Cyber WAR 2019-05-13.Pdf
Total Page:16
File Type:pdf, Size:1020Kb
05-13 Weekly Awareness Report (WAR) May 13, 2019 The Cyber Intelligence Report is an Open Source Intelligence AKA OSINT resource focusing on advanced persistent threats and other digital dangers received by over ten thousand individuals. APTs fit into a cybercrime category directed at both business and political targets. Attack vectors include system compromise, social engineering, and even traditional espionage. Included are clickable links to news stories, vulnerabilities, exploits, & other industry risk. Summary Symantec ThreatCon Low: Basic network posture This condition applies when there is no discernible network incident activity and no malicious code activity with a moderate or severe risk rating. Under these conditions, only a routine security posture, designed to defeat normal network threats, is warranted. Automated systems and alerting mechanisms should be used. Sophos: last 10 Malware Last 10 PUAs * Troj/Stealer-PA * Somoto BetterInstaller * Troj/Stealer-PB * XMRig Miner * Troj/DocDrp-HT * Adposhel * Troj/Trickbo-QX * Download Assistant * Troj/PShlBat-Z * AdvancedMacCleaner * Java/Adwind-FEI * Advanced Mac Tuneup * Java/Adwind-FEH * KuaiZip * Java/Adwind-FEG * IStartSurfInstaller * Java/Adwind-FEF * PowerTool * Troj/BokBot-S * DealPly Updater Interesting News * The 2019 DBIR is out We are happy to support a large, voluntary, collaborative effort like the 2019 Data Breach Investigations Report. While our data contribution is completely anonymous, it is based in some of the 2018 data set that our private report customers receive. * * The IWC Cyber Range is scheduled to release a new version May 1st. Ghidra and Grass Marlin are now installed along with several more Red/Blue Team tools. If you are interested, we have an active FaceBook Group and YouTube Channel. As always, if you have any suggestions, feel free to let us know. Subscribe if you would like to receive the CIR updates by sending us an email: [email protected] Index of Sections Current News * Packet Storm Security * Dark Reading * Krebs on Security * The Hacker News * Infosecurity Magazine * Threat Post * Naked Security * Quick Heal - Security Simplified Hacker Corner: Tools, Hacked Defacements, and Exploits * Security Conferences * Packet Storm Security Latest Published Tools * Zone-H Latest Published Website Defacements * Packet Storm Security Latest Published Exploits * Exploit Database Releases Advisories * Secunia Chart of Vulnerabilities Identified * US-Cert (Current Activity-Alerts-Bulletins) * Symantec's Latest List * Packet Storm Security's Latest List Credits News Packet Storm Security * SIM Hijacking Ring Dismantled By The Feds * SHA-1 Collision Attacks Are Now Actually Practical And A Looming Danger * Facebook Sues Analytics Firm Rankwave Over Alleged Data Misuse * Swedish Authorities Want To Extradite Julian Assange For Rape * North Korea Debuts New Electricfish Malware In Hidden Cobra Campaigns * Data Breaches A Time Bomb, Warns Security Report * Unhackable eyeDisk Flash Drive Exposes Passwords In Clear Text * Feds Charge Chinese National In 2015 Breach Of Anthem * Amazon Sellers Hit By Extensive Fraud Campaign * School Lunch Baron Allegedly Hacked Students' Data To Take Down His Competitor * CIA Camps Out In Anonymized Tor Network * Binance Exchange Hackers Steal Bitcoins Worth $41 Million * AirBNB Hosts Are Getting Creepy And Recording People * Cisco Elastic Services Controller Allows Takeover * Facebook Deletes More Accounts Linked To Russia * Amid Bug Bounty Hype, Sometimes Security Is Left In The Dust * Stolen NSA Hacking Tools Were Used In The Wild 14 Months Before Shadow Brokers Leak * 3rd Party Software Now Blamed For 737 MAX Fiasco * The Russians Are Using A Clever Microsoft Exchange Backdoor * In A First, Israel Responds To Hamas Hackers With An Air-Strike * Japanese Govt To Create And Maintain Defensive Malware * Australia's Cybersecurity Chief Alastair MacGibbon Resigns * Inside Facebook's War Room: The Battle To Protect EU Elections * Retefe Banking Trojan Resurfaces, Says Goodbye To Tor * Denial Of Service Event Impacted U.S. Power Utility Last Month Dark Reading * Korean APT Adds Rare Bluetooth Device-Harvester Tool * Thrangrycat Claws Cisco Customer Security * LockerGoga, MegaCortex Ransomware Share Unlikely Traits * Attacks on JavaScript Services Leak Info From Websites * Poorly Configured Server Exposes Most Panama Citizens' Data * 78% of Consumers Say Online Companies Must Protect Their Info * How Open Testing Standards Can Improve Security * Demystifying the Dark Web: What You Need to Know * Microsoft SharePoint Bug Exploited in the Wild * How We Collectively Can Improve Cyber Resilience * Symantec CEO Greg Clark Steps Down * Hackers Still Outpace Breach Detection, Containment Efforts * Bumper Crop of New Briefings Added for Black Hat USA * Data Dump Purportedly Reveals Details on Previously Unknown Iranian Threat Group * US DoJ Indicts Chinese Man for Anthem Breach * Nation-State Breaches Surged in 2018: Verizon DBIR * How the Skills Gap Strains - and Constrains - Security Pros * New Initiative Aims to Fast-Track Women into Cybersecurity Careers News Krebs on Security * Nine Charged in Alleged SIM Swapping Ring * What's Behind the Wolters Kluwer Tax Outage? * Feds Bust Up Dark Web Hub Wall Street Market * Credit Union Sues Fintech Giant Fiserv Over Security Claims * Data: E-Retail Hacks More Lucrative Than Ever * P2P Weakness Exposes Millions of IoT Devices * Who's Behind the RevCode WebMonitor RAT? * Marcus "MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking Malware * Wipro Intruders Targeted Other Major IT Firms * How Not to Acknowledge a Data Breach The Hacker News * U.S. Charges 9 'SIM Swapping' Attackers For Stealing $2.5 Million * North Korean Hackers Using ELECTRICFISH Tunnels to Exfiltrate Data * U.S. Charges Chinese Hacker For 2015 Anthem Data Breach * Ongoing Attack Stealing Credit Cards From Over A Hundred Shopping Sites * Unpatched Flaw in UC Browser Apps Could Let Hackers Launch Phishing Attacks * Google Chrome to Introduce Improved Cookie Controls Against Online Tracking * Baltimore City Shuts Down Most of Its Servers After Ransomware Attack * Binance Hacked — Hackers Stole Over $40 Million Worth Of Bitcoin * Cynet's Free Incident Response Tool — Stop Active Attacks With Greater Visibility * Microsoft Windows 10 will get a full built-in Linux Kernel for WSL 2 Security Week * US, EU Spar Over Sharing Electronic Evidence in Investigations * Nine Charged in SIM Hijacking Scheme * GAO Makes Recommendations to Improve Security of Taxpayer Data * New Bill Proposes Cybersecurity Training for U.S. House Members * Website Infections Holding Steady at 1%, But Attacks Becoming Stealthier: Report * Leak Reveals Activity of Iranian Hacking Group * An Ode to CISOs: How Real-World Risks Became Cyber Threats * Sectigo Acquires IoT Security Firm Icon Labs * North Korea-Linked 'ScarCruft' Adds Bluetooth Harvester to Toolkit * Remote Code Execution Flaw Found in Kaspersky Products * NVIDIA Patches High Severity Bugs in GPU Display Driver * Microsoft SharePoint Vulnerability Exploited in the Wild * Facebook Sues South Korea Data Analytics Firm * Over 100 Flaws Expose Buildings to Hacker Attacks * Android Q Enables TLS 1.3 Support by Default * Nigerian Cybercrime 'Group' Has 400 Malicious Actors * Symantec CEO Quits Unexpectedly, Stock Sinks After Missing Estimates * U.S. Charges Chinese Hackers Over Massive 2015 Anthem Breach * Russian Hackers Claim Breach of Three U.S. Anti-Virus Companies * U.S. Government Details ELECTRICFISH Malware Used by North Korea News Infosecurity Magazine * Malicious Attacks Cause of Most Aussie Breaches * ScarCruft APT Develops Malware to Target Bluetooth * Lawmakers Propose Cyber Training for Congress * WannaCry Remains a Global Threat Two Years On * ICO Calls Out HMRC for Illegal Biometric Data Collection * SMS Spammers Expose 80 Million Records Online * US Indicts Chinese Man for Anthem Breach * DHS Releases Analysis of ELECTRICFISH Malware * Photo App Develops Tool with User Images * Top Russian Hacking Group Breaches Three AV Companies Threat Post * Pair of Cisco Bugs, One Unpatched, Affect Millions of Devices * Twitter Leaks Apple iOS Users' Location Data to Ad Partner * ScarCruft APT Adds Bluetooth Harvester to its Malware Bag of Tricks * ThreatList: Top 5 Most Dangerous Attachment Types * FIN7 Linked to Escalating Active Exploits for Microsoft SharePoint Bug * News Wrap: Facebook Regulation, Verizon DBIR, Hidden Airbnb Cameras * The WannaCry Security Legacy and What's to Come * Nvidia Warns Windows Gamers on GPU Driver Flaws * ThreatList: Nigerian Cybercrime Surged 54 Percent in 2018 * 'Unhackable' Biometric USB Offers Up Passwords in Plain Text Naked Security * Two people indicted for massive Anthem health data breach * Study finds Android smartphones riddled with suspect 'bloatware' * Break up Facebook, cofounder says: it's an un-American monopoly * Monday review - the hot 18 stories of the week * Chrome browser pushes SameSite cookie security overhaul * 275m personal records swiped from exposed MongoDB database * FTC renews call for single federal privacy law * Airbnb Superhost's creepy spycam sniffed out by sleuthing infosec pro * Sextortion mail from yourself? It doesn't mean you've been hacked… * Metal keys beat smart locks in NYC legal battle Quick Heal - Security Simplified * Miners snatching open source tools to strengthen their malevolent power! * 5 ways to instantly detect a phishing email and save yourself from phishing