DATA BREACH
- Facebook leaks data (including private conversations) from 50 million accounts
- Facebook leaks data (including private conversations) from 50 million accounts
- Facebook hacked – 50 Million Users’ Data exposed in the security breach
- Big Facebook data breach: 50 million accounts affected
- Facebook Data Breach Impacts Almost 50 Million Accounts
- Vulnerabilities in PureVPN Client Leak User Credentials
- New Phishing Campaign Targets US Employees' Online Payrolls
- 3 GOP senators doxed during Kavanaugh hearing
- Chegg Resets Passwords After Data Breach That Affected 40 Million Users
- Facebook Discloses Data Breach, 50 Million User Accounts Affected
- United Nations data found exposed on web: researcher
- Magecart campaign remains active
- “Firefox Monitor” will allow users to check whether their personal information and passwords have been part of a data breach
- Bupa fined £175,000 for 2017 data breach affecting 547,000 customers
- The @ironscales #whitepaper explores how modern #phishing techniques, such as business email compromise (#BEC), #ransomware, spear-phishing and advanced persistent threats
- United Nations data found exposed on web: researcher
- How can live chat widgets leak personal employee data?
- Chegg Data Breach Affects 40 Million Customers
DENIAL-OF-SERVICE
- 7 new modules for VPNFilter malware, Hide & Seek botnet targets Android, and house oversight takes on AI | Avast
- Torii malware could be gateway to more sophisticated IoT botnet attacks
- Meet Torii, a Stealthy, Versatile and Highly Persistent IoT Botnet
- Hide 'N Seek IoT Botnet Now Targets Android Devices
- Who’s behind DDoS attacks at UK universities?
- Stealthy and Persistent Torii IoT Botnet Infects Devices via Telnet
- Meet Torii, a new IoT botnet far more sophisticated than Mirai variants
- New "Torii" Botnet's Sophisticated Techniques Set It Apart From Mirai
- Phorpiex bots target remote access servers to deliver ransomware
- New Iot Botnet Torii Uses Six Methods for Persistence, Has No Clear Purpose
- New "Torii" Botnet's Sophisticated Techniques Set It Apart From Mirai
MALVERTISING
Nothing to report
PHISHING
- Aspire Health, Another Healthcare Firm as a Phishing Victim
- New Phishing Campaign Targets US Employees' Online Payrolls
- Learn how our @PhishingAI successfully detected a custom #phishing kit targeted at the DNC last month:
- Chegg forces password reset on 40 million users
- SHEIN breach exposes emails, encrypted passwords of 6.42M customers
- Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
- Android App Verification Issues Pave Way For Phishing Attacks
- Facebook Resets 90 Million User Passwords as Flaw is Discovered
- Facebook Resets 90 Million User Passwords as Flaw is Discovered
- Chegg Resets Passwords After Data Breach That Affected 40 Million Users
- Android password managers vulnerable to phishing apps
- “Firefox Monitor” will allow users to check whether their personal information and passwords have been part of a data breach
- The @ironscales #whitepaper explores how modern #phishing techniques, such as business email compromise (#BEC), #ransomware, spear-phishing and advanced persistent threats
- Power to the people! Google backtracks (a bit) on forced Chrome logins
- Microsoft is trying to kill passwords in Azure AD application
- Android password managers not as secure as desktop counterparts
- 7 Most Prevalent Phishing Subject Lines
WEB DEFACEMENT
Nothing to report
MALWARE
- Port of San Diego suffers ransomware attack | Avast
- Port of San Diego suffers ransomware attack | Avast
- Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild
- Zoho Was Blacklisted by Domain Registrar TierraNet
- The Week in Ransomware - September 28th 2018 - RDP and gandCrab
- 7 new modules for VPNFilter malware, Hide & Seek botnet targets Android, and house oversight takes on AI | Avast
- 'Torii' Breaks New Ground For IoT Malware
- Port of San Diego, The Newest Victim of Ransomware Attack
- Powerful Ransomware Attack Hit on Port of San Diego
- Torii malware could be gateway to more sophisticated IoT botnet attacks
- Docs reveal how Fruitfly Mac spyware initially spread
- Fancy Bear’s Lojax is First UEFI Rootkit in the Wild
- FBI solves mystery surrounding 15-year-old Fruitfly Mac malware
- USB malware and cryptominers are threat to emerging markets
- Potential Misuse of Legitimate Websites to Avoid Malware Detection
- Port of San Diego Suffers Ransomware Attack
- Delphi Packer Increasingly Used to Evade Malware Classification
- QRecorder app in the Play Store was hiding a Banking Trojan that targets European banks
- The @ironscales #whitepaper explores how modern #phishing techniques, such as business email compromise (#BEC), #ransomware, spear-phishing and advanced persistent threats
- Port of San Diego Hit by Ransomware
- Fancy Bear Attacks Governments Using LoJax UEFI Rootkit
- Windows 10 security: Here's how we're hitting back at fileless malware, says Microsoft
- Resident evil: Inside a UEFI rootkit used to spy on govts, made by you-know-who (hi, Russia)
- Sunny Cali goes ballistic, this ransomware is atrocious. Even our IT bill will be something quite ferocious
- Fancy Bear still Putin out new modules for VPNFilter malware
- How Data Security Improves When You Engage Employees in the Process
- Users Clicking Through Warnings, Leading to RAT Infections
- Google Play Store Swarmed with Malware
- Phorpiex bots target remote access servers to deliver ransomware
- Port of San Diego Suffers Ransomware Attack
- ICS Cybersecurity: Visibility, Protective Controls & Continuous Monitoring
- ICS Cybersecurity: Visibility, Protective Controls & Continuous Monitoring
EXPLOIT
- Tripwire Patch Priority Index for September 2018
- IC3 Alerts of Increasing Danger of RDP Exploitation Attacks
- Google Hacker Discloses New Linux Kernel Vulnerability and PoC Exploit
VULNERABILITY
- CVE-2018-11776 RCE Flaw in Apache Struts Could Be Root Cause of Clamorous Hacks
- Critical Security Vulnerability in Facebook Affects 50 million Users!
- Facebook Security Bug Affects 90M Users
- [SingCERT] Alert on 14 High-Severity Vulnerabilities in Cisco Products
- Another Linux Kernel Bug Surfaces, Allowing Root Access
- Vulnerabilities in PureVPN Client Leak User Credentials
- FBI IC3 Warns of RDP Vulnerability
- Facebook Vulnerability Affecting 50 Million Users Allowed Account Takeover
- Facebook Resets 90 Million User Passwords as Flaw is Discovered
- Facebook Resets 90 Million User Passwords as Flaw is Discovered
- Hackers Stole 50 Million Facebook Users' Access Tokens Using Zero-Day Flaw
- Researchers: 11-Year-Old Flaw in Vote Scanner Still Unfixed
- Facebook: 50 million accounts impacted by security flaw
- 'Mutagen Astronomy' Linux kernel vulnerability sighted
- SECURITY UPDATE: Facebook said a breach affected 50 million people on the social network.
The vulnerability stemmed from Facebook's "View As"
- Connected car cyber-security getting better, fewer critical vulnerabilities found
- No Patches for Critical Flaws in Fuji Electric Servo System, Drives
- CVE-2018-1718 -Google Project Zero reports a new Linux Kernel flaw
- Vulnerabilities and architectural considerations in industrial control systems
- Google Project Zero Discloses New Linux Kernel Flaw
- Google Hacker Discloses New Linux Kernel Vulnerability and PoC Exploit
- Tripwire Patch Priority Index for September 2018
ASIA
- No Patches for Critical Flaws in Fuji Electric Servo System, Drives
- Google first confirmed the existence of the Dragonfly program for returning to China
WORLD
- Facebook leaks data (including private conversations) from 50 million accounts
- Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild
- Aspire Health, Another Healthcare Firm as a Phishing Victim
- 7 new modules for VPNFilter malware, Hide & Seek botnet targets Android, and house oversight takes on AI | Avast
- New Phishing Campaign Targets US Employees' Online Payrolls
- IC3 Alerts of Increasing Danger of RDP Exploitation Attacks
- QRecorder app in the Play Store was hiding a Banking Trojan that targets European banks
- Magecart campaign remains active
- Researchers: 11-Year-Old Flaw in Vote Scanner Still Unfixed
- Who’s behind DDoS attacks at UK universities?
- Fancy Bear Attacks Governments Using LoJax UEFI Rootkit
- Resident evil: Inside a UEFI rootkit used to spy on govts, made by you-know-who (hi, Russia)
- Vulnerabilities and architectural considerations in industrial control systems
ATTACKS
- Facebook leaks data (including private conversations) from 50 million accounts
- Facebook leaks data (including private conversations) from 50 million accounts
- Facebook hacked – 50 Million Users’ Data exposed in the security breach
- Big Facebook data breach: 50 million accounts affected
- Facebook Data Breach Impacts Almost 50 Million Accounts
- Vulnerabilities in PureVPN Client Leak User Credentials
- Aspire Health, Another Healthcare Firm as a Phishing Victim
- 7 new modules for VPNFilter malware, Hide & Seek botnet targets Android, and house oversight takes on AI | Avast
- New Phishing Campaign Targets US Employees' Online Payrolls
- Learn how our @PhishingAI successfully detected a custom #phishing kit targeted at the DNC last month:
- 3 GOP senators doxed during Kavanaugh hearing
- Chegg forces password reset on 40 million users
- Torii malware could be gateway to more sophisticated IoT botnet attacks
- SHEIN breach exposes emails, encrypted passwords of 6.42M customers
- Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
- Android App Verification Issues Pave Way For Phishing Attacks
- Facebook Resets 90 Million User Passwords as Flaw is Discovered
- Facebook Resets 90 Million User Passwords as Flaw is Discovered
- Meet Torii, a Stealthy, Versatile and Highly Persistent IoT Botnet
- Chegg Resets Passwords After Data Breach That Affected 40 Million Users
- Facebook Discloses Data Breach, 50 Million User Accounts Affected
- United Nations data found exposed on web: researcher
- Hide 'N Seek IoT Botnet Now Targets Android Devices
- Magecart campaign remains active
- Android password managers vulnerable to phishing apps
- “Firefox Monitor” will allow users to check whether their personal information and passwords have been part of a data breach
- Bupa fined £175,000 for 2017 data breach affecting 547,000 customers
- The @ironscales #whitepaper explores how modern #phishing techniques, such as business email compromise (#BEC), #ransomware, spear-phishing and advanced persistent threats
- Power to the people! Google backtracks (a bit) on forced Chrome logins
- Who’s behind DDoS attacks at UK universities?
- Microsoft is trying to kill passwords in Azure AD application
- Android password managers not as secure as desktop counterparts
- Stealthy and Persistent Torii IoT Botnet Infects Devices via Telnet
- United Nations data found exposed on web: researcher
- Meet Torii, a new IoT botnet far more sophisticated than Mirai variants
- How can live chat widgets leak personal employee data?
- Chegg Data Breach Affects 40 Million Customers
- 7 Most Prevalent Phishing Subject Lines
- New "Torii" Botnet's Sophisticated Techniques Set It Apart From Mirai
- Phorpiex bots target remote access servers to deliver ransomware
- New Iot Botnet Torii Uses Six Methods for Persistence, Has No Clear Purpose
- New "Torii" Botnet's Sophisticated Techniques Set It Apart From Mirai
THREATS
- CVE-2018-11776 RCE Flaw in Apache Struts Could Be Root Cause of Clamorous Hacks
- Port of San Diego suffers ransomware attack | Avast
- Port of San Diego suffers ransomware attack | Avast
- Critical Security Vulnerability in Facebook Affects 50 million Users!
- Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild
- Facebook Security Bug Affects 90M Users
- Zoho Was Blacklisted by Domain Registrar TierraNet
- [SingCERT] Alert on 14 High-Severity Vulnerabilities in Cisco Products
- Another Linux Kernel Bug Surfaces, Allowing Root Access
- Vulnerabilities in PureVPN Client Leak User Credentials
- The Week in Ransomware - September 28th 2018 - RDP and gandCrab
- 7 new modules for VPNFilter malware, Hide & Seek botnet targets Android, and house oversight takes on AI | Avast
- 'Torii' Breaks New Ground For IoT Malware
- FBI IC3 Warns of RDP Vulnerability
- Tripwire Patch Priority Index for September 2018
- Port of San Diego, The Newest Victim of Ransomware Attack
- Powerful Ransomware Attack Hit on Port of San Diego
- IC3 Alerts of Increasing Danger of RDP Exploitation Attacks
- Torii malware could be gateway to more sophisticated IoT botnet attacks
- Docs reveal how Fruitfly Mac spyware initially spread
- Facebook Vulnerability Affecting 50 Million Users Allowed Account Takeover
- Fancy Bear’s Lojax is First UEFI Rootkit in the Wild
- FBI solves mystery surrounding 15-year-old Fruitfly Mac malware
- USB malware and cryptominers are threat to emerging markets
- Facebook Resets 90 Million User Passwords as Flaw is Discovered
- Potential Misuse of Legitimate Websites to Avoid Malware Detection
- Facebook Resets 90 Million User Passwords as Flaw is Discovered
- Port of San Diego Suffers Ransomware Attack
- Delphi Packer Increasingly Used to Evade Malware Classification
- QRecorder app in the Play Store was hiding a Banking Trojan that targets European banks
- Hackers Stole 50 Million Facebook Users' Access Tokens Using Zero-Day Flaw
- The @ironscales #whitepaper explores how modern #phishing techniques, such as business email compromise (#BEC), #ransomware, spear-phishing and advanced persistent threats
- Researchers: 11-Year-Old Flaw in Vote Scanner Still Unfixed
- Port of San Diego Hit by Ransomware
- Facebook: 50 million accounts impacted by security flaw
- Fancy Bear Attacks Governments Using LoJax UEFI Rootkit
- Windows 10 security: Here's how we're hitting back at fileless malware, says Microsoft
- Resident evil: Inside a UEFI rootkit used to spy on govts, made by you-know-who (hi, Russia)
- Sunny Cali goes ballistic, this ransomware is atrocious. Even our IT bill will be something quite ferocious
- Fancy Bear still Putin out new modules for VPNFilter malware
- 'Mutagen Astronomy' Linux kernel vulnerability sighted
- How Data Security Improves When You Engage Employees in the Process
- SECURITY UPDATE: Facebook said a breach affected 50 million people on the social network.
The vulnerability stemmed from Facebook's "View As"
- Connected car cyber-security getting better, fewer critical vulnerabilities found
- Users Clicking Through Warnings, Leading to RAT Infections
- No Patches for Critical Flaws in Fuji Electric Servo System, Drives
- CVE-2018-1718 -Google Project Zero reports a new Linux Kernel flaw
- Google Play Store Swarmed with Malware
- Phorpiex bots target remote access servers to deliver ransomware
- Vulnerabilities and architectural considerations in industrial control systems
- Google Project Zero Discloses New Linux Kernel Flaw
- Port of San Diego Suffers Ransomware Attack
- ICS Cybersecurity: Visibility, Protective Controls & Continuous Monitoring
- Google Hacker Discloses New Linux Kernel Vulnerability and PoC Exploit
- Tripwire Patch Priority Index for September 2018
- ICS Cybersecurity: Visibility, Protective Controls & Continuous Monitoring
CRIME
- Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild
- Aspire Health, Another Healthcare Firm as a Phishing Victim
- New Phishing Campaign Targets US Employees' Online Payrolls
- IC3 Alerts of Increasing Danger of RDP Exploitation Attacks
- Potential Misuse of Legitimate Websites to Avoid Malware Detection
- QRecorder app in the Play Store was hiding a Banking Trojan that targets European banks
- Magecart campaign remains active
- The @ironscales #whitepaper explores how modern #phishing techniques, such as business email compromise (#BEC), #ransomware, spear-phishing and advanced persistent threats
- Stealthy and Persistent Torii IoT Botnet Infects Devices via Telnet
POLITICS
- Facebook leaks data (including private conversations) from 50 million accounts
- Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild
- Aspire Health, Another Healthcare Firm as a Phishing Victim
- Hackers Stole 50 Million Facebook Users' Access Tokens Using Zero-Day Flaw
- Resident evil: Inside a UEFI rootkit used to spy on govts, made by you-know-who (hi, Russia)
