Major cybersecurity events on 28th May 2020 (Morning Post): Cryptocurrency investor sues high school student for crypto heist. DoubleGun builds botnet, infects several Windows devices. Email scam impersonates FedEx, UPS, drops Dridex on machines.Continue readingIndian hack-for-hire firms masquerade as WHO, Bank of America breached, Truecaller denies data leak, and more
Tag: Facebook
Major cybersecurity events on 26th May 2020 (Morning Post): The Little Clinic notifies 10,000 patients about a glitch in the online appointment system. 40 million Wishbone users’ data leaked. Care19, North Dakota’s contact tracing app, shares user data with third parties. Malspam emails that distribute GuLoader surges.Continue readingSpearphishing campaign steals Office 365 credentials, NSO group masquerades as Facebook to deliver Pegasus, and more
Major cybersecurity events on 21st May 2020 (morning post): Netfilim leaks 200 GB Toll Group data. Serco accidentally shares email addresses of 300 contact tracers. “Collection 1” hacker arrested. Adobe releases an out-of-band security update.Continue readingHome Chef finally confirms breach, BEC profiteers millions from unemployment, COVID scams, and more
Major cybersecurity events on 14th May 2020: Iran hackers attempt to interfere in the 2014 Scottish Independence referendum. City Index reports intrusion and a potential data breach in a notification to its users. Hacker selling 550 million stolen user records on hacking forum.
Continue reading9M CDEC Express customers data leaked, MagBo sells access to 43,000 servers, Microsoft 365 sign-in pages spoofed, and more
Major cybersecurity events on 13th May 2020: Merkel says that she has concrete evidence proving Russia targeted her. Privacy breach attack targets Nova Scotia government, reveals names, medical conditions, sexual abuse details. Ramsay malware steals files from air-gapped computers.Continue reading100000 Interserve employees’ data stolen, Chinese hackers target COVID research, Hidden Cobra’s espionage tools revealed, and more
Major cybersecurity events on 20th April 2020: Phishing attack costs Germany tens of millions of Euros. Proposed government COVID-themed app leaks data. Financial information of CISI members stolen. Hackers target children’s game, Webkinz. 207M Facebook records sold on hacker forum Scammers sell MP3 files that can kill Coronavirus, on the dark web.Continue readingCovid19 Alert tracing app leaks data, Raid costs Crypto firms $25M, Maze ransomware targets Cognizant, and more
Major cybersecurity events on 2nd April 2020: COVID-themed scams surge. Zoom’s popularity adversely impacts the remote conferencing giant through various malicious schemes. Facebook disables Instagram, Facebook impersonators’ accounts. New class of Windows vulnerabilities discovered.Continue readingTwitter bug caches private files, Facebook takes down fake accounts, Mandrake targets Aussies, MakeFrame targets SMBs, and more
Major cyber security incidents on 17th March 2020: Scammers use COVID-19 as a guise to spread malware and phishing mails. APT36 calls coronavirus a ‘golden opportunity’ to distribute Crimson RAT. MacOS bundleware installer capable of much more than a normal installation software.Continue readingCOVID-19 malware and phishing scams, fake Google domains, and more
Round Up of Major Breaches and Scams Czech Republic’s second-biggest hospital is hit by cyberattack A large Czech Republic hospital responsible for running tests for the novel coronavirus said Friday that a cyberattack had hit its computer systems. It was not immediately clear how, if at all, the hack would affect University Hospital Brno’s ability to test for…Continue readingCloudSEK Daily Threat Bulletin – 13th March 2020
Round Up of Major Breaches and Scams ‘SurfingAttack’ allows attackers to remotely control voice-controlled devices A new omni-directional attack method called SurfingAttack, allows attackers to control voice-controlled devices from a distance, without the victim’s knowledge. Attackers can use voice commands to instruct voice assistants to reveal sensitive data such as SMS authentication codes for online…Continue readingCloudSEK Daily Threat Bulletin – 2nd March 2020