DATA BREACH & DATA LOSS
- Email Stealing Emotet Banking Trojan Resurrected in New Extensive Spam Campaign
- Oops: Cisco accidentally leaked in-house Dirty COW exploit code with biz conf call software
- Bug Bounty Hunter Ran ISP Doxing Service
- DJI drone hack could have exposed sensitive data
- Emotet launches major new spam campaign
- .@ablaich: “Breaches that include personally identifiable information are always dangerous because they can lead to identity theft... they can also
- Canada Post leaks sensitive information of thousands of cannabis buyers
- D93 staff accounts compromised through a phishing scam
- Drone vulnerability could compromise enterprise data
- "If the schemas prove not to be compatible, a backup of the previous version of a database must be used
- Exposed data of nearly 700k American Express India customers
- Nearly 700,000 Plaintext Records of American Express India Customers Personal Info Exposed Online
DENIAL-OF-SERVICE
- 'DerpTroll' derps into plea deal, admits DDoS attacks on EA, Steam, Sony game servers
- DerpTrolling game server DDoS attacker pleads guilty
- Sony DDoS-er 'DerpTrolling' Pleads Guilty
- Notorious "DerpTrolling" Pleads Guilty to DDoS Attacks on EA & Sony
MALVERTISING
Nil
PHISHING
- Trickbot Malware Added Password And Browser History Stealing
- Man Sent Letter Bomb To Bitcoin Firm Over Password Reset
- This banking malware just added password and browser history stealing to its playbook
- This banking #malware just added #password and browser history stealing to its playbook https://zd.net/2Pl6v31 via @ZDNet & @dannyjpalmer
- Phishing Attempts Soar to 137 Million in Q3
- Phishing now possible by exploiting online video function vulnerability in Word
- D93 staff accounts compromised through a phishing scam
- 5 Ways #Cybercriminals Can Access Your Emails Without #Phishing | Check out the full infographic here:
- Criminals are targeting cardless ATMs with the help of SMS text-based phishing (aka smishing) to drain bank accounts using stolen
WEB DEFACEMENT
Nil
BOTNET
- Spammer scum hack 100,000 home routers via UPnP vulns to craft email-flinging botnet
- This Week in Security News: Fake Apps & Malicious Bots
- New spam botnet infects over 100,000 home routers
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- IoT botnet BCMUPnP_Hunter targets routers with vulnerable UPnP feature
- BCMPUPnP_Hunter Botnet infected 400k routers to turn them in email spammers
RANSOMWARE
- Ransomware Still the Top Malware Threat During 2018 According to Europol
- The Week in Ransomware - November 9th 2018 - Mostly Dharma Variants
- Kraken Ransomware
- Are you prepared for #ransomware? Download this how-to guide to learn how to prepare for and detect an attack before
CRYPTOMINING & CRYPTOCURRENCIES
- StatCounter fingers cache-poisoning caper for Bitcoin-slurping JavaScript hijack
- Cryptomining Malware Uses Rootkit to Hide on Infected Linux Systems
- Stealthy Crypto-Mining Malware Evades Detection
- Man Sent Letter Bomb To Bitcoin Firm Over Password Reset
- Linux cryptocurrency miners are installing rootkits to hide themselves
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Kraken Ransomware
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- No, You Don't Need a Blockchain
- Canadian Uni Shutters Network After Cryptomining Attack
- Hackers hide malware in the Windows installation files to mine cryptocurrency
- Visiting Bitcoin City.
- Seagate and IBM Work Together to Help Reduce Global Hard Drive Counterfeiting with Blockchain Technology
MALWARE
- Hackers Target Bitcoins and USCYBERCOM Shares Malware | Avast
- Koadic: Security Defense in the Age of LoL Malware, Part IV
- Email Stealing Emotet Banking Trojan Resurrected in New Extensive Spam Campaign
- Ransomware Still the Top Malware Threat During 2018 According to Europol
- The Pentagon is Publishing Foreign Nation-State Malware
- Cryptomining Malware Uses Rootkit to Hide on Infected Linux Systems
- Stealthy Crypto-Mining Malware Evades Detection
- Advanced tools: Process Hacker
- Trickbot Malware Added Password And Browser History Stealing
- This Week in Security News: Fake Apps & Malicious Bots
- "Inception Attackers" Combine Old Exploit and New Backdoor
- Playbook Fridays: Domain Spinning Workbench Spaces App
- This banking malware just added password and browser history stealing to its playbook
- South Korean Hackers Arrested for Infecting Cryto Mining Malware
- #Cyberespionage hackers have used stolen #DigitalCertificates to steal data. Expert Michael Cobb of @thehairyITdog explains how hackers sign Plead
- This banking #malware just added #password and browser history stealing to its playbook https://zd.net/2Pl6v31 via @ZDNet & @dannyjpalmer
- The Morris Worm Turns 30
- Idaho Falls School District Struck by a Computer Virus Attack
- OSX/SurfBuyer: Real malware is in the eye of the device holder
- How is Plead malware used for cyberespionage attacks?
- VirusTotal and USCyberCom Join Forces To Identify Malware
- Hackers hide malware in the Windows installation files to mine cryptocurrency
- U.S. Cyber Command #malware samples will be shared to #VirusTotal by the Cyber National Mission Force and one expert said
EXPLOIT
- Oops: Cisco accidentally leaked in-house Dirty COW exploit code with biz conf call software
- "Inception Attackers" Combine Old Exploit and New Backdoor
VULNERABILITY
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Recently-Patched Adobe ColdFusion Flaw Exploited By APT
- Zero-day in popular WordPress plugin exploited in the wild to take over sites
- Bug Bounty Hunter Ran ISP Doxing Service
- VMware releases security patches for a critical virtual machine escape flaw
- Infosec Problems For 2019 and Beyond: Patching, Bug Bounties and Hype
- VMware Patches VM Escape Flaw Disclosed at Chinese Hacking Contest
- Inception Attackers Target Europe with Year-old Office Vulnerability
- Flaws in Roche Medical Devices Can Put Patients at Risk
- Inception hackers target European organisations with old Office flaw
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- Serious XSS Vulnerability Patched in Evernote
- Update now! WordPress sites vulnerable to WooCommerce plugin flaw
- Phishing now possible by exploiting online video function vulnerability in Word
- Vulnerabilities in Our Infrastructure: 5 Ways to Mitigate the Risk
- Cisco fixes two critical bugs, recommends workaround for a third
- Drone vulnerability could compromise enterprise data
- US Air Force invites white hats to find hackable flaws, again
- Prioritizing Flaws Based on Severity Increasingly Ineffective: Study
- DJI Drone Can be Hacked using New Vulnerability To Steal Drone’s Flight logs, Photos & Videos
- Adobe ColdFusion Vulnerability Exploited in the Wild
- Combination of bugs in WordPress and WooCommerce allows website hijacking
- Hack the Air Force 3.0 – New vulnerability bounty program
ASIA
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- VMware releases security patches for a critical virtual machine escape flaw
- VMware Patches VM Escape Flaw Disclosed at Chinese Hacking Contest
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Playbook Fridays: Domain Spinning Workbench Spaces App
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- South Korean Hackers Arrested for Infecting Cryto Mining Malware
- Phishing Attempts Soar to 137 Million in Q3
- Phishing now possible by exploiting online video function vulnerability in Word
- Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder
- BCMPUPnP_Hunter Botnet infected 400k routers to turn them in email spammers
- Exposed data of nearly 700k American Express India customers
- Hack the Air Force 3.0 – New vulnerability bounty program
- Nearly 700,000 Plaintext Records of American Express India Customers Personal Info Exposed Online
OCEANIA
Nil
NORTH AMERICA
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Koadic: Security Defense in the Age of LoL Malware, Part IV
- 'DerpTroll' derps into plea deal, admits DDoS attacks on EA, Steam, Sony game servers
- Bug Bounty Hunter Ran ISP Doxing Service
- VMware releases security patches for a critical virtual machine escape flaw
- The Pentagon is Publishing Foreign Nation-State Malware
- Advanced tools: Process Hacker
- This Week in Security News: Fake Apps & Malicious Bots
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Playbook Fridays: Domain Spinning Workbench Spaces App
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- Canada Post leaks sensitive information of thousands of cannabis buyers
- Phishing Attempts Soar to 137 Million in Q3
- Sony DDoS-er 'DerpTrolling' Pleads Guilty
- D93 staff accounts compromised through a phishing scam
- Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder
- Canadian Uni Shutters Network After Cryptomining Attack
- US Air Force invites white hats to find hackable flaws, again
- BCMPUPnP_Hunter Botnet infected 400k routers to turn them in email spammers
- VirusTotal and USCyberCom Join Forces To Identify Malware
- Exposed data of nearly 700k American Express India customers
- Hack the Air Force 3.0 – New vulnerability bounty program
- Nearly 700,000 Plaintext Records of American Express India Customers Personal Info Exposed Online
- U.S. Cyber Command #malware samples will be shared to #VirusTotal by the Cyber National Mission Force and one expert said
SOUTH AMERICA
Nil
EUROPE
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Stealthy Crypto-Mining Malware Evades Detection
- Infosec Problems For 2019 and Beyond: Patching, Bug Bounties and Hype
- Inception Attackers Target Europe with Year-old Office Vulnerability
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Playbook Fridays: Domain Spinning Workbench Spaces App
- Flaws in Roche Medical Devices Can Put Patients at Risk
- Phishing Attempts Soar to 137 Million in Q3
- Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy
- Hack the Air Force 3.0 – New vulnerability bounty program
- Hackers hide malware in the Windows installation files to mine cryptocurrency
AFRICA
Nil
ASIA
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- VMware releases security patches for a critical virtual machine escape flaw
- VMware Patches VM Escape Flaw Disclosed at Chinese Hacking Contest
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Playbook Fridays: Domain Spinning Workbench Spaces App
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- South Korean Hackers Arrested for Infecting Cryto Mining Malware
- Phishing Attempts Soar to 137 Million in Q3
- Phishing now possible by exploiting online video function vulnerability in Word
- Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder
- BCMPUPnP_Hunter Botnet infected 400k routers to turn them in email spammers
- Exposed data of nearly 700k American Express India customers
- Hack the Air Force 3.0 – New vulnerability bounty program
- Nearly 700,000 Plaintext Records of American Express India Customers Personal Info Exposed Online
WORLD
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Koadic: Security Defense in the Age of LoL Malware, Part IV
- 'DerpTroll' derps into plea deal, admits DDoS attacks on EA, Steam, Sony game servers
- Bug Bounty Hunter Ran ISP Doxing Service
- VMware releases security patches for a critical virtual machine escape flaw
- The Pentagon is Publishing Foreign Nation-State Malware
- Stealthy Crypto-Mining Malware Evades Detection
- Infosec Problems For 2019 and Beyond: Patching, Bug Bounties and Hype
- Advanced tools: Process Hacker
- This Week in Security News: Fake Apps & Malicious Bots
- Inception Attackers Target Europe with Year-old Office Vulnerability
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Playbook Fridays: Domain Spinning Workbench Spaces App
- Flaws in Roche Medical Devices Can Put Patients at Risk
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- Canada Post leaks sensitive information of thousands of cannabis buyers
- Phishing Attempts Soar to 137 Million in Q3
- Sony DDoS-er 'DerpTrolling' Pleads Guilty
- D93 staff accounts compromised through a phishing scam
- Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder
- Canadian Uni Shutters Network After Cryptomining Attack
- US Air Force invites white hats to find hackable flaws, again
- Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy
- BCMPUPnP_Hunter Botnet infected 400k routers to turn them in email spammers
- VirusTotal and USCyberCom Join Forces To Identify Malware
- Exposed data of nearly 700k American Express India customers
- Hack the Air Force 3.0 – New vulnerability bounty program
- Hackers hide malware in the Windows installation files to mine cryptocurrency
- Nearly 700,000 Plaintext Records of American Express India Customers Personal Info Exposed Online
- U.S. Cyber Command #malware samples will be shared to #VirusTotal by the Cyber National Mission Force and one expert said
ATTACKS
- Email Stealing Emotet Banking Trojan Resurrected in New Extensive Spam Campaign
- Oops: Cisco accidentally leaked in-house Dirty COW exploit code with biz conf call software
- Bug Bounty Hunter Ran ISP Doxing Service
- DJI drone hack could have exposed sensitive data
- Trickbot Malware Added Password And Browser History Stealing
- Man Sent Letter Bomb To Bitcoin Firm Over Password Reset
- Emotet launches major new spam campaign
- .@ablaich: “Breaches that include personally identifiable information are always dangerous because they can lead to identity theft... they can also
- This banking malware just added password and browser history stealing to its playbook
- Canada Post leaks sensitive information of thousands of cannabis buyers
- This banking #malware just added #password and browser history stealing to its playbook https://zd.net/2Pl6v31 via @ZDNet & @dannyjpalmer
- Phishing Attempts Soar to 137 Million in Q3
- Phishing now possible by exploiting online video function vulnerability in Word
- D93 staff accounts compromised through a phishing scam
- Drone vulnerability could compromise enterprise data
- "If the schemas prove not to be compatible, a backup of the previous version of a database must be used
- 5 Ways #Cybercriminals Can Access Your Emails Without #Phishing | Check out the full infographic here:
- Criminals are targeting cardless ATMs with the help of SMS text-based phishing (aka smishing) to drain bank accounts using stolen
- Exposed data of nearly 700k American Express India customers
- Nearly 700,000 Plaintext Records of American Express India Customers Personal Info Exposed Online
THREATS
- Hackers Target Bitcoins and USCYBERCOM Shares Malware | Avast
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Koadic: Security Defense in the Age of LoL Malware, Part IV
- Recently-Patched Adobe ColdFusion Flaw Exploited By APT
- Email Stealing Emotet Banking Trojan Resurrected in New Extensive Spam Campaign
- StatCounter fingers cache-poisoning caper for Bitcoin-slurping JavaScript hijack
- Zero-day in popular WordPress plugin exploited in the wild to take over sites
- Bug Bounty Hunter Ran ISP Doxing Service
- VMware releases security patches for a critical virtual machine escape flaw
- Ransomware Still the Top Malware Threat During 2018 According to Europol
- The Pentagon is Publishing Foreign Nation-State Malware
- Cryptomining Malware Uses Rootkit to Hide on Infected Linux Systems
- The Week in Ransomware - November 9th 2018 - Mostly Dharma Variants
- Stealthy Crypto-Mining Malware Evades Detection
- Infosec Problems For 2019 and Beyond: Patching, Bug Bounties and Hype
- Advanced tools: Process Hacker
- Trickbot Malware Added Password And Browser History Stealing
- Man Sent Letter Bomb To Bitcoin Firm Over Password Reset
- This Week in Security News: Fake Apps & Malicious Bots
- "Inception Attackers" Combine Old Exploit and New Backdoor
- Linux cryptocurrency miners are installing rootkits to hide themselves
- VMware Patches VM Escape Flaw Disclosed at Chinese Hacking Contest
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Kraken Ransomware
- Inception Attackers Target Europe with Year-old Office Vulnerability
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Playbook Fridays: Domain Spinning Workbench Spaces App
- Flaws in Roche Medical Devices Can Put Patients at Risk
- This banking malware just added password and browser history stealing to its playbook
- Inception hackers target European organisations with old Office flaw
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- South Korean Hackers Arrested for Infecting Cryto Mining Malware
- Serious XSS Vulnerability Patched in Evernote
- #Cyberespionage hackers have used stolen #DigitalCertificates to steal data. Expert Michael Cobb of @thehairyITdog explains how hackers sign Plead
- Update now! WordPress sites vulnerable to WooCommerce plugin flaw
- Are you prepared for #ransomware? Download this how-to guide to learn how to prepare for and detect an attack before
- This banking #malware just added #password and browser history stealing to its playbook https://zd.net/2Pl6v31 via @ZDNet & @dannyjpalmer
- The Morris Worm Turns 30
- Phishing now possible by exploiting online video function vulnerability in Word
- Idaho Falls School District Struck by a Computer Virus Attack
- Vulnerabilities in Our Infrastructure: 5 Ways to Mitigate the Risk
- OSX/SurfBuyer: Real malware is in the eye of the device holder
- No, You Don't Need a Blockchain
- Cisco fixes two critical bugs, recommends workaround for a third
- Canadian Uni Shutters Network After Cryptomining Attack
- Drone vulnerability could compromise enterprise data
- US Air Force invites white hats to find hackable flaws, again
- How is Plead malware used for cyberespionage attacks?
- Prioritizing Flaws Based on Severity Increasingly Ineffective: Study
- DJI Drone Can be Hacked using New Vulnerability To Steal Drone’s Flight logs, Photos & Videos
- Adobe ColdFusion Vulnerability Exploited in the Wild
- VirusTotal and USCyberCom Join Forces To Identify Malware
- Combination of bugs in WordPress and WooCommerce allows website hijacking
- Hack the Air Force 3.0 – New vulnerability bounty program
- Hackers hide malware in the Windows installation files to mine cryptocurrency
- Visiting Bitcoin City.
- Seagate and IBM Work Together to Help Reduce Global Hard Drive Counterfeiting with Blockchain Technology
- U.S. Cyber Command #malware samples will be shared to #VirusTotal by the Cyber National Mission Force and one expert said
CRIME
- Email Stealing Emotet Banking Trojan Resurrected in New Extensive Spam Campaign
- 'DerpTroll' derps into plea deal, admits DDoS attacks on EA, Steam, Sony game servers
- Bug Bounty Hunter Ran ISP Doxing Service
- Ransomware Still the Top Malware Threat During 2018 According to Europol
- Advanced tools: Process Hacker
- This Week in Security News: Fake Apps & Malicious Bots
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Playbook Fridays: Domain Spinning Workbench Spaces App
- .@ablaich: “Breaches that include personally identifiable information are always dangerous because they can lead to identity theft... they can also
- South Korean Hackers Arrested for Infecting Cryto Mining Malware
- #Cyberespionage hackers have used stolen #DigitalCertificates to steal data. Expert Michael Cobb of @thehairyITdog explains how hackers sign Plead
- DerpTrolling game server DDoS attacker pleads guilty
- Phishing Attempts Soar to 137 Million in Q3
- Sony DDoS-er 'DerpTrolling' Pleads Guilty
- D93 staff accounts compromised through a phishing scam
- How is Plead malware used for cyberespionage attacks?
- Criminals are targeting cardless ATMs with the help of SMS text-based phishing (aka smishing) to drain bank accounts using stolen
- Latest Hacking News Podcast
- Notorious "DerpTrolling" Pleads Guilty to DDoS Attacks on EA & Sony
POLITICS
- This Week in Security News: Fake Apps & Malicious Bots
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- #Cyberespionage hackers have used stolen #DigitalCertificates to steal data. Expert Michael Cobb of @thehairyITdog explains how hackers sign Plead
- Phishing Attempts Soar to 137 Million in Q3
- Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder
- How is Plead malware used for cyberespionage attacks?
- Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy
- Exposed data of nearly 700k American Express India customers
DATA BREACH & DATA LOSS
- California Girl Scouts branch suffers data breach
- IT Security Culture Evolution of Businesses Exposed
- Canada Post Leaked Personal Data of 4,500 Cannabis Customers
- 689,272 plaintext records of Amex India customers exposed online
- 3.6 Billion Records Exposed in Data Breaches Until the End September 2018
- DJI Drone Flight Logs, Photos and Videos Exposed to Unauthorized Access
- Canada Post Leaked Personal Data On Cannabis Smokers
- Drone Vulnerability Could Compromise Enterprise Data
- Oracle's VirtualBox Vulnerability Leaked By Disgruntled Researcher
- Radisson Loyalty Program Compromised
- Test Your Employees with Internal Phishing Campaigns
- DJI Drone Vulnerability Exposed Customer Data, Flight Logs, Photos and Videos
- Business email compromise attacks cost over $676 million in 2017, according to the @FBI's Internet #CrimeReport. Learn how to recognize
- According to the 2018 Cost of a Data Breach Study by @PonemonPrivacy & @IBM, the global average cost of a
- Canada Post leaked personal data, orders of thousands of cannabis smokers
- HSBC Bank Alerts US Customers to Data Breach
- StatCounter platform compromised to infect gate.io exchange with bitcoin-stealing code
- Users Stop Engaging With Brands After Data Breaches, Report Finds
- Phishing extortion campaign using new, more effective methods
- Gamasutra user privacy fragged following IP leak discovery
- HSBC confirms data theft in the United States
- Increasing value of personal data a 21st century challenge
DENIAL-OF-SERVICE
- Cambodia's ISPs Hit By Massive DDoS Attacks
- DerpTroll Admits To DDoS On EA, Steam, Sony Game Servers
- 4 Cambodia’s ISPs Attacked by DDoS
- DDoS attack on Cambodia’s top ISPs reached 150Gbps
- Man Behind DDoS Attacks on Gaming Companies Pleads Guilty
- To Pay or Not to Pay: A Large Retailer Responds to #DDoS Extortion
Find out what happened here:
- Cambodia's ISPs hit by some of the biggest DDoS attacks in the country's history
- Hacker Behind Series of DoS Attack Targeting Gaming Companies Pleaded Guilty
MALVERTISING
Nil
PHISHING
- Test Your Employees with Internal Phishing Campaigns
- Most IT Security Pros Underestimate Phishing Risks
- Most Enterprises Fail to Implement Proper Protection Against Phishing Attacks
- Phishing extortion campaign using new, more effective methods
- How many of these bad password habits do you have?
- Good article about the password problem and a statistic that shows just how bad a problem it has now become...
WEB DEFACEMENT
Nil
BOTNET
- Botnet Infects 100,000 Routers to Send Outlook, Hotmail, and Yahoo Spam
- New Spam Botnet Likely Infected 400,000 Devices
- Spam-spewing IoT botnet infects 100,000 routers using five-year-old flaw
- Spam-spewing IoT botnet infects 100,000 routers using five-year-old flaw
- Spam Botnet of Over 100K Routers Abuses UPnP
RANSOMWARE
- Dharma Ransomware Hits Altus Baytown Hospital's Systems
CRYPTOMINING & CRYPTOCURRENCIES
- Hackers Charged for Creating 6K Strong Cryptojacking Network
- Can Blockchain Solve The Problem of Blood Diamonds?
- Hackers Attack Crypto Exchange With Bitcoin-Stealing Malware
- Managing the Intersection of Cryptocurrency and Compliance
- Hackers from North Korea still breaking into PCs for mining crypto-currencies
- SIM Swapping Hacker Group Who Managed to Steal $80,000 Worth of Cryptocurrency Got Arrested
- Cryptocurrency Mining Malware uses Various Evasion Techniques, Including Windows Installer, as Part of its Routine
- Beware of scams! Elon Musk is not giving away bitcoin on Twitter
- StatCounter platform compromised to infect gate.io exchange with bitcoin-stealing code
- Canadian University Undergoes A Forced Shutdown After Cryptojacking Attack
- StatCounter Analytics Code Hijacked to Steal Bitcoins from Cryptocurrency Users
MALWARE
- Triton Malware Spearheads Latest Generation of Attacks on Industrial Systems
- Pentagon Draws Back the Veil on APT Malware with Sudden Embrace of VirusTotal
- Google: Newer Android versions are less affected by malware
- Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets
- Symantec Uncovers North Korean Group's ATM Attack Malware
- Metamorfo Banking Trojan Keeps Its Sights on Brazil
- Hackers Attack Crypto Exchange With Bitcoin-Stealing Malware
- The Pentagon has suddenly started uploading #malware samples from APTs and other nation-state sources to the website VirusTotal.
- Symantec researchers dissect North Korean malware used in ATM attacks
- Banking Malware Takes Aim at Brazilians
- Cryptocurrency Mining Malware uses Various Evasion Techniques, Including Windows Installer, as Part of its Routine
- The Cyber National Mission Force will share unclassified U.S. Cyber Command #malware samples to #VirusTotal and one expert hopes there
- U.S. Cyber Command CNMF Shares unclassified malware samples via VirusTotal
- US Cyber Command starts uploading foreign APT malware to VirusTotal
- U.S. Cyber Command malware samples to be logged in VirusTotal
- Metamorfo Banking Trojan Keeps Its Sights on Brazil
- Spyware disguised as Spanish banking apps removed from Google Play
- Unclassified #malware samples from U.S. Cyber Command will be shared with @virustotal by the Cyber National Mission Force. @MalwareJake @stephengillett
- Did you miss yesterday's #blog? Catch up on how fileless #malware is changing the way we as organizations are treating
- "The presence of the insecure remote access software on systems used for election management raised concerns that malicious #ThreatActors --
- U.S. Cyber Command Shares Malware via VirusTotal
- US Cyber Command starts uploading foreign APT malware to VirusTotal
EXPLOIT
- Cisco hunts for Apache Struts 2 FileUpload bug and finds DIRTY CoW exploit
- Cisco Accidentally Released Dirty Cow Exploit Code in Software
- VirtualBox zero-day flaw released on Github; working exploit available but no patch
- Unpatched VirtualBox Zero-Day Vulnerability and Exploit Released Online
VULNERABILITY
- Companies swamped by critical vulnerabilities – Tenable
- Cisco hunts for Apache Struts 2 FileUpload bug and finds DIRTY CoW exploit
- Bleedingbit Vulnerabilities Could Affect Enterprises Worldwide
- Steam bug could have given you access to all the CD keys of any game
- Drone Vulnerability Could Compromise Enterprise Data
- Oracle's VirtualBox Vulnerability Leaked By Disgruntled Researcher
- [SingCERT] Alert on Nginx Vulnerabilities (CVE-2018-16843, CVE-2018-16844, and CVE-2018-16845)
- Active Exploitation of Newly Patched ColdFusion Vulnerability (CVE-2018-15961)
- Several Vulnerabilities Patched in nginx
- Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain
- WooCommerce Plugin file deletion vulnerability exposes WordPress 'failing open' design flaw
- VirtualBox zero-day flaw released on Github; working exploit available but no patch
- DJI Drone Vulnerability Exposed Customer Data, Flight Logs, Photos and Videos
- DJI Patches Forum Bug That Allowed Drone Account Takeovers
- Spam-spewing IoT botnet infects 100,000 routers using five-year-old flaw
- Ranting researcher publishes VM-busting zero-day without warning
- Spam-spewing IoT botnet infects 100,000 routers using five-year-old flaw
- DJI Drone Vulnerability
- iOS 12.1 Vulnerability
- Encryption flaws in solid state drives enable unauthorised data access
- Microsoft Bug is Deactivating Windows 10 Pro Licenses and Downgrading to Home
- Ranting researcher publishes #VM-busting zero-day without warning
- We don' need no stinkin' bounties: VirtualBox guest-to-host escape zero-day lands at GitHub
- Vulnerabilities In Major Self-Encrypting SSDs Allow Encryption Bypass and Affect Bitlocker
- [SingCERT] Alert on Critical Apache Struts 2 Remote Code Execution Vulnerability (CVE-2016-1000031)
- XSS flaw in Evernote allows attackers to execute commands and steal files
- Critical authentication flaw in DJI drone web app fixed
- Commoditization of Computing Hardware and the Bugs It Contains
- 4 Million Shops Installed WooCommerce Plugin RCE Flaw Allows Attacker to Gain WordPress Sites Admin Access
- A year later, @amarekano's Android overlay bug has been included in the AOSP November 2018 patched notes as CVE-2018-9524
- Unpatched VirtualBox Zero-Day Vulnerability and Exploit Released Online
