Oct 14, 2018

Daily brief for 2018-10-13

ASIA

  1. Review Shows Glaring Flaws In Xiongmai IoT Devices

WORLD

  1. Pentagon Defense Department travel records data breach
  2. Security researchers found that Industroyer and NotPetya belong to the Russian hacker group

ATTACKS

  1. Pentagon Defense Department travel records data breach
  2. Hackers launched @netflix #phishing attacks by obtaining TLS certificates. Learn how hackers mimic popular websites to spoof users and steal
  3. This skyscraper reminds me of those really long ANSI art BBS login screens. Cc: @sixteencolors @blocktronics @velikani
  4. A combination of #SecurityFlaws and inadequate back-end development of the @Google Firebase database led to #DataLeaks and #SecurityVulnerabilities including HospitalGown.
  5. 'Only' 30 million accounts were compromised in Facebook hack
  6. Researchers @proofpoint have been tracking a downloader dubbed #AdvisorsBot as a first-stage payload in campaigns since May 2018.
  7. Facebook Clarifies Extent of Data Breach
  8. An Assessment of Google's Data Leak
  9. ArangoDB v3.3.18 releases: native multi-model database
  10. Facebook Now Revealed Hackers Stolen 29 Million Facebook Users Personal Data
  11. Microsoft Fix for Windows JET Database Bug Not Perfect, Micropatch Available
  12. Breach of Pentagon travel records exposes defense personnel PII

THREATS

  1. GPlayed – New Malware Posed as Google Play App to Spy & Steal Data From Your Entire Android Phone
  2. [SingCERT] Updated Advisory on Ransomware
  3. Researchers @proofpoint have been tracking a downloader dubbed #AdvisorsBot as a first-stage payload in campaigns since May 2018.
  4. Now this might be going out on a limb, but here's how a branch.io bug left '685 million' netizens open to website hacks
  5. Review Shows Glaring Flaws In Xiongmai IoT Devices
  6. Criminals' Cryptocurrency Addiction Continues
  7. .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
  8. Cryptocurrency Miners trick the user through Fake Flash Updates
  9. Microsoft JET vulnerability still open to attacks, despite recent patch
  10. DOM-based XSS Vulnerability Affected 685 Million Users of Tinder, Shopify, Western Union, and Imgur
  11. A patched #MikroTik router vulnerability amps up severity rating as @TenableSecurity researchers find new potential exploits with more critical consequences.
  12. Blockchain and Healthcare in Today’s World
  13. Microsoft Fix for Windows JET Database Bug Not Perfect, Micropatch Available
  14. Hackers use Googlebot in mining malware attacks
  15. Vulnerabilities affect Shopify, Tinder and many other sites
  16. Researchers at @TrendMicro found a new strain of #malware -- dubbed #FacexWorm -- that targets users through a malicious #ChromeExtension.
  17. APT group called #TeleBots linked to #Industroyer #malware and #NotPetya #ransomware, according to @ESET researchers. By @MaddieBacon11

CRIME

  1. ArangoDB v3.3.18 releases: native multi-model database
  2. Facebook Now Revealed Hackers Stolen 29 Million Facebook Users Personal Data

POLITICS

  1. Pentagon Defense Department travel records data breach
  2. GPlayed – New Malware Posed as Google Play App to Spy & Steal Data From Your Entire Android Phone
  3. Security researchers found that Industroyer and NotPetya belong to the Russian hacker group
at
Labels: