Oct 4, 2018

Daily brief for 2018-10-03

ASIA

  1. Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide
  2. FakeSpy Is Back as Part of New SmiShing Campaign, Adds New Features
  3. DHS aware of ongoing APT attacks on cloud service providers
  4. 3 types of attacks with ransomware: Cyber-theft, extortion, and sabotage
  5. FireEye unmasks a new North Korean threat group
  6. Hacker Defacing 11,000 US Websites Faces 10 Years behind Bars
  7. APT38: Details on New North Korean Regime-Backed Threat Group
  8. Vietnam-Born Worker in U.S Intelligence Ordered Prison over Data Theft and Leakage
  9. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
  10. Zoho domains central to keylogger, data theft campaigns worldwide
  11. GhostDNS hijacked 100,000 router traffic directed to phishing sites
  12. Researchers associated the recently discovered NOKKI Malware to North Korean APT
  13. Bank Servers Hacked to Trick ATMs into Spitting Out Millions in Cash
  14. North Korean HIDDEN COBRA Hackers Using New Attack Called “FASTCash” to Cash-out From ATM Machine
  15. Enormous botnet used to hijack traffic destined for Brazilian banks

WORLD

  1. Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide
  2. Malware Outbreak Causes Disruptions, Closures at Canadian Restaurant Chain
  3. 3 types of attacks with ransomware: Cyber-theft, extortion, and sabotage
  4. FireEye unmasks a new North Korean threat group
  5. Hacker Defacing 11,000 US Websites Faces 10 Years behind Bars
  6. APT38: Details on New North Korean Regime-Backed Threat Group
  7. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
  8. #DanaBot Observed in Large Campaign Targeting U.S. Organizations
  9. Ransomware operators breach 40.000+ records from Fetal Diagnostic Institute of the Pacific
  10. Vietnam-Born Worker in U.S Intelligence Ordered Prison over Data Theft and Leakage
  11. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
  12. New Danabot Banking Malware campaign now targets banks in the U.S.
  13. Hacker faces jail time after defacing US military academy, NYC sites
  14. 100,000-Plus Home Routers Hijacked in Campaign to Steal Banking Credentials
  15. GhostDNS hijacked 100,000 router traffic directed to phishing sites
  16. The Intel Management Engine exposes a new vulnerability
  17. See clearly, decide wisely with visibility and management
  18. Researchers associated the recently discovered NOKKI Malware to North Korean APT
  19. Ransomware Hits Port of San Diego
  20. Z-LAB Report – Analyzing the GandCrab v5 ransomware
  21. Bank Servers Hacked to Trick ATMs into Spitting Out Millions in Cash
  22. Vulnerabilities expose Iomega and LenovoEMC NAS devices to attacks
  23. Facebook faces legal actions after data breach
  24. Estonia sues Gemalto for €152M for the flaws in the identification cards issued by the company
  25. Enormous botnet used to hijack traffic destined for Brazilian banks
  26. 100,000 routers hijacked by GhostDNS, traffic directed to phishing sites
  27. DanaBot Observed in Large Campaign Targeting U.S. Organizations

ATTACKS

  1. Phishing 101: Protection for Everyone
  2. FakeSpy Is Back as Part of New SmiShing Campaign, Adds New Features
  3. How to use the Firefox Master Password
  4. The ultimate fallout from the Facebook data breach could be massive
  5. Phishing gets more complex as decoy PDF pops up with Microsoft-issued SSL certificate
  6. LastPass study shines new light on global password security practices
  7. Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
  8. Hacker Faces Jail Time After Defacing West Point, NYC Sites
  9. Gwinnett Medical Center Investigates Possible Data Breach
  10. Torii Botnet - Definitely Not a Mirai Wannabe
  11. Instagram Used as Marketplace to Sell Stolen Fortnite Accounts and Botnets
  12. Hacker Defacing 11,000 US Websites Faces 10 Years behind Bars
  13. Phishing Attack Impersonates Law Firm
  14. Phishing Attack Uses Azure Blob Storage to Impersonate Microsoft
  15. Hacked Fortnite accounts and rent-a-botnet being pushed on Instagram
  16. Gwinnett Medical Center investigates possible data breach
  17. Hacktivist pleads guilty to defacing websites for NYC comptroller, Combating Terrorism Center
  18. GhostDNS hijacking campaign steps up attacks on Brazilians; 100K+ devices compromised
  19. Phishing Attack Impersonates Law Firm
  20. #DanaBot Observed in Large Campaign Targeting U.S. Organizations
  21. Ransomware operators breach 40.000+ records from Fetal Diagnostic Institute of the Pacific
  22. Facebook Reveals That Trio of Bugs Led to Data Breach
  23. Vietnam-Born Worker in U.S Intelligence Ordered Prison over Data Theft and Leakage
  24. New Danabot Banking Malware campaign now targets banks in the U.S.
  25. Hacker faces jail time after defacing US military academy, NYC sites
  26. Zoho domains central to keylogger, data theft campaigns worldwide
  27. Password-sharing is still prevalent in the workplace – although 45 percent of businesses do now use multifactor authentication:
  28. 100,000-Plus Home Routers Hijacked in Campaign to Steal Banking Credentials
  29. GhostDNS hijacked 100,000 router traffic directed to phishing sites
  30. Dark Web Malware Builder Allow Attackers To Create Malware That Steals Passwords & Credit Card Data
  31. .@Lookout’s @VijayaKaza is at @FedNewsRadio’s studio recording with @gschumm!
  32. How Ashley Madison Recovered From Its Massive Data Breach
  33. Hackers Use Instagram For Selling Stolen ‘Fortnite’ Accounts And Botnets
  34. An extremely high number of keylogger #phishing campaigns have been seen tied to the Zoho online office suite software:
  35. New Betabot campaign under the microscope
  36. CyberSecurity Asean security alert on A Vulnerability in Microsoft Windows JET Database Engine Could Allow for Remote Code Execution
  37. Facebook faces legal actions after data breach
  38. Enormous botnet used to hijack traffic destined for Brazilian banks
  39. BYOB – Build Your Own Botnet
  40. The @activereach guide to #DDoS, is aimed at technically aware business people who do not necessarily have a background in
  41. What is the future of authentication? Hint: It’s not passwords, passphrases or MFA
  42. Norton by Symantec Urges Consumers to Help Protect Their Personal Data
  43. 100,000 routers hijacked by GhostDNS, traffic directed to phishing sites
  44. DanaBot Observed in Large Campaign Targeting U.S. Organizations

THREATS

  1. Windows 10 October 2018 Update refines ransomware protection
  2. Virus Bulletin 2018: macOS Flaw Allows Attackers to Hijack Installed Apps
  3. Virus Bulletin 2018: Microsoft’s Lambert on How Cloud is Changing Security
  4. [SingCERT] Alert on 47 Critical Vulnerabilities in Adobe Acrobat and Adobe Reader
  5. Malware Outbreak Causes Disruptions, Closures at Canadian Restaurant Chain
  6. Mozilla Firefox Releases 62.0.3 & Security Updates for 2 High Critical Vulnerabilities
  7. Betabot - An Example of Cheap Modern Malware Sophistication
  8. Instagram accounts frozen with ransomware | Avast
  9. Instagram accounts frozen with ransomware | Avast
  10. Did you know that 1 in 131 emails contains malware? In honor of #NCSAM, secure your spot for #RiskSec, expand
  11. Women in Information Security: Pam Armstrong
  12. Vulnerability Spotlight: Google PDFium JBIG2 Image ComposeToOpt2WithRect Information Disclosure Vulnerability
  13. New KONNI Malware Attacking Eurasia and Southeast Asia
  14. Google Taking New Steps To Prevent Malicious Chrome Extensions
  15. Foxit patches 118 vulnerabilities in popular PDF reader
  16. 3 types of attacks with ransomware: Cyber-theft, extortion, and sabotage
  17. Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack
  18. Network Outage at Some Recipe Unlimited Locations Caused by Malware
  19. The one serious MacBook Pro security flaw that nobody is talking about
  20. Update now: Adobe fixes 85 serious flaws in Acrobat and Reader
  21. Labeless Part 6: How to Resolve Obfuscated API Calls in the Ngioweb Proxy Malware
  22. 18 Vulnerabilities Found in Foxit PDF Reader
  23. Banking trojans, not #ransomware, are the biggest threat to the enterprise now.
  24. Labeless Part 5: How to Decrypt Strings in Boleto Banking Malware Without Reconstructing Decryption Algorithm.
  25. 18 Vulnerabilities Found in Foxit PDF Reader
  26. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
  27. Marine Corps bug bounty program finds 150 vulnerabilities
  28. TP-Link router vulnerable to remote takeover flaw
  29. Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
  30. Adobe update cleans up 86 bugs in Acrobat and Reader, many critical
  31. Ransomware operators breach 40.000+ records from Fetal Diagnostic Institute of the Pacific
  32. TA18-276A: Using Rigorous Credential Control to Mitigate Trusted Network Exploitation
  33. Facebook Reveals That Trio of Bugs Led to Data Breach
  34. TP-Link router vulnerable to remote takeover flaw
  35. Adobe update cleans up 86 bugs in Acrobat and Reader, many critical
  36. New Danabot Banking Malware campaign now targets banks in the U.S.
  37. Zoho domains central to keylogger, data theft campaigns worldwide
  38. Recipe Unlimited denies ransomware attack, despite alleged ransom note
  39. The Intel Management Engine exposes a new vulnerability
  40. How an improper #authentication flaw affects
  41. Dark Web Malware Builder Allow Attackers To Create Malware That Steals Passwords & Credit Card Data
  42. IDG Contributor Network: Will your company be valued by its price-to-data ratio?
  43. Researchers from @alienvault found a new #cryptocurrency mining malware -- dubbed #MassMiner -- that infects systems across the web. Learn
  44. Introducing... THE HUNT: A Cyber Attack in the Process Industry
  45. Vulnerability Spotlight: Google PDFium JBIG2 Image ComposeToOpt2WithRect Information Disclosure Vulnerability
  46. Researchers associated the recently discovered NOKKI Malware to North Korean APT
  47. Changes to #Sanny #malware delivery method attacks were recently discovered by @FireEye researches. Learn who is at risk and how
  48. Ransomware Hits Port of San Diego
  49. An extremely high number of keylogger #phishing campaigns have been seen tied to the Zoho online office suite software:
  50. Z-LAB Report – Analyzing the GandCrab v5 ransomware
  51. CyberSecurity Asean security alert on A Vulnerability in Microsoft Windows JET Database Engine Could Allow for Remote Code Execution
  52. Preventing and Detecting Malicious Insiders
  53. Vulnerabilities expose Iomega and LenovoEMC NAS devices to attacks
  54. Estonia sues Gemalto for €152M for the flaws in the identification cards issued by the company
  55. Scanning for OWASP Top 10 Vulnerabilities with Metasploit for the Web(w3af)
  56. Mozilla Firefox 62.0.3 releases: Fixed hangs on macOS Mojave & security bugs
  57. In 1999, AV-TEST reported that there were 98,428 total unique malware samples. Today, AV-TEST registers over 350,000 new pieces of
  58. Apple iOS 12 Texting Bug Sends Messages To Wrong Contacts
  59. Heipparallaa! Uudessa jaksossamme sivuutamme ajankohtaiset aiheet ja keskitymme puhumaan @japi999 ja @ekoivune kanssa tietoturva-asiantuntijuudesta. Bonusvieraana tällä kertaa OpSecin sijaan @Larppa1337!
  60. Cheap Android Phones and Poor Quality Control Leads to Malware Surprise
  61. DanaBot Observed in Large Campaign Targeting U.S. Organizations

CRIME

  1. Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide
  2. 3 types of attacks with ransomware: Cyber-theft, extortion, and sabotage
  3. FireEye unmasks a new North Korean threat group
  4. Hacker Defacing 11,000 US Websites Faces 10 Years behind Bars
  5. APT38: Details on New North Korean Regime-Backed Threat Group
  6. Banking trojans, not #ransomware, are the biggest threat to the enterprise now.
  7. Labeless Part 5: How to Decrypt Strings in Boleto Banking Malware Without Reconstructing Decryption Algorithm.
  8. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
  9. Hacktivist pleads guilty to defacing websites for NYC comptroller, Combating Terrorism Center
  10. TA18-276A: Using Rigorous Credential Control to Mitigate Trusted Network Exploitation
  11. Vietnam-Born Worker in U.S Intelligence Ordered Prison over Data Theft and Leakage
  12. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
  13. New Danabot Banking Malware campaign now targets banks in the U.S.
  14. Zoho domains central to keylogger, data theft campaigns worldwide
  15. 100,000-Plus Home Routers Hijacked in Campaign to Steal Banking Credentials
  16. GhostDNS hijacked 100,000 router traffic directed to phishing sites
  17. Recipe Unlimited denies ransomware attack, despite alleged ransom note
  18. Dark Web Malware Builder Allow Attackers To Create Malware That Steals Passwords & Credit Card Data
  19. Ransomware Hits Port of San Diego
  20. Z-LAB Report – Analyzing the GandCrab v5 ransomware
  21. Bank Servers Hacked to Trick ATMs into Spitting Out Millions in Cash
  22. North Korean HIDDEN COBRA Hackers Using New Attack Called “FASTCash” to Cash-out From ATM Machine
  23. New Betabot campaign under the microscope
  24. Facebook faces legal actions after data breach
  25. Estonia sues Gemalto for €152M for the flaws in the identification cards issued by the company
  26. Enormous botnet used to hijack traffic destined for Brazilian banks
  27. BYOB – Build Your Own Botnet
  28. What is the future of authentication? Hint: It’s not passwords, passphrases or MFA
  29. DanaBot Observed in Large Campaign Targeting U.S. Organizations

POLITICS

  1. Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide
  2. DHS aware of ongoing APT attacks on cloud service providers
  3. 3 types of attacks with ransomware: Cyber-theft, extortion, and sabotage
  4. FireEye unmasks a new North Korean threat group
  5. Hacker Defacing 11,000 US Websites Faces 10 Years behind Bars
  6. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
  7. Hacktivist pleads guilty to defacing websites for NYC comptroller, Combating Terrorism Center
  8. TA18-276A: Using Rigorous Credential Control to Mitigate Trusted Network Exploitation
  9. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
at
Labels: