ASIA
- ESET: Vietnamese hacking group hijacks Southeast Asian sites in watering hole campaign
- 200K Outlaw Botnet Uses SSH Brute Forcing to Propagate, Monero Mining for Profit
- Malvertising in Apple Pay Targets iPhone Users
- Kaspersky Security Bulletin: Threat Predictions for 2019
- Experts analyzed how Iranian OilRIG hackers tested their weaponized documents
WORLD
- 200K Outlaw Botnet Uses SSH Brute Forcing to Propagate, Monero Mining for Profit
- Infamous Russian Hacking Group Used New Trojan in Recent Attacks
- APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign
- Voxox leak: Millions of SMS messages exposed
- Russia’s Elite Hackers May Have New Phishing Tricks
- Web skimmers compete in Umbro Brasil hack
- Inspiring Gender Diversity at Women of the Channel Leadership Summit
- Government Agencies and Think Tanks attacked, APT29 suspected
- An Introduction to Magecart
- Hackers Linked to Russia Impersonate US Officials
- Two Young Men Jailed for Involvement in TalkTalk Data Breach
- Russian hackers are trying out this new malware against US and European targets
- TEMP.Periscope Spearphishing
- Russian hackers are trying out this new malware against US and European targets
- Russian APT activity is resurgent, researchers say
- Report: Emotet makes phishing lures more convincing by scraping victims' emails
- Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan
- Lazarus Continues Heists, Mounts Attacks on Financial Organizations in Latin America
- Zscaler ThreatLabZ Phishing Roundup
- Dutch audit finds Microsoft Office leaks confidential data
- Kaspersky Security Bulletin: Threat Predictions for 2019
- Cozy Bear tracks: Phishing campaign looks like work of Russian APT group
- Experts analyzed how Iranian OilRIG hackers tested their weaponized documents
- Confiant spots major malvertising attack
- Google, Target Hit by Twitter Bitcoin Scam Account Hacks
- Two TalkTalk hackers jailed for 2015 data breach that cost it £77 million
ATTACKS
- ESET: Vietnamese hacking group hijacks Southeast Asian sites in watering hole campaign
- Gmail Glitch Enables Anonymous Messages in Phishing Attacks
- jQuery File Upload Disclosure Due Diligence
- Emotet Returns with Thanksgiving Theme and Better Phishing Tricks
- APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign
- APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign
- Emotet Returns with Thanksgiving Theme and Better Phishing Tricks
- Voxox leak: Millions of SMS messages exposed
- Russia’s Elite Hackers May Have New Phishing Tricks
- Second WordPress hacking campaign underway, this one targeting AMP for WP plugin
- Vision Direct Reveals Data Breach
- Malvertising in Apple Pay Targets iPhone Users
- Instagram glitch exposed some user passwords
- OSIsoft Warns Employees, Contractors of Data Breach
- Two Young Men Jailed for Involvement in TalkTalk Data Breach
- TEMP.Periscope Spearphishing
- Report: Emotet makes phishing lures more convincing by scraping victims' emails
- OceanLotus: New watering hole attack in Southeast Asia
- OceanLotus: New watering hole attack in Southeast Asia
- tRat: New Modular RAT Appears in Multiple Email Campaigns
- Emotet Campaigns Persist, Utilize Updated Tactics and Techniques
- Mac users using Exodus cryptocurrency wallet targeted by a small spam campaign
- AWS moves to curb S3 data leaks, but Chris Vickery is doubtful
- TalkTalk hackers jailed for role in £77m data breach
- CarBlues – Bluetooth Vehicle Hack Exploit Affects Millions Of Vehicles Exposing Users PII
- Zscaler ThreatLabZ Phishing Roundup
- 2018 holiday travel period expected to be the busiest travel season on record
- Vision Direct 'fesses up to hack that exposed customer names, payment cards
- A little phishing knowledge may be a dangerous thing
- Dutch audit finds Microsoft Office leaks confidential data
- Cozy Bear tracks: Phishing campaign looks like work of Russian APT group
- Instagram Patched A Data Download Tool Bug That Exposed Users Passwords
- Confiant spots major malvertising attack
- Two TalkTalk hackers jailed for 2015 data breach that cost it £77 million
THREATS
- Instagram bug exposes user passwords
- Critical Adobe Flash Bug Impacts Windows, macOS, Linux and Chrome OS
- 200K Outlaw Botnet Uses SSH Brute Forcing to Propagate, Monero Mining for Profit
- Hackers target Drupal servers chaining several flaws, including Drupalgeddon2 and DirtyCOW
- Flash Player Type Confusion Critical Vulnerability, Another Reason Not to Use It
- Down But Not Out, WannaCry Malware Continues to Infect Unpatched Windows PCs
- Infamous Russian Hacking Group Used New Trojan in Recent Attacks
- 560,000 Duped Into Installing Android Malware in the Form of Fake Driving Games
- Flash Player Update Patches Disclosed Code Execution Flaw
- Attackers Target Drupal Web Servers with Chained Vulnerabilities
- DirtyCOW Is Back In Backdoor Attack Targeting Drupal Web Servers
- Inserted Malicious URLs within Office Documents’ Embedded Videos
- Russian hackers are trying out this new malware against US and European targets
- Russian hackers are trying out this new malware against US and European targets
- Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan
- WordPress GDPR Plug-in Contains Privilege Escalation Flaw
- tRat: New Modular RAT Appears in Multiple Email Campaigns
- Dharma Ransomware Variant Discovered
- Hackers Exploit Vulnerability in WP GDPR Compliance Plugin – Update Now
- Mac users using Exodus cryptocurrency wallet targeted by a small spam campaign
- For Smbs Ransomware Attacks still the Greatest Online Threat
- Almost 50 Percent of 2018 Vulnerabilities Can Be Exploited Remotely
- Targeted ransomware attacks on the rise in 2018, NCSC warns
- TP-Link fixes 2 Remote Code Execution flaws in TL-R600VPN SOHO Router and other issues
- Raft of flaws discovered in MiSafes child-monitoring devices
- Scumbags cram Make-A-Wish website with coin-mining malware
- Instagram Patched A Data Download Tool Bug That Exposed Users Passwords
- Microsoft Releases Azure Blockchain Development Kit
- DirtyCOW is back in backdoor attack targeting Drupal Web Servers
- Can a D-Link router vulnerability threaten bank customers?
- 3 New Code Execution Flaws Discovered in Atlantis Word Processor
- Vulnerability Spotlight: Multiple remote code execution vulnerabilities in Atlantis Word Processor
- Google Account Hacked for Fake Bitcoin Reward
- 2019 Security Predictions – Utilities and Industrial Control Systems Targeted with Ransomware
- Google, Target Hit by Twitter Bitcoin Scam Account Hacks
- The wiper #malware that briefly disrupted the Winter #Olympics earlier this year appears to be back - now with a
- 13 Malicious Apps in Google Play With More than 560,000+ Installs
- Apache OpenOffice 4.1.6 release: important bug fixes and security fixes
- Almost 50 Percent of 2018 Vulnerabilities Can Be Exploited Remotely
- #BluetoothDevices might be at risk after a new #Bluetooth vulnerability was found targeting #firmware or operating system software drivers. Learn
CRIME
- Inspiring Gender Diversity at Women of the Channel Leadership Summit
- An Introduction to Magecart
- Two Young Men Jailed for Involvement in TalkTalk Data Breach
- Report: Emotet makes phishing lures more convincing by scraping victims' emails
- Zscaler ThreatLabZ Phishing Roundup
- Magecart Spies Payment Cards From Retailer Vision Direct
- Kaspersky Security Bulletin: Threat Predictions for 2019
- Google, Target Hit by Twitter Bitcoin Scam Account Hacks
- Two TalkTalk hackers jailed for 2015 data breach that cost it £77 million
POLITICS
- Infamous Russian Hacking Group Used New Trojan in Recent Attacks
- APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign
- APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign
- Russia’s Elite Hackers May Have New Phishing Tricks
- Web skimmers compete in Umbro Brasil hack
- TEMP.Periscope Spearphishing
- Mac users using Exodus cryptocurrency wallet targeted by a small spam campaign
- Magecart Spies Payment Cards From Retailer Vision Direct
- Dutch audit finds Microsoft Office leaks confidential data
- Kaspersky Security Bulletin: Threat Predictions for 2019
- Experts analyzed how Iranian OilRIG hackers tested their weaponized documents
HEALTHCARE
- Hackers Linked to Russia Impersonate US Officials
- Russian APT activity is resurgent, researchers say
- Zscaler ThreatLabZ Phishing Roundup
TRANSPORT
Nil
BANKING & FINANCE
- Emotet Returns with Thanksgiving Theme and Better Phishing Tricks
- Emotet Returns with Thanksgiving Theme and Better Phishing Tricks
- Web skimmers compete in Umbro Brasil hack
- Malvertising in Apple Pay Targets iPhone Users
- An Introduction to Magecart
- Report: Emotet makes phishing lures more convincing by scraping victims' emails
- Lazarus Continues Heists, Mounts Attacks on Financial Organizations in Latin America
- Emotet Campaigns Persist, Utilize Updated Tactics and Techniques
- For Smbs Ransomware Attacks still the Greatest Online Threat
- Zscaler ThreatLabZ Phishing Roundup
- Vision Direct 'fesses up to hack that exposed customer names, payment cards
- Magecart Spies Payment Cards From Retailer Vision Direct
- Kaspersky Security Bulletin: Threat Predictions for 2019
- Experts analyzed how Iranian OilRIG hackers tested their weaponized documents
- Can a D-Link router vulnerability threaten bank customers?
- Google Account Hacked for Fake Bitcoin Reward
- 2019 Security Predictions – Utilities and Industrial Control Systems Targeted with Ransomware
- Two TalkTalk hackers jailed for 2015 data breach that cost it £77 million
INFORMATION & TELECOMMUNICATION
- Instagram bug exposes user passwords
- Gmail Glitch Enables Anonymous Messages in Phishing Attacks
- 560,000 Duped Into Installing Android Malware in the Form of Fake Driving Games
- Inspiring Gender Diversity at Women of the Channel Leadership Summit
- Instagram glitch exposed some user passwords
- Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan
- Zscaler ThreatLabZ Phishing Roundup
- 2018 holiday travel period expected to be the busiest travel season on record
- Kaspersky Security Bulletin: Threat Predictions for 2019
- Instagram Patched A Data Download Tool Bug That Exposed Users Passwords
- Vulnerability Spotlight: Multiple remote code execution vulnerabilities in Atlantis Word Processor
- Google Account Hacked for Fake Bitcoin Reward
- Google, Target Hit by Twitter Bitcoin Scam Account Hacks
FOOD
Nil
WATER
- Tech Docs: Keep Out of the Flood Zone with DoS Protection
ENERGY
- Tech Docs: Keep Out of the Flood Zone with DoS Protection
- Experts analyzed how Iranian OilRIG hackers tested their weaponized documents
- 2019 Security Predictions – Utilities and Industrial Control Systems Targeted with Ransomware
GOVERNMENT & PUBLIC SERVICE
- ESET: Vietnamese hacking group hijacks Southeast Asian sites in watering hole campaign
- 200K Outlaw Botnet Uses SSH Brute Forcing to Propagate, Monero Mining for Profit
- Infamous Russian Hacking Group Used New Trojan in Recent Attacks
- APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign
- APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign
- Russia’s Elite Hackers May Have New Phishing Tricks
- Government Agencies and Think Tanks attacked, APT29 suspected
- Hackers Linked to Russia Impersonate US Officials
- Russian APT activity is resurgent, researchers say
- Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan
- OceanLotus: New watering hole attack in Southeast Asia
- OceanLotus: New watering hole attack in Southeast Asia
- Kaspersky Security Bulletin: Threat Predictions for 2019
- Experts analyzed how Iranian OilRIG hackers tested their weaponized documents
- Google, Target Hit by Twitter Bitcoin Scam Account Hacks
DATA BREACH & DATA LOSS
- ESET: Vietnamese hacking group hijacks Southeast Asian sites in watering hole campaign
- jQuery File Upload Disclosure Due Diligence
- APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign
- APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign
- Voxox leak: Millions of SMS messages exposed
- Second WordPress hacking campaign underway, this one targeting AMP for WP plugin
- Vision Direct Reveals Data Breach
- Instagram glitch exposed some user passwords
- OSIsoft Warns Employees, Contractors of Data Breach
- Two Young Men Jailed for Involvement in TalkTalk Data Breach
- tRat: New Modular RAT Appears in Multiple Email Campaigns
- Emotet Campaigns Persist, Utilize Updated Tactics and Techniques
- Mac users using Exodus cryptocurrency wallet targeted by a small spam campaign
- AWS moves to curb S3 data leaks, but Chris Vickery is doubtful
- TalkTalk hackers jailed for role in £77m data breach
- CarBlues – Bluetooth Vehicle Hack Exploit Affects Millions Of Vehicles Exposing Users PII
- 2018 holiday travel period expected to be the busiest travel season on record
- Vision Direct 'fesses up to hack that exposed customer names, payment cards
- Dutch audit finds Microsoft Office leaks confidential data
- Cozy Bear tracks: Phishing campaign looks like work of Russian APT group
- Instagram Patched A Data Download Tool Bug That Exposed Users Passwords
- Two TalkTalk hackers jailed for 2015 data breach that cost it £77 million
DENIAL-OF-SERVICE
- Tech Docs: Keep Out of the Flood Zone with DoS Protection
MALVERTISING
- ESET: Vietnamese hacking group hijacks Southeast Asian sites in watering hole campaign
- Malvertising in Apple Pay Targets iPhone Users
- OceanLotus: New watering hole attack in Southeast Asia
- OceanLotus: New watering hole attack in Southeast Asia
- Confiant spots major malvertising attack
PHISHING
- Gmail Glitch Enables Anonymous Messages in Phishing Attacks
- Emotet Returns with Thanksgiving Theme and Better Phishing Tricks
- Emotet Returns with Thanksgiving Theme and Better Phishing Tricks
- Russia’s Elite Hackers May Have New Phishing Tricks
- TEMP.Periscope Spearphishing
- Report: Emotet makes phishing lures more convincing by scraping victims' emails
- Zscaler ThreatLabZ Phishing Roundup
- A little phishing knowledge may be a dangerous thing
- Cozy Bear tracks: Phishing campaign looks like work of Russian APT group
WEB DEFACEMENT
Nil
BOTNET
- 200K Outlaw Botnet Uses SSH Brute Forcing to Propagate, Monero Mining for Profit
RANSOMWARE
- Dharma Ransomware Variant Discovered
- For Smbs Ransomware Attacks still the Greatest Online Threat
- Targeted ransomware attacks on the rise in 2018, NCSC warns
- 2019 Security Predictions – Utilities and Industrial Control Systems Targeted with Ransomware
CRYPTOMINING & CRYPTOCURRENCIES
- 200K Outlaw Botnet Uses SSH Brute Forcing to Propagate, Monero Mining for Profit
- Mac users using Exodus cryptocurrency wallet targeted by a small spam campaign
- Microsoft Releases Azure Blockchain Development Kit
- Google Account Hacked for Fake Bitcoin Reward
- Google, Target Hit by Twitter Bitcoin Scam Account Hacks
MALWARE
- Down But Not Out, WannaCry Malware Continues to Infect Unpatched Windows PCs
- Infamous Russian Hacking Group Used New Trojan in Recent Attacks
- 560,000 Duped Into Installing Android Malware in the Form of Fake Driving Games
- DirtyCOW Is Back In Backdoor Attack Targeting Drupal Web Servers
- Inserted Malicious URLs within Office Documents’ Embedded Videos
- Russian hackers are trying out this new malware against US and European targets
- Russian hackers are trying out this new malware against US and European targets
- Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan
- tRat: New Modular RAT Appears in Multiple Email Campaigns
- Scumbags cram Make-A-Wish website with coin-mining malware
- DirtyCOW is back in backdoor attack targeting Drupal Web Servers
- The wiper #malware that briefly disrupted the Winter #Olympics earlier this year appears to be back - now with a
- 13 Malicious Apps in Google Play With More than 560,000+ Installs
EXPLOIT
- Hackers Exploit Vulnerability in WP GDPR Compliance Plugin – Update Now
- CarBlues – Bluetooth Vehicle Hack Exploit Affects Millions Of Vehicles Exposing Users PII
VULNERABILITY
- Instagram bug exposes user passwords
- Critical Adobe Flash Bug Impacts Windows, macOS, Linux and Chrome OS
- Hackers target Drupal servers chaining several flaws, including Drupalgeddon2 and DirtyCOW
- Flash Player Type Confusion Critical Vulnerability, Another Reason Not to Use It
- Flash Player Update Patches Disclosed Code Execution Flaw
- Attackers Target Drupal Web Servers with Chained Vulnerabilities
- WordPress GDPR Plug-in Contains Privilege Escalation Flaw
- Hackers Exploit Vulnerability in WP GDPR Compliance Plugin – Update Now
- Almost 50 Percent of 2018 Vulnerabilities Can Be Exploited Remotely
- TP-Link fixes 2 Remote Code Execution flaws in TL-R600VPN SOHO Router and other issues
- Raft of flaws discovered in MiSafes child-monitoring devices
- Instagram Patched A Data Download Tool Bug That Exposed Users Passwords
- Can a D-Link router vulnerability threaten bank customers?
- 3 New Code Execution Flaws Discovered in Atlantis Word Processor
- Vulnerability Spotlight: Multiple remote code execution vulnerabilities in Atlantis Word Processor
- Apache OpenOffice 4.1.6 release: important bug fixes and security fixes
- Almost 50 Percent of 2018 Vulnerabilities Can Be Exploited Remotely
- #BluetoothDevices might be at risk after a new #Bluetooth vulnerability was found targeting #firmware or operating system software drivers. Learn
WINDOWS
- Critical Adobe Flash Bug Impacts Windows, macOS, Linux and Chrome OS
- 200K Outlaw Botnet Uses SSH Brute Forcing to Propagate, Monero Mining for Profit
- Flash Player Type Confusion Critical Vulnerability, Another Reason Not to Use It
- Down But Not Out, WannaCry Malware Continues to Infect Unpatched Windows PCs
- APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign
- Malvertising in Apple Pay Targets iPhone Users
- Hackers Linked to Russia Impersonate US Officials
- Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan
- Lazarus Continues Heists, Mounts Attacks on Financial Organizations in Latin America
- Mac users using Exodus cryptocurrency wallet targeted by a small spam campaign
- Kaspersky Security Bulletin: Threat Predictions for 2019
- Experts analyzed how Iranian OilRIG hackers tested their weaponized documents
- Apache OpenOffice 4.1.6 release: important bug fixes and security fixes
LINUX
- Critical Adobe Flash Bug Impacts Windows, macOS, Linux and Chrome OS
- 200K Outlaw Botnet Uses SSH Brute Forcing to Propagate, Monero Mining for Profit
- Hackers target Drupal servers chaining several flaws, including Drupalgeddon2 and DirtyCOW
- Flash Player Type Confusion Critical Vulnerability, Another Reason Not to Use It
- Malvertising in Apple Pay Targets iPhone Users
- Attackers Target Drupal Web Servers with Chained Vulnerabilities
UNIX
Nil
ANDROID
- 200K Outlaw Botnet Uses SSH Brute Forcing to Propagate, Monero Mining for Profit
- 560,000 Duped Into Installing Android Malware in the Form of Fake Driving Games
- Web skimmers compete in Umbro Brasil hack
- Malvertising in Apple Pay Targets iPhone Users
- Kaspersky Security Bulletin: Threat Predictions for 2019
- 13 Malicious Apps in Google Play With More than 560,000+ Installs
IOS
- Malvertising in Apple Pay Targets iPhone Users
- Kaspersky Security Bulletin: Threat Predictions for 2019
MACOS
- Critical Adobe Flash Bug Impacts Windows, macOS, Linux and Chrome OS
- Flash Player Type Confusion Critical Vulnerability, Another Reason Not to Use It
- Mac users using Exodus cryptocurrency wallet targeted by a small spam campaign
DATA BREACH & DATA LOSS
- Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign
- Data Leak Incident Reported by Fortune 500 Metropolitan Life Insurance Company
- VisionDirect Blindsided by Magecart in Data Breach
- OSIsoft Breached, All Domain Accounts, Emails, and Passwords Assumed Compromised
- “Simplicity without Compromise” with Catalyst 9200 – Intent Based Networking Everywhere!
- EOS.IO Smart Contract Database Walkthrough
- Ford Eyes Use of Customers’ Personal Data to Boost Profits
- Vision Direct Admits To Breach With CVVs Compromised
- Instagram Bug, Now Fixed, Exposed User Passwords
- Business email compromise scam costs Pathé $21.5 million
- Database Misconfiguration Leaks 26 Million SMS Messages
- The Most Damaging Election Disinformation Campaign Came From Donald Trump, Not Russia
- SUNY Upstate Hospital announced a former employee inappropriately accessed more than 1,200 patient records.
- Subject: Invoice. The cause of 6 out of 10 of the most effective phishing campaigns in 2018
- Vision Direct reveals customer credit card leak, fake Google script may be to blame
- Most Important Consideration of Confidentiality,Integrity, Availability (CIA Triad) to Avoid Organization Data Breach
- New security feature to prevent Amazon S3 bucket misconfiguration and data leaks
- Instagram Privacy Tool Exposed Passwords
- Vision Direct Notifies Customers of Data Compromise
- Proofpoint #ThreatInsight research: #sLoad and #Ramnit pairing in sustained personalized campaigns against UK and Italy:
- Instagram Accidentally Exposed Some User Passwords
- Email campaign spreading new tRAT malware
- The promised integration with #HaveIBeenPwned is expanding in #FirefoxMonitor with new breach alerts when a user visits a recently compromised
- Instagram Critical Bug Leaked User’s Password Via its Data Download Tool
- After early speculation of #malicious intent, experts said an accidental misconfiguration caused the BGP route leak that sent traffic destined
- Firefox automatically alerts users when you access sites that have data breaches
- Instagram Accidentally Exposed Some Users' Passwords In Plaintext
DENIAL-OF-SERVICE
Nil
MALVERTISING
Nil
PHISHING
- Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign
- Top 5 ways to pick a secure password
- Top 5 ways to pick a secure password
- 2FA Login Failure in Office 365 and Azure
- Subject: Invoice. The cause of 6 out of 10 of the most effective phishing campaigns in 2018
- A little phishing knowledge may be a dangerous thing
- The more you say you know about phishing, the more vulnerable you are … Until you’re hoodwinked
- More than 50% forgot their password once at least one in the last month
- An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in
- How #privacy intersects with #CyberSecurity.
“Criminals can craft better phishing emails to scam you when they know what you’re interested in.”
- Review: Specops Password Policy
- Instagram Critical Bug Leaked User’s Password Via its Data Download Tool
- Sai quali sono i modelli più utilizzati dagli utenti per creare le proprie #password? Qui ti suggeriamo alcune 'best practice'
WEB DEFACEMENT
Nil
BOTNET
- Outlaw Group Distributes Botnet for Cryptocurrency-Mining, Scanning, and Brute-Force
- How do you think the #Mylobot #botnet attack will affect the future of botnets?
RANSOMWARE
- Texas hospital becomes victim of Dharma ransomware
- A History of Ransomware Attacks: The Biggest and Worst Ransomware Attacks of All Time
- Wannacry Continues to be Dominant Ransomware
CRYPTOMINING & CRYPTOCURRENCIES
- EOS.IO Smart Contract Database Walkthrough
- Bitcoin Falls Below $5,000
- Cryptojacking Attack Targets Make-A-Wish Foundation Website
- WebCobra Installs Cryptominer On Victim's System
- Outlaw Group Distributes Botnet for Cryptocurrency-Mining, Scanning, and Brute-Force
- How can a @Trezor #cryptocurrency wallet fall victim to attack? Learn more with expert @lewisnic
- Turkish Police Arrested Cryptocurrency Hackers
MALWARE
- New Modular tRat Remote Access Trojan Surfaced During September
- OSIsoft Breached, All Domain Accounts, Emails, and Passwords Assumed Compromised
- Traps: Fighting Threats With Cloud-Based Malware Analysis
- U.S. warns countries not to 'manipulate the extradition process' for cybercriminals
- DarkGate Malware Avoids Endpoint AV Detection
- New ShadowTalk update looks at:
New nation-state threat actor uses advanced TTPs to target Pakistan
Lazarus Group’s FASTCash malware
- Cybaze ZLab – Yoroi team analyzed malware used in recent attacks on US entities attributed to APT29
- An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in
- Email campaign spreading new tRAT malware
- After early speculation of #malicious intent, experts said an accidental misconfiguration caused the BGP route leak that sent traffic destined
- Fun fact: The Morris Worm of 1988 did never spread to Finland, as the outbreak happened two weeks before we
- October 2018’s Most Wanted Malware: For The First Time, Remote Access Trojan Reaches Global Threat Index’s Top 10
EXPLOIT
Nil
VULNERABILITY
- Finds vulnerabilities in wordpress websites using WPSCAN
- TP-Link Patches Remote Code Execution Flaws in SOHO Router
- Tianfu Cup PWN hacking contest – White hat hackers earn $1 Million for Zero-Day exploits
- Instagram Flaw Exposes User Passwords
- Multiple Remote TP-Link TL-R600VPN Router Vulnerabilities Patched
- A bug in EA Origin client exposes gamers' data
- Vulnerabilities Dip 7%, but Researchers Are Cautious
- Instagram Bug, Now Fixed, Exposed User Passwords
- Vulnerability Spotlight: Multiple remote vulnerabilities in TP-Link TL-R600VPN
- SUNY Upstate Hospital announced a former employee inappropriately accessed more than 1,200 patient records.
- Instagram flaw exposes user passwords
- Hackers Earn $1 Million for Zero-Day Exploits at Chinese Competition
- Privilege escalation bug patched in Accelerated Mobile Pages WordPress plug-in
- How does a Bluetooth vulnerability enable validation attacks?
- How does site isolation defend against #Spectre vulnerabilities? Expert Michael Cobb of @thehairyITdog explains
- Helping researchers with IoT firmware vulnerability discovery
- Vulnerability Spotlight: Multiple remote vulnerabilities in TP-Link TL-R600VPN
- Instagram Critical Bug Leaked User’s Password Via its Data Download Tool
