ASIA
- Shellbot Variant Used in New Botnet, Spreads Using IoT and Linux Vulnerabilities
- Stuxnet Returns, Striking Iran with New Variant
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
- Outlaw Hacking Group Using Command Injection Flow To Attack Organizations Network using Botnet via C&C Server
- BCMUPnP_Hunter: 100,000-node botnet is abusing routers for spam
- Iran has become victim of a cyberattack campaign
- Another packed room for .@idefense analyst Mei Nelson discussing China and cryptocurrency. #codeblue_jp @AccentureSecure @AccentureJPNews
WORLD
- Shellbot Variant Used in New Botnet, Spreads Using IoT and Linux Vulnerabilities
- Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison
- Magecart cybergang targeting e-commerce credit card data
- New Data Affirms Cyber Threat for Industrial Control Systems
- 120 Million Facebook Accounts Compromised, Private Messages of 81,000 for Sale
- #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
- 85 Millions of voter records available for sale ahead of the 2018 US Midterm Elections
- SMS Phishing + Cardless ATM = Profit
- Stuxnet Returns, Striking Iran with New Variant
- Bluetooth Bugs Speak to Lack of Security in DevOps
- Sauter Quickly Patches Flaw in Building Automation Software
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
- Russian hackers compromise 120 million Facebook accounts; private messages on sale online
- Beware this malware: it can even survive operating systems being reinstalled
- Magecart claims fresh victim in electronics kit seller Kitronik
- SamSam ransomware campaigns continue to target U.S. in 2018
- BCMUPnP_Hunter: 100,000-node botnet is abusing routers for spam
- Multiple #phishing pages on multiple domains targeting Canadian citizens posing as Canadian Revenue Agency, Interac, and others
192.99.86.132 (@OVH)
cc: @cybercentre_ca
- U.S. Geological Survey Network got Infected with Malware
- 85 million voter records on sale
- Iran has become victim of a cyberattack campaign
- EY launches the world's first secure private transactions over the Ethereum public blockchain
ATTACKS
- Two botnets are fighting over control of thousands of unsecured Android devices
- Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison
- Spam campaign targets Exodus Mac Users
- 120 Million Facebook Accounts Compromised, Private Messages of 81,000 for Sale
- #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
- 85 Millions of voter records available for sale ahead of the 2018 US Midterm Elections
- SMS Phishing + Cardless ATM = Profit
- ePHI of 8,000 Patients Exposed in Health Plan Breach
- Facebook has experienced a number of security-related issues lately, but it doesn't appear to be at fault for the leak
- "While most phishing attacks on desktop and laptop computers come via email... a mobile device attack vector can be in
- #Phishing targets data that lives outside your enterprise perimeter—putting your entire enterprise at risk. Learn how post-perimeter security enables you
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
- How to password protect a folder or file in Windows | Avast
- Russian hackers compromise 120 million Facebook accounts; private messages on sale online
- SamSam ransomware campaigns continue to target U.S. in 2018
- Feds Accuse Ex-CIA Employee of Continuing Leaks From Prison
- Radisson Hotel Group Hit by Data Breach
- Spam campaign targets Exodus Mac Users
- Just half of Fortune 500 companies have installed DMARC, a tool that guards against email phishing scams, according to new
- Shipbuilder, defense contractor Austal reveals data breach
- Multiple #phishing pages on multiple domains targeting Canadian citizens posing as Canadian Revenue Agency, Interac, and others
192.99.86.132 (@OVH)
cc: @cybercentre_ca
- Data theft at Radisson Hotel Group
- 85 million voter records on sale
- Iran has become victim of a cyberattack campaign
- YAPBS – Yet Another Password Breach Scam
- Apache HBase 2.1.1 release, distributed database
- FIFA admits hack and braces for new leaks
THREATS
- Facebook Blames Malicious Extensions in Breach of 81K Private Messages
- Shellbot Variant Used in New Botnet, Spreads Using IoT and Linux Vulnerabilities
- The day computer security turned real: The Morris Worm turns 30
- Worst Malware and Threat Actors of 2018
- Cisco Security Appliance Zero-Day Found Actively Exploited in the Wild
- New Ransomware using DiskCryptor With Custom Ransom Message
- BLEEDINGBIT – Two Zero Day Vulnerabilities Affecting Wireless Access Point Bluetooth Chips
- #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
- Hackers actively exploiting vulnerabilities in Cisco security appliances
- Cisco fixed the high-risk security vulnerabilities in variant products
- Researchers found #Kraken #ransomware has become more popular after being packaged in the Fallout #ExploitKit and becoming part of an
- Bluetooth Bugs Speak to Lack of Security in DevOps
- Sauter Quickly Patches Flaw in Building Automation Software
- Bleedingbit vulnerabilities put Wi-Fi access points at risk
- Adversaries Distribute Malware Via Rarely Used Extensions
- Test IO introduces Bug Fix Confirmation, leveraging network of software testers to verify bug fixes
- Can you spot a malicious email?
Take the quiz at
- Antimalware Day: The evolution of malicious code
- Flaw in Sophos HitmanPro.Alert could enable hackers to gain privileges over systems
- Outlaw Hacking Group Using Command Injection Flow To Attack Organizations Network using Botnet via C&C Server
- Intel CPUs impacted by new PortSmash side-channel vulnerability
- Beware this malware: it can even survive operating systems being reinstalled
- SamSam ransomware campaigns continue to target U.S. in 2018
- CISCO warn of a zero-day DoS flaw that is being actively exploited in attacks
- Systemd Vulnerability In Linux Could Trigger Remote Attacks And System Crashes
- .@ArmisSecurity researchers discovered two chip-level #Bluetooth vulnerabilities -- dubbed #Bleedingbit -- that could allow pseudo #RemoteCodeExecution on wireless access points.
- Cisco Reports SIP Inspection Vulnerability
- Kraken ransomware gets packaged into Fallout EK
- Emotet Trojan Changes Tactics…Again
- Mozilla exorcises five bugs on Halloween
- Giant ransomware bundle threatens to make malware attacks easier for crooks
- Blockwatch: The aeternity Blockchain
- Researchers recently found vulnerabilities in #robot controllers from @Universal_Robot. Learn what these robot controllers do and how #ThreatActors exploit these
- If you think you have been hacked or got #malware installed, disconnect the internet, leave your device running and connected
- U.S. Geological Survey Network got Infected with Malware
- Trading with cryptocurrencies without losing self control
- EY launches the world's first secure private transactions over the Ethereum public blockchain
- Search for “Installing Chrome” on Bing can lead to malicious content
- BLEEDINGBIT – Two Bluetooth Chip-level Vulnerabilities Affected Millions of Enterprise Wi-Fi Access Point Devices
- Previous malware attacks: When more than 7,5000 of the #Mikrotik routes were reportedly being spied on by attackers
- GNOME 3.30.2 released: bugs fix
- Attackers Use Zero-Day That Can Restart Cisco Security Appliances
- Another packed room for .@idefense analyst Mei Nelson discussing China and cryptocurrency. #codeblue_jp @AccentureSecure @AccentureJPNews
CRIME
- Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison
- Magecart cybergang targeting e-commerce credit card data
- 120 Million Facebook Accounts Compromised, Private Messages of 81,000 for Sale
- 85 Millions of voter records available for sale ahead of the 2018 US Midterm Elections
- SMS Phishing + Cardless ATM = Profit
- Stuxnet Returns, Striking Iran with New Variant
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
- How to password protect a folder or file in Windows | Avast
- Beware this malware: it can even survive operating systems being reinstalled
- Feds Accuse Ex-CIA Employee of Continuing Leaks From Prison
- Radisson Hotel Group Hit by Data Breach
- BCMUPnP_Hunter: 100,000-node botnet is abusing routers for spam
- Emotet Trojan Changes Tactics…Again
- Shipbuilder, defense contractor Austal reveals data breach
- Data theft at Radisson Hotel Group
- 85 million voter records on sale
- Iran has become victim of a cyberattack campaign
- Trading with cryptocurrencies without losing self control
- EY launches the world's first secure private transactions over the Ethereum public blockchain
- YAPBS – Yet Another Password Breach Scam
- FIFA admits hack and braces for new leaks
POLITICS
- Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison
- Spam campaign targets Exodus Mac Users
- 85 Millions of voter records available for sale ahead of the 2018 US Midterm Elections
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
- Beware this malware: it can even survive operating systems being reinstalled
- Emotet Trojan Changes Tactics…Again
- 85 million voter records on sale
- Iran has become victim of a cyberattack campaign
DATA BREACH & DATA LOSS
- Two botnets are fighting over control of thousands of unsecured Android devices
- Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison
- Spam campaign targets Exodus Mac Users
- 120 Million Facebook Accounts Compromised, Private Messages of 81,000 for Sale
- #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
- 85 Millions of voter records available for sale ahead of the 2018 US Midterm Elections
- ePHI of 8,000 Patients Exposed in Health Plan Breach
- Facebook has experienced a number of security-related issues lately, but it doesn't appear to be at fault for the leak
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
- Russian hackers compromise 120 million Facebook accounts; private messages on sale online
- SamSam ransomware campaigns continue to target U.S. in 2018
- Feds Accuse Ex-CIA Employee of Continuing Leaks From Prison
- Radisson Hotel Group Hit by Data Breach
- Spam campaign targets Exodus Mac Users
- Shipbuilder, defense contractor Austal reveals data breach
- Data theft at Radisson Hotel Group
- 85 million voter records on sale
- Iran has become victim of a cyberattack campaign
- Apache HBase 2.1.1 release, distributed database
- FIFA admits hack and braces for new leaks
DENIAL-OF-SERVICE
- ThreatList: Fewer Big DDoS Attacks in Q3, Overall Rate Holds Steady
- Bushido Botnet and DDoS-for-Hire
MALVERTISING
Nil
PHISHING
- SMS Phishing + Cardless ATM = Profit
- "While most phishing attacks on desktop and laptop computers come via email... a mobile device attack vector can be in
- #Phishing targets data that lives outside your enterprise perimeter—putting your entire enterprise at risk. Learn how post-perimeter security enables you
- How to password protect a folder or file in Windows | Avast
- Just half of Fortune 500 companies have installed DMARC, a tool that guards against email phishing scams, according to new
- Multiple #phishing pages on multiple domains targeting Canadian citizens posing as Canadian Revenue Agency, Interac, and others
192.99.86.132 (@OVH)
cc: @cybercentre_ca
- YAPBS – Yet Another Password Breach Scam
WEB DEFACEMENT
Nil
BOTNET
- Shellbot Variant Used in New Botnet, Spreads Using IoT and Linux Vulnerabilities
- Bushido Botnet and DDoS-for-Hire
- Outlaw Hacking Group Using Command Injection Flow To Attack Organizations Network using Botnet via C&C Server
- BCMUPnP_Hunter: 100,000-node botnet is abusing routers for spam
- 'Outlaw' threat actor uses Shellbot variant to form new botnet
RANSOMWARE
- New Ransomware using DiskCryptor With Custom Ransom Message
- #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
- Researchers found #Kraken #ransomware has become more popular after being packaged in the Fallout #ExploitKit and becoming part of an
- SamSam ransomware campaigns continue to target U.S. in 2018
- Kraken ransomware gets packaged into Fallout EK
- Giant ransomware bundle threatens to make malware attacks easier for crooks
CRYPTOMINING & CRYPTOCURRENCIES
- Researchers found #Kraken #ransomware has become more popular after being packaged in the Fallout #ExploitKit and becoming part of an
- Kraken ransomware gets packaged into Fallout EK
- Blockwatch: The aeternity Blockchain
- Trading with cryptocurrencies without losing self control
- EY launches the world's first secure private transactions over the Ethereum public blockchain
- Another packed room for .@idefense analyst Mei Nelson discussing China and cryptocurrency. #codeblue_jp @AccentureSecure @AccentureJPNews
MALWARE
- Facebook Blames Malicious Extensions in Breach of 81K Private Messages
- The day computer security turned real: The Morris Worm turns 30
- Worst Malware and Threat Actors of 2018
- Adversaries Distribute Malware Via Rarely Used Extensions
- Can you spot a malicious email?
Take the quiz at
- Antimalware Day: The evolution of malicious code
- Outlaw Hacking Group Using Command Injection Flow To Attack Organizations Network using Botnet via C&C Server
- Beware this malware: it can even survive operating systems being reinstalled
- Emotet Trojan Changes Tactics…Again
- Giant ransomware bundle threatens to make malware attacks easier for crooks
- If you think you have been hacked or got #malware installed, disconnect the internet, leave your device running and connected
- U.S. Geological Survey Network got Infected with Malware
- Search for “Installing Chrome” on Bing can lead to malicious content
- Previous malware attacks: When more than 7,5000 of the #Mikrotik routes were reportedly being spied on by attackers
EXPLOIT
- Kraken ransomware gets packaged into Fallout EK
- How to Perform Manual SQL Injection With Double quotes Error Based String Method
- Researchers recently found vulnerabilities in #robot controllers from @Universal_Robot. Learn what these robot controllers do and how #ThreatActors exploit these
VULNERABILITY
- Shellbot Variant Used in New Botnet, Spreads Using IoT and Linux Vulnerabilities
- Cisco Security Appliance Zero-Day Found Actively Exploited in the Wild
- BLEEDINGBIT – Two Zero Day Vulnerabilities Affecting Wireless Access Point Bluetooth Chips
- Hackers actively exploiting vulnerabilities in Cisco security appliances
- Cisco fixed the high-risk security vulnerabilities in variant products
- Bluetooth Bugs Speak to Lack of Security in DevOps
- Sauter Quickly Patches Flaw in Building Automation Software
- Bleedingbit vulnerabilities put Wi-Fi access points at risk
- Test IO introduces Bug Fix Confirmation, leveraging network of software testers to verify bug fixes
- Flaw in Sophos HitmanPro.Alert could enable hackers to gain privileges over systems
- Intel CPUs impacted by new PortSmash side-channel vulnerability
- CISCO warn of a zero-day DoS flaw that is being actively exploited in attacks
- Systemd Vulnerability In Linux Could Trigger Remote Attacks And System Crashes
- .@ArmisSecurity researchers discovered two chip-level #Bluetooth vulnerabilities -- dubbed #Bleedingbit -- that could allow pseudo #RemoteCodeExecution on wireless access points.
- Cisco Reports SIP Inspection Vulnerability
- Mozilla exorcises five bugs on Halloween
- Researchers recently found vulnerabilities in #robot controllers from @Universal_Robot. Learn what these robot controllers do and how #ThreatActors exploit these
- BLEEDINGBIT – Two Bluetooth Chip-level Vulnerabilities Affected Millions of Enterprise Wi-Fi Access Point Devices
- GNOME 3.30.2 released: bugs fix
- Attackers Use Zero-Day That Can Restart Cisco Security Appliances
ASIA
- Shellbot Variant Used in New Botnet, Spreads Using IoT and Linux Vulnerabilities
- Stuxnet Returns, Striking Iran with New Variant
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
- Outlaw Hacking Group Using Command Injection Flow To Attack Organizations Network using Botnet via C&C Server
- BCMUPnP_Hunter: 100,000-node botnet is abusing routers for spam
- Iran has become victim of a cyberattack campaign
- Another packed room for .@idefense analyst Mei Nelson discussing China and cryptocurrency. #codeblue_jp @AccentureSecure @AccentureJPNews
OCEANIA
Nil
NORTH AMERICA
- Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison
- New Data Affirms Cyber Threat for Industrial Control Systems
- #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
- 85 Millions of voter records available for sale ahead of the 2018 US Midterm Elections
- SMS Phishing + Cardless ATM = Profit
- Stuxnet Returns, Striking Iran with New Variant
- Bluetooth Bugs Speak to Lack of Security in DevOps
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
- Russian hackers compromise 120 million Facebook accounts; private messages on sale online
- SamSam ransomware campaigns continue to target U.S. in 2018
- BCMUPnP_Hunter: 100,000-node botnet is abusing routers for spam
- Multiple #phishing pages on multiple domains targeting Canadian citizens posing as Canadian Revenue Agency, Interac, and others
192.99.86.132 (@OVH)
cc: @cybercentre_ca
- U.S. Geological Survey Network got Infected with Malware
- 85 million voter records on sale
- Iran has become victim of a cyberattack campaign
- EY launches the world's first secure private transactions over the Ethereum public blockchain
SOUTH AMERICA
- Russian hackers compromise 120 million Facebook accounts; private messages on sale online
EUROPE
- Shellbot Variant Used in New Botnet, Spreads Using IoT and Linux Vulnerabilities
- Magecart cybergang targeting e-commerce credit card data
- 120 Million Facebook Accounts Compromised, Private Messages of 81,000 for Sale
- Stuxnet Returns, Striking Iran with New Variant
- Sauter Quickly Patches Flaw in Building Automation Software
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
- Russian hackers compromise 120 million Facebook accounts; private messages on sale online
- Beware this malware: it can even survive operating systems being reinstalled
- Magecart claims fresh victim in electronics kit seller Kitronik
- Iran has become victim of a cyberattack campaign
- EY launches the world's first secure private transactions over the Ethereum public blockchain
AFRICA
Nil
HEALTHCARE
- ePHI of 8,000 Patients Exposed in Health Plan Breach
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
TRANSPORT
Nil
BANKING & FINANCE
- Magecart cybergang targeting e-commerce credit card data
- New Data Affirms Cyber Threat for Industrial Control Systems
- SMS Phishing + Cardless ATM = Profit
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
- Emotet Trojan Changes Tactics…Again
- Shipbuilder, defense contractor Austal reveals data breach
- Data theft at Radisson Hotel Group
- Trading with cryptocurrencies without losing self control
- EY launches the world's first secure private transactions over the Ethereum public blockchain
INFORMATION & TELECOMMUNICATION
- Facebook Blames Malicious Extensions in Breach of 81K Private Messages
- Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison
- New Data Affirms Cyber Threat for Industrial Control Systems
- 120 Million Facebook Accounts Compromised, Private Messages of 81,000 for Sale
- 85 Millions of voter records available for sale ahead of the 2018 US Midterm Elections
- Bluetooth Bugs Speak to Lack of Security in DevOps
- Facebook has experienced a number of security-related issues lately, but it doesn't appear to be at fault for the leak
- "While most phishing attacks on desktop and laptop computers come via email... a mobile device attack vector can be in
- #Phishing targets data that lives outside your enterprise perimeter—putting your entire enterprise at risk. Learn how post-perimeter security enables you
- Can you spot a malicious email?
Take the quiz at
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
- Russian hackers compromise 120 million Facebook accounts; private messages on sale online
- BCMUPnP_Hunter: 100,000-node botnet is abusing routers for spam
- Just half of Fortune 500 companies have installed DMARC, a tool that guards against email phishing scams, according to new
- Multiple #phishing pages on multiple domains targeting Canadian citizens posing as Canadian Revenue Agency, Interac, and others
192.99.86.132 (@OVH)
cc: @cybercentre_ca
- If you think you have been hacked or got #malware installed, disconnect the internet, leave your device running and connected
- 85 million voter records on sale
- Search for “Installing Chrome” on Bing can lead to malicious content
- YAPBS – Yet Another Password Breach Scam
- Previous malware attacks: When more than 7,5000 of the #Mikrotik routes were reportedly being spied on by attackers
- Another packed room for .@idefense analyst Mei Nelson discussing China and cryptocurrency. #codeblue_jp @AccentureSecure @AccentureJPNews
FOOD
Nil
WATER
Nil
ENERGY
- New Data Affirms Cyber Threat for Industrial Control Systems
- Bluetooth Bugs Speak to Lack of Security in DevOps
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
- Iran has become victim of a cyberattack campaign
- BLEEDINGBIT – Two Bluetooth Chip-level Vulnerabilities Affected Millions of Enterprise Wi-Fi Access Point Devices
GOVERNMENT & PUBLIC SERVICE
- Shellbot Variant Used in New Botnet, Spreads Using IoT and Linux Vulnerabilities
- Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison
- 85 Millions of voter records available for sale ahead of the 2018 US Midterm Elections
- Outlaw Hacking Group Using Command Injection Flow To Attack Organizations Network using Botnet via C&C Server
- Russian hackers compromise 120 million Facebook accounts; private messages on sale online
- U.S. Geological Survey Network got Infected with Malware
- 85 million voter records on sale
- Iran has become victim of a cyberattack campaign
ASIA
- Shellbot Variant Used in New Botnet, Spreads Using IoT and Linux Vulnerabilities
- Stuxnet Returns, Striking Iran with New Variant
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
- Outlaw Hacking Group Using Command Injection Flow To Attack Organizations Network using Botnet via C&C Server
- BCMUPnP_Hunter: 100,000-node botnet is abusing routers for spam
- Iran has become victim of a cyberattack campaign
- Another packed room for .@idefense analyst Mei Nelson discussing China and cryptocurrency. #codeblue_jp @AccentureSecure @AccentureJPNews
WORLD
- Shellbot Variant Used in New Botnet, Spreads Using IoT and Linux Vulnerabilities
- Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison
- Magecart cybergang targeting e-commerce credit card data
- New Data Affirms Cyber Threat for Industrial Control Systems
- 120 Million Facebook Accounts Compromised, Private Messages of 81,000 for Sale
- #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
- 85 Millions of voter records available for sale ahead of the 2018 US Midterm Elections
- SMS Phishing + Cardless ATM = Profit
- Stuxnet Returns, Striking Iran with New Variant
- Bluetooth Bugs Speak to Lack of Security in DevOps
- Sauter Quickly Patches Flaw in Building Automation Software
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
- Russian hackers compromise 120 million Facebook accounts; private messages on sale online
- Beware this malware: it can even survive operating systems being reinstalled
- Magecart claims fresh victim in electronics kit seller Kitronik
- SamSam ransomware campaigns continue to target U.S. in 2018
- BCMUPnP_Hunter: 100,000-node botnet is abusing routers for spam
- Multiple #phishing pages on multiple domains targeting Canadian citizens posing as Canadian Revenue Agency, Interac, and others
192.99.86.132 (@OVH)
cc: @cybercentre_ca
- U.S. Geological Survey Network got Infected with Malware
- 85 million voter records on sale
- Iran has become victim of a cyberattack campaign
- EY launches the world's first secure private transactions over the Ethereum public blockchain
ATTACKS
- Two botnets are fighting over control of thousands of unsecured Android devices
- Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison
- Spam campaign targets Exodus Mac Users
- 120 Million Facebook Accounts Compromised, Private Messages of 81,000 for Sale
- #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
- 85 Millions of voter records available for sale ahead of the 2018 US Midterm Elections
- SMS Phishing + Cardless ATM = Profit
- ePHI of 8,000 Patients Exposed in Health Plan Breach
- Facebook has experienced a number of security-related issues lately, but it doesn't appear to be at fault for the leak
- "While most phishing attacks on desktop and laptop computers come via email... a mobile device attack vector can be in
- #Phishing targets data that lives outside your enterprise perimeter—putting your entire enterprise at risk. Learn how post-perimeter security enables you
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
- How to password protect a folder or file in Windows | Avast
- Russian hackers compromise 120 million Facebook accounts; private messages on sale online
- SamSam ransomware campaigns continue to target U.S. in 2018
- Feds Accuse Ex-CIA Employee of Continuing Leaks From Prison
- Radisson Hotel Group Hit by Data Breach
- Spam campaign targets Exodus Mac Users
- Just half of Fortune 500 companies have installed DMARC, a tool that guards against email phishing scams, according to new
- Shipbuilder, defense contractor Austal reveals data breach
- Multiple #phishing pages on multiple domains targeting Canadian citizens posing as Canadian Revenue Agency, Interac, and others
192.99.86.132 (@OVH)
cc: @cybercentre_ca
- Data theft at Radisson Hotel Group
- 85 million voter records on sale
- Iran has become victim of a cyberattack campaign
- YAPBS – Yet Another Password Breach Scam
- Apache HBase 2.1.1 release, distributed database
- FIFA admits hack and braces for new leaks
THREATS
- Facebook Blames Malicious Extensions in Breach of 81K Private Messages
- Shellbot Variant Used in New Botnet, Spreads Using IoT and Linux Vulnerabilities
- The day computer security turned real: The Morris Worm turns 30
- Worst Malware and Threat Actors of 2018
- Cisco Security Appliance Zero-Day Found Actively Exploited in the Wild
- New Ransomware using DiskCryptor With Custom Ransom Message
- BLEEDINGBIT – Two Zero Day Vulnerabilities Affecting Wireless Access Point Bluetooth Chips
- #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
- Hackers actively exploiting vulnerabilities in Cisco security appliances
- Cisco fixed the high-risk security vulnerabilities in variant products
- Researchers found #Kraken #ransomware has become more popular after being packaged in the Fallout #ExploitKit and becoming part of an
- Bluetooth Bugs Speak to Lack of Security in DevOps
- Sauter Quickly Patches Flaw in Building Automation Software
- Bleedingbit vulnerabilities put Wi-Fi access points at risk
- Adversaries Distribute Malware Via Rarely Used Extensions
- Test IO introduces Bug Fix Confirmation, leveraging network of software testers to verify bug fixes
- Can you spot a malicious email?
Take the quiz at
- Antimalware Day: The evolution of malicious code
- Flaw in Sophos HitmanPro.Alert could enable hackers to gain privileges over systems
- Outlaw Hacking Group Using Command Injection Flow To Attack Organizations Network using Botnet via C&C Server
- Intel CPUs impacted by new PortSmash side-channel vulnerability
- Beware this malware: it can even survive operating systems being reinstalled
- SamSam ransomware campaigns continue to target U.S. in 2018
- CISCO warn of a zero-day DoS flaw that is being actively exploited in attacks
- Systemd Vulnerability In Linux Could Trigger Remote Attacks And System Crashes
- .@ArmisSecurity researchers discovered two chip-level #Bluetooth vulnerabilities -- dubbed #Bleedingbit -- that could allow pseudo #RemoteCodeExecution on wireless access points.
- Cisco Reports SIP Inspection Vulnerability
- Kraken ransomware gets packaged into Fallout EK
- Emotet Trojan Changes Tactics…Again
- Mozilla exorcises five bugs on Halloween
- Giant ransomware bundle threatens to make malware attacks easier for crooks
- Blockwatch: The aeternity Blockchain
- Researchers recently found vulnerabilities in #robot controllers from @Universal_Robot. Learn what these robot controllers do and how #ThreatActors exploit these
- If you think you have been hacked or got #malware installed, disconnect the internet, leave your device running and connected
- U.S. Geological Survey Network got Infected with Malware
- Trading with cryptocurrencies without losing self control
- EY launches the world's first secure private transactions over the Ethereum public blockchain
- Search for “Installing Chrome” on Bing can lead to malicious content
- BLEEDINGBIT – Two Bluetooth Chip-level Vulnerabilities Affected Millions of Enterprise Wi-Fi Access Point Devices
- Previous malware attacks: When more than 7,5000 of the #Mikrotik routes were reportedly being spied on by attackers
- GNOME 3.30.2 released: bugs fix
- Attackers Use Zero-Day That Can Restart Cisco Security Appliances
- Another packed room for .@idefense analyst Mei Nelson discussing China and cryptocurrency. #codeblue_jp @AccentureSecure @AccentureJPNews
CRIME
- Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison
- Magecart cybergang targeting e-commerce credit card data
- 120 Million Facebook Accounts Compromised, Private Messages of 81,000 for Sale
- 85 Millions of voter records available for sale ahead of the 2018 US Midterm Elections
- SMS Phishing + Cardless ATM = Profit
- Stuxnet Returns, Striking Iran with New Variant
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
- How to password protect a folder or file in Windows | Avast
- Beware this malware: it can even survive operating systems being reinstalled
- Feds Accuse Ex-CIA Employee of Continuing Leaks From Prison
- Radisson Hotel Group Hit by Data Breach
- BCMUPnP_Hunter: 100,000-node botnet is abusing routers for spam
- Emotet Trojan Changes Tactics…Again
- Shipbuilder, defense contractor Austal reveals data breach
- Data theft at Radisson Hotel Group
- 85 million voter records on sale
- Iran has become victim of a cyberattack campaign
- Trading with cryptocurrencies without losing self control
- EY launches the world's first secure private transactions over the Ethereum public blockchain
- YAPBS – Yet Another Password Breach Scam
- FIFA admits hack and braces for new leaks
POLITICS
- Joshua Adam Schulte, ex CIA employee, accused of continuing leaks from prison
- Spam campaign targets Exodus Mac Users
- 85 Millions of voter records available for sale ahead of the 2018 US Midterm Elections
- This Week in Security News: Spam Campaigns and Vulnerable Infrastructures
- Beware this malware: it can even survive operating systems being reinstalled
- Emotet Trojan Changes Tactics…Again
- 85 million voter records on sale
- Iran has become victim of a cyberattack campaign
DATA BREACH & DATA LOSS
- Australian defence contractor Austal hit by data breach
- Radisson discloses data breach impacting rewards customers
- 22,000 Records Exposed by JoomlArt in Jira Ticket
- ‘Aaron Smith’ Sextortion scam campaigns hit tens of thousands of individuals
- New Bluetooth Vulnerabilities Exposed in Aruba, Cisco, Meraki Access Points
- Customer Information Stolen in Radisson Hotel Group Data Breach
- British Airways data breach bigger than originally thought
- Where Is the Consumer Outrage about Data Breaches?
- Eurostar Resets Passwords of Customers After Data Breach
- Radisson Hotel Group suffers data breach, customer info leaked
- Radisson Rewards Program Targeted in Data Breach
- "If the schemas prove not to be compatible, a backup of the previous version of a database must be used
- Emotet Malware – Mass-Harvesting millions of Emails in secret Campaign
- Last year the @USAgov required agencies to implement #DMARC records and policies by October 2018. Learn just how hard DMARC
- New Ramnit Campaign Spreads Azorult Malware
- #NetSpectre leaks data remotely via side-channel attacks. Learn from expert Michael Cobb of @thehairyITdog why data from #microprocessors is not
- Phishing Attacks Breach 20,000 Patient Records of Catawba Valley Medical Center
- Radisson Hotel Group Data Breach Exposed Customer’s Personal Data
- Beware !! Square & PayPal Mobile Point of Sales (POS) Devices Are Extremely Vulnerable to Credit/Debit Card Data Theft
DENIAL-OF-SERVICE
- Cisco ups the ante for 400G Ethernet with big-bandwidth data-center switches
MALVERTISING
- Bad ads: Publishers look to stop malvertising for good
PHISHING
- How phishing is evolving to outpace awareness
- Going with what works: The state of phishing
- October may be over – but phishing attacks never stop. Here’s how to make security awareness successful all year round.
- Trickbot Shows Off New Trick: Password Grabber Module
- Expert Insights Names Barracuda’s AI powered Sentinel Top Phishing protection product
- Phishing Attacks Breach 20,000 Patient Records of Catawba Valley Medical Center
WEB DEFACEMENT
Nil
BOTNET
- Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol
- Defending your pumpkin from tracker zombies
- Necurs Botnet Distributing Sextortion Email Scams
- The Russian built #VPNFilter #botnet was taken down by the @FBI after over 500,000 routers were infected. However, VPNFilter is
RANSOMWARE
- Ransomware and Back-Up Plans
- Healthcare Industry Continues To Be the Favourite for Ransomware
- SamSam Attackers Have Hit 67 Ransomware Targets
- Nice work if you can get it: GandCrab ransomware nets millions even though it has been broken
- Crypto-Locking Kraken Ransomware Looms Larger
CRYPTOMINING & CRYPTOCURRENCIES
- Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol
- UK considers banning cryptocurrencies for their lack of “intrinsic value”
- Crypto-Locking Kraken Ransomware Looms Larger
- Crypto Micropayments: an Exciting Future for Blockchain Transactions
MALWARE
- 2018’s worst malware revealed in report
- Trickbot Malware Now Also Steals Passwords From Apps, Web Browsers
- Emotet Malware, the Most Probable Malware of the Year
- USB Drives Deliver Dangerous Malware to Industrial Facilities: Honeywell
- More Typo-Squatting Malware Found on PyPI
- Employee used US government network for adult websites, infected infrastructure with Russian malware
- Government employee who used to watch porn at work alleged guilty of infecting with malware a network
- Malware Analysis for Blue Teams
- Emotet Malware – Mass-Harvesting millions of Emails in secret Campaign
- Hackers Drops New Emotet Malware to Perform Mass Email Exfiltration From Victims Email Client
- New Ramnit Campaign Spreads Azorult Malware
- Perl-Based Shellbot Looks to Target Organizations via C&C
- IKARUS Security Software partners with PolySwarm to advance early malware detection
- Pdgmail – Forensic Tool to Analysis Process Memory Dump
EXPLOIT
- PoC Exploit Compromises Microsoft Live Accounts via Subdomain Hijacking
- 0x20k of Ghost Squad Hackers Releases ODay Exploit Targeting Apache Hadoop
- Hackers Exploit Cisco Zero Day Vulnerability in Wild Resulting in DoS Condition
VULNERABILITY
- Yi IoT Home Camera Riddled with Code-Execution Vulnerabilities
- BLEEDINGBIT Bluetooth flaws in TI chips expose enterprises to remote attacks
- New Bluetooth Vulnerabilities Exposed in Aruba, Cisco, Meraki Access Points
- Windows Defender Bug Needs a Restart, Not Shutdown, To Enable Sandbox
- Bluetooth Chip Flaws Expose Enterprises to Remote Attacks
- Two Zero-Day Bugs Open Millions of Wireless Access Points to Attack
- Cisco says a flaw in its Adaptive Security Appliance allows remote attacks
- Talos Vulnerability Deep Dive – TALOS-2018-0636 / CVE-2018-3971 Sophos HitmanPro.Alert vulnerability
- Security researchers find flaws in chips used in hospitals, factories and stores
- Bleedingbit: Critical vulnerabilities in BLE chips expose millions of access points to attack
- Bleedingbit zero-day chip flaws may expose majority of enterprises to remote code execution attacks
- Cisco Zero-Day Exploited In The Wild To Crash And Reload Devices
- Zero-Day RCE Vulnerabilities Expose Millions of BLE-Enabled Devices to Attacks
- Hackers Exploit Cisco Zero Day Vulnerability in Wild Resulting in DoS Condition
- New BLEEDINGBIT Vulnerabilities Affect Widely-Used Bluetooth Chips
- Two New Bluetooth Chip Flaws Expose Millions of Devices to Remote Attacks
- .@Siemens disclosed six SICLOCK flaws that were found within its central plant clocks. Discover why three flaws have been rated
- Our fabulous @5ean5ullivan explains to @CyberSauna listeners how the multiple vulnerabilities in the US electoral system may be^H^H^H^H^H^Hare being exploited.
- Bleedingbit Bluetooth Vulnerabilities Expose WiFi APs to Risk
- Talos Vulnerability Deep Dive - TALOS-2018-0636 / CVE-2018-3971 Sophos HitmanPro.Alert vulnerability
- Cisco Warns of Zero-Day Vulnerability in Security Appliances
- Cisco zero-day exploited in the wild to crash and reload devices
