Threat report for 2018-10-24

DATA BREACH & DATA LOSS

1. Cathay Pacific breach leaks personal data on 9.4 million people
2. Cathay Pacific data breach hits 9.4 million people
3. Hacker Guccifer, who exposed Clinton private email server, ready for US prison sentence
4. Democratic Fundraising Firm Leaks Voter Database, Clients, Fundraisers
5. Cathay Pacific Hit by Data Leak Affecting 9.4M Passengers
6. Supermarket told it must compensate 100,000 workers after payroll data deliberately leaked by rogue employee
7. Information-Stealing Malware Campaign Evades Anti-Virus Detection
8. Cathay Pacific Suffers Data Breach Impacting 9.4 Million Passengers
9. Pocket iNet Leaves 73 GB of Sensitive Data Exposed
10. Yahoo to pay up to $85m to settle data breach lawsuit
11. Tim Cook Blasts Weaponization Of Personal Data And Praises GDPR
12. Pocket iNet Left All Of Its Corporate Passwords, Keys, And Data Exposed
13. Apple's Tim Cook: Our personal data is 'weaponized against us' by you-know-who
14. A #ZeroDay in #jQuery File Upload could affect thousands of projects because the jQuery #plugin vulnerability has existed for eight
15. Last year the @USAgov required agencies to implement #DMARC records and policies by October 2018. Learn just how hard DMARC
16. Discover how #NetSpectre attacks leak data remotely via side-channels with Michael Cobb of @thehairyITdog.
17. Yahoo Agrees to Pay $50 Million in Damages to Settle Data Breach Lawsuit
18. Business Email Compromise: Gift Cards
19. US government medical website was hacked that 75,000 personal data was stolen
20. Morrisons supermarket: We're taking payroll leak liability fight to UK Supreme Court
21. Pocket iNet ISP exposed 73GB of data including secret keys, plain text passwords
22. Weekly Threat Briefing: HealthCare.gov Suffered Data Breach As Hackers Stole 75,000 Records
23. Yahoo agrees to pay $50 million to settle data breach lawsuit
24. My Health Record opt-outs now sit at over 1.1 million
25. ISP Provider Exposed 73 Gigabytes of Highly Sensitive Data Including To The Internet
26. South Korea Seems Chief Target of the ‘Operation Oceansalt’ Campaign
27. Again Hacker Exposed New Microsoft Unpatched Zero-day Bug In Twitter With PoC
28. Yahoo to pay at least $85m for data breach settlement
29. Survey: Nearly Half of U.S. Adults Experienced a Data Breach in the Past Three Years
30. A recent @HealthCareGov #breach exposed unknown types of data on 75,000 people, but a lack of information in the disclosure

DENIAL-OF-SERVICE

31. This botnet snares your smart devices to perform DDoS attacks with a little help from Mirai

MALVERTISING

Nil

PHISHING

32. Phishing Attack Tip 1: Beware of Unsettling Content An email containing unsettling, startling, or urgent content that requires immediate action on
33. The Enduring Password Conundrum
34. Phishing for knowledge
35. Phishing attacks: Why is email still such an easy target for hackers?
36. Office 365 for Business - from May to September - has been Recorded Lowest Phish Miss Rate Versus Rivals
37. Area 1 Security releases Pay-Per-Phish, the performance-based cybersecurity solution

WEB DEFACEMENT

Nil

BOTNET

38. Poorly secured SSH servers targeted by Chalubo botnet
39. This botnet snares your smart devices to perform DDoS attacks with a little help from Mirai
40. "The resurgence of #VPNFilter #botnet appears to be limited to the Ukraine, but given the ease of infecting targeted systems,
41. Chalubo, a new IoT botnet emerges in the threat landscape

RANSOMWARE

42. ThreatList: Ransomware, EKs and Trojans lead the Way in Q3 Malware Trends
43. Join us, and @SentinelOne Nov 29, as we discuss fast acting #ransomware remediation, threat hunting, and #AI that stops incongruous
44. How Microsoft's Controlled Folder Access can help stop ransomware

CRYPTOMINING & CRYPTOCURRENCIES

45. ​Australian woman arrested over AU$450,000 Ripple theft
46. Warning: More iOS Devices Are Infected by Cryptocurrency Mining Malware
47. Meet Cryptojacking, the (not so) new kid on the block
48. FBI: Call of Duty gamers helped steal $3.3 million in cryptocurrency hacking scheme
49. Crytojacking 101; why cryptojacking is bad for business
50. China asks blockchain-based service providers to control user information
51. A Digital Currency for Everyone: 5 Easy Way Steps to Follow for Buying Bitcoin
52. Securing Blockchain with Privileged Access Management

MALWARE

53. Warning: More iOS Devices Are Infected by Cryptocurrency Mining Malware
54. Russia Behind Triton Malware? A Cybersecurity Consulting Firm Confirms
55. Information-Stealing Malware Campaign Evades Anti-Virus Detection
56. New Malware Targets Industrial Control Systems
57. FlawedAmmyy Remote Access Trojan
58. Meet the malware which turns your smartphone into a mobile proxy
59. sLoad Banking Trojan Downloader Displays Sophisticated Recon and Targeting
60. ThreatList: Ransomware, EKs and Trojans lead the Way in Q3 Malware Trends
61. Beers with Talos EP40: BWT XL feat. SuperMicro, Giant Patches, and More Mobile Malware
62. Mac malware intercepts encrypted web traffic for ad injection
63. Russian Malware Used In An Attempt To Sabotage Saudi Petrol Plant
64. Malware Targeting Brazil Uses Legitimate Windows Components WMI and CertUtil as Part of its Routine
65. LuminosityLink RAT author sentenced to 2.5 years in jail
66. Deadly Malware That Attacked Saudi Industrial Plant Came From Russia
67. Beyond Your Bank Account: Ten Astounding Finds Uncovered by Financial Malware
68. FireEye: Russian Research Lab Aided the Development of TRITON Industrial Malware

EXPLOIT

69. Exploit for New Windows Zero-Day Published on Twitter
70. Exploit kits: fall 2018 review
71. New Windows Zero-Day Bug Helps Delete Any File, Exploit Available
72. Siemens Siclock: How do threat actors exploit these devices?
73. Magecart Attackers Exploit Magento Zero-Days
74. Hacker Discloses New Windows Zero-Day Exploit On Twitter

VULNERABILITY

75. Windows ‘Deletebug’ Zero-Day Allows Privilege Escalation, Destruction
76. Vulnerabilities in Linksys Routers May Grant Attackers Full Control
77. Exploit for New Windows Zero-Day Published on Twitter
78. Cisco Patches Local WebEx Vulnerability, Remotely Exploitable in AD Deployments
79. CVE-2018-4338: Triggering an Information Disclosure on macOS Through a Broadcom AirPort Kext
80. Another Windows 0-day flaw has been published on Twitter
81. .@Siemens disclosed six SICLOCK flaws that were found within its central plant clocks. Discover why three flaws have been rated
82. SandboxEscaper expert is back and disclosed a new Windows Zero-Day
83. Pentagon Launches Continuous Bug Bounty Program
84. [SingCERT] Alert on Drupal Critical Vulnerabilities
85. A Windows 0day vulnerability was made public on Twitter
86. Organizations with strong DevSecOps find flaws 11x faster than those without
87. New Microsoft Windows Zero-Day Dropped on Twitter, Micropatch Available
88. A #ZeroDay in #jQuery File Upload could affect thousands of projects because the jQuery #plugin vulnerability has existed for eight
89. Most enterprise vulnerabilities remain unpatched a month after discovery
90. WizCase Found Critical Firmware Vulnerabilities In Leading NAS Devices
91. New Windows Zero-Day Bug Helps Delete Any File, Exploit Available
92. Twitter User Discloses Second Microsoft Zero-Day
93. Firefox 63 Released with Enhanced Tracking Protection and Fixes 14 Security Vulnerabilities
94. Most applications 'suffer from information leakage bugs'
95. DoD bug bounty program to expand to more sensitive systems
96. 3-year-old jQuery plugin vulnerability finally patched
97. US Department of Defense Expands Bug Bounty Efforts
98. The Qihoo @360CoreSec team found a @Microsoft vulnerability -- named Double Kill -- that affects applications through #MicrosoftOffice documents. Learn
99. Good initiative. Would be even better if you would pay bounties for the bugs, too.
100. Learn about the #NetSpectre vulnerability and the benefits of #ThreatModeling for cloud deployments from expert Ed Moyle of @securitycurve.
101. A summer intern took a look at tinc VPN, they found some nice authentication bypass and message tampering flaws
102. Again Hacker Exposed New Microsoft Unpatched Zero-day Bug In Twitter With PoC
103. Marine diesel engines software developed by Auto Maskin has serious vulnerabilities
104. Drupal Remote Code Execution Vulnerability Threat Alert
105. Hacker Discloses New Windows Zero-Day Exploit On Twitter