Sector brief for 2018-11-21

HEALTHCARE

1. Google Taking Over Health Records Raises Patient Privacy Fears
2. Conficker: A 10-year retrospective on a legendary worm

TRANSPORT

3. Sofacy APT unleashes new 'Cannon' trojan
4. New Campaign by APT Group Sofacy Discovered using new Malware Named Cannon

BANKING & FINANCE

5. Emotet Banking Trojan Uses Stolen Templates to Boost Phishing Campaign Numbers
6. Lazarus APT Uses Modular Backdoor to Target Financial Institutions
7. What Is Windows PowerShell (And Could It Be Malicious)?
8. Spoofed addresses and anonymous sending: new Gmail bugs make for easy pickings
9. USPS Site Exposed Data on 60 Million Users
10. Major Flaws Found in IT Pentagon Processes After First Ever Financial Audit
11. Black Friday Phishing Dos and Don’ts
12. Bah HumBUG: 5 Recent Holiday Phishing Samples You Need to Watch Out For
13. How Retailers Can Protect Against Magecart This Black Friday and Holiday Season
14. New Wine in Old Bottle: New Azorult Variant Found in FindMyName Campaign using Fallout Exploit Kit
15. Phishing Emails with .COM Extensions Are Hitting Finance Departments
16. Black Friday & Cyber Monday Deals: Phishing and Site Skimmers
17. Magecart Black Hats Battle it Out On Infected Site
18. Is Magecart Checking Out Your Secure Online Transactions?
19. Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
20. A @DLink #router vulnerability was used to send banking users to a fake site in order to steal #UserCredentials. Learn
21. Infowars Online Store Got Infected with Card Skimming Malware
22. Signing and Verifying Ethereum Signatures
23. Millions Stolen by North Korea-Linked Hacking Group from Atms in Africa and Asia
24. Malaysia’s largest media company becomes victim of a ransomware attack
25. US Department of Justice is investigating Tether for manipulation of market prices
26. MageCart Group Sabotages Rival to Ruin Data and Reputation
27. Major Flaws Found in IT Pentagon Processes After First Ever Financial Audit

INFORMATION & TELECOMMUNICATION

28. Facebook increases rewards for its bug bounty program and facilitate bug submission
29. Inspiring the Next Generation of Tech Talent
30. Google Taking Over Health Records Raises Patient Privacy Fears
31. What Is Windows PowerShell (And Could It Be Malicious)?
32. Spoofed addresses and anonymous sending: new Gmail bugs make for easy pickings
33. Facebook entices researchers with $40,000 reward for account takeover vulnerabilities
34. USPS Site Exposed Data on 60 Million Users
35. Researchers Reveal Identity of Hacker Behind Massive Data Breaches
36. A hacker known as #Tessa88 offered several compromise databases obtained from LinkedIn, MySpace and other companies. Now Recorded Future believes
37. Black Friday Phishing Dos and Don’ts
38. 13 Malware-Laden Fake Apps on Google Play
39. Facebook Ads Urge Its Staff To Leak Secrets
40. How Retailers Can Protect Against Magecart This Black Friday and Holiday Season
41. New Wine in Old Bottle: New Azorult Variant Found in FindMyName Campaign using Fallout Exploit Kit
42. Amazon UK is notifying a data breach to its customers days before Black Friday
43. Black Friday & Cyber Monday Deals: Phishing and Site Skimmers
44. New Campaign by APT Group Sofacy Discovered using new Malware Named Cannon
45. Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
46. Malicious programs disguised as racing games on Google Play
47. Yikes...#Instagram Accidentally Exposed Some Users' #Passwords In Plaintext
48. #Gmail Glitch Enables Anonymous Messages in #Phishing Attacks:
49. Facebook Increases Rewards for Account Hacking Vulnerabilities
50. Facebook Boosts Bug Bounty Payouts for Account Takeover Flaws
51. OUR BLACK FRIDAY DEALS ARE LIVE! Get 50% off from FREEDOME VPN and TOTAL subscriptions with coupon code BLACKFRIDAY. Buy now:
52. "Luiz O Pinto" pushed 500,000+ installs of malware via Google Play, in ~1 week.
53. How to find, is link malicious/URL or not
54. Microsoft now lets you log into Outlook, Skype, Xbox Live without a password
55. Worried about cryptojacking? Check out how SentinelOne Detects and Protects from GhostMiner CryptoMiner

FOOD

Nil

WATER

Nil

ENERGY

Nil

GOVERNMENT & PUBLIC SERVICE

56. Analyzing OilRig’s Ops Tempo from Testing to Weaponization to Delivery
57. New Pterodo Backdoor Malware Detected By Ukraine
58. New Campaign by APT Group Sofacy Discovered using new Malware Named Cannon
59. White House admits Ivanka Trump used private email for government business
60. New OceanLotus watering hole attacks target southeast Asia
61. Fancy Bear hacker crew Putin dirty RATs in Word documents emailed to govt orgs – report
62. Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
63. Sofacy APT group used a new tool in latest attacks, the Cannon
64. Phishing Scams Serious Problem for Canada’s Global Affairs
65. Russian hackers are conducting more covert attacks on US and European computers
66. Fancy Bear APT Uses New Cannon Trojan to Target Government Entities
67. Russia Linked Group Resurfaces With Large-Scale Phishing Campaign