DATA BREACH & DATA LOSS
- CMS portal breach exposes 75,000 individuals' records
- New Ethics Guidance for Lawyers from the American Bar Association (ABA) Regarding Data Breach and Cyber-attack
- According to the report, researchers detected 33,568 email addresses of finance departments that had been exposed by third parties. Can
- #NetSpectre leaks data remotely via side-channel attacks. Learn from expert Michael Cobb of @thehairyITdog why data from #microprocessors is not
- Criminals Hijacked Records of 75 000 Users from
- A #ZeroDay in #jQuery File Upload could affect thousands of projects because the jQuery #plugin vulnerability has existed for eight
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- US Indicts Another Russian for Role in Info Warfare Campaign
- What are DMARC records and can they improve email security?
- Anthem in Record $16m HIPAA Settlement
- The Hunt - Our new data breach detection video looks like a Mission Impossible trailer. However, the threats are for
- #NetSpectre exploits speculative execution to leak data remotely via side-channel attacks. Learn how this #SecurityVulnerability affects the #cloud from expert
- The most interesting Internet-connected vehicle hacks on record
- Web Hosting Software VestaCP Server Compromised With DDoS Malware
- Find out how #TLBleed abuses @Intel's HTT chip feature to leak data via TLB
- Are you aware of #Canada's data breach regulations? Get up to speed on the #blog:
DENIAL-OF-SERVICE
- NSA Hacking Tools Used Against Nuke, Aerospace Worlds
- Web Hosting Software VestaCP Server Compromised With DDoS Malware
MALVERTISING
Nil
PHISHING
- Phishing Scheme Leverages Azure Blob Storage and Hurricane Michael
- Strict password policy could prevent credential reuse, paper suggests
- Natural Disaster Related Phishing Scam Abusing Microsoft Azure to Steal login Credentials & Credit Card Numbers
WEB DEFACEMENT
- Saudi Future Investment Initiative website defaced by the hackers
- Hackers Deface Website of Saudi Investment Forum
BOTNET
- The Russian built #VPNFilter #botnet was taken down by the @FBI after over 500,000 routers were infected. However, VPNFilter is
RANSOMWARE
- Gamma ransomware compromises data on 16,000 patients at California hernia institute
- Ransomware: A cheat sheet for professionals
- The latest variant of Satan ransomware is spreading in the wild
CRYPTOMINING & CRYPTOCURRENCIES
- Blockchain Security and Privacy
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- iCloud Hacker Wants $175,000 Ransom to Be Paid In Bitcoin (BTC)
- Trade.io loses $7.5Mil worth of cryptocurrency in mysterious cold wallet hack
- Introducing Infura: Connecting DApps With Ethereum Without Setting up Ethereum Nodes
- Business-minded hackers are testing blockchain technologies to secure their illegal operations. Here's what enterprises can learn from them:
- India’s First Cryptocurrency ATM To Buy and Sell Cryptocurrencies
MALWARE
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- US Tops Global Malware C2 Distribution
- Signal Upgrade Process Leaves Unencrypted Messages on Disk
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- The boom of fileless malware attacks: How can we fight it?
- Octopus Malware
- Maker of LuminosityLink RAT gets 30 months in the clink
- Web Hosting Software VestaCP Server Compromised With DDoS Malware
- Adding the EICAR string to your name as part of the visitor self-registration process is a bit of a faux
EXPLOIT
- Apple Voiceover Exploit Allows Attackers Access to Ios Devices
VULNERABILITY
- Cisco, F5 Networks Investigate libssh Vulnerability Impact
- How to detect hardware-based server bugs
- Flaw in Media Library Impacts VLC, Other Software
- Libssh CVE-2018-10933 Scanners & Exploits Released - Apply Updates Now
- Recent Branch.io Patch Creates New XSS Flaw
- Critical Bug Impacts Live555 Media Streaming Libraries
- A newly disclosed #libSSH vulnerability could allow an attacker #AdminAccess to a server with little effort. By @MT_Heller
- Zero-day jQuery plugin vulnerability exploited for 3 years
- CVE-2018-4013: LIVE555 streaming media RTSP Server Remote Code Execution Vulnerability
- Popular website plugin harboured a serious 0-day for years
- A #ZeroDay in #jQuery File Upload could affect thousands of projects because the jQuery #plugin vulnerability has existed for eight
- It's OK, I'm verified - Libssh flaw allows attackers to bypass server authentication
- Repairnator bot finds software bugs, successfully submits patches
- Drupal Patched Critical RCE Vulnerabilities In Drupal 7 and 8
- FreeRTOS flaws expose millions of IoT devices to cyber attacks
- The .@iDefense Vulnerability Contributor Program (VCP) bug-bounty initiative continues to attract top contributors. Join them by submitting your 0-day for
- Critical vulnerabilities on FreeRTOS expose many systems to attacks
- WebLogic Remote Code Execution Vulnerability(CVE-2018-3245) Threat Alert
- MPlayer and VLC media player affected by critical flaw CVE-2018-4013
- Remote Code Execution Flaws Found in FreeRTOS - Popular OS for Embedded Systems
- Why does Windows 10 have many bugs?
ASIA
- Saudi Future Investment Initiative website defaced by the hackers
- Hackers Deface Website of Saudi Investment Forum
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- A week in security (October 15 – 21)
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- WebLogic Remote Code Execution Vulnerability(CVE-2018-3245) Threat Alert
- India’s First Cryptocurrency ATM To Buy and Sell Cryptocurrencies
OCEANIA
Nil
NORTH AMERICA
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- US Tops Global Malware C2 Distribution
- A week in security (October 15 – 21)
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- Safeguarding the Nation’s Critical Infrastructure
- New Ethics Guidance for Lawyers from the American Bar Association (ABA) Regarding Data Breach and Cyber-attack
- The boom of fileless malware attacks: How can we fight it?
- Criminals Hijacked Records of 75 000 Users from
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- US Indicts Another Russian for Role in Info Warfare Campaign
- Anthem in Record $16m HIPAA Settlement
- Are you aware of #Canada's data breach regulations? Get up to speed on the #blog:
SOUTH AMERICA
Nil
EUROPE
- A week in security (October 15 – 21)
- The Russian built #VPNFilter #botnet was taken down by the @FBI after over 500,000 routers were infected. However, VPNFilter is
- iCloud Hacker Wants $175,000 Ransom to Be Paid In Bitcoin (BTC)
- Repairnator bot finds software bugs, successfully submits patches
- New APT GreyEnergy Found to Target EU Critical Systems, Linked to BlackEnergy
- US Indicts Another Russian for Role in Info Warfare Campaign
AFRICA
Nil
HEALTHCARE
- CMS portal breach exposes 75,000 individuals' records
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- Gamma ransomware compromises data on 16,000 patients at California hernia institute
- Safeguarding the Nation’s Critical Infrastructure
- Criminals Hijacked Records of 75 000 Users from
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- Critical vulnerabilities on FreeRTOS expose many systems to attacks
- Anthem in Record $16m HIPAA Settlement
TRANSPORT
- NSA Hacking Tools Used Against Nuke, Aerospace Worlds
- Critical vulnerabilities on FreeRTOS expose many systems to attacks
BANKING & FINANCE
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- According to the report, researchers detected 33,568 email addresses of finance departments that had been exposed by third parties. Can
- Phishing Scheme Leverages Azure Blob Storage and Hurricane Michael
- FreeRTOS flaws expose millions of IoT devices to cyber attacks
- Critical vulnerabilities on FreeRTOS expose many systems to attacks
- Natural Disaster Related Phishing Scam Abusing Microsoft Azure to Steal login Credentials & Credit Card Numbers
- India’s First Cryptocurrency ATM To Buy and Sell Cryptocurrencies
INFORMATION & TELECOMMUNICATION
- Saudi Future Investment Initiative website defaced by the hackers
- Blockchain Security and Privacy
- A week in security (October 15 – 21)
- Popular website plugin harboured a serious 0-day for years
- The latest variant of Satan ransomware is spreading in the wild
FOOD
Nil
WATER
Nil
ENERGY
- Safeguarding the Nation’s Critical Infrastructure
- New APT GreyEnergy Found to Target EU Critical Systems, Linked to BlackEnergy
GOVERNMENT & PUBLIC SERVICE
- Saudi Future Investment Initiative website defaced by the hackers
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- CMS portal breach exposes 75,000 individuals' records
- Safeguarding the Nation’s Critical Infrastructure
- Criminals Hijacked Records of 75 000 Users from
- US Indicts Another Russian for Role in Info Warfare Campaign
- Anthem in Record $16m HIPAA Settlement
ASIA
- Saudi Future Investment Initiative website defaced by the hackers
- Hackers Deface Website of Saudi Investment Forum
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- A week in security (October 15 – 21)
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- WebLogic Remote Code Execution Vulnerability(CVE-2018-3245) Threat Alert
- India’s First Cryptocurrency ATM To Buy and Sell Cryptocurrencies
WORLD
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- US Tops Global Malware C2 Distribution
- A week in security (October 15 – 21)
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- Safeguarding the Nation’s Critical Infrastructure
- New Ethics Guidance for Lawyers from the American Bar Association (ABA) Regarding Data Breach and Cyber-attack
- The boom of fileless malware attacks: How can we fight it?
- Criminals Hijacked Records of 75 000 Users from
- The Russian built #VPNFilter #botnet was taken down by the @FBI after over 500,000 routers were infected. However, VPNFilter is
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- iCloud Hacker Wants $175,000 Ransom to Be Paid In Bitcoin (BTC)
- Repairnator bot finds software bugs, successfully submits patches
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- New APT GreyEnergy Found to Target EU Critical Systems, Linked to BlackEnergy
- US Indicts Another Russian for Role in Info Warfare Campaign
- Anthem in Record $16m HIPAA Settlement
- Are you aware of #Canada's data breach regulations? Get up to speed on the #blog:
ATTACKS
- CMS portal breach exposes 75,000 individuals' records
- New Ethics Guidance for Lawyers from the American Bar Association (ABA) Regarding Data Breach and Cyber-attack
- According to the report, researchers detected 33,568 email addresses of finance departments that had been exposed by third parties. Can
- #NetSpectre leaks data remotely via side-channel attacks. Learn from expert Michael Cobb of @thehairyITdog why data from #microprocessors is not
- Phishing Scheme Leverages Azure Blob Storage and Hurricane Michael
- Criminals Hijacked Records of 75 000 Users from
- Strict password policy could prevent credential reuse, paper suggests
- A #ZeroDay in #jQuery File Upload could affect thousands of projects because the jQuery #plugin vulnerability has existed for eight
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- US Indicts Another Russian for Role in Info Warfare Campaign
- What are DMARC records and can they improve email security?
- Anthem in Record $16m HIPAA Settlement
- The Hunt - Our new data breach detection video looks like a Mission Impossible trailer. However, the threats are for
- #NetSpectre exploits speculative execution to leak data remotely via side-channel attacks. Learn how this #SecurityVulnerability affects the #cloud from expert
- The most interesting Internet-connected vehicle hacks on record
- Web Hosting Software VestaCP Server Compromised With DDoS Malware
- Find out how #TLBleed abuses @Intel's HTT chip feature to leak data via TLB
- Natural Disaster Related Phishing Scam Abusing Microsoft Azure to Steal login Credentials & Credit Card Numbers
- Are you aware of #Canada's data breach regulations? Get up to speed on the #blog:
THREATS
- Cisco, F5 Networks Investigate libssh Vulnerability Impact
- How to detect hardware-based server bugs
- Flaw in Media Library Impacts VLC, Other Software
- Libssh CVE-2018-10933 Scanners & Exploits Released - Apply Updates Now
- How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
- Blockchain Security and Privacy
- Recent Branch.io Patch Creates New XSS Flaw
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- US Tops Global Malware C2 Distribution
- Signal Upgrade Process Leaves Unencrypted Messages on Disk
- Gamma ransomware compromises data on 16,000 patients at California hernia institute
- Critical Bug Impacts Live555 Media Streaming Libraries
- A newly disclosed #libSSH vulnerability could allow an attacker #AdminAccess to a server with little effort. By @MT_Heller
- Zero-day jQuery plugin vulnerability exploited for 3 years
- .@alienvault researchers recently discovered #MassMiner, a #cryptocurrency mining #malware that has the ability to infect systems across the web. Discover
- CVE-2018-4013: LIVE555 streaming media RTSP Server Remote Code Execution Vulnerability
- The boom of fileless malware attacks: How can we fight it?
- Ransomware: A cheat sheet for professionals
- Popular website plugin harboured a serious 0-day for years
- A #ZeroDay in #jQuery File Upload could affect thousands of projects because the jQuery #plugin vulnerability has existed for eight
- It's OK, I'm verified - Libssh flaw allows attackers to bypass server authentication
- Octopus Malware
- iCloud Hacker Wants $175,000 Ransom to Be Paid In Bitcoin (BTC)
- Repairnator bot finds software bugs, successfully submits patches
- Drupal Patched Critical RCE Vulnerabilities In Drupal 7 and 8
- Trade.io loses $7.5Mil worth of cryptocurrency in mysterious cold wallet hack
- FreeRTOS flaws expose millions of IoT devices to cyber attacks
- The latest variant of Satan ransomware is spreading in the wild
- The .@iDefense Vulnerability Contributor Program (VCP) bug-bounty initiative continues to attract top contributors. Join them by submitting your 0-day for
- Maker of LuminosityLink RAT gets 30 months in the clink
- Introducing Infura: Connecting DApps With Ethereum Without Setting up Ethereum Nodes
- Critical vulnerabilities on FreeRTOS expose many systems to attacks
- WebLogic Remote Code Execution Vulnerability(CVE-2018-3245) Threat Alert
- MPlayer and VLC media player affected by critical flaw CVE-2018-4013
- Web Hosting Software VestaCP Server Compromised With DDoS Malware
- Adding the EICAR string to your name as part of the visitor self-registration process is a bit of a faux
- Business-minded hackers are testing blockchain technologies to secure their illegal operations. Here's what enterprises can learn from them:
- Remote Code Execution Flaws Found in FreeRTOS - Popular OS for Embedded Systems
- India’s First Cryptocurrency ATM To Buy and Sell Cryptocurrencies
- Why does Windows 10 have many bugs?
CRIME
- Blockchain Security and Privacy
- Rambus Vaultify Trade: Secure transaction and storage of crypto assets on blockchain
- A week in security (October 15 – 21)
- Oceansalt Attacks Infrastructure, Finance, Universities and Telecommunications
- The boom of fileless malware attacks: How can we fight it?
- Phishing Scheme Leverages Azure Blob Storage and Hurricane Michael
- iCloud Hacker Wants $175,000 Ransom to Be Paid In Bitcoin (BTC)
- 75,000 HealthCare.gov Users Exposed, Personal Information Stolen
- The latest variant of Satan ransomware is spreading in the wild
- US Indicts Another Russian for Role in Info Warfare Campaign
- Natural Disaster Related Phishing Scam Abusing Microsoft Azure to Steal login Credentials & Credit Card Numbers
POLITICS
- Saudi Future Investment Initiative website defaced by the hackers
- New Ethics Guidance for Lawyers from the American Bar Association (ABA) Regarding Data Breach and Cyber-attack
- Enigmatic cyber espionage campaign revives source code from old foe APT1
- Octopus Malware
- New APT GreyEnergy Found to Target EU Critical Systems, Linked to BlackEnergy
- US Indicts Another Russian for Role in Info Warfare Campaign
DATA BREACH & DATA LOSS
- HealthCare.gov Suffered Data Breach As Hackers Stole 75,000 Records
- Week in review: Pentagon data breach, cybersecurity workforce gap, who gets spear phished?
- Another US Voters Data Leak Via Tea Party PAC Misconfigured S3 Bucket
- Travel data for about 30,000 individuals was exposed in a Pentagon #DataBreach and experts expect that the information could be
- A combination of #SecurityFlaws and inadequate back-end development of the @Google Firebase database led to #DataLeaks and #SecurityVulnerabilities including HospitalGown.
- Hackers Breach HealthCare.gov System and Steals Sensitive Personal Data of 75,000 Customers
DENIAL-OF-SERVICE
Nil
MALVERTISING
Nil
PHISHING
- Hackers launched @netflix #phishing attacks by obtaining TLS certificates. Learn how hackers mimic popular websites to spoof users and steal
WEB DEFACEMENT
Nil
BOTNET
Nil
RANSOMWARE
- Kraken Cryptor Ransomware Connecting to BleepingComputer During Encryption
- Banking trojans, not #ransomware, are the biggest threat to the enterprise now.
CRYPTOMINING & CRYPTOCURRENCIES
- Kraken Cryptor Ransomware Connecting to BleepingComputer During Encryption
MALWARE
- GreyEnergy Malware Targets Energy and Transport Providers
- Then a vendor calls.
A quality control system is running a hidden process.
That shouldn’t be happening.
The vendor rep
EXPLOIT
Nil
VULNERABILITY
- Multiple Vulnerabilities In Telepresence Robots Patched
- Tumblr Patched Privacy Bug That Could Expose Sensitive Account Details
- WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS
- 2 Million Network Storage Devices From WD, SeaGate, NetGear Affected by Unpatched Zero-Day Vulnerabilities
ASIA
- DarkPulsar and other NSA hacking tools used in hacking operations in the wild
- Security Affairs newsletter Round 185 – News of the week
WORLD
- HealthCare.gov Suffered Data Breach As Hackers Stole 75,000 Records
- DarkPulsar and other NSA hacking tools used in hacking operations in the wild
- Another US Voters Data Leak Via Tea Party PAC Misconfigured S3 Bucket
- GreyEnergy Malware Targets Energy and Transport Providers
- Security Affairs newsletter Round 185 – News of the week
- WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS
ATTACKS
- HealthCare.gov Suffered Data Breach As Hackers Stole 75,000 Records
- Week in review: Pentagon data breach, cybersecurity workforce gap, who gets spear phished?
- Another US Voters Data Leak Via Tea Party PAC Misconfigured S3 Bucket
- Travel data for about 30,000 individuals was exposed in a Pentagon #DataBreach and experts expect that the information could be
- Hackers launched @netflix #phishing attacks by obtaining TLS certificates. Learn how hackers mimic popular websites to spoof users and steal
- A combination of #SecurityFlaws and inadequate back-end development of the @Google Firebase database led to #DataLeaks and #SecurityVulnerabilities including HospitalGown.
- Hackers Breach HealthCare.gov System and Steals Sensitive Personal Data of 75,000 Customers
THREATS
- Multiple Vulnerabilities In Telepresence Robots Patched
- Tumblr Patched Privacy Bug That Could Expose Sensitive Account Details
- GreyEnergy Malware Targets Energy and Transport Providers
- Kraken Cryptor Ransomware Connecting to BleepingComputer During Encryption
- Banking trojans, not #ransomware, are the biggest threat to the enterprise now.
- Then a vendor calls.
A quality control system is running a hidden process.
That shouldn’t be happening.
The vendor rep
- WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS
- 2 Million Network Storage Devices From WD, SeaGate, NetGear Affected by Unpatched Zero-Day Vulnerabilities
CRIME
- Security Affairs newsletter Round 185 – News of the week
POLITICS
- Security Affairs newsletter Round 185 – News of the week
