Major cybersecurity events on 04 January 2021 (Morning Post): Hacker sells 368 million users’ records stolen from 26 companies including Sitepoint. 6.15 lakh Facebook users’ account compromised by Facebook ad phishing campaign. Backdoor discovered in over 100,000 Zyxel firewalls.Continue readingPayPal phishing campaign steals user credentials, Microsoft’s Windows Core Polaris OS leaks online, and more
Tag: Facebook
Major cybersecurity events on 29th December 2020 (Morning Post): Facebook ads misused by cybercriminals in phishing scam to steal 615,000 login credentials. Nefilim ransomware operators leak data stolen from Whirlpool. The Parliament of Finland confirms hackers breached MPs’ emails accounts.Continue reading“Immense” IT problem targets AIDA cruise ships, Unauthorized access at Kawasaki may have caused leak, and more
Major cybersecurity events on 22nd December 2020 (Evening Post): Hackers break into US Treasury systems, steal essential encryption keys. CISA issues ICS Advisory for new vulnerabilities in Treck TCP/IP stack. Tech giants Microsoft, Google, Cisco support Facebook in case against spyware maker.Continue readingNOW: Pensions suffers 3rd party data breach, “Joker’s Stash” servers seized by law enforcement, and more
Major cybersecurity events on 21st December 2020 (Morning Post): Unsecured Azure blob exposed 500,000+ highly confidential docs from UK firm’s CRM customers. The horrific Vastaamo breach provokes Finnish government’s quick response. Telangana govt. site flaw exposes employees’ sensitive data.Continue readingPremier Kids Care notifies patients of cyberattack, SolarWinds hackers breach US NNSA nuclear agency, and more
Major cybersecurity events on 18th December 2020 (Morning Post): Power supplier People’s Energy hacked, exposes 250,000 customers’ personal info. Emirati website leaks the personal information of thousands of Israelis, used to plan trips to Dubai. 5M WordPress sites run ‘Contact Form 7’ plugin with critical bugs.Continue readingSolarWinds breached Microsoft systems as well, Mednax Services notifies patients of data breach, and more
Major cybersecurity events on 17th December 2020 (Evening Post): Phobos launches Orbital to find attack pathways and entry points in networks. Two malware-laced gems found in RubyGems repository, capable of replacing cryptocurrency wallet address in clipboard with attacker-supplied one.Continue readingUsers are advised to ignore FB Christmas bonus scam, Mexican drug cartels hold high-tech spyware, and more
Major cybersecurity events on 16th December 2020 (Evening Post): Apple patches a total of 59 of code execution vulnerabilities in macOS. New 5G network flaws let attackers track users’ locations and steal data. SolarWinds removes customer list from site as It releases second hotfix.Continue readingAustralian watchdog sues Facebook over VPN app, HPE discloses critical 0 day in server management software, and more
Major cybersecurity events on 16th December 2020 (Morning Post): Facebook removes disinformation accounts linked to Russia and French military. PyMICROPSIA Windows malware includes checks for Linux and macOS. Firefox patches critical mystery bug, also impacting Google Chrome.Continue readingPhishing scam targets Subway loyalty-card users, New Goontact spyware targets Android, iOS users, and more
Major cybersecurity events on 15th December 2020 (Evening Post): WhatsApp denies that its encrypted data can be hacked by Pegasus, an Israeli spyware. Wormable Gitpaste-12 botnet returns to target Linux servers, IoT devices. ‘PGMiner’ crypto-mining botnet abuses PostgreSQL for distribution.Continue readingOver 45 million medical images leaked online, Twitter fined €450,000 for GDPR breach, and more
Major cybersecurity events on 15th December 2020 (Morning Post): Microsoft Office 365 credentials under attack by fax ‘alert’ emails. Ransomware masterminds claim to have nabbed 53GB of data from Intel’s Habana Labs. MoleRats using Facebook, Dropbox, Google Docs to spread malware.Continue readingCruise company Hurtigruten suffers cyber attack, Spotify’s registration data exposed to 3rd party partner, and more