APT report for 2018-10-06

TRANSNATIONAL / UNKNOWN

1. Burgerville discloses year-long data breach, courtesy of FIN7 cybergang

CHINA

Nothing to report

INDIA

Nothing to report

NORTH KOREA

2. News of the Week: October 6, 2018

PAKISTAN

Nothing to report

VIETNAM

Nothing to report

IRAN

Nothing to report

LEBANON

Nothing to report

PALESTINE

Nothing to report

SAUDI ARABIA

Nothing to report

UNITED ARAB EMIRATES

Nothing to report

RUSSIA

3. APT28 turns away from election hacking and back to cyberespionage
4. Dutch and British Governments Slam Russia for Cyberattacks
5. Feds Indict 7 Russians for Hacking and Disinformation

UKRAINE

Nothing to report

Platform report for 2018-10-06

WINDOWS

Nothing to report

LINUX

1. GitHub fixes a remote code security vulnerability that affects Linux system

UNIX

Nothing to report

ANDROID

2. Android SMS Worm, plus setting up a Mac for kids
3. .@ThreatFabric researchers uncovered a #malware that uses overlay techniques to avoid detection. Learn from @lewisnic how this new #Androidmalware --
4. Researchers at @Trustlook Labs found an #Android #Trojan that copies and steals data from mobile #messagingapps. Discover how this is

IOS

Nothing to report

MACOS

Nothing to report

Threat report for 2018-10-06

DATA BREACH

1. SQL Injection Exposed Data From Canadian ISP – Altima Telecom
2. China’s Alleged Hidden Chip for Espionage Exposed
3. Washington D.C. Man Faces Up to 20 Years in Jail for US Senators Doxing Charges
4. $12 Billion Lost Because of E-mail Account Compromise Incidents in Five Years
5. Democratic congressional intern arrested for doxing GOP senators during Kavanaugh hearing
6. Project Insecurity (@insecurity) researchers recently found #livechatsoftware leaking personal employee data. Learn what #data was leaked and how attackers can
7. Burgerville discloses year-long data breach, courtesy of FIN7 cybergang
8. Hackers Offering Less than $150 to Hack Corporate Email Accounts – 12.5 Million Email Archive Files are Exposed

DENIAL-OF-SERVICE

9. California bill bans bots during elections

MALVERTISING

Nothing to report

PHISHING

10. California prohibits use of weak default passwords

WEB DEFACEMENT

Nothing to report

MALWARE

11. Android SMS Worm, plus setting up a Mac for kids
12. .@ThreatFabric researchers uncovered a #malware that uses overlay techniques to avoid detection. Learn from @lewisnic how this new #Androidmalware --
13. At the 2018 @RSAConference, researchers discussed the rise of stegware -- #malware that uses #steganography techniques to avoid detection. Learn
14. Betabot trojan packed with anti-malware evasion tools
15. Malicious remote admin tool seemingly linked to KONNI malware, North Korea
16. How a remote access #Trojan checks for
17. Report: Chinese Spy Chip Backdoored US Defense, Tech Firms
18. More Than 50 Malicious Apps With Over 350,000 Installs Found On Google Play
19. Researchers at @Trustlook Labs found an #Android #Trojan that copies and steals data from mobile #messagingapps. Discover how this is
20. How to protect public SSH servers from
21. Researchers at @TrendMicro found a new strain of #malware -- dubbed #FacexWorm -- that targets users through a malicious #ChromeExtension.

EXPLOIT

22. SQL Injection Exposed Data From Canadian ISP – Altima Telecom
23. Hackers exploit vulnerability in Bitcoin code

VULNERABILITY

24. Sony Bravia Smart TVs affected by a critical vulnerability
25. Sony Smart TV Bug Allows Remote Access, Root Privileges
26. How #Shodan helps identify #ICSsecurity vulnerabilities
27. Git Project Patches Remote Code Execution Vulnerability in Git
28. The weekend starts here... right after you've installed these critical Cisco bug patches
29. GitHub fixes a remote code security vulnerability that affects Linux system
30. Cisco updates address 36 vulnerabilities, three critical
31. Hackers exploit vulnerability in Bitcoin code
32. Vulnerability Scanning vs. Penetration Testing: What's the Difference?
33. TP-Link router vulnerable to remote takeover flaw

Region brief for 2018-10-06

ASIA

1. China’s Alleged Hidden Chip for Espionage Exposed
2. Report: Chinese Spy Chip Backdoored US Defense, Tech Firms

OCEANIA

Nothing to report

NORTH AMERICA

3. SQL Injection Exposed Data From Canadian ISP – Altima Telecom
4. China’s Alleged Hidden Chip for Espionage Exposed
5. Washington D.C. Man Faces Up to 20 Years in Jail for US Senators Doxing Charges
6. Sony Bravia Smart TVs affected by a critical vulnerability
7. News of the Week: October 6, 2018
8. Feds Indict 7 Russians for Hacking and Disinformation
9. Report: Chinese Spy Chip Backdoored US Defense, Tech Firms

SOUTH AMERICA

Nothing to report

EUROPE

10. News of the Week: October 6, 2018
11. Dutch and British Governments Slam Russia for Cyberattacks
12. Feds Indict 7 Russians for Hacking and Disinformation

AFRICA

Nothing to report

Sector brief for 2018-10-06

HEALTHCARE

Nothing to report

TRANSPORT

Nothing to report

BANKING & FINANCE

1. China’s Alleged Hidden Chip for Espionage Exposed
2. Washington D.C. Man Faces Up to 20 Years in Jail for US Senators Doxing Charges
3. $12 Billion Lost Because of E-mail Account Compromise Incidents in Five Years
4. GitHub fixes a remote code security vulnerability that affects Linux system
5. Hackers Offering Less than $150 to Hack Corporate Email Accounts – 12.5 Million Email Archive Files are Exposed
6. Hackers exploit vulnerability in Bitcoin code

INFORMATION & TELECOMMUNICATION

7. SQL Injection Exposed Data From Canadian ISP – Altima Telecom
8. China’s Alleged Hidden Chip for Espionage Exposed
9. .@ThreatFabric researchers uncovered a #malware that uses overlay techniques to avoid detection. Learn from @lewisnic how this new #Androidmalware --
10. Git Project Patches Remote Code Execution Vulnerability in Git
11. GitHub fixes a remote code security vulnerability that affects Linux system
12. More Than 50 Malicious Apps With Over 350,000 Installs Found On Google Play
13. California prohibits use of weak default passwords

FOOD

Nothing to report

WATER

Nothing to report

ENERGY

Nothing to report

GOVERNMENT & PUBLIC SERVICE

14. APT28 turns away from election hacking and back to cyberespionage

Daily brief for 2018-10-06

ASIA

1. China’s Alleged Hidden Chip for Espionage Exposed
2. Report: Chinese Spy Chip Backdoored US Defense, Tech Firms

WORLD

3. SQL Injection Exposed Data From Canadian ISP – Altima Telecom
4. China’s Alleged Hidden Chip for Espionage Exposed
5. Washington D.C. Man Faces Up to 20 Years in Jail for US Senators Doxing Charges
6. Sony Bravia Smart TVs affected by a critical vulnerability
7. News of the Week: October 6, 2018
8. Dutch and British Governments Slam Russia for Cyberattacks
9. Feds Indict 7 Russians for Hacking and Disinformation
10. Report: Chinese Spy Chip Backdoored US Defense, Tech Firms

ATTACKS

11. SQL Injection Exposed Data From Canadian ISP – Altima Telecom
12. China’s Alleged Hidden Chip for Espionage Exposed
13. Washington D.C. Man Faces Up to 20 Years in Jail for US Senators Doxing Charges
14. $12 Billion Lost Because of E-mail Account Compromise Incidents in Five Years
15. Democratic congressional intern arrested for doxing GOP senators during Kavanaugh hearing
16. California bill bans bots during elections
17. Project Insecurity (@insecurity) researchers recently found #livechatsoftware leaking personal employee data. Learn what #data was leaked and how attackers can
18. Burgerville discloses year-long data breach, courtesy of FIN7 cybergang
19. Hackers Offering Less than $150 to Hack Corporate Email Accounts – 12.5 Million Email Archive Files are Exposed
20. California prohibits use of weak default passwords

THREATS

21. SQL Injection Exposed Data From Canadian ISP – Altima Telecom
22. Sony Bravia Smart TVs affected by a critical vulnerability
23. Android SMS Worm, plus setting up a Mac for kids
24. .@ThreatFabric researchers uncovered a #malware that uses overlay techniques to avoid detection. Learn from @lewisnic how this new #Androidmalware --
25. At the 2018 @RSAConference, researchers discussed the rise of stegware -- #malware that uses #steganography techniques to avoid detection. Learn
26. Sony Smart TV Bug Allows Remote Access, Root Privileges
27. How #Shodan helps identify #ICSsecurity vulnerabilities
28. Git Project Patches Remote Code Execution Vulnerability in Git
29. Betabot trojan packed with anti-malware evasion tools
30. Malicious remote admin tool seemingly linked to KONNI malware, North Korea
31. How a remote access #Trojan checks for
32. The weekend starts here... right after you've installed these critical Cisco bug patches
33. Report: Chinese Spy Chip Backdoored US Defense, Tech Firms
34. GitHub fixes a remote code security vulnerability that affects Linux system
35. More Than 50 Malicious Apps With Over 350,000 Installs Found On Google Play
36. Researchers at @Trustlook Labs found an #Android #Trojan that copies and steals data from mobile #messagingapps. Discover how this is
37. How to protect public SSH servers from
38. Cisco updates address 36 vulnerabilities, three critical
39. Hackers exploit vulnerability in Bitcoin code
40. Vulnerability Scanning vs. Penetration Testing: What's the Difference?
41. TP-Link router vulnerable to remote takeover flaw
42. Researchers at @TrendMicro found a new strain of #malware -- dubbed #FacexWorm -- that targets users through a malicious #ChromeExtension.

CRIME

43. China’s Alleged Hidden Chip for Espionage Exposed
44. Washington D.C. Man Faces Up to 20 Years in Jail for US Senators Doxing Charges
45. $12 Billion Lost Because of E-mail Account Compromise Incidents in Five Years
46. Feds Indict 7 Russians for Hacking and Disinformation
47. Hackers Offering Less than $150 to Hack Corporate Email Accounts – 12.5 Million Email Archive Files are Exposed
48. Hackers exploit vulnerability in Bitcoin code

POLITICS

49. China’s Alleged Hidden Chip for Espionage Exposed
50. APT28 turns away from election hacking and back to cyberespionage
51. Feds Indict 7 Russians for Hacking and Disinformation
52. Report: Chinese Spy Chip Backdoored US Defense, Tech Firms