Nov 17, 2018

Sector brief for 2018-11-16

HEALTHCARE

  1. New HealthEquity Data Breach Exposes PII/PHI of Almost 21,000 Customers
  2. SUNY Upstate Hospital announced a former employee inappropriately accessed more than 1,200 patient records.
  3. Apache Struts2 Commons FileUpload Deserialization Remote Code Execution Vulnerability (CVE-2016-100031)Threat Alert

TRANSPORT

  1. Group-IB presented latest cybercrime and nation-state hacking trends in Asia

BANKING & FINANCE

  1. InfoWars: Magecart Infection Points to 'Industrial Sabotage'
  2. Reappearance of Magecart Malware to Infect Virtual Stores
  3. New HealthEquity Data Breach Exposes PII/PHI of Almost 21,000 Customers
  4. Hacking group returns, switches attacks from ransomware to trojan malware
  5. Details of 170,000 Pakistani debit cards leaked on dark web
  6. Cyber News Rundown: Infowars Hacked by Card Skimmers
  7. .@TalosSecurity recently created a #decryptor that helps files affected by the #ransomware #Thanatos -- typically known to not decrypt files
  8. Russian Banks Hit By Major Phishing Attacks
  9. How to Stay One Step Ahead of Phishing Websites — Literally
  10. Group-IB presented latest cybercrime and nation-state hacking trends in Asia
  11. Russian banks hit by major phishing attacks from two hacker groups
  12. ATM Tests Reveal Surprising Security Flaws
  13. tRat is a new modular RAT used by the threat actor TA505
  14. Malaysia’s Largest Media Company Allegedly Suffers Ransomware Attack
  15. Data Breaches on the Rise in Financial Services
  16. Four More Malicious Cryptocurrency Apps on Google Play
  17. Hackers infect Malaysia’s largest media company with ransomware, then demand $6.45 million
  18. #GroupIB #ThreatIntelligence detected large set of compromised payment cards details that was put on sale on underground card shop on
  19. Two hacker groups attacked Russian banks posing as the Central Bank of Russia
  21. Apache Struts2 Commons FileUpload Deserialization Remote Code Execution Vulnerability (CVE-2016-100031)Threat Alert
  22. 5 Top Techniques for Testing Blockchain Apps
  23. Warning Issued by Emirates NBD over VAT Phishing Email Targeting its Customers
  24. Looking Back at LogRhythm Labs' 2018 Predictions for Security - How Did We Do?

INFORMATION & TELECOMMUNICATION

  1. InfoWars: Magecart Infection Points to 'Industrial Sabotage'
  2. Gmail Glitch Offers Stealthy Trick for Phishing Attacks
  3. Analyzing OilRig’s Ops Tempo from Testing to Weaponization to Delivery
  4. This Week in Security News: Holiday Cybercriminals & Cryptomining Malware
  5. Cybaze ZLab- Yoroi team spotted a new variant of the APT28 Lojax rootkit
  6. Word of the Day: social engineering
  7. SUNY Upstate Hospital announced a former employee inappropriately accessed more than 1,200 patient records.
  8. 2FA codes are great for security, except when 26M of them are leaked
  9. #GroupIB #ThreatIntelligence detected large set of compromised payment cards details that was put on sale on underground card shop on
  10. Google, US and Israeli politician Twitter accounts hijacked to promote 'Elon Musk' Bitcoin scam
  11. Two hacker groups attacked Russian banks posing as the Central Bank of Russia
  12. Apache Struts2 Commons FileUpload Deserialization Remote Code Execution Vulnerability (CVE-2016-100031)Threat Alert
  13. French Company Data Breach Causes Sensitive Information Stolen to the Hackers
  14. Magecart become close to a household name with hacks of massive sites like http://Ticketmaster.com , http://Newegg.com and British Airways.
  15. Amid calls for a Windows bug status dashboard, Microsoft belatedly agrees to build one
  16. Looking Back at LogRhythm Labs' 2018 Predictions for Security - How Did We Do?
  17. SentinelOne Detects KeyPass Ransomware! KeyPass is a new ransomware threat that has hit at least 20 countries and appears to be

FOOD

Nil

WATER

Nil

ENERGY

  1. Group-IB presented latest cybercrime and nation-state hacking trends in Asia
  2. Apache Struts2 Commons FileUpload Deserialization Remote Code Execution Vulnerability (CVE-2016-100031)Threat Alert
  3. French Company Data Breach Causes Sensitive Information Stolen to the Hackers

GOVERNMENT & PUBLIC SERVICE

  1. Using Microsoft Powerpoint as Malware Dropper
  2. Operation Shaheen – Pakistan Air Force members targeted by nation-state attackers
  3. Analyzing OilRig’s Ops Tempo from Testing to Weaponization to Delivery
  4. This Week in Security News: Holiday Cybercriminals & Cryptomining Malware
  5. Group-IB presented latest cybercrime and nation-state hacking trends in Asia
  6. Kaspersky Announces the Details of Windows 7 Zero-Day Vulnerability
  7. Looking Back at LogRhythm Labs' 2018 Predictions for Security - How Did We Do?
at
Labels: