Daily brief for 2018-10-29

ASIA

1. Future Investment Initiative Conference Website, Defaced, Now Restored
2. Cathay Pacific Suffers World’s Largest Airline Data Breach
3. Serious Vulnerability Discovered In X.Org Server Affects Major Linux and BSD Variants
4. 'Narwhal Spider' group's spam campaign targets Japanese recipients with URLZone malware
5. Same Old yet Brand-new: New File Types Emerge in Malware Spam Attachments
6. Revolutionary Blockchain 3.0 Under CSE Platform
7. Leaked: iOS 12.1 will be released on October 30th

WORLD

8. Phishing spikes as private health continues to be most breached sector in Australia
9. Future Investment Initiative Conference Website, Defaced, Now Restored
10. Here's how to defend your enterprise from Magecart
11. Breaking News: Securonix Threat Research: British Airways Breach
12. Cathay Pacific Suffers World’s Largest Airline Data Breach
13. sLoad and Ramnit Campaign Against UK and Italy
14. Magecart Exploits Zero Day Vulnerabilities
15. Understanding mass data fragmentation
16. Secret Service Confirms Focus on Email Compromise Cybercrimes Worth $12 Billion
17. Man Ordered to Pay $8.6 Million for Launching DDoS Attacks against Rutgers University
18. Security Vulnerability in Internet-Connected Construction Cranes
19. Girl Scouts Alerted to Possible Data Breach
20. What can we do to tackle today’s phishing epidemic?
21. Privacy concerns cooling #InternetOfThings adoption in US & Europe, with consumers concerned about #DataLeaks, malware and product security (via @FSecure)
22. Das Geschäft mit gestohlenen Login-Daten von Privatnutzern und Unternehmensanwendern boomt. US-Journalist Brian Krebs beziffert die "Ausbeute" bei mehreren 100.000 US-Dollar
23. The Worst Data Breach till Now 2018, and What It Means
24. Same Old yet Brand-new: New File Types Emerge in Malware Spam Attachments
25. Cisco patched a command injection vulnerability in Webex Meetings
26. Leaked: iOS 12.1 will be released on October 30th

ATTACKS

27. Phishing spikes as private health continues to be most breached sector in Australia
28. Girl Scouts Issues Data Breach Warning to 2,800 Members
29. Nation-State Phishing: A Country-Sized Catch
30. A new phishing report reveals Microsoft, Paypal, and Netflix are among the top brands impersonated by phishing attacks. Attackers tend to
31. This is getting worse and worse. And is going to normalize and lead to much more successful phishing through SMS
32. Cathay Pacific Suffers World’s Largest Airline Data Breach
33. League of Legends Gamers Targeted by Phishing Scam | Avast
34. sLoad and Ramnit Campaign Against UK and Italy
35. Secret Service Confirms Focus on Email Compromise Cybercrimes Worth $12 Billion
36. Girl Scouts Alerted to Possible Data Breach
37. 'Narwhal Spider' group's spam campaign targets Japanese recipients with URLZone malware
38. DDoS and ransomware tools for starter and experienced cybercriminals exposed
39. Biggest Manufacturing Data Breaches of the 21st Century
40. What can we do to tackle today’s phishing epidemic?
41. Das Geschäft mit gestohlenen Login-Daten von Privatnutzern und Unternehmensanwendern boomt. US-Journalist Brian Krebs beziffert die "Ausbeute" bei mehreren 100.000 US-Dollar
42. The Worst Data Breach till Now 2018, and What It Means
43. Crooks continue to abuse exposed Docker APIs for Cryptojacking
44. IoT users uncertain if personal data is shared across multiple devices
45. 19% still save their password on a piece of paper
46. Hackers Breach System of Healthcare.Gov Exposing Personal Data of 75,000 Users
47. Hackers steal personal data of up to 9.4 million Cathay Pacific passengers
48. Leaked: iOS 12.1 will be released on October 30th
49. Vulnerability In Microsoft Word Online Video Feature Allows for Phishing
50. 33,000 Accounting Inbox Credentials Exposed Online: BEC Made Easy | Read the details here:

THREATS

51. Videos and MS Office documents - ingredients for a malware attack
52. SandboxEscaper expert is back and disclosed a new Windows Zero-Day
53. IoT Flaw Allows Hijacking of Connected Construction Cranes
54. Mac CryptoCurrency Price Tracker Caught Installing Backdoors
55. Mac cryptocurrency ticker app installs backdoors
56. Word documents seemingly carrying videos can deliver malicious code instead
57. Remote Denial of Service Vulnerability Patched in Squid Proxy Cache Server
58. X.Org Flaw Allows Privilege Escalation in Linux Systems
59. Downloading Google Chrome via Microsoft Edge Endangered by Malware
60. The Ransomware Attack on a North Carolina Water Utility May Not Have Been What it Seemed
61. X.Org Flaw Exposes Unix-Like OSes to Attacks
62. Windows 10 UWP Bug Could Give Malicious Devs Access To All Your Files
63. X.org Bug Bites OpenBSD And Other Big Operating Systems
64. If your company uses Windows 10, watch out: there are new vulnerabilities about
65. Advanced Malware Protection Affected by Bug That Can Inhibit Intrusion Detection
66. Logical Bug in Microsoft Word's 'Online Video' Allows Code Execution
67. Call of Duty players caught up in cryptocurrency theft racket
68. Ransomware and the enterprise: A new white paper
69. Windows 10 UWP bug could give malicious devs access to all your files
70. Windows 10 Bug Allowed UWP Apps Full Access to File System
71. Magecart Exploits Zero Day Vulnerabilities
72. Serious Vulnerability Discovered In X.Org Server Affects Major Linux and BSD Variants
73. Malware That Accompanies Google Chrome Download Detected
74. Security Vulnerability in Internet-Connected Construction Cranes
75. 'Narwhal Spider' group's spam campaign targets Japanese recipients with URLZone malware
76. Cyber-criminals exploit misconfigured container to deliver cryptominer
77. DDoS and ransomware tools for starter and experienced cybercriminals exposed
78. Systemd flaw could cause the crash or hijack of vulnerable Linux machines
79. Pentagon’s big audit will inspect for cybersecurity flaws, comptroller says
80. Vulnerability found in Sophos anti-malware product
81. Flaws in brain stimulation tech could let hackers erase or hold memories for ransom
82. Privacy concerns cooling #InternetOfThings adoption in US & Europe, with consumers concerned about #DataLeaks, malware and product security (via @FSecure)
83. Same Old yet Brand-new: New File Types Emerge in Malware Spam Attachments
84. Crooks continue to abuse exposed Docker APIs for Cryptojacking
85. Revolutionary Blockchain 3.0 Under CSE Platform
86. #Antivirus SW alone can't stop new #malware or #ransomware. by @MariaKorolov -
87. Beware! Downloader Malware Disguised as Game Apps Found On Google Play with More Than 51,100 Installations
88. Cisco patched a command injection vulnerability in Webex Meetings
89. Have you ever wondered why #ransomware attacks happen on the Friday before a long weekend? We've teamed up with @SentinelOne
90. Microsoft Bing Delivered Dangerous Malware When You Try to Download Google Chrome
91. Vulnerability In Microsoft Word Online Video Feature Allows for Phishing

CRIME

92. Future Investment Initiative Conference Website, Defaced, Now Restored
93. Here's how to defend your enterprise from Magecart
94. Breaking News: Securonix Threat Research: British Airways Breach
95. Mirai Botnet Operator Ordered to Pay $8.6 Million
96. Cathay Pacific Suffers World’s Largest Airline Data Breach
97. Call of Duty players caught up in cryptocurrency theft racket
98. League of Legends Gamers Targeted by Phishing Scam | Avast
99. Malware That Accompanies Google Chrome Download Detected
100. Secret Service Confirms Focus on Email Compromise Cybercrimes Worth $12 Billion
101. Man Ordered to Pay $8.6 Million for Launching DDoS Attacks against Rutgers University
102. Girl Scouts Alerted to Possible Data Breach
103. Mirai Author Gets House Arrest for DDoS Attacks on University
104. DDoS and ransomware tools for starter and experienced cybercriminals exposed
105. What can we do to tackle today’s phishing epidemic?
106. Revolutionary Blockchain 3.0 Under CSE Platform
107. 33,000 Accounting Inbox Credentials Exposed Online: BEC Made Easy | Read the details here:

POLITICS

108. Future Investment Initiative Conference Website, Defaced, Now Restored
109. Secret Service Confirms Focus on Email Compromise Cybercrimes Worth $12 Billion
110. What can we do to tackle today’s phishing epidemic?