ASIA
- Banking Trojan Made in Brazil? A Brief Look
- Looking Ahead: RiskIQ’s 2019 Cybersecurity Predictions
- Indian Police Break Up International Computer Virus Scam
- Iranian duo charged with SamSam ransomware-slinging campaign
- U.S. DoJ charges Iranian duo over SamSam Ransomware activity
- US charges Iranian hackers for SamSam ransomware attacks
- US charges Iranian hackers for SamSam ransomware attacks
- The Fractured Block Campaign: CARROTBAT Used to Deliver Malware Targeting Southeast Asia
- US Indicts Two Iranians for SamSam Campaign Blitz
- Analysis Report of the XorDDoS Malware Family
- Lazarus Targeting Latin America
- Pervasive Brazilian financial malware targets bank customers in Latin America and Europe
WORLD
- GCHQ: this is how we decide to report a security bug or keep it a secret
- Atrium Health’s Databreach: 2.65 Million Patient Records Publicly Revealed
- Rotexy malware morphs into dangerous banking Trojan
- Banking Trojan Made in Brazil? A Brief Look
- First Annual Cyberwarcon
- Brazilian Financial Malware Spreads Beyond National Boundaries
- USPS API Security Vulnerabilities Caused by Functional Errors
- Accenture: Russian hackers using Brexit talks to disguise phishing lures
- Looking Ahead: RiskIQ’s 2019 Cybersecurity Predictions
- SamSam ransomware actors charged, sanctioned by US government
- U.S. DoJ charges Iranian duo over SamSam Ransomware activity
- US charges Iranian hackers for SamSam ransomware attacks
- Pterodo Found On State Authorities' Computers In Ukraine
- US charges Iranian hackers for SamSam ransomware attacks
- The Fractured Block Campaign: CARROTBAT Used to Deliver Malware Targeting Southeast Asia
- US indicts two over SamSam ransomware attacks
- US Charges Hackers in Multimillion Dollar Ransomware Campaign
- XSS Shell- Cross Site Scripting
- Smashing Security #106: Google Maps, Fed phishing, and Grinch bots
- GCHQ: We don't tell tech companies about every software flaw
- Uber fined $1.1 million by UK and Dutch regulators over 2016 data breach
- US Indicts Two Iranians for SamSam Campaign Blitz
- Symantec comes out in swinging in bitter legal battle over security bug audit conspiracy claims
- Brazilian-made bank trojan
- READ: The threat actor SNAKEMACKEREL (#FancyBear) leveraged current geopolitical events and #Brexit themed lure documents to deliver first-stage malware
- London-based Urban Massage app leaks data on 300K customers, including sexual misconduct claims
- Records of 114 Million US Citizen and Companies Exposed Online
- NEW: Russian hackers using Brexit talks to disguise its phishing lures
- McAfee Labs 2019 Threats Predictions Report
- Lazarus Targeting Latin America
- AccuDoc Data Breach impacted 2.6 Million Atrium Health patients
- Pervasive Brazilian financial malware targets bank customers in Latin America and Europe
- UK and Dutch Regulators Fined Uber for $1.1 Million over 2016 Data Breach
- Dell Hacked – Data Breach Exposed Names, Email addresses & Hashed Passwords
ATTACKS
- Atrium Health’s Databreach: 2.65 Million Patient Records Publicly Revealed
- Users Failing Phishing Simulations? That’s ok
- Dell Forces Password Reset for Online Customers Following Data Breach
- Dell remains quiet on attempted data breach
- Accenture: Russian hackers using Brexit talks to disguise phishing lures
- 2.6 Million Atrium Health Patient Records Compromised by Vendor AccuDoc
- Iranian duo charged with SamSam ransomware-slinging campaign
- Office workers beware: Holiday gift card spear phishing attacks on the rise
- The Fractured Block Campaign: CARROTBAT Used to Deliver Malware Targeting Southeast Asia
- Blazy – Open Source Modern Login Brute-forcer
- SKY Brasil Exposes 32 Million Customer Records
- US Charges Hackers in Multimillion Dollar Ransomware Campaign
- Dunkin' Donuts Serves Up Data Breach Alert
- Smashing Security #106: Google Maps, Fed phishing, and Grinch bots
- Uber fined $1.1 million by UK and Dutch regulators over 2016 data breach
- US Indicts Two Iranians for SamSam Campaign Blitz
- London-based Urban Massage app leaks data on 300K customers, including sexual misconduct claims
- Database breach affects 2.6 million Atrium Health patients
- Dell data breach – Dell forces password reset after the incident
- Records of 114 Million US Citizen and Companies Exposed Online
- NEW: Russian hackers using Brexit talks to disguise its phishing lures
- Threat Spotlight: New spear phishing attack gift card scam
- How have #phishing campaigns threatened your #EnterpriseSecurity system?
- AccuDoc Data Breach impacted 2.6 Million Atrium Health patients
- Dell Resets User Passwords Following Data Breach
- Atrium Health Data Breach Affected More than 2 Million Patients
- UK and Dutch Regulators Fined Uber for $1.1 Million over 2016 Data Breach
- Dell Hacked – Data Breach Exposed Names, Email addresses & Hashed Passwords
- A targeted attack attempting to steal #cryptocurrency took advantage of open source software with a compromised #NPM package and experts
THREATS
- GCHQ: this is how we decide to report a security bug or keep it a secret
- A free decryption tool is available for Thanatos ransomware victims
- Rotexy malware morphs into dangerous banking Trojan
- Banking Trojan Made in Brazil? A Brief Look
- Critical Zoom Flaw Lets Hackers Hijack Conference Meetings
- Overall Volume of Thanksgiving Weekend Malware Attacks Lower This Year
- Brazilian Financial Malware Spreads Beyond National Boundaries
- USPS API Security Vulnerabilities Caused by Functional Errors
- Colorado Agency Targeted in Nationwide Ransomware Scheme
- Cisco Patches SQL Injection Flaw in Prime License Manager
- SamSam ransomware actors charged, sanctioned by US government
- Cisco Patches Critical Bug in License Management Tool
- Indian Police Break Up International Computer Virus Scam
- Hackers can exploit this bug in surveillance cameras to tamper with footage
- Iranian duo charged with SamSam ransomware-slinging campaign
- U.S. DoJ charges Iranian duo over SamSam Ransomware activity
- A security hole in a mail preview program may have made the data of 60 million customers vulnerable.
- US charges Iranian hackers for SamSam ransomware attacks
- Inside the Google Docs Malicious Network
- US charges Iranian hackers for SamSam ransomware attacks
- The Fractured Block Campaign: CARROTBAT Used to Deliver Malware Targeting Southeast Asia
- A security researcher notified the @USPS of an #API vulnerability one year ago. But the #USPS website flaw was only
- US indicts two over SamSam ransomware attacks
- US Charges Hackers in Multimillion Dollar Ransomware Campaign
- AriseBank CEO faces 120 years behind bars over alleged cryptocurrency scam
- Beware the Malware-Laden Brexit News
- KingMiner malware hijacks the full power of Windows Server CPUs
- GCHQ: We don't tell tech companies about every software flaw
- Malicious developer creates wormable, fileless variant of njRAT
- Symantec comes out in swinging in bitter legal battle over security bug audit conspiracy claims
- Brazilian-made bank trojan
- READ: The threat actor SNAKEMACKEREL (#FancyBear) leveraged current geopolitical events and #Brexit themed lure documents to deliver first-stage malware
- Proofpoint: Hackers testing new reconnaissance #malware on financial institutions.
- Beware the Malware-Laden Brexit News https://ubm.io/2Ql2DyP by @ErickaChick
- Analysis Report of the XorDDoS Malware Family
- Hacker takes over JavaScript library, injects malware to steal Bitcoin
- Widely Used Web Conference Service Zoom Patches Critical Flaw
- A new vulnerability was discovered to affect #Bluetooth #firmware or operating system software drivers. Learn what this vulnerability is and
- Several Malicious Apps on Google Play Posing as Voice Messenger Steal User Personal Information
- Mobile Malware Attacks Increase as Holiday Season Nears
- Facebook Increases Bug Bounty Payouts to Improve User Security
- Pervasive Brazilian financial malware targets bank customers in Latin America and Europe
- A targeted attack attempting to steal #cryptocurrency took advantage of open source software with a compromised #NPM package and experts
CRIME
- Atrium Health’s Databreach: 2.65 Million Patient Records Publicly Revealed
- Colorado Agency Targeted in Nationwide Ransomware Scheme
- Looking Ahead: RiskIQ’s 2019 Cybersecurity Predictions
- Indian Police Break Up International Computer Virus Scam
- U.S. DoJ charges Iranian duo over SamSam Ransomware activity
- US indicts two over SamSam ransomware attacks
- SKY Brasil Exposes 32 Million Customer Records
- US Charges Hackers in Multimillion Dollar Ransomware Campaign
- AriseBank CEO faces 120 years behind bars over alleged cryptocurrency scam
- Uber fined $1.1 million by UK and Dutch regulators over 2016 data breach
- US Indicts Two Iranians for SamSam Campaign Blitz
- Symantec comes out in swinging in bitter legal battle over security bug audit conspiracy claims
- McAfee Labs 2019 Threats Predictions Report
- Threat Spotlight: New spear phishing attack gift card scam
- AccuDoc Data Breach impacted 2.6 Million Atrium Health patients
- Pervasive Brazilian financial malware targets bank customers in Latin America and Europe
- UK and Dutch Regulators Fined Uber for $1.1 Million over 2016 Data Breach
- The Justice Department, FBI and several tech and cybersecurity companies have dismantled the #3ve #botnet, and eight individuals have been
POLITICS
- GCHQ: this is how we decide to report a security bug or keep it a secret
- First Annual Cyberwarcon
- Looking Ahead: RiskIQ’s 2019 Cybersecurity Predictions
- Pterodo Found On State Authorities' Computers In Ukraine
- XSS Shell- Cross Site Scripting
- Uber fined $1.1 million by UK and Dutch regulators over 2016 data breach
- McAfee Labs 2019 Threats Predictions Report
- Threat Spotlight: New spear phishing attack gift card scam
- Pervasive Brazilian financial malware targets bank customers in Latin America and Europe
- UK and Dutch Regulators Fined Uber for $1.1 Million over 2016 Data Breach
ASIA
- Half of all Phishing Sites Now Have the Padlock
- Cyberthreats to financial institutions 2019: overview and predictions
- Ukrainian Police Nab Suspected RAT-Slinger
- Crypto Mining Malware Infects Make-A-Wish-Foundation Website
WORLD
- Microsoft launches review after a trio of Azure bugs locked users out of Office 365
- Did UK city council over-react to a vulnerability report in its recycling app or not?
- Knuddels Flirt App Slapped with Hefty Fine After Data Breach
- When Do You Need to Report a Data Breach?
- Democrats Introduce Bill for Stopping Automated Grinch Bots from Ruining Xmas
- Siemens patches major firewall flaw, other vulnerabilities
- How Pirated Versions of ‘Super Smash Bros. Ultimate’ Leaked Weeks Before Release
- Microsoft PowerPoint as Malware Dropper
- Recent Attacks on US Entities Attributed to APT29
- U.S. Postal Service API Flaw Exposes Data of 60 Million Customers
- Phishing Campaign targeting French Industry
- Russia Plans To tighten Data Protection Owing To Intelligence Leaks
- German Social Media Provider Fined €20K for Data Breach
- Cyberthreats to financial institutions 2019: overview and predictions
- Ukrainian Police Nab Suspected RAT-Slinger
- Crypto Mining Malware Infects Make-A-Wish-Foundation Website
- Experts found a new powerful modular Linux cryptominer
- HR Software Firm PageUp Finds No Evidence of Data Theft
- An ongoing phishing campaign is targeting French industry, @FSLabs finds.
- Phishing Campaign targeting French Industry
ATTACKS
- Knuddels Flirt App Slapped with Hefty Fine After Data Breach
- When Do You Need to Report a Data Breach?
- USPS, Amazon Data Leaks Showcase API Weaknesses
- Holiday Season: Cybercriminals are Phishing All The Way
- How Pirated Versions of ‘Super Smash Bros. Ultimate’ Leaked Weeks Before Release
- Half of all Phishing Sites Now Have the Padlock
- Easy as APT: Spear phishing highlighted as ongoing threat for 2019
- Despite growing concerns about cybersecurity and the number of data breach incidents in the news, many employees still have bad
- Trivial Spotify Phishing Campaign Targets Users To Steal Login Credentials
- Phishing Campaign targeting French Industry
- Russia Plans To tighten Data Protection Owing To Intelligence Leaks
- German Social Media Provider Fined €20K for Data Breach
- No need to compromise freedom for security - Europol audience told
- 50% use password managers to store login details
- HR Software Firm PageUp Finds No Evidence of Data Theft
- Internal negligence to blame for most data breaches involving personal health information
- Sextortion 2.0: We have continued to monitor the campaigns and have seen a recent change in tactics, with some unusual
- An ongoing phishing campaign is targeting French industry, @FSLabs finds.
- Phishing Campaign targeting French Industry
- Beware!! Cyber Criminals Launching Serious Phishing Attack that Target Spotify Customers
- My Health Record opt-out officially extended to January 31
THREATS
- Microsoft launches review after a trio of Azure bugs locked users out of Office 365
- Did UK city council over-react to a vulnerability report in its recycling app or not?
- Ransomware attack disrupted emergency rooms at Ohio Hospital System
- Lenovo to Pay $7.3 Million in Settlement for Installing Adware on 800K Notebooks
- 13 Newly Discovered Malicious Apps, Deleted By Google From the Play Store
- Hacker backdoors popular JavaScript library to steal Bitcoin funds
- What is Data Classification? Guidelines and Process
- Linux Kernel is affected by two DoS vulnerabilities still unpatched
- Mobile Rotexy Malware Touts Ransomware, Banking Trojan Functions
- Harberger Taxes on Ethereum
- DoS Vulnerabilities Impact Linux Kernel
- Subscribe to the relaunched Virus Bulletin eNews newsletter
- Apache Hadoop Spins Cracking Code Injection Vulnerability YARN
- Siemens patches major firewall flaw, other vulnerabilities
- Play Store Malware Infects Half a Billion
- Microsoft PowerPoint as Malware Dropper
- #Bluetooth devices might be at risk after a new Bluetooth vulnerability was found targeting #firmware and #OperatingSystem software drivers. Learn
- U.S. Postal Service API Flaw Exposes Data of 60 Million Customers
- Ransomware Attack Forced Ohio Hospital System to Divert ER Patients
- Positive Technologies researchers recently found two serious vulnerabilities that target NCR's #ATMs. Learn how a "black box attack" was involved
- OSX.Dummy #malware has been discovered to use chat platforms in order to target #cryptocurrency investors. Learn more with expert @lewisnic
- Cryptocurrency threat predictions for 2019
- Ukrainian Police Nab Suspected RAT-Slinger
- Crypto Mining Malware Infects Make-A-Wish-Foundation Website
- Experts found a new powerful modular Linux cryptominer
- A new ransomware -- dubbed #Thanatos #ransomware -- was found encrypting data but not decrypting it despite victims paying the
- Discover how a @DLink #router vulnerability targeted a banking site to steal #UserCredentials with expert Judith Myerson.
- For recent big data software vulnerabilities, botnets and coin mining are just the beginning
- Frost & Sullivan Commends Rapid7 for Capturing Nearly a Quarter Share of the Global Vulnerability Management Market
CRIME
- When Do You Need to Report a Data Breach?
- Holiday Season: Cybercriminals are Phishing All The Way
- Half of all Phishing Sites Now Have the Padlock
- Russia Plans To tighten Data Protection Owing To Intelligence Leaks
- Cryptocurrency threat predictions for 2019
- Cyberthreats to financial institutions 2019: overview and predictions
- Ukrainian Police Nab Suspected RAT-Slinger
- Experts found a new powerful modular Linux cryptominer
- HR Software Firm PageUp Finds No Evidence of Data Theft
- Sextortion 2.0: We have continued to monitor the campaigns and have seen a recent change in tactics, with some unusual
POLITICS
- Russia Plans To tighten Data Protection Owing To Intelligence Leaks
- Cryptocurrency threat predictions for 2019
- Ukrainian Police Nab Suspected RAT-Slinger
ASIA
- North Korea-linked group Lazarus targets Latin American banks
WORLD
- Quebec Dubbed As An Embarrassment After Paying $30,000 To Ransomware Authors
- Adobe Patched A Critical Flash Player Vulnerability Disclosed Publicly
- News of the Week: November 24, 2018
- North Korea-linked group Lazarus targets Latin American banks
- 42-year-old man Arrested For Hacking More than 2,000 Computers From 50 countries With DarkComet RAT
- New Trojan mining on the Linux will steal user passwords & removes anti-viruses
ATTACKS
- This week's #RiskAndRepeatPodcast digs into the debate over #WeakPasswords and password reuse, and asks: how much are users responsible for
THREATS
- Quebec Dubbed As An Embarrassment After Paying $30,000 To Ransomware Authors
- Adobe Patched A Critical Flash Player Vulnerability Disclosed Publicly
- MacOS Penetration Test Reveals Three Zero-Day Vulnerabilities
- Powerful Mobile Malware Rotexy Launched over 70,000 Attacks with Banking Trojan & Ransomware Modules
- .@TalosSecurity recently created a #decryptor that helps files affected by the #ransomware #Thanatos -- typically known to not decrypt files
- TA505 Cybercrime Group Experimenting with a New RAT In The Wild
- Researchers at @okta found a bypass that allows #ThreatActors to pose files as legitimate @Apple files despite being #malware and
- 42-year-old man Arrested For Hacking More than 2,000 Computers From 50 countries With DarkComet RAT
- SMBs suffered the brunt of ransomware attacks in 2018
- CVE-2018-19406, CVE-2018-19407: Two DoS vulnerabilities on Linux Kernel
- New Trojan mining on the Linux will steal user passwords & removes anti-viruses
- How has the @DLink #router vulnerability affected your enterprise?
- The Week in Ransomware - November 23rd 2018 - STOP, Dharma, and More
CRIME
- TA505 Cybercrime Group Experimenting with a New RAT In The Wild
- New Trojan mining on the Linux will steal user passwords & removes anti-viruses
POLITICS
- Quebec Dubbed As An Embarrassment After Paying $30,000 To Ransomware Authors
- North Korea-linked group Lazarus targets Latin American banks
ASIA
- US Says China Increased Hacking over Trade Dispute
- North Korean Hackers Hit Latin American Banks
- VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition
- Adobe Flash Player Remote Code Execution Vulnerability Threat Alert
- VMware Patches Workstation Flaw Disclosed at Hacking Contest
WORLD
- NUI Galway’s Problem: Misplaced USB Flash Drive Containing Unencrypted Student Records
- Data breach in OSIsoft
- New Crypto-Miner Attacks Linux Machines, Kills Other Miners and Anti-Malware
- Brazil's largest professional association suffers massive data leak
- German e-government SDK patched against ID spoofing vulnerability
- US Postal Service Plugs API Flaw - One Year Later
- US Says China Increased Hacking over Trade Dispute
- North Korean Hackers Hit Latin American Banks
- VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition
- Phishing Used to Launch GreyEnergy's ICS Attacks
- New Emotet Thanksgiving campaign differs from previous ones
- Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
- Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
- US Postal Service Website Left Data Exposed for Over a Year
- German eID vulnerability allows hackers to change identities
- Hacker says USPS ignored serious security flaw for over a year
- Synthetic identity fraud to drive $48 billion in annual losses by 2023 – Juniper Research
- Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits
- Southwest Washington Regional Surgery Center suffered a Phishing attack
- 60 million users’ data were exposed by the US Postal Service
- The team discuss continuing activity by the Magecart group, as well as the ways in which #cybercriminals are gearing up
ATTACKS
- NUI Galway’s Problem: Misplaced USB Flash Drive Containing Unencrypted Student Records
- Data breach in OSIsoft
- 8 tips for avoiding phishing, malware, scams, and hacks while holiday shopping online
- Brazil's largest professional association suffers massive data leak
- Amazon Snafu Exposed Customers' Names and Email Addresses
- New Linux crypto-miner steals your root password and disables your antivirus
- Attackers Are Landing Email Inboxes Without the Need to Phish
- Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
- “Back in Black” – Article 13 has YouTube threatening to pull the plug over upload filter
- Phishing Used to Launch GreyEnergy's ICS Attacks
- New Emotet Thanksgiving campaign differs from previous ones
- US Postal Service Website Left Data Exposed for Over a Year
- .@Amazon unveils new settings to help users avoid S3 data leaks, but UpGuard's Chris Vickery, who uncovered most #AWS exposures,
- Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits
- Southwest Washington Regional Surgery Center suffered a Phishing attack
- A #phishing campaign was recently found to be hijacking the traffic of @Trezor user #cryptocurrency wallets. Learn how such an
- Software company OSIsoft has suffered a data breach
- SAVE 50% FOR BLACK FRIDAY!
Get half off FREEDOME VPN and TOTAL with coupon code BLACKFRIDAY.
- DNS Shell – Tool to Compromise and Maintain Control Over Victim Machine
- @FSecure fait son #BlackFriday ! Profitez de 50% de remise sur une sélection de produits !
- 60 million users’ data were exposed by the US Postal Service
THREATS
- 8 tips for avoiding phishing, malware, scams, and hacks while holiday shopping online
- New Crypto-Miner Attacks Linux Machines, Kills Other Miners and Anti-Malware
- DoS Vulnerabilities Found in Linux Kernel, Unpatched
- Apache Hadoop spins cracking code injection vulnerability YARN
- German e-government SDK patched against ID spoofing vulnerability
- Malware scum want to build a Linux botnet using Mirai
- US Postal Service Plugs API Flaw - One Year Later
- VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition
- Adobe Flash Player Remote Code Execution Vulnerability Threat Alert
- Old Printer Vulnerabilities Die Hard
- VMware Patches Workstation Flaw Disclosed at Hacking Contest
- Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
- Black Friday special by Emotet: Filling inboxes with infected XML macros
- Black Friday special by Emotet: Filling inboxes with infected XML macros
- Cryptocurrency ‘minting’ flaw could have leached money from exchanges
- Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
- USPS Bug affects 60 Million Users, Finally Fixed.
- German eID vulnerability allows hackers to change identities
- VMware patches guest-to-host malware vulnerability
- Internet connected devices might be the hot item for Christmas this year, but are they secure?
- Hacker says USPS ignored serious security flaw for over a year
- #WebCache poisoning poses a serious threat to #BrowserSecurity. Learn how #hackers can use unkeyed inputs for malicious intent from expert
- SMBs suffered the brunt of ransomware attacks in 2018
- Best way to Remove Malware on Mac, Including Other Unwanted Apps
- A #phishing campaign was recently found to be hijacking the traffic of @Trezor user #cryptocurrency wallets. Learn how such an
- CVE-2018-6983: integer overflow vulnerability in VMware Workstation and Fusion
- The number of ransomware attacks on individuals has come down as it has become harder to get them to pay,
- New Crypto Malware Spreading that Infects Linux Machines & Removes Anti-Virus
- Over 500k Play Store users have installed 13 games that contain malware
CRIME
- Data breach in OSIsoft
- US Says China Increased Hacking over Trade Dispute
- Synthetic identity fraud to drive $48 billion in annual losses by 2023 – Juniper Research
- Software company OSIsoft has suffered a data breach
- The team discuss continuing activity by the Magecart group, as well as the ways in which #cybercriminals are gearing up
POLITICS
- NUI Galway’s Problem: Misplaced USB Flash Drive Containing Unencrypted Student Records
- US Says China Increased Hacking over Trade Dispute
- Synthetic identity fraud to drive $48 billion in annual losses by 2023 – Juniper Research
- Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits
ASIA
- City of Valdez, Alaska admits to paying off ransomware infection
- Lazarus APT Uses Modular Backdoor to Target Financial Institutions
- Adobe issues fix for Flash bug allowing remote code execution
- Despite early speculation, experts concluded the BGP route leak that sent Google traffic through China and Russia was due to
- Amazon UK is notifying a data breach to its customers days before Black Friday
- New Pterodo Backdoor Malware Detected By Ukraine
- Is Magecart Checking Out Your Secure Online Transactions?
- Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
- Phishing Scams Serious Problem for Canada’s Global Affairs
- Millions Stolen by North Korea-Linked Hacking Group from Atms in Africa and Asia
- Malaysia’s largest media company becomes victim of a ransomware attack
WORLD
- Email Addresses and Phone Numbers of More than 60 Million Users Exposed by USPS
- A flaw in US Postal Service website exposed data on 60 Million Users
- Emotet Banking Trojan Uses Stolen Templates to Boost Phishing Campaign Numbers
- Lazarus APT Uses Modular Backdoor to Target Financial Institutions
- Facebook increases rewards for its bug bounty program and facilitate bug submission
- Inspiring the Next Generation of Tech Talent
- Google Taking Over Health Records Raises Patient Privacy Fears
- What Is Windows PowerShell (And Could It Be Malicious)?
- Spoofed addresses and anonymous sending: new Gmail bugs make for easy pickings
- Amazon tech error leaks customers’ email addresses
- USPS Site Exposed Data on 60 Million Users
- Vision Direct Deals With Customer Data Leak
- Amazon suffers data breach days before Black Friday
- Major Flaws Found in IT Pentagon Processes After First Ever Financial Audit
- Black Friday Phishing Dos and Don’ts
- Amazon warns customers it leaked their names and email addresses
- Russian Cozy Bear cyberspies awake from hibernation to sling spyware
- German eID Authentication Flaw Lets You Change Identity
- Despite early speculation, experts concluded the BGP route leak that sent Google traffic through China and Russia was due to
- Amazon UK is notifying a data breach to its customers days before Black Friday
- Italian Naval Industry Attacked By MartyMcFly Malware
- Sofacy APT unleashes new 'Cannon' trojan
- New Pterodo Backdoor Malware Detected By Ukraine
- Black Friday & Cyber Monday Deals: Phishing and Site Skimmers
- New Campaign by APT Group Sofacy Discovered using new Malware Named Cannon
- White House admits Ivanka Trump used private email for government business
- Magecart Black Hats Battle it Out On Infected Site
- Fancy Bear hacker crew Putin dirty RATs in Word documents emailed to govt orgs – report
- Is Magecart Checking Out Your Secure Online Transactions?
- Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
- Infowars Online Store Got Infected with Card Skimming Malware
- Sofacy APT group used a new tool in latest attacks, the Cannon
- Phishing Scams Serious Problem for Canada’s Global Affairs
- Malaysia’s largest media company becomes victim of a ransomware attack
- Russian hackers are conducting more covert attacks on US and European computers
- US Department of Justice is investigating Tether for manipulation of market prices
- Sofacy APT Takes Aim with Novel ‘Cannon’ Trojan
- Major Flaws Found in IT Pentagon Processes After First Ever Financial Audit
- Russia Linked Group Resurfaces With Large-Scale Phishing Campaign
ATTACKS
- Phishing: It's all too easy on mobile devices
- Email Addresses and Phone Numbers of More than 60 Million Users Exposed by USPS
- A flaw in US Postal Service website exposed data on 60 Million Users
- Emotet Banking Trojan Uses Stolen Templates to Boost Phishing Campaign Numbers
- Amazon Customer Email Addresses Leaked Because of 'Technical Error'
- Google Taking Over Health Records Raises Patient Privacy Fears
- Amazon tech error leaks customers’ email addresses
- USPS Site Exposed Data on 60 Million Users
- Vision Direct Deals With Customer Data Leak
- Amazon suffers data breach days before Black Friday
- Emotet’s Thanksgiving Campaign Delivers New Recipes for Compromise
- Researchers Reveal Identity of Hacker Behind Massive Data Breaches
- Record Retention
- A hacker known as #Tessa88 offered several compromise databases obtained from LinkedIn, MySpace and other companies. Now Recorded Future believes
- Black Friday Phishing Dos and Don’ts
- The promised integration with #HaveIBeenPwned is expanding in #FirefoxMonitor with new breach alerts when a user visits a recently compromised
- Amazon warns customers it leaked their names and email addresses
- Amazon leaks users' email addresses due to 'technical error'
- High Tail Hall data breach exposes over 400,000 furry fans
- Facebook Ads Urge Its Staff To Leak Secrets
- Amazon Suffers Data Breach Days Before Black Friday
- Bah HumBUG: 5 Recent Holiday Phishing Samples You Need to Watch Out For
- New Wine in Old Bottle: New Azorult Variant Found in FindMyName Campaign using Fallout Exploit Kit
- Phishing Emails with .COM Extensions Are Hitting Finance Departments
- Despite early speculation, experts concluded the BGP route leak that sent Google traffic through China and Russia was due to
- Amazon UK is notifying a data breach to its customers days before Black Friday
- Black Friday & Cyber Monday Deals: Phishing and Site Skimmers
- New Campaign by APT Group Sofacy Discovered using new Malware Named Cannon
- White House admits Ivanka Trump used private email for government business
- New OceanLotus watering hole attacks target southeast Asia
- #CyberMonday Tip 1: Be careful of phishing scams claiming to be from a package-delivery company with links to tracking information.
AVG
- .@Amazon unveils new settings to help users avoid S3 data leaks, but UpGuard's Chris Vickery, who uncovered most #AWS exposures,
- How have #phishing campaigns threatened your #EnterpriseSecurity system?
- Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
- Amazon Data Leak Exposes Email Addresses Right Before Black Friday
- Yikes...#Instagram Accidentally Exposed Some Users' #Passwords In Plaintext
- #Gmail Glitch Enables Anonymous Messages in #Phishing Attacks:
- APAC consumers want IoT devices, but fear data leaks
- Phishing Scams Serious Problem for Canada’s Global Affairs
- OUR BLACK FRIDAY DEALS ARE LIVE!
Get 50% off from FREEDOME VPN and TOTAL subscriptions with coupon code BLACKFRIDAY.
Buy now:
- Microsoft now lets you log into Outlook, Skype, Xbox Live without a password
- Russia Linked Group Resurfaces With Large-Scale Phishing Campaign
THREATS
- Pen-test at Dropbox turns up three Apple 0-day bugs
- City of Valdez, Alaska admits to paying off ransomware infection
- A flaw in US Postal Service website exposed data on 60 Million Users
- Emotet Banking Trojan Uses Stolen Templates to Boost Phishing Campaign Numbers
- Lazarus APT Uses Modular Backdoor to Target Financial Institutions
- Facebook increases rewards for its bug bounty program and facilitate bug submission
- What Is Windows PowerShell (And Could It Be Malicious)?
- Spoofed addresses and anonymous sending: new Gmail bugs make for easy pickings
- Take a Look at L0rdix, The Super Malware Toolkit of 2018
- Mirai Used as Payload in Hadoop YARN Vulnerability
- Facebook entices researchers with $40,000 reward for account takeover vulnerabilities
- 500K Android users hit with malware, and what to do if you're infected
- Major Flaws Found in IT Pentagon Processes After First Ever Financial Audit
- Russian Cozy Bear cyberspies awake from hibernation to sling spyware
- How a Security Test for DropBox Revealed 3 Apple Zero Day Vulnerabilities
- Adobe issues fix for Flash bug allowing remote code execution
- 13 Malware-Laden Fake Apps on Google Play
- A new vulnerability was discovered to affect #Bluetooth #firmware or operating system software drivers. Learn what this vulnerability is and
- German eID Authentication Flaw Lets You Change Identity
- Hackers target Drupal servers chaining several flaws, including Drupalgeddon2 and DirtyCOW
- New vulnerabilities are coming faster than you can fix them
- Red Hawk – Open Source Information Gathering and Vulnerability Scanning Tool
- Hackers target critical WordPress plugin flaw to install backdoors and create admin accounts
- Hackers target critical WordPress plugin flaw to install backdoors and create admin accounts
- Italian Naval Industry Attacked By MartyMcFly Malware
- Sofacy APT unleashes new 'Cannon' trojan
- New Pterodo Backdoor Malware Detected By Ukraine
- New Campaign by APT Group Sofacy Discovered using new Malware Named Cannon
- Experts found flaws in Dell EMC and VMware Products. Patch them now!
- From directory traversal to direct travesty: Crash, hijack, siphon off this TP-Link VPN box via classic exploitable bugs
- A @DLink #router vulnerability was used to send banking users to a fake site in order to steal #UserCredentials. Learn
- Malicious programs disguised as racing games on Google Play
- Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
- Patches Released for Flaws Affecting Dell EMC, VMware Products
- Adobe Fixes Critical Flash Vulnerability with
- How is Plead #malware used for #cyberespionage attacks? Learn more with Michael Cobb of @thehairyITdog.
- Conficker: A 10-year retrospective on a legendary worm
- Malware Moves: Attackers Retool for Cryptocurrency Theft
- Infowars Online Store Got Infected with Card Skimming Malware
- Facebook Increases Rewards for Account Hacking Vulnerabilities
- Adobe Flash Player Update Released for Remote Code Execution Vulnerability
- New Hacking Group Outlaw Distributing Botnet to Scan The Network & Perform Cryptocurrency-Mining & Brute-Force Attack
- Facebook Boosts Bug Bounty Payouts for Account Takeover Flaws
- Signing and Verifying Ethereum Signatures
- Hacker got Rewarded for Discovering a Critical Steam Bug
- CVE-2018-15981: Adobe Flash Player Arbitrary Code Execution Vulnerability
- Malaysia’s largest media company becomes victim of a ransomware attack
- US Department of Justice is investigating Tether for manipulation of market prices
- Awake Security uncovers malicious intent across on-premise, IoT and cloud infrastructure
- Centreon releases Remote Server functionality for cross-domain monitoring of multi-site IT operations
- Fancy Bear APT Uses New Cannon Trojan to Target Government Entities
- "Luiz O Pinto" pushed 500,000+ installs of malware via Google Play, in ~1 week.
- Uncover virtual hosts of domain with Fierce
- Sofacy APT Takes Aim with Novel ‘Cannon’ Trojan
- Major Flaws Found in IT Pentagon Processes After First Ever Financial Audit
- How to find, is link malicious/URL or not
- Worried about cryptojacking? Check out how SentinelOne Detects and Protects from GhostMiner CryptoMiner
CRIME
- Emotet Banking Trojan Uses Stolen Templates to Boost Phishing Campaign Numbers
- Facebook increases rewards for its bug bounty program and facilitate bug submission
- What Is Windows PowerShell (And Could It Be Malicious)?
- Spoofed addresses and anonymous sending: new Gmail bugs make for easy pickings
- Take a Look at L0rdix, The Super Malware Toolkit of 2018
- USPS Site Exposed Data on 60 Million Users
- Researchers Reveal Identity of Hacker Behind Massive Data Breaches
- Bah HumBUG: 5 Recent Holiday Phishing Samples You Need to Watch Out For
- How Retailers Can Protect Against Magecart This Black Friday and Holiday Season
- New Wine in Old Bottle: New Azorult Variant Found in FindMyName Campaign using Fallout Exploit Kit
- Black Friday & Cyber Monday Deals: Phishing and Site Skimmers
- Is Magecart Checking Out Your Secure Online Transactions?
- Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
- How is Plead #malware used for #cyberespionage attacks? Learn more with Michael Cobb of @thehairyITdog.
- Signing and Verifying Ethereum Signatures
- Phishing Scams Serious Problem for Canada’s Global Affairs
- Millions Stolen by North Korea-Linked Hacking Group from Atms in Africa and Asia
- Malaysia’s largest media company becomes victim of a ransomware attack
POLITICS
- What Is Windows PowerShell (And Could It Be Malicious)?
- USPS Site Exposed Data on 60 Million Users
- New Pterodo Backdoor Malware Detected By Ukraine
- Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
- How is Plead #malware used for #cyberespionage attacks? Learn more with Michael Cobb of @thehairyITdog.
- Phishing Scams Serious Problem for Canada’s Global Affairs
- Russian hackers are conducting more covert attacks on US and European computers
- US Department of Justice is investigating Tether for manipulation of market prices
- MageCart Group Sabotages Rival to Ruin Data and Reputation
