๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #06/2024 is out! It includes the following and much more:
โ ๐ #Juniper Support Portal Exposed Customer Device Info
โ ๐ ๐น๐ญ Major #DataBreach in #Thailand Exposes Personal Data of 20 Million Elderly Citizens
โ ๐ ๐ซ๐ท Millions at risk of fraud after massive health data hack in #France
โ ๐ ๐บ๐ธ #Verizon employee inadvertently leaks data of 63 thousand colleagues
โ ๐ ๐ฅ๏ธ #AnyDesk Hacked: Revokes Passwords, Certificates in Response
โ ๐ ๐บ๐ธ #Clorox says #cyberattack caused $49 million in expenses
โ ๐ธ ๐ #Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline
โ ๐บ๐ธ ๐ฐ US offers $10 million for tips on #Hive ransomware leadership
โ ๐จ๐ณ ๐บ๐ธ #China-backed Volt Typhoon hackers have lurked inside US #criticalinfrastructure for โat least five yearsโ
โ ๐จ๐ณ ๐ณ๐ฑ Chinese Hackers Exploited #FortiGate Flaw to Breach Dutch #Military Network
โ ๐ฎ๐ท ๐ฎ๐ฑ #Iran accelerates cyber ops against #Israel from chaotic start
โ ๐ง๐พ ๐บ๐ธ Belarusian National Linked to BTC-e Faces 25 Years for $4 Billion #Crypto Money Laundering
โ ๐ญ๐ฐ ๐ธ #Finance worker pays out $25 million after video call with #deepfake โchief financial officerโ
โ ๐บ๐ฆ #ukraine is Creating a โCyber Diplomatโ Post
โ ๐ฉ๐ฐ #Denmark orders schools to stop sending student data to #Google
โ ๐ช๐บ โ๏ธ #EU proposes criminalizing AI-generated child sexual abuse and deepfakes
โ ๐ณ๐ฑ ๐ฐ #Uber Fined 10 Million Euros by Dutch Data Regulator
โ ๐บ๐ธ ๐ US to Roll Out Visa Restrictions on People Who Misuse #Spyware to Target Journalists, Activists
โ ๐ฆ ๐ฌ Raspberry Robin #Malware Upgrades with #Discord Spread and New Exploits
โ ๐ฆ ๐ New #macOS Backdoor Linked to Prominent Ransomware Groups
๐ฆ ๐ชฅ Surprising 3 Million Hacked #Toothbrushes Story Goes ViralโIs It True?
โ ๐จ๐ฆ ๐ฌ #Canada declares #FlipperZero public enemy No. 1 in car-theft crackdown
โ ๐ฉน #Ivanti: Patch new Connect Secure auth bypass bug immediately
โ ๐ ๐ Security flaw in a popular smart helmet allowed silent location tracking
โ ๐ฉน Critical Patches Released for New Flaws in #Cisco, #Fortinet, #VMware Products
โ ๐ ๐ง Critical Boot Loader #Vulnerability in Shim Impacts Nearly All #Linux Distros
โ ๐ โ๏ธ #Airbus App Vulnerability Introduced Aircraft Safety Risk
โ ๐ฉน #QNAP Patches High-Severity Bugs in QTS, Qsync Central
--
๐ This week's recommended reading is: "x86 Software Reverse-Engineering, Cracking, and Counter-Measure" by Stephanie Domas & Christopher Domas
--
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #02/2024 is out! It includes the following and much more:
โ ๐ ๐ฝ Halara probes breach after hacker leaks data for 950,000 people
โ ๐ ๐ฅ #Mandiant's X Account Was Hacked Using Brute-Force Attack
โ ๐ ๐ต๐พ #Paraguay warns of Black Hunt #ransomware attacks after Tigo Business #breach
โ ๐บ๐ธ ๐ธ US SECโs X account hacked to announce fake #Bitcoin ETF approval
โ ๐ ๐จ๐ฆ Toronto Zoo: Ransomware attack had no impact on animal #wellbeing
โ ๐ Mortgage firm loanDepot #cyberattack impacts IT systems, payment portal
โ ๐ซ๐ฎ ๐ธ #Finland warns of Akira ransomware wiping NAS and tape #backup devices
โ ๐ฉ๐ฐ ๐ท๐บ #Sandworm probably wasnโt behind Danish critical infrastructure cyberattack, report says
โ ๐บ๐ฆ ๐ท๐บ Pro-Ukraine hackers breach Russian ISP in revenge for #KyivStar attack
โ ๐ซ๐ท ๐บ๐ธ French Computer Hacker Jailed in US
โ ๐ณ๐ฌ โ๏ธ Nigerian gets 10 years for laundering millions stolen from elderly
โ ๐น๐ท Turkish Hackers Exploiting Poorly Secured #MSSQL Servers Across the Globe
โ ๐น๐ท ๐ณ๐ฑ Turkish #Cyberspies Targeting Netherlands
โ โ๏ธ ๐ช๐บ #Microsoft Lets Cloud Users Keep Personal Data Within #Europe to Ease #Privacy Fears
โ ๐บ๐ธ ๐จ๐ณ #AI is helping US spies catch stealthy Chinese hacking ops, #NSA official says
โ ๐ฑ๐ง โ๏ธ Beirut Airport Screens Hacked with Anti-Hezbollah Message
โ ๐ธ๐ฆ Saudi Ministry exposed sensitive data for 15 months
โ ๐ฌ๐ท #Greece to Establish New Authority to Counter Cyber-Attacks
โ ๐ฉน #Siemens, #SchneiderElectric Release First #ICS Patch Tuesday Advisories of 2024
โ ๐ โ๏ธ New #Python-based FBot Hacking Toolkit Aims at #Cloud and #SaaS Platforms
โ ๐ฆ ๐บ #YouTube Videos Promoting Cracked Software Distribute Lumma Stealer
โ ๐ฆ ๐ง #Linux devices are under attack by a never-before-seen worm
โ ๐ฆ ๐ณ๐ฑ Dutch Engineer Used Water Pump to Get Billion-Dollar #Stuxnet#Malware Into Iranian Nuclear Facility
โ ๐ก ๐ DSA removal from #OpenSSH
โ ๐ฉน #PatchTuesday
โ ๐ ๐ Actively exploited 0-days in #Ivanti VPN are letting hackers #backdoor networks
โ ๐ ๐ง Hackers can infect network-connected wrenches to install ransomware
โ ๐จ๐ณ ๐ #AirDrop cracked by #China, revealing phone number and email address of sender
โ ๐ฉน #QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products
โ ๐ ๐ KyberSlash attacks put #quantum#encryption projects at risk
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #01/2024 is out! It includes the following and much more:
โ ๐บ๐ธ ๐ผ๏ธ MAJOR US #MUSEUMS SUFFER #CYBERATTACK FALLOUT
โ ๐ช๐ธ ๐ก A โridiculously weakโ password causes disaster for #Spainโs No. 2 mobile carrier
โ ๐ ๐งฌ #23andMe tells victims itโs their fault that their data was breached
โ ๐ ๐ธ #OrbitChain loses $86 million in the last #fintech hack of 2023
โ ๐ ๐ ฟ๏ธ Europeโs Largest Parking App Provider Informs Customers of Data Breach
โ ๐ธ ๐ #Crypto wallet founder loses $125,000 to fake airdrop website
โ ๐บ๐ธ โ๏ธ US Says 19 People Charged Following 2019 Takedown of #xDedic Cybercrime Marketplace
โ ๐ต๐ธ ๐ฎ๐ฑ Palestinian Hackers Hit 100 Israeli Organizations in Destructive Attacks
โ ๐ โ Hacked #Mandiant X Account Abused for #Cryptocurrency Theft
โ ๐ณ๐ฌ ๐บ๐ธ โ๏ธ Nigerian hacker arrested for stealing $7.5M from charities
โ ๐ฆ๐ฑ ๐ก Albanian Parliament and One Albania Telecom Hit by Cyber Attacks
โ ๐บ๐ธ The FBI is adding more cyber-focused agents to U.S. embassies
โ ๐บ๐ธ โ๏ธ Former #BreachForums admin to be jailed until Jan. 19 sentencing
โ ๐บ๐ธ ๐ฐ DOJ Slams #XCast with $10 Million Fine Over Massive Illegal Robocall Operation
โ ๐ท ๐ฅธ #Google Contractor Pays Parents $50 to Scan Their Childrens' Faces
โ ๐ฐ ๐ฅธ Google Settles $5 Billion #Privacy Lawsuit Over Tracking Users in 'Incognito Mode'
โ ๐จ๐ณ ๐ณ๏ธ #Taiwan to reveal Chinese election interference after Saturdayโs vote
โ ๐ฆ ๐ฐ #Merck Settles #NotPetya Insurance Claim, Leaving #Cyberwar Definition Unresolved
โ ๐ฆ ๐ฐ๐ต SpectralBlur: New #macOS Backdoor Threat from North Korean Hackers
โ ๐ฆ ๐ 3 Malicious #PyPI Packages Found Targeting #Linux with Crypto Miners
โ ๐ฆ ๐ New Bandook #RAT Variant Resurfaces, Targeting #Windows Machines
โ ๐ฆ ๐ UAC-0050 Group Using New #Phishing Tactics to Distribute Remcos RAT
โ ๐ฆ ๐บ๐ฆ CERT-UA Uncovers New #Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK
โ ๐ ๐ฆ Free Decryptor Released for #BlackBasta Ransomware
โ ๐ ๐จ #SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof #Emails
โ ๐ฉน #Ivanti warns critical EPM #bug lets hackers hijack enrolled devices
โ ๐ฉน Google Patches Six Vulnerabilities With First #Chrome Update of 2024
โ ๐ฉน ๐ก Millions still havenโt patched #Terrapin SSH protocol #vulnerability
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #50/2023 is out! It includes the following and much more:
โ ๐ ๐บ๐ธ U.S. nuclear research lab #databreach impacts 45,000 people
โ ๐ฉ๐ช #Toyota Germany Says Customer Data Stolen in #Ransomware Attack
โ ๐ ๐ง #Bitcoin ATM company Coin Cloud got hacked. Even its new owners donโt know how
โ ๐ ๐บ๐ธ Norton #Healthcare discloses data breach after May ransomware attack
โ ๐ท๐บ Russian SVR-Linked #APT29 Targets #JetBrains TeamCity Servers in Ongoing Attacks
โ ๐ฅ #LockBit ransomware now poaching #BlackCat, NoEscape affiliates
โ ๐ป๐ณ ๐ป #Microsoft seizes domains used to sell fraudulent #Outlook accounts
โ ๐ซ๐ท ๐ธ French police arrests Russian suspect linked to #Hive ransomware
โ ๐จ๐ณ Chinese APT Volt Typhoon Linked to Unkillable SOHO Router #Botnet
โ ๐บ๐ฆ ๐ท๐บ Ukrainian military says it hacked #Russia's federal tax agency
โ ๐จ๐ณ ๐ช Researchers Unmask Sandman APT's Hidden Link to China-Based #KEYPLUG Backdoor
โ ๐บ๐ฆ ๐ก #Ukraineโs largest mobile communications provider down after apparent #cyberattack
โ ๐ช๐ธ Kelvin Security hacking group leader arrested in #Spain
โ ๐ป ๐ฎ๐ปโโ๏ธ #ALPHV ransomware site outage rumored to be caused by law enforcement
โ ๐น ๐ต๐ปโโ๏ธ #UniFi devices broadcasted private video to other usersโ accounts
โ ๐ท๐บ ๐ช๐บ Russian Diplomat Expelled Amid EU Spy Purge Is Now An OSCE Election Observer In Serbia
โ ๐บ๐ธ Harry Coker confirmed to be the next National Cyber Director
โ ๐ช๐ธ ๐บ๐ธ Spain expels two US spies for infiltrating secret service
โ ๐ #MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure
โ ๐ฉน #ICS Patch Tuesday: Electromagnetic Fault Injection, Critical Redis Vulnerability
โ ๐ฆ ๐ต๐ธ New Pierogi++ #Malware by #Gaza Cyber Gang Targeting Palestinian Entities
โ ๐ฆ ๐ฎ๐ท Iranian State-Sponsored #OilRig Group Deploys 3 New Malware Downloaders
โ ๐ฆ ๐ฉ๐ช New MrAnon Stealer Malware Targeting German Users via Booking-Themed #Scam
โ ๐ช #Google's New Tracking Protection in Chrome Blocks Third-Party #Cookies
โ ๐ ๐จ๐ปโ๐ป #Zoom Unveils Open Source Vulnerability Impact Scoring System
โ ๐ฉน ๐งฑ #Sophos backports RCE fix after attacks on unsupported #firewalls
โ ๐ ๐งฑ Over 1,450 #pfSense servers exposed to RCE attacks via bug chain
โ ๐ฉน ๐ #Apple Ships iOS 17.2 With Urgent Security #Patches
โ ๐ Over 30% of #Log4J apps use a vulnerable version of the library
๐ This week's recommended reading is: "Black Hat Python, 2nd Edition: Python Programming for Hackers and Pentesters (2nd Edition)" by Justin Seitz and Tim Arnold
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #47/2023 is out! It includes the following and much more:
โ ๐ ๐ฌ๐ง University of Manchester #CISO Speaks Out on Summer Cyber-Attack
โ ๐ ๐บ๐ธ Hacktivists breach U.S. nuclear research lab, steal employee data
โ ๐ ๐ Sumo Logic Completes Investigation Into Recent Security #Breach
โ ๐ ๐บ๐ธ Auto parts giant AutoZone warns of #MOVEit data breach
โ ๐ ๐จ๐ฆ Canadian government discloses data breach after contractor hacks
โ ๐ฆ๐ซ New 'HrServ.dll' Web Shell Detected in #APT Attack Targeting Afghan Government
โ ๐ฌ๐ง ๐ฐ๐ท UK and South Korea: Hackers use zero-day in supply-chain attack
โ ๐ต๐ธ ๐ฎ๐ฑ #Hamas-Linked #Cyberattacks Using Rust-Powered SysJoker #Backdoor Against #Israel
โ ๐ท๐บ ๐ฑ โThey are tired of him, but they are afraidโ: what is known about the leader of the hacker group Killnet
โ ๐ฐ๐ต N. Korean Hackers Distribute Trojanized #CyberLink Software in Supply Chain Attack
โ โถ๏ธ ๐ Play #Ransomware Goes Commercial - Now Offered as a Service to Cybercriminals
โ ๐ฎ๐ณ Indian Hack-for-Hire Group Targeted U.S., #China, and More for Over 10 Years
โ ๐ท๐บ Russian hackers use #Ngrok feature and #WinRAR exploit to attack embassies
โ ๐บ๐ธ ๐ฉบ #CISA Releases Cybersecurity Guidance for #Healthcare, Public Health Organizations
โ ๐ฌ๐ง ๐๐ป Thanking the vulnerability research community with #NCSC Challenge Coins
โ ๐ง #Tor Network Removes Risky Relays Associated With #Cryptocurrency Scheme
โ ๐บ๐ฆ ๐๐ป #Ukraine fires top cybersecurity officials
โ ๐ฉน Johnson Controls Patches Critical #Vulnerability in Industrial Refrigeration Products
โ ๐ฆ ๐ฆ New WailingCrab #Malware Loader Spreading via Shipping-Themed Emails
โ ๐ฆ ๐จ New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
โ ๐ฆ ๐ NetSupport #RAT Infections on the Rise - Targeting Government and Business Sectors
โ ๐ซ Google #Chrome will limit ad blockers starting June 2024
โ ๐ โ๏ธ 3 Critical Vulnerabilities Expose #ownCloud Users to Data Breaches
โ ๐ โ๏ธ Researchers Discover Dangerous Exposure of Sensitive #Kubernetes Secrets
โ ๐ โ๐ป New Flaws in Fingerprint Sensors Let Attackers Bypass #Windows Hello Login
โ ๐ ๐ฉธ โ#CitrixBleedโ vulnerability targeted by nation-state and criminal hackers: CISA
โ ๐ก Researchers extract RSA keys from #SSH server signing errors
๐ This week's recommended reading is: "How I Rob Banks: And Other Such Places" by FC a.k.a. Freakyclown
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #46/2023 is out! It includes the following and much more:
โ ๐ ๐ฏ๐ต #Toyota confirms breach after Medusa #ransomware threatens to leak data
โ ๐บ๐ธ ๐ Ransomware gang files #SEC complaint over victimโs undisclosed #breach
โ ๐ ๐ชถ Attackers claim Plume Design, Inc data breach
โ ๐บ๐ธ ๐ฐ #ICBC paid ransom after hack that disrupted markets, #cybercriminals say
โ ๐ #Dragos Says No Evidence of Breach After Ransomware Gang Claims Hack via Third Party
โ ๐ โ๏ธ Hackers swipe Booking.com, damage from attack is global
โ ๐ท๐บ ๐บ๐ฆ Russian #CyberEspionage Group Deploys #LitterDrifter USB #Worm in Targeted Attacks
โ ๐ฎ๐ฑ ๐บ๐ธ Israeli Man Who Made $5M From Hacking Scheme Sentenced to Prison in US
โ ๐ซ๐ฎ โ๏ธ Alleged Extortioner of Psychotherapy Patients Faces Trial
โ ๐บ๐ธ ๐ธ #LockBit ransomware exploits #CitrixBleed in attacks, 10K servers exposed
โ ๐บ๐ธ โ๏ธ #IPStorm botnet with 23,000 proxies for malicious traffic dismantled
โ ๐ถ๐ป ๐งจ Teens with โdigital bazookasโ are winning the ransomware war, researcher laments
โ ๐ธ #Ethereum feature abused to steal $60 million from 99K victims
โ ๐ฉ๐ฐ ๐ท๐บ #Denmark Hit With Largest #Cyberattack on Record
โ ๐จ๐ณ ๐ฐ๐ญ Chinese Hackers Launch Covert #Espionage Attacks on 24 Cambodian Organizations
โ ๐ฒ๐พ Major Phishing-as-a-Service Syndicate '#BulletProofLink' Dismantled by Malaysian Authorities
โ ๐ช๐บ ๐ฅณ EU Parliament committee rejects mass scanning of private and encrypted communications
โ ๐ฉน #ICS Patch Tuesday: 90 Vulnerabilities Addressed by Siemens and Schneider Electric
โ ๐ฆ ๐ 27 Malicious #PyPI Packages with Thousands of Downloads Found Targeting IT Experts
๐ป๐ณ ๐ฎ๐ณ Vietnamese Hackers Using New #Delphi-Powered #Malware to Target Indian Marketers
โ ๐ #Google Adds #Passkey Support to New Titan Security Key
โ ๐ Zero-Day Flaw in #Zimbra Email Software Exploited by Four Hacker Groups
โ ๐ฉน #SAP Patches Critical Vulnerability in Business One Product
โ ๐ New #Reptar CPU flaw impacts Intel desktop and server systems
โ ๐ New #CacheWarp AMD #CPU attack lets hackers gain root in Linux VMs
๐ This week's recommended reading is: "Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World" by @marcusjcarey and Jennifer Jin
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #45/2023 is out! It includes the following and much more:
โ ๐ โ๏ธ #Boeing breach: LockBit leaks 50 GB of data
โ ๐จ๐ณ Worldโs largest commercial bank #ICBC confirms #ransomware attack
โ ๐ โ๏ธ Sumo Logic alerts customers about #securityincident; advises rotate Sumo Logic API access keys
โ ๐ ๐ฎ๐ช Electric Ireland admits data breach that could see customer financial data compromised
โ ๐ ๐จ๐ฆ #TransForm says ransomware data breach affects 267,000 patients
โ ๐ ๐ธ๐ฌ #Singapore Marina Bay Sands reward members data breached, over 650k people exposed
โ ๐ฎ๐ฑ ๐ต๐ธ ๐ฎ๐ท Cyber ops linked to #Israel-#Hamas conflict largely improvised, researchers say
โ ๐งจ ๐ค #OpenAI confirms #DDoS attacks behind ongoing #ChatGPT outages
โ ๐๏ธ ๐ธ Fake Ledger Live app in #Microsoft Store steals $768,000 in #crypto
โ ๐ ๐ฐ โLooney Tunablesโ #Glibc Vulnerability Exploited in #Cloud Attacks
โ ๐บ๐ธ ๐ท๐บ US Sanctions Russian National for Helping Ransomware Groups Launder Money
โ ๐ฎ๐ท ๐ฎ๐ฑ Iranian Hackers Launch Destructive Cyber Attacks on Israeli #Tech and #Education Sectors
โ ๐ซ๐ท ๐ฌ๐ง #France, #UK Seek Greater Regulation of Commercial #Spyware
โ ๐ช๐บ ๐ค #Europe is trading security for digital #sovereignty
โ ๐ท๐บ ๐บ๐ฆ Russian Hackers Used #OT Attack to Disrupt Power in #Ukraine Amid Mass Missile Strikes
โ ๐ฆ ๐ช Highly invasive #backdoor snuck into #opensource packages targets developers
โ ๐ฆ ๐ฐ๐ต N. Korea's #BlueNoroff Blamed for Hacking #macOS Machines with ObjCShellz #Malware
โ ๐ซฃ #Signal tests usernames that keep your phone number private
โ ๐ Microsoft Authenticator now blocks suspicious #MFA alerts by default
โ โ๏ธ ๐ฐ Researchers Uncover Undetectable #CryptoMining Technique on #Azure Automation
โ ๐ฅ ๐ฐ Data Brokers Expose Sensitive US Military Member Info to Foreign Threat Actors: Study
โ ๐ฉน Microsoft Says Exchange โZero Daysโ Disclosed by #ZDI Already Patched or Not Urgent
โ ๐ Veeam warns of critical bugs in #Veeam ONE monitoring platform
๐ This week's recommended reading is: "How the F*ck Did This Happen?: A guide for executives who need to understand Cyber Security in plain, actionable language" by Dr Darryl Carlton
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐ If you're (still) looking for ideas for the holidays season, and the recipient of your lovely attention is into #infosec and #cybersecurity, here's the compiled list of #books that I've recommended YTD in my weekly #InfosecMASHUP newsletter ๐
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #44/2023 is out! It includes the following and much more:
โ ๐ #Okta hit by another #breach, this one stealing employee data from 3rd-party vendor
โ ๐ ๐ธ #LastPass breach linked to theft of $4.4 million in crypto
โ ๐ฎ๐ณ #India's Biggest Data Leak So Far? Covid-19 Test Info of 81.5Cr Citizens With ICMR Up for Sale
โ ๐ โ๏ธ #Lockbit ransomware group claims to have hacked #Boeing
โ ๐ณ๐ฑ โ๏ธ Dutch hacker jailed for extortion, selling stolen data on RaidForums
โ ๐ท๐บ ๐บ๐ธ Russian Reshipping Service โSWAT USA Dropโ Exposed
โ ๐ฎ๐ท ๐ฆ Iranian Cyber Spies Use โ#LionTailโ Malware in Latest Attacks
โ ๐ Security researchers observed โdeliberateโ takedown of notorious #Mozi#botnet
โ ๐ฎ๐ณ ๐ฑ Apple warns Indian opposition leaders of state-sponsored #iPhone attacks
โ ๐ Four dozen countries declare they wonโt pay #ransomware ransoms
โ ๐ท๐บ How #Kopeechka, an Automated Social Media Accounts Creation Service, Can Facilitate #Cybercrime
โ ๐ช๐บ EU digital ID reforms should be โactively resistedโ, say experts
โ ๐ท๐บ ๐บ๐ฆ #FSB arrests Russian hackers working for Ukrainian cyber forces
โ ๐บ๐ธ FTC orders non-bank financial firms to report breaches in 30 days
โ ๐จ๐ฆ ๐ฑ #Canada Bans #WeChat and #Kaspersky Apps On Government Devices
โ ๐บ๐ธ #SEC Charges #SolarWinds and Its #CISO With Fraud and Cybersecurity Failures
โ ๐บ๐ธ ๐ค #Biden Wants to Move Fast on AI Safeguards and Will Sign an Executive Order to Address His Concerns
โ ๐ฆ ๐ฑ #Avast confirms it tagged Google app as #malware on Android phones
โ ๐ฆ ๐ฐ๐ต North Korean Hackers Targeting Crypto Experts with #KANDYKORN#macOS Malware
โ ๐ฅ ๐ธ EleKtra-Leak #Cryptojacking Attacks Exploit #AWS IAM Credentials Exposed on #GitHub
โ ๐ฆ ๐ Trojanized #PyCharm Software Version Delivered via #Google Search Ads
โ โ ๐ค #GooglePlay adds security audit badges for Android #VPN apps
โ ๐ Microsoft pledges to bolster security as part of โSecure Futureโ initiative
โ ๐ FIRST Releases #CVSS 4.0 Vuln Scoring Standard
โ ๐ #MITRE Releases ATT&CK v14 With Improvements to Detections, ICS, Mobile
โ โ๏ธ ๐ฆ #Samsung Galaxy gets new Auto Blocker anti-malware feature
โ ๐ ๐ #Apple Improves #iMessage Security With Contact Key Verification
โ ๐ Researchers Find 34 #Windows Drivers Vulnerable to Full Device Takeover
โ ๐ ๐ชถ 3,000 #Apache#ActiveMQ servers vulnerable to RCE attacks exposed online
โ ๐ฃ๏ธ #Atlassian CISO Urges Quick Action to Protect #Confluence Instances From Critical #Vulnerability
โ ๐ ๐ฉธ โThis vulnerability is now under mass exploitation.โ #CitrixBleed bug bites hard
โ ๐ ๐ฐ HackerOne paid ethical hackers over $300 million in #bugbounties
๐ This week's recommended reading is: "Permanent Record" by Edward Snowden
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #43/2023 is out! It includes the following and much more:
โ ๐บ๐ธ ๐ฐ Hackers that breached Las Vegas casinos rely on violent threats, research shows
โ ๐ ๐บ๐ธ University of Michigan employee, student data stolen in #cyberattack
โ ๐ #1Password discloses security incident linked to #Okta breach
โ ๐บ๐ธ Cyber attacks hit NY state #casino operation, two Hudson Valley hospitals
โ ๐บ๐ธ ๐ณ๏ธ D.C. Board of Elections: Hackers may have breached entire voter roll
โ ๐ ๐ฎ๐ช Thousands of drivers have sensitive data exposed to hackers in major IT #breach
โ ๐ท๐บ ๐จ Pro-Russia hackers target inboxes with #0day in webmail app used by millions
โ ๐ซ๐ท ๐ท๐บ #France says Russian state hackers breached numerous critical networks
โ ๐ณ๐ฌ Nigerian Police dismantle #cybercrime recruitment, mentoring hub
โ ๐ต๐ธ ๐ธ #Palestine#crypto donation scams emerge amid Israel-Hamas war
โ ๐ช๐ธ ๐ฎ๐ปโโ๏ธ #Spain arrests 34 #cybercriminals who stole data of 4 million people
โ ๐จ๐ฆ ๐จ๐ณ #Canada: Lawmakers Targeted by China-Linked โ#Spamouflageโ Disinformation
โ ๐บ๐ธ ๐ท๐บ Ex-NSA Employee Pleads Guilty to Leaking Classified Data to #Russia
โ ๐ฆ ๐ฐ๐ต N. Korean #Lazarus Group Targets Software Vendor Using Known Flaws
โ ๐ฆ ๐ฎ๐ท Iranian Group #Tortoiseshell Launches New Wave of IMAPLoader #Malware Attacks
โ ๐ฆ ๐ชฐ #StripedFly malware framework infects 1 million #Windows, #Linux hosts
โ ๐ฆ ๐ฑ #iOS Zero-Day Attacks: Experts Uncover Deeper Insights into Operation Triangulation
โ ๐ ๐ฑ #Samsung Galaxy S23 hacked two more times at #Pwn2Own Toronto
โ ๐ Critical #OAuth Flaws Uncovered in #Grammarly, #Vidio, and #Bukalapak Platforms
โ ๐ ๐ฉบ Critical Flaw in NextGen's Mirth Connect Could Expose #Healthcare Data
โ ๐ #F5 Warns of Critical Remote Code Execution Vulnerability in BIG-IP
โ ๐ ๐ Hackers can force iOS and #macOS browsers to divulge #passwords and much more
โ ๐ฉน #Citrix warns admins to patch #NetScaler CVE-2023-4966 bug immediately
โ ๐ โ๐ป #Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops
โ ๐ Critical RCE flaws found in #SolarWinds access audit solution
๐ This week's recommended reading is: "Click Here to Kill Everybody: Security and Survival in a Hyper-connected World" by Bruce Schneier
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #42/2023 is out! It includes the following and much more:
โ ๐ ๐ Tracking Unauthorized Access to #Okta's Support System
โ ๐ ๐ฏ๐ต #Casio discloses #databreach impacting customers in 149 countries
โ ๐ ๐งฌ Hacker leaks millions more #23andMe user records on #cybercrime forum
โ ๐ ๐จ๐ณ D-Link confirms data breach after employee #phishing attack
โ ๐ ๐ฐ #Equifax Fined $13.5 Million Over 2017 Data Breach
โ ๐บ๐ฆ ๐งน Ukrainian activists hack Trigona #ransomware gang, wipe servers
โ ๐บ๐ธ ๐ฐ๐ต FBI: Thousands of Remote IT Workers Sent Wages to #NorthKorea to Help Fund Weapons Program
โ ๐ฎ๐ณ โ๏ธ #India targets #Microsoft, #Amazon tech support #scammers in nationwide crackdown
โ ๐ต๐ธ ๐ฎ๐ท #Hamas-linked app offers window into cyber infrastructure, possible links to Iran
โ ๐ฎ๐ปโโ๏ธ ๐ฅท๐ป Police seize #RagnarLocker leak site
โ ๐ฐ๐ต North Korean Hackers Exploiting Recent #TeamCity Vulnerability
โ ๐จ๐ณ ๐ท๐บ #China replaces #Russia as top #cyberthreat
โ ๐บ๐ฆ ๐ก CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks
โ ๐ซ๐ท ๐ช๐ธ #France frees the two biggest Spanish hackers
โ ๐บ๐ธ โ๏ธ Ex-Navy IT head gets 5 years for selling peopleโs data on #darkweb
โ ๐จ๐ญ ๐ณ๏ธ #Switzerlandโs e-voting system has predictable implementation blunder
โ ๐ ๐ญ Critical Vulnerabilities Expose โโ#Weintek HMIs to Attacks
โ ๐ ๐ญ #Milesight Industrial Router #Vulnerability Possibly Exploited in Attacks
โ ๐ฆ ๐ป๐ณ Fake #Corsair job offers on #LinkedIn push #DarkGate malware
โ ๐ฆ Google-hosted #malvertising leads to fake #Keepass site that looks genuine
โ ๐ฆ ๐ฌ #Discord still a hotbed of #malware activity โ Now APTs join the fun
โ ๐ฆ ๐ต๐ปโโ๏ธ SpyNote: Beware of This Android #Trojan that Records Audio and Phone Calls
โ ๐๏ธ ๐ฆ #Android will now scan sideloaded apps for malware at install time
โ ๐ฌ ๐ #WhatsApp#passkeys on the way, but as usual, for Android first
โ ๐ท๐บ ๐๏ธ Pro-Russian Hackers Exploiting Recent #WinRAR Vulnerability in New Campaign
โ ๐๏ธ โ Signal Pours Cold Water on Zero-Day Exploit Rumors
โ ๐ ๐ฅ #Cisco warns of new #IOS XE #zeroday actively exploited in attacks
๐ This week's recommended reading is: "RTFM: Red Team Field Manual v2" by Ben Clark and Nicholas Downer
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #39/2023 is out! It includes the following and much more:
โ ๐ #GitHub repos bombarded by info-stealing commits masked as #Dependabot
โ ๐ฏ๐ต ๐ธ #Sony Investigating After Hackers Offer to Sell Stolen Data
โ ๐ #BORN Ontario child registry #databreach affects 3.4 million people
โ ๐ญ๐ฐ ๐ Personal data of 25,000 Hongkongers at risk after #cyberattack against consumer watchdog, up from earlier estimate of 8,000
โ ๐บ๐ธ ๐ National Student Clearinghouse data breach impacts 890 #schools
โ ๐จ๐ฆ โ๏ธ #AirCanada discloses data breach of employee and 'certain records'
โ ๐ฐ๐ต ๐ช๐ธ North Korean hackers posed as #Meta recruiter on #LinkedIn
โ ๐ฅ ShadowSyndicate: A New #Cybercrime Group Linked to 7 #Ransomware Families
โ ๐ท๐บ โ๏ธ Russian flight booking system suffers โmassiveโ cyberattack
โ ๐จ๐ณ ๐บ๐ธ Chinese hackers stole emails from US State Dept in #Microsoft breach, Senate staffer says
โ ๐จ๐ณ Chinese Hackers TAG-74 Targets South Korean Organizations in a Multi-Year Campaign
โ ๐บ๐ฆ ๐ Ukrainian Military Targeted in Phishing Campaign Leveraging #Drone Manuals
โ ๐ฅท๐ป ๐ฐ Hackers steal $200M from #crypto company #Mixin
โ ๐ณ๐ฌ โ๏ธ Nigerian man pleads guilty to attempted $6 million BEC email heist
โ ๐บ๐ธ โ๏ธ ShinyHunters member pleads guilty to $6 million in data theft damages
โ ๐จ๐ณ #China-Linked Budworm Targeting Middle Eastern #Telco and Asian Government Agencies
โ ๐จ๐ณ ๐ช Backdoored firmware lets China state hackers control #routers with โmagic packetsโ
โ ๐บ๐ธ ๐ฎ๐ปโโ๏ธSecurity researcher warns of chilling effect after feds search phone at #airport
โ ๐ฆ โ๏ธFBI Warns Organizations of Dual Ransomware, Wiper Attacks
โ ๐ค ๐ฆ #Bing Chat responses infiltrated by ads pushing #malware
โ ๐ฅ ๐ฃ Red Cross-Themed #Phishing Attacks Distributing DangerAds and AtlasAgent Backdoors
โ ๐ฅท๐ป ๐ #SSH keys stolen by stream of malicious #PyPI and #npm packages
โ ๐ฆ ๐ New Variant of #Banking#Trojan BBTok Targets Over 40 Latin American Banks
โ ๐ฆ ๐ช #Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics
โ ๐ #Sysdig Launches Realtime Attack Graph for Cloud Environments
โ ๐ ๐จ Critical vulnerabilities in #Exim threaten over 250k #email servers worldwide
โ ๐ Progress warns of maximum severity WS_FTP Server vulnerability
โ ๐ฉน ๐ฅ #Google fixes fifth actively exploited Chrome zero-day of 2023
โ ๐ฉน ๐ #macOS 14 #Sonoma Patches 60 #Vulnerabilities
โ ๐ฉน ๐ฆ #Firefox 118 Patches High-Severity Vulnerabilities
โ ๐คซ โ Google quietly corrects previously submitted disclosure for critical #webp 0-day
โ ๐ ๐ช๐ฌ 0-days exploited by commercial surveillance vendor in #Egypt
๐ This week's recommended reading is: "Philosophy of Cybersecurity" by @LukaszOlejnik and Artur Kurasinski
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #38/2023 is out! It includes the following and much more:
โ ๐ โ TransUnion Denies #Breach After Hacker Publishes Allegedly Stolen Data
โ ๐ โ๏ธ Hackers breached International Criminal Courtโs systems last week
โ ๐ ๐ค #Microsoft#AI researchers accidentally exposed terabytes of internal sensitive data
โ ๐ฆ ๐ธ #BlackCat#ransomware hits #Azure Storage with #Sphynx encryptor
โ ๐ฎ๐ท ๐ฎ๐ฑ Iranian Nation-State Actor OilRig Targets Israeli Organizations
โ ๐ฎ๐ณ #India's biggest tech centers named as #cybercrime hotspots
โ ๐ซ๐ฎ ๐ Finnish Authorities Dismantle Notorious #PIILOPUOTI Dark Web Drug Marketplace
โ ๐จ๐ฆ ๐ท๐บ Canadian Government Targeted With #DDoS Attacks by Pro-#Russia Group
โ ๐จ๐ณ ๐บ๐ธ #China Accuses U.S. of Decade-Long #Cyberespionage Campaign Against #Huawei Servers
โ ๐บ๐ธ ๐จ๐ณ China's Malicious Cyber Activity Informing War Preparations, #Pentagon Says
โ ๐จ๐ณ ๐ฆ New #SprySOCKS Linux #malware used in cyber espionage attacks
โ ๐ฌ๐ง ๐ UK Minister Warns #Meta Over End-to-End Encryption
โ ๐บ๐ธ ๐ท๐บ One of the #FBIโs most wanted hackers is trolling the U.S. government
โ ๐ฆ ๐ฅธ Fake #WinRAR proof-of-concept exploit drops #VenomRAT malware
โ ๐ฆ ๐ #P2PInfect botnet activity surges 600x with stealthier malware variants
โ ๐ฆ ๐ก Hackers backdoor #telecom providers with new HTTPSnoop malware
โ ๐ฆ ๐ #Bumblebee malware returns in new attacks abusing #WebDAV folders
โ ๐ #GitHub launches #passkey support into general availability
โ โ๏ธ ๐ง Free Download Manager releases script to check for #Linux malware
โ ๐ฌ ๐ #Signal adds quantum-resistant encryption to its #E2EE messaging protocol
โ ๐ ๐ #iOS 17 includes these new security and #privacy features
โ ๐ฉน High-Severity Flaws Uncovered in #Atlassian Products and ISC BIND Server
โ ๐ฉน ๐ก Incomplete disclosures by #Apple and #Google create โhuge blindspotโ for 0-day hunters
โ ๐ ๐ฉน Apple emergency updates fix 3 new zero-days exploited in attacks
โ ๐ฉน #TrendMicro fixes #endpoint protection zero-day used in attacks
โ ๐ฉน #Fortinet Patches High-Severity #Vulnerabilities in FortiOS, FortiProxy, FortiWeb Products
โ ๐ Nearly 12,000 #Juniper#Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability
๐ This week's recommended reading is: "Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It" by Marc Goodman
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #37/2023 is out! It includes the following and much more:
โ โ๏ธ ๐ How #Google Authenticator made one companyโs network #breach much, much worse
โ ๐ฌ๐ง ๐ 30k primary pupilsโ data may be at risk after #Capita cyber attack
โ ๐ฌ๐ง ๐ #Manchester Police officers' data exposed in #ransomware attack
โ ๐บ๐ธ ๐ฐ #Caesars Entertainment says customer data stolen in #cyberattack
โ ๐บ๐ธ ๐ฐ #MGM Resorts shuts down IT systems after cyberattack
โ ๐ #Rollbar discloses data breach after hackers stole access tokens
โ ๐ซ๐ท ๐ #Airbus Launches Investigation After Hacker Leaks Data
โ ๐ฎ๐ท Microsoft: Iranian espionage campaign targeted satellite and defense sectors
โ ๐ธ Hackers steal $53 million worth of #cryptocurrency from #CoinEx
โ ๐งจ After #Microsoft and X, Hackers Launch DDoS Attack on #Telegram
โ ๐บ๐ธ โ #California passes first-in-the-nation data broker deletion tool
โ ๐จ๐ด ๐ธ Several Colombian #government ministries hampered by ransomware attack
โ ๐ฎ๐ช ๐ฐ #TikTok slapped with $368 million fine over child privacy violations
โ ๐ฑ ๐ก #Apple and Google Are Introducing New Ways to Defeat Cell Site Simulators, But Is it Enough?
โ ๐บ๐ธ ๐ Washington summit grapples with securing #opensource software
โ ๐ท๐บ ๐ Hacking #Meduza: Pegasus #spyware used to target #Putinโs critic
โ โ๏ธ ๐ป The International Criminal Court will now prosecute #cyberwar crimes
โ ๐ต๐ฑ ๐ Polish Senate says use of government spyware is illegal in the country
โ ๐ฆ #Rust-Written 3AM Ransomware: A Sneak Peek into a New #Malware Family
โ ๐บ๐ธ ๐ฅธ US Agencies Publish Cybersecurity Report on #Deepfake Threats
โ ๐ง ๐ฆ Password-stealing Linux malware served for 3 years and no one noticed
โ ๐ ๐ฆ #MetaStealer Malware Targets Apple #macOS in Recent Attacks
โ ๐ฎ๐ท ๐ฆ Iranian hackers #backdoor 34 orgs with new Sponsor malware
โ ๐ฉน โ๏ธ Researchers Detail 8 Vulnerabilities in #Azure HDInsight Analytics Service
โ ๐ ๐ Mullvad #VPN Warns of Critical Firewall Flaw in Apple's MacOS #Sonoma
โ โ๏ธ ๐ New #Kubernetes#Vulnerabilities Enable Remote Attacks on Windows Endpoints
โ ๐บ๐ธ ๐ฆ CISA offers free security scans for public water utilities
โ ๐ฉน #Mozilla Rushes to Patch WebP Critical Zero-Day Exploit in Firefox and Thunderbird
โ ๐ฉน Google Patches #Chrome Zero-Day Reported by Apple, Spyware Hunters
โ ๐ฉน Microsoft September 2023 Patch Tuesday fixes 2 zero-days, 59 flaws
๐ This week's recommended reading is: "Extreme Privacy: What It Takes to Disappear" by Michael Bazzell
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #36/2023 is out! It includes the following and much more:
โ ๐บ๐ธ โ๏ธ #Microsoft finally explains cause of #Azure breach: An engineerโs account was hacked
โ ๐ซ ๐ See Tickets says #hackers accessed customersโ payment data โ again
โ ๐ณ๐ฑ ๐ Chipmaker NXP Semiconductors confirms #databreach involving customersโ information
โ ๐ฌ๐ง ๐ #UK election body failed cybersecurity test before hack
โ ๐ฎ ๐ #Freecycle confirms massive data breach impacting 7 million users
โ ๐ฆ๐บ ๐ University of #Sydney data breach impacts recent applicants
โ ๐ท๐บ ๐บ๐ธ Wealthy Russian With #Kremlin Ties Gets 9 Years in #Prison for Hacking and Insider Trading Scheme
โ ๐บ๐ธ โ๏ธ US Aeronautical Organization Hacked via #Zoho, #Fortinet Vulnerabilities
โ ๐ฎ๐ท ๐ฃ Alert: #Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant
โ ๐บ๐ฆ ๐ท๐บ #Ukraine's CERT Thwarts #APT28's Cyberattack on Critical Energy #Infrastructure
โ ๐ฐ ๐ธ #Crypto#casino Stake.com loses $41 million to hot wallet hackers
โ ๐บ๐ธ ๐ฌ๐ง US, UK take action against members of the Russian-linked #Trickbot hacker syndicate
โ ๐ ๐ 25 Major Car Brands Get Failing Marks From Mozilla for Security and Privacy
โ ๐ฌ๐ง ๐ UK lawmakers back down on encryption-busting โspy clauseโ
โ ๐ Hundreds of thousands trafficked to work as online scammers in SE #Asia, says UN report
โ ๐บ๐ธ โ๐ป #CISA Hires @dotmudge to Work on Security-by-Design Principles
โ ๐ฌ๐ง ๐ Children's snack recalled after its website caught serving porn
โ ๐ธ๐ช ๐ฐ Insurer fined $3M for exposing data of 650k clients for two years
โ ๐ท๐บ Elon Musk's erosion of safety standards at X is helping #Putin spread Russian propaganda, study finds
โ ๐ฐ๐ต North Korea-backed hackers target security researchers with 0-day
โ ๐ฃ Researchers identify high-grade phishing kits attacking nearly 60,000 #Microsoft365 accounts
โ ๐ฎ๐ณ ๐ค #India warns of #malware attacks targeting its #Android users
โ ๐จ๐ณ ๐ฌ Chinese-Speaking Cybercriminals Launch Large-Scale #iMessage Smishing Campaign in U.S.
โ ๐ธ ๐ Fake #YouPorn extortion #scam threatens to leak your sex tape
โ ๐ค #Okta Warns of Social Engineering Attacks Targeting Super Administrator Privileges
โ ๐ฃ ๐ก๏ธ #Google is enabling #Chrome real-time phishing protection for everyone
โ ๐ฑ๐งจ Hacking device #FlipperZero can spam nearby #iPhones with #Bluetooth pop-ups
โ ๐ฉน ๐ #Apple patches โclicklessโ 0-day image processing #vulnerability in #iOS, #macOS
โ ๐ฉน ๐ #AtlasVPN to Patch IP Leak Vulnerability After Public Disclosure
๐ This week's recommended reading is: "Blue Team Handbook: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter" by Don Murdoch GSE, MSISE, MBA
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ