Nearly all of the leaked data was for owners or wannabe owners of the automaker’s luxury brand of Audis, now at greater risk for phishing, ransomware...
Year: 2021
The Hacker News – Instagram Bug Allowed Anyone to View Private Accounts Without Following Them (resolved now).
Author: Ravie Lakshmanan Instagram has patched a new flaw that allowed anyone to view archived posts and stories posted by private accounts without having to follow...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Air China Air India Airlines APT41 Attack China CISO Cyber Attacks Cyber Security Data Breaches Incidents record India The Hacker News Threat Actors
The Hacker News – Chinese Hackers Believed to be Behind Second Cyberattack on Air India
Even as a massive data breach affecting Air India came to light the previous month, India’s flag carrier airline appears to have suffered a separate cyber...
0 - CT 0 - CT - CISO Strategics - Privacy Alexa CISO Cyber Security Global Google Home Privacy Siri Smart Home
The Register – PrivacyMic looks to keep your home smart without Google, Alexa, Siri and pals listening in
Raspberry Pi-powered prototype proves 95% accurate, 100% private, claim boffins Researchers at the University of Michigan have proposed a way to have your privacy cake and...
0 - CT 0 - CT - SOC - CSIRT Operations - Malware & Ransomware CISO Cyber Security Global Nefilim Ransomware The Register
The Register – Risk and reward: Nefilim ransomware gang mainly targets fewer, richer companies and that strategy is paying off, warns Trend Micro
Criminal operators emerged from woodwork just as COVID hit the West The Nefilim ransomware gang might not be the best known or most prolific online extortion...
0 - CT 0 – CT – Cybersecurity Architecture – Crypto Security China CISO cryptocurrency Cyber Security Phone Scams The Register
The Register – China arrests over 1000 for using cryptocurrency to help launder proceeds of phone scams
As local search engines stop providing results on crypto-keywords China’s crackdown on cryptocurrencies has reached a new crescendo, with the nation’s Ministry of Public Security on...
The Register – EA Games looted by intruders: Publisher says ‘no player data accessed’ after reported theft of FIFA 21, Frostbite source
‘Surprise stealing mechanics’ made short work of network perimeter security Gareth CorfieldFri 11 Jun 2021 // 12:25 UTC EA Games, publisher of Battlefield, The Sims and FIFA, has admitted to a “recent incident of intrusion into...
The Hacker News – 7-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access
7-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access A seven-year-old privilege escalation vulnerability discovered in the polkit system service could be exploited by a...
Abuses CISO Cyber Security Exploit Unpatched Exploited Global Mobile Security Samsung Spying Campaign The Hacker News
The Hacker News – Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users
Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users Multiple critical security flaws have been disclosed in Samsung’s pre-installed Android apps, which, if successfully exploited,...
0 - CT 0 - CT - Cybersecurity Tools - ANTI DDOS 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0 - CT - SOC - CSIRT Operations - DDOS Attacks 0 - CT - SOC - CSIRT Operations - Malware & Ransomware CISO Cyber Security DDoS DDoS Global Lazarus Ransom Ransomware Theath Actors Groups threatpost
threatpost – ‘Fancy Lazarus’ Cyberattackers Ramp up Ransom DDoS Efforts
‘Fancy Lazarus’ Cyberattackers Ramp up Ransom DDoS Efforts The group, known for masquerading as various APT groups, is back with a spate of attacks on U.S....
threatpost – DarkSide Pwned Colonial With Old VPN Password
Attackers accessed a VPN account that was no longer in use to freeze the company’s network in a ransomware attack whose repercussions are still vibrating. It...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Attack CISO Cyber Security Global The Hacker News TLS Attack
The Hacker News – New TLS Attack Lets Attackers Launch Cross-Protocol Attacks Against Secure Sites
Researchers have disclosed a new type of attack that exploits misconfigurations in transport layer security (TLS) servers to redirect HTTPS traffic from a victim’s web browser...
The Hacker News – Chinese Cyber Espionage Hackers Continue to Target Pulse Secure VPN Devices
Chinese Cyber Espionage Hackers Continue to Target Pulse Secure VPN Devices Ravie Lakshmanan Cybersecurity researchers from FireEye unmasked additional tactics, techniques, and procedures (TTPs) adopted by...
The Hacker News – Your Amazon Devices to Automatically Share Your Wi-Fi With Neighbors
Your Amazon Devices to Automatically Share Your Wi-Fi With Neighbors May 31, 2021Ravie Lakshmanan Starting June 8, Amazon will automatically enable a feature on its family...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0 - CT - SOC - CSIRT Operations - DFIR - Forensics & Incident Response CISO Cyber Security Cyber Security Concepts Cyber Security Papers Incident Response The Hacker News
The Hacker News – The Incident Response Plan – Preparing for a Rainy Day
The Incident Response Plan – Preparing for a Rainy Day The unfortunate truth is that while companies are investing more in cyber defenses and taking cybersecurity...
The Hacker News – Experts Uncover Yet Another Chinese Spying Campaign Aimed at Southeast Asia
Experts Uncover Yet Another Chinese Spying Campaign Aimed at Southeast Asia An ongoing cyber-espionage operation with suspected ties to China has been found targeting a Southeast...
The Hacker News – Researchers Warn of Critical Bugs Affecting Realtek Wi-Fi Module
Researchers Warn of Critical Bugs Affecting Realtek Wi-Fi Module A new set of critical vulnerabilities has been disclosed in the Realtek RTL8170C Wi-Fi module that an...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad CISO Cyber Security DARKReading Data Breach Impacts Data Breaches
DARKReading – Data Breaches Drive Higher Loan Interest Rates
Data Breaches Drive Higher Loan Interest Rates Businesses that suffer a security breach may not see their stock price tumble, but they may pay higher rates...
DARKReading – The Perfect Storm for PAM to Grow In
The Perfect Storm for PAM to Grow In With more staff working remotely, privileged access management (or PAM) has never been more important. Market forecasts, drivers,...
The Hacker News – Researchers Uncover Hacking Operations Targeting Government Entities in South Korea
June 02, 2021 Ravie Lakshmanan A North Korean threat actor active since 2012 has been behind a new espionage campaign targeting high-profile government officials associated with...
0 - CT 0 - CT - CISO Strategics - Cybersecurity Policy & Standars 0 - CT - CISO Strategics - Privacy CISO Cyber Security Privacy Policy Privacy Policy Update The Hacker News TikTok
The Hacker News – TikTok Quietly Updated Its Privacy Policy to Collect Users’ Biometric Data
June 05, 2021Ravie Lakshmanan Popular short-form video-sharing service TikTok quietly revised its privacy policy in the U.S., allowing it to automatically collect biometric information such as...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0 - CT - SOC - CSIRT Operations - Malware & Ransomware CISO Cyber Attacks Cyber Security Ransomware Revil Ransomware threatpost
threatpost – REvil Ransomware Gang Spill Details on US Attacks
REvil Ransomware Gang Spill Details on US Attacks Author:Tom SpringJune 4, 2021 9:19 am2 minute read Write a comment The REvil ransomware gang is interviewed on the Telegram channel...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Companies Cyber Attacks Cyber Security Outages Ransomware threatpost TV and Radio Companies
threatpost – Cyberattack Suspected in Cox TV and Radio Outages
Cyberattack Suspected in Cox TV and Radio Outages Author:Becky BrackenJune 4, 2021 4:21 pm2 minute read Write a comment Cox Media Group tv, radio station streams affected by a...
welivesecurity – 5 common scams targeting teens – and how to stay safe
From knock-off designer products to too-good-to-be-true job offers, here are five common schemes fraudsters use to trick teenagers out of their money and sensitive data Amer...
welivesecurity – Zero‑day in popular WordPress plugin exploited to take over websites
Websites using Fancy Product Designer are susceptible to remote code execution attacks even if the plugin is deactivated Amer Owaida3 Jun 2021 – 05:53PMShare Cybercriminals have...
Abuses Ad Servers Breach CISO Compromise Cyber Security Cybercrime Data Breaches Hacking Incident The Hacker News
The Hacker News – 120 Compromised Ad Servers Target Millions of Internet Users
An ongoing malvertising campaign tracked as “Tag Barnakle” has been behind the breach of more than 120 ad servers over the past year to sneakily inject...
The Hacker News – 3 Zero-Day Exploits Hit SonicWall Enterprise Email Security Appliances
SonicWall has addressed three critical security vulnerabilities in its hosted and on-premises email security (ES) product that are being actively exploited in the wild. Tracked as...
threatpost – NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens
Author:Tara SealsApril 19, 2021 3:23 pm3:30 minute read Write a comment Share this article: The malware seems like a silly coding lark at first, but further exploration shows it...
welivesecurity – One in six people use pet’s name as password
Other common and easily hackable password choices include the names of relatives and sports teams, a UK study reveals Amer Owaida15 Apr 2021 – 05:45PMShare As...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0 - CT - SOC - CSIRT Operations - Threat Intelligence Cyber Security Cybercrime DARKReading
DARKReading – US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency Treasury Department slaps sanctions on IT security firms that it says supported Russia’s Foreign Intelligence Service carry...