DATA BREACH & DATA LOSS
- 35 Million Records Of US Voters Data For Sale On The Dark Web
- Thousands of Neoflam Clients Had Their Data Leaked After Buying Frying Pans
- Tracking Tick Through Recent Campaigns Targeting East Asia
- Cyber Espionage Campaign Reuses Code from China's APT1
- The #NetSpectre vulnerability could enable a slow leak of data remotely via side channels. Expert Michael Cobb of @thehairyITdog explains
- Tumblr Privacy Bug Could Have Exposed Sensitive Account Data
- Apple to US users: Here's how you can now see what personal data we hold on you
- Open source web hosting software compromised with DDoS malware
- Anthem Settles with OCR for $16M for 2015 Data Breach
- Card Factory Exposed Customers Photos Publicly Due To A Website Flaw
- Hackers can use legitimate #AdminTools to compromise networks. Learn more about "living off the land" attacks from expert Michael Cobb
- Tumblr patches bug that could have exposed user data
- 12.5 Million Email Archives Exposed - Why would #cybercriminals go to a #darkweb market and pay for access when they
- #NetSpectre exploits leak data remotely via side-channel attacks. Learn how to use #ThreatModeling to stop speculative execution from expert Ed
- Tracking Tick Through Recent Campaigns Targeting East Asia
- McAfee researchers uncover ‘significant’ espionage campaign
- Apple to US users: Here's how you can now see what personal data we hold on you
- Tumblr Fixes Security Bug that Leaked Private Account Info
- Tumblr fixed a #vulnerability that could have exposed sensitive account #data, including usernames/passwords and individual IP addresses.
But the company
- The #TLBleed vulnerability uses @Intel's HTT chip feature to leak data. Learn about how hackers could use #malware to launch
- VestaCP compromised in a new supply-chain attack
- VestaCP compromised in a new supply-chain attack
- Anthem to pay record £12M for 2015 data breach
- Around 600 Computers of Anne Arundel County Public Library have been Exposed to Emotet Virus
- In the wake of numerous high-profile data breaches and privacy incidents, consumers are more aware and concerned than ever about
- Senate inquiry recommends locking down My Health Record by default
- Tumblr Vulnerability Exposed User Account Information
- The Equifax Hack Uploaded Files the Right Way
- Bug Trio Affecting Eight D-Link Models Leads to Full Compromise
- SEO pollution campaign affects web searches related to EU midterm elections
DENIAL-OF-SERVICE
- Open source web hosting software compromised with DDoS malware
- Who and Why Make DDoS Attacks on The Site of Colleges and Universities ?
- A10 Networks provides cloud, Internet and gaming providers with 1 RU DDoS defense appliance
MALVERTISING
Nil
PHISHING
- The libssh “login with no password” bug – what you need to know [VIDEO]
WEB DEFACEMENT
Nil
BOTNET
- After an attempted comeback by the Russian built #VPNFilter #botnet, home #networkdevices are at risk. Learn how this #malware targets
- How does the resurgent VPNFilter botnet target victims?
RANSOMWARE
- 7 best practices for negotiating ransomware payments
CRYPTOMINING & CRYPTOCURRENCIES
- Fake Adobe Flash update hides cryptocurrency malware
- Crooks are attempting to spread their cryptojacking malware to unsuspecting victims by disguising it as an update for Flash.
The malicious
- Top 10 Blockchain Development Companies
- Crypto Mining Malware Runs on iPhone
- Cryptocurrency Miners Hiding As Flash Updates
- Cryptomining Malware Attacks On iPhones Grew By 400%
- Hacking Attacks On Cryptocurrency Exchanges Resulted in a Loss of $882 Million
- RAT author jailed for 30 months, ordered to hand over $725k worth of Bitcoin
- RAT author jailed for 30 months, ordered to hand over $725k worth of Bitcoin
- LuminosityLink spyware mastermind gets 30 months in the clink, forfeits $725k in Bitcoin
- Researcher Livestreams 51% Attack on Altcoin Blockchain
- Cryptojacking: A hidden cost for your company
- Report: Cryptocurrency Exchanges Lost $882 Million to Hackers
MALWARE
- Fake Adobe Flash update hides cryptocurrency malware
- After an attempted comeback by the Russian built #VPNFilter #botnet, home #networkdevices are at risk. Learn how this #malware targets
- Open source web hosting software compromised with DDoS malware
- LuminosityLink Spyware Mastermind Gets 30 Months In The Clink
- Crooks are attempting to spread their cryptojacking malware to unsuspecting victims by disguising it as an update for Flash.
The malicious
- Crypto Mining Malware Runs on iPhone
- GPlayed Trojan - .Net Playing with Google Market
- Cryptomining Malware Attacks On iPhones Grew By 400%
- RAT author jailed for 30 months, ordered to hand over $725k worth of Bitcoin
- RAT author jailed for 30 months, ordered to hand over $725k worth of Bitcoin
- LuminosityLink spyware mastermind gets 30 months in the clink, forfeits $725k in Bitcoin
- The #TLBleed vulnerability uses @Intel's HTT chip feature to leak data. Learn about how hackers could use #malware to launch
- XBash Malware Security Advisory
- The author of the LuminosityLink RAT sentenced to 30 Months in Prison
- Stegware: How is #malware using #steganography techniques to avoid detection?
- Around 600 Computers of Anne Arundel County Public Library have been Exposed to Emotet Virus
- In order to distribute the attack payload, the code needs to be downloaded onto the PLCs & safety controllers.
This
EXPLOIT
Nil
VULNERABILITY
- GitHub now warns devs about bugs that led to Equifax breach
- Flaws in telepresence robots allow hackers access to pictures, video feeds
- Branch.io Flaws may have affected as many as 685 million individuals
- Critical Remote Code Execution Vulnerabilities Patched by Drupal
- Code Execution Vulnerability Patched in Library Used by VLC, Other Media Players
- Flaws Open Telepresence Robots to Prying Eyes
- [SingCERT] Alert on Multiple Security Vulnerabilities in Oracle's Enterprise Products
- The #NetSpectre vulnerability could enable a slow leak of data remotely via side channels. Expert Michael Cobb of @thehairyITdog explains
- A newly disclosed #libSSH vulnerability could allow an attacker #AdminAccess to a server with little effort. By @MT_Heller
- Drupal addresses multiple critical flaws with latest release
- Tumblr Privacy Bug Could Have Exposed Sensitive Account Data
- CVE-2018-8460: Exposing a Double Free in Internet Explorer for Code Execution
- Wapiti – The Black Box Vulnerability Scanner for Web Applications
- Vulnerability Spotlight: Live Networks LIVE555 streaming media RTSPServer code execution vulnerability
- The libssh “login with no password” bug – what you need to know [VIDEO]
- Card Factory Exposed Customers Photos Publicly Due To A Website Flaw
- How Shodan helps identify ICS cybersecurity vulnerabilities
- Oracle extends its thanks to Qihoo 360 for fixing the vulnerabilities of Weblogic
- Tumblr patches bug that could have exposed user data
- [SingCERT] Alert on Linksys E Series Routers Vulnerabilities (CVE-2018-3953, CVE-2018-3954, and CVE-2018-3955)
- Apache Access Vulnerability Could Affect Thousands of Applications
- Last year, D-Link flubbed a router bug-fix, so it's back with total pwnage
- Party like it's 1989... SVGA code bug haunts VMware's house, lets guests flee to host OS
- Oracle Patches 301 Vulnerabilities in October Update
- Tumblr Fixes Security Bug that Leaked Private Account Info
- Ruby 2.4.5 released: 40 bug fixes
- Tumblr fixed a #vulnerability that could have exposed sensitive account #data, including usernames/passwords and individual IP addresses.
But the company
- The #TLBleed vulnerability uses @Intel's HTT chip feature to leak data. Learn about how hackers could use #malware to launch
- New libSSH vulnerability gives root access to servers
- A 4-year-old #libSSH vulnerability can allow attackers to easily log in to servers with full administrative control, but it is
- The implications of the NetSpectre vulnerability
- #Shodan can be a helpful tool for security professionals to locate #ICSsecurity vulnerabilities. Expert Ernie Hayden explains how Shodan works
- Oracle security updates contains 45 critical-rated vulnerability
- A #libSSH vulnerability that went undisclosed for almost five years could allow an attacker easy #AdminAccess to servers, @0xAmit said
- Vulnerability Spotlight: Live Networks LIVE555 streaming media RTSPServer code execution vulnerability
- Chaining three critical vulnerabilities allows takeover of D-Link routers
- Tumblr Fixes Critical Security Bug That Exposes User Account Details
- Tumblr Vulnerability Exposed User Account Information
- Bug Trio Affecting Eight D-Link Models Leads to Full Compromise
ASIA
- Threat Report: BlackEnergy APT Group Becomes GreyEnergy
- GreyEnergy cyberespionage group targets Poland and Ukraine
- Tracking Tick Through Recent Campaigns Targeting East Asia
- Cyber Espionage Campaign Reuses Code from China's APT1
- Oceansalt cyberattack wave linked to defunct Chinese APT Comment Crew
- Oceansalt Linked To Defunct Chinese APT Comment Crew
- Group-IB: 14 cyber attacks on crypto exchanges resulted in a loss of $882 million
- Hacking Attacks On Cryptocurrency Exchanges Resulted in a Loss of $882 Million
- 'Operation Oceansalt' Reuses Code from Chinese Group APT1
- Oracle extends its thanks to Qihoo 360 for fixing the vulnerabilities of Weblogic
- Tracking Tick Through Recent Campaigns Targeting East Asia
- XBash Malware Security Advisory
- Operation Oceansalt research reveals cyber-attacks targeting South Korea, USA and Canada
- Targeted attacks on crypto exchanges resulted in a loss of $882 million
- The Equifax Hack Uploaded Files the Right Way
- Oceansalt cyberattack wave linked to defunct Chinese APT Comment Crew
- ‘Operation Oceansalt’ Delivers Wave After Wave
- New Reconnaissance Tool Uses Code from Eight-Year-Old Comment Crew Implant
WORLD
- Threat Report: BlackEnergy APT Group Becomes GreyEnergy
- Branch.io Flaws may have affected as many as 685 million individuals
- GreyEnergy cyberespionage group targets Poland and Ukraine
- 35 Million Records Of US Voters Data For Sale On The Dark Web
- Thousands of Neoflam Clients Had Their Data Leaked After Buying Frying Pans
- Cyber Espionage Campaign Reuses Code from China's APT1
- After an attempted comeback by the Russian built #VPNFilter #botnet, home #networkdevices are at risk. Learn how this #malware targets
- Apple to US users: Here's how you can now see what personal data we hold on you
- CVE-2018-8460: Exposing a Double Free in Internet Explorer for Code Execution
- New Pennsylvania Law Imposes Fine for Using Drones to Spy
- GreyEnergy Potential Successor of BlackEnergy
- Oceansalt cyberattack wave linked to defunct Chinese APT Comment Crew
- Crypto Mining Malware Runs on iPhone
- 'Operation Oceansalt' Reuses Code from Chinese Group APT1
- RAT author jailed for 30 months, ordered to hand over $725k worth of Bitcoin
- RAT author jailed for 30 months, ordered to hand over $725k worth of Bitcoin
- Apple to US users: Here's how you can now see what personal data we hold on you
- XBash Malware Security Advisory
- Anthem to pay record £12M for 2015 data breach
- The author of the LuminosityLink RAT sentenced to 30 Months in Prison
- Operation Oceansalt research reveals cyber-attacks targeting South Korea, USA and Canada
- Chaining three critical vulnerabilities allows takeover of D-Link routers
- Senate inquiry recommends locking down My Health Record by default
- ‘Operation Oceansalt’ Delivers Wave After Wave
- SEO pollution campaign affects web searches related to EU midterm elections
- New Reconnaissance Tool Uses Code from Eight-Year-Old Comment Crew Implant
ATTACKS
- 35 Million Records Of US Voters Data For Sale On The Dark Web
- Thousands of Neoflam Clients Had Their Data Leaked After Buying Frying Pans
- Tracking Tick Through Recent Campaigns Targeting East Asia
- Cyber Espionage Campaign Reuses Code from China's APT1
- The #NetSpectre vulnerability could enable a slow leak of data remotely via side channels. Expert Michael Cobb of @thehairyITdog explains
- Tumblr Privacy Bug Could Have Exposed Sensitive Account Data
- Apple to US users: Here's how you can now see what personal data we hold on you
- Open source web hosting software compromised with DDoS malware
- Anthem Settles with OCR for $16M for 2015 Data Breach
- The libssh “login with no password” bug – what you need to know [VIDEO]
- Card Factory Exposed Customers Photos Publicly Due To A Website Flaw
- Hackers can use legitimate #AdminTools to compromise networks. Learn more about "living off the land" attacks from expert Michael Cobb
- Tumblr patches bug that could have exposed user data
- 12.5 Million Email Archives Exposed - Why would #cybercriminals go to a #darkweb market and pay for access when they
- #NetSpectre exploits leak data remotely via side-channel attacks. Learn how to use #ThreatModeling to stop speculative execution from expert Ed
- Tracking Tick Through Recent Campaigns Targeting East Asia
- McAfee researchers uncover ‘significant’ espionage campaign
- Apple to US users: Here's how you can now see what personal data we hold on you
- Tumblr Fixes Security Bug that Leaked Private Account Info
- Tumblr fixed a #vulnerability that could have exposed sensitive account #data, including usernames/passwords and individual IP addresses.
But the company
- The #TLBleed vulnerability uses @Intel's HTT chip feature to leak data. Learn about how hackers could use #malware to launch
- VestaCP compromised in a new supply-chain attack
- VestaCP compromised in a new supply-chain attack
- Anthem to pay record £12M for 2015 data breach
- Around 600 Computers of Anne Arundel County Public Library have been Exposed to Emotet Virus
- In the wake of numerous high-profile data breaches and privacy incidents, consumers are more aware and concerned than ever about
- Senate inquiry recommends locking down My Health Record by default
- Tumblr Vulnerability Exposed User Account Information
- The Equifax Hack Uploaded Files the Right Way
- Bug Trio Affecting Eight D-Link Models Leads to Full Compromise
- SEO pollution campaign affects web searches related to EU midterm elections
THREATS
- GitHub now warns devs about bugs that led to Equifax breach
- Flaws in telepresence robots allow hackers access to pictures, video feeds
- Fake Adobe Flash update hides cryptocurrency malware
- Branch.io Flaws may have affected as many as 685 million individuals
- Critical Remote Code Execution Vulnerabilities Patched by Drupal
- Code Execution Vulnerability Patched in Library Used by VLC, Other Media Players
- Flaws Open Telepresence Robots to Prying Eyes
- [SingCERT] Alert on Multiple Security Vulnerabilities in Oracle's Enterprise Products
- The #NetSpectre vulnerability could enable a slow leak of data remotely via side channels. Expert Michael Cobb of @thehairyITdog explains
- A newly disclosed #libSSH vulnerability could allow an attacker #AdminAccess to a server with little effort. By @MT_Heller
- After an attempted comeback by the Russian built #VPNFilter #botnet, home #networkdevices are at risk. Learn how this #malware targets
- Drupal addresses multiple critical flaws with latest release
- Tumblr Privacy Bug Could Have Exposed Sensitive Account Data
- CVE-2018-8460: Exposing a Double Free in Internet Explorer for Code Execution
- Open source web hosting software compromised with DDoS malware
- Wapiti – The Black Box Vulnerability Scanner for Web Applications
- Vulnerability Spotlight: Live Networks LIVE555 streaming media RTSPServer code execution vulnerability
- LuminosityLink Spyware Mastermind Gets 30 Months In The Clink
- Crooks are attempting to spread their cryptojacking malware to unsuspecting victims by disguising it as an update for Flash.
The malicious
- Top 10 Blockchain Development Companies
- Crypto Mining Malware Runs on iPhone
- The libssh “login with no password” bug – what you need to know [VIDEO]
- Cryptocurrency Miners Hiding As Flash Updates
- GPlayed Trojan - .Net Playing with Google Market
- Card Factory Exposed Customers Photos Publicly Due To A Website Flaw
- How Shodan helps identify ICS cybersecurity vulnerabilities
- Cryptomining Malware Attacks On iPhones Grew By 400%
- Hacking Attacks On Cryptocurrency Exchanges Resulted in a Loss of $882 Million
- RAT author jailed for 30 months, ordered to hand over $725k worth of Bitcoin
- Oracle extends its thanks to Qihoo 360 for fixing the vulnerabilities of Weblogic
- RAT author jailed for 30 months, ordered to hand over $725k worth of Bitcoin
- Tumblr patches bug that could have exposed user data
- [SingCERT] Alert on Linksys E Series Routers Vulnerabilities (CVE-2018-3953, CVE-2018-3954, and CVE-2018-3955)
- Apache Access Vulnerability Could Affect Thousands of Applications
- LuminosityLink spyware mastermind gets 30 months in the clink, forfeits $725k in Bitcoin
- Last year, D-Link flubbed a router bug-fix, so it's back with total pwnage
- Party like it's 1989... SVGA code bug haunts VMware's house, lets guests flee to host OS
- Oracle Patches 301 Vulnerabilities in October Update
- Tumblr Fixes Security Bug that Leaked Private Account Info
- Ruby 2.4.5 released: 40 bug fixes
- Tumblr fixed a #vulnerability that could have exposed sensitive account #data, including usernames/passwords and individual IP addresses.
But the company
- The #TLBleed vulnerability uses @Intel's HTT chip feature to leak data. Learn about how hackers could use #malware to launch
- XBash Malware Security Advisory
- New libSSH vulnerability gives root access to servers
- A 4-year-old #libSSH vulnerability can allow attackers to easily log in to servers with full administrative control, but it is
- The implications of the NetSpectre vulnerability
- Researcher Livestreams 51% Attack on Altcoin Blockchain
- The author of the LuminosityLink RAT sentenced to 30 Months in Prison
- #Shodan can be a helpful tool for security professionals to locate #ICSsecurity vulnerabilities. Expert Ernie Hayden explains how Shodan works
- Oracle security updates contains 45 critical-rated vulnerability
- A #libSSH vulnerability that went undisclosed for almost five years could allow an attacker easy #AdminAccess to servers, @0xAmit said
- Vulnerability Spotlight: Live Networks LIVE555 streaming media RTSPServer code execution vulnerability
- Stegware: How is #malware using #steganography techniques to avoid detection?
- Cryptojacking: A hidden cost for your company
- Chaining three critical vulnerabilities allows takeover of D-Link routers
- Around 600 Computers of Anne Arundel County Public Library have been Exposed to Emotet Virus
- Report: Cryptocurrency Exchanges Lost $882 Million to Hackers
- Tumblr Fixes Critical Security Bug That Exposes User Account Details
- In order to distribute the attack payload, the code needs to be downloaded onto the PLCs & safety controllers.
This
- Tumblr Vulnerability Exposed User Account Information
- Bug Trio Affecting Eight D-Link Models Leads to Full Compromise
- 7 best practices for negotiating ransomware payments
CRIME
- Threat Report: BlackEnergy APT Group Becomes GreyEnergy
- GreyEnergy cyberespionage group targets Poland and Ukraine
- Thousands of Neoflam Clients Had Their Data Leaked After Buying Frying Pans
- New Pennsylvania Law Imposes Fine for Using Drones to Spy
- Group-IB: 14 cyber attacks on crypto exchanges resulted in a loss of $882 million
- Hacking Attacks On Cryptocurrency Exchanges Resulted in a Loss of $882 Million
- RAT author jailed for 30 months, ordered to hand over $725k worth of Bitcoin
- RAT author jailed for 30 months, ordered to hand over $725k worth of Bitcoin
- Tumblr patches bug that could have exposed user data
- 12.5 Million Email Archives Exposed - Why would #cybercriminals go to a #darkweb market and pay for access when they
- XBash Malware Security Advisory
- VestaCP compromised in a new supply-chain attack
- VestaCP compromised in a new supply-chain attack
- The author of the LuminosityLink RAT sentenced to 30 Months in Prison
- Targeted attacks on crypto exchanges resulted in a loss of $882 million
- 7 best practices for negotiating ransomware payments
POLITICS
- Threat Report: BlackEnergy APT Group Becomes GreyEnergy
- GreyEnergy cyberespionage group targets Poland and Ukraine
- New APT Could Signal Reemergence of Notorious Comment Crew
- Cyber Espionage Campaign Reuses Code from China's APT1
- New Pennsylvania Law Imposes Fine for Using Drones to Spy
- GreyEnergy Spy APT Mounts Sophisticated Effort Against Critical Infrastructure
- GreyEnergy Potential Successor of BlackEnergy
- Oceansalt cyberattack wave linked to defunct Chinese APT Comment Crew
- 'Operation Oceansalt' Reuses Code from Chinese Group APT1
- RAT author jailed for 30 months, ordered to hand over $725k worth of Bitcoin
- RAT author jailed for 30 months, ordered to hand over $725k worth of Bitcoin
- Tracking Tick Through Recent Campaigns Targeting East Asia
- McAfee researchers uncover ‘significant’ espionage campaign
- Operation Oceansalt research reveals cyber-attacks targeting South Korea, USA and Canada
- New Reconnaissance Tool Uses Code from Eight-Year-Old Comment Crew Implant
