APT report for 2018-11-24

TRANSNATIONAL / UNKNOWN

Nil

CHINA

Nil

INDIA

Nil

NORTH KOREA

1. North Korea-linked group Lazarus targets Latin American banks

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

2. News of the Week: November 24, 2018

SERBIA

Nil

UKRAINE

Nil

Platform report for 2018-11-24

WINDOWS

1. TA505 Cybercrime Group Experimenting with a New RAT In The Wild

LINUX

2. CVE-2018-19406, CVE-2018-19407: Two DoS vulnerabilities on Linux Kernel
3. New Trojan mining on the Linux will steal user passwords & removes anti-viruses

UNIX

Nil

ANDROID

Nil

IOS

Nil

MACOS

4. MacOS Penetration Test Reveals Three Zero-Day Vulnerabilities

Threat report for 2018-11-24

DATA BREACH & DATA LOSS

Nil

DENIAL-OF-SERVICE

Nil

MALVERTISING

Nil

PHISHING

1. This week's #RiskAndRepeatPodcast digs into the debate over #WeakPasswords and password reuse, and asks: how much are users responsible for

WEB DEFACEMENT

Nil

BOTNET

Nil

RANSOMWARE

2. Quebec Dubbed As An Embarrassment After Paying $30,000 To Ransomware Authors
3. Powerful Mobile Malware Rotexy Launched over 70,000 Attacks with Banking Trojan & Ransomware Modules
4. .@TalosSecurity recently created a #decryptor that helps files affected by the #ransomware #Thanatos -- typically known to not decrypt files
5. SMBs suffered the brunt of ransomware attacks in 2018
6. The Week in Ransomware - November 23rd 2018 - STOP, Dharma, and More

CRYPTOMINING & CRYPTOCURRENCIES

Nil

MALWARE

7. Powerful Mobile Malware Rotexy Launched over 70,000 Attacks with Banking Trojan & Ransomware Modules
8. TA505 Cybercrime Group Experimenting with a New RAT In The Wild
9. Researchers at @okta found a bypass that allows #ThreatActors to pose files as legitimate @Apple files despite being #malware and
10. 42-year-old man Arrested For Hacking More than 2,000 Computers From 50 countries With DarkComet RAT
11. New Trojan mining on the Linux will steal user passwords & removes anti-viruses

EXPLOIT

Nil

VULNERABILITY

12. Adobe Patched A Critical Flash Player Vulnerability Disclosed Publicly
13. MacOS Penetration Test Reveals Three Zero-Day Vulnerabilities
14. CVE-2018-19406, CVE-2018-19407: Two DoS vulnerabilities on Linux Kernel
15. How has the @DLink #router vulnerability affected your enterprise?

Region brief for 2018-11-24

ASIA

1. North Korea-linked group Lazarus targets Latin American banks

OCEANIA

Nil

NORTH AMERICA

2. Quebec Dubbed As An Embarrassment After Paying $30,000 To Ransomware Authors
3. Adobe Patched A Critical Flash Player Vulnerability Disclosed Publicly
4. News of the Week: November 24, 2018
5. North Korea-linked group Lazarus targets Latin American banks

SOUTH AMERICA

Nil

EUROPE

6. 42-year-old man Arrested For Hacking More than 2,000 Computers From 50 countries With DarkComet RAT
7. New Trojan mining on the Linux will steal user passwords & removes anti-viruses

AFRICA

Nil

Sector brief for 2018-11-24

HEALTHCARE

Nil

TRANSPORT

Nil

BANKING & FINANCE

1. Quebec Dubbed As An Embarrassment After Paying $30,000 To Ransomware Authors
2. Powerful Mobile Malware Rotexy Launched over 70,000 Attacks with Banking Trojan & Ransomware Modules
3. North Korea-linked group Lazarus targets Latin American banks
4. .@TalosSecurity recently created a #decryptor that helps files affected by the #ransomware #Thanatos -- typically known to not decrypt files
5. TA505 Cybercrime Group Experimenting with a New RAT In The Wild

INFORMATION & TELECOMMUNICATION

6. Quebec Dubbed As An Embarrassment After Paying $30,000 To Ransomware Authors

FOOD

Nil

WATER

7. TA505 Cybercrime Group Experimenting with a New RAT In The Wild

ENERGY

Nil

GOVERNMENT & PUBLIC SERVICE

8. Quebec Dubbed As An Embarrassment After Paying $30,000 To Ransomware Authors
9. 42-year-old man Arrested For Hacking More than 2,000 Computers From 50 countries With DarkComet RAT

Daily brief for 2018-11-24

ASIA

1. North Korea-linked group Lazarus targets Latin American banks

WORLD

2. Quebec Dubbed As An Embarrassment After Paying $30,000 To Ransomware Authors
3. Adobe Patched A Critical Flash Player Vulnerability Disclosed Publicly
4. News of the Week: November 24, 2018
5. North Korea-linked group Lazarus targets Latin American banks
6. 42-year-old man Arrested For Hacking More than 2,000 Computers From 50 countries With DarkComet RAT
7. New Trojan mining on the Linux will steal user passwords & removes anti-viruses

ATTACKS

8. This week's #RiskAndRepeatPodcast digs into the debate over #WeakPasswords and password reuse, and asks: how much are users responsible for

THREATS

9. Quebec Dubbed As An Embarrassment After Paying $30,000 To Ransomware Authors
10. Adobe Patched A Critical Flash Player Vulnerability Disclosed Publicly
11. MacOS Penetration Test Reveals Three Zero-Day Vulnerabilities
12. Powerful Mobile Malware Rotexy Launched over 70,000 Attacks with Banking Trojan & Ransomware Modules
13. .@TalosSecurity recently created a #decryptor that helps files affected by the #ransomware #Thanatos -- typically known to not decrypt files
14. TA505 Cybercrime Group Experimenting with a New RAT In The Wild
15. Researchers at @okta found a bypass that allows #ThreatActors to pose files as legitimate @Apple files despite being #malware and
16. 42-year-old man Arrested For Hacking More than 2,000 Computers From 50 countries With DarkComet RAT
17. SMBs suffered the brunt of ransomware attacks in 2018
18. CVE-2018-19406, CVE-2018-19407: Two DoS vulnerabilities on Linux Kernel
19. New Trojan mining on the Linux will steal user passwords & removes anti-viruses
20. How has the @DLink #router vulnerability affected your enterprise?
21. The Week in Ransomware - November 23rd 2018 - STOP, Dharma, and More

CRIME

22. TA505 Cybercrime Group Experimenting with a New RAT In The Wild
23. New Trojan mining on the Linux will steal user passwords & removes anti-viruses

POLITICS

24. Quebec Dubbed As An Embarrassment After Paying $30,000 To Ransomware Authors
25. North Korea-linked group Lazarus targets Latin American banks

APT report for 2018-11-23

TRANSNATIONAL / UNKNOWN

1. Criminal turf war may be brewing after Magecart double whammy
2. Synthetic identity fraud to drive $48 billion in annual losses by 2023 – Juniper Research
3. The team discuss continuing activity by the Magecart group, as well as the ways in which #cybercriminals are gearing up

CHINA

4. US Says China Increased Hacking over Trade Dispute

INDIA

Nil

NORTH KOREA

5. North Korean Hackers Hit Latin American Banks

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

6. Week in security with Tony Anscombe
7. Phishing Used to Launch GreyEnergy's ICS Attacks
8. Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits

SERBIA

Nil

UKRAINE

Nil

Platform report for 2018-11-23

WINDOWS

1. NUI Galway’s Problem: Misplaced USB Flash Drive Containing Unencrypted Student Records
2. New Emotet Thanksgiving campaign differs from previous ones

LINUX

3. New Crypto-Miner Attacks Linux Machines, Kills Other Miners and Anti-Malware
4. DoS Vulnerabilities Found in Linux Kernel, Unpatched
5. Malware scum want to build a Linux botnet using Mirai
6. New Linux crypto-miner steals your root password and disables your antivirus
7. New Crypto Malware Spreading that Infects Linux Machines & Removes Anti-Virus

UNIX

Nil

ANDROID

8. Over 500k Play Store users have installed 13 games that contain malware

IOS

Nil

MACOS

9. VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition

Threat report for 2018-11-23

DATA BREACH & DATA LOSS

1. NUI Galway’s Problem: Misplaced USB Flash Drive Containing Unencrypted Student Records
2. Data breach in OSIsoft
3. Brazil's largest professional association suffers massive data leak
4. Amazon Snafu Exposed Customers' Names and Email Addresses
5. “Back in Black” – Article 13 has YouTube threatening to pull the plug over upload filter
6. New Emotet Thanksgiving campaign differs from previous ones
7. US Postal Service Website Left Data Exposed for Over a Year
8. .@Amazon unveils new settings to help users avoid S3 data leaks, but UpGuard's Chris Vickery, who uncovered most #AWS exposures,
9. Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits
10. A #phishing campaign was recently found to be hijacking the traffic of @Trezor user #cryptocurrency wallets. Learn how such an
11. Software company OSIsoft has suffered a data breach
12. SAVE 50% FOR BLACK FRIDAY! Get half off FREEDOME VPN and TOTAL with coupon code BLACKFRIDAY.
13. DNS Shell – Tool to Compromise and Maintain Control Over Victim Machine
14. @FSecure fait son #BlackFriday ! Profitez de 50% de remise sur une sélection de produits !
15. 60 million users’ data were exposed by the US Postal Service

DENIAL-OF-SERVICE

16. Why e-commerce needs DDoS protection for Cyber Monday

MALVERTISING

Nil

PHISHING

17. 8 tips for avoiding phishing, malware, scams, and hacks while holiday shopping online
18. New Linux crypto-miner steals your root password and disables your antivirus
19. Attackers Are Landing Email Inboxes Without the Need to Phish
20. Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
21. Phishing Used to Launch GreyEnergy's ICS Attacks
22. Southwest Washington Regional Surgery Center suffered a Phishing attack
23. A #phishing campaign was recently found to be hijacking the traffic of @Trezor user #cryptocurrency wallets. Learn how such an

WEB DEFACEMENT

Nil

BOTNET

24. Malware scum want to build a Linux botnet using Mirai
25. Deep Instinct recently blogged about a new #botnet -- dubbed #Mylobot -- that has shown new, complex tools and techniques.

RANSOMWARE

26. SMBs suffered the brunt of ransomware attacks in 2018
27. The number of ransomware attacks on individuals has come down as it has become harder to get them to pay,

CRYPTOMINING & CRYPTOCURRENCIES

28. Cryptocurrency ‘minting’ flaw could have leached money from exchanges
29. A #phishing campaign was recently found to be hijacking the traffic of @Trezor user #cryptocurrency wallets. Learn how such an

MALWARE

30. 8 tips for avoiding phishing, malware, scams, and hacks while holiday shopping online
31. New Crypto-Miner Attacks Linux Machines, Kills Other Miners and Anti-Malware
32. Malware scum want to build a Linux botnet using Mirai
33. Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
34. Black Friday special by Emotet: Filling inboxes with infected XML macros
35. Black Friday special by Emotet: Filling inboxes with infected XML macros
36. Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
37. VMware patches guest-to-host malware vulnerability
38. #WebCache poisoning poses a serious threat to #BrowserSecurity. Learn how #hackers can use unkeyed inputs for malicious intent from expert
39. Best way to Remove Malware on Mac, Including Other Unwanted Apps
40. New Crypto Malware Spreading that Infects Linux Machines & Removes Anti-Virus
41. Over 500k Play Store users have installed 13 games that contain malware

EXPLOIT

Nil

VULNERABILITY

42. DoS Vulnerabilities Found in Linux Kernel, Unpatched
43. Apache Hadoop spins cracking code injection vulnerability YARN
44. German e-government SDK patched against ID spoofing vulnerability
45. US Postal Service Plugs API Flaw - One Year Later
46. VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition
47. Adobe Flash Player Remote Code Execution Vulnerability Threat Alert
48. Old Printer Vulnerabilities Die Hard
49. VMware Patches Workstation Flaw Disclosed at Hacking Contest
50. Cryptocurrency ‘minting’ flaw could have leached money from exchanges
51. USPS Bug affects 60 Million Users, Finally Fixed.
52. German eID vulnerability allows hackers to change identities
53. VMware patches guest-to-host malware vulnerability
54. Internet connected devices might be the hot item for Christmas this year, but are they secure?
55. Hacker says USPS ignored serious security flaw for over a year
56. CVE-2018-6983: integer overflow vulnerability in VMware Workstation and Fusion

Region brief for 2018-11-23

ASIA

1. US Says China Increased Hacking over Trade Dispute
2. North Korean Hackers Hit Latin American Banks
3. VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition
4. Adobe Flash Player Remote Code Execution Vulnerability Threat Alert
5. VMware Patches Workstation Flaw Disclosed at Hacking Contest

OCEANIA

Nil

NORTH AMERICA

6. Data breach in OSIsoft
7. US Postal Service Plugs API Flaw - One Year Later
8. US Says China Increased Hacking over Trade Dispute
9. North Korean Hackers Hit Latin American Banks
10. VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition
11. New Emotet Thanksgiving campaign differs from previous ones
12. US Postal Service Website Left Data Exposed for Over a Year
13. Hacker says USPS ignored serious security flaw for over a year
14. Synthetic identity fraud to drive $48 billion in annual losses by 2023 – Juniper Research
15. Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits
16. Southwest Washington Regional Surgery Center suffered a Phishing attack
17. 60 million users’ data were exposed by the US Postal Service
18. The team discuss continuing activity by the Magecart group, as well as the ways in which #cybercriminals are gearing up

SOUTH AMERICA

19. Brazil's largest professional association suffers massive data leak

EUROPE

20. NUI Galway’s Problem: Misplaced USB Flash Drive Containing Unencrypted Student Records
21. New Crypto-Miner Attacks Linux Machines, Kills Other Miners and Anti-Malware
22. German e-government SDK patched against ID spoofing vulnerability
23. Phishing Used to Launch GreyEnergy's ICS Attacks
24. Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
25. Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
26. German eID vulnerability allows hackers to change identities
27. Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits

AFRICA

Nil

Sector brief for 2018-11-23

HEALTHCARE

1. US Says China Increased Hacking over Trade Dispute
2. Southwest Washington Regional Surgery Center suffered a Phishing attack

TRANSPORT

3. US Says China Increased Hacking over Trade Dispute

BANKING & FINANCE

4. North Korean Hackers Hit Latin American Banks
5. New Emotet Thanksgiving campaign differs from previous ones
6. Synthetic identity fraud to drive $48 billion in annual losses by 2023 – Juniper Research

INFORMATION & TELECOMMUNICATION

7. New Crypto-Miner Attacks Linux Machines, Kills Other Miners and Anti-Malware
8. Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
9. “Back in Black” – Article 13 has YouTube threatening to pull the plug over upload filter
10. Internet connected devices might be the hot item for Christmas this year, but are they secure?
11. SAVE 50% FOR BLACK FRIDAY! Get half off FREEDOME VPN and TOTAL with coupon code BLACKFRIDAY.
12. The number of ransomware attacks on individuals has come down as it has become harder to get them to pay,
13. Over 500k Play Store users have installed 13 games that contain malware

FOOD

Nil

WATER

Nil

ENERGY

14. US Says China Increased Hacking over Trade Dispute

GOVERNMENT & PUBLIC SERVICE

15. German e-government SDK patched against ID spoofing vulnerability
16. US Says China Increased Hacking over Trade Dispute
17. Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
18. Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
19. US Postal Service Website Left Data Exposed for Over a Year
20. Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits
21. 60 million users’ data were exposed by the US Postal Service

Daily brief for 2018-11-23

ASIA

1. US Says China Increased Hacking over Trade Dispute
2. North Korean Hackers Hit Latin American Banks
3. VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition
4. Adobe Flash Player Remote Code Execution Vulnerability Threat Alert
5. VMware Patches Workstation Flaw Disclosed at Hacking Contest

WORLD

6. NUI Galway’s Problem: Misplaced USB Flash Drive Containing Unencrypted Student Records
7. Data breach in OSIsoft
8. New Crypto-Miner Attacks Linux Machines, Kills Other Miners and Anti-Malware
9. Brazil's largest professional association suffers massive data leak
10. German e-government SDK patched against ID spoofing vulnerability
11. US Postal Service Plugs API Flaw - One Year Later
12. US Says China Increased Hacking over Trade Dispute
13. North Korean Hackers Hit Latin American Banks
14. VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition
15. Phishing Used to Launch GreyEnergy's ICS Attacks
16. New Emotet Thanksgiving campaign differs from previous ones
17. Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
18. Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
19. US Postal Service Website Left Data Exposed for Over a Year
20. German eID vulnerability allows hackers to change identities
21. Hacker says USPS ignored serious security flaw for over a year
22. Synthetic identity fraud to drive $48 billion in annual losses by 2023 – Juniper Research
23. Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits
24. Southwest Washington Regional Surgery Center suffered a Phishing attack
25. 60 million users’ data were exposed by the US Postal Service
26. The team discuss continuing activity by the Magecart group, as well as the ways in which #cybercriminals are gearing up

ATTACKS

27. NUI Galway’s Problem: Misplaced USB Flash Drive Containing Unencrypted Student Records
28. Data breach in OSIsoft
29. 8 tips for avoiding phishing, malware, scams, and hacks while holiday shopping online
30. Brazil's largest professional association suffers massive data leak
31. Amazon Snafu Exposed Customers' Names and Email Addresses
32. New Linux crypto-miner steals your root password and disables your antivirus
33. Attackers Are Landing Email Inboxes Without the Need to Phish
34. Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
35. “Back in Black” – Article 13 has YouTube threatening to pull the plug over upload filter
36. Phishing Used to Launch GreyEnergy's ICS Attacks
37. New Emotet Thanksgiving campaign differs from previous ones
38. US Postal Service Website Left Data Exposed for Over a Year
39. .@Amazon unveils new settings to help users avoid S3 data leaks, but UpGuard's Chris Vickery, who uncovered most #AWS exposures,
40. Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits
41. Southwest Washington Regional Surgery Center suffered a Phishing attack
42. A #phishing campaign was recently found to be hijacking the traffic of @Trezor user #cryptocurrency wallets. Learn how such an
43. Software company OSIsoft has suffered a data breach
44. SAVE 50% FOR BLACK FRIDAY! Get half off FREEDOME VPN and TOTAL with coupon code BLACKFRIDAY.
45. DNS Shell – Tool to Compromise and Maintain Control Over Victim Machine
46. @FSecure fait son #BlackFriday ! Profitez de 50% de remise sur une sélection de produits !
47. 60 million users’ data were exposed by the US Postal Service

THREATS

48. 8 tips for avoiding phishing, malware, scams, and hacks while holiday shopping online
49. New Crypto-Miner Attacks Linux Machines, Kills Other Miners and Anti-Malware
50. DoS Vulnerabilities Found in Linux Kernel, Unpatched
51. Apache Hadoop spins cracking code injection vulnerability YARN
52. German e-government SDK patched against ID spoofing vulnerability
53. Malware scum want to build a Linux botnet using Mirai
54. US Postal Service Plugs API Flaw - One Year Later
55. VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition
56. Adobe Flash Player Remote Code Execution Vulnerability Threat Alert
57. Old Printer Vulnerabilities Die Hard
58. VMware Patches Workstation Flaw Disclosed at Hacking Contest
59. Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
60. Black Friday special by Emotet: Filling inboxes with infected XML macros
61. Black Friday special by Emotet: Filling inboxes with infected XML macros
62. Cryptocurrency ‘minting’ flaw could have leached money from exchanges
63. Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
64. USPS Bug affects 60 Million Users, Finally Fixed.
65. German eID vulnerability allows hackers to change identities
66. VMware patches guest-to-host malware vulnerability
67. Internet connected devices might be the hot item for Christmas this year, but are they secure?
68. Hacker says USPS ignored serious security flaw for over a year
69. #WebCache poisoning poses a serious threat to #BrowserSecurity. Learn how #hackers can use unkeyed inputs for malicious intent from expert
70. SMBs suffered the brunt of ransomware attacks in 2018
71. Best way to Remove Malware on Mac, Including Other Unwanted Apps
72. A #phishing campaign was recently found to be hijacking the traffic of @Trezor user #cryptocurrency wallets. Learn how such an
73. CVE-2018-6983: integer overflow vulnerability in VMware Workstation and Fusion
74. The number of ransomware attacks on individuals has come down as it has become harder to get them to pay,
75. New Crypto Malware Spreading that Infects Linux Machines & Removes Anti-Virus
76. Over 500k Play Store users have installed 13 games that contain malware

CRIME

77. Data breach in OSIsoft
78. US Says China Increased Hacking over Trade Dispute
79. Synthetic identity fraud to drive $48 billion in annual losses by 2023 – Juniper Research
80. Software company OSIsoft has suffered a data breach
81. The team discuss continuing activity by the Magecart group, as well as the ways in which #cybercriminals are gearing up

POLITICS

82. NUI Galway’s Problem: Misplaced USB Flash Drive Containing Unencrypted Student Records
83. US Says China Increased Hacking over Trade Dispute
84. Synthetic identity fraud to drive $48 billion in annual losses by 2023 – Juniper Research
85. Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits

APT report for 2018-11-22

TRANSNATIONAL / UNKNOWN

1. #Irisscon: Stop Siloing Vulnerability Management to Deal with Old Bugs
2. Podcast: Breaking Down the Magecart Threat (Part One)

CHINA

Nil

INDIA

Nil

NORTH KOREA

3. VB2018 paper: Since the hacking of Sony Pictures

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

Nil

SERBIA

Nil

UKRAINE

Nil

Platform report for 2018-11-22

WINDOWS

1. Google’s Practical Action Against Malware and Its Authors
2. [SingCERT] Alert on Adobe Flash Player Vulnerability (CVE-2018-15981)
3. Update now! Adobe Flash has another critical security vulnerability

LINUX

4. Mirai DDoS baddies take enterprise Linux servers over consumer routers
5. [SingCERT] Alert on Adobe Flash Player Vulnerability (CVE-2018-15981)
6. SSL vulnerability scanner – MassBleed
7. Update now! Adobe Flash has another critical security vulnerability
8. Experts found first Mirai bot targeting Linux servers via Hadoop YARN flaw

UNIX

Nil

ANDROID

9. Google’s Practical Action Against Malware and Its Authors
10. #DidYouKnow A single subscription of AVG Internet Security covers every PC in your family? It also includes webcam and ransomware protection,
11. The Rotexy mobile Trojan – banker and ransomware

IOS

12. Google’s Practical Action Against Malware and Its Authors

MACOS

13. [SingCERT] Alert on Adobe Flash Player Vulnerability (CVE-2018-15981)
14. A bypass was found by @okta researchers that allows #macOS #malware to pose as @Apple files despite needing to be
15. Researchers recently discovered a new #MacOS #malware that targets #cryptocurrency investors through chat platforms. Discover how this is possible and

Threat report for 2018-11-22

DATA BREACH & DATA LOSS

1. Almost 9,5 Million PII Records Leaked by Data Aggregator Adapt
2. China Boosted Technology and Intellectual Property Theft Operations Says USTR
3. USPS reportedly fixes website bug that exposed data of 60M users
4. Facebook 'walking dangerous line' as it appeals record fine
5. USPS finally fixes website flaw that exposed 60 million users' data
6. Furry erotica site 'High Tail Hall' exposed data of nearly 500K users
7. The July edition of Beazley Breach Insights found that business email compromise attacks have been rising steadily. Is business email
8. US Postal Service website vulnerability leaked 60 million user data
9. Amazon technical failure caused to leaks users’ email addresses
10. US Postal Service Left 60 Million Users Data Exposed For Over a Year
11. Amazon Suffered Data Breach – Customers Name & Email Addresses Exposed
12. Data breaches in schools: How should an academic institution report a security incident to comply with the GDPR?
13. 500K Italian Public Administration Email Accounts Compromised By Targeted Attack
14. New @awscloud settings will allow users to batch change permissions with the aim of avoiding accidental S3 data leaks, but

DENIAL-OF-SERVICE

15. Mirai DDoS baddies take enterprise Linux servers over consumer routers
16. Emoji Kitten Denial Of Service Attack Continues to Haunt Skype

MALVERTISING

Nil

PHISHING

17. LastPass login problems caused by cascading server failure
18. Come evitare che le tue #password diventino la chiave di accesso ai tuoi account
19. PSA: Phishing Levels Rise Ahead of Black Friday and Cyber Monday
20. Phishing Attack Compromises Health First Patients’ Data

WEB DEFACEMENT

Nil

BOTNET

Nil

RANSOMWARE

21. #DidYouKnow A single subscription of AVG Internet Security covers every PC in your family? It also includes webcam and ransomware protection,
22. Aurora / Zorro Ransomware Actively Being Distributed
23. How does @TalosSecurity's discovery change the way you or your enterprise views #ransomware?
24. The Rotexy mobile Trojan – banker and ransomware

CRYPTOMINING & CRYPTOCURRENCIES

25. Silicon Valley Hacker Swipes Millions Worth of Cryptocurrency Using SIM Swapping
26. SIM swap! Man charged after million dollar cryptocurrency theft
27. SIM swap! Man charged after million dollar cryptocurrency theft
28. Researchers recently discovered a new #MacOS #malware that targets #cryptocurrency investors through chat platforms. Discover how this is possible and
29. North Korea To Host Cryptocurrency and Blockchain Conference

MALWARE

30. Google’s Practical Action Against Malware and Its Authors
31. Rotexy Mobile Trojan Launches 70k+ Attacks in Three Months
32. Found this picture of myself doing an internal briefing on the Nimda worm in 2001. Note the size of the
33. A bypass was found by @okta researchers that allows #macOS #malware to pose as @Apple files despite needing to be
34. The Rotexy mobile Trojan – banker and ransomware
35. Researchers recently discovered a new #MacOS #malware that targets #cryptocurrency investors through chat platforms. Discover how this is possible and
36. Research reveals that 44% of industrial facilities have USB malware risks
37. Do you believe that the application #security vetting process would benefit from the addition of an entropy source?
38. Emotet malware runs on a dual infrastructure to avoid downtime and takedowns
39. Hacking Syndicate TA505 Back with Focus on Info-Stealing Trojan

EXPLOIT

40. How Dropbox's red team discovered an Apple zero-day exploit chain by accident
41. How was a black box attack used to exploit ATM vulnerabilities?

VULNERABILITY

42. USPS reportedly fixes website bug that exposed data of 60M users
43. [SingCERT] Alert on Adobe Flash Player Vulnerability (CVE-2018-15981)
44. #Irisscon: Stop Siloing Vulnerability Management to Deal with Old Bugs
45. .@radware #cybersecurity researchers found hackers to be targeting bank users via a #router vulnerability. Learn how a fake banking site
46. Cross-site search attack applied to snoop on Google’s bug tracker
47. Facebook And Instagram Went Down Due To A Server Bug
48. SSL vulnerability scanner – MassBleed
49. Flaw allowing identity spoofing affects authentication based on German eID cards
50. USPS finally fixes website flaw that exposed 60 million users' data
51. Update now! Adobe Flash has another critical security vulnerability
52. How Dropbox's red team discovered an Apple zero-day exploit chain by accident
53. How was a black box attack used to exploit ATM vulnerabilities?
54. CyberSecurity Asean security alert on Multiple Vulnerabilities in VMware vSphere Data Protection Could Allow for Remote Code Execution
55. Experts found first Mirai bot targeting Linux servers via Hadoop YARN flaw
56. VMware Releases Critical Security Updates for Multiple Vulnerabilities
57. US Postal Service website vulnerability leaked 60 million user data
58. Facebook Increases Average Bounty rewards for High Impact Vulnerabilities
59. Facebook raises rewards for a security vulnerabilities to $40,000

Region brief for 2018-11-22

ASIA

1. China Boosted Technology and Intellectual Property Theft Operations Says USTR
2. The Rotexy mobile Trojan – banker and ransomware
3. North Korea To Host Cryptocurrency and Blockchain Conference

OCEANIA

Nil

NORTH AMERICA

4. China Boosted Technology and Intellectual Property Theft Operations Says USTR
5. USPS finally fixes website flaw that exposed 60 million users' data
6. Research reveals that 44% of industrial facilities have USB malware risks
7. North Korea To Host Cryptocurrency and Blockchain Conference
8. US Postal Service website vulnerability leaked 60 million user data
9. Amazon technical failure caused to leaks users’ email addresses
10. US Postal Service Left 60 Million Users Data Exposed For Over a Year

SOUTH AMERICA

Nil

EUROPE

11. Flaw allowing identity spoofing affects authentication based on German eID cards
12. The Rotexy mobile Trojan – banker and ransomware
13. North Korea To Host Cryptocurrency and Blockchain Conference
14. 500K Italian Public Administration Email Accounts Compromised By Targeted Attack

AFRICA

Nil

Sector brief for 2018-11-22

HEALTHCARE

1. Phishing Attack Compromises Health First Patients’ Data
2. Data breaches in schools: How should an academic institution report a security incident to comply with the GDPR?

TRANSPORT

Nil

BANKING & FINANCE

3. Rotexy Mobile Trojan Launches 70k+ Attacks in Three Months
4. .@radware #cybersecurity researchers found hackers to be targeting bank users via a #router vulnerability. Learn how a fake banking site
5. VB2018 paper: Since the hacking of Sony Pictures
6. The Rotexy mobile Trojan – banker and ransomware
7. How was a black box attack used to exploit ATM vulnerabilities?
8. Hacking Syndicate TA505 Back with Focus on Info-Stealing Trojan
9. Facebook raises rewards for a security vulnerabilities to $40,000
10. Data breaches in schools: How should an academic institution report a security incident to comply with the GDPR?

INFORMATION & TELECOMMUNICATION

11. Facebook And Instagram Went Down Due To A Server Bug
12. #DidYouKnow A single subscription of AVG Internet Security covers every PC in your family? It also includes webcam and ransomware protection,
13. Facebook 'walking dangerous line' as it appeals record fine
14. Emoji Kitten Denial Of Service Attack Continues to Haunt Skype
15. Found this picture of myself doing an internal briefing on the Nimda worm in 2001. Note the size of the
16. North Korea To Host Cryptocurrency and Blockchain Conference
17. Amazon technical failure caused to leaks users’ email addresses
18. Facebook Increases Average Bounty rewards for High Impact Vulnerabilities
19. Facebook raises rewards for a security vulnerabilities to $40,000

FOOD

Nil

WATER

Nil

ENERGY

Nil

GOVERNMENT & PUBLIC SERVICE

20. Flaw allowing identity spoofing affects authentication based on German eID cards
21. CyberSecurity Asean security alert on Multiple Vulnerabilities in VMware vSphere Data Protection Could Allow for Remote Code Execution
22. North Korea To Host Cryptocurrency and Blockchain Conference
23. US Postal Service Left 60 Million Users Data Exposed For Over a Year

Daily brief for 2018-11-22

ASIA

1. China Boosted Technology and Intellectual Property Theft Operations Says USTR
2. The Rotexy mobile Trojan – banker and ransomware
3. North Korea To Host Cryptocurrency and Blockchain Conference

WORLD

4. China Boosted Technology and Intellectual Property Theft Operations Says USTR
5. Flaw allowing identity spoofing affects authentication based on German eID cards
6. USPS finally fixes website flaw that exposed 60 million users' data
7. The Rotexy mobile Trojan – banker and ransomware
8. Research reveals that 44% of industrial facilities have USB malware risks
9. North Korea To Host Cryptocurrency and Blockchain Conference
10. US Postal Service website vulnerability leaked 60 million user data
11. Amazon technical failure caused to leaks users’ email addresses
12. US Postal Service Left 60 Million Users Data Exposed For Over a Year
13. 500K Italian Public Administration Email Accounts Compromised By Targeted Attack

ATTACKS

14. Almost 9,5 Million PII Records Leaked by Data Aggregator Adapt
15. China Boosted Technology and Intellectual Property Theft Operations Says USTR
16. USPS reportedly fixes website bug that exposed data of 60M users
17. Facebook 'walking dangerous line' as it appeals record fine
18. USPS finally fixes website flaw that exposed 60 million users' data
19. LastPass login problems caused by cascading server failure
20. Furry erotica site 'High Tail Hall' exposed data of nearly 500K users
21. The July edition of Beazley Breach Insights found that business email compromise attacks have been rising steadily. Is business email
22. Come evitare che le tue #password diventino la chiave di accesso ai tuoi account
23. PSA: Phishing Levels Rise Ahead of Black Friday and Cyber Monday
24. Phishing Attack Compromises Health First Patients’ Data
25. US Postal Service website vulnerability leaked 60 million user data
26. Amazon technical failure caused to leaks users’ email addresses
27. US Postal Service Left 60 Million Users Data Exposed For Over a Year
28. Amazon Suffered Data Breach – Customers Name & Email Addresses Exposed
29. Data breaches in schools: How should an academic institution report a security incident to comply with the GDPR?
30. 500K Italian Public Administration Email Accounts Compromised By Targeted Attack
31. New @awscloud settings will allow users to batch change permissions with the aim of avoiding accidental S3 data leaks, but

THREATS

32. Silicon Valley Hacker Swipes Millions Worth of Cryptocurrency Using SIM Swapping
33. Google’s Practical Action Against Malware and Its Authors
34. USPS reportedly fixes website bug that exposed data of 60M users
35. [SingCERT] Alert on Adobe Flash Player Vulnerability (CVE-2018-15981)
36. #Irisscon: Stop Siloing Vulnerability Management to Deal with Old Bugs
37. Rotexy Mobile Trojan Launches 70k+ Attacks in Three Months
38. .@radware #cybersecurity researchers found hackers to be targeting bank users via a #router vulnerability. Learn how a fake banking site
39. Cross-site search attack applied to snoop on Google’s bug tracker
40. Facebook And Instagram Went Down Due To A Server Bug
41. SIM swap! Man charged after million dollar cryptocurrency theft
42. SIM swap! Man charged after million dollar cryptocurrency theft
43. #DidYouKnow A single subscription of AVG Internet Security covers every PC in your family? It also includes webcam and ransomware protection,
44. SSL vulnerability scanner – MassBleed
45. Aurora / Zorro Ransomware Actively Being Distributed
46. How does @TalosSecurity's discovery change the way you or your enterprise views #ransomware?
47. Flaw allowing identity spoofing affects authentication based on German eID cards
48. USPS finally fixes website flaw that exposed 60 million users' data
49. Update now! Adobe Flash has another critical security vulnerability
50. How Dropbox's red team discovered an Apple zero-day exploit chain by accident
51. Found this picture of myself doing an internal briefing on the Nimda worm in 2001. Note the size of the
52. A bypass was found by @okta researchers that allows #macOS #malware to pose as @Apple files despite needing to be
53. The Rotexy mobile Trojan – banker and ransomware
54. Researchers recently discovered a new #MacOS #malware that targets #cryptocurrency investors through chat platforms. Discover how this is possible and
55. How was a black box attack used to exploit ATM vulnerabilities?
56. Research reveals that 44% of industrial facilities have USB malware risks
57. CyberSecurity Asean security alert on Multiple Vulnerabilities in VMware vSphere Data Protection Could Allow for Remote Code Execution
58. Do you believe that the application #security vetting process would benefit from the addition of an entropy source?
59. Experts found first Mirai bot targeting Linux servers via Hadoop YARN flaw
60. VMware Releases Critical Security Updates for Multiple Vulnerabilities
61. Emotet malware runs on a dual infrastructure to avoid downtime and takedowns
62. North Korea To Host Cryptocurrency and Blockchain Conference
63. Hacking Syndicate TA505 Back with Focus on Info-Stealing Trojan
64. US Postal Service website vulnerability leaked 60 million user data
65. Facebook Increases Average Bounty rewards for High Impact Vulnerabilities
66. Facebook raises rewards for a security vulnerabilities to $40,000

CRIME

67. Silicon Valley Hacker Swipes Millions Worth of Cryptocurrency Using SIM Swapping
68. China Boosted Technology and Intellectual Property Theft Operations Says USTR
69. SIM swap! Man charged after million dollar cryptocurrency theft
70. SIM swap! Man charged after million dollar cryptocurrency theft
71. The Rotexy mobile Trojan – banker and ransomware
72. The July edition of Beazley Breach Insights found that business email compromise attacks have been rising steadily. Is business email
73. Hacking Syndicate TA505 Back with Focus on Info-Stealing Trojan
74. Data breaches in schools: How should an academic institution report a security incident to comply with the GDPR?

POLITICS

75. The Rotexy mobile Trojan – banker and ransomware
76. North Korea To Host Cryptocurrency and Blockchain Conference
77. Data breaches in schools: How should an academic institution report a security incident to comply with the GDPR?
78. 500K Italian Public Administration Email Accounts Compromised By Targeted Attack