Daily brief for 2018-10-23

ASIA

1. FireEye links Russia-owned lab to Trisis developers
2. Russian Malware Was Apparently Used in an Attempt to Sabotage a Saudi Petrol Plant
3. Chinese Cyber Espionage Group using Datper Trojan
4. Saudi Investment Site Defaced After Journalist’s Murder
5. NSA Tools Used to Attack Nuclear Energy Firms
6. Burned malware returns, says Cylance report: Is Hacking Team responsible?
7. libssh Server-Side Identity Authentication Bypass Vulnerability (CVE-2018-10933)Threat Alert
8. WebLogic Remote Code Execution Vulnerability(CVE-2018-3191)Threat Alert
9. North Korean Hackers Stole $571 Million Worth of CryptoCoins in Less Than 24 Months
10. Hacking operations with DarkPulsar and other tools developed by the NSA
11. Can Cybercriminals Hack Blockchain?

WORLD

12. When Ransomware Stopped Working Harder and Started Working Smarter
13. Experts advocate for 'ATT&CK' as go-to framework to share threat intel
14. FireEye links Russia-owned lab to Trisis developers
15. Triton Malware Linked to Russian Government Research Institute
16. FireEye links Russian research lab to Triton ICS malware attacks
17. An ISP Left Corporate Passwords, Keys, and All its Data Exposed on the Internet
18. Securing Government Operations with Cloud-based Malware Analysis
19. Russian Malware Was Apparently Used in an Attempt to Sabotage a Saudi Petrol Plant
20. TRITON Attribution: Russian Government-Owned Lab Most Likely Built Custom Intrusion Tools for TRITON Attackers
21. Inside Safari Extensions | Malicious Plugins Remain on Mojave
22. Quantifying Vulnerability Risk: How to Quickly Calculate and Prioritize Risk
23. Phishing attacks becoming more targeted, phishers love Microsoft the most
24. Indiana National Guard hit by ransomware
25. #sLoad and #Ramnit pairing in sustained personalized campaigns against UK and Italy
26. UK and US sign military Cyber Accord to dominate cyber domain - with help from business
27. Saudi Investment Site Defaced After Journalist’s Murder
28. NSA Tools Used to Attack Nuclear Energy Firms
29. Burned malware returns, says Cylance report: Is Hacking Team responsible?
30. “We’re less likely to be caught up in a massive breach of highly available PII or financial data that gets
31. The fix for the DOM-based XSS in Branch.io introduced a new XSS flaw
32. Morrisons loses appeal over data breach
33. Hacking operations with DarkPulsar and other tools developed by the NSA
34. Can Cybercriminals Hack Blockchain?

ATTACKS

35. Case Study: Protecting PII
36. An ISP Left Corporate Passwords, Keys, and All its Data Exposed on the Internet
37. Top 10 security steps in Microsoft 365 that political campaigns can take today
38. Critical vulnerabilities in FreeRTOS allowed for IoT device compromise
39. Thousands of applications affected by a zero-day issue injQuery File Upload plugin
40. Malicious actors attacked a back-end insurance system and the resulting @HealthCareGov #breach exposed an unknown amount of data on 75,000
41. Identify when your data is exposed, your brand is abused, or your company is mentioned on the dark web. Test
42. Phishing is still the most commonly used attack on organizations, survey says
43. New Phishing Attack That Uses Multiple Replica Sign-In Pages
44. How sophisticated phishing grants attackers total control of your computer
45. How sophisticated phishing grants attackers total control of your computer
46. Thousands of Applications Vulnerable to RCE via jQuery File Upload
47. Facebook has seen several data breaches in the last few months, leading the company to look into acquiring a
48. 5 Ways #Cybercriminals Can Access Your Emails Without Phishing [Infographic]:
49. Phishing attacks becoming more targeted, phishers love Microsoft the most
50. Police have issued a fresh warning concerning Fortnite and players giving out their personal details online. Cheshire Police posted on Facebook,
51. Adult websites shuttered after 1.2 million user details exposed
52. #sLoad and #Ramnit pairing in sustained personalized campaigns against UK and Italy
53. Learn how hackers launched #phishing attacks against @netflix users with expert Michael Cobb of @thehairyITdog
54. jQuery? More like preyQuery: File upload tool can be exploited to hijack at-risk websites
55. "Advanced attacks, spear-phishing and data breaches are the norm, instead of the exception. We need to address these issues with
56. “We’re less likely to be caught up in a massive breach of highly available PII or financial data that gets
57. Phishing Report Shows Microsoft, Paypal, & Netflix as Top Targets
58. A flaw in @Google Firebase #DatabaseSecurity allowed hackers to bypass security and leak data. Learn more about this #SecurityFlaw and
59. Morrisons loses appeal over data breach
60. 4 suggerimenti per utilizzare al meglio il vostro #password manager e generare password davvero efficaci. Ebbene sì, repetita juvant :)
61. Morrisons loses appeal against data breach liability ruling
62. A #ZeroDay in the popular #jQuery File Upload plugin could affect thousands of projects and the jQuery #plugin vulnerability may

THREATS

63. DHS warns of another dangerous flaw in Advantech WebAccess SCADA software
64. Burned malware returns, according to Cylance: is Hacking Team responsible?
65. Microsoft Windows zero-day disclosed on Twitter, again
66. AWS FreeRTOS Riddled with Security Vulnerabilities | Avast
67. When Ransomware Stopped Working Harder and Started Working Smarter
68. City Pays $2K in Ransomware, Stirs ‘Never Pay’ Debate
69. Status of Today’s Email as a Malware Vector
70. Case Study: Destructive Malware
71. Case Study: Ransomware
72. Banking Trojan Infections Persist Throughout the State
73. Triton Malware Linked to Russian Government Research Institute
74. Why the blockchain is not secure
75. FireEye links Russian research lab to Triton ICS malware attacks
76. Securing Government Operations with Cloud-based Malware Analysis
77. How RATs infect computers with malicious software
78. This is how government spyware StrongPity uses security researchers' work against them
79. Russian Malware Was Apparently Used in an Attempt to Sabotage a Saudi Petrol Plant
80. Indiana National Guard Suffers Ransomware Attack
81. Inside Safari Extensions | Malicious Plugins Remain on Mojave
82. Critical vulnerabilities in FreeRTOS allowed for IoT device compromise
83. Thousands of applications affected by a zero-day issue injQuery File Upload plugin
84. Grave TCP/IP Flaws In FreeRTOS Leave IoT Gear Open To Mass Hijacking
85. Malicious actors attacked a back-end insurance system and the resulting @HealthCareGov #breach exposed an unknown amount of data on 75,000
86. Trade.io Cold Wallet Hacked Losing 50 Million TIO Tokens – TIO Coin To Be Forked
87. H-Worm and jRAT Malware: Two RATs are Better than One
88. Patch now! Multiple serious flaws found in Drupal
89. How RATs infect computers with malicious software
90. Quantifying Vulnerability Risk: How to Quickly Calculate and Prioritize Risk
91. What do you think the combination of the #TrickBot banking Trojan to #IcedID means for the future of banking #Trojans?
92. Indiana National Guard hit by ransomware
93. Amazon Patched Multiple IoT Vulnerabilities Affecting Its Smart Devices
94. Updated Azorult malware for sale on the Dark Web
95. Amazon patches IoT and critical infrastructure security flaws
96. Why is Elon Musk promoting this Bitcoin scam? (He’s not)
97. UK and US sign military Cyber Accord to dominate cyber domain - with help from business
98. Chinese Cyber Espionage Group using Datper Trojan
99. Patch me, if you can: Grave TCP/IP flaws in FreeRTOS leave IoT gear open to mass hijacking
100. Several vulnerabilities were found in controllers made by @Universal_Robot. Discover what these #robot controllers are used for and how
101. Burned malware returns, says Cylance report: Is Hacking Team responsible?
102. How do newly found flaws affect robot controllers?
103. Firmware zero-day leaves 2m storage devices open to RCE
104. Report: Cryptocurrency hackers earned $20M with 51-percent attacks in 2018
105. A flaw in @Google Firebase #DatabaseSecurity allowed hackers to bypass security and leak data. Learn more about this #SecurityFlaw and
106. CyberSecurity Asean security alert on Multiple Vulnerabilities in Cisco WebEx Network Recording Player for Advanced Recording Format Files Could Allow for Arbitrary Code Execution
107. Bug Spells Doom for Nearly-Vacant Google+ Network
108. The fix for the DOM-based XSS in Branch.io introduced a new XSS flaw
109. libssh Server-Side Identity Authentication Bypass Vulnerability (CVE-2018-10933)Threat Alert
110. Have you ever wondered why #ransomware attacks happen on the Friday before a long weekend? We've teamed up with @SentinelOne
111. WebLogic Remote Code Execution Vulnerability(CVE-2018-3191)Threat Alert
112. Different Vendors Confirm The Impact Of LibSSH Flaw On Their Products
113. Apple has launched its university ID Cards feature in Wallet. Students at three universities can now access their student ID
114. FreeRTOS IoT OS Critical Vulnerabilities Affected Million of Smart Home & Critical Infrastructure Based IoT Devices
115. LIVE555 Streaming library affected by remote code execution vulnerability
116. Can Cybercriminals Hack Blockchain?
117. A Beginner’s Guide to Bitcoin Mining (Bitcoin Mining 101)
118. Windows 10 1809 Zip Extraction Bug Overwrites Files without Confirmation
119. A #ZeroDay in the popular #jQuery File Upload plugin could affect thousands of projects and the jQuery #plugin vulnerability may

CRIME

120. Inside Safari Extensions | Malicious Plugins Remain on Mojave
121. Thousands of applications affected by a zero-day issue injQuery File Upload plugin
122. H-Worm and jRAT Malware: Two RATs are Better than One
123. New Phishing Attack That Uses Multiple Replica Sign-In Pages
124. Why is Elon Musk promoting this Bitcoin scam? (He’s not)
125. Morrisons loses appeal over data breach
126. North Korean Hackers Stole $571 Million Worth of CryptoCoins in Less Than 24 Months
127. Can Cybercriminals Hack Blockchain?

POLITICS

128. An ISP Left Corporate Passwords, Keys, and All its Data Exposed on the Internet
129. Top 10 security steps in Microsoft 365 that political campaigns can take today
130. Russian Malware Was Apparently Used in an Attempt to Sabotage a Saudi Petrol Plant
131. TRITON Attribution: Russian Government-Owned Lab Most Likely Built Custom Intrusion Tools for TRITON Attackers
132. Chinese Cyber Espionage Group using Datper Trojan
133. Saudi Investment Site Defaced After Journalist’s Murder
134. NSA Tools Used to Attack Nuclear Energy Firms