• Democratic congressional candidate in California was taken down by the DDoS attack during the primary election season
• A bug in Twitter’s API exposed some users’ direct messages and protected tweets to unauthorized third-party app developers
• Perth Mint Says 3,200 Customers Affected By Data Breach
• Database of hacked sites sell by Cybercrime Markets
• Police have made seven arrests of suspected money mules involved in the theft of $13.5 million from Cosmos Bank in Pune
• The hacker behind the development and operation of counter antivirus service “Scan4You” has been sentenced to 14 years in prison
• Security researchers have uncovered a new Adwind campaign that targets Linux, Windows, and macOS systems.

In Short Overview 

California Democratic congressional hopeful Bryan Caforio’s website was hit by the DDoS attack during the primary election season. The website was inaccessible for about 21 hours throughout the primary season.

Read More… 
DDoS attack took down the California democratic hopeful’s website during the primary election season. (SC Magazine, Sept 21, 2018)

A bug in Twitter’s API exposed some users’ direct messages (DMs) and protected tweets to unauthorized third-party app developers who weren’t supposed to get them.

Read More…
Twitter API bug exposed user’s messages and protected tweets. (The Hacker News, Sept 21, 2018) 

Perth Mint revealed that in this month, more than thousands of customers were affected by data breach. A data breach affected people who used Perth Mint’s Depository Online, a web-based platform for purchasing precious metals. The leaked data included names, addresses, passport numbers and bank account details.

Read More…
Perth Mint said 3,200 people affected by data breach. (Bank Info Security, Sept, 19, 2018)

One mystery with the recently discovered payment card sniffing attacks against such organizations as British Airways and Newegg has been how attackers might have first gained access to the victims’ networks to inject their attack code.

Read More…
Cybercrime markets sell access to hacked websites, databases. (Data Breach Today, Sept 21, 2018)

Finally seven suspects have been arrested by police who were involved in the theft of $13.5 million from Cosmos Bank in Pune. The money was stolen through ATMs and unauthorized SWIFT transaction in 28 nations Aug.

Read More…
Seven suspects have arrested by police in Pune. (Bank Info Security, Sept 21, 2018)

A Latvian hacker who was behind the development and operation of counter antivirus service “Scan4You” has finally been sentenced to 14 years in prison. “Scan4you,” an online counter antivirus service that helped computer hackers determine whether the computer viruses and other malicious software they created would be detected by antivirus software.

Read More…
A Latvian hacker has finally been sentenced to 14 years in prison. (Security Affairs, Sept 22, 2018)

Security researchers discovered that the attacks featured the Adwind 3.0 RAT and employed a variant of the Dynamic Data Exchange (DDE) code injection attack on Microsoft Excel, Reversing Labs and Cisco Talos.

Read More…
New Adwind Campaign Targets Linux, Windows, and macOS (Security Week, Sept 24, 2018)