Nov 3, 2018

Daily brief for 2018-11-02

ASIA

  1. Shellbot Variant Used in New Botnet, Spreads Using IoT and Linux Vulnerabilities
  2. Stuxnet Returns, Striking Iran with New Variant
  3. This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
  4. Outlaw Hacking Group Using Command Injection Flow To Attack Organizations Network using Botnet via C&C Server
  5. BCMUPnP_Hunter: 100,000-node botnet is abusing routers for spam
  6. Iran has become victim of a cyberattack campaign
  7. Another packed room for .@idefense analyst Mei Nelson discussing China and cryptocurrency. #codeblue_jp @AccentureSecure @AccentureJPNews

WORLD

  1. Shellbot Variant Used in New Botnet, Spreads Using IoT and Linux Vulnerabilities
  2. Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison
  3. Magecart cybergang targeting e-commerce credit card data
  4. New Data Affirms Cyber Threat for Industrial Control Systems
  5. 120 Million Facebook Accounts Compromised, Private Messages of 81,000 for Sale
  6. #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
  7. 85 Millions of voter records available for sale ahead of the 2018 US Midterm Elections
  8. SMS Phishing + Cardless ATM = Profit
  9. Stuxnet Returns, Striking Iran with New Variant
  10. Bluetooth Bugs Speak to Lack of Security in DevOps
  11. Sauter Quickly Patches Flaw in Building Automation Software
  12. This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
  13. Russian hackers compromise 120 million Facebook accounts; private messages on sale online
  14. Beware this malware: it can even survive operating systems being reinstalled
  15. Magecart claims fresh victim in electronics kit seller Kitronik
  16. SamSam ransomware campaigns continue to target U.S. in 2018
  17. BCMUPnP_Hunter: 100,000-node botnet is abusing routers for spam
  18. Multiple #phishing pages on multiple domains targeting Canadian citizens posing as Canadian Revenue Agency, Interac, and others 192.99.86.132 (@OVH) cc: @cybercentre_ca
  19. U.S. Geological Survey Network got Infected with Malware
  20. 85 million voter records on sale
  21. Iran has become victim of a cyberattack campaign
  22. EY launches the world's first secure private transactions over the Ethereum public blockchain

ATTACKS

  1. Two botnets are fighting over control of thousands of unsecured Android devices
  2. Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison
  3. Spam campaign targets Exodus Mac Users
  4. 120 Million Facebook Accounts Compromised, Private Messages of 81,000 for Sale
  5. #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
  6. 85 Millions of voter records available for sale ahead of the 2018 US Midterm Elections
  7. SMS Phishing + Cardless ATM = Profit
  8. ePHI of 8,000 Patients Exposed in Health Plan Breach
  9. Facebook has experienced a number of security-related issues lately, but it doesn't appear to be at fault for the leak
  10. "While most phishing attacks on desktop and laptop computers come via email... a mobile device attack vector can be in
  11. #Phishing targets data that lives outside your enterprise perimeter—putting your entire enterprise at risk. Learn how post-perimeter security enables you
  12. This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
  13. How to password protect a folder or file in Windows | Avast
  14. Russian hackers compromise 120 million Facebook accounts; private messages on sale online
  15. SamSam ransomware campaigns continue to target U.S. in 2018
  16. Feds Accuse Ex-CIA Employee of Continuing Leaks From Prison
  17. Radisson Hotel Group Hit by Data Breach
  18. Spam campaign targets Exodus Mac Users
  19. Just half of Fortune 500 companies have installed DMARC, a tool that guards against email phishing scams, according to new
  20. Shipbuilder, defense contractor Austal reveals data breach
  21. Multiple #phishing pages on multiple domains targeting Canadian citizens posing as Canadian Revenue Agency, Interac, and others 192.99.86.132 (@OVH) cc: @cybercentre_ca
  22. Data theft at Radisson Hotel Group
  23. 85 million voter records on sale
  24. Iran has become victim of a cyberattack campaign
  25. YAPBS – Yet Another Password Breach Scam
  26. Apache HBase 2.1.1 release, distributed database
  27. FIFA admits hack and braces for new leaks

THREATS

  1. Facebook Blames Malicious Extensions in Breach of 81K Private Messages
  2. Shellbot Variant Used in New Botnet, Spreads Using IoT and Linux Vulnerabilities
  3. ​The day computer security turned real: The Morris Worm turns 30
  4. Worst Malware and Threat Actors of 2018
  5. Cisco Security Appliance Zero-Day Found Actively Exploited in the Wild
  6. New Ransomware using DiskCryptor With Custom Ransom Message
  7. BLEEDINGBIT – Two Zero Day Vulnerabilities Affecting Wireless Access Point Bluetooth Chips
  8. #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
  9. Hackers actively exploiting vulnerabilities in Cisco security appliances
  10. Cisco fixed the high-risk security vulnerabilities in variant products
  11. Researchers found #Kraken #ransomware has become more popular after being packaged in the Fallout #ExploitKit and becoming part of an
  12. Bluetooth Bugs Speak to Lack of Security in DevOps
  13. Sauter Quickly Patches Flaw in Building Automation Software
  14. Bleedingbit vulnerabilities put Wi-Fi access points at risk
  15. Adversaries Distribute Malware Via Rarely Used Extensions
  16. Test IO introduces Bug Fix Confirmation, leveraging network of software testers to verify bug fixes
  17. Can you spot a malicious email? Take the quiz at
  18. Antimalware Day: The evolution of malicious code
  19. Flaw in Sophos HitmanPro.Alert could enable hackers to gain privileges over systems
  20. Outlaw Hacking Group Using Command Injection Flow To Attack Organizations Network using Botnet via C&C Server
  21. Intel CPUs impacted by new PortSmash side-channel vulnerability
  22. Beware this malware: it can even survive operating systems being reinstalled
  23. SamSam ransomware campaigns continue to target U.S. in 2018
  24. CISCO warn of a zero-day DoS flaw that is being actively exploited in attacks
  25. Systemd Vulnerability In Linux Could Trigger Remote Attacks And System Crashes
  26. .@ArmisSecurity researchers discovered two chip-level #Bluetooth vulnerabilities -- dubbed #Bleedingbit -- that could allow pseudo #RemoteCodeExecution on wireless access points.
  27. Cisco Reports SIP Inspection Vulnerability
  28. Kraken ransomware gets packaged into Fallout EK
  29. Emotet Trojan Changes Tactics…Again
  30. Mozilla exorcises five bugs on Halloween
  31. Giant ransomware bundle threatens to make malware attacks easier for crooks
  32. Blockwatch: The aeternity Blockchain
  33. Researchers recently found vulnerabilities in #robot controllers from @Universal_Robot. Learn what these robot controllers do and how #ThreatActors exploit these
  34. If you think you have been hacked or got #malware installed, disconnect the internet, leave your device running and connected
  35. U.S. Geological Survey Network got Infected with Malware
  36. Trading with cryptocurrencies without losing self control
  37. EY launches the world's first secure private transactions over the Ethereum public blockchain
  38. Search for “Installing Chrome” on Bing can lead to malicious content
  39. BLEEDINGBIT – Two Bluetooth Chip-level Vulnerabilities Affected Millions of Enterprise Wi-Fi Access Point Devices
  40. Previous malware attacks: When more than 7,5000 of the #Mikrotik routes were reportedly being spied on by attackers
  41. GNOME 3.30.2 released: bugs fix
  42. Attackers Use Zero-Day That Can Restart Cisco Security Appliances
  43. Another packed room for .@idefense analyst Mei Nelson discussing China and cryptocurrency. #codeblue_jp @AccentureSecure @AccentureJPNews

CRIME

  1. Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison
  2. Magecart cybergang targeting e-commerce credit card data
  3. 120 Million Facebook Accounts Compromised, Private Messages of 81,000 for Sale
  4. 85 Millions of voter records available for sale ahead of the 2018 US Midterm Elections
  5. SMS Phishing + Cardless ATM = Profit
  6. Stuxnet Returns, Striking Iran with New Variant
  7. This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
  8. How to password protect a folder or file in Windows | Avast
  9. Beware this malware: it can even survive operating systems being reinstalled
  10. Feds Accuse Ex-CIA Employee of Continuing Leaks From Prison
  11. Radisson Hotel Group Hit by Data Breach
  12. BCMUPnP_Hunter: 100,000-node botnet is abusing routers for spam
  13. Emotet Trojan Changes Tactics…Again
  14. Shipbuilder, defense contractor Austal reveals data breach
  15. Data theft at Radisson Hotel Group
  16. 85 million voter records on sale
  17. Iran has become victim of a cyberattack campaign
  18. Trading with cryptocurrencies without losing self control
  19. EY launches the world's first secure private transactions over the Ethereum public blockchain
  20. YAPBS – Yet Another Password Breach Scam
  21. FIFA admits hack and braces for new leaks

POLITICS

  1. Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison
  2. Spam campaign targets Exodus Mac Users
  3. 85 Millions of voter records available for sale ahead of the 2018 US Midterm Elections
  4. This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
  5. Beware this malware: it can even survive operating systems being reinstalled
  6. Emotet Trojan Changes Tactics…Again
  7. 85 million voter records on sale
  8. Iran has become victim of a cyberattack campaign
at
Labels: