Oct 31, 2018

Threat report for 2018-10-30

DATA BREACH & DATA LOSS

  1. How database hacks could impact elections and voters' fears
  2. Girl Scouts data breach exposed personal information of 2,800 members
  3. How database hacks could impact elections and voters' fears
  4. Parties Seek to Settle Yahoo Data Breach Class Action for $50M
  5. Center for Internet Security looks to expand threat sharing program to political campaigns
  6. Internet-Exposed HMIs Put Energy, Water Facilities at Risk: Report
  7. New SamSam ransomware campaign aims at targets across the US
  8. An Update on the jQuery-File-Upload Vulnerability
  9. Millions of Voter Records Up for Sale Ahead of the US Midterm Elections
  10. Prominent #malspam #Nymaim campaign with #BankBot #Anubis for Android UA. APK's dropped from hxxp://pobierz48[.]tk/ SHA256: e0d17f4ff0196c6527f8aa47b3ef220d0f4e712805f99d38a0804f3ea9506ece @ThreatFabric @virqdroid @LukasStefanko @
  11. Disrupting the Flow: Exposed and Vulnerable Water and Energy Infrastructures
  12. Thousands of critical energy and water systems exposed online for anyone to exploit
  13. If it's only able to leak data at 15 bits per hour, is #NetSpectre a serious threat? Learn more about
  14. An email hack affecting the Girl Scouts of Orange County, Calif. may have compromised the personal data of 2,800 members
  15. La tua azienda รจ davvero preparata in caso di data breach?
  16. By me @Forbes: 81.5M Voter Records For Sale On Dark Web Ahead Of Midterm Elections
  17. Compression File Formats of the past Come Haunting in Spam Campaigns
  18. Biggest data breach penalties for 2018
  19. New McAfee Report Reveals Data in the Cloud More Exposed Than Organizations Think

DENIAL-OF-SERVICE

  1. Judge Ordered Man to Pay $8 Million for Launching a DDoS Attack Against Rutgers
  2. Demonbot targets cloud servers for DDoS attacks
  3. New Botnet That Targets Cloud Servers for DDoS Attacks
  4. Anonymous knocks out Gabon government sites with DoS attack
  5. Prominent #malspam #Nymaim campaign with #BankBot #Anubis for Android UA. APK's dropped from hxxp://pobierz48[.]tk/ SHA256: e0d17f4ff0196c6527f8aa47b3ef220d0f4e712805f99d38a0804f3ea9506ece @ThreatFabric @virqdroid @LukasStefanko @

MALVERTISING

Nil

PHISHING

  1. 4 tips to keep safe when phishing for treats this Halloween
  2. AI-Facilitated Product Aims to Stop Spear-Phishing Attacks
  3. INKY emerges from stealth with email spoofing, phishing protection service
  4. Is it a Phish? Halloween Edition
  5. There are plenty of different types of phishing attacks, but they all rely on the same basic mechanism: exploiting human
  6. Report on Phishing Attack Shows Microsoft, Paypal as well as Netflix as the Top Targets
  7. Cofense Triggers its Increased Phishing Defense Services

WEB DEFACEMENT

Nil

BOTNET

  1. Bushido Botnet Offered as MaaS
  2. New Botnet That Targets Cloud Servers for DDoS Attacks
  3. The author of the Mirai botnet gets six months of house arrest
  4. The Russian built #VPNFilter #botnet was previously taken down after 500,000 routers were infected. However, recently it attempted a comeback.
  5. Recently discovered DemonBot Botnet targets Hadoop servers

RANSOMWARE

  1. Fallout Exploit Kit Releases the Kraken Ransomware on Its Victims
  2. Kraken Cryptor Ransomware Gains Popularity Among Cybercriminals
  3. SamSam ransomware group has hit 67 organizations in 2018, researchers say
  4. Ransomware Threat Continues: How Infections Take Place
  5. New SamSam ransomware campaign aims at targets across the US
  6. GandCrab: The Most Popular Multi-Million Dollar Ransomware of the Year
  7. SamSam: Targeted Ransomware Attacks Continue
  8. Threat Report: Jaff Ransomware Causes Havoc
  9. CommonRansom Ransomware Demands RDP Access to Decrypt Files

CRYPTOMINING & CRYPTOCURRENCIES

  1. Fallout Exploit Kit Releases the Kraken Ransomware on Its Victims
  2. Kraken Cryptor Ransomware Gains Popularity Among Cybercriminals
  3. Bitcoin Dealer Who Operated Unlicensed Bitcoin Exchange Faces Five Years in Jail
  4. Kraken Resurfaces From the Deep Web
  5. macOS Cryptomining Malware on the Rise
  6. 3 Reasons Enterprises Are Moving to Decentralized Blockchain Applications
  7. Widely Used Cryptocurrency App Launching 2 Different Powerful Backdoor on Mac Users

MALWARE

  1. Malware Targeting Smartphones via Three DSP Providers
  2. GPlayed Trojan's Baby Brother Is After Your Bank Account
  3. macOS Cryptomining Malware on the Rise
  4. Malware Infection at USGS Traced to Employee’s Habit of Viewing Adult Content
  5. Malicious Apps Removed From Google Play Store
  6. .@FireEye security researchers claimed the Russian government was 'most likely' behind the #Triton #Malware attack on an industrial control system
  7. Employee Watched Porn at Work via 9000 Web pages Drops Malware on U.S Government Network
  8. A fed visited 9,000 porn sites, infecting government networks with Russian malware
  9. GPlayed Trojan's baby brother is after your bank account
  10. Nastiest malware of 2018: Top attack payloads wreaking havoc
  11. Snakes in the grass! Malicious code slithers into Python PyPI repository
  12. The analysis of the attack which uses Excel 4.0 macro to avoid antivirus software detection
  13. Prominent #malspam #Nymaim campaign with #BankBot #Anubis for Android UA. APK's dropped from hxxp://pobierz48[.]tk/ SHA256: e0d17f4ff0196c6527f8aa47b3ef220d0f4e712805f99d38a0804f3ea9506ece @ThreatFabric @virqdroid @LukasStefanko @
  14. How to Be Protected from Malicious Message Crashing PS4 Console
  15. Another #BianLian Android banking #Trojan in #GooglePlay showing his other face by dropping #RedAlert v2.1 CC @Bank_Security @
  16. Widely Used Cryptocurrency App Launching 2 Different Powerful Backdoor on Mac Users
  17. Attackers getting better at quickly generating countless versions of existing #malware #antivirus @MariaKorolov -
  18. Malicious hackers and their interest in bypassing CAPTCHA
  19. Feature to attach video to Word files could be used to send malicious code
  20. Most Important Security Tools and Resources For Security Researcher and Malware Analyst
  21. A good insight for Europeans on the process of the US mid-term elections and whether or it they are hackable

EXPLOIT

  1. Fallout Exploit Kit Releases the Kraken Ransomware on Its Victims
  2. Thousands of critical energy and water systems exposed online for anyone to exploit

VULNERABILITY

  1. Apple Fixes Creepy FaceTime Vulnerability, Crash Bug in macOS, and More
  2. Talos Vulnerability Discovery Year in Review – 2018
  3. CVE-2018-15688: systemd remote code execution vulnerability affects Linux machines
  4. A #RemoteCodeExecution flaw in @Cisco Webex -- called WebExec -- could be an easy vector for insider attacks, and the
  5. Zero-day Windows Deletebug: How to squash this ‘low-quality' pest
  6. Microsoft Office Vulnerability Found, Check Point Research To The Rescue
  7. An Update on the jQuery-File-Upload Vulnerability
  8. Libssh Vulnerability Leaves Servers Open to Unauthorized Access
  9. Windows Zero-Day Vulnerability Disclosed
  10. .@Siemens SICLOCK central plant clocks were recently found to be affected by several vulnerabilities, some of which have been rated
  11. Talos Vulnerability Discovery Year in Review - 2018
  12. 92% of External Web Apps Have Exploitable Security Flaws or Weaknesses: Report
  13. Windows 10 Bug Let UWP Apps Access All Files Without Users' Consent
  14. Unpatched MS Word Flaw Could Allow Hackers to Infect Your Computer
  15. Multiple Linux distributions affected by new vulnerability
  16. Spring Framework 5.1.2 releases: bugs fix
at
Labels: