Threat report for 2018-09-21

DATA BREACH

1. What Are Honeywords? Password Protection for Database Breaches
2. Snap! Microsoft database flaw, internet to split? Plus, asteroid probed
3. Twitter Flaw Exposed Direct Messages To External Developers
4. Twitter Flaw Exposed Direct Messages To External Developers
5. Twitter API bug leaked private data to other accounts
6. The @aberdeengroup analyzed the likelihood and business impact of #phishing attacks based on lost productivity of 1,000 users with a confirmed #databreach of between 100k - 1m records, for 10 different industries. Download the @cyreninc #whitepaper here
7. Independence Blue Cross Breach Exposed 17K Records
8. Independence Blue Cross Breach Exposed 17K Records  …
9. Newegg leaked credit card information for more than a month
10. ZDI Shares Details of Microsoft JET Database Zero-Day
11. Fully 61 percent of ASX100 exposed as email fraud gets personal
12. Pegasus spyware spotted in 45 countries, many with questionable human rights records
13. ICO to Fine Equifax £500,000 for 2017 Data Breach   via @DMBisson #GDPR #databreach
14. Adams County clerk resigns over role in data breach
15. SC Media September Product Reviews: Threat Intelligence Recorded Future l
16. 0Day Windows JET Database Vulnerability disclosed by Zero Day Initiative
17. Who ate all the PII? Not the blockchain, thankfully
18. Tick-tock, tick-tock. Oh, that's just the sound of compromised logins waiting to ruin your day
19. Equifax IT staff had to rerun hackers' database queries to work out what was nicked – audit
20. Veeam holds its hands up, admits database leak was plain 'complacency'
21. Back up a minute: Veeam database config snafu exposed millions of customer records
22. Law firm seeking leak victims to launch £500m suit at British Airways
23. #SecurityNews: The Information Commissioner’s Office (ICO) has fined #Equifax £500K after the 2017 #databreach. For the 2nd time the #ICO has issued a max fine after the credit agency exposed data on 15 million UK customers. Read more here:   #
24. SingHealth data breach reveals several 'inadequate' security measures
25. Cisco releases fixes for remote code execution flaws in Webex Network Recording Player
26. ICO Slaps Equifax with Maximum Fine for the 2017 Data Breach
27. Cisco fixes Remote Code Execution flaws in Webex Network Recording Player
28. MageCart Hacked Customers’ In NewEgg Credit Card Data Breach
29. ZDI Exposed Unpatched Microsoft RCE Zero-day Flaw in Public After it Crossed the 120 Days Deadline
30. ICO to Fine Equifax £500,000 for 2017 Data Breach   via @DMBisson #databreach #GDPR
31. Magecart’s Next Attack Resulted In ABS-CBN Data Breach
32. £500k fine for Equifax 2017 data breach

DENIAL-OF-SERVICE

33. New Virobot Ransomware and Botnet Emerges
34. New Virobot ransomware will also log keystrokes, add PC to a spam botnet
35. Apache Struts and SonicWall Targeted by Mirai and Gafgyt Botnets
36. Virobot Ransomware with Botnet Capability Breaks Through
37. No, the Mirai botnet masters aren't going to jail. Why? 'Cos they help Feds nab cyber-crims
38. ZombieBoy
39. The makers of the Mirai IoT-hijacking botnet are sentenced   via @gcluley #DDoS #FBI
40. Mirai Botnet Creators To Help Law Enforcement Agencies On Cybercrime Investigations
41. The makers of the Mirai IoT-hijacking botnet are sentenced   via @gcluley #botnets #Mirai

MALVERTISING

42. This blog post explores how #malvertising works and identifies key defense strategies for #businesses  … #malware #cyberattacks

DATA LEAK

Nothing to report

PHISHING

43. What Are Honeywords? Password Protection for Database Breaches
44. Spam or Phish? How to Tell the Difference Between a Marketing Email and a Malicious Spam Email
45. Phishing finance apps make way back into Google Play
46. The @aberdeengroup analyzed the likelihood and business impact of #phishing attacks based on lost productivity of 1,000 users with a confirmed #databreach of between 100k - 1m records, for 10 different industries. Download the @cyreninc #whitepaper here
47. Securing industrial IoT passwords: For Pete's sake, engineers, don't all jump in at once
48. Tick-tock, tick-tock. Oh, that's just the sound of compromised logins waiting to ruin your day
49. Solid password practice on Capital One's site? Don't bank on it
50. When is a patch not a patch? When it's for this McAfee password bug
51. Warning issued as Netflix subscribers hit by phishing attack
52. Security data reveals worldwide malicious login attempts are on the rise
53. AD FS 2016 Password Change from non workplace joined devices
54. The most used email subjects used in phishing attacks
55. AdGuard resets all user passwords after credential stuffing attack

WEB DEFACEMENT

Nothing to report

MALWARE

56. Brewery breach: Not even beer is safe from ransomware
57. The Week in Ransomware – September 21st 2018 – Beer, Airports, & Dharma
58. PMP®️ Domain Information & Overview
59. Gamma, Bkp, & Monro Dharma Ransomware Variants Released in One Week
60. Spam or Phish? How to Tell the Difference Between a Marketing Email and a Malicious Spam Email
61. Romanian Citizen Admits Guilt in Police Department Ransomware Attack   via @DMBisson #police #ransomware
62. Malware Disguised as Job Offers Distributed on Freelance Sites
63. Romanian Hacker Pleads Guilty for Role in Inauguration Surveillance Ransomware
64. Proofpoint: One month out from deadline, half of agency domains are #DMARC compliant   via CyberScoopNews #FinSec
65. Delphi Packer Looks for Human Behavior Before Deploying Payload
66. Delphi Packer Looks for Human Behavior Before Deploying Payload
67. The Week in Ransomware - September 21st 2018 - Beer, Airports, & Dharma
68. Operator of 'VirusTotal for criminals' gets 14-year prison sentence
69. Gamma, Bkp, & Monro Dharma Ransomware Variants Released in One Week
70. New Virobot Ransomware and Botnet Emerges
71. Staying King Krab: GandCrab Malware Keeps a Step Ahead of Network Defenses
72. Malware Disguised as Job Offers Distributed on Freelance Sites
73. New Virobot ransomware will also log keystrokes, add PC to a spam botnet
74. Security news: All-in-one malware out, GovPayNow drops the ball on security, and Newegg suffers a crack | Avast
75. Romanian Hacker Pleads Guilty for Role in Inauguration Surveillance Ransomware
76. Pegasus spyware spotted in 45 countries, many with questionable human rights records
77. Discover how Tripwire Malware Detection... - Protects against zero-day exploits and other known threats. - Offers an enterprise view of suspicious malware objects across all monitored systems. - Protects from repeat #malware attacks. Learn more here:
78. Legitimate RATs Pose Serious Risk to Industrial Systems
79. Crooks turn to Delphi packers to evade malware detection
80. This blog post explores how #malvertising works and identifies key defense strategies for #businesses  … #malware #cyberattacks
81. Malware Businesses Blending the Legitimate and the Illegitimate
82. Avoidable mistakes lead to iOS cryptomining attacks
83. Romanian Citizen Admits Guilt in Police Department Ransomware Attack   via @DMBisson #ransomware #police
84. Thousands of WordPress sites backdoored with malicious code
85. Virobot Ransomware with Botnet Capability Breaks Through
86. DMARC Fully Implemented on Two Thirds of U.S. Government Domains
87. Guilty: The Romanian ransomware mastermind who infected Trump inauguration CCTV cams
88. FDIC: Supervisory Approach to Payment Processing Relationships with Merchant Customers
89. MassMiner Malware Targeting Web Servers
90. Malware Analysis using Osquery Part 2
91. Off-the-shelf RATs Targeting Pakistan
92. Malware Analysis using Osquery Part 1
93. Malicious Documents from Lazarus Group Targeting South Korea
94. GZipDe: An Encrypted Downloader Serving Metasploit
95. Satan Ransomware Spawns New Methods to Spread
96. Woman Pleads Guilty to DC CCTV Ransomware Blitz
97. Woman Pleads Guilty to DC CCTV Ransomware Blitz  …
98. Report: Cryptomining malware detections up more than 459 percent since 2017
99. The most dangerous mobile spyware, Pegasus that has infected 45 countries
100. Security data reveals worldwide malicious login attempts are on the rise
101. Why voice fraud rates continue to rise with no signs of slowing down

EXPLOIT

102. Discover how Tripwire Malware Detection... - Protects against zero-day exploits and other known threats. - Offers an enterprise view of suspicious malware objects across all monitored systems. - Protects from repeat #malware attacks. Learn more here:
103. Docker fave Alpine Linux suffers bug miscreants can exploit to poison containers
104. New Hacker Exploits and How to Fight Them

VULNERABILITY

105. Western Digital Releases Hotfix for My Cloud Auth Bypass Vulnerability
106. Critical Vulnerability Found in Cisco Video Surveillance Manager
107. Critical Vulnerability Found in Cisco Video Surveillance Manager
108. Expert disclosed an unpatched zero-day flaw in all supported versions of Microsoft Windows
109. Snap! Microsoft database flaw, internet to split? Plus, asteroid probed
110. Bug allowing unlimited spiceups in "Answer Question" section
111. Optional Cumulative Update KB4457139 for Windows 7 Released With Bug Fixes
112. Twitter Flaw Exposed Direct Messages To External Developers
113. Twitter Flaw Exposed Direct Messages To External Developers
114. Twitter API bug leaked private data to other accounts
115. Western Digital Releases Hotfix for My Cloud Auth Bypass Vulnerability
116. Twitter notifies users about API bug that shared DMs with wrong devs
117. Optional Cumulative Update KB4457139 for Windows 7 Released With Bug Fixes
118. ZDI Shares Details of Microsoft JET Database Zero-Day
119. Flaw in Western Digital My Cloud exposes the content to hackers
120. Twitter Bug May Have Sent your Direct Messages to Twitter Developers As Well
121. Unpatched Microsoft Zero-Day in JET Allows Remote Code-Execution
122. Discover how Tripwire Malware Detection... - Protects against zero-day exploits and other known threats. - Offers an enterprise view of suspicious malware objects across all monitored systems. - Protects from repeat #malware attacks. Learn more here:
123. Bitcoin flaw could have allowed dreaded 51% takeover
124. 0Day Windows JET Database Vulnerability disclosed by Zero Day Initiative
125. Microsoft's Jet crash: Zero-day flaw drops after deadline passes
126. Patch for EE's 4G Wi-Fi mini modem nails local privilege escalation flaw
127. 'I am admin' bug turns WD's My Cloud boxes into Everyone's Cloud
128. Docker fave Alpine Linux suffers bug miscreants can exploit to poison containers
129. When is a patch not a patch? When it's for this McAfee password bug
130. More Details on an ActiveX Vulnerability Recently Used to Target Users in South Korea
131. Researcher Discloses New Zero-Day Affecting All Versions of Windows
132. Rockwell Automation Patches Severe Flaws in Communications Software
133. Cisco releases fixes for remote code execution flaws in Webex Network Recording Player
134. Google Cloud Service launches automatic scanning of container vulnerabilities to enhance cloud environment security
135. CVE-2018-14829: Rockwell Automation Stack Overflow High Risk Vulnerability
136. Adobe Addresses a Number of Critical Remote Execution Vulnerabilities
137. Trend Micro Zero Day team discloses unpatched Microsoft Jet RCE vulnerability
138. Singapore to offer bug bounty, set up Asean cybersecurity centre
139. Cisco fixes Remote Code Execution flaws in Webex Network Recording Player
140. ZDI Exposed Unpatched Microsoft RCE Zero-day Flaw in Public After it Crossed the 120 Days Deadline
141. iOS Webkit flaw found that forces iPhone restart
142. Flaw in 4GEE WiFi Modem Could Leave Your Computer Vulnerable
143. Authentication Bypass Vulnerability Disclosed in Western Digital My Cloud NAS Devices

Region brief for 2018-09-21

ASIA

1. Off-the-shelf RATs Targeting Pakistan
2. Malicious Documents from Lazarus Group Targeting South Korea
3. GZipDe: An Encrypted Downloader Serving Metasploit
4. More Details on an ActiveX Vulnerability Recently Used to Target Users in South Korea
5. The most dangerous mobile spyware, Pegasus that has infected 45 countries
6. Singapore to offer bug bounty, set up Asean cybersecurity centre

OCEANIA

7. Fully 61 percent of ASX100 exposed as email fraud gets personal

NORTH AMERICA

8. Operator of 'VirusTotal for criminals' gets 14-year prison sentence
9. Newegg leaked credit card information for more than a month
10. Virobot Ransomware with Botnet Capability Breaks Through
11. DMARC Fully Implemented on Two Thirds of U.S. Government Domains
12. Guilty: The Romanian ransomware mastermind who infected Trump inauguration CCTV cams
13. MassMiner Malware Targeting Web Servers
14. Malware Analysis using Osquery Part 1
15. The most dangerous mobile spyware, Pegasus that has infected 45 countries
16. CVE-2018-14829: Rockwell Automation Stack Overflow High Risk Vulnerability
17. ICO Slaps Equifax with Maximum Fine for the 2017 Data Breach
18. The most used email subjects used in phishing attacks

SOUTH AMERICA

Nothing to report

EUROPE

19. Newegg leaked credit card information for more than a month
20. What's that smell? Oh, it's Newegg cracked open by card slurpers
21. Who ate all the PII? Not the blockchain, thankfully
22. Card-stealing code that pwned British Airways, Ticketmaster pops up on more sites via hacked JS
23. Law firm seeking leak victims to launch £500m suit at British Airways
24. 'Magecart' Card-Sniffing Gang Cracks Newegg
25. #SecurityNews: The Information Commissioner’s Office (ICO) has fined #Equifax £500K after the 2017 #databreach. For the 2nd time the #ICO has issued a max fine after the credit agency exposed data on 15 million UK customers. Read more here:   #
26. ICO Slaps Equifax with Maximum Fine for the 2017 Data Breach
27. Magecart’s Next Attack Resulted In ABS-CBN Data Breach
28. £500k fine for Equifax 2017 data breach

AFRICA

Nothing to report

Sector brief for 2018-09-21

HEALTHCARE

Nothing to report

TRANSPORT

1. The Week in Ransomware – September 21st 2018 – Beer, Airports, & Dharma
2. The Week in Ransomware - September 21st 2018 - Beer, Airports, & Dharma

BANKING & FINANCE

3. Spam or Phish? How to Tell the Difference Between a Marketing Email and a Malicious Spam Email
4. Phishing finance apps make way back into Google Play
5. Newegg leaked credit card information for more than a month
6. Sealed with an XSS: IT pros urge Lloyds Group to avoid web cross talk
7. What's that smell? Oh, it's Newegg cracked open by card slurpers
8. Solid password practice on Capital One's site? Don't bank on it
9. Card-stealing code that pwned British Airways, Ticketmaster pops up on more sites via hacked JS
10. Law firm seeking leak victims to launch £500m suit at British Airways
11. 'Magecart' Card-Sniffing Gang Cracks Newegg
12. FDIC: Supervisory Approach to Payment Processing Relationships with Merchant Customers
13. MassMiner Malware Targeting Web Servers
14. Malware Analysis using Osquery Part 2
15. Malware Analysis using Osquery Part 1
16. Malicious Documents from Lazarus Group Targeting South Korea
17. ICO Slaps Equifax with Maximum Fine for the 2017 Data Breach
18. MageCart Hacked Customers’ In NewEgg Credit Card Data Breach
19. £500k fine for Equifax 2017 data breach

INFORMATION & TELECOMMUNICATION

20. Patch for EE's 4G Wi-Fi mini modem nails local privilege escalation flaw

FOOD

Nothing to report

WATER

Nothing to report

ENERGY

21. Off-the-shelf RATs Targeting Pakistan

PUBLIC SERVICE

Nothing to report

Daily brief for 2018-09-21

ASIA

1. Off-the-shelf RATs Targeting Pakistan
2. Malicious Documents from Lazarus Group Targeting South Korea
3. GZipDe: An Encrypted Downloader Serving Metasploit
4. More Details on an ActiveX Vulnerability Recently Used to Target Users in South Korea
5. The most dangerous mobile spyware, Pegasus that has infected 45 countries
6. Singapore to offer bug bounty, set up Asean cybersecurity centre

WORLD

7. Operator of 'VirusTotal for criminals' gets 14-year prison sentence
8. Newegg leaked credit card information for more than a month
9. Fully 61 percent of ASX100 exposed as email fraud gets personal
10. Virobot Ransomware with Botnet Capability Breaks Through
11. DMARC Fully Implemented on Two Thirds of U.S. Government Domains
12. Guilty: The Romanian ransomware mastermind who infected Trump inauguration CCTV cams
13. What's that smell? Oh, it's Newegg cracked open by card slurpers
14. Who ate all the PII? Not the blockchain, thankfully
15. Card-stealing code that pwned British Airways, Ticketmaster pops up on more sites via hacked JS
16. Law firm seeking leak victims to launch £500m suit at British Airways
17. 'Magecart' Card-Sniffing Gang Cracks Newegg
18. MassMiner Malware Targeting Web Servers
19. Malware Analysis using Osquery Part 1
20. The most dangerous mobile spyware, Pegasus that has infected 45 countries
21. #SecurityNews: The Information Commissioner’s Office (ICO) has fined #Equifax £500K after the 2017 #databreach. For the 2nd time the #ICO has issued a max fine after the credit agency exposed data on 15 million UK customers. Read more here:   #
22. CVE-2018-14829: Rockwell Automation Stack Overflow High Risk Vulnerability
23. ICO Slaps Equifax with Maximum Fine for the 2017 Data Breach
24. Magecart’s Next Attack Resulted In ABS-CBN Data Breach
25. The most used email subjects used in phishing attacks
26. £500k fine for Equifax 2017 data breach

ATTACKS

27. What Are Honeywords? Password Protection for Database Breaches
28. Snap! Microsoft database flaw, internet to split? Plus, asteroid probed
29. Spam or Phish? How to Tell the Difference Between a Marketing Email and a Malicious Spam Email
30. Twitter Flaw Exposed Direct Messages To External Developers
31. Twitter Flaw Exposed Direct Messages To External Developers
32. Phishing finance apps make way back into Google Play
33. Twitter API bug leaked private data to other accounts
34. The @aberdeengroup analyzed the likelihood and business impact of #phishing attacks based on lost productivity of 1,000 users with a confirmed #databreach of between 100k - 1m records, for 10 different industries. Download the @cyreninc #whitepaper here
35. Independence Blue Cross Breach Exposed 17K Records
36. Independence Blue Cross Breach Exposed 17K Records  …
37. New Virobot Ransomware and Botnet Emerges
38. Newegg leaked credit card information for more than a month
39. ZDI Shares Details of Microsoft JET Database Zero-Day
40. New Virobot ransomware will also log keystrokes, add PC to a spam botnet
41. Fully 61 percent of ASX100 exposed as email fraud gets personal
42. Pegasus spyware spotted in 45 countries, many with questionable human rights records
43. ICO to Fine Equifax £500,000 for 2017 Data Breach   via @DMBisson #GDPR #databreach
44. Adams County clerk resigns over role in data breach
45. This blog post explores how #malvertising works and identifies key defense strategies for #businesses  … #malware #cyberattacks
46. SC Media September Product Reviews: Threat Intelligence Recorded Future l
47. Apache Struts and SonicWall Targeted by Mirai and Gafgyt Botnets
48. Virobot Ransomware with Botnet Capability Breaks Through
49. 0Day Windows JET Database Vulnerability disclosed by Zero Day Initiative
50. Securing industrial IoT passwords: For Pete's sake, engineers, don't all jump in at once
51. No, the Mirai botnet masters aren't going to jail. Why? 'Cos they help Feds nab cyber-crims
52. Who ate all the PII? Not the blockchain, thankfully
53. Tick-tock, tick-tock. Oh, that's just the sound of compromised logins waiting to ruin your day
54. Equifax IT staff had to rerun hackers' database queries to work out what was nicked – audit
55. Veeam holds its hands up, admits database leak was plain 'complacency'
56. Solid password practice on Capital One's site? Don't bank on it
57. Back up a minute: Veeam database config snafu exposed millions of customer records
58. When is a patch not a patch? When it's for this McAfee password bug
59. Law firm seeking leak victims to launch £500m suit at British Airways
60. ZombieBoy
61. Warning issued as Netflix subscribers hit by phishing attack
62. The makers of the Mirai IoT-hijacking botnet are sentenced   via @gcluley #DDoS #FBI
63. #SecurityNews: The Information Commissioner’s Office (ICO) has fined #Equifax £500K after the 2017 #databreach. For the 2nd time the #ICO has issued a max fine after the credit agency exposed data on 15 million UK customers. Read more here:   #
64. SingHealth data breach reveals several 'inadequate' security measures
65. Cisco releases fixes for remote code execution flaws in Webex Network Recording Player
66. Mirai Botnet Creators To Help Law Enforcement Agencies On Cybercrime Investigations
67. ICO Slaps Equifax with Maximum Fine for the 2017 Data Breach
68. Cisco fixes Remote Code Execution flaws in Webex Network Recording Player
69. MageCart Hacked Customers’ In NewEgg Credit Card Data Breach
70. ZDI Exposed Unpatched Microsoft RCE Zero-day Flaw in Public After it Crossed the 120 Days Deadline
71. Security data reveals worldwide malicious login attempts are on the rise
72. AD FS 2016 Password Change from non workplace joined devices
73. ICO to Fine Equifax £500,000 for 2017 Data Breach   via @DMBisson #databreach #GDPR
74. Magecart’s Next Attack Resulted In ABS-CBN Data Breach
75. The most used email subjects used in phishing attacks
76. £500k fine for Equifax 2017 data breach
77. AdGuard resets all user passwords after credential stuffing attack
78. The makers of the Mirai IoT-hijacking botnet are sentenced   via @gcluley #botnets #Mirai

THREATS

79. Brewery breach: Not even beer is safe from ransomware
80. Western Digital Releases Hotfix for My Cloud Auth Bypass Vulnerability
81. The Week in Ransomware – September 21st 2018 – Beer, Airports, & Dharma
82. PMP®️ Domain Information & Overview
83. Critical Vulnerability Found in Cisco Video Surveillance Manager
84. Critical Vulnerability Found in Cisco Video Surveillance Manager
85. Expert disclosed an unpatched zero-day flaw in all supported versions of Microsoft Windows
86. Gamma, Bkp, & Monro Dharma Ransomware Variants Released in One Week
87. Snap! Microsoft database flaw, internet to split? Plus, asteroid probed
88. Bug allowing unlimited spiceups in "Answer Question" section
89. Optional Cumulative Update KB4457139 for Windows 7 Released With Bug Fixes
90. Spam or Phish? How to Tell the Difference Between a Marketing Email and a Malicious Spam Email
91. Romanian Citizen Admits Guilt in Police Department Ransomware Attack   via @DMBisson #police #ransomware
92. Twitter Flaw Exposed Direct Messages To External Developers
93. Malware Disguised as Job Offers Distributed on Freelance Sites
94. Twitter Flaw Exposed Direct Messages To External Developers
95. Romanian Hacker Pleads Guilty for Role in Inauguration Surveillance Ransomware
96. Proofpoint: One month out from deadline, half of agency domains are #DMARC compliant   via CyberScoopNews #FinSec
97. Twitter API bug leaked private data to other accounts
98. Delphi Packer Looks for Human Behavior Before Deploying Payload
99. Delphi Packer Looks for Human Behavior Before Deploying Payload
100. Western Digital Releases Hotfix for My Cloud Auth Bypass Vulnerability
101. Twitter notifies users about API bug that shared DMs with wrong devs
102. The Week in Ransomware - September 21st 2018 - Beer, Airports, & Dharma
103. Operator of 'VirusTotal for criminals' gets 14-year prison sentence
104. Gamma, Bkp, & Monro Dharma Ransomware Variants Released in One Week
105. New Virobot Ransomware and Botnet Emerges
106. Optional Cumulative Update KB4457139 for Windows 7 Released With Bug Fixes
107. Staying King Krab: GandCrab Malware Keeps a Step Ahead of Network Defenses
108. Malware Disguised as Job Offers Distributed on Freelance Sites
109. ZDI Shares Details of Microsoft JET Database Zero-Day
110. New Virobot ransomware will also log keystrokes, add PC to a spam botnet
111. Security news: All-in-one malware out, GovPayNow drops the ball on security, and Newegg suffers a crack | Avast
112. Romanian Hacker Pleads Guilty for Role in Inauguration Surveillance Ransomware
113. Flaw in Western Digital My Cloud exposes the content to hackers
114. Twitter Bug May Have Sent your Direct Messages to Twitter Developers As Well
115. Unpatched Microsoft Zero-Day in JET Allows Remote Code-Execution
116. Pegasus spyware spotted in 45 countries, many with questionable human rights records
117. Discover how Tripwire Malware Detection... - Protects against zero-day exploits and other known threats. - Offers an enterprise view of suspicious malware objects across all monitored systems. - Protects from repeat #malware attacks. Learn more here:
118. Legitimate RATs Pose Serious Risk to Industrial Systems
119. Crooks turn to Delphi packers to evade malware detection
120. This blog post explores how #malvertising works and identifies key defense strategies for #businesses  … #malware #cyberattacks
121. Malware Businesses Blending the Legitimate and the Illegitimate
122. Bitcoin flaw could have allowed dreaded 51% takeover
123. Avoidable mistakes lead to iOS cryptomining attacks
124. Romanian Citizen Admits Guilt in Police Department Ransomware Attack   via @DMBisson #ransomware #police
125. Thousands of WordPress sites backdoored with malicious code
126. Virobot Ransomware with Botnet Capability Breaks Through
127. DMARC Fully Implemented on Two Thirds of U.S. Government Domains
128. 0Day Windows JET Database Vulnerability disclosed by Zero Day Initiative
129. Guilty: The Romanian ransomware mastermind who infected Trump inauguration CCTV cams
130. Microsoft's Jet crash: Zero-day flaw drops after deadline passes
131. Sealed with an XSS: IT pros urge Lloyds Group to avoid web cross talk
132. Patch for EE's 4G Wi-Fi mini modem nails local privilege escalation flaw
133. 'I am admin' bug turns WD's My Cloud boxes into Everyone's Cloud
134. Docker fave Alpine Linux suffers bug miscreants can exploit to poison containers
135. When is a patch not a patch? When it's for this McAfee password bug
136. New Hacker Exploits and How to Fight Them
137. FDIC: Supervisory Approach to Payment Processing Relationships with Merchant Customers
138. MassMiner Malware Targeting Web Servers
139. Malware Analysis using Osquery Part 2
140. Off-the-shelf RATs Targeting Pakistan
141. Malware Analysis using Osquery Part 1
142. Malicious Documents from Lazarus Group Targeting South Korea
143. GZipDe: An Encrypted Downloader Serving Metasploit
144. More Details on an ActiveX Vulnerability Recently Used to Target Users in South Korea
145. Satan Ransomware Spawns New Methods to Spread
146. Woman Pleads Guilty to DC CCTV Ransomware Blitz
147. Woman Pleads Guilty to DC CCTV Ransomware Blitz  …
148. Report: Cryptomining malware detections up more than 459 percent since 2017
149. Researcher Discloses New Zero-Day Affecting All Versions of Windows
150. The most dangerous mobile spyware, Pegasus that has infected 45 countries
151. Rockwell Automation Patches Severe Flaws in Communications Software
152. Cisco releases fixes for remote code execution flaws in Webex Network Recording Player
153. Google Cloud Service launches automatic scanning of container vulnerabilities to enhance cloud environment security
154. CVE-2018-14829: Rockwell Automation Stack Overflow High Risk Vulnerability
155. Adobe Addresses a Number of Critical Remote Execution Vulnerabilities
156. Trend Micro Zero Day team discloses unpatched Microsoft Jet RCE vulnerability
157. Singapore to offer bug bounty, set up Asean cybersecurity centre
158. Cisco fixes Remote Code Execution flaws in Webex Network Recording Player
159. ZDI Exposed Unpatched Microsoft RCE Zero-day Flaw in Public After it Crossed the 120 Days Deadline
160. Security data reveals worldwide malicious login attempts are on the rise
161. Why voice fraud rates continue to rise with no signs of slowing down
162. iOS Webkit flaw found that forces iPhone restart
163. Flaw in 4GEE WiFi Modem Could Leave Your Computer Vulnerable
164. Authentication Bypass Vulnerability Disclosed in Western Digital My Cloud NAS Devices

CRIME

165. Spam or Phish? How to Tell the Difference Between a Marketing Email and a Malicious Spam Email
166. Romanian Hacker Pleads Guilty for Role in Inauguration Surveillance Ransomware
167. Operator of 'VirusTotal for criminals' gets 14-year prison sentence
168. Newegg leaked credit card information for more than a month
169. Fully 61 percent of ASX100 exposed as email fraud gets personal
170. Romanian Hacker Pleads Guilty for Role in Inauguration Surveillance Ransomware
171. Bitcoin flaw could have allowed dreaded 51% takeover
172. Avoidable mistakes lead to iOS cryptomining attacks
173. Guilty: The Romanian ransomware mastermind who infected Trump inauguration CCTV cams
174. Sealed with an XSS: IT pros urge Lloyds Group to avoid web cross talk
175. What's that smell? Oh, it's Newegg cracked open by card slurpers
176. Solid password practice on Capital One's site? Don't bank on it
177. Card-stealing code that pwned British Airways, Ticketmaster pops up on more sites via hacked JS
178. Law firm seeking leak victims to launch £500m suit at British Airways
179. 'Magecart' Card-Sniffing Gang Cracks Newegg
180. FDIC: Supervisory Approach to Payment Processing Relationships with Merchant Customers
181. MassMiner Malware Targeting Web Servers
182. Malware Analysis using Osquery Part 2
183. Malware Analysis using Osquery Part 1
184. ZombieBoy
185. Malicious Documents from Lazarus Group Targeting South Korea
186. Woman Pleads Guilty to DC CCTV Ransomware Blitz
187. Woman Pleads Guilty to DC CCTV Ransomware Blitz  …
188. Report: Cryptomining malware detections up more than 459 percent since 2017
189. The makers of the Mirai IoT-hijacking botnet are sentenced   via @gcluley #DDoS #FBI
190. Mirai Botnet Creators To Help Law Enforcement Agencies On Cybercrime Investigations
191. MageCart Hacked Customers’ In NewEgg Credit Card Data Breach
192. The makers of the Mirai IoT-hijacking botnet are sentenced   via @gcluley #botnets #Mirai

POLITICS

Nothing to report