Threat report for 2018-11-20

DATA BREACH & DATA LOSS

1. ESET: Vietnamese hacking group hijacks Southeast Asian sites in watering hole campaign
2. jQuery File Upload Disclosure Due Diligence
3. APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign
4. APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign
5. Voxox leak: Millions of SMS messages exposed
6. Second WordPress hacking campaign underway, this one targeting AMP for WP plugin
7. Vision Direct Reveals Data Breach
8. Instagram glitch exposed some user passwords
9. OSIsoft Warns Employees, Contractors of Data Breach
10. Two Young Men Jailed for Involvement in TalkTalk Data Breach
11. tRat: New Modular RAT Appears in Multiple Email Campaigns
12. Emotet Campaigns Persist, Utilize Updated Tactics and Techniques
13. Mac users using Exodus cryptocurrency wallet targeted by a small spam campaign
14. AWS moves to curb S3 data leaks, but Chris Vickery is doubtful
15. TalkTalk hackers jailed for role in £77m data breach
16. CarBlues – Bluetooth Vehicle Hack Exploit Affects Millions Of Vehicles Exposing Users PII
17. 2018 holiday travel period expected to be the busiest travel season on record
18. Vision Direct 'fesses up to hack that exposed customer names, payment cards
19. Dutch audit finds Microsoft Office leaks confidential data
20. Cozy Bear tracks: Phishing campaign looks like work of Russian APT group
21. Instagram Patched A Data Download Tool Bug That Exposed Users Passwords
22. Two TalkTalk hackers jailed for 2015 data breach that cost it £77 million

DENIAL-OF-SERVICE

23. Tech Docs: Keep Out of the Flood Zone with DoS Protection

MALVERTISING

24. ESET: Vietnamese hacking group hijacks Southeast Asian sites in watering hole campaign
25. Malvertising in Apple Pay Targets iPhone Users
26. OceanLotus: New watering hole attack in Southeast Asia
27. OceanLotus: New watering hole attack in Southeast Asia
28. Confiant spots major malvertising attack

PHISHING

29. Gmail Glitch Enables Anonymous Messages in Phishing Attacks
30. Emotet Returns with Thanksgiving Theme and Better Phishing Tricks
31. Emotet Returns with Thanksgiving Theme and Better Phishing Tricks
32. Russia’s Elite Hackers May Have New Phishing Tricks
33. TEMP.Periscope Spearphishing
34. Report: Emotet makes phishing lures more convincing by scraping victims' emails
35. Zscaler ThreatLabZ Phishing Roundup
36. A little phishing knowledge may be a dangerous thing
37. Cozy Bear tracks: Phishing campaign looks like work of Russian APT group

WEB DEFACEMENT

Nil

BOTNET

38. 200K Outlaw Botnet Uses SSH Brute Forcing to Propagate, Monero Mining for Profit

RANSOMWARE

39. Dharma Ransomware Variant Discovered
40. For Smbs Ransomware Attacks still the Greatest Online Threat
41. Targeted ransomware attacks on the rise in 2018, NCSC warns
42. 2019 Security Predictions – Utilities and Industrial Control Systems Targeted with Ransomware

CRYPTOMINING & CRYPTOCURRENCIES

43. 200K Outlaw Botnet Uses SSH Brute Forcing to Propagate, Monero Mining for Profit
44. Mac users using Exodus cryptocurrency wallet targeted by a small spam campaign
45. Microsoft Releases Azure Blockchain Development Kit
46. Google Account Hacked for Fake Bitcoin Reward
47. Google, Target Hit by Twitter Bitcoin Scam Account Hacks

MALWARE

48. Down But Not Out, WannaCry Malware Continues to Infect Unpatched Windows PCs
49. Infamous Russian Hacking Group Used New Trojan in Recent Attacks
50. 560,000 Duped Into Installing Android Malware in the Form of Fake Driving Games
51. DirtyCOW Is Back In Backdoor Attack Targeting Drupal Web Servers
52. Inserted Malicious URLs within Office Documents’ Embedded Videos
53. Russian hackers are trying out this new malware against US and European targets
54. Russian hackers are trying out this new malware against US and European targets
55. Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan
56. tRat: New Modular RAT Appears in Multiple Email Campaigns
57. Scumbags cram Make-A-Wish website with coin-mining malware
58. DirtyCOW is back in backdoor attack targeting Drupal Web Servers
59. The wiper #malware that briefly disrupted the Winter #Olympics earlier this year appears to be back - now with a
60. 13 Malicious Apps in Google Play With More than 560,000+ Installs

EXPLOIT

61. Hackers Exploit Vulnerability in WP GDPR Compliance Plugin – Update Now
62. CarBlues – Bluetooth Vehicle Hack Exploit Affects Millions Of Vehicles Exposing Users PII

VULNERABILITY

63. Instagram bug exposes user passwords
64. Critical Adobe Flash Bug Impacts Windows, macOS, Linux and Chrome OS
65. Hackers target Drupal servers chaining several flaws, including Drupalgeddon2 and DirtyCOW
66. Flash Player Type Confusion Critical Vulnerability, Another Reason Not to Use It
67. Flash Player Update Patches Disclosed Code Execution Flaw
68. Attackers Target Drupal Web Servers with Chained Vulnerabilities
69. WordPress GDPR Plug-in Contains Privilege Escalation Flaw
70. Hackers Exploit Vulnerability in WP GDPR Compliance Plugin – Update Now
71. Almost 50 Percent of 2018 Vulnerabilities Can Be Exploited Remotely
72. TP-Link fixes 2 Remote Code Execution flaws in TL-R600VPN SOHO Router and other issues
73. Raft of flaws discovered in MiSafes child-monitoring devices
74. Instagram Patched A Data Download Tool Bug That Exposed Users Passwords
75. Can a D-Link router vulnerability threaten bank customers?
76. 3 New Code Execution Flaws Discovered in Atlantis Word Processor
77. Vulnerability Spotlight: Multiple remote code execution vulnerabilities in Atlantis Word Processor
78. Apache OpenOffice 4.1.6 release: important bug fixes and security fixes
79. Almost 50 Percent of 2018 Vulnerabilities Can Be Exploited Remotely
80. #BluetoothDevices might be at risk after a new #Bluetooth vulnerability was found targeting #firmware or operating system software drivers. Learn