DATA BREACH & DATA LOSS
- CMS portal breach exposes 75,000 individuals' records
- New Ethics Guidance for Lawyers from the American Bar Association (ABA) Regarding Data Breach and Cyber-attack
- According to the report, researchers detected 33,568 email addresses of finance departments that had been exposed by third parties. Can
- #NetSpectre leaks data remotely via side-channel attacks. Learn from expert Michael Cobb of @thehairyITdog why data from #microprocessors is not
- Criminals Hijacked Records of 75 000 Users from
- A #ZeroDay in #jQuery File Upload could affect thousands of projects because the jQuery #plugin vulnerability has existed for eight
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- US Indicts Another Russian for Role in Info Warfare Campaign
- What are DMARC records and can they improve email security?
- Anthem in Record $16m HIPAA Settlement
- The Hunt - Our new data breach detection video looks like a Mission Impossible trailer. However, the threats are for
- #NetSpectre exploits speculative execution to leak data remotely via side-channel attacks. Learn how this #SecurityVulnerability affects the #cloud from expert
- The most interesting Internet-connected vehicle hacks on record
- Web Hosting Software VestaCP Server Compromised With DDoS Malware
- Find out how #TLBleed abuses @Intel's HTT chip feature to leak data via TLB
- Are you aware of #Canada's data breach regulations? Get up to speed on the #blog:
DENIAL-OF-SERVICE
- NSA Hacking Tools Used Against Nuke, Aerospace Worlds
- Web Hosting Software VestaCP Server Compromised With DDoS Malware
MALVERTISING
Nil
PHISHING
- Phishing Scheme Leverages Azure Blob Storage and Hurricane Michael
- Strict password policy could prevent credential reuse, paper suggests
- Natural Disaster Related Phishing Scam Abusing Microsoft Azure to Steal login Credentials & Credit Card Numbers
WEB DEFACEMENT
- Saudi Future Investment Initiative website defaced by the hackers
- Hackers Deface Website of Saudi Investment Forum
BOTNET
- The Russian built #VPNFilter #botnet was taken down by the @FBI after over 500,000 routers were infected. However, VPNFilter is
RANSOMWARE
- Gamma ransomware compromises data on 16,000 patients at California hernia institute
- Ransomware: A cheat sheet for professionals
- The latest variant of Satan ransomware is spreading in the wild
CRYPTOMINING & CRYPTOCURRENCIES
- Blockchain Security and Privacy
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- iCloud Hacker Wants $175,000 Ransom to Be Paid In Bitcoin (BTC)
- Trade.io loses $7.5Mil worth of cryptocurrency in mysterious cold wallet hack
- Introducing Infura: Connecting DApps With Ethereum Without Setting up Ethereum Nodes
- Business-minded hackers are testing blockchain technologies to secure their illegal operations. Here's what enterprises can learn from them:
- India’s First Cryptocurrency ATM To Buy and Sell Cryptocurrencies
MALWARE
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- US Tops Global Malware C2 Distribution
- Signal Upgrade Process Leaves Unencrypted Messages on Disk
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- The boom of fileless malware attacks: How can we fight it?
- Octopus Malware
- Maker of LuminosityLink RAT gets 30 months in the clink
- Web Hosting Software VestaCP Server Compromised With DDoS Malware
- Adding the EICAR string to your name as part of the visitor self-registration process is a bit of a faux
EXPLOIT
- Apple Voiceover Exploit Allows Attackers Access to Ios Devices
VULNERABILITY
- Cisco, F5 Networks Investigate libssh Vulnerability Impact
- How to detect hardware-based server bugs
- Flaw in Media Library Impacts VLC, Other Software
- Libssh CVE-2018-10933 Scanners & Exploits Released - Apply Updates Now
- Recent Branch.io Patch Creates New XSS Flaw
- Critical Bug Impacts Live555 Media Streaming Libraries
- A newly disclosed #libSSH vulnerability could allow an attacker #AdminAccess to a server with little effort. By @MT_Heller
- Zero-day jQuery plugin vulnerability exploited for 3 years
- CVE-2018-4013: LIVE555 streaming media RTSP Server Remote Code Execution Vulnerability
- Popular website plugin harboured a serious 0-day for years
- A #ZeroDay in #jQuery File Upload could affect thousands of projects because the jQuery #plugin vulnerability has existed for eight
- It's OK, I'm verified - Libssh flaw allows attackers to bypass server authentication
- Repairnator bot finds software bugs, successfully submits patches
- Drupal Patched Critical RCE Vulnerabilities In Drupal 7 and 8
- FreeRTOS flaws expose millions of IoT devices to cyber attacks
- The .@iDefense Vulnerability Contributor Program (VCP) bug-bounty initiative continues to attract top contributors. Join them by submitting your 0-day for
- Critical vulnerabilities on FreeRTOS expose many systems to attacks
- WebLogic Remote Code Execution Vulnerability(CVE-2018-3245) Threat Alert
- MPlayer and VLC media player affected by critical flaw CVE-2018-4013
- Remote Code Execution Flaws Found in FreeRTOS - Popular OS for Embedded Systems
- Why does Windows 10 have many bugs?
ASIA
- Saudi Future Investment Initiative website defaced by the hackers
- Hackers Deface Website of Saudi Investment Forum
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- A week in security (October 15 – 21)
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- WebLogic Remote Code Execution Vulnerability(CVE-2018-3245) Threat Alert
- India’s First Cryptocurrency ATM To Buy and Sell Cryptocurrencies
OCEANIA
Nil
NORTH AMERICA
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- US Tops Global Malware C2 Distribution
- A week in security (October 15 – 21)
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- Safeguarding the Nation’s Critical Infrastructure
- New Ethics Guidance for Lawyers from the American Bar Association (ABA) Regarding Data Breach and Cyber-attack
- The boom of fileless malware attacks: How can we fight it?
- Criminals Hijacked Records of 75 000 Users from
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- US Indicts Another Russian for Role in Info Warfare Campaign
- Anthem in Record $16m HIPAA Settlement
- Are you aware of #Canada's data breach regulations? Get up to speed on the #blog:
SOUTH AMERICA
Nil
EUROPE
- A week in security (October 15 – 21)
- The Russian built #VPNFilter #botnet was taken down by the @FBI after over 500,000 routers were infected. However, VPNFilter is
- iCloud Hacker Wants $175,000 Ransom to Be Paid In Bitcoin (BTC)
- Repairnator bot finds software bugs, successfully submits patches
- New APT GreyEnergy Found to Target EU Critical Systems, Linked to BlackEnergy
- US Indicts Another Russian for Role in Info Warfare Campaign
AFRICA
Nil
HEALTHCARE
- CMS portal breach exposes 75,000 individuals' records
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- Gamma ransomware compromises data on 16,000 patients at California hernia institute
- Safeguarding the Nation’s Critical Infrastructure
- Criminals Hijacked Records of 75 000 Users from
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- Critical vulnerabilities on FreeRTOS expose many systems to attacks
- Anthem in Record $16m HIPAA Settlement
TRANSPORT
- NSA Hacking Tools Used Against Nuke, Aerospace Worlds
- Critical vulnerabilities on FreeRTOS expose many systems to attacks
BANKING & FINANCE
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- According to the report, researchers detected 33,568 email addresses of finance departments that had been exposed by third parties. Can
- Phishing Scheme Leverages Azure Blob Storage and Hurricane Michael
- FreeRTOS flaws expose millions of IoT devices to cyber attacks
- Critical vulnerabilities on FreeRTOS expose many systems to attacks
- Natural Disaster Related Phishing Scam Abusing Microsoft Azure to Steal login Credentials & Credit Card Numbers
- India’s First Cryptocurrency ATM To Buy and Sell Cryptocurrencies
INFORMATION & TELECOMMUNICATION
- Saudi Future Investment Initiative website defaced by the hackers
- Blockchain Security and Privacy
- A week in security (October 15 – 21)
- Popular website plugin harboured a serious 0-day for years
- The latest variant of Satan ransomware is spreading in the wild
FOOD
Nil
WATER
Nil
ENERGY
- Safeguarding the Nation’s Critical Infrastructure
- New APT GreyEnergy Found to Target EU Critical Systems, Linked to BlackEnergy
GOVERNMENT & PUBLIC SERVICE
- Saudi Future Investment Initiative website defaced by the hackers
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- CMS portal breach exposes 75,000 individuals' records
- Safeguarding the Nation’s Critical Infrastructure
- Criminals Hijacked Records of 75 000 Users from
- US Indicts Another Russian for Role in Info Warfare Campaign
- Anthem in Record $16m HIPAA Settlement
ASIA
- Saudi Future Investment Initiative website defaced by the hackers
- Hackers Deface Website of Saudi Investment Forum
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- A week in security (October 15 – 21)
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- WebLogic Remote Code Execution Vulnerability(CVE-2018-3245) Threat Alert
- India’s First Cryptocurrency ATM To Buy and Sell Cryptocurrencies
WORLD
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- US Tops Global Malware C2 Distribution
- A week in security (October 15 – 21)
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- Safeguarding the Nation’s Critical Infrastructure
- New Ethics Guidance for Lawyers from the American Bar Association (ABA) Regarding Data Breach and Cyber-attack
- The boom of fileless malware attacks: How can we fight it?
- Criminals Hijacked Records of 75 000 Users from
- The Russian built #VPNFilter #botnet was taken down by the @FBI after over 500,000 routers were infected. However, VPNFilter is
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- iCloud Hacker Wants $175,000 Ransom to Be Paid In Bitcoin (BTC)
- Repairnator bot finds software bugs, successfully submits patches
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- New APT GreyEnergy Found to Target EU Critical Systems, Linked to BlackEnergy
- US Indicts Another Russian for Role in Info Warfare Campaign
- Anthem in Record $16m HIPAA Settlement
- Are you aware of #Canada's data breach regulations? Get up to speed on the #blog:
ATTACKS
- CMS portal breach exposes 75,000 individuals' records
- New Ethics Guidance for Lawyers from the American Bar Association (ABA) Regarding Data Breach and Cyber-attack
- According to the report, researchers detected 33,568 email addresses of finance departments that had been exposed by third parties. Can
- #NetSpectre leaks data remotely via side-channel attacks. Learn from expert Michael Cobb of @thehairyITdog why data from #microprocessors is not
- Phishing Scheme Leverages Azure Blob Storage and Hurricane Michael
- Criminals Hijacked Records of 75 000 Users from
- Strict password policy could prevent credential reuse, paper suggests
- A #ZeroDay in #jQuery File Upload could affect thousands of projects because the jQuery #plugin vulnerability has existed for eight
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- US Indicts Another Russian for Role in Info Warfare Campaign
- What are DMARC records and can they improve email security?
- Anthem in Record $16m HIPAA Settlement
- The Hunt - Our new data breach detection video looks like a Mission Impossible trailer. However, the threats are for
- #NetSpectre exploits speculative execution to leak data remotely via side-channel attacks. Learn how this #SecurityVulnerability affects the #cloud from expert
- The most interesting Internet-connected vehicle hacks on record
- Web Hosting Software VestaCP Server Compromised With DDoS Malware
- Find out how #TLBleed abuses @Intel's HTT chip feature to leak data via TLB
- Natural Disaster Related Phishing Scam Abusing Microsoft Azure to Steal login Credentials & Credit Card Numbers
- Are you aware of #Canada's data breach regulations? Get up to speed on the #blog:
THREATS
- Cisco, F5 Networks Investigate libssh Vulnerability Impact
- How to detect hardware-based server bugs
- Flaw in Media Library Impacts VLC, Other Software
- Libssh CVE-2018-10933 Scanners & Exploits Released - Apply Updates Now
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- Blockchain Security and Privacy
- Recent Branch.io Patch Creates New XSS Flaw
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- US Tops Global Malware C2 Distribution
- Signal Upgrade Process Leaves Unencrypted Messages on Disk
- Gamma ransomware compromises data on 16,000 patients at California hernia institute
- Critical Bug Impacts Live555 Media Streaming Libraries
- A newly disclosed #libSSH vulnerability could allow an attacker #AdminAccess to a server with little effort. By @MT_Heller
- Zero-day jQuery plugin vulnerability exploited for 3 years
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- CVE-2018-4013: LIVE555 streaming media RTSP Server Remote Code Execution Vulnerability
- The boom of fileless malware attacks: How can we fight it?
- Ransomware: A cheat sheet for professionals
- Popular website plugin harboured a serious 0-day for years
- A #ZeroDay in #jQuery File Upload could affect thousands of projects because the jQuery #plugin vulnerability has existed for eight
- It's OK, I'm verified - Libssh flaw allows attackers to bypass server authentication
- Octopus Malware
- iCloud Hacker Wants $175,000 Ransom to Be Paid In Bitcoin (BTC)
- Repairnator bot finds software bugs, successfully submits patches
- Drupal Patched Critical RCE Vulnerabilities In Drupal 7 and 8
- Trade.io loses $7.5Mil worth of cryptocurrency in mysterious cold wallet hack
- FreeRTOS flaws expose millions of IoT devices to cyber attacks
- The latest variant of Satan ransomware is spreading in the wild
- The .@iDefense Vulnerability Contributor Program (VCP) bug-bounty initiative continues to attract top contributors. Join them by submitting your 0-day for
- Maker of LuminosityLink RAT gets 30 months in the clink
- Introducing Infura: Connecting DApps With Ethereum Without Setting up Ethereum Nodes
- Critical vulnerabilities on FreeRTOS expose many systems to attacks
- WebLogic Remote Code Execution Vulnerability(CVE-2018-3245) Threat Alert
- MPlayer and VLC media player affected by critical flaw CVE-2018-4013
- Web Hosting Software VestaCP Server Compromised With DDoS Malware
- Adding the EICAR string to your name as part of the visitor self-registration process is a bit of a faux
- Business-minded hackers are testing blockchain technologies to secure their illegal operations. Here's what enterprises can learn from them:
- Remote Code Execution Flaws Found in FreeRTOS - Popular OS for Embedded Systems
- India’s First Cryptocurrency ATM To Buy and Sell Cryptocurrencies
- Why does Windows 10 have many bugs?
CRIME
- Blockchain Security and Privacy
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- A week in security (October 15 – 21)
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- The boom of fileless malware attacks: How can we fight it?
- Phishing Scheme Leverages Azure Blob Storage and Hurricane Michael
- iCloud Hacker Wants $175,000 Ransom to Be Paid In Bitcoin (BTC)
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- The latest variant of Satan ransomware is spreading in the wild
- US Indicts Another Russian for Role in Info Warfare Campaign
- Natural Disaster Related Phishing Scam Abusing Microsoft Azure to Steal login Credentials & Credit Card Numbers
POLITICS
- Saudi Future Investment Initiative website defaced by the hackers
- New Ethics Guidance for Lawyers from the American Bar Association (ABA) Regarding Data Breach and Cyber-attack
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- Octopus Malware
- New APT GreyEnergy Found to Target EU Critical Systems, Linked to BlackEnergy
- US Indicts Another Russian for Role in Info Warfare Campaign
DATA BREACH & DATA LOSS
- HealthCare.gov Suffered Data Breach As Hackers Stole 75,000 Records
- Week in review: Pentagon data breach, cybersecurity workforce gap, who gets spear phished?
- Another US Voters Data Leak Via Tea Party PAC Misconfigured S3 Bucket
- Travel data for about 30,000 individuals was exposed in a Pentagon #DataBreach and experts expect that the information could be
- A combination of #SecurityFlaws and inadequate back-end development of the @Google Firebase database led to #DataLeaks and #SecurityVulnerabilities including HospitalGown.
- Hackers Breach HealthCare.gov System and Steals Sensitive Personal Data of 75,000 Customers
DENIAL-OF-SERVICE
Nil
MALVERTISING
Nil
PHISHING
- Hackers launched @netflix #phishing attacks by obtaining TLS certificates. Learn how hackers mimic popular websites to spoof users and steal
WEB DEFACEMENT
Nil
BOTNET
Nil
RANSOMWARE
- Kraken Cryptor Ransomware Connecting to BleepingComputer During Encryption
- Banking trojans, not #ransomware, are the biggest threat to the enterprise now.
CRYPTOMINING & CRYPTOCURRENCIES
- Kraken Cryptor Ransomware Connecting to BleepingComputer During Encryption
MALWARE
- GreyEnergy Malware Targets Energy and Transport Providers
- Then a vendor calls.
A quality control system is running a hidden process.
That shouldn’t be happening.
The vendor rep
EXPLOIT
Nil
VULNERABILITY
- Multiple Vulnerabilities In Telepresence Robots Patched
- Tumblr Patched Privacy Bug That Could Expose Sensitive Account Details
- WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS
- 2 Million Network Storage Devices From WD, SeaGate, NetGear Affected by Unpatched Zero-Day Vulnerabilities
ASIA
- DarkPulsar and other NSA hacking tools used in hacking operations in the wild
- Security Affairs newsletter Round 185 – News of the week
WORLD
- HealthCare.gov Suffered Data Breach As Hackers Stole 75,000 Records
- DarkPulsar and other NSA hacking tools used in hacking operations in the wild
- Another US Voters Data Leak Via Tea Party PAC Misconfigured S3 Bucket
- GreyEnergy Malware Targets Energy and Transport Providers
- Security Affairs newsletter Round 185 – News of the week
- WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS
ATTACKS
- HealthCare.gov Suffered Data Breach As Hackers Stole 75,000 Records
- Week in review: Pentagon data breach, cybersecurity workforce gap, who gets spear phished?
- Another US Voters Data Leak Via Tea Party PAC Misconfigured S3 Bucket
- Travel data for about 30,000 individuals was exposed in a Pentagon #DataBreach and experts expect that the information could be
- Hackers launched @netflix #phishing attacks by obtaining TLS certificates. Learn how hackers mimic popular websites to spoof users and steal
- A combination of #SecurityFlaws and inadequate back-end development of the @Google Firebase database led to #DataLeaks and #SecurityVulnerabilities including HospitalGown.
- Hackers Breach HealthCare.gov System and Steals Sensitive Personal Data of 75,000 Customers
THREATS
- Multiple Vulnerabilities In Telepresence Robots Patched
- Tumblr Patched Privacy Bug That Could Expose Sensitive Account Details
- GreyEnergy Malware Targets Energy and Transport Providers
- Kraken Cryptor Ransomware Connecting to BleepingComputer During Encryption
- Banking trojans, not #ransomware, are the biggest threat to the enterprise now.
- Then a vendor calls.
A quality control system is running a hidden process.
That shouldn’t be happening.
The vendor rep
- WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS
- 2 Million Network Storage Devices From WD, SeaGate, NetGear Affected by Unpatched Zero-Day Vulnerabilities
CRIME
- Security Affairs newsletter Round 185 – News of the week
POLITICS
- Security Affairs newsletter Round 185 – News of the week
DATA BREACH & DATA LOSS
- AWS FreeRTOS Bugs Allow Compromise of IoT Devices
- Campaign 2018: Artificial intelligence is automating attacks on political campaigns
- Chinese Hackers Use 'Datper' Trojan in Recent Campaign
- A Pentagon #DataBreach exposed data on at least 30,000 individuals, but other details about the incident are still scarce. By
- Campaign 2018: Artificial Intelligence Is Automating Attacks On Political Campaigns
- New RTF-based Campaign Distributing Agent Tesla and Loki Malware
- Did you know? Corporate email accounts can be compromised for as little as $150. Read more key findings from our
- US Voter Leak Hits Tea Party Organization
- VestaCP users warned about possible server compromise
- jQuery File Upload Plugin Vulnerable for 8 Years and Only Hackers Knew
- Recent phishing campaign against the Office of the First Deputy Prime Minister - Kingdom of Bahrain. Targeting Aysha Bukhelli, spoofed
- Campaign launched to protect ethical hackers in the Americas
- The blogging site Tumblr has disclosed and fixed a security flaw that could have exposed sensitive account information.
- Facepunch 2016 breach exposed 343,000 users
- Today we're explaining #Canada's Data Breach Regulations on the #blog. Jet on over to find out if your organization complies
- ADHA's non-process for releasing My Health Record data revealed
- MikroTik routers targeted by cryptomining campaign | Avast
- Vulnerability in Tumblr could have compromise users’ account data
- Poor security practices and access to hacking services are making it easy for #cybercriminals to compromise business email, research reveals:
DENIAL-OF-SERVICE
- New DDoS Malware Infects Open-Source Web Hosting Software
- Lawfare editor on persistent DDoS attack: 'We wish they'd knock it off'
- DDoS Attack Prevention Method on Your Enterprise’s Systems – A Detailed Report
MALVERTISING
Nil
PHISHING
- Password and credit card-stealing Azorult malware adds new tricks
- AISA 2018: Hunting for phishing kits
- Hackers launched #phishing attacks against @netflix users via malicious sites with TLS certificates. Learn how hackers mimic popular websites to
- Recent phishing campaign against the Office of the First Deputy Prime Minister - Kingdom of Bahrain. Targeting Aysha Bukhelli, spoofed
- #HurricaneMichael #phishing schemes leverage Azure blob storage to rake in credentials. http://ow.ly/J6m850js1sk via the @threatinsight research team.
WEB DEFACEMENT
Nil
BOTNET
- Ok now, which one of you is running this Twitter botnet of fake infosec professionals?
RANSOMWARE
- City Pays $2,000 in Computer Ransomware Attack
- Water Utility ONWASA Hit by Ransomware Attack
- Madison County Computer Systems Face a Ransomware Attack
- The Week in Ransomware - October 19th 2018 - GandCrab, Birbware, and More
- Top 4 tips to avoid getting hit by ransomware
- Onslow County Utility Hit with Ransomware Attack
CRYPTOMINING & CRYPTOCURRENCIES
- Report: Cryptocurrency Exchanges Lost $882 Million to Hackers
- MikroTik routers targeted by cryptomining campaign | Avast
- Fraudster Targets Cryptocurrency Wallets with a Variety of Info Stealers
MALWARE
- Small or Big Business, Malware Hits Everyone
- Kaspersky says it detected infections with DarkPulsar, alleged NSA malware
- Chinese Hackers Use 'Datper' Trojan in Recent Campaign
- Password and credit card-stealing Azorult malware adds new tricks
- SettingContent-ms can be Abused to Drop Complex DeepLink and Icon-based Payload
- New DDoS Malware Infects Open-Source Web Hosting Software
- America’s First: US Leads in Global Malware C2 Distribution
- New RTF-based Campaign Distributing Agent Tesla and Loki Malware
- Hackers launched #phishing attacks against @netflix users via malicious sites with TLS certificates. Learn how hackers mimic popular websites to
- The Golden Age of Malware
- LuminosityLink RAT author sentenced to 30 years in prison
- Inside Safari Extensions | Malware’s Golden Key to User Data
- .@TrendMicro researchers discovered a malicious #ChromeExtension spreading #malware. Learn more with expert @lewisnic.
- ADHA's non-process for releasing My Health Record data revealed
- APT Group Uses Datper Malware To Launch Cyber Attack on Asia Countries by Executing Shell Commands
- Canberra competence shines in day of PM domain lapses and tortured analogies
EXPLOIT
- NSA-Linked 'DarkPulsar' Exploit Tool Detailed
VULNERABILITY
- libssh Vulnerability: Is WatchGuard Affected?
- 0-Day in jQuery Plugin Impacts Thousands of Applications
- Fixing a CSRF Vulnerability
- This Week in Security News: Apex One™ Release and Java Usage Tracker Flaws
- AWS FreeRTOS Bugs Allow Compromise of IoT Devices
- Drupal dev team fixed Remote Code Execution flaws in the popular CMS
- Flaw in Libssh Grants Admin Control to Servers
- FreeRTOS Vulnerabilities Expose Many Systems to Attacks
- Linksys E Series Vulnerabilities
- Google warns Apple: Missing bugs in your security bulletins are 'disincentive to patch'
- jQuery Zero-Day Was Exploited For At Least Three Years
- A Serious Security Flaw Found in LibSSH
- In this week's Risk & Repeat podcast, editors discuss the #GAOreport on vulnerabilities and weaknesses in military weapons systems and
- Splunk addressed several vulnerabilities in Enterprise and Light products
- Serious D-Link router security flaws may never be patched
- Scams and flaws: Why we get duped
- Remote Code Execution Flaws Patched in Drupal
- Tumblr bug bounty program detects flaw, no user info lost
- .@Google Firebase's lack of #DatabaseSecurity and inadequate #BackendDevelopment led to #DataLeaks and vulnerabilities, including HospitalGown. Learn more about this
- The blogging site Tumblr has disclosed and fixed a security flaw that could have exposed sensitive account information.
- Critical Flaw Found in Streaming Library Used by VLC and Other Media Players
- Drupal Remote Code Execution Vulnerability Alert
- Business emails could represent a major security flaw for UK companies, after it was revealed millions of account details are
- Splunk Patches Several Flaws in Enterprise, Light Products
- Vulnerability in Tumblr could have compromise users’ account data
- Three critical vulnerabilities can be chained to take full control of D-Link routers
- Zero-day in popular jQuery plugin actively exploited for at least three years
- Tumblr serious vulnerability can reveal everyone information
- Critical Flaws Found in Amazon FreeRTOS IoT Operating System
ASIA
- Kaspersky says it detected infections with DarkPulsar, alleged NSA malware
- The Week in Ransomware - October 19th 2018 - GandCrab, Birbware, and More
- Chinese Hackers Use 'Datper' Trojan in Recent Campaign
- Recent phishing campaign against the Office of the First Deputy Prime Minister - Kingdom of Bahrain. Targeting Aysha Bukhelli, spoofed
- Secret Comment Crew Code Spotted in New Attack
- Attackers behind Operation Oceansalt reuse code from Chinese Comment Crew
- APT Group Uses Datper Malware To Launch Cyber Attack on Asia Countries by Executing Shell Commands
OCEANIA
- AISA 2018: Hunting for phishing kits
- ADHA's non-process for releasing My Health Record data revealed
- Authorities seize properties of creators of “Infamous” cheat code, for GTA V
- Canberra competence shines in day of PM domain lapses and tortured analogies
NORTH AMERICA
- Small or Big Business, Malware Hits Everyone
- America’s First: US Leads in Global Malware C2 Distribution
- In this week's Risk & Repeat podcast, editors discuss the #GAOreport on vulnerabilities and weaknesses in military weapons systems and
- US Voter Leak Hits Tea Party Organization
- Secret Comment Crew Code Spotted in New Attack
- #GroupIB is a platinum sponsor @Gartner_inc Security & Risk Management Summit (Dubai, UAE, 22-23 October 2018) Visit us at Stand
- Attackers behind Operation Oceansalt reuse code from Chinese Comment Crew
- Today we're explaining #Canada's Data Breach Regulations on the #blog. Jet on over to find out if your organization complies
- Inside Safari Extensions | Malware’s Golden Key to User Data
- Lawfare editor on persistent DDoS attack: 'We wish they'd knock it off'
SOUTH AMERICA
Nil
EUROPE
- Small or Big Business, Malware Hits Everyone
- This Week in Security News: Apex One™ Release and Java Usage Tracker Flaws
- Kaspersky says it detected infections with DarkPulsar, alleged NSA malware
- GreyEnergy
- Onslow County Utility Hit with Ransomware Attack
- Report: Cryptocurrency Exchanges Lost $882 Million to Hackers
- Business emails could represent a major security flaw for UK companies, after it was revealed millions of account details are
- Three critical vulnerabilities can be chained to take full control of D-Link routers
- Lawfare editor on persistent DDoS attack: 'We wish they'd knock it off'
AFRICA
- Lawfare editor on persistent DDoS attack: 'We wish they'd knock it off'
