Daily brief for 2018-11-23

ASIA

1. US Says China Increased Hacking over Trade Dispute
2. North Korean Hackers Hit Latin American Banks
3. VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition
4. Adobe Flash Player Remote Code Execution Vulnerability Threat Alert
5. VMware Patches Workstation Flaw Disclosed at Hacking Contest

WORLD

6. NUI Galway’s Problem: Misplaced USB Flash Drive Containing Unencrypted Student Records
7. Data breach in OSIsoft
8. New Crypto-Miner Attacks Linux Machines, Kills Other Miners and Anti-Malware
9. Brazil's largest professional association suffers massive data leak
10. German e-government SDK patched against ID spoofing vulnerability
11. US Postal Service Plugs API Flaw - One Year Later
12. US Says China Increased Hacking over Trade Dispute
13. North Korean Hackers Hit Latin American Banks
14. VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition
15. Phishing Used to Launch GreyEnergy's ICS Attacks
16. New Emotet Thanksgiving campaign differs from previous ones
17. Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
18. Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
19. US Postal Service Website Left Data Exposed for Over a Year
20. German eID vulnerability allows hackers to change identities
21. Hacker says USPS ignored serious security flaw for over a year
22. Synthetic identity fraud to drive $48 billion in annual losses by 2023 – Juniper Research
23. Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits
24. Southwest Washington Regional Surgery Center suffered a Phishing attack
25. 60 million users’ data were exposed by the US Postal Service
26. The team discuss continuing activity by the Magecart group, as well as the ways in which #cybercriminals are gearing up

ATTACKS

27. NUI Galway’s Problem: Misplaced USB Flash Drive Containing Unencrypted Student Records
28. Data breach in OSIsoft
29. 8 tips for avoiding phishing, malware, scams, and hacks while holiday shopping online
30. Brazil's largest professional association suffers massive data leak
31. Amazon Snafu Exposed Customers' Names and Email Addresses
32. New Linux crypto-miner steals your root password and disables your antivirus
33. Attackers Are Landing Email Inboxes Without the Need to Phish
34. Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
35. “Back in Black” – Article 13 has YouTube threatening to pull the plug over upload filter
36. Phishing Used to Launch GreyEnergy's ICS Attacks
37. New Emotet Thanksgiving campaign differs from previous ones
38. US Postal Service Website Left Data Exposed for Over a Year
39. .@Amazon unveils new settings to help users avoid S3 data leaks, but UpGuard's Chris Vickery, who uncovered most #AWS exposures,
40. Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits
41. Southwest Washington Regional Surgery Center suffered a Phishing attack
42. A #phishing campaign was recently found to be hijacking the traffic of @Trezor user #cryptocurrency wallets. Learn how such an
43. Software company OSIsoft has suffered a data breach
44. SAVE 50% FOR BLACK FRIDAY! Get half off FREEDOME VPN and TOTAL with coupon code BLACKFRIDAY.
45. DNS Shell – Tool to Compromise and Maintain Control Over Victim Machine
46. @FSecure fait son #BlackFriday ! Profitez de 50% de remise sur une sélection de produits !
47. 60 million users’ data were exposed by the US Postal Service

THREATS

48. 8 tips for avoiding phishing, malware, scams, and hacks while holiday shopping online
49. New Crypto-Miner Attacks Linux Machines, Kills Other Miners and Anti-Malware
50. DoS Vulnerabilities Found in Linux Kernel, Unpatched
51. Apache Hadoop spins cracking code injection vulnerability YARN
52. German e-government SDK patched against ID spoofing vulnerability
53. Malware scum want to build a Linux botnet using Mirai
54. US Postal Service Plugs API Flaw - One Year Later
55. VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition
56. Adobe Flash Player Remote Code Execution Vulnerability Threat Alert
57. Old Printer Vulnerabilities Die Hard
58. VMware Patches Workstation Flaw Disclosed at Hacking Contest
59. Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
60. Black Friday special by Emotet: Filling inboxes with infected XML macros
61. Black Friday special by Emotet: Filling inboxes with infected XML macros
62. Cryptocurrency ‘minting’ flaw could have leached money from exchanges
63. Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
64. USPS Bug affects 60 Million Users, Finally Fixed.
65. German eID vulnerability allows hackers to change identities
66. VMware patches guest-to-host malware vulnerability
67. Internet connected devices might be the hot item for Christmas this year, but are they secure?
68. Hacker says USPS ignored serious security flaw for over a year
69. #WebCache poisoning poses a serious threat to #BrowserSecurity. Learn how #hackers can use unkeyed inputs for malicious intent from expert
70. SMBs suffered the brunt of ransomware attacks in 2018
71. Best way to Remove Malware on Mac, Including Other Unwanted Apps
72. A #phishing campaign was recently found to be hijacking the traffic of @Trezor user #cryptocurrency wallets. Learn how such an
73. CVE-2018-6983: integer overflow vulnerability in VMware Workstation and Fusion
74. The number of ransomware attacks on individuals has come down as it has become harder to get them to pay,
75. New Crypto Malware Spreading that Infects Linux Machines & Removes Anti-Virus
76. Over 500k Play Store users have installed 13 games that contain malware

CRIME

77. Data breach in OSIsoft
78. US Says China Increased Hacking over Trade Dispute
79. Synthetic identity fraud to drive $48 billion in annual losses by 2023 – Juniper Research
80. Software company OSIsoft has suffered a data breach
81. The team discuss continuing activity by the Magecart group, as well as the ways in which #cybercriminals are gearing up

POLITICS

82. NUI Galway’s Problem: Misplaced USB Flash Drive Containing Unencrypted Student Records
83. US Says China Increased Hacking over Trade Dispute
84. Synthetic identity fraud to drive $48 billion in annual losses by 2023 – Juniper Research
85. Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits