Categories
Breach CVE Cyber Security Data leak Hacking Malware Scam Vulnerability

Cloudflare exposes 3M IP addresses, Australian consumer watchdog accuses Google of privacy breaches, and more

Major cybersecurity events on 28th July 2020 (Morning Post): Promo.com, popular marketing video maker, discloses data breach, 22 million user records leaked on hacker forum. Developer discovers leaked source code of over 50 high-profile organizations from diverse sectors.Continue readingCloudflare exposes 3M IP addresses, Australian consumer watchdog accuses Google of privacy breaches, and more

Categories
Breach Bug CVE Cyber Security Data leak Hacking Malware Ransomware Vulnerability

Gothic Panda, Stone Panda attack Indian companies, Data of Avito, Yula users appear on the internet, and more

Major cybersecurity events on 27th July 2020 (Morning Post): Russia’s GRU military intel agency behind most aggressive hacking attacks on US govt. Cyber criminals target Airtel customers with eSIM swapping fraud. Researchers suggest that users patch ASUS routers, as they can be reflashed with malware.Continue readingGothic Panda, Stone Panda attack Indian companies, Data of Avito, Yula users appear on the internet, and more

Categories
Adware Bug CVE Cyber Security Malware Skimming Vulnerability

Facebook, Google, Twitter pause reviews of Hong Kong data requests, Purple Fox adds two Microsoft exploits to arsenal, and more

Major cybersecurity events on 7th July 2020 (Morning Post): Adware targets Android users, Kaspersky finds them to be undeletable files. Credit card skimmer targets websites hosted on Microsoft IIS servers, running ASP.NET. Hotels.com code generator flaw fixed. Continue readingFacebook, Google, Twitter pause reviews of Hong Kong data requests, Purple Fox adds two Microsoft exploits to arsenal, and more

Categories
Breach Cyber Security Hacking Malware Phishing Scam Vulnerability

TikTok denies misuse of Indian user data, HMRC phishing scams target passport details, and more

Major cybersecurity events on 1st July 2020 (Morning Post): Verified Instagram account targets unsuspecting users with copyright infringement phishing scam. 25 Android apps removed from Play Store, following the theft of Facebook credentials. EvilQuest ransomware targets macOS users.Continue readingTikTok denies misuse of Indian user data, HMRC phishing scams target passport details, and more

Categories
APT Breach CVE Cyber Security Malware Phishing Spyware Vulnerability

Twitter bug caches private files, Facebook takes down fake accounts, Mandrake targets Aussies, MakeFrame targets SMBs, and more

Major cybersecurity events on 2nd April 2020: COVID-themed scams surge. Zoom’s popularity adversely impacts the remote conferencing giant through various malicious schemes. Facebook disables Instagram, Facebook impersonators’ accounts. New class of Windows vulnerabilities discovered.Continue readingTwitter bug caches private files, Facebook takes down fake accounts, Mandrake targets Aussies, MakeFrame targets SMBs, and more

Categories
Breach CVE Malware MiTM Phishing Ransomware Stalkerware Vulnerability

COVID-19 malware and phishing scams, fake Google domains, and more

Major cyber security incidents on 17th March 2020: Scammers use COVID-19 as a guise to spread malware and phishing mails. APT36 calls coronavirus a ‘golden opportunity’ to distribute Crimson RAT. MacOS bundleware installer capable of much more than a normal installation software.Continue readingCOVID-19 malware and phishing scams, fake Google domains, and more

Categories
Cyber Security Phishing Ransomware Vulnerability

CloudSEK Daily Threat Bulletin – 2nd March 2020

Round Up of Major Breaches and Scams ‘SurfingAttack’ allows attackers to remotely control voice-controlled devices A new omni-directional attack method called SurfingAttack, allows attackers to control voice-controlled devices from a distance, without the victim’s knowledge. Attackers can use voice commands to instruct voice assistants to reveal sensitive data such as SMS authentication codes for online…Continue readingCloudSEK Daily Threat Bulletin – 2nd March 2020

Categories
Cyber Security Malware Phishing Ransomware Spearphishing

CloudSEK Daily Threat Bulletin – 19th February 2020

Round Up of Major Breaches and Scams Facility of US natural gas operator shuts down due to ransomware attack A facility of a US natural gas operator was targeted by a ransomware attack that used poor segmentation of its IT-OT networks to infect Windows-based assets. The threat actor used a Spearphishing link to access their…Continue readingCloudSEK Daily Threat Bulletin – 19th February 2020

Categories
APT CVE DMA Ryuk TrickBot

CloudSEK Daily Threat Bulletin – 31st January 2020

In the last 24 hours, as the world still reels from the sale of 30 million cards on Joker’s Stash, the UN has confirmed that their servers were exploited because of a SharePoint flaw that was patched in March 2019. As testimony to the growing sophistication of hackers, a new attack strategy that uses HTML…Continue readingCloudSEK Daily Threat Bulletin – 31st January 2020