Threat report for 2018-09-27

DATA BREACH

1. Twitter Bug May Have Exposed Millions of DMs
2. GDPR: Data Breach Class Action Lawsuits Come to Europe
3. Fancy Bear LoJax campaign reveals first documented use of UEFI rootkit in the wild
4. SheIn Data Breach Exposed Personal Details 6.4 Million Customers To Hackers
5. United Nations data found exposed on web: researcher
6. New GootKit Campaigns Target European Banks with Reconnaissance Attacks
7. Uber to Pay $148 Million as a Settlement for Data Breach Cover
8. Uber fined $148m for data breach cover-up
9. You should prepare for the next mega data breach
10. Uber agrees to pay $148 million in massive 2016 data breach settlement
11. Endace launches petabyte network recording appliance

DENIAL-OF-SERVICE

12. Hide and Seek (HNS) IoT Botnet targets Android devices with ADB option enabled
13. Hide and seek Iot botnet updates include new Android ADB exploit
14. New "Torii" Botnet's Sophisticated Techniques Set It Apart From Mirai
15. DDoS attack on education vendor hinders access to districts’ online portals
16. New Torii Botnet uncovered, more sophisticated than Mirai | Avast
17. Hide and seek Iot botnet updates include new Android ADB exploit
18. New "Torii" Botnet's Sophisticated Techniques Set It Apart From Mirai

MALVERTISING

Nothing to report

PHISHING

19. Android password managers not as secure as desktop counterparts
20. Boffins bypass password protection with pilfering by phony programs
21. Are long passphrases the answer to password problems?
22. Chrome 70 will resolve cookies and login privacy issues

WEB DEFACEMENT

Nothing to report

MALWARE

23. APT Group Uses Dangerous LoJax Malware That Can Survive After OS Re-installation and Hard Disk Replacement
24. Russians' stealthy 'LoJax' malware can infect on the firmware level
25. CCSP Exam Details and Process
26. CCSP: Overview of Domains
27. Ransomware Attack Hits Port of San Diego
28. The PowerShell Boogeyman: How to Defend Against Malicious PowerShell Attacks
29. Chronicle Unveils VirusTotal Enterprise
30. Crooks turn to Delphi packers to evade malware detection
31. Chronicle announces VirusTotal Enterprise with greater search and analysis capabilities
32. Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV
33. Alphabet launches VirusTotal Enterprise
34. Is There Such a Thing as a Malicious PowerShell Command?
35. New KONNI Malware attacking Eurasia and Southeast Asia
36. New KONNI Malware attacking Eurasia and Southeast Asia
37. Pirated Game of Thrones episodes most popular TV bait for malware
38. Seven additional modules make Fancy Bear’s VPNFilter malware even more versatile
39. Russian Cyberspies Use UEFI Rootkit in Attacks
40. Dirhunt – Search and Analyze Target Domain Directories
41. Port of San Diego Affected by a Ransomware Attack
42. Phorpiex worm pivots to infect the enterprise with GandCrab ransomware
43. Crooks turn to Delphi packers to evade malware detection
44. Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild
45. LoJax: First-ever UEFI rootkit detected in a cyberattack
46. DanaBot trojan sets sights on Europe, new features
47. SC Media September Product Reviews: Threat Intelligence DomainTools Iris Investigation Platform l
48. #Malware classifcation, which encompasses both the identification and attribution of code, has the power to unlock many clues that aid
49. New VirusTotal Enterprise Offers Private Graphs, Faster Searches
50. Alphabet's Chronicle Releases VirusTotal Enterprise
51. Malware steals personal information from 6.4M SheIn customers
52. Malware hits fashion giant SHEIN; 6.42 million online shoppers affected
53. Cybersecurity Researchers Spotted First-Ever UEFI Rootkit in the Wild
54. Emergence of new ransomware variants feature names of popular politicians
55. Now that Office 365 has become one of Microsoft's fastest-growing revenue streams, it has become a primary target for #ransomware.
56. Fancy Bear LoJax campaign reveals first documented use of UEFI rootkit in the wild
57. Researchers find vulnerability in Apple's MDM DEP process
58. Seven additional modules make Fancy Bear's VPNFilter malware even more versatile
59. Cloudflare Becomes a Registrar, Sells Domains At Cost
60. APT28 Uses LoJax, First UEFI Rootkit Seen in the Wild
61. Alphabet's Chronicle Security Business Launches VirusTotal Enterprise
62. VPNFilter Router Malware Adds 7 New Network Exploitation Modules
63. Malware in the Cloud: What You Need to Know
64. Discover how Tripwire Malware Detection... - Protects against zero-day exploits and other known threats. - Offers an enterprise view of suspicious malware objects across all monitored systems. - Protects from repeat #malware attacks. Learn more here:
65. Malware in the Cloud: What You Need to Know

EXPLOIT

66. Hide and seek Iot botnet updates include new Android ADB exploit
67. Hide and seek Iot botnet updates include new Android ADB exploit
68. VPNFilter Router Malware Adds 7 New Network Exploitation Modules
69. Discover how Tripwire Malware Detection... - Protects against zero-day exploits and other known threats. - Offers an enterprise view of suspicious malware objects across all monitored systems. - Protects from repeat #malware attacks. Learn more here:

VULNERABILITY

70. Local-Privilege Escalation Flaw in Linux Kernel Allows Root Access
71. DEF CON report finds decade-old flaw in widely used ballot-counting machine
72. Twitter fixes API bug that shared data with wrong developers
73. How to Keep Up Security in a Bug-Infested World
74. Twitter Bug May Have Exposed Millions of DMs
75. Developers focus on wrong open source software vulnerabilities, research says
76. Security Flaw Found in Apple Mobile Device Enrollment Program
77. Cisco Releases Alerts for 14 High Severity Bugs
78. Apple DEP vulnerability lets attackers access orgs’ resources, info
79. Cisco unearths 13 'High Impact' IOS vulnerabilities you need to patch now
80. How automakers are tackling connected vehicle vulnerability management
81. Tripwire Patch Priority Index for September 2018
82. Researchers find vulnerability in Apple's MDM DEP process
83. GNOME 3.30.1 released: bugfixes
84. Norwegian state discusses vulnerabilities with IT sector
85. Mutagen Astronomy Linux Kernel vulnerability affects Red Hat, CentOS, and Debian distros
86. KDE Plasma 5.12.7 LTS releases: fix bugs
87. Discover how Tripwire Malware Detection... - Protects against zero-day exploits and other known threats. - Offers an enterprise view of suspicious malware objects across all monitored systems. - Protects from repeat #malware attacks. Learn more here:
88. ex-NSA Hacker Discloses macOS Mojave 10.14 Zero-Day Vulnerability