Threat report for 2018-11-08

DATA BREACH & DATA LOSS

1. California Girl Scouts branch suffers data breach
2. IT Security Culture Evolution of Businesses Exposed
3. Canada Post Leaked Personal Data of 4,500 Cannabis Customers
4. 689,272 plaintext records of Amex India customers exposed online
5. 3.6 Billion Records Exposed in Data Breaches Until the End September 2018
6. DJI Drone Flight Logs, Photos and Videos Exposed to Unauthorized Access
7. Canada Post Leaked Personal Data On Cannabis Smokers
8. Drone Vulnerability Could Compromise Enterprise Data
9. Oracle's VirtualBox Vulnerability Leaked By Disgruntled Researcher
10. Radisson Loyalty Program Compromised
11. Test Your Employees with Internal Phishing Campaigns
12. DJI Drone Vulnerability Exposed Customer Data, Flight Logs, Photos and Videos
13. Business email compromise attacks cost over $676 million in 2017, according to the @FBI's Internet #CrimeReport. Learn how to recognize
14. According to the 2018 Cost of a Data Breach Study by @PonemonPrivacy & @IBM, the global average cost of a
15. Canada Post leaked personal data, orders of thousands of cannabis smokers
16. HSBC Bank Alerts US Customers to Data Breach
17. StatCounter platform compromised to infect gate.io exchange with bitcoin-stealing code
18. Users Stop Engaging With Brands After Data Breaches, Report Finds
19. Phishing extortion campaign using new, more effective methods
20. Gamasutra user privacy fragged following IP leak discovery
21. HSBC confirms data theft in the United States
22. Increasing value of personal data a 21st century challenge

DENIAL-OF-SERVICE

23. Cambodia's ISPs Hit By Massive DDoS Attacks
24. DerpTroll Admits To DDoS On EA, Steam, Sony Game Servers
25. 4 Cambodia’s ISPs Attacked by DDoS
26. DDoS attack on Cambodia’s top ISPs reached 150Gbps
27. Man Behind DDoS Attacks on Gaming Companies Pleads Guilty
28. To Pay or Not to Pay: A Large Retailer Responds to #DDoS Extortion Find out what happened here:
29. Cambodia's ISPs hit by some of the biggest DDoS attacks in the country's history
30. Hacker Behind Series of DoS Attack Targeting Gaming Companies Pleaded Guilty

MALVERTISING

Nil

PHISHING

31. Test Your Employees with Internal Phishing Campaigns
32. Most IT Security Pros Underestimate Phishing Risks
33. Most Enterprises Fail to Implement Proper Protection Against Phishing Attacks
34. Phishing extortion campaign using new, more effective methods
35. How many of these bad password habits do you have?
36. Good article about the password problem and a statistic that shows just how bad a problem it has now become...

WEB DEFACEMENT

Nil

BOTNET

37. Botnet Infects 100,000 Routers to Send Outlook, Hotmail, and Yahoo Spam
38. New Spam Botnet Likely Infected 400,000 Devices
39. Spam-spewing IoT botnet infects 100,000 routers using five-year-old flaw
40. Spam-spewing IoT botnet infects 100,000 routers using five-year-old flaw
41. Spam Botnet of Over 100K Routers Abuses UPnP

RANSOMWARE

42. Dharma Ransomware Hits Altus Baytown Hospital's Systems

CRYPTOMINING & CRYPTOCURRENCIES

43. Hackers Charged for Creating 6K Strong Cryptojacking Network
44. Can Blockchain Solve The Problem of Blood Diamonds?
45. Hackers Attack Crypto Exchange With Bitcoin-Stealing Malware
46. Managing the Intersection of Cryptocurrency and Compliance
47. Hackers from North Korea still breaking into PCs for mining crypto-currencies
48. SIM Swapping Hacker Group Who Managed to Steal $80,000 Worth of Cryptocurrency Got Arrested
49. Cryptocurrency Mining Malware uses Various Evasion Techniques, Including Windows Installer, as Part of its Routine
50. Beware of scams! Elon Musk is not giving away bitcoin on Twitter
51. StatCounter platform compromised to infect gate.io exchange with bitcoin-stealing code
52. Canadian University Undergoes A Forced Shutdown After Cryptojacking Attack
53. StatCounter Analytics Code Hijacked to Steal Bitcoins from Cryptocurrency Users

MALWARE

54. Triton Malware Spearheads Latest Generation of Attacks on Industrial Systems
55. Pentagon Draws Back the Veil on APT Malware with Sudden Embrace of VirusTotal
56. Google: Newer Android versions are less affected by malware
57. Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets
58. Symantec Uncovers North Korean Group's ATM Attack Malware
59. Metamorfo Banking Trojan Keeps Its Sights on Brazil
60. Hackers Attack Crypto Exchange With Bitcoin-Stealing Malware
61. The Pentagon has suddenly started uploading #malware samples from APTs and other nation-state sources to the website VirusTotal.
62. Symantec researchers dissect North Korean malware used in ATM attacks
63. Banking Malware Takes Aim at Brazilians
64. Cryptocurrency Mining Malware uses Various Evasion Techniques, Including Windows Installer, as Part of its Routine
65. The Cyber National Mission Force will share unclassified U.S. Cyber Command #malware samples to #VirusTotal and one expert hopes there
66. U.S. Cyber Command CNMF Shares unclassified malware samples via VirusTotal
67. US Cyber Command starts uploading foreign APT malware to VirusTotal
68. U.S. Cyber Command malware samples to be logged in VirusTotal
69. Metamorfo Banking Trojan Keeps Its Sights on Brazil
70. Spyware disguised as Spanish banking apps removed from Google Play
71. Unclassified #malware samples from U.S. Cyber Command will be shared with @virustotal by the Cyber National Mission Force. @MalwareJake @stephengillett
72. Did you miss yesterday's #blog? Catch up on how fileless #malware is changing the way we as organizations are treating
73. "The presence of the insecure remote access software on systems used for election management raised concerns that malicious #ThreatActors --
74. U.S. Cyber Command Shares Malware via VirusTotal
75. US Cyber Command starts uploading foreign APT malware to VirusTotal

EXPLOIT

76. Cisco hunts for Apache Struts 2 FileUpload bug and finds DIRTY CoW exploit
77. Cisco Accidentally Released Dirty Cow Exploit Code in Software
78. VirtualBox zero-day flaw released on Github; working exploit available but no patch
79. Unpatched VirtualBox Zero-Day Vulnerability and Exploit Released Online

VULNERABILITY

80. Companies swamped by critical vulnerabilities – Tenable
81. Cisco hunts for Apache Struts 2 FileUpload bug and finds DIRTY CoW exploit
82. Bleedingbit Vulnerabilities Could Affect Enterprises Worldwide
83. Steam bug could have given you access to all the CD keys of any game
84. Drone Vulnerability Could Compromise Enterprise Data
85. Oracle's VirtualBox Vulnerability Leaked By Disgruntled Researcher
86. [SingCERT] Alert on Nginx Vulnerabilities (CVE-2018-16843, CVE-2018-16844, and CVE-2018-16845)
87. Active Exploitation of Newly Patched ColdFusion Vulnerability (CVE-2018-15961)
88. Several Vulnerabilities Patched in nginx
89. Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain
90. WooCommerce Plugin file deletion vulnerability exposes WordPress 'failing open' design flaw
91. VirtualBox zero-day flaw released on Github; working exploit available but no patch
92. DJI Drone Vulnerability Exposed Customer Data, Flight Logs, Photos and Videos
93. DJI Patches Forum Bug That Allowed Drone Account Takeovers
94. Spam-spewing IoT botnet infects 100,000 routers using five-year-old flaw
95. Ranting researcher publishes VM-busting zero-day without warning
96. Spam-spewing IoT botnet infects 100,000 routers using five-year-old flaw
97. DJI Drone Vulnerability
98. iOS 12.1 Vulnerability
99. Encryption flaws in solid state drives enable unauthorised data access
100. Microsoft Bug is Deactivating Windows 10 Pro Licenses and Downgrading to Home
101. Ranting researcher publishes #VM-busting zero-day without warning
102. We don' need no stinkin' bounties: VirtualBox guest-to-host escape zero-day lands at GitHub
103. Vulnerabilities In Major Self-Encrypting SSDs Allow Encryption Bypass and Affect Bitlocker
104. [SingCERT] Alert on Critical Apache Struts 2 Remote Code Execution Vulnerability (CVE-2016-1000031)
105. XSS flaw in Evernote allows attackers to execute commands and steal files
106. Critical authentication flaw in DJI drone web app fixed
107. Commoditization of Computing Hardware and the Bugs It Contains
108. 4 Million Shops Installed WooCommerce Plugin RCE Flaw Allows Attacker to Gain WordPress Sites Admin Access
109. A year later, @amarekano's Android overlay bug has been included in the AOSP November 2018 patched notes as CVE-2018-9524
110. Unpatched VirtualBox Zero-Day Vulnerability and Exploit Released Online