Threatpost

14 October 2019

• Software, Supply-Chain Dangers Top List of 5G Cyber Risks
  Without naming Huawei, the EU warns on state-backed 5G suppliers.
• Imperva: Data Breach Caused by Cloud Misconfiguration
  Hackers were able to steal an AWS administrative API key housed in a compute instance left exposed to the public internet.
• Fin7 Cybergang Retools With New Malicious Code
  A new dropper and payload show that Fin7 isn't going anywhere despite a crackdown on the infamous group by law enforcement in 2018.
• Iran-Linked ‘Charming Kitten’ Touts New Spearphishing Tactics
  A campaign first observed last year has ramped up its attack methods and appears to be linked to activity targeting President Trump’s 2020 re-election campaign.
• vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach
  A hacker is selling the email addresses of 250,000 users of a Dutch sex-work forum -- data that researchers say could be used for blackmail.
• Cryptomining Crook Steals Game Developer’s Identity to Carry Out Dirty Work
  An alleged fraudster built a vast web of AWS cloud accounts, becoming the platform's biggest consumer of data resources.
• Sophisticated Spy Kit Targets Russians with Rare GSM Plugin
  The Attor malware targets government and diplomatic victims with unusual tactics.
• China’s Sway Over Tech Companies Tested with Apple, Blizzard
  Apple has been called out by Chinese state-run media as protecting “rioters,” while Blizzard bans a Hearthstone player for supporting Hong Kong.
• Apple iTunes Bug Actively Exploited in BitPaymer/iEncrypt Campaign
  Attackers exploit an “unquoted path” flaw in the Bonjour updater in iTunes for Windows to deliver ransomware attacks.
• HP Touchpoint Analytics Opens PCs to Code Execution Attack
  The vulnerability stems from an issue with DLL loading in Open Source Hardware, used by tens of millions of computers, researchers say.