Oct 9, 2018

Threat report for 2018-10-08

DATA BREACH

  1. 10/8/18: Dtex, Insider Threat, Privacy News: Dtex Earns Leadership, Product Awards; Insider Compromises French Law Enforcement Agency; The Big Hack
  2. Google was aware of a flaw that exposed over 500,000 of Google Plus users, but did not disclose it
  3. Google Says Social Network Bug Exposed Private Data
  4. Google+ Is Shutting Down After a Security Bug Exposed User Info
  5. Google chose not to go public about bug that exposed Google Plus users’ data
  6. Google shuts down Google+ after API bug exposed details for over 500,000 users
  7. #TLBleed exploits abuse Intel's HTT chip feature to leak data. Find out how hackers could launch side-channel attacks to obtain
  8. GitLab API Vulnerability Leaked Confidential Data On Public Projects
  9. Google announces plans to close Google+ for consumers following data breach
  10. Google+ Shutting Down After Bug Leaks Info of 500k Accounts
  11. .@David_Ingram of @NBCNews reports that political #campaigns and parties say they’re sending many more texts this year than in past
  12. Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users' Data
  13. Expert presented a new attack technique to compromise MikroTik Routers
  14. With 12,556,810 email archives already exposed across misconfigured online file stores, attackers don’t even need to perform #accounttakeovers to gain
  15. ICO hits Heathrow Airport with £120,000 data breach fine over lost USB stick
  16. MikroTik routers with default credentials can be easily compromised
  17. Project Insecurity (@insecurity) researchers discovered certain #livechatsoftware that were leaking personal details of employee at several high-profile sites. Discover how

DENIAL-OF-SERVICE

  1. Hide and Seek IoT Botnet Now Spreads to New Android Devices Using ADB over Wi-Fi
  2. Assassin’s Creed Odyssey suffers DDoS attack at launch

MALVERTISING

Nil

PHISHING

  1. California to Ban Weak Passwords
  2. Phishing Enables Domestic Violence. Education Can Help Stop It.
  3. Hook, Line and Sinker: After Phish Get Caught
  4. Aspire Health Lost 'Protected Health Information' after Getting Hacked by a Phishing Scheme
  5. "Life is short - passwords are long." - Finnish Communications Regulatory Authority

WEB DEFACEMENT

Nil

MALWARE

  1. GRRCon Augusta 2018, Ankur Tyagi’s ‘Analyzing Multi-Dimensional Malware Dataset’
  2. Malware isn't the only threat to Android apps. Others include copies of popular apps and those that abuse permission requests. Here
  3. Code Execution Bug In Malicious Repositories Resolved By Git Project
  4. #Stegware: it's #Malware that uses #steganography techniques to avoid detection
  5. 2018's Most Active Ransomware: The Ongoing Evolution of GandCrab
  6. Most hosting providers take too long to remove malware distribution sites
  7. .@Trustlook Labs discovered an #Android #Trojan stealing data from messaging apps. Learn what #mobilesecurity programs should look for to detect
  8. .@ThreatFabric researchers uncovered a #malware that uses overlay techniques to avoid detection. Learn from @lewisnic how this new #Androidmalware --
  9. Mikko Hypponen's Picks For the Top 5 Viruses of All Time - F-Secure Blog
  10. US government rolls out 2-step verification for .gov domain owners
  11. Intel’s 9th-Generation Core Processors Unveiled
  12. Code execution bug in malicious repositories resolved by Git Project
  13. #Android #Trojan: How is data being stolen from #messagingapps?
  14. #GoScanSSH: How does this #malware work and differ from others?
  15. How did an organized crime group get a zip file from a reputable malware scanning service? Malware researchers occasionally have ties
  16. Keeping your cloud malware-free: What you need to know
  17. Virus Attack Hampers the Email System of Ulster Town
  18. Beware!! Hackers Now Spreading Dangerous FlawedAmmyy Malware Through PDF & IQY File
  19. First In-The-Wild UEFI Rootkit Discovered
  20. The MITRE ATT&CK Framework: Command and Control
  21. .@TrendMicro researchers discovered #FacexWorm, a #malware that uses a #ChromeExtension and @Facebook Messenger to spread. Learn which users are at

EXPLOIT

  1. Hackers exploit vulnerability in Bitcoin code
  2. #TLBleed exploits abuse Intel's HTT chip feature to leak data. Find out how hackers could launch side-channel attacks to obtain
  3. Websites vulnerable to attack exploiting major framework
  4. "It is no secret that the #RemoteDesktop Protocol has long been a source of exploitable vulnerabilities, and it is well
  5. New Exploit for MikroTik Router WinBox Vulnerability Gives Full Root Access

VULNERABILITY

  1. Google shutting down Google+ after covering up privacy bug
  2. Hackers exploit vulnerability in Bitcoin code
  3. Google was aware of a flaw that exposed over 500,000 of Google Plus users, but did not disclose it
  4. Google Says Social Network Bug Exposed Private Data
  5. WECON PI Studio HMI software affected by code execution flaws
  6. Mozilla Patched Multiple Vulnerabilities In Thunderbird 60.2.1
  7. Google+ Is Shutting Down After a Security Bug Exposed User Info
  8. Google shuts down Google+ for consumers due to bug found months ago
  9. Google chose not to go public about bug that exposed Google Plus users’ data
  10. iOS 12.0.1 Released with Fixes to Passcode Bypass Bugs
  11. Google+ Shutting Down After Google Discovers API Bug Affecting 500K Users
  12. Google shuts down Google+ after API bug exposed details for over 500,000 users
  13. Code Execution Flaws Found in WECON Industrial Products
  14. GitLab API Vulnerability Leaked Confidential Data On Public Projects
  15. Code Execution Bug In Malicious Repositories Resolved By Git Project
  16. Google+ Shutting Down After Bug Leaks Info of 500k Accounts
  17. Vulnerabilities in RouterOS could enble hackers to take control of routers
  18. #Shodan, a device search engine, can help identify #ICS security vulnerabilities. Learn more about how Shodan works and how it
  19. NEW #CYBERSAUNA EPISODE: Reinventing the Cold Boot Attack: Modern Laptop Version @nxsolle and Pasi Saarinen discuss how they discovered a flaw
  20. Vulnerabilities discovered in electoral counting machines in 23 states
  21. Most routers full of firmware flaws that leave users at risk
  22. Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users' Data
  23. Who's watching your TV? Sony quietly killed three critical Bravia TV bugs
  24. Microsoft says it can recover files lost to the Windows 10 October Update's data deletion bug
  25. Tenable Researcher Reveals Extended MikroTik Router Vulnerability
  26. MikroTik vulnerability climbs up the severity scale, new attack permits root access
  27. Google Criticizes Apple Over Safari Security, Flaw Disclosures
  28. Code execution bug in malicious repositories resolved by Git Project
  29. Users complain of boot loops on Series 4 Apple Watch due to daylight savings bug
  30. "It is no secret that the #RemoteDesktop Protocol has long been a source of exploitable vulnerabilities, and it is well
  31. New Exploit for MikroTik Router WinBox Vulnerability Gives Full Root Access
  32. The Git Project addresses a critical arbitrary code execution vulnerability in Git
  33. D-Link Security Updates Fixed Multiple Vulnerabilities in WiFiManager Software
  34. Beware!! Hackers Now Spreading Dangerous FlawedAmmyy Malware Through PDF & IQY File
  35. PoC Attack Escalates MikroTik Router Bug to ‘As Bad As It Gets’
at
Labels: