DATA BREACH & DATA LOSS
- New Jersey AG Announces $200,000 Settlement with Business Associate and Permanent Ban for BA’s Owner due to 2016 Data Breach Affecting Over 1,650 Patients
- Half a Million People Potentially Affected by Data Breach at Bankers Life
- Data Of Nearly 700,000 Amex India Customers Exposed Via Unsecured MongoDB Server
- HSBC Bank Suffers Data Breach
- Amex India accounts exposed by misconfigured MongoDB installation
- Data of nearly 700,000 Amex India customers exposed via unsecured MongoDB server
- Hacker Leaked Unpatched Virtual Box Zero-day Vulnerability and its Exploit Online
- HSBC Bank Data Breach Exposed Customer’s Account Details and More
- HSBC US Customers Hit by Data Breach
- What do you think is the average cost of a data breach?
- HSBC now stands for Hapless Security, Became Compromised: Thousands of customer files snatched by crims
- ICO poised to fine Leave campaign and Arron Banks’ insurance biz £135,000
- HSBC suffers data breach, customer banking info exposed
- We recently detected an Android banking malware campaign (Anubis) actively targeting the Dutch market by #abusing the @PostNL brand. After
- New dropper campaign with at least 8 droppers in #GooglePlay (30k+ installs total), found with the help of @avast_antivirus @apklabio.
- How voting history data benefits political campaigns
- HSBC Bank Data Breach Exposed Account Numbers, Balances, Transaction History and Other Details
- Personal data of police and ministries employees leaked by Anonymous Italy
- Five Guys suffers employees’ data theft
- Rushed My Health Record changes still missing the point
- What businesses can learn from political campaigns about using big data
DENIAL-OF-SERVICE
Nil
MALVERTISING
Nil
PHISHING
- A Phishing Incident is Being Investigated by the Carthage Police
- Why you should use a password manager
- They stopped a phishing attack in 10 minutes. It used to take days.
- Password Grabber Module Added to Trickbot
- Why Password Management and Security Strategies Fall Short
- Learn About Phishing Incident Response on Nov 15
- Learn why @Google chose U2F authentication over OTP to eliminate #PhishingEmails from expert Michael Cobb of @thehairyITdog.
- A poor password is a key for the wrong person to get in.
WEB DEFACEMENT
Nil
BOTNET
- IoT Botnet Infects 100,000 Routers To Send Spam
- Rapidly Growing Router Botnet Takes Advantage of 5-Year-Old Flaw
- IoT botnet infects 100,000 routers to send Hotmail, Outlook, and Yahoo spam
- A fresh #botnet is rapidly growing by targeting a five-year-old #vulnerability.
So far, @360Netlab said hundreds of thousands of bot
- Linux servers and IoT devices, main targets of Shellbot botnet
RANSOMWARE
- Healthcare Targeted by 37 Percent of All Ransomware Attacks in Q3 2018
- Security Alert: New Dharma Ransomware Strains Alarmingly Go Undetected By Antivirus Engines
- #SamSam #ransomware targeted 67 organizations in 2018, according to @symantec research. By @MaddieBacon11
- How to Remove NOBAD Ransomware
- #Kraken #ransomware as a service is getting more popular after being bundled into the Fallout #ExploitKit and getting more update
- Managing Third-Party Risk in the Age of Ransomware
CRYPTOMINING & CRYPTOCURRENCIES
- Uni cans crypto-mining CPU raid by switching off whole IT network
- Salesforce Aims to Curb Spam With Blockchain
- Using Blockchain Technology to Solve Global Problems
- JavaScript attack aimed to reroute bitcoin transactions
- University shuts down network to thwart Bitcoin cryptojacking scheme
- Attackers breached Statcounter to steal cryptocurrency from gate.io users
- Elon Musk Bitcoin Scammers Hijack Verified Status Accounts
- #Kraken #ransomware as a service is getting more popular after being bundled into the Fallout #ExploitKit and getting more update
- Hackers seed StatCounter with nasty JavaScript in elaborate Bitcoin theft scheme
- Blockchain: The Good, the Bad and the Legal
- New cryptocurrencies offer better anonymity, new security challenges, from @CSOonline http://0fox.co/sSmx30i8vm4 ZeroFOX CTO weighs in on the #infosec challenges
- Bitcoin Cryptojacking Attack Forces University to Disable Entire Network
- Researchers rank cryptocurrency exchanges by how secure they are
MALWARE
- Cisco removed its seventh backdoor account this year, and that's a good thing
- 3,2 Million New Android Malicious Apps Detected Until the End of Q3 2018
- Not sure how to tell if your Android phone has a virus?
Android malware comes in many forms, ranging from spyware
- Weekly Threat Briefing: Scammers Ride on Popular Vote411 Voter Info Site to Push Scareware Alerts
- On the #blog today, we talk about how fileless malware is changing the way we as organizations treats #cyberthreats.
- We recently detected an Android banking malware campaign (Anubis) actively targeting the Dutch market by #abusing the @PostNL brand. After
- New dropper campaign with at least 8 droppers in #GooglePlay (30k+ installs total), found with the help of @avast_antivirus @apklabio.
- Coupa Simplifies Fragmented B2B Payments Process
- Turning Malware Trends into Proactive Behaviors
- DHS on Election Day: No malicious cyber-activity observed
- AMD and TSMC outline 7nm process products to be listed next year
EXPLOIT
- Hacker Leaked Unpatched Virtual Box Zero-day Vulnerability and its Exploit Online
- VirtualBox Guest-to-Host escape 0day and exploit released online
- According to @digitalshadows, attackers used a browser exploit to steal the private #Facebook messages of at least 81,000 people. Read
- #Virtualbox hat eine #Zeroday Sicherheitslücke. Tipp: Ändern Sie Ihren virtuellen Netzwerkadapter auf etwas anderes als Intel PRO/1000.
- VirtualBox Zero-Day Vulnerability Details and Exploit Are Publicly Available
VULNERABILITY
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Security Flaws Found in Widely Used Data Storage Devices | Avast
- A flaw in WooCommerce WordPress Plugin could be exploited to take over e-stores
- Flaw in Icecast streaming media server allows to take off online Radio Stations
- VirtualBox zero-day dumped on GitHub
- Security Researcher Drops VirtualBox Guest-to-Host Escape Zero-Day on GitHub
- WordPress Flaw Opens Millions of WooCommerce Shops to Takeover
- Rapidly Growing Router Botnet Takes Advantage of 5-Year-Old Flaw
- Flaw Leads to RCE in WordPress Plugins, WooCommerce
- Hacker education, inclusivity, and shifting perceptions of bug bounties
- Apache alerts developers of remote code execution flaw
- Evernote Flaw Allows Hackers to Steal Files, Execute Commands
- Top 20 application vulnerabilities in the enterprise are dominated by Adobe and Microsoft
- Equifax nemesis Apache Struts found vulnerable to 2-year old unpatched flaw; workaround available
- Rapid7 Wins Frost & Sullivan 2018 Global Vulnerability Management Market Leadership Award
- Hacker Leaked Unpatched Virtual Box Zero-day Vulnerability and its Exploit Online
- Zero-day flaw in VirtualBox details go public
- Erratic Windows 10 Bug Breaks Changing of Default File Associations
- Researcher discloses VirtualBox Zero-Day without reporting it to Oracle
- Serious XSS flaw discovered in Evernote for Windows, update now!
- Researchers say #Bleedingbit vulnerabilities could allow #RemoteCodeExecution on wireless access points, medical devices and any other products using the affected
- Enterprises Sinking Under 100+ Critical Flaws Per Day
- WordPress, WooCommerce flaws combine to allow website hijacking
- Apache Struts vulnerability would allow system take over
- Up to 4 million online merchants who use the popular @WooCommerce #WordPress plugin are vulnerable to a file deletion flaw.
- Researcher Drops Oracle VirtualBox Zero-Day
- Stop us if you've heard this one: Remote code hijacking flaw in Apache Struts, patch ASAP
- Bug bounty: Hack the US Air Force and Get Paid
- Microsoft, Google apps feature in the top 20 vulnerabilities in enterprise environments
- VirtualBox zero-day published by disgruntled researcher
- A fresh #botnet is rapidly growing by targeting a five-year-old #vulnerability.
So far, @360Netlab said hundreds of thousands of bot
- .@Siemens SICLOCK central plant clocks were recently found to be affected by several vulnerabilities, some of which have been rated
- Apache Struts users have to update FileUpload library to fix years-old flaws
- Zero-Day #Vulnerability Explained
- November Android Security Update Fixes Critical Bugs, Drops Media Library
- Researcher publishes new VirtualBox zero-day vulnerability
- Vulnerabilities in self encrypted SSD allow attackers to bypass disk encryption
- #Virtualbox hat eine #Zeroday Sicherheitslücke. Tipp: Ändern Sie Ihren virtuellen Netzwerkadapter auf etwas anderes als Intel PRO/1000.
- Popular WooCommerce WordPress Plugin Patches Critical Vulnerability
- Google's automated fuzz bot has found over 9,000 bugs in the past two years
- VirtualBox Zero-Day Vulnerability Details and Exploit Are Publicly Available
HEALTHCARE
- New Jersey AG Announces $200,000 Settlement with Business Associate and Permanent Ban for BA’s Owner due to 2016 Data Breach Affecting Over 1,650 Patients
- Healthcare Targeted by 37 Percent of All Ransomware Attacks in Q3 2018
- Researchers say #Bleedingbit vulnerabilities could allow #RemoteCodeExecution on wireless access points, medical devices and any other products using the affected
- Managing Third-Party Risk in the Age of Ransomware
TRANSPORT
Nil
BANKING & FINANCE
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- New Jersey AG Announces $200,000 Settlement with Business Associate and Permanent Ban for BA’s Owner due to 2016 Data Breach Affecting Over 1,650 Patients
- Half a Million People Potentially Affected by Data Breach at Bankers Life
- Healthcare Targeted by 37 Percent of All Ransomware Attacks in Q3 2018
- HSBC Bank Suffers Data Breach
- A Phishing Incident is Being Investigated by the Carthage Police
- Security Alert: New Dharma Ransomware Strains Alarmingly Go Undetected By Antivirus Engines
- They stopped a phishing attack in 10 minutes. It used to take days.
- Password Grabber Module Added to Trickbot
- HSBC Bank Data Breach Exposed Customer’s Account Details and More
- HSBC US Customers Hit by Data Breach
- Elon Musk Bitcoin Scammers Hijack Verified Status Accounts
- Hackers seed StatCounter with nasty JavaScript in elaborate Bitcoin theft scheme
- HSBC now stands for Hapless Security, Became Compromised: Thousands of customer files snatched by crims
- ICO poised to fine Leave campaign and Arron Banks’ insurance biz £135,000
- Weekly Threat Briefing: Scammers Ride on Popular Vote411 Voter Info Site to Push Scareware Alerts
- HSBC suffers data breach, customer banking info exposed
- Bug bounty: Hack the US Air Force and Get Paid
- We recently detected an Android banking malware campaign (Anubis) actively targeting the Dutch market by #abusing the @PostNL brand. After
- Coupa Simplifies Fragmented B2B Payments Process
- HSBC Bank Data Breach Exposed Account Numbers, Balances, Transaction History and Other Details
INFORMATION & TELECOMMUNICATION
- Feds get guilty plea in 'DerpTrolling' attacks on video game sites
- Flaw in Icecast streaming media server allows to take off online Radio Stations
- IoT botnet infects 100,000 routers to send Hotmail, Outlook, and Yahoo spam
- Elon Musk Bitcoin Scammers Hijack Verified Status Accounts
- Weekly Threat Briefing: Scammers Ride on Popular Vote411 Voter Info Site to Push Scareware Alerts
- On the #blog today, we talk about how fileless malware is changing the way we as organizations treats #cyberthreats.
- According to @digitalshadows, attackers used a browser exploit to steal the private #Facebook messages of at least 81,000 people. Read
- New dropper campaign with at least 8 droppers in #GooglePlay (30k+ installs total), found with the help of @avast_antivirus @apklabio.
- Linux servers and IoT devices, main targets of Shellbot botnet
FOOD
Nil
WATER
Nil
ENERGY
- Weekly Threat Briefing: Scammers Ride on Popular Vote411 Voter Info Site to Push Scareware Alerts
- Personal data of police and ministries employees leaked by Anonymous Italy
GOVERNMENT & PUBLIC SERVICE
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Feds get guilty plea in 'DerpTrolling' attacks on video game sites
- A Phishing Incident is Being Investigated by the Carthage Police
- Elon Musk Bitcoin Scammers Hijack Verified Status Accounts
- Weekly Threat Briefing: Scammers Ride on Popular Vote411 Voter Info Site to Push Scareware Alerts
- DHS on Election Day: No malicious cyber-activity observed
- How voting history data benefits political campaigns
- Personal data of police and ministries employees leaked by Anonymous Italy
- Linux servers and IoT devices, main targets of Shellbot botnet
- Rushed My Health Record changes still missing the point
- What businesses can learn from political campaigns about using big data
ASIA
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Data Of Nearly 700,000 Amex India Customers Exposed Via Unsecured MongoDB Server
- Amex India accounts exposed by misconfigured MongoDB installation
- Data of nearly 700,000 Amex India customers exposed via unsecured MongoDB server
- Weekly Threat Briefing: Scammers Ride on Popular Vote411 Voter Info Site to Push Scareware Alerts
- Personal data of police and ministries employees leaked by Anonymous Italy
- Linux servers and IoT devices, main targets of Shellbot botnet
WORLD
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Salesforce Aims to Curb Spam With Blockchain
- Using Blockchain Technology to Solve Global Problems
- Feds get guilty plea in 'DerpTrolling' attacks on video game sites
- Half a Million People Potentially Affected by Data Breach at Bankers Life
- Security Alert: New Dharma Ransomware Strains Alarmingly Go Undetected By Antivirus Engines
- Learn About Phishing Incident Response on Nov 15
- Hacker Leaked Unpatched Virtual Box Zero-day Vulnerability and its Exploit Online
- HSBC Bank Data Breach Exposed Customer’s Account Details and More
- HSBC US Customers Hit by Data Breach
- Elon Musk Bitcoin Scammers Hijack Verified Status Accounts
- Stop us if you've heard this one: Remote code hijacking flaw in Apache Struts, patch ASAP
- Weekly Threat Briefing: Scammers Ride on Popular Vote411 Voter Info Site to Push Scareware Alerts
- HSBC suffers data breach, customer banking info exposed
- Bug bounty: Hack the US Air Force and Get Paid
- VirtualBox zero-day published by disgruntled researcher
- We recently detected an Android banking malware campaign (Anubis) actively targeting the Dutch market by #abusing the @PostNL brand. After
- Personal data of police and ministries employees leaked by Anonymous Italy
- Linux servers and IoT devices, main targets of Shellbot botnet
- AMD and TSMC outline 7nm process products to be listed next year
- Five Guys suffers employees’ data theft
- Vulnerabilities in self encrypted SSD allow attackers to bypass disk encryption
- Bitcoin Cryptojacking Attack Forces University to Disable Entire Network
- Rushed My Health Record changes still missing the point
- VirtualBox Zero-Day Vulnerability Details and Exploit Are Publicly Available
ATTACKS
- New Jersey AG Announces $200,000 Settlement with Business Associate and Permanent Ban for BA’s Owner due to 2016 Data Breach Affecting Over 1,650 Patients
- Half a Million People Potentially Affected by Data Breach at Bankers Life
- Data Of Nearly 700,000 Amex India Customers Exposed Via Unsecured MongoDB Server
- HSBC Bank Suffers Data Breach
- A Phishing Incident is Being Investigated by the Carthage Police
- Why you should use a password manager
- Amex India accounts exposed by misconfigured MongoDB installation
- They stopped a phishing attack in 10 minutes. It used to take days.
- Password Grabber Module Added to Trickbot
- Data of nearly 700,000 Amex India customers exposed via unsecured MongoDB server
- Why Password Management and Security Strategies Fall Short
- Learn About Phishing Incident Response on Nov 15
- Learn why @Google chose U2F authentication over OTP to eliminate #PhishingEmails from expert Michael Cobb of @thehairyITdog.
- Hacker Leaked Unpatched Virtual Box Zero-day Vulnerability and its Exploit Online
- HSBC Bank Data Breach Exposed Customer’s Account Details and More
- HSBC US Customers Hit by Data Breach
- What do you think is the average cost of a data breach?
- HSBC now stands for Hapless Security, Became Compromised: Thousands of customer files snatched by crims
- ICO poised to fine Leave campaign and Arron Banks’ insurance biz £135,000
- HSBC suffers data breach, customer banking info exposed
- We recently detected an Android banking malware campaign (Anubis) actively targeting the Dutch market by #abusing the @PostNL brand. After
- New dropper campaign with at least 8 droppers in #GooglePlay (30k+ installs total), found with the help of @avast_antivirus @apklabio.
- A poor password is a key for the wrong person to get in.
- How voting history data benefits political campaigns
- HSBC Bank Data Breach Exposed Account Numbers, Balances, Transaction History and Other Details
- Personal data of police and ministries employees leaked by Anonymous Italy
- Five Guys suffers employees’ data theft
- Rushed My Health Record changes still missing the point
- What businesses can learn from political campaigns about using big data
THREATS
- Uni cans crypto-mining CPU raid by switching off whole IT network
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Security Flaws Found in Widely Used Data Storage Devices | Avast
- Salesforce Aims to Curb Spam With Blockchain
- Using Blockchain Technology to Solve Global Problems
- Cisco removed its seventh backdoor account this year, and that's a good thing
- JavaScript attack aimed to reroute bitcoin transactions
- 3,2 Million New Android Malicious Apps Detected Until the End of Q3 2018
- A flaw in WooCommerce WordPress Plugin could be exploited to take over e-stores
- Healthcare Targeted by 37 Percent of All Ransomware Attacks in Q3 2018
- Flaw in Icecast streaming media server allows to take off online Radio Stations
- VirtualBox zero-day dumped on GitHub
- Security Researcher Drops VirtualBox Guest-to-Host Escape Zero-Day on GitHub
- WordPress Flaw Opens Millions of WooCommerce Shops to Takeover
- Rapidly Growing Router Botnet Takes Advantage of 5-Year-Old Flaw
- Flaw Leads to RCE in WordPress Plugins, WooCommerce
- Hacker education, inclusivity, and shifting perceptions of bug bounties
- Apache alerts developers of remote code execution flaw
- Evernote Flaw Allows Hackers to Steal Files, Execute Commands
- Security Alert: New Dharma Ransomware Strains Alarmingly Go Undetected By Antivirus Engines
- Top 20 application vulnerabilities in the enterprise are dominated by Adobe and Microsoft
- Equifax nemesis Apache Struts found vulnerable to 2-year old unpatched flaw; workaround available
- Rapid7 Wins Frost & Sullivan 2018 Global Vulnerability Management Market Leadership Award
- Hacker Leaked Unpatched Virtual Box Zero-day Vulnerability and its Exploit Online
- Zero-day flaw in VirtualBox details go public
- Erratic Windows 10 Bug Breaks Changing of Default File Associations
- Researcher discloses VirtualBox Zero-Day without reporting it to Oracle
- Serious XSS flaw discovered in Evernote for Windows, update now!
- Researchers say #Bleedingbit vulnerabilities could allow #RemoteCodeExecution on wireless access points, medical devices and any other products using the affected
- University shuts down network to thwart Bitcoin cryptojacking scheme
- Not sure how to tell if your Android phone has a virus?
Android malware comes in many forms, ranging from spyware
- Attackers breached Statcounter to steal cryptocurrency from gate.io users
- Enterprises Sinking Under 100+ Critical Flaws Per Day
- #SamSam #ransomware targeted 67 organizations in 2018, according to @symantec research. By @MaddieBacon11
- WordPress, WooCommerce flaws combine to allow website hijacking
- How to Remove NOBAD Ransomware
- Elon Musk Bitcoin Scammers Hijack Verified Status Accounts
- Apache Struts vulnerability would allow system take over
- #Kraken #ransomware as a service is getting more popular after being bundled into the Fallout #ExploitKit and getting more update
- Up to 4 million online merchants who use the popular @WooCommerce #WordPress plugin are vulnerable to a file deletion flaw.
- Researcher Drops Oracle VirtualBox Zero-Day
- Stop us if you've heard this one: Remote code hijacking flaw in Apache Struts, patch ASAP
- Hackers seed StatCounter with nasty JavaScript in elaborate Bitcoin theft scheme
- Weekly Threat Briefing: Scammers Ride on Popular Vote411 Voter Info Site to Push Scareware Alerts
- Blockchain: The Good, the Bad and the Legal
- Managing Third-Party Risk in the Age of Ransomware
- Bug bounty: Hack the US Air Force and Get Paid
- Microsoft, Google apps feature in the top 20 vulnerabilities in enterprise environments
- VirtualBox zero-day published by disgruntled researcher
- A fresh #botnet is rapidly growing by targeting a five-year-old #vulnerability.
So far, @360Netlab said hundreds of thousands of bot
- .@Siemens SICLOCK central plant clocks were recently found to be affected by several vulnerabilities, some of which have been rated
- New cryptocurrencies offer better anonymity, new security challenges, from @CSOonline http://0fox.co/sSmx30i8vm4 ZeroFOX CTO weighs in on the #infosec challenges
- Apache Struts users have to update FileUpload library to fix years-old flaws
- On the #blog today, we talk about how fileless malware is changing the way we as organizations treats #cyberthreats.
- Zero-Day #Vulnerability Explained
- November Android Security Update Fixes Critical Bugs, Drops Media Library
- We recently detected an Android banking malware campaign (Anubis) actively targeting the Dutch market by #abusing the @PostNL brand. After
- New dropper campaign with at least 8 droppers in #GooglePlay (30k+ installs total), found with the help of @avast_antivirus @apklabio.
- Coupa Simplifies Fragmented B2B Payments Process
- Researcher publishes new VirtualBox zero-day vulnerability
- Turning Malware Trends into Proactive Behaviors
- DHS on Election Day: No malicious cyber-activity observed
- AMD and TSMC outline 7nm process products to be listed next year
- Vulnerabilities in self encrypted SSD allow attackers to bypass disk encryption
- #Virtualbox hat eine #Zeroday Sicherheitslücke. Tipp: Ändern Sie Ihren virtuellen Netzwerkadapter auf etwas anderes als Intel PRO/1000.
- Bitcoin Cryptojacking Attack Forces University to Disable Entire Network
- Popular WooCommerce WordPress Plugin Patches Critical Vulnerability
- Google's automated fuzz bot has found over 9,000 bugs in the past two years
- VirtualBox Zero-Day Vulnerability Details and Exploit Are Publicly Available
- Researchers rank cryptocurrency exchanges by how secure they are
CRIME
- Feds get guilty plea in 'DerpTrolling' attacks on video game sites
- JavaScript attack aimed to reroute bitcoin transactions
- A Phishing Incident is Being Investigated by the Carthage Police
- They stopped a phishing attack in 10 minutes. It used to take days.
- HSBC Bank Data Breach Exposed Customer’s Account Details and More
- University shuts down network to thwart Bitcoin cryptojacking scheme
- Attackers breached Statcounter to steal cryptocurrency from gate.io users
- HSBC US Customers Hit by Data Breach
- Elon Musk Bitcoin Scammers Hijack Verified Status Accounts
- Hackers seed StatCounter with nasty JavaScript in elaborate Bitcoin theft scheme
- Weekly Threat Briefing: Scammers Ride on Popular Vote411 Voter Info Site to Push Scareware Alerts
- Blockchain: The Good, the Bad and the Legal
- Coupa Simplifies Fragmented B2B Payments Process
- Five Guys suffers employees’ data theft
POLITICS
- Weekly Threat Briefing: Scammers Ride on Popular Vote411 Voter Info Site to Push Scareware Alerts
- DHS on Election Day: No malicious cyber-activity observed
- Personal data of police and ministries employees leaked by Anonymous Italy
- Vulnerabilities in self encrypted SSD allow attackers to bypass disk encryption
DATA BREACH & DATA LOSS
- HSBC Data Breach Hits Online Banking Customers
- My Health Record data misuse penalties raised
- Holiday Suppliers Already Under Assault by Fileless Malware Campaign
- Election Day: Five Security Experts Conclude that Georgia’s Online Voter Database is Easily Hackable
- HSBC Bank Confirms US Data Breach
- UK Regulator Calls for Tougher Rules on Personal Data Use
- HSBC Bank USA Warns Customers of Data Breach
- HSBC Bank Data Breach Exposed Account Numbers, Balances, and More
- Samsung, Crucial’s Flawed Storage Drive Encryption Leaves Data Exposed
- Why business can't keep the public safe from data breaches
- It’s thought that the private message data was obtained via a malicious browser extension that scraped the data from users’
- Alert: Emotet is Back with Major Spam Campaign, Email Exfiltration Module
- Azorult Malware Spread by New Ramnit Campaign
- Pocket iNet ISP Exposed 73GB of Corporate Data Online
- HSBC Bank Notifies Customers of Data Breach
- Business email compromise made easy for cybercriminals as 12.5 million company email inboxes and 33,000 finance department credentials openly accessible
- Wealthy Moscow residents' data leaked in Akado Telecom incident
- New attack by Anonymous Italy: personal data from ministries and police have been released online
DENIAL-OF-SERVICE
Nil
MALVERTISING
Nil
PHISHING
- ThreatList: Despite Fraud Awareness, Password Reuse Persists for Half of U.S. Consumers
- Zombie Phish
- Login VSI announces Release 3 of Login PI for proactive monitoring
- Spam and phishing in Q3 2018
- GPU side channel attacks can enable spying on web activity, password stealing
- Our crucible SoC OTP fusing tool now support graphical mapping of fusemap definition files.
This, other than being very pretty, facilitates
- Social Media Brand Impersonators Go #Phishing: 3 Emerging Tactics from ZeroFOX Research
- Gift Card Phishing Scam Using Email Addresses of Bosses’ is Latest Trend Adopted by Scammers
- Samsung & Crucial Storage Device Vulnerability Allow Attackers to Break the Password & Access the Entire Device Data
- Just half of Fortune 500 companies have installed DMARC, a tool that guards against email phishing scams, according to new
WEB DEFACEMENT
- Anonymous Hackers Syndicate Defaces Huge Number of Websites of Gabon Government
BOTNET
- Zombie Phish
- VB2018 paper: Uncovering the wholesale industry of social media fraud: from botnet to bulk reseller panels
- Shellbot Botnet Targets IoT devices and Linux servers
RANSOMWARE
- Ransomware Keeps Ringing in Profits for Cybercrime Rings
- New ransomware spotted using DiskCryptor
- We're hosting a lunch and learn event geared towards endpoint #security and #ransomware, with technology partner @SentinelOne.
Please join us on
CRYPTOMINING & CRYPTOCURRENCIES
- Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges
- Hackers Breach StatCounter To Hijack Bitcoin Transactions
- StatCounter Hacked to Inject Malicious Script in gate.io Cryptocurrency Exchange
- VMware Unveils New Blockchain Service
- Hackers breach StatCounter to hijack Bitcoin transactions on Gate.io exchange
- Backdoors Installed via macOS Cryptocurrency App
- Supply-chain attack on cryptocurrency exchange
- Supply-chain attack on cryptocurrency exchange
- Why are fake Elon Musk bitcoin scams running rife on Twitter right now?
- How IAM is Evolving in the Blockchain Era
- A Blockchain Solution for Data Provenance Using Hyperledger Fabric
- Watch Out for the “Programmer Who Cracked Your Email” Bitcoin Scam
MALWARE
- US DoD’s first malware submissions to Google-bought VirusTotal is Russia-linked LoJack
- Holiday Suppliers Already Under Assault by Fileless Malware Campaign
- StatCounter Hacked to Inject Malicious Script in gate.io Cryptocurrency Exchange
- It’s thought that the private message data was obtained via a malicious browser extension that scraped the data from users’
- Malware Execution via Microsoft Word Embedded Video
- Azorult Malware Spread by New Ramnit Campaign
- Private messages from 81,000 hacked Facebook accounts were for sale online.
The information was obtained through malicious browser extensions, such as
- Worst malware and threat actors of 2018 so far
- #ThreatFabric discovers #NeoBot Android Banking Trojan (#Exobot spawn) in #GooglePlay with 10,000+ installs
Please contact us if your interested in
EXPLOIT
- Exploit Developer Discovers Zero-Day Microsoft Edge Vulnerability Triggering RCE Attacks
VULNERABILITY
- Apache Struts Vulnerability Would Allow System Takeover
- Hack the Air Force 3.0 Bug Bounty Announced by USAF
- Android November update fixes flaws galore
- Zero-Day Vulnerability Explained
- WordPress Design Flaw + WooCommerce Vulnerability Leads to Site Takeover
- Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain
- Side-Channel Vulnerability PortSmash Steals Keys
- Apache Struts Warns Users of Two-Year-Old Vulnerability
- Apache Struts Warns Users of Two-Year-Old Vulnerability
- Apache Struts 2.3.x vulnerable to two year old RCE flaw
- IBM Watson will be used by NIST to assign CVSS scores to vulnerabilities
- Security firm Armis has discovered two vulnerabilities in Bluetooth Chips from several networking industry leaders.
- Hidden Costs of IoT Vulnerabilities
- Evernote for Windows patch resolves stored XSS vulnerability
- Exploit Developer Discovers Zero-Day Microsoft Edge Vulnerability Triggering RCE Attacks
- How testing perspectives helps find application security flaws
- PortSmash Side-Channel Vulnerability – Another Threat For Intel CPUs
- U.S. Air Force Announces Third Bug Bounty Program
- CVE-2018-11759: Apache mod_jk Access Control Bypass Vulnerability
- High risk vulnerability discovered in Sauter CASE Suite building automation software
- Apache Struts Team Urges Users for Library Update to Plug Years-Old Bugs
- Samsung & Crucial Storage Device Vulnerability Allow Attackers to Break the Password & Access the Entire Device Data
- Flaws in Popular Self-Encrypting SSDs Let Attackers Decrypt Data
- Apple Patches Critical iOS, macOS and watchOS Flaws
- Multiple Cisco Vulnerabilities Threat Alert
- Vulnerability in Icecast can collapse online radio stations
- Two zero-day vulnerabilities expose millions of access points
- Gitlab v11.4.5 release: fix bugs
- Symantec acquires Appthority to enhance protection from mobile application vulnerabilities
