Please do not block your ad, it is an important part of the site's revenue.

Date

Name

Category

Web

19.4.19

Analyzing OilRig’s malware that uses DNS Tunneling

 

Securityaffairs

19.4.19

Drupal patched security vulnerabilities in Symfony, jQuery

 

Securityaffairs

19.4.19

Facebook ‘unintentionally’ collected contacts from 1.5 Million email accounts without permission

 

Securityaffairs

19.4.19

APT28 and Upcoming Elections: evidence of possible interference (Part II)

 

Securityaffairs

19.4.19

State-Sponsored Hackers Use Sophisticated DNS Hijacking in Ongoing Attacks

 

Securityweek

19.4.19

Russian Hackers Use RATs to Target Financial Entities

 

Securityweek

19.4.19

Symfony, jQuery Vulnerabilities Patched in Drupal

 

Securityweek

19.4.19

Network DoS Attack on PLCs Can Disrupt Physical Processes

 

Securityweek

19.4.19

Cisco Patches Critical Flaw in ASR 9000 Routers

 

Securityweek

19.4.19

Mysterious Operative Haunted Kaspersky Critics

 

Securityweek

19.4.19

Bad Bots Steal Accounts, Content and Skew the Web Ecosystem

 

Securityweek

19.4.19

Fortinet Settles Whistleblower Case for $545,000

 

Securityweek

19.4.19

Facebook Stored Millions of Instagram Users' Passwords in Plaintext

 

Thehackernews

19.4.19

Facebook Collected Contacts from 1.5 Million Email Accounts Without Users' Permission

 

Thehackernews

19.4.19

DevSecOps: Fast development without sacrificing safety

 

Net-security

19.4.19

Google will check apps by new developers more thoroughly

 

Net-security

19.4.19

Building a modern data registry: Go beyond data classification

 

Net-security

19.4.19

Worldwide IT spending to grow just 1.1% in 2019

 

Net-security

19.4.19

The biggest hurdles to digital transformation initiatives? Budget and top-down support

 

Net-security

18.4.19

Researchers: Facebook’s Data-Leveraging Scandal Puts Users on Notice

 

Threatpost

18.4.19

ThreatList: Bad Bots Account for a Fifth of All Web Traffic, FinServ Hit the Worst

 

Threatpost

18.4.19

State-Sponsored DNS Hijacking Infiltrates 40 Firms Globally

 

Threatpost

18.4.19

Ubiquitous Bug Allows HIPAA-Protected Malware to Hide Behind Medical Images

 

Threatpost

18.4.19

Russian TA505 threat actor target financial entities worldwide

 

Securityaffairs

18.4.19

Cisco addresses a critical bug in ASR 9000 series Routers

 

Securityaffairs

18.4.19

RCE flaw in Electronic Arts Origin client exposes gamers to hack

 

Securityaffairs

18.4.19

Code execution – Evernote

 

Securityaffairs

18.4.19

Drupal Releases Core CMS Updates to Patch Several Vulnerabilities

 

Thehackernews

18.4.19

Researcher Hijacks a Microsoft Service Using Loophole in Azure Cloud Platform

 

Thehackernews

18.4.19

Over 100 Million JustDial Users' Personal Data Found Exposed On the Internet

 

Thehackernews

18.4.19

Microsoft 365 security: Protecting users from an ever-evolving threat landscape

 

Net-security

18.4.19

Broadcom WiFi chipset drivers contain multiple vulnerabilities

 

Alert

18.4.19

Malware Sample Delivered Through UDF Image

 

SANS

18.4.19

One hundred percent of endpoint security tools eventually fail

 

Net-security

18.4.19

The perimeter is vanishing, how will you secure your network?

Security

Net-security

18.4.19

Consumers willing to adopt smart payments but companies need to guarantee security

Security

Net-security

18.4.19

Which organizations place a premium on security and privacy?

Privacy

Net-security

18.4.19

HITB Haxpo 2019: Celebrating the culture of hacking through the years

Congress

Net-security

18.4.19

Attention CISOs: Five steps to get the security funding you need

Security

Net-security

17.4.19

Wipro Confirms Hack and Supply Chain Attacks on Customers

Attack

Threatpost

17.4.19

Windows Zero-Day Emerges in Active Exploits

Exploit

Threatpost

17.4.19

Authentication Bypass Bug Hits Top Enterprise VPNs

Vulnerebility

Threatpost

17.4.19

Malspam Campaigns Distribute HawkEye Keylogger, Post Ownership Change

Spam

Threatpost

17.4.19

Oracle Squashes 53 Critical Bugs in April Security Update

Vulnerebility

Threatpost

17.4.19

Justdial is leaking personal details of all customers real-time

Incindent

Securityaffairs

17.4.19

Russian Hackers Scrambled to Erase Digital Footprints After Triton Attribution Report

Hacking

Securityweek

17.4.19

Brazilian Hackers Described as Adaptable Pirates

Hacking

Securityweek

17.4.19

Researcher Took Control of Microsoft's Live Tile Service, Defacement PoC Demoed

Exploit

Bleepingcomputer

17.4.19

Script Kiddies Do What They Do Best: Infect Themselves

Virus

Bleepingcomputer

17.4.19

Over 80% of All Phishing Attacks Targeted U.S. Organizations

BigBrothers

Bleepingcomputer

17.4.19

'NamPoHyu Virus' Ransomware Targets Remote Samba Servers

Ransomware

Bleepingcomputer

17.4.19

Twitter Announces 'Hide Replies' Feature, Less Reliance on User Reports

Social

Bleepingcomputer

17.4.19

Malvertising Campaign Abused Chrome to Hijack 500 Million iOS User Sessions

iOS

Bleepingcomputer

17.4.19

New Microsoft Edge to Warn Users When in Administrator Mode

IT

Bleepingcomputer

17.4.19

Hacker Group Uses RATVERMIN Backdoor to Target Ukrainian Military

BigBrothers

Bleepingcomputer

17.4.19

Scranos Operation Uses Signed Rootkit to Steal Login and Payment Info

Virus

Bleepingcomputer

17.4.19

European Commission is not in possession of evidence of issues with Kaspersky products

BigBrothers

Securityaffairs

17.4.19

A new variant of HawkEye stealer emerges in the threat landscape

Virus

Securityaffairs

17.4.19

eGobbler hackers used Chrome bug to deliver 500Million+ ads to iOS users

iOS

Securityaffairs

17.4.19

Iranian Hackers Heavily Reliant on DNS Tunneling

BigBrothers

Securityweek

17.4.19

European Commission: No Evidence of Issues With Kaspersky Products

BigBrothers

Securityweek

17.4.19

Blue Cross of Idaho data breach, 5,600 customers affected

Virus

Securityaffairs

17.4.19

FireEye releases FLASHMINGO tool to analyze Adobe Flash files

Security

Securityaffairs

17.4.19

Oracle Releases 297 Fixes in April 2019 Critical Patch Update

Vulnerebility

Securityweek

17.4.19

State Launches Online Data Survey as Part of Facebook Probe

Social

Securityweek

17.4.19

Cyber Espionage Campaign Against Ukrainian Government Continues

CyberSpy

Securityweek

17.4.19

Cross-Platform Rootkit and Spyware Hits Targets Worldwide

Virus

Securityweek

17.4.19

Blue Cross of Idaho Hacked, Some Member Information Accessed

Hacking

Securityweek

17.4.19

A few Ghidra tips for IDA users, part 2 - strings and parameters

Virus

SANS

17.4.19

What’s in a cybersecurity question? Getting to the root of cyber insights

Cyber

Net-security

17.4.19

Banks continue to prioritize risk management over customer convenience

Security

Net-security

17.4.19

What you can expect at Cyber Week 2019

Congress

Net-security

17.4.19

Cyber espionage and sabotage attacks pose an increasing threat to the energy industry

CyberSpy

Net-security

16.4.19

Adblock Plus filter can be exploited to execute arbitrary code in web pages

Exploit

Securityaffairs

16.4.19

Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading

Virus

Securityaffairs

16.4.19

Ecuador suffered 40 Million Cyber attacks after the Julian Assange arrest

BigBrothers

Securityaffairs

16.4.19

CVE-2019-0803 Windows flaw exploited to deliver PowerShell Backdoor

Exploit

Securityaffairs

16.4.19

New Variant of HawkEye Stealer Emerges

Virus

Securityweek

16.4.19

Norsk Hydro Delays Financial Report Due to Cyberattack

Attack

Securityweek

16.4.19

Open Source Tool From FireEye Automates Analysis of Flash Files

Security

Securityweek

16.4.19

Intel Adds Hardware Shield to New 8th Gen Intel Core vPro Mobile CPUs

IT

Securityweek

16.4.19

Google Makes it Tough for Rogue App Developers Get Back on Android Play Store

Android

Thehackernews

16.4.19

Scranos: New Rapidly Evolving Rootkit-Enabled Spyware Discovered

Virus

Thehackernews

16.4.19

Hackers used credentials of a Microsoft Support worker to access users’ webmail

Incindent

Net-security

16.4.19

Employee cybersecurity essentials part 2: Lost devices and unsafe connections

Cyber

Net-security

16.4.19

Fake Instagram Apps on Google Play Harvest User Logins

Android

Threatpost

16.4.19

TicTocTrack Smartwatch Flaws Can Be Abused to Track Kids

Vulnerebility

Threatpost

16.4.19

Authentication Bypass Bug Hits Top Enterprise VPNs

Vulnerebility

Threatpost

16.4.19

Adblock Plus Filters Can Be Exploited to Run Malicious Code

Virus

Bleepingcomputer

16.4.19

New Malicious Medical DICOM Image Files Cause HIPAA Headache

Virus

Bleepingcomputer

16.4.19

Mobile VPNs Promoted by 'You Are Infected' or 'Hacked' Ads

Virus

Bleepingcomputer

16.4.19

Gnosticplayers round 5 – 65 Million+ fresh accounts from 6 security breaches available for sale

Incindent

Securityaffairs

16.4.19

Hackers Access Microsoft Email Services Accounts

Hacking

Securityweek

16.4.19

Ecuador Says Hit by 40 Million Cyber Attacks Since Assange Arrest

Cyber

Securityweek

16.4.19

Odd DNS Requests that are Normal

Security

SANS

16.4.19

Bad security hygiene still a major risk for enterprise IT networks

Security

Net-security

16.4.19

As IT security automation increases, so does the need for highly skilled staff

Security

Net-security

16.4.19

What is driving organizations’ cloud adoption?

Security

Net-security

15.4.19

Hackers Publish AAF Member Data, Claim It's 'FBI Watchlist'

BigBrothers

Bleepingcomputer

15.4.19

Important Severity Remote Code Execution Vulnerability Patched in Tomcat

Vulnerebility

Bleepingcomputer

15.4.19

Patched Windows Zero-Day Provided Full Control Over Vulnerable Systems

Vulnerebility

Bleepingcomputer

15.4.19

A new DDoS technique abuses HTML5 Hyperlink Audit Ping in massive attacks

Attack

Securityaffairs

15.4.19

Utah County Struck by Ransomware

Ransomware

Securityweek

15.4.19

Microsoft Outlook Breach Widens in Scope, Impacting MSN And Hotmail – Report

Incindent

Threatpost

15.4.19

Authentication Bypass Bug Hits Top Enterprise VPNs

Vulnerebility

Threatpost

15.4.19

Rogue Waves: Preparing the Internet for the Next Mega DDoS Attack

Attack

Threatpost

15.4.19

New zero-day vulnerability CVE-2019-0859 in win32k.sys

Vulnerebility

Securelist

15.4.19

Google introduces many G Suite security enhancements

Security

Net-security

15.4.19

Healthcare orgs have to achieve true cybersecurity, not only compliance

Cyber

Net-security

15.4.19

The Apache Software Foundation has released

Vulnerebility

Securityaffairs

15.4.19

Locked Shields 2019 – Chapeau, France wins Cyber Defence Exercise

BigBrothers

Securityaffairs

15.4.19

Windows Flaw Exploited to Deliver PowerShell Backdoor

Exploit

Securityweek

15.4.19

Large-scale DDoS Attack Abuses HTML's Hyperlink Audit Ping Facility

Attack

Securityweek

15.4.19

Google Helps Police Identify Devices Close to Crime Scenes Using Location Data

BigBrothers

Thehackernews

15.4.19

Apache Tomcat Patches Important Remote Code Execution Flaw

Vulnerebility

Thehackernews

15.4.19

Multiple Enterprise VPN Apps Allow Attackers to Bypass Authentication

Attack

Bleepingcomputer

15.4.19

Yellow Pencil WordPress Plugin flaw expose tens of thousands of sites

Vulnerebility

Securityaffairs

15.4.19

Romanian duo convicted of fraud Scheme infecting 400,000 computers

Virus

Securityaffairs

15.4.19

Major coordinated disinformation campaign hit the Lithuanian Defense

BigBrothers

Securityaffairs

15.4.19

Whatsapp, Instagram, Facebook down worldwide

Social

Securityaffairs

15.4.19

Attackers hacked support agent to access Microsoft Outlook email accounts

Attack

Securityaffairs

15.4.19

Manufacturing sector most vulnerable to insider threats

Vulnerebility

Net-security

15.4.19

The top emerging risks organizations are facing

Security

Net-security

15.4.19

The correlation between DDoS attacks and cryptomining

Cryptocurrency

Net-security

14.4.19

The Muddy Waters of APT Attacks

APT blog

Checkpoint

14.4.19

Two in Three Hotel Websites Leak Guest Booking Details and Allow Access to Personal Data

Incident blog

Symantec

14.4.19

Microsoft Patch Tuesday – April 2019

Vulnerebility blog

Symantec

14.4.19

Virtually Unlimited Memory: Escaping the Chrome Sandbox

Vulnerebility blog

Project Zero

14.4.19

Sextortion profits decline despite higher volume, new techniques

Spam blog

Cisco Talos

14.4.19

Vulnerability Spotlight: Adobe Acrobat Reader remote code execution

Vulnerebility blog

Cisco Talos

14.4.19

Gustuff banking botnet targets Australia

BotNet blog

Cisco Talos

14.4.19

Microsoft Patch Tuesday — April 2019: Vulnerability disclosures and Snort coverage

Vulnerebility blog

Cisco Talos

14.4.19

Hackers crack university defenses in just two hours

Hacking blog

Eset

14.4.19

WPA3 flaws may let attackers steal Wi-Fi passwords

Attack blog

Eset

14.4.19

Credential-stuffing attacks behind 30 billion login attempts in 2018

Incident blog

Eset

14.4.19

OceanLotus: macOS malware update

Malware blog

Eset

14.4.19

The Nasty List Phishing Scam is Sweeping Through Instagram

Phishing

Bleepingcomputer

14.4.19

RobbinHood Ransomware Claims It's Protecting Your Privacy

Ransomware

Bleepingcomputer

14.4.19

These hackers have breached FBI-affiliated websites and leaked data online

BigBrothers

Securityaffairs

14.4.19

Microsoft's Work with Chinese Military University Raises Eyebrows

BigBrothers

Securityweek

14.4.19

Hackers Compromise Microsoft Support Agent to Access Outlook Email Accounts

Hacking

Thehackernews

14.4.19

Configuring MTA-STS and TLS Reporting For Your Domain

Crypto

SANS

13.4.19

Windows is Slower After April 2019 Updates According to Users

Vulnerebility

Bleepingcomputer

13.4.19

Bill Introduced to Protect the Privacy Rights of Americans

Security

Bleepingcomputer

13.4.19

Malware Creates Cryptominer Botnet Using EternalBlue and Mimikatz

Cryptocurrency

Bleepingcomputer

13.4.19

Thousands of WordPress Sites Exposed by Yellow Pencil Plugin Flaw

Vulnerebility

Bleepingcomputer

13.4.19

Sextortion Scammers Change Tactics to Bypass Spam Protection

Spam

Bleepingcomputer

13.4.19

The hacker behind Matrix.org hack offers advice to improve security

Hacking

Securityaffairs

13.4.19

Malware campaign uses multiple propagation methods, including EternalBlue

Virus

Securityaffairs

13.4.19

Siemens addressed several DoS flaws in many products

ICS

Securityaffairs

13.4.19

Russia Fines Facebook $47 Over Citizens' Data Privacy Dispute

Social

Thehackernews

13.4.19

Encrypted Messaging Project "Matrix" Suffers Extensive Cyber Attack

Attack

Thehackernews

13.4.19

WPA3 design issues and implementation vulnerabilities in hostapd and wpa_supplicant

Alert

Alert

12.4.19

APT28 and Upcoming Elections: evidence of possible interference

APT

Securityaffairs

12.4.19

Emsisoft released a free decryptor for CryptoPokemon ransomware

Ransomware

Securityaffairs

12.4.19

VPN apps insecurely store session cookies in memory and log files

Security

Securityaffairs

12.4.19

Zero-day in popular Yuzo Related Posts WordPress Plugin exploited in the wild

Exploit

Securityaffairs

12.4.19

Microsoft Introduces Security Configuration Framework

Security

Securityweek

12.4.19

Attacker Offers Advice to Matrix.org After Hacking Its Systems

Attack

Securityweek

12.4.19

UK Government Proposes Digital Harms Legislation to Regulate Online Content

BigBrothers

Securityweek

12.4.19

Facebook Pays $120,000 in Bounties at BountyCon

Social

Securityweek

12.4.19

Industry Reactions to New Triton Attacks on Critical Infrastructure

ICS

Securityweek

12.4.19

Bayrob Malware Operators Convicted in the U.S.

Virus

Securityweek

12.4.19

SAS 2019: Joe FitzPatrick Warns of the ‘$5 Supply Chain Attack’

Congress

Threatpost

12.4.19

North Korea’s Hidden Cobra Strikes U.S. Targets with HOPLIGHT

APT

Threatpost

12.4.19

WordPress Yellow Pencil Plugin Flaws Actively Exploited

Exploit

Threatpost

12.4.19

ThreatList: Tax Scammers Launch a Raft of Fake Mobile Apps

Spam

Threatpost

12.4.19

Romanian Duo Convicted of Malware Scheme Infecting 400,000 Computers

Virus

Threatpost

12.4.19

WordPress Urges Users to Uninstall Yuzo Plugin After Flaw Exploited

Exploit

Threatpost

12.4.19

SAS 2019: Fake News Peddlers Adopt Clever New Trick to Fool Facebook, Twitter

Congress

Threatpost

12.4.19

Amazon Auditors Listen to Echo Recordings, Report Says

Security

Threatpost

12.4.19

When Windows 10 Comes to Live: The First Few Minutes in the Live of a Windows 10 System

IT

SANS

12.4.19

Enterprise VPN apps store authentication and session cookies insecurely

Security

Net-security

12.4.19

A quarter of phishing emails bypass Office 365 security

Phishing

Net-security

12.4.19

77% of orgs lack a cybersecurity incident response plan

Incindent

Net-security

12.4.19

CryptoPokemon

Anti-Ramson Tool

Anti-Ramson Tool

12.4.19

Hacked Uniden Commercial Site Serves Emotet Trojan

Virus

Bleepingcomputer

12.4.19

Mozilla Firefox For ARM64 Beta Now Available

IT

Bleepingcomputer

12.4.19

Home Office Leaks the Emails of Hundreds of EU Citizens

Incindent

Bleepingcomputer

12.4.19

Tax Fraud and ID Theft Services Getting Cheaper on the Dark Web

Incindent

Bleepingcomputer

12.4.19

Hyperlink Auditing Pings Being Used to Perform DDoS Attacks

Attack

Bleepingcomputer

12.4.19

Microsoft's April 2019 Updates are Causing Windows to Freeze

Vulnerebility

Bleepingcomputer

12.4.19

VSDC Site Hacked Again to Spread Password Stealing Malware

Virus

Bleepingcomputer

12.4.19

Office 365 Team Discovers Phishing Email Pushing WinRAR Exploit

Exploit

Bleepingcomputer

12.4.19

Popular Yuzo WordPress Plugin Exploited to Redirect Users to Scams

Exploit

Bleepingcomputer

12.4.19

WPA3 Wi-Fi Standard Affected by New Dragonblood Vulnerabilities

Attack

Bleepingcomputer

12.4.19

Threat Group Uses Pastebin, GitHub In SneakyPastes Operation

Security

Bleepingcomputer

12.4.19

Windows 10 Insider Build 18875 Released, Merges Fast and Skip Ahead Rings

Vulnerebility

Bleepingcomputer

12.4.19

DHS and FBI Issue Advisory on North Korean HOPLIGHT Malware

BigBrothers

Bleepingcomputer

12.4.19

Google Wants To Block Potentially Risky Non-Secure Downloads

Security

Bleepingcomputer

12.4.19

New Extortion Email Threatens to Install WannaCry and DDoS Your Network

Attack

Bleepingcomputer

12.4.19

New TajMahal Cyberespionage Kit Includes 80 Malicious Modules

Virus

Bleepingcomputer

12.4.19

25% of Phishing Emails Bypass Office 365 Default Security

Phishing

Bleepingcomputer

12.4.19

Two Thirds of Hotel Sites Leak Guest Booking Info to Third-Parties

Incindent

Bleepingcomputer

12.4.19

Chrome Saying It's Managed by Your Organization May Indicate Malware

Virus

Bleepingcomputer

12.4.19

VSDC video editing software website hacked again

Hacking

Securityaffairs

12.4.19

FBI/DHS MAR report details HOPLIGHT Trojan used by Hidden Cobra APT

APT

Securityaffairs

12.4.19

VMware Patches DoS, Information Disclosure Flaws in Graphics Components

Vulnerebility

Securityweek

12.4.19

WikiLeaks Set 21st Century Model for Cyber-Leak Journalism

Security

Securityweek

12.4.19

Many New Security Features, Services Added to Google Cloud

Security

Securityweek

12.4.19

Julian Assange: A Decade of Stunning Leaks of U.S. Secrets

BigBrothers

Securityweek

12.4.19

Russian MPs Approve Controversial Bill Restricting Internet

BigBrothers

Securityweek

12.4.19

Enterprise IoT Security Firm Armis Raises $65 Million

IoT

Securityweek

12.4.19

Hamas-Linked Threat Actor's Infrastructure Disrupted

APT

Securityweek

12.4.19

The surveillance economy has set its sights on smartphone sensors

Mobil

Net-security

12.4.19

How password-less security benefits helpdesks

Security

Net-security

12.4.19

Who are the biggest targets of credential stuffing attacks?

Attack

Net-security

11.4.19

Large-scale SIM swap fraud

Mobil

Securelist

11.4.19

WikiLeaks Founder Julian Assange arrested and charged in US with computer hacking conspiracy

Crime

Securityaffairs

11.4.19

Assange Charged in US With Computer Hacking Conspiracy

Crime

Securityweek

11.4.19

U.S. Attributes New Trojan to North Korean Hackers

BigBrothers

Securityweek

11.4.19

Siemens Patches Serious DoS Flaws in Many Industrial Products

Vulnerebility

Securityweek

11.4.19

Assange Arrested in London After Ecuador Withdraws Asylum

Crime

Securityweek

11.4.19

Amazon Auditors Listen to Echo Recordings, Report Says

Security

Threatpost

11.4.19

SAS 2019: Fake News Peddlers Adopt Clever New Trick to Fool Facebook, Twitter

Congress

Threatpost

11.4.19

Popular Video Editing Software Website Hacked to Spread Banking Trojan

Virus

Thehackernews

11.4.19

WikiLeaks Founder Julian Assange Arrested After Ecuador Withdraws Asylum

Crime

Thehackernews

11.4.19

Security Flaws in WPA3 Protocol Let Attackers Hack WiFi Password

Attack

Thehackernews

11.4.19

How to Find Hidden Cameras in your AirBNB

Privacy

SANS

11.4.19

WPA3 design flaws affect security of new Wi-Fi standard

Vulnerebility

Net-security

11.4.19

WikiLeaks’ Julian Assange arrested in London

Crime

Net-security

11.4.19

TRITON attackers detected at another critical infrastructure facility

ICS

Net-security

11.4.19

WPA3 attacks allow hackers to hack Wi-Fi password

Attack

Securityaffairs

11.4.19

SAP April 2019 Security Patch Day addresses High severity flaws in Crystal Reports, NetWeaver

Vulnerebility

Securityaffairs

11.4.19

Genesis Store black marketplace offers more than 60k+ stolen bot profiles

CyberCrime

Securityaffairs

11.4.19

'Dragonblood' Flaws in WPA3 Allow Recovery of Wi-Fi Passwords

Attack

Securityweek

11.4.19

Cars Exposed to Hacker Attacks by Hardcoded Credentials in MyCar Apps

Hacking

Securityweek

11.4.19

Cloud Security Firm Bitglass Raises $70 Million

IT

Securityweek

11.4.19

Baldr Stealer Malware Active in the Wild With Ongoing Updates

Virus

Securityweek

11.4.19

TajMahal APT Can Steal Data From CDs, Printer Queues

APT

Securityweek

11.4.19

Over 60,000 Stolen Profiles Sold on Underground Marketplace

Incindent

Securityweek

11.4.19

SAS 2019: Triton ICS Malware Hits A Second Victim

Congress

Threatpost

11.4.19

SAS 2019: Joe FitzPatrick Warns of the ‘$5 Supply Chain Attack’

Congress

Threatpost

11.4.19

The Anatomy of Threat Hunting: What You Need to Know and Why

Security

Threatpost

11.4.19

Vendor risk management programs are running harder just to stay in place

Security

Net-security

11.4.19

Regulating the IoT: Impact and new considerations for cybersecurity and new government regulations

IoT

Net-security

11.4.19

Finance knocks business and professional services off top spot in four most attacked industries

Security

Net-security

11.4.19

Mainframe security is top priority for 85% of IT pros yet few are adequately protecting their systems

Security

Net-security

10.4.19

Yahoo Offers $117.5M Settlement in Data Breach Lawsuit

Incindent

Threatpost

10.4.19

The Anatomy of Threat Hunting: What You Need to Know and Why

Security

Threatpost

10.4.19

SAS 2019: Triton ICS Malware Hits A Second Victim

Congress

Threatpost

10.4.19

[SI-LAB] EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services

Virus

Securityaffairs

10.4.19

Minnesota Department of Human Services suffered a security breach

Securityaffairs

10.4.19

Microsoft April 2019 Patch Tuesday fixes Windows 0days under attack

Vulnerebility

Securityaffairs

10.4.19

Sophisticated TajMahal APT Framework remained under the radar for 5 years

APT

Securityaffairs

10.4.19

Yoroi Welcomes “Yomi: The Malware Hunter”

Virus

Securityaffairs

10.4.19

Experts spotted a new Mirai variant that targets new processors

BotNet

Securityaffairs

10.4.19

Czech Court: Rights of Alleged Russian Hacker Violated

Security

Securityweek

10.4.19

SAP Patches High Severity Flaws in Crystal Reports, NetWeaver

Vulnerebility

Securityweek

10.4.19

Reservation Systems Used by Many Hotels Expose User Data

Incindent

Securityweek

10.4.19

Hackers Behind Triton ICS Malware Found in 2nd Critical Infrastructure Facility

ICS

Securityweek

10.4.19

Sophisticated 'TajMahal APT Framework' Remained Undetected for 5 Years

APT

Thehackernews

10.4.19

Demo Exploit Code Available for Privilege Escalation Bug in Windows

Exploit

Bleepingcomputer

10.4.19

Windows Server 2008 Requires KB4493730 to Get Future Updates

Vulnerebility

Bleepingcomputer

10.4.19

Criminal Market Sells Over 60K Digital Identities For $5-$200

CyberCrime

Bleepingcomputer

10.4.19

Microsoft's April 2019 Patch Tuesday Fixes 74 Vulnerabilities

Vulnerebility

Bleepingcomputer

10.4.19

Windows 10 April 2019 Cumulative Updates Released With Fixes

Vulnerebility

Bleepingcomputer

10.4.19

Adobe Releases April 2019 Security Updates for Flash, Shockwave, and More

Vulnerebility

Bleepingcomputer

10.4.19

Cryptominers Still Top Threat In March Despite Coinhive Demise

Cryptocurrency

Bleepingcomputer

10.4.19

April 2019 Patch Tuesday: Microsoft fixes two actively exploited bugs

Vulnerebility

Net-security

10.4.19

Adobe Patch Tuesday updates for April 2019 address 43 flaws in its products

Vulnerebility

Securityaffairs

10.4.19

Yahoo proposes $117.5 million for the settlement of data breach

Incindent

Securityaffairs

10.4.19

Experts spotted the iOS version of the Exodus surveillance app

Apple

Securityaffairs

10.4.19

LimeRAT spreads in the wild

Virus

Securityaffairs

10.4.19

Minnesota State Agency Breach May Have Put Thousands at Risk

BigBrothers

Securityweek

10.4.19

Microsoft Patches Windows Privilege Escalation Flaws Exploited in Attacks

Exploit

Securityweek

10.4.19

New Mirai Variant Targets More Processor Architectures

BotNet

Securityweek

10.4.19

Adobe Patches 43 Flaws Across Eight Products

Vulnerebility

Securityweek

10.4.19

Microsoft Releases April 2019 Security Updates — Two Flaws Under Active Attack

Vulnerebility

Thehackernews

10.4.19

Adobe Releases Security Patches for Flash, Acrobat Reader, Other Products

Vulnerebility

Thehackernews

10.4.19

Gaza Cybergang Group1, operation SneakyPastes

APT

Securelist

10.4.19

Project TajMahal – a sophisticated new APT framework

APT

Securelist

10.4.19

SAS 2019: Meet ‘TajMahal,’ A New and Highly Advanced APT Framework

Congress

Threatpost

10.4.19

SAS 2019: Genesis Marketplace Peddles 60K Stolen Digital Identities

Congress

Threatpost

10.4.19

SAS 2019: Gaza Cybergang Blends Sophistication Levels in Highly Effective Spy Effort

Congress

Threatpost

10.4.19

Intel Patches High-Severity Flaws in Media SDK, Mini PC

Vulnerebility

Threatpost

10.4.19

Adobe Fixes 24 Critical Flaws in Acrobat Reader, Flash, Shockwave Player

Vulnerebility

Threatpost

10.4.19

Blue + Red: An Infosec Purple Pyramid

Hacking

SANS

10.4.19

Hacking healthcare: A call for infosec researchers to probe biomedical devices

Hacking

Net-security

10.4.19

What hackers inside your company are after: Convenience

Hacking

Net-security

10.4.19

Windows 10: New update controls for end users, automatic removal of broken updates

Vulnerebility

Net-security

10.4.19

Coinhive stops digging, but cryptomining still dominates

Cryptocurrency

Net-security

9.4.19

Distributor of the Reveton Police Ransomware Jailed by UK's NCA

Ransomware

Bleepingcomputer

9.4.19

New Info-stealer Baldr Emerges As a Reliable, Long-Term Player

Virus

Bleepingcomputer

9.4.19

Verizon Fixes Bugs Allowing Full Control of Fios Quantum Router

Vulnerebility

Bleepingcomputer

9.4.19

Mirai Botnet Variants Targeting New Processors and Architectures

BotNet

Bleepingcomputer

9.4.19

Phishing Scheme Uses Legit Signup Forms to Steal Payment Card Data

Phishing

Bleepingcomputer

9.4.19

Microsoft’s Chromium-Based Edge Coming to Windows 10 ARM PCs

IT

Bleepingcomputer

9.4.19

Xiaomi Browsers Still Vulnerable After Failed Patches

Vulnerebility

Bleepingcomputer

9.4.19

Windows 10 Microsoft Edge Installer Also Works on Windows 7

IT

Bleepingcomputer

9.4.19

Microsoft Released the Windows 10 May 2019 Update to Insiders

Vulnerebility

Bleepingcomputer

9.4.19

Anubis Android Trojan Spotted with Almost Functional Ransomware Module

Ransomware

Bleepingcomputer

9.4.19

The Chromium-Based Microsoft Edge Browser Is Now Available

IT

Bleepingcomputer

9.4.19

UK Investigating Microsoft, Nintendo and Sony for Billing Practices

BigBrothers

Bleepingcomputer

9.4.19

Cyber Attack Shuts Down Hoya Corp's Thailand Plant for Three Days

Cyber

Bleepingcomputer

9.4.19

Students Hack High School WiFi to Get Out of Tests

Hacking

Bleepingcomputer

9.4.19

UK Wants to Hold Companies Liable for Harmful Online Behavior

BigBrothers

Bleepingcomputer

9.4.19

Hacker's Claims of Breaching Israeli Voter Registry Under Investigation

BigBrothers

Bleepingcomputer

9.4.19

Digital Doppelgangers

Virus

Securelist

9.4.19

Researcher Reveals Multiple Flaws in Verizon Fios Routers — PoC Released

Vulnerebility

Thehackernews

9.4.19

iOS Version of Exodus Spyware Discovered in an Escalating Italian Spy Scandal

Apple

Securityweek

9.4.19

New Version of Flame Malware Platform Discovered

Virus

Securityweek

9.4.19

Duqu Remained Active After Operations Were Exposed in 2011

Virus

Securityweek

9.4.19

Verizon Patches Vulnerabilities Affecting Millions of Routers

Vulnerebility

Securityweek

9.4.19

Verizon Router Command Injection Flaw Impacts Millions

Exploit

Threatpost

9.4.19

Samsung Galaxy S10 Fingerprint Sensor Duped With 3D Print

Mobil

Threatpost

9.4.19

'Exodus' Surveillance Malware Found Targeting Apple iOS Users

Apple

Thehackernews

9.4.19

New Module Suggests Fourth Team Involved in Stuxnet Development

Virus

Securityweek

9.4.19

TP-Link Routers Vulnerable to Zero-Day Buffer Overflow Attack

Attack

Threatpost

9.4.19

SAS 2019: Genesis Marketplace Peddles 60K Stolen Digital Identities

Congress

Threatpost

9.4.19

SAS 2019: 4 Stuxnet-Related APTs Form Gossip Girl, an ‘Apex Threat Actor’

Congress

Threatpost

9.4.19

Gain immediate visibility into your actual cyber risk for free

Cyber

Net-security

9.4.19

PoC exploit for Carpe Diem Apache bug released

Exploit

Net-security

9.4.19

Gulf countries came under hackers’ spotlight in 2018, with more than 130 000 payment cards compromised

Incindent

Securityaffairs

9.4.19

AeroGrow suffered a payment card data breach

Incindent

Securityaffairs

9.4.19

Attorney: Mar-a-Lago Infiltrator Had Hidden-Camera Detector

Virus

Securityweek

9.4.19

Leap in Cyber Attacks Against Elections in OECD Countries: Canada

Attack

Securityweek

9.4.19

SEC Allows Shareholder Votes on Amazon Facial "Rekognition"

Spam

Securityweek

9.4.19

Apple Device Management Firm Fleetsmith Raises $30 Million

Apple

Securityweek

9.4.19

A few Ghidra tips for IDA users, part 1 - the decompiler/unreachable code

Virus

SANS

9.4.19

Is your organization getting physical security right?

Security

Net-security

9.4.19

Adhering to the mobility requirements of NIST 800-171 does not have to keep you awake at night

Security

Net-security

9.4.19

Framing supply chain attacks

Attack

Net-security

9.4.19

90% of OT organizations are cyberattack victims, yet visibility into OT systems is still limited

Cyber

Net-security

8.4.19

SAS 2019: Exodus Spyware Found Targeting Apple iOS Users

Congress

Threatpost

8.4.19

Spam Campaigns Spread TrickBot Malware with Tax Lure

Spam

Threatpost

8.4.19

Victims of Planetary Ransomware can decrypt their files for free

Ransomware

Securityaffairs

8.4.19

Recent Roaming Mantis campaign hit hundreds of users worldwide

Cyber

Securityaffairs

8.4.19

Cyber Risk Company RiskLens Raises $20 Million

IT

Securityweek

8.4.19

With $600 Million Cybersecurity Budget, JPMorgan Chief Endorses AI and Cloud

Cyber

Securityweek

8.4.19

Cost of Data Breach in UK Increases More Than 41% in Two Years

Incindent

Securityweek

8.4.19

NSA Releases Reverse Engineering Tool’s Source Code

BigBrothers

Securityweek

8.4.19

Most OT Organizations Hit by Damaging Cyberattacks: Survey

Cyber

Securityweek

8.4.19

FileTSAR: Free digital forensic investigations toolkit for law enforcement

Forensics

Net-security

8.4.19

Magento sites under attack through easily exploitable SQLi flaw

Exploit

Net-security

8.4.19

Decrypter for Planetary

Anti-Ramson Tool

Anti-Ramson Tool

8.4.19

Sextortion Scams Now Using Password Protected Evidence Files

Spam

Bleepingcomputer

8.4.19

Planetary Ransomware Decryptor Gets Your Files Back For Free

Ransomware

Bleepingcomputer

8.4.19

Major Browsers to Prevent Disabling of Click Tracking Privacy Risk

Privacy

Bleepingcomputer

8.4.19

AI Chatbot Helps People Find Info on Scams and Frauds

Spam

Bleepingcomputer

8.4.19

Unofficial patches released for Java flaws disclosed by Google Project Zero

Vulnerebility

Securityaffairs

8.4.19

Rockwell Automation fixes multiple DoS flaws in Stratix Switch introduced by Cisco Software

Vulnerebility

Securityaffairs

8.4.19

Payment Card Data Stolen From AeroGrow Website

Incindent

Securityweek

8.4.19

Fake Office 365 Payment Information Update

Phishing

SANS

8.4.19

Perimeter solutions: Do layers of security make a difference?

Security

Net-security

8.4.19

CIOs and CISOs hold off on crucial updates due to potential impact on business operations

Security

Net-security

8.4.19

Securing your app and driving down call center fraud

Mobil

Net-security

8.4.19

Insights gained from working on more than 750 cybersecurity incidents

Cyber

Net-security

8.4.19

The unique business-critical threats facing converged IT-OT systems

Security

Net-security

8.4.19

Scaling innovation is critical for digital transformation success, but clearly presents a challenge

Security

Net-security

7.4.19

DNS hijacking campaigns target Gmail, Netflix, and PayPal users

Hacking

Securityaffairs

7.4.19

FIN6 group starts using LockerGoga and Ryuk Ransomware

Ransomware

Securityaffairs

7.4.19

DoS flaw in several MikroTik Routers exploited in attacks

Exploit

Securityaffairs

7.4.19

Magento Attacked Through Card Skimming Exploit

Exploit

Securityaffairs

6.4.19

Genesee County, Michigan Recovering from Ransomware Attack

Ransomware

Bleepingcomputer

6.4.19

FIN6 Group Diversifies Activity, Uses LockerGoga and Ryuk Ransomware

Ransomware

Bleepingcomputer

6.4.19

Google Adding Chrome Admin Policy to Uninstall Blacklisted Extensions

Security

Bleepingcomputer

6.4.19

Qt5-Based GUI Apps Susceptible to Remote Code Execution

Exploit

Bleepingcomputer

6.4.19

Year-Old DoS Vulnerability Allows Attacks on Some MikroTik Routers

Vulnerebility

Bleepingcomputer

6.4.19

EU States Test and Strengthen Readiness for Election Cyber Threats

Cyber

Bleepingcomputer

6.4.19

Cybercrime Market with Roughly 385,000 Members Found on Facebook

Social

Bleepingcomputer

6.4.19

Ransom

Anti-Ramson Tool

Anti-Ramson Tool

6.4.19

Hackers can add, remove cancer and other illnesses from Computer Tomography scans

Hacking

Securityaffairs

6.4.19

Hackers Can Add, Remove Cancer From CT Scans: Researchers

Hacking

Securityweek

6.4.19

Ongoing DNS Hijacking Campaign Targets Gmail, PayPal, Netflix Users

Phishing

Securityweek

6.4.19

Beagle: Graph transforms for DFIR data & logs

Security

SANS

5.4.19

ICO Fines London Council for Gangs Matrix Data Leak Exposing 203 People

Incindent

Bleepingcomputer

5.4.19

Study Shows Screen Time Before Bed Is Not Bad For Teenagers

Security

Bleepingcomputer

5.4.19

Beware of Calls Saying Your Social Security Number is Suspended

Social

Bleepingcomputer

5.4.19

Xwo Malware scans the Internet for Exposed Services, Default Passwords

Virus

Securityaffairs

5.4.19

Ursnif: The Latest Evolution of the Most Popular Banking Malware

Virus

Securityaffairs

5.4.19

Flaws in Pre-Installed security App on Xiaomi Phones open to hack them

Vulnerebility

Securityaffairs

5.4.19

Step By Step Office Dropper Dissection

Virus

Securityaffairs

5.4.19

More than 2 million Apache HTTP servers still affected by CVE-2019-0211 flaw

Vulnerebility

Securityaffairs

5.4.19

Foreign Interference in Canadian Election 'Very Likely', Says Minister

BigBrothers

Securityweek

5.4.19

Unofficial Patch Released for Java Flaws Found by Google Researcher

Vulnerebility

Securityweek

5.4.19

Rockwell Patches Stratix Switch Flaws Introduced by Cisco Software

Vulnerebility

Securityweek

5.4.19

Unpatched Flaw in Xiaomi's Built-in Browser App Lets Hackers Spoof URLs

Vulnerebility

Thehackernews

5.4.19

Hackers Abuse Google Cloud Platform to Attack D-Link Routers

Attack

Threatpost

5.4.19

LokiBot Trojan Spotted Hitching a Ride Inside .PNG Files

Virus

Threatpost

5.4.19

Consumer routers targeted by DNS hijacking attackers

Attack

Net-security

5.4.19

April Patch Tuesday Forecast: Be aware of end-of-service issues and browser exploits

Exploit

Net-security

5.4.19

Hundreds of millions of UC Browser users for Android are threatened

OS Blog

Dr Web

5.4.19

Doctor Web: Android banker Flexnet uses computer games to steal money from users

Cryptocurrency blog

Dr Web

5.4.19

Study of the Belonard Trojan, exploiting zero-day vulnerabilities in Counter-Strike 1.6

Vulnerebility blog

Dr Web

5.4.19

Doctor Web’s experts reveal a Trojan exploiting zero-day vulnerabilities of the official Counter Strike client

Malware blog

Dr Web

5.4.19

Doctor Web warns: Cybercriminals spread Android Trojans via Instagram

Malware blog

Dr Web

5.4.19

Doctor Web has detected malicious activity in a cryptocurrency monitoring tool 

Cryptocurrency blog

Dr Web

5.4.19

Reverse Engineering the April Fools Snake Game For Fun (and No Profit)

OS Blog

Checkpoint

5.4.19

Vulnerability in Xiaomi Pre-Installed Security App

Vulnerebility blog

Checkpoint

5.4.19

Dozens of Apps on Microsoft Store Displaying Adult, Gambling Content

Malware blog

Symantec

5.4.19

540 million records on Facebook users exposed by third-party apps

Social blog

Eset

5.4.19

NIST cybersecurity resources for smaller businesses

Security blog

Eset

5.4.19

Windows 10 Insider Build 18362.30 Released to Fix Boot Breaking Bug

Vulnerebility

Bleepingcomputer

5.4.19

Researchers Hack Google Maps Snake Game to Add God Mode, AI Auto-Play

Hacking

Bleepingcomputer

5.4.19

Microsoft Is Redesigning the Windows 10 Update Experience

Vulnerebility

Bleepingcomputer

5.4.19

Windows 10 May 2019 Update Announced, Insiders Get it First

Vulnerebility

Bleepingcomputer

5.4.19

Xiaomi Pre-Installed Security App Vulnerable to MiTM Attacks

Attack

Bleepingcomputer

5.4.19

Samsung Galaxy S10 Fingerprint Scanner Tricked with 3D Print

Mobil

Bleepingcomputer

5.4.19

Windows 10 1809 Changed the Default Removal Policy for External Drives

Vulnerebility

Bleepingcomputer

5.4.19

London Blue Scammers Extend Operation, Attack Targets in Asia

Spam

Bleepingcomputer

5.4.19

CIA Exortion Scams Using SatoshiBox to Sell Alleged Proof for $500

BigBrothers

Bleepingcomputer

5.4.19

New Xwo Web Scanner Helps MongoLock Ransomware Find Victims

Ransomware

Bleepingcomputer

5.4.19

Windows 10 News App Blunder Made Users Think They're Infected

IT

Bleepingcomputer

5.4.19

Financial Mobile Apps Fail to Follow Proper Security Standards

Mobil

Bleepingcomputer

5.4.19

Windows 10 1809 Cumulative Update Released with Huge List of Fixes

Vulnerebility

Bleepingcomputer

5.4.19

540 Mllion Facebook Records Leaked by Public Amazon S3 Buckets

Social

Bleepingcomputer

5.4.19

Realistic Phishing Attacks Take Advantage of U.S. Tax Season

Phishing

Bleepingcomputer

5.4.19

NVIDIA Fixes Flaws in Linux4Tegra Driver for Jetson AI Supercomputers

Vulnerebility

Bleepingcomputer

5.4.19

This Preinstalled Mobile Security App Delivered Vulnerabilities, Not Protection

Mobil

Threatpost

5.4.19

Facebook and Amazon are Locked in a Blame Game Over Leaked Data: Who’s Really To Blame?

Privacy

Threatpost

5.4.19

Hackers Could Turn Pre-Installed Antivirus App on Xiaomi Phones Into Malware

Virus

Thehackernews

5.4.19

Cisco fixes flaws RV320 and RV325 routers targeted in attacks

Attack

Securityaffairs

5.4.19

NSA releases the source code of the GHIDRA reverse engineering framework

BigBrothers

Securityaffairs

5.4.19

US Colleges Halt Work With Huawei Following Federal Charges

BigBrothers

Securityweek

5.4.19

NVIDIA Patches High Severity Flaws in Tegra Drivers

Vulnerebility

Securityweek

5.4.19

New 'Xwo' Malware Looks for Exposed Services, Default Passwords

Virus

Securityweek

5.4.19

Hundreds Targeted in Recent Roaming Mantis Campaign

Cyber

Securityweek

5.4.19

Cisco Patches Router Vulnerabilities Targeted in Attacks

Vulnerebility

Securityweek

5.4.19

WHOIS after GDPR: A quick recap for CISOs

Privacy

Net-security

5.4.19

Only 12% of enterprises are consistently able to detect insider threats

Security

Net-security

5.4.19

What is shadow mining and why is it a security threat?

Security

Net-security

5.4.19

85% of organizations fail to meet even basic PAM security hygiene

Security

Net-security

5.4.19

Vendor revenue from IT infrastructure products for cloud environments grew 28% year over year

Security

Net-security

4.4.19

SAS 2019 to Tackle APTs, Supply Chains and More

APT

Threatpost

4.4.19

BEC Scam Gang London Blue Evolves Tactics, Targets

Spam

Threatpost

4.4.19

Nvidia Fixes 8 High-Severity Flaws Allowing DoS, Code Execution

Vulnerebility

Threatpost

4.4.19

Free Cynet Threat Assessment for Mid-sized and Large Organizations

Security

Threatpost

4.4.19

How to Maximize the Value of Your Cybersecurity Investment

Cyber

Threatpost

4.4.19

BasBanke: Trend-setting Brazilian banking Trojan

Virus

Securelist

4.4.19

The German chemicals giant Bayer hit by a cyber attack

Attack

Securityaffairs

4.4.19

New XLoader variant leverage Twitter to hide C2 addresses

Virus

Securityaffairs

4.4.19

Advantech addressed code execution and DoS flaws in WebAccess software

Vulnerebility

Securityaffairs

4.4.19

TXOne Networks Unveils First Industrial Cybersecurity Product

Cyber

Securityweek

4.4.19

Microsoft Not Concerned About Disclosed Edge, IE Flaws

Vulnerebility

Securityweek

4.4.19

Facebook Demanded User Email Passwords

Social

Securityweek

4.4.19

Bayer Confirms Cyber Attack But Says No Data Stolen

Attack

Securityweek

4.4.19

NSA Releases GHIDRA Source Code — Free Reverse Engineering Tool

Security

Thehackernews

4.4.19

New Waves of Scans Detected by an Old Rule

Security

SANS

4.4.19

Vulnerability found in Guard Provider, Xiaomi’s pre-installed security app

Vulnerebility

Net-security

4.4.19

Microsoft rolls out new security capabilities for Azure customers

Security

Net-security

4.4.19

Roaming Mantis, part IV

Virus

Securelist

4.4.19

Experts found 540 Million Facebook user records on unprotected Amazon S3 buckets

Social

Securityaffairs

4.4.19

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

APT

Securityaffairs

4.4.19

AWS S3 Buckets Exposed Millions of Facebook Records

Social

Securityweek

4.4.19

XLoader Trojan Poses as Security App for Android

Android

Securityweek

4.4.19

Canadian Authorities Raid RAT Developer

Virus

Securityweek

4.4.19

Microsoft Paid $2,000,000 in Bounty Rewards in 2018

Security

Securityweek

4.4.19

Long Equipment Life Cycles Expose Manufacturing Industry to Attacks: Study

Attack

Securityweek

4.4.19

540 Million Facebook User Records Found On Unprotected Amazon Servers

Social

Thehackernews

4.4.19

WordPress iOS App Bug Leaked Secret Access Tokens to Third-Party Sites

Apple

Thehackernews

4.4.19

The security challenges that come with serverless computing

Security

Net-security

4.4.19

Attackers fighting back against security teams while also targeting supply chains

Attack

Net-security

4.4.19

79% of organizations want a federal privacy law amid lack of compliance

Privacy

Net-security

4.4.19

As fraud attacks grow more sophisticated, a need for contextual detection strategies increases

Attack

Net-security

4.4.19

Organizations still use low levels or no automation of key security and incident response tasks

Incindent

Net-security

4.4.19

Backdoors inevitably create vulnerabilities that can be exploited by malicious actors

Virus

Net-security

3.4.19

Splitting atoms in XNU

Vulnerebility blog

Project Zero

3.4.19

Look who’s stalking

Cyber blog

Eset

3.4.19

Cryptocurrency exchange loses millions in heist

Cryptocurrency blog

Eset

3.4.19

Insider Attacks More Common, Harder to Detect After Cloud Migration

Attack

Bleepingcomputer

3.4.19

Georgia Tech Data Breach Exposes Info for 1.3 Million People

Incindent

Bleepingcomputer

3.4.19

Dozens of Credit Card Info Skimming Scripts Infect Thousands of Sites

Virus

Bleepingcomputer

3.4.19

CIA Porn Extortion Scams Now Use Password Protected PDFs

BigBrothers

Bleepingcomputer

3.4.19

Verizon Customers Targeted in Mobile-Focused Phishing Campaigns

Phishing

Bleepingcomputer

3.4.19

Azure AD Password Protection Available, Lowers Spray Attack Risks

Attack

Bleepingcomputer

3.4.19

Cryptojacking Still a Foreign Concept for Many Security Pros

Cryptocurrency

Bleepingcomputer

3.4.19

Chromium Microsoft Edge Can Play 4K Netflix Video, Unlike Chrome

IT

Bleepingcomputer

3.4.19

OceanLotus APT Uses Steganography to Load Backdoors

APT

Bleepingcomputer

3.4.19

Mozilla Aims to Reduce Web Site Notification Spam in Firefox

Spam

Bleepingcomputer

3.4.19

Apache Bug Lets Normal Users Gain Root Access Via Scripts

Vulnerebility

Bleepingcomputer

3.4.19

Chromium-Based Microsoft Edge Added to Windows 10 Sandbox

Security

Bleepingcomputer

3.4.19

Google Fixes Two Critical Android Code Execution Vulnerabilities

Vulnerebility

Bleepingcomputer

3.4.19

U.S. Airlines Cancel, Delay Flights Because of Aerodata Outage

Security

Bleepingcomputer

3.4.19

Notepad++ Adds GPG Signature to Verify Authenticity

IT

Bleepingcomputer

3.4.19

New York Albany Capital Hit by Ransomware Attack

Ransomware

Bleepingcomputer

3.4.19

Torrent Malware Goes Down as Pirated Streaming Usage Increases

Virus

Bleepingcomputer

3.4.19

vxCrypter Is the First Ransomware to Delete Duplicate Files

Ransomware

Bleepingcomputer

3.4.19

Researchers Trick Tesla to Drive into Oncoming Traffic

Security

Bleepingcomputer

3.4.19

Mobile-First Phishing Kit Targets Verizon Customers

Phishing

Threatpost

3.4.19

ThreatList: Half of All Attacks Aim at Supply Chain

Attack

Threatpost

3.4.19

Researchers Trick Tesla to Drive into Oncoming Traffic

IT

Bleepingcomputer

3.4.19

Chrome May Soon Allow Custom Avatars for Browser Profiles

IT

Bleepingcomputer

3.4.19

Beware of stalkerware

Cyber

Securelist

3.4.19

Group-IB report: JS-sniffers infected 2440 websites around the world

Virus

Securityaffairs

3.4.19

Georgia Tech security breach exposed up to 1.3 million individuals

Incindent

Securityaffairs

3.4.19

Code Execution, DoS Flaws Patched in Advantech WebAccess

Vulnerebility

Securityweek

3.4.19

Container Security Firm Aqua Raises $62 Million

IT

Securityweek

3.4.19

Georgia Tech Data Breach Exposes 1.3 Million Users' Personal Data

Incindent

Thehackernews

3.4.19

In-Depth Analysis of JS Sniffers Uncovers New Families of Credit Card-Skimming Code

Virus

Thehackernews

3.4.19

A few Ghidra tips for IDA users, part 0 - automatic comments for API call parameters

Virus

SANS

3.4.19

Patched Apache flaw is a serious threat for web hosting providers

Vulnerebility

Net-security

3.4.19

Facebook Caught Asking Some Users Passwords for Their Email Accounts

Social

Thehackernews

3.4.19

New Apache Web Server Bug Threatens Security of Shared Web Hosts

Vulnerebility

Thehackernews

3.4.19

Georgia Tech data breach: 1.3M students and staff potentially affected

Incindent

Net-security

3.4.19

Crooks use hidden directories of compromised HTTPS sites to deliver malware

Virus

Securityaffairs

3.4.19

CVE-2019-0211 Apache flaw allows getting root access via script

Vulnerebility

Securityaffairs

3.4.19

Georgia Tech Breach Hits Up to 1.3 Million People

Incindent

Securityweek

3.4.19

Chinese Woman Carrying Malware Allegedly Got Into Mar-a-Lago

Virus

Securityweek

3.4.19

Google Patches Critical Vulnerabilities in Android's Media Framework

Android

Securityweek

3.4.19

To DevSecOps or not to DevSecOps?

Security

Net-security

3.4.19

Digital transformation goes hand-in-hand with Zero Trust security

Security

Net-security

3.4.19

Women are increasingly climbing the cybersecurity leadership ladder

Cyber

Net-security

3.4.19

Securing your home increasingly means securing all of your IoT devices

IoT

Net-security

3.4.19

Current and emerging third-party cyber risk management approaches and challenges

Cyber

Net-security

3.4.19

Consumers concerned about privacy but willing to take risks for convenience

Privacy

Net-security

2.4.19

Financial Apps are Ripe for Exploit via Reverse Engineering

Exploit

Threatpost

2.4.19

Mobile-First Phishing Kit Targets Verizon Customers

Phishing

Threatpost

2.4.19

Google’s April Android Security Bulletin Warns of 3 Critical Bugs

Android

Threatpost

2.4.19

26k+ Kibana Instances exposed Elasticsearch databases online

Incindent

Securityaffairs

2.4.19

ACROS Security Launches 0patch PRO

Vulnerebility

Securityweek

2.4.19

PoC Exploits Released for Unpatched Edge, IE Vulnerabilities

Vulnerebility

Securityweek

2.4.19

A LockerGoga primer and decrypters for Mira and Aurora ransomwares

Ransomware

Net-security

2.4.19

Game of Threats

Security

Securelist

2.4.19

Analyzing AZORult malware using NSA Ghidra suite

Virus

Securityaffairs

2.4.19

Closure JavaScript Library introduced XSS issue in Google Search and potentially other services

Vulnerebility

Securityaffairs

2.4.19

BREAKING: new update about DDoS’er Linux/DDoSMan ELF malware based on Elknot

Virus

Securityaffairs

2.4.19

Israeli Watchdog Finds Online Manipulation Ahead of Vote

BigBrothers

Securityweek

2.4.19

Application Security Management Firm Sqreen Raises $14 Million

IT

Securityweek

2.4.19

Mira and Aurora Decryptor

Anti-Ramson Tool

Anti-Ramson Tool

2.4.19

Computer systems in the City of Albany hit in Ransomware Attack

Ransomware

Securityaffairs

2.4.19

Security Policy Management Firm Tufin Sets Terms for IPO

Security

Securityweek

2.4.19

Facebook's Call for Global Internet Regulation Sparks Debate

Social

Securityweek

2.4.19

Preview: SecurityWeek's 2019 Singapore ICS Cyber Security Conference – Apr. 16-18

Congress

Securityweek

2.4.19

Head of Money Mule Operation Extradited to the United States

BigBrothers

Securityweek

2.4.19

JavaScript Library Introduced XSS Flaw in Google Search

Vulnerebility

Securityweek

2.4.19

Google Warns of Growing Android Attack Vector: Backdoored SDKs and Pre-Installed Apps

Android

Threatpost

2.4.19

March Madness Scams Give Attackers Fast Break

Spam

Threatpost

2.4.19

Fake AV is Back: LaCie Network Drives Used to Spread Malware

Virus

SANS

2.4.19

The CIO’s greatest roadblock to Agile development: Security governance

Security

Net-security

2.4.19

Encryption deployment increases as organizations struggle to address compliance requirements

Crypto

Net-security

2.4.19

90% of companies interested in crowdsourced security programs

Security

Net-security

2.4.19

Financial sector recognizes the benefits of hybrid cloud but still struggles to enable IT transformation

Security

Net-security

2.4.19

45% of taxpayers do not securely store tax documents

Security

Net-security

1.4.19

Attackers Store Malware in Hidden Directories of Compromised HTTPS Sites

Virus

Securityweek

1.4.19

Exodus Android Spyware With Possible Links to Italian Government Analyzed

Android

Securityweek

1.4.19

Magento Patches Critical Vulnerabilities

Vulnerebility

Securityweek

1.4.19

Serious Path Traversal Flaw Found in Kubernetes

Vulnerebility

Securityweek

1.4.19

Buca di Beppo, Planet Hollywood Restaurants Hit by Card Breach

Incindent

Securityweek

1.4.19

0-Day in TP-Link SR20 Routers Allows Command Execution

Vulnerebility

Securityweek

1.4.19

Investigator Says Amazon Chief's Phone Hacked by Saudis

Hacking

Securityweek

1.4.19

Thousands of Unprotected Kibana Instances Exposing Elasticsearch Databases

Incindent

Thehackernews

1.4.19

Investigator told Saudis hacked into Amazon CEO Jeff Bezos’ phone

Cyber

Securityaffairs

1.4.19

Buca di Beppo, Planet Hollywood and other restaurants owned by Earl Enterprises hit by card breach

Incindent

Securityaffairs

1.4.19

New Linux/DDosMan threat emerged from an evolution of the older Elknot

Virus

Securityaffairs

1.4.19

VMware addressed vulnerabilities disclosed at Pwn2Own 2019

Congress

Securityaffairs

1.4.19

Intel VISA Tech Can Be Abused, Researchers Allege

Security

Threatpost

1.4.19

Medical Weed Dispensary Exposes Health Data for Thousands

Incindent

Threatpost

1.4.19

ThreatList: Game of Thrones, a Top Malware Conduit for Cybercriminals

Cyber

Threatpost

1.4.19

Google Play Boots Italian Spyware Apps That Infected Hundreds

Android

Threatpost

1.4.19

Analysis of PDFs Created with OpenOffice/LibreOffice

Security

SANS

1.4.19

Microsoft adds tamper protection to Microsoft Defender ATP

Safety

Net-security

1.4.19

3.1 million customer records possibly stolen in Toyota hack

Incindent

Net-security

1.4.19

How to Marie Kondo your data

Security

Net-security

1.4.19

Nearly all consumers are backing up their computers, but data loss is here to stay

Security

Net-security

1.4.19

Main threat source to industrial computers? Mass-distributed malware

Virus

Net-security

1.4.19

Organizations investing in security analytics and machine learning to tackle cyberthreats

Cyber

Net-security

1.4.19

Security and privacy still the top inhibitors of cloud adoption

Privacy

Net-security

1.4.19

Automatically and invisibly encrypt email as soon as it is received on any trusted device

Crypto

Net-security

31.3.19

Five Easy Steps to Keep on Your Organization’s DevOps Security Checklist

Vulnerebility blog

F5 Labs

31.3.19

Application Protection Report 2019, Episode 1: PHP Reconnaissance

Security blog

F5 Labs

31.3.19

Why Attacks on Cryptocurrency Exchanges Show No Signs of Slowing Down

Cryptocurrency blog

F5 Labs

31.3.19

4 Areas Where Infosec Facts and Fiction Clash: Mind the Gap Pt. 1

Cyber blog

F5 Labs

31.3.19

Commando VM: The First of Its Kind Windows Offensive Distribution

Security blog

FireEye

31.3.19

World Backup Day: Is your data in safe hands?

Cyber blog

Eset

31.3.19

Man jailed for destroying former employer’s data

Cyber blog

Eset

31.3.19

Global police arrest dozens of people in dark web sting

Cyber blog

Eset

31.3.19

Ex-NSA contractor Harold Thomas Martin pleads guilty to federal charge of willful retention of national defense information

BigBrothers

Securityaffairs

31.3.19

Experts released the List of ~600 MAC addresses hit in ASUS hack

Hacking

Securityaffairs

31.3.19

Ironically, Phishing Kit Hosted on Nigerian Government Site

BigBrothers

Bleepingcomputer

31.3.19

Windows 10 Build 1903 Opens Folders in Their Own Process by Default

IT

Bleepingcomputer

31.3.19

Microsoft took control of 99 domains used by Iran-linked Phosphorus APT

APT

Securityaffairs

31.3.19

Exodus, a government malware that infected innocent victims

Virus

Securityaffairs

31.3.19

"404" is not Malware

Virus

SANS

30.3.19

Windows 10 April 2019 Update Almost Ready After Anti-Cheat Bug Fix

Vulnerebility

Bleepingcomputer

30.3.19

MAC Addresses Targeted by the ASUS Supply Chain Attack Now Available

Vulnerebility

Bleepingcomputer

30.3.19

Oracle Sends Warning Emails About Paid-for Critical Java 8 Update

Vulnerebility

Bleepingcomputer

30.3.19

VMware Fixes Critical Vulnerabilities in ESXi, Workstation and Fusion

Vulnerebility

Bleepingcomputer

30.3.19

Toyota Security Breach Exposes Personal Info of 3.1 Million Clients

Incindent

Bleepingcomputer

30.3.19

Chromium Browsers to Get SVG Support for Site Favicons

IT

Bleepingcomputer

30.3.19

Only 10% of Tech Companies Protected From Phishing by DMARC Enforcement

Spam

Bleepingcomputer

30.3.19

IoT Attacks Escalating with a 217.5% Increase in Volume

IoT

Bleepingcomputer

30.3.19

Hackers stole $19 Million from Bithumb cryptocurrency exchange

Cryptocurrency

Securityaffairs

30.3.19

Expert disclosed two Zero-Day flaws in Microsoft browsers

Vulnerebility

Securityaffairs

30.3.19

Initial fixes for Cisco RV320 and RV325 routers were incomplete

Vulnerebility

Securityaffairs

30.3.19

Hackers Steal $19 Million From Bithumb Cryptocurrency Exchange

Cryptocurrency

Thehackernews

30.3.19

Ransom News

Ransom

Ransom

30.3.19

Zero-Day Bug Lays Open TP-Link Smart Home Router

Vulnerebility

Threatpost

30.3.19

Magento Patches Critical SQL Injection and RCE Vulnerabilities

Vulnerebility

Threatpost

30.3.19

Critical Rockwell Automation Bug in Drive Component Puts IIoT Plants at Risk

IoT

Threatpost

30.3.19

Toyota Motor Corporation (TMC) sales subsidiary and its affiliates suffered a data breach that exposed personal information of millions of customers in Japan.

Incindent

Securityaffairs

30.3.19

Commando VM – Using Windows for pen testing and red teaming

Security

Securityaffairs

30.3.19

Unpatched Zero-Days in Microsoft Edge and IE Browsers Disclosed Publicly

Vulnerebility

Thehackernews

30.3.19

Bots and botnets in 2018

BotNet

Securelist

30.3.19

Annotating Golang binaries with Cutter and Jupyter

Virus

SANS

29.3.19

Victims of attacks in the Philippines are filing lawsuit against company enabling them

BigBrothers

Securityaffairs

29.3.19

Magento fixed a critical Magento SQL Injection flaw

Vulnerebility

Securityaffairs

29.3.19

Malware researchers decrypted the Qrypter Payload

Virus

Securityaffairs

29.3.19

Google developer disclosed Zero-Day flaw in TP-Link SR20 Routers

Vulnerebility

Securityaffairs

29.3.19

Georgia Man Admits to Hacking Accounts of Athletes and Musicians

Hacking

Securityweek

29.3.19

Millions of Toyota Customers in Japan Hit by Data Breach

Incindent

Securityweek

29.3.19

Cisco Improperly Patched Exploited Router Vulnerabilities

Vulnerebility

Securityweek

29.3.19

Microsoft Launches Azure Security Center for IoT

IoT

Securityweek

29.3.19

Commando VM — Turn Your Windows Computer Into A Hacking Machine

Hacking

Thehackernews

29.3.19

Here's the List of ~600 MAC Addresses Targeted in Recent ASUS Hack

Hacking

Thehackernews

29.3.19

Critical Magento SQL Injection Vulnerability Discovered – Patch Your Sites

Vulnerebility

Thehackernews

29.3.19

New Shodan Monitor service allows tracking Internet-Exposed devices

Security

Securityaffairs

29.3.19

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Vulnerebility

Securityaffairs

29.3.19

VMware Patches Flaws Disclosed at Pwn2Own 2019

Congress

Securityweek

29.3.19

Ex-NSA Contractor Pleads Guilty in Theft of Secret Documents

BigBrothers

Securityweek

29.3.19

Proxy Emerges From Stealth with $13.6 Million in Funding

Incindent

Securityweek

29.3.19

Critical Flaw Allows Hackers to Take Control of PowerFlex AC Drives

Vulnerebility

Securityweek

29.3.19

Ex-NSA Contractor Pleads Guilty to 20-Year-Long Theft of Classified Data

BigBrothers

Thehackernews

29.3.19

The return of the BOM

CyberCrime

Securelist

29.3.19

Lazarus Group Widens Tactics in Cryptocurrency Attacks

APT

Threatpost

29.3.19

FTC Demands Broadband Providers Reveal Data Handling Practices

BigBrothers

Threatpost

29.3.19

Grindr Poses National Security Risk, U.S. Gov Says

BigBrothers

Threatpost

29.3.19

Zero-Day TP-Link SR20 Router Vulnerability Disclosed by Google Dev

Vulnerebility

Bleepingcomputer

29.3.19

New Microsoft Edge May Have Support for Internet Explorer Tabs

IT

Bleepingcomputer

29.3.19

New Bill to Protect U.S. Senate Personal Devices, Accounts from Hackers

BigBrothers

Bleepingcomputer

29.3.19

Windows 10 Version 1809 Is Now in Broad Deployment, Available to Everyone

Vulnerebility

Bleepingcomputer

29.3.19

Microsoft Fixing Azure Service Failures Impacting Western Europe

Vulnerebility

Bleepingcomputer

29.3.19

Cisco Botches Fix for RV320, RV325 Routers, Just Blocks 'curl' User Agent

Vulnerebility

Bleepingcomputer

29.3.19

Vigilantes Counter Christchurch Manifesto with Weaponized Version

Security

Bleepingcomputer

29.3.19

Gustuff Android Malware Targets 100+ Banking and 32 Cryptocurrency Apps

Android

Bleepingcomputer

29.3.19

Serverless, shadow APIs and Denial of Wallet attacks

Attack

Net-security

29.3.19

Enterprises fear disruption to business critical applications, yet don’t prioritize securing them

Security

Net-security

29.3.19

Lessons learned from the many crypto hacks

Crypto

Net-security

29.3.19

CIOs admit certificate-related outages routinely impact critical business applications and services

Security

Net-security

29.3.19

Status of AI implementation at automotive organizations

IT

Net-security

28.3.19

Gustuff Android banking trojan targets 125+ banking, and 32 cryptocurrency apps

Android

Securityaffairs

28.3.19

Lazarus APT continues to target cryptocurrency businesses with Mac malware

APT

Securityaffairs

28.3.19

New Shodan Service Keeps Track of Internet-Exposed Systems

Security

Securityweek

28.3.19

Android Trojan Targets Banks, Crypto-Currencies, e-Commerce

Android

Securityweek

28.3.19

Ex-NSA Contractor Expected to Plead Guilty in Document Theft

BigBrothers

Securityweek

28.3.19

UK Identifies Fresh Huawei Risks to Telecom Networks

BigBrothers

Securityweek

28.3.19

WinRAR Vulnerability Exploited to Deliver New Malware

Vulnerebility

Securityweek

28.3.19

Elfin Hacking Group Targets Multiple U.S. and Saudi Arabian Firms

CyberCrime

Thehackernews

28.3.19

UNNAM3D Ransomware Locks Files in Protected Archives, Demands Gift Cards

Ransomware

Bleepingcomputer

28.3.19

Ransomware Hits Garage of Canadian Domain Registration Authority

Ransomware

Bleepingcomputer

28.3.19

Office Depot Pays $25 Million To Settle Deceptive Tech Support Lawsuit

IT

Bleepingcomputer

28.3.19

Microsoft Defender ATP Adds Tamper Protection

Safety

Bleepingcomputer

28.3.19

Mozila Releases Firefox 66.0.2 with Fixes for Windows 10, Office 365 Issues

Vulnerebility

Bleepingcomputer

28.3.19

Microsoft Retaliates Against APT35 Hacker Group by Seizing 99 Domains

APT

Bleepingcomputer

28.3.19

Microsoft Releases Windows 10 Build 18865 (20H1) With Narrator Fixes

Vulnerebility

Bleepingcomputer

28.3.19

20% of Industrial Control Systems Affected by Critical Vulnerabilities

Vulnerebility

Bleepingcomputer

28.3.19

Microsoft Plans to Add Native Caret Browsing to Chrome

IT

Bleepingcomputer

28.3.19

Microsoft's Application Guard Extension Protects Chrome and Firefox Users

Safety

Bleepingcomputer

28.3.19

Cisco botched patches for its RV320/RV325 routers

Vulnerebility

Net-security

28.3.19

Two white hats hack a Tesla, get to keep it

Vulnerebility blog

Eset

28.3.19

Global police arrest dozens of people in dark web sting

Cyber blog

Eset

28.3.19

Cisco Talos adds new Content Category

Security blog

Cisco Talos

28.3.19

Vulnerability Spotlight: Multiple vulnerabilities in GOG Galaxy Games

Vulnerebility blog

Cisco Talos

28.3.19

Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S.

APT blog

Symantec

28.3.19

ASUS Software Updates Used for Supply Chain Attacks

Attack blog

Symantec

28.3.19

Karta – Matching Open Sources in Binaries

BigBrother blog

Checkpoint

28.3.19

WinRAR Zero-day Abused in Multiple Campaigns

Vulnerebility blog

FireEye

28.3.19

SilkETW: Because Free Telemetry is … Free!

Security blog

FireEye

28.3.19

Cisco Releases Flood of Patches for IOS XE, But Leaves Some Routers Open to Attack

Vulnerebility

Threatpost

28.3.19

Grindr Poses National Security Risk, U.S. Gov Says

BigBrothers

Threatpost

28.3.19

Threat Landscape for Industrial Automation Systems in H2 2018

ICS

Securelist

28.3.19

ASUS fixes supply chain of Live Update tool hit in Operation ShadowHammer

CyberCrime

Securityaffairs

28.3.19

Microsoft Takes Control of 99 Domains Used by Iranian Cyberspies

CyberSpy

Securityweek

28.3.19

NVIDIA Patches Serious Flaw in GeForce Experience Software

Vulnerebility

Securityweek

28.3.19

New Settings Let Hackers Easily Pentest Facebook, Instagram Mobile Apps

Social

Thehackernews

28.3.19

When it comes to file sharing, the cloud has very few downsides

Security

Net-security

28.3.19

Security remains a top concern for IoT executives, but small fixes can shore up ecosystem resilience

IoT

Net-security

28.3.19

Algorithms can now find bugs in computer chips before they are made

Security

Net-security

28.3.19

Third-party cyber risk management is a burden on human and financial resources

Security

Net-security

28.3.19

SMBs willing to invest more to protect their businesses

Security

Net-security

28.3.19

Running your Own Passive DNS Service

Security

SANS

27.3.19

Operation SaboTor – Police arrested 61 vendors and buyers in the dark web

CyberCrime

Securityaffairs

27.3.19

LUCKY ELEPHANT campaign targets South Asian governments

BigBrothers

Securityaffairs

27.3.19

Norsk Hydro estimates losses between $35M – $41M in the first week after cyberattack

Attack

Securityaffairs

27.3.19

A new AZORult C++ variant can establish RDP connections

Virus

Securityaffairs

27.3.19

Nearly Half of ICS Devices Protected by Kaspersky Targeted in 2018

ICS

Securityweek

27.3.19

North Korea-Linked Hackers Target macOS Users

Apple

Securityweek

27.3.19

Hackers Are Loving PowerShell, Study Finds

Hacking

Securityweek

27.3.19

Iran-Linked Cyberspy Group APT33 Continues Attacks on Saudi Arabia, U.S.

APT

Securityweek

27.3.19

ASUS Patches Hijacked System Update Utility

Hacking

Securityweek

27.3.19

Ransomware Behind Norsk Hydro Attack Takes On Wiper-Like Capabilities

Ransomware

Threatpost

27.3.19

Cybercriminals Have a Heyday with WinRAR Bug in Fresh Campaigns

CyberCrime

Threatpost

27.3.19

Gamers Beware: Nvidia Fixes High-Severity GeForce Experience Bug

Vulnerebility

Threatpost

27.3.19

The ransomware attack cost Norsk Hydro $40 million so far

Ransomware

Net-security

27.3.19

ASUS confirms server compromise, releases fixed Live Update tool

Vulnerebility

Net-security

27.3.19

U.S. Federal Reserve System Exposed to Increased Risk of Unauthorized Access

BigBrothers

Bleepingcomputer

27.3.19

NVIDIA Patches High Severity GeForce Experience Vulnerability

Vulnerebility

Bleepingcomputer

27.3.19

UC Browser for Android, Desktop Exposes 500+ Million Users to MiTM Attacks

Attack

Bleepingcomputer

27.3.19

ASUS Admits Its Live Update Utility Was Backdoored by APT Group

APT

Bleepingcomputer

27.3.19

Microsoft's Leaked Edge Insider Browser Works on Windows 7

IT

Bleepingcomputer

27.3.19

iOS 12.2 Patches Over 50 Security Vulnerabilities

Apple

Bleepingcomputer

27.3.19

Skype Experiencing Global Instant Messaging Delays

IT

Bleepingcomputer

27.3.19

Firefox to Import Windows Root Certs To Avoid Antivirus SSL Scanning Issues

Safety

Bleepingcomputer

27.3.19

Apple Introduces New Products During 'It's Show Time' Event

Apple

Bleepingcomputer

27.3.19

Emsisoft has Released a Decryptor for the Hacked Ransomware

Ransomware

Bleepingcomputer

27.3.19

ASUS Live Update Infected with Backdoor in Supply Chain Attack

Attack

Bleepingcomputer

27.3.19

Tesla Model 3 Hacked on the Last Day of Pwn2Own

Congress

Bleepingcomputer

27.3.19

The AZORult Legacy Lives On. Hello AZORult++!

Virus

Bleepingcomputer

27.3.19

Telegram Now Lets You Delete a Received Message From Sender's Device

Social

Bleepingcomputer

27.3.19

Microsoft's Leaked Edge Browser Should Make Google Worried

IT

Bleepingcomputer

27.3.19

VirusTotal Goes Retro with New ASCII Site for Older Browsers

Security

Bleepingcomputer

27.3.19

Experts found 36 vulnerabilities in the LTE protocol

Mobil

Securityaffairs

27.3.19

Whitehat settings allow white hat hackers to Test Facebook mobile apps

Social

Securityaffairs

27.3.19

The Ursnif Gangs keep Threatening Italy

Virus

Securityaffairs

27.3.19

EU Presents Plan for Safe 5G Amid Huawei Suspicions

BigBrothers

Securityweek

27.3.19

AZORult Variant Can Establish RDP Connections

Virus

Securityweek

27.3.19

Norsk Hydro May Have Lost $40M in First Week After Cyberattack

Attack

Securityweek

27.3.19

Apple Patches Vulnerabilities in iOS, macOS, Safari

Apple

Securityweek

27.3.19

Cyber Risk Assessment Firm Sayata Labs Emerges From Stealth

Cyber

Securityweek

27.3.19

Facebook Blocks More Accounts Over Influence Campaigns

Social

Securityweek

27.3.19

Build-time security: Block risk and security issues from production rings

Security

Net-security

27.3.19

Weighing the options: The role of cyber insurance in ransomware attacks

Ransomware

Net-security

27.3.19

Encrypted attacks growing steadily, cybercriminals are increasingly targeting non-standard ports

CyberCrime

Net-security

27.3.19

New blockchain system uses reputation to fend off 51 percent attacks

Attack

Net-security

27.3.19

61% of CIOs believe employees leak data maliciously

Security

Net-security

27.3.19

Does siloed data negatively impact your organization?

Security

Net-security

26.3.19

Apple iOS 12.2 Patches 51 Serious Flaws

Apple

Threatpost

26.3.19

ASUS Patches Live Update Bug That Allowed APT to Infect Thousands of PCs

APT

Threatpost

26.3.19

Cryptocurrency businesses still being targeted by Lazarus

Cryptocurrency

Securelist

26.3.19

Some ASUS Updates Drop Backdoors on PCs in ‘Operation ShadowHammer’

Attack

Threatpost

26.3.19

Drones are Quickly Becoming a Cybersecurity Nightmare

Cyber

Threatpost

26.3.19

Malware Payloads Hide in Images: Steganography Gets a Reboot

Virus

Threatpost

26.3.19

FEMA Exposes PII for Millions of Hurricane, Wildfire Survivors

BigBrothers

Threatpost

26.3.19

ThreatList: Remote Workers Threaten 1 in 3 Organizations

Security

Threatpost

26.3.19

Bugs in Grandstream Gear Lay Open SMBs to Range of Attacks

Attack

Threatpost

26.3.19

Operation ShadowHammer

APT

Securelist

26.3.19

What you can expect at the 10th annual HITB Security Conference in The Netherlands

Congress

Net-security

26.3.19

PewCrypt Ranson Tool

Anti-Ramson Tool

Anti-Ramson Tool

26.3.19

iOS 12.2 update addresses some troubling vulnerabilities

Apple

Securityaffairs

26.3.19

How to get back files encrypted by the Hacked Ransomware for free

Ransomware

Securityaffairs

26.3.19

Microsoft experts found high severity flaws in Huawei PCManager

Vulnerebility

Securityaffairs

26.3.19

Operation ShadowHammer – Supply-Chain attack hit ASUS users

Attack

Securityaffairs

26.3.19

Anubis II – malware and afterlife

Virus

Securityaffairs

26.3.19

Free Tools: spotting APTs through Malware streams

APT

Securityaffairs

26.3.19

Hackers raised fake tornado alarms in two Texas towns

Hacking

Securityaffairs

26.3.19

PewDiePie ransomware oblige users subscribe to PewDiePie YouTube channel

Ransomware

Securityaffairs

26.3.19

New Settings Help Hackers Test Facebook Mobile Apps

Social

Securityweek

26.3.19

LockerGoga Ransomware Neutralized by Shortcut Files

Ransomware

Securityweek

26.3.19

Microsoft Finds Privilege Escalation, Code Execution Flaws in Huawei Tool

Vulnerebility

Securityweek

26.3.19

Researchers Uncover Vulnerabilities in LTE Wireless Protocol

Vulnerebility

Securityweek

26.3.19

Supply-Chain Attack Used to Install Backdoors on ASUS Computers

Attack

Securityweek

26.3.19

Major U.S. Chemical Firms Hit by Cyberattack

BigBrothers

Securityweek

26.3.19

DHS Warns of Vulnerabilities in Medtronic Defibrillators

BigBrothers

Securityweek

26.3.19

Industrial Cybersecurity Firm CyberX Raises $18 Million

IT

Securityweek

26.3.19

Second Critical Crypto Flaw Found in Swiss E-Voting System

Vulnerebility

Securityweek

26.3.19

Warning: ASUS Software Update Server Hacked to Distribute Malware

Virus

Thehackernews

26.3.19

Latest iOS 12.2 Update Patches Some Serious Security Vulnerabilities

Apple

Thehackernews

26.3.19

Insecure UC Browser 'Feature' Lets Hackers Hijack Android Phones Remotely

Android

Thehackernews

26.3.19

Apple fixed some interesting bugs in iOS and macOS

Apple

Net-security

26.3.19

How to build an effective vulnerability management program

Safety

Net-security

26.3.19

Cybercriminals are increasingly using encryption to conceal and launch attacks

Cyber

Net-security

26.3.19

Guilty by association: The reality of online retail third-party data leaks

Security

Net-security

26.3.19

Less than 20% of IT pros have complete access to critical data in public clouds

Security

Net-security

26.3.19

Most companies help employees cover costs to obtain professional certifications

Security

Net-security

26.3.19

CFOs and CIOs must collaborate on digital transformation to remain competitive

Cyber

Net-security

26.3.19

Attackers compromised ASUS to deliver backdoored software updates

Hacking

Net-security

26.3.19

Secure workloads without slowing down your DevOps flows

Vulnerebility

Net-security

25.3.19

Ransomware or Wiper? LockerGoga Straddles the Line

Ransomware blog

Cisco Talos

25.3.19

Vulnerability Spotlight: Multiple Vulnerabilities in CUJO Smart Firewall, Das U-Boot, OCTEON SDK, Webroot BrightCloud

Vulnerebility blog

Cisco Talos

25.3.19

IPv6 unmasking via UPnP

Security blog

Cisco Talos

25.3.19

Facebook exposed millions of user passwords to employees

Social blog

Eset

25.3.19

Most second-hand thumb drives contain data from past owners

Security blog

Eset

25.3.19

I Still Didn’t See What You Did

Spam blog

Eset

25.3.19

Google hit with €1.49 billion antitrust fine by EU

Incident blog

Eset

25.3.19

Fake or Fake: Keeping up with OceanLotus decoys

APT blog

Eset

25.3.19

You should pick your Android security app wisely, test shows

OS Blog

Eset

25.3.19

I didn’t see what you did, redux

Spam blog

Eset

25.3.19

Facebook suffer most severe outage ever

Social blog

Eset

25.3.19

Telegram allows users to delete any sent/received message from both sides with no time limit

Social

Securityaffairs

25.3.19

Microsoft Defender APT now protects also macOS

Safety

Securityaffairs

25.3.19

Federal Emergency Management Agency’s (FEMA) data leak exposes data of 2.3M survivors

Incindent

Securityaffairs

25.3.19

WordPress Social Warfare plugin zero-day exploited in attacks

Exploit

Securityaffairs

25.3.19

Malware Static Analysis

Virus

Securityaffairs

25.3.19

Watchdog: FEMA Wrongly Released Personal Data of Victims

Incindent

Securityweek

25.3.19

Cisco Patches High Severity Vulnerabilities in IP Phones

Vulnerebility

Securityweek

25.3.19

"VelvetSweatshop" Maldocs: Shellcode Analysis

Virus

SANS

25.3.19

Employee cybersecurity essentials part 1: Passwords and phishing

Cyber

Net-security

25.3.19

What worries you the most when responding to a cybersecurity incident?

Incindent

Net-security

25.3.19

Consumers willing to dump apps that collect private data, but can’t tell which are doing so

Incindent

Net-security

25.3.19

2017 Cisco WebEx flaw increasingly leveraged by attackers, phishing campaigns rise

Vulnerebility

Net-security

25.3.19

The success of the digital workplace depends on the practical implementation of new technology

Security

Net-security

24.3.19

Ransom News

Ransom

Ransom

24.3.19

Chrome 74 Dark Mode Now Syncs with Windows 10 Color Settings

IT

Bleepingcomputer

24.3.19

FEMA Data Leak Exposes Personal Info of 2.3M Disaster Survivors

Incindent

Bleepingcomputer

24.3.19

70% of Ransomware Attacks Targeted SMBs, BEC Attacks Increased by 130%

Analysis

Bleepingcomputer

24.3.19

Microsoft is Adding a Graphing Mode to the Windows 10 Calculator

IT

Bleepingcomputer

24.3.19

Zero-Day WordPress Plugin Vulnerability Used to Add Malicious Redirects

Vulnerebility

Bleepingcomputer

24.3.19

Mozilla Firefox and Microsoft Edge Hacked on Second Day of Pwn2Own

Congress

Bleepingcomputer

24.3.19

2 Million Emails of 350K+ Clients Possibly Exposed in Oregon DHS Data Breach

Incindent

Bleepingcomputer

24.3.19

Windows 7 Gets an Extra Life With Windows Virtual Desktop

IT

Bleepingcomputer

24.3.19

13-Year-Old Allegedly Hacked Teacher Account to Create Student 'Hit List'

Hacking

Bleepingcomputer

24.3.19

An Outage is Bad for Facebook, but Great for PornHub

Social

Bleepingcomputer

24.3.19

Safari, Virtualbox, VMware Get Hacked During First Day of Pwn2Own 2019

Congress

Bleepingcomputer

24.3.19

Cisco Fixes High-Severity Vulnerabilities in IP Phone 77800, 8800

Vulnerebility

Bleepingcomputer

24.3.19

Facebook Employees Could Access Unencrypted Passwords for Millions of Users

Social

Bleepingcomputer

24.3.19

Microsoft Defender ATP Brings Enterprise Protection to Macs

Safety

Bleepingcomputer

24.3.19

Fake CDC Emails Warning of Flu Pandemic Push Ransomware

Ransomware

Bleepingcomputer

24.3.19

"VelvetSweatshop" Maldocs

Virus

SANS

23.3.19

Pwn2Own 2019 Day 3: Experts hacked Tesla 3 browser

Congress

Securityaffairs

23.3.19

Russian APT groups target European governments ahead of May Elections

APT

Securityaffairs

23.3.19

Medtronic’s implantable heart defibrillators vulnerable to hack

Vulnerebility

Securityaffairs

23.3.19

Cisco addresses High-Severity flaws in IP Phone 8800 and 7800 series

Vulnerebility

Securityaffairs

23.3.19

Pwn2Own 2019 Day 2 – Hackers earned $270,000 for Firefox, Edge hacks

Congress

Securityaffairs

23.3.19

FIN7 is back with a previously unseen SQLRat malware

CyberCrime

Securityaffairs

23.3.19

Pwn2Own 2019: Researchers Win Tesla After Hacking Its Browser

Congress

Securityweek

23.3.19

UK Police Federation Hit by Ransomware

Ransomware

Securityweek

23.3.19

Russian Hackers Target European Governments Ahead of Elections: FireEye

BigBrothers

Securityweek

23.3.19

Industry Reactions to Norsk Hydro Breach: Feedback Friday

Incindent

Securityweek

23.3.19

Microsoft Launches Defender ATP Endpoint Security for macOS

Safety

Securityweek

23.3.19

D.C. Attorney General Introduces New Data Security Bill

Security

Securityweek

23.3.19

Critical DoS Bug Bubbles Up in Facebook Fizz TLS 1.3 Project

Vulnerebility

Threatpost

23.3.19

WordPress Plugin Patched After Zero Day Discovered

Vulnerebility

Threatpost

23.3.19

Medtronic Defibrillators Have Critical Flaws, Warns DHS

Vulnerebility

Threatpost

23.3.19

Firefox and Edge Fall to Hackers on Day Two of Pwn2Own

Congress

Threatpost

23.3.19

Spycams Secretly Live-Streamed 1,600 Motel Guests

Privacy

Threatpost

23.3.19

Google Play Touts Certs in Quest For Enterprise Security

Android

Threatpost

23.3.19

Analysis: Drone Tech Creates New Type of Blended Threat

Security

Threatpost

23.3.19

Medtronic's Implantable Defibrillators Vulnerable to Life-Threatening Hacks

Vulnerebility

Thehackernews

23.3.19

Microsoft Announces Windows Defender ATP Antivirus for Mac

Safety

Thehackernews

23.3.19

Introduction to analysing Go binaries

Security

SANS

22.3.19

Facebook Stored Passwords in Plain Text For Years

Social

Threatpost

22.3.19

WordPress Plugin Patched After Zero Day Discovered

Vulnerebility

Threatpost

22.3.19

MyPillow and Amerisleep Targeted in Magecart Group Attacks

Attack

Threatpost

22.3.19

Hackers Take Down Safari, VMware and Oracle at Pwn2Own

Congress

Threatpost

22.3.19

Cisco Patches High-Severity Flaws in IP Phones

Vulnerebility

Threatpost

22.3.19

AZORult++: Rewriting history

Virus

Securelist

22.3.19

Norsk Hydro cyber attack: What’s new?

Attack

Net-security

22.3.19

Hacking microcontroller firmware through a USB

Hacking

Securelist

22.3.19

Facebook passwords stored in plain text, hundreds of millions users affected

Social

Securityaffairs

22.3.19

South Korea – 1,600 guests at 30 motels secretly live streamed

Incindent

Securityaffairs

22.3.19

Researchers Earn $270,000 for Firefox, Edge Hacks at Pwn2Own 2019

Congress

Securityweek

22.3.19

Global Security Spend Set to Grow to $133.8 Billion by 2022: IDC

Security

Securityweek

22.3.19

Facebook Mistakenly Stored Millions of Users' Passwords in Plaintext

Social

Thehackernews

22.3.19

New Wave of Extortion Emails: Central Intelligence Agency Case

BigBrothers

SANS

22.3.19

Worldwide spending on security solutions expected to continue growing

Security

Net-security

22.3.19

The privacy risks of pre-installed software on Android devices

Android

Net-security

22.3.19

Cost of telecommunications fraud estimated at €29 billion a year

CyberCrime

Net-security

22.3.19

Businesses have cybersecurity best practice guidelines but fail in practice

Cyber

Net-security

22.3.19

Quality Assurance and Testing is a bottleneck to implementing DevOps for many organizations

Security

Net-security

22.3.19

Experts to help boards tackle cybersecurity threats

Net-security

21.3.19

Instagram Testing Anti-Squatting Feature that Locks Old Usernames

Social

Bleepingcomputer

21.3.19

Putty 0.71 Fixes Weakness That Allows Fake Login Prompts

Vulnerebility

Bleepingcomputer

21.3.19

Lithuanian Pleads Guilty to Stealing $100 Million From Google, Facebook

BigBrothers

Bleepingcomputer

21.3.19

KB4493132 Update Notifies Windows 7 Users of End of Support Date

Vulnerebility

Bleepingcomputer

21.3.19

Windows 10 Insider Preview Build 18362 (19H1) Fixes Autoupdate of Apps

Vulnerebility

Bleepingcomputer

21.3.19

1,600 Hotel Guests Secretly Live Streamed to 4,000+ Subscribers

Incindent

Bleepingcomputer

21.3.19

Microsoft Releases Windows 10 Build 18860 (20H1) With Swiftkey Enhancements

Vulnerebility

Bleepingcomputer

21.3.19

Google Fined $1.7 Billion for Anti-Competitive Practices in Online Advertising

Security

Bleepingcomputer

21.3.19

Payment Card Thieves Slip into MyPillow and AmeriSleep Bedding Sites

Cyber

Bleepingcomputer

21.3.19

Google Photos Bug Exposed the Location & Time of Your Pictures

Vulnerebility

Bleepingcomputer

21.3.19

Fake eBay Ad in Google Search Led to Tech Support Scams

Spam

Bleepingcomputer

21.3.19

Facebook Stored Passwords of Hundreds of Millions Users in Plain Text

Social

Securityweek

21.3.19

Multiple Vulnerabilities Patched in PuTTY and LibSSH2

Vulnerebility

Securityweek

21.3.19

Facebook Pays Big Bounty for DoS Flaw in Fizz TLS Library

Social

Securityweek

21.3.19

FIN7 Hackers Use New Malware in Recent Attacks

Virus

Securityweek

21.3.19

Finland to Investigate Suspected Nokia Chinese Data Breach

Incindent

Securityweek

21.3.19

Many Vulnerabilities Found in Oracle's Java Card Technology

Vulnerebility

Securityweek

21.3.19

Schneider Electric Working on Patch for Flaw in Triconex TriStation Emulator

ICS

Securityweek

21.3.19

Pwn2Own 2019 Day 1 – participants hacked Apple, Oracle, VMware products

Congress

Securityaffairs

21.3.19

Experts found a critical vulnerability in the NSA Ghidra tool

Vulnerebility

Securityaffairs

21.3.19

Apple, Oracle, VMware Software Hacked at Pwn2Own 2019

Congress

Securityweek

21.3.19

Researchers Use UPnP Protocol to Unmask IPv6 Address

Security

Securityweek

21.3.19

Windows Hello Support Added to Firefox 66

Security

Securityweek

21.3.19

Multiple Vulnerabilities Fixed in CUJO Smart Firewall

Vulnerebility

Securityweek

21.3.19

Authentication Bypass Vulnerability Found in SoftNAS Cloud

Vulnerebility

Securityweek

21.3.19

Vulnerability in NSA's Reverse Engineering Tool Allows Remote Code Execution

Vulnerebility

Securityweek

21.3.19

Man Pleads Guilty Over $100M BEC Scheme Targeting Google, Facebook

Spam

Securityweek

21.3.19

Google Photos Flaw Allowed Hackers to Track Users

Hacking

Securityweek

21.3.19

European Government Websites Are Delivering Tracking Cookies to Visitors

BigBrothers

Securityweek

21.3.19

Norsk Hydro Restoring Systems, But Not Paying Ransom

Ransomware

Securityweek

21.3.19

Webinar Today: Managing Cyber Threats in the Era of Industry 4.0

Cyber

Securityweek

21.3.19

EU Fines Google for Anti-trust Breach

BigBrothers

Securityweek

21.3.19

[SI-LAB] LockerGoga is the most active ransomware that focuses on targeting companies

Ransomware

Securityaffairs

21.3.19

MyPillow and Amerisleep are the latest victims of Magecart gangs

Cyber

Securityaffairs

21.3.19

Putty users have to download a new release that fixes 8 flaws

Vulnerebility

Securityaffairs

21.3.19

SimBad malware infected million Android users through Play Store

Android

Securityaffairs

21.3.19

New MageCart Attacks Target Bedding Retailers My Pillow and Amerisleep

Attack

Thehackernews

21.3.19

Years-Long Phishing Campaign Targets Saudi Gov Agencies

Phishing

Threatpost

21.3.19

Mac-Focused Malvertising Campaign Abuses Google Firebase DBs

Apple

Threatpost

21.3.19

Post-Perimeter Security: Addressing Evolving Mobile Enterprise Threats

Mobil

Threatpost

21.3.19

New Wave of Extortion Emails: Central Intelligence Agency Case

Spam

SANS

21.3.19

You may trust your users, but can you trust their files?

Security

Net-security

21.3.19

Breaking the cybersecurity stalemate by investing in people

Cyber

Net-security

21.3.19

Average DDoS attack sizes decrease 85% due to FBI’s shutdown of DDoS-for-hire websites

Attack

Net-security

21.3.19

CEOs more likely to receive pay rise after a cyber attack. Wait, what?

Attack