DATA BREACH
- Sales intel firm Apollo data breach exposed more than 200 million contact records
- Fortnite gamers targeted by data theft malware
- Apollo hackers steal info from database of 200M contact
- Security researchers @proofpoint recently uncovered new #DanaBot campaigns.
- GhostDNS hijacking campaign steps up attacks on Brazilians; 100K+ devices compromised
- Smart TV kit featuring Google Home Mini and third-gen Chromecast leaks
- UK pins 'reckless campaign of cyber attacks' on Russian military intelligence
- Experts warns of a new extortion campaign based on the Breach Compilation archive
- Cryptomining malware steals Fortnite gamers' Bitcoins and personal data
- Intel, AMD both claim server speed records
- Samsung predicts a return to record profits in Q3
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
DENIAL-OF-SERVICE
- Hacked #Fortnite accounts and rent-a-botnet being pushed on Instagram
MALVERTISING
Nothing to report
PHISHING
- Facebook Found “No Evidence” Of Facebook Login Exploited To Access Linked Apps
- Remove Ursnif Trojan (Purolator Phishing) Scam
- California Is Making It Illegal for Devices to Have Shitty Default Passwords
- Report: The bigger the company, the messier the password practices
- The most commonly used passwords in the world are...
1. 123456
2. password
3. 123456789
4. 12345678
5. 12345
6. qwerty
- Can the @Microsoft Authenticator really replace passwords in the enterprise? Microsoft says the answer is yes and proclaimed the password
- Weak Passwords Banned In California From 2020
- New IoT legislation bans shared default passwords
- US users open 30% of phishing emails with 12% of those clicking on infected links or attachments. Prepare for 2019's
- Credential-Phishing Attempts Highest on Tuesdays
- Credential-Phishing Attempts Highest on Tuesdays
- If you're thinking passwords, check out #CyberSauna episode #13:
A Hacker's Take on Cracking & Protecting Your Creds
- FYI: "password" is the 2nd most popular password in the world.
Can you guess the first?
- Facebook Logins Available on the Dark Web for $2.60
- Passware Kit: Forensic software recovers passwords for Bitcoin wallets
WEB DEFACEMENT
Nothing to report
MALWARE
- Ransomware Recovery at the Taxpayers’ Expense
- Virus Bulletin 2018: Saudi Dissident Spyware Attack Belies Bigger Threat
- Fortnite gamers targeted by data theft malware
- Remove Ursnif Trojan (Purolator Phishing) Scam
- Trojans go after MS Office vulnerabilities and China hacks US hardware
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- Virus Bulletin 2018: Exposing the Social Media Fraud Ecosystem
- AirNaine Uses New ARS RAT Strain Named ZeroEvil Against Canadian Businesses
- Danabot Banking Malware Targets U.S. Organizations
- The Virus Bulletin conference returns home: VB2019 to take place in London
- Fileless malware: part deux
- Cisco Discovered Multiple Vulnerabilities In Atlantis Word Processor
- Hackers fly under the radar for two years after infecting chiropractic clinic with malware
- DanaBot Banking Trojan’s Journey to North America
- Virus Bulletin 2018: Supply chain hacking grows up
- The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying
- Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
- Cryptomining malware steals Fortnite gamers' Bitcoins and personal data
- How does FacexWorm malware use Facebook Messenger to spread?
- Malicious remote admin tool seemingly linked to KONNI malware, North Korea
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
- .@FireEye researches discovered that the group behind #Sanny #malware attacks has made delivery method changes that put users at risk.
- Fake News Domains Spoof UK News Sites
- Roaming Mantis Hacking Group Inject Web Crypto Mining for iOS Devices via Malicious Content Delivery System
- Top 5 Viruses of All Time by Security Expert Mikko Hyppönen
- CMake 3.12.3 releases: managing the build process of software
EXPLOIT
- Facebook Found “No Evidence” Of Facebook Login Exploited To Access Linked Apps
- Advanced Persistent Threat Activity Exploiting Managed Service Providers
VULNERABILITY
- Adobe October Patch Update Fixed 86 Different Security Vulnerabilities
- Sony Smart TV Bug Allows Remote Access, Root Privileges
- Unit 42 Vulnerability Research October 2018 Disclosures – Adobe
- Unit 42 Vulnerability Research October 2018 Disclosures – Adobe
- D-Link Patches RCE Bugs in Wireless Access Point Gear
- VMware Releases Patches for Critical A/W Console Auth Bypass Vulnerability
- 150 Bugs Found in the Hack the Marine Corps Challenge
- Trojans go after MS Office vulnerabilities and China hacks US hardware
- 150 Bugs Found in the Hack the Marine Corps Challenge
- Most Home Routers Are Full of Vulnerabilities
- Vulnerability Scanning vs. Penetration Testing: What's the Difference?
- Adobe update cleans up 86 bugs in Acrobat and Reader, many critical
- Missing Files, Bugs Reported After Windows 10 October 2018 Update
- Cisco Discovered Multiple Vulnerabilities In Atlantis Word Processor
- Mozilla Resolves Critical Code Execution Flaw In Thunderbird
- Cisco patches critical flaws in DNA Center and Prime Infrastructure
- Marine Corps bug bounty program finds 150 vulnerabilities
- Mozilla resolves critical code execution flaw in Thunderbird email client
- Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
- D-Link Patches Code Execution, XSS Flaws in Management Tool
- Cisco updates address 36 vulnerabilities, three critical
- Vulnerability Scanning vs. Penetration Testing: What's the Difference?
- #PulseNet: How does an improper #authentication flaw affect it?
- Cisco Released Security Updates & Fixed 37 Vulnerabilities that Affected Cisco Products
- Mozilla Patches Critical Vulnerability in Thunderbird 60.2.1
ASIA
- Virus Bulletin 2018: Saudi Dissident Spyware Attack Belies Bigger Threat
- Trojans go after MS Office vulnerabilities and China hacks US hardware
- The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying
- DHS issued an alert on attacks aimed at Managed Service Providers
- VP Mike Pence slams Google over Chinese search engine project
- North Korean hacking operation behind SWIFT attacks
WORLD
- Virus Bulletin 2018: Saudi Dissident Spyware Attack Belies Bigger Threat
- Trojans go after MS Office vulnerabilities and China hacks US hardware
- Russian State-Sponsored Operations Begin to Overlap: Kaspersky
- California Is Making It Illegal for Devices to Have Shitty Default Passwords
- AirNaine Uses New ARS RAT Strain Named ZeroEvil Against Canadian Businesses
- Danabot Banking Malware Targets U.S. Organizations
- The Virus Bulletin conference returns home: VB2019 to take place in London
- Uncle Sam Charges Seven Russians With Fancy Bear Hack Sprees
- DanaBot Banking Trojan’s Journey to North America
- The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying
- The fur is not gonna fly: Uncle Sam charges seven Russians with Fancy Bear hack sprees
- UK pins 'reckless campaign of cyber attacks' on Russian military intelligence
- Experts warns of a new extortion campaign based on the Breach Compilation archive
- US users open 30% of phishing emails with 12% of those clicking on infected links or attachments. Prepare for 2019's
- Facebook Logins Available on the Dark Web for $2.60
- DHS issued an alert on attacks aimed at Managed Service Providers
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
- Fake News Domains Spoof UK News Sites
- Russia's elite hacking unit has been silent, but busy
- Fin7 Hackers Breached US Chain Burgerville
- Fin7 Hackers Breached US Chain Burgerville
ATTACKS
- Sales intel firm Apollo data breach exposed more than 200 million contact records
- Facebook Found “No Evidence” Of Facebook Login Exploited To Access Linked Apps
- Fortnite gamers targeted by data theft malware
- Remove Ursnif Trojan (Purolator Phishing) Scam
- California Is Making It Illegal for Devices to Have Shitty Default Passwords
- Report: The bigger the company, the messier the password practices
- The most commonly used passwords in the world are...
1. 123456
2. password
3. 123456789
4. 12345678
5. 12345
6. qwerty
- Apollo hackers steal info from database of 200M contact
- Can the @Microsoft Authenticator really replace passwords in the enterprise? Microsoft says the answer is yes and proclaimed the password
- Security researchers @proofpoint recently uncovered new #DanaBot campaigns.
- Weak Passwords Banned In California From 2020
- New IoT legislation bans shared default passwords
- GhostDNS hijacking campaign steps up attacks on Brazilians; 100K+ devices compromised
- Smart TV kit featuring Google Home Mini and third-gen Chromecast leaks
- Hacked #Fortnite accounts and rent-a-botnet being pushed on Instagram
- UK pins 'reckless campaign of cyber attacks' on Russian military intelligence
- Experts warns of a new extortion campaign based on the Breach Compilation archive
- US users open 30% of phishing emails with 12% of those clicking on infected links or attachments. Prepare for 2019's
- Credential-Phishing Attempts Highest on Tuesdays
- Cryptomining malware steals Fortnite gamers' Bitcoins and personal data
- Credential-Phishing Attempts Highest on Tuesdays
- If you're thinking passwords, check out #CyberSauna episode #13:
A Hacker's Take on Cracking & Protecting Your Creds
- Intel, AMD both claim server speed records
- FYI: "password" is the 2nd most popular password in the world.
Can you guess the first?
- Facebook Logins Available on the Dark Web for $2.60
- Samsung predicts a return to record profits in Q3
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
- Passware Kit: Forensic software recovers passwords for Bitcoin wallets
THREATS
- Adobe October Patch Update Fixed 86 Different Security Vulnerabilities
- Ransomware Recovery at the Taxpayers’ Expense
- Sony Smart TV Bug Allows Remote Access, Root Privileges
- Virus Bulletin 2018: Saudi Dissident Spyware Attack Belies Bigger Threat
- Unit 42 Vulnerability Research October 2018 Disclosures – Adobe
- Unit 42 Vulnerability Research October 2018 Disclosures – Adobe
- Facebook Found “No Evidence” Of Facebook Login Exploited To Access Linked Apps
- Fortnite gamers targeted by data theft malware
- D-Link Patches RCE Bugs in Wireless Access Point Gear
- VMware Releases Patches for Critical A/W Console Auth Bypass Vulnerability
- Remove Ursnif Trojan (Purolator Phishing) Scam
- 150 Bugs Found in the Hack the Marine Corps Challenge
- Trojans go after MS Office vulnerabilities and China hacks US hardware
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- 150 Bugs Found in the Hack the Marine Corps Challenge
- Most Home Routers Are Full of Vulnerabilities
- Virus Bulletin 2018: Exposing the Social Media Fraud Ecosystem
- AirNaine Uses New ARS RAT Strain Named ZeroEvil Against Canadian Businesses
- Danabot Banking Malware Targets U.S. Organizations
- The Virus Bulletin conference returns home: VB2019 to take place in London
- Vulnerability Scanning vs. Penetration Testing: What's the Difference?
- Fileless malware: part deux
- Adobe update cleans up 86 bugs in Acrobat and Reader, many critical
- Missing Files, Bugs Reported After Windows 10 October 2018 Update
- Cisco Discovered Multiple Vulnerabilities In Atlantis Word Processor
- Advanced Persistent Threat Activity Exploiting Managed Service Providers
- Mozilla Resolves Critical Code Execution Flaw In Thunderbird
- Hackers fly under the radar for two years after infecting chiropractic clinic with malware
- DanaBot Banking Trojan’s Journey to North America
- Cisco patches critical flaws in DNA Center and Prime Infrastructure
- Virus Bulletin 2018: Supply chain hacking grows up
- Marine Corps bug bounty program finds 150 vulnerabilities
- The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying
- Mozilla resolves critical code execution flaw in Thunderbird email client
- Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
- D-Link Patches Code Execution, XSS Flaws in Management Tool
- Cisco updates address 36 vulnerabilities, three critical
- Cryptomining malware steals Fortnite gamers' Bitcoins and personal data
- Vulnerability Scanning vs. Penetration Testing: What's the Difference?
- How does FacexWorm malware use Facebook Messenger to spread?
- Malicious remote admin tool seemingly linked to KONNI malware, North Korea
- #PulseNet: How does an improper #authentication flaw affect it?
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
- .@FireEye researches discovered that the group behind #Sanny #malware attacks has made delivery method changes that put users at risk.
- Cisco Released Security Updates & Fixed 37 Vulnerabilities that Affected Cisco Products
- Fake News Domains Spoof UK News Sites
- Roaming Mantis Hacking Group Inject Web Crypto Mining for iOS Devices via Malicious Content Delivery System
- Top 5 Viruses of All Time by Security Expert Mikko Hyppönen
- CMake 3.12.3 releases: managing the build process of software
- Mozilla Patches Critical Vulnerability in Thunderbird 60.2.1
CRIME
- Fortnite gamers targeted by data theft malware
- Remove Ursnif Trojan (Purolator Phishing) Scam
- California Is Making It Illegal for Devices to Have Shitty Default Passwords
- AirNaine Uses New ARS RAT Strain Named ZeroEvil Against Canadian Businesses
- Danabot Banking Malware Targets U.S. Organizations
- Report: The bigger the company, the messier the password practices
- Hackers fly under the radar for two years after infecting chiropractic clinic with malware
- DanaBot Banking Trojan’s Journey to North America
- The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying
- Detecting Credit Card Skimmers
- The fur is not gonna fly: Uncle Sam charges seven Russians with Fancy Bear hack sprees
- Experts warns of a new extortion campaign based on the Breach Compilation archive
- Cryptomining malware steals Fortnite gamers' Bitcoins and personal data
- Facebook Logins Available on the Dark Web for $2.60
- DHS issued an alert on attacks aimed at Managed Service Providers
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
- Roaming Mantis Hacking Group Inject Web Crypto Mining for iOS Devices via Malicious Content Delivery System
- Passware Kit: Forensic software recovers passwords for Bitcoin wallets
- North Korean hacking operation behind SWIFT attacks
- Lojax, the new threat developed by Fancy Bear
POLITICS
- Russian State-Sponsored Operations Begin to Overlap: Kaspersky
- Advanced Persistent Threat Activity Exploiting Managed Service Providers
- DHS issued an alert on attacks aimed at Managed Service Providers
