Round Up of Major Breaches and Scams Twitter accounts Olympics, IOC, and FC Barcelona hacked Adding to the growing list of hacked Twitter accounts, are the Olympics’, International Olympic Committee’s (IOC) and Spanish soccer club FC Barcelona’s accounts. Twitter announced that the accounts were hacked through a 3rd party platform. They have locked the compromised…Continue readingCloudSEK Daily Threat Intelligence Bulletin – 17th February 2020
Round Up of Major Cyber Security News Puerto Rico government victim of $2.6m in phishing scam A senior Puerto Rican government official has confirmed that $2.6 million, allotted for remittance payments, was transferred to a fraudulent account, because of an email phishing campaign. An employee of a government-owned corporation transferred the amount, based on an…Continue readingCloudSEK Daily Threat Intelligence Bulletin – 14th February 2020
Round Up of Major Cyber Security News JailCore App exposes inmates’ details on unsecured S3 bucket JailCore, a cloud-based correctional facility management and compliance application, has left inmate details exposed on an unsecured Amazon S3 bucket. Wherein, 36,000 exposed PDF files could be accessed without a password. The files contained inmates’ information, including personal identifiers…Continue readingCloudSEK Daily Threat Intelligence Bulletin – 13th February 2020
Just 3 weeks before the legislative election, it has been found that Israel’s ruling party has inadvertently exposed all 6.5 million eligible voters’ personal information. And despite the growing sophistication of cyber-attacks, simple but severe Business Email Compromise attacks, are the leading cause for cybercrime losses. Phishing efforts continue to get more convincing, with a…Continue readingCloudSEK Daily Threat Intelligence Bulletin – 12th February 2020
From charity organizations to government entities, just in the last few days, we have seen the impact of attacks on, 12 Indian government entities, the city of Racine, a voter registration website, and the Red Kite Community Housing charity. With Emotet finding a new carrier in W-9 tax forms, it is more obvious than ever…Continue readingCloudSEK Daily Threat Intelligence Bulletin – 5th February 2020
Twitter announces that its API had been exploited to match usernames to phone numbers. While the fake accounts responsible for this have been suspended, the impact of this is still not known. Magecart targets Olympic tickets reseller’s payment platform to steal customer payment card numbers. And Apollon Market may be pulling off an exit scam,…Continue readingCloudSEK Daily Threat Intelligence Bulletin – 4th February 2020
As Coronavirus spreads outside China, the Coronavirus phishing attacks also reach the US and UK. And who said hacking contests were for White Hats? XSS is conducting a contest that has prize money of $15,000. Ironically, the spam fighting organization, Spamhaus is now being used to orchestrate phishing scams. Scammers are also hijacking building door…Continue readingCloudSEK Daily Threat Intelligence Bulletin – 3rd February 2020
In the last 24 hours, as the world still reels from the sale of 30 million cards on Joker’s Stash, the UN has confirmed that their servers were exploited because of a SharePoint flaw that was patched in March 2019. As testimony to the growing sophistication of hackers, a new attack strategy that uses HTML…Continue readingCloudSEK Daily Threat Intelligence Bulletin – 31st January 2020