Major cybersecurity events on 22nd December 2020 (Evening Post): Hackers break into US Treasury systems, steal essential encryption keys. CISA issues ICS Advisory for new vulnerabilities in Treck TCP/IP stack. Tech giants Microsoft, Google, Cisco support Facebook in case against spyware maker.Continue readingNOW: Pensions suffers 3rd party data breach, “Joker’s Stash” servers seized by law enforcement, and more
Category: Spyware
Major cybersecurity events on 16th December 2020 (Evening Post): Apple patches a total of 59 of code execution vulnerabilities in macOS. New 5G network flaws let attackers track users’ locations and steal data. SolarWinds removes customer list from site as It releases second hotfix.Continue readingAustralian watchdog sues Facebook over VPN app, HPE discloses critical 0 day in server management software, and more
Major cybersecurity events on 16th December 2020 (Morning Post): Facebook removes disinformation accounts linked to Russia and French military. PyMICROPSIA Windows malware includes checks for Linux and macOS. Firefox patches critical mystery bug, also impacting Google Chrome.Continue readingPhishing scam targets Subway loyalty-card users, New Goontact spyware targets Android, iOS users, and more
Major cybersecurity events on 6th November 2020 (Morning Post): Ragnar Locker demands $15 million after stealing 2 TB unencrypted Campari files. North Korean cyberespionage campaign uses Torisma spyware to monitor victims in stealth. Apple releases updates for 3 actively exploited 0-day vulnerabilities. Continue readingUS DoJ seizes $1B in Bitcoins tied to Silk Road, Hackers compromise 1,200 company VoIP servers, and more
Major cybersecurity events on 3rd November 2020 (Morning Post): Microsoft Tips leaks images of new Windows 10 screens, dialogs using rounded corners. US city fined $200k for failing to terminate former employee who later stole data. Over 250,000 malicious email attacks hit BBC, per day.Continue readingWakefern’s ShopRite fined $235K for negligence, UNC1945 uses Solaris 0-day to breach corporate networks, and more
Major cybersecurity events on 12th October 2020 (Morning Post): Tyler Technologies pays ransom to obtain decryption key, following ransomware attack. Clop ransomware hits tech giant Software AG, demands over $20 million as ransom. Russia-linked threat group TA505 exploits Zerologon through fake software updates.Continue readingMarketing firm Friendemic exposes 2.7M customer records, Docsketch discloses security breach, and more
Major cybersecurity events on 1st October 2020 (Morning Post): Twitter removes 130 Iranian accounts attempting to disrupt US Presidential Debates. Two men charged for hacking NBA, NFL players’ social media accounts. Kylie Jenner’s makeup company suffers data breach.Continue readingAPT group TA2552 uses OAuth2 to access O365, Australian DFAT leaks personal details of 1000 citizens, and more
Major cybersecurity events on 29th September 2020 (Evening Post): Former Amazon finance manager charged $1.4m for insider trading. NilePhish attacker group targets Egyptian activists and civil society organizations. Microsoft clarifies patch confusion for Windows Zerologon flaw.Continue readingFlightradar24, PlaneFinder suffers crippling attack, China-linked BlackTech cyberspies target US, and more
Major cybersecurity events on 28th September 2020 (Morning Post): Ministry of Internal Affairs of Belarus resumes its work after 19 days, resolved technical issues. Google removes 17 Joker-infected apps from the Play Store. Free decryptor released to combat ThunderX ransomware.Continue readingHackers drain KuCoin wallets of $150 million, Hungarian banks, telecom services targeted by DDoS attacks, and more