Major cybersecurity events on 28th July 2020 (Morning Post): Promo.com, popular marketing video maker, discloses data breach, 22 million user records leaked on hacker forum. Developer discovers leaked source code of over 50 high-profile organizations from diverse sectors.Continue readingCloudflare exposes 3M IP addresses, Australian consumer watchdog accuses Google of privacy breaches, and more
Tag: Instagram
Major cybersecurity events on 27th July 2020 (Morning Post): Russia’s GRU military intel agency behind most aggressive hacking attacks on US govt. Cyber criminals target Airtel customers with eSIM swapping fraud. Researchers suggest that users patch ASUS routers, as they can be reflashed with malware.Continue readingGothic Panda, Stone Panda attack Indian companies, Data of Avito, Yula users appear on the internet, and more
Major cybersecurity events on 7th July 2020 (Morning Post): Adware targets Android users, Kaspersky finds them to be undeletable files. Credit card skimmer targets websites hosted on Microsoft IIS servers, running ASP.NET. Hotels.com code generator flaw fixed. Continue readingFacebook, Google, Twitter pause reviews of Hong Kong data requests, Purple Fox adds two Microsoft exploits to arsenal, and more
Major cybersecurity events on 1st July 2020 (Morning Post): Verified Instagram account targets unsuspecting users with copyright infringement phishing scam. 25 Android apps removed from Play Store, following the theft of Facebook credentials. EvilQuest ransomware targets macOS users.Continue readingTikTok denies misuse of Indian user data, HMRC phishing scams target passport details, and more
Major cybersecurity events on 2nd April 2020: COVID-themed scams surge. Zoom’s popularity adversely impacts the remote conferencing giant through various malicious schemes. Facebook disables Instagram, Facebook impersonators’ accounts. New class of Windows vulnerabilities discovered.Continue readingTwitter bug caches private files, Facebook takes down fake accounts, Mandrake targets Aussies, MakeFrame targets SMBs, and more
Major cyber security incidents on 17th March 2020: Scammers use COVID-19 as a guise to spread malware and phishing mails. APT36 calls coronavirus a ‘golden opportunity’ to distribute Crimson RAT. MacOS bundleware installer capable of much more than a normal installation software.Continue readingCOVID-19 malware and phishing scams, fake Google domains, and more
Round Up of Major Breaches and Scams ‘SurfingAttack’ allows attackers to remotely control voice-controlled devices A new omni-directional attack method called SurfingAttack, allows attackers to control voice-controlled devices from a distance, without the victim’s knowledge. Attackers can use voice commands to instruct voice assistants to reveal sensitive data such as SMS authentication codes for online…Continue readingCloudSEK Daily Threat Bulletin – 2nd March 2020
Round Up of Major Breaches and Scams Facility of US natural gas operator shuts down due to ransomware attack A facility of a US natural gas operator was targeted by a ransomware attack that used poor segmentation of its IT-OT networks to infect Windows-based assets. The threat actor used a Spearphishing link to access their…Continue readingCloudSEK Daily Threat Bulletin – 19th February 2020
In the last 24 hours, as the world still reels from the sale of 30 million cards on Joker’s Stash, the UN has confirmed that their servers were exploited because of a SharePoint flaw that was patched in March 2019. As testimony to the growing sophistication of hackers, a new attack strategy that uses HTML…Continue readingCloudSEK Daily Threat Bulletin – 31st January 2020