Categories
APT Botnet Breach Bug CVE Cyber Security Data leak Hacking Malware Phishing Ransomware REvil Scam Skimming Trojan Vulnerability Zero-day

Threat actors target Finnish politicians’ email accounts, 21 Buttons exposes millions of users’ data, and more

Major cybersecurity events on 28th December 2020 (Evening Post): Multi-platform card skimmer found on Shopify, BigCommerce stores. REvil hackers plan to leak photos of plastic surgery patients after massive hack. GitHub-hosted malware calculates Cobalt Strike payload from Imgur pic.Continue readingThreat actors target Finnish politicians’ email accounts, 21 Buttons exposes millions of users’ data, and more

Categories
Botnet Breach Bug CVE Cyber Security Data leak DDoS Espionage Hacking Malware Phishing Ransomware Virus Vulnerability

Amazon staffers leaked search algorithms, Tutanota German email service suffers DDoS attacks, and more

Major cybersecurity events on 21st September 2020 (Morning Post): 1,000 high-ranking Belarusian police officers’ names and personal details leaked amidst anti-government demonstrations. Mozi botnet accounts for 90% of the IoT network traffic. Iranian hackers busted for 6-year long cyber espionage.Continue readingAmazon staffers leaked search algorithms, Tutanota German email service suffers DDoS attacks, and more

Categories
Breach Bug Cyber Security Data leak Hacking Hoa Sen Group Malware Maze Phishing Ransomware Scam Trojan Typosquatting Vishing Vulnerability

Russian media reports fake domains selling COVID vaccine, Freepik data breach affects 8.3m users, and more

Major cybersecurity events on 24th August 2020 (Morning Post): US DHS warns election officials of typosquatting websites that impersonate state election domains. CCP Unmasked leaks internal files of Chinese social media monitoring firms. Remote workforce threatened by vishing campaign.Continue readingRussian media reports fake domains selling COVID vaccine, Freepik data breach affects 8.3m users, and more

Categories
Breach Cyber Security Malware Vulnerability

New phishing campaigns bypasses Office 365 MFA, Data breach affecting 23M people linked to Covve, and more

Major cybersecurity events on 20th May 2020 (evening post): WordPress malware targets WooCommerce stores with more than 5 million installations. QNAP devices vulnerable to remote takeover attacks. Multiple vulnerabilities discovered in Nitro Pro PDF Reader.Continue readingNew phishing campaigns bypasses Office 365 MFA, Data breach affecting 23M people linked to Covve, and more

Categories
APT Botnet Breach CVE Cyber Security Malware MiTM Phishing Ransomware RAT TrickBot Trojan Vulnerability

Interserve hacked, details of 100000 employees leaked, Massive data leak exposes 115M Pakistani users’ data, and more

Major cybersecurity events on 18th May 2020: Turla APT target diplomatic entities. Naikon returns, targets foreign affairs, science and technology ministries, with new malware. Wannabe ransomware operators arrested before hospital attacks. Several supercomputers across Europe hacked. Continue readingInterserve hacked, details of 100000 employees leaked, Massive data leak exposes 115M Pakistani users’ data, and more

Categories
Botnet Breach CVE Cyber Security Malware Ransomware Vulnerability

Zoom credentials on dark web, RigUp exposes 76,000 files, 115 Mn Pakistani mobile users data on dark web, and more

Major cybersecurity events on 10th April: Mediterranean Shipping Company suspects cyber attacks behind power outage. RigUp AWS S3 bucket exposes thousands of US Energy Sector private files. Card-skimmer malware targets WordPress plugin, WooCommerce. Travelex pays $2.3M as ransom, to hackers. Continue readingZoom credentials on dark web, RigUp exposes 76,000 files, 115 Mn Pakistani mobile users data on dark web, and more

Categories
CVE Cyber Security Ransomware Vulnerability

CloudSEK Daily Threat Bulletin – 3rd March 2020

Round Up of Major Breaches and Scams Exaggerated Lion carries out BEC attacks by exploiting G Suite features Researchers have found that African threat group Exaggerated Lion carries out Business Email Compromise (BEC) attacks by exploiting G Suite features. Since G suite offers a 30-day trial period, and allows users to send 500 emails per…Continue readingCloudSEK Daily Threat Bulletin – 3rd March 2020

Categories
Cyber Security Ransomware TrickBot

CloudSEK Daily Threat Bulletin – 28th February 2020

Round Up of Major Breaches and Scams Error in official Walgreens app exposes users’ personal data An error in the official app of US pharmacy chain Walgreens allowed users to view other users’ names, prescriptions, store number, and shipping addresses. The company announced that for a week, an error in the app’s personal secure messaging…Continue readingCloudSEK Daily Threat Bulletin – 28th February 2020