DATA BREACH
- Sales intel firm Apollo data breach exposed more than 200 million contact records
- Fortnite gamers targeted by data theft malware
- Apollo hackers steal info from database of 200M contact
- Security researchers @proofpoint recently uncovered new #DanaBot campaigns.
- GhostDNS hijacking campaign steps up attacks on Brazilians; 100K+ devices compromised
- Smart TV kit featuring Google Home Mini and third-gen Chromecast leaks
- UK pins 'reckless campaign of cyber attacks' on Russian military intelligence
- Experts warns of a new extortion campaign based on the Breach Compilation archive
- Cryptomining malware steals Fortnite gamers' Bitcoins and personal data
- Intel, AMD both claim server speed records
- Samsung predicts a return to record profits in Q3
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
DENIAL-OF-SERVICE
- Hacked #Fortnite accounts and rent-a-botnet being pushed on Instagram
MALVERTISING
Nothing to report
PHISHING
- Facebook Found “No Evidence” Of Facebook Login Exploited To Access Linked Apps
- Remove Ursnif Trojan (Purolator Phishing) Scam
- California Is Making It Illegal for Devices to Have Shitty Default Passwords
- Report: The bigger the company, the messier the password practices
- The most commonly used passwords in the world are...
1. 123456
2. password
3. 123456789
4. 12345678
5. 12345
6. qwerty
- Can the @Microsoft Authenticator really replace passwords in the enterprise? Microsoft says the answer is yes and proclaimed the password
- Weak Passwords Banned In California From 2020
- New IoT legislation bans shared default passwords
- US users open 30% of phishing emails with 12% of those clicking on infected links or attachments. Prepare for 2019's
- Credential-Phishing Attempts Highest on Tuesdays
- Credential-Phishing Attempts Highest on Tuesdays
- If you're thinking passwords, check out #CyberSauna episode #13:
A Hacker's Take on Cracking & Protecting Your Creds
- FYI: "password" is the 2nd most popular password in the world.
Can you guess the first?
- Facebook Logins Available on the Dark Web for $2.60
- Passware Kit: Forensic software recovers passwords for Bitcoin wallets
WEB DEFACEMENT
Nothing to report
MALWARE
- Ransomware Recovery at the Taxpayers’ Expense
- Virus Bulletin 2018: Saudi Dissident Spyware Attack Belies Bigger Threat
- Fortnite gamers targeted by data theft malware
- Remove Ursnif Trojan (Purolator Phishing) Scam
- Trojans go after MS Office vulnerabilities and China hacks US hardware
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- Virus Bulletin 2018: Exposing the Social Media Fraud Ecosystem
- AirNaine Uses New ARS RAT Strain Named ZeroEvil Against Canadian Businesses
- Danabot Banking Malware Targets U.S. Organizations
- The Virus Bulletin conference returns home: VB2019 to take place in London
- Fileless malware: part deux
- Cisco Discovered Multiple Vulnerabilities In Atlantis Word Processor
- Hackers fly under the radar for two years after infecting chiropractic clinic with malware
- DanaBot Banking Trojan’s Journey to North America
- Virus Bulletin 2018: Supply chain hacking grows up
- The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying
- Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
- Cryptomining malware steals Fortnite gamers' Bitcoins and personal data
- How does FacexWorm malware use Facebook Messenger to spread?
- Malicious remote admin tool seemingly linked to KONNI malware, North Korea
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
- .@FireEye researches discovered that the group behind #Sanny #malware attacks has made delivery method changes that put users at risk.
- Fake News Domains Spoof UK News Sites
- Roaming Mantis Hacking Group Inject Web Crypto Mining for iOS Devices via Malicious Content Delivery System
- Top 5 Viruses of All Time by Security Expert Mikko Hyppönen
- CMake 3.12.3 releases: managing the build process of software
EXPLOIT
- Facebook Found “No Evidence” Of Facebook Login Exploited To Access Linked Apps
- Advanced Persistent Threat Activity Exploiting Managed Service Providers
VULNERABILITY
- Adobe October Patch Update Fixed 86 Different Security Vulnerabilities
- Sony Smart TV Bug Allows Remote Access, Root Privileges
- Unit 42 Vulnerability Research October 2018 Disclosures – Adobe
- Unit 42 Vulnerability Research October 2018 Disclosures – Adobe
- D-Link Patches RCE Bugs in Wireless Access Point Gear
- VMware Releases Patches for Critical A/W Console Auth Bypass Vulnerability
- 150 Bugs Found in the Hack the Marine Corps Challenge
- Trojans go after MS Office vulnerabilities and China hacks US hardware
- 150 Bugs Found in the Hack the Marine Corps Challenge
- Most Home Routers Are Full of Vulnerabilities
- Vulnerability Scanning vs. Penetration Testing: What's the Difference?
- Adobe update cleans up 86 bugs in Acrobat and Reader, many critical
- Missing Files, Bugs Reported After Windows 10 October 2018 Update
- Cisco Discovered Multiple Vulnerabilities In Atlantis Word Processor
- Mozilla Resolves Critical Code Execution Flaw In Thunderbird
- Cisco patches critical flaws in DNA Center and Prime Infrastructure
- Marine Corps bug bounty program finds 150 vulnerabilities
- Mozilla resolves critical code execution flaw in Thunderbird email client
- Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
- D-Link Patches Code Execution, XSS Flaws in Management Tool
- Cisco updates address 36 vulnerabilities, three critical
- Vulnerability Scanning vs. Penetration Testing: What's the Difference?
- #PulseNet: How does an improper #authentication flaw affect it?
- Cisco Released Security Updates & Fixed 37 Vulnerabilities that Affected Cisco Products
- Mozilla Patches Critical Vulnerability in Thunderbird 60.2.1
ASIA
- Virus Bulletin 2018: Saudi Dissident Spyware Attack Belies Bigger Threat
- Trojans go after MS Office vulnerabilities and China hacks US hardware
- The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying
- DHS issued an alert on attacks aimed at Managed Service Providers
- VP Mike Pence slams Google over Chinese search engine project
- North Korean hacking operation behind SWIFT attacks
WORLD
- Virus Bulletin 2018: Saudi Dissident Spyware Attack Belies Bigger Threat
- Trojans go after MS Office vulnerabilities and China hacks US hardware
- Russian State-Sponsored Operations Begin to Overlap: Kaspersky
- California Is Making It Illegal for Devices to Have Shitty Default Passwords
- AirNaine Uses New ARS RAT Strain Named ZeroEvil Against Canadian Businesses
- Danabot Banking Malware Targets U.S. Organizations
- The Virus Bulletin conference returns home: VB2019 to take place in London
- Uncle Sam Charges Seven Russians With Fancy Bear Hack Sprees
- DanaBot Banking Trojan’s Journey to North America
- The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying
- The fur is not gonna fly: Uncle Sam charges seven Russians with Fancy Bear hack sprees
- UK pins 'reckless campaign of cyber attacks' on Russian military intelligence
- Experts warns of a new extortion campaign based on the Breach Compilation archive
- US users open 30% of phishing emails with 12% of those clicking on infected links or attachments. Prepare for 2019's
- Facebook Logins Available on the Dark Web for $2.60
- DHS issued an alert on attacks aimed at Managed Service Providers
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
- Fake News Domains Spoof UK News Sites
- Russia's elite hacking unit has been silent, but busy
- Fin7 Hackers Breached US Chain Burgerville
- Fin7 Hackers Breached US Chain Burgerville
ATTACKS
- Sales intel firm Apollo data breach exposed more than 200 million contact records
- Facebook Found “No Evidence” Of Facebook Login Exploited To Access Linked Apps
- Fortnite gamers targeted by data theft malware
- Remove Ursnif Trojan (Purolator Phishing) Scam
- California Is Making It Illegal for Devices to Have Shitty Default Passwords
- Report: The bigger the company, the messier the password practices
- The most commonly used passwords in the world are...
1. 123456
2. password
3. 123456789
4. 12345678
5. 12345
6. qwerty
- Apollo hackers steal info from database of 200M contact
- Can the @Microsoft Authenticator really replace passwords in the enterprise? Microsoft says the answer is yes and proclaimed the password
- Security researchers @proofpoint recently uncovered new #DanaBot campaigns.
- Weak Passwords Banned In California From 2020
- New IoT legislation bans shared default passwords
- GhostDNS hijacking campaign steps up attacks on Brazilians; 100K+ devices compromised
- Smart TV kit featuring Google Home Mini and third-gen Chromecast leaks
- Hacked #Fortnite accounts and rent-a-botnet being pushed on Instagram
- UK pins 'reckless campaign of cyber attacks' on Russian military intelligence
- Experts warns of a new extortion campaign based on the Breach Compilation archive
- US users open 30% of phishing emails with 12% of those clicking on infected links or attachments. Prepare for 2019's
- Credential-Phishing Attempts Highest on Tuesdays
- Cryptomining malware steals Fortnite gamers' Bitcoins and personal data
- Credential-Phishing Attempts Highest on Tuesdays
- If you're thinking passwords, check out #CyberSauna episode #13:
A Hacker's Take on Cracking & Protecting Your Creds
- Intel, AMD both claim server speed records
- FYI: "password" is the 2nd most popular password in the world.
Can you guess the first?
- Facebook Logins Available on the Dark Web for $2.60
- Samsung predicts a return to record profits in Q3
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
- Passware Kit: Forensic software recovers passwords for Bitcoin wallets
THREATS
- Adobe October Patch Update Fixed 86 Different Security Vulnerabilities
- Ransomware Recovery at the Taxpayers’ Expense
- Sony Smart TV Bug Allows Remote Access, Root Privileges
- Virus Bulletin 2018: Saudi Dissident Spyware Attack Belies Bigger Threat
- Unit 42 Vulnerability Research October 2018 Disclosures – Adobe
- Unit 42 Vulnerability Research October 2018 Disclosures – Adobe
- Facebook Found “No Evidence” Of Facebook Login Exploited To Access Linked Apps
- Fortnite gamers targeted by data theft malware
- D-Link Patches RCE Bugs in Wireless Access Point Gear
- VMware Releases Patches for Critical A/W Console Auth Bypass Vulnerability
- Remove Ursnif Trojan (Purolator Phishing) Scam
- 150 Bugs Found in the Hack the Marine Corps Challenge
- Trojans go after MS Office vulnerabilities and China hacks US hardware
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- 150 Bugs Found in the Hack the Marine Corps Challenge
- Most Home Routers Are Full of Vulnerabilities
- Virus Bulletin 2018: Exposing the Social Media Fraud Ecosystem
- AirNaine Uses New ARS RAT Strain Named ZeroEvil Against Canadian Businesses
- Danabot Banking Malware Targets U.S. Organizations
- The Virus Bulletin conference returns home: VB2019 to take place in London
- Vulnerability Scanning vs. Penetration Testing: What's the Difference?
- Fileless malware: part deux
- Adobe update cleans up 86 bugs in Acrobat and Reader, many critical
- Missing Files, Bugs Reported After Windows 10 October 2018 Update
- Cisco Discovered Multiple Vulnerabilities In Atlantis Word Processor
- Advanced Persistent Threat Activity Exploiting Managed Service Providers
- Mozilla Resolves Critical Code Execution Flaw In Thunderbird
- Hackers fly under the radar for two years after infecting chiropractic clinic with malware
- DanaBot Banking Trojan’s Journey to North America
- Cisco patches critical flaws in DNA Center and Prime Infrastructure
- Virus Bulletin 2018: Supply chain hacking grows up
- Marine Corps bug bounty program finds 150 vulnerabilities
- The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying
- Mozilla resolves critical code execution flaw in Thunderbird email client
- Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
- D-Link Patches Code Execution, XSS Flaws in Management Tool
- Cisco updates address 36 vulnerabilities, three critical
- Cryptomining malware steals Fortnite gamers' Bitcoins and personal data
- Vulnerability Scanning vs. Penetration Testing: What's the Difference?
- How does FacexWorm malware use Facebook Messenger to spread?
- Malicious remote admin tool seemingly linked to KONNI malware, North Korea
- #PulseNet: How does an improper #authentication flaw affect it?
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
- .@FireEye researches discovered that the group behind #Sanny #malware attacks has made delivery method changes that put users at risk.
- Cisco Released Security Updates & Fixed 37 Vulnerabilities that Affected Cisco Products
- Fake News Domains Spoof UK News Sites
- Roaming Mantis Hacking Group Inject Web Crypto Mining for iOS Devices via Malicious Content Delivery System
- Top 5 Viruses of All Time by Security Expert Mikko Hyppönen
- CMake 3.12.3 releases: managing the build process of software
- Mozilla Patches Critical Vulnerability in Thunderbird 60.2.1
CRIME
- Fortnite gamers targeted by data theft malware
- Remove Ursnif Trojan (Purolator Phishing) Scam
- California Is Making It Illegal for Devices to Have Shitty Default Passwords
- AirNaine Uses New ARS RAT Strain Named ZeroEvil Against Canadian Businesses
- Danabot Banking Malware Targets U.S. Organizations
- Report: The bigger the company, the messier the password practices
- Hackers fly under the radar for two years after infecting chiropractic clinic with malware
- DanaBot Banking Trojan’s Journey to North America
- The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying
- Detecting Credit Card Skimmers
- The fur is not gonna fly: Uncle Sam charges seven Russians with Fancy Bear hack sprees
- Experts warns of a new extortion campaign based on the Breach Compilation archive
- Cryptomining malware steals Fortnite gamers' Bitcoins and personal data
- Facebook Logins Available on the Dark Web for $2.60
- DHS issued an alert on attacks aimed at Managed Service Providers
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
- Roaming Mantis Hacking Group Inject Web Crypto Mining for iOS Devices via Malicious Content Delivery System
- Passware Kit: Forensic software recovers passwords for Bitcoin wallets
- North Korean hacking operation behind SWIFT attacks
- Lojax, the new threat developed by Fancy Bear
POLITICS
- Russian State-Sponsored Operations Begin to Overlap: Kaspersky
- Advanced Persistent Threat Activity Exploiting Managed Service Providers
- DHS issued an alert on attacks aimed at Managed Service Providers
WINDOWS
- Shedding Skin – Turla’s Fresh Faces
- LoJack for computers used to attack European government bodies
- CVE-2018-8373 Exploit Spotted
- LoJax: First UEFI Malware seen in the Wild
- Foxit PDF Reader fixes serious remote code execution vulnerability
LINUX
- LoJack for computers used to attack European government bodies
UNIX
Nothing to report
ANDROID
- .@ThreatFabric researchers uncovered an #Android malware, #MysteryBot, which uses overlay attacks to avoid detection. Learn how this #malware affects @Google's
- How is Android Accessibility Service affected by a banking Trojan?
- .@Trustlook Labs discovered an #Android #Trojan stealing data from messaging apps. Learn what #mobilesecurity programs should look for to detect
- Researchers found that cheap Android devices were shipped pre-installed backdoors
IOS
- A Remote iOS Bug
MACOS
- Google Project Zero drops macOS exploit, calls out Apple for silent patching
- CVE-2018-4251 – Apple did not disable Intel Manufacturing Mode in its laptops
- macOS Flaw Allows Attackers To Hijack Installed Apps
- Tearing Apart the Undetected (OSX)Coldroot RAT
- An Unpatched Kernel Bug
- OSX/MacRansom; analyzing the latest ransomware to target macs
- Two Bugs, One Func(), part three
- Two Bugs, One Func(), part two
- Two Bugs, One Func(), part one
- Analysis of an Intrusive Cross-Platform Adware; OSX/Pirrit
- More on, "Adware for OS X Distributes Trojans"
- A Google bug breaks the search results in Safari
DATA BREACH
- UK pins ‘reckless campaign of cyber attacks’ on Russian military intelligence
- .@FireEye researchers tracked an aggressive #cybertheft campaign -- attributed to North Korean #APT38 -- in which threat actors attempted to
- Campaign 2018: Cyberattacks on infrastructure could suppress voter turnout
- Sony accidentally leaked November's PS Plus free games
- US charges Russian military officers over international hacking and disinformation campaigns
- Burgerville Customer Credit Card Info Stolen In Data Breach
- HIDDEN COBRA – FASTCash Campaign
- Database of 200 Million Records Stolen from Apollo in Data Breach
- Irish Data Regulator Likely to Fine Facebook for Data Breach
- 5,000 UK firms' financial details exposed in data breaches, finds @digitalshadows
- The @UN accidentally exposed credentials on public @trello boards. Plus, #Uber is set to pay $148 million settlement following its
- Burgerville customer credit card info stolen in data breach laid at Fin7's feet
- How #livechatsoftware leak personal #employeedata?
- Democratic congressional intern arrested for doxing GOP senators during Kavanaugh hearing
- Business Email Compromise: When You Don’t Need to Phish.
- Business email compromise made easy for cyber criminals
- In manufacturing, almost half – 47 percent – of breaches involve the theft of intellectual property to gain competitive advantage.
- Security Investigator who Compromised Hotel Wi-Fi, Shared Pass-Codes Online, is Fined
- UK and allies accuse Russia of cyber attack campaign
- Business email compromise made easy for #cybercriminals as 12.5 million company email boxes and 33,000 finance department credentials found openly
- U.S. Capitol Police Arrest Suspect for Doxing U.S. Senators
- DanaBot Observed in Large Campaign Targeting U.S. Organizations
DENIAL-OF-SERVICE
- California bill bans bots during elections
- Why It’s Time to Nuke the Password
- Why It’s Time to Nuke the Password
MALVERTISING
Nothing to report
PHISHING
- Exclusive: Moving away from passwords to two-factor authentication
- Block Blocking Login Items
- Business Email Compromise: When You Don’t Need to Phish.
- Hackers Selling Facebook Account Logins Details On Dark Web For $3
- Experts recommend avoiding single step logins
- Phishing Attacks Distributed Through CloudFlare's IPFS Gateway
- Why It’s Time to Nuke the Password
- Why It’s Time to Nuke the Password
- DanaBot Observed in Large Campaign Targeting U.S. Organizations
WEB DEFACEMENT
- Hacker Pleads Guilty of Defacing 11,000 Websites, Could Get up to 20 Years
- Hacktivist pleads guilty to defacing websites for NYC comptroller, Combating Terrorism Center
MALWARE
- Virus Bulletin 2018: Turla APT Changes Shape with New Code and Targets
- .@ThreatFabric researchers uncovered an #Android malware, #MysteryBot, which uses overlay attacks to avoid detection. Learn how this #malware affects @Google's
- China allegedly infiltrated US companies through implanted hardware backdoors
- Researchers at the 2018 @RSAConference discussed #stegware: @malware that uses #steganography. Discover how this works with expert @lewisnic.
- Report: In Huge Hack, Chinese Manufacturer Sneaks Backdoors Onto Motherboards
- Avast AV reclassifies cryptominers | Avast
- Researchers at Cisco Talos (@TalosSecurity) recently discovered #GravityRAT, a remote access #Trojan. Discover how this RAT can check for
- This is also a good time to remind that bugdoors are far more scary than backdoors.
- Fallout Exploit Kit Now Installing the Kraken Cryptor Ransomware
- Apple, Amazon deny claims Chinese spies implanted backdoor chips in company hardware: report
- Researchers from @proofpoint have announced the discovery of a remote access trojan, and an upgraded version of an old banking
- Canadian restaurant chain Recipe suffered a network outage, is it a ransomware attack?
- Tearing Apart the Undetected (OSX)Coldroot RAT
- Mac Malware of 2017
- WTF is Mughthesec!? poking on a piece of undetected adware
- OSX/MacRansom; analyzing the latest ransomware to target macs
- Mac Malware of 2016
- Towards Generic Ransomware Detection
- Analysis of an Intrusive Cross-Platform Adware; OSX/Pirrit
- Analyzing the Anti-Analysis Logic of an Adware Installer
- Monitoring Process Creation via the Kernel (Part III)
- Monitoring Process Creation via the Kernel (Part II)
- Monitoring Process Creation via the Kernel (Part I)
- More on, "Adware for OS X Distributes Trojans"
- LoJax: First UEFI Malware seen in the Wild
- Virus Bulletin 2018: Attack velocity ramps up
- More than 4,000 ransomware attacks occur every day. Secure your company & build your network at #RiskSec with promo code
- Malicious remote admin tool seemingly linked to KONNI malware, North Korea
- Betabot trojan packed with anti-malware evasion tools
- How is Android Accessibility Service affected by a banking Trojan?
- How does stegware malware exploit steganography techniques?
- .@Trustlook Labs discovered an #Android #Trojan stealing data from messaging apps. Learn what #mobilesecurity programs should look for to detect
- Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
- A new group of #malware -- dubbed #GoScanSSH -- was recently discovered by researchers. Learn how this malware works and
- Seriously if I could make evil semiconductors I would just replace one which is already present rather than adding it.
Show
- WATCH: Top 5 Viruses of All Time by Security Expert @mikko Hyppönen
- New DanaBot Banking Malware Attack in Various Countries with Stealer and Remote Access Futures
- Researchers found that cheap Android devices were shipped pre-installed backdoors
- Google opened the .page domain
- Most Advanced Backdoor Obfuscation and Evasion Technique That used by Hackers
- Zoho Heavily Used by Keyloggers to Transmit Stolen Data
- Network Outage at Some Recipe Unlimited Locations Caused by Malware
- DanaBot Observed in Large Campaign Targeting U.S. Organizations
EXPLOIT
- Google Project Zero drops macOS exploit, calls out Apple for silent patching
- CVE-2018-8373 Exploit Spotted
- Fallout Exploit Kit Now Installing the Kraken Cryptor Ransomware
- Remote Mac Exploitation Via Custom URL Schemes
- How does stegware malware exploit steganography techniques?
- Secure encrypted #virtualization: How is this technology exploited?
VULNERABILITY
- Bug bounty scheme uncovers 150 vulnerabilities in US Marine Corps websites
- CVE-2018-4251 – Apple did not disable Intel Manufacturing Mode in its laptops
- macOS Flaw Allows Attackers To Hijack Installed Apps
- ICYMI - CISO @rickhholland joins @drshellface and @mazzazone in this week's ShadowTalk episode: Security Flaws Affect 50 Million Facebook Accounts
- CVE-2018-8373 Exploit Spotted
- Vulnerability Scanning vs. Penetration Testing by @TripwireInc
- This is also a good time to remind that bugdoors are far more scary than backdoors.
- A Remote iOS Bug
- An Unpatched Kernel Bug
- From the Top to the Bottom; Tracking down CVE-2017-7149
- Two Bugs, One Func(), part three
- Two Bugs, One Func(), part two
- Two Bugs, One Func(), part one
- CVE-2015-3673: Goodbye Rootpipe...(for now?)
- Cisco: Two critical bugs in DNA network software need these urgent patches
- Paper over the Kracks: New techniques can bypass WPA2 flaw mitigations
- Hackers Earn $150,000 in Marine Corps Bug Bounty Program
- Cisco plugs critical flaws in DNA Center and Prime Infrastructure
- Marine Corps bug bounty program finds 150 vulnerabilities
- Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
- Foxit PDF Reader fixes serious remote code execution vulnerability
- A Google bug breaks the search results in Safari
- Hacking for good uncovers over 150 Marine Corps web vulnerabilities
ASIA
- Should You Worry About Software Supply Chain Attacks?
- .@FireEye researchers tracked an aggressive #cybertheft campaign -- attributed to North Korean #APT38 -- in which threat actors attempted to
- Shedding Skin – Turla’s Fresh Faces
- China allegedly infiltrated US companies through implanted hardware backdoors
- Report: In Huge Hack, Chinese Manufacturer Sneaks Backdoors Onto Motherboards
- Apple, Amazon deny claims Chinese spies implanted backdoor chips in company hardware: report
- Canadian restaurant chain Recipe suffered a network outage, is it a ransomware attack?
- A Remote iOS Bug
- APT38 is behind financially motivated attacks carried out by North Korea
- Security Investigator who Compromised Hotel Wi-Fi, Shared Pass-Codes Online, is Fined
OCEANIA
- New DanaBot Banking Malware Attack in Various Countries with Stealer and Remote Access Futures
NORTH AMERICA
- UK pins ‘reckless campaign of cyber attacks’ on Russian military intelligence
- Bug bounty scheme uncovers 150 vulnerabilities in US Marine Corps websites
- China allegedly infiltrated US companies through implanted hardware backdoors
- US charges Russian military officers over international hacking and disinformation campaigns
- Hacker Pleads Guilty of Defacing 11,000 Websites, Could Get up to 20 Years
- Justice Department charges 7 Russian intelligence officers
- CVE-2018-4251 – Apple did not disable Intel Manufacturing Mode in its laptops
- ICYMI - CISO @rickhholland joins @drshellface and @mazzazone in this week's ShadowTalk episode: Security Flaws Affect 50 Million Facebook Accounts
- HIDDEN COBRA – FASTCash Campaign
- Pacific Northwest burger chain hit by FIN7
- Apple, Amazon deny claims Chinese spies implanted backdoor chips in company hardware: report
- Canadian restaurant chain Recipe suffered a network outage, is it a ransomware attack?
- Burgerville customer credit card info stolen in data breach laid at Fin7's feet
- LoJax: First UEFI Malware seen in the Wild
- Hackers Earn $150,000 in Marine Corps Bug Bounty Program
- APT38 is behind financially motivated attacks carried out by North Korea
- U.S. Capitol Police Arrest Suspect for Doxing U.S. Senators
- DanaBot Observed in Large Campaign Targeting U.S. Organizations
SOUTH AMERICA
- APT38 is behind financially motivated attacks carried out by North Korea
EUROPE
- UK pins ‘reckless campaign of cyber attacks’ on Russian military intelligence
- Virus Bulletin 2018: Turla APT Changes Shape with New Code and Targets
- Should You Worry About Software Supply Chain Attacks?
- US charges Russian military officers over international hacking and disinformation campaigns
- LoJack for computers used to attack European government bodies
- Justice Department charges 7 Russian intelligence officers
- Russian Fancy Bear APT Linked To Earworm Hacking Group
- Pacific Northwest burger chain hit by FIN7
- Irish Data Regulator Likely to Fine Facebook for Data Breach
- Russian Fancy Bear APT linked to Earworm hacking group
- 5,000 UK firms' financial details exposed in data breaches, finds @digitalshadows
- Canadian restaurant chain Recipe suffered a network outage, is it a ransomware attack?
- LoJax: First UEFI Malware seen in the Wild
- UK and allies accuse Russia of cyber attack campaign
- New DanaBot Banking Malware Attack in Various Countries with Stealer and Remote Access Futures
- Experts recommend avoiding single step logins
AFRICA
Nothing to report
