DATA BREACH & DATA LOSS
- Facebook Data Breach Update: attackers accessed data of 29 Million users
- Pentagon Reveals Cyber Breach of Travel Records
- NEW BETABOT CAMPAIGN UNDER THE MICROSCOPE
- Detecting Malicious Campaigns with Machine Learning
- Fitmetrix fitness software company may have exposed millions of customer records
- Fake browser update seeks to compromise more MikroTik routers
- Phishing Campaign uses Hijacked Emails to Deliver URSNIF by Replying to Ongoing Threads
- #TLBleed abuses @Intel's HTT chip feature to leak data and obtain sensitive memory information. Learn more about this new side-channel
- Mindbody’s FitMetrix leaked millions of Users’ Personal Details
- Is Google Sync a Vector for Data Breaches?
- Facebook Revises Data Breach Impact Downward, Provides New Details
- How #livechatsoftware leak personal #employeedata?
- Labor seeks updated My Health Record legislation to prevent privatisation
DENIAL-OF-SERVICE
- 'The Nuke Loop' is Fallout 76's endgame, lead designer explains
- UK's NCSC to monitor internet routing to stop DDoS and hijacks
MALVERTISING
Nil
PHISHING
- Threat Announcement: Phishing Sites Detected on Emoji Domains
- Phishing Campaign uses Hijacked Emails to Deliver URSNIF by Replying to Ongoing Threads
- An Examination of a Phishing Kit Dubbed Luis
- Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
- Largest Cyber Attack Against Iceland Driven by Complex Phishing Scheme
- Spring Security With Radius Login
WEB DEFACEMENT
Nil
BOTNET
- Call of Duty: Black Ops 4 welcomes launch with new Blackout and Zombies trailers
RANSOMWARE
- The Week in Ransomware - October 12th 2018 - NotPetya, GandCrab, and More
- New @ESET research finds APT group dubbed #TeleBots was behind #Industroyer #malware attacks, #NotPetya #ransomware outbreaks, and a recent Exaramel
- GandCrab ransomware operators team up with crypter service
- GandCrab Ransomware Partners With Crypter Service
- This is how much the WannaCry ransomware attack cost the NHS
CRYPTOMINING & CRYPTOCURRENCIES
- Almost 12K MikroTik Routers Are Hunting Around for Cryptojacking Opportunities
- Three Industries That Blockchain Will Impact the Most
- Obfuscated JavaScript Cryptominer
- In 2008, @nokia dominated the mobile phone universe. Four years later, the company was on the verge of extinction. Discover
- 360 Total Security has intercepted more than 50,000 Clipboard Wallet Hijacker attacks, helping users recover over 40 million
- Cryptomining software is hidden as Flash update
MALWARE
- Detecting Malicious Campaigns with Machine Learning
- Fake Adobe Flash Updates Hide Malicious Crypto Miners
- .@ThreatFabric researchers uncovered an #Android malware, #MysteryBot, which uses overlay attacks to avoid detection. Learn how this #malware affects @Google's
- New @ESET research finds APT group dubbed #TeleBots was behind #Industroyer #malware attacks, #NotPetya #ransomware outbreaks, and a recent Exaramel
- Researchers at the 2018 @RSAConference discussed #stegware: @malware that uses #steganography. Discover how this works with expert @lewisnic.
- Hackers targeting Drupal vulnerabilities to install the Shellbot Backdoor
- Researchers at Cisco Talos (@TalosSecurity) recently discovered #GravityRAT, a remote access #Trojan. Discover how this RAT can check for
- GPlayed trojan seeks to play users out of their data
- This Trojan masquerades as Google Play to hide on your phone in plain sight
- Marion County Jail’s Reporting System Fall Prey to Virus Attack
- Some 10% of user-reported emails malicious
- ThreatFabric on stage @bsidesdelft talking about the evolution of
- Fortnite for Android Released, But Make Sure You Don't Download Malware
EXPLOIT
- PoC exploit for Windows Shell RCE released
VULNERABILITY
- Windows 10 October 2018 Update: Release – Halt – Bug Identified – Fix!
- FDA Issues Warning about Security Vulnerabilities in Pacemaker Programmers
- Microsoft Zero-Day Patch for JET Bug Incomplete, Claims Firm
- Proof-of-Concept Available for Edge Remote Code Execution Vulnerability
- Facebook States 30 Million People Affected by Last Month's "View As" Bug
- Learn how the #NetSpectre vulnerability affects the #cloud from expert Ed Moyle of @securitycurve.
- What's keeping the #CISO up at night? The vulnerabilities caused by third-party vendors, finds @forrester research. 65% of organizations say
- Micropatch Released to Correct Partially Fixed JET DB Engine RCE Vulnerability
- FDA warns users of cyber vulnerability in pacemaker programmers
- Ryan Kalember, Senior VP of #Cybersecurity Strategy at Proofpoint, discussing why humans are a company’s biggest cybersecurity vulnerability.
- Sony Patched Three Critical Vulnerabilities In Smart TV Bravia
- Hackers targeting Drupal vulnerabilities to install the Shellbot Backdoor
- Now, watch this... Network time protocol bugs sting Juniper operating system
- DOM-XSS Bug Affecting Tinder, Shopify, Yelp, and More
- Facebook's WhatsApp says it has fixed a video call security bug that let hackers hijack accounts.
- Vulnerability allows hijacking of software installed in macOS
- Senator asked Google to explain why the revealing of the Google+ vulnerability was postponed
- Proof-of-concept code published for Microsoft Edge remote code execution bug
ASIA
- Cyber News Rundown: Windows 10 Update Deletes Files
- Threat Brief: FASTCash ATM Cash Out Tactics
- Five Eyes Intelligence agencies warn of popular hacking tools
- 360 Total Security has intercepted more than 50,000 Clipboard Wallet Hijacker attacks, helping users recover over 40 million
WORLD
- Facebook Data Breach Update: attackers accessed data of 29 Million users
- Pentagon Reveals Cyber Breach of Travel Records
- FDA Issues Warning about Security Vulnerabilities in Pacemaker Programmers
- Detecting Malicious Campaigns with Machine Learning
- Almost 12K MikroTik Routers Are Hunting Around for Cryptojacking Opportunities
- Cyber News Rundown: Windows 10 Update Deletes Files
- Fake browser update seeks to compromise more MikroTik routers
- An Examination of a Phishing Kit Dubbed Luis
- Five Eyes Intelligence agencies warn of popular hacking tools
- 360 Total Security has intercepted more than 50,000 Clipboard Wallet Hijacker attacks, helping users recover over 40 million
- DOM-XSS Bug Affecting Tinder, Shopify, Yelp, and More
- UK's NCSC to monitor internet routing to stop DDoS and hijacks
- Largest Cyber Attack Against Iceland Driven by Complex Phishing Scheme
- Labor seeks updated My Health Record legislation to prevent privatisation
- Senator asked Google to explain why the revealing of the Google+ vulnerability was postponed
ATTACKS
- Facebook Data Breach Update: attackers accessed data of 29 Million users
- Pentagon Reveals Cyber Breach of Travel Records
- NEW BETABOT CAMPAIGN UNDER THE MICROSCOPE
- Detecting Malicious Campaigns with Machine Learning
- Fitmetrix fitness software company may have exposed millions of customer records
- Fake browser update seeks to compromise more MikroTik routers
- Threat Announcement: Phishing Sites Detected on Emoji Domains
- Phishing Campaign uses Hijacked Emails to Deliver URSNIF by Replying to Ongoing Threads
- #TLBleed abuses @Intel's HTT chip feature to leak data and obtain sensitive memory information. Learn more about this new side-channel
- An Examination of a Phishing Kit Dubbed Luis
- Mindbody’s FitMetrix leaked millions of Users’ Personal Details
- Is Google Sync a Vector for Data Breaches?
- Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
- Facebook Revises Data Breach Impact Downward, Provides New Details
- How #livechatsoftware leak personal #employeedata?
- Largest Cyber Attack Against Iceland Driven by Complex Phishing Scheme
- Spring Security With Radius Login
- Labor seeks updated My Health Record legislation to prevent privatisation
THREATS
- Windows 10 October 2018 Update: Release – Halt – Bug Identified – Fix!
- FDA Issues Warning about Security Vulnerabilities in Pacemaker Programmers
- Detecting Malicious Campaigns with Machine Learning
- Almost 12K MikroTik Routers Are Hunting Around for Cryptojacking Opportunities
- The Week in Ransomware - October 12th 2018 - NotPetya, GandCrab, and More
- Microsoft Zero-Day Patch for JET Bug Incomplete, Claims Firm
- Three Industries That Blockchain Will Impact the Most
- Proof-of-Concept Available for Edge Remote Code Execution Vulnerability
- Facebook States 30 Million People Affected by Last Month's "View As" Bug
- Fake Adobe Flash Updates Hide Malicious Crypto Miners
- Learn how the #NetSpectre vulnerability affects the #cloud from expert Ed Moyle of @securitycurve.
- What's keeping the #CISO up at night? The vulnerabilities caused by third-party vendors, finds @forrester research. 65% of organizations say
- Micropatch Released to Correct Partially Fixed JET DB Engine RCE Vulnerability
- Obfuscated JavaScript Cryptominer
- FDA warns users of cyber vulnerability in pacemaker programmers
- In 2008, @nokia dominated the mobile phone universe. Four years later, the company was on the verge of extinction. Discover
- .@ThreatFabric researchers uncovered an #Android malware, #MysteryBot, which uses overlay attacks to avoid detection. Learn how this #malware affects @Google's
- New @ESET research finds APT group dubbed #TeleBots was behind #Industroyer #malware attacks, #NotPetya #ransomware outbreaks, and a recent Exaramel
- Ryan Kalember, Senior VP of #Cybersecurity Strategy at Proofpoint, discussing why humans are a company’s biggest cybersecurity vulnerability.
- Researchers at the 2018 @RSAConference discussed #stegware: @malware that uses #steganography. Discover how this works with expert @lewisnic.
- Sony Patched Three Critical Vulnerabilities In Smart TV Bravia
- Hackers targeting Drupal vulnerabilities to install the Shellbot Backdoor
- 360 Total Security has intercepted more than 50,000 Clipboard Wallet Hijacker attacks, helping users recover over 40 million
- GandCrab ransomware operators team up with crypter service
- Now, watch this... Network time protocol bugs sting Juniper operating system
- GandCrab Ransomware Partners With Crypter Service
- This is how much the WannaCry ransomware attack cost the NHS
- Researchers at Cisco Talos (@TalosSecurity) recently discovered #GravityRAT, a remote access #Trojan. Discover how this RAT can check for
- GPlayed trojan seeks to play users out of their data
- This Trojan masquerades as Google Play to hide on your phone in plain sight
- DOM-XSS Bug Affecting Tinder, Shopify, Yelp, and More
- Facebook's WhatsApp says it has fixed a video call security bug that let hackers hijack accounts.
- Marion County Jail’s Reporting System Fall Prey to Virus Attack
- Some 10% of user-reported emails malicious
- Cryptomining software is hidden as Flash update
- ThreatFabric on stage @bsidesdelft talking about the evolution of
- Vulnerability allows hijacking of software installed in macOS
- Fortnite for Android Released, But Make Sure You Don't Download Malware
- Senator asked Google to explain why the revealing of the Google+ vulnerability was postponed
- Proof-of-concept code published for Microsoft Edge remote code execution bug
CRIME
- Facebook Data Breach Update: attackers accessed data of 29 Million users
- Facebook States 30 Million People Affected by Last Month's "View As" Bug
- Fake browser update seeks to compromise more MikroTik routers
- Threat Brief: FASTCash ATM Cash Out Tactics
- Hackers targeting Drupal vulnerabilities to install the Shellbot Backdoor
- 360 Total Security has intercepted more than 50,000 Clipboard Wallet Hijacker attacks, helping users recover over 40 million
- PoC exploit for Windows Shell RCE released
- DOM-XSS Bug Affecting Tinder, Shopify, Yelp, and More
- UK's NCSC to monitor internet routing to stop DDoS and hijacks
- Largest Cyber Attack Against Iceland Driven by Complex Phishing Scheme
POLITICS
Nil
DATA BREACH & DATA LOSS
- The BEC List: Helping Thwart Business Email Compromise through Collaboration
- Personal data for coffee. What’s the risk? | Avast
- The EU and the US have investigated on data breaches on the Google+
- FitMetrix user data exposed via passwordless ElasticSearch server cluster
- Apple has formed a partnership with lyrics database provider Genius
- Defending Against Business Email Compromise Attacks
- Heathrow Airport, the busiest airport in the United Kingdom, has been fined £120,000 (about $158,173) following a data breach caused
- Palo Alto Networks Uncovers Flash Updater Cryptojacking Campaign
- Gemalto reports that 4.6 billion record leaked in the first half of 2018
- A new database with information on every shooting at a school in the last 50 years is now available publicly
- New Gallmaker APT group eschews malware in cyber espionage campaigns
- Ghostdns Attack Compromised Over 100K Routers
- A simple videocall could compromise your WhatsApp account
- Mingis on Tech: Data breaches and the rise of 'surveillance capitalism'
- Mingis on Tech: Data breaches in a world of 'surveillance capitalism'
DENIAL-OF-SERVICE
Nil
MALVERTISING
Nil
PHISHING
- California Bill Increases Default Password Security
- Cofense Report Reveals 10 Percent of User-Reported Emails Across Key Industries are Malicious, Over Half Tied to Credential Phishing
- Hackers launched #phishing attacks against @netflix users via malicious sites with TLS certificates. Learn how hackers mimic popular websites to
- Avast 2019: Extends Artificial Intelligence Technology to Block Advanced Phishing Attacks for Enhanced Consumer Security
- AVG 2019 now includes enhanced phishing threat detection
WEB DEFACEMENT
- Italian Police Finally Identified 25-Year-old Italian Hacker who have Defaced NASA Websites
BOTNET
Nil
RANSOMWARE
- Qihoo 360’s precise analysis of ransomware for September
- Costly cryptojacking overtakes ransomware in the enterprise threat stakes
CRYPTOMINING & CRYPTOCURRENCIES
- XMRig Cryptocurrency Miner Camouflages Itself as a Flash Updater
- Cops Arrest Infamous SIM Swapper Who Stole Crypto Currency
- Cops Arrest Infamous SIM Swapper Who Allegedly Stole $14 Million in Cryptocurrency
- Cryptomining malware discovered masquerading as Flash updates
- Fake Flash Updaters Push Cryptocurrency Miners
- Hackers Abusing Legitimate Googlebot Services to Inject Cryptomining Malware
- Researchers from @alienvault found a new #cryptocurrency mining malware -- dubbed #MassMiner -- that infects systems across the web. Learn
- Crypto-mining malware poses as Flash updates
- Dublin Information Sec: Protect your firm from 'Gold Rush' #cryptocurrency scammers: https://www.independent.ie/business/dublin-information-sec/dublin-information-sec-protect-your-firm-from-gold-rush-cryptocurrency-scammers-37286913.html … ( via @jimmychappell )
MALWARE
- Exaramel Malware Links Industroyer ICS malware and NotPetya wiper
- GPlayed Android Trojan Can Wipe Your Device, Steal Data, Make Calls, Send SMS
- Hackers Exploit Drupalgeddon2 to Install Backdoor
- Adaptable, All-in-One Android Trojan Shows the Future of Malware
- Talos: Android trojan resembling Play Store installs sophisticated spyware
- Most Malware Arrives Via Email
- Fake Adobe Flash Updates Hide Malicious Crypto Miners
- .@TrendMicro researchers discovered a malicious #ChromeExtension spreading #malware. Learn more with expert @lewisnic.
- GPlayed trojan – .Net playing with Google Market
- Cryptomining malware discovered masquerading as Flash updates
- This cryptojacking mining malware pretends to be a Flash update
- Hackers Abusing Legitimate Googlebot Services to Inject Cryptomining Malware
- Reaper Group Uses New Malware to Deploy RAT
- Cofense Report Reveals 10 Percent of User-Reported Emails Across Key Industries are Malicious, Over Half Tied to Credential Phishing
- Exaramel Malware Reinforces Link Between Industroyer and NotPetya
- New TeleBots backdoor: First evidence linking Industroyer to NotPetya
- New TeleBots backdoor: First evidence linking Industroyer to NotPetya
- New Android Trojan Gplayed Adapts to Attacker's Needs
- Researchers from @alienvault found a new #cryptocurrency mining malware -- dubbed #MassMiner -- that infects systems across the web. Learn
- Hackers launched #phishing attacks against @netflix users via malicious sites with TLS certificates. Learn how hackers mimic popular websites to
- Crypto-mining malware poses as Flash updates
- Who needs custom malware? 'Govt-backed' Gallmaker spy crew uses off-the-shelf wares
- Worker perks flinger Sodexo pulls Engage website after malware smackdown
- New Backdoor Ties NotPetya and Industroyer to TeleBots Group
- .@FarsightSecInc's @paulvixie says his company's new research into domain name lifespans and causes of death shows the need for new
- "Help! I have a #computer worm..oh wait is it a computer #virus?" These terms are often used interchangeably, but have
- The attached file promptly infects Peter’s laptop with the RAT, remote access trojan.
It only takes about an hour from
- New Gallmaker APT group eschews malware in cyber espionage campaigns
- GPlayed Trojan - .Net playing with Google Market
- Canada-Based Restaurant Chain Hit with Malware Attack
- Hackers Use Hijacked Email Address To Send Malware as a Reply to Existing Email Thread
- JSRAT – Secret Command and Control Channel Backdoor to Control Victims Machine Using JavaScript
- How to Defeat Malicious Everything as-a-Service
EXPLOIT
- Hackers Exploit Drupalgeddon2 to Install Backdoor
- PoC Code Available for Microsoft Edge Remote Code Execution Bug
VULNERABILITY
- Multiple Vulnerabilities Dicovered In RouterOS That Affected MikroTik Routers
- Senate seeks internal memo on Google+ vulnerability
- Slow disclosure of Google+ flaw draws attention of senators
- PoC Code Available for Microsoft Edge Remote Code Execution Bug
- .@Google Firebase's lack of #DatabaseSecurity and inadequate #BackendDevelopment led to #DataLeaks and vulnerabilities, including HospitalGown. Learn more about this
- Network Time Protocol Bugs Sting Juniper Operating System
- Juniper Networks provides dozens of fix for vulnerabilities in Junos OS
- Audit Finds No Critical Flaws in Firefox Update System
- [SingCERT] Alert on 12 Critical Microsoft Vulnerabilities for October 2018 Patch Tuesday
- A patched #MikroTik router vulnerability amps up severity rating as @TenableSecurity researchers find new potential exploits with more critical consequences.
- Juniper fixes 30+ vulnerabilities in its routing, switching devices
- Adobe patches critical flaws in many of its software offerings
- Update now! Microsoft fixes 49 bugs, 12 are critical
- All WhatsApp Users Must Update: Zero Day Bug Found in WhatsApp
- VMware issues advisory for a DoS vulnerability
- .@TenableSecurity found new exploits of an already patched #MikroTik router vulnerability that could enable hackers to launch #RemoteCode execution attacks.
- Juniper Patches Serious Flaws in Junos OS
- Microsoft October Patch Tuesday fixed Win32k privilege vulnerability that used in targeted attacks
- Four Critical Flaws Patched In Adobe Digital Edition
HEALTHCARE
- What would happen if an attack interrupted a country’s power supply?
TRANSPORT
- AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide
- All WhatsApp Users Must Update: Zero Day Bug Found in WhatsApp
- Heathrow Airport, the busiest airport in the United Kingdom, has been fined £120,000 (about $158,173) following a data breach caused
- A simple videocall could compromise your WhatsApp account
BANKING & FINANCE
- Exaramel Malware Links Industroyer ICS malware and NotPetya wiper
- GPlayed Android Trojan Can Wipe Your Device, Steal Data, Make Calls, Send SMS
- Cybersecurity Authorities Issue Alert About Publicly Available Hacking Tools
- Talos: Android trojan resembling Play Store installs sophisticated spyware
- Cops Arrest Infamous SIM Swapper Who Stole Crypto Currency
- AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide
- Hackers Abusing Legitimate Googlebot Services to Inject Cryptomining Malware
- Magecart Card-Stealing Gang Hits 'Shopper Approved' Plug-In
- Gemalto reports that 4.6 billion record leaked in the first half of 2018
- Threats in the Netherlands
- GPlayed Trojan - .Net playing with Google Market
- Ghostdns Attack Compromised Over 100K Routers
- Hackers Use Hijacked Email Address To Send Malware as a Reply to Existing Email Thread
INFORMATION & TELECOMMUNICATION
- Personal data for coffee. What’s the risk? | Avast
- Most Malware Arrives Via Email
- AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide
- All WhatsApp Users Must Update: Zero Day Bug Found in WhatsApp
- Heathrow Airport, the busiest airport in the United Kingdom, has been fined £120,000 (about $158,173) following a data breach caused
- A new database with information on every shooting at a school in the last 50 years is now available publicly
- Dublin Information Sec: Protect your firm from 'Gold Rush' #cryptocurrency scammers: https://www.independent.ie/business/dublin-information-sec/dublin-information-sec-protect-your-firm-from-gold-rush-cryptocurrency-scammers-37286913.html … ( via @jimmychappell )
- A simple videocall could compromise your WhatsApp account
- Mingis on Tech: Data breaches and the rise of 'surveillance capitalism'
- Mingis on Tech: Data breaches in a world of 'surveillance capitalism'
FOOD
Nil
WATER
Nil
ENERGY
- Exaramel Malware Links Industroyer ICS malware and NotPetya wiper
- AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide
- Researchers link tools used in NotPetya and Ukraine grid hacks
- What would happen if an attack interrupted a country’s power supply?
- Hackers Use Hijacked Email Address To Send Malware as a Reply to Existing Email Thread
GOVERNMENT & PUBLIC SERVICE
Nil
ASIA
- Cybersecurity Authorities Issue Alert About Publicly Available Hacking Tools
- AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide
- What would happen if an attack interrupted a country’s power supply?
- Reaper Group Uses New Malware to Deploy RAT
- Threats in the Netherlands
WORLD
- Exaramel Malware Links Industroyer ICS malware and NotPetya wiper
- Cybersecurity Authorities Issue Alert About Publicly Available Hacking Tools
- The Reality of Self-Driving Cars and the Regulatory Hurdles
- Adaptable, All-in-One Android Trojan Shows the Future of Malware
- Talos: Android trojan resembling Play Store installs sophisticated spyware
- AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide
- The EU and the US have investigated on data breaches on the Google+
- Researchers link tools used in NotPetya and Ukraine grid hacks
- What would happen if an attack interrupted a country’s power supply?
- Cops Arrest Infamous SIM Swapper Who Allegedly Stole $14 Million in Cryptocurrency
- Reaper Group Uses New Malware to Deploy RAT
- Worker perks flinger Sodexo pulls Engage website after malware smackdown
- Defending Against Business Email Compromise Attacks
- Heathrow Airport, the busiest airport in the United Kingdom, has been fined £120,000 (about $158,173) following a data breach caused
- Microsoft October Patch Tuesday fixed Win32k privilege vulnerability that used in targeted attacks
- Threats in the Netherlands
- New Gallmaker APT group eschews malware in cyber espionage campaigns
- Italian Police Finally Identified 25-Year-old Italian Hacker who have Defaced NASA Websites
- GPlayed Trojan - .Net playing with Google Market
- Ghostdns Attack Compromised Over 100K Routers
- Canada-Based Restaurant Chain Hit with Malware Attack
ATTACKS
- The BEC List: Helping Thwart Business Email Compromise through Collaboration
- Personal data for coffee. What’s the risk? | Avast
- California Bill Increases Default Password Security
- The EU and the US have investigated on data breaches on the Google+
- FitMetrix user data exposed via passwordless ElasticSearch server cluster
- Apple has formed a partnership with lyrics database provider Genius
- Cofense Report Reveals 10 Percent of User-Reported Emails Across Key Industries are Malicious, Over Half Tied to Credential Phishing
- Hackers launched #phishing attacks against @netflix users via malicious sites with TLS certificates. Learn how hackers mimic popular websites to
- Defending Against Business Email Compromise Attacks
- Heathrow Airport, the busiest airport in the United Kingdom, has been fined £120,000 (about $158,173) following a data breach caused
- Palo Alto Networks Uncovers Flash Updater Cryptojacking Campaign
- Gemalto reports that 4.6 billion record leaked in the first half of 2018
- A new database with information on every shooting at a school in the last 50 years is now available publicly
- New Gallmaker APT group eschews malware in cyber espionage campaigns
- Ghostdns Attack Compromised Over 100K Routers
- A simple videocall could compromise your WhatsApp account
- Mingis on Tech: Data breaches and the rise of 'surveillance capitalism'
- Mingis on Tech: Data breaches in a world of 'surveillance capitalism'
- Avast 2019: Extends Artificial Intelligence Technology to Block Advanced Phishing Attacks for Enhanced Consumer Security
- AVG 2019 now includes enhanced phishing threat detection
THREATS
- Exaramel Malware Links Industroyer ICS malware and NotPetya wiper
- Multiple Vulnerabilities Dicovered In RouterOS That Affected MikroTik Routers
- GPlayed Android Trojan Can Wipe Your Device, Steal Data, Make Calls, Send SMS
- Senate seeks internal memo on Google+ vulnerability
- XMRig Cryptocurrency Miner Camouflages Itself as a Flash Updater
- Slow disclosure of Google+ flaw draws attention of senators
- Hackers Exploit Drupalgeddon2 to Install Backdoor
- PoC Code Available for Microsoft Edge Remote Code Execution Bug
- Adaptable, All-in-One Android Trojan Shows the Future of Malware
- Talos: Android trojan resembling Play Store installs sophisticated spyware
- Most Malware Arrives Via Email
- .@Google Firebase's lack of #DatabaseSecurity and inadequate #BackendDevelopment led to #DataLeaks and vulnerabilities, including HospitalGown. Learn more about this
- Cops Arrest Infamous SIM Swapper Who Stole Crypto Currency
- Network Time Protocol Bugs Sting Juniper Operating System
- Juniper Networks provides dozens of fix for vulnerabilities in Junos OS
- Audit Finds No Critical Flaws in Firefox Update System
- Fake Adobe Flash Updates Hide Malicious Crypto Miners
- [SingCERT] Alert on 12 Critical Microsoft Vulnerabilities for October 2018 Patch Tuesday
- Cops Arrest Infamous SIM Swapper Who Allegedly Stole $14 Million in Cryptocurrency
- .@TrendMicro researchers discovered a malicious #ChromeExtension spreading #malware. Learn more with expert @lewisnic.
- GPlayed trojan – .Net playing with Google Market
- Cryptomining malware discovered masquerading as Flash updates
- This cryptojacking mining malware pretends to be a Flash update
- Fake Flash Updaters Push Cryptocurrency Miners
- Hackers Abusing Legitimate Googlebot Services to Inject Cryptomining Malware
- Reaper Group Uses New Malware to Deploy RAT
- Cofense Report Reveals 10 Percent of User-Reported Emails Across Key Industries are Malicious, Over Half Tied to Credential Phishing
- Exaramel Malware Reinforces Link Between Industroyer and NotPetya
- A patched #MikroTik router vulnerability amps up severity rating as @TenableSecurity researchers find new potential exploits with more critical consequences.
- New TeleBots backdoor: First evidence linking Industroyer to NotPetya
- New TeleBots backdoor: First evidence linking Industroyer to NotPetya
- New Android Trojan Gplayed Adapts to Attacker's Needs
- Juniper fixes 30+ vulnerabilities in its routing, switching devices
- Researchers from @alienvault found a new #cryptocurrency mining malware -- dubbed #MassMiner -- that infects systems across the web. Learn
- Adobe patches critical flaws in many of its software offerings
- Update now! Microsoft fixes 49 bugs, 12 are critical
- Hackers launched #phishing attacks against @netflix users via malicious sites with TLS certificates. Learn how hackers mimic popular websites to
- Qihoo 360’s precise analysis of ransomware for September
- Costly cryptojacking overtakes ransomware in the enterprise threat stakes
- Crypto-mining malware poses as Flash updates
- All WhatsApp Users Must Update: Zero Day Bug Found in WhatsApp
- Who needs custom malware? 'Govt-backed' Gallmaker spy crew uses off-the-shelf wares
- Worker perks flinger Sodexo pulls Engage website after malware smackdown
- VMware issues advisory for a DoS vulnerability
- .@TenableSecurity found new exploits of an already patched #MikroTik router vulnerability that could enable hackers to launch #RemoteCode execution attacks.
- New Backdoor Ties NotPetya and Industroyer to TeleBots Group
- Juniper Patches Serious Flaws in Junos OS
- Microsoft October Patch Tuesday fixed Win32k privilege vulnerability that used in targeted attacks
- .@FarsightSecInc's @paulvixie says his company's new research into domain name lifespans and causes of death shows the need for new
- "Help! I have a #computer worm..oh wait is it a computer #virus?" These terms are often used interchangeably, but have
- The attached file promptly infects Peter’s laptop with the RAT, remote access trojan.
It only takes about an hour from
- New Gallmaker APT group eschews malware in cyber espionage campaigns
- GPlayed Trojan - .Net playing with Google Market
- Dublin Information Sec: Protect your firm from 'Gold Rush' #cryptocurrency scammers: https://www.independent.ie/business/dublin-information-sec/dublin-information-sec-protect-your-firm-from-gold-rush-cryptocurrency-scammers-37286913.html … ( via @jimmychappell )
- Canada-Based Restaurant Chain Hit with Malware Attack
- Hackers Use Hijacked Email Address To Send Malware as a Reply to Existing Email Thread
- JSRAT – Secret Command and Control Channel Backdoor to Control Victims Machine Using JavaScript
- Four Critical Flaws Patched In Adobe Digital Edition
- How to Defeat Malicious Everything as-a-Service
CRIME
- The BEC List: Helping Thwart Business Email Compromise through Collaboration
- PoC Code Available for Microsoft Edge Remote Code Execution Bug
- The EU and the US have investigated on data breaches on the Google+
- Cops Arrest Infamous SIM Swapper Who Allegedly Stole $14 Million in Cryptocurrency
- Cofense Report Reveals 10 Percent of User-Reported Emails Across Key Industries are Malicious, Over Half Tied to Credential Phishing
- Defending Against Business Email Compromise Attacks
- Gemalto reports that 4.6 billion record leaked in the first half of 2018
- Threats in the Netherlands
POLITICS
- What would happen if an attack interrupted a country’s power supply?
- Cops Arrest Infamous SIM Swapper Who Allegedly Stole $14 Million in Cryptocurrency
- Who needs custom malware? 'Govt-backed' Gallmaker spy crew uses off-the-shelf wares
- Threats in the Netherlands
- New Gallmaker APT group eschews malware in cyber espionage campaigns
- Italian Police Finally Identified 25-Year-old Italian Hacker who have Defaced NASA Websites
- A simple videocall could compromise your WhatsApp account
- Avast 2019: Extends Artificial Intelligence Technology to Block Advanced Phishing Attacks for Enhanced Consumer Security
- JSRAT – Secret Command and Control Channel Backdoor to Control Victims Machine Using JavaScript
