Sep 29, 2018

Threat report for 2018-09-28

DATA BREACH

  1. Facebook leaks data (including private conversations) from 50 million accounts
  2. Facebook leaks data (including private conversations) from 50 million accounts
  3. Facebook hacked – 50 Million Users’ Data exposed in the security breach
  4. Big Facebook data breach: 50 million accounts affected
  5. Facebook Data Breach Impacts Almost 50 Million Accounts
  6. Vulnerabilities in PureVPN Client Leak User Credentials
  7. New Phishing Campaign Targets US Employees' Online Payrolls
  8. 3 GOP senators doxed during Kavanaugh hearing
  9. Chegg Resets Passwords After Data Breach That Affected 40 Million Users
  10. Facebook Discloses Data Breach, 50 Million User Accounts Affected
  11. United Nations data found exposed on web: researcher
  12. Magecart campaign remains active
  13. “Firefox Monitor” will allow users to check whether their personal information and passwords have been part of a data breach
  14. Bupa fined £175,000 for 2017 data breach affecting 547,000 customers
  15. The @ironscales #whitepaper explores how modern #phishing techniques, such as business email compromise (#BEC), #ransomware, spear-phishing and advanced persistent threats
  16. United Nations data found exposed on web: researcher
  17. How can live chat widgets leak personal employee data?
  18. Chegg Data Breach Affects 40 Million Customers

DENIAL-OF-SERVICE

  1. 7 new modules for VPNFilter malware, Hide & Seek botnet targets Android, and house oversight takes on AI | Avast
  2. Torii malware could be gateway to more sophisticated IoT botnet attacks
  3. Meet Torii, a Stealthy, Versatile and Highly Persistent IoT Botnet
  4. Hide 'N Seek IoT Botnet Now Targets Android Devices
  5. Who’s behind DDoS attacks at UK universities?
  6. Stealthy and Persistent Torii IoT Botnet Infects Devices via Telnet
  7. Meet Torii, a new IoT botnet far more sophisticated than Mirai variants
  8. New "Torii" Botnet's Sophisticated Techniques Set It Apart From Mirai
  9. Phorpiex bots target remote access servers to deliver ransomware
  10. New Iot Botnet Torii Uses Six Methods for Persistence, Has No Clear Purpose
  11. New "Torii" Botnet's Sophisticated Techniques Set It Apart From Mirai

MALVERTISING

Nothing to report

PHISHING

  1. Aspire Health, Another Healthcare Firm as a Phishing Victim
  2. New Phishing Campaign Targets US Employees' Online Payrolls
  3. Learn how our @PhishingAI successfully detected a custom #phishing kit targeted at the DNC last month:
  4. Chegg forces password reset on 40 million users
  5. SHEIN breach exposes emails, encrypted passwords of 6.42M customers
  6. Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
  7. Android App Verification Issues Pave Way For Phishing Attacks
  8. Facebook Resets 90 Million User Passwords as Flaw is Discovered
  9. Facebook Resets 90 Million User Passwords as Flaw is Discovered
  10. Chegg Resets Passwords After Data Breach That Affected 40 Million Users
  11. Android password managers vulnerable to phishing apps
  12. “Firefox Monitor” will allow users to check whether their personal information and passwords have been part of a data breach
  13. The @ironscales #whitepaper explores how modern #phishing techniques, such as business email compromise (#BEC), #ransomware, spear-phishing and advanced persistent threats
  14. Power to the people! Google backtracks (a bit) on forced Chrome logins
  15. Microsoft is trying to kill passwords in Azure AD application
  16. Android password managers not as secure as desktop counterparts
  17. 7 Most Prevalent Phishing Subject Lines

WEB DEFACEMENT

Nothing to report

MALWARE

  1. Port of San Diego suffers ransomware attack | Avast
  2. Port of San Diego suffers ransomware attack | Avast
  3. Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild
  4. Zoho Was Blacklisted by Domain Registrar TierraNet
  5. The Week in Ransomware - September 28th 2018 - RDP and gandCrab
  6. 7 new modules for VPNFilter malware, Hide & Seek botnet targets Android, and house oversight takes on AI | Avast
  7. 'Torii' Breaks New Ground For IoT Malware
  8. Port of San Diego, The Newest Victim of Ransomware Attack
  9. Powerful Ransomware Attack Hit on Port of San Diego
  10. Torii malware could be gateway to more sophisticated IoT botnet attacks
  11. Docs reveal how Fruitfly Mac spyware initially spread
  12. Fancy Bear’s Lojax is First UEFI Rootkit in the Wild
  13. FBI solves mystery surrounding 15-year-old Fruitfly Mac malware
  14. USB malware and cryptominers are threat to emerging markets
  15. Potential Misuse of Legitimate Websites to Avoid Malware Detection
  16. Port of San Diego Suffers Ransomware Attack
  17. Delphi Packer Increasingly Used to Evade Malware Classification
  18. QRecorder app in the Play Store was hiding a Banking Trojan that targets European banks
  19. The @ironscales #whitepaper explores how modern #phishing techniques, such as business email compromise (#BEC), #ransomware, spear-phishing and advanced persistent threats
  20. Port of San Diego Hit by Ransomware
  21. Fancy Bear Attacks Governments Using LoJax UEFI Rootkit
  22. Windows 10 security: Here's how we're hitting back at fileless malware, says Microsoft
  23. Resident evil: Inside a UEFI rootkit used to spy on govts, made by you-know-who (hi, Russia)
  24. Sunny Cali goes ballistic, this ransomware is atrocious. Even our IT bill will be something quite ferocious
  25. Fancy Bear still Putin out new modules for VPNFilter malware
  26. How Data Security Improves When You Engage Employees in the Process
  27. Users Clicking Through Warnings, Leading to RAT Infections
  28. Google Play Store Swarmed with Malware
  29. Phorpiex bots target remote access servers to deliver ransomware
  30. Port of San Diego Suffers Ransomware Attack
  31. ICS Cybersecurity: Visibility, Protective Controls & Continuous Monitoring
  32. ICS Cybersecurity: Visibility, Protective Controls & Continuous Monitoring

EXPLOIT

  1. Tripwire Patch Priority Index for September 2018
  2. IC3 Alerts of Increasing Danger of RDP Exploitation Attacks
  3. Google Hacker Discloses New Linux Kernel Vulnerability and PoC Exploit

VULNERABILITY

  1. CVE-2018-11776 RCE Flaw in Apache Struts Could Be Root Cause of Clamorous Hacks
  2. Critical Security Vulnerability in Facebook Affects 50 million Users!
  3. Facebook Security Bug Affects 90M Users
  4. [SingCERT] Alert on 14 High-Severity Vulnerabilities in Cisco Products
  5. Another Linux Kernel Bug Surfaces, Allowing Root Access
  6. Vulnerabilities in PureVPN Client Leak User Credentials
  7. FBI IC3 Warns of RDP Vulnerability
  8. Facebook Vulnerability Affecting 50 Million Users Allowed Account Takeover
  9. Facebook Resets 90 Million User Passwords as Flaw is Discovered
  10. Facebook Resets 90 Million User Passwords as Flaw is Discovered
  11. Hackers Stole 50 Million Facebook Users' Access Tokens Using Zero-Day Flaw
  12. Researchers: 11-Year-Old Flaw in Vote Scanner Still Unfixed
  13. Facebook: 50 million accounts impacted by security flaw
  14. 'Mutagen Astronomy' Linux kernel vulnerability sighted
  15. SECURITY UPDATE: Facebook said a breach affected 50 million people on the social network. The vulnerability stemmed from Facebook's "View As"
  16. Connected car cyber-security getting better, fewer critical vulnerabilities found
  17. No Patches for Critical Flaws in Fuji Electric Servo System, Drives
  18. CVE-2018-1718 -Google Project Zero reports a new Linux Kernel flaw
  19. Vulnerabilities and architectural considerations in industrial control systems
  20. Google Project Zero Discloses New Linux Kernel Flaw
  21. Google Hacker Discloses New Linux Kernel Vulnerability and PoC Exploit
  22. Tripwire Patch Priority Index for September 2018
at
Labels: