ASIA
- Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges
- Fake Telegram Apps Used to Spy on Iranian Users
- Spam and phishing in Q3 2018
- Worst malware and threat actors of 2018 so far
- Shellbot Botnet Targets IoT devices and Linux servers
- Nation states sponsoring increasingly sophisticated cyber attacks
- New attack by Anonymous Italy: personal data from ministries and police have been released online
- Multiple Cisco Vulnerabilities Threat Alert
WORLD
- US DoD’s first malware submissions to Google-bought VirusTotal is Russia-linked LoJack
- Hack the Air Force 3.0 Bug Bounty Announced by USAF
- ThreatList: Despite Fraud Awareness, Password Reuse Persists for Half of U.S. Consumers
- Election Day: Five Security Experts Conclude that Georgia’s Online Voter Database is Easily Hackable
- Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges
- HSBC Bank Confirms US Data Breach
- UK Regulator Calls for Tougher Rules on Personal Data Use
- Compromising vital infrastructure: transport and logistics
- HSBC Bank USA Warns Customers of Data Breach
- Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain
- Side-Channel Vulnerability PortSmash Steals Keys
- Pocket iNet ISP Exposed 73GB of Corporate Data Online
- Tech companies offered free products to help secure the election. Now what?
- Magecart infiltrates UK online retailer Kitronik payment system
- Spam and phishing in Q3 2018
- Worst malware and threat actors of 2018 so far
- Wealthy Moscow residents' data leaked in Akado Telecom incident
- We're hosting a lunch and learn event geared towards endpoint #security and #ransomware, with technology partner @SentinelOne.
Please join us on
- Shellbot Botnet Targets IoT devices and Linux servers
- U.S. Air Force Announces Third Bug Bounty Program
- Nation states sponsoring increasingly sophisticated cyber attacks
- Anonymous Hackers Syndicate Defaces Huge Number of Websites of Gabon Government
- New attack by Anonymous Italy: personal data from ministries and police have been released online
- Two zero-day vulnerabilities expose millions of access points
- #ThreatFabric discovers #NeoBot Android Banking Trojan (#Exobot spawn) in #GooglePlay with 10,000+ installs
Please contact us if your interested in
ATTACKS
- HSBC Data Breach Hits Online Banking Customers
- My Health Record data misuse penalties raised
- Holiday Suppliers Already Under Assault by Fileless Malware Campaign
- ThreatList: Despite Fraud Awareness, Password Reuse Persists for Half of U.S. Consumers
- Election Day: Five Security Experts Conclude that Georgia’s Online Voter Database is Easily Hackable
- HSBC Bank Confirms US Data Breach
- UK Regulator Calls for Tougher Rules on Personal Data Use
- HSBC Bank USA Warns Customers of Data Breach
- HSBC Bank Data Breach Exposed Account Numbers, Balances, and More
- Samsung, Crucial’s Flawed Storage Drive Encryption Leaves Data Exposed
- Why business can't keep the public safe from data breaches
- It’s thought that the private message data was obtained via a malicious browser extension that scraped the data from users’
- Alert: Emotet is Back with Major Spam Campaign, Email Exfiltration Module
- Zombie Phish
- Azorult Malware Spread by New Ramnit Campaign
- Login VSI announces Release 3 of Login PI for proactive monitoring
- Pocket iNet ISP Exposed 73GB of Corporate Data Online
- HSBC Bank Notifies Customers of Data Breach
- Business email compromise made easy for cybercriminals as 12.5 million company email inboxes and 33,000 finance department credentials openly accessible
- Spam and phishing in Q3 2018
- Wealthy Moscow residents' data leaked in Akado Telecom incident
- GPU side channel attacks can enable spying on web activity, password stealing
- Our crucible SoC OTP fusing tool now support graphical mapping of fusemap definition files.
This, other than being very pretty, facilitates
- Social Media Brand Impersonators Go #Phishing: 3 Emerging Tactics from ZeroFOX Research
- Gift Card Phishing Scam Using Email Addresses of Bosses’ is Latest Trend Adopted by Scammers
- New attack by Anonymous Italy: personal data from ministries and police have been released online
- Samsung & Crucial Storage Device Vulnerability Allow Attackers to Break the Password & Access the Entire Device Data
- Just half of Fortune 500 companies have installed DMARC, a tool that guards against email phishing scams, according to new
THREATS
- US DoD’s first malware submissions to Google-bought VirusTotal is Russia-linked LoJack
- Apache Struts Vulnerability Would Allow System Takeover
- Hack the Air Force 3.0 Bug Bounty Announced by USAF
- Android November update fixes flaws galore
- Holiday Suppliers Already Under Assault by Fileless Malware Campaign
- Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges
- Hackers Breach StatCounter To Hijack Bitcoin Transactions
- StatCounter Hacked to Inject Malicious Script in gate.io Cryptocurrency Exchange
- VMware Unveils New Blockchain Service
- Hackers breach StatCounter to hijack Bitcoin transactions on Gate.io exchange
- Zero-Day Vulnerability Explained
- WordPress Design Flaw + WooCommerce Vulnerability Leads to Site Takeover
- Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain
- It’s thought that the private message data was obtained via a malicious browser extension that scraped the data from users’
- Backdoors Installed via macOS Cryptocurrency App
- Malware Execution via Microsoft Word Embedded Video
- Azorult Malware Spread by New Ramnit Campaign
- Supply-chain attack on cryptocurrency exchange
- Supply-chain attack on cryptocurrency exchange
- Side-Channel Vulnerability PortSmash Steals Keys
- Apache Struts Warns Users of Two-Year-Old Vulnerability
- Why are fake Elon Musk bitcoin scams running rife on Twitter right now?
- Apache Struts Warns Users of Two-Year-Old Vulnerability
- Apache Struts 2.3.x vulnerable to two year old RCE flaw
- IBM Watson will be used by NIST to assign CVSS scores to vulnerabilities
- Security firm Armis has discovered two vulnerabilities in Bluetooth Chips from several networking industry leaders.
- Hidden Costs of IoT Vulnerabilities
- Evernote for Windows patch resolves stored XSS vulnerability
- Ransomware Keeps Ringing in Profits for Cybercrime Rings
- How IAM is Evolving in the Blockchain Era
- A Blockchain Solution for Data Provenance Using Hyperledger Fabric
- Private messages from 81,000 hacked Facebook accounts were for sale online.
The information was obtained through malicious browser extensions, such as
- New ransomware spotted using DiskCryptor
- Exploit Developer Discovers Zero-Day Microsoft Edge Vulnerability Triggering RCE Attacks
- How testing perspectives helps find application security flaws
- Worst malware and threat actors of 2018 so far
- We're hosting a lunch and learn event geared towards endpoint #security and #ransomware, with technology partner @SentinelOne.
Please join us on
- PortSmash Side-Channel Vulnerability – Another Threat For Intel CPUs
- U.S. Air Force Announces Third Bug Bounty Program
- CVE-2018-11759: Apache mod_jk Access Control Bypass Vulnerability
- High risk vulnerability discovered in Sauter CASE Suite building automation software
- Apache Struts Team Urges Users for Library Update to Plug Years-Old Bugs
- Samsung & Crucial Storage Device Vulnerability Allow Attackers to Break the Password & Access the Entire Device Data
- Flaws in Popular Self-Encrypting SSDs Let Attackers Decrypt Data
- Apple Patches Critical iOS, macOS and watchOS Flaws
- Watch Out for the “Programmer Who Cracked Your Email” Bitcoin Scam
- Multiple Cisco Vulnerabilities Threat Alert
- Vulnerability in Icecast can collapse online radio stations
- Two zero-day vulnerabilities expose millions of access points
- Gitlab v11.4.5 release: fix bugs
- #ThreatFabric discovers #NeoBot Android Banking Trojan (#Exobot spawn) in #GooglePlay with 10,000+ installs
Please contact us if your interested in
- Symantec acquires Appthority to enhance protection from mobile application vulnerabilities
CRIME
- ThreatList: Despite Fraud Awareness, Password Reuse Persists for Half of U.S. Consumers
- Hackers Breach StatCounter To Hijack Bitcoin Transactions
- Hackers breach StatCounter to hijack Bitcoin transactions on Gate.io exchange
- Zero-Day Vulnerability Explained
- Tech companies offered free products to help secure the election. Now what?
- Business email compromise made easy for cybercriminals as 12.5 million company email inboxes and 33,000 finance department credentials openly accessible
- Magecart infiltrates UK online retailer Kitronik payment system
- Ransomware Keeps Ringing in Profits for Cybercrime Rings
- Spam and phishing in Q3 2018
- A Blockchain Solution for Data Provenance Using Hyperledger Fabric
- Nation states sponsoring increasingly sophisticated cyber attacks
- Gift Card Phishing Scam Using Email Addresses of Bosses’ is Latest Trend Adopted by Scammers
- Watch Out for the “Programmer Who Cracked Your Email” Bitcoin Scam
POLITICS
- Election Day: Five Security Experts Conclude that Georgia’s Online Voter Database is Easily Hackable
- Compromising vital infrastructure: transport and logistics
- Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain
- Pocket iNet ISP Exposed 73GB of Corporate Data Online
- Fake Telegram Apps Used to Spy on Iranian Users
- Tech companies offered free products to help secure the election. Now what?
- Spam and phishing in Q3 2018
- GPU side channel attacks can enable spying on web activity, password stealing
- Nation states sponsoring increasingly sophisticated cyber attacks
- New attack by Anonymous Italy: personal data from ministries and police have been released online
DATA BREACH & DATA LOSS
- Week in review: Volume of Australian data breaches continues unabated
- Google dorks were the root cause of a catastrophic compromise of CIA’s communications
- Your personal data is widely available to hackers
- This Tool Shows Exposed Cameras Around Your Neighborhood
- New Side-Channel Vulnerability Leaks Sensitive Data From Intel Chips
- Akado Telecom Accidentally Leaks Customers' Names, Phone Numbers, And Addresses
- Australian shipbuilder Austal hit by data breach
- Equifax Set to Share More PII with Experian
- #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
- National biometric database could be on the way (and in private hands)
- Over 80,000 Facebook User Accounts Compromised
- "If an organization created #DMARC records for the first time, it would encounter syntax and content issues -- one of
- Kemp Cites Voter Database Hacking Attempt, Gives No Evidence
- "A lot of people in Congress are concerned that the Facebook influence campaigns are about the midterms, but to me
- "Shipbuilder Austal Ltd said on Thursday its Australian business had detected and responded to a data breach"
DENIAL-OF-SERVICE
- What were the DDoS numbers for Q2 & Q3 2018?
- A cybersecurity lesson: educational sites suffer rise in DDoS attacks in Q3
MALVERTISING
Nil
PHISHING
- Almost 300 Percent Increase in eCommerce Phishing Attacks in Q3 2018
- Inception Group Uses POWERSHOWER Backdoor in Two-Stage Spear Phishing Attacks
- How to use Firefox Master Password.
- Why you should be using a password manager
- How did @Google eliminate successful #PhishingAttacks? Learn how employees used U2F authentication and physical #SecurityKeys to defend against phishing from
- Password Constraints and Their Unintended Security Consequences
- Cybercriminals Using SMS Phishing Attack to Rob Cardless ATM
- How can U2F authentication end phishing attacks?
- Phishing attacks up by 297 percent across eCommerce in Q3 2018
WEB DEFACEMENT
Nil
BOTNET
- Shellbot Botnet Targets Linux, Android Devices
- Original Mirai botnet creator hit with hefty financial sentence
RANSOMWARE
- #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
- Researchers found #Kraken #ransomware has become more popular after being packaged in the Fallout #ExploitKit and becoming part of an
CRYPTOMINING & CRYPTOCURRENCIES
- No, blockchain isn't the answer to our voting system woes
- Fake Elon Musk Twitter Bitcoin Scam Earned 180K in One Day
- Another wave of Elon Musk bitcoin scams spread by verified Twitter accounts
- Researchers found #Kraken #ransomware has become more popular after being packaged in the Fallout #ExploitKit and becoming part of an
- Blockhead makes blockchain easy for developers
- The building blocks of blockchain-based digital identity
MALWARE
- Inception Group Uses POWERSHOWER Backdoor in Two-Stage Spear Phishing Attacks
- Inside SearchPageInstaller | macOS Malware Deploys a MITM Attack
- Malware of the 1980s: Looking back at the Brain Virus and the Morris Worm
- Why malware attacks should no longer be a problem for businesses
- Android Rat – TheFatRat to Hack and Gain access to Targeted Android Phone
- Scammers Ride on Popular Vote411 Voter Info Site to Push Scareware Alerts
- How to Get Rid of Cortana Runtime Broker CPU Miner Virus
- Fake malicious @RSAsecurity #SecurID malware in pre-release state on @GooglePlay:
- Currently gathering information (profiling) the mobile device it is installed
- Video analysis of Android banking Trojan found on Google Play (Red Alert 2)
- Recently there have been a lot of packed Android malware around, so I decided to write a blog-post on how
EXPLOIT
- PoC Available for Microsoft Edge Zero-Day RCE, Exploit Under Development
- Security researchers exploit Intel hyperthreading flaw to break encryption
VULNERABILITY
- Apache warns Struts 2.3 is using a library with a two year old critical flaw
- Online Radio Stations at Risk from Icecast Flaw
- PoC Available for Microsoft Edge Zero-Day RCE, Exploit Under Development
- Flaws In Self-Encrypting SSDs Let Attackers Bypass Encryption
- New Side-Channel Vulnerability Leaks Sensitive Data From Intel Chips
- Why Are Deserialization Vulnerabilities So Popular?
- Flaws in self-encrypting SSDs let attackers bypass disk encryption
- [SingCERT] Technical Advisory on Vulnerabilities in Bluetooth Low Energy Chips by Texas Instruments (CVE-2018-16986 and CVE-2018-7080)
- Inception Attackers Target Europe with Year-old Office Vulnerability
- Kemp Investigates Dems, Not the Reported Vulnerability
- Flaws in Popular SSD Drives Bypass Hardware Disk Encryption
- Flaw in Icecast streaming media server allows to take off online Radio Stations
- Security researchers exploit Intel hyperthreading flaw to break encryption
- .@ArmisSecurity researchers discovered two chip-level #Bluetooth vulnerabilities -- dubbed #Bleedingbit -- that could allow pseudo #RemoteCodeExecution on wireless access points.
- Vulnerabilities’ CVSS scores soon to be assigned by AI
- Cisco Products Affected By A Zero-Day SIP Inspection Vulnerability Exploited In The Wild
- High severity XML external entity flaw affects Sauter building automation product
- Security firm Armis has discovered two vulnerabilities in Bluetooth Chips from several networking industry leaders.
- Critical 'Bleedingbit' flaws found in microcontrollers used by Wi-Fi access points
- Mozilla Patched Multiple Security Vulnerabilities in Thunderbird 60.3
- Apple Patched Multiple XNU Kernel Vulnerabilities In MacOS And iOS
- Companies implementing DevSecOps address vulnerabilities faster than others
- The Ultimate Guide to Bug Bounty Platforms
- PortSmash – A New Side Channel Vulnerability in SMT/Hyper-Threading That Allows Attackers To Steal Sensitive Data
- Security Think Tank: Three ways to safeguard against application layer vulnerabilities
- Security Bug in Icecast Puts Online Radio Stations At Risk
- Researchers discover new zero-day vulnerability in EDGE browser
ASIA
- Google dorks were the root cause of a catastrophic compromise of CIA’s communications
- Cyber-Attacks: How to Stop a Multibillion-Dollar Problem
- Persian Stalker pillages Iranian users of Instagram and Telegram
- A cybersecurity lesson: educational sites suffer rise in DDoS attacks in Q3
OCEANIA
- Week in review: Volume of Australian data breaches continues unabated
- Australian shipbuilder Austal hit by data breach
- Persian Stalker pillages Iranian users of Instagram and Telegram
- A cybersecurity lesson: educational sites suffer rise in DDoS attacks in Q3
- "Shipbuilder Austal Ltd said on Thursday its Australian business had detected and responded to a data breach"
NORTH AMERICA
- What were the DDoS numbers for Q2 & Q3 2018?
- Google dorks were the root cause of a catastrophic compromise of CIA’s communications
- Your personal data is widely available to hackers
- Inside SearchPageInstaller | macOS Malware Deploys a MITM Attack
- Magecart Strikes Again, and Kitronik Is Latest Victim
- Cyber-Attacks: How to Stop a Multibillion-Dollar Problem
- Equifax Set to Share More PII with Experian
- #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
- Over 80,000 Facebook User Accounts Compromised
- Why malware attacks should no longer be a problem for businesses
- Critical 'Bleedingbit' flaws found in microcontrollers used by Wi-Fi access points
- Persian Stalker pillages Iranian users of Instagram and Telegram
- A cybersecurity lesson: educational sites suffer rise in DDoS attacks in Q3
- "A lot of people in Congress are concerned that the Facebook influence campaigns are about the midterms, but to me
- "Shipbuilder Austal Ltd said on Thursday its Australian business had detected and responded to a data breach"
SOUTH AMERICA
- Over 80,000 Facebook User Accounts Compromised
EUROPE
- Inception Group Uses POWERSHOWER Backdoor in Two-Stage Spear Phishing Attacks
- Google dorks were the root cause of a catastrophic compromise of CIA’s communications
- Magecart Infiltrates U.K. Online Retailer Kitronik POS
- Akado Telecom Accidentally Leaks Customers' Names, Phone Numbers, And Addresses
- Magecart Strikes Again, and Kitronik Is Latest Victim
- Inception Attackers Target Europe with Year-old Office Vulnerability
- Kemp Investigates Dems, Not the Reported Vulnerability
- Over 80,000 Facebook User Accounts Compromised
- Persian Stalker pillages Iranian users of Instagram and Telegram
- Kemp Cites Voter Database Hacking Attempt, Gives No Evidence
- A cybersecurity lesson: educational sites suffer rise in DDoS attacks in Q3
AFRICA
- Cyber-Attacks: How to Stop a Multibillion-Dollar Problem
HEALTHCARE
Nil
TRANSPORT
Nil
BANKING & FINANCE
- Original Mirai botnet creator hit with hefty financial sentence
- Magecart Strikes Again, and Kitronik Is Latest Victim
- Cyber-Attacks: How to Stop a Multibillion-Dollar Problem
- Over 80,000 Facebook User Accounts Compromised
- Why malware attacks should no longer be a problem for businesses
- Cybercriminals Using SMS Phishing Attack to Rob Cardless ATM
- Persian Stalker pillages Iranian users of Instagram and Telegram
- Phishing attacks up by 297 percent across eCommerce in Q3 2018
- A cybersecurity lesson: educational sites suffer rise in DDoS attacks in Q3
- Video analysis of Android banking Trojan found on Google Play (Red Alert 2)
INFORMATION & TELECOMMUNICATION
- PoC Available for Microsoft Edge Zero-Day RCE, Exploit Under Development
- Original Mirai botnet creator hit with hefty financial sentence
- Inside SearchPageInstaller | macOS Malware Deploys a MITM Attack
- Fake Elon Musk Twitter Bitcoin Scam Earned 180K in One Day
- Another wave of Elon Musk bitcoin scams spread by verified Twitter accounts
- Inception Attackers Target Europe with Year-old Office Vulnerability
- Flaw in Icecast streaming media server allows to take off online Radio Stations
- Security firm Armis has discovered two vulnerabilities in Bluetooth Chips from several networking industry leaders.
- Over 80,000 Facebook User Accounts Compromised
- Persian Stalker pillages Iranian users of Instagram and Telegram
- Phishing attacks up by 297 percent across eCommerce in Q3 2018
- The Ultimate Guide to Bug Bounty Platforms
- Researchers discover new zero-day vulnerability in EDGE browser
- Fake malicious @RSAsecurity #SecurID malware in pre-release state on @GooglePlay:
- Currently gathering information (profiling) the mobile device it is installed
- "A lot of people in Congress are concerned that the Facebook influence campaigns are about the midterms, but to me
FOOD
Nil
WATER
Nil
ENERGY
- [SingCERT] Technical Advisory on Vulnerabilities in Bluetooth Low Energy Chips by Texas Instruments (CVE-2018-16986 and CVE-2018-7080)
- Critical 'Bleedingbit' flaws found in microcontrollers used by Wi-Fi access points
GOVERNMENT & PUBLIC SERVICE
- No, blockchain isn't the answer to our voting system woes
- Google dorks were the root cause of a catastrophic compromise of CIA’s communications
- Akado Telecom Accidentally Leaks Customers' Names, Phone Numbers, And Addresses
- Inception Attackers Target Europe with Year-old Office Vulnerability
- Kemp Investigates Dems, Not the Reported Vulnerability
- Persian Stalker pillages Iranian users of Instagram and Telegram
- Phishing attacks up by 297 percent across eCommerce in Q3 2018
- Kemp Cites Voter Database Hacking Attempt, Gives No Evidence
- "A lot of people in Congress are concerned that the Facebook influence campaigns are about the midterms, but to me
ASIA
- Google dorks were the root cause of a catastrophic compromise of CIA’s communications
- Cyber-Attacks: How to Stop a Multibillion-Dollar Problem
- Persian Stalker pillages Iranian users of Instagram and Telegram
- A cybersecurity lesson: educational sites suffer rise in DDoS attacks in Q3
WORLD
- Week in review: Volume of Australian data breaches continues unabated
- Inception Group Uses POWERSHOWER Backdoor in Two-Stage Spear Phishing Attacks
- What were the DDoS numbers for Q2 & Q3 2018?
- Google dorks were the root cause of a catastrophic compromise of CIA’s communications
- Your personal data is widely available to hackers
- Magecart Infiltrates U.K. Online Retailer Kitronik POS
- Inside SearchPageInstaller | macOS Malware Deploys a MITM Attack
- Akado Telecom Accidentally Leaks Customers' Names, Phone Numbers, And Addresses
- Magecart Strikes Again, and Kitronik Is Latest Victim
- Inception Attackers Target Europe with Year-old Office Vulnerability
- Kemp Investigates Dems, Not the Reported Vulnerability
- Australian shipbuilder Austal hit by data breach
- Cyber-Attacks: How to Stop a Multibillion-Dollar Problem
- Equifax Set to Share More PII with Experian
- #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
- Over 80,000 Facebook User Accounts Compromised
- Why malware attacks should no longer be a problem for businesses
- Critical 'Bleedingbit' flaws found in microcontrollers used by Wi-Fi access points
- Persian Stalker pillages Iranian users of Instagram and Telegram
- Kemp Cites Voter Database Hacking Attempt, Gives No Evidence
- A cybersecurity lesson: educational sites suffer rise in DDoS attacks in Q3
- "A lot of people in Congress are concerned that the Facebook influence campaigns are about the midterms, but to me
- "Shipbuilder Austal Ltd said on Thursday its Australian business had detected and responded to a data breach"
ATTACKS
- Week in review: Volume of Australian data breaches continues unabated
- Almost 300 Percent Increase in eCommerce Phishing Attacks in Q3 2018
- Inception Group Uses POWERSHOWER Backdoor in Two-Stage Spear Phishing Attacks
- Google dorks were the root cause of a catastrophic compromise of CIA’s communications
- Your personal data is widely available to hackers
- This Tool Shows Exposed Cameras Around Your Neighborhood
- New Side-Channel Vulnerability Leaks Sensitive Data From Intel Chips
- How to use Firefox Master Password.
- Why you should be using a password manager
- Akado Telecom Accidentally Leaks Customers' Names, Phone Numbers, And Addresses
- Australian shipbuilder Austal hit by data breach
- How did @Google eliminate successful #PhishingAttacks? Learn how employees used U2F authentication and physical #SecurityKeys to defend against phishing from
- Password Constraints and Their Unintended Security Consequences
- Equifax Set to Share More PII with Experian
- #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
- National biometric database could be on the way (and in private hands)
- Over 80,000 Facebook User Accounts Compromised
- Cybercriminals Using SMS Phishing Attack to Rob Cardless ATM
- How can U2F authentication end phishing attacks?
- Phishing attacks up by 297 percent across eCommerce in Q3 2018
- "If an organization created #DMARC records for the first time, it would encounter syntax and content issues -- one of
- Kemp Cites Voter Database Hacking Attempt, Gives No Evidence
- "A lot of people in Congress are concerned that the Facebook influence campaigns are about the midterms, but to me
- "Shipbuilder Austal Ltd said on Thursday its Australian business had detected and responded to a data breach"
THREATS
- Apache warns Struts 2.3 is using a library with a two year old critical flaw
- Inception Group Uses POWERSHOWER Backdoor in Two-Stage Spear Phishing Attacks
- Online Radio Stations at Risk from Icecast Flaw
- No, blockchain isn't the answer to our voting system woes
- PoC Available for Microsoft Edge Zero-Day RCE, Exploit Under Development
- Flaws In Self-Encrypting SSDs Let Attackers Bypass Encryption
- New Side-Channel Vulnerability Leaks Sensitive Data From Intel Chips
- Inside SearchPageInstaller | macOS Malware Deploys a MITM Attack
- Why Are Deserialization Vulnerabilities So Popular?
- Fake Elon Musk Twitter Bitcoin Scam Earned 180K in One Day
- Another wave of Elon Musk bitcoin scams spread by verified Twitter accounts
- Flaws in self-encrypting SSDs let attackers bypass disk encryption
- [SingCERT] Technical Advisory on Vulnerabilities in Bluetooth Low Energy Chips by Texas Instruments (CVE-2018-16986 and CVE-2018-7080)
- Inception Attackers Target Europe with Year-old Office Vulnerability
- Malware of the 1980s: Looking back at the Brain Virus and the Morris Worm
- Kemp Investigates Dems, Not the Reported Vulnerability
- Flaws in Popular SSD Drives Bypass Hardware Disk Encryption
- Flaw in Icecast streaming media server allows to take off online Radio Stations
- Security researchers exploit Intel hyperthreading flaw to break encryption
- .@ArmisSecurity researchers discovered two chip-level #Bluetooth vulnerabilities -- dubbed #Bleedingbit -- that could allow pseudo #RemoteCodeExecution on wireless access points.
- Vulnerabilities’ CVSS scores soon to be assigned by AI
- Cisco Products Affected By A Zero-Day SIP Inspection Vulnerability Exploited In The Wild
- #SamSam #ransomware continues to be a thorn in the side of organizations in the U.S. with targeted ransomware campaigns continuing,
- Researchers found #Kraken #ransomware has become more popular after being packaged in the Fallout #ExploitKit and becoming part of an
- High severity XML external entity flaw affects Sauter building automation product
- Security firm Armis has discovered two vulnerabilities in Bluetooth Chips from several networking industry leaders.
- Blockhead makes blockchain easy for developers
- Why malware attacks should no longer be a problem for businesses
- Critical 'Bleedingbit' flaws found in microcontrollers used by Wi-Fi access points
- Mozilla Patched Multiple Security Vulnerabilities in Thunderbird 60.3
- Android Rat – TheFatRat to Hack and Gain access to Targeted Android Phone
- Apple Patched Multiple XNU Kernel Vulnerabilities In MacOS And iOS
- Scammers Ride on Popular Vote411 Voter Info Site to Push Scareware Alerts
- The building blocks of blockchain-based digital identity
- Companies implementing DevSecOps address vulnerabilities faster than others
- How to Get Rid of Cortana Runtime Broker CPU Miner Virus
- The Ultimate Guide to Bug Bounty Platforms
- PortSmash – A New Side Channel Vulnerability in SMT/Hyper-Threading That Allows Attackers To Steal Sensitive Data
- Security Think Tank: Three ways to safeguard against application layer vulnerabilities
- Security Bug in Icecast Puts Online Radio Stations At Risk
- Researchers discover new zero-day vulnerability in EDGE browser
- Fake malicious @RSAsecurity #SecurID malware in pre-release state on @GooglePlay:
- Currently gathering information (profiling) the mobile device it is installed
- Video analysis of Android banking Trojan found on Google Play (Red Alert 2)
- Recently there have been a lot of packed Android malware around, so I decided to write a blog-post on how
CRIME
- Week in review: Volume of Australian data breaches continues unabated
- Original Mirai botnet creator hit with hefty financial sentence
- Fake Elon Musk Twitter Bitcoin Scam Earned 180K in One Day
- Australian shipbuilder Austal hit by data breach
- Cyber-Attacks: How to Stop a Multibillion-Dollar Problem
- Equifax Set to Share More PII with Experian
- Over 80,000 Facebook User Accounts Compromised
- Cybercriminals Using SMS Phishing Attack to Rob Cardless ATM
- Persian Stalker pillages Iranian users of Instagram and Telegram
- Phishing attacks up by 297 percent across eCommerce in Q3 2018
- The Ultimate Guide to Bug Bounty Platforms
POLITICS
- Google dorks were the root cause of a catastrophic compromise of CIA’s communications
- Kemp Investigates Dems, Not the Reported Vulnerability
- Cyber-Attacks: How to Stop a Multibillion-Dollar Problem
- "A lot of people in Congress are concerned that the Facebook influence campaigns are about the midterms, but to me
TRANSNATIONAL / UNKNOWN
- Who’s In Your Online Shopping Cart?
- Security Affairs newsletter Round 187 – News of the week
CHINA
Nil
INDIA
Nil
NORTH KOREA
- WireGuard has not been merged into the Linux kernel mainline
PAKISTAN
Nil
VIETNAM
Nil
IRAN
Nil
IRAQ
Nil
LEBANON
Nil
PALESTINE
Nil
SAUDI ARABIA
Nil
SYRIA
Nil
TURKEY
Nil
UNITED ARAB EMIRATES
Nil
YEMEN
Nil
RUSSIA
Nil
SERBIA
Nil
UKRAINE
Nil
ASIA
- Security Affairs newsletter Round 187 – News of the week
- Kraken ransomware 2.0 is available through the RaaS model
- Google logins make JavaScript mandatory, Huawei China spy shock, Mac malware, Iran gets new Stuxnet, and more
- Bluetooth chip has serious security vulnerabilities that widely affect smart electronic products
WORLD
- Who’s In Your Online Shopping Cart?
- PortSmash flaw in Hyper-Threading CPU could allow sensitive data theft
- Security Affairs newsletter Round 187 – News of the week
- Kraken ransomware 2.0 is available through the RaaS model
- Targeted SamSam Ransomware Attacks Continues to Breaking & Lock 67 Different Organizations Network
- Bluetooth chip has serious security vulnerabilities that widely affect smart electronic products
- Intel processors are vulnerable to new PortSmash side-channel vulnerability
- WireGuard has not been merged into the Linux kernel mainline
ATTACKS
- PortSmash flaw in Hyper-Threading CPU could allow sensitive data theft
- Beware!! Cyber Criminals Stealing Cash From Cardless ATM Using SMS Phishing Attack
THREATS
- Week in review: Bleedingbit, nastiest malware of 2018, Cisco security appliances under attack
- Vulnerability Scanners 101
- PortSmash flaw in Hyper-Threading CPU could allow sensitive data theft
- New Microsoft Edge Browser Zero-Day RCE Exploit in the Works
- Kraken ransomware 2.0 is available through the RaaS model
- Google logins make JavaScript mandatory, Huawei China spy shock, Mac malware, Iran gets new Stuxnet, and more
- Targeted SamSam Ransomware Attacks Continues to Breaking & Lock 67 Different Organizations Network
- What should you do when you realize you've click on a malicious link?
- Researchers recently found vulnerabilities within the robot controllers from @Universal_Robot. Learn what these #robot controllers are used for and how
- Why Vulnerability Management Does Not Work
- Bluetooth chip has serious security vulnerabilities that widely affect smart electronic products
- Intel processors are vulnerable to new PortSmash side-channel vulnerability
- New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data
CRIME
- PortSmash flaw in Hyper-Threading CPU could allow sensitive data theft
- Security Affairs newsletter Round 187 – News of the week
- Kraken ransomware 2.0 is available through the RaaS model
POLITICS
- PortSmash flaw in Hyper-Threading CPU could allow sensitive data theft
- Google logins make JavaScript mandatory, Huawei China spy shock, Mac malware, Iran gets new Stuxnet, and more
- Bluetooth chip has serious security vulnerabilities that widely affect smart electronic products
DATA BREACH & DATA LOSS
- Weekly Threat Briefing: HealthCare.gov Suffered Data Breach As Hackers Stole 75,000 Records
- Business Email Compromise: Must-Have Defenses
- Radisson Suffers Global Loyalty Program Data Breach
- Android Devices Remain Unsecured, While Two Botnets Fight For Dominance
- Discover how #NetSpectre attacks leak data remotely via side-channels with Michael Cobb of @thehairyITdog.
DENIAL-OF-SERVICE
Nil
MALVERTISING
Nil
PHISHING
- New Trickbot Malware Steal Password & Other Sensitive Data From Microsoft Outlook,Chrome,Firefox, IE, Edge
WEB DEFACEMENT
Nil
BOTNET
- "The resurgence of #VPNFilter #botnet appears to be limited to the Ukraine, but given the ease of infecting targeted systems,
RANSOMWARE
- SamSam ransomware continues to make damages. Call it targeted Ransomware
- #SamSam #ransomware targeted 67 organizations in 2018, according to @symantec research. By @MaddieBacon11
- #Kraken #ransomware as a service is getting more popular after being bundled into the Fallout #ExploitKit and getting more update
- The Week in Ransomware - November 2nd 2018 - RaaS, DiskCryptor, & More
CRYPTOMINING & CRYPTOCURRENCIES
- Blockchain as a Tool for Cybersecurity
- #Kraken #ransomware as a service is getting more popular after being bundled into the Fallout #ExploitKit and getting more update
MALWARE
- Web domain owners paid EasyDNS to cloak their contact info from sight. It was blabbed via public Whois anyway
- BBC micro:bit vendor Kitronik says customers' deets nicked, fingers Magecart malware
- Gotta love how Robert Tappan Morris describes his Morris worm background in his bio: ”In 1988 his discovery of buffer
- New Trickbot Malware Steal Password & Other Sensitive Data From Microsoft Outlook,Chrome,Firefox, IE, Edge
EXPLOIT
- Intel CPUs Fall To New Hyperthreading Exploit That Pilfers Keys
VULNERABILITY
- The Responsible Disclosure of Software Vulnerabilities in the Nutshell
- .@Siemens central plant clocks were affected by six SICLOCK flaws, three have been rated "critical." Learn what these SICLOCK flaws
- Six flaws were recently found in @Siemens SICLOCK central plant clocks. Learn what these clocks do, which clocks were infected
- Researchers say #Bleedingbit vulnerabilities could allow #RemoteCodeExecution on wireless access points, medical devices and any other products using the affected
