Major cybersecurity events on 1st June 2020 (Evening Post): AWS phishing scam steals credentials to access business data. Shiny Hunters sell Minted database, Minted confirms data breach. New Whatsapp scam aims for user’s verification code. Octopus infects 26 GitHub software projects.Continue readingJoomla, Daniel’s Hosting, Amtrak, AFL fan website hit in different data breach incidents, Ransomware attack target Weiz, and more
Tag: GitHub
Major cybersecurity events on 29th May 2020 (Evening Post): Cyber criminals masquerade as Google, target remote workers. Hackers exploit flaws in SaltStack to get to Cisco servers. Hackers sell 5 million user records on dark web; Minted discloses data breach.Continue readingNippon Communications and Minted disclose breach, Octopus Scanner malware infects GitHub NetBeans repos, and more
Major cybersecurity events on 8th May 2020: ShinyHunters, who breached Tokopedia, is selling more than 7.3 million user records on dark web. DocuSign phishing campaign targets Office 365 users, using COVID as bait. Cognizant expects to lose $50m-$70m after ransomware attack. Russian hackers target Merkel’s office.Continue readingMobiFriends breach leaks 3.6M users data, ChatBooks data sold on dark web, Iran hackers target Gilead, and more
Major cybersecurity events on 6th May 2020: 44 million Pakistani mobile users data leaked online. Microsoft’s GitHub account hacked, 500 GB data stolen. Hackers impersonate financial NGO to steal Microsoft Sharepoint, Office credentials. Snake ransomware targets healthcare among other businesses.Continue readingTesla user data sold on eBay, Arogya Setu denies data breach of 90M Indians, 22M Unacademy user data sold after data breach, and more
Major cybersecurity events on 4th May 2020: Xiaomi denies tracking private browser, phone usage. 91 million Tokopedia accounts held for sale on dark web. NCSC warns of potential theft of Coronavirus research. Roblox insider bribed to access user data. Ransomware targets PeroxyChem.Continue readingJio symptom checker exposes results, CursedChrome turns browser to proxy bots, and more
Major cybersecurity events on 16th April 2020: Shipping giant MSC confirms malware attack. Agent Tesla steals WiFi pass. Zoom Windows, macOS zero-day vulnerabilities for sale. DoppelPaymer targets Visser defence contractor. PoetRAT hits Energy sector, uses data-stealing tools.Continue readingIndia bans Zoom, Multi-million dollar face mask scam busted, Sawfish phishing targets GitHub, and morew
Major cybersecurity events on 23rd March 2020: PII of GE employees exposed. Hackers spread malware through Coronavirus safety app, gains Contacts access to infect more. Coronavirus phishing spreads Netwalker ransomware. Tesla central touchscreen exposed to DoS attacks. Botnet operators exploit vulnerabilities in LILIN DVRs.Continue readingGE data breach, Coronavirus phishing, Vulnerable LILIN, Tesla, Windows, and more
Round Up of Major Breaches and Scams ‘SurfingAttack’ allows attackers to remotely control voice-controlled devices A new omni-directional attack method called SurfingAttack, allows attackers to control voice-controlled devices from a distance, without the victim’s knowledge. Attackers can use voice commands to instruct voice assistants to reveal sensitive data such as SMS authentication codes for online…Continue readingCloudSEK Daily Threat Bulletin – 2nd March 2020