Threat report for 2018-10-07
DATA BREACH
- Week in review: Facebook data breach fallout, BEC-as-a-Service, true password behaviors
- New details and images leak of Google's upcoming Pixel Slate tablet
- Burgerville discloses year-long data breach, courtesy of FIN7 cybergang
DENIAL-OF-SERVICE
Nothing to report
MALVERTISING
Nothing to report
PHISHING
- Week in review: Facebook data breach fallout, BEC-as-a-Service, true password behaviors
- This #whitepaper by @IRONSCALES explores how modern phishing techniques, such as #BEC, #ransomware, spear-phishing & #APTs are meticulously designed to
- Dan Nadir, vice president of digital risk @proofpoint quoted - Tips for Better #Passwords.
WEB DEFACEMENT
Nothing to report
MALWARE
- How a #cryptocurrency mining #malware infects systems
- This #whitepaper by @IRONSCALES explores how modern phishing techniques, such as #BEC, #ransomware, spear-phishing & #APTs are meticulously designed to
- Can monitoring help defend against #Sanny #malware update?
- The MITRE ATT&CK Framework: Command and Control
EXPLOIT
- APT Actors Exploiting Global MSPs: DHS Security Alert
- Vulnerability Scanning vs. Penetration Testing: What's the Difference?
- Penetration Testing Mail Server with Email Spoofing – Exploiting Open Relay configured Public Mail Servers
- Sony Bravia Smart TV Contains Multiple Critical Vulnerabilities That Allows Attacker Exploit Remotely Without Authentication
VULNERABILITY
- Vulnerability Scanning vs. Penetration Testing: What's the Difference?
- SAP bug beatdowns, Apple gets nasty with Mac repairs, Struts woe, and more from infosec
- D-Link fixed several flaws in Central WiFiManager access point management tool
- Sony Bravia Smart TV Contains Multiple Critical Vulnerabilities That Allows Attacker Exploit Remotely Without Authentication
- Cisco updates address 36 vulnerabilities, three critical
- Cisco Patched Two Critical Vulnerabilities in Digital Network Architecture Center
