WINDOWS
- What Is Windows PowerShell (And Could It Be Malicious)?
- Take a Look at L0rdix, The Super Malware Toolkit of 2018
- New Wine in Old Bottle: New Azorult Variant Found in FindMyName Campaign using Fallout Exploit Kit
- New Pterodo Backdoor Malware Detected By Ukraine
- Exploit Windows Remote PC with EternalBlue & DoublePulsar Exploit through Metasploit
- Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
- Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
- CVE-2018-15981: Adobe Flash Player Arbitrary Code Execution Vulnerability
- How to find, is link malicious/URL or not
LINUX
- What Is Windows PowerShell (And Could It Be Malicious)?
- Mirai Used as Payload in Hadoop YARN Vulnerability
- Hackers target Drupal servers chaining several flaws, including Drupalgeddon2 and DirtyCOW
- Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
- CVE-2018-15981: Adobe Flash Player Arbitrary Code Execution Vulnerability
- Uncover virtual hosts of domain with Fierce
- How to find, is link malicious/URL or not
UNIX
Nil
ANDROID
- Spoofed addresses and anonymous sending: new Gmail bugs make for easy pickings
- 500K Android users hit with malware, and what to do if you're infected
- 13 Malware-Laden Fake Apps on Google Play
- Malicious programs disguised as racing games on Google Play
- "Luiz O Pinto" pushed 500,000+ installs of malware via Google Play, in ~1 week.
IOS
- Spoofed addresses and anonymous sending: new Gmail bugs make for easy pickings
- 13 Malware-Laden Fake Apps on Google Play
- New Wine in Old Bottle: New Azorult Variant Found in FindMyName Campaign using Fallout Exploit Kit
MACOS
- Pen-test at Dropbox turns up three Apple 0-day bugs
- What Is Windows PowerShell (And Could It Be Malicious)?
- Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
- CVE-2018-15981: Adobe Flash Player Arbitrary Code Execution Vulnerability
DATA BREACH & DATA LOSS
- Email Addresses and Phone Numbers of More than 60 Million Users Exposed by USPS
- A flaw in US Postal Service website exposed data on 60 Million Users
- Emotet Banking Trojan Uses Stolen Templates to Boost Phishing Campaign Numbers
- Amazon Customer Email Addresses Leaked Because of 'Technical Error'
- Google Taking Over Health Records Raises Patient Privacy Fears
- Amazon tech error leaks customers’ email addresses
- USPS Site Exposed Data on 60 Million Users
- Vision Direct Deals With Customer Data Leak
- Amazon suffers data breach days before Black Friday
- Emotet’s Thanksgiving Campaign Delivers New Recipes for Compromise
- Researchers Reveal Identity of Hacker Behind Massive Data Breaches
- Record Retention
- A hacker known as #Tessa88 offered several compromise databases obtained from LinkedIn, MySpace and other companies. Now Recorded Future believes
- The promised integration with #HaveIBeenPwned is expanding in #FirefoxMonitor with new breach alerts when a user visits a recently compromised
- Amazon warns customers it leaked their names and email addresses
- Amazon leaks users' email addresses due to 'technical error'
- High Tail Hall data breach exposes over 400,000 furry fans
- Facebook Ads Urge Its Staff To Leak Secrets
- Amazon Suffers Data Breach Days Before Black Friday
- New Wine in Old Bottle: New Azorult Variant Found in FindMyName Campaign using Fallout Exploit Kit
- Despite early speculation, experts concluded the BGP route leak that sent Google traffic through China and Russia was due to
- Amazon UK is notifying a data breach to its customers days before Black Friday
- New Campaign by APT Group Sofacy Discovered using new Malware Named Cannon
- White House admits Ivanka Trump used private email for government business
- .@Amazon unveils new settings to help users avoid S3 data leaks, but UpGuard's Chris Vickery, who uncovered most #AWS exposures,
- How have #phishing campaigns threatened your #EnterpriseSecurity system?
- Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
- Amazon Data Leak Exposes Email Addresses Right Before Black Friday
- Yikes...#Instagram Accidentally Exposed Some Users' #Passwords In Plaintext
- APAC consumers want IoT devices, but fear data leaks
- OUR BLACK FRIDAY DEALS ARE LIVE!
Get 50% off from FREEDOME VPN and TOTAL subscriptions with coupon code BLACKFRIDAY.
Buy now:
- Russia Linked Group Resurfaces With Large-Scale Phishing Campaign
DENIAL-OF-SERVICE
Nil
MALVERTISING
- New OceanLotus watering hole attacks target southeast Asia
PHISHING
- Phishing: It's all too easy on mobile devices
- Emotet Banking Trojan Uses Stolen Templates to Boost Phishing Campaign Numbers
- Black Friday Phishing Dos and Don’ts
- Bah HumBUG: 5 Recent Holiday Phishing Samples You Need to Watch Out For
- Phishing Emails with .COM Extensions Are Hitting Finance Departments
- Black Friday & Cyber Monday Deals: Phishing and Site Skimmers
- #CyberMonday Tip 1: Be careful of phishing scams claiming to be from a package-delivery company with links to tracking information.
AVG
- How have #phishing campaigns threatened your #EnterpriseSecurity system?
- Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
- Yikes...#Instagram Accidentally Exposed Some Users' #Passwords In Plaintext
- #Gmail Glitch Enables Anonymous Messages in #Phishing Attacks:
- Phishing Scams Serious Problem for Canada’s Global Affairs
- Microsoft now lets you log into Outlook, Skype, Xbox Live without a password
- Russia Linked Group Resurfaces With Large-Scale Phishing Campaign
WEB DEFACEMENT
Nil
BOTNET
- Outlaw Group Botnet Enhanced
- A new #botnet -- #Mylobot -- has shown new, complex levels of tools and techniques that are subsequently altering botnet
- New Hacking Group Outlaw Distributing Botnet to Scan The Network & Perform Cryptocurrency-Mining & Brute-Force Attack
RANSOMWARE
- City of Valdez, Alaska admits to paying off ransomware infection
- Malaysia’s largest media company becomes victim of a ransomware attack
CRYPTOMINING & CRYPTOCURRENCIES
- Malware Moves: Attackers Retool for Cryptocurrency Theft
- New Hacking Group Outlaw Distributing Botnet to Scan The Network & Perform Cryptocurrency-Mining & Brute-Force Attack
- Signing and Verifying Ethereum Signatures
- US Department of Justice is investigating Tether for manipulation of market prices
- Worried about cryptojacking? Check out how SentinelOne Detects and Protects from GhostMiner CryptoMiner
MALWARE
- Emotet Banking Trojan Uses Stolen Templates to Boost Phishing Campaign Numbers
- Lazarus APT Uses Modular Backdoor to Target Financial Institutions
- What Is Windows PowerShell (And Could It Be Malicious)?
- Take a Look at L0rdix, The Super Malware Toolkit of 2018
- Mirai Used as Payload in Hadoop YARN Vulnerability
- 500K Android users hit with malware, and what to do if you're infected
- Russian Cozy Bear cyberspies awake from hibernation to sling spyware
- 13 Malware-Laden Fake Apps on Google Play
- Italian Naval Industry Attacked By MartyMcFly Malware
- Sofacy APT unleashes new 'Cannon' trojan
- New Pterodo Backdoor Malware Detected By Ukraine
- New Campaign by APT Group Sofacy Discovered using new Malware Named Cannon
- Malicious programs disguised as racing games on Google Play
- How is Plead #malware used for #cyberespionage attacks? Learn more with Michael Cobb of @thehairyITdog.
- Conficker: A 10-year retrospective on a legendary worm
- Malware Moves: Attackers Retool for Cryptocurrency Theft
- Infowars Online Store Got Infected with Card Skimming Malware
- Awake Security uncovers malicious intent across on-premise, IoT and cloud infrastructure
- Centreon releases Remote Server functionality for cross-domain monitoring of multi-site IT operations
- Fancy Bear APT Uses New Cannon Trojan to Target Government Entities
- "Luiz O Pinto" pushed 500,000+ installs of malware via Google Play, in ~1 week.
- Uncover virtual hosts of domain with Fierce
- Sofacy APT Takes Aim with Novel ‘Cannon’ Trojan
- How to find, is link malicious/URL or not
- Worried about cryptojacking? Check out how SentinelOne Detects and Protects from GhostMiner CryptoMiner
EXPLOIT
- Attackers Exploit Recently Patched Popular WordPress Plugin
- New Wine in Old Bottle: New Azorult Variant Found in FindMyName Campaign using Fallout Exploit Kit
- Exploit Windows Remote PC with EternalBlue & DoublePulsar Exploit through Metasploit
- Worried about cryptojacking? Check out how SentinelOne Detects and Protects from GhostMiner CryptoMiner
VULNERABILITY
- Pen-test at Dropbox turns up three Apple 0-day bugs
- A flaw in US Postal Service website exposed data on 60 Million Users
- Facebook increases rewards for its bug bounty program and facilitate bug submission
- Spoofed addresses and anonymous sending: new Gmail bugs make for easy pickings
- Mirai Used as Payload in Hadoop YARN Vulnerability
- Facebook entices researchers with $40,000 reward for account takeover vulnerabilities
- Major Flaws Found in IT Pentagon Processes After First Ever Financial Audit
- How a Security Test for DropBox Revealed 3 Apple Zero Day Vulnerabilities
- Adobe issues fix for Flash bug allowing remote code execution
- A new vulnerability was discovered to affect #Bluetooth #firmware or operating system software drivers. Learn what this vulnerability is and
- German eID Authentication Flaw Lets You Change Identity
- Hackers target Drupal servers chaining several flaws, including Drupalgeddon2 and DirtyCOW
- New vulnerabilities are coming faster than you can fix them
- Red Hawk – Open Source Information Gathering and Vulnerability Scanning Tool
- Hackers target critical WordPress plugin flaw to install backdoors and create admin accounts
- Hackers target critical WordPress plugin flaw to install backdoors and create admin accounts
- Experts found flaws in Dell EMC and VMware Products. Patch them now!
- From directory traversal to direct travesty: Crash, hijack, siphon off this TP-Link VPN box via classic exploitable bugs
- A @DLink #router vulnerability was used to send banking users to a fake site in order to steal #UserCredentials. Learn
- Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
- Patches Released for Flaws Affecting Dell EMC, VMware Products
- Adobe Fixes Critical Flash Vulnerability with
- Facebook Increases Rewards for Account Hacking Vulnerabilities
- Adobe Flash Player Update Released for Remote Code Execution Vulnerability
- Facebook Boosts Bug Bounty Payouts for Account Takeover Flaws
- Hacker got Rewarded for Discovering a Critical Steam Bug
- CVE-2018-15981: Adobe Flash Player Arbitrary Code Execution Vulnerability
- Major Flaws Found in IT Pentagon Processes After First Ever Financial Audit
ASIA
- City of Valdez, Alaska admits to paying off ransomware infection
- Lazarus APT Uses Modular Backdoor to Target Financial Institutions
- Adobe issues fix for Flash bug allowing remote code execution
- Despite early speculation, experts concluded the BGP route leak that sent Google traffic through China and Russia was due to
- Amazon UK is notifying a data breach to its customers days before Black Friday
- New Pterodo Backdoor Malware Detected By Ukraine
- Is Magecart Checking Out Your Secure Online Transactions?
- Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
- Phishing Scams Serious Problem for Canada’s Global Affairs
- Millions Stolen by North Korea-Linked Hacking Group from Atms in Africa and Asia
- Malaysia’s largest media company becomes victim of a ransomware attack
WORLD
- Email Addresses and Phone Numbers of More than 60 Million Users Exposed by USPS
- A flaw in US Postal Service website exposed data on 60 Million Users
- Emotet Banking Trojan Uses Stolen Templates to Boost Phishing Campaign Numbers
- Lazarus APT Uses Modular Backdoor to Target Financial Institutions
- Facebook increases rewards for its bug bounty program and facilitate bug submission
- Inspiring the Next Generation of Tech Talent
- Google Taking Over Health Records Raises Patient Privacy Fears
- What Is Windows PowerShell (And Could It Be Malicious)?
- Spoofed addresses and anonymous sending: new Gmail bugs make for easy pickings
- Amazon tech error leaks customers’ email addresses
- USPS Site Exposed Data on 60 Million Users
- Vision Direct Deals With Customer Data Leak
- Amazon suffers data breach days before Black Friday
- Major Flaws Found in IT Pentagon Processes After First Ever Financial Audit
- Black Friday Phishing Dos and Don’ts
- Amazon warns customers it leaked their names and email addresses
- Russian Cozy Bear cyberspies awake from hibernation to sling spyware
- German eID Authentication Flaw Lets You Change Identity
- Despite early speculation, experts concluded the BGP route leak that sent Google traffic through China and Russia was due to
- Amazon UK is notifying a data breach to its customers days before Black Friday
- Italian Naval Industry Attacked By MartyMcFly Malware
- Sofacy APT unleashes new 'Cannon' trojan
- New Pterodo Backdoor Malware Detected By Ukraine
- Black Friday & Cyber Monday Deals: Phishing and Site Skimmers
- New Campaign by APT Group Sofacy Discovered using new Malware Named Cannon
- White House admits Ivanka Trump used private email for government business
- Magecart Black Hats Battle it Out On Infected Site
- Fancy Bear hacker crew Putin dirty RATs in Word documents emailed to govt orgs – report
- Is Magecart Checking Out Your Secure Online Transactions?
- Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
- Infowars Online Store Got Infected with Card Skimming Malware
- Sofacy APT group used a new tool in latest attacks, the Cannon
- Phishing Scams Serious Problem for Canada’s Global Affairs
- Malaysia’s largest media company becomes victim of a ransomware attack
- Russian hackers are conducting more covert attacks on US and European computers
- US Department of Justice is investigating Tether for manipulation of market prices
- Sofacy APT Takes Aim with Novel ‘Cannon’ Trojan
- Major Flaws Found in IT Pentagon Processes After First Ever Financial Audit
- Russia Linked Group Resurfaces With Large-Scale Phishing Campaign
ATTACKS
- Phishing: It's all too easy on mobile devices
- Email Addresses and Phone Numbers of More than 60 Million Users Exposed by USPS
- A flaw in US Postal Service website exposed data on 60 Million Users
- Emotet Banking Trojan Uses Stolen Templates to Boost Phishing Campaign Numbers
- Amazon Customer Email Addresses Leaked Because of 'Technical Error'
- Google Taking Over Health Records Raises Patient Privacy Fears
- Amazon tech error leaks customers’ email addresses
- USPS Site Exposed Data on 60 Million Users
- Vision Direct Deals With Customer Data Leak
- Amazon suffers data breach days before Black Friday
- Emotet’s Thanksgiving Campaign Delivers New Recipes for Compromise
- Researchers Reveal Identity of Hacker Behind Massive Data Breaches
- Record Retention
- A hacker known as #Tessa88 offered several compromise databases obtained from LinkedIn, MySpace and other companies. Now Recorded Future believes
- Black Friday Phishing Dos and Don’ts
- The promised integration with #HaveIBeenPwned is expanding in #FirefoxMonitor with new breach alerts when a user visits a recently compromised
- Amazon warns customers it leaked their names and email addresses
- Amazon leaks users' email addresses due to 'technical error'
- High Tail Hall data breach exposes over 400,000 furry fans
- Facebook Ads Urge Its Staff To Leak Secrets
- Amazon Suffers Data Breach Days Before Black Friday
- Bah HumBUG: 5 Recent Holiday Phishing Samples You Need to Watch Out For
- New Wine in Old Bottle: New Azorult Variant Found in FindMyName Campaign using Fallout Exploit Kit
- Phishing Emails with .COM Extensions Are Hitting Finance Departments
- Despite early speculation, experts concluded the BGP route leak that sent Google traffic through China and Russia was due to
- Amazon UK is notifying a data breach to its customers days before Black Friday
- Black Friday & Cyber Monday Deals: Phishing and Site Skimmers
- New Campaign by APT Group Sofacy Discovered using new Malware Named Cannon
- White House admits Ivanka Trump used private email for government business
- New OceanLotus watering hole attacks target southeast Asia
- #CyberMonday Tip 1: Be careful of phishing scams claiming to be from a package-delivery company with links to tracking information.
AVG
- .@Amazon unveils new settings to help users avoid S3 data leaks, but UpGuard's Chris Vickery, who uncovered most #AWS exposures,
- How have #phishing campaigns threatened your #EnterpriseSecurity system?
- Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
- Amazon Data Leak Exposes Email Addresses Right Before Black Friday
- Yikes...#Instagram Accidentally Exposed Some Users' #Passwords In Plaintext
- #Gmail Glitch Enables Anonymous Messages in #Phishing Attacks:
- APAC consumers want IoT devices, but fear data leaks
- Phishing Scams Serious Problem for Canada’s Global Affairs
- OUR BLACK FRIDAY DEALS ARE LIVE!
Get 50% off from FREEDOME VPN and TOTAL subscriptions with coupon code BLACKFRIDAY.
Buy now:
- Microsoft now lets you log into Outlook, Skype, Xbox Live without a password
- Russia Linked Group Resurfaces With Large-Scale Phishing Campaign
THREATS
- Pen-test at Dropbox turns up three Apple 0-day bugs
- City of Valdez, Alaska admits to paying off ransomware infection
- A flaw in US Postal Service website exposed data on 60 Million Users
- Emotet Banking Trojan Uses Stolen Templates to Boost Phishing Campaign Numbers
- Lazarus APT Uses Modular Backdoor to Target Financial Institutions
- Facebook increases rewards for its bug bounty program and facilitate bug submission
- What Is Windows PowerShell (And Could It Be Malicious)?
- Spoofed addresses and anonymous sending: new Gmail bugs make for easy pickings
- Take a Look at L0rdix, The Super Malware Toolkit of 2018
- Mirai Used as Payload in Hadoop YARN Vulnerability
- Facebook entices researchers with $40,000 reward for account takeover vulnerabilities
- 500K Android users hit with malware, and what to do if you're infected
- Major Flaws Found in IT Pentagon Processes After First Ever Financial Audit
- Russian Cozy Bear cyberspies awake from hibernation to sling spyware
- How a Security Test for DropBox Revealed 3 Apple Zero Day Vulnerabilities
- Adobe issues fix for Flash bug allowing remote code execution
- 13 Malware-Laden Fake Apps on Google Play
- A new vulnerability was discovered to affect #Bluetooth #firmware or operating system software drivers. Learn what this vulnerability is and
- German eID Authentication Flaw Lets You Change Identity
- Hackers target Drupal servers chaining several flaws, including Drupalgeddon2 and DirtyCOW
- New vulnerabilities are coming faster than you can fix them
- Red Hawk – Open Source Information Gathering and Vulnerability Scanning Tool
- Hackers target critical WordPress plugin flaw to install backdoors and create admin accounts
- Hackers target critical WordPress plugin flaw to install backdoors and create admin accounts
- Italian Naval Industry Attacked By MartyMcFly Malware
- Sofacy APT unleashes new 'Cannon' trojan
- New Pterodo Backdoor Malware Detected By Ukraine
- New Campaign by APT Group Sofacy Discovered using new Malware Named Cannon
- Experts found flaws in Dell EMC and VMware Products. Patch them now!
- From directory traversal to direct travesty: Crash, hijack, siphon off this TP-Link VPN box via classic exploitable bugs
- A @DLink #router vulnerability was used to send banking users to a fake site in order to steal #UserCredentials. Learn
- Malicious programs disguised as racing games on Google Play
- Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
- Patches Released for Flaws Affecting Dell EMC, VMware Products
- Adobe Fixes Critical Flash Vulnerability with
- How is Plead #malware used for #cyberespionage attacks? Learn more with Michael Cobb of @thehairyITdog.
- Conficker: A 10-year retrospective on a legendary worm
- Malware Moves: Attackers Retool for Cryptocurrency Theft
- Infowars Online Store Got Infected with Card Skimming Malware
- Facebook Increases Rewards for Account Hacking Vulnerabilities
- Adobe Flash Player Update Released for Remote Code Execution Vulnerability
- New Hacking Group Outlaw Distributing Botnet to Scan The Network & Perform Cryptocurrency-Mining & Brute-Force Attack
- Facebook Boosts Bug Bounty Payouts for Account Takeover Flaws
- Signing and Verifying Ethereum Signatures
- Hacker got Rewarded for Discovering a Critical Steam Bug
- CVE-2018-15981: Adobe Flash Player Arbitrary Code Execution Vulnerability
- Malaysia’s largest media company becomes victim of a ransomware attack
- US Department of Justice is investigating Tether for manipulation of market prices
- Awake Security uncovers malicious intent across on-premise, IoT and cloud infrastructure
- Centreon releases Remote Server functionality for cross-domain monitoring of multi-site IT operations
- Fancy Bear APT Uses New Cannon Trojan to Target Government Entities
- "Luiz O Pinto" pushed 500,000+ installs of malware via Google Play, in ~1 week.
- Uncover virtual hosts of domain with Fierce
- Sofacy APT Takes Aim with Novel ‘Cannon’ Trojan
- Major Flaws Found in IT Pentagon Processes After First Ever Financial Audit
- How to find, is link malicious/URL or not
- Worried about cryptojacking? Check out how SentinelOne Detects and Protects from GhostMiner CryptoMiner
CRIME
- Emotet Banking Trojan Uses Stolen Templates to Boost Phishing Campaign Numbers
- Facebook increases rewards for its bug bounty program and facilitate bug submission
- What Is Windows PowerShell (And Could It Be Malicious)?
- Spoofed addresses and anonymous sending: new Gmail bugs make for easy pickings
- Take a Look at L0rdix, The Super Malware Toolkit of 2018
- USPS Site Exposed Data on 60 Million Users
- Researchers Reveal Identity of Hacker Behind Massive Data Breaches
- Bah HumBUG: 5 Recent Holiday Phishing Samples You Need to Watch Out For
- How Retailers Can Protect Against Magecart This Black Friday and Holiday Season
- New Wine in Old Bottle: New Azorult Variant Found in FindMyName Campaign using Fallout Exploit Kit
- Black Friday & Cyber Monday Deals: Phishing and Site Skimmers
- Is Magecart Checking Out Your Secure Online Transactions?
- Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
- How is Plead #malware used for #cyberespionage attacks? Learn more with Michael Cobb of @thehairyITdog.
- Signing and Verifying Ethereum Signatures
- Phishing Scams Serious Problem for Canada’s Global Affairs
- Millions Stolen by North Korea-Linked Hacking Group from Atms in Africa and Asia
- Malaysia’s largest media company becomes victim of a ransomware attack
POLITICS
- What Is Windows PowerShell (And Could It Be Malicious)?
- USPS Site Exposed Data on 60 Million Users
- New Pterodo Backdoor Malware Detected By Ukraine
- Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
- How is Plead #malware used for #cyberespionage attacks? Learn more with Michael Cobb of @thehairyITdog.
- Phishing Scams Serious Problem for Canada’s Global Affairs
- Russian hackers are conducting more covert attacks on US and European computers
- US Department of Justice is investigating Tether for manipulation of market prices
- MageCart Group Sabotages Rival to Ruin Data and Reputation
