APT report for 2018-10-20

TRANSNATIONAL / UNKNOWN

1. DarkPulsar – A Shadow Brokers Group’s New Hacking Tool Leak To Open Backdoor & Provide Remote Control
2. Spotted: Miscreants use pilfered NSA hacking tools to pwn boxes in nuke, aerospace worlds

CHINA

Nil

INDIA

Nil

NORTH KOREA

Nil

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

3. .@RobertMLee said #GreyEnergy is a threat, but people shouldn't conclude from @ESET research that the group will only target

SERBIA

Nil

UKRAINE

Nil

Platform report for 2018-10-20

WINDOWS

1. Fake Flash Player Installer Embeds Monero Coin Miner, Wreaking Havoc in the Wild
2. Java Usage Tracker Critical Flaw Enable Hackers to Inject Arbitrary Files on Windows Systems

LINUX

3. Fake Flash Player Installer Embeds Monero Coin Miner, Wreaking Havoc in the Wild
4. Heads-Up: Patch 'Comically Bad' libSSH Flaw Now
5. Xerosploit – Toolkit to Perform MITM, Spoofing, DOS, Images Sniffing/Replacement, WD Attacks

UNIX

Nil

ANDROID

6. Fake Flash Player Installer Embeds Monero Coin Miner, Wreaking Havoc in the Wild

IOS

7. Fake Flash Player Installer Embeds Monero Coin Miner, Wreaking Havoc in the Wild

MACOS

8. Fake Flash Player Installer Embeds Monero Coin Miner, Wreaking Havoc in the Wild

Threat report for 2018-10-20

DATA BREACH & DATA LOSS

1. DarkPulsar – A Shadow Brokers Group’s New Hacking Tool Leak To Open Backdoor & Provide Remote Control
2. Anthem to Pay Record $16M as Settlement for Privacy Violations
3. If it's only able to leak data at 15 bits per hour, is #NetSpectre a serious threat? Learn more about
4. Thousands of applications affected by a zero-day issue in jQuery File Upload plugin
5. #TLBleed abuses @Intel's HTT chip feature to leak data and obtain sensitive memory information. Learn more about this new side-channel

DENIAL-OF-SERVICE

6. Spotted: Miscreants use pilfered NSA hacking tools to pwn boxes in nuke, aerospace worlds

MALVERTISING

Nil

PHISHING

Nil

WEB DEFACEMENT

Nil

BOTNET

7. The Russian built #VPNFilter #botnet was previously taken down after 500,000 routers were infected. However, recently it attempted a comeback.

RANSOMWARE

8. Syrian victims of the GandCrab ransomware can decrypt their files for free

CRYPTOMINING & CRYPTOCURRENCIES

9. Fake Flash Player Installer Embeds Monero Coin Miner, Wreaking Havoc in the Wild

MALWARE

10. DarkPulsar – A Shadow Brokers Group’s New Hacking Tool Leak To Open Backdoor & Provide Remote Control
11. Man Sentenced to 30 Months in Jail For Creating LuminosityLink RAT
12. Here's how the hack works: Temperatures used in the pulp cooking process begin to vary random intervals. The fluctuations in temperature

EXPLOIT

13. Vendors confirm products affected by libssh bug as PoC code pops up on GitHub

VULNERABILITY

14. Oracle Critical Patch Update October 2018 Addressed 301 Flaws Including 47 High-Rated Flaws
15. Two Critical RCE Bugs Patched in Drupal 7 and 8
16. Vendors confirm products affected by libssh bug as PoC code pops up on GitHub
17. A #libSSH vulnerability that went undisclosed for almost five years could allow an attacker easy #AdminAccess to servers, @0xAmit said
18. Heads-Up: Patch 'Comically Bad' libSSH Flaw Now
19. Thousands of applications affected by a zero-day issue in jQuery File Upload plugin
20. OpenSSH 7.9 released: fixed bugs
21. Learn how the #NetSpectre vulnerability affects the #cloud from expert Ed Moyle of @securitycurve.
22. Critical Code Execution Vulnerability Found in Libraries Used By VLC and Other Media Players
23. Vulnerabilities in telepresence robots allow access to image and video
24. Java Usage Tracker Critical Flaw Enable Hackers to Inject Arbitrary Files on Windows Systems

Region brief for 2018-10-20

ASIA

1. Syrian victims of the GandCrab ransomware can decrypt their files for free

OCEANIA

Nil

NORTH AMERICA

2. Anthem to Pay Record $16M as Settlement for Privacy Violations

SOUTH AMERICA

Nil

EUROPE

3. Syrian victims of the GandCrab ransomware can decrypt their files for free
4. The Russian built #VPNFilter #botnet was previously taken down after 500,000 routers were infected. However, recently it attempted a comeback.

AFRICA

Nil

Sector brief for 2018-10-20

HEALTHCARE

1. Anthem to Pay Record $16M as Settlement for Privacy Violations
2. Vulnerabilities in telepresence robots allow access to image and video

TRANSPORT

3. Spotted: Miscreants use pilfered NSA hacking tools to pwn boxes in nuke, aerospace worlds

BANKING & FINANCE

4. Syrian victims of the GandCrab ransomware can decrypt their files for free
5. Anthem to Pay Record $16M as Settlement for Privacy Violations

INFORMATION & TELECOMMUNICATION

6. Syrian victims of the GandCrab ransomware can decrypt their files for free
7. Thousands of applications affected by a zero-day issue in jQuery File Upload plugin

FOOD

Nil

WATER

Nil

ENERGY

8. Spotted: Miscreants use pilfered NSA hacking tools to pwn boxes in nuke, aerospace worlds

GOVERNMENT & PUBLIC SERVICE

9. Anthem to Pay Record $16M as Settlement for Privacy Violations

Daily brief for 2018-10-20

ASIA

1. Syrian victims of the GandCrab ransomware can decrypt their files for free

WORLD

2. Syrian victims of the GandCrab ransomware can decrypt their files for free
3. Anthem to Pay Record $16M as Settlement for Privacy Violations
4. The Russian built #VPNFilter #botnet was previously taken down after 500,000 routers were infected. However, recently it attempted a comeback.

ATTACKS

5. DarkPulsar – A Shadow Brokers Group’s New Hacking Tool Leak To Open Backdoor & Provide Remote Control
6. Anthem to Pay Record $16M as Settlement for Privacy Violations
7. If it's only able to leak data at 15 bits per hour, is #NetSpectre a serious threat? Learn more about
8. Thousands of applications affected by a zero-day issue in jQuery File Upload plugin
9. #TLBleed abuses @Intel's HTT chip feature to leak data and obtain sensitive memory information. Learn more about this new side-channel

THREATS

10. Oracle Critical Patch Update October 2018 Addressed 301 Flaws Including 47 High-Rated Flaws
11. Syrian victims of the GandCrab ransomware can decrypt their files for free
12. Fake Flash Player Installer Embeds Monero Coin Miner, Wreaking Havoc in the Wild
13. DarkPulsar – A Shadow Brokers Group’s New Hacking Tool Leak To Open Backdoor & Provide Remote Control
14. Two Critical RCE Bugs Patched in Drupal 7 and 8
15. Vendors confirm products affected by libssh bug as PoC code pops up on GitHub
16. A #libSSH vulnerability that went undisclosed for almost five years could allow an attacker easy #AdminAccess to servers, @0xAmit said
17. Heads-Up: Patch 'Comically Bad' libSSH Flaw Now
18. Man Sentenced to 30 Months in Jail For Creating LuminosityLink RAT
19. Thousands of applications affected by a zero-day issue in jQuery File Upload plugin
20. OpenSSH 7.9 released: fixed bugs
21. Learn how the #NetSpectre vulnerability affects the #cloud from expert Ed Moyle of @securitycurve.
22. Critical Code Execution Vulnerability Found in Libraries Used By VLC and Other Media Players
23. Vulnerabilities in telepresence robots allow access to image and video
24. Java Usage Tracker Critical Flaw Enable Hackers to Inject Arbitrary Files on Windows Systems
25. Here's how the hack works: Temperatures used in the pulp cooking process begin to vary random intervals. The fluctuations in temperature

CRIME

26. Syrian victims of the GandCrab ransomware can decrypt their files for free
27. Anthem to Pay Record $16M as Settlement for Privacy Violations
28. Man Sentenced to 30 Months in Jail For Creating LuminosityLink RAT
29. Thousands of applications affected by a zero-day issue in jQuery File Upload plugin

POLITICS

30. Spotted: Miscreants use pilfered NSA hacking tools to pwn boxes in nuke, aerospace worlds
31. Vulnerabilities in telepresence robots allow access to image and video