Major cybersecurity events on 28th December 2020 (Evening Post): Multi-platform card skimmer found on Shopify, BigCommerce stores. REvil hackers plan to leak photos of plastic surgery patients after massive hack. GitHub-hosted malware calculates Cobalt Strike payload from Imgur pic.Continue readingThreat actors target Finnish politicians’ email accounts, 21 Buttons exposes millions of users’ data, and more
Category: Skimming
Major cybersecurity events on 16th December 2020 (Evening Post): Apple patches a total of 59 of code execution vulnerabilities in macOS. New 5G network flaws let attackers track users’ locations and steal data. SolarWinds removes customer list from site as It releases second hotfix.Continue readingAustralian watchdog sues Facebook over VPN app, HPE discloses critical 0 day in server management software, and more
Major cybersecurity events on 7th December 2020 (Evening Post): Flight Centre hackathon exposes 6918 customers’ data in 2017 data breach. Ransomware targets Greater Baltimore Medical Center. Verizon Communication’s Chatbox flaw leaks customers’ personal information.Continue readingHackers leak data from airplane maker Embraer, Web malware hides in social media buttons, and more
Major cybersecurity events on 01st December 2020 (Morning Post): Indian National Gets 20-Year Jail in United States for Running Scam Call Centers, Microsoft links Vietnamese state hackers to crypto-mining malware campaign, Credit card skimmer fills fake PayPal forms with stolen order info.Continue readingIndian National Gets 20-Year Jail in United States for Running Scam Call Centers, Microsoft links Vietnamese state hackers to crypto-mining malware campaign, and more
Major cybersecurity events on 4th November 2020 (Evening Post): Cannabis growers’ community website exposes more than 3.4 million user records, passwords. Maze clients turn to Sekhmet ransomware group’s Egregor as a substitute. Microsoft store games abused for Windows privilege escalation.Continue readingBitcoin wallet emptied of $1B ahead of US election, Over 23,600 hacked databases leaked on Telegram, and more
Major cybersecurity events on 9th October 2020 (Evening Post): Cybercriminals target Playback Now conference platform with payment card skimmer. Fitbit gallery can be used to distribute malicious apps. 55 new security flaws reported in Apple software and services.Continue readingCriminals steal over £100,000 from old aged in Lancaster, Ransomware gang leverages Zerologon in attacks, and more
Major cybersecurity events on 17th September 2020 (Morning Post): In multiple incidents US charges hackers and cyber criminals for espionage, global attacks, and cryptocurrency phishing spree. Hacker finds former Australian Prime Minister Tony Abbot’s passport number from Instagram post.Continue readingIranian hackers charged for cyber espionage, Warner Music Group faces lawsuit over data breach, and more
Major cybersecurity events on 15th September 2020 (Morning Post): Election security court hearing zoombombed with swastikas, WTC attack images on 9/11 anniversary. Staples suffers data breach, exposes customer information. Nation-state hackers target unpatched Microsoft Exchange, F5, VPN bugs.Continue reading2,000 Magento online stores hacked, Department of Veteran Affairs suffers data breach, and more
Major cybersecurity events on 9th September 2020 (Morning Post): Russian government claims that USA, UK, Ukrainian DDoS attacks targeted voting in Russian Federation. France, Japan, and New Zealand warn of a surge in Emotet attacks. Adobe InDesign, Framemaker, and Experience Manager flaws fixed.Continue readingCredit card skimmer Baka evades detection methods, Netwalker targets Pakistani power utility K-Electric, and more
Major cybersecurity events on 7th September 2020 (Evening Post): ACSC’s First Annual Cyber Threat Report records 59,806 cybercrimes in a year. Russian indicted for attempting to recruit Tesla employee to install malware. DDoS attacks e-learning platforms increased by 80% in 2020.Continue readingDigital Forum exposes 800,000 user records, Charing Cross Gender Identity Clinic data leak victims claim £30,000, and more