Major cybersecurity events on 21st October 2020 (Morning Post): Microsoft claims taking down 94% of TrickBot’s command and control servers. NSA reveals 25 publicly known vulnerabilities exploited by Chinese Nation-State hackers. Adblocker installed by 300,000 users turns out to be malicious. Continue readingOSF Healthcare notifies patients of ransomware incident, Pfizer leaks customer prescriptions, and more
Major cybersecurity events on 20th October 2020 (Evening Post): Ransomware gang Darkside donated part of its ransom demands to charities. Nefilim ransomware operators publish long list of Luxottica data on leak site. Google’s Waze allows hackers to identify and track user.Continue readingUS charges Russian intelligence officers for malware attacks, Phishing campaign targets Microsoft, Google, and more
Major cybersecurity events on 20th October (Morning Post): Spying remote access Trojan, GravityRAT targets Android, MacOS devices in India. US Department of Justice announce charges against 6 Sandworm APT members in NotPetya cyberattacks. Ryuk ransomware gang uses Zerologon for rapid attacks. Continue readingRapper Nuke Bizzle scams $1.2M in COVID-19 relief, FBI warns of new spoofed US Census Bureau domains, and more
Major cybersecurity events on 19th October 2020 (Evening Post): Google targeted in record-breaking 2.5 Tbps DDoS attack in 2017. Hackers claim to have compromised 50,000 home cameras and posted footage online. Anti-stalkerware group gathers data to help domestic violence victims.Continue readingGame maker Albion Online breached exposing database, Most-imitated brand for phishing is Microsoft, and more
Major cybersecurity events on 19th October 2020 (Morning Post): FIN11 gang starts to deploy ransomware to monetize its cybercriminal activities. Iran-linked cyberespionage APT group Silent Librarian launches phishing campaigns to target universities. Ransomware attack on health tech firm disrupts COVID clinical trials.Continue reading20 QQAAZZ members charged for money laundering, Hackers attack Haldiram’s, demand Rs. 7.5 lakh, and more
Major cybersecurity events on 16th October 2020 (Evening Post): Critical SonicWall vulnerability, tracked as CVE-2020-5135, affects 800K firewalls. Adobe patches Magento bugs that lead to code execution and customer list tampering. Office 365 adds protection against MITM attacks.Continue readingBritish Airways fined £20M for data breach, Reynolds & Reynolds CEO slapped with tax evasion charge, and more
Major cybersecurity events on 16th October 2020 (Morning Post): Scammers profit off of FIFA 21’s large audience, leverages in-game goods and rewards. Puerto Rico firefighting dept. discloses breach, hackers demand $600,000. Egregor ransomware gang leaks Ubisoft, Crytek stolen data.Continue readingTrump campaign account locked by Twitter, Money laundering org. QQAAZZ members indicted by US DoJ, and more
Major cybersecurity events on 15th October 2020 (Evening Post): Twitter hackers trick employees by posing as IT workers to steal login credentials. After backlash over false marketing Zoom rolls out end-to-end encryption next week. TikTok announces global bug bounty program amidst court battle with U.S.Continue readingThreat actors abuse Office 365 capabilities, Broadvoice data leak exposes 350M customer records, and more
Major cybersecurity events on 15th October 2020 (Morning Post): Iranian APT group Silent Librarian increases its spear phishing attacks, targets schools, universities. Travelex faces DDoS threats in an attempt to extort companies worldwide. Intel, Google urge users to update Linux kernel to version 5.9 or later.Continue readingBarnes & Noble suffers cyberattack, exposes customer data, Carnival Corp. discloses data compromise, and more
Major cybersecurity events on 14th October 2020 (Evening Post): Twitter suspends Trump supporters accounts on the grounds of spam and manipulation. Financial crime group FIN11 pivots to ransomware and stolen data extortion. Allen-Bradley adapter found to have remotely exploitable DoS flaws.Continue readingHackers have access to 50K security cams, Emotet malware operators resume services, and more