ASIA
- Case involving 'AlfabetoVirtual' website defacements ends in guilty plea
- Researchers Link New NOKKI Malware to North Korean Actor
- TA18-275A: HIDDEN COBRA – FASTCash Campaign
- Nielsen warns of Chinese influence campaign, but not with midterms
- Report: Zoho's domain regularly exploited to move keylogger data
- A Staggering Amount of Stolen Data is Heading to Zoho Domains
- Hackers use malicious content delivery system to target iOS device
WORLD
- Case involving 'AlfabetoVirtual' website defacements ends in guilty plea
- Canadian restaurant chain suffers country-wide outage after malware outbreak
- Torii botnet, probably the most sophisticated IoT botnet of ever
- DanaBot Observed in Large Campaign Targeting U.S. Organizations
- California Governor Signs Bill Requiring Bots to Disclose Their True Identity
- AR18-275A: MAR-10201537 – HIDDEN COBRA FASTCash-Related Malware
- Ignite 2018 highlights: passwordless sign-in, confidential computing, new threat protection, and more
- TA18-275A: HIDDEN COBRA – FASTCash Campaign
- Danabot Banking Malware Now Targeting Banks in the U.S.
- Ransomware attacks via RDP on the rise | Avast
- World Cup may have distracted malware hackers
- Microsoft Detection Tools Sniff Out Fileless Malware
- Gwinnett Medical Center investigating possible data breach
- Rep. Speier: Congress needs a hack demo to understand election vulnerabilities
- Fortnite gamers targeted by data theft malware
- Nielsen warns of Chinese influence campaign, but not with midterms
- DanaBot Observed in Large Campaign Targeting U.S. Organizations
- Cyber Threat Landscape: How it’s Evolving & How to Respond
- UK Conservative Party Conference dedicated app leaks attendee data
- New Type of Malware Developed by Russian Hackers Eludes Discovery
- #DanaBot Gains Popularity and Targets US Organizations in Large Campaigns. http://ow.ly/mJza50jiHdI via the Threat Insight research
- Sites that use Facebook login could be affected by hack
- Facebook may be fined up to $1.63 billion due to data breach
ATTACKS
- Cyber criminals using lookalike online shopping domains to phish buyers
- Nearly 50% of businesses have yet to take control of password security - report
- Case involving 'AlfabetoVirtual' website defacements ends in guilty plea
- Sophisticated Voice Phishing Scams
- Torii botnet, probably the most sophisticated IoT botnet of ever
- DanaBot Observed in Large Campaign Targeting U.S. Organizations
- California Governor Signs Bill Requiring Bots to Disclose Their True Identity
- Financial Sector Data Breaches Soar Despite Heavy Security Spending
- WifiPhisher – WiFi Crack and Phishing Framework
- Ignite 2018 highlights: passwordless sign-in, confidential computing, new threat protection, and more
- Hackers can use Microsoft Sway to carry out phishing attacks 'without fear of detection'
- TA18-275A: HIDDEN COBRA – FASTCash Campaign
- Hacker 'AlfabetoVirtual' Pleads Guilty to NYC Comptroller, West Point Website Defacements
- Gwinnett Medical Center investigating possible data breach
- Fortnite gamers targeted by data theft malware
- Nielsen warns of Chinese influence campaign, but not with midterms
- Apollo Data Breach Leads To More Than 200 Million Contact Records Stolen
- ThreatList: Password Hygiene Remains Lackluster in Global Businesses
- The @UN accidentally exposed credentials on public @trello boards. Plus, #Uber is set to pay $148 million settlement following its
- Boffins Tricks Password Protection Using Imposter Apps
- DanaBot Observed in Large Campaign Targeting U.S. Organizations
- Strengthen your security with Avast password generator | Avast
- UK Conservative Party Conference dedicated app leaks attendee data
- Researchers use Android password managers to make phishing attacks more practical
- Breaking bank security: Record theft rises to new heights
- Facebook could face $1.63bn fine under GDPR over latest data breach
- How #livechatsoftware leaked
- UN Sensitive Information Exposed Publicly Due to Neglected Security Settings
- #DanaBot Gains Popularity and Targets US Organizations in Large Campaigns. http://ow.ly/mJza50jiHdI via the Threat Insight research
- Vulnerable Android password managers make phishing attacks easier
- Facebook Hacked: 50 Million Users' Data Exposed
- True password behaviors in the workplace revealed
- Rarely a week goes by without reports of a large and damaging #DDoS attack against a major business. Techniques are
- #SecurityNews: #Tory App Snafu exposes Ministers’ personal info including phone numbers and other personal details of Cabinet ministers, as the
- Torii Botnet – A New Sophisticated IoT Botnet Attack in Wide – More Powerful Than Mirai
- Telegram vulnerability causes IP address leaking
- Sites that use Facebook login could be affected by hack
- Facebook may be fined up to $1.63 billion due to data breach
- Wait, this isn't The Onion...
"FBI fitness app asks users to agree to 'all of their activities monitored and recorded'"
- NZ customs can now demand phone or laptop passwords
- Stop DDoS Attacks In 10 Seconds – Organization’s Most Important Consideration for DDOS Attack Mitigation
- When you need to make a new #Password, what do you do? The easiest and most secure way is to
- #Video: Bringing all of your #data together under a single management portfolio, under a single #database, allows your organization to
- At #MSIgnite, @Microsoft declared "an end to era of passwords" with an update to its Authenticator app, which will allow
- Torii malware could be gateway to more sophisticated IoT botnet attacks
THREATS
- Cyber criminals using lookalike online shopping domains to phish buyers
- PDF patch time: fixes land for over 100 flaws in Adobe's and Foxit's PDF software
- Canadian restaurant chain suffers country-wide outage after malware outbreak
- Foxit PDF Reader Fixes High-Severity Remote Code Execution Flaws
- Foxit Reader 9.3 addresses 118 Vulnerabilities, 18 of them rated as critical
- Researchers Link New NOKKI Malware to North Korean Actor
- NOKKI Malware Sports Mysterious Link to Reaper APT Group
- Malware 101: The Malware Tools That Attackers Use
- Following a Trail of Confusion: PowerShell in Malicious Office Documents
- Google taking new steps to prevent malicious Chrome extensions
- Google Patches Critical Vulnerabilities in Android OS
- AR18-275A: MAR-10201537 – HIDDEN COBRA FASTCash-Related Malware
- Vulnerability Spotlight: Adobe Acrobat Reader DC Collab reviewServer Remote Code Execution Vulnerability
- Enabling Enterprise-Grade Hybrid Cloud Data Processing with SAP and Cisco – Part 2
- Foxit Reader Update Patches Over 100 Vulnerabilities
- A remote access #Trojan -- dubbed #GravityRAT -- was discovered by Cisco Talos (@TalosSecurity) to be checking for #antimalware sandboxes.
- Danabot Banking Malware Now Targeting Banks in the U.S.
- Dogcall Rat links NOKKI malware with Reaper group - indicators provided
- The MITRE ATT&CK Framework: Command and Control
- Ransomware attacks via RDP on the rise | Avast
- Use Windows, macOS? Don’t be hacked by PDF, patch these critical Adobe flaws now
- Keyloggers Turn to Zoho Office Suite in Droves for Data Exfiltration
- Keyloggers Turn to Zoho Office Suite in Droves for Data Exfiltration
- World Cup may have distracted malware hackers
- New study finds 5 of every 6 routers are inadequately updated for security flaws
- Microsoft Detection Tools Sniff Out Fileless Malware
- .@FBI, @DHSgov call on users to mitigate #RemoteDesktop Protocol vulnerabilities and handle RDP exploits on their own, even as the
- Adobe Releases Updates For 85 PDF Related CVEs
- Nine NAS Bugs Open LenovoEMC, Iomega Devices To Attack
- Rep. Speier: Congress needs a hack demo to understand election vulnerabilities
- Google Cracks Down on Malicious Chrome Extensions in Major Update
- Cisco Talos discloses serious vulnerabilities in Foxit PDF Reader
- Fortnite gamers targeted by data theft malware
- Windows Defender exclusions reek of malware
- DanaBot Observed in Large Campaign Targeting U.S. Organizations
- Report: Zoho's domain regularly exploited to move keylogger data
- A Staggering Amount of Stolen Data is Heading to Zoho Domains
- AV-TEST Rates Check Point’s SandBlast Agent as a Top Product in Corporate Endpoint Protection
- Adobe fixes 47 critical flaws in Acrobat and Reader
- 86 Vulnerabilities Fixed with Adobe Security Updates for Adobe Acrobat and Reader
- Malware Less Common in Q2, Still Top Attack Method
- Malware Less Common in Q2, Still Top Attack Method
- Alphabet's @chroniclesec unveiled #VirusTotal Enterprise, a new version of the file scanning service designed specifically for enterprise customers. By @RobWright22
- Fruitfly Mac malware creator used it to spy on minors; FBI discloses technique
- Use Windows, macOS? Don't be hacked by PDF, patch these critical Adobe flaws now
- CVE-2018-8373: Hackers’ best partner to spread Trojans
- Man-in-the-middle attacks allow hackers to intercept, send and receive data to and from your device undetected until the transaction is
- Desktop Telegram users showing off not only their silly selfies but also their IP addresses
- Facebook Breach: Attackers Exploited Privacy Feature
- New Type of Malware Developed by Russian Hackers Eludes Discovery
- The Army is working toward a cyber domain doctrine
- Vulnerability Spotlight: Adobe Acrobat Reader DC Collab reviewServer Remote Code Execution Vulnerability
- The MITRE ATT&CK Framework: Command and Control
- SQL injection explained: How these attacks work and how to prevent them
- Improving #mobilesecurity programs to detect
- Adobe Patches 86 Vulnerabilities in Acrobat Products
- Adobe security updates for Acrobat fix 86 Vulnerabilities, 46 rated as critical
- A group of #malware was discovered targeting public SSH servers. However, certain #IPaddresses are avoided. Discover how this is possible
- Telegram vulnerability causes IP address leaking
- Security Update for Foxit PDF Reader Fixes 118 Vulnerabilities
- Hackers use malicious content delivery system to target iOS device
- Adobe Releases Security Updates for Acrobat that Fix 86 Vulnerabilities
- Torii malware could be gateway to more sophisticated IoT botnet attacks
CRIME
- Case involving 'AlfabetoVirtual' website defacements ends in guilty plea
- DanaBot Observed in Large Campaign Targeting U.S. Organizations
- Google taking new steps to prevent malicious Chrome extensions
- TA18-275A: HIDDEN COBRA – FASTCash Campaign
- Danabot Banking Malware Now Targeting Banks in the U.S.
- Hacker 'AlfabetoVirtual' Pleads Guilty to NYC Comptroller, West Point Website Defacements
- World Cup may have distracted malware hackers
- Fortnite gamers targeted by data theft malware
- DanaBot Observed in Large Campaign Targeting U.S. Organizations
- Cyber Threat Landscape: How it’s Evolving & How to Respond
- Strengthen your security with Avast password generator | Avast
- Report: Zoho's domain regularly exploited to move keylogger data
- A Staggering Amount of Stolen Data is Heading to Zoho Domains
- Breaking bank security: Record theft rises to new heights
- Fruitfly Mac malware creator used it to spy on minors; FBI discloses technique
POLITICS
- Case involving 'AlfabetoVirtual' website defacements ends in guilty plea
- Ignite 2018 highlights: passwordless sign-in, confidential computing, new threat protection, and more
- Rep. Speier: Congress needs a hack demo to understand election vulnerabilities
- Fruitfly Mac malware creator used it to spy on minors; FBI discloses technique
- UN Sensitive Information Exposed Publicly Due to Neglected Security Settings
DATA BREACH
- 100K Routers Hijacked for Phishing in GhostDNS Campaign
- Picture-in-Picture Phishing Campaign Goes After Steam Credentials
- 4 Ways to Protect Your Files from a Data Breach
- Facebook hacked – 50 Million Users’ Data exposed in the security breach
- Telegram Patched IP Address Leak Problem In Its Desktop Client
- Telegram Leaks User IP Addresses
- Telegram not really anonymous? Researcher reports bug that leaks IP addresses
- Flaws in Tory party conference app leak ministers' personal information
- Facebook faces a whopping €1.4 billion penalty under GDPR for Sept. 30 data breach
- Phishing campaign targets developers of Chrome extensions
- 3 GOP senators doxed during Kavanaugh hearing
- Facebook Data Breach Extended to Third-Party Applications
- Facebook could face up to $1.6bn fine for data breach
- Telegram CVE-2018-17780 flaw causes the leak of IP addresses when initiating calls
- Telegram Calling Feature Leaks Your IP Addresses—Patch Released
- High-Profile Instagram Accounts Hacked For Ransom In A Recent Campaign
DENIAL-OF-SERVICE
- GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers
- Instagram Being Used To Sell Botnets And Stolen Fortnite Accounts
- Hackers Are Selling Botnets and Stolen ‘Fortnite’ Accounts Over Instagram
- Torii malware could be gateway to more sophisticated IoT botnet attacks
- New vicious Torii IoT botnet discovered
- GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers
- Gigantic 100,000-strong botnet used to hijack traffic meant for Brazilian banks
- Torii IoT Botnet Takes Mirai to the Next Level
MALVERTISING
Nothing to report
PHISHING
- 100K Routers Hijacked for Phishing in GhostDNS Campaign
- Picture-in-Picture Phishing Campaign Goes After Steam Credentials
- Roaming Mantis Group Adds Phishing and Web Crypto Mining for iOS Devices
- Weak Passwords Abused for 'FruitFly' Mac Malware Distribution
- Third-Party Apps Using Facebook Login Also Affected by Latest Hacking Incident
- How to Orchestrate a Smarter Phishing Response
- Voice Phishing Scams Are Getting More Clever
- Why nearly 50% of organizations are failing at password security
- Employees Share Average of 6 Passwords With Co-Workers
- UK firms’ password security score ‘average’
- Phishing campaign targets developers of Chrome extensions
- Password Security Better, Still Poses Business Risk
- Password Security Better, Still Poses Business Risk
- Following a loud critical backlash to a new #Chrome login feature and cookie retention functionality, @Google will make changes in
WEB DEFACEMENT
Nothing to report
MALWARE
- Top Cloud Domain Controller for MSPs
- Multiple Code Execution Vulnerabilities Found in Atlantis Word Processor
- GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers
- GrandCrab Ransomware Spreads Using Multiple Known Vulnerabilities
- Fileless Malware Attacks on the Rise, Microsoft Says
- 'Short, Brutal Lives': Life Expectancy for Malicious Domains
- Report Ties North Korean Attacks to New Malware, Linked by Word Macros
- Roaming Mantis Group Adds Phishing and Web Crypto Mining for iOS Devices
- Google Adds New Rules To End Malicious Chrome Extensions
- Code Execution Vulnerabilities Uncovered In Atlantis Word Processor
- Deep Dive Into iTranslator - MITM Malware
- LoJax: Fisrt UEFI Rootkit Found In The Wild
- NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
- NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
- Telegram Patched IP Address Leak Problem In Its Desktop Client
- Weak Passwords Abused for 'FruitFly' Mac Malware Distribution
- Code execution vulnerabilities uncovered in Atlantis Word Processor
- Malwarebytes is a champion of National Cybersecurity Awareness Month
- Monitor privileged execution to defend against
- Telegram Leaks User IP Addresses
- Vulnerability Spotlight: Multiple vulnerabilities in Atlantis Word Processor
- TrickBot Banking Trojan Takes Center Stage in 2018
- More on the Five Eyes Statement on Encryption and Backdoors
- Report Ties North Korean Attacks to New Malware, Linked by Word Macros
- Telegram not really anonymous? Researcher reports bug that leaks IP addresses
- Roaming Mantis part III: iOS crypto-mining and spreading via malicious content delivery system
- GandCrab ransomware is spreading wildly through several known vulnerabilities
- Docs reveal how Fruitfly Mac spyware initially spread
- Torii malware could be gateway to more sophisticated IoT botnet attacks
- SamSam ransomware: How is this version different from others?
- Ransomware Casts Anchor at the Port of San Diego
- Hackers Hijacked More Than 100,000 Routers DNS Settings and Redirecting Users to Malicious WebSites
- Ransomware Casts Anchor at the Port of San Diego
- #VPNFilter #malware: How can users protect themselves?
- Vulnerability Spotlight: Multiple vulnerabilities in Atlantis Word Processor
- Telegram CVE-2018-17780 flaw causes the leak of IP addresses when initiating calls
- Telegram Calling Feature Leaks Your IP Addresses—Patch Released
- New Banking Malware Steal Money From Victim’s Bank Accounts Using Weaponized Adobe Reader
EXPLOIT
- A new Browser Reaper exploit can crash or freeze Mozilla #Firefox, according to a proof of concept published by a
- Python-based attack tools are the most common vector for launching exploit attempts
- Several Bugs Exploited in Massive Facebook Hack
- Sophos recently discovered a #Samsam extortion code that performs whole-company attacks through a variety of vulnerability exploits. Discover how this
- How can attackers exploit a buffer underflow #vulnerability?
- New Banking Malware Steal Money From Victim’s Bank Accounts Using Weaponized Adobe Reader
VULNERABILITY
- Adobe Patches 47 Critical Flaws in Acrobat and DC
- Multiple Code Execution Vulnerabilities Found in Atlantis Word Processor
- CVE-2018-11776 and why you need Black Duck Security Advisories
- Nine NAS Bugs Open LenovoEMC, Iomega Devices to Attack
- GrandCrab Ransomware Spreads Using Multiple Known Vulnerabilities
- Google Bug Breaks Search Results with a Plus Sign On Mac Safari
- Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader
- Gemalto ID Card Provider Sued for €152 Million in eID Vulnerability Case
- Code Execution Vulnerabilities Uncovered In Atlantis Word Processor
- Facebook: How to minimize the risk of vulnerabilities
- Code execution vulnerabilities uncovered in Atlantis Word Processor
- Attackers chained three bugs to breach into the Facebook platform
- Vulnerability Spotlight: Multiple vulnerabilities in Atlantis Word Processor
- Monero fixes major ‘burning bug’ flaw, preventing mass devaluation
- Telegram not really anonymous? Researcher reports bug that leaks IP addresses
- Flaws in Tory party conference app leak ministers' personal information
- Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader
- GandCrab ransomware is spreading wildly through several known vulnerabilities
- Several Bugs Exploited in Massive Facebook Hack
- Sophos recently discovered a #Samsam extortion code that performs whole-company attacks through a variety of vulnerability exploits. Discover how this
- Nasty Linux Kernel Vulnerability Discovered, Mandatory Kernel Update Required
- How can attackers exploit a buffer underflow #vulnerability?
- CISO @rickhholland joins @drshellface and @mazzazone to discuss the latest #cybersecurity news: Security Flaws Affect 50 Million Facebook Accounts and
- Vulnerability Spotlight: Multiple vulnerabilities in Atlantis Word Processor
- Telegram CVE-2018-17780 flaw causes the leak of IP addresses when initiating calls
ASIA
- Cyber Security Roundup for September 2018
- GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers
- Report Ties North Korean Attacks to New Malware, Linked by Word Macros
- Roaming Mantis Group Adds Phishing and Web Crypto Mining for iOS Devices
- NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
- NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
- Report Ties North Korean Attacks to New Malware, Linked by Word Macros
- Telegram not really anonymous? Researcher reports bug that leaks IP addresses
- Roaming Mantis part III: iOS crypto-mining and spreading via malicious content delivery system
- GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers
WORLD
- Cyber Security Roundup for September 2018
- Hacking Week Call for Pitches: Who Is the Weakest Link In Cybersecurity?
- GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers
- A week in security (September 24 – 30)
- 4 Ways to Protect Your Files from a Data Breach
- Gemalto ID Card Provider Sued for €152 Million in eID Vulnerability Case
- NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
- NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
- Facebook: How to minimize the risk of vulnerabilities
- Voice Phishing Scams Are Getting More Clever
- Malwarebytes is a champion of National Cybersecurity Awareness Month
- Formjacking in the Nutshell
- TrickBot Banking Trojan Takes Center Stage in 2018
- Telegram not really anonymous? Researcher reports bug that leaks IP addresses
- Roaming Mantis part III: iOS crypto-mining and spreading via malicious content delivery system
- Facebook faces a whopping €1.4 billion penalty under GDPR for Sept. 30 data breach
- UK firms’ password security score ‘average’
- CISO @rickhholland joins @drshellface and @mazzazone to discuss the latest #cybersecurity news: Security Flaws Affect 50 Million Facebook Accounts and
- Gigantic 100,000-strong botnet used to hijack traffic meant for Brazilian banks
- New Banking Malware Steal Money From Victim’s Bank Accounts Using Weaponized Adobe Reader
ATTACKS
- 100K Routers Hijacked for Phishing in GhostDNS Campaign
- Picture-in-Picture Phishing Campaign Goes After Steam Credentials
- GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers
- Roaming Mantis Group Adds Phishing and Web Crypto Mining for iOS Devices
- 4 Ways to Protect Your Files from a Data Breach
- Facebook hacked – 50 Million Users’ Data exposed in the security breach
- Instagram Being Used To Sell Botnets And Stolen Fortnite Accounts
- Telegram Patched IP Address Leak Problem In Its Desktop Client
- Weak Passwords Abused for 'FruitFly' Mac Malware Distribution
- Hackers Are Selling Botnets and Stolen ‘Fortnite’ Accounts Over Instagram
- Third-Party Apps Using Facebook Login Also Affected by Latest Hacking Incident
- How to Orchestrate a Smarter Phishing Response
- Voice Phishing Scams Are Getting More Clever
- Why nearly 50% of organizations are failing at password security
- Employees Share Average of 6 Passwords With Co-Workers
- Telegram Leaks User IP Addresses
- Telegram not really anonymous? Researcher reports bug that leaks IP addresses
- Flaws in Tory party conference app leak ministers' personal information
- Facebook faces a whopping €1.4 billion penalty under GDPR for Sept. 30 data breach
- UK firms’ password security score ‘average’
- Torii malware could be gateway to more sophisticated IoT botnet attacks
- Phishing campaign targets developers of Chrome extensions
- Password Security Better, Still Poses Business Risk
- New vicious Torii IoT botnet discovered
- Password Security Better, Still Poses Business Risk
- GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers
- 3 GOP senators doxed during Kavanaugh hearing
- Facebook Data Breach Extended to Third-Party Applications
- Following a loud critical backlash to a new #Chrome login feature and cookie retention functionality, @Google will make changes in
- Facebook could face up to $1.6bn fine for data breach
- Telegram CVE-2018-17780 flaw causes the leak of IP addresses when initiating calls
- Telegram Calling Feature Leaks Your IP Addresses—Patch Released
- Gigantic 100,000-strong botnet used to hijack traffic meant for Brazilian banks
- Torii IoT Botnet Takes Mirai to the Next Level
- High-Profile Instagram Accounts Hacked For Ransom In A Recent Campaign
THREATS
- Adobe Patches 47 Critical Flaws in Acrobat and DC
- Top Cloud Domain Controller for MSPs
- Multiple Code Execution Vulnerabilities Found in Atlantis Word Processor
- CVE-2018-11776 and why you need Black Duck Security Advisories
- GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers
- Nine NAS Bugs Open LenovoEMC, Iomega Devices to Attack
- GrandCrab Ransomware Spreads Using Multiple Known Vulnerabilities
- Fileless Malware Attacks on the Rise, Microsoft Says
- 'Short, Brutal Lives': Life Expectancy for Malicious Domains
- Google Bug Breaks Search Results with a Plus Sign On Mac Safari
- Report Ties North Korean Attacks to New Malware, Linked by Word Macros
- Roaming Mantis Group Adds Phishing and Web Crypto Mining for iOS Devices
- Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader
- Google Adds New Rules To End Malicious Chrome Extensions
- Gemalto ID Card Provider Sued for €152 Million in eID Vulnerability Case
- Code Execution Vulnerabilities Uncovered In Atlantis Word Processor
- Deep Dive Into iTranslator - MITM Malware
- LoJax: Fisrt UEFI Rootkit Found In The Wild
- NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
- NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
- Telegram Patched IP Address Leak Problem In Its Desktop Client
- Weak Passwords Abused for 'FruitFly' Mac Malware Distribution
- Facebook: How to minimize the risk of vulnerabilities
- Code execution vulnerabilities uncovered in Atlantis Word Processor
- A new Browser Reaper exploit can crash or freeze Mozilla #Firefox, according to a proof of concept published by a
- Malwarebytes is a champion of National Cybersecurity Awareness Month
- Monitor privileged execution to defend against
- Attackers chained three bugs to breach into the Facebook platform
- Telegram Leaks User IP Addresses
- Vulnerability Spotlight: Multiple vulnerabilities in Atlantis Word Processor
- TrickBot Banking Trojan Takes Center Stage in 2018
- More on the Five Eyes Statement on Encryption and Backdoors
- Monero fixes major ‘burning bug’ flaw, preventing mass devaluation
- Report Ties North Korean Attacks to New Malware, Linked by Word Macros
- Telegram not really anonymous? Researcher reports bug that leaks IP addresses
- Flaws in Tory party conference app leak ministers' personal information
- Roaming Mantis part III: iOS crypto-mining and spreading via malicious content delivery system
- Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader
- GandCrab ransomware is spreading wildly through several known vulnerabilities
- Python-based attack tools are the most common vector for launching exploit attempts
- Docs reveal how Fruitfly Mac spyware initially spread
- Torii malware could be gateway to more sophisticated IoT botnet attacks
- SamSam ransomware: How is this version different from others?
- Ransomware Casts Anchor at the Port of San Diego
- Hackers Hijacked More Than 100,000 Routers DNS Settings and Redirecting Users to Malicious WebSites
- Ransomware Casts Anchor at the Port of San Diego
- Several Bugs Exploited in Massive Facebook Hack
- Sophos recently discovered a #Samsam extortion code that performs whole-company attacks through a variety of vulnerability exploits. Discover how this
- #VPNFilter #malware: How can users protect themselves?
- Nasty Linux Kernel Vulnerability Discovered, Mandatory Kernel Update Required
- How can attackers exploit a buffer underflow #vulnerability?
- CISO @rickhholland joins @drshellface and @mazzazone to discuss the latest #cybersecurity news: Security Flaws Affect 50 Million Facebook Accounts and
- Vulnerability Spotlight: Multiple vulnerabilities in Atlantis Word Processor
- Telegram CVE-2018-17780 flaw causes the leak of IP addresses when initiating calls
- Telegram Calling Feature Leaks Your IP Addresses—Patch Released
- New Banking Malware Steal Money From Victim’s Bank Accounts Using Weaponized Adobe Reader
CRIME
- Cyber Security Roundup for September 2018
- Hacking Week Call for Pitches: Who Is the Weakest Link In Cybersecurity?
- GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers
- 4 Ways to Protect Your Files from a Data Breach
- Gemalto ID Card Provider Sued for €152 Million in eID Vulnerability Case
- NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
- NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
- Facebook: How to minimize the risk of vulnerabilities
- Hackers Are Selling Botnets and Stolen ‘Fortnite’ Accounts Over Instagram
- How to Orchestrate a Smarter Phishing Response
- Voice Phishing Scams Are Getting More Clever
- Formjacking in the Nutshell
- Attackers chained three bugs to breach into the Facebook platform
- TrickBot Banking Trojan Takes Center Stage in 2018
- Roaming Mantis part III: iOS crypto-mining and spreading via malicious content delivery system
- Hackers Hijacked More Than 100,000 Routers DNS Settings and Redirecting Users to Malicious WebSites
- Sophos recently discovered a #Samsam extortion code that performs whole-company attacks through a variety of vulnerability exploits. Discover how this
- GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers
- New Banking Malware Steal Money From Victim’s Bank Accounts Using Weaponized Adobe Reader
POLITICS
- Hacking Week Call for Pitches: Who Is the Weakest Link In Cybersecurity?
- Report Ties North Korean Attacks to New Malware, Linked by Word Macros
- A week in security (September 24 – 30)
- Facebook: How to minimize the risk of vulnerabilities
- Hackers Are Selling Botnets and Stolen ‘Fortnite’ Accounts Over Instagram
- Malwarebytes is a champion of National Cybersecurity Awareness Month
- Report Ties North Korean Attacks to New Malware, Linked by Word Macros
- Roaming Mantis part III: iOS crypto-mining and spreading via malicious content delivery system
TRANSNATIONAL / UNKNOWN
- The British Airways #databreach may be the handiwork of hacking group #Magecart, according to researchers. By @MaddieBacon11
CHINA
Nothing to report
INDIA
Nothing to report
NORTH KOREA
- A security researcher developed a proof-of-concept attack on #Firefox called Browser Reaper that can crash or freeze the browser, but
PAKISTAN
Nothing to report
VIETNAM
Nothing to report
IRAN
Nothing to report
LEBANON
Nothing to report
PALESTINE
Nothing to report
SAUDI ARABIA
Nothing to report
UNITED ARAB EMIRATES
Nothing to report
RUSSIA
- Security Affairs newsletter Round 182 – News of the week
UKRAINE
Nothing to report
DATA BREACH
- Experts comment on Facebook’s 50 million user credential leak
- 40 million more likely affected by massive Facebook data leak - Bitdefender
- Project Insecurity (@insecurity) researchers discovered certain #livechatsoftware that were leaking personal details of employee at several high-profile sites. Discover how
- Telegram Leaks Public & Private IP Address While Making Calls
- The United Nations (@UN) accidentally exposed sensitive information on public @trello boards, in the Jira app, and in #GoogleDocs and
- 3 GOP senators doxed during Kavanaugh hearing
- Uber has agreed to pay more than $140 Million for a data breach settlement
DENIAL-OF-SERVICE
Nothing to report
MALVERTISING
Nothing to report
PHISHING
- Chegg forces password reset on 40 million users
- Hackers are Selling Social Media Logins & Financial Details On Dark Web starting from £2
- USBStealer – Password Hacking Tool For Windows Machine Applications to Perform Windows Penetration Testing
WEB DEFACEMENT
Nothing to report
MALWARE
- GANDCRAB 5.0.1 Ransom Virus – How to Remove It and Restore Data
- Week in review: First-ever UEFI rootkit, Apple DEP vulnerability, new tactics subvert traditional security measures
- Apple DEP Authentication Flaw Leaves Devices Vulnerable To Malicious MDM Enrolling
- Telegram Leaks Public & Private IP Address While Making Calls
- #Android #Trojan: How is data being stolen from #messagingapps?
- Docs reveal how Fruitfly Mac spyware initially spread
- Cryptomining Malware Grows by 86% in Q2: McAfee Report
- Facebook monetizes 2FA, Singapore monetizes hacker, and ransomware creeps monetize US Democrats
- Security roundup: Facebook, ransomware, UEFI rootkit, Berners-Lee’s plan for new internet
- Telegram exposes the IP address during a user call by default
- #GoScanSSH: How does this #malware work and differ from others?
- Xbash Malware Combines Many Malicious Functions in Worm
- Discover how the #VPNFilter #malware works and affects users
- Alphabet's Chronicle has given #VirusTotal a makeover. Find out what's in the new VirusTotal Enterprise offering. By @RobWright22
- Improving core processes with next-generation mobile productivity solutions can bring power and cost efficiency gains. However, we must not lose
- Malware in the Cloud: What You Need to Know
- Beware !! USB Devices & Removable Media are Used to Inject Cryptocurrency Mining Malware
EXPLOIT
- Facebook Ad Targeting Exploits Users’ 2FA Phone Numbers
- FBI IC3 warns of cyber attacks exploiting Remote Desktop Protocol (RDP)
VULNERABILITY
- Mutagen Astronomy – Linux Vulnerability Hits CentOS, Debian, and Red Hat Distros
- Facebook Says Three Different Bugs Are Responsible For The Massive Account Hacks
- Week in review: First-ever UEFI rootkit, Apple DEP vulnerability, new tactics subvert traditional security measures
- Estonia sues Gemalto for 152M euros over flaws in citizen ID cards issued by the company
- Apple DEP Authentication Flaw Leaves Devices Vulnerable To Malicious MDM Enrolling
- #Cisco patches yet another hardcoded credentials flaw, this time in its video surveillance manager appliance; the latest vulnerability is at
- Mojave Flaws Allow An Attacker To Bypass Full Disk Access Requirement
- Election equipment vendors come under fire for #votingmachine security in the latest #DEFCON report, which details flaws -- one from
- Cisco Multiple Security Vulnerabilities Alert
- Zero-Day MacOS Mojave Privacy Bypass Bug Exposes Protected Files
- A Top Facebook Bug Bounty Hunter Shares Their Insights on the Facebook Breach
