Threat report for 2018-10-04

DATA BREACH

1. UK pins ‘reckless campaign of cyber attacks’ on Russian military intelligence
2. .@FireEye researchers tracked an aggressive #cybertheft campaign -- attributed to North Korean #APT38 -- in which threat actors attempted to
3. Campaign 2018: Cyberattacks on infrastructure could suppress voter turnout
4. Sony accidentally leaked November's PS Plus free games
5. US charges Russian military officers over international hacking and disinformation campaigns
6. Burgerville Customer Credit Card Info Stolen In Data Breach
7. HIDDEN COBRA – FASTCash Campaign
8. Database of 200 Million Records Stolen from Apollo in Data Breach
9. Irish Data Regulator Likely to Fine Facebook for Data Breach
10. 5,000 UK firms' financial details exposed in data breaches, finds @digitalshadows
11. The @UN accidentally exposed credentials on public @trello boards. Plus, #Uber is set to pay $148 million settlement following its
12. Burgerville customer credit card info stolen in data breach laid at Fin7's feet
13. How #livechatsoftware leak personal #employeedata?
14. Democratic congressional intern arrested for doxing GOP senators during Kavanaugh hearing
15. Business Email Compromise: When You Don’t Need to Phish.
16. Business email compromise made easy for cyber criminals
17. In manufacturing, almost half – 47 percent – of breaches involve the theft of intellectual property to gain competitive advantage.
18. Security Investigator who Compromised Hotel Wi-Fi, Shared Pass-Codes Online, is Fined
19. UK and allies accuse Russia of cyber attack campaign
20. Business email compromise made easy for #cybercriminals as 12.5 million company email boxes and 33,000 finance department credentials found openly
21. U.S. Capitol Police Arrest Suspect for Doxing U.S. Senators
22. DanaBot Observed in Large Campaign Targeting U.S. Organizations

DENIAL-OF-SERVICE

23. California bill bans bots during elections
24. Why It’s Time to Nuke the Password
25. Why It’s Time to Nuke the Password

MALVERTISING

Nothing to report

PHISHING

26. Exclusive: Moving away from passwords to two-factor authentication
27. Block Blocking Login Items
28. Business Email Compromise: When You Don’t Need to Phish.
29. Hackers Selling Facebook Account Logins Details On Dark Web For $3
30. Experts recommend avoiding single step logins
31. Phishing Attacks Distributed Through CloudFlare's IPFS Gateway
32. Why It’s Time to Nuke the Password
33. Why It’s Time to Nuke the Password
34. DanaBot Observed in Large Campaign Targeting U.S. Organizations

WEB DEFACEMENT

35. Hacker Pleads Guilty of Defacing 11,000 Websites, Could Get up to 20 Years
36. Hacktivist pleads guilty to defacing websites for NYC comptroller, Combating Terrorism Center

MALWARE

37. Virus Bulletin 2018: Turla APT Changes Shape with New Code and Targets
38. .@ThreatFabric researchers uncovered an #Android malware, #MysteryBot, which uses overlay attacks to avoid detection. Learn how this #malware affects @Google's
39. China allegedly infiltrated US companies through implanted hardware backdoors
40. Researchers at the 2018 @RSAConference discussed #stegware: @malware that uses #steganography. Discover how this works with expert @lewisnic.
41. Report: In Huge Hack, Chinese Manufacturer Sneaks Backdoors Onto Motherboards
42. Avast AV reclassifies cryptominers | Avast
43. Researchers at Cisco Talos (@TalosSecurity) recently discovered #GravityRAT, a remote access #Trojan. Discover how this RAT can check for
44. This is also a good time to remind that bugdoors are far more scary than backdoors.
45. Fallout Exploit Kit Now Installing the Kraken Cryptor Ransomware
46. Apple, Amazon deny claims Chinese spies implanted backdoor chips in company hardware: report
47. Researchers from @proofpoint have announced the discovery of a remote access trojan, and an upgraded version of an old banking
48. Canadian restaurant chain Recipe suffered a network outage, is it a ransomware attack?
49. Tearing Apart the Undetected (OSX)Coldroot RAT
50. Mac Malware of 2017
51. WTF is Mughthesec!? poking on a piece of undetected adware
52. OSX/MacRansom; analyzing the latest ransomware to target macs
53. Mac Malware of 2016
54. Towards Generic Ransomware Detection
55. Analysis of an Intrusive Cross-Platform Adware; OSX/Pirrit
56. Analyzing the Anti-Analysis Logic of an Adware Installer
57. Monitoring Process Creation via the Kernel (Part III)
58. Monitoring Process Creation via the Kernel (Part II)
59. Monitoring Process Creation via the Kernel (Part I)
60. More on, "Adware for OS X Distributes Trojans"
61. LoJax: First UEFI Malware seen in the Wild
62. Virus Bulletin 2018: Attack velocity ramps up
63. More than 4,000 ransomware attacks occur every day. Secure your company & build your network at #RiskSec with promo code
64. Malicious remote admin tool seemingly linked to KONNI malware, North Korea
65. Betabot trojan packed with anti-malware evasion tools
66. How is Android Accessibility Service affected by a banking Trojan?
67. How does stegware malware exploit steganography techniques?
68. .@Trustlook Labs discovered an #Android #Trojan stealing data from messaging apps. Learn what #mobilesecurity programs should look for to detect
69. Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
70. A new group of #malware -- dubbed #GoScanSSH -- was recently discovered by researchers. Learn how this malware works and
71. Seriously if I could make evil semiconductors I would just replace one which is already present rather than adding it. Show
72. WATCH: Top 5 Viruses of All Time by Security Expert @mikko Hyppönen
73. New DanaBot Banking Malware Attack in Various Countries with Stealer and Remote Access Futures
74. Researchers found that cheap Android devices were shipped pre-installed backdoors
75. Google opened the .page domain
76. Most Advanced Backdoor Obfuscation and Evasion Technique That used by Hackers
77. Zoho Heavily Used by Keyloggers to Transmit Stolen Data
78. Network Outage at Some Recipe Unlimited Locations Caused by Malware
79. DanaBot Observed in Large Campaign Targeting U.S. Organizations

EXPLOIT

80. Google Project Zero drops macOS exploit, calls out Apple for silent patching
81. CVE-2018-8373 Exploit Spotted
82. Fallout Exploit Kit Now Installing the Kraken Cryptor Ransomware
83. Remote Mac Exploitation Via Custom URL Schemes
84. How does stegware malware exploit steganography techniques?
85. Secure encrypted #virtualization: How is this technology exploited?

VULNERABILITY

86. Bug bounty scheme uncovers 150 vulnerabilities in US Marine Corps websites
87. CVE-2018-4251 – Apple did not disable Intel Manufacturing Mode in its laptops
88. macOS Flaw Allows Attackers To Hijack Installed Apps
89. ICYMI - CISO @rickhholland joins @drshellface and @mazzazone in this week's ShadowTalk episode: Security Flaws Affect 50 Million Facebook Accounts
90. CVE-2018-8373 Exploit Spotted
91. Vulnerability Scanning vs. Penetration Testing by @TripwireInc
92. This is also a good time to remind that bugdoors are far more scary than backdoors.
93. A Remote iOS Bug
94. An Unpatched Kernel Bug
95. From the Top to the Bottom; Tracking down CVE-2017-7149
96. Two Bugs, One Func(), part three
97. Two Bugs, One Func(), part two
98. Two Bugs, One Func(), part one
99. CVE-2015-3673: Goodbye Rootpipe...(for now?)
100. Cisco: Two critical bugs in DNA network software need these urgent patches
101. Paper over the Kracks: New techniques can bypass WPA2 flaw mitigations
102. Hackers Earn $150,000 in Marine Corps Bug Bounty Program
103. Cisco plugs critical flaws in DNA Center and Prime Infrastructure
104. Marine Corps bug bounty program finds 150 vulnerabilities
105. Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
106. Foxit PDF Reader fixes serious remote code execution vulnerability
107. A Google bug breaks the search results in Safari
108. Hacking for good uncovers over 150 Marine Corps web vulnerabilities