Oct 2, 2018

Threat report for 2018-10-01

DATA BREACH

  1. 100K Routers Hijacked for Phishing in GhostDNS Campaign
  2. Picture-in-Picture Phishing Campaign Goes After Steam Credentials
  3. 4 Ways to Protect Your Files from a Data Breach
  4. Facebook hacked – 50 Million Users’ Data exposed in the security breach
  5. Telegram Patched IP Address Leak Problem In Its Desktop Client
  6. Telegram Leaks User IP Addresses
  7. Telegram not really anonymous? Researcher reports bug that leaks IP addresses
  8. Flaws in Tory party conference app leak ministers' personal information
  9. Facebook faces a whopping €1.4 billion penalty under GDPR for Sept. 30 data breach
  10. Phishing campaign targets developers of Chrome extensions
  11. 3 GOP senators doxed during Kavanaugh hearing
  12. Facebook Data Breach Extended to Third-Party Applications
  13. Facebook could face up to $1.6bn fine for data breach
  14. Telegram CVE-2018-17780 flaw causes the leak of IP addresses when initiating calls
  15. Telegram Calling Feature Leaks Your IP Addresses—Patch Released
  16. High-Profile Instagram Accounts Hacked For Ransom In A Recent Campaign

DENIAL-OF-SERVICE

  1. GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers
  2. Instagram Being Used To Sell Botnets And Stolen Fortnite Accounts
  3. Hackers Are Selling Botnets and Stolen ‘Fortnite’ Accounts Over Instagram
  4. Torii malware could be gateway to more sophisticated IoT botnet attacks
  5. New vicious Torii IoT botnet discovered
  6. GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers
  7. Gigantic 100,000-strong botnet used to hijack traffic meant for Brazilian banks
  8. Torii IoT Botnet Takes Mirai to the Next Level

MALVERTISING

Nothing to report

PHISHING

  1. 100K Routers Hijacked for Phishing in GhostDNS Campaign
  2. Picture-in-Picture Phishing Campaign Goes After Steam Credentials
  3. Roaming Mantis Group Adds Phishing and Web Crypto Mining for iOS Devices
  4. Weak Passwords Abused for 'FruitFly' Mac Malware Distribution
  5. Third-Party Apps Using Facebook Login Also Affected by Latest Hacking Incident
  6. How to Orchestrate a Smarter Phishing Response
  7. Voice Phishing Scams Are Getting More Clever
  8. Why nearly 50% of organizations are failing at password security
  9. Employees Share Average of 6 Passwords With Co-Workers
  10. UK firms’ password security score ‘average’
  11. Phishing campaign targets developers of Chrome extensions
  12. Password Security Better, Still Poses Business Risk
  13. Password Security Better, Still Poses Business Risk
  14. Following a loud critical backlash to a new #Chrome login feature and cookie retention functionality, @Google will make changes in

WEB DEFACEMENT

Nothing to report

MALWARE

  1. Top Cloud Domain Controller for MSPs
  2. Multiple Code Execution Vulnerabilities Found in Atlantis Word Processor
  3. GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers
  4. GrandCrab Ransomware Spreads Using Multiple Known Vulnerabilities
  5. Fileless Malware Attacks on the Rise, Microsoft Says
  6. 'Short, Brutal Lives': Life Expectancy for Malicious Domains
  7. Report Ties North Korean Attacks to New Malware, Linked by Word Macros
  8. Roaming Mantis Group Adds Phishing and Web Crypto Mining for iOS Devices
  9. Google Adds New Rules To End Malicious Chrome Extensions
  10. Code Execution Vulnerabilities Uncovered In Atlantis Word Processor
  11. Deep Dive Into iTranslator - MITM Malware
  12. LoJax: Fisrt UEFI Rootkit Found In The Wild
  13. NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
  14. NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
  15. Telegram Patched IP Address Leak Problem In Its Desktop Client
  16. Weak Passwords Abused for 'FruitFly' Mac Malware Distribution
  17. Code execution vulnerabilities uncovered in Atlantis Word Processor
  18. Malwarebytes is a champion of National Cybersecurity Awareness Month
  19. Monitor privileged execution to defend against
  20. Telegram Leaks User IP Addresses
  21. Vulnerability Spotlight: Multiple vulnerabilities in Atlantis Word Processor
  22. TrickBot Banking Trojan Takes Center Stage in 2018
  23. More on the Five Eyes Statement on Encryption and Backdoors
  24. Report Ties North Korean Attacks to New Malware, Linked by Word Macros
  25. Telegram not really anonymous? Researcher reports bug that leaks IP addresses
  26. Roaming Mantis part III: iOS crypto-mining and spreading via malicious content delivery system
  27. GandCrab ransomware is spreading wildly through several known vulnerabilities
  28. Docs reveal how Fruitfly Mac spyware initially spread
  29. Torii malware could be gateway to more sophisticated IoT botnet attacks
  30. SamSam ransomware: How is this version different from others?
  31. Ransomware Casts Anchor at the Port of San Diego
  32. Hackers Hijacked More Than 100,000 Routers DNS Settings and Redirecting Users to Malicious WebSites
  33. Ransomware Casts Anchor at the Port of San Diego
  34. #VPNFilter #malware: How can users protect themselves?
  35. Vulnerability Spotlight: Multiple vulnerabilities in Atlantis Word Processor
  36. Telegram CVE-2018-17780 flaw causes the leak of IP addresses when initiating calls
  37. Telegram Calling Feature Leaks Your IP Addresses—Patch Released
  38. New Banking Malware Steal Money From Victim’s Bank Accounts Using Weaponized Adobe Reader

EXPLOIT

  1. A new Browser Reaper exploit can crash or freeze Mozilla #Firefox, according to a proof of concept published by a
  2. Python-based attack tools are the most common vector for launching exploit attempts
  3. Several Bugs Exploited in Massive Facebook Hack
  4. Sophos recently discovered a #Samsam extortion code that performs whole-company attacks through a variety of vulnerability exploits. Discover how this
  5. How can attackers exploit a buffer underflow #vulnerability?
  6. New Banking Malware Steal Money From Victim’s Bank Accounts Using Weaponized Adobe Reader

VULNERABILITY

  1. Adobe Patches 47 Critical Flaws in Acrobat and DC
  2. Multiple Code Execution Vulnerabilities Found in Atlantis Word Processor
  3. CVE-2018-11776 and why you need Black Duck Security Advisories
  4. Nine NAS Bugs Open LenovoEMC, Iomega Devices to Attack
  5. GrandCrab Ransomware Spreads Using Multiple Known Vulnerabilities
  6. Google Bug Breaks Search Results with a Plus Sign On Mac Safari
  7. Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader
  8. Gemalto ID Card Provider Sued for €152 Million in eID Vulnerability Case
  9. Code Execution Vulnerabilities Uncovered In Atlantis Word Processor
  10. Facebook: How to minimize the risk of vulnerabilities
  11. Code execution vulnerabilities uncovered in Atlantis Word Processor
  12. Attackers chained three bugs to breach into the Facebook platform
  13. Vulnerability Spotlight: Multiple vulnerabilities in Atlantis Word Processor
  14. Monero fixes major ‘burning bug’ flaw, preventing mass devaluation
  15. Telegram not really anonymous? Researcher reports bug that leaks IP addresses
  16. Flaws in Tory party conference app leak ministers' personal information
  17. Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader
  18. GandCrab ransomware is spreading wildly through several known vulnerabilities
  19. Several Bugs Exploited in Massive Facebook Hack
  20. Sophos recently discovered a #Samsam extortion code that performs whole-company attacks through a variety of vulnerability exploits. Discover how this
  21. Nasty Linux Kernel Vulnerability Discovered, Mandatory Kernel Update Required
  22. How can attackers exploit a buffer underflow #vulnerability?
  23. CISO @rickhholland joins @drshellface and @mazzazone to discuss the latest #cybersecurity news: Security Flaws Affect 50 Million Facebook Accounts and
  24. Vulnerability Spotlight: Multiple vulnerabilities in Atlantis Word Processor
  25. Telegram CVE-2018-17780 flaw causes the leak of IP addresses when initiating calls
at
Labels: