Threat report for 2018-10-11

DATA BREACH & DATA LOSS

1. The BEC List: Helping Thwart Business Email Compromise through Collaboration
2. Personal data for coffee. What’s the risk? | Avast
3. The EU and the US have investigated on data breaches on the Google+
4. FitMetrix user data exposed via passwordless ElasticSearch server cluster
5. Apple has formed a partnership with lyrics database provider Genius
6. Defending Against Business Email Compromise Attacks
7. Heathrow Airport, the busiest airport in the United Kingdom, has been fined £120,000 (about $158,173) following a data breach caused
8. Palo Alto Networks Uncovers Flash Updater Cryptojacking Campaign
9. Gemalto reports that 4.6 billion record leaked in the first half of 2018
10. A new database with information on every shooting at a school in the last 50 years is now available publicly
11. New Gallmaker APT group eschews malware in cyber espionage campaigns
12. Ghostdns Attack Compromised Over 100K Routers
13. A simple videocall could compromise your WhatsApp account
14. Mingis on Tech: Data breaches and the rise of 'surveillance capitalism'
15. Mingis on Tech: Data breaches in a world of 'surveillance capitalism'

DENIAL-OF-SERVICE

Nil

MALVERTISING

Nil

PHISHING

16. California Bill Increases Default Password Security
17. Cofense Report Reveals 10 Percent of User-Reported Emails Across Key Industries are Malicious, Over Half Tied to Credential Phishing
18. Hackers launched #phishing attacks against @netflix users via malicious sites with TLS certificates. Learn how hackers mimic popular websites to
19. Avast 2019: Extends Artificial Intelligence Technology to Block Advanced Phishing Attacks for Enhanced Consumer Security
20. AVG 2019 now includes enhanced phishing threat detection

WEB DEFACEMENT

21. Italian Police Finally Identified 25-Year-old Italian Hacker who have Defaced NASA Websites

BOTNET

Nil

RANSOMWARE

22. Qihoo 360’s precise analysis of ransomware for September
23. Costly cryptojacking overtakes ransomware in the enterprise threat stakes

CRYPTOMINING & CRYPTOCURRENCIES

24. XMRig Cryptocurrency Miner Camouflages Itself as a Flash Updater
25. Cops Arrest Infamous SIM Swapper Who Stole Crypto Currency
26. Cops Arrest Infamous SIM Swapper Who Allegedly Stole $14 Million in Cryptocurrency
27. Cryptomining malware discovered masquerading as Flash updates
28. Fake Flash Updaters Push Cryptocurrency Miners
29. Hackers Abusing Legitimate Googlebot Services to Inject Cryptomining Malware
30. Researchers from @alienvault found a new #cryptocurrency mining malware -- dubbed #MassMiner -- that infects systems across the web. Learn
31. Crypto-mining malware poses as Flash updates
32. Dublin Information Sec: Protect your firm from 'Gold Rush' #cryptocurrency scammers: https://www.independent.ie/business/dublin-information-sec/dublin-information-sec-protect-your-firm-from-gold-rush-cryptocurrency-scammers-37286913.html … ( via @jimmychappell )

MALWARE

33. Exaramel Malware Links Industroyer ICS malware and NotPetya wiper
34. GPlayed Android Trojan Can Wipe Your Device, Steal Data, Make Calls, Send SMS
35. Hackers Exploit Drupalgeddon2 to Install Backdoor
36. Adaptable, All-in-One Android Trojan Shows the Future of Malware
37. Talos: Android trojan resembling Play Store installs sophisticated spyware
38. Most Malware Arrives Via Email
39. Fake Adobe Flash Updates Hide Malicious Crypto Miners
40. .@TrendMicro researchers discovered a malicious #ChromeExtension spreading #malware. Learn more with expert @lewisnic.
41. GPlayed trojan – .Net playing with Google Market
42. Cryptomining malware discovered masquerading as Flash updates
43. This cryptojacking mining malware pretends to be a Flash update
44. Hackers Abusing Legitimate Googlebot Services to Inject Cryptomining Malware
45. Reaper Group Uses New Malware to Deploy RAT
46. Cofense Report Reveals 10 Percent of User-Reported Emails Across Key Industries are Malicious, Over Half Tied to Credential Phishing
47. Exaramel Malware Reinforces Link Between Industroyer and NotPetya
48. New TeleBots backdoor: First evidence linking Industroyer to NotPetya
49. New TeleBots backdoor: First evidence linking Industroyer to NotPetya
50. New Android Trojan Gplayed Adapts to Attacker's Needs
51. Researchers from @alienvault found a new #cryptocurrency mining malware -- dubbed #MassMiner -- that infects systems across the web. Learn
52. Hackers launched #phishing attacks against @netflix users via malicious sites with TLS certificates. Learn how hackers mimic popular websites to
53. Crypto-mining malware poses as Flash updates
54. Who needs custom malware? 'Govt-backed' Gallmaker spy crew uses off-the-shelf wares
55. Worker perks flinger Sodexo pulls Engage website after malware smackdown
56. New Backdoor Ties NotPetya and Industroyer to TeleBots Group
57. .@FarsightSecInc's @paulvixie says his company's new research into domain name lifespans and causes of death shows the need for new
58. "Help! I have a #computer worm..oh wait is it a computer #virus?" These terms are often used interchangeably, but have
59. The attached file promptly infects Peter’s laptop with the RAT, remote access trojan. It only takes about an hour from
60. New Gallmaker APT group eschews malware in cyber espionage campaigns
61. GPlayed Trojan - .Net playing with Google Market
62. Canada-Based Restaurant Chain Hit with Malware Attack
63. Hackers Use Hijacked Email Address To Send Malware as a Reply to Existing Email Thread
64. JSRAT – Secret Command and Control Channel Backdoor to Control Victims Machine Using JavaScript
65. How to Defeat Malicious Everything as-a-Service

EXPLOIT

66. Hackers Exploit Drupalgeddon2 to Install Backdoor
67. PoC Code Available for Microsoft Edge Remote Code Execution Bug

VULNERABILITY

68. Multiple Vulnerabilities Dicovered In RouterOS That Affected MikroTik Routers
69. Senate seeks internal memo on Google+ vulnerability
70. Slow disclosure of Google+ flaw draws attention of senators
71. PoC Code Available for Microsoft Edge Remote Code Execution Bug
72. .@Google Firebase's lack of #DatabaseSecurity and inadequate #BackendDevelopment led to #DataLeaks and vulnerabilities, including HospitalGown. Learn more about this
73. Network Time Protocol Bugs Sting Juniper Operating System
74. Juniper Networks provides dozens of fix for vulnerabilities in Junos OS
75. Audit Finds No Critical Flaws in Firefox Update System
76. [SingCERT] Alert on 12 Critical Microsoft Vulnerabilities for October 2018 Patch Tuesday
77. A patched #MikroTik router vulnerability amps up severity rating as @TenableSecurity researchers find new potential exploits with more critical consequences.
78. Juniper fixes 30+ vulnerabilities in its routing, switching devices
79. Adobe patches critical flaws in many of its software offerings
80. Update now! Microsoft fixes 49 bugs, 12 are critical
81. All WhatsApp Users Must Update: Zero Day Bug Found in WhatsApp
82. VMware issues advisory for a DoS vulnerability
83. .@TenableSecurity found new exploits of an already patched #MikroTik router vulnerability that could enable hackers to launch #RemoteCode execution attacks.
84. Juniper Patches Serious Flaws in Junos OS
85. Microsoft October Patch Tuesday fixed Win32k privilege vulnerability that used in targeted attacks
86. Four Critical Flaws Patched In Adobe Digital Edition