ASIA
- FireEye links Russia-owned lab to Trisis developers
- Russian Malware Was Apparently Used in an Attempt to Sabotage a Saudi Petrol Plant
- Chinese Cyber Espionage Group using Datper Trojan
- Saudi Investment Site Defaced After Journalist’s Murder
- NSA Tools Used to Attack Nuclear Energy Firms
- Burned malware returns, says Cylance report: Is Hacking Team responsible?
- libssh Server-Side Identity Authentication Bypass Vulnerability (CVE-2018-10933)Threat Alert
- WebLogic Remote Code Execution Vulnerability(CVE-2018-3191)Threat Alert
- North Korean Hackers Stole $571 Million Worth of CryptoCoins in Less Than 24 Months
- Hacking operations with DarkPulsar and other tools developed by the NSA
- Can Cybercriminals Hack Blockchain?
WORLD
- When Ransomware Stopped Working Harder and Started Working Smarter
- Experts advocate for 'ATT&CK' as go-to framework to share threat intel
- FireEye links Russia-owned lab to Trisis developers
- Triton Malware Linked to Russian Government Research Institute
- FireEye links Russian research lab to Triton ICS malware attacks
- An ISP Left Corporate Passwords, Keys, and All its Data Exposed on the Internet
- Securing Government Operations with Cloud-based Malware Analysis
- Russian Malware Was Apparently Used in an Attempt to Sabotage a Saudi Petrol Plant
- TRITON Attribution: Russian Government-Owned Lab Most Likely Built
Custom Intrusion Tools for TRITON Attackers
- Inside Safari Extensions | Malicious Plugins Remain on Mojave
- Quantifying Vulnerability Risk: How to Quickly Calculate and Prioritize Risk
- Phishing attacks becoming more targeted, phishers love Microsoft the most
- Indiana National Guard hit by ransomware
- #sLoad and #Ramnit pairing in sustained personalized campaigns against UK and Italy
- UK and US sign military Cyber Accord to dominate cyber domain - with help from business
- Saudi Investment Site Defaced After Journalist’s Murder
- NSA Tools Used to Attack Nuclear Energy Firms
- Burned malware returns, says Cylance report: Is Hacking Team responsible?
- “We’re less likely to be caught up in a massive breach of highly available PII or financial data that gets
- The fix for the DOM-based XSS in Branch.io introduced a new XSS flaw
- Morrisons loses appeal over data breach
- Hacking operations with DarkPulsar and other tools developed by the NSA
- Can Cybercriminals Hack Blockchain?
ATTACKS
- Case Study: Protecting PII
- An ISP Left Corporate Passwords, Keys, and All its Data Exposed on the Internet
- Top 10 security steps in Microsoft 365 that political campaigns can take today
- Critical vulnerabilities in FreeRTOS allowed for IoT device compromise
- Thousands of applications affected by a zero-day issue injQuery File Upload plugin
- Malicious actors attacked a back-end insurance system and the resulting @HealthCareGov #breach exposed an unknown amount of data on 75,000
- Identify when your data is exposed, your brand is abused, or your company is mentioned on the dark web. Test
- Phishing is still the most commonly used attack on organizations, survey says
- New Phishing Attack That Uses Multiple Replica Sign-In Pages
- How sophisticated phishing grants attackers total control of your computer
- How sophisticated phishing grants attackers total control of your computer
- Thousands of Applications Vulnerable to RCE via jQuery File Upload
- Facebook has seen several data breaches in the last few months, leading the company to look into acquiring a
- 5 Ways #Cybercriminals Can Access Your Emails Without Phishing [Infographic]:
- Phishing attacks becoming more targeted, phishers love Microsoft the most
- Police have issued a fresh warning concerning Fortnite and players giving out their personal details online.
Cheshire Police posted on Facebook,
- Adult websites shuttered after 1.2 million user details exposed
- #sLoad and #Ramnit pairing in sustained personalized campaigns against UK and Italy
- Learn how hackers launched #phishing attacks against @netflix users with expert Michael Cobb of @thehairyITdog
- jQuery? More like preyQuery: File upload tool can be exploited to hijack at-risk websites
- "Advanced attacks, spear-phishing and data breaches are the norm, instead of the exception. We need to address these issues with
- “We’re less likely to be caught up in a massive breach of highly available PII or financial data that gets
- Phishing Report Shows Microsoft, Paypal, & Netflix as Top Targets
- A flaw in @Google Firebase #DatabaseSecurity allowed hackers to bypass security and leak data. Learn more about this #SecurityFlaw and
- Morrisons loses appeal over data breach
- 4 suggerimenti per utilizzare al meglio il vostro #password manager e generare password davvero efficaci. Ebbene sì, repetita juvant :)
- Morrisons loses appeal against data breach liability ruling
- A #ZeroDay in the popular #jQuery File Upload plugin could affect thousands of projects and the jQuery #plugin vulnerability may
THREATS
- DHS warns of another dangerous flaw in Advantech WebAccess SCADA software
- Burned malware returns, according to Cylance: is Hacking Team responsible?
- Microsoft Windows zero-day disclosed on Twitter, again
- AWS FreeRTOS Riddled with Security Vulnerabilities | Avast
- When Ransomware Stopped Working Harder and Started Working Smarter
- City Pays $2K in Ransomware, Stirs ‘Never Pay’ Debate
- Status of Today’s Email as a Malware Vector
- Case Study: Destructive Malware
- Case Study: Ransomware
- Banking Trojan Infections Persist Throughout the State
- Triton Malware Linked to Russian Government Research Institute
- Why the blockchain is not secure
- FireEye links Russian research lab to Triton ICS malware attacks
- Securing Government Operations with Cloud-based Malware Analysis
- How RATs infect computers with malicious software
- This is how government spyware StrongPity uses security researchers' work against them
- Russian Malware Was Apparently Used in an Attempt to Sabotage a Saudi Petrol Plant
- Indiana National Guard Suffers Ransomware Attack
- Inside Safari Extensions | Malicious Plugins Remain on Mojave
- Critical vulnerabilities in FreeRTOS allowed for IoT device compromise
- Thousands of applications affected by a zero-day issue injQuery File Upload plugin
- Grave TCP/IP Flaws In FreeRTOS Leave IoT Gear Open To Mass Hijacking
- Malicious actors attacked a back-end insurance system and the resulting @HealthCareGov #breach exposed an unknown amount of data on 75,000
- Trade.io Cold Wallet Hacked Losing 50 Million TIO Tokens – TIO Coin To Be Forked
- H-Worm and jRAT Malware: Two RATs are Better than One
- Patch now! Multiple serious flaws found in Drupal
- How RATs infect computers with malicious software
- Quantifying Vulnerability Risk: How to Quickly Calculate and Prioritize Risk
- What do you think the combination of the #TrickBot banking Trojan to #IcedID means for the future of banking #Trojans?
- Indiana National Guard hit by ransomware
- Amazon Patched Multiple IoT Vulnerabilities Affecting Its Smart Devices
- Updated Azorult malware for sale on the Dark Web
- Amazon patches IoT and critical infrastructure security flaws
- Why is Elon Musk promoting this Bitcoin scam? (He’s not)
- UK and US sign military Cyber Accord to dominate cyber domain - with help from business
- Chinese Cyber Espionage Group using Datper Trojan
- Patch me, if you can: Grave TCP/IP flaws in FreeRTOS leave IoT gear open to mass hijacking
- Several vulnerabilities were found in controllers made by @Universal_Robot. Discover what these #robot controllers are used for and how
- Burned malware returns, says Cylance report: Is Hacking Team responsible?
- How do newly found flaws affect robot controllers?
- Firmware zero-day leaves 2m storage devices open to RCE
- Report: Cryptocurrency hackers earned $20M with 51-percent attacks in 2018
- A flaw in @Google Firebase #DatabaseSecurity allowed hackers to bypass security and leak data. Learn more about this #SecurityFlaw and
- CyberSecurity Asean security alert on Multiple Vulnerabilities in Cisco WebEx Network Recording Player for Advanced Recording Format Files Could Allow for Arbitrary Code Execution
- Bug Spells Doom for Nearly-Vacant Google+ Network
- The fix for the DOM-based XSS in Branch.io introduced a new XSS flaw
- libssh Server-Side Identity Authentication Bypass Vulnerability (CVE-2018-10933)Threat Alert
- Have you ever wondered why #ransomware attacks happen on the Friday before a long weekend? We've teamed up with @SentinelOne
- WebLogic Remote Code Execution Vulnerability(CVE-2018-3191)Threat Alert
- Different Vendors Confirm The Impact Of LibSSH Flaw On Their Products
- Apple has launched its university ID Cards feature in Wallet. Students at three universities can now access their student ID
- FreeRTOS IoT OS Critical Vulnerabilities Affected Million of Smart Home & Critical Infrastructure Based IoT Devices
- LIVE555 Streaming library affected by remote code execution vulnerability
- Can Cybercriminals Hack Blockchain?
- A Beginner’s Guide to Bitcoin Mining (Bitcoin Mining 101)
- Windows 10 1809 Zip Extraction Bug Overwrites Files without Confirmation
- A #ZeroDay in the popular #jQuery File Upload plugin could affect thousands of projects and the jQuery #plugin vulnerability may
CRIME
- Inside Safari Extensions | Malicious Plugins Remain on Mojave
- Thousands of applications affected by a zero-day issue injQuery File Upload plugin
- H-Worm and jRAT Malware: Two RATs are Better than One
- New Phishing Attack That Uses Multiple Replica Sign-In Pages
- Why is Elon Musk promoting this Bitcoin scam? (He’s not)
- Morrisons loses appeal over data breach
- North Korean Hackers Stole $571 Million Worth of CryptoCoins in Less Than 24 Months
- Can Cybercriminals Hack Blockchain?
POLITICS
- An ISP Left Corporate Passwords, Keys, and All its Data Exposed on the Internet
- Top 10 security steps in Microsoft 365 that political campaigns can take today
- Russian Malware Was Apparently Used in an Attempt to Sabotage a Saudi Petrol Plant
- TRITON Attribution: Russian Government-Owned Lab Most Likely Built
Custom Intrusion Tools for TRITON Attackers
- Chinese Cyber Espionage Group using Datper Trojan
- Saudi Investment Site Defaced After Journalist’s Murder
- NSA Tools Used to Attack Nuclear Energy Firms
DATA BREACH & DATA LOSS
- CMS portal breach exposes 75,000 individuals' records
- New Ethics Guidance for Lawyers from the American Bar Association (ABA) Regarding Data Breach and Cyber-attack
- According to the report, researchers detected 33,568 email addresses of finance departments that had been exposed by third parties. Can
- #NetSpectre leaks data remotely via side-channel attacks. Learn from expert Michael Cobb of @thehairyITdog why data from #microprocessors is not
- Criminals Hijacked Records of 75 000 Users from
- A #ZeroDay in #jQuery File Upload could affect thousands of projects because the jQuery #plugin vulnerability has existed for eight
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- US Indicts Another Russian for Role in Info Warfare Campaign
- What are DMARC records and can they improve email security?
- Anthem in Record $16m HIPAA Settlement
- The Hunt - Our new data breach detection video looks like a Mission Impossible trailer. However, the threats are for
- #NetSpectre exploits speculative execution to leak data remotely via side-channel attacks. Learn how this #SecurityVulnerability affects the #cloud from expert
- The most interesting Internet-connected vehicle hacks on record
- Web Hosting Software VestaCP Server Compromised With DDoS Malware
- Find out how #TLBleed abuses @Intel's HTT chip feature to leak data via TLB
- Are you aware of #Canada's data breach regulations? Get up to speed on the #blog:
DENIAL-OF-SERVICE
- NSA Hacking Tools Used Against Nuke, Aerospace Worlds
- Web Hosting Software VestaCP Server Compromised With DDoS Malware
MALVERTISING
Nil
PHISHING
- Phishing Scheme Leverages Azure Blob Storage and Hurricane Michael
- Strict password policy could prevent credential reuse, paper suggests
- Natural Disaster Related Phishing Scam Abusing Microsoft Azure to Steal login Credentials & Credit Card Numbers
WEB DEFACEMENT
- Saudi Future Investment Initiative website defaced by the hackers
- Hackers Deface Website of Saudi Investment Forum
BOTNET
- The Russian built #VPNFilter #botnet was taken down by the @FBI after over 500,000 routers were infected. However, VPNFilter is
RANSOMWARE
- Gamma ransomware compromises data on 16,000 patients at California hernia institute
- Ransomware: A cheat sheet for professionals
- The latest variant of Satan ransomware is spreading in the wild
CRYPTOMINING & CRYPTOCURRENCIES
- Blockchain Security and Privacy
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- iCloud Hacker Wants $175,000 Ransom to Be Paid In Bitcoin (BTC)
- Trade.io loses $7.5Mil worth of cryptocurrency in mysterious cold wallet hack
- Introducing Infura: Connecting DApps With Ethereum Without Setting up Ethereum Nodes
- Business-minded hackers are testing blockchain technologies to secure their illegal operations. Here's what enterprises can learn from them:
- India’s First Cryptocurrency ATM To Buy and Sell Cryptocurrencies
MALWARE
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- US Tops Global Malware C2 Distribution
- Signal Upgrade Process Leaves Unencrypted Messages on Disk
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- The boom of fileless malware attacks: How can we fight it?
- Octopus Malware
- Maker of LuminosityLink RAT gets 30 months in the clink
- Web Hosting Software VestaCP Server Compromised With DDoS Malware
- Adding the EICAR string to your name as part of the visitor self-registration process is a bit of a faux
EXPLOIT
- Apple Voiceover Exploit Allows Attackers Access to Ios Devices
VULNERABILITY
- Cisco, F5 Networks Investigate libssh Vulnerability Impact
- How to detect hardware-based server bugs
- Flaw in Media Library Impacts VLC, Other Software
- Libssh CVE-2018-10933 Scanners & Exploits Released - Apply Updates Now
- Recent Branch.io Patch Creates New XSS Flaw
- Critical Bug Impacts Live555 Media Streaming Libraries
- A newly disclosed #libSSH vulnerability could allow an attacker #AdminAccess to a server with little effort. By @MT_Heller
- Zero-day jQuery plugin vulnerability exploited for 3 years
- CVE-2018-4013: LIVE555 streaming media RTSP Server Remote Code Execution Vulnerability
- Popular website plugin harboured a serious 0-day for years
- A #ZeroDay in #jQuery File Upload could affect thousands of projects because the jQuery #plugin vulnerability has existed for eight
- It's OK, I'm verified - Libssh flaw allows attackers to bypass server authentication
- Repairnator bot finds software bugs, successfully submits patches
- Drupal Patched Critical RCE Vulnerabilities In Drupal 7 and 8
- FreeRTOS flaws expose millions of IoT devices to cyber attacks
- The .@iDefense Vulnerability Contributor Program (VCP) bug-bounty initiative continues to attract top contributors. Join them by submitting your 0-day for
- Critical vulnerabilities on FreeRTOS expose many systems to attacks
- WebLogic Remote Code Execution Vulnerability(CVE-2018-3245) Threat Alert
- MPlayer and VLC media player affected by critical flaw CVE-2018-4013
- Remote Code Execution Flaws Found in FreeRTOS - Popular OS for Embedded Systems
- Why does Windows 10 have many bugs?
ASIA
- Saudi Future Investment Initiative website defaced by the hackers
- Hackers Deface Website of Saudi Investment Forum
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- A week in security (October 15 – 21)
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- WebLogic Remote Code Execution Vulnerability(CVE-2018-3245) Threat Alert
- India’s First Cryptocurrency ATM To Buy and Sell Cryptocurrencies
OCEANIA
Nil
NORTH AMERICA
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- US Tops Global Malware C2 Distribution
- A week in security (October 15 – 21)
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- Safeguarding the Nation’s Critical Infrastructure
- New Ethics Guidance for Lawyers from the American Bar Association (ABA) Regarding Data Breach and Cyber-attack
- The boom of fileless malware attacks: How can we fight it?
- Criminals Hijacked Records of 75 000 Users from
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- US Indicts Another Russian for Role in Info Warfare Campaign
- Anthem in Record $16m HIPAA Settlement
- Are you aware of #Canada's data breach regulations? Get up to speed on the #blog:
SOUTH AMERICA
Nil
EUROPE
- A week in security (October 15 – 21)
- The Russian built #VPNFilter #botnet was taken down by the @FBI after over 500,000 routers were infected. However, VPNFilter is
- iCloud Hacker Wants $175,000 Ransom to Be Paid In Bitcoin (BTC)
- Repairnator bot finds software bugs, successfully submits patches
- New APT GreyEnergy Found to Target EU Critical Systems, Linked to BlackEnergy
- US Indicts Another Russian for Role in Info Warfare Campaign
AFRICA
Nil
HEALTHCARE
- CMS portal breach exposes 75,000 individuals' records
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- Gamma ransomware compromises data on 16,000 patients at California hernia institute
- Safeguarding the Nation’s Critical Infrastructure
- Criminals Hijacked Records of 75 000 Users from
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- Critical vulnerabilities on FreeRTOS expose many systems to attacks
- Anthem in Record $16m HIPAA Settlement
TRANSPORT
- NSA Hacking Tools Used Against Nuke, Aerospace Worlds
- Critical vulnerabilities on FreeRTOS expose many systems to attacks
BANKING & FINANCE
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- According to the report, researchers detected 33,568 email addresses of finance departments that had been exposed by third parties. Can
- Phishing Scheme Leverages Azure Blob Storage and Hurricane Michael
- FreeRTOS flaws expose millions of IoT devices to cyber attacks
- Critical vulnerabilities on FreeRTOS expose many systems to attacks
- Natural Disaster Related Phishing Scam Abusing Microsoft Azure to Steal login Credentials & Credit Card Numbers
- India’s First Cryptocurrency ATM To Buy and Sell Cryptocurrencies
INFORMATION & TELECOMMUNICATION
- Saudi Future Investment Initiative website defaced by the hackers
- Blockchain Security and Privacy
- A week in security (October 15 – 21)
- Popular website plugin harboured a serious 0-day for years
- The latest variant of Satan ransomware is spreading in the wild
FOOD
Nil
WATER
Nil
ENERGY
- Safeguarding the Nation’s Critical Infrastructure
- New APT GreyEnergy Found to Target EU Critical Systems, Linked to BlackEnergy
GOVERNMENT & PUBLIC SERVICE
- Saudi Future Investment Initiative website defaced by the hackers
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- CMS portal breach exposes 75,000 individuals' records
- Safeguarding the Nation’s Critical Infrastructure
- Criminals Hijacked Records of 75 000 Users from
- US Indicts Another Russian for Role in Info Warfare Campaign
- Anthem in Record $16m HIPAA Settlement
ASIA
- Saudi Future Investment Initiative website defaced by the hackers
- Hackers Deface Website of Saudi Investment Forum
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- A week in security (October 15 – 21)
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- WebLogic Remote Code Execution Vulnerability(CVE-2018-3245) Threat Alert
- India’s First Cryptocurrency ATM To Buy and Sell Cryptocurrencies
WORLD
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- US Tops Global Malware C2 Distribution
- A week in security (October 15 – 21)
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- Safeguarding the Nation’s Critical Infrastructure
- New Ethics Guidance for Lawyers from the American Bar Association (ABA) Regarding Data Breach and Cyber-attack
- The boom of fileless malware attacks: How can we fight it?
- Criminals Hijacked Records of 75 000 Users from
- The Russian built #VPNFilter #botnet was taken down by the @FBI after over 500,000 routers were infected. However, VPNFilter is
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- iCloud Hacker Wants $175,000 Ransom to Be Paid In Bitcoin (BTC)
- Repairnator bot finds software bugs, successfully submits patches
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- New APT GreyEnergy Found to Target EU Critical Systems, Linked to BlackEnergy
- US Indicts Another Russian for Role in Info Warfare Campaign
- Anthem in Record $16m HIPAA Settlement
- Are you aware of #Canada's data breach regulations? Get up to speed on the #blog:
ATTACKS
- CMS portal breach exposes 75,000 individuals' records
- New Ethics Guidance for Lawyers from the American Bar Association (ABA) Regarding Data Breach and Cyber-attack
- According to the report, researchers detected 33,568 email addresses of finance departments that had been exposed by third parties. Can
- #NetSpectre leaks data remotely via side-channel attacks. Learn from expert Michael Cobb of @thehairyITdog why data from #microprocessors is not
- Phishing Scheme Leverages Azure Blob Storage and Hurricane Michael
- Criminals Hijacked Records of 75 000 Users from
- Strict password policy could prevent credential reuse, paper suggests
- A #ZeroDay in #jQuery File Upload could affect thousands of projects because the jQuery #plugin vulnerability has existed for eight
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- US Indicts Another Russian for Role in Info Warfare Campaign
- What are DMARC records and can they improve email security?
- Anthem in Record $16m HIPAA Settlement
- The Hunt - Our new data breach detection video looks like a Mission Impossible trailer. However, the threats are for
- #NetSpectre exploits speculative execution to leak data remotely via side-channel attacks. Learn how this #SecurityVulnerability affects the #cloud from expert
- The most interesting Internet-connected vehicle hacks on record
- Web Hosting Software VestaCP Server Compromised With DDoS Malware
- Find out how #TLBleed abuses @Intel's HTT chip feature to leak data via TLB
- Natural Disaster Related Phishing Scam Abusing Microsoft Azure to Steal login Credentials & Credit Card Numbers
- Are you aware of #Canada's data breach regulations? Get up to speed on the #blog:
THREATS
- Cisco, F5 Networks Investigate libssh Vulnerability Impact
- How to detect hardware-based server bugs
- Flaw in Media Library Impacts VLC, Other Software
- Libssh CVE-2018-10933 Scanners & Exploits Released - Apply Updates Now
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- Blockchain Security and Privacy
- Recent Branch.io Patch Creates New XSS Flaw
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- US Tops Global Malware C2 Distribution
- Signal Upgrade Process Leaves Unencrypted Messages on Disk
- Gamma ransomware compromises data on 16,000 patients at California hernia institute
- Critical Bug Impacts Live555 Media Streaming Libraries
- A newly disclosed #libSSH vulnerability could allow an attacker #AdminAccess to a server with little effort. By @MT_Heller
- Zero-day jQuery plugin vulnerability exploited for 3 years
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- CVE-2018-4013: LIVE555 streaming media RTSP Server Remote Code Execution Vulnerability
- The boom of fileless malware attacks: How can we fight it?
- Ransomware: A cheat sheet for professionals
- Popular website plugin harboured a serious 0-day for years
- A #ZeroDay in #jQuery File Upload could affect thousands of projects because the jQuery #plugin vulnerability has existed for eight
- It's OK, I'm verified - Libssh flaw allows attackers to bypass server authentication
- Octopus Malware
- iCloud Hacker Wants $175,000 Ransom to Be Paid In Bitcoin (BTC)
- Repairnator bot finds software bugs, successfully submits patches
- Drupal Patched Critical RCE Vulnerabilities In Drupal 7 and 8
- Trade.io loses $7.5Mil worth of cryptocurrency in mysterious cold wallet hack
- FreeRTOS flaws expose millions of IoT devices to cyber attacks
- The latest variant of Satan ransomware is spreading in the wild
- The .@iDefense Vulnerability Contributor Program (VCP) bug-bounty initiative continues to attract top contributors. Join them by submitting your 0-day for
- Maker of LuminosityLink RAT gets 30 months in the clink
- Introducing Infura: Connecting DApps With Ethereum Without Setting up Ethereum Nodes
- Critical vulnerabilities on FreeRTOS expose many systems to attacks
- WebLogic Remote Code Execution Vulnerability(CVE-2018-3245) Threat Alert
- MPlayer and VLC media player affected by critical flaw CVE-2018-4013
- Web Hosting Software VestaCP Server Compromised With DDoS Malware
- Adding the EICAR string to your name as part of the visitor self-registration process is a bit of a faux
- Business-minded hackers are testing blockchain technologies to secure their illegal operations. Here's what enterprises can learn from them:
- Remote Code Execution Flaws Found in FreeRTOS - Popular OS for Embedded Systems
- India’s First Cryptocurrency ATM To Buy and Sell Cryptocurrencies
- Why does Windows 10 have many bugs?
CRIME
- Blockchain Security and Privacy
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- A week in security (October 15 – 21)
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- The boom of fileless malware attacks: How can we fight it?
- Phishing Scheme Leverages Azure Blob Storage and Hurricane Michael
- iCloud Hacker Wants $175,000 Ransom to Be Paid In Bitcoin (BTC)
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- The latest variant of Satan ransomware is spreading in the wild
- US Indicts Another Russian for Role in Info Warfare Campaign
- Natural Disaster Related Phishing Scam Abusing Microsoft Azure to Steal login Credentials & Credit Card Numbers
POLITICS
- Saudi Future Investment Initiative website defaced by the hackers
- New Ethics Guidance for Lawyers from the American Bar Association (ABA) Regarding Data Breach and Cyber-attack
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- Octopus Malware
- New APT GreyEnergy Found to Target EU Critical Systems, Linked to BlackEnergy
- US Indicts Another Russian for Role in Info Warfare Campaign
DATA BREACH & DATA LOSS
- HealthCare.gov Suffered Data Breach As Hackers Stole 75,000 Records
- Week in review: Pentagon data breach, cybersecurity workforce gap, who gets spear phished?
- Another US Voters Data Leak Via Tea Party PAC Misconfigured S3 Bucket
- Travel data for about 30,000 individuals was exposed in a Pentagon #DataBreach and experts expect that the information could be
- A combination of #SecurityFlaws and inadequate back-end development of the @Google Firebase database led to #DataLeaks and #SecurityVulnerabilities including HospitalGown.
- Hackers Breach HealthCare.gov System and Steals Sensitive Personal Data of 75,000 Customers
DENIAL-OF-SERVICE
Nil
MALVERTISING
Nil
PHISHING
- Hackers launched @netflix #phishing attacks by obtaining TLS certificates. Learn how hackers mimic popular websites to spoof users and steal
WEB DEFACEMENT
Nil
BOTNET
Nil
RANSOMWARE
- Kraken Cryptor Ransomware Connecting to BleepingComputer During Encryption
- Banking trojans, not #ransomware, are the biggest threat to the enterprise now.
CRYPTOMINING & CRYPTOCURRENCIES
- Kraken Cryptor Ransomware Connecting to BleepingComputer During Encryption
MALWARE
- GreyEnergy Malware Targets Energy and Transport Providers
- Then a vendor calls.
A quality control system is running a hidden process.
That shouldn’t be happening.
The vendor rep
EXPLOIT
Nil
VULNERABILITY
- Multiple Vulnerabilities In Telepresence Robots Patched
- Tumblr Patched Privacy Bug That Could Expose Sensitive Account Details
- WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS
- 2 Million Network Storage Devices From WD, SeaGate, NetGear Affected by Unpatched Zero-Day Vulnerabilities
ASIA
- DarkPulsar and other NSA hacking tools used in hacking operations in the wild
- Security Affairs newsletter Round 185 – News of the week
WORLD
- HealthCare.gov Suffered Data Breach As Hackers Stole 75,000 Records
- DarkPulsar and other NSA hacking tools used in hacking operations in the wild
- Another US Voters Data Leak Via Tea Party PAC Misconfigured S3 Bucket
- GreyEnergy Malware Targets Energy and Transport Providers
- Security Affairs newsletter Round 185 – News of the week
- WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS
ATTACKS
- HealthCare.gov Suffered Data Breach As Hackers Stole 75,000 Records
- Week in review: Pentagon data breach, cybersecurity workforce gap, who gets spear phished?
- Another US Voters Data Leak Via Tea Party PAC Misconfigured S3 Bucket
- Travel data for about 30,000 individuals was exposed in a Pentagon #DataBreach and experts expect that the information could be
- Hackers launched @netflix #phishing attacks by obtaining TLS certificates. Learn how hackers mimic popular websites to spoof users and steal
- A combination of #SecurityFlaws and inadequate back-end development of the @Google Firebase database led to #DataLeaks and #SecurityVulnerabilities including HospitalGown.
- Hackers Breach HealthCare.gov System and Steals Sensitive Personal Data of 75,000 Customers
THREATS
- Multiple Vulnerabilities In Telepresence Robots Patched
- Tumblr Patched Privacy Bug That Could Expose Sensitive Account Details
- GreyEnergy Malware Targets Energy and Transport Providers
- Kraken Cryptor Ransomware Connecting to BleepingComputer During Encryption
- Banking trojans, not #ransomware, are the biggest threat to the enterprise now.
- Then a vendor calls.
A quality control system is running a hidden process.
That shouldn’t be happening.
The vendor rep
- WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS
- 2 Million Network Storage Devices From WD, SeaGate, NetGear Affected by Unpatched Zero-Day Vulnerabilities
CRIME
- Security Affairs newsletter Round 185 – News of the week
POLITICS
- Security Affairs newsletter Round 185 – News of the week
