TRANSNATIONAL / UNKNOWN
- Burgerville discloses year-long data breach, courtesy of FIN7 cybergang
CHINA
Nothing to report
INDIA
Nothing to report
NORTH KOREA
- News of the Week: October 6, 2018
PAKISTAN
Nothing to report
VIETNAM
Nothing to report
IRAN
Nothing to report
LEBANON
Nothing to report
PALESTINE
Nothing to report
SAUDI ARABIA
Nothing to report
UNITED ARAB EMIRATES
Nothing to report
RUSSIA
- APT28 turns away from election hacking and back to cyberespionage
- Dutch and British Governments Slam Russia for Cyberattacks
- Feds Indict 7 Russians for Hacking and Disinformation
UKRAINE
Nothing to report
ASIA
- China’s Alleged Hidden Chip for Espionage Exposed
- Report: Chinese Spy Chip Backdoored US Defense, Tech Firms
WORLD
- SQL Injection Exposed Data From Canadian ISP – Altima Telecom
- China’s Alleged Hidden Chip for Espionage Exposed
- Washington D.C. Man Faces Up to 20 Years in Jail for US Senators Doxing Charges
- Sony Bravia Smart TVs affected by a critical vulnerability
- News of the Week: October 6, 2018
- Dutch and British Governments Slam Russia for Cyberattacks
- Feds Indict 7 Russians for Hacking and Disinformation
- Report: Chinese Spy Chip Backdoored US Defense, Tech Firms
ATTACKS
- SQL Injection Exposed Data From Canadian ISP – Altima Telecom
- China’s Alleged Hidden Chip for Espionage Exposed
- Washington D.C. Man Faces Up to 20 Years in Jail for US Senators Doxing Charges
- $12 Billion Lost Because of E-mail Account Compromise Incidents in Five Years
- Democratic congressional intern arrested for doxing GOP senators during Kavanaugh hearing
- California bill bans bots during elections
- Project Insecurity (@insecurity) researchers recently found #livechatsoftware leaking personal employee data. Learn what #data was leaked and how attackers can
- Burgerville discloses year-long data breach, courtesy of FIN7 cybergang
- Hackers Offering Less than $150 to Hack Corporate Email Accounts – 12.5 Million Email Archive Files are Exposed
- California prohibits use of weak default passwords
THREATS
- SQL Injection Exposed Data From Canadian ISP – Altima Telecom
- Sony Bravia Smart TVs affected by a critical vulnerability
- Android SMS Worm, plus setting up a Mac for kids
- .@ThreatFabric researchers uncovered a #malware that uses overlay techniques to avoid detection. Learn from @lewisnic how this new #Androidmalware --
- At the 2018 @RSAConference, researchers discussed the rise of stegware -- #malware that uses #steganography techniques to avoid detection. Learn
- Sony Smart TV Bug Allows Remote Access, Root Privileges
- How #Shodan helps identify #ICSsecurity vulnerabilities
- Git Project Patches Remote Code Execution Vulnerability in Git
- Betabot trojan packed with anti-malware evasion tools
- Malicious remote admin tool seemingly linked to KONNI malware, North Korea
- How a remote access #Trojan checks for
- The weekend starts here... right after you've installed these critical Cisco bug patches
- Report: Chinese Spy Chip Backdoored US Defense, Tech Firms
- GitHub fixes a remote code security vulnerability that affects Linux system
- More Than 50 Malicious Apps With Over 350,000 Installs Found On Google Play
- Researchers at @Trustlook Labs found an #Android #Trojan that copies and steals data from mobile #messagingapps. Discover how this is
- How to protect public SSH servers from
- Cisco updates address 36 vulnerabilities, three critical
- Hackers exploit vulnerability in Bitcoin code
- Vulnerability Scanning vs. Penetration Testing: What's the Difference?
- TP-Link router vulnerable to remote takeover flaw
- Researchers at @TrendMicro found a new strain of #malware -- dubbed #FacexWorm -- that targets users through a malicious #ChromeExtension.
CRIME
- China’s Alleged Hidden Chip for Espionage Exposed
- Washington D.C. Man Faces Up to 20 Years in Jail for US Senators Doxing Charges
- $12 Billion Lost Because of E-mail Account Compromise Incidents in Five Years
- Feds Indict 7 Russians for Hacking and Disinformation
- Hackers Offering Less than $150 to Hack Corporate Email Accounts – 12.5 Million Email Archive Files are Exposed
- Hackers exploit vulnerability in Bitcoin code
POLITICS
- China’s Alleged Hidden Chip for Espionage Exposed
- APT28 turns away from election hacking and back to cyberespionage
- Feds Indict 7 Russians for Hacking and Disinformation
- Report: Chinese Spy Chip Backdoored US Defense, Tech Firms
DATA BREACH
- Sales intel firm Apollo data breach exposed more than 200 million contact records
- Fortnite gamers targeted by data theft malware
- Apollo hackers steal info from database of 200M contact
- Security researchers @proofpoint recently uncovered new #DanaBot campaigns.
- GhostDNS hijacking campaign steps up attacks on Brazilians; 100K+ devices compromised
- Smart TV kit featuring Google Home Mini and third-gen Chromecast leaks
- UK pins 'reckless campaign of cyber attacks' on Russian military intelligence
- Experts warns of a new extortion campaign based on the Breach Compilation archive
- Cryptomining malware steals Fortnite gamers' Bitcoins and personal data
- Intel, AMD both claim server speed records
- Samsung predicts a return to record profits in Q3
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
DENIAL-OF-SERVICE
- Hacked #Fortnite accounts and rent-a-botnet being pushed on Instagram
MALVERTISING
Nothing to report
PHISHING
- Facebook Found “No Evidence” Of Facebook Login Exploited To Access Linked Apps
- Remove Ursnif Trojan (Purolator Phishing) Scam
- California Is Making It Illegal for Devices to Have Shitty Default Passwords
- Report: The bigger the company, the messier the password practices
- The most commonly used passwords in the world are...
1. 123456
2. password
3. 123456789
4. 12345678
5. 12345
6. qwerty
- Can the @Microsoft Authenticator really replace passwords in the enterprise? Microsoft says the answer is yes and proclaimed the password
- Weak Passwords Banned In California From 2020
- New IoT legislation bans shared default passwords
- US users open 30% of phishing emails with 12% of those clicking on infected links or attachments. Prepare for 2019's
- Credential-Phishing Attempts Highest on Tuesdays
- Credential-Phishing Attempts Highest on Tuesdays
- If you're thinking passwords, check out #CyberSauna episode #13:
A Hacker's Take on Cracking & Protecting Your Creds
- FYI: "password" is the 2nd most popular password in the world.
Can you guess the first?
- Facebook Logins Available on the Dark Web for $2.60
- Passware Kit: Forensic software recovers passwords for Bitcoin wallets
WEB DEFACEMENT
Nothing to report
MALWARE
- Ransomware Recovery at the Taxpayers’ Expense
- Virus Bulletin 2018: Saudi Dissident Spyware Attack Belies Bigger Threat
- Fortnite gamers targeted by data theft malware
- Remove Ursnif Trojan (Purolator Phishing) Scam
- Trojans go after MS Office vulnerabilities and China hacks US hardware
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- Virus Bulletin 2018: Exposing the Social Media Fraud Ecosystem
- AirNaine Uses New ARS RAT Strain Named ZeroEvil Against Canadian Businesses
- Danabot Banking Malware Targets U.S. Organizations
- The Virus Bulletin conference returns home: VB2019 to take place in London
- Fileless malware: part deux
- Cisco Discovered Multiple Vulnerabilities In Atlantis Word Processor
- Hackers fly under the radar for two years after infecting chiropractic clinic with malware
- DanaBot Banking Trojan’s Journey to North America
- Virus Bulletin 2018: Supply chain hacking grows up
- The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying
- Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
- Cryptomining malware steals Fortnite gamers' Bitcoins and personal data
- How does FacexWorm malware use Facebook Messenger to spread?
- Malicious remote admin tool seemingly linked to KONNI malware, North Korea
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
- .@FireEye researches discovered that the group behind #Sanny #malware attacks has made delivery method changes that put users at risk.
- Fake News Domains Spoof UK News Sites
- Roaming Mantis Hacking Group Inject Web Crypto Mining for iOS Devices via Malicious Content Delivery System
- Top 5 Viruses of All Time by Security Expert Mikko Hyppönen
- CMake 3.12.3 releases: managing the build process of software
EXPLOIT
- Facebook Found “No Evidence” Of Facebook Login Exploited To Access Linked Apps
- Advanced Persistent Threat Activity Exploiting Managed Service Providers
VULNERABILITY
- Adobe October Patch Update Fixed 86 Different Security Vulnerabilities
- Sony Smart TV Bug Allows Remote Access, Root Privileges
- Unit 42 Vulnerability Research October 2018 Disclosures – Adobe
- Unit 42 Vulnerability Research October 2018 Disclosures – Adobe
- D-Link Patches RCE Bugs in Wireless Access Point Gear
- VMware Releases Patches for Critical A/W Console Auth Bypass Vulnerability
- 150 Bugs Found in the Hack the Marine Corps Challenge
- Trojans go after MS Office vulnerabilities and China hacks US hardware
- 150 Bugs Found in the Hack the Marine Corps Challenge
- Most Home Routers Are Full of Vulnerabilities
- Vulnerability Scanning vs. Penetration Testing: What's the Difference?
- Adobe update cleans up 86 bugs in Acrobat and Reader, many critical
- Missing Files, Bugs Reported After Windows 10 October 2018 Update
- Cisco Discovered Multiple Vulnerabilities In Atlantis Word Processor
- Mozilla Resolves Critical Code Execution Flaw In Thunderbird
- Cisco patches critical flaws in DNA Center and Prime Infrastructure
- Marine Corps bug bounty program finds 150 vulnerabilities
- Mozilla resolves critical code execution flaw in Thunderbird email client
- Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
- D-Link Patches Code Execution, XSS Flaws in Management Tool
- Cisco updates address 36 vulnerabilities, three critical
- Vulnerability Scanning vs. Penetration Testing: What's the Difference?
- #PulseNet: How does an improper #authentication flaw affect it?
- Cisco Released Security Updates & Fixed 37 Vulnerabilities that Affected Cisco Products
- Mozilla Patches Critical Vulnerability in Thunderbird 60.2.1
ASIA
- Virus Bulletin 2018: Saudi Dissident Spyware Attack Belies Bigger Threat
- Trojans go after MS Office vulnerabilities and China hacks US hardware
- The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying
- DHS issued an alert on attacks aimed at Managed Service Providers
- VP Mike Pence slams Google over Chinese search engine project
- North Korean hacking operation behind SWIFT attacks
WORLD
- Virus Bulletin 2018: Saudi Dissident Spyware Attack Belies Bigger Threat
- Trojans go after MS Office vulnerabilities and China hacks US hardware
- Russian State-Sponsored Operations Begin to Overlap: Kaspersky
- California Is Making It Illegal for Devices to Have Shitty Default Passwords
- AirNaine Uses New ARS RAT Strain Named ZeroEvil Against Canadian Businesses
- Danabot Banking Malware Targets U.S. Organizations
- The Virus Bulletin conference returns home: VB2019 to take place in London
- Uncle Sam Charges Seven Russians With Fancy Bear Hack Sprees
- DanaBot Banking Trojan’s Journey to North America
- The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying
- The fur is not gonna fly: Uncle Sam charges seven Russians with Fancy Bear hack sprees
- UK pins 'reckless campaign of cyber attacks' on Russian military intelligence
- Experts warns of a new extortion campaign based on the Breach Compilation archive
- US users open 30% of phishing emails with 12% of those clicking on infected links or attachments. Prepare for 2019's
- Facebook Logins Available on the Dark Web for $2.60
- DHS issued an alert on attacks aimed at Managed Service Providers
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
- Fake News Domains Spoof UK News Sites
- Russia's elite hacking unit has been silent, but busy
- Fin7 Hackers Breached US Chain Burgerville
- Fin7 Hackers Breached US Chain Burgerville
ATTACKS
- Sales intel firm Apollo data breach exposed more than 200 million contact records
- Facebook Found “No Evidence” Of Facebook Login Exploited To Access Linked Apps
- Fortnite gamers targeted by data theft malware
- Remove Ursnif Trojan (Purolator Phishing) Scam
- California Is Making It Illegal for Devices to Have Shitty Default Passwords
- Report: The bigger the company, the messier the password practices
- The most commonly used passwords in the world are...
1. 123456
2. password
3. 123456789
4. 12345678
5. 12345
6. qwerty
- Apollo hackers steal info from database of 200M contact
- Can the @Microsoft Authenticator really replace passwords in the enterprise? Microsoft says the answer is yes and proclaimed the password
- Security researchers @proofpoint recently uncovered new #DanaBot campaigns.
- Weak Passwords Banned In California From 2020
- New IoT legislation bans shared default passwords
- GhostDNS hijacking campaign steps up attacks on Brazilians; 100K+ devices compromised
- Smart TV kit featuring Google Home Mini and third-gen Chromecast leaks
- Hacked #Fortnite accounts and rent-a-botnet being pushed on Instagram
- UK pins 'reckless campaign of cyber attacks' on Russian military intelligence
- Experts warns of a new extortion campaign based on the Breach Compilation archive
- US users open 30% of phishing emails with 12% of those clicking on infected links or attachments. Prepare for 2019's
- Credential-Phishing Attempts Highest on Tuesdays
- Cryptomining malware steals Fortnite gamers' Bitcoins and personal data
- Credential-Phishing Attempts Highest on Tuesdays
- If you're thinking passwords, check out #CyberSauna episode #13:
A Hacker's Take on Cracking & Protecting Your Creds
- Intel, AMD both claim server speed records
- FYI: "password" is the 2nd most popular password in the world.
Can you guess the first?
- Facebook Logins Available on the Dark Web for $2.60
- Samsung predicts a return to record profits in Q3
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
- Passware Kit: Forensic software recovers passwords for Bitcoin wallets
THREATS
- Adobe October Patch Update Fixed 86 Different Security Vulnerabilities
- Ransomware Recovery at the Taxpayers’ Expense
- Sony Smart TV Bug Allows Remote Access, Root Privileges
- Virus Bulletin 2018: Saudi Dissident Spyware Attack Belies Bigger Threat
- Unit 42 Vulnerability Research October 2018 Disclosures – Adobe
- Unit 42 Vulnerability Research October 2018 Disclosures – Adobe
- Facebook Found “No Evidence” Of Facebook Login Exploited To Access Linked Apps
- Fortnite gamers targeted by data theft malware
- D-Link Patches RCE Bugs in Wireless Access Point Gear
- VMware Releases Patches for Critical A/W Console Auth Bypass Vulnerability
- Remove Ursnif Trojan (Purolator Phishing) Scam
- 150 Bugs Found in the Hack the Marine Corps Challenge
- Trojans go after MS Office vulnerabilities and China hacks US hardware
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- 150 Bugs Found in the Hack the Marine Corps Challenge
- Most Home Routers Are Full of Vulnerabilities
- Virus Bulletin 2018: Exposing the Social Media Fraud Ecosystem
- AirNaine Uses New ARS RAT Strain Named ZeroEvil Against Canadian Businesses
- Danabot Banking Malware Targets U.S. Organizations
- The Virus Bulletin conference returns home: VB2019 to take place in London
- Vulnerability Scanning vs. Penetration Testing: What's the Difference?
- Fileless malware: part deux
- Adobe update cleans up 86 bugs in Acrobat and Reader, many critical
- Missing Files, Bugs Reported After Windows 10 October 2018 Update
- Cisco Discovered Multiple Vulnerabilities In Atlantis Word Processor
- Advanced Persistent Threat Activity Exploiting Managed Service Providers
- Mozilla Resolves Critical Code Execution Flaw In Thunderbird
- Hackers fly under the radar for two years after infecting chiropractic clinic with malware
- DanaBot Banking Trojan’s Journey to North America
- Cisco patches critical flaws in DNA Center and Prime Infrastructure
- Virus Bulletin 2018: Supply chain hacking grows up
- Marine Corps bug bounty program finds 150 vulnerabilities
- The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying
- Mozilla resolves critical code execution flaw in Thunderbird email client
- Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
- D-Link Patches Code Execution, XSS Flaws in Management Tool
- Cisco updates address 36 vulnerabilities, three critical
- Cryptomining malware steals Fortnite gamers' Bitcoins and personal data
- Vulnerability Scanning vs. Penetration Testing: What's the Difference?
- How does FacexWorm malware use Facebook Messenger to spread?
- Malicious remote admin tool seemingly linked to KONNI malware, North Korea
- #PulseNet: How does an improper #authentication flaw affect it?
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
- .@FireEye researches discovered that the group behind #Sanny #malware attacks has made delivery method changes that put users at risk.
- Cisco Released Security Updates & Fixed 37 Vulnerabilities that Affected Cisco Products
- Fake News Domains Spoof UK News Sites
- Roaming Mantis Hacking Group Inject Web Crypto Mining for iOS Devices via Malicious Content Delivery System
- Top 5 Viruses of All Time by Security Expert Mikko Hyppönen
- CMake 3.12.3 releases: managing the build process of software
- Mozilla Patches Critical Vulnerability in Thunderbird 60.2.1
CRIME
- Fortnite gamers targeted by data theft malware
- Remove Ursnif Trojan (Purolator Phishing) Scam
- California Is Making It Illegal for Devices to Have Shitty Default Passwords
- AirNaine Uses New ARS RAT Strain Named ZeroEvil Against Canadian Businesses
- Danabot Banking Malware Targets U.S. Organizations
- Report: The bigger the company, the messier the password practices
- Hackers fly under the radar for two years after infecting chiropractic clinic with malware
- DanaBot Banking Trojan’s Journey to North America
- The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying
- Detecting Credit Card Skimmers
- The fur is not gonna fly: Uncle Sam charges seven Russians with Fancy Bear hack sprees
- Experts warns of a new extortion campaign based on the Breach Compilation archive
- Cryptomining malware steals Fortnite gamers' Bitcoins and personal data
- Facebook Logins Available on the Dark Web for $2.60
- DHS issued an alert on attacks aimed at Managed Service Providers
- New research reveals the DanaBot banking Trojan is now targeting banks in the United States as well.
The campaign attempts to
- Roaming Mantis Hacking Group Inject Web Crypto Mining for iOS Devices via Malicious Content Delivery System
- Passware Kit: Forensic software recovers passwords for Bitcoin wallets
- North Korean hacking operation behind SWIFT attacks
- Lojax, the new threat developed by Fancy Bear
POLITICS
- Russian State-Sponsored Operations Begin to Overlap: Kaspersky
- Advanced Persistent Threat Activity Exploiting Managed Service Providers
- DHS issued an alert on attacks aimed at Managed Service Providers
WINDOWS
- Shedding Skin – Turla’s Fresh Faces
- LoJack for computers used to attack European government bodies
- CVE-2018-8373 Exploit Spotted
- LoJax: First UEFI Malware seen in the Wild
- Foxit PDF Reader fixes serious remote code execution vulnerability
LINUX
- LoJack for computers used to attack European government bodies
UNIX
Nothing to report
ANDROID
- .@ThreatFabric researchers uncovered an #Android malware, #MysteryBot, which uses overlay attacks to avoid detection. Learn how this #malware affects @Google's
- How is Android Accessibility Service affected by a banking Trojan?
- .@Trustlook Labs discovered an #Android #Trojan stealing data from messaging apps. Learn what #mobilesecurity programs should look for to detect
- Researchers found that cheap Android devices were shipped pre-installed backdoors
IOS
- A Remote iOS Bug
MACOS
- Google Project Zero drops macOS exploit, calls out Apple for silent patching
- CVE-2018-4251 – Apple did not disable Intel Manufacturing Mode in its laptops
- macOS Flaw Allows Attackers To Hijack Installed Apps
- Tearing Apart the Undetected (OSX)Coldroot RAT
- An Unpatched Kernel Bug
- OSX/MacRansom; analyzing the latest ransomware to target macs
- Two Bugs, One Func(), part three
- Two Bugs, One Func(), part two
- Two Bugs, One Func(), part one
- Analysis of an Intrusive Cross-Platform Adware; OSX/Pirrit
- More on, "Adware for OS X Distributes Trojans"
- A Google bug breaks the search results in Safari
DATA BREACH
- UK pins ‘reckless campaign of cyber attacks’ on Russian military intelligence
- .@FireEye researchers tracked an aggressive #cybertheft campaign -- attributed to North Korean #APT38 -- in which threat actors attempted to
- Campaign 2018: Cyberattacks on infrastructure could suppress voter turnout
- Sony accidentally leaked November's PS Plus free games
- US charges Russian military officers over international hacking and disinformation campaigns
- Burgerville Customer Credit Card Info Stolen In Data Breach
- HIDDEN COBRA – FASTCash Campaign
- Database of 200 Million Records Stolen from Apollo in Data Breach
- Irish Data Regulator Likely to Fine Facebook for Data Breach
- 5,000 UK firms' financial details exposed in data breaches, finds @digitalshadows
- The @UN accidentally exposed credentials on public @trello boards. Plus, #Uber is set to pay $148 million settlement following its
- Burgerville customer credit card info stolen in data breach laid at Fin7's feet
- How #livechatsoftware leak personal #employeedata?
- Democratic congressional intern arrested for doxing GOP senators during Kavanaugh hearing
- Business Email Compromise: When You Don’t Need to Phish.
- Business email compromise made easy for cyber criminals
- In manufacturing, almost half – 47 percent – of breaches involve the theft of intellectual property to gain competitive advantage.
- Security Investigator who Compromised Hotel Wi-Fi, Shared Pass-Codes Online, is Fined
- UK and allies accuse Russia of cyber attack campaign
- Business email compromise made easy for #cybercriminals as 12.5 million company email boxes and 33,000 finance department credentials found openly
- U.S. Capitol Police Arrest Suspect for Doxing U.S. Senators
- DanaBot Observed in Large Campaign Targeting U.S. Organizations
DENIAL-OF-SERVICE
- California bill bans bots during elections
- Why It’s Time to Nuke the Password
- Why It’s Time to Nuke the Password
MALVERTISING
Nothing to report
PHISHING
- Exclusive: Moving away from passwords to two-factor authentication
- Block Blocking Login Items
- Business Email Compromise: When You Don’t Need to Phish.
- Hackers Selling Facebook Account Logins Details On Dark Web For $3
- Experts recommend avoiding single step logins
- Phishing Attacks Distributed Through CloudFlare's IPFS Gateway
- Why It’s Time to Nuke the Password
- Why It’s Time to Nuke the Password
- DanaBot Observed in Large Campaign Targeting U.S. Organizations
WEB DEFACEMENT
- Hacker Pleads Guilty of Defacing 11,000 Websites, Could Get up to 20 Years
- Hacktivist pleads guilty to defacing websites for NYC comptroller, Combating Terrorism Center
MALWARE
- Virus Bulletin 2018: Turla APT Changes Shape with New Code and Targets
- .@ThreatFabric researchers uncovered an #Android malware, #MysteryBot, which uses overlay attacks to avoid detection. Learn how this #malware affects @Google's
- China allegedly infiltrated US companies through implanted hardware backdoors
- Researchers at the 2018 @RSAConference discussed #stegware: @malware that uses #steganography. Discover how this works with expert @lewisnic.
- Report: In Huge Hack, Chinese Manufacturer Sneaks Backdoors Onto Motherboards
- Avast AV reclassifies cryptominers | Avast
- Researchers at Cisco Talos (@TalosSecurity) recently discovered #GravityRAT, a remote access #Trojan. Discover how this RAT can check for
- This is also a good time to remind that bugdoors are far more scary than backdoors.
- Fallout Exploit Kit Now Installing the Kraken Cryptor Ransomware
- Apple, Amazon deny claims Chinese spies implanted backdoor chips in company hardware: report
- Researchers from @proofpoint have announced the discovery of a remote access trojan, and an upgraded version of an old banking
- Canadian restaurant chain Recipe suffered a network outage, is it a ransomware attack?
- Tearing Apart the Undetected (OSX)Coldroot RAT
- Mac Malware of 2017
- WTF is Mughthesec!? poking on a piece of undetected adware
- OSX/MacRansom; analyzing the latest ransomware to target macs
- Mac Malware of 2016
- Towards Generic Ransomware Detection
- Analysis of an Intrusive Cross-Platform Adware; OSX/Pirrit
- Analyzing the Anti-Analysis Logic of an Adware Installer
- Monitoring Process Creation via the Kernel (Part III)
- Monitoring Process Creation via the Kernel (Part II)
- Monitoring Process Creation via the Kernel (Part I)
- More on, "Adware for OS X Distributes Trojans"
- LoJax: First UEFI Malware seen in the Wild
- Virus Bulletin 2018: Attack velocity ramps up
- More than 4,000 ransomware attacks occur every day. Secure your company & build your network at #RiskSec with promo code
- Malicious remote admin tool seemingly linked to KONNI malware, North Korea
- Betabot trojan packed with anti-malware evasion tools
- How is Android Accessibility Service affected by a banking Trojan?
- How does stegware malware exploit steganography techniques?
- .@Trustlook Labs discovered an #Android #Trojan stealing data from messaging apps. Learn what #mobilesecurity programs should look for to detect
- Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
- A new group of #malware -- dubbed #GoScanSSH -- was recently discovered by researchers. Learn how this malware works and
- Seriously if I could make evil semiconductors I would just replace one which is already present rather than adding it.
Show
- WATCH: Top 5 Viruses of All Time by Security Expert @mikko Hyppönen
- New DanaBot Banking Malware Attack in Various Countries with Stealer and Remote Access Futures
- Researchers found that cheap Android devices were shipped pre-installed backdoors
- Google opened the .page domain
- Most Advanced Backdoor Obfuscation and Evasion Technique That used by Hackers
- Zoho Heavily Used by Keyloggers to Transmit Stolen Data
- Network Outage at Some Recipe Unlimited Locations Caused by Malware
- DanaBot Observed in Large Campaign Targeting U.S. Organizations
EXPLOIT
- Google Project Zero drops macOS exploit, calls out Apple for silent patching
- CVE-2018-8373 Exploit Spotted
- Fallout Exploit Kit Now Installing the Kraken Cryptor Ransomware
- Remote Mac Exploitation Via Custom URL Schemes
- How does stegware malware exploit steganography techniques?
- Secure encrypted #virtualization: How is this technology exploited?
VULNERABILITY
- Bug bounty scheme uncovers 150 vulnerabilities in US Marine Corps websites
- CVE-2018-4251 – Apple did not disable Intel Manufacturing Mode in its laptops
- macOS Flaw Allows Attackers To Hijack Installed Apps
- ICYMI - CISO @rickhholland joins @drshellface and @mazzazone in this week's ShadowTalk episode: Security Flaws Affect 50 Million Facebook Accounts
- CVE-2018-8373 Exploit Spotted
- Vulnerability Scanning vs. Penetration Testing by @TripwireInc
- This is also a good time to remind that bugdoors are far more scary than backdoors.
- A Remote iOS Bug
- An Unpatched Kernel Bug
- From the Top to the Bottom; Tracking down CVE-2017-7149
- Two Bugs, One Func(), part three
- Two Bugs, One Func(), part two
- Two Bugs, One Func(), part one
- CVE-2015-3673: Goodbye Rootpipe...(for now?)
- Cisco: Two critical bugs in DNA network software need these urgent patches
- Paper over the Kracks: New techniques can bypass WPA2 flaw mitigations
- Hackers Earn $150,000 in Marine Corps Bug Bounty Program
- Cisco plugs critical flaws in DNA Center and Prime Infrastructure
- Marine Corps bug bounty program finds 150 vulnerabilities
- Cisco Talos spotted 18 vulnerabilities in Foxit PDF Reader, 8 in Atlantis World Processor
- Foxit PDF Reader fixes serious remote code execution vulnerability
- A Google bug breaks the search results in Safari
- Hacking for good uncovers over 150 Marine Corps web vulnerabilities
