Oct 27, 2018

Threat report for 2018-10-26

DATA BREACH & DATA LOSS

  1. ThreatList: 1 Out of 5 Would Ditch a Business After a Data Breach
  2. Facebook removes Iranian influence campaign as midterms near
  3. Bushido-Powered DDoS Service Whipped Up from Leaked Code
  4. British Airways: 185K Affected in Second Data Breach
  5. British Airways Data Breach Takes Off Again with 185K More Victims
  6. Settlement in Yahoo data breach leaves company to pay $50M
  7. Pocket iNET ISP Exposed 73GB of Sensitive Data On Misconfigured S3 Bucket
  8. Campaign 2018: New malware attacks target voters in key battleground states
  9. Cathay Pacific Hacked, Personal Data For 9.4 Million Passengers Compromised
  10. Tracking Tick Through Recent Campaigns Targeting East Asia
  11. Details of 9mil compromised in Cathay Pacific data leak
  12. Cathay Pacific Suffered Data Breach Affecting 9.4 Million Customers
  13. BA website and data breach by Magecart deeper than first thought
  14. Malicious actors attacked a back-end insurance system and the resulting @HealthCareGov #breach exposed an unknown amount of data on 75,000
  15. Cathay Pacific hack: Personal data of up to 9.4 million airline passengers laid bare
  16. Cathay Pacific Says 9.4 Million Affected by Data Breach
  17. A #ZeroDay in the popular #jQuery File Upload plugin could affect thousands of projects and the jQuery #plugin vulnerability may
  18. Airline Discovers Trove of Frequent Flyer Accounts Compromised and Posted for Sale Online:
  19. British Airways data breach worse than thought
  20. Spammers Behind Historic Data Breach Affecting Millions of Facebook Users
  21. Cathay Pacific Airways Confirm Data Breach of its Customers
  22. “Advanced attacks, spear-phishing and data breaches are the norm, instead of the exception. We need to address these issues with
  23. New Malware Abusing Two Legitimate Windows Files to Steal Victims Personal Data

DENIAL-OF-SERVICE

  1. University DDoS attack leads to $8.6 million fine, house arrest for New Jersey man
  2. Bushido-Powered DDoS Service Whipped Up from Leaked Code
  3. 16K Strong DDoS-for-Hire Botnet Provides 420+ GB/s Club to Knock Out Websites
  4. DemonBot Fans DDoS Flames with Hadoop Enslavement
  5. New DemonBot Attack Hadoop Clusters to Performing DDoS Attacks using Powerful Cloud infrastructure servers

MALVERTISING

Nil

PHISHING

  1. Microsoft bug makes phishing easy, says cybersecurity firm
  2. PhishX –Spear Phishing Tool for Capturing Credentials
  3. “Advanced attacks, spear-phishing and data breaches are the norm, instead of the exception. We need to address these issues with

WEB DEFACEMENT

Nil

BOTNET

  1. Exploits Block List Grows 50% Because of Spambot, Avalanche/Gamarue botnet
  2. 16K Strong DDoS-for-Hire Botnet Provides 420+ GB/s Club to Knock Out Websites
  3. Chalubo Botnet
  4. Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol
  5. New DemonBot Botnet Pulls the YARN in Hadoop Servers

RANSOMWARE

  1. The Week in Ransomware - October 26th 2018 - Decryptors, RaaS, and More
  2. 3 Keys to Reducing the Threat of Ransomware

CRYPTOMINING & CRYPTOCURRENCIES

  1. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  2. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  3. North Korea regime using and exploiting cryptocurrencies
  4. North Korea Backed Two Cryptocurrency Scams This Year, Says Report
  5. No Place for Security as Cryptocurrency Skills Demand Soars
  6. What Is Gridcoin and How Can It Advance Science?
  7. Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol
  8. China’s Alibaba Cloud Expands Enterprise Blockchain Offering to Global Markets
  9. How to become a Monero million(th)aire in just 20 minutes [PODCAST]

MALWARE

  1. Due to Misconfigured Component: DemonBot Malware Infects Multiple Apache Hadoop Servers
  2. PoC Attack Leverages Microsoft Office and YouTube to Deliver Malware
  3. ICMP Shell- Secret Command and Control Channel to Control Victims Machine Using Ping
  4. Scammers use old browser trick to create fake virus download
  5. Campaign 2018: New malware attacks target voters in key battleground states
  6. DeepPhish: Simulating Malicious AI to Act Like an Adversary
  7. .@FireEye #security researchers claimed the Russian government was 'most likely' behind the #Triton #malware attack on an industrial control system
  8. Malicious actors attacked a back-end insurance system and the resulting @HealthCareGov #breach exposed an unknown amount of data on 75,000
  9. An innovative partnership could help Cyber Command fight malware
  10. New Malware Abusing Two Legitimate Windows Files to Steal Victims Personal Data

EXPLOIT

  1. This two-year-old X.org give-me-root hole is so trivial to exploit, you can fit it in a single tweet

VULNERABILITY

  1. CVE-2018-14665 privilege escalation flaw affects popular Linux distros
  2. Cloudflare WAF Bypass Vulnerability Discovered
  3. Code Execution Vulnerability Patched in Cross-Platform MKVToolNix Toolset
  4. Vulnerability Spotlight: Talos-2018-0694 – MKVToolNix mkvinfo read_one_element Code Execution Vulnerability
  5. Microsoft bug makes phishing easy, says cybersecurity firm
  6. A flaw in @Cisco Webex -- called WebExec -- can allow #RemoteCodeExecution. And while experts don't agree on how dangerous
  7. Pentagon Expands Bug Bounty To Include Physical Systems
  8. WebExec vulnerability leaves Webex open to insider attacks
  9. Trivial Bug in X.Org Gives Root Permission on Linux and BSD Systems
  10. Researchers discovered a vulnerability in Cisco #Webex, called #WebExec, which allows local attackers to issue commands as privileged users. @iagox86
  11. Cisco patches command injection bug in Webex Meetings Desktop App for Windows
  12. CVE-2018-9206 was maliciously exploited that multiple websites were linked to the search page to jump to the betting site
  13. CVE-2018-14665: Xorg X Server privilege escalation vulnerabilities
  14. What a crane in the ass: Bug leaves construction machinery vulnerable to evil command injection
  15. Researchers report vulnerability in Microsoft Word's online video feature
  16. A #ZeroDay in the popular #jQuery File Upload plugin could affect thousands of projects and the jQuery #plugin vulnerability may
  17. Vulnerability Spotlight: Talos-2018-0694 - MKVToolNix mkvinfo read_one_element Code Execution Vulnerability
  18. LIVE NETWORKS LIVE555 Streaming Media RTSP Server Remote Code Execution Vulnerability(CVE-2018-4013) Threat Alert
  19. New Privilege Escalation Flaw Affects Most Linux Distributions
  20. Top 5 Application Vulnerabilities: How to Prevent Risks
  21. 7 places to find threat intel beyond vulnerability databases
  22. Zero-day vulnerability in Windows allows privileges escalation