Daily brief for 2018-10-25

ASIA

1. Experts released a free Decryption Tool for GandCrab ransomware
2. Cutwail Spam Campaign Uses Steganography to Distribute URLZone
3. Misconfigured Container Abused to Deliver Cryptocurrency-mining Malware
4. New FilesLocker Ransomware Offered as a Ransomware as a Service
5. Cathay Pacific data breach: 9.4 million passenger information at risk
6. Questions Mount Over Delay After Cathay Pacific Admits Huge Data Leak
7. North Korea blamed for two cryptocurrency scams, five trading platform hacks
8. .@FireEye researchers have attributed the #Triton #malware -- used in an attack on an industrial control system in Saudi Arabia
9. FireEye ties Russia to Triton malware attack in Saudi Arabia
10. Cathay Pacific data breach exposed 9.4m customers’ details
11. CNI Campaign TRITON Linked to Russian Institute
12. ESET releases new decryptor for Syrian victims of GandCrab ransomware
13. Cathay Pacific data breach affecting 9.4 million passengers
14. .@FireEye security researchers claimed the Russian government was 'most likely' behind the Triton #malware attack on an industrial control system
15. FreeRTOS Multiple Remote Code Execution Vulnerabilities Threat Alert
16. Russian-Made Malware Used to Attack Saudi Petrol Plant, Claims FireEye
17. NETSCOUT’s Arbor Cloud Expands DDoS Protection Across Asia

WORLD

18. Experts released a free Decryption Tool for GandCrab ransomware
19. Cutwail Spam Campaign Uses Steganography to Distribute URLZone
20. Misconfigured Container Abused to Deliver Cryptocurrency-mining Malware
21. British Airways has some good news and bad news about its payment breach
22. Malware Distributors Adopt DKIM to Bypass Mail Filters
23. Another 185K Customers Potentially Affected by the British Airways Data Breach
24. British Airways: Cyberattack, data theft bigger than we first thought
25. Cobalt Group tries to slip malicious PDFs past bank employees, researchers say
26. Data Breach Announced by CMS – Approximately 75,000 Individuals’ Files Affected
27. Abandoned Web Apps Found as a Core Cause Behind High Profile Data Breaches
28. Aftermath of the Data Breach: Cathay Pacific Customers Losing Confidence
29. Multiple Phishing Campaigns Target Universities
30. 77K Additional Customers Affected by British Airways' MageCart Data Breach
31. New Techniques to Uncover and Attribute Cobalt Gang Commodity Builders and Infrastructure Revealed
32. 5 Common Visibility Gaps Your Enterprise Security Plan Can’t Afford
33. Malware Distributors Adopt DKIM to Bypass Mail Filters
34. .@FireEye researchers have attributed the #Triton #malware -- used in an attack on an industrial control system in Saudi Arabia
35. Bitdefender releases GandCrab ransomware decryption tool
36. FireEye ties Russia to Triton malware attack in Saudi Arabia
37. FireEye links Triton Malware to Russian Research Institute
38. CNI Campaign TRITON Linked to Russian Institute
39. Free GrandCrab Ransomware Decryption Tool Released by Bitdefender
40. Cathay Pacific data breach affecting 9.4 million passengers
41. .@FireEye security researchers claimed the Russian government was 'most likely' behind the Triton #malware attack on an industrial control system
42. Russian-Made Malware Used to Attack Saudi Petrol Plant, Claims FireEye
43. West Haven pays $2k USD because of ransomware attack
44. NETSCOUT’s Arbor Cloud Expands DDoS Protection Across Asia
45. GandCrab Ransomware decryption tool

ATTACKS

46. Cutwail Spam Campaign Uses Steganography to Distribute URLZone
47. Cathay Pacific hack: Personal data of up to 9.4 million airline passengers laid bare
48. Another 185K Customers Potentially Affected by the British Airways Data Breach
49. British Airways: Cyberattack, data theft bigger than we first thought
50. Cathay Pacific data breach: 9.4 million passenger information at risk
51. Data Breach Announced by CMS – Approximately 75,000 Individuals’ Files Affected
52. Abandoned Web Apps Found as a Core Cause Behind High Profile Data Breaches
53. Aftermath of the Data Breach: Cathay Pacific Customers Losing Confidence
54. Questions Mount Over Delay After Cathay Pacific Admits Huge Data Leak
55. Multiple Phishing Campaigns Target Universities
56. 77K Additional Customers Affected by British Airways' MageCart Data Breach
57. Cofense Hunts Phishing Threats Round the Clock with Enhanced 24-hour Global Phishing Defense Services
58. Cathay Pacific data breach exposes PII of 9.4 million customers
59. Cathay Pacific data breach exposed 9.4m customers’ details
60. Hackers steal personal data of up to 9.4 million Cathay Pacific passengers
61. Hackers steal personal data of up to 9.4 million Cathay Pacific passengers
62. CNI Campaign TRITON Linked to Russian Institute
63. Chalubo Botnet Compromise Your Server or IoT Device & Use it for DDOS Attack
64. Cathay Pacific data breach affecting 9.4 million passengers
65. Learn how hackers used TLS certificates to launch @netflix #phishing attacks from expert Michael Cobb of @thehairyITdog
66. iOS 12 has completely blocked password cracking tool, GrayKey
67. Data leak at consulting firm handling fundraisers for the Democratic party

THREATS

68. New security flaw impacts most Linux and BSD distros
69. Experts released a free Decryption Tool for GandCrab ransomware
70. Misconfigured Container Abused to Deliver Cryptocurrency-mining Malware
71. Malware Distributors Adopt DKIM to Bypass Mail Filters
72. Multiple Vulnerabilities Patched in ASRock Drivers
73. Unusual Remote Execution Bug in Cisco WebEx Discovered by Researchers
74. Cobalt Group tries to slip malicious PDFs past bank employees, researchers say
75. WINDOWS ZERO-DAY BY SANDBOXESCAPER
76. New FilesLocker Ransomware Offered as a Ransomware as a Service
77. Another one bites the dust! In 2018 Android malware can bypass defences of billon dollar AV industry and Google Play
78. Sophos Patches RCE and Memory Disclosure Vulnerabilities in
79. Vulnerability Spotlight: TALOS-2018-0635/0636 – Sophos HitmanPro.Alert memory disclosure and code execution vulnerabilities
80. Pentagon Expands Bug-Bounty Program to Include Physical Systems
81. GandCrab ransomware declawed with new decryption tool
82. Researchers Find Command Injection Flaw in Cisco WebEx
83. Files Encrypted by GandCrab Ransomware Can Now Be Decrypted for Free
84. 'TimpDoor' Malware Turns Android Devices into Proxies
85. North Korea blamed for two cryptocurrency scams, five trading platform hacks
86. Bypass an Anti Virus Detection with Encrypted Payloads using VENOM Tool
87. #DidYouKnow AVG Free Antivirus received the highest rating of Advanced+ in @AV_Comparatives latest Malware Protection Test? Share AVG Free Antivirus with
88. Researchers recently found vulnerabilities in #robot controllers from @Universal_Robot. Learn what these robot controllers do and how #ThreatActors exploit these
89. Microsoft Acknowledges Zip File Overwrite Bug - Fix Coming in November
90. Malware Distributors Adopt DKIM to Bypass Mail Filters
91. Mac Malware Injects Ads Into Encrypted Traffic
92. Cisco releases fix for privilege escalation bug in Webex Meetings app
93. .@FireEye researchers have attributed the #Triton #malware -- used in an attack on an industrial control system in Saudi Arabia
94. Bitdefender releases GandCrab ransomware decryption tool
95. Amazon IoT operating system FreeRTOS has serious vulnerabilities
96. FireEye ties Russia to Triton malware attack in Saudi Arabia
97. Our threat intelligence lead Chris Dawson (@mrdatahs) discussing new @proofpoint Threat Insight #Malware research with @threatpost.
98. FireEye links Triton Malware to Russian Research Institute
99. Experts discovered a severe command injection flaw in Cisco Webex Meetings Desktop
100. You patch my back(up) and I'll patch yours... Arcserve bugs burrow remotely exploited holes in UDP storage systems
101. Free GrandCrab Ransomware Decryption Tool Released by Bitdefender
102. Free Decrypter Available for the Latest GandCrab Ransomware Versions
103. Signal Desktop App Vulnerability Exposes Message Decryption Key To The Users
104. ESET releases new decryptor for Syrian victims of GandCrab ransomware
105. Vulnerability Spotlight: TALOS-2018-0635/0636 - Sophos HitmanPro.Alert memory disclosure and code execution vulnerabilities
106. Free decryption tool released for multiple GandCrab ransomware versions
107. .@FireEye security researchers claimed the Russian government was 'most likely' behind the Triton #malware attack on an industrial control system
108. Windows 10 Update Fixed File Deletion Flaw But Not ZIP File Overwrite Bug
109. Google Chrome 70.0.3538.77 released: Bugs fix
110. Win10 1803 big bug bash KB 4462933 joins earlier versions, a week late to the party
111. Building shared digital identity using blockchain technology
112. FreeRTOS Multiple Remote Code Execution Vulnerabilities Threat Alert
113. Russian-Made Malware Used to Attack Saudi Petrol Plant, Claims FireEye
114. Java Usage Tracker Vulnerability
115. Windows 10 bug overwrites files without confirmation
116. West Haven pays $2k USD because of ransomware attack
117. Unusual Remote Execution Bug in Cisco WebEx Discovered by Researchers
118. What is application security? A process and tools for securing software
119. [BLOG] When #malware actor realizes that he can make more money by himself and transform his dropper into banking malware,
120. New Android Malware Turns Your Mobile Devices into Hidden Proxies
121. GandCrab Ransomware decryption tool

CRIME

122. Another 185K Customers Potentially Affected by the British Airways Data Breach
123. British Airways: Cyberattack, data theft bigger than we first thought
124. Aftermath of the Data Breach: Cathay Pacific Customers Losing Confidence
125. Multiple Phishing Campaigns Target Universities
126. 5 Common Visibility Gaps Your Enterprise Security Plan Can’t Afford
127. Cofense Hunts Phishing Threats Round the Clock with Enhanced 24-hour Global Phishing Defense Services
128. Hackers steal personal data of up to 9.4 million Cathay Pacific passengers
129. Cathay Pacific data breach affecting 9.4 million passengers

POLITICS

130. Russian-Made Malware Used to Attack Saudi Petrol Plant, Claims FireEye