TRANSNATIONAL / UNKNOWN
- 'DerpTrolling’ faces jail time for Sony DoS attacks
- Security Affairs newsletter Round 188 – News of the week
CHINA
Nil
INDIA
Nil
NORTH KOREA
Nil
PAKISTAN
Nil
VIETNAM
Nil
IRAN
Nil
IRAQ
Nil
LEBANON
Nil
PALESTINE
Nil
SAUDI ARABIA
Nil
SYRIA
Nil
TURKEY
Nil
UNITED ARAB EMIRATES
Nil
YEMEN
Nil
RUSSIA
Nil
SERBIA
Nil
UKRAINE
Nil
DATA BREACH & DATA LOSS
- Florida Department of Health Breached, Patients' Private Information Exposed
DENIAL-OF-SERVICE
Nil
MALVERTISING
Nil
PHISHING
- How to choose the best password manager | Avast
- An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in
WEB DEFACEMENT
Nil
BOTNET
- UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
RANSOMWARE
Nil
CRYPTOMINING & CRYPTOCURRENCIES
- Demystifying: Cryptocurrency Mining Threats
- School Headmaster Fired For Stealing School Electricity To Mine Ethereum
- Linux Cryptocurrency miner leverages rootkit to avoid detection
MALWARE
- Exclusive: Fileless malware driving uptake of behavioural analytics
- An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in
- Linux Cryptocurrency miner leverages rootkit to avoid detection
EXPLOIT
Nil
VULNERABILITY
- Cisco Patches Multiple Critical Security Flaws Affecting Different Products
- Annoyed Researcher Disclosed Zero-Day Vulnerability In VirtualBox Without Informing Oracle
- DJI Drone Vulnerability Due to DJI Forum’s Weakness, Patched by its Vendor
- Nvidia GPU Side Channel Vulnerability Disclosed
- CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- How does site isolation defend against #Spectre vulnerabilities? Expert Michael Cobb of @thehairyITdog explains
- All new ShadowTalk episode is out! Ep. 50: CISCO ASA 0-day and VirtualBox Vulnerability
Hear from Rafael Amado, @mazzazone, & @drshellface:
- WooCommerce vulnerability affected a large number of websites
- Debian 9.6 release, fix more bugs and security vulnerabilities
ASIA
- UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting
- CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- School Headmaster Fired For Stealing School Electricity To Mine Ethereum
- Security Affairs newsletter Round 188 – News of the week
OCEANIA
- UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting
NORTH AMERICA
- 'DerpTrolling’ faces jail time for Sony DoS attacks
- UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting
- DJI Drone Vulnerability Due to DJI Forum’s Weakness, Patched by its Vendor
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- School Headmaster Fired For Stealing School Electricity To Mine Ethereum
- Security Affairs newsletter Round 188 – News of the week
- All new ShadowTalk episode is out! Ep. 50: CISCO ASA 0-day and VirtualBox Vulnerability
Hear from Rafael Amado, @mazzazone, & @drshellface:
SOUTH AMERICA
Nil
EUROPE
- Security Affairs newsletter Round 188 – News of the week
AFRICA
Nil
ASIA
- UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting
- CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- School Headmaster Fired For Stealing School Electricity To Mine Ethereum
- Security Affairs newsletter Round 188 – News of the week
WORLD
- 'DerpTrolling’ faces jail time for Sony DoS attacks
- UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting
- DJI Drone Vulnerability Due to DJI Forum’s Weakness, Patched by its Vendor
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- School Headmaster Fired For Stealing School Electricity To Mine Ethereum
- Security Affairs newsletter Round 188 – News of the week
- All new ShadowTalk episode is out! Ep. 50: CISCO ASA 0-day and VirtualBox Vulnerability
Hear from Rafael Amado, @mazzazone, & @drshellface:
ATTACKS
- Florida Department of Health Breached, Patients' Private Information Exposed
- How to choose the best password manager | Avast
- An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in
THREATS
- Exclusive: Fileless malware driving uptake of behavioural analytics
- Cisco Patches Multiple Critical Security Flaws Affecting Different Products
- Annoyed Researcher Disclosed Zero-Day Vulnerability In VirtualBox Without Informing Oracle
- DJI Drone Vulnerability Due to DJI Forum’s Weakness, Patched by its Vendor
- Nvidia GPU Side Channel Vulnerability Disclosed
- Demystifying: Cryptocurrency Mining Threats
- CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- School Headmaster Fired For Stealing School Electricity To Mine Ethereum
- An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in
- Linux Cryptocurrency miner leverages rootkit to avoid detection
- How does site isolation defend against #Spectre vulnerabilities? Expert Michael Cobb of @thehairyITdog explains
- All new ShadowTalk episode is out! Ep. 50: CISCO ASA 0-day and VirtualBox Vulnerability
Hear from Rafael Amado, @mazzazone, & @drshellface:
- WooCommerce vulnerability affected a large number of websites
- Debian 9.6 release, fix more bugs and security vulnerabilities
CRIME
- 'DerpTrolling’ faces jail time for Sony DoS attacks
- An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in
- Security Affairs newsletter Round 188 – News of the week
POLITICS
- CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild
- An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in
DATA BREACH & DATA LOSS
- FIFA Preps for Next Wave of Bad Press after New Data Breach
- According to the @FBI's Internet #CrimeReport, business email compromise attacks cost more than $676 million in 2017. Learn more from
- What is the average time it takes for an organization to identify a data breach?
- Botnet infects over 400krouters for spam campaign
- Pakistani banks suffer data breach
DENIAL-OF-SERVICE
Nil
MALVERTISING
Nil
PHISHING
- "Keep in mind that it's not just users who can find and exploit #SQLinjection, but business logic flaws, password policy
WEB DEFACEMENT
Nil
BOTNET
- Botnet infects over 400krouters for spam campaign
- New #spam #botnet infected over 100,000 home routers through a UPnP vulnerability, according to researchers at @360Netlab. By @MaddieBacon11
RANSOMWARE
- GandCrab Ransomware Virus Threat Alert
CRYPTOMINING & CRYPTOCURRENCIES
- Cryptocurrency Mining Malware Targets Linux Machines Uses Rootkit to Hide From Monitoring Tools
MALWARE
- GandCrab Ransomware Virus Threat Alert
- Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks
- The Cyber National Mission Force will share unclassified U.S. Cyber Command #malware samples to #VirusTotal and one expert hopes there
- In @usnistgo's draft on 'Vetting the #Security of #MobileApplications,' several key general requirements are discussed. However, the process could be
- Cryptocurrency Mining Malware Targets Linux Machines Uses Rootkit to Hide From Monitoring Tools
- Researchers reveal the malware used by North Korean hackers to attack ATMs
EXPLOIT
- "Keep in mind that it's not just users who can find and exploit #SQLinjection, but business logic flaws, password policy
VULNERABILITY
- Apache mod_jk Access Control Bypass Vulnerability (CVE-2018-11759) Threat Alert
- Nginx server security flaws expose more than a million of servers to DoS attacks
- "Keep in mind that it's not just users who can find and exploit #SQLinjection, but business logic flaws, password policy
- VMware Releases Security Updates To Fix Critical Vulnerability Discovered in GeekPwn2018 Event
- Vulnerabilities in DJI drone manufacturer
- New #spam #botnet infected over 100,000 home routers through a UPnP vulnerability, according to researchers at @360Netlab. By @MaddieBacon11
ASIA
- GandCrab Ransomware Virus Threat Alert
- Apache mod_jk Access Control Bypass Vulnerability (CVE-2018-11759) Threat Alert
- Lazarus Group Attacks ATMs, Tens of Millions Stolen in Recent Heist
- Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks
- A Careful Look on FastCash, the New Cash Cow of Lazarus Hacking Group
- VMware Releases Security Updates To Fix Critical Vulnerability Discovered in GeekPwn2018 Event
- Researchers reveal the malware used by North Korean hackers to attack ATMs
- Botnet infects over 400krouters for spam campaign
- Pakistani banks suffer data breach
- Vulnerabilities in DJI drone manufacturer
WORLD
- FIFA Preps for Next Wave of Bad Press after New Data Breach
- Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks
- The Cyber National Mission Force will share unclassified U.S. Cyber Command #malware samples to #VirusTotal and one expert hopes there
- A Careful Look on FastCash, the New Cash Cow of Lazarus Hacking Group
- Researchers reveal the malware used by North Korean hackers to attack ATMs
- Botnet infects over 400krouters for spam campaign
- FIFA is hacked… Once again
ATTACKS
- FIFA Preps for Next Wave of Bad Press after New Data Breach
- According to the @FBI's Internet #CrimeReport, business email compromise attacks cost more than $676 million in 2017. Learn more from
- What is the average time it takes for an organization to identify a data breach?
- "Keep in mind that it's not just users who can find and exploit #SQLinjection, but business logic flaws, password policy
- Botnet infects over 400krouters for spam campaign
- Pakistani banks suffer data breach
THREATS
- GandCrab Ransomware Virus Threat Alert
- Apache mod_jk Access Control Bypass Vulnerability (CVE-2018-11759) Threat Alert
- Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks
- The Cyber National Mission Force will share unclassified U.S. Cyber Command #malware samples to #VirusTotal and one expert hopes there
- In @usnistgo's draft on 'Vetting the #Security of #MobileApplications,' several key general requirements are discussed. However, the process could be
- Nginx server security flaws expose more than a million of servers to DoS attacks
- "Keep in mind that it's not just users who can find and exploit #SQLinjection, but business logic flaws, password policy
- VMware Releases Security Updates To Fix Critical Vulnerability Discovered in GeekPwn2018 Event
- Cryptocurrency Mining Malware Targets Linux Machines Uses Rootkit to Hide From Monitoring Tools
- Researchers reveal the malware used by North Korean hackers to attack ATMs
- Vulnerabilities in DJI drone manufacturer
- New #spam #botnet infected over 100,000 home routers through a UPnP vulnerability, according to researchers at @360Netlab. By @MaddieBacon11
CRIME
- FIFA Preps for Next Wave of Bad Press after New Data Breach
- Lazarus Group Attacks ATMs, Tens of Millions Stolen in Recent Heist
- Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks
- According to the @FBI's Internet #CrimeReport, business email compromise attacks cost more than $676 million in 2017. Learn more from
- A Careful Look on FastCash, the New Cash Cow of Lazarus Hacking Group
- Researchers reveal the malware used by North Korean hackers to attack ATMs
- Pakistani banks suffer data breach
POLITICS
- Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks
- Researchers reveal the malware used by North Korean hackers to attack ATMs
- Vulnerabilities in DJI drone manufacturer
- FIFA is hacked… Once again
DATA BREACH & DATA LOSS
- Email Stealing Emotet Banking Trojan Resurrected in New Extensive Spam Campaign
- Oops: Cisco accidentally leaked in-house Dirty COW exploit code with biz conf call software
- Bug Bounty Hunter Ran ISP Doxing Service
- DJI drone hack could have exposed sensitive data
- Emotet launches major new spam campaign
- .@ablaich: “Breaches that include personally identifiable information are always dangerous because they can lead to identity theft... they can also
- Canada Post leaks sensitive information of thousands of cannabis buyers
- D93 staff accounts compromised through a phishing scam
- Drone vulnerability could compromise enterprise data
- "If the schemas prove not to be compatible, a backup of the previous version of a database must be used
- Exposed data of nearly 700k American Express India customers
- Nearly 700,000 Plaintext Records of American Express India Customers Personal Info Exposed Online
DENIAL-OF-SERVICE
- 'DerpTroll' derps into plea deal, admits DDoS attacks on EA, Steam, Sony game servers
- DerpTrolling game server DDoS attacker pleads guilty
- Sony DDoS-er 'DerpTrolling' Pleads Guilty
- Notorious "DerpTrolling" Pleads Guilty to DDoS Attacks on EA & Sony
MALVERTISING
Nil
PHISHING
- Trickbot Malware Added Password And Browser History Stealing
- Man Sent Letter Bomb To Bitcoin Firm Over Password Reset
- This banking malware just added password and browser history stealing to its playbook
- This banking #malware just added #password and browser history stealing to its playbook https://zd.net/2Pl6v31 via @ZDNet & @dannyjpalmer
- Phishing Attempts Soar to 137 Million in Q3
- Phishing now possible by exploiting online video function vulnerability in Word
- D93 staff accounts compromised through a phishing scam
- 5 Ways #Cybercriminals Can Access Your Emails Without #Phishing | Check out the full infographic here:
- Criminals are targeting cardless ATMs with the help of SMS text-based phishing (aka smishing) to drain bank accounts using stolen
WEB DEFACEMENT
Nil
BOTNET
- Spammer scum hack 100,000 home routers via UPnP vulns to craft email-flinging botnet
- This Week in Security News: Fake Apps & Malicious Bots
- New spam botnet infects over 100,000 home routers
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- IoT botnet BCMUPnP_Hunter targets routers with vulnerable UPnP feature
- BCMPUPnP_Hunter Botnet infected 400k routers to turn them in email spammers
RANSOMWARE
- Ransomware Still the Top Malware Threat During 2018 According to Europol
- The Week in Ransomware - November 9th 2018 - Mostly Dharma Variants
- Kraken Ransomware
- Are you prepared for #ransomware? Download this how-to guide to learn how to prepare for and detect an attack before
CRYPTOMINING & CRYPTOCURRENCIES
- StatCounter fingers cache-poisoning caper for Bitcoin-slurping JavaScript hijack
- Cryptomining Malware Uses Rootkit to Hide on Infected Linux Systems
- Stealthy Crypto-Mining Malware Evades Detection
- Man Sent Letter Bomb To Bitcoin Firm Over Password Reset
- Linux cryptocurrency miners are installing rootkits to hide themselves
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Kraken Ransomware
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- No, You Don't Need a Blockchain
- Canadian Uni Shutters Network After Cryptomining Attack
- Hackers hide malware in the Windows installation files to mine cryptocurrency
- Visiting Bitcoin City.
- Seagate and IBM Work Together to Help Reduce Global Hard Drive Counterfeiting with Blockchain Technology
MALWARE
- Hackers Target Bitcoins and USCYBERCOM Shares Malware | Avast
- Koadic: Security Defense in the Age of LoL Malware, Part IV
- Email Stealing Emotet Banking Trojan Resurrected in New Extensive Spam Campaign
- Ransomware Still the Top Malware Threat During 2018 According to Europol
- The Pentagon is Publishing Foreign Nation-State Malware
- Cryptomining Malware Uses Rootkit to Hide on Infected Linux Systems
- Stealthy Crypto-Mining Malware Evades Detection
- Advanced tools: Process Hacker
- Trickbot Malware Added Password And Browser History Stealing
- This Week in Security News: Fake Apps & Malicious Bots
- "Inception Attackers" Combine Old Exploit and New Backdoor
- Playbook Fridays: Domain Spinning Workbench Spaces App
- This banking malware just added password and browser history stealing to its playbook
- South Korean Hackers Arrested for Infecting Cryto Mining Malware
- #Cyberespionage hackers have used stolen #DigitalCertificates to steal data. Expert Michael Cobb of @thehairyITdog explains how hackers sign Plead
- This banking #malware just added #password and browser history stealing to its playbook https://zd.net/2Pl6v31 via @ZDNet & @dannyjpalmer
- The Morris Worm Turns 30
- Idaho Falls School District Struck by a Computer Virus Attack
- OSX/SurfBuyer: Real malware is in the eye of the device holder
- How is Plead malware used for cyberespionage attacks?
- VirusTotal and USCyberCom Join Forces To Identify Malware
- Hackers hide malware in the Windows installation files to mine cryptocurrency
- U.S. Cyber Command #malware samples will be shared to #VirusTotal by the Cyber National Mission Force and one expert said
EXPLOIT
- Oops: Cisco accidentally leaked in-house Dirty COW exploit code with biz conf call software
- "Inception Attackers" Combine Old Exploit and New Backdoor
VULNERABILITY
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Recently-Patched Adobe ColdFusion Flaw Exploited By APT
- Zero-day in popular WordPress plugin exploited in the wild to take over sites
- Bug Bounty Hunter Ran ISP Doxing Service
- VMware releases security patches for a critical virtual machine escape flaw
- Infosec Problems For 2019 and Beyond: Patching, Bug Bounties and Hype
- VMware Patches VM Escape Flaw Disclosed at Chinese Hacking Contest
- Inception Attackers Target Europe with Year-old Office Vulnerability
- Flaws in Roche Medical Devices Can Put Patients at Risk
- Inception hackers target European organisations with old Office flaw
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- Serious XSS Vulnerability Patched in Evernote
- Update now! WordPress sites vulnerable to WooCommerce plugin flaw
- Phishing now possible by exploiting online video function vulnerability in Word
- Vulnerabilities in Our Infrastructure: 5 Ways to Mitigate the Risk
- Cisco fixes two critical bugs, recommends workaround for a third
- Drone vulnerability could compromise enterprise data
- US Air Force invites white hats to find hackable flaws, again
- Prioritizing Flaws Based on Severity Increasingly Ineffective: Study
- DJI Drone Can be Hacked using New Vulnerability To Steal Drone’s Flight logs, Photos & Videos
- Adobe ColdFusion Vulnerability Exploited in the Wild
- Combination of bugs in WordPress and WooCommerce allows website hijacking
- Hack the Air Force 3.0 – New vulnerability bounty program
ASIA
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- VMware releases security patches for a critical virtual machine escape flaw
- VMware Patches VM Escape Flaw Disclosed at Chinese Hacking Contest
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Playbook Fridays: Domain Spinning Workbench Spaces App
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- South Korean Hackers Arrested for Infecting Cryto Mining Malware
- Phishing Attempts Soar to 137 Million in Q3
- Phishing now possible by exploiting online video function vulnerability in Word
- Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder
- BCMPUPnP_Hunter Botnet infected 400k routers to turn them in email spammers
- Exposed data of nearly 700k American Express India customers
- Hack the Air Force 3.0 – New vulnerability bounty program
- Nearly 700,000 Plaintext Records of American Express India Customers Personal Info Exposed Online
OCEANIA
Nil
NORTH AMERICA
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Koadic: Security Defense in the Age of LoL Malware, Part IV
- 'DerpTroll' derps into plea deal, admits DDoS attacks on EA, Steam, Sony game servers
- Bug Bounty Hunter Ran ISP Doxing Service
- VMware releases security patches for a critical virtual machine escape flaw
- The Pentagon is Publishing Foreign Nation-State Malware
- Advanced tools: Process Hacker
- This Week in Security News: Fake Apps & Malicious Bots
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Playbook Fridays: Domain Spinning Workbench Spaces App
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- Canada Post leaks sensitive information of thousands of cannabis buyers
- Phishing Attempts Soar to 137 Million in Q3
- Sony DDoS-er 'DerpTrolling' Pleads Guilty
- D93 staff accounts compromised through a phishing scam
- Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder
- Canadian Uni Shutters Network After Cryptomining Attack
- US Air Force invites white hats to find hackable flaws, again
- BCMPUPnP_Hunter Botnet infected 400k routers to turn them in email spammers
- VirusTotal and USCyberCom Join Forces To Identify Malware
- Exposed data of nearly 700k American Express India customers
- Hack the Air Force 3.0 – New vulnerability bounty program
- Nearly 700,000 Plaintext Records of American Express India Customers Personal Info Exposed Online
- U.S. Cyber Command #malware samples will be shared to #VirusTotal by the Cyber National Mission Force and one expert said
SOUTH AMERICA
Nil
EUROPE
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Stealthy Crypto-Mining Malware Evades Detection
- Infosec Problems For 2019 and Beyond: Patching, Bug Bounties and Hype
- Inception Attackers Target Europe with Year-old Office Vulnerability
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Playbook Fridays: Domain Spinning Workbench Spaces App
- Flaws in Roche Medical Devices Can Put Patients at Risk
- Phishing Attempts Soar to 137 Million in Q3
- Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy
- Hack the Air Force 3.0 – New vulnerability bounty program
- Hackers hide malware in the Windows installation files to mine cryptocurrency
AFRICA
Nil
ASIA
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- VMware releases security patches for a critical virtual machine escape flaw
- VMware Patches VM Escape Flaw Disclosed at Chinese Hacking Contest
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Playbook Fridays: Domain Spinning Workbench Spaces App
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- South Korean Hackers Arrested for Infecting Cryto Mining Malware
- Phishing Attempts Soar to 137 Million in Q3
- Phishing now possible by exploiting online video function vulnerability in Word
- Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder
- BCMPUPnP_Hunter Botnet infected 400k routers to turn them in email spammers
- Exposed data of nearly 700k American Express India customers
- Hack the Air Force 3.0 – New vulnerability bounty program
- Nearly 700,000 Plaintext Records of American Express India Customers Personal Info Exposed Online
WORLD
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Koadic: Security Defense in the Age of LoL Malware, Part IV
- 'DerpTroll' derps into plea deal, admits DDoS attacks on EA, Steam, Sony game servers
- Bug Bounty Hunter Ran ISP Doxing Service
- VMware releases security patches for a critical virtual machine escape flaw
- The Pentagon is Publishing Foreign Nation-State Malware
- Stealthy Crypto-Mining Malware Evades Detection
- Infosec Problems For 2019 and Beyond: Patching, Bug Bounties and Hype
- Advanced tools: Process Hacker
- This Week in Security News: Fake Apps & Malicious Bots
- Inception Attackers Target Europe with Year-old Office Vulnerability
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Playbook Fridays: Domain Spinning Workbench Spaces App
- Flaws in Roche Medical Devices Can Put Patients at Risk
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- Canada Post leaks sensitive information of thousands of cannabis buyers
- Phishing Attempts Soar to 137 Million in Q3
- Sony DDoS-er 'DerpTrolling' Pleads Guilty
- D93 staff accounts compromised through a phishing scam
- Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder
- Canadian Uni Shutters Network After Cryptomining Attack
- US Air Force invites white hats to find hackable flaws, again
- Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy
- BCMPUPnP_Hunter Botnet infected 400k routers to turn them in email spammers
- VirusTotal and USCyberCom Join Forces To Identify Malware
- Exposed data of nearly 700k American Express India customers
- Hack the Air Force 3.0 – New vulnerability bounty program
- Hackers hide malware in the Windows installation files to mine cryptocurrency
- Nearly 700,000 Plaintext Records of American Express India Customers Personal Info Exposed Online
- U.S. Cyber Command #malware samples will be shared to #VirusTotal by the Cyber National Mission Force and one expert said
ATTACKS
- Email Stealing Emotet Banking Trojan Resurrected in New Extensive Spam Campaign
- Oops: Cisco accidentally leaked in-house Dirty COW exploit code with biz conf call software
- Bug Bounty Hunter Ran ISP Doxing Service
- DJI drone hack could have exposed sensitive data
- Trickbot Malware Added Password And Browser History Stealing
- Man Sent Letter Bomb To Bitcoin Firm Over Password Reset
- Emotet launches major new spam campaign
- .@ablaich: “Breaches that include personally identifiable information are always dangerous because they can lead to identity theft... they can also
- This banking malware just added password and browser history stealing to its playbook
- Canada Post leaks sensitive information of thousands of cannabis buyers
- This banking #malware just added #password and browser history stealing to its playbook https://zd.net/2Pl6v31 via @ZDNet & @dannyjpalmer
- Phishing Attempts Soar to 137 Million in Q3
- Phishing now possible by exploiting online video function vulnerability in Word
- D93 staff accounts compromised through a phishing scam
- Drone vulnerability could compromise enterprise data
- "If the schemas prove not to be compatible, a backup of the previous version of a database must be used
- 5 Ways #Cybercriminals Can Access Your Emails Without #Phishing | Check out the full infographic here:
- Criminals are targeting cardless ATMs with the help of SMS text-based phishing (aka smishing) to drain bank accounts using stolen
- Exposed data of nearly 700k American Express India customers
- Nearly 700,000 Plaintext Records of American Express India Customers Personal Info Exposed Online
THREATS
- Hackers Target Bitcoins and USCYBERCOM Shares Malware | Avast
- U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program
- Koadic: Security Defense in the Age of LoL Malware, Part IV
- Recently-Patched Adobe ColdFusion Flaw Exploited By APT
- Email Stealing Emotet Banking Trojan Resurrected in New Extensive Spam Campaign
- StatCounter fingers cache-poisoning caper for Bitcoin-slurping JavaScript hijack
- Zero-day in popular WordPress plugin exploited in the wild to take over sites
- Bug Bounty Hunter Ran ISP Doxing Service
- VMware releases security patches for a critical virtual machine escape flaw
- Ransomware Still the Top Malware Threat During 2018 According to Europol
- The Pentagon is Publishing Foreign Nation-State Malware
- Cryptomining Malware Uses Rootkit to Hide on Infected Linux Systems
- The Week in Ransomware - November 9th 2018 - Mostly Dharma Variants
- Stealthy Crypto-Mining Malware Evades Detection
- Infosec Problems For 2019 and Beyond: Patching, Bug Bounties and Hype
- Advanced tools: Process Hacker
- Trickbot Malware Added Password And Browser History Stealing
- Man Sent Letter Bomb To Bitcoin Firm Over Password Reset
- This Week in Security News: Fake Apps & Malicious Bots
- "Inception Attackers" Combine Old Exploit and New Backdoor
- Linux cryptocurrency miners are installing rootkits to hide themselves
- VMware Patches VM Escape Flaw Disclosed at Chinese Hacking Contest
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Kraken Ransomware
- Inception Attackers Target Europe with Year-old Office Vulnerability
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Playbook Fridays: Domain Spinning Workbench Spaces App
- Flaws in Roche Medical Devices Can Put Patients at Risk
- This banking malware just added password and browser history stealing to its playbook
- Inception hackers target European organisations with old Office flaw
- A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
- South Korean Hackers Arrested for Infecting Cryto Mining Malware
- Serious XSS Vulnerability Patched in Evernote
- #Cyberespionage hackers have used stolen #DigitalCertificates to steal data. Expert Michael Cobb of @thehairyITdog explains how hackers sign Plead
- Update now! WordPress sites vulnerable to WooCommerce plugin flaw
- Are you prepared for #ransomware? Download this how-to guide to learn how to prepare for and detect an attack before
- This banking #malware just added #password and browser history stealing to its playbook https://zd.net/2Pl6v31 via @ZDNet & @dannyjpalmer
- The Morris Worm Turns 30
- Phishing now possible by exploiting online video function vulnerability in Word
- Idaho Falls School District Struck by a Computer Virus Attack
- Vulnerabilities in Our Infrastructure: 5 Ways to Mitigate the Risk
- OSX/SurfBuyer: Real malware is in the eye of the device holder
- No, You Don't Need a Blockchain
- Cisco fixes two critical bugs, recommends workaround for a third
- Canadian Uni Shutters Network After Cryptomining Attack
- Drone vulnerability could compromise enterprise data
- US Air Force invites white hats to find hackable flaws, again
- How is Plead malware used for cyberespionage attacks?
- Prioritizing Flaws Based on Severity Increasingly Ineffective: Study
- DJI Drone Can be Hacked using New Vulnerability To Steal Drone’s Flight logs, Photos & Videos
- Adobe ColdFusion Vulnerability Exploited in the Wild
- VirusTotal and USCyberCom Join Forces To Identify Malware
- Combination of bugs in WordPress and WooCommerce allows website hijacking
- Hack the Air Force 3.0 – New vulnerability bounty program
- Hackers hide malware in the Windows installation files to mine cryptocurrency
- Visiting Bitcoin City.
- Seagate and IBM Work Together to Help Reduce Global Hard Drive Counterfeiting with Blockchain Technology
- U.S. Cyber Command #malware samples will be shared to #VirusTotal by the Cyber National Mission Force and one expert said
CRIME
- Email Stealing Emotet Banking Trojan Resurrected in New Extensive Spam Campaign
- 'DerpTroll' derps into plea deal, admits DDoS attacks on EA, Steam, Sony game servers
- Bug Bounty Hunter Ran ISP Doxing Service
- Ransomware Still the Top Malware Threat During 2018 According to Europol
- Advanced tools: Process Hacker
- This Week in Security News: Fake Apps & Malicious Bots
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Playbook Fridays: Domain Spinning Workbench Spaces App
- .@ablaich: “Breaches that include personally identifiable information are always dangerous because they can lead to identity theft... they can also
- South Korean Hackers Arrested for Infecting Cryto Mining Malware
- #Cyberespionage hackers have used stolen #DigitalCertificates to steal data. Expert Michael Cobb of @thehairyITdog explains how hackers sign Plead
- DerpTrolling game server DDoS attacker pleads guilty
- Phishing Attempts Soar to 137 Million in Q3
- Sony DDoS-er 'DerpTrolling' Pleads Guilty
- D93 staff accounts compromised through a phishing scam
- How is Plead malware used for cyberespionage attacks?
- Criminals are targeting cardless ATMs with the help of SMS text-based phishing (aka smishing) to drain bank accounts using stolen
- Latest Hacking News Podcast
- Notorious "DerpTrolling" Pleads Guilty to DDoS Attacks on EA & Sony
POLITICS
- This Week in Security News: Fake Apps & Malicious Bots
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- Chinese headmaster fired after setting up his own secret cryptomining rig at school
- #Cyberespionage hackers have used stolen #DigitalCertificates to steal data. Expert Michael Cobb of @thehairyITdog explains how hackers sign Plead
- Phishing Attempts Soar to 137 Million in Q3
- Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder
- How is Plead malware used for cyberespionage attacks?
- Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy
- Exposed data of nearly 700k American Express India customers
