- Western Digital goes quiet on unpatched MyCloud flaw
- CVE-2018-0150: Cisco IOS XE Software Static Credential Vulnerability
- Adobe releases patch out of schedule to squash critical code execution bug
- Cisco IOS XE Software Static Credential Vulnerability
- Adobe issued a critical out-of-band patch to address CVE-2018-12848 Acrobat flaw
- Ubuntu Released Security Updates & Fixed Multiple Critical Vulnerabilities
- Vulnerability in My cloud devices exposes sensitive information
- Western Digital My Cloud vulnerability, let’s hacker gives full access
- Guarding the Gate: Cybersecurity De-Mystified
