Categories
Breach CVE Malware Phishing TrickBot Vulnerability

CloudSEK Daily Threat Bulletin – 11th March 2020

Round Up of Major Breaches and Scams Iranian Coronavirus app collecting sensitive information Over the weekend, Iranian researcher, Nariman Gharib, reported via Twitter that he had identified a coronavirus app collecting sensitive information from users, including their real-time geo-location details, beyond what the app required to function. According to Gharib, the app was released by…Continue readingCloudSEK Daily Threat Bulletin – 11th March 2020

Categories
Breach CVE Malware Ransomware TrickBot Vulnerability

CloudSEK Daily Threat Bulletin – 6th March 2020

Round Up of Major Breaches and Scams Brazilian security firm exposes 25 GB of data on leaky S3 bucket A Brazilian home and business security firm has exposed 25 GB of files on a leaky S3 bucket. The files, which include tax documents, payment slips, and social security documents, reveal their clients’ contract details and…Continue readingCloudSEK Daily Threat Bulletin – 6th March 2020

Categories
Cyber Security Malware Phishing Ransomware TrickBot

CloudSEK Daily Threat Bulletin – 18th February 2020

Round Up of Major Breaches and Scams WHO issues warning against Coronavirus themed phishing attacks The World Health Organization (WHO) has issued a warning about the growing threat of phishing attacks that are employing Coronavirus related content to deliver malware. There are phishing messages claiming to be from WHO officials, requesting victims to share usernames…Continue readingCloudSEK Daily Threat Bulletin – 18th February 2020

Categories
APT Cyber Security Malware Phishing Ransomware

CloudSEK Daily Threat Bulletin – 17th February 2020

Round Up of Major Breaches and Scams Twitter accounts Olympics, IOC, and FC Barcelona hacked Adding to the growing list of hacked Twitter accounts, are the Olympics’, International Olympic Committee’s (IOC) and Spanish soccer club FC Barcelona’s accounts. Twitter announced that the accounts were hacked through a 3rd party platform. They have locked the compromised…Continue readingCloudSEK Daily Threat Bulletin – 17th February 2020

Categories
Cyber Security Emotet Malware

CloudSEK Daily Threat Bulletin – 4th February 2020

Twitter announces that its API had been exploited to match usernames to phone numbers. While the fake accounts responsible for this have been suspended, the impact of this is still not known. Magecart targets Olympic tickets reseller’s payment platform to steal customer payment card numbers. And Apollon Market may be pulling off an exit scam,…Continue readingCloudSEK Daily Threat Bulletin – 4th February 2020

Categories
CVE Malware Phishing Ransomware

CloudSEK Daily Threat Bulletin – 3rd February 2020

As Coronavirus spreads outside China, the Coronavirus phishing attacks also reach the US and UK. And who said hacking contests were for White Hats? XSS is conducting a contest that has prize money of $15,000. Ironically, the spam fighting organization, Spamhaus is now being used to orchestrate phishing scams. Scammers are also hijacking building door…Continue readingCloudSEK Daily Threat Bulletin – 3rd February 2020

Categories
APT CVE DMA Ryuk TrickBot

CloudSEK Daily Threat Bulletin – 31st January 2020

In the last 24 hours, as the world still reels from the sale of 30 million cards on Joker’s Stash, the UN has confirmed that their servers were exploited because of a SharePoint flaw that was patched in March 2019. As testimony to the growing sophistication of hackers, a new attack strategy that uses HTML…Continue readingCloudSEK Daily Threat Bulletin – 31st January 2020