Daily brief for 2018-11-05

ASIA

1. Google dorks were the root cause of a catastrophic compromise of CIA’s communications
2. Cyber-Attacks: How to Stop a Multibillion-Dollar Problem
3. Persian Stalker pillages Iranian users of Instagram and Telegram
4. A cybersecurity lesson: educational sites suffer rise in DDoS attacks in Q3

WORLD

5. Week in review: Volume of Australian data breaches continues unabated
6. Inception Group Uses POWERSHOWER Backdoor in Two-Stage Spear Phishing Attacks
7. What were the DDoS numbers for Q2 & Q3 2018?
8. Google dorks were the root cause of a catastrophic compromise of CIA’s communications
9. Your personal data is widely available to hackers
10. Magecart Infiltrates U.K. Online Retailer Kitronik POS
11. Inside SearchPageInstaller | macOS Malware Deploys a MITM Attack
12. Akado Telecom Accidentally Leaks Customers' Names, Phone Numbers, And Addresses
13. Magecart Strikes Again, and Kitronik Is Latest Victim
14. Inception Attackers Target Europe with Year-old Office Vulnerability
15. Kemp Investigates Dems, Not the Reported Vulnerability
16. Australian shipbuilder Austal hit by data breach
17. Cyber-Attacks: How to Stop a Multibillion-Dollar Problem
18. Equifax Set to Share More PII with Experian
19. #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
20. Over 80,000 Facebook User Accounts Compromised
21. Why malware attacks should no longer be a problem for businesses
22. Critical 'Bleedingbit' flaws found in microcontrollers used by Wi-Fi access points
23. Persian Stalker pillages Iranian users of Instagram and Telegram
24. Kemp Cites Voter Database Hacking Attempt, Gives No Evidence
25. A cybersecurity lesson: educational sites suffer rise in DDoS attacks in Q3
26. "A lot of people in Congress are concerned that the Facebook influence campaigns are about the midterms, but to me
27. "Shipbuilder Austal Ltd said on Thursday its Australian business had detected and responded to a data breach"

ATTACKS

28. Week in review: Volume of Australian data breaches continues unabated
29. Almost 300 Percent Increase in eCommerce Phishing Attacks in Q3 2018
30. Inception Group Uses POWERSHOWER Backdoor in Two-Stage Spear Phishing Attacks
31. Google dorks were the root cause of a catastrophic compromise of CIA’s communications
32. Your personal data is widely available to hackers
33. This Tool Shows Exposed Cameras Around Your Neighborhood
34. New Side-Channel Vulnerability Leaks Sensitive Data From Intel Chips
35. How to use Firefox Master Password.
36. Why you should be using a password manager
37. Akado Telecom Accidentally Leaks Customers' Names, Phone Numbers, And Addresses
38. Australian shipbuilder Austal hit by data breach
39. How did @Google eliminate successful #PhishingAttacks? Learn how employees used U2F authentication and physical #SecurityKeys to defend against phishing from
40. Password Constraints and Their Unintended Security Consequences
41. Equifax Set to Share More PII with Experian
42. #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
43. National biometric database could be on the way (and in private hands)
44. Over 80,000 Facebook User Accounts Compromised
45. Cybercriminals Using SMS Phishing Attack to Rob Cardless ATM
46. How can U2F authentication end phishing attacks?
47. Phishing attacks up by 297 percent across eCommerce in Q3 2018
48. "If an organization created #DMARC records for the first time, it would encounter syntax and content issues -- one of
49. Kemp Cites Voter Database Hacking Attempt, Gives No Evidence
50. "A lot of people in Congress are concerned that the Facebook influence campaigns are about the midterms, but to me
51. "Shipbuilder Austal Ltd said on Thursday its Australian business had detected and responded to a data breach"

THREATS

52. Apache warns Struts 2.3 is using a library with a two year old critical flaw
53. Inception Group Uses POWERSHOWER Backdoor in Two-Stage Spear Phishing Attacks
54. Online Radio Stations at Risk from Icecast Flaw
55. No, blockchain isn't the answer to our voting system woes
56. PoC Available for Microsoft Edge Zero-Day RCE, Exploit Under Development
57. Flaws In Self-Encrypting SSDs Let Attackers Bypass Encryption
58. New Side-Channel Vulnerability Leaks Sensitive Data From Intel Chips
59. Inside SearchPageInstaller | macOS Malware Deploys a MITM Attack
60. Why Are Deserialization Vulnerabilities So Popular?
61. Fake Elon Musk Twitter Bitcoin Scam Earned 180K in One Day
62. Another wave of Elon Musk bitcoin scams spread by verified Twitter accounts
63. Flaws in self-encrypting SSDs let attackers bypass disk encryption
64. [SingCERT] Technical Advisory on Vulnerabilities in Bluetooth Low Energy Chips by Texas Instruments (CVE-2018-16986 and CVE-2018-7080)
65. Inception Attackers Target Europe with Year-old Office Vulnerability
66. Malware of the 1980s: Looking back at the Brain Virus and the Morris Worm
67. Kemp Investigates Dems, Not the Reported Vulnerability
68. Flaws in Popular SSD Drives Bypass Hardware Disk Encryption
69. Flaw in Icecast streaming media server allows to take off online Radio Stations
70. Security researchers exploit Intel hyperthreading flaw to break encryption
71. .@ArmisSecurity researchers discovered two chip-level #Bluetooth vulnerabilities -- dubbed #Bleedingbit -- that could allow pseudo #RemoteCodeExecution on wireless access points.
72. Vulnerabilities’ CVSS scores soon to be assigned by AI
73. Cisco Products Affected By A Zero-Day SIP Inspection Vulnerability Exploited In The Wild
74. #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
75. Researchers found #Kraken #ransomware has become more popular after being packaged in the Fallout #ExploitKit and becoming part of an
76. High severity XML external entity flaw affects Sauter building automation product
77. Security firm Armis has discovered two vulnerabilities in Bluetooth Chips from several networking industry leaders.
78. Blockhead makes blockchain easy for developers
79. Why malware attacks should no longer be a problem for businesses
80. Critical 'Bleedingbit' flaws found in microcontrollers used by Wi-Fi access points
81. Mozilla Patched Multiple Security Vulnerabilities in Thunderbird 60.3
82. Android Rat – TheFatRat to Hack and Gain access to Targeted Android Phone
83. Apple Patched Multiple XNU Kernel Vulnerabilities In MacOS And iOS
84. Scammers Ride on Popular Vote411 Voter Info Site to Push Scareware Alerts
85. The building blocks of blockchain-based digital identity
86. Companies implementing DevSecOps address vulnerabilities faster than others
87. How to Get Rid of Cortana Runtime Broker CPU Miner Virus
88. The Ultimate Guide to Bug Bounty Platforms
89. PortSmash – A New Side Channel Vulnerability in SMT/Hyper-Threading That Allows Attackers To Steal Sensitive Data
90. Security Think Tank: Three ways to safeguard against application layer vulnerabilities
91. Security Bug in Icecast Puts Online Radio Stations At Risk
92. Researchers discover new zero-day vulnerability in EDGE browser
93. Fake malicious @RSAsecurity #SecurID malware in pre-release state on @GooglePlay: - Currently gathering information (profiling) the mobile device it is installed
94. Video analysis of Android banking Trojan found on Google Play (Red Alert 2)
95. Recently there have been a lot of packed Android malware around, so I decided to write a blog-post on how

CRIME

96. Week in review: Volume of Australian data breaches continues unabated
97. Original Mirai botnet creator hit with hefty financial sentence
98. Fake Elon Musk Twitter Bitcoin Scam Earned 180K in One Day
99. Australian shipbuilder Austal hit by data breach
100. Cyber-Attacks: How to Stop a Multibillion-Dollar Problem
101. Equifax Set to Share More PII with Experian
102. Over 80,000 Facebook User Accounts Compromised
103. Cybercriminals Using SMS Phishing Attack to Rob Cardless ATM
104. Persian Stalker pillages Iranian users of Instagram and Telegram
105. Phishing attacks up by 297 percent across eCommerce in Q3 2018
106. The Ultimate Guide to Bug Bounty Platforms

POLITICS

107. Google dorks were the root cause of a catastrophic compromise of CIA’s communications
108. Kemp Investigates Dems, Not the Reported Vulnerability
109. Cyber-Attacks: How to Stop a Multibillion-Dollar Problem
110. "A lot of people in Congress are concerned that the Facebook influence campaigns are about the midterms, but to me