Threat report for 2018-11-01

DATA BREACH & DATA LOSS

1. Australian defence contractor Austal hit by data breach
2. Radisson discloses data breach impacting rewards customers
3. 22,000 Records Exposed by JoomlArt in Jira Ticket
4. ‘Aaron Smith’ Sextortion scam campaigns hit tens of thousands of individuals
5. New Bluetooth Vulnerabilities Exposed in Aruba, Cisco, Meraki Access Points
6. Customer Information Stolen in Radisson Hotel Group Data Breach
7. British Airways data breach bigger than originally thought
8. Where Is the Consumer Outrage about Data Breaches?
9. Eurostar Resets Passwords of Customers After Data Breach
10. Radisson Hotel Group suffers data breach, customer info leaked
11. Radisson Rewards Program Targeted in Data Breach
12. "If the schemas prove not to be compatible, a backup of the previous version of a database must be used
13. Emotet Malware – Mass-Harvesting millions of Emails in secret Campaign
14. Last year the @USAgov required agencies to implement #DMARC records and policies by October 2018. Learn just how hard DMARC
15. New Ramnit Campaign Spreads Azorult Malware
16. #NetSpectre leaks data remotely via side-channel attacks. Learn from expert Michael Cobb of @thehairyITdog why data from #microprocessors is not
17. Phishing Attacks Breach 20,000 Patient Records of Catawba Valley Medical Center
18. Radisson Hotel Group Data Breach Exposed Customer’s Personal Data
19. Beware !! Square & PayPal Mobile Point of Sales (POS) Devices Are Extremely Vulnerable to Credit/Debit Card Data Theft

DENIAL-OF-SERVICE

20. Cisco ups the ante for 400G Ethernet with big-bandwidth data-center switches

MALVERTISING

21. Bad ads: Publishers look to stop malvertising for good

PHISHING

22. How phishing is evolving to outpace awareness
23. Going with what works: The state of phishing
24. October may be over – but phishing attacks never stop. Here’s how to make security awareness successful all year round.
25. Trickbot Shows Off New Trick: Password Grabber Module
26. Expert Insights Names Barracuda’s AI powered Sentinel Top Phishing protection product
27. Phishing Attacks Breach 20,000 Patient Records of Catawba Valley Medical Center

WEB DEFACEMENT

Nil

BOTNET

28. Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol
29. Defending your pumpkin from tracker zombies
30. Necurs Botnet Distributing Sextortion Email Scams
31. The Russian built #VPNFilter #botnet was taken down by the @FBI after over 500,000 routers were infected. However, VPNFilter is

RANSOMWARE

32. Ransomware and Back-Up Plans
33. Healthcare Industry Continues To Be the Favourite for Ransomware
34. SamSam Attackers Have Hit 67 Ransomware Targets
35. Nice work if you can get it: GandCrab ransomware nets millions even though it has been broken
36. Crypto-Locking Kraken Ransomware Looms Larger

CRYPTOMINING & CRYPTOCURRENCIES

37. Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol
38. UK considers banning cryptocurrencies for their lack of “intrinsic value”
39. Crypto-Locking Kraken Ransomware Looms Larger
40. Crypto Micropayments: an Exciting Future for Blockchain Transactions

MALWARE

41. 2018’s worst malware revealed in report
42. Trickbot Malware Now Also Steals Passwords From Apps, Web Browsers
43. Emotet Malware, the Most Probable Malware of the Year
44. USB Drives Deliver Dangerous Malware to Industrial Facilities: Honeywell
45. More Typo-Squatting Malware Found on PyPI
46. Employee used US government network for adult websites, infected infrastructure with Russian malware
47. Government employee who used to watch porn at work alleged guilty of infecting with malware a network
48. Malware Analysis for Blue Teams
49. Emotet Malware – Mass-Harvesting millions of Emails in secret Campaign
50. Hackers Drops New Emotet Malware to Perform Mass Email Exfiltration From Victims Email Client
51. New Ramnit Campaign Spreads Azorult Malware
52. Perl-Based Shellbot Looks to Target Organizations via C&C
53. IKARUS Security Software partners with PolySwarm to advance early malware detection
54. Pdgmail – Forensic Tool to Analysis Process Memory Dump

EXPLOIT

55. PoC Exploit Compromises Microsoft Live Accounts via Subdomain Hijacking
56. 0x20k of Ghost Squad Hackers Releases ODay Exploit Targeting Apache Hadoop
57. Hackers Exploit Cisco Zero Day Vulnerability in Wild Resulting in DoS Condition

VULNERABILITY

58. Yi IoT Home Camera Riddled with Code-Execution Vulnerabilities
59. BLEEDINGBIT Bluetooth flaws in TI chips expose enterprises to remote attacks
60. New Bluetooth Vulnerabilities Exposed in Aruba, Cisco, Meraki Access Points
61. Windows Defender Bug Needs a Restart, Not Shutdown, To Enable Sandbox
62. Bluetooth Chip Flaws Expose Enterprises to Remote Attacks
63. Two Zero-Day Bugs Open Millions of Wireless Access Points to Attack
64. Cisco says a flaw in its Adaptive Security Appliance allows remote attacks
65. Talos Vulnerability Deep Dive – TALOS-2018-0636 / CVE-2018-3971 Sophos HitmanPro.Alert vulnerability
66. Security researchers find flaws in chips used in hospitals, factories and stores
67. Bleedingbit: Critical vulnerabilities in BLE chips expose millions of access points to attack
68. Bleedingbit zero-day chip flaws may expose majority of enterprises to remote code execution attacks
69. Cisco Zero-Day Exploited In The Wild To Crash And Reload Devices
70. Zero-Day RCE Vulnerabilities Expose Millions of BLE-Enabled Devices to Attacks
71. Hackers Exploit Cisco Zero Day Vulnerability in Wild Resulting in DoS Condition
72. New BLEEDINGBIT Vulnerabilities Affect Widely-Used Bluetooth Chips
73. Two New Bluetooth Chip Flaws Expose Millions of Devices to Remote Attacks
74. .@Siemens disclosed six SICLOCK flaws that were found within its central plant clocks. Discover why three flaws have been rated
75. Our fabulous @5ean5ullivan explains to @CyberSauna listeners how the multiple vulnerabilities in the US electoral system may be^H^H^H^H^H^Hare being exploited.
76. Bleedingbit Bluetooth Vulnerabilities Expose WiFi APs to Risk
77. Talos Vulnerability Deep Dive - TALOS-2018-0636 / CVE-2018-3971 Sophos HitmanPro.Alert vulnerability
78. Cisco Warns of Zero-Day Vulnerability in Security Appliances
79. Cisco zero-day exploited in the wild to crash and reload devices