DATA BREACH & DATA LOSS
- NUI Galway’s Problem: Misplaced USB Flash Drive Containing Unencrypted Student Records
- Data breach in OSIsoft
- Brazil's largest professional association suffers massive data leak
- Amazon Snafu Exposed Customers' Names and Email Addresses
- “Back in Black” – Article 13 has YouTube threatening to pull the plug over upload filter
- New Emotet Thanksgiving campaign differs from previous ones
- US Postal Service Website Left Data Exposed for Over a Year
- .@Amazon unveils new settings to help users avoid S3 data leaks, but UpGuard's Chris Vickery, who uncovered most #AWS exposures,
- Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits
- A #phishing campaign was recently found to be hijacking the traffic of @Trezor user #cryptocurrency wallets. Learn how such an
- Software company OSIsoft has suffered a data breach
- SAVE 50% FOR BLACK FRIDAY!
Get half off FREEDOME VPN and TOTAL with coupon code BLACKFRIDAY.
- DNS Shell – Tool to Compromise and Maintain Control Over Victim Machine
- @FSecure fait son #BlackFriday ! Profitez de 50% de remise sur une sélection de produits !
- 60 million users’ data were exposed by the US Postal Service
DENIAL-OF-SERVICE
- Why e-commerce needs DDoS protection for Cyber Monday
MALVERTISING
Nil
PHISHING
- 8 tips for avoiding phishing, malware, scams, and hacks while holiday shopping online
- New Linux crypto-miner steals your root password and disables your antivirus
- Attackers Are Landing Email Inboxes Without the Need to Phish
- Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
- Phishing Used to Launch GreyEnergy's ICS Attacks
- Southwest Washington Regional Surgery Center suffered a Phishing attack
- A #phishing campaign was recently found to be hijacking the traffic of @Trezor user #cryptocurrency wallets. Learn how such an
WEB DEFACEMENT
Nil
BOTNET
- Malware scum want to build a Linux botnet using Mirai
- Deep Instinct recently blogged about a new #botnet -- dubbed #Mylobot -- that has shown new, complex tools and techniques.
RANSOMWARE
- SMBs suffered the brunt of ransomware attacks in 2018
- The number of ransomware attacks on individuals has come down as it has become harder to get them to pay,
CRYPTOMINING & CRYPTOCURRENCIES
- Cryptocurrency ‘minting’ flaw could have leached money from exchanges
- A #phishing campaign was recently found to be hijacking the traffic of @Trezor user #cryptocurrency wallets. Learn how such an
MALWARE
- 8 tips for avoiding phishing, malware, scams, and hacks while holiday shopping online
- New Crypto-Miner Attacks Linux Machines, Kills Other Miners and Anti-Malware
- Malware scum want to build a Linux botnet using Mirai
- Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
- Black Friday special by Emotet: Filling inboxes with infected XML macros
- Black Friday special by Emotet: Filling inboxes with infected XML macros
- Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
- VMware patches guest-to-host malware vulnerability
- #WebCache poisoning poses a serious threat to #BrowserSecurity. Learn how #hackers can use unkeyed inputs for malicious intent from expert
- Best way to Remove Malware on Mac, Including Other Unwanted Apps
- New Crypto Malware Spreading that Infects Linux Machines & Removes Anti-Virus
- Over 500k Play Store users have installed 13 games that contain malware
EXPLOIT
Nil
VULNERABILITY
- DoS Vulnerabilities Found in Linux Kernel, Unpatched
- Apache Hadoop spins cracking code injection vulnerability YARN
- German e-government SDK patched against ID spoofing vulnerability
- US Postal Service Plugs API Flaw - One Year Later
- VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition
- Adobe Flash Player Remote Code Execution Vulnerability Threat Alert
- Old Printer Vulnerabilities Die Hard
- VMware Patches Workstation Flaw Disclosed at Hacking Contest
- Cryptocurrency ‘minting’ flaw could have leached money from exchanges
- USPS Bug affects 60 Million Users, Finally Fixed.
- German eID vulnerability allows hackers to change identities
- VMware patches guest-to-host malware vulnerability
- Internet connected devices might be the hot item for Christmas this year, but are they secure?
- Hacker says USPS ignored serious security flaw for over a year
- CVE-2018-6983: integer overflow vulnerability in VMware Workstation and Fusion
ASIA
- US Says China Increased Hacking over Trade Dispute
- North Korean Hackers Hit Latin American Banks
- VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition
- Adobe Flash Player Remote Code Execution Vulnerability Threat Alert
- VMware Patches Workstation Flaw Disclosed at Hacking Contest
WORLD
- NUI Galway’s Problem: Misplaced USB Flash Drive Containing Unencrypted Student Records
- Data breach in OSIsoft
- New Crypto-Miner Attacks Linux Machines, Kills Other Miners and Anti-Malware
- Brazil's largest professional association suffers massive data leak
- German e-government SDK patched against ID spoofing vulnerability
- US Postal Service Plugs API Flaw - One Year Later
- US Says China Increased Hacking over Trade Dispute
- North Korean Hackers Hit Latin American Banks
- VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition
- Phishing Used to Launch GreyEnergy's ICS Attacks
- New Emotet Thanksgiving campaign differs from previous ones
- Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
- Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
- US Postal Service Website Left Data Exposed for Over a Year
- German eID vulnerability allows hackers to change identities
- Hacker says USPS ignored serious security flaw for over a year
- Synthetic identity fraud to drive $48 billion in annual losses by 2023 – Juniper Research
- Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits
- Southwest Washington Regional Surgery Center suffered a Phishing attack
- 60 million users’ data were exposed by the US Postal Service
- The team discuss continuing activity by the Magecart group, as well as the ways in which #cybercriminals are gearing up
ATTACKS
- NUI Galway’s Problem: Misplaced USB Flash Drive Containing Unencrypted Student Records
- Data breach in OSIsoft
- 8 tips for avoiding phishing, malware, scams, and hacks while holiday shopping online
- Brazil's largest professional association suffers massive data leak
- Amazon Snafu Exposed Customers' Names and Email Addresses
- New Linux crypto-miner steals your root password and disables your antivirus
- Attackers Are Landing Email Inboxes Without the Need to Phish
- Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
- “Back in Black” – Article 13 has YouTube threatening to pull the plug over upload filter
- Phishing Used to Launch GreyEnergy's ICS Attacks
- New Emotet Thanksgiving campaign differs from previous ones
- US Postal Service Website Left Data Exposed for Over a Year
- .@Amazon unveils new settings to help users avoid S3 data leaks, but UpGuard's Chris Vickery, who uncovered most #AWS exposures,
- Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits
- Southwest Washington Regional Surgery Center suffered a Phishing attack
- A #phishing campaign was recently found to be hijacking the traffic of @Trezor user #cryptocurrency wallets. Learn how such an
- Software company OSIsoft has suffered a data breach
- SAVE 50% FOR BLACK FRIDAY!
Get half off FREEDOME VPN and TOTAL with coupon code BLACKFRIDAY.
- DNS Shell – Tool to Compromise and Maintain Control Over Victim Machine
- @FSecure fait son #BlackFriday ! Profitez de 50% de remise sur une sélection de produits !
- 60 million users’ data were exposed by the US Postal Service
THREATS
- 8 tips for avoiding phishing, malware, scams, and hacks while holiday shopping online
- New Crypto-Miner Attacks Linux Machines, Kills Other Miners and Anti-Malware
- DoS Vulnerabilities Found in Linux Kernel, Unpatched
- Apache Hadoop spins cracking code injection vulnerability YARN
- German e-government SDK patched against ID spoofing vulnerability
- Malware scum want to build a Linux botnet using Mirai
- US Postal Service Plugs API Flaw - One Year Later
- VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition
- Adobe Flash Player Remote Code Execution Vulnerability Threat Alert
- Old Printer Vulnerabilities Die Hard
- VMware Patches Workstation Flaw Disclosed at Hacking Contest
- Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
- Black Friday special by Emotet: Filling inboxes with infected XML macros
- Black Friday special by Emotet: Filling inboxes with infected XML macros
- Cryptocurrency ‘minting’ flaw could have leached money from exchanges
- Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
- USPS Bug affects 60 Million Users, Finally Fixed.
- German eID vulnerability allows hackers to change identities
- VMware patches guest-to-host malware vulnerability
- Internet connected devices might be the hot item for Christmas this year, but are they secure?
- Hacker says USPS ignored serious security flaw for over a year
- #WebCache poisoning poses a serious threat to #BrowserSecurity. Learn how #hackers can use unkeyed inputs for malicious intent from expert
- SMBs suffered the brunt of ransomware attacks in 2018
- Best way to Remove Malware on Mac, Including Other Unwanted Apps
- A #phishing campaign was recently found to be hijacking the traffic of @Trezor user #cryptocurrency wallets. Learn how such an
- CVE-2018-6983: integer overflow vulnerability in VMware Workstation and Fusion
- The number of ransomware attacks on individuals has come down as it has become harder to get them to pay,
- New Crypto Malware Spreading that Infects Linux Machines & Removes Anti-Virus
- Over 500k Play Store users have installed 13 games that contain malware
CRIME
- Data breach in OSIsoft
- US Says China Increased Hacking over Trade Dispute
- Synthetic identity fraud to drive $48 billion in annual losses by 2023 – Juniper Research
- Software company OSIsoft has suffered a data breach
- The team discuss continuing activity by the Magecart group, as well as the ways in which #cybercriminals are gearing up
POLITICS
- NUI Galway’s Problem: Misplaced USB Flash Drive Containing Unencrypted Student Records
- US Says China Increased Hacking over Trade Dispute
- Synthetic identity fraud to drive $48 billion in annual losses by 2023 – Juniper Research
- Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits
WINDOWS
- What Is Windows PowerShell (And Could It Be Malicious)?
- Take a Look at L0rdix, The Super Malware Toolkit of 2018
- New Wine in Old Bottle: New Azorult Variant Found in FindMyName Campaign using Fallout Exploit Kit
- New Pterodo Backdoor Malware Detected By Ukraine
- Exploit Windows Remote PC with EternalBlue & DoublePulsar Exploit through Metasploit
- Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
- Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
- CVE-2018-15981: Adobe Flash Player Arbitrary Code Execution Vulnerability
- How to find, is link malicious/URL or not
LINUX
- What Is Windows PowerShell (And Could It Be Malicious)?
- Mirai Used as Payload in Hadoop YARN Vulnerability
- Hackers target Drupal servers chaining several flaws, including Drupalgeddon2 and DirtyCOW
- Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
- CVE-2018-15981: Adobe Flash Player Arbitrary Code Execution Vulnerability
- Uncover virtual hosts of domain with Fierce
- How to find, is link malicious/URL or not
UNIX
Nil
ANDROID
- Spoofed addresses and anonymous sending: new Gmail bugs make for easy pickings
- 500K Android users hit with malware, and what to do if you're infected
- 13 Malware-Laden Fake Apps on Google Play
- Malicious programs disguised as racing games on Google Play
- "Luiz O Pinto" pushed 500,000+ installs of malware via Google Play, in ~1 week.
IOS
- Spoofed addresses and anonymous sending: new Gmail bugs make for easy pickings
- 13 Malware-Laden Fake Apps on Google Play
- New Wine in Old Bottle: New Azorult Variant Found in FindMyName Campaign using Fallout Exploit Kit
MACOS
- Pen-test at Dropbox turns up three Apple 0-day bugs
- What Is Windows PowerShell (And Could It Be Malicious)?
- Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
- CVE-2018-15981: Adobe Flash Player Arbitrary Code Execution Vulnerability
DATA BREACH & DATA LOSS
- Email Addresses and Phone Numbers of More than 60 Million Users Exposed by USPS
- A flaw in US Postal Service website exposed data on 60 Million Users
- Emotet Banking Trojan Uses Stolen Templates to Boost Phishing Campaign Numbers
- Amazon Customer Email Addresses Leaked Because of 'Technical Error'
- Google Taking Over Health Records Raises Patient Privacy Fears
- Amazon tech error leaks customers’ email addresses
- USPS Site Exposed Data on 60 Million Users
- Vision Direct Deals With Customer Data Leak
- Amazon suffers data breach days before Black Friday
- Emotet’s Thanksgiving Campaign Delivers New Recipes for Compromise
- Researchers Reveal Identity of Hacker Behind Massive Data Breaches
- Record Retention
- A hacker known as #Tessa88 offered several compromise databases obtained from LinkedIn, MySpace and other companies. Now Recorded Future believes
- The promised integration with #HaveIBeenPwned is expanding in #FirefoxMonitor with new breach alerts when a user visits a recently compromised
- Amazon warns customers it leaked their names and email addresses
- Amazon leaks users' email addresses due to 'technical error'
- High Tail Hall data breach exposes over 400,000 furry fans
- Facebook Ads Urge Its Staff To Leak Secrets
- Amazon Suffers Data Breach Days Before Black Friday
- New Wine in Old Bottle: New Azorult Variant Found in FindMyName Campaign using Fallout Exploit Kit
- Despite early speculation, experts concluded the BGP route leak that sent Google traffic through China and Russia was due to
- Amazon UK is notifying a data breach to its customers days before Black Friday
- New Campaign by APT Group Sofacy Discovered using new Malware Named Cannon
- White House admits Ivanka Trump used private email for government business
- .@Amazon unveils new settings to help users avoid S3 data leaks, but UpGuard's Chris Vickery, who uncovered most #AWS exposures,
- How have #phishing campaigns threatened your #EnterpriseSecurity system?
- Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
- Amazon Data Leak Exposes Email Addresses Right Before Black Friday
- Yikes...#Instagram Accidentally Exposed Some Users' #Passwords In Plaintext
- APAC consumers want IoT devices, but fear data leaks
- OUR BLACK FRIDAY DEALS ARE LIVE!
Get 50% off from FREEDOME VPN and TOTAL subscriptions with coupon code BLACKFRIDAY.
Buy now:
- Russia Linked Group Resurfaces With Large-Scale Phishing Campaign
DENIAL-OF-SERVICE
Nil
MALVERTISING
- New OceanLotus watering hole attacks target southeast Asia
PHISHING
- Phishing: It's all too easy on mobile devices
- Emotet Banking Trojan Uses Stolen Templates to Boost Phishing Campaign Numbers
- Black Friday Phishing Dos and Don’ts
- Bah HumBUG: 5 Recent Holiday Phishing Samples You Need to Watch Out For
- Phishing Emails with .COM Extensions Are Hitting Finance Departments
- Black Friday & Cyber Monday Deals: Phishing and Site Skimmers
- #CyberMonday Tip 1: Be careful of phishing scams claiming to be from a package-delivery company with links to tracking information.
AVG
- How have #phishing campaigns threatened your #EnterpriseSecurity system?
- Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
- Yikes...#Instagram Accidentally Exposed Some Users' #Passwords In Plaintext
- #Gmail Glitch Enables Anonymous Messages in #Phishing Attacks:
- Phishing Scams Serious Problem for Canada’s Global Affairs
- Microsoft now lets you log into Outlook, Skype, Xbox Live without a password
- Russia Linked Group Resurfaces With Large-Scale Phishing Campaign
WEB DEFACEMENT
Nil
BOTNET
- Outlaw Group Botnet Enhanced
- A new #botnet -- #Mylobot -- has shown new, complex levels of tools and techniques that are subsequently altering botnet
- New Hacking Group Outlaw Distributing Botnet to Scan The Network & Perform Cryptocurrency-Mining & Brute-Force Attack
RANSOMWARE
- City of Valdez, Alaska admits to paying off ransomware infection
- Malaysia’s largest media company becomes victim of a ransomware attack
CRYPTOMINING & CRYPTOCURRENCIES
- Malware Moves: Attackers Retool for Cryptocurrency Theft
- New Hacking Group Outlaw Distributing Botnet to Scan The Network & Perform Cryptocurrency-Mining & Brute-Force Attack
- Signing and Verifying Ethereum Signatures
- US Department of Justice is investigating Tether for manipulation of market prices
- Worried about cryptojacking? Check out how SentinelOne Detects and Protects from GhostMiner CryptoMiner
MALWARE
- Emotet Banking Trojan Uses Stolen Templates to Boost Phishing Campaign Numbers
- Lazarus APT Uses Modular Backdoor to Target Financial Institutions
- What Is Windows PowerShell (And Could It Be Malicious)?
- Take a Look at L0rdix, The Super Malware Toolkit of 2018
- Mirai Used as Payload in Hadoop YARN Vulnerability
- 500K Android users hit with malware, and what to do if you're infected
- Russian Cozy Bear cyberspies awake from hibernation to sling spyware
- 13 Malware-Laden Fake Apps on Google Play
- Italian Naval Industry Attacked By MartyMcFly Malware
- Sofacy APT unleashes new 'Cannon' trojan
- New Pterodo Backdoor Malware Detected By Ukraine
- New Campaign by APT Group Sofacy Discovered using new Malware Named Cannon
- Malicious programs disguised as racing games on Google Play
- How is Plead #malware used for #cyberespionage attacks? Learn more with Michael Cobb of @thehairyITdog.
- Conficker: A 10-year retrospective on a legendary worm
- Malware Moves: Attackers Retool for Cryptocurrency Theft
- Infowars Online Store Got Infected with Card Skimming Malware
- Awake Security uncovers malicious intent across on-premise, IoT and cloud infrastructure
- Centreon releases Remote Server functionality for cross-domain monitoring of multi-site IT operations
- Fancy Bear APT Uses New Cannon Trojan to Target Government Entities
- "Luiz O Pinto" pushed 500,000+ installs of malware via Google Play, in ~1 week.
- Uncover virtual hosts of domain with Fierce
- Sofacy APT Takes Aim with Novel ‘Cannon’ Trojan
- How to find, is link malicious/URL or not
- Worried about cryptojacking? Check out how SentinelOne Detects and Protects from GhostMiner CryptoMiner
EXPLOIT
- Attackers Exploit Recently Patched Popular WordPress Plugin
- New Wine in Old Bottle: New Azorult Variant Found in FindMyName Campaign using Fallout Exploit Kit
- Exploit Windows Remote PC with EternalBlue & DoublePulsar Exploit through Metasploit
- Worried about cryptojacking? Check out how SentinelOne Detects and Protects from GhostMiner CryptoMiner
VULNERABILITY
- Pen-test at Dropbox turns up three Apple 0-day bugs
- A flaw in US Postal Service website exposed data on 60 Million Users
- Facebook increases rewards for its bug bounty program and facilitate bug submission
- Spoofed addresses and anonymous sending: new Gmail bugs make for easy pickings
- Mirai Used as Payload in Hadoop YARN Vulnerability
- Facebook entices researchers with $40,000 reward for account takeover vulnerabilities
- Major Flaws Found in IT Pentagon Processes After First Ever Financial Audit
- How a Security Test for DropBox Revealed 3 Apple Zero Day Vulnerabilities
- Adobe issues fix for Flash bug allowing remote code execution
- A new vulnerability was discovered to affect #Bluetooth #firmware or operating system software drivers. Learn what this vulnerability is and
- German eID Authentication Flaw Lets You Change Identity
- Hackers target Drupal servers chaining several flaws, including Drupalgeddon2 and DirtyCOW
- New vulnerabilities are coming faster than you can fix them
- Red Hawk – Open Source Information Gathering and Vulnerability Scanning Tool
- Hackers target critical WordPress plugin flaw to install backdoors and create admin accounts
- Hackers target critical WordPress plugin flaw to install backdoors and create admin accounts
- Experts found flaws in Dell EMC and VMware Products. Patch them now!
- From directory traversal to direct travesty: Crash, hijack, siphon off this TP-Link VPN box via classic exploitable bugs
- A @DLink #router vulnerability was used to send banking users to a fake site in order to steal #UserCredentials. Learn
- Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
- Patches Released for Flaws Affecting Dell EMC, VMware Products
- Adobe Fixes Critical Flash Vulnerability with
- Facebook Increases Rewards for Account Hacking Vulnerabilities
- Adobe Flash Player Update Released for Remote Code Execution Vulnerability
- Facebook Boosts Bug Bounty Payouts for Account Takeover Flaws
- Hacker got Rewarded for Discovering a Critical Steam Bug
- CVE-2018-15981: Adobe Flash Player Arbitrary Code Execution Vulnerability
- Major Flaws Found in IT Pentagon Processes After First Ever Financial Audit
