DATA BREACH & DATA LOSS
- Case Study: Protecting PII
- An ISP Left Corporate Passwords, Keys, and All its Data Exposed on the Internet
- Top 10 security steps in Microsoft 365 that political campaigns can take today
- Critical vulnerabilities in FreeRTOS allowed for IoT device compromise
- Thousands of applications affected by a zero-day issue injQuery File Upload plugin
- Malicious actors attacked a back-end insurance system and the resulting @HealthCareGov #breach exposed an unknown amount of data on 75,000
- Identify when your data is exposed, your brand is abused, or your company is mentioned on the dark web. Test
- Thousands of Applications Vulnerable to RCE via jQuery File Upload
- Facebook has seen several data breaches in the last few months, leading the company to look into acquiring a
- Police have issued a fresh warning concerning Fortnite and players giving out their personal details online.
Cheshire Police posted on Facebook,
- Adult websites shuttered after 1.2 million user details exposed
- #sLoad and #Ramnit pairing in sustained personalized campaigns against UK and Italy
- jQuery? More like preyQuery: File upload tool can be exploited to hijack at-risk websites
- "Advanced attacks, spear-phishing and data breaches are the norm, instead of the exception. We need to address these issues with
- “We’re less likely to be caught up in a massive breach of highly available PII or financial data that gets
- A flaw in @Google Firebase #DatabaseSecurity allowed hackers to bypass security and leak data. Learn more about this #SecurityFlaw and
- Morrisons loses appeal over data breach
- Morrisons loses appeal against data breach liability ruling
- A #ZeroDay in the popular #jQuery File Upload plugin could affect thousands of projects and the jQuery #plugin vulnerability may
DENIAL-OF-SERVICE
- DDoS-Capable IoT Botnet 'Chalubo' Rises
- Chalubo DDoS Botnet Compromises Linux SSH Servers Using Brute-Force Attacks
- Netscout Launches Arbor Edge Defense for Enterprise DDoS Security
- Oracle Doubles Down on Cloud Security With CASB, WAF, DDoS Protection
MALVERTISING
Nil
PHISHING
- Phishing is still the most commonly used attack on organizations, survey says
- New Phishing Attack That Uses Multiple Replica Sign-In Pages
- How sophisticated phishing grants attackers total control of your computer
- How sophisticated phishing grants attackers total control of your computer
- 5 Ways #Cybercriminals Can Access Your Emails Without Phishing [Infographic]:
- Phishing attacks becoming more targeted, phishers love Microsoft the most
- Learn how hackers launched #phishing attacks against @netflix users with expert Michael Cobb of @thehairyITdog
- "Advanced attacks, spear-phishing and data breaches are the norm, instead of the exception. We need to address these issues with
- Phishing Report Shows Microsoft, Paypal, & Netflix as Top Targets
- 4 suggerimenti per utilizzare al meglio il vostro #password manager e generare password davvero efficaci. Ebbene sì, repetita juvant :)
WEB DEFACEMENT
- Hackers Defaced Davos In The Desert To Show Image Of Murdered Journalist
- Saudi Investment Site Defaced After Journalist’s Murder
BOTNET
- DDoS-Capable IoT Botnet 'Chalubo' Rises
- Chalubo DDoS Botnet Compromises Linux SSH Servers Using Brute-Force Attacks
- Battling Bots: How to Find Fake Twitter Followers
- Bots Targeting SSH Servers and Brute-Forcing Entry
RANSOMWARE
- When Ransomware Stopped Working Harder and Started Working Smarter
- City Pays $2K in Ransomware, Stirs ‘Never Pay’ Debate
- Case Study: Ransomware
- Indiana National Guard Suffers Ransomware Attack
- Indiana National Guard hit by ransomware
- Have you ever wondered why #ransomware attacks happen on the Friday before a long weekend? We've teamed up with @SentinelOne
CRYPTOMINING & CRYPTOCURRENCIES
- Why the blockchain is not secure
- Trade.io Cold Wallet Hacked Losing 50 Million TIO Tokens – TIO Coin To Be Forked
- Why is Elon Musk promoting this Bitcoin scam? (He’s not)
- Report: Cryptocurrency hackers earned $20M with 51-percent attacks in 2018
- Apple has launched its university ID Cards feature in Wallet. Students at three universities can now access their student ID
- Can Cybercriminals Hack Blockchain?
- A Beginner’s Guide to Bitcoin Mining (Bitcoin Mining 101)
MALWARE
- Burned malware returns, according to Cylance: is Hacking Team responsible?
- Status of Today’s Email as a Malware Vector
- Case Study: Destructive Malware
- Banking Trojan Infections Persist Throughout the State
- Triton Malware Linked to Russian Government Research Institute
- FireEye links Russian research lab to Triton ICS malware attacks
- Securing Government Operations with Cloud-based Malware Analysis
- How RATs infect computers with malicious software
- This is how government spyware StrongPity uses security researchers' work against them
- Russian Malware Was Apparently Used in an Attempt to Sabotage a Saudi Petrol Plant
- Inside Safari Extensions | Malicious Plugins Remain on Mojave
- Malicious actors attacked a back-end insurance system and the resulting @HealthCareGov #breach exposed an unknown amount of data on 75,000
- H-Worm and jRAT Malware: Two RATs are Better than One
- How RATs infect computers with malicious software
- What do you think the combination of the #TrickBot banking Trojan to #IcedID means for the future of banking #Trojans?
- Updated Azorult malware for sale on the Dark Web
- UK and US sign military Cyber Accord to dominate cyber domain - with help from business
- Chinese Cyber Espionage Group using Datper Trojan
- Burned malware returns, says Cylance report: Is Hacking Team responsible?
EXPLOIT
Nil
VULNERABILITY
- DHS warns of another dangerous flaw in Advantech WebAccess SCADA software
- Microsoft Windows zero-day disclosed on Twitter, again
- AWS FreeRTOS Riddled with Security Vulnerabilities | Avast
- Critical vulnerabilities in FreeRTOS allowed for IoT device compromise
- Thousands of applications affected by a zero-day issue injQuery File Upload plugin
- Grave TCP/IP Flaws In FreeRTOS Leave IoT Gear Open To Mass Hijacking
- Patch now! Multiple serious flaws found in Drupal
- Quantifying Vulnerability Risk: How to Quickly Calculate and Prioritize Risk
- Amazon Patched Multiple IoT Vulnerabilities Affecting Its Smart Devices
- Amazon patches IoT and critical infrastructure security flaws
- Patch me, if you can: Grave TCP/IP flaws in FreeRTOS leave IoT gear open to mass hijacking
- Several vulnerabilities were found in controllers made by @Universal_Robot. Discover what these #robot controllers are used for and how
- How do newly found flaws affect robot controllers?
- Firmware zero-day leaves 2m storage devices open to RCE
- A flaw in @Google Firebase #DatabaseSecurity allowed hackers to bypass security and leak data. Learn more about this #SecurityFlaw and
- CyberSecurity Asean security alert on Multiple Vulnerabilities in Cisco WebEx Network Recording Player for Advanced Recording Format Files Could Allow for Arbitrary Code Execution
- Bug Spells Doom for Nearly-Vacant Google+ Network
- The fix for the DOM-based XSS in Branch.io introduced a new XSS flaw
- libssh Server-Side Identity Authentication Bypass Vulnerability (CVE-2018-10933)Threat Alert
- WebLogic Remote Code Execution Vulnerability(CVE-2018-3191)Threat Alert
- Different Vendors Confirm The Impact Of LibSSH Flaw On Their Products
- FreeRTOS IoT OS Critical Vulnerabilities Affected Million of Smart Home & Critical Infrastructure Based IoT Devices
- LIVE555 Streaming library affected by remote code execution vulnerability
- Windows 10 1809 Zip Extraction Bug Overwrites Files without Confirmation
- A #ZeroDay in the popular #jQuery File Upload plugin could affect thousands of projects and the jQuery #plugin vulnerability may
HEALTHCARE
Nil
TRANSPORT
- NSA Tools Used to Attack Nuclear Energy Firms
- Hacking operations with DarkPulsar and other tools developed by the NSA
BANKING & FINANCE
- Case Study: Ransomware
- Banking Trojan Infections Persist Throughout the State
- Inside Safari Extensions | Malicious Plugins Remain on Mojave
- New Phishing Attack That Uses Multiple Replica Sign-In Pages
- What do you think the combination of the #TrickBot banking Trojan to #IcedID means for the future of banking #Trojans?
- Phishing attacks becoming more targeted, phishers love Microsoft the most
- “We’re less likely to be caught up in a massive breach of highly available PII or financial data that gets
- Morrisons loses appeal over data breach
- North Korean Hackers Stole $571 Million Worth of CryptoCoins in Less Than 24 Months
- Can Cybercriminals Hack Blockchain?
INFORMATION & TELECOMMUNICATION
- Microsoft Windows zero-day disclosed on Twitter, again
- When Ransomware Stopped Working Harder and Started Working Smarter
- Status of Today’s Email as a Malware Vector
- Banking Trojan Infections Persist Throughout the State
- An ISP Left Corporate Passwords, Keys, and All its Data Exposed on the Internet
- Battling Bots: How to Find Fake Twitter Followers
- Top 10 security steps in Microsoft 365 that political campaigns can take today
- Russian Malware Was Apparently Used in an Attempt to Sabotage a Saudi Petrol Plant
- Inside Safari Extensions | Malicious Plugins Remain on Mojave
- Thousands of applications affected by a zero-day issue injQuery File Upload plugin
- Identify when your data is exposed, your brand is abused, or your company is mentioned on the dark web. Test
- New Phishing Attack That Uses Multiple Replica Sign-In Pages
- Facebook has seen several data breaches in the last few months, leading the company to look into acquiring a
- 5 Ways #Cybercriminals Can Access Your Emails Without Phishing [Infographic]:
- Police have issued a fresh warning concerning Fortnite and players giving out their personal details online.
Cheshire Police posted on Facebook,
- #sLoad and #Ramnit pairing in sustained personalized campaigns against UK and Italy
- Why is Elon Musk promoting this Bitcoin scam? (He’s not)
- "Advanced attacks, spear-phishing and data breaches are the norm, instead of the exception. We need to address these issues with
- Have you ever wondered why #ransomware attacks happen on the Friday before a long weekend? We've teamed up with @SentinelOne
- Apple has launched its university ID Cards feature in Wallet. Students at three universities can now access their student ID
FOOD
Nil
WATER
Nil
ENERGY
- FireEye links Russia-owned lab to Trisis developers
- NSA Tools Used to Attack Nuclear Energy Firms
- Hacking operations with DarkPulsar and other tools developed by the NSA
GOVERNMENT & PUBLIC SERVICE
- FireEye links Russia-owned lab to Trisis developers
- Case Study: Protecting PII
- Banking Trojan Infections Persist Throughout the State
- Triton Malware Linked to Russian Government Research Institute
- Securing Government Operations with Cloud-based Malware Analysis
- Top 10 security steps in Microsoft 365 that political campaigns can take today
- This is how government spyware StrongPity uses security researchers' work against them
- Russian Malware Was Apparently Used in an Attempt to Sabotage a Saudi Petrol Plant
- Indiana National Guard Suffers Ransomware Attack
- TRITON Attribution: Russian Government-Owned Lab Most Likely Built
Custom Intrusion Tools for TRITON Attackers
- Indiana National Guard hit by ransomware
- Police have issued a fresh warning concerning Fortnite and players giving out their personal details online.
Cheshire Police posted on Facebook,
- UK and US sign military Cyber Accord to dominate cyber domain - with help from business
- Saudi Investment Site Defaced After Journalist’s Murder
- CyberSecurity Asean security alert on Multiple Vulnerabilities in Cisco WebEx Network Recording Player for Advanced Recording Format Files Could Allow for Arbitrary Code Execution
- Morrisons loses appeal over data breach
- North Korean Hackers Stole $571 Million Worth of CryptoCoins in Less Than 24 Months
- Can Cybercriminals Hack Blockchain?
ASIA
- FireEye links Russia-owned lab to Trisis developers
- Russian Malware Was Apparently Used in an Attempt to Sabotage a Saudi Petrol Plant
- Chinese Cyber Espionage Group using Datper Trojan
- Saudi Investment Site Defaced After Journalist’s Murder
- NSA Tools Used to Attack Nuclear Energy Firms
- Burned malware returns, says Cylance report: Is Hacking Team responsible?
- libssh Server-Side Identity Authentication Bypass Vulnerability (CVE-2018-10933)Threat Alert
- WebLogic Remote Code Execution Vulnerability(CVE-2018-3191)Threat Alert
- North Korean Hackers Stole $571 Million Worth of CryptoCoins in Less Than 24 Months
- Hacking operations with DarkPulsar and other tools developed by the NSA
- Can Cybercriminals Hack Blockchain?
WORLD
- When Ransomware Stopped Working Harder and Started Working Smarter
- Experts advocate for 'ATT&CK' as go-to framework to share threat intel
- FireEye links Russia-owned lab to Trisis developers
- Triton Malware Linked to Russian Government Research Institute
- FireEye links Russian research lab to Triton ICS malware attacks
- An ISP Left Corporate Passwords, Keys, and All its Data Exposed on the Internet
- Securing Government Operations with Cloud-based Malware Analysis
- Russian Malware Was Apparently Used in an Attempt to Sabotage a Saudi Petrol Plant
- TRITON Attribution: Russian Government-Owned Lab Most Likely Built
Custom Intrusion Tools for TRITON Attackers
- Inside Safari Extensions | Malicious Plugins Remain on Mojave
- Quantifying Vulnerability Risk: How to Quickly Calculate and Prioritize Risk
- Phishing attacks becoming more targeted, phishers love Microsoft the most
- Indiana National Guard hit by ransomware
- #sLoad and #Ramnit pairing in sustained personalized campaigns against UK and Italy
- UK and US sign military Cyber Accord to dominate cyber domain - with help from business
- Saudi Investment Site Defaced After Journalist’s Murder
- NSA Tools Used to Attack Nuclear Energy Firms
- Burned malware returns, says Cylance report: Is Hacking Team responsible?
- “We’re less likely to be caught up in a massive breach of highly available PII or financial data that gets
- The fix for the DOM-based XSS in Branch.io introduced a new XSS flaw
- Morrisons loses appeal over data breach
- Hacking operations with DarkPulsar and other tools developed by the NSA
- Can Cybercriminals Hack Blockchain?
ATTACKS
- Case Study: Protecting PII
- An ISP Left Corporate Passwords, Keys, and All its Data Exposed on the Internet
- Top 10 security steps in Microsoft 365 that political campaigns can take today
- Critical vulnerabilities in FreeRTOS allowed for IoT device compromise
- Thousands of applications affected by a zero-day issue injQuery File Upload plugin
- Malicious actors attacked a back-end insurance system and the resulting @HealthCareGov #breach exposed an unknown amount of data on 75,000
- Identify when your data is exposed, your brand is abused, or your company is mentioned on the dark web. Test
- Phishing is still the most commonly used attack on organizations, survey says
- New Phishing Attack That Uses Multiple Replica Sign-In Pages
- How sophisticated phishing grants attackers total control of your computer
- How sophisticated phishing grants attackers total control of your computer
- Thousands of Applications Vulnerable to RCE via jQuery File Upload
- Facebook has seen several data breaches in the last few months, leading the company to look into acquiring a
- 5 Ways #Cybercriminals Can Access Your Emails Without Phishing [Infographic]:
- Phishing attacks becoming more targeted, phishers love Microsoft the most
- Police have issued a fresh warning concerning Fortnite and players giving out their personal details online.
Cheshire Police posted on Facebook,
- Adult websites shuttered after 1.2 million user details exposed
- #sLoad and #Ramnit pairing in sustained personalized campaigns against UK and Italy
- Learn how hackers launched #phishing attacks against @netflix users with expert Michael Cobb of @thehairyITdog
- jQuery? More like preyQuery: File upload tool can be exploited to hijack at-risk websites
- "Advanced attacks, spear-phishing and data breaches are the norm, instead of the exception. We need to address these issues with
- “We’re less likely to be caught up in a massive breach of highly available PII or financial data that gets
- Phishing Report Shows Microsoft, Paypal, & Netflix as Top Targets
- A flaw in @Google Firebase #DatabaseSecurity allowed hackers to bypass security and leak data. Learn more about this #SecurityFlaw and
- Morrisons loses appeal over data breach
- 4 suggerimenti per utilizzare al meglio il vostro #password manager e generare password davvero efficaci. Ebbene sì, repetita juvant :)
- Morrisons loses appeal against data breach liability ruling
- A #ZeroDay in the popular #jQuery File Upload plugin could affect thousands of projects and the jQuery #plugin vulnerability may
THREATS
- DHS warns of another dangerous flaw in Advantech WebAccess SCADA software
- Burned malware returns, according to Cylance: is Hacking Team responsible?
- Microsoft Windows zero-day disclosed on Twitter, again
- AWS FreeRTOS Riddled with Security Vulnerabilities | Avast
- When Ransomware Stopped Working Harder and Started Working Smarter
- City Pays $2K in Ransomware, Stirs ‘Never Pay’ Debate
- Status of Today’s Email as a Malware Vector
- Case Study: Destructive Malware
- Case Study: Ransomware
- Banking Trojan Infections Persist Throughout the State
- Triton Malware Linked to Russian Government Research Institute
- Why the blockchain is not secure
- FireEye links Russian research lab to Triton ICS malware attacks
- Securing Government Operations with Cloud-based Malware Analysis
- How RATs infect computers with malicious software
- This is how government spyware StrongPity uses security researchers' work against them
- Russian Malware Was Apparently Used in an Attempt to Sabotage a Saudi Petrol Plant
- Indiana National Guard Suffers Ransomware Attack
- Inside Safari Extensions | Malicious Plugins Remain on Mojave
- Critical vulnerabilities in FreeRTOS allowed for IoT device compromise
- Thousands of applications affected by a zero-day issue injQuery File Upload plugin
- Grave TCP/IP Flaws In FreeRTOS Leave IoT Gear Open To Mass Hijacking
- Malicious actors attacked a back-end insurance system and the resulting @HealthCareGov #breach exposed an unknown amount of data on 75,000
- Trade.io Cold Wallet Hacked Losing 50 Million TIO Tokens – TIO Coin To Be Forked
- H-Worm and jRAT Malware: Two RATs are Better than One
- Patch now! Multiple serious flaws found in Drupal
- How RATs infect computers with malicious software
- Quantifying Vulnerability Risk: How to Quickly Calculate and Prioritize Risk
- What do you think the combination of the #TrickBot banking Trojan to #IcedID means for the future of banking #Trojans?
- Indiana National Guard hit by ransomware
- Amazon Patched Multiple IoT Vulnerabilities Affecting Its Smart Devices
- Updated Azorult malware for sale on the Dark Web
- Amazon patches IoT and critical infrastructure security flaws
- Why is Elon Musk promoting this Bitcoin scam? (He’s not)
- UK and US sign military Cyber Accord to dominate cyber domain - with help from business
- Chinese Cyber Espionage Group using Datper Trojan
- Patch me, if you can: Grave TCP/IP flaws in FreeRTOS leave IoT gear open to mass hijacking
- Several vulnerabilities were found in controllers made by @Universal_Robot. Discover what these #robot controllers are used for and how
- Burned malware returns, says Cylance report: Is Hacking Team responsible?
- How do newly found flaws affect robot controllers?
- Firmware zero-day leaves 2m storage devices open to RCE
- Report: Cryptocurrency hackers earned $20M with 51-percent attacks in 2018
- A flaw in @Google Firebase #DatabaseSecurity allowed hackers to bypass security and leak data. Learn more about this #SecurityFlaw and
- CyberSecurity Asean security alert on Multiple Vulnerabilities in Cisco WebEx Network Recording Player for Advanced Recording Format Files Could Allow for Arbitrary Code Execution
- Bug Spells Doom for Nearly-Vacant Google+ Network
- The fix for the DOM-based XSS in Branch.io introduced a new XSS flaw
- libssh Server-Side Identity Authentication Bypass Vulnerability (CVE-2018-10933)Threat Alert
- Have you ever wondered why #ransomware attacks happen on the Friday before a long weekend? We've teamed up with @SentinelOne
- WebLogic Remote Code Execution Vulnerability(CVE-2018-3191)Threat Alert
- Different Vendors Confirm The Impact Of LibSSH Flaw On Their Products
- Apple has launched its university ID Cards feature in Wallet. Students at three universities can now access their student ID
- FreeRTOS IoT OS Critical Vulnerabilities Affected Million of Smart Home & Critical Infrastructure Based IoT Devices
- LIVE555 Streaming library affected by remote code execution vulnerability
- Can Cybercriminals Hack Blockchain?
- A Beginner’s Guide to Bitcoin Mining (Bitcoin Mining 101)
- Windows 10 1809 Zip Extraction Bug Overwrites Files without Confirmation
- A #ZeroDay in the popular #jQuery File Upload plugin could affect thousands of projects and the jQuery #plugin vulnerability may
CRIME
- Inside Safari Extensions | Malicious Plugins Remain on Mojave
- Thousands of applications affected by a zero-day issue injQuery File Upload plugin
- H-Worm and jRAT Malware: Two RATs are Better than One
- New Phishing Attack That Uses Multiple Replica Sign-In Pages
- Why is Elon Musk promoting this Bitcoin scam? (He’s not)
- Morrisons loses appeal over data breach
- North Korean Hackers Stole $571 Million Worth of CryptoCoins in Less Than 24 Months
- Can Cybercriminals Hack Blockchain?
POLITICS
- An ISP Left Corporate Passwords, Keys, and All its Data Exposed on the Internet
- Top 10 security steps in Microsoft 365 that political campaigns can take today
- Russian Malware Was Apparently Used in an Attempt to Sabotage a Saudi Petrol Plant
- TRITON Attribution: Russian Government-Owned Lab Most Likely Built
Custom Intrusion Tools for TRITON Attackers
- Chinese Cyber Espionage Group using Datper Trojan
- Saudi Investment Site Defaced After Journalist’s Murder
- NSA Tools Used to Attack Nuclear Energy Firms
