The U.S. Secret Service issued an internal alert to law enforcement partners about identity thieves abusing the U.S. Postal Service\u2019s Informed Delivery, a service that allows you to digitally preview your mail and manage package delivery. ID thieves have been using the Informed Delivery service \u201cto identify and intercept mail, and to further their identity theft fraud schemes.\u201dThe Secret Service's warning, according to Krebs on Security, also stated, \u201cFraudsters were also observed on criminal forums discussing using the Informed Delivery service to surveil potential identity theft victims.\u201dSome victims had no idea they had been signed up for Informed Delivery, since the crooks had signed them up in order to keep track of photo scans of the victims\u2019 mail. The crooks could sign up victims for credit cards and then steal those cards from their mailboxes.Brian Krebs added that the USPS relies on an unreliable authentication method for sign-up and has created a potential new security issue by allowing third parties \u201cto advertise interactive content in Informed Delivery communications.\u201d\u00a0Vulnerabilities and zero-day flawsHere is a security roundup about some of the vulnerabilities \u2014 even zero-days flaws \u2014 that came to light last week:Attackers had been exploiting a zero-day in the popular WordPress plug-in WP GDPR Compliance, which has more than 100,000 active installs. After numerous critical vulnerabilities, including a privilege escalation flaw, were patched, WordPress reinstated the plugin in its repository.After one Russian researcher had enough frustration, he published details about a zero-day in Oracle\u2019s popular VM app VirtualBox.Adobe ColdFusion servers are actively being exploited by a nation-state APT group. The attackers seem to have reverse-engineered a recently patched vulnerability and started targeting unpatched ColdFusion servers in order to upload the China Chopper backdoor.Apps based on the Ruby programming language are vulnerable to serialization\/deserialization attacks. Researchers published proof-of-concept code that achieves arbitrary command execution in versions 2.0 to 2.5.A new variant of the banking malware Trickbot has some nasty new tricks, such as stealing usernames and passwords from apps and browsers, as well as browsing history, cookies and autofill data from Chrome, Firefox, Internet Explorer, and Microsoft Edge. This new TrickBot variant is spread by opening a Microsoft Excel file after the victim enabled the embedded macro by clicking on the \u201cEnable Content\u201d button.A new version of the GandCrab ransomware downloader also contains \u201canti Sandbox\/VM technique\u2019 function,\u201d can bypass \u201cfirewall and Windows Defender,\u201d and can embed \u201citself to rar archive files.\u201d It has \u201cworm capabilities via removable drives\u201d and many more unpleasant tricks.GandCrab Downloader (kudos to malware-traffic-analysis) can bypassed firewall, Windows defender, detect sandbox and VMs , embed itself in Rar file and many more.. by the way it is not Trojan , it is a WORM!!! #gandcrab #Ransomware https:\/\/t.co\/DGEIECWYfQ pic.twitter.com\/lHM7LSL7qJ\u2014 tccontre (@tccontre18) November 8, 2018Researchers from Qihoo 360\u2019s Netlab warned that a botnet has been exploiting a 5-year-old vulnerability to hijack routers. The botnet, dubbed \u201cBCMUPnP_Hunter,\u201d was built on a security hole in Broadcom UPnP SDK \u2014 a vulnerability that was first discovered in 2013. Thus far, 116 different router models, including D-Link, Linksys, NetComm, TP-Link, and CenturyLink, are part of the botnet, which turns infected routers into email spamming machines.Phishing attacks top 137 million in Q3According to Kaspersky Lab\u2019s Spam and Phishing Q3 report, its anti-phishing system stopped more than 137,382,124 attempts to visit fraudulent sites. That\u2019s up nearly 28 percent from Q2. The two most-targeted industries hit by phishing in Q3 were internet portals and banks. The top three leading source countries for spam were China, the U.S., and Germany.Bankers Life data breach, attackers obtained PII of 566,217 peopleFortune 1000 company CNO Financial Group Inc. submitted a report to the U.S. Department of Health and Human Services admitting to a data breach that affected 566,217 Bankers Life members.\u201cUnauthorized third parties used improperly obtained employee information to gain access to certain company websites, potentially resulting in unauthorized access to personal information of policyholders and applicants,\u201d it says.This breach is the fifth largest incident added to the HIPAA Breach Reporting Tool website in 2018.