Daily brief for 2018-10-16

ASIA

1. Russia-linked APT group DustSquad targets diplomatic entities in Central Asia
2. New ShadowTalk Episode 45 This week, CISO @rickhholland, @drshellface, & Simon Hall join Rafael Amado to cover the
3. Hackers can use known security vulnerabilities with new technology to bypass Antivirus Software
4. Line lists cryptocurrency on Bitbox exchange

WORLD

5. Russia-linked APT group DustSquad targets diplomatic entities in Central Asia
6. Author of LuminosityLink Remote Access Trojan Gets 30 Months Sentence
7. Insurer Anthem Will Pay Record $16M for Massive Data Breach
8. A Russian cyber vigilante is patching outdated MikroTik routers exposed online
9. Bug in New iOS Lets Attacker Access iPhone Pics
10. Sony Fixed PlayStation 4 Message Exploit Leasing to a DoS Condition
11. New ShadowTalk Episode 45 This week, CISO @rickhholland, @drshellface, & Simon Hall join Rafael Amado to cover the
12. Madison County computer system infected with ransomware
13. Personal Records Of 30,000 US Department Of Defense Workers Swiped By Miscreants
14. 2018 US voter records offered for sale on hacking forum
15. Recent @Proofpoint research shows that #German-speaking regions are facing targeted #phishing, #malware, and #BEC attacks.
16. 35 million US voter records available for sale in a hacking forum
17. Anthem agrees to pay $16 million in data breach privacy settlement
18. Dating App for Trump Supporters Exposed Members’ Information
19. Dating app for Trump loners commits YUGE blunder: It leaks more than the West Wing
20. Penta-gone! Personal records of 30,000 US Dept of Defense workers swiped by miscreants
21. Estimated 35 Million Voter Records For Sale on Popular Hacking Forum
22. Pentagon Travel Provider Data Breach Counts 30,000 Victims
23. UK’s MoD Exposed in 37 Security Breaches: Report
24. Report: near-400% increase in crypto-mining malware attacks against iPhones
25. Hackers can use known security vulnerabilities with new technology to bypass Antivirus Software
26. 35 million voter records from 19 states for sale on hacking forum
27. Octopus malware wraps tentacles around former Telegram users in Central Asia
28. Phishing and Facebook – a test of reputation
29. Pentagon data breach puts personal details of 30,000 staff at risk
30. Data breach in Pentagon’s service provider affected 30k people
31. NotPetya linked to the Industroyer attack against energy infrastructure in Ukraine
32. New iPhone Bug Gives Anyone Access to Your Private Photos

ATTACKS

33. Chrome 70 arrives with fingerprint login for websites, extension controls, and 23 security fixes
34. Chrome 70 released with revamped Google account login system
35. Insurer Anthem Will Pay Record $16M for Massive Data Breach
36. Pentagon data breach exposed travel data for 30,000 individuals
37. A Russian cyber vigilante is patching outdated MikroTik routers exposed online
38. A Pentagon #DataBreach exposed data on at least 30,000 individuals, but other details about the incident are still scarce. By
39. Personal Records Of 30,000 US Department Of Defense Workers Swiped By Miscreants
40. Anthem Agrees To Pay $16 Million In Data Breach Privacy Settlement
41. The Donald Daters Trump Dating App Exposed Its Users Data
42. Phishing Site Impersonates Financial Services Institution: https://www.digitalshadows.com/blog-and-research/phishing-site-impersonates-financial-services-institution/ … (via @mazzazone)
43. 2018 US voter records offered for sale on hacking forum
44. Recent @Proofpoint research shows that #German-speaking regions are facing targeted #phishing, #malware, and #BEC attacks.
45. #TLBleed exploits abuse Intel's HTT chip feature to leak data. Find out how hackers could launch side-channel attacks to obtain
46. 35 million US voter records available for sale in a hacking forum
47. Anthem agrees to pay $16 million in data breach privacy settlement
48. Dating App for Trump Supporters Exposed Members’ Information
49. After originally disclosing its latest data breach last month, Facebook revealed that hackers obtained data from some 30 million users. Here’s
50. Dating app for Trump loners commits YUGE blunder: It leaks more than the West Wing
51. Penta-gone! Personal records of 30,000 US Dept of Defense workers swiped by miscreants
52. Estimated 35 Million Voter Records For Sale on Popular Hacking Forum
53. Pentagon Travel Provider Data Breach Counts 30,000 Victims
54. UK’s MoD Exposed in 37 Security Breaches: Report
55. 35 million voter records from 19 states for sale on hacking forum
56. Pentagon data breach puts personal details of 30,000 staff at risk
57. Facebook says fewer users affected by data breach
58. Phishing and Facebook – a test of reputation
59. Pentagon data breach puts personal details of 30,000 staff at risk
60. Data breach in Pentagon’s service provider affected 30k people

THREATS

61. SAP Boosts Blockchain Integration and Customer Flexibility
62. Author of LuminosityLink Remote Access Trojan Gets 30 Months Sentence
63. [SingCERT] Alert on Multiple Vulnerabilities in PHP
64. Multiple Vulnerabilities Allow Attackers to Take Full Control of Linksys Routers
65. In County Crippled by Hurricane, Water Utility Targeted in Ransomware Attack
66. 7 Useful Android Vulnerability Scanners
67. Vulnerability Spotlight: Linksys ESeries Multiple OS Command Injection Vulnerabilities
68. .@Trustlook Labs discovered an #Android #Trojan stealing data from messaging apps. Learn what #mobilesecurity programs should look for to detect
69. Bug in New iOS Lets Attacker Access iPhone Pics
70. Malicious RTF Documents Deliver Information Stealers
71. Info of 685 Million Users at Risk Because of Multiple Branch.io XSS Flaws
72. Madison County computer system infected with ransomware
73. CVE-2018-8453 Zero-Day Flaw Exploited by FruityArmor APT
74. How to Create Blockchain Applications
75. NC Water Utility Fights Post-Hurricane Ransomware
76. Learn about the #NetSpectre vulnerability and the benefits of #ThreatModeling for cloud deployments from expert Ed Moyle of @securitycurve.
77. Recent @Proofpoint research shows that #German-speaking regions are facing targeted #phishing, #malware, and #BEC attacks.
78. Tinder profiles were 'at risk' due to XSS vulnerability
79. 685 million users may be affected by the Branch.io service XSS vulnerability
80. A “critical water utility” in a county crippled by Hurricane #Florence was hit by a #ransomware attack. The #cyberattack has
81. #Stegware: it's #Malware that uses #steganography techniques to avoid detection
82. Vulnerability Spotlight: Linksys ESeries Multiple OS Command Injection Vulnerabilities
83. Report: near-400% increase in crypto-mining malware attacks against iPhones
84. Hackers can use known security vulnerabilities with new technology to bypass Antivirus Software
85. RiskSense cloud service protects against cyber threats and vulnerabilities ahead of midterm elections
86. #Shodan, a device search engine, can help identify #ICS security vulnerabilities. Learn more about how Shodan works and how it
87. Octopus malware wraps tentacles around former Telegram users in Central Asia
88. Mikko didn't put Brain -- the first PC virus -- on his list but he did track down its authors
89. Line lists cryptocurrency on Bitbox exchange
90. "It is no secret that the #RemoteDesktop Protocol has long been a source of exploitable vulnerabilities, and it is well
91. You are who you say you are: Establishing digital trust with the blockchain
92. Now Surfing about your Favourite Celebrities can make you Vulnerable to Virus Attack
93. Malware Attack Popular Amongst the Hackers, Even though it Dips in Q2 in 2018
94. Cryptomining attacks against Apple devices increase sharply
95. APT group called #TeleBots linked to #Industroyer #malware and #NotPetya #ransomware, according to @ESET researchers. By @MaddieBacon11
96. Cybercriminals Advertising Godzilla Loader Malware On Dark Web Forums
97. 685 million users may be affected by the Branch.io service XSS vulnerability
98. Cryptojacking attacks against iPhone devices increase
99. Juniper Networks launches multiple solutions for Junos OS vulnerabilities
100. Most Important Considerations with Malware Analysis Cheats And Tools list
101. New iPhone Bug Gives Anyone Access to Your Private Photos
102. Leveraging Falcon Sandbox to Detect and Analyze Malicious PDFs Containing Zero-Day Exploits

CRIME

103. Author of LuminosityLink Remote Access Trojan Gets 30 Months Sentence
104. A Russian cyber vigilante is patching outdated MikroTik routers exposed online
105. How to Create Blockchain Applications
106. Recent @Proofpoint research shows that #German-speaking regions are facing targeted #phishing, #malware, and #BEC attacks.
107. 35 million US voter records available for sale in a hacking forum
108. Dating app for Trump loners commits YUGE blunder: It leaks more than the West Wing
109. Estimated 35 Million Voter Records For Sale on Popular Hacking Forum
110. UK’s MoD Exposed in 37 Security Breaches: Report
111. Report: near-400% increase in crypto-mining malware attacks against iPhones
112. Facebook says fewer users affected by data breach
113. Pentagon data breach puts personal details of 30,000 staff at risk

POLITICS

114. Russia-linked APT group DustSquad targets diplomatic entities in Central Asia
115. A Russian cyber vigilante is patching outdated MikroTik routers exposed online
116. Estimated 35 Million Voter Records For Sale on Popular Hacking Forum
117. UK’s MoD Exposed in 37 Security Breaches: Report
118. RiskSense cloud service protects against cyber threats and vulnerabilities ahead of midterm elections
119. Octopus malware wraps tentacles around former Telegram users in Central Asia
120. "It is no secret that the #RemoteDesktop Protocol has long been a source of exploitable vulnerabilities, and it is well