Nov 23, 2018

Threat report for 2018-11-22

DATA BREACH & DATA LOSS

  1. Almost 9,5 Million PII Records Leaked by Data Aggregator Adapt
  2. China Boosted Technology and Intellectual Property Theft Operations Says USTR
  3. USPS reportedly fixes website bug that exposed data of 60M users
  4. Facebook 'walking dangerous line' as it appeals record fine
  5. USPS finally fixes website flaw that exposed 60 million users' data
  6. Furry erotica site 'High Tail Hall' exposed data of nearly 500K users
  7. The July edition of Beazley Breach Insights found that business email compromise attacks have been rising steadily. Is business email
  8. US Postal Service website vulnerability leaked 60 million user data
  9. Amazon technical failure caused to leaks users’ email addresses
  10. US Postal Service Left 60 Million Users Data Exposed For Over a Year
  11. Amazon Suffered Data Breach – Customers Name & Email Addresses Exposed
  12. Data breaches in schools: How should an academic institution report a security incident to comply with the GDPR?
  13. 500K Italian Public Administration Email Accounts Compromised By Targeted Attack
  14. New @awscloud settings will allow users to batch change permissions with the aim of avoiding accidental S3 data leaks, but

DENIAL-OF-SERVICE

  1. Mirai DDoS baddies take enterprise Linux servers over consumer routers
  2. Emoji Kitten Denial Of Service Attack Continues to Haunt Skype

MALVERTISING

Nil

PHISHING

  1. LastPass login problems caused by cascading server failure
  2. Come evitare che le tue #password diventino la chiave di accesso ai tuoi account
  3. PSA: Phishing Levels Rise Ahead of Black Friday and Cyber Monday
  4. Phishing Attack Compromises Health First Patients’ Data

WEB DEFACEMENT

Nil

BOTNET

Nil

RANSOMWARE

  1. #DidYouKnow A single subscription of AVG Internet Security covers every PC in your family? It also includes webcam and ransomware protection,
  2. Aurora / Zorro Ransomware Actively Being Distributed
  3. How does @TalosSecurity's discovery change the way you or your enterprise views #ransomware?
  4. The Rotexy mobile Trojan – banker and ransomware

CRYPTOMINING & CRYPTOCURRENCIES

  1. Silicon Valley Hacker Swipes Millions Worth of Cryptocurrency Using SIM Swapping
  2. SIM swap! Man charged after million dollar cryptocurrency theft
  3. SIM swap! Man charged after million dollar cryptocurrency theft
  4. Researchers recently discovered a new #MacOS #malware that targets #cryptocurrency investors through chat platforms. Discover how this is possible and
  5. North Korea To Host Cryptocurrency and Blockchain Conference

MALWARE

  1. Google’s Practical Action Against Malware and Its Authors
  2. Rotexy Mobile Trojan Launches 70k+ Attacks in Three Months
  3. Found this picture of myself doing an internal briefing on the Nimda worm in 2001. Note the size of the
  4. A bypass was found by @okta researchers that allows #macOS #malware to pose as @Apple files despite needing to be
  5. The Rotexy mobile Trojan – banker and ransomware
  6. Researchers recently discovered a new #MacOS #malware that targets #cryptocurrency investors through chat platforms. Discover how this is possible and
  7. Research reveals that 44% of industrial facilities have USB malware risks
  8. Do you believe that the application #security vetting process would benefit from the addition of an entropy source?
  9. Emotet malware runs on a dual infrastructure to avoid downtime and takedowns
  10. Hacking Syndicate TA505 Back with Focus on Info-Stealing Trojan

EXPLOIT

  1. How Dropbox's red team discovered an Apple zero-day exploit chain by accident
  2. How was a black box attack used to exploit ATM vulnerabilities?

VULNERABILITY

  1. USPS reportedly fixes website bug that exposed data of 60M users
  2. [SingCERT] Alert on Adobe Flash Player Vulnerability (CVE-2018-15981)
  3. #Irisscon: Stop Siloing Vulnerability Management to Deal with Old Bugs
  4. .@radware #cybersecurity researchers found hackers to be targeting bank users via a #router vulnerability. Learn how a fake banking site
  5. Cross-site search attack applied to snoop on Google’s bug tracker
  6. Facebook And Instagram Went Down Due To A Server Bug
  7. SSL vulnerability scanner – MassBleed
  8. Flaw allowing identity spoofing affects authentication based on German eID cards
  9. USPS finally fixes website flaw that exposed 60 million users' data
  10. Update now! Adobe Flash has another critical security vulnerability
  11. How Dropbox's red team discovered an Apple zero-day exploit chain by accident
  12. How was a black box attack used to exploit ATM vulnerabilities?
  13. CyberSecurity Asean security alert on Multiple Vulnerabilities in VMware vSphere Data Protection Could Allow for Remote Code Execution
  14. Experts found first Mirai bot targeting Linux servers via Hadoop YARN flaw
  15. VMware Releases Critical Security Updates for Multiple Vulnerabilities
  16. US Postal Service website vulnerability leaked 60 million user data
  17. Facebook Increases Average Bounty rewards for High Impact Vulnerabilities
  18. Facebook raises rewards for a security vulnerabilities to $40,000
at
Labels: