Oct 15, 2018

Threat report for 2018-10-14

DATA BREACH & DATA LOSS

  1. My Health Record privacy amendments 'woefully inadequate': Labor
  2. #NetSpectre exploits speculative execution to leak data remotely via side-channel attacks. Learn how this #SecurityVulnerability affects the #cloud from expert
  3. Web Hosting Provider Suffers Data Breach Second Time in a Year
  4. Find out how #TLBleed abuses @Intel's HTT chip feature to leak data via TLB
  5. Microsoft still has not completely solved the Microsoft JET database engine vulnerability
  6. See how SearchLight identifies when your data is exposed, your brand is abused, or your company is mentioned on the
  7. Pentagon Discloses Data Breach, More Than 30,000 Workers Have Affected
  8. A @Google security audit uncovered a glitch in #GooglePlus that exposed data from nearly 500,000 accounts, causing the company to
  9. PHASE 4 – INFORMATION GATHERING AND PLANNING Meet Eric, a control systems engineer working for a third-party integrator. He’s guy who uploaded

DENIAL-OF-SERVICE

  1. DDoS Attacks Hit Games Like Assassin’s Creed and Final Fantasy XIV

MALVERTISING

Nil

PHISHING

Nil

WEB DEFACEMENT

Nil

BOTNET

Nil

RANSOMWARE

  1. New @ESET research finds APT group dubbed #TeleBots was behind #Industroyer #malware attacks, #NotPetya #ransomware outbreaks, and a recent Exaramel

CRYPTOMINING & CRYPTOCURRENCIES

  1. Fake Flash Updates pushing Malware to Inject XMRig Cryptocurrency Miners

MALWARE

  1. Week in review: Enterprise cybersecurity PKIs, keeping your cloud malware-free
  2. New @ESET research finds APT group dubbed #TeleBots was behind #Industroyer #malware attacks, #NotPetya #ransomware outbreaks, and a recent Exaramel
  3. .@ThreatFabric researchers uncovered a #malware that uses overlay techniques to avoid detection. Learn from @lewisnic how this new #Androidmalware --
  4. At the 2018 @RSAConference, researchers discussed the rise of stegware -- #malware that uses #steganography techniques to avoid detection. Learn
  5. How a remote access #Trojan checks for
  6. Fake Flash Updates pushing Malware to Inject XMRig Cryptocurrency Miners

EXPLOIT

  1. Expert released PoC Code Microsoft Edge Remote Code Execution flaw
  2. Exploiting Windows Using Microsoft Office DDE Exploit (MACROLESS)

VULNERABILITY

  1. Microsoft fixed the Zero-Day for JET flaw, but the fix is incomplete
  2. A2SV – SSL Vulnerability Analysis Tool
  3. Microsoft patch for JET flaw zero-day is ‘incomplete,’ Windows still vulnerable
  4. Microsoft still has not completely solved the Microsoft JET database engine vulnerability
  5. Expert released PoC Code Microsoft Edge Remote Code Execution flaw
at
Labels: