Oct 2, 2018

Daily brief for 2018-10-01

ASIA

  1. Cyber Security Roundup for September 2018
  2. GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers
  3. Report Ties North Korean Attacks to New Malware, Linked by Word Macros
  4. Roaming Mantis Group Adds Phishing and Web Crypto Mining for iOS Devices
  5. NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
  6. NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
  7. Report Ties North Korean Attacks to New Malware, Linked by Word Macros
  8. Telegram not really anonymous? Researcher reports bug that leaks IP addresses
  9. Roaming Mantis part III: iOS crypto-mining and spreading via malicious content delivery system
  10. GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers

WORLD

  1. Cyber Security Roundup for September 2018
  2. Hacking Week Call for Pitches: Who Is the Weakest Link In Cybersecurity?
  3. GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers
  4. A week in security (September 24 – 30)
  5. 4 Ways to Protect Your Files from a Data Breach
  6. Gemalto ID Card Provider Sued for €152 Million in eID Vulnerability Case
  7. NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
  8. NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
  9. Facebook: How to minimize the risk of vulnerabilities
  10. Voice Phishing Scams Are Getting More Clever
  11. Malwarebytes is a champion of National Cybersecurity Awareness Month
  12. Formjacking in the Nutshell
  13. TrickBot Banking Trojan Takes Center Stage in 2018
  14. Telegram not really anonymous? Researcher reports bug that leaks IP addresses
  15. Roaming Mantis part III: iOS crypto-mining and spreading via malicious content delivery system
  16. Facebook faces a whopping €1.4 billion penalty under GDPR for Sept. 30 data breach
  17. UK firms’ password security score ‘average’
  18. CISO @rickhholland joins @drshellface and @mazzazone to discuss the latest #cybersecurity news: Security Flaws Affect 50 Million Facebook Accounts and
  19. Gigantic 100,000-strong botnet used to hijack traffic meant for Brazilian banks
  20. New Banking Malware Steal Money From Victim’s Bank Accounts Using Weaponized Adobe Reader

ATTACKS

  1. 100K Routers Hijacked for Phishing in GhostDNS Campaign
  2. Picture-in-Picture Phishing Campaign Goes After Steam Credentials
  3. GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers
  4. Roaming Mantis Group Adds Phishing and Web Crypto Mining for iOS Devices
  5. 4 Ways to Protect Your Files from a Data Breach
  6. Facebook hacked – 50 Million Users’ Data exposed in the security breach
  7. Instagram Being Used To Sell Botnets And Stolen Fortnite Accounts
  8. Telegram Patched IP Address Leak Problem In Its Desktop Client
  9. Weak Passwords Abused for 'FruitFly' Mac Malware Distribution
  10. Hackers Are Selling Botnets and Stolen ‘Fortnite’ Accounts Over Instagram
  11. Third-Party Apps Using Facebook Login Also Affected by Latest Hacking Incident
  12. How to Orchestrate a Smarter Phishing Response
  13. Voice Phishing Scams Are Getting More Clever
  14. Why nearly 50% of organizations are failing at password security
  15. Employees Share Average of 6 Passwords With Co-Workers
  16. Telegram Leaks User IP Addresses
  17. Telegram not really anonymous? Researcher reports bug that leaks IP addresses
  18. Flaws in Tory party conference app leak ministers' personal information
  19. Facebook faces a whopping €1.4 billion penalty under GDPR for Sept. 30 data breach
  20. UK firms’ password security score ‘average’
  21. Torii malware could be gateway to more sophisticated IoT botnet attacks
  22. Phishing campaign targets developers of Chrome extensions
  23. Password Security Better, Still Poses Business Risk
  24. New vicious Torii IoT botnet discovered
  25. Password Security Better, Still Poses Business Risk
  26. GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers
  27. 3 GOP senators doxed during Kavanaugh hearing
  28. Facebook Data Breach Extended to Third-Party Applications
  29. Following a loud critical backlash to a new #Chrome login feature and cookie retention functionality, @Google will make changes in
  30. Facebook could face up to $1.6bn fine for data breach
  31. Telegram CVE-2018-17780 flaw causes the leak of IP addresses when initiating calls
  32. Telegram Calling Feature Leaks Your IP Addresses—Patch Released
  33. Gigantic 100,000-strong botnet used to hijack traffic meant for Brazilian banks
  34. Torii IoT Botnet Takes Mirai to the Next Level
  35. High-Profile Instagram Accounts Hacked For Ransom In A Recent Campaign

THREATS

  1. Adobe Patches 47 Critical Flaws in Acrobat and DC
  2. Top Cloud Domain Controller for MSPs
  3. Multiple Code Execution Vulnerabilities Found in Atlantis Word Processor
  4. CVE-2018-11776 and why you need Black Duck Security Advisories
  5. GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers
  6. Nine NAS Bugs Open LenovoEMC, Iomega Devices to Attack
  7. GrandCrab Ransomware Spreads Using Multiple Known Vulnerabilities
  8. Fileless Malware Attacks on the Rise, Microsoft Says
  9. 'Short, Brutal Lives': Life Expectancy for Malicious Domains
  10. Google Bug Breaks Search Results with a Plus Sign On Mac Safari
  11. Report Ties North Korean Attacks to New Malware, Linked by Word Macros
  12. Roaming Mantis Group Adds Phishing and Web Crypto Mining for iOS Devices
  13. Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader
  14. Google Adds New Rules To End Malicious Chrome Extensions
  15. Gemalto ID Card Provider Sued for €152 Million in eID Vulnerability Case
  16. Code Execution Vulnerabilities Uncovered In Atlantis Word Processor
  17. Deep Dive Into iTranslator - MITM Malware
  18. LoJax: Fisrt UEFI Rootkit Found In The Wild
  19. NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
  20. NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
  21. Telegram Patched IP Address Leak Problem In Its Desktop Client
  22. Weak Passwords Abused for 'FruitFly' Mac Malware Distribution
  23. Facebook: How to minimize the risk of vulnerabilities
  24. Code execution vulnerabilities uncovered in Atlantis Word Processor
  25. A new Browser Reaper exploit can crash or freeze Mozilla #Firefox, according to a proof of concept published by a
  26. Malwarebytes is a champion of National Cybersecurity Awareness Month
  27. Monitor privileged execution to defend against
  28. Attackers chained three bugs to breach into the Facebook platform
  29. Telegram Leaks User IP Addresses
  30. Vulnerability Spotlight: Multiple vulnerabilities in Atlantis Word Processor
  31. TrickBot Banking Trojan Takes Center Stage in 2018
  32. More on the Five Eyes Statement on Encryption and Backdoors
  33. Monero fixes major ‘burning bug’ flaw, preventing mass devaluation
  34. Report Ties North Korean Attacks to New Malware, Linked by Word Macros
  35. Telegram not really anonymous? Researcher reports bug that leaks IP addresses
  36. Flaws in Tory party conference app leak ministers' personal information
  37. Roaming Mantis part III: iOS crypto-mining and spreading via malicious content delivery system
  38. Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader
  39. GandCrab ransomware is spreading wildly through several known vulnerabilities
  40. Python-based attack tools are the most common vector for launching exploit attempts
  41. Docs reveal how Fruitfly Mac spyware initially spread
  42. Torii malware could be gateway to more sophisticated IoT botnet attacks
  43. SamSam ransomware: How is this version different from others?
  44. Ransomware Casts Anchor at the Port of San Diego
  45. Hackers Hijacked More Than 100,000 Routers DNS Settings and Redirecting Users to Malicious WebSites
  46. Ransomware Casts Anchor at the Port of San Diego
  47. Several Bugs Exploited in Massive Facebook Hack
  48. Sophos recently discovered a #Samsam extortion code that performs whole-company attacks through a variety of vulnerability exploits. Discover how this
  49. #VPNFilter #malware: How can users protect themselves?
  50. Nasty Linux Kernel Vulnerability Discovered, Mandatory Kernel Update Required
  51. How can attackers exploit a buffer underflow #vulnerability?
  52. CISO @rickhholland joins @drshellface and @mazzazone to discuss the latest #cybersecurity news: Security Flaws Affect 50 Million Facebook Accounts and
  53. Vulnerability Spotlight: Multiple vulnerabilities in Atlantis Word Processor
  54. Telegram CVE-2018-17780 flaw causes the leak of IP addresses when initiating calls
  55. Telegram Calling Feature Leaks Your IP Addresses—Patch Released
  56. New Banking Malware Steal Money From Victim’s Bank Accounts Using Weaponized Adobe Reader

CRIME

  1. Cyber Security Roundup for September 2018
  2. Hacking Week Call for Pitches: Who Is the Weakest Link In Cybersecurity?
  3. GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers
  4. 4 Ways to Protect Your Files from a Data Breach
  5. Gemalto ID Card Provider Sued for €152 Million in eID Vulnerability Case
  6. NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
  7. NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
  8. Facebook: How to minimize the risk of vulnerabilities
  9. Hackers Are Selling Botnets and Stolen ‘Fortnite’ Accounts Over Instagram
  10. How to Orchestrate a Smarter Phishing Response
  11. Voice Phishing Scams Are Getting More Clever
  12. Formjacking in the Nutshell
  13. Attackers chained three bugs to breach into the Facebook platform
  14. TrickBot Banking Trojan Takes Center Stage in 2018
  15. Roaming Mantis part III: iOS crypto-mining and spreading via malicious content delivery system
  16. Hackers Hijacked More Than 100,000 Routers DNS Settings and Redirecting Users to Malicious WebSites
  17. Sophos recently discovered a #Samsam extortion code that performs whole-company attacks through a variety of vulnerability exploits. Discover how this
  18. GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers
  19. New Banking Malware Steal Money From Victim’s Bank Accounts Using Weaponized Adobe Reader

POLITICS

  1. Hacking Week Call for Pitches: Who Is the Weakest Link In Cybersecurity?
  2. Report Ties North Korean Attacks to New Malware, Linked by Word Macros
  3. A week in security (September 24 – 30)
  4. Facebook: How to minimize the risk of vulnerabilities
  5. Hackers Are Selling Botnets and Stolen ‘Fortnite’ Accounts Over Instagram
  6. Malwarebytes is a champion of National Cybersecurity Awareness Month
  7. Report Ties North Korean Attacks to New Malware, Linked by Word Macros
  8. Roaming Mantis part III: iOS crypto-mining and spreading via malicious content delivery system
at
Labels: