Threat report for 2018-09-24

DATA BREACH

1. Experts uncovered a new Adwind campaign aimed at Linux, Windows, and macOS systems
2. New Adwind Campaign Targets Linux, Windows, and macOS
3. Survey: Nearly one-third of breached companies reported job losses after data breach
4. 4 Things To Do To Get Your Smartphone Compromised
5. [SingCERT] Alert on Microsoft JET Database Engine Vulnerabilities CVE-2018-8392 and CVE-2018-8393
6. Freelance workers targeted in new malware campaign
7. Bug Exposed Direct Messages of Millions of Twitter Users
8. A bug in Twitter Account Activity API exposed users messages to wrong developers
9. Do you know who the biggest threat actors are? Check out this paper that shares our perspective on the key takeaways from the 2018 Verizon Data Breach Investigations Report. Get your copy here:   #DBIR #
10. Hackers Compromised Thousands of WordPress Sites and Redirects to Tech Support Scams

DENIAL-OF-SERVICE

11. It’s an active buyer’s market for DDoS-as-a-Service - NETSCOUT
12. Tricky DoS Attack Crashes Mozilla Firefox
13. Virobot Ransomware Logs Keystrokes and Adds PC to Spam Botnet
14. Credential Stuffing Attacks Are Reaching DDoS Proportions
15. Viborot ransomware comes with a botnet

MALVERTISING

Nothing to report

PHISHING

16. Microsoft goes password-free for Azure AD sign-in
17. Cisco: We’ve killed another critical hard-coded root password bug, patch urgently
18. Yubico's latest authentication keys get the jump on a 'passwordless' future
19. US ISP RCN stores customer passwords in cleartext
20. Zoho Suspended by Domain Registrar Over Phishy Emails
21. [SingCERT] Alert on Cisco Video Surveillance Manager Default Password Vulnerability CVE-2018-15427
22. Breaking Chrome / Google account auto login (and tracking)
23. Microsoft Deletes Passwords for Azure Active Directory Applications
24. Cisco: We've killed another critical hard-coded root password bug, patch urgently
25. Cisco Removes Default Password From Video Surveillance Manager
26. Western Digital resolves year-old password bypass bug in My Cloud NAS devices
27. Pervasive email #security threats have dampened adoption of #cloud-based productivity tools: #survey   #BarracudaNetworks #phishing #Office365 #fraud #AI #

WEB DEFACEMENT

Nothing to report

MALWARE

28. Hackers Use Cloud Hosting Services To Deliver Malware That Steals Cryptocurrency Wallet Details
29. Pennsylvania Senate Democrats paid $700,000 to recover from ransomware attack
30. Adwind RAT Scurries By AV Software With New DDE Variant
31. Join our LIVE Webcast with @SCMagazine on 9/25: #Cryptomining: The Next #Malware Attack >>> register now   <<<
32. Scottish Brewery Recovered from Ransomware Attack
33. Cybercriminals Target Kodi Media Player for Malware Distribution
34. Scottish Brewery Recovered from Ransomware Attack  …
35. Zoho Suspended by Domain Registrar Over Phishy Emails
36. Operator of hackers' favorite malware scanning service gets 14 years in prison
37. Black Rose Lucy Android malware mimics user's on-screen click
38. Adwind RAT Scurries By AV Software With New DDE Variant
39. Hacker Sentenced for Running “Scan4you” Malware Scanning Service
40. Blocking ransomware for free with honeypots
41. Unraveling Emotet's Latest Macro Obfuscation
42. Adwind Trojan circumvents antivirus software to infect your PC
43. #SecurityNews: Over 90% of US retail domains analyzed recently were found to be non-compliant with #PCI DSS. The sector also performed worst out of the 18 appraised. Read more about this here:   #compliance #cyberattack #
44. Researchers warn of iTranslator man-in-the-middle malware
45. Virobot Ransomware Logs Keystrokes and Adds PC to Spam Botnet
46. Pennsylvania Senate Democrats paid $700,000 to recover from ransomware attack
47. Ransomware, Fileless Attacks and Cold Boot the Current Trend
48. Virobot Malware Emerges
49. Freelance workers targeted in new malware campaign
50. Viborot ransomware comes with a botnet
51. Scottish brewery ransomware attack leverages job opening
52. Arran Brewery Hits Massive Ransomware Attack – Warned Other Companies to Stay Safe
53. Thousands of WordPress sites are infected with the malicious code

EXPLOIT

Nothing to report

VULNERABILITY

54. macOS Mojave Privacy Bypass Flaw Allows Access to Protected Files
55. Cisco: We’ve killed another critical hard-coded root password bug, patch urgently
56. U.S. General Service Administration Launches Bug Bounty Program
57. Cisco patches 'critical' credential bug in video surveillance software
58. [SingCERT] Alert on Cisco Video Surveillance Manager Default Password Vulnerability CVE-2018-15427
59. Apple MacOS Mojave zero-day privacy bypass vulnerability revealed
60. The MyCloud Auth Vulnerability Fixed by Western Digital with a Hotfix
61. [SingCERT] Alert on Microsoft JET Database Engine Vulnerabilities CVE-2018-8392 and CVE-2018-8393
62. Cisco Patches Critical Flaw in Cisco Video Surveillance Manager (VSM) Software
63. New Bug Crashes Mozilla Firefox on Windows, Linux, and Mac Systems
64. Cisco Patched Critical Vulnerability With Video Surveillance Manager Appliance
65. [SingCERT] Alert on Critical Out-Of-Band Adobe Acrobat Vulnerability (CVE-2018-12848)
66. Critical flaw affects Cisco Video Surveillance Manager
67. macOS Mojave Privacy Bypass Flaw Allows Access to Protected Files
68. Cisco: We've killed another critical hard-coded root password bug, patch urgently
69. Report: Microsoft misses disclosure deadline to patch RCE bug in JET
70. Western Digital resolves year-old password bypass bug in My Cloud NAS devices
71. Cisco Patched Critical Vulnerability In Its Video Surveillance Manager Software
72. Bug Exposed Direct Messages of Millions of Twitter Users
73. A bug in Twitter Account Activity API exposed users messages to wrong developers