Categories
APT Breach CVE Cyber Security Malware Phishing Spyware Vulnerability

Twitter bug caches private files, Facebook takes down fake accounts, Mandrake targets Aussies, MakeFrame targets SMBs, and more

Major cybersecurity events on 2nd April 2020: COVID-themed scams surge. Zoom’s popularity adversely impacts the remote conferencing giant through various malicious schemes. Facebook disables Instagram, Facebook impersonators’ accounts. New class of Windows vulnerabilities discovered.Continue readingTwitter bug caches private files, Facebook takes down fake accounts, Mandrake targets Aussies, MakeFrame targets SMBs, and more

Categories
Breach CVE Cyber Security Malware Phishing Vulnerability

Zoom under scrutiny, Phishing campaigns evade Office 365 ATPs, Wiper targets Windows, and more

Major cybersecurity events on 1st April 2020: Two Zoom zero-day vulnerabilities could allow root privileges to attackers. Windows vulnerability, SMBGhost, exploited for local privilege escalation. Wiper malware dubbed “Coronavirus” render disks unusable. Phishing emails lure victims with financial relief for Coronavirus.Continue readingZoom under scrutiny, Phishing campaigns evade Office 365 ATPs, Wiper targets Windows, and more

Categories
Breach Cyber Security Malware Phishing Ransomware Trojan Vulnerability Watering Holes

Marriott breached, Kwampirs targets healthcare sector, LimeRAT campaign, and more

Major cybersecurity events on 31st March 2020: Watering holes attacks target Asians, uses Flash updates. Vulnerability in WordPress allows administrative access to users. Saudi Arabia secretly tracks its citizens. Zoom client leaks credentials to attackers. Data breach impacts 5.2Mn Marriott hotel guests. LimeRAT installs a range of malware strains.Continue readingMarriott breached, Kwampirs targets healthcare sector, LimeRAT campaign, and more

Categories
Breach Cyber Security Malware Phishing RAT Vulnerability

Remcos RAT cloaked as SMB grants, Malicious USBs doing the rounds, Hacked Linksys routers, and more

Major cybersecurity events on 27th March 2020: Teleworking attracts brute-force attacks on Linksys routers. European companies targeted by hackers, suspected to be the Silence and TA505 groups. FBI warns of malicious USB drives delivered via USPS. Remcos RAT payloads target U.S. SBA.Continue readingRemcos RAT cloaked as SMB grants, Malicious USBs doing the rounds, Hacked Linksys routers, and more

Categories
Breach CVE Malware Phishing Ransomware Trojan Vulnerability

GE data breach, Coronavirus phishing, Vulnerable LILIN, Tesla, Windows, and more

Major cybersecurity events on 23rd March 2020: PII of GE employees exposed. Hackers spread malware through Coronavirus safety app, gains Contacts access to infect more. Coronavirus phishing spreads Netwalker ransomware. Tesla central touchscreen exposed to DoS attacks. Botnet operators exploit vulnerabilities in LILIN DVRs.Continue readingGE data breach, Coronavirus phishing, Vulnerable LILIN, Tesla, Windows, and more

Categories
Breach CVE Cyber Security Malware Ransomware Snooping Trojan Vulnerability

CloudSEK Daily Threat Bulletin – 12th March 2020

Round Up of Major Breaches and Scams Comcast accidentally published 200,000 “unlisted” phone numbers Comcast mistakenly published the names, phone numbers, and addresses of nearly 200,000 customers who paid monthly fees to make their numbers unlisted. The names and numbers were made available on Ecolisting, a directory run by Comcast, and picked up by third-party directories.…Continue readingCloudSEK Daily Threat Bulletin – 12th March 2020

Categories
Breach CVE Malware Phishing TrickBot Vulnerability

CloudSEK Daily Threat Bulletin – 11th March 2020

Round Up of Major Breaches and Scams Iranian Coronavirus app collecting sensitive information Over the weekend, Iranian researcher, Nariman Gharib, reported via Twitter that he had identified a coronavirus app collecting sensitive information from users, including their real-time geo-location details, beyond what the app required to function. According to Gharib, the app was released by…Continue readingCloudSEK Daily Threat Bulletin – 11th March 2020

Categories
Malware MiTM Phishing Ransomware Snooping Trojan Vulnerability

CloudSEK Daily Threat Bulletin – 10th March 2020

Round Up of Major Breaches and Scams Years-long campaign targets hackers through trojanized hacking tools Vietnam based threat group has been hacking other hackers through njRAT infected hacking tools. Instead of directly hacking systems, spreading trojanized hacking tools gives them complete access to a much larger pool of hacked data. These trojanized tools have been…Continue readingCloudSEK Daily Threat Bulletin – 10th March 2020

Categories
CVE Cyber Security Emotet Malware Ransomware

CloudSEK Daily Threat Bulletin – 25th February 2020

Round Up of Major Breaches and Scams Threat group steals data by bypassing server firewall and masking C2 traffic What appears to be a state-sponsored threat group is using a technique called “Cloud Snooper” to bypass a server’s firewall to communicate with command and control (C2). The attackers deployed a rootkit that then installs a…Continue readingCloudSEK Daily Threat Bulletin – 25th February 2020

Categories
Cyber Security Emotet Malware Ransomware Smishing

CloudSEK Daily Threat Bulletin – 20th February 2020

Round Up of Major Breaches and Scams 10 million+ records of MGM guests, now available on hacking forum 10 million records of MGM guests are now available for free on a hacking forum. The data, which was stolen during a security breach in July 2019, includes 3.1 million unique email addresses, names, addresses, and phone…Continue readingCloudSEK Daily Threat Bulletin – 20th February 2020