Oct 28, 2018

APT report for 2018-10-27

TRANSNATIONAL / UNKNOWN

Nil

CHINA

Nil

INDIA

Nil

NORTH KOREA

Nil

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

Nil

SERBIA

Nil

UKRAINE

  1. News of the Week: October 27, 2018
at
Labels:

Platform report for 2018-10-27

WINDOWS

  1. Cisco launches patches for vulnerabilities in WEBEX Meetings app

LINUX

  1. The LibSSH Security Bug in the Nutshell

UNIX

Nil

ANDROID

  1. The LibSSH Security Bug in the Nutshell

IOS

  1. The LibSSH Security Bug in the Nutshell

MACOS

  1. The LibSSH Security Bug in the Nutshell
at
Labels:

Threat report for 2018-10-27

DATA BREACH & DATA LOSS

Nil

DENIAL-OF-SERVICE

  1. DDoS and Ransomware Tools Used by Cyber Criminals Discovered
  2. A few dollars to bring down sites with new Bushido-based DDoS-for-hire service
  3. Hackers Offering DDoS-for-Hire Service Powered by Bushido Botnet in Dark Web Markets

MALVERTISING

Nil

PHISHING

Nil

WEB DEFACEMENT

Nil

BOTNET

  1. Hackers Offering DDoS-for-Hire Service Powered by Bushido Botnet in Dark Web Markets

RANSOMWARE

  1. DDoS and Ransomware Tools Used by Cyber Criminals Discovered
  2. Decrypt files attacked with the latest versions of GandCrab ransomware

CRYPTOMINING & CRYPTOCURRENCIES

  1. Sorry friends, I'm afraid I just can't quite afford the Bitcoin to stop that vid from leaking everywhere
  2. Australian Cryptocurrency Theft Highlights Security Mistakes

MALWARE

  1. .@FireEye researchers have attributed the #Triton #malware -- used in an attack on an industrial control system in Saudi Arabia
  2. Bankbot/Anubis downloader hits #1 trending at finance @ThreatFabric @
  3. Twelve malicious Python libraries found and removed from PyPI
  4. The forensics analysts log the adversaries’ actions and every network packet the hackers send. The adversaries use a process running
  5. Executable Formats and How To Exploit Them
  6. Unpatched Critical Bug in Microsoft Word Online Video Feature Allow Attacker to Deliver Powerful Malware
  7. New malware attacks targeting voters in key states in the 2018 US midterm elections
  8. Two hours after the deadline, the forensics team notices someone accessing the MES system server using domain administrator credentials through

EXPLOIT

  1. Executable Formats and How To Exploit Them

VULNERABILITY

  1. Researchers recently found vulnerabilities within the robot controllers from @Universal_Robot. Learn what these #robot controllers are used for and how
  2. In this week's Risk & Repeat podcast, editors discuss the #GAOreport on vulnerabilities and weaknesses in military weapons systems and
  3. The LibSSH Security Bug in the Nutshell
  4. The Pentagon expands the scope of its vulnerability bounty program
  5. Unpatched Critical Bug in Microsoft Word Online Video Feature Allow Attacker to Deliver Powerful Malware
  6. Cisco launches patches for vulnerabilities in WEBEX Meetings app
  7. A #RemoteCodeExecution flaw in @Cisco Webex -- called WebExec -- could be an easy vector for insider attacks, and the
at
Labels:

Region brief for 2018-10-27

ASIA

  1. .@FireEye researchers have attributed the #Triton #malware -- used in an attack on an industrial control system in Saudi Arabia

OCEANIA

  1. Australian Cryptocurrency Theft Highlights Security Mistakes

NORTH AMERICA

  1. In this week's Risk & Repeat podcast, editors discuss the #GAOreport on vulnerabilities and weaknesses in military weapons systems and
  2. Australian Cryptocurrency Theft Highlights Security Mistakes
  3. The Pentagon expands the scope of its vulnerability bounty program
  4. Decrypt files attacked with the latest versions of GandCrab ransomware
  5. New malware attacks targeting voters in key states in the 2018 US midterm elections

SOUTH AMERICA

Nil

EUROPE

  1. .@FireEye researchers have attributed the #Triton #malware -- used in an attack on an industrial control system in Saudi Arabia
  2. Decrypt files attacked with the latest versions of GandCrab ransomware
  3. New malware attacks targeting voters in key states in the 2018 US midterm elections

AFRICA

Nil
at
Labels:

Sector brief for 2018-10-27

HEALTHCARE

Nil

TRANSPORT

  1. A few dollars to bring down sites with new Bushido-based DDoS-for-hire service

BANKING & FINANCE

  1. News of the Week: October 27, 2018
  2. Australian Cryptocurrency Theft Highlights Security Mistakes
  3. Bankbot/Anubis downloader hits #1 trending at finance @ThreatFabric @
  4. The Pentagon expands the scope of its vulnerability bounty program

INFORMATION & TELECOMMUNICATION

  1. A few dollars to bring down sites with new Bushido-based DDoS-for-hire service
  2. Bankbot/Anubis downloader hits #1 trending at finance @ThreatFabric @
  3. The LibSSH Security Bug in the Nutshell

FOOD

Nil

WATER

Nil

ENERGY

Nil

GOVERNMENT & PUBLIC SERVICE

  1. .@FireEye researchers have attributed the #Triton #malware -- used in an attack on an industrial control system in Saudi Arabia
  2. In this week's Risk & Repeat podcast, editors discuss the #GAOreport on vulnerabilities and weaknesses in military weapons systems and
  3. Australian Cryptocurrency Theft Highlights Security Mistakes
  4. The Pentagon expands the scope of its vulnerability bounty program
  5. Decrypt files attacked with the latest versions of GandCrab ransomware
  6. New malware attacks targeting voters in key states in the 2018 US midterm elections
at
Labels:

Daily brief for 2018-10-27

ASIA

  1. .@FireEye researchers have attributed the #Triton #malware -- used in an attack on an industrial control system in Saudi Arabia

WORLD

  1. .@FireEye researchers have attributed the #Triton #malware -- used in an attack on an industrial control system in Saudi Arabia
  2. In this week's Risk & Repeat podcast, editors discuss the #GAOreport on vulnerabilities and weaknesses in military weapons systems and
  3. Australian Cryptocurrency Theft Highlights Security Mistakes
  4. The Pentagon expands the scope of its vulnerability bounty program
  5. Decrypt files attacked with the latest versions of GandCrab ransomware
  6. New malware attacks targeting voters in key states in the 2018 US midterm elections

ATTACKS

Nil

THREATS

  1. .@FireEye researchers have attributed the #Triton #malware -- used in an attack on an industrial control system in Saudi Arabia
  2. DDoS and Ransomware Tools Used by Cyber Criminals Discovered
  3. Researchers recently found vulnerabilities within the robot controllers from @Universal_Robot. Learn what these #robot controllers are used for and how
  4. In this week's Risk & Repeat podcast, editors discuss the #GAOreport on vulnerabilities and weaknesses in military weapons systems and
  5. Sorry friends, I'm afraid I just can't quite afford the Bitcoin to stop that vid from leaking everywhere
  6. Australian Cryptocurrency Theft Highlights Security Mistakes
  7. Bankbot/Anubis downloader hits #1 trending at finance @ThreatFabric @
  8. Twelve malicious Python libraries found and removed from PyPI
  9. The forensics analysts log the adversaries’ actions and every network packet the hackers send. The adversaries use a process running
  10. The LibSSH Security Bug in the Nutshell
  11. Executable Formats and How To Exploit Them
  12. The Pentagon expands the scope of its vulnerability bounty program
  13. Decrypt files attacked with the latest versions of GandCrab ransomware
  14. Unpatched Critical Bug in Microsoft Word Online Video Feature Allow Attacker to Deliver Powerful Malware
  15. Cisco launches patches for vulnerabilities in WEBEX Meetings app
  16. New malware attacks targeting voters in key states in the 2018 US midterm elections
  17. Two hours after the deadline, the forensics team notices someone accessing the MES system server using domain administrator credentials through
  18. A #RemoteCodeExecution flaw in @Cisco Webex -- called WebExec -- could be an easy vector for insider attacks, and the

CRIME

  1. DDoS and Ransomware Tools Used by Cyber Criminals Discovered
  2. Australian Cryptocurrency Theft Highlights Security Mistakes
  3. Hackers Offering DDoS-for-Hire Service Powered by Bushido Botnet in Dark Web Markets

POLITICS

Nil
at
Labels:

Oct 27, 2018

APT report for 2018-10-26

TRANSNATIONAL / UNKNOWN

  1. British Airways: additional 185,000 passengers may have been affected
  2. BA Website Hijacked by Magecart. Again. | Avast
  3. US Counters Russian Influence & Magecart Hacks Magento | Avast
  4. BA website and data breach by Magecart deeper than first thought
  5. BA Breach: An Extra 185K Customers Notified
  6. Hackers attack Cathay Pacific
  7. Second attack against British Airways is disclosed

CHINA

  1. Tracking Tick Through Recent Campaigns Targeting East Asia
  2. Operation Oceansalt

INDIA

Nil

NORTH KOREA

  1. North Korea Backed Two Cryptocurrency Scams This Year, Says Report

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

  1. GreyEnergy cyberespionage group targets Poland and Ukraine
  2. Russian sabotage in Saudi petrochemicals

SERBIA

Nil

UKRAINE

Nil
at
Labels:

Platform report for 2018-10-26

WINDOWS

  1. CVE-2018-14665 privilege escalation flaw affects popular Linux distros
  2. Code Execution Vulnerability Patched in Cross-Platform MKVToolNix Toolset
  3. ICMP Shell- Secret Command and Control Channel to Control Victims Machine Using Ping
  4. Cisco patches command injection bug in Webex Meetings Desktop App for Windows
  5. Vulnerability Spotlight: Talos-2018-0694 - MKVToolNix mkvinfo read_one_element Code Execution Vulnerability
  6. New Malware Abusing Two Legitimate Windows Files to Steal Victims Personal Data
  7. Zero-day vulnerability in Windows allows privileges escalation

LINUX

  1. CVE-2018-14665 privilege escalation flaw affects popular Linux distros
  2. Code Execution Vulnerability Patched in Cross-Platform MKVToolNix Toolset
  3. ICMP Shell- Secret Command and Control Channel to Control Victims Machine Using Ping
  4. Trivial Bug in X.Org Gives Root Permission on Linux and BSD Systems
  5. Chalubo Botnet
  6. CVE-2018-14665: Xorg X Server privilege escalation vulnerabilities
  7. This two-year-old X.org give-me-root hole is so trivial to exploit, you can fit it in a single tweet
  8. Vulnerability Spotlight: Talos-2018-0694 - MKVToolNix mkvinfo read_one_element Code Execution Vulnerability
  9. New Privilege Escalation Flaw Affects Most Linux Distributions

UNIX

  1. CVE-2018-14665 privilege escalation flaw affects popular Linux distros
  2. CVE-2018-14665: Xorg X Server privilege escalation vulnerabilities
  3. New Privilege Escalation Flaw Affects Most Linux Distributions

ANDROID

Nil

IOS

Nil

MACOS

  1. Code Execution Vulnerability Patched in Cross-Platform MKVToolNix Toolset
at
Labels:

Threat report for 2018-10-26

DATA BREACH & DATA LOSS

  1. ThreatList: 1 Out of 5 Would Ditch a Business After a Data Breach
  2. Facebook removes Iranian influence campaign as midterms near
  3. Bushido-Powered DDoS Service Whipped Up from Leaked Code
  4. British Airways: 185K Affected in Second Data Breach
  5. British Airways Data Breach Takes Off Again with 185K More Victims
  6. Settlement in Yahoo data breach leaves company to pay $50M
  7. Pocket iNET ISP Exposed 73GB of Sensitive Data On Misconfigured S3 Bucket
  8. Campaign 2018: New malware attacks target voters in key battleground states
  9. Cathay Pacific Hacked, Personal Data For 9.4 Million Passengers Compromised
  10. Tracking Tick Through Recent Campaigns Targeting East Asia
  11. Details of 9mil compromised in Cathay Pacific data leak
  12. Cathay Pacific Suffered Data Breach Affecting 9.4 Million Customers
  13. BA website and data breach by Magecart deeper than first thought
  14. Malicious actors attacked a back-end insurance system and the resulting @HealthCareGov #breach exposed an unknown amount of data on 75,000
  15. Cathay Pacific hack: Personal data of up to 9.4 million airline passengers laid bare
  16. Cathay Pacific Says 9.4 Million Affected by Data Breach
  17. A #ZeroDay in the popular #jQuery File Upload plugin could affect thousands of projects and the jQuery #plugin vulnerability may
  18. Airline Discovers Trove of Frequent Flyer Accounts Compromised and Posted for Sale Online:
  19. British Airways data breach worse than thought
  20. Spammers Behind Historic Data Breach Affecting Millions of Facebook Users
  21. Cathay Pacific Airways Confirm Data Breach of its Customers
  22. “Advanced attacks, spear-phishing and data breaches are the norm, instead of the exception. We need to address these issues with
  23. New Malware Abusing Two Legitimate Windows Files to Steal Victims Personal Data

DENIAL-OF-SERVICE

  1. University DDoS attack leads to $8.6 million fine, house arrest for New Jersey man
  2. Bushido-Powered DDoS Service Whipped Up from Leaked Code
  3. 16K Strong DDoS-for-Hire Botnet Provides 420+ GB/s Club to Knock Out Websites
  4. DemonBot Fans DDoS Flames with Hadoop Enslavement
  5. New DemonBot Attack Hadoop Clusters to Performing DDoS Attacks using Powerful Cloud infrastructure servers

MALVERTISING

Nil

PHISHING

  1. Microsoft bug makes phishing easy, says cybersecurity firm
  2. PhishX –Spear Phishing Tool for Capturing Credentials
  3. “Advanced attacks, spear-phishing and data breaches are the norm, instead of the exception. We need to address these issues with

WEB DEFACEMENT

Nil

BOTNET

  1. Exploits Block List Grows 50% Because of Spambot, Avalanche/Gamarue botnet
  2. 16K Strong DDoS-for-Hire Botnet Provides 420+ GB/s Club to Knock Out Websites
  3. Chalubo Botnet
  4. Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol
  5. New DemonBot Botnet Pulls the YARN in Hadoop Servers

RANSOMWARE

  1. The Week in Ransomware - October 26th 2018 - Decryptors, RaaS, and More
  2. 3 Keys to Reducing the Threat of Ransomware

CRYPTOMINING & CRYPTOCURRENCIES

  1. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  2. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  3. North Korea regime using and exploiting cryptocurrencies
  4. North Korea Backed Two Cryptocurrency Scams This Year, Says Report
  5. No Place for Security as Cryptocurrency Skills Demand Soars
  6. What Is Gridcoin and How Can It Advance Science?
  7. Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol
  8. China’s Alibaba Cloud Expands Enterprise Blockchain Offering to Global Markets
  9. How to become a Monero million(th)aire in just 20 minutes [PODCAST]

MALWARE

  1. Due to Misconfigured Component: DemonBot Malware Infects Multiple Apache Hadoop Servers
  2. PoC Attack Leverages Microsoft Office and YouTube to Deliver Malware
  3. ICMP Shell- Secret Command and Control Channel to Control Victims Machine Using Ping
  4. Scammers use old browser trick to create fake virus download
  5. Campaign 2018: New malware attacks target voters in key battleground states
  6. DeepPhish: Simulating Malicious AI to Act Like an Adversary
  7. .@FireEye #security researchers claimed the Russian government was 'most likely' behind the #Triton #malware attack on an industrial control system
  8. Malicious actors attacked a back-end insurance system and the resulting @HealthCareGov #breach exposed an unknown amount of data on 75,000
  9. An innovative partnership could help Cyber Command fight malware
  10. New Malware Abusing Two Legitimate Windows Files to Steal Victims Personal Data

EXPLOIT

  1. This two-year-old X.org give-me-root hole is so trivial to exploit, you can fit it in a single tweet

VULNERABILITY

  1. CVE-2018-14665 privilege escalation flaw affects popular Linux distros
  2. Cloudflare WAF Bypass Vulnerability Discovered
  3. Code Execution Vulnerability Patched in Cross-Platform MKVToolNix Toolset
  4. Vulnerability Spotlight: Talos-2018-0694 – MKVToolNix mkvinfo read_one_element Code Execution Vulnerability
  5. Microsoft bug makes phishing easy, says cybersecurity firm
  6. A flaw in @Cisco Webex -- called WebExec -- can allow #RemoteCodeExecution. And while experts don't agree on how dangerous
  7. Pentagon Expands Bug Bounty To Include Physical Systems
  8. WebExec vulnerability leaves Webex open to insider attacks
  9. Trivial Bug in X.Org Gives Root Permission on Linux and BSD Systems
  10. Researchers discovered a vulnerability in Cisco #Webex, called #WebExec, which allows local attackers to issue commands as privileged users. @iagox86
  11. Cisco patches command injection bug in Webex Meetings Desktop App for Windows
  12. CVE-2018-9206 was maliciously exploited that multiple websites were linked to the search page to jump to the betting site
  13. CVE-2018-14665: Xorg X Server privilege escalation vulnerabilities
  14. What a crane in the ass: Bug leaves construction machinery vulnerable to evil command injection
  15. Researchers report vulnerability in Microsoft Word's online video feature
  16. A #ZeroDay in the popular #jQuery File Upload plugin could affect thousands of projects and the jQuery #plugin vulnerability may
  17. Vulnerability Spotlight: Talos-2018-0694 - MKVToolNix mkvinfo read_one_element Code Execution Vulnerability
  18. LIVE NETWORKS LIVE555 Streaming Media RTSP Server Remote Code Execution Vulnerability(CVE-2018-4013) Threat Alert
  19. New Privilege Escalation Flaw Affects Most Linux Distributions
  20. Top 5 Application Vulnerabilities: How to Prevent Risks
  21. 7 places to find threat intel beyond vulnerability databases
  22. Zero-day vulnerability in Windows allows privileges escalation
at
Labels:

Region brief for 2018-10-26

ASIA

  1. GreyEnergy cyberespionage group targets Poland and Ukraine
  2. Facebook removes Iranian influence campaign as midterms near
  3. Exploits Block List Grows 50% Because of Spambot, Avalanche/Gamarue botnet
  4. CVE-2018-14665 privilege escalation flaw affects popular Linux distros
  5. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  6. Tracking Tick Through Recent Campaigns Targeting East Asia
  7. .@FireEye #security researchers claimed the Russian government was 'most likely' behind the #Triton #malware attack on an industrial control system
  8. North Korea regime using and exploiting cryptocurrencies
  9. North Korea Backed Two Cryptocurrency Scams This Year, Says Report
  10. LIVE NETWORKS LIVE555 Streaming Media RTSP Server Remote Code Execution Vulnerability(CVE-2018-4013) Threat Alert
  11. New Privilege Escalation Flaw Affects Most Linux Distributions
  12. Operation Oceansalt
  13. Hackers attack Cathay Pacific
  14. China’s Alibaba Cloud Expands Enterprise Blockchain Offering to Global Markets
  15. Russian sabotage in Saudi petrochemicals

OCEANIA

  1. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  2. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency

NORTH AMERICA

  1. University DDoS attack leads to $8.6 million fine, house arrest for New Jersey man
  2. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  3. US Counters Russian Influence & Magecart Hacks Magento | Avast
  4. North Korea Backed Two Cryptocurrency Scams This Year, Says Report
  5. What a crane in the ass: Bug leaves construction machinery vulnerable to evil command injection
  6. China’s Alibaba Cloud Expands Enterprise Blockchain Offering to Global Markets

SOUTH AMERICA

Nil

EUROPE

  1. British Airways: additional 185,000 passengers may have been affected
  2. GreyEnergy cyberespionage group targets Poland and Ukraine
  3. British Airways: 185K Affected in Second Data Breach
  4. BA Website Hijacked by Magecart. Again. | Avast
  5. British Airways Data Breach Takes Off Again with 185K More Victims
  6. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  7. US Counters Russian Influence & Magecart Hacks Magento | Avast
  8. .@FireEye #security researchers claimed the Russian government was 'most likely' behind the #Triton #malware attack on an industrial control system
  9. BA website and data breach by Magecart deeper than first thought
  10. No Place for Security as Cryptocurrency Skills Demand Soars
  11. BA Breach: An Extra 185K Customers Notified
  12. British Airways data breach worse than thought
  13. Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol
  14. Hackers attack Cathay Pacific
  15. China’s Alibaba Cloud Expands Enterprise Blockchain Offering to Global Markets
  16. Second attack against British Airways is disclosed
  17. Russian sabotage in Saudi petrochemicals

AFRICA

Nil
at
Labels:

Sector brief for 2018-10-26

HEALTHCARE

  1. Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol

TRANSPORT

  1. North Korea Backed Two Cryptocurrency Scams This Year, Says Report
  2. Hackers attack Cathay Pacific

BANKING & FINANCE

  1. British Airways: additional 185,000 passengers may have been affected
  2. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  3. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  4. Details of 9mil compromised in Cathay Pacific data leak
  5. CVE-2018-9206 was maliciously exploited that multiple websites were linked to the search page to jump to the betting site
  6. Cathay Pacific hack: Personal data of up to 9.4 million airline passengers laid bare
  7. No Place for Security as Cryptocurrency Skills Demand Soars
  8. BA Breach: An Extra 185K Customers Notified
  9. Hackers attack Cathay Pacific
  10. Second attack against British Airways is disclosed

INFORMATION & TELECOMMUNICATION

  1. University DDoS attack leads to $8.6 million fine, house arrest for New Jersey man
  2. Facebook removes Iranian influence campaign as midterms near
  3. PoC Attack Leverages Microsoft Office and YouTube to Deliver Malware
  4. CVE-2018-14665 privilege escalation flaw affects popular Linux distros
  5. Pocket iNET ISP Exposed 73GB of Sensitive Data On Misconfigured S3 Bucket
  6. CVE-2018-9206 was maliciously exploited that multiple websites were linked to the search page to jump to the betting site
  7. Researchers report vulnerability in Microsoft Word's online video feature
  8. Airline Discovers Trove of Frequent Flyer Accounts Compromised and Posted for Sale Online:
  9. Spammers Behind Historic Data Breach Affecting Millions of Facebook Users
  10. New Malware Abusing Two Legitimate Windows Files to Steal Victims Personal Data
  11. Zero-day vulnerability in Windows allows privileges escalation

FOOD

Nil

WATER

Nil

ENERGY

  1. GreyEnergy cyberespionage group targets Poland and Ukraine
  2. Russian sabotage in Saudi petrochemicals

GOVERNMENT & PUBLIC SERVICE

  1. Campaign 2018: New malware attacks target voters in key battleground states
  2. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  3. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  4. .@FireEye #security researchers claimed the Russian government was 'most likely' behind the #Triton #malware attack on an industrial control system
  5. North Korea Backed Two Cryptocurrency Scams This Year, Says Report
  6. Russian sabotage in Saudi petrochemicals
at
Labels:

Daily brief for 2018-10-26

ASIA

  1. GreyEnergy cyberespionage group targets Poland and Ukraine
  2. Facebook removes Iranian influence campaign as midterms near
  3. Exploits Block List Grows 50% Because of Spambot, Avalanche/Gamarue botnet
  4. CVE-2018-14665 privilege escalation flaw affects popular Linux distros
  5. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  6. Tracking Tick Through Recent Campaigns Targeting East Asia
  7. .@FireEye #security researchers claimed the Russian government was 'most likely' behind the #Triton #malware attack on an industrial control system
  8. North Korea regime using and exploiting cryptocurrencies
  9. North Korea Backed Two Cryptocurrency Scams This Year, Says Report
  10. LIVE NETWORKS LIVE555 Streaming Media RTSP Server Remote Code Execution Vulnerability(CVE-2018-4013) Threat Alert
  11. New Privilege Escalation Flaw Affects Most Linux Distributions
  12. Operation Oceansalt
  13. Hackers attack Cathay Pacific
  14. China’s Alibaba Cloud Expands Enterprise Blockchain Offering to Global Markets
  15. Russian sabotage in Saudi petrochemicals

WORLD

  1. British Airways: additional 185,000 passengers may have been affected
  2. University DDoS attack leads to $8.6 million fine, house arrest for New Jersey man
  3. GreyEnergy cyberespionage group targets Poland and Ukraine
  4. British Airways: 185K Affected in Second Data Breach
  5. BA Website Hijacked by Magecart. Again. | Avast
  6. British Airways Data Breach Takes Off Again with 185K More Victims
  7. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  8. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  9. US Counters Russian Influence & Magecart Hacks Magento | Avast
  10. .@FireEye #security researchers claimed the Russian government was 'most likely' behind the #Triton #malware attack on an industrial control system
  11. BA website and data breach by Magecart deeper than first thought
  12. North Korea Backed Two Cryptocurrency Scams This Year, Says Report
  13. What a crane in the ass: Bug leaves construction machinery vulnerable to evil command injection
  14. No Place for Security as Cryptocurrency Skills Demand Soars
  15. BA Breach: An Extra 185K Customers Notified
  16. British Airways data breach worse than thought
  17. Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol
  18. Hackers attack Cathay Pacific
  19. China’s Alibaba Cloud Expands Enterprise Blockchain Offering to Global Markets
  20. Second attack against British Airways is disclosed
  21. Russian sabotage in Saudi petrochemicals

ATTACKS

  1. ThreatList: 1 Out of 5 Would Ditch a Business After a Data Breach
  2. Facebook removes Iranian influence campaign as midterms near
  3. Bushido-Powered DDoS Service Whipped Up from Leaked Code
  4. British Airways: 185K Affected in Second Data Breach
  5. British Airways Data Breach Takes Off Again with 185K More Victims
  6. Microsoft bug makes phishing easy, says cybersecurity firm
  7. Settlement in Yahoo data breach leaves company to pay $50M
  8. Pocket iNET ISP Exposed 73GB of Sensitive Data On Misconfigured S3 Bucket
  9. Campaign 2018: New malware attacks target voters in key battleground states
  10. Cathay Pacific Hacked, Personal Data For 9.4 Million Passengers Compromised
  11. PhishX –Spear Phishing Tool for Capturing Credentials
  12. Tracking Tick Through Recent Campaigns Targeting East Asia
  13. Details of 9mil compromised in Cathay Pacific data leak
  14. Cathay Pacific Suffered Data Breach Affecting 9.4 Million Customers
  15. BA website and data breach by Magecart deeper than first thought
  16. Malicious actors attacked a back-end insurance system and the resulting @HealthCareGov #breach exposed an unknown amount of data on 75,000
  17. Cathay Pacific hack: Personal data of up to 9.4 million airline passengers laid bare
  18. Cathay Pacific Says 9.4 Million Affected by Data Breach
  19. A #ZeroDay in the popular #jQuery File Upload plugin could affect thousands of projects and the jQuery #plugin vulnerability may
  20. Airline Discovers Trove of Frequent Flyer Accounts Compromised and Posted for Sale Online:
  21. British Airways data breach worse than thought
  22. Spammers Behind Historic Data Breach Affecting Millions of Facebook Users
  23. Cathay Pacific Airways Confirm Data Breach of its Customers
  24. “Advanced attacks, spear-phishing and data breaches are the norm, instead of the exception. We need to address these issues with
  25. New Malware Abusing Two Legitimate Windows Files to Steal Victims Personal Data

THREATS

  1. Due to Misconfigured Component: DemonBot Malware Infects Multiple Apache Hadoop Servers
  2. PoC Attack Leverages Microsoft Office and YouTube to Deliver Malware
  3. CVE-2018-14665 privilege escalation flaw affects popular Linux distros
  4. Cloudflare WAF Bypass Vulnerability Discovered
  5. Code Execution Vulnerability Patched in Cross-Platform MKVToolNix Toolset
  6. The Week in Ransomware - October 26th 2018 - Decryptors, RaaS, and More
  7. Vulnerability Spotlight: Talos-2018-0694 – MKVToolNix mkvinfo read_one_element Code Execution Vulnerability
  8. ICMP Shell- Secret Command and Control Channel to Control Victims Machine Using Ping
  9. Microsoft bug makes phishing easy, says cybersecurity firm
  10. Scammers use old browser trick to create fake virus download
  11. A flaw in @Cisco Webex -- called WebExec -- can allow #RemoteCodeExecution. And while experts don't agree on how dangerous
  12. Campaign 2018: New malware attacks target voters in key battleground states
  13. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  14. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  15. Pentagon Expands Bug Bounty To Include Physical Systems
  16. WebExec vulnerability leaves Webex open to insider attacks
  17. DeepPhish: Simulating Malicious AI to Act Like an Adversary
  18. Trivial Bug in X.Org Gives Root Permission on Linux and BSD Systems
  19. .@FireEye #security researchers claimed the Russian government was 'most likely' behind the #Triton #malware attack on an industrial control system
  20. North Korea regime using and exploiting cryptocurrencies
  21. Researchers discovered a vulnerability in Cisco #Webex, called #WebExec, which allows local attackers to issue commands as privileged users. @iagox86
  22. Malicious actors attacked a back-end insurance system and the resulting @HealthCareGov #breach exposed an unknown amount of data on 75,000
  23. 3 Keys to Reducing the Threat of Ransomware
  24. Cisco patches command injection bug in Webex Meetings Desktop App for Windows
  25. North Korea Backed Two Cryptocurrency Scams This Year, Says Report
  26. CVE-2018-9206 was maliciously exploited that multiple websites were linked to the search page to jump to the betting site
  27. CVE-2018-14665: Xorg X Server privilege escalation vulnerabilities
  28. What a crane in the ass: Bug leaves construction machinery vulnerable to evil command injection
  29. An innovative partnership could help Cyber Command fight malware
  30. Researchers report vulnerability in Microsoft Word's online video feature
  31. A #ZeroDay in the popular #jQuery File Upload plugin could affect thousands of projects and the jQuery #plugin vulnerability may
  32. No Place for Security as Cryptocurrency Skills Demand Soars
  33. Vulnerability Spotlight: Talos-2018-0694 - MKVToolNix mkvinfo read_one_element Code Execution Vulnerability
  34. What Is Gridcoin and How Can It Advance Science?
  35. LIVE NETWORKS LIVE555 Streaming Media RTSP Server Remote Code Execution Vulnerability(CVE-2018-4013) Threat Alert
  36. Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol
  37. New Privilege Escalation Flaw Affects Most Linux Distributions
  38. Top 5 Application Vulnerabilities: How to Prevent Risks
  39. 7 places to find threat intel beyond vulnerability databases
  40. New Malware Abusing Two Legitimate Windows Files to Steal Victims Personal Data
  41. China’s Alibaba Cloud Expands Enterprise Blockchain Offering to Global Markets
  42. Zero-day vulnerability in Windows allows privileges escalation
  43. How to become a Monero million(th)aire in just 20 minutes [PODCAST]

CRIME

  1. British Airways: additional 185,000 passengers may have been affected
  2. University DDoS attack leads to $8.6 million fine, house arrest for New Jersey man
  3. GreyEnergy cyberespionage group targets Poland and Ukraine
  4. BA Website Hijacked by Magecart. Again. | Avast
  5. Scammers use old browser trick to create fake virus download
  6. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  7. 23-year-old woman charged with stealing $320,000 worth of cryptocurrency
  8. North Korea Backed Two Cryptocurrency Scams This Year, Says Report
  9. No Place for Security as Cryptocurrency Skills Demand Soars
  10. BA Breach: An Extra 185K Customers Notified
  11. Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol
  12. Hackers attack Cathay Pacific
  13. Second attack against British Airways is disclosed
  14. Russian sabotage in Saudi petrochemicals

POLITICS

  1. GreyEnergy cyberespionage group targets Poland and Ukraine
  2. ICMP Shell- Secret Command and Control Channel to Control Victims Machine Using Ping
  3. Campaign 2018: New malware attacks target voters in key battleground states
  4. Tracking Tick Through Recent Campaigns Targeting East Asia
  5. US Counters Russian Influence & Magecart Hacks Magento | Avast
  6. Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol
  7. Russian sabotage in Saudi petrochemicals
at
Labels:

Oct 26, 2018

APT report for 2018-10-25

TRANSNATIONAL / UNKNOWN

  1. Cutwail Spam Campaign Uses Steganography to Distribute URLZone
  2. British Airways has some good news and bad news about its payment breach
  3. 77K Additional Customers Affected by British Airways' MageCart Data Breach
  4. 5 Common Visibility Gaps Your Enterprise Security Plan Can’t Afford
  5. Cathay Pacific data breach affecting 9.4 million passengers

CHINA

Nil

INDIA

Nil

NORTH KOREA

Nil

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

  1. ICS and IIoT Increasingly Vulnerable to Hackers
  2. CNI Campaign TRITON Linked to Russian Institute

SERBIA

Nil

UKRAINE

  1. Cobalt Group tries to slip malicious PDFs past bank employees, researchers say
  2. New Techniques to Uncover and Attribute Cobalt Gang Commodity Builders and Infrastructure Revealed
at
Labels:

Platform report for 2018-10-25

WINDOWS

  1. Cutwail Spam Campaign Uses Steganography to Distribute URLZone
  2. Misconfigured Container Abused to Deliver Cryptocurrency-mining Malware
  3. WINDOWS ZERO-DAY BY SANDBOXESCAPER
  4. ICS and IIoT Increasingly Vulnerable to Hackers
  5. New Techniques to Uncover and Attribute Cobalt Gang Commodity Builders and Infrastructure Revealed
  6. Experts discovered a severe command injection flaw in Cisco Webex Meetings Desktop
  7. Chalubo Botnet Compromise Your Server or IoT Device & Use it for DDOS Attack
  8. Windows 10 Update Fixed File Deletion Flaw But Not ZIP File Overwrite Bug
  9. Google Chrome 70.0.3538.77 released: Bugs fix
  10. Windows 10 bug overwrites files without confirmation

LINUX

  1. New security flaw impacts most Linux and BSD distros
  2. Misconfigured Container Abused to Deliver Cryptocurrency-mining Malware
  3. Chalubo Botnet Compromise Your Server or IoT Device & Use it for DDOS Attack

UNIX

Nil

ANDROID

  1. Another one bites the dust! In 2018 Android malware can bypass defences of billon dollar AV industry and Google Play
  2. 'TimpDoor' Malware Turns Android Devices into Proxies
  3. 5 Common Visibility Gaps Your Enterprise Security Plan Can’t Afford
  4. New Android Malware Turns Your Mobile Devices into Hidden Proxies

IOS

  1. 5 Common Visibility Gaps Your Enterprise Security Plan Can’t Afford
  2. iOS 12 has completely blocked password cracking tool, GrayKey

MACOS

  1. Mac Malware Injects Ads Into Encrypted Traffic
at
Labels:

Threat report for 2018-10-25

DATA BREACH & DATA LOSS

  1. Cutwail Spam Campaign Uses Steganography to Distribute URLZone
  2. Cathay Pacific hack: Personal data of up to 9.4 million airline passengers laid bare
  3. Another 185K Customers Potentially Affected by the British Airways Data Breach
  4. British Airways: Cyberattack, data theft bigger than we first thought
  5. Cathay Pacific data breach: 9.4 million passenger information at risk
  6. Data Breach Announced by CMS – Approximately 75,000 Individuals’ Files Affected
  7. Abandoned Web Apps Found as a Core Cause Behind High Profile Data Breaches
  8. Aftermath of the Data Breach: Cathay Pacific Customers Losing Confidence
  9. Questions Mount Over Delay After Cathay Pacific Admits Huge Data Leak
  10. Multiple Phishing Campaigns Target Universities
  11. 77K Additional Customers Affected by British Airways' MageCart Data Breach
  12. Cathay Pacific data breach exposes PII of 9.4 million customers
  13. Cathay Pacific data breach exposed 9.4m customers’ details
  14. Hackers steal personal data of up to 9.4 million Cathay Pacific passengers
  15. Hackers steal personal data of up to 9.4 million Cathay Pacific passengers
  16. CNI Campaign TRITON Linked to Russian Institute
  17. Chalubo Botnet Compromise Your Server or IoT Device & Use it for DDOS Attack
  18. Cathay Pacific data breach affecting 9.4 million passengers
  19. Data leak at consulting firm handling fundraisers for the Democratic party

DENIAL-OF-SERVICE

  1. New DDoS botnet goes after Hadoop enterprise servers
  2. New Botnet Launches DDoS Attacks on SSH Servers
  3. Chalubo Botnet Compromise Your Server or IoT Device & Use it for DDOS Attack
  4. NETSCOUT’s Arbor Cloud Expands DDoS Protection Across Asia

MALVERTISING

Nil

PHISHING

  1. Multiple Phishing Campaigns Target Universities
  2. Cofense Hunts Phishing Threats Round the Clock with Enhanced 24-hour Global Phishing Defense Services
  3. Learn how hackers used TLS certificates to launch @netflix #phishing attacks from expert Michael Cobb of @thehairyITdog
  4. iOS 12 has completely blocked password cracking tool, GrayKey

WEB DEFACEMENT

Nil

BOTNET

  1. New DDoS botnet goes after Hadoop enterprise servers
  2. Hacker creates seven new variants of the Mirai botnet | Avast
  3. New Botnet Launches DDoS Attacks on SSH Servers
  4. Chalubo Botnet Compromise Your Server or IoT Device & Use it for DDOS Attack

RANSOMWARE

  1. Experts released a free Decryption Tool for GandCrab ransomware
  2. New FilesLocker Ransomware Offered as a Ransomware as a Service
  3. GandCrab ransomware declawed with new decryption tool
  4. Files Encrypted by GandCrab Ransomware Can Now Be Decrypted for Free
  5. Bitdefender releases GandCrab ransomware decryption tool
  6. Free GrandCrab Ransomware Decryption Tool Released by Bitdefender
  7. Free Decrypter Available for the Latest GandCrab Ransomware Versions
  8. ESET releases new decryptor for Syrian victims of GandCrab ransomware
  9. Free decryption tool released for multiple GandCrab ransomware versions
  10. West Haven pays $2k USD because of ransomware attack
  11. GandCrab Ransomware decryption tool

CRYPTOMINING & CRYPTOCURRENCIES

  1. Misconfigured Container Abused to Deliver Cryptocurrency-mining Malware
  2. North Korea blamed for two cryptocurrency scams, five trading platform hacks
  3. Building shared digital identity using blockchain technology

MALWARE

  1. Misconfigured Container Abused to Deliver Cryptocurrency-mining Malware
  2. Malware Distributors Adopt DKIM to Bypass Mail Filters
  3. Cobalt Group tries to slip malicious PDFs past bank employees, researchers say
  4. Another one bites the dust! In 2018 Android malware can bypass defences of billon dollar AV industry and Google Play
  5. 'TimpDoor' Malware Turns Android Devices into Proxies
  6. Bypass an Anti Virus Detection with Encrypted Payloads using VENOM Tool
  7. #DidYouKnow AVG Free Antivirus received the highest rating of Advanced+ in @AV_Comparatives latest Malware Protection Test? Share AVG Free Antivirus with
  8. Malware Distributors Adopt DKIM to Bypass Mail Filters
  9. Mac Malware Injects Ads Into Encrypted Traffic
  10. .@FireEye researchers have attributed the #Triton #malware -- used in an attack on an industrial control system in Saudi Arabia
  11. FireEye ties Russia to Triton malware attack in Saudi Arabia
  12. Our threat intelligence lead Chris Dawson (@mrdatahs) discussing new @proofpoint Threat Insight #Malware research with @threatpost.
  13. FireEye links Triton Malware to Russian Research Institute
  14. .@FireEye security researchers claimed the Russian government was 'most likely' behind the Triton #malware attack on an industrial control system
  15. Russian-Made Malware Used to Attack Saudi Petrol Plant, Claims FireEye
  16. What is application security? A process and tools for securing software
  17. [BLOG] When #malware actor realizes that he can make more money by himself and transform his dropper into banking malware,
  18. New Android Malware Turns Your Mobile Devices into Hidden Proxies

EXPLOIT

  1. Researchers recently found vulnerabilities in #robot controllers from @Universal_Robot. Learn what these robot controllers do and how #ThreatActors exploit these

VULNERABILITY

  1. New security flaw impacts most Linux and BSD distros
  2. Multiple Vulnerabilities Patched in ASRock Drivers
  3. Unusual Remote Execution Bug in Cisco WebEx Discovered by Researchers
  4. WINDOWS ZERO-DAY BY SANDBOXESCAPER
  5. Sophos Patches RCE and Memory Disclosure Vulnerabilities in
  6. Vulnerability Spotlight: TALOS-2018-0635/0636 – Sophos HitmanPro.Alert memory disclosure and code execution vulnerabilities
  7. Pentagon Expands Bug-Bounty Program to Include Physical Systems
  8. Researchers Find Command Injection Flaw in Cisco WebEx
  9. Researchers recently found vulnerabilities in #robot controllers from @Universal_Robot. Learn what these robot controllers do and how #ThreatActors exploit these
  10. Microsoft Acknowledges Zip File Overwrite Bug - Fix Coming in November
  11. Cisco releases fix for privilege escalation bug in Webex Meetings app
  12. Amazon IoT operating system FreeRTOS has serious vulnerabilities
  13. Experts discovered a severe command injection flaw in Cisco Webex Meetings Desktop
  14. You patch my back(up) and I'll patch yours... Arcserve bugs burrow remotely exploited holes in UDP storage systems
  15. Signal Desktop App Vulnerability Exposes Message Decryption Key To The Users
  16. Vulnerability Spotlight: TALOS-2018-0635/0636 - Sophos HitmanPro.Alert memory disclosure and code execution vulnerabilities
  17. Windows 10 Update Fixed File Deletion Flaw But Not ZIP File Overwrite Bug
  18. Google Chrome 70.0.3538.77 released: Bugs fix
  19. Win10 1803 big bug bash KB 4462933 joins earlier versions, a week late to the party
  20. FreeRTOS Multiple Remote Code Execution Vulnerabilities Threat Alert
  21. Java Usage Tracker Vulnerability
  22. Windows 10 bug overwrites files without confirmation
  23. Unusual Remote Execution Bug in Cisco WebEx Discovered by Researchers
at
Labels:
Subscribe to: Posts (Atom)