Major cybersecurity events on 29th December 2020 (Evening Post): UK arrests suspects tied to WeLeakInfo, site selling breached personal data. AutoHotkey-based password stealer targeting US, Canadian banking users. Conti ransomware gang takes down Sangoma Technologies.Continue readingAntwerp laboratory latest victim of cyber attack, Ransomware targets COVID-19 vaccine research, and more
Category: Spearphishing
Major cybersecurity events on 14th December 2020 (Evening Post): Russian Hackers Steal Data for Months in SolarWinds global supply chain attacks. Microsoft partially fixes Windows 10 Conexant audio driver issues. Robotic Process Automation vendor UiPath discloses data breach.Continue readingSensitive data of 2M CPC members exposed, Google outage affects Youtube, Gmail, Google services, and more
Major cybersecurity events on 14th December 2020 (Morning Post): Hackers backed by foreign govt. breach US Treasury, steal data. Major leak exposes members and ‘lifts the lid’ on the Chinese Communist Party. Former Cisco engineer gets two years in prison for Webex Teams hack.Continue readingSolarWinds breached, infects multiple US companies, Pay2Key compromises Habana Labs’ networks, and more
Major cybersecurity events on 11th December 2020 (Evening Post): Glassdoor fixes critical issue that allows threat actors to take over accounts. Adrozek malware silently inject ads into search results in multiple browsers. Organized spear-phishing campaign targets 200 million Microsoft 365 users.Continue readingFake data breach targets Ledger wallets, Tax relief business exposes personal info of 100,000 clients, and more
Major cybersecurity events on 24th November 2020 (Morning Post): Over 300K Spotify accounts hacked in credential stuffing attack, Fake Minecraft mods swamp over 1M Android devices with ads, Tesla Model X key fobs could be hacked to steal cars.Continue readingOver 300K Spotify accounts hacked in credential stuffing attack, Fake Minecraft mods swamp over 1M Android devices with ads, and more
Major cybersecurity events on 29th October 2020 (Evening Post): Spear-phishing attacks target education sector at disproportionate levels. A security lapse at social networking app True exposes private messages, user locations. US govt. issues red alert to hospitals of major Ryuk campaign.Continue readingCharming Kitten targets international conferences, Taiwan’s UMC to pay $60M for trade secret theft, and more
Major cybersecurity events on 10th September 2020 (Evening Post): Irish regulators ask Facebook to stop sending EU user data to the US due to privacy concerns. Office 365 phishing runs real-time check of stolen domain logins. Ransomware and zoombombing disrupt back-to-school plans.Continue reading£130,000 fine imposed on pension scheme cold caller, Equinix discloses ransomware incident, and more
Major cybersecurity events on 2nd September 2020 (Evening Post): Phishing email scam uses Sharepoint and One Note targeting passwords. AusCERT says alleged DoE hack came from a third-party. Chinese APT releases new malware Sepulcher, uses it in spear-phishing attacks.Continue readingCorporate CEOs face jail time for IoT attacks, Chinese Professor steals US trade secrets, jailed, and more
Major cybersecurity events on 31st July 2020 (Morning Post): Twitter celebrity accounts hijacked after actors hooked staff with spearphishing tactics. Gujarat Technological University students complain about massive data leak following mock test. TrickBot Anchor malware targets Linux devices.Continue readingOffice 365 phishing targets Google Ads, Startups suffer data breach, 386M records leaks, and more
Major cybersecurity events on 30th July 2020 (Morning Post): Hacker-for-hire mercenary group, Deceptikons target European law firms. Netwalker ransomware a.k.a. Mailto poses a threat to US govt. and organizations. OKCupid security flaw allows attackers to perform in-app actions without user’s knowledge.Continue readingIndia bans 47 more Chinese mobile apps, Links to Chinese govt. target Vatican prior to Beijing negotiations, and more