DATA BREACH & DATA LOSS
- Tumblr Patches Security Issue that Would Leak Emails, Hashed-Salted Passwords
- MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry
- Redis 5.0 release, High-performance key-value database
- Information of 396K Users Exposed in Facepunch Data Breach
- 35 Million US Voter Registration Records Found for Sale on Dark Web
- Phishers target book publishers in new campaign
- Pentagon Disclosed Data Breach At Department Of Defense Affecting 30,000 Workers
- 35 million US voter records up for sale on the dark web
- Who is to blame for the majority of data breaches?
- GreyEnergy: New malware campaign targets critical infrastructure companies
- Tumblr Patches A Flaw That Could Have Exposed Users’ Account Info
- Anthem pays out record $16m over data breach
- SEO Poisoning Campaign Targeting U.S. Midterm Election Keywords
- .@Google Firebase #DatabaseSecurity proved insufficient when bypassed by hackers to leak data. Learn more about this #SecurityFlaw from expert Michael
- 35 million voter records from 19 US states for sale
- Alphabet in the soup for keeping quiet about Google+ data leak bug
- Anthem Mega-Breach: Record $16 Million HIPAA Settlement
- US Voter Records for Sale on Hacker Forum
- Millions of US Voter Records for Sale
- 35 Million U.S Voter Records Selling in Popular Dark web Hacking Forum from $150 USD to $12,500 USD
- Travel data for about 30,000 individuals was exposed in a Pentagon #DataBreach and experts expect that the information could be
DENIAL-OF-SERVICE
- Brazil expert discovers Oracle flaw that allows massive DDoS attacks
MALVERTISING
Nil
PHISHING
- FBI Releases Document with Measures for Defending Against Payroll Phishing Scams
- How Office 365 learned to reel in phish
- Another Phishing Scam is Appearing in Small Business Inboxes
- Is this the simple solution to password re-use?
- Public Cloud Phishing
- Learn how hackers used TLS certificates to launch @netflix #phishing attacks from expert Michael Cobb of @thehairyITdog
- "Attackers have expanded [phishing attacks] significantly into SMS and social media, and are displaying a preference for targeting personal email
- Faculties and Staff of Chapman got Affected by the ‘Critical’ Phishing Attack
- LibSSH Flaw Allows Hackers to Take Over Servers Without Password
WEB DEFACEMENT
Nil
BOTNET
Nil
RANSOMWARE
- Podcast: A Utility Ransomware Attack, Post-Hurricane
- Ransomware attack hits North Carolina water utility following hurricane
- A crippling ransomware attack hit a water utility in the aftermath of Hurricane Florence
CRYPTOMINING & CRYPTOCURRENCIES
- AISA 2018: Japan's journey from a cryptocurrency hack to better regulation
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- How Blockchain Is Making it Easier for Fintech Companies to Scale Up
- Im Interview erläutert Georgeta Toth, Regional Director bei dem Security-Spezialisten #Proofpoint, den Einfluss der Crypto-Mining-#Malware auf Endgeräte in Unternehmen.
- Android Apps claim to mine unminable cryptocurrency, just show ads
- #GroupIB has estimated that cryptocurrency exchanges suffered a total loss of $882 mln due to targeted attacks in 2017 and
MALWARE
- LuminosityLink RAT Author Sentenced to 30 Months in Prison
- MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- A hacker who used fake advertisements placed on local newspaper websites to spread malware has been sentenced to 33 months
- Im Interview erläutert Georgeta Toth, Regional Director bei dem Security-Spezialisten #Proofpoint, den Einfluss der Crypto-Mining-#Malware auf Endgeräte in Unternehmen.
- GreyEnergy: New malware campaign targets critical infrastructure companies
- Insult to injury: Malware menace soaks water-logged utility ravaged by Hurricane Florence
- How does #FacexWorm #malware use @Facebook Messenger to spread? Learn more about this new malware with expert @lewisnic.
- New GreyEnergy Malware Targets ICS, Tied with BlackEnergy and TeleBots
- How does #MassMiner #malware infect systems across the web?
- Avast scores high in malware protection | Avast
- Sony has solved the crash of PS4 receiving malicious message
- Abandoned Tweet Counter Hijacked With Malicious Script
- 21-year-old Hacker Sentenced to 30 Months Prison for Creating Popular Hacking Tool LumunosityLink RAT
- The attackers learn that due to the complexity and fluctuations of the pulping process, any changes could take up to
EXPLOIT
Nil
VULNERABILITY
- Cisco Patches Remotely Exploitable High Risk Security Bugs in Multiple Products
- Libssh Vulnerability Exposes Servers to Attacks
- Chrome 70 Updates Sign-In Options, Patches 23 Flaws
- VoiceOver iOS 12 Bug Creates Lock Screen Bypass Exposing User Photos
- Tumblr discloses vulnerability but says 'no evidence that this bug was abused'
- Oracle Fixes 301 Flaws in October Critical Patch Update
- Serious SSH bug lets crooks log in just by asking nicely
- Oracle Patched Over 300 Vulnerabilities in Its Q3 2018 Critical Patch Update
- LibSSH Flaw Leaves Thousands Of Servers At Risk Of Hijacking
- CVE-2018-10933: Libssh Server Side Authentication Bypass Vulnerability Alert
- Thousands of servers easy to hack due to a LibSSH Flaw
- Take a Bite out of the Vulnerability Remediation Backlog with InsightVM
- WhiteSource raises $35 million for open source flaw detection platform
- CVE-2018-3211: Java Usage Tracker Local Elevation of Privilege on Windows
- Oracle CPU October 2018: 301 vulnerabilities patched
- Thousands Of Servers Vulnerable To Hacking Due To libssh Flaw
- Critical Vulnerabilities Allow Takeover of D-Link Routers
- Tumblr Patches A Flaw That Could Have Exposed Users’ Account Info
- Remote Code Implantation Flaw Found in Medtronic Cardiac Programmers
- Alphabet in the soup for keeping quiet about Google+ data leak bug
- Hacker: I'm logged in. New LibSSH Vulnerability: OK! I believe you.
- Brazil expert discovers Oracle flaw that allows massive DDoS attacks
- Endpoint security solutions challenged by zero-day and fileless attacks
- VMware addressed Code Execution Flaw in its ESXi, Workstation, and Fusion products
- Flaws in Branch.io Affected Over 685 Million Users
- Security flaw in libssh leaves thousands of servers at risk of hijacking
- Oracle patches 301 vulnerabilities, including 46 with a 9.8+ severity rating
- VMware Patches Code Execution Flaw in Virtual Graphics Card
- CVE-2018-3245: Weblogic Remote Code Execution Vulnerability Alert
- Oracle releases Critical Patch Update Advisory – October 2018: fix 301 security bugs
- Git RCE Vulnerability (CVE-2018-17456)Security Advisory
- LibSSH Flaw Allows Hackers to Take Over Servers Without Password
- Vulnerability in voting machines has not been corrected after 11 years
- Vulnerability in Apple VoiceOver allows hackers access to user photos
- Google Chrome 70.0.3538.67 releases: fix multiple high-risk vulnerabilities
- The Qihoo @360CoreSec team found a @Microsoft vulnerability -- named Double Kill -- that affects applications through #MicrosoftOffice documents. Learn
ASIA
- AISA 2018: Japan's journey from a cryptocurrency hack to better regulation
- New research highlights Vietnamese group's custom hacking tools
- Meet GreyEnergy, the newest hacking group hitting Ukraine’s power grid
- WhiteSource raises $35 million for open source flaw detection platform
- Top 5 Publicly Accessible Hacking Tools You Can Download Today
- WTB: MuddyWater Expands Operations
- Git RCE Vulnerability (CVE-2018-17456)Security Advisory
WORLD
- LuminosityLink RAT Author Sentenced to 30 Months in Prison
- MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry
- 'GreyEnergy' Cyberspies Target Ukraine, Poland
- 3 Years After Attacks on Ukraine Power Grid, BlackEnergy Successor Poses Growing Threat
- Information of 396K Users Exposed in Facepunch Data Breach
- 35 Million US Voter Registration Records Found for Sale on Dark Web
- Podcast: A Utility Ransomware Attack, Post-Hurricane
- How Office 365 learned to reel in phish
- Meet GreyEnergy, the newest hacking group hitting Ukraine’s power grid
- 35 million US voter records up for sale on the dark web
- Who is to blame for the majority of data breaches?
- Attackers identified in the pre-espionage stage of CNI attack
- SEO Poisoning Campaign Targeting U.S. Midterm Election Keywords
- 35 million voter records from 19 US states for sale
- Insult to injury: Malware menace soaks water-logged utility ravaged by Hurricane Florence
- WTB: MuddyWater Expands Operations
- US Voter Records for Sale on Hacker Forum
- GreyEnergy group targeting critical infrastructure with espionage
- Brazil expert discovers Oracle flaw that allows massive DDoS attacks
- Millions of US Voter Records for Sale
- 35 Million U.S Voter Records Selling in Popular Dark web Hacking Forum from $150 USD to $12,500 USD
- Russian Hackers Attack Specialist in Customer Review Tied to Innumerable Websites
- A crippling ransomware attack hit a water utility in the aftermath of Hurricane Florence
- Sony has solved the crash of PS4 receiving malicious message
- Vulnerability in voting machines has not been corrected after 11 years
ATTACKS
- Tumblr Patches Security Issue that Would Leak Emails, Hashed-Salted Passwords
- MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry
- Redis 5.0 release, High-performance key-value database
- Information of 396K Users Exposed in Facepunch Data Breach
- 35 Million US Voter Registration Records Found for Sale on Dark Web
- FBI Releases Document with Measures for Defending Against Payroll Phishing Scams
- How Office 365 learned to reel in phish
- Another Phishing Scam is Appearing in Small Business Inboxes
- Phishers target book publishers in new campaign
- Pentagon Disclosed Data Breach At Department Of Defense Affecting 30,000 Workers
- Is this the simple solution to password re-use?
- 35 million US voter records up for sale on the dark web
- Who is to blame for the majority of data breaches?
- Public Cloud Phishing
- Learn how hackers used TLS certificates to launch @netflix #phishing attacks from expert Michael Cobb of @thehairyITdog
- GreyEnergy: New malware campaign targets critical infrastructure companies
- Tumblr Patches A Flaw That Could Have Exposed Users’ Account Info
- Anthem pays out record $16m over data breach
- SEO Poisoning Campaign Targeting U.S. Midterm Election Keywords
- "Attackers have expanded [phishing attacks] significantly into SMS and social media, and are displaying a preference for targeting personal email
- .@Google Firebase #DatabaseSecurity proved insufficient when bypassed by hackers to leak data. Learn more about this #SecurityFlaw from expert Michael
- 35 million voter records from 19 US states for sale
- Alphabet in the soup for keeping quiet about Google+ data leak bug
- Anthem Mega-Breach: Record $16 Million HIPAA Settlement
- US Voter Records for Sale on Hacker Forum
- Millions of US Voter Records for Sale
- 35 Million U.S Voter Records Selling in Popular Dark web Hacking Forum from $150 USD to $12,500 USD
- Faculties and Staff of Chapman got Affected by the ‘Critical’ Phishing Attack
- LibSSH Flaw Allows Hackers to Take Over Servers Without Password
- Travel data for about 30,000 individuals was exposed in a Pentagon #DataBreach and experts expect that the information could be
THREATS
- AISA 2018: Japan's journey from a cryptocurrency hack to better regulation
- Cisco Patches Remotely Exploitable High Risk Security Bugs in Multiple Products
- Libssh Vulnerability Exposes Servers to Attacks
- Chrome 70 Updates Sign-In Options, Patches 23 Flaws
- VoiceOver iOS 12 Bug Creates Lock Screen Bypass Exposing User Photos
- LuminosityLink RAT Author Sentenced to 30 Months in Prison
- MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry
- Tumblr discloses vulnerability but says 'no evidence that this bug was abused'
- Oracle Fixes 301 Flaws in October Critical Patch Update
- Podcast: A Utility Ransomware Attack, Post-Hurricane
- Serious SSH bug lets crooks log in just by asking nicely
- Oracle Patched Over 300 Vulnerabilities in Its Q3 2018 Critical Patch Update
- LibSSH Flaw Leaves Thousands Of Servers At Risk Of Hijacking
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- CVE-2018-10933: Libssh Server Side Authentication Bypass Vulnerability Alert
- Thousands of servers easy to hack due to a LibSSH Flaw
- Take a Bite out of the Vulnerability Remediation Backlog with InsightVM
- How Blockchain Is Making it Easier for Fintech Companies to Scale Up
- WhiteSource raises $35 million for open source flaw detection platform
- CVE-2018-3211: Java Usage Tracker Local Elevation of Privilege on Windows
- Oracle CPU October 2018: 301 vulnerabilities patched
- A hacker who used fake advertisements placed on local newspaper websites to spread malware has been sentenced to 33 months
- Thousands Of Servers Vulnerable To Hacking Due To libssh Flaw
- Im Interview erläutert Georgeta Toth, Regional Director bei dem Security-Spezialisten #Proofpoint, den Einfluss der Crypto-Mining-#Malware auf Endgeräte in Unternehmen.
- GreyEnergy: New malware campaign targets critical infrastructure companies
- Critical Vulnerabilities Allow Takeover of D-Link Routers
- Tumblr Patches A Flaw That Could Have Exposed Users’ Account Info
- Remote Code Implantation Flaw Found in Medtronic Cardiac Programmers
- Insult to injury: Malware menace soaks water-logged utility ravaged by Hurricane Florence
- Alphabet in the soup for keeping quiet about Google+ data leak bug
- Hacker: I'm logged in. New LibSSH Vulnerability: OK! I believe you.
- Brazil expert discovers Oracle flaw that allows massive DDoS attacks
- Endpoint security solutions challenged by zero-day and fileless attacks
- VMware addressed Code Execution Flaw in its ESXi, Workstation, and Fusion products
- Flaws in Branch.io Affected Over 685 Million Users
- How does #FacexWorm #malware use @Facebook Messenger to spread? Learn more about this new malware with expert @lewisnic.
- Ransomware attack hits North Carolina water utility following hurricane
- Android Apps claim to mine unminable cryptocurrency, just show ads
- #GroupIB has estimated that cryptocurrency exchanges suffered a total loss of $882 mln due to targeted attacks in 2017 and
- New GreyEnergy Malware Targets ICS, Tied with BlackEnergy and TeleBots
- Security flaw in libssh leaves thousands of servers at risk of hijacking
- How does #MassMiner #malware infect systems across the web?
- A crippling ransomware attack hit a water utility in the aftermath of Hurricane Florence
- Oracle patches 301 vulnerabilities, including 46 with a 9.8+ severity rating
- VMware Patches Code Execution Flaw in Virtual Graphics Card
- Avast scores high in malware protection | Avast
- CVE-2018-3245: Weblogic Remote Code Execution Vulnerability Alert
- Oracle releases Critical Patch Update Advisory – October 2018: fix 301 security bugs
- Git RCE Vulnerability (CVE-2018-17456)Security Advisory
- Sony has solved the crash of PS4 receiving malicious message
- LibSSH Flaw Allows Hackers to Take Over Servers Without Password
- Abandoned Tweet Counter Hijacked With Malicious Script
- 21-year-old Hacker Sentenced to 30 Months Prison for Creating Popular Hacking Tool LumunosityLink RAT
- Vulnerability in voting machines has not been corrected after 11 years
- Vulnerability in Apple VoiceOver allows hackers access to user photos
- Google Chrome 70.0.3538.67 releases: fix multiple high-risk vulnerabilities
- The attackers learn that due to the complexity and fluctuations of the pulping process, any changes could take up to
- The Qihoo @360CoreSec team found a @Microsoft vulnerability -- named Double Kill -- that affects applications through #MicrosoftOffice documents. Learn
CRIME
- LuminosityLink RAT Author Sentenced to 30 Months in Prison
- Information of 396K Users Exposed in Facepunch Data Breach
- FBI Releases Document with Measures for Defending Against Payroll Phishing Scams
- Another Phishing Scam is Appearing in Small Business Inboxes
- Meet GreyEnergy, the newest hacking group hitting Ukraine’s power grid
- Who is to blame for the majority of data breaches?
- How Blockchain Is Making it Easier for Fintech Companies to Scale Up
- A hacker who used fake advertisements placed on local newspaper websites to spread malware has been sentenced to 33 months
- SEO Poisoning Campaign Targeting U.S. Midterm Election Keywords
- WTB: MuddyWater Expands Operations
- Millions of US Voter Records for Sale
- Abandoned Tweet Counter Hijacked With Malicious Script
- 21-year-old Hacker Sentenced to 30 Months Prison for Creating Popular Hacking Tool LumunosityLink RAT
- Vulnerability in Apple VoiceOver allows hackers access to user photos
POLITICS
- Cisco Patches Remotely Exploitable High Risk Security Bugs in Multiple Products
- MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry
- 'GreyEnergy' Cyberspies Target Ukraine, Poland
- New research highlights Vietnamese group's custom hacking tools
- Meet GreyEnergy, the newest hacking group hitting Ukraine’s power grid
- GreyEnergy: New malware campaign targets critical infrastructure companies
- Attackers identified in the pre-espionage stage of CNI attack
- SEO Poisoning Campaign Targeting U.S. Midterm Election Keywords
- GreyEnergy group targeting critical infrastructure with espionage
- A crippling ransomware attack hit a water utility in the aftermath of Hurricane Florence
- Vulnerability in voting machines has not been corrected after 11 years
