Nov 2, 2018

Daily brief for 2018-11-01

ASIA

  1. ‘Aaron Smith’ Sextortion scam campaigns hit tens of thousands of individuals
  2. Open Letter to Francisco Partners: Continued Misuse of NSO Group’s Pegasus Technology
  3. DOJ indictment spotlights China’s civilian intel agency – and its hacker recruits
  4. Trickbot Shows Off New Trick: Password Grabber Module
  5. SamSam Attackers Have Hit 67 Ransomware Targets
  6. Perl-Based Shellbot Looks to Target Organizations via C&C
  7. CSM-ACE 2018: FireEye Interview – ASEAN Countries Need to Place Greater Focus on Resourcing Their Cyber Defences

WORLD

  1. Australian defence contractor Austal hit by data breach
  2. BLEEDINGBIT Bluetooth flaws in TI chips expose enterprises to remote attacks
  3. Emotet Malware, the Most Probable Malware of the Year
  4. ‘Aaron Smith’ Sextortion scam campaigns hit tens of thousands of individuals
  5. Open Letter to Francisco Partners: Continued Misuse of NSO Group’s Pegasus Technology
  6. New Bluetooth Vulnerabilities Exposed in Aruba, Cisco, Meraki Access Points
  7. Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol
  8. DOJ indictment spotlights China’s civilian intel agency – and its hacker recruits
  9. Bleedingbit: Critical vulnerabilities in BLE chips expose millions of access points to attack
  10. British Airways data breach bigger than originally thought
  11. Eurostar Resets Passwords of Customers After Data Breach
  12. Healthcare Industry Continues To Be the Favourite for Ransomware
  13. Employee used US government network for adult websites, infected infrastructure with Russian malware
  14. CBS News: A Look Behind the Magecart Assault on E-commerce
  15. UK considers banning cryptocurrencies for their lack of “intrinsic value”
  16. Government employee who used to watch porn at work alleged guilty of infecting with malware a network
  17. Trickbot Shows Off New Trick: Password Grabber Module
  18. Radisson Rewards Program Targeted in Data Breach
  19. SamSam Attackers Have Hit 67 Ransomware Targets
  20. Our fabulous @5ean5ullivan explains to @CyberSauna listeners how the multiple vulnerabilities in the US electoral system may be^H^H^H^H^H^Hare being exploited.
  21. Hackers Drops New Emotet Malware to Perform Mass Email Exfiltration From Victims Email Client
  22. Talos Vulnerability Deep Dive - TALOS-2018-0636 / CVE-2018-3971 Sophos HitmanPro.Alert vulnerability
  23. Perl-Based Shellbot Looks to Target Organizations via C&C
  24. The Russian built #VPNFilter #botnet was taken down by the @FBI after over 500,000 routers were infected. However, VPNFilter is
  25. Beware !! Square & PayPal Mobile Point of Sales (POS) Devices Are Extremely Vulnerable to Credit/Debit Card Data Theft
  26. CSM-ACE 2018: FireEye Interview – ASEAN Countries Need to Place Greater Focus on Resourcing Their Cyber Defences

ATTACKS

  1. Australian defence contractor Austal hit by data breach
  2. Radisson discloses data breach impacting rewards customers
  3. 22,000 Records Exposed by JoomlArt in Jira Ticket
  4. ‘Aaron Smith’ Sextortion scam campaigns hit tens of thousands of individuals
  5. New Bluetooth Vulnerabilities Exposed in Aruba, Cisco, Meraki Access Points
  6. How phishing is evolving to outpace awareness
  7. Customer Information Stolen in Radisson Hotel Group Data Breach
  8. Going with what works: The state of phishing
  9. British Airways data breach bigger than originally thought
  10. Where Is the Consumer Outrage about Data Breaches?
  11. Eurostar Resets Passwords of Customers After Data Breach
  12. Radisson Hotel Group suffers data breach, customer info leaked
  13. October may be over – but phishing attacks never stop. Here’s how to make security awareness successful all year round.
  14. Trickbot Shows Off New Trick: Password Grabber Module
  15. Radisson Rewards Program Targeted in Data Breach
  16. "If the schemas prove not to be compatible, a backup of the previous version of a database must be used
  17. Bad ads: Publishers look to stop malvertising for good
  18. Emotet Malware – Mass-Harvesting millions of Emails in secret Campaign
  19. Last year the @USAgov required agencies to implement #DMARC records and policies by October 2018. Learn just how hard DMARC
  20. Expert Insights Names Barracuda’s AI powered Sentinel Top Phishing protection product
  21. New Ramnit Campaign Spreads Azorult Malware
  22. #NetSpectre leaks data remotely via side-channel attacks. Learn from expert Michael Cobb of @thehairyITdog why data from #microprocessors is not
  23. Phishing Attacks Breach 20,000 Patient Records of Catawba Valley Medical Center
  24. Radisson Hotel Group Data Breach Exposed Customer’s Personal Data
  25. Beware !! Square & PayPal Mobile Point of Sales (POS) Devices Are Extremely Vulnerable to Credit/Debit Card Data Theft

THREATS

  1. 2018’s worst malware revealed in report
  2. Yi IoT Home Camera Riddled with Code-Execution Vulnerabilities
  3. BLEEDINGBIT Bluetooth flaws in TI chips expose enterprises to remote attacks
  4. Trickbot Malware Now Also Steals Passwords From Apps, Web Browsers
  5. Emotet Malware, the Most Probable Malware of the Year
  6. USB Drives Deliver Dangerous Malware to Industrial Facilities: Honeywell
  7. New Bluetooth Vulnerabilities Exposed in Aruba, Cisco, Meraki Access Points
  8. More Typo-Squatting Malware Found on PyPI
  9. Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol
  10. Ransomware and Back-Up Plans
  11. Windows Defender Bug Needs a Restart, Not Shutdown, To Enable Sandbox
  12. Bluetooth Chip Flaws Expose Enterprises to Remote Attacks
  13. Two Zero-Day Bugs Open Millions of Wireless Access Points to Attack
  14. Cisco says a flaw in its Adaptive Security Appliance allows remote attacks
  15. Talos Vulnerability Deep Dive – TALOS-2018-0636 / CVE-2018-3971 Sophos HitmanPro.Alert vulnerability
  16. Security researchers find flaws in chips used in hospitals, factories and stores
  17. Bleedingbit: Critical vulnerabilities in BLE chips expose millions of access points to attack
  18. Bleedingbit zero-day chip flaws may expose majority of enterprises to remote code execution attacks
  19. Cisco Zero-Day Exploited In The Wild To Crash And Reload Devices
  20. Healthcare Industry Continues To Be the Favourite for Ransomware
  21. Employee used US government network for adult websites, infected infrastructure with Russian malware
  22. UK considers banning cryptocurrencies for their lack of “intrinsic value”
  23. Government employee who used to watch porn at work alleged guilty of infecting with malware a network
  24. Zero-Day RCE Vulnerabilities Expose Millions of BLE-Enabled Devices to Attacks
  25. Hackers Exploit Cisco Zero Day Vulnerability in Wild Resulting in DoS Condition
  26. New BLEEDINGBIT Vulnerabilities Affect Widely-Used Bluetooth Chips
  27. Two New Bluetooth Chip Flaws Expose Millions of Devices to Remote Attacks
  28. SamSam Attackers Have Hit 67 Ransomware Targets
  29. .@Siemens disclosed six SICLOCK flaws that were found within its central plant clocks. Discover why three flaws have been rated
  30. Nice work if you can get it: GandCrab ransomware nets millions even though it has been broken
  31. Crypto-Locking Kraken Ransomware Looms Larger
  32. Malware Analysis for Blue Teams
  33. Our fabulous @5ean5ullivan explains to @CyberSauna listeners how the multiple vulnerabilities in the US electoral system may be^H^H^H^H^H^Hare being exploited.
  34. Emotet Malware – Mass-Harvesting millions of Emails in secret Campaign
  35. Crypto Micropayments: an Exciting Future for Blockchain Transactions
  36. Bleedingbit Bluetooth Vulnerabilities Expose WiFi APs to Risk
  37. Hackers Drops New Emotet Malware to Perform Mass Email Exfiltration From Victims Email Client
  38. Talos Vulnerability Deep Dive - TALOS-2018-0636 / CVE-2018-3971 Sophos HitmanPro.Alert vulnerability
  39. New Ramnit Campaign Spreads Azorult Malware
  40. Perl-Based Shellbot Looks to Target Organizations via C&C
  41. Cisco Warns of Zero-Day Vulnerability in Security Appliances
  42. Cisco zero-day exploited in the wild to crash and reload devices
  43. IKARUS Security Software partners with PolySwarm to advance early malware detection
  44. Pdgmail – Forensic Tool to Analysis Process Memory Dump

CRIME

  1. Emotet Malware, the Most Probable Malware of the Year
  2. ‘Aaron Smith’ Sextortion scam campaigns hit tens of thousands of individuals
  3. Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol
  4. DOJ indictment spotlights China’s civilian intel agency – and its hacker recruits
  5. Customer Information Stolen in Radisson Hotel Group Data Breach
  6. British Airways data breach bigger than originally thought
  7. Where Is the Consumer Outrage about Data Breaches?
  8. Radisson Hotel Group suffers data breach, customer info leaked
  9. Healthcare Industry Continues To Be the Favourite for Ransomware
  10. October may be over – but phishing attacks never stop. Here’s how to make security awareness successful all year round.
  11. Government employee who used to watch porn at work alleged guilty of infecting with malware a network
  12. Crypto Micropayments: an Exciting Future for Blockchain Transactions
  13. Expert Insights Names Barracuda’s AI powered Sentinel Top Phishing protection product
  14. Necurs Botnet Distributing Sextortion Email Scams
  15. Beware !! Square & PayPal Mobile Point of Sales (POS) Devices Are Extremely Vulnerable to Credit/Debit Card Data Theft
  16. CSM-ACE 2018: FireEye Interview – ASEAN Countries Need to Place Greater Focus on Resourcing Their Cyber Defences

POLITICS

  1. Emotet Malware, the Most Probable Malware of the Year
  2. Open Letter to Francisco Partners: Continued Misuse of NSO Group’s Pegasus Technology
  3. Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol
  4. DOJ indictment spotlights China’s civilian intel agency – and its hacker recruits
  5. SamSam Attackers Have Hit 67 Ransomware Targets
  6. Our fabulous @5ean5ullivan explains to @CyberSauna listeners how the multiple vulnerabilities in the US electoral system may be^H^H^H^H^H^Hare being exploited.
  7. Emotet Malware – Mass-Harvesting millions of Emails in secret Campaign
  8. CSM-ACE 2018: FireEye Interview – ASEAN Countries Need to Place Greater Focus on Resourcing Their Cyber Defences
at
Labels: