ASIA
- Cylance: Spy campaign targeting Pakistani officials installs malware, then surrenders
- France seeks Global Talks on Cyberspace security and a “code of good conduct”
- Patched-up Adobe ColdFusion vulnerability exploited by hackers
- Chinese Head Fired After Cryptomining at School
- IT threat evolution Q3 2018. Statistics
- IT threat evolution Q3 2018
- Cisco ASA Security Product Denial-of-Service Vulnerability (CVE-2018-15454) Threat Alert
- Elon Musk BITCOIN Twitter scam, a simple and profitable fraud for crooks
WORLD
- Cylance: Spy campaign targeting Pakistani officials installs malware, then surrenders
- U.S. Chip Cards Are Being Compromised in the Millions
- Malware of the 90s: Remembering the Michelangelo and Melissa viruses
- France seeks Global Talks on Cyberspace security and a “code of good conduct”
- Popular Data Storage Devices Compromised Due to Flawed Security
- Used Data Storage Devices Have Security Flaws
- U.S. Chip Cards Are Being Compromised in the Millions:
- U.S. Cyber Command #malware samples will be shared to #VirusTotal by the Cyber National Mission Force and one expert said
- Chinese Head Fired After Cryptomining at School
- IT threat evolution Q3 2018. Statistics
- IT threat evolution Q3 2018
- Norway’s IT industry must tackle security vulnerabilities
- In this week’s ShadowTalk, the team debates the benefits/drawbacks of bug bounty programs, how you should consider operational value when
- Elon Musk BITCOIN Twitter scam, a simple and profitable fraud for crooks
ATTACKS
- Cylance: Spy campaign targeting Pakistani officials installs malware, then surrenders
- StatCounter Compromise
- Emotet Campaign Ramps Up with Mass Email Harvesting Module
- 2018 On Track to Be One of the Worst Ever for Data Breaches
- U.S. Chip Cards Are Being Compromised in the Millions
- Unable to remember his password, man sent letter bomb to Bitcoin exchange
- Third-party data breach exposes info of Alabama hospital job applicants
- Small number of HSBC customer accounts compromised in data breach.
Often hackers will make use of user names and passwords compromised
- Avast Improves Phishing Detection | Avast
- Popular Data Storage Devices Compromised Due to Flawed Security
- Phishing Training is a Tool, Not a Solution
- U.S. Chip Cards Are Being Compromised in the Millions:
- What is behind the growing trend of business email compromise attacks? Learn more from expert Michael Cobb of @thehairyITdog.
- The History of Data Breaches
- Cisco Inadvertently Leaked In-House Dirty COW Exploit Code In Its Software
- Emotet Campaign Ramps Up with Mass Email Harvesting Module
- Reported breaches in the first 9 months of 2018 exposed 3.6 billion records
- ADHA privacy boss reportedly quits as My Health Record faces first big test
THREATS
- Cylance: Spy campaign targeting Pakistani officials installs malware, then surrenders
- Hackers Abuse Critical Bug in Microsoft Office Online Video Feature To Deliver Malware
- Hacking the hackers – IOT botnet author adds his own backdoor on top of a ZTE router backdoor
- How CIOs can manage blockchain security: 4 tips
- Malware-Laced App Lurked on Google Play For a Year
- DJI Drone Web App Security Flaw Could Let Attackers Take Over Drones
- CVE-2018-6981, CVE-2018-6982: uninitialized stack memory usage vulnerabilities on VMware ESXi, Workstation, and Fusion
- Unable to remember his password, man sent letter bomb to Bitcoin exchange
- Flaw in WordPress plugin allowed unauthorized admin access, backdoors
- Steam Bug Allowed Unlimited Free Downloads
- Malware of the 90s: Remembering the Michelangelo and Melissa viruses
- Steam bug exposes license keys for every game available on platform
- A new malware that targets #cryptocurrency investors through #MacOS and chat platforms was recently discovered. Learn how this #malware works
- Hide and Script: Inserted Malicious URLs within Office Documents’ Embedded Videos
- Google’s data charts path to avoiding malware on Android
- Botnet pwns 100,000 routers using ancient security flaw
- Used Data Storage Devices Have Security Flaws
- Patched-up Adobe ColdFusion vulnerability exploited by hackers
- U.S. Cyber Command #malware samples will be shared to #VirusTotal by the Cyber National Mission Force and one expert said
- Cryptomining malware using Windows Installer to remain hidden
- #SamSam #ransomware targeted 67 organizations in 2018, according to @symantec research. By @MaddieBacon11
- Chinese Head Fired After Cryptomining at School
- A critical flaw in GDPR compliance plugin for WordPress exploited in the wild
- An #Android app booby-trapped with #malware was recently taken down from Google Play — after being available for download for
- New Acunetix Build Adds Detection for CSP, SRI, Node.js, and Ghostscript RCE Vulnerabilities
- Cisco ASA Security Product Denial-of-Service Vulnerability (CVE-2018-15454) Threat Alert
- Norway’s IT industry must tackle security vulnerabilities
- In this week’s ShadowTalk, the team debates the benefits/drawbacks of bug bounty programs, how you should consider operational value when
- How does new MacOS malware target users through chat?
- Elon Musk BITCOIN Twitter scam, a simple and profitable fraud for crooks
- How does your enterprise ensure a secure #ApplicationSecurityTesting process?
- Happy #Monday, #CyberSecurity folks! Catch up on the #blog, and discover how fileless #malware is changing how organizations treat
- Hackers Exploit Flaw in GDPR Compliance Plugin for WordPress
- Ransomware Assault Strikes Toronto Company, which Sells Data Belonging to Ontario Residents
- Unearthing Ransomware Characteristics Using Classification Taxonomy
- Overt Command and Control is now live! Check out @william_knows & @nmonkee's talk at this year's #BlueHatv18 exploring the reality
- Multiple Vulnerabilities Discovered In Roche Handheld Medical Devices
- DOD file sharing tool disabled due to vulnerability
CRIME
- Cylance: Spy campaign targeting Pakistani officials installs malware, then surrenders
- StatCounter Compromise
- Flaw in WordPress plugin allowed unauthorized admin access, backdoors
- Third-party data breach exposes info of Alabama hospital job applicants
- What is behind the growing trend of business email compromise attacks? Learn more from expert Michael Cobb of @thehairyITdog.
- Chinese Head Fired After Cryptomining at School
- A critical flaw in GDPR compliance plugin for WordPress exploited in the wild
- IT threat evolution Q3 2018. Statistics
- IT threat evolution Q3 2018
- Elon Musk BITCOIN Twitter scam, a simple and profitable fraud for crooks
POLITICS
- Cylance: Spy campaign targeting Pakistani officials installs malware, then surrenders
- France seeks Global Talks on Cyberspace security and a “code of good conduct”
- IT threat evolution Q3 2018
- Ransomware Assault Strikes Toronto Company, which Sells Data Belonging to Ontario Residents
TRANSNATIONAL / UNKNOWN
- 'DerpTrolling’ faces jail time for Sony DoS attacks
- Security Affairs newsletter Round 188 – News of the week
CHINA
Nil
INDIA
Nil
NORTH KOREA
Nil
PAKISTAN
Nil
VIETNAM
Nil
IRAN
Nil
IRAQ
Nil
LEBANON
Nil
PALESTINE
Nil
SAUDI ARABIA
Nil
SYRIA
Nil
TURKEY
Nil
UNITED ARAB EMIRATES
Nil
YEMEN
Nil
RUSSIA
Nil
SERBIA
Nil
UKRAINE
Nil
DATA BREACH & DATA LOSS
- Florida Department of Health Breached, Patients' Private Information Exposed
DENIAL-OF-SERVICE
Nil
MALVERTISING
Nil
PHISHING
- How to choose the best password manager | Avast
- An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in
WEB DEFACEMENT
Nil
BOTNET
- UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
RANSOMWARE
Nil
CRYPTOMINING & CRYPTOCURRENCIES
- Demystifying: Cryptocurrency Mining Threats
- School Headmaster Fired For Stealing School Electricity To Mine Ethereum
- Linux Cryptocurrency miner leverages rootkit to avoid detection
MALWARE
- Exclusive: Fileless malware driving uptake of behavioural analytics
- An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in
- Linux Cryptocurrency miner leverages rootkit to avoid detection
EXPLOIT
Nil
VULNERABILITY
- Cisco Patches Multiple Critical Security Flaws Affecting Different Products
- Annoyed Researcher Disclosed Zero-Day Vulnerability In VirtualBox Without Informing Oracle
- DJI Drone Vulnerability Due to DJI Forum’s Weakness, Patched by its Vendor
- Nvidia GPU Side Channel Vulnerability Disclosed
- CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- How does site isolation defend against #Spectre vulnerabilities? Expert Michael Cobb of @thehairyITdog explains
- All new ShadowTalk episode is out! Ep. 50: CISCO ASA 0-day and VirtualBox Vulnerability
Hear from Rafael Amado, @mazzazone, & @drshellface:
- WooCommerce vulnerability affected a large number of websites
- Debian 9.6 release, fix more bugs and security vulnerabilities
ASIA
- UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting
- CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- School Headmaster Fired For Stealing School Electricity To Mine Ethereum
- Security Affairs newsletter Round 188 – News of the week
OCEANIA
- UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting
NORTH AMERICA
- 'DerpTrolling’ faces jail time for Sony DoS attacks
- UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting
- DJI Drone Vulnerability Due to DJI Forum’s Weakness, Patched by its Vendor
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- School Headmaster Fired For Stealing School Electricity To Mine Ethereum
- Security Affairs newsletter Round 188 – News of the week
- All new ShadowTalk episode is out! Ep. 50: CISCO ASA 0-day and VirtualBox Vulnerability
Hear from Rafael Amado, @mazzazone, & @drshellface:
SOUTH AMERICA
Nil
EUROPE
- Security Affairs newsletter Round 188 – News of the week
AFRICA
Nil
ASIA
- UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting
- CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- School Headmaster Fired For Stealing School Electricity To Mine Ethereum
- Security Affairs newsletter Round 188 – News of the week
WORLD
- 'DerpTrolling’ faces jail time for Sony DoS attacks
- UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting
- DJI Drone Vulnerability Due to DJI Forum’s Weakness, Patched by its Vendor
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- School Headmaster Fired For Stealing School Electricity To Mine Ethereum
- Security Affairs newsletter Round 188 – News of the week
- All new ShadowTalk episode is out! Ep. 50: CISCO ASA 0-day and VirtualBox Vulnerability
Hear from Rafael Amado, @mazzazone, & @drshellface:
ATTACKS
- Florida Department of Health Breached, Patients' Private Information Exposed
- How to choose the best password manager | Avast
- An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in
THREATS
- Exclusive: Fileless malware driving uptake of behavioural analytics
- Cisco Patches Multiple Critical Security Flaws Affecting Different Products
- Annoyed Researcher Disclosed Zero-Day Vulnerability In VirtualBox Without Informing Oracle
- DJI Drone Vulnerability Due to DJI Forum’s Weakness, Patched by its Vendor
- Nvidia GPU Side Channel Vulnerability Disclosed
- Demystifying: Cryptocurrency Mining Threats
- CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- School Headmaster Fired For Stealing School Electricity To Mine Ethereum
- An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in
- Linux Cryptocurrency miner leverages rootkit to avoid detection
- How does site isolation defend against #Spectre vulnerabilities? Expert Michael Cobb of @thehairyITdog explains
- All new ShadowTalk episode is out! Ep. 50: CISCO ASA 0-day and VirtualBox Vulnerability
Hear from Rafael Amado, @mazzazone, & @drshellface:
- WooCommerce vulnerability affected a large number of websites
- Debian 9.6 release, fix more bugs and security vulnerabilities
CRIME
- 'DerpTrolling’ faces jail time for Sony DoS attacks
- An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in
- Security Affairs newsletter Round 188 – News of the week
POLITICS
- CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild
- An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in
DATA BREACH & DATA LOSS
- FIFA Preps for Next Wave of Bad Press after New Data Breach
- According to the @FBI's Internet #CrimeReport, business email compromise attacks cost more than $676 million in 2017. Learn more from
- What is the average time it takes for an organization to identify a data breach?
- Botnet infects over 400krouters for spam campaign
- Pakistani banks suffer data breach
DENIAL-OF-SERVICE
Nil
MALVERTISING
Nil
PHISHING
- "Keep in mind that it's not just users who can find and exploit #SQLinjection, but business logic flaws, password policy
WEB DEFACEMENT
Nil
BOTNET
- Botnet infects over 400krouters for spam campaign
- New #spam #botnet infected over 100,000 home routers through a UPnP vulnerability, according to researchers at @360Netlab. By @MaddieBacon11
RANSOMWARE
- GandCrab Ransomware Virus Threat Alert
CRYPTOMINING & CRYPTOCURRENCIES
- Cryptocurrency Mining Malware Targets Linux Machines Uses Rootkit to Hide From Monitoring Tools
MALWARE
- GandCrab Ransomware Virus Threat Alert
- Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks
- The Cyber National Mission Force will share unclassified U.S. Cyber Command #malware samples to #VirusTotal and one expert hopes there
- In @usnistgo's draft on 'Vetting the #Security of #MobileApplications,' several key general requirements are discussed. However, the process could be
- Cryptocurrency Mining Malware Targets Linux Machines Uses Rootkit to Hide From Monitoring Tools
- Researchers reveal the malware used by North Korean hackers to attack ATMs
EXPLOIT
- "Keep in mind that it's not just users who can find and exploit #SQLinjection, but business logic flaws, password policy
VULNERABILITY
- Apache mod_jk Access Control Bypass Vulnerability (CVE-2018-11759) Threat Alert
- Nginx server security flaws expose more than a million of servers to DoS attacks
- "Keep in mind that it's not just users who can find and exploit #SQLinjection, but business logic flaws, password policy
- VMware Releases Security Updates To Fix Critical Vulnerability Discovered in GeekPwn2018 Event
- Vulnerabilities in DJI drone manufacturer
- New #spam #botnet infected over 100,000 home routers through a UPnP vulnerability, according to researchers at @360Netlab. By @MaddieBacon11
ASIA
- GandCrab Ransomware Virus Threat Alert
- Apache mod_jk Access Control Bypass Vulnerability (CVE-2018-11759) Threat Alert
- Lazarus Group Attacks ATMs, Tens of Millions Stolen in Recent Heist
- Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks
- A Careful Look on FastCash, the New Cash Cow of Lazarus Hacking Group
- VMware Releases Security Updates To Fix Critical Vulnerability Discovered in GeekPwn2018 Event
- Researchers reveal the malware used by North Korean hackers to attack ATMs
- Botnet infects over 400krouters for spam campaign
- Pakistani banks suffer data breach
- Vulnerabilities in DJI drone manufacturer
WORLD
- FIFA Preps for Next Wave of Bad Press after New Data Breach
- Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks
- The Cyber National Mission Force will share unclassified U.S. Cyber Command #malware samples to #VirusTotal and one expert hopes there
- A Careful Look on FastCash, the New Cash Cow of Lazarus Hacking Group
- Researchers reveal the malware used by North Korean hackers to attack ATMs
- Botnet infects over 400krouters for spam campaign
- FIFA is hacked… Once again
ATTACKS
- FIFA Preps for Next Wave of Bad Press after New Data Breach
- According to the @FBI's Internet #CrimeReport, business email compromise attacks cost more than $676 million in 2017. Learn more from
- What is the average time it takes for an organization to identify a data breach?
- "Keep in mind that it's not just users who can find and exploit #SQLinjection, but business logic flaws, password policy
- Botnet infects over 400krouters for spam campaign
- Pakistani banks suffer data breach
THREATS
- GandCrab Ransomware Virus Threat Alert
- Apache mod_jk Access Control Bypass Vulnerability (CVE-2018-11759) Threat Alert
- Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks
- The Cyber National Mission Force will share unclassified U.S. Cyber Command #malware samples to #VirusTotal and one expert hopes there
- In @usnistgo's draft on 'Vetting the #Security of #MobileApplications,' several key general requirements are discussed. However, the process could be
- Nginx server security flaws expose more than a million of servers to DoS attacks
- "Keep in mind that it's not just users who can find and exploit #SQLinjection, but business logic flaws, password policy
- VMware Releases Security Updates To Fix Critical Vulnerability Discovered in GeekPwn2018 Event
- Cryptocurrency Mining Malware Targets Linux Machines Uses Rootkit to Hide From Monitoring Tools
- Researchers reveal the malware used by North Korean hackers to attack ATMs
- Vulnerabilities in DJI drone manufacturer
- New #spam #botnet infected over 100,000 home routers through a UPnP vulnerability, according to researchers at @360Netlab. By @MaddieBacon11
CRIME
- FIFA Preps for Next Wave of Bad Press after New Data Breach
- Lazarus Group Attacks ATMs, Tens of Millions Stolen in Recent Heist
- Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks
- According to the @FBI's Internet #CrimeReport, business email compromise attacks cost more than $676 million in 2017. Learn more from
- A Careful Look on FastCash, the New Cash Cow of Lazarus Hacking Group
- Researchers reveal the malware used by North Korean hackers to attack ATMs
- Pakistani banks suffer data breach
POLITICS
- Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks
- Researchers reveal the malware used by North Korean hackers to attack ATMs
- Vulnerabilities in DJI drone manufacturer
- FIFA is hacked… Once again
DATA BREACH & DATA LOSS
- Email Stealing Emotet Banking Trojan Resurrected in New Extensive Spam Campaign
- Oops: Cisco accidentally leaked in-house Dirty COW exploit code with biz conf call software
- Bug Bounty Hunter Ran ISP Doxing Service
- DJI drone hack could have exposed sensitive data
- Emotet launches major new spam campaign
- .@ablaich: “Breaches that include personally identifiable information are always dangerous because they can lead to identity theft... they can also
- Canada Post leaks sensitive information of thousands of cannabis buyers
- D93 staff accounts compromised through a phishing scam
- Drone vulnerability could compromise enterprise data
- "If the schemas prove not to be compatible, a backup of the previous version of a database must be used
- Exposed data of nearly 700k American Express India customers
- Nearly 700,000 Plaintext Records of American Express India Customers Personal Info Exposed Online
DENIAL-OF-SERVICE
- 'DerpTroll' derps into plea deal, admits DDoS attacks on EA, Steam, Sony game servers
- DerpTrolling game server DDoS attacker pleads guilty
- Sony DDoS-er 'DerpTrolling' Pleads Guilty
- Notorious "DerpTrolling" Pleads Guilty to DDoS Attacks on EA & Sony
MALVERTISING
Nil
PHISHING
- Trickbot Malware Added Password And Browser History Stealing
- Man Sent Letter Bomb To Bitcoin Firm Over Password Reset
- This banking malware just added password and browser history stealing to its playbook
- This banking #malware just added #password and browser history stealing to its playbook https://zd.net/2Pl6v31 via @ZDNet & @dannyjpalmer
- Phishing Attempts Soar to 137 Million in Q3
- Phishing now possible by exploiting online video function vulnerability in Word
- D93 staff accounts compromised through a phishing scam
- 5 Ways #Cybercriminals Can Access Your Emails Without #Phishing | Check out the full infographic here:
- Criminals are targeting cardless ATMs with the help of SMS text-based phishing (aka smishing) to drain bank accounts using stolen
WEB DEFACEMENT
Nil
BOTNET
- Spammer scum hack 100,000 home routers via UPnP vulns to craft email-flinging botnet
- This Week in Security News: Fake Apps & Malicious Bots
- New spam botnet infects over 100,000 home routers
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- IoT botnet BCMUPnP_Hunter targets routers with vulnerable UPnP feature
- BCMPUPnP_Hunter Botnet infected 400k routers to turn them in email spammers
RANSOMWARE
- Ransomware Still the Top Malware Threat During 2018 According to Europol
- The Week in Ransomware - November 9th 2018 - Mostly Dharma Variants
- Kraken Ransomware
- Are you prepared for #ransomware? Download this how-to guide to learn how to prepare for and detect an attack before
CRYPTOMINING & CRYPTOCURRENCIES
- StatCounter fingers cache-poisoning caper for Bitcoin-slurping JavaScript hijack
- Cryptomining Malware Uses Rootkit to Hide on Infected Linux Systems
- Stealthy Crypto-Mining Malware Evades Detection
- Man Sent Letter Bomb To Bitcoin Firm Over Password Reset
- Linux cryptocurrency miners are installing rootkits to hide themselves
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Kraken Ransomware
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- No, You Don't Need a Blockchain
- Canadian Uni Shutters Network After Cryptomining Attack
- Hackers hide malware in the Windows installation files to mine cryptocurrency
- Visiting Bitcoin City.
- Seagate and IBM Work Together to Help Reduce Global Hard Drive Counterfeiting with Blockchain Technology
MALWARE
- Hackers Target Bitcoins and USCYBERCOM Shares Malware | Avast
- Koadic: Security Defense in the Age of LoL Malware, Part IV
- Email Stealing Emotet Banking Trojan Resurrected in New Extensive Spam Campaign
- Ransomware Still the Top Malware Threat During 2018 According to Europol
- The Pentagon is Publishing Foreign Nation-State Malware
- Cryptomining Malware Uses Rootkit to Hide on Infected Linux Systems
- Stealthy Crypto-Mining Malware Evades Detection
- Advanced tools: Process Hacker
- Trickbot Malware Added Password And Browser History Stealing
- This Week in Security News: Fake Apps & Malicious Bots
- "Inception Attackers" Combine Old Exploit and New Backdoor
- Playbook Fridays: Domain Spinning Workbench Spaces App
- This banking malware just added password and browser history stealing to its playbook
- South Korean Hackers Arrested for Infecting Cryto Mining Malware
- #Cyberespionage hackers have used stolen #DigitalCertificates to steal data. Expert Michael Cobb of @thehairyITdog explains how hackers sign Plead
- This banking #malware just added #password and browser history stealing to its playbook https://zd.net/2Pl6v31 via @ZDNet & @dannyjpalmer
- The Morris Worm Turns 30
- Idaho Falls School District Struck by a Computer Virus Attack
- OSX/SurfBuyer: Real malware is in the eye of the device holder
- How is Plead malware used for cyberespionage attacks?
- VirusTotal and USCyberCom Join Forces To Identify Malware
- Hackers hide malware in the Windows installation files to mine cryptocurrency
- U.S. Cyber Command #malware samples will be shared to #VirusTotal by the Cyber National Mission Force and one expert said
EXPLOIT
- Oops: Cisco accidentally leaked in-house Dirty COW exploit code with biz conf call software
- "Inception Attackers" Combine Old Exploit and New Backdoor
VULNERABILITY
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Recently-Patched Adobe ColdFusion Flaw Exploited By APT
- Zero-day in popular WordPress plugin exploited in the wild to take over sites
- Bug Bounty Hunter Ran ISP Doxing Service
- VMware releases security patches for a critical virtual machine escape flaw
- Infosec Problems For 2019 and Beyond: Patching, Bug Bounties and Hype
- VMware Patches VM Escape Flaw Disclosed at Chinese Hacking Contest
- Inception Attackers Target Europe with Year-old Office Vulnerability
- Flaws in Roche Medical Devices Can Put Patients at Risk
- Inception hackers target European organisations with old Office flaw
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- Serious XSS Vulnerability Patched in Evernote
- Update now! WordPress sites vulnerable to WooCommerce plugin flaw
- Phishing now possible by exploiting online video function vulnerability in Word
- Vulnerabilities in Our Infrastructure: 5 Ways to Mitigate the Risk
- Cisco fixes two critical bugs, recommends workaround for a third
- Drone vulnerability could compromise enterprise data
- US Air Force invites white hats to find hackable flaws, again
- Prioritizing Flaws Based on Severity Increasingly Ineffective: Study
- DJI Drone Can be Hacked using New Vulnerability To Steal Drone’s Flight logs, Photos & Videos
- Adobe ColdFusion Vulnerability Exploited in the Wild
- Combination of bugs in WordPress and WooCommerce allows website hijacking
- Hack the Air Force 3.0 – New vulnerability bounty program
ASIA
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- VMware releases security patches for a critical virtual machine escape flaw
- VMware Patches VM Escape Flaw Disclosed at Chinese Hacking Contest
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Playbook Fridays: Domain Spinning Workbench Spaces App
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- South Korean Hackers Arrested for Infecting Cryto Mining Malware
- Phishing Attempts Soar to 137 Million in Q3
- Phishing now possible by exploiting online video function vulnerability in Word
- Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder
- BCMPUPnP_Hunter Botnet infected 400k routers to turn them in email spammers
- Exposed data of nearly 700k American Express India customers
- Hack the Air Force 3.0 – New vulnerability bounty program
- Nearly 700,000 Plaintext Records of American Express India Customers Personal Info Exposed Online
OCEANIA
Nil
NORTH AMERICA
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Koadic: Security Defense in the Age of LoL Malware, Part IV
- 'DerpTroll' derps into plea deal, admits DDoS attacks on EA, Steam, Sony game servers
- Bug Bounty Hunter Ran ISP Doxing Service
- VMware releases security patches for a critical virtual machine escape flaw
- The Pentagon is Publishing Foreign Nation-State Malware
- Advanced tools: Process Hacker
- This Week in Security News: Fake Apps & Malicious Bots
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Playbook Fridays: Domain Spinning Workbench Spaces App
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- Canada Post leaks sensitive information of thousands of cannabis buyers
- Phishing Attempts Soar to 137 Million in Q3
- Sony DDoS-er 'DerpTrolling' Pleads Guilty
- D93 staff accounts compromised through a phishing scam
- Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder
- Canadian Uni Shutters Network After Cryptomining Attack
- US Air Force invites white hats to find hackable flaws, again
- BCMPUPnP_Hunter Botnet infected 400k routers to turn them in email spammers
- VirusTotal and USCyberCom Join Forces To Identify Malware
- Exposed data of nearly 700k American Express India customers
- Hack the Air Force 3.0 – New vulnerability bounty program
- Nearly 700,000 Plaintext Records of American Express India Customers Personal Info Exposed Online
- U.S. Cyber Command #malware samples will be shared to #VirusTotal by the Cyber National Mission Force and one expert said
SOUTH AMERICA
Nil
EUROPE
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Stealthy Crypto-Mining Malware Evades Detection
- Infosec Problems For 2019 and Beyond: Patching, Bug Bounties and Hype
- Inception Attackers Target Europe with Year-old Office Vulnerability
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Playbook Fridays: Domain Spinning Workbench Spaces App
- Flaws in Roche Medical Devices Can Put Patients at Risk
- Phishing Attempts Soar to 137 Million in Q3
- Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy
- Hack the Air Force 3.0 – New vulnerability bounty program
- Hackers hide malware in the Windows installation files to mine cryptocurrency
AFRICA
Nil
