From zdnet.com
Days ahead of the US Presidential Election, spam groups are hurrying to strike the iron while it’s still hot and using voter registration-related lures to trick people into accessing fake government sites and give away their personal data, sometimes with the group being so bold to ask for banking and email passwords and even auto registration information.
From securityboulevard.com
PhishLabs is monitoring a threat actor group that has set up fraudulent hosting companies with leased IP space from a legitimate reseller. They are using this infrastructure for bulletproof hosting services as well as to carry out their own phishing attacks. The group, which is based in Indonesia, has been dubbed Planetary Reef. Planetary Reef is most notable in how they host phishing sites. While traditional methods of distributing phishing attacks rely on compromised websites or increasingly,
free domains, Planetary Reef is leasing their IP space from a large reseller. Using space, the group has created an array of seemingly legitimate hosting companies that they promote through social media.
From wired.com
ON A PIERCINGLY cold and windy morning in March 2007, Mike Assante arrived at an Idaho National Laboratory facility 32 miles west of Idaho Falls, a building in the middle of a vast, high desert landscape covered with snow and sagebrush. He walked into an auditorium inside the visitors’ center, where a small crowd was gathering. The group included officials from the Department of Homeland Security, the Department of Energy, and the North American Electric Reliability Corporation (NERC), executives from a handful of electric utilities across the country, and other researchers and engineers who, like Assante, were tasked by the national lab to spend their days imagining catastrophic threats to American critical infrastructure.
From nbcnews.com
WASHINGTON — A cybersecurity company says it has found a hacker selling personally identifying information of more than 200 million Americans, including the voter registration data of 186 million.
The revelation underscored how vulnerable Americans are to email targeting by criminals and foreign adversaries, even as U.S. officials announced that Iran and Russia had obtained voter registration data and email addresses with an eye toward interfering in the 2020 election.
Much of the data identified by Trustwave, a global cybersecurity company, is publicly available, and almost all of it is the kind that is regularly bought and sold by legitimate businesses. But the fact that so many names, email addresses, phone numbers and voter registration records were found for sale in bulk on the so-called dark web underscores how easily criminals and foreign adversaries can deploy it as the FBI said Iran has done recently, by sending emails designed to intimidate voters.
From medium.com
In Part I of this two-part blog series, we reviewed the current state of the data sources and an initial approach to enhancing them through data modeling. We also defined what an ATT&CK data source object represents and extended it to introduce the concept of data components.
In Part II, we’ll explore a methodology to help define new ATT&CK data source objects, how to implement the methodology with current data sources, and share an initial set of data source objects at https://github.com/mitre-attack/attack-datasources.
From tenable.com
On October 20, Oracle released the Critical Patch Update (CPU) Advisory for October 2020, its final quarterly release of security patches for the year. This update contains fixes for 230 CVEs in 402 security patches across 27 Oracle product families. This quarter’s update marks the second-highest count in Oracle CPUs, surpassed only by the July 2020 update which holds the record with over 440 patches.
From 2-spyware.com
PUA:Win32/Puwaders.B!ml is a Windows Defender-assigned name for an adware application that has infiltrated your computer. It is based on heuristic analysis, which means that security software detected the potentially unwanted program based on the way it functions rather than its name. As a result, there could be many different apps that are hiding behind the PUA:Win32/Puwaders.B!ml virus name.