Major cybersecurity events on 24th November 2020 (Morning Post): Over 300K Spotify accounts hacked in credential stuffing attack, Fake Minecraft mods swamp over 1M Android devices with ads, Tesla Model X key fobs could be hacked to steal cars.Continue readingOver 300K Spotify accounts hacked in credential stuffing attack, Fake Minecraft mods swamp over 1M Android devices with ads, and more
Category: Spearphishing
Major cybersecurity events on 29th October 2020 (Evening Post): Spear-phishing attacks target education sector at disproportionate levels. A security lapse at social networking app True exposes private messages, user locations. US govt. issues red alert to hospitals of major Ryuk campaign.Continue readingCharming Kitten targets international conferences, Taiwan’s UMC to pay $60M for trade secret theft, and more
Major cybersecurity events on 10th September 2020 (Evening Post): Irish regulators ask Facebook to stop sending EU user data to the US due to privacy concerns. Office 365 phishing runs real-time check of stolen domain logins. Ransomware and zoombombing disrupt back-to-school plans.Continue reading£130,000 fine imposed on pension scheme cold caller, Equinix discloses ransomware incident, and more
Major cybersecurity events on 2nd September 2020 (Evening Post): Phishing email scam uses Sharepoint and One Note targeting passwords. AusCERT says alleged DoE hack came from a third-party. Chinese APT releases new malware Sepulcher, uses it in spear-phishing attacks.Continue readingCorporate CEOs face jail time for IoT attacks, Chinese Professor steals US trade secrets, jailed, and more
Major cybersecurity events on 31st July 2020 (Morning Post): Twitter celebrity accounts hijacked after actors hooked staff with spearphishing tactics. Gujarat Technological University students complain about massive data leak following mock test. TrickBot Anchor malware targets Linux devices.Continue readingOffice 365 phishing targets Google Ads, Startups suffer data breach, 386M records leaks, and more
Major cybersecurity events on 30th July 2020 (Morning Post): Hacker-for-hire mercenary group, Deceptikons target European law firms. Netwalker ransomware a.k.a. Mailto poses a threat to US govt. and organizations. OKCupid security flaw allows attackers to perform in-app actions without user’s knowledge.Continue readingIndia bans 47 more Chinese mobile apps, Links to Chinese govt. target Vatican prior to Beijing negotiations, and more
Major cybersecurity events on 16th July 2020 (Morning Post): Bhinneka database of more than one million accounts dumped on hacker forum. An info-stealer Trojan found to be linked to threat actors responsible for TrickBot. Brazil’s four malware families ramp up techniques, spread to countries.Continue readingCryptocurrency scam hits Bill Gates, Elon Musk, Joe Biden, Welcome Chat stores user data in unsecure location, and more
Major cybersecurity events on 7th July 2020 (Evening Post): FBI nabs Nigerian business scammer Ray “Hushpuppi” Abbas. North Korean hacking group Lazarus linked to US credit card stealing attacks. Insurance MSP Xchanging targeted in ransomware attacks, affects clients.Continue readingHapvida discloses breach leaks client data, Ragnar Locker targets EDP energy giant, and more
Major cybersecurity events on 29th June 2020 (Evening Post): Attackers hack E27, asks for donation in exchange for details about vulnerabilities. Maine Information and Analysis Center suffers data breach, leaks data. Evil Corp stopped from spreading ransomware, preventing attack on 30 major firms.Continue readingHackers sent explicit messages to breached list of students, Hidden Web Skimmers used to target ecommerce sites, and more
Major cybersecurity events on 24th June 2020 (Evening Post): Sodinokibi ransomware scan victim networks for credit card PoS software. Microsoft adds firmware protections to Windows. Nefilim targets organizations using unpatched Citrix remote-access technology.Continue readingPhishing campaign masquerades as QuickBooks invoices, Hakbit ransomware targets victims via Excel, and more