Threat report for 2018-11-29
DATA BREACH & DATA LOSS
- Atrium Health’s Databreach: 2.65 Million Patient Records Publicly Revealed
- Dell Forces Password Reset for Online Customers Following Data Breach
- Dell remains quiet on attempted data breach
- 2.6 Million Atrium Health Patient Records Compromised by Vendor AccuDoc
- Iranian duo charged with SamSam ransomware-slinging campaign
- The Fractured Block Campaign: CARROTBAT Used to Deliver Malware Targeting Southeast Asia
- SKY Brasil Exposes 32 Million Customer Records
- US Charges Hackers in Multimillion Dollar Ransomware Campaign
- Dunkin' Donuts Serves Up Data Breach Alert
- Uber fined $1.1 million by UK and Dutch regulators over 2016 data breach
- US Indicts Two Iranians for SamSam Campaign Blitz
- London-based Urban Massage app leaks data on 300K customers, including sexual misconduct claims
- Database breach affects 2.6 million Atrium Health patients
- Dell data breach – Dell forces password reset after the incident
- Records of 114 Million US Citizen and Companies Exposed Online
- How have #phishing campaigns threatened your #EnterpriseSecurity system?
- AccuDoc Data Breach impacted 2.6 Million Atrium Health patients
- Dell Resets User Passwords Following Data Breach
- Atrium Health Data Breach Affected More than 2 Million Patients
- UK and Dutch Regulators Fined Uber for $1.1 Million over 2016 Data Breach
- Dell Hacked – Data Breach Exposed Names, Email addresses & Hashed Passwords
- A targeted attack attempting to steal #cryptocurrency took advantage of open source software with a compromised #NPM package and experts
DENIAL-OF-SERVICE
Nil
MALVERTISING
Nil
PHISHING
- Users Failing Phishing Simulations? That’s ok
- Dell Forces Password Reset for Online Customers Following Data Breach
- Accenture: Russian hackers using Brexit talks to disguise phishing lures
- Office workers beware: Holiday gift card spear phishing attacks on the rise
- Blazy – Open Source Modern Login Brute-forcer
- Smashing Security #106: Google Maps, Fed phishing, and Grinch bots
- Dell data breach – Dell forces password reset after the incident
- NEW: Russian hackers using Brexit talks to disguise its phishing lures
- Threat Spotlight: New spear phishing attack gift card scam
- How have #phishing campaigns threatened your #EnterpriseSecurity system?
WEB DEFACEMENT
Nil
BOTNET
- Anti-Botnet Guide Aims to Tackle Automated Threats
- “And once a device is part of a botnet, it leaves them open for future attacks. So users should avoid
- Smashing Security #106: Google Maps, Fed phishing, and Grinch bots
- The Justice Department, FBI and several tech and cybersecurity companies have dismantled the #3ve #botnet, and eight individuals have been
RANSOMWARE
- A free decryption tool is available for Thanatos ransomware victims
- Colorado Agency Targeted in Nationwide Ransomware Scheme
- SamSam ransomware actors charged, sanctioned by US government
- Iranian duo charged with SamSam ransomware-slinging campaign
- U.S. DoJ charges Iranian duo over SamSam Ransomware activity
- US charges Iranian hackers for SamSam ransomware attacks
- US charges Iranian hackers for SamSam ransomware attacks
- US indicts two over SamSam ransomware attacks
- US Charges Hackers in Multimillion Dollar Ransomware Campaign
CRYPTOMINING & CRYPTOCURRENCIES
- AriseBank CEO faces 120 years behind bars over alleged cryptocurrency scam
- Hacker takes over JavaScript library, injects malware to steal Bitcoin
- A targeted attack attempting to steal #cryptocurrency took advantage of open source software with a compromised #NPM package and experts
MALWARE
- Rotexy malware morphs into dangerous banking Trojan
- Banking Trojan Made in Brazil? A Brief Look
- Overall Volume of Thanksgiving Weekend Malware Attacks Lower This Year
- Brazilian Financial Malware Spreads Beyond National Boundaries
- Indian Police Break Up International Computer Virus Scam
- Inside the Google Docs Malicious Network
- The Fractured Block Campaign: CARROTBAT Used to Deliver Malware Targeting Southeast Asia
- Beware the Malware-Laden Brexit News
- KingMiner malware hijacks the full power of Windows Server CPUs
- Malicious developer creates wormable, fileless variant of njRAT
- Brazilian-made bank trojan
- READ: The threat actor SNAKEMACKEREL (#FancyBear) leveraged current geopolitical events and #Brexit themed lure documents to deliver first-stage malware
- Proofpoint: Hackers testing new reconnaissance #malware on financial institutions.
- Beware the Malware-Laden Brexit News https://ubm.io/2Ql2DyP by @ErickaChick
- Analysis Report of the XorDDoS Malware Family
- Hacker takes over JavaScript library, injects malware to steal Bitcoin
- Several Malicious Apps on Google Play Posing as Voice Messenger Steal User Personal Information
- Mobile Malware Attacks Increase as Holiday Season Nears
- Pervasive Brazilian financial malware targets bank customers in Latin America and Europe
EXPLOIT
- Cisco Patches SQL Injection Flaw in Prime License Manager
- Hackers can exploit this bug in surveillance cameras to tamper with footage
VULNERABILITY
- GCHQ: this is how we decide to report a security bug or keep it a secret
- Critical Zoom Flaw Lets Hackers Hijack Conference Meetings
- USPS API Security Vulnerabilities Caused by Functional Errors
- Cisco Patches SQL Injection Flaw in Prime License Manager
- Cisco Patches Critical Bug in License Management Tool
- Hackers can exploit this bug in surveillance cameras to tamper with footage
- A security hole in a mail preview program may have made the data of 60 million customers vulnerable.
- A security researcher notified the @USPS of an #API vulnerability one year ago. But the #USPS website flaw was only
- GCHQ: We don't tell tech companies about every software flaw
- Symantec comes out in swinging in bitter legal battle over security bug audit conspiracy claims
- Widely Used Web Conference Service Zoom Patches Critical Flaw
- A new vulnerability was discovered to affect #Bluetooth #firmware or operating system software drivers. Learn what this vulnerability is and
- Facebook Increases Bug Bounty Payouts to Improve User Security
