Threat report for 2018-10-02

DATA BREACH

1. DanaBot Observed in Large Campaign Targeting U.S. Organizations
2. Financial Sector Data Breaches Soar Despite Heavy Security Spending
3. TA18-275A: HIDDEN COBRA – FASTCash Campaign
4. Gwinnett Medical Center investigating possible data breach
5. Fortnite gamers targeted by data theft malware
6. Nielsen warns of Chinese influence campaign, but not with midterms
7. Apollo Data Breach Leads To More Than 200 Million Contact Records Stolen
8. The @UN accidentally exposed credentials on public @trello boards. Plus, #Uber is set to pay $148 million settlement following its
9. DanaBot Observed in Large Campaign Targeting U.S. Organizations
10. UK Conservative Party Conference dedicated app leaks attendee data
11. Breaking bank security: Record theft rises to new heights
12. Facebook could face $1.63bn fine under GDPR over latest data breach
13. How #livechatsoftware leaked
14. UN Sensitive Information Exposed Publicly Due to Neglected Security Settings
15. #DanaBot Gains Popularity and Targets US Organizations in Large Campaigns. http://ow.ly/mJza50jiHdI via the Threat Insight research
16. Facebook Hacked: 50 Million Users' Data Exposed
17. #SecurityNews: #Tory App Snafu exposes Ministers’ personal info including phone numbers and other personal details of Cabinet ministers, as the
18. Telegram vulnerability causes IP address leaking
19. Facebook may be fined up to $1.63 billion due to data breach
20. Wait, this isn't The Onion... "FBI fitness app asks users to agree to 'all of their activities monitored and recorded'"
21. #Video: Bringing all of your #data together under a single management portfolio, under a single #database, allows your organization to

DENIAL-OF-SERVICE

22. Torii botnet, probably the most sophisticated IoT botnet of ever
23. California Governor Signs Bill Requiring Bots to Disclose Their True Identity
24. Rarely a week goes by without reports of a large and damaging #DDoS attack against a major business. Techniques are
25. Torii Botnet – A New Sophisticated IoT Botnet Attack in Wide – More Powerful Than Mirai
26. Stop DDoS Attacks In 10 Seconds – Organization’s Most Important Consideration for DDOS Attack Mitigation
27. Torii malware could be gateway to more sophisticated IoT botnet attacks

MALVERTISING

Nothing to report

PHISHING

28. Cyber criminals using lookalike online shopping domains to phish buyers
29. Nearly 50% of businesses have yet to take control of password security - report
30. Sophisticated Voice Phishing Scams
31. WifiPhisher – WiFi Crack and Phishing Framework
32. Ignite 2018 highlights: passwordless sign-in, confidential computing, new threat protection, and more
33. Hackers can use Microsoft Sway to carry out phishing attacks 'without fear of detection'
34. ThreatList: Password Hygiene Remains Lackluster in Global Businesses
35. Boffins Tricks Password Protection Using Imposter Apps
36. Strengthen your security with Avast password generator | Avast
37. Researchers use Android password managers to make phishing attacks more practical
38. Vulnerable Android password managers make phishing attacks easier
39. True password behaviors in the workplace revealed
40. Sites that use Facebook login could be affected by hack
41. ​NZ customs can now demand phone or laptop passwords
42. When you need to make a new #Password, what do you do? The easiest and most secure way is to
43. At #MSIgnite, @Microsoft declared "an end to era of passwords" with an update to its Authenticator app, which will allow

WEB DEFACEMENT

44. Case involving 'AlfabetoVirtual' website defacements ends in guilty plea
45. Hacker 'AlfabetoVirtual' Pleads Guilty to NYC Comptroller, West Point Website Defacements

MALWARE

46. Cyber criminals using lookalike online shopping domains to phish buyers
47. Canadian restaurant chain suffers country-wide outage after malware outbreak
48. Foxit Reader 9.3 addresses 118 Vulnerabilities, 18 of them rated as critical
49. Researchers Link New NOKKI Malware to North Korean Actor
50. NOKKI Malware Sports Mysterious Link to Reaper APT Group
51. Malware 101: The Malware Tools That Attackers Use
52. Following a Trail of Confusion: PowerShell in Malicious Office Documents
53. Google taking new steps to prevent malicious Chrome extensions
54. AR18-275A: MAR-10201537 – HIDDEN COBRA FASTCash-Related Malware
55. Enabling Enterprise-Grade Hybrid Cloud Data Processing with SAP and Cisco – Part 2
56. A remote access #Trojan -- dubbed #GravityRAT -- was discovered by Cisco Talos (@TalosSecurity) to be checking for #antimalware sandboxes.
57. Danabot Banking Malware Now Targeting Banks in the U.S.
58. Dogcall Rat links NOKKI malware with Reaper group - indicators provided
59. The MITRE ATT&CK Framework: Command and Control
60. Ransomware attacks via RDP on the rise | Avast
61. Keyloggers Turn to Zoho Office Suite in Droves for Data Exfiltration
62. Keyloggers Turn to Zoho Office Suite in Droves for Data Exfiltration
63. World Cup may have distracted malware hackers
64. Microsoft Detection Tools Sniff Out Fileless Malware
65. Google Cracks Down on Malicious Chrome Extensions in Major Update
66. Fortnite gamers targeted by data theft malware
67. Windows Defender exclusions reek of malware
68. DanaBot Observed in Large Campaign Targeting U.S. Organizations
69. Report: Zoho's domain regularly exploited to move keylogger data
70. A Staggering Amount of Stolen Data is Heading to Zoho Domains
71. AV-TEST Rates Check Point’s SandBlast Agent as a Top Product in Corporate Endpoint Protection
72. Malware Less Common in Q2, Still Top Attack Method
73. Malware Less Common in Q2, Still Top Attack Method
74. Alphabet's @chroniclesec unveiled #VirusTotal Enterprise, a new version of the file scanning service designed specifically for enterprise customers. By @RobWright22
75. Fruitfly Mac malware creator used it to spy on minors; FBI discloses technique
76. CVE-2018-8373: Hackers’ best partner to spread Trojans
77. Desktop Telegram users showing off not only their silly selfies but also their IP addresses
78. New Type of Malware Developed by Russian Hackers Eludes Discovery
79. The Army is working toward a cyber domain doctrine
80. The MITRE ATT&CK Framework: Command and Control
81. Improving #mobilesecurity programs to detect
82. Adobe security updates for Acrobat fix 86 Vulnerabilities, 46 rated as critical
83. A group of #malware was discovered targeting public SSH servers. However, certain #IPaddresses are avoided. Discover how this is possible
84. Telegram vulnerability causes IP address leaking
85. Hackers use malicious content delivery system to target iOS device
86. Torii malware could be gateway to more sophisticated IoT botnet attacks

EXPLOIT

87. .@FBI, @DHSgov call on users to mitigate #RemoteDesktop Protocol vulnerabilities and handle RDP exploits on their own, even as the
88. Report: Zoho's domain regularly exploited to move keylogger data
89. Facebook Breach: Attackers Exploited Privacy Feature
90. SQL injection explained: How these attacks work and how to prevent them

VULNERABILITY

91. PDF patch time: fixes land for over 100 flaws in Adobe's and Foxit's PDF software
92. Foxit PDF Reader Fixes High-Severity Remote Code Execution Flaws
93. Foxit Reader 9.3 addresses 118 Vulnerabilities, 18 of them rated as critical
94. Google Patches Critical Vulnerabilities in Android OS
95. Vulnerability Spotlight: Adobe Acrobat Reader DC Collab reviewServer Remote Code Execution Vulnerability
96. Foxit Reader Update Patches Over 100 Vulnerabilities
97. Use Windows, macOS? Don’t be hacked by PDF, patch these critical Adobe flaws now
98. New study finds 5 of every 6 routers are inadequately updated for security flaws
99. .@FBI, @DHSgov call on users to mitigate #RemoteDesktop Protocol vulnerabilities and handle RDP exploits on their own, even as the
100. Adobe Releases Updates For 85 PDF Related CVEs
101. Nine NAS Bugs Open LenovoEMC, Iomega Devices To Attack
102. Rep. Speier: Congress needs a hack demo to understand election vulnerabilities
103. Cisco Talos discloses serious vulnerabilities in Foxit PDF Reader
104. Adobe fixes 47 critical flaws in Acrobat and Reader
105. 86 Vulnerabilities Fixed with Adobe Security Updates for Adobe Acrobat and Reader
106. Use Windows, macOS? Don't be hacked by PDF, patch these critical Adobe flaws now
107. CVE-2018-8373: Hackers’ best partner to spread Trojans
108. Vulnerability Spotlight: Adobe Acrobat Reader DC Collab reviewServer Remote Code Execution Vulnerability
109. Adobe Patches 86 Vulnerabilities in Acrobat Products
110. Adobe security updates for Acrobat fix 86 Vulnerabilities, 46 rated as critical
111. Telegram vulnerability causes IP address leaking
112. Security Update for Foxit PDF Reader Fixes 118 Vulnerabilities
113. Adobe Releases Security Updates for Acrobat that Fix 86 Vulnerabilities