Threat report for 2018-11-07

DATA BREACH & DATA LOSS

1. New Jersey AG Announces $200,000 Settlement with Business Associate and Permanent Ban for BA’s Owner due to 2016 Data Breach Affecting Over 1,650 Patients
2. Half a Million People Potentially Affected by Data Breach at Bankers Life
3. Data Of Nearly 700,000 Amex India Customers Exposed Via Unsecured MongoDB Server
4. HSBC Bank Suffers Data Breach
5. Amex India accounts exposed by misconfigured MongoDB installation
6. Data of nearly 700,000 Amex India customers exposed via unsecured MongoDB server
7. Hacker Leaked Unpatched Virtual Box Zero-day Vulnerability and its Exploit Online
8. HSBC Bank Data Breach Exposed Customer’s Account Details and More
9. HSBC US Customers Hit by Data Breach
10. What do you think is the average cost of a data breach?
11. HSBC now stands for Hapless Security, Became Compromised: Thousands of customer files snatched by crims
12. ICO poised to fine Leave campaign and Arron Banks’ insurance biz £135,000
13. HSBC suffers data breach, customer banking info exposed
14. We recently detected an Android banking malware campaign (Anubis) actively targeting the Dutch market by #abusing the @PostNL brand. After
15. New dropper campaign with at least 8 droppers in #GooglePlay (30k+ installs total), found with the help of @avast_antivirus @apklabio.
16. How voting history data benefits political campaigns
17. HSBC Bank Data Breach Exposed Account Numbers, Balances, Transaction History and Other Details
18. Personal data of police and ministries employees leaked by Anonymous Italy
19. Five Guys suffers employees’ data theft
20. Rushed My Health Record changes still missing the point
21. What businesses can learn from political campaigns about using big data

DENIAL-OF-SERVICE

Nil

MALVERTISING

Nil

PHISHING

22. A Phishing Incident is Being Investigated by the Carthage Police
23. Why you should use a password manager
24. They stopped a phishing attack in 10 minutes. It used to take days.
25. Password Grabber Module Added to Trickbot
26. Why Password Management and Security Strategies Fall Short
27. Learn About Phishing Incident Response on Nov 15
28. Learn why @Google chose U2F authentication over OTP to eliminate #PhishingEmails from expert Michael Cobb of @thehairyITdog.
29. A poor password is a key for the wrong person to get in.

WEB DEFACEMENT

Nil

BOTNET

30. IoT Botnet Infects 100,000 Routers To Send Spam
31. Rapidly Growing Router Botnet Takes Advantage of 5-Year-Old Flaw
32. IoT botnet infects 100,000 routers to send Hotmail, Outlook, and Yahoo spam
33. A fresh #botnet is rapidly growing by targeting a five-year-old #vulnerability. So far, @360Netlab said hundreds of thousands of bot
34. Linux servers and IoT devices, main targets of Shellbot botnet

RANSOMWARE

35. Healthcare Targeted by 37 Percent of All Ransomware Attacks in Q3 2018
36. Security Alert: New Dharma Ransomware Strains Alarmingly Go Undetected By Antivirus Engines
37. #SamSam #ransomware targeted 67 organizations in 2018, according to @symantec research. By @MaddieBacon11
38. How to Remove NOBAD Ransomware
39. #Kraken #ransomware as a service is getting more popular after being bundled into the Fallout #ExploitKit and getting more update
40. Managing Third-Party Risk in the Age of Ransomware

CRYPTOMINING & CRYPTOCURRENCIES

41. Uni cans crypto-mining CPU raid by switching off whole IT network
42. Salesforce Aims to Curb Spam With Blockchain
43. Using Blockchain Technology to Solve Global Problems
44. JavaScript attack aimed to reroute bitcoin transactions
45. University shuts down network to thwart Bitcoin cryptojacking scheme
46. Attackers breached Statcounter to steal cryptocurrency from gate.io users
47. Elon Musk Bitcoin Scammers Hijack Verified Status Accounts
48. #Kraken #ransomware as a service is getting more popular after being bundled into the Fallout #ExploitKit and getting more update
49. Hackers seed StatCounter with nasty JavaScript in elaborate Bitcoin theft scheme
50. Blockchain: The Good, the Bad and the Legal
51. New cryptocurrencies offer better anonymity, new security challenges, from @CSOonline http://0fox.co/sSmx30i8vm4 ZeroFOX CTO weighs in on the #infosec challenges
52. Bitcoin Cryptojacking Attack Forces University to Disable Entire Network
53. Researchers rank cryptocurrency exchanges by how secure they are

MALWARE

54. Cisco removed its seventh backdoor account this year, and that's a good thing
55. 3,2 Million New Android Malicious Apps Detected Until the End of Q3 2018
56. Not sure how to tell if your Android phone has a virus? Android malware comes in many forms, ranging from spyware
57. Weekly Threat Briefing: Scammers Ride on Popular Vote411 Voter Info Site to Push Scareware Alerts
58. On the #blog today, we talk about how fileless malware is changing the way we as organizations treats #cyberthreats.
59. We recently detected an Android banking malware campaign (Anubis) actively targeting the Dutch market by #abusing the @PostNL brand. After
60. New dropper campaign with at least 8 droppers in #GooglePlay (30k+ installs total), found with the help of @avast_antivirus @apklabio.
61. Coupa Simplifies Fragmented B2B Payments Process
62. Turning Malware Trends into Proactive Behaviors
63. DHS on Election Day: No malicious cyber-activity observed
64. AMD and TSMC outline 7nm process products to be listed next year

EXPLOIT

65. Hacker Leaked Unpatched Virtual Box Zero-day Vulnerability and its Exploit Online
66. VirtualBox Guest-to-Host escape 0day and exploit released online
67. According to @digitalshadows, attackers used a browser exploit to steal the private #Facebook messages of at least 81,000 people. Read
68. #Virtualbox hat eine #Zeroday Sicherheitslücke. Tipp: Ändern Sie Ihren virtuellen Netzwerkadapter auf etwas anderes als Intel PRO/1000.
69. VirtualBox Zero-Day Vulnerability Details and Exploit Are Publicly Available

VULNERABILITY

70. U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
71. Security Flaws Found in Widely Used Data Storage Devices | Avast
72. A flaw in WooCommerce WordPress Plugin could be exploited to take over e-stores
73. Flaw in Icecast streaming media server allows to take off online Radio Stations
74. VirtualBox zero-day dumped on GitHub
75. Security Researcher Drops VirtualBox Guest-to-Host Escape Zero-Day on GitHub
76. WordPress Flaw Opens Millions of WooCommerce Shops to Takeover
77. Rapidly Growing Router Botnet Takes Advantage of 5-Year-Old Flaw
78. Flaw Leads to RCE in WordPress Plugins, WooCommerce
79. Hacker education, inclusivity, and shifting perceptions of bug bounties
80. Apache alerts developers of remote code execution flaw
81. Evernote Flaw Allows Hackers to Steal Files, Execute Commands
82. Top 20 application vulnerabilities in the enterprise are dominated by Adobe and Microsoft
83. Equifax nemesis Apache Struts found vulnerable to 2-year old unpatched flaw; workaround available
84. Rapid7 Wins Frost & Sullivan 2018 Global Vulnerability Management Market Leadership Award
85. Hacker Leaked Unpatched Virtual Box Zero-day Vulnerability and its Exploit Online
86. Zero-day flaw in VirtualBox details go public
87. Erratic Windows 10 Bug Breaks Changing of Default File Associations
88. Researcher discloses VirtualBox Zero-Day without reporting it to Oracle
89. Serious XSS flaw discovered in Evernote for Windows, update now!
90. Researchers say #Bleedingbit vulnerabilities could allow #RemoteCodeExecution on wireless access points, medical devices and any other products using the affected
91. Enterprises Sinking Under 100+ Critical Flaws Per Day
92. WordPress, WooCommerce flaws combine to allow website hijacking
93. Apache Struts vulnerability would allow system take over
94. Up to 4 million online merchants who use the popular @WooCommerce #WordPress plugin are vulnerable to a file deletion flaw.
95. Researcher Drops Oracle VirtualBox Zero-Day
96. Stop us if you've heard this one: Remote code hijacking flaw in Apache Struts, patch ASAP
97. Bug bounty: Hack the US Air Force and Get Paid
98. Microsoft, Google apps feature in the top 20 vulnerabilities in enterprise environments
99. VirtualBox zero-day published by disgruntled researcher
100. A fresh #botnet is rapidly growing by targeting a five-year-old #vulnerability. So far, @360Netlab said hundreds of thousands of bot
101. .@Siemens SICLOCK central plant clocks were recently found to be affected by several vulnerabilities, some of which have been rated
102. Apache Struts users have to update FileUpload library to fix years-old flaws
103. Zero-Day #Vulnerability Explained
104. November Android Security Update Fixes Critical Bugs, Drops Media Library
105. Researcher publishes new VirtualBox zero-day vulnerability
106. Vulnerabilities in self encrypted SSD allow attackers to bypass disk encryption
107. #Virtualbox hat eine #Zeroday Sicherheitslücke. Tipp: Ändern Sie Ihren virtuellen Netzwerkadapter auf etwas anderes als Intel PRO/1000.
108. Popular WooCommerce WordPress Plugin Patches Critical Vulnerability
109. Google's automated fuzz bot has found over 9,000 bugs in the past two years
110. VirtualBox Zero-Day Vulnerability Details and Exploit Are Publicly Available