InfoSec News 20191004
Top News
-
Hackers Selling Business, Customer Data at Bargain Prices
"According to research from VPNOverview, your social media account sells for about $13. Your intimately personal information, including name, address and credit history, goes for a little bit more, in the $40-$200 range—about the same amount as your banking information goes for. (An individual’s most valuable piece of information appears to be the passport, with a UK passport worth $750.)"
TLP1 : Green
-
The lack of cybersecurity talent is a national security threat
"“It’s a national security risk that we don’t have the talent regardless of whether it’s in the government or the private sector,” said Manfra. “We have a massive shortage that is expected that will grow larger.”"
TLP1 : Green
-
Attacker breaches Comodo forums by exploiting vBulletin flaw
"More than 170,000 users of online forums operated by cybersecurity company Comodo Group reportedly had their data stolen by a malicious actor who exploited a recently disclosed vulnerability in vBulletin’s internet forum software."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
eGobbler Malvertiser Uses WebKit Exploit to Infect Over 1 Billion Ads
"Roughly 1.16 billion ad impressions have been hijacked in a malvertising campaign operated by a threat group dubbed eGobbler to redirect potential victims to malicious payloads, between August 1 and September 23."
TLP1 : Green
-
Cybersecurity Awareness Month Provides Opportunity To Increase Urgency of Actions to Protect U.S. Electric Grid
"“While we don’t see graphic images flashing across television screens, the harsh reality is that our nation is under attack. Cyberattacks against vital elements of our critical infrastructure occur by the thousands on a daily basis. In the electric sector, we continue to discover that successful intrusions compromising industrial control systems and disrupting the ability of digital systems to communicate with one another are taking place."
TLP1 : Green
-
Cyber espionage actor PKPLUG keeps plugging away at targeting SE Asia
"Drawing on three years of investigatory work, researchers have assembled a detailed playbook on PKPLUG, a suspected Chinese threat actor targeting Asians with an assortment of malware used for cyber espionage purposes."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
DoorDash data breach impacts nearly 5 million customers and merchants
"Food delivery service DoorDash has announced that it recently suffered a data breach involving a third-party service provider that compromised personal and limited financial information of approximately 4.9 million consumers and merchants who joined its platform on or before April 5, 2018."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Multiple zero-day vulnerabilities found medical IoT devices: CISA
"The Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory warning of vulnerabilities in several medical IoT devices that could lead to remote code execution."
TLP1 : Green
-
Attackers exploit 0day vulnerability that gives full control of Android phones
"Attackers are exploiting a zeroday vulnerability in Google’s Android mobile operating system that can give them full control of at least 18 different phone models, including four different Pixel models, a member of Google’s Project Zero research group said on Thursday night."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
FireEye and CSA Look to Expand Strategic Partnership
"International cybersecurity company aims to strengthen Singapore’s cyber security ecosystem through continued capability development and threat intelligence sharing"
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Google Doc CloudPhishing Worm Attack Technical Analysis
"The Internet was buzzing yesterday over a rapidly spreading attack involving malicious apps masquerading as Google Docs which gained permission to victims’ Google Gmail accounts and extracted confidential information. Netskope considers these type of attacks as CloudPhishing, as they are significantly more sophisticated than a traditional phishing attack, and exploit the implicit trust users have in well-known cloud services."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.