Nov 17, 2018

Threat report for 2018-11-16

DATA BREACH & DATA LOSS

  1. Russian APT comes back to life with new US spear-phishing campaign
  2. EgressBuster – Compromise Victim via Command & Control using Firewall
  3. Voxox Database Containing Around 26 Million SMS Entries Exposed 2FA, Reset Codes
  4. China's Hack Attacks: An Economic Espionage Campaign
  5. New HealthEquity Data Breach Exposes PII/PHI of Almost 21,000 Customers
  6. AWS Adds New Feature for Preventing Data Leaks
  7. Details of 170,000 Pakistani debit cards leaked on dark web
  8. AWS rolls out new security feature to prevent accidental S3 data leaks
  9. Google BGP route leak was accidental, not hijacking
  10. After early speculation of #malicious intent, experts said an accidental misconfiguration caused the BGP route leak that sent traffic destined
  11. After 2015 OPM data breach, agency failed to update security
  12. 26M Texts Exposed in Poorly Secured Vovox Database
  13. Data Breaches on the Rise in Financial Services
  14. SUNY Upstate Hospital announced a former employee inappropriately accessed more than 1,200 patient records.
  15. 2FA codes are great for security, except when 26M of them are leaked
  16. Business email compromise attacks cost over $676 million in 2017, according to the @FBI's Internet #CrimeReport. Learn how to recognize
  17. #GroupIB #ThreatIntelligence detected large set of compromised payment cards details that was put on sale on underground card shop on
  18. French Company Data Breach Causes Sensitive Information Stolen to the Hackers
  19. Text message database reportedly leaked password resets
  20. New variants of Meltdown and Spectre cause information leaks

DENIAL-OF-SERVICE

Nil

MALVERTISING

Nil

PHISHING

  1. Russian APT comes back to life with new US spear-phishing campaign
  2. Gmail Glitch Offers Stealthy Trick for Phishing Attacks
  3. Russian Banks Hit By Major Phishing Attacks
  4. How to Stay One Step Ahead of Phishing Websites — Literally
  5. Emotet has some customized phish for you
  6. Russian banks hit by major phishing attacks from two hacker groups
  7. Word of the Day: social engineering
  8. Create and enforce a password policy across the enterprise
  10. Massive Rise is Seen in Phishing Attacks
  11. Warning Issued by Emirates NBD over VAT Phishing Email Targeting its Customers
  12. Text message database reportedly leaked password resets
  13. Consider a reputable password manager to store your information, and don’t forget to use a strong password to secure the

WEB DEFACEMENT

Nil

BOTNET

  1. phpMyAdmin Servers Targeted By New Variant of Muhstik Botnet
  2. NTT Security Adds Botnet Infrastructure Detection to Managed Security Services
  3. Mylobot Botnet Now Exfiltrates Data Using Second Stage Khalesi Trojan

RANSOMWARE

  1. Stealthy DarkGate Cryptocurrency Mining and Ransomware Evades AV Detection
  2. SamSam and GandCrab Illustrate Evolution of Ransomware
  3. Hacking group returns, switches attacks from ransomware to trojan malware
  4. .@TalosSecurity recently created a #decryptor that helps files affected by the #ransomware #Thanatos -- typically known to not decrypt files
  5. Malaysia’s Largest Media Company Allegedly Suffers Ransomware Attack
  6. Hacking group returns, switches attacks from ransomware to trojan malware
  7. Hackers infect Malaysia’s largest media company with ransomware, then demand $6.45 million
  8. How does Thanatos ransomware decryptor tool restore data?
  9. SentinelOne Detects KeyPass Ransomware! KeyPass is a new ransomware threat that has hit at least 20 countries and appears to be

CRYPTOMINING & CRYPTOCURRENCIES

  1. Cryptocurrency Trader Gets 15 Months of Jail for Stealing Bitcoin, Litecoin
  2. Stealthy DarkGate Cryptocurrency Mining and Ransomware Evades AV Detection
  3. This Week in Security News: Holiday Cybercriminals & Cryptomining Malware
  4. Most antivirus programs fail to detect this cryptocurrency-stealing malware
  5. Hackers stole millions from ATMs across the world. @verge shares details here.
  6. Four More Malicious Cryptocurrency Apps on Google Play
  7. Google, US and Israeli politician Twitter accounts hijacked to promote 'Elon Musk' Bitcoin scam
  8. 5 Top Techniques for Testing Blockchain Apps
  9. Digital identity, the blockchain and the GDPR: A round peg in a square hole?
  10. New WebCobra Cryptojacking Malware Uses Platform Specific Miners

MALWARE

  1. EgressBuster – Compromise Victim via Command & Control using Firewall
  2. Reappearance of Magecart Malware to Infect Virtual Stores
  3. Using Microsoft Powerpoint as Malware Dropper
  4. Hacking group returns, switches attacks from ransomware to trojan malware
  5. This Week in Security News: Holiday Cybercriminals & Cryptomining Malware
  6. Simple Call Recorder Android Malware
  7. After early speculation of #malicious intent, experts said an accidental misconfiguration caused the BGP route leak that sent traffic destined
  8. Cybaze ZLab- Yoroi team spotted a new variant of the APT28 Lojax rootkit
  9. Researchers at @okta found a bypass that allows #ThreatActors to pose files as legitimate @Apple files despite being #malware and
  10. Most antivirus programs fail to detect this cryptocurrency-stealing malware
  11. APT group TA505 testing out new modular RAT
  12. tRat is a new modular RAT used by the threat actor TA505
  13. Hacking group returns, switches attacks from ransomware to trojan malware
  14. Malicious code hidden in advert images cost ad networks $1.13bn this year
  15. Four More Malicious Cryptocurrency Apps on Google Play
  16. Vaporworms: New breed of self-propagating fileless malware to emerge in 2019
  17. Dridex/Locky Operators Unleash New Malware in Recent Attack
  18. New WebCobra Cryptojacking Malware Uses Platform Specific Miners
  19. AMD launches new mid-range graphics card RX 590 based on 12nm process
  20. Mylobot Botnet Now Exfiltrates Data Using Second Stage Khalesi Trojan

EXPLOIT

Nil

VULNERABILITY

  1. Up to three million kids' GPS watches can be tracked by parents... and any miscreant: Flaws spill pick-and-choose catalog for perverts
  2. Critical WordPress Flaw Grants Admin Access to Any Registered Site User
  3. Adobe Patch Tuesday November Fixed Multiple Information Disclosure Vulnerabilities
  4. Lock-Screen Bypass Bug Quietly Patched in Handsets
  5. Scanning Akamai's Edge Servers for Vulnerabilities, Correctly
  6. ATM Tests Reveal Surprising Security Flaws
  7. SUNY Upstate Hospital announced a former employee inappropriately accessed more than 1,200 patient records.
  8. D-Link router vulnerability detailed
  9. Apache Struts2 Commons FileUpload Deserialization Remote Code Execution Vulnerability (CVE-2016-100031)Threat Alert
  10. Amid calls for a Windows bug status dashboard, Microsoft belatedly agrees to build one
  11. Kaspersky Announces the Details of Windows 7 Zero-Day Vulnerability
at
Labels: