Major cybersecurity events on 24th December 2020 (Morning Post): Nintendo conducts invasive surveillance operation against homebrew hacker. UK privacy watchdog warns SolarWinds victims to report data breaches. Lazarus group hits COVID-19 vaccine-maker in espionage attack.Continue readingData breach hits 30,000 Now:Pensions customers, 21 Buttons exposes millions of users’ data, and more
Category: Scam
Major cybersecurity events on 23rd December 2020 (Evening Post): ACLU sues FBI to learn how It obtains data from encrypted devices. Cyber security firm Cellebrite claims to be able to access Signal messages. Millions of devices affected by vulnerabilities used in stolen FireEye tools.Continue readingElasticsearch server leaks 12M medical records, Ledger database dumped on Raidforums marketplace, and more
Major cybersecurity events on 23rd December 2020 (Morning Post): UK cryptocurrency exchange EXMO suffers breach, funds stolen. Ransomware downed UVM Medical Center systems, no payments have been made. New marketing campaign emerges against UK subway, using TrickBot malware.Continue readingUS warns of COVID-themed phishing, fraud schemes, Emotet campaign returns after 7-week hiatus, and more
Major cybersecurity events on 22nd December 2020 (Morning Post): Nosy ex-partners armed with Instagram passwords pose a serious cybersecurity threat. Partial lists of organizations infected with Sunburst malware released online. Dell Wyse ThinOS flaws allow hacking thin clients.Continue readingTennCare breached, impacts 3,300 members, Hades ransomware gang targets Trucking giant Forward Air, and more
Major cybersecurity events on 21st December 2020 (Evening Post): VMware latest to confirm breach in SolarWinds hacking campaign. Ransomware threat actors dump data from yet another k-12 district. Critical bugs in Dell Wyse Thin Client Devices allow code execution.Continue readingUS seizes domains for COVID phishing attacks, Hacker dumps crypto wallet customer data, attacks follow, and more
Major cybersecurity events on 21st December 2020 (Morning Post): Unsecured Azure blob exposed 500,000+ highly confidential docs from UK firm’s CRM customers. The horrific Vastaamo breach provokes Finnish government’s quick response. Telangana govt. site flaw exposes employees’ sensitive data.Continue readingPremier Kids Care notifies patients of cyberattack, SolarWinds hackers breach US NNSA nuclear agency, and more
Major cybersecurity events on 18th December 2020 (Morning Post): Power supplier People’s Energy hacked, exposes 250,000 customers’ personal info. Emirati website leaks the personal information of thousands of Israelis, used to plan trips to Dubai. 5M WordPress sites run ‘Contact Form 7’ plugin with critical bugs.Continue readingSolarWinds breached Microsoft systems as well, Mednax Services notifies patients of data breach, and more
Major cybersecurity events on 17th December 2020 (Evening Post): Phobos launches Orbital to find attack pathways and entry points in networks. Two malware-laced gems found in RubyGems repository, capable of replacing cryptocurrency wallet address in clipboard with attacker-supplied one.Continue readingUsers are advised to ignore FB Christmas bonus scam, Mexican drug cartels hold high-tech spyware, and more
Major cybersecurity events on 17th December 2020 (Morning Post): IRS form fraud campaign targets G Suite users, affects 50,000 executives already. FireEye, GoDaddy, and Microsoft creates kill switch for SolarWinds backdoor. DoppelPaymer ransomware gang harasses victims who refuse to pay.Continue reading3M users install 28 malicious Chrome, Edge extensions, IMAP leveraged to infiltrate email accounts, and more
Major cybersecurity events on 16th December 2020 (Evening Post): Apple patches a total of 59 of code execution vulnerabilities in macOS. New 5G network flaws let attackers track users’ locations and steal data. SolarWinds removes customer list from site as It releases second hotfix.Continue readingAustralian watchdog sues Facebook over VPN app, HPE discloses critical 0 day in server management software, and more