ASIA
- Fallout Exploit Kit Releases the Kraken Ransomware on Its Victims
- Kraken Cryptor Ransomware Gains Popularity Among Cybercriminals
- Parties Seek to Settle Yahoo Data Breach Class Action for $50M
- macOS Cryptomining Malware on the Rise
- Ransomware Threat Continues: How Infections Take Place
- .@FireEye security researchers claimed the Russian government was 'most likely' behind the #Triton #Malware attack on an industrial control system
- Cell Phone Security and Heads of State
- Disrupting the Flow: Exposed and Vulnerable Water and Energy Infrastructures
WORLD
- Fallout Exploit Kit Releases the Kraken Ransomware on Its Victims
- Kraken Cryptor Ransomware Gains Popularity Among Cybercriminals
- Girl Scouts data breach exposed personal information of 2,800 members
- SamSam ransomware group has hit 67 organizations in 2018, researchers say
- Parties Seek to Settle Yahoo Data Breach Class Action for $50M
- Bitcoin Dealer Who Operated Unlicensed Bitcoin Exchange Faces Five Years in Jail
- Malware Targeting Smartphones via Three DSP Providers
- macOS Cryptomining Malware on the Rise
- Malware Infection at USGS Traced to Employee’s Habit of Viewing Adult Content
- Ransomware Threat Continues: How Infections Take Place
- New SamSam ransomware campaign aims at targets across the US
- .@FireEye security researchers claimed the Russian government was 'most likely' behind the #Triton #Malware attack on an industrial control system
- Employee Watched Porn at Work via 9000 Web pages Drops Malware on U.S Government Network
- Treat or Trick? Six Dangerous Digital Threats Dressed up As Irresistible Treats
- SamSam: Targeted Ransomware Attacks Continue
- Is it a Phish? Halloween Edition
- A fed visited 9,000 porn sites, infecting government networks with Russian malware
- Threat Report: Jaff Ransomware Causes Havoc
- Cell Phone Security and Heads of State
- Millions of Voter Records Up for Sale Ahead of the US Midterm Elections
- There are plenty of different types of phishing attacks, but they all rely on the same basic mechanism: exploiting human
- 92% of External Web Apps Have Exploitable Security Flaws or Weaknesses: Report
- Anonymous knocks out Gabon government sites with DoS attack
- Disrupting the Flow: Exposed and Vulnerable Water and Energy Infrastructures
- The author of the Mirai botnet gets six months of house arrest
- The Russian built #VPNFilter #botnet was previously taken down after 500,000 routers were infected. However, recently it attempted a comeback.
- A good insight for Europeans on the process of the US mid-term elections and whether or it they are hackable
ATTACKS
- 4 tips to keep safe when phishing for treats this Halloween
- How database hacks could impact elections and voters' fears
- Girl Scouts data breach exposed personal information of 2,800 members
- How database hacks could impact elections and voters' fears
- Parties Seek to Settle Yahoo Data Breach Class Action for $50M
- Center for Internet Security looks to expand threat sharing program to political campaigns
- AI-Facilitated Product Aims to Stop Spear-Phishing Attacks
- Internet-Exposed HMIs Put Energy, Water Facilities at Risk: Report
- New SamSam ransomware campaign aims at targets across the US
- An Update on the jQuery-File-Upload Vulnerability
- INKY emerges from stealth with email spoofing, phishing protection service
- Is it a Phish? Halloween Edition
- Millions of Voter Records Up for Sale Ahead of the US Midterm Elections
- There are plenty of different types of phishing attacks, but they all rely on the same basic mechanism: exploiting human
- Prominent #malspam #Nymaim campaign with #BankBot #Anubis for Android UA.
APK's dropped from hxxp://pobierz48[.]tk/
SHA256: e0d17f4ff0196c6527f8aa47b3ef220d0f4e712805f99d38a0804f3ea9506ece
@ThreatFabric @virqdroid @LukasStefanko @
- Disrupting the Flow: Exposed and Vulnerable Water and Energy Infrastructures
- Thousands of critical energy and water systems exposed online for anyone to exploit
- If it's only able to leak data at 15 bits per hour, is #NetSpectre a serious threat? Learn more about
- An email hack affecting the Girl Scouts of Orange County, Calif. may have compromised the personal data of 2,800 members
- La tua azienda รจ davvero preparata in caso di data breach?
- By me @Forbes: 81.5M Voter Records For Sale On Dark Web Ahead Of Midterm Elections
- Compression File Formats of the past Come Haunting in Spam Campaigns
- Report on Phishing Attack Shows Microsoft, Paypal as well as Netflix as the Top Targets
- Cofense Triggers its Increased Phishing Defense Services
- Biggest data breach penalties for 2018
- New McAfee Report Reveals Data in the Cloud More Exposed Than Organizations Think
THREATS
- Fallout Exploit Kit Releases the Kraken Ransomware on Its Victims
- Kraken Cryptor Ransomware Gains Popularity Among Cybercriminals
- SamSam ransomware group has hit 67 organizations in 2018, researchers say
- Apple Fixes Creepy FaceTime Vulnerability, Crash Bug in macOS, and More
- Talos Vulnerability Discovery Year in Review – 2018
- Bitcoin Dealer Who Operated Unlicensed Bitcoin Exchange Faces Five Years in Jail
- Kraken Resurfaces From the Deep Web
- Malware Targeting Smartphones via Three DSP Providers
- GPlayed Trojan's Baby Brother Is After Your Bank Account
- macOS Cryptomining Malware on the Rise
- CVE-2018-15688: systemd remote code execution vulnerability affects Linux machines
- A #RemoteCodeExecution flaw in @Cisco Webex -- called WebExec -- could be an easy vector for insider attacks, and the
- Zero-day Windows Deletebug: How to squash this ‘low-quality' pest
- Microsoft Office Vulnerability Found, Check Point Research To The Rescue
- Malware Infection at USGS Traced to Employee’s Habit of Viewing Adult Content
- Ransomware Threat Continues: How Infections Take Place
- New SamSam ransomware campaign aims at targets across the US
- An Update on the jQuery-File-Upload Vulnerability
- Libssh Vulnerability Leaves Servers Open to Unauthorized Access
- Windows Zero-Day Vulnerability Disclosed
- Malicious Apps Removed From Google Play Store
- .@FireEye security researchers claimed the Russian government was 'most likely' behind the #Triton #Malware attack on an industrial control system
- Employee Watched Porn at Work via 9000 Web pages Drops Malware on U.S Government Network
- GandCrab: The Most Popular Multi-Million Dollar Ransomware of the Year
- SamSam: Targeted Ransomware Attacks Continue
- A fed visited 9,000 porn sites, infecting government networks with Russian malware
- GPlayed Trojan's baby brother is after your bank account
- .@Siemens SICLOCK central plant clocks were recently found to be affected by several vulnerabilities, some of which have been rated
- Nastiest malware of 2018: Top attack payloads wreaking havoc
- Threat Report: Jaff Ransomware Causes Havoc
- Snakes in the grass! Malicious code slithers into Python PyPI repository
- CommonRansom Ransomware Demands RDP Access to Decrypt Files
- Talos Vulnerability Discovery Year in Review - 2018
- The analysis of the attack which uses Excel 4.0 macro to avoid antivirus software detection
- 92% of External Web Apps Have Exploitable Security Flaws or Weaknesses: Report
- Prominent #malspam #Nymaim campaign with #BankBot #Anubis for Android UA.
APK's dropped from hxxp://pobierz48[.]tk/
SHA256: e0d17f4ff0196c6527f8aa47b3ef220d0f4e712805f99d38a0804f3ea9506ece
@ThreatFabric @virqdroid @LukasStefanko @
- 3 Reasons Enterprises Are Moving to Decentralized Blockchain Applications
- How to Be Protected from Malicious Message Crashing PS4 Console
- Windows 10 Bug Let UWP Apps Access All Files Without Users' Consent
- Another #BianLian Android banking #Trojan in #GooglePlay showing his other face by dropping #RedAlert v2.1
CC @Bank_Security @
- Widely Used Cryptocurrency App Launching 2 Different Powerful Backdoor on Mac Users
- Attackers getting better at quickly generating countless versions of existing #malware #antivirus @MariaKorolov -
- Unpatched MS Word Flaw Could Allow Hackers to Infect Your Computer
- Multiple Linux distributions affected by new vulnerability
- Malicious hackers and their interest in bypassing CAPTCHA
- Feature to attach video to Word files could be used to send malicious code
- Spring Framework 5.1.2 releases: bugs fix
- Most Important Security Tools and Resources For Security Researcher and Malware Analyst
- A good insight for Europeans on the process of the US mid-term elections and whether or it they are hackable
CRIME
- 4 tips to keep safe when phishing for treats this Halloween
- Fallout Exploit Kit Releases the Kraken Ransomware on Its Victims
- Kraken Cryptor Ransomware Gains Popularity Among Cybercriminals
- Parties Seek to Settle Yahoo Data Breach Class Action for $50M
- Bitcoin Dealer Who Operated Unlicensed Bitcoin Exchange Faces Five Years in Jail
- Malware Targeting Smartphones via Three DSP Providers
- macOS Cryptomining Malware on the Rise
- Judge Ordered Man to Pay $8 Million for Launching a DDoS Attack Against Rutgers
- AI-Facilitated Product Aims to Stop Spear-Phishing Attacks
- Ransomware Threat Continues: How Infections Take Place
- Treat or Trick? Six Dangerous Digital Threats Dressed up As Irresistible Treats
- INKY emerges from stealth with email spoofing, phishing protection service
- Is it a Phish? Halloween Edition
- Bushido Botnet Offered as MaaS
- 3 Reasons Enterprises Are Moving to Decentralized Blockchain Applications
- The author of the Mirai botnet gets six months of house arrest
- Malicious hackers and their interest in bypassing CAPTCHA
- New McAfee Report Reveals Data in the Cloud More Exposed Than Organizations Think
- Spring Framework 5.1.2 releases: bugs fix
POLITICS
- How database hacks could impact elections and voters' fears
- How database hacks could impact elections and voters' fears
- SamSam ransomware group has hit 67 organizations in 2018, researchers say
- Center for Internet Security looks to expand threat sharing program to political campaigns
- Cell Phone Security and Heads of State
- Anonymous knocks out Gabon government sites with DoS attack
DATA BREACH & DATA LOSS
- Girl Scouts Issues Data Breach Warning to 2,800 Members
- Cathay Pacific Suffers World’s Largest Airline Data Breach
- sLoad and Ramnit Campaign Against UK and Italy
- Secret Service Confirms Focus on Email Compromise Cybercrimes Worth $12 Billion
- Girl Scouts Alerted to Possible Data Breach
- 'Narwhal Spider' group's spam campaign targets Japanese recipients with URLZone malware
- DDoS and ransomware tools for starter and experienced cybercriminals exposed
- Biggest Manufacturing Data Breaches of the 21st Century
- The Worst Data Breach till Now 2018, and What It Means
- Crooks continue to abuse exposed Docker APIs for Cryptojacking
- IoT users uncertain if personal data is shared across multiple devices
- Hackers Breach System of Healthcare.Gov Exposing Personal Data of 75,000 Users
- Hackers steal personal data of up to 9.4 million Cathay Pacific passengers
- Leaked: iOS 12.1 will be released on October 30th
- 33,000 Accounting Inbox Credentials Exposed Online: BEC Made Easy | Read the details here:
DENIAL-OF-SERVICE
- Remote Denial of Service Vulnerability Patched in Squid Proxy Cache Server
- Man Ordered to Pay $8.6 Million for Launching DDoS Attacks against Rutgers University
- Mirai Author Gets House Arrest for DDoS Attacks on University
- DDoS and ransomware tools for starter and experienced cybercriminals exposed
MALVERTISING
Nil
PHISHING
- Phishing spikes as private health continues to be most breached sector in Australia
- Nation-State Phishing: A Country-Sized Catch
- A new phishing report reveals Microsoft, Paypal, and Netflix are among the top brands impersonated by phishing attacks.
Attackers tend to
- This is getting worse and worse. And is going to normalize and lead to much more successful phishing through SMS
- League of Legends Gamers Targeted by Phishing Scam | Avast
- What can we do to tackle today’s phishing epidemic?
- Das Geschรคft mit gestohlenen Login-Daten von Privatnutzern und Unternehmensanwendern boomt. US-Journalist Brian Krebs beziffert die "Ausbeute" bei mehreren 100.000 US-Dollar
- 19% still save their password on a piece of paper
- Vulnerability In Microsoft Word Online Video Feature Allows for Phishing
WEB DEFACEMENT
- Future Investment Initiative Conference Website, Defaced, Now Restored
BOTNET
- Mirai Botnet Operator Ordered to Pay $8.6 Million
- ‘DemonBot' Botnet Targets Hadoop Servers
- Rise of the Bots
RANSOMWARE
- The Ransomware Attack on a North Carolina Water Utility May Not Have Been What it Seemed
- Ransomware and the enterprise: A new white paper
- DDoS and ransomware tools for starter and experienced cybercriminals exposed
- #Antivirus SW alone can't stop new #malware or #ransomware. by @MariaKorolov -
- Have you ever wondered why #ransomware attacks happen on the Friday before a long weekend? We've teamed up with @SentinelOne
CRYPTOMINING & CRYPTOCURRENCIES
- Mac CryptoCurrency Price Tracker Caught Installing Backdoors
- Mac cryptocurrency ticker app installs backdoors
- Call of Duty players caught up in cryptocurrency theft racket
- Cyber-criminals exploit misconfigured container to deliver cryptominer
- Crooks continue to abuse exposed Docker APIs for Cryptojacking
- Revolutionary Blockchain 3.0 Under CSE Platform
MALWARE
- Videos and MS Office documents - ingredients for a malware attack
- Word documents seemingly carrying videos can deliver malicious code instead
- Downloading Google Chrome via Microsoft Edge Endangered by Malware
- Windows 10 UWP Bug Could Give Malicious Devs Access To All Your Files
- Advanced Malware Protection Affected by Bug That Can Inhibit Intrusion Detection
- Windows 10 UWP bug could give malicious devs access to all your files
- Malware That Accompanies Google Chrome Download Detected
- 'Narwhal Spider' group's spam campaign targets Japanese recipients with URLZone malware
- Vulnerability found in Sophos anti-malware product
- Privacy concerns cooling #InternetOfThings adoption in US & Europe, with consumers concerned about #DataLeaks, malware and product security (via @FSecure)
- Same Old yet Brand-new: New File Types Emerge in Malware Spam Attachments
- #Antivirus SW alone can't stop new #malware or #ransomware. by @MariaKorolov -
- Beware! Downloader Malware Disguised as Game Apps Found On Google Play with More Than 51,100 Installations
- Microsoft Bing Delivered Dangerous Malware When You Try to Download Google Chrome
EXPLOIT
- Researchers exploit Microsoft Word through embedded video
- Cyber-criminals exploit misconfigured container to deliver cryptominer
- Our adventures at @thezdi Pwn2Own Desktop 2018 for Apple Safari exploit whitepaper (https://labs.mwrinfosecurity.com/assets/BlogFiles/apple-safari-pwn2own-vuln-write-up-2018-10-29-final.pdf …) and @t2.fi slides release (https://labs.mwrinfosecurity.com/assets/BlogFiles/mwri-t2-big-game-fuzzing-pwn2own-safari-final.pdf …)
VULNERABILITY
- SandboxEscaper expert is back and disclosed a new Windows Zero-Day
- IoT Flaw Allows Hijacking of Connected Construction Cranes
- Remote Denial of Service Vulnerability Patched in Squid Proxy Cache Server
- X.Org Flaw Allows Privilege Escalation in Linux Systems
- X.Org Flaw Exposes Unix-Like OSes to Attacks
- Windows 10 UWP Bug Could Give Malicious Devs Access To All Your Files
- X.org Bug Bites OpenBSD And Other Big Operating Systems
- If your company uses Windows 10, watch out: there are new vulnerabilities about
- Advanced Malware Protection Affected by Bug That Can Inhibit Intrusion Detection
- Logical Bug in Microsoft Word's 'Online Video' Allows Code Execution
- Windows 10 UWP bug could give malicious devs access to all your files
- Windows 10 Bug Allowed UWP Apps Full Access to File System
- Magecart Exploits Zero Day Vulnerabilities
- Serious Vulnerability Discovered In X.Org Server Affects Major Linux and BSD Variants
- Security Vulnerability in Internet-Connected Construction Cranes
- Systemd flaw could cause the crash or hijack of vulnerable Linux machines
- Pentagon’s big audit will inspect for cybersecurity flaws, comptroller says
- Vulnerability found in Sophos anti-malware product
- Flaws in brain stimulation tech could let hackers erase or hold memories for ransom
- Cisco patched a command injection vulnerability in Webex Meetings
- Vulnerability In Microsoft Word Online Video Feature Allows for Phishing
ASIA
- Future Investment Initiative Conference Website, Defaced, Now Restored
- Cathay Pacific Suffers World’s Largest Airline Data Breach
- Serious Vulnerability Discovered In X.Org Server Affects Major Linux and BSD Variants
- 'Narwhal Spider' group's spam campaign targets Japanese recipients with URLZone malware
- Same Old yet Brand-new: New File Types Emerge in Malware Spam Attachments
- Revolutionary Blockchain 3.0 Under CSE Platform
- Leaked: iOS 12.1 will be released on October 30th
WORLD
- Phishing spikes as private health continues to be most breached sector in Australia
- Future Investment Initiative Conference Website, Defaced, Now Restored
- Here's how to defend your enterprise from Magecart
- Breaking News: Securonix Threat Research: British Airways Breach
- Cathay Pacific Suffers World’s Largest Airline Data Breach
- sLoad and Ramnit Campaign Against UK and Italy
- Magecart Exploits Zero Day Vulnerabilities
- Understanding mass data fragmentation
- Secret Service Confirms Focus on Email Compromise Cybercrimes Worth $12 Billion
- Man Ordered to Pay $8.6 Million for Launching DDoS Attacks against Rutgers University
- Security Vulnerability in Internet-Connected Construction Cranes
- Girl Scouts Alerted to Possible Data Breach
- What can we do to tackle today’s phishing epidemic?
- Privacy concerns cooling #InternetOfThings adoption in US & Europe, with consumers concerned about #DataLeaks, malware and product security (via @FSecure)
- Das Geschรคft mit gestohlenen Login-Daten von Privatnutzern und Unternehmensanwendern boomt. US-Journalist Brian Krebs beziffert die "Ausbeute" bei mehreren 100.000 US-Dollar
- The Worst Data Breach till Now 2018, and What It Means
- Same Old yet Brand-new: New File Types Emerge in Malware Spam Attachments
- Cisco patched a command injection vulnerability in Webex Meetings
- Leaked: iOS 12.1 will be released on October 30th
ATTACKS
- Phishing spikes as private health continues to be most breached sector in Australia
- Girl Scouts Issues Data Breach Warning to 2,800 Members
- Nation-State Phishing: A Country-Sized Catch
- A new phishing report reveals Microsoft, Paypal, and Netflix are among the top brands impersonated by phishing attacks.
Attackers tend to
- This is getting worse and worse. And is going to normalize and lead to much more successful phishing through SMS
- Cathay Pacific Suffers World’s Largest Airline Data Breach
- League of Legends Gamers Targeted by Phishing Scam | Avast
- sLoad and Ramnit Campaign Against UK and Italy
- Secret Service Confirms Focus on Email Compromise Cybercrimes Worth $12 Billion
- Girl Scouts Alerted to Possible Data Breach
- 'Narwhal Spider' group's spam campaign targets Japanese recipients with URLZone malware
- DDoS and ransomware tools for starter and experienced cybercriminals exposed
- Biggest Manufacturing Data Breaches of the 21st Century
- What can we do to tackle today’s phishing epidemic?
- Das Geschรคft mit gestohlenen Login-Daten von Privatnutzern und Unternehmensanwendern boomt. US-Journalist Brian Krebs beziffert die "Ausbeute" bei mehreren 100.000 US-Dollar
- The Worst Data Breach till Now 2018, and What It Means
- Crooks continue to abuse exposed Docker APIs for Cryptojacking
- IoT users uncertain if personal data is shared across multiple devices
- 19% still save their password on a piece of paper
- Hackers Breach System of Healthcare.Gov Exposing Personal Data of 75,000 Users
- Hackers steal personal data of up to 9.4 million Cathay Pacific passengers
- Leaked: iOS 12.1 will be released on October 30th
- Vulnerability In Microsoft Word Online Video Feature Allows for Phishing
- 33,000 Accounting Inbox Credentials Exposed Online: BEC Made Easy | Read the details here:
THREATS
- Videos and MS Office documents - ingredients for a malware attack
- SandboxEscaper expert is back and disclosed a new Windows Zero-Day
- IoT Flaw Allows Hijacking of Connected Construction Cranes
- Mac CryptoCurrency Price Tracker Caught Installing Backdoors
- Mac cryptocurrency ticker app installs backdoors
- Word documents seemingly carrying videos can deliver malicious code instead
- Remote Denial of Service Vulnerability Patched in Squid Proxy Cache Server
- X.Org Flaw Allows Privilege Escalation in Linux Systems
- Downloading Google Chrome via Microsoft Edge Endangered by Malware
- The Ransomware Attack on a North Carolina Water Utility May Not Have Been What it Seemed
- X.Org Flaw Exposes Unix-Like OSes to Attacks
- Windows 10 UWP Bug Could Give Malicious Devs Access To All Your Files
- X.org Bug Bites OpenBSD And Other Big Operating Systems
- If your company uses Windows 10, watch out: there are new vulnerabilities about
- Advanced Malware Protection Affected by Bug That Can Inhibit Intrusion Detection
- Logical Bug in Microsoft Word's 'Online Video' Allows Code Execution
- Call of Duty players caught up in cryptocurrency theft racket
- Ransomware and the enterprise: A new white paper
- Windows 10 UWP bug could give malicious devs access to all your files
- Windows 10 Bug Allowed UWP Apps Full Access to File System
- Magecart Exploits Zero Day Vulnerabilities
- Serious Vulnerability Discovered In X.Org Server Affects Major Linux and BSD Variants
- Malware That Accompanies Google Chrome Download Detected
- Security Vulnerability in Internet-Connected Construction Cranes
- 'Narwhal Spider' group's spam campaign targets Japanese recipients with URLZone malware
- Cyber-criminals exploit misconfigured container to deliver cryptominer
- DDoS and ransomware tools for starter and experienced cybercriminals exposed
- Systemd flaw could cause the crash or hijack of vulnerable Linux machines
- Pentagon’s big audit will inspect for cybersecurity flaws, comptroller says
- Vulnerability found in Sophos anti-malware product
- Flaws in brain stimulation tech could let hackers erase or hold memories for ransom
- Privacy concerns cooling #InternetOfThings adoption in US & Europe, with consumers concerned about #DataLeaks, malware and product security (via @FSecure)
- Same Old yet Brand-new: New File Types Emerge in Malware Spam Attachments
- Crooks continue to abuse exposed Docker APIs for Cryptojacking
- Revolutionary Blockchain 3.0 Under CSE Platform
- #Antivirus SW alone can't stop new #malware or #ransomware. by @MariaKorolov -
- Beware! Downloader Malware Disguised as Game Apps Found On Google Play with More Than 51,100 Installations
- Cisco patched a command injection vulnerability in Webex Meetings
- Have you ever wondered why #ransomware attacks happen on the Friday before a long weekend? We've teamed up with @SentinelOne
- Microsoft Bing Delivered Dangerous Malware When You Try to Download Google Chrome
- Vulnerability In Microsoft Word Online Video Feature Allows for Phishing
CRIME
- Future Investment Initiative Conference Website, Defaced, Now Restored
- Here's how to defend your enterprise from Magecart
- Breaking News: Securonix Threat Research: British Airways Breach
- Mirai Botnet Operator Ordered to Pay $8.6 Million
- Cathay Pacific Suffers World’s Largest Airline Data Breach
- Call of Duty players caught up in cryptocurrency theft racket
- League of Legends Gamers Targeted by Phishing Scam | Avast
- Malware That Accompanies Google Chrome Download Detected
- Secret Service Confirms Focus on Email Compromise Cybercrimes Worth $12 Billion
- Man Ordered to Pay $8.6 Million for Launching DDoS Attacks against Rutgers University
- Girl Scouts Alerted to Possible Data Breach
- Mirai Author Gets House Arrest for DDoS Attacks on University
- DDoS and ransomware tools for starter and experienced cybercriminals exposed
- What can we do to tackle today’s phishing epidemic?
- Revolutionary Blockchain 3.0 Under CSE Platform
- 33,000 Accounting Inbox Credentials Exposed Online: BEC Made Easy | Read the details here:
POLITICS
- Future Investment Initiative Conference Website, Defaced, Now Restored
- Secret Service Confirms Focus on Email Compromise Cybercrimes Worth $12 Billion
- What can we do to tackle today’s phishing epidemic?
TRANSNATIONAL / UNKNOWN
- Security Affairs newsletter Round 186 – News of the week
CHINA
Nil
INDIA
Nil
NORTH KOREA
Nil
PAKISTAN
Nil
VIETNAM
Nil
IRAN
Nil
IRAQ
Nil
LEBANON
Nil
PALESTINE
Nil
SAUDI ARABIA
Nil
SYRIA
Nil
TURKEY
Nil
UNITED ARAB EMIRATES
Nil
YEMEN
Nil
RUSSIA
- Russian Research Lab Involved in the Development of TRITON Malware, Says FireEye
SERBIA
Nil
UKRAINE
Nil
DATA BREACH & DATA LOSS
- Consulting Firm Leaked Data Of Democratic Party Fundraisers In Unsecured NAS Device
- Yahoo To Pay $50M, Other Costs For Massive Data Breach
- A recent @HealthCareGov #breach exposed unknown types of data on 75,000 people, but a lack of information in the disclosure
- "If an organization created #DMARC records for the first time, it would encounter syntax and content issues -- one of
- The #NetSpectre vulnerability could enable a slow leak of data remotely via side channels. Expert Michael Cobb of @thehairyITdog explains
DENIAL-OF-SERVICE
Nil
MALVERTISING
Nil
PHISHING
- Apple Made Apology Due to Apple ID Phishing Attacks
- On Phishing Attacks and the Companies That are Targeted the Most
WEB DEFACEMENT
Nil
BOTNET
- Satori botnet author in jail again after breaking pretrial release conditions
- After an attempted comeback by the Russian built #VPNFilter #botnet, home #networkdevices are at risk. Learn how this #malware targets
RANSOMWARE
- New ShadowTalk is out! @TheHVanRiper and Rafael Amado join @mazzazone to discuss #ransomware surges in October, Cathay Pacific Breach, and
CRYPTOMINING & CRYPTOCURRENCIES
- Is blockchain a solution to IoT security problems?
MALWARE
- 12 Malicious Python Libraries Found And Removed From PyPi
- Russian Research Lab Involved in the Development of TRITON Malware, Says FireEye
- How to deliver malware using weaponized Microsoft Office docs embedding YouTube video
- After an attempted comeback by the Russian built #VPNFilter #botnet, home #networkdevices are at risk. Learn how this #malware targets
- Bingo.
Investigators find the same remote access trojan deployed to several other machines. Now the responders know what to look for.
- "My name is Mikko and I've been working with viruses and malware all my freaking life."
EXPLOIT
Nil
VULNERABILITY
- Cisco Patched Privilege Escalation Vulnerability In Webex Meetings Desktop App
- A flaw in @Cisco Webex -- called WebExec -- can allow #RemoteCodeExecution. And while experts don't agree on how dangerous
- .@Siemens central plant clocks were affected by six SICLOCK flaws, three have been rated "critical." Learn what these SICLOCK flaws
- The #NetSpectre vulnerability could enable a slow leak of data remotely via side channels. Expert Michael Cobb of @thehairyITdog explains
- Critical Code Execution Vulnerability Found in MKVToolNix Tools that Parses MKV Files
ASIA
- Apple Made Apology Due to Apple ID Phishing Attacks
- Security Affairs newsletter Round 186 – News of the week
- Russian Research Lab Involved in the Development of TRITON Malware, Says FireEye
WORLD
- Consulting Firm Leaked Data Of Democratic Party Fundraisers In Unsecured NAS Device
- On Phishing Attacks and the Companies That are Targeted the Most
- Security Affairs newsletter Round 186 – News of the week
- Russian Research Lab Involved in the Development of TRITON Malware, Says FireEye
- New ShadowTalk is out! @TheHVanRiper and Rafael Amado join @mazzazone to discuss #ransomware surges in October, Cathay Pacific Breach, and
- After an attempted comeback by the Russian built #VPNFilter #botnet, home #networkdevices are at risk. Learn how this #malware targets
ATTACKS
- Consulting Firm Leaked Data Of Democratic Party Fundraisers In Unsecured NAS Device
- Apple Made Apology Due to Apple ID Phishing Attacks
- On Phishing Attacks and the Companies That are Targeted the Most
- Yahoo To Pay $50M, Other Costs For Massive Data Breach
- A recent @HealthCareGov #breach exposed unknown types of data on 75,000 people, but a lack of information in the disclosure
- "If an organization created #DMARC records for the first time, it would encounter syntax and content issues -- one of
- The #NetSpectre vulnerability could enable a slow leak of data remotely via side channels. Expert Michael Cobb of @thehairyITdog explains
THREATS
- Is blockchain a solution to IoT security problems?
- Cisco Patched Privilege Escalation Vulnerability In Webex Meetings Desktop App
- A flaw in @Cisco Webex -- called WebExec -- can allow #RemoteCodeExecution. And while experts don't agree on how dangerous
- 12 Malicious Python Libraries Found And Removed From PyPi
- Russian Research Lab Involved in the Development of TRITON Malware, Says FireEye
- .@Siemens central plant clocks were affected by six SICLOCK flaws, three have been rated "critical." Learn what these SICLOCK flaws
- How to deliver malware using weaponized Microsoft Office docs embedding YouTube video
- New ShadowTalk is out! @TheHVanRiper and Rafael Amado join @mazzazone to discuss #ransomware surges in October, Cathay Pacific Breach, and
- The #NetSpectre vulnerability could enable a slow leak of data remotely via side channels. Expert Michael Cobb of @thehairyITdog explains
- Critical Code Execution Vulnerability Found in MKVToolNix Tools that Parses MKV Files
- After an attempted comeback by the Russian built #VPNFilter #botnet, home #networkdevices are at risk. Learn how this #malware targets
- Bingo.
Investigators find the same remote access trojan deployed to several other machines. Now the responders know what to look for.
- "My name is Mikko and I've been working with viruses and malware all my freaking life."
CRIME
- Apple Made Apology Due to Apple ID Phishing Attacks
- On Phishing Attacks and the Companies That are Targeted the Most
- Security Affairs newsletter Round 186 – News of the week
POLITICS
- Security Affairs newsletter Round 186 – News of the week
