Researchers Warn of Critical Bugs Affecting Realtek Wi-Fi Module A new set of critical vulnerabilities has been disclosed in the Realtek RTL8170C Wi-Fi module that an...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad CISO Cyber Security DARKReading Data Breach Impacts Data Breaches
DARKReading – Data Breaches Drive Higher Loan Interest Rates
Data Breaches Drive Higher Loan Interest Rates Businesses that suffer a security breach may not see their stock price tumble, but they may pay higher rates...
DARKReading – The Perfect Storm for PAM to Grow In
The Perfect Storm for PAM to Grow In With more staff working remotely, privileged access management (or PAM) has never been more important. Market forecasts, drivers,...
The Hacker News – Researchers Uncover Hacking Operations Targeting Government Entities in South Korea
June 02, 2021 Ravie Lakshmanan A North Korean threat actor active since 2012 has been behind a new espionage campaign targeting high-profile government officials associated with...
0 - CT 0 - CT - CISO Strategics - Cybersecurity Policy & Standars 0 - CT - CISO Strategics - Privacy CISO Cyber Security Privacy Policy Privacy Policy Update The Hacker News TikTok
The Hacker News – TikTok Quietly Updated Its Privacy Policy to Collect Users’ Biometric Data
June 05, 2021Ravie Lakshmanan Popular short-form video-sharing service TikTok quietly revised its privacy policy in the U.S., allowing it to automatically collect biometric information such as...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0 - CT - SOC - CSIRT Operations - Malware & Ransomware CISO Cyber Attacks Cyber Security Ransomware Revil Ransomware threatpost
threatpost – REvil Ransomware Gang Spill Details on US Attacks
REvil Ransomware Gang Spill Details on US Attacks Author:Tom SpringJune 4, 2021 9:19 am2 minute read Write a comment The REvil ransomware gang is interviewed on the Telegram channel...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Companies Cyber Attacks Cyber Security Outages Ransomware threatpost TV and Radio Companies
threatpost – Cyberattack Suspected in Cox TV and Radio Outages
Cyberattack Suspected in Cox TV and Radio Outages Author:Becky BrackenJune 4, 2021 4:21 pm2 minute read Write a comment Cox Media Group tv, radio station streams affected by a...
welivesecurity – 5 common scams targeting teens – and how to stay safe
From knock-off designer products to too-good-to-be-true job offers, here are five common schemes fraudsters use to trick teenagers out of their money and sensitive data Amer...
welivesecurity – Zero‑day in popular WordPress plugin exploited to take over websites
Websites using Fancy Product Designer are susceptible to remote code execution attacks even if the plugin is deactivated Amer Owaida3 Jun 2021 – 05:53PMShare Cybercriminals have...
Abuses Ad Servers Breach CISO Compromise Cyber Security Cybercrime Data Breaches Hacking Incident The Hacker News
The Hacker News – 120 Compromised Ad Servers Target Millions of Internet Users
An ongoing malvertising campaign tracked as “Tag Barnakle” has been behind the breach of more than 120 ad servers over the past year to sneakily inject...
The Hacker News – 3 Zero-Day Exploits Hit SonicWall Enterprise Email Security Appliances
SonicWall has addressed three critical security vulnerabilities in its hosted and on-premises email security (ES) product that are being actively exploited in the wild. Tracked as...
threatpost – NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens
Author:Tara SealsApril 19, 2021 3:23 pm3:30 minute read Write a comment Share this article: The malware seems like a silly coding lark at first, but further exploration shows it...
welivesecurity – One in six people use pet’s name as password
Other common and easily hackable password choices include the names of relatives and sports teams, a UK study reveals Amer Owaida15 Apr 2021 – 05:45PMShare As...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0 - CT - SOC - CSIRT Operations - Threat Intelligence Cyber Security Cybercrime DARKReading
DARKReading – US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency Treasury Department slaps sanctions on IT security firms that it says supported Russia’s Foreign Intelligence Service carry...
DARKReading – Pandemic Pushes Bot Operators to Redirect Efforts
As demand for travel, lodging, and concerts plummeted in 2020, bot traffic moved to more popular activities, such as e-commerce, healthcare, and government sites. Shifts in...
The Hacker News – 1-Click Hack Found in Popular Desktop Apps — Check If You’re Using Them
April 15, 2021Ravie Lakshmanan Multiple one-click vulnerabilities have been discovered across a variety of popular software applications, allowing an attacker to potentially execute arbitrary code on...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0 – CT – Cybersecurity Architecture – Crypto Security Cyber Security threatpost
threatpost – Attackers Target ProxyLogon Exploit to Install Cryptojacker
Author:Elizabeth MontalbanoApril 15, 2021 8:19 am3 minute read Write a comment Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered....
0 - CT 0 - CT - Cybersecurity Tools - ANTI DDOS 0 - CT - SOC - CSIRT Operations - DDOS Attacks Botnets Cyber Security DDoS threatpost
threatpost – Gafgyt Botnet Lifts DDoS Tricks from Mirai
Author:Tara SealsApril 15, 2021 12:35 pm2:30 minute read Write a comment The IoT-targeted malware has also added new exploits for initial compromise, for Huawei, Realtek and Dasan GPON devices....
0 - CT 0 - CT - CISO Strategics - Privacy 0 - CT - SOC - CSIRT Operations - Dark & Deep Web Cyber Security Hacking nakedsecurity
nakedsecurity – S3 Ep28: Pwn2Own hacks, dark web hitmen and COVID-19 privacy [Podcast]
15 APR 2021 0Podcast, Privacy, Vulnerability Get the latest security news in your inbox. Don’t show me this again Previous: FBI hacks into hundreds of infected US servers (and disinfects them)by Paul...
0 - CT 0 - CT - CISO Strategics - Cybersecurity Policy & Standars 0 - CT - Cybersecurity Architecture - Mobile & 5G Security Cyber Security Google Security Blog Mobile App Security
Google Security Blog – A New Standard for Mobile App Security
April 15, 2021Posted by Brooke Davis and Eugene Liderman, Android Security and Privacy Team With all of the challenges from this past year, users have become...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Attacks Cyber Security Cybercrime The Hacker News
The Hacker News – US Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattack
April 15, 2021Ravie Lakshmanan The U.S. and U.K. on Thursday formally attributed the supply chain attack of IT infrastructure management company SolarWinds with “high confidence” to...
DARKReading – Software Developer Arrested in Computer Sabotage Case
Officials say Davis Lu placed malicious code on servers in a denial-of-service attack on his employer. A software developer has been arrested and faces charges for...
threatpost – Biden Races to Shore Up Power Grid Against Hacks
Author:Becky BrackenApril 15, 2021 4:09 pm3 minute read Write a comment A 100-day race to boost cybersecurity will rely on incentives rather than regulation, the White House said. President...
Adrian Judzik – Cyber Security Advisor – Ciberseguridad: El Factor Humano.
Ciberseguridad: El Factor Humano. Published on April 5, 2021 “No es el conocimiento, sino el acto de aprendizaje, y no la posesión, sino el acto de...
The Hacker News – YIKES! Hackers flood the web with 100,000 pages offering malicious PDFs
April 15, 2021Ravie Lakshmanan Cybercriminals are resorting to search engine poisoning techniques to lure business professionals into seemingly legitimate Google sites that install a Remote Access...
0 - CT 0 - CT - Cybersecurity Vendors - Microsoft 0 - CT - SOC - CSIRT Operations - Malware & Ransomware Cyber Security
DARKReading – Microsoft Warns of Malware Delivery via Google URLs
A new campaign abuses legitimate website contact forms to send URLs that ultimately deliver the IcedID banking Trojan. Microsoft has warned organizations of a new attack...
threathpost – Microsoft Has Busy April Patch Tuesday with Zero-Days, Exchange Fixes
Author:Tom SpringApril 14, 2021 8:46 am3 minute read Write a comment Share this article: Microsoft fixes 110 vulnerabilities, with 19 classified as critical and another flaw under active attack....
threathpost – A Post-Data Privacy World and Data-Rights Management
InfoSec InsiderJoseph CarsonApril 14, 2021 1:21 pm2 minute read Write a comment Share this article: Joseph Carson, chief security scientist at Thycotic, discusses the death of data privacy and what...
0 - CT 0 - CT - Cybersecurity Organizations - CISA 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security
DARKReading – CISA Urges Caution for Security Researchers Targeted in Attack Campaign
The agency urges researchers to take precautions amid an ongoing targeted threat campaign. The Cybersecurity and Infrastructure Security Agency (CISA) is cautioning cybersecurity researchers to keep...
threatpost – Security Bug Allows Attackers to Brick Kubernetes Clusters
Author:Tara SealsApril 14, 2021 4:56 pm3 minute read Write a comment The vulnerability is triggered when a cloud container pulls a malicious image from a registry. A vulnerability in...