Oct 4, 2018

APT report for 2018-10-03

TRANSNATIONAL / UNKNOWN

Nothing to report

CHINA

  1. DHS aware of ongoing APT attacks on cloud service providers

INDIA

  1. See clearly, decide wisely with visibility and management

NORTH KOREA

  1. Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide
  2. FireEye unmasks a new North Korean threat group
  3. APT38: Details on New North Korean Regime-Backed Threat Group
  4. Researchers associated the recently discovered NOKKI Malware to North Korean APT
  5. Bank Servers Hacked to Trick ATMs into Spitting Out Millions in Cash
  6. North Korean HIDDEN COBRA Hackers Using New Attack Called “FASTCash” to Cash-out From ATM Machine

PAKISTAN

Nothing to report

VIETNAM

Nothing to report

IRAN

Nothing to report

LEBANON

Nothing to report

PALESTINE

Nothing to report

SAUDI ARABIA

Nothing to report

UNITED ARAB EMIRATES

Nothing to report

RUSSIA

  1. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks

UKRAINE

Nothing to report
at
Labels:

Platform report for 2018-10-03

WINDOWS

  1. Windows 10 October 2018 Update refines ransomware protection
  2. Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide
  3. [SingCERT] Alert on 47 Critical Vulnerabilities in Adobe Acrobat and Adobe Reader
  4. Update now: Adobe fixes 85 serious flaws in Acrobat and Reader
  5. Labeless Part 6: How to Resolve Obfuscated API Calls in the Ngioweb Proxy Malware
  6. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
  7. TA18-276A: Using Rigorous Credential Control to Mitigate Trusted Network Exploitation
  8. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
  9. Ransomware Hits Port of San Diego
  10. CyberSecurity Asean security alert on A Vulnerability in Microsoft Windows JET Database Engine Could Allow for Remote Code Execution
  11. Mozilla Firefox 62.0.3 releases: Fixed hangs on macOS Mojave & security bugs

LINUX

Nothing to report

UNIX

  1. Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

ANDROID

  1. FakeSpy Is Back as Part of New SmiShing Campaign, Adds New Features
  2. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
  3. Cheap Android Phones and Poor Quality Control Leads to Malware Surprise

IOS

  1. Apple iOS 12 Texting Bug Sends Messages To Wrong Contacts

MACOS

  1. Virus Bulletin 2018: macOS Flaw Allows Attackers to Hijack Installed Apps
  2. The one serious MacBook Pro security flaw that nobody is talking about
  3. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
  4. Mozilla Firefox 62.0.3 releases: Fixed hangs on macOS Mojave & security bugs
at
Labels:

Threat report for 2018-10-03

DATA BREACH

  1. FakeSpy Is Back as Part of New SmiShing Campaign, Adds New Features
  2. The ultimate fallout from the Facebook data breach could be massive
  3. Gwinnett Medical Center Investigates Possible Data Breach
  4. Gwinnett Medical Center investigates possible data breach
  5. GhostDNS hijacking campaign steps up attacks on Brazilians; 100K+ devices compromised
  6. #DanaBot Observed in Large Campaign Targeting U.S. Organizations
  7. Ransomware operators breach 40.000+ records from Fetal Diagnostic Institute of the Pacific
  8. Facebook Reveals That Trio of Bugs Led to Data Breach
  9. Vietnam-Born Worker in U.S Intelligence Ordered Prison over Data Theft and Leakage
  10. New Danabot Banking Malware campaign now targets banks in the U.S.
  11. Zoho domains central to keylogger, data theft campaigns worldwide
  12. 100,000-Plus Home Routers Hijacked in Campaign to Steal Banking Credentials
  13. .@Lookout’s @VijayaKaza is at @FedNewsRadio’s studio recording with @gschumm!
  14. How Ashley Madison Recovered From Its Massive Data Breach
  15. An extremely high number of keylogger #phishing campaigns have been seen tied to the Zoho online office suite software:
  16. New Betabot campaign under the microscope
  17. CyberSecurity Asean security alert on A Vulnerability in Microsoft Windows JET Database Engine Could Allow for Remote Code Execution
  18. Facebook faces legal actions after data breach
  19. Norton by Symantec Urges Consumers to Help Protect Their Personal Data
  20. DanaBot Observed in Large Campaign Targeting U.S. Organizations

DENIAL-OF-SERVICE

  1. Torii Botnet - Definitely Not a Mirai Wannabe
  2. Instagram Used as Marketplace to Sell Stolen Fortnite Accounts and Botnets
  3. Hacked Fortnite accounts and rent-a-botnet being pushed on Instagram
  4. Hackers Use Instagram For Selling Stolen ‘Fortnite’ Accounts And Botnets
  5. Enormous botnet used to hijack traffic destined for Brazilian banks
  6. BYOB – Build Your Own Botnet
  7. The @activereach guide to #DDoS, is aimed at technically aware business people who do not necessarily have a background in

MALVERTISING

Nothing to report

PHISHING

  1. Phishing 101: Protection for Everyone
  2. How to use the Firefox Master Password
  3. Phishing gets more complex as decoy PDF pops up with Microsoft-issued SSL certificate
  4. LastPass study shines new light on global password security practices
  5. Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
  6. Phishing Attack Impersonates Law Firm
  7. Phishing Attack Uses Azure Blob Storage to Impersonate Microsoft
  8. Phishing Attack Impersonates Law Firm
  9. Password-sharing is still prevalent in the workplace – although 45 percent of businesses do now use multifactor authentication:
  10. GhostDNS hijacked 100,000 router traffic directed to phishing sites
  11. Dark Web Malware Builder Allow Attackers To Create Malware That Steals Passwords & Credit Card Data
  12. An extremely high number of keylogger #phishing campaigns have been seen tied to the Zoho online office suite software:
  13. What is the future of authentication? Hint: It’s not passwords, passphrases or MFA
  14. 100,000 routers hijacked by GhostDNS, traffic directed to phishing sites

WEB DEFACEMENT

  1. Hacker Faces Jail Time After Defacing West Point, NYC Sites
  2. Hacker Defacing 11,000 US Websites Faces 10 Years behind Bars
  3. Hacktivist pleads guilty to defacing websites for NYC comptroller, Combating Terrorism Center
  4. Hacker faces jail time after defacing US military academy, NYC sites

MALWARE

  1. Windows 10 October 2018 Update refines ransomware protection
  2. Virus Bulletin 2018: macOS Flaw Allows Attackers to Hijack Installed Apps
  3. Virus Bulletin 2018: Microsoft’s Lambert on How Cloud is Changing Security
  4. Malware Outbreak Causes Disruptions, Closures at Canadian Restaurant Chain
  5. Betabot - An Example of Cheap Modern Malware Sophistication
  6. Instagram accounts frozen with ransomware | Avast
  7. Instagram accounts frozen with ransomware | Avast
  8. Did you know that 1 in 131 emails contains malware? In honor of #NCSAM, secure your spot for #RiskSec, expand
  9. New KONNI Malware Attacking Eurasia and Southeast Asia
  10. Google Taking New Steps To Prevent Malicious Chrome Extensions
  11. 3 types of attacks with ransomware: Cyber-theft, extortion, and sabotage
  12. Network Outage at Some Recipe Unlimited Locations Caused by Malware
  13. Labeless Part 6: How to Resolve Obfuscated API Calls in the Ngioweb Proxy Malware
  14. Banking trojans, not #ransomware, are the biggest threat to the enterprise now.
  15. Labeless Part 5: How to Decrypt Strings in Boleto Banking Malware Without Reconstructing Decryption Algorithm.
  16. Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
  17. Ransomware operators breach 40.000+ records from Fetal Diagnostic Institute of the Pacific
  18. New Danabot Banking Malware campaign now targets banks in the U.S.
  19. Zoho domains central to keylogger, data theft campaigns worldwide
  20. Recipe Unlimited denies ransomware attack, despite alleged ransom note
  21. Dark Web Malware Builder Allow Attackers To Create Malware That Steals Passwords & Credit Card Data
  22. IDG Contributor Network: Will your company be valued by its price-to-data ratio?
  23. Researchers from @alienvault found a new #cryptocurrency mining malware -- dubbed #MassMiner -- that infects systems across the web. Learn
  24. Introducing... THE HUNT: A Cyber Attack in the Process Industry
  25. Researchers associated the recently discovered NOKKI Malware to North Korean APT
  26. Changes to #Sanny #malware delivery method attacks were recently discovered by @FireEye researches. Learn who is at risk and how
  27. Ransomware Hits Port of San Diego
  28. An extremely high number of keylogger #phishing campaigns have been seen tied to the Zoho online office suite software:
  29. Z-LAB Report – Analyzing the GandCrab v5 ransomware
  30. Preventing and Detecting Malicious Insiders
  31. In 1999, AV-TEST reported that there were 98,428 total unique malware samples. Today, AV-TEST registers over 350,000 new pieces of
  32. Cheap Android Phones and Poor Quality Control Leads to Malware Surprise
  33. DanaBot Observed in Large Campaign Targeting U.S. Organizations

EXPLOIT

  1. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
  2. TA18-276A: Using Rigorous Credential Control to Mitigate Trusted Network Exploitation
  3. Heipparallaa! Uudessa jaksossamme sivuutamme ajankohtaiset aiheet ja keskitymme puhumaan @japi999 ja @ekoivune kanssa tietoturva-asiantuntijuudesta. Bonusvieraana tällä kertaa OpSecin sijaan @Larppa1337!

VULNERABILITY

  1. Virus Bulletin 2018: macOS Flaw Allows Attackers to Hijack Installed Apps
  2. [SingCERT] Alert on 47 Critical Vulnerabilities in Adobe Acrobat and Adobe Reader
  3. Mozilla Firefox Releases 62.0.3 & Security Updates for 2 High Critical Vulnerabilities
  4. Women in Information Security: Pam Armstrong
  5. Vulnerability Spotlight: Google PDFium JBIG2 Image ComposeToOpt2WithRect Information Disclosure Vulnerability
  6. Foxit patches 118 vulnerabilities in popular PDF reader
  7. Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack
  8. The one serious MacBook Pro security flaw that nobody is talking about
  9. Update now: Adobe fixes 85 serious flaws in Acrobat and Reader
  10. 18 Vulnerabilities Found in Foxit PDF Reader
  11. 18 Vulnerabilities Found in Foxit PDF Reader
  12. Marine Corps bug bounty program finds 150 vulnerabilities
  13. TP-Link router vulnerable to remote takeover flaw
  14. Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
  15. Adobe update cleans up 86 bugs in Acrobat and Reader, many critical
  16. Facebook Reveals That Trio of Bugs Led to Data Breach
  17. TP-Link router vulnerable to remote takeover flaw
  18. Adobe update cleans up 86 bugs in Acrobat and Reader, many critical
  19. The Intel Management Engine exposes a new vulnerability
  20. How an improper #authentication flaw affects
  21. Vulnerability Spotlight: Google PDFium JBIG2 Image ComposeToOpt2WithRect Information Disclosure Vulnerability
  22. CyberSecurity Asean security alert on A Vulnerability in Microsoft Windows JET Database Engine Could Allow for Remote Code Execution
  23. Vulnerabilities expose Iomega and LenovoEMC NAS devices to attacks
  24. Estonia sues Gemalto for €152M for the flaws in the identification cards issued by the company
  25. Scanning for OWASP Top 10 Vulnerabilities with Metasploit for the Web(w3af)
  26. Mozilla Firefox 62.0.3 releases: Fixed hangs on macOS Mojave & security bugs
  27. Apple iOS 12 Texting Bug Sends Messages To Wrong Contacts
at
Labels:

Region brief for 2018-10-03

ASIA

  1. Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide
  2. FakeSpy Is Back as Part of New SmiShing Campaign, Adds New Features
  3. DHS aware of ongoing APT attacks on cloud service providers
  4. 3 types of attacks with ransomware: Cyber-theft, extortion, and sabotage
  5. FireEye unmasks a new North Korean threat group
  6. Hacker Defacing 11,000 US Websites Faces 10 Years behind Bars
  7. APT38: Details on New North Korean Regime-Backed Threat Group
  8. Vietnam-Born Worker in U.S Intelligence Ordered Prison over Data Theft and Leakage
  9. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
  10. Zoho domains central to keylogger, data theft campaigns worldwide
  11. GhostDNS hijacked 100,000 router traffic directed to phishing sites
  12. Researchers associated the recently discovered NOKKI Malware to North Korean APT
  13. Bank Servers Hacked to Trick ATMs into Spitting Out Millions in Cash
  14. North Korean HIDDEN COBRA Hackers Using New Attack Called “FASTCash” to Cash-out From ATM Machine
  15. Enormous botnet used to hijack traffic destined for Brazilian banks

OCEANIA

  1. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
  2. New Danabot Banking Malware campaign now targets banks in the U.S.

NORTH AMERICA

  1. Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide
  2. Malware Outbreak Causes Disruptions, Closures at Canadian Restaurant Chain
  3. 3 types of attacks with ransomware: Cyber-theft, extortion, and sabotage
  4. FireEye unmasks a new North Korean threat group
  5. Hacker Defacing 11,000 US Websites Faces 10 Years behind Bars
  6. APT38: Details on New North Korean Regime-Backed Threat Group
  7. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
  8. #DanaBot Observed in Large Campaign Targeting U.S. Organizations
  9. Ransomware operators breach 40.000+ records from Fetal Diagnostic Institute of the Pacific
  10. Vietnam-Born Worker in U.S Intelligence Ordered Prison over Data Theft and Leakage
  11. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
  12. New Danabot Banking Malware campaign now targets banks in the U.S.
  13. Hacker faces jail time after defacing US military academy, NYC sites
  14. GhostDNS hijacked 100,000 router traffic directed to phishing sites
  15. See clearly, decide wisely with visibility and management
  16. Researchers associated the recently discovered NOKKI Malware to North Korean APT
  17. Ransomware Hits Port of San Diego
  18. Bank Servers Hacked to Trick ATMs into Spitting Out Millions in Cash
  19. Vulnerabilities expose Iomega and LenovoEMC NAS devices to attacks
  20. Facebook faces legal actions after data breach
  21. 100,000 routers hijacked by GhostDNS, traffic directed to phishing sites
  22. DanaBot Observed in Large Campaign Targeting U.S. Organizations

SOUTH AMERICA

  1. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
  2. 100,000-Plus Home Routers Hijacked in Campaign to Steal Banking Credentials
  3. GhostDNS hijacked 100,000 router traffic directed to phishing sites
  4. Enormous botnet used to hijack traffic destined for Brazilian banks

EUROPE

  1. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
  2. New Danabot Banking Malware campaign now targets banks in the U.S.
  3. The Intel Management Engine exposes a new vulnerability
  4. Researchers associated the recently discovered NOKKI Malware to North Korean APT
  5. Z-LAB Report – Analyzing the GandCrab v5 ransomware
  6. Estonia sues Gemalto for €152M for the flaws in the identification cards issued by the company

AFRICA

Nothing to report
at
Labels:

Sector brief for 2018-10-03

HEALTHCARE

  1. Women in Information Security: Pam Armstrong
  2. Gwinnett Medical Center Investigates Possible Data Breach
  3. Gwinnett Medical Center investigates possible data breach
  4. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
  5. Ransomware operators breach 40.000+ records from Fetal Diagnostic Institute of the Pacific

TRANSPORT

  1. Ransomware Hits Port of San Diego

BANKING & FINANCE

  1. Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide
  2. 3 types of attacks with ransomware: Cyber-theft, extortion, and sabotage
  3. FireEye unmasks a new North Korean threat group
  4. APT38: Details on New North Korean Regime-Backed Threat Group
  5. Banking trojans, not #ransomware, are the biggest threat to the enterprise now.
  6. Labeless Part 5: How to Decrypt Strings in Boleto Banking Malware Without Reconstructing Decryption Algorithm.
  7. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
  8. Ransomware operators breach 40.000+ records from Fetal Diagnostic Institute of the Pacific
  9. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
  10. New Danabot Banking Malware campaign now targets banks in the U.S.
  11. 100,000-Plus Home Routers Hijacked in Campaign to Steal Banking Credentials
  12. GhostDNS hijacked 100,000 router traffic directed to phishing sites
  13. Dark Web Malware Builder Allow Attackers To Create Malware That Steals Passwords & Credit Card Data
  14. IDG Contributor Network: Will your company be valued by its price-to-data ratio?
  15. Z-LAB Report – Analyzing the GandCrab v5 ransomware
  16. Bank Servers Hacked to Trick ATMs into Spitting Out Millions in Cash
  17. North Korean HIDDEN COBRA Hackers Using New Attack Called “FASTCash” to Cash-out From ATM Machine
  18. New Betabot campaign under the microscope
  19. Enormous botnet used to hijack traffic destined for Brazilian banks
  20. BYOB – Build Your Own Botnet
  21. What is the future of authentication? Hint: It’s not passwords, passphrases or MFA
  22. Norton by Symantec Urges Consumers to Help Protect Their Personal Data
  23. DanaBot Observed in Large Campaign Targeting U.S. Organizations

INFORMATION & TELECOMMUNICATION

  1. Virus Bulletin 2018: Microsoft’s Lambert on How Cloud is Changing Security
  2. The ultimate fallout from the Facebook data breach could be massive
  3. Phishing gets more complex as decoy PDF pops up with Microsoft-issued SSL certificate
  4. Instagram accounts frozen with ransomware | Avast
  5. Instagram accounts frozen with ransomware | Avast
  6. Vulnerability Spotlight: Google PDFium JBIG2 Image ComposeToOpt2WithRect Information Disclosure Vulnerability
  7. Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
  8. Google Taking New Steps To Prevent Malicious Chrome Extensions
  9. Instagram Used as Marketplace to Sell Stolen Fortnite Accounts and Botnets
  10. 18 Vulnerabilities Found in Foxit PDF Reader
  11. Phishing Attack Impersonates Law Firm
  12. Phishing Attack Uses Azure Blob Storage to Impersonate Microsoft
  13. Hacked Fortnite accounts and rent-a-botnet being pushed on Instagram
  14. 18 Vulnerabilities Found in Foxit PDF Reader
  15. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
  16. Phishing Attack Impersonates Law Firm
  17. TA18-276A: Using Rigorous Credential Control to Mitigate Trusted Network Exploitation
  18. Facebook Reveals That Trio of Bugs Led to Data Breach
  19. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
  20. New Danabot Banking Malware campaign now targets banks in the U.S.
  21. GhostDNS hijacked 100,000 router traffic directed to phishing sites
  22. Recipe Unlimited denies ransomware attack, despite alleged ransom note
  23. IDG Contributor Network: Will your company be valued by its price-to-data ratio?
  24. Introducing... THE HUNT: A Cyber Attack in the Process Industry
  25. Vulnerability Spotlight: Google PDFium JBIG2 Image ComposeToOpt2WithRect Information Disclosure Vulnerability
  26. Researchers associated the recently discovered NOKKI Malware to North Korean APT
  27. .@Lookout’s @VijayaKaza is at @FedNewsRadio’s studio recording with @gschumm!
  28. Hackers Use Instagram For Selling Stolen ‘Fortnite’ Accounts And Botnets
  29. CyberSecurity Asean security alert on A Vulnerability in Microsoft Windows JET Database Engine Could Allow for Remote Code Execution
  30. Preventing and Detecting Malicious Insiders
  31. Facebook faces legal actions after data breach
  32. Enormous botnet used to hijack traffic destined for Brazilian banks
  33. The @activereach guide to #DDoS, is aimed at technically aware business people who do not necessarily have a background in
  34. Norton by Symantec Urges Consumers to Help Protect Their Personal Data
  35. In 1999, AV-TEST reported that there were 98,428 total unique malware samples. Today, AV-TEST registers over 350,000 new pieces of
  36. Heipparallaa! Uudessa jaksossamme sivuutamme ajankohtaiset aiheet ja keskitymme puhumaan @japi999 ja @ekoivune kanssa tietoturva-asiantuntijuudesta. Bonusvieraana tällä kertaa OpSecin sijaan @Larppa1337!

FOOD

Nothing to report

WATER

Nothing to report

ENERGY

  1. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
  2. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks

GOVERNMENT & PUBLIC SERVICE

Nothing to report
at
Labels:

Daily brief for 2018-10-03

ASIA

  1. Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide
  2. FakeSpy Is Back as Part of New SmiShing Campaign, Adds New Features
  3. DHS aware of ongoing APT attacks on cloud service providers
  4. 3 types of attacks with ransomware: Cyber-theft, extortion, and sabotage
  5. FireEye unmasks a new North Korean threat group
  6. Hacker Defacing 11,000 US Websites Faces 10 Years behind Bars
  7. APT38: Details on New North Korean Regime-Backed Threat Group
  8. Vietnam-Born Worker in U.S Intelligence Ordered Prison over Data Theft and Leakage
  9. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
  10. Zoho domains central to keylogger, data theft campaigns worldwide
  11. GhostDNS hijacked 100,000 router traffic directed to phishing sites
  12. Researchers associated the recently discovered NOKKI Malware to North Korean APT
  13. Bank Servers Hacked to Trick ATMs into Spitting Out Millions in Cash
  14. North Korean HIDDEN COBRA Hackers Using New Attack Called “FASTCash” to Cash-out From ATM Machine
  15. Enormous botnet used to hijack traffic destined for Brazilian banks

WORLD

  1. Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide
  2. Malware Outbreak Causes Disruptions, Closures at Canadian Restaurant Chain
  3. 3 types of attacks with ransomware: Cyber-theft, extortion, and sabotage
  4. FireEye unmasks a new North Korean threat group
  5. Hacker Defacing 11,000 US Websites Faces 10 Years behind Bars
  6. APT38: Details on New North Korean Regime-Backed Threat Group
  7. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
  8. #DanaBot Observed in Large Campaign Targeting U.S. Organizations
  9. Ransomware operators breach 40.000+ records from Fetal Diagnostic Institute of the Pacific
  10. Vietnam-Born Worker in U.S Intelligence Ordered Prison over Data Theft and Leakage
  11. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
  12. New Danabot Banking Malware campaign now targets banks in the U.S.
  13. Hacker faces jail time after defacing US military academy, NYC sites
  14. 100,000-Plus Home Routers Hijacked in Campaign to Steal Banking Credentials
  15. GhostDNS hijacked 100,000 router traffic directed to phishing sites
  16. The Intel Management Engine exposes a new vulnerability
  17. See clearly, decide wisely with visibility and management
  18. Researchers associated the recently discovered NOKKI Malware to North Korean APT
  19. Ransomware Hits Port of San Diego
  20. Z-LAB Report – Analyzing the GandCrab v5 ransomware
  21. Bank Servers Hacked to Trick ATMs into Spitting Out Millions in Cash
  22. Vulnerabilities expose Iomega and LenovoEMC NAS devices to attacks
  23. Facebook faces legal actions after data breach
  24. Estonia sues Gemalto for €152M for the flaws in the identification cards issued by the company
  25. Enormous botnet used to hijack traffic destined for Brazilian banks
  26. 100,000 routers hijacked by GhostDNS, traffic directed to phishing sites
  27. DanaBot Observed in Large Campaign Targeting U.S. Organizations

ATTACKS

  1. Phishing 101: Protection for Everyone
  2. FakeSpy Is Back as Part of New SmiShing Campaign, Adds New Features
  3. How to use the Firefox Master Password
  4. The ultimate fallout from the Facebook data breach could be massive
  5. Phishing gets more complex as decoy PDF pops up with Microsoft-issued SSL certificate
  6. LastPass study shines new light on global password security practices
  7. Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
  8. Hacker Faces Jail Time After Defacing West Point, NYC Sites
  9. Gwinnett Medical Center Investigates Possible Data Breach
  10. Torii Botnet - Definitely Not a Mirai Wannabe
  11. Instagram Used as Marketplace to Sell Stolen Fortnite Accounts and Botnets
  12. Hacker Defacing 11,000 US Websites Faces 10 Years behind Bars
  13. Phishing Attack Impersonates Law Firm
  14. Phishing Attack Uses Azure Blob Storage to Impersonate Microsoft
  15. Hacked Fortnite accounts and rent-a-botnet being pushed on Instagram
  16. Gwinnett Medical Center investigates possible data breach
  17. Hacktivist pleads guilty to defacing websites for NYC comptroller, Combating Terrorism Center
  18. GhostDNS hijacking campaign steps up attacks on Brazilians; 100K+ devices compromised
  19. Phishing Attack Impersonates Law Firm
  20. #DanaBot Observed in Large Campaign Targeting U.S. Organizations
  21. Ransomware operators breach 40.000+ records from Fetal Diagnostic Institute of the Pacific
  22. Facebook Reveals That Trio of Bugs Led to Data Breach
  23. Vietnam-Born Worker in U.S Intelligence Ordered Prison over Data Theft and Leakage
  24. New Danabot Banking Malware campaign now targets banks in the U.S.
  25. Hacker faces jail time after defacing US military academy, NYC sites
  26. Zoho domains central to keylogger, data theft campaigns worldwide
  27. Password-sharing is still prevalent in the workplace – although 45 percent of businesses do now use multifactor authentication:
  28. 100,000-Plus Home Routers Hijacked in Campaign to Steal Banking Credentials
  29. GhostDNS hijacked 100,000 router traffic directed to phishing sites
  30. Dark Web Malware Builder Allow Attackers To Create Malware That Steals Passwords & Credit Card Data
  31. .@Lookout’s @VijayaKaza is at @FedNewsRadio’s studio recording with @gschumm!
  32. How Ashley Madison Recovered From Its Massive Data Breach
  33. Hackers Use Instagram For Selling Stolen ‘Fortnite’ Accounts And Botnets
  34. An extremely high number of keylogger #phishing campaigns have been seen tied to the Zoho online office suite software:
  35. New Betabot campaign under the microscope
  36. CyberSecurity Asean security alert on A Vulnerability in Microsoft Windows JET Database Engine Could Allow for Remote Code Execution
  37. Facebook faces legal actions after data breach
  38. Enormous botnet used to hijack traffic destined for Brazilian banks
  39. BYOB – Build Your Own Botnet
  40. The @activereach guide to #DDoS, is aimed at technically aware business people who do not necessarily have a background in
  41. What is the future of authentication? Hint: It’s not passwords, passphrases or MFA
  42. Norton by Symantec Urges Consumers to Help Protect Their Personal Data
  43. 100,000 routers hijacked by GhostDNS, traffic directed to phishing sites
  44. DanaBot Observed in Large Campaign Targeting U.S. Organizations

THREATS

  1. Windows 10 October 2018 Update refines ransomware protection
  2. Virus Bulletin 2018: macOS Flaw Allows Attackers to Hijack Installed Apps
  3. Virus Bulletin 2018: Microsoft’s Lambert on How Cloud is Changing Security
  4. [SingCERT] Alert on 47 Critical Vulnerabilities in Adobe Acrobat and Adobe Reader
  5. Malware Outbreak Causes Disruptions, Closures at Canadian Restaurant Chain
  6. Mozilla Firefox Releases 62.0.3 & Security Updates for 2 High Critical Vulnerabilities
  7. Betabot - An Example of Cheap Modern Malware Sophistication
  8. Instagram accounts frozen with ransomware | Avast
  9. Instagram accounts frozen with ransomware | Avast
  10. Did you know that 1 in 131 emails contains malware? In honor of #NCSAM, secure your spot for #RiskSec, expand
  11. Women in Information Security: Pam Armstrong
  12. Vulnerability Spotlight: Google PDFium JBIG2 Image ComposeToOpt2WithRect Information Disclosure Vulnerability
  13. New KONNI Malware Attacking Eurasia and Southeast Asia
  14. Google Taking New Steps To Prevent Malicious Chrome Extensions
  15. Foxit patches 118 vulnerabilities in popular PDF reader
  16. 3 types of attacks with ransomware: Cyber-theft, extortion, and sabotage
  17. Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack
  18. Network Outage at Some Recipe Unlimited Locations Caused by Malware
  19. The one serious MacBook Pro security flaw that nobody is talking about
  20. Update now: Adobe fixes 85 serious flaws in Acrobat and Reader
  21. Labeless Part 6: How to Resolve Obfuscated API Calls in the Ngioweb Proxy Malware
  22. 18 Vulnerabilities Found in Foxit PDF Reader
  23. Banking trojans, not #ransomware, are the biggest threat to the enterprise now.
  24. Labeless Part 5: How to Decrypt Strings in Boleto Banking Malware Without Reconstructing Decryption Algorithm.
  25. 18 Vulnerabilities Found in Foxit PDF Reader
  26. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
  27. Marine Corps bug bounty program finds 150 vulnerabilities
  28. TP-Link router vulnerable to remote takeover flaw
  29. Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
  30. Adobe update cleans up 86 bugs in Acrobat and Reader, many critical
  31. Ransomware operators breach 40.000+ records from Fetal Diagnostic Institute of the Pacific
  32. TA18-276A: Using Rigorous Credential Control to Mitigate Trusted Network Exploitation
  33. Facebook Reveals That Trio of Bugs Led to Data Breach
  34. TP-Link router vulnerable to remote takeover flaw
  35. Adobe update cleans up 86 bugs in Acrobat and Reader, many critical
  36. New Danabot Banking Malware campaign now targets banks in the U.S.
  37. Zoho domains central to keylogger, data theft campaigns worldwide
  38. Recipe Unlimited denies ransomware attack, despite alleged ransom note
  39. The Intel Management Engine exposes a new vulnerability
  40. How an improper #authentication flaw affects
  41. Dark Web Malware Builder Allow Attackers To Create Malware That Steals Passwords & Credit Card Data
  42. IDG Contributor Network: Will your company be valued by its price-to-data ratio?
  43. Researchers from @alienvault found a new #cryptocurrency mining malware -- dubbed #MassMiner -- that infects systems across the web. Learn
  44. Introducing... THE HUNT: A Cyber Attack in the Process Industry
  45. Vulnerability Spotlight: Google PDFium JBIG2 Image ComposeToOpt2WithRect Information Disclosure Vulnerability
  46. Researchers associated the recently discovered NOKKI Malware to North Korean APT
  47. Changes to #Sanny #malware delivery method attacks were recently discovered by @FireEye researches. Learn who is at risk and how
  48. Ransomware Hits Port of San Diego
  49. An extremely high number of keylogger #phishing campaigns have been seen tied to the Zoho online office suite software:
  50. Z-LAB Report – Analyzing the GandCrab v5 ransomware
  51. CyberSecurity Asean security alert on A Vulnerability in Microsoft Windows JET Database Engine Could Allow for Remote Code Execution
  52. Preventing and Detecting Malicious Insiders
  53. Vulnerabilities expose Iomega and LenovoEMC NAS devices to attacks
  54. Estonia sues Gemalto for €152M for the flaws in the identification cards issued by the company
  55. Scanning for OWASP Top 10 Vulnerabilities with Metasploit for the Web(w3af)
  56. Mozilla Firefox 62.0.3 releases: Fixed hangs on macOS Mojave & security bugs
  57. In 1999, AV-TEST reported that there were 98,428 total unique malware samples. Today, AV-TEST registers over 350,000 new pieces of
  58. Apple iOS 12 Texting Bug Sends Messages To Wrong Contacts
  59. Heipparallaa! Uudessa jaksossamme sivuutamme ajankohtaiset aiheet ja keskitymme puhumaan @japi999 ja @ekoivune kanssa tietoturva-asiantuntijuudesta. Bonusvieraana tällä kertaa OpSecin sijaan @Larppa1337!
  60. Cheap Android Phones and Poor Quality Control Leads to Malware Surprise
  61. DanaBot Observed in Large Campaign Targeting U.S. Organizations

CRIME

  1. Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide
  2. 3 types of attacks with ransomware: Cyber-theft, extortion, and sabotage
  3. FireEye unmasks a new North Korean threat group
  4. Hacker Defacing 11,000 US Websites Faces 10 Years behind Bars
  5. APT38: Details on New North Korean Regime-Backed Threat Group
  6. Banking trojans, not #ransomware, are the biggest threat to the enterprise now.
  7. Labeless Part 5: How to Decrypt Strings in Boleto Banking Malware Without Reconstructing Decryption Algorithm.
  8. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
  9. Hacktivist pleads guilty to defacing websites for NYC comptroller, Combating Terrorism Center
  10. TA18-276A: Using Rigorous Credential Control to Mitigate Trusted Network Exploitation
  11. Vietnam-Born Worker in U.S Intelligence Ordered Prison over Data Theft and Leakage
  12. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
  13. New Danabot Banking Malware campaign now targets banks in the U.S.
  14. Zoho domains central to keylogger, data theft campaigns worldwide
  15. 100,000-Plus Home Routers Hijacked in Campaign to Steal Banking Credentials
  16. GhostDNS hijacked 100,000 router traffic directed to phishing sites
  17. Recipe Unlimited denies ransomware attack, despite alleged ransom note
  18. Dark Web Malware Builder Allow Attackers To Create Malware That Steals Passwords & Credit Card Data
  19. Ransomware Hits Port of San Diego
  20. Z-LAB Report – Analyzing the GandCrab v5 ransomware
  21. Bank Servers Hacked to Trick ATMs into Spitting Out Millions in Cash
  22. North Korean HIDDEN COBRA Hackers Using New Attack Called “FASTCash” to Cash-out From ATM Machine
  23. New Betabot campaign under the microscope
  24. Facebook faces legal actions after data breach
  25. Estonia sues Gemalto for €152M for the flaws in the identification cards issued by the company
  26. Enormous botnet used to hijack traffic destined for Brazilian banks
  27. BYOB – Build Your Own Botnet
  28. What is the future of authentication? Hint: It’s not passwords, passphrases or MFA
  29. DanaBot Observed in Large Campaign Targeting U.S. Organizations

POLITICS

  1. Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide
  2. DHS aware of ongoing APT attacks on cloud service providers
  3. 3 types of attacks with ransomware: Cyber-theft, extortion, and sabotage
  4. FireEye unmasks a new North Korean threat group
  5. Hacker Defacing 11,000 US Websites Faces 10 Years behind Bars
  6. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
  7. Hacktivist pleads guilty to defacing websites for NYC comptroller, Combating Terrorism Center
  8. TA18-276A: Using Rigorous Credential Control to Mitigate Trusted Network Exploitation
  9. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
at
Labels:
Subscribe to: Posts (Atom)