๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #35/2023 is out! It includes the following and much more:
โ ๐ ๐๐ปโโ๏ธGolf gear giant #Callaway data breach exposes info of 1.1 million
โ ๐๐ Forever 21 data breach affects half a million people
โ ๐ ๐คฆ๐ปโโ๏ธ #LogicMonitor customers hit by hackers, because of default passwords
โ ๐บ๐ธ โ๏ธ Lawsuit Accuses University of Minnesota of Not Doing Enough to Prevent #DataBreach
โ ๐ฌ ๐ #Paramount discloses data breach following security incident
โ ๐ฅ ๐ #Healthcare Organizations Hit by Cyberattacks Last Year Reported Big Impact, Costs
โ ๐บ๐ธ ๐ #Microsoft joins a growing chorus of organizations criticizing a #UN cybercrime treaty
โ ๐บ๐ธ ๐ฆ U.S. Hacks #QakBot, Quietly Removes Botnet Infections
โ ๐ท๐บ ๐บ๐ฆ #Russia targets #Ukraine with new Android #backdoor, intel agencies say
โ ๐ท๐บ ๐ต๐ปโโ๏ธ Unmasking #Trickbot, One of the Worldโs Top Cybercrime Gangs
โ ๐จ๐ณ ๐ โEarth Estriesโ #Cyberespionage Group Targets Government, Tech Sectors
โ ๐จ๐ณ Chinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and Telecom
โ ๐ธ ๐ช๐บ Pay our ransom instead of a #GDPR fine, #cybercrime gang tells its targets
โ ๐บ๐ธ ๐จ๐ณ #Meta: Pro-Chinese influence operation was the largest in history
โ ๐ช๐ธ ๐ธ Spain warns of #LockBit Locker ransomware phishing attacks
โ ๐ต๐ฑ ๐ Two Men Arrested Following #Poland Railway Hacking
โ ๐ฐ๐ต ๐ #Lazarus hackers deploy fake #VMware PyPI packages in #VMConnect attacks
โ ๐ธ #Classiscam fraud-as-a-service expands, now targets banks and 251 brands
โ ๐ฌ ๐ Trojanized #Signal and #Telegram apps on Google Play delivered spyware
โ ๐ฆ ๐ MalDoc in PDFs: Hiding malicious Word docs in PDF files
โ ๐ง๐ท ๐ A Brazilian phone #spyware was hacked and victimsโ devices โdeletedโ from server
โ ๐จ๐ปโ๐ป ๐ #GitHub Enterprise Server Gets New Security Capabilities
โ ๐ ๐ฐ Over $1 Million Offered at New #Pwn2Own#Automotive Hacking Contest
โ ๐ฉน #Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence
โ โ๏ธ ๐ Recent #Juniper Flaws Chained in Attacks Following #PoC Exploit Publication
๐ This week's recommended reading is: "Spam Nation: The Inside Story of Organized Cybercrimeโfrom Global Epidemic to Your Front Door" by @briankrebs
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #33/2023 is out! It includes the following and much more:
โ ๐ฌ๐ง ๐ฎ๐ปโโ๏ธ #Norfolk and #Suffolk police: Victims and witnesses hit by #databreach
โ ๐ฌ ๐ #Discord.io confirms breach after hacker steals data of 760K users
โ ๐บ๐ธ ๐ฅ #Health plan provider PH TECH joins MOVEit victim list, 1.7 million exposed
โ ๐ ๐ฎ๐ปโโ๏ธ #Interpol arrests 14 suspected cybercriminals for stealing $40 million
โ ๐ฎ๐ท #Iran and the Rise of Cyber-Enabled Influence Operations
โ ๐ฃ ๐จ Major U.S. energy org targeted in QR code #phishing attack
โ ๐ฆ ๐ธ Jon DiMaggioโs demystifying #LockBitโs Secrets in his latest Ransomware Diaries Vol. 3
โ ๐ ๐ Approximately 2000 #Citrix NetScalers backdoored in mass-exploitation campaign
โ ๐ฎ๐ท Charming Kitten Targets Iranian Dissidents with Advanced Cyber Attacks
โ ๐บ๐ธ ๐ธ #FBI warns of increasing #cryptocurrency recovery scams
โ ๐ต๐ฑ ๐ฎ๐ปโโ๏ธ #LOLEKHosted admin arrested for aiding Netwalker ransomware gang
โ ๐ท๐บ ๐จ๐ปโโ๏ธ #Russia slaps #Reddit, #Wikipedia with fines
โ ๐จ๐ณ โก๏ธ #Tesla reassures Chinese users on #datasecurity amid spying concerns
โ ๐ฎ๐ฑ ๐บ๐ธ #Israel, US to Invest $4 Million in Critical Infrastructure Security Projects
โ ๐ธ ๐โโฌ New #BlackCat Ransomware Variant Adopts Advanced Impacket and RemCom Tools
โ ๐ฆ ๐ฆ Raccoon Stealer #malware returns with new stealthier version
โ ๐ธ ๐ง Monti #Ransomware Returns with New #Linux Variant and Enhanced Evasion Tactics
โ ๐ดโโ ๏ธ ๐ป Over 120,000 Computers Compromised by Info Stealers Linked to Users of #Cybercrime Forums
โ ๐ค ๐ช๏ธ Google Brings AI Magic to Fuzz Testing With Eye-Opening Results
โ ๐ #Google Introduces First #Quantum Resilient #FIDO2 Security Key Implementation
โ ๐ฎ ๐ Cult of the Dead Cow releases #Veilid: A secure open-source Peer-to-Peer network for apps that flips off the surveillance economy
โ ๐ฑ Threat actors use beta apps to bypass mobile app store security
โ ๐ฐ๏ธ โ ๏ธ How a hacking crew overtook a #satellite from inside a Las Vegas convention center and won $50,000
โ ๐ ๐ How to hack #casino card-shuffling machines
โ ๐ซ๐ท ๐ง Iagona ScrutisWeb Vulnerabilities Could Expose #ATM's to Remote Hacking
๐ This week's recommended reading is: "The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage" by Clifford Paul "Cliff" Stoll
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #44/2023 is out! It includes the following and much more:
โ ๐ #Okta hit by another #breach, this one stealing employee data from 3rd-party vendor
โ ๐ ๐ธ #LastPass breach linked to theft of $4.4 million in crypto
โ ๐ฎ๐ณ #India's Biggest Data Leak So Far? Covid-19 Test Info of 81.5Cr Citizens With ICMR Up for Sale
โ ๐ โ๏ธ #Lockbit ransomware group claims to have hacked #Boeing
โ ๐ณ๐ฑ โ๏ธ Dutch hacker jailed for extortion, selling stolen data on RaidForums
โ ๐ท๐บ ๐บ๐ธ Russian Reshipping Service โSWAT USA Dropโ Exposed
โ ๐ฎ๐ท ๐ฆ Iranian Cyber Spies Use โ#LionTailโ Malware in Latest Attacks
โ ๐ Security researchers observed โdeliberateโ takedown of notorious #Mozi#botnet
โ ๐ฎ๐ณ ๐ฑ Apple warns Indian opposition leaders of state-sponsored #iPhone attacks
โ ๐ Four dozen countries declare they wonโt pay #ransomware ransoms
โ ๐ท๐บ How #Kopeechka, an Automated Social Media Accounts Creation Service, Can Facilitate #Cybercrime
โ ๐ช๐บ EU digital ID reforms should be โactively resistedโ, say experts
โ ๐ท๐บ ๐บ๐ฆ #FSB arrests Russian hackers working for Ukrainian cyber forces
โ ๐บ๐ธ FTC orders non-bank financial firms to report breaches in 30 days
โ ๐จ๐ฆ ๐ฑ #Canada Bans #WeChat and #Kaspersky Apps On Government Devices
โ ๐บ๐ธ #SEC Charges #SolarWinds and Its #CISO With Fraud and Cybersecurity Failures
โ ๐บ๐ธ ๐ค #Biden Wants to Move Fast on AI Safeguards and Will Sign an Executive Order to Address His Concerns
โ ๐ฆ ๐ฑ #Avast confirms it tagged Google app as #malware on Android phones
โ ๐ฆ ๐ฐ๐ต North Korean Hackers Targeting Crypto Experts with #KANDYKORN#macOS Malware
โ ๐ฅ ๐ธ EleKtra-Leak #Cryptojacking Attacks Exploit #AWS IAM Credentials Exposed on #GitHub
โ ๐ฆ ๐ Trojanized #PyCharm Software Version Delivered via #Google Search Ads
โ โ ๐ค #GooglePlay adds security audit badges for Android #VPN apps
โ ๐ Microsoft pledges to bolster security as part of โSecure Futureโ initiative
โ ๐ FIRST Releases #CVSS 4.0 Vuln Scoring Standard
โ ๐ #MITRE Releases ATT&CK v14 With Improvements to Detections, ICS, Mobile
โ โ๏ธ ๐ฆ #Samsung Galaxy gets new Auto Blocker anti-malware feature
โ ๐ ๐ #Apple Improves #iMessage Security With Contact Key Verification
โ ๐ Researchers Find 34 #Windows Drivers Vulnerable to Full Device Takeover
โ ๐ ๐ชถ 3,000 #Apache#ActiveMQ servers vulnerable to RCE attacks exposed online
โ ๐ฃ๏ธ #Atlassian CISO Urges Quick Action to Protect #Confluence Instances From Critical #Vulnerability
โ ๐ ๐ฉธ โThis vulnerability is now under mass exploitation.โ #CitrixBleed bug bites hard
โ ๐ ๐ฐ HackerOne paid ethical hackers over $300 million in #bugbounties
๐ This week's recommended reading is: "Permanent Record" by Edward Snowden
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #01/2024 is out! It includes the following and much more:
โ ๐บ๐ธ ๐ผ๏ธ MAJOR US #MUSEUMS SUFFER #CYBERATTACK FALLOUT
โ ๐ช๐ธ ๐ก A โridiculously weakโ password causes disaster for #Spainโs No. 2 mobile carrier
โ ๐ ๐งฌ #23andMe tells victims itโs their fault that their data was breached
โ ๐ ๐ธ #OrbitChain loses $86 million in the last #fintech hack of 2023
โ ๐ ๐ ฟ๏ธ Europeโs Largest Parking App Provider Informs Customers of Data Breach
โ ๐ธ ๐ #Crypto wallet founder loses $125,000 to fake airdrop website
โ ๐บ๐ธ โ๏ธ US Says 19 People Charged Following 2019 Takedown of #xDedic Cybercrime Marketplace
โ ๐ต๐ธ ๐ฎ๐ฑ Palestinian Hackers Hit 100 Israeli Organizations in Destructive Attacks
โ ๐ โ Hacked #Mandiant X Account Abused for #Cryptocurrency Theft
โ ๐ณ๐ฌ ๐บ๐ธ โ๏ธ Nigerian hacker arrested for stealing $7.5M from charities
โ ๐ฆ๐ฑ ๐ก Albanian Parliament and One Albania Telecom Hit by Cyber Attacks
โ ๐บ๐ธ The FBI is adding more cyber-focused agents to U.S. embassies
โ ๐บ๐ธ โ๏ธ Former #BreachForums admin to be jailed until Jan. 19 sentencing
โ ๐บ๐ธ ๐ฐ DOJ Slams #XCast with $10 Million Fine Over Massive Illegal Robocall Operation
โ ๐ท ๐ฅธ #Google Contractor Pays Parents $50 to Scan Their Childrens' Faces
โ ๐ฐ ๐ฅธ Google Settles $5 Billion #Privacy Lawsuit Over Tracking Users in 'Incognito Mode'
โ ๐จ๐ณ ๐ณ๏ธ #Taiwan to reveal Chinese election interference after Saturdayโs vote
โ ๐ฆ ๐ฐ #Merck Settles #NotPetya Insurance Claim, Leaving #Cyberwar Definition Unresolved
โ ๐ฆ ๐ฐ๐ต SpectralBlur: New #macOS Backdoor Threat from North Korean Hackers
โ ๐ฆ ๐ 3 Malicious #PyPI Packages Found Targeting #Linux with Crypto Miners
โ ๐ฆ ๐ New Bandook #RAT Variant Resurfaces, Targeting #Windows Machines
โ ๐ฆ ๐ UAC-0050 Group Using New #Phishing Tactics to Distribute Remcos RAT
โ ๐ฆ ๐บ๐ฆ CERT-UA Uncovers New #Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK
โ ๐ ๐ฆ Free Decryptor Released for #BlackBasta Ransomware
โ ๐ ๐จ #SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof #Emails
โ ๐ฉน #Ivanti warns critical EPM #bug lets hackers hijack enrolled devices
โ ๐ฉน Google Patches Six Vulnerabilities With First #Chrome Update of 2024
โ ๐ฉน ๐ก Millions still havenโt patched #Terrapin SSH protocol #vulnerability
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #46/2023 is out! It includes the following and much more:
โ ๐ ๐ฏ๐ต #Toyota confirms breach after Medusa #ransomware threatens to leak data
โ ๐บ๐ธ ๐ Ransomware gang files #SEC complaint over victimโs undisclosed #breach
โ ๐ ๐ชถ Attackers claim Plume Design, Inc data breach
โ ๐บ๐ธ ๐ฐ #ICBC paid ransom after hack that disrupted markets, #cybercriminals say
โ ๐ #Dragos Says No Evidence of Breach After Ransomware Gang Claims Hack via Third Party
โ ๐ โ๏ธ Hackers swipe Booking.com, damage from attack is global
โ ๐ท๐บ ๐บ๐ฆ Russian #CyberEspionage Group Deploys #LitterDrifter USB #Worm in Targeted Attacks
โ ๐ฎ๐ฑ ๐บ๐ธ Israeli Man Who Made $5M From Hacking Scheme Sentenced to Prison in US
โ ๐ซ๐ฎ โ๏ธ Alleged Extortioner of Psychotherapy Patients Faces Trial
โ ๐บ๐ธ ๐ธ #LockBit ransomware exploits #CitrixBleed in attacks, 10K servers exposed
โ ๐บ๐ธ โ๏ธ #IPStorm botnet with 23,000 proxies for malicious traffic dismantled
โ ๐ถ๐ป ๐งจ Teens with โdigital bazookasโ are winning the ransomware war, researcher laments
โ ๐ธ #Ethereum feature abused to steal $60 million from 99K victims
โ ๐ฉ๐ฐ ๐ท๐บ #Denmark Hit With Largest #Cyberattack on Record
โ ๐จ๐ณ ๐ฐ๐ญ Chinese Hackers Launch Covert #Espionage Attacks on 24 Cambodian Organizations
โ ๐ฒ๐พ Major Phishing-as-a-Service Syndicate '#BulletProofLink' Dismantled by Malaysian Authorities
โ ๐ช๐บ ๐ฅณ EU Parliament committee rejects mass scanning of private and encrypted communications
โ ๐ฉน #ICS Patch Tuesday: 90 Vulnerabilities Addressed by Siemens and Schneider Electric
โ ๐ฆ ๐ 27 Malicious #PyPI Packages with Thousands of Downloads Found Targeting IT Experts
๐ป๐ณ ๐ฎ๐ณ Vietnamese Hackers Using New #Delphi-Powered #Malware to Target Indian Marketers
โ ๐ #Google Adds #Passkey Support to New Titan Security Key
โ ๐ Zero-Day Flaw in #Zimbra Email Software Exploited by Four Hacker Groups
โ ๐ฉน #SAP Patches Critical Vulnerability in Business One Product
โ ๐ New #Reptar CPU flaw impacts Intel desktop and server systems
โ ๐ New #CacheWarp AMD #CPU attack lets hackers gain root in Linux VMs
๐ This week's recommended reading is: "Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World" by @marcusjcarey and Jennifer Jin
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #42/2023 is out! It includes the following and much more:
โ ๐ ๐ Tracking Unauthorized Access to #Okta's Support System
โ ๐ ๐ฏ๐ต #Casio discloses #databreach impacting customers in 149 countries
โ ๐ ๐งฌ Hacker leaks millions more #23andMe user records on #cybercrime forum
โ ๐ ๐จ๐ณ D-Link confirms data breach after employee #phishing attack
โ ๐ ๐ฐ #Equifax Fined $13.5 Million Over 2017 Data Breach
โ ๐บ๐ฆ ๐งน Ukrainian activists hack Trigona #ransomware gang, wipe servers
โ ๐บ๐ธ ๐ฐ๐ต FBI: Thousands of Remote IT Workers Sent Wages to #NorthKorea to Help Fund Weapons Program
โ ๐ฎ๐ณ โ๏ธ #India targets #Microsoft, #Amazon tech support #scammers in nationwide crackdown
โ ๐ต๐ธ ๐ฎ๐ท #Hamas-linked app offers window into cyber infrastructure, possible links to Iran
โ ๐ฎ๐ปโโ๏ธ ๐ฅท๐ป Police seize #RagnarLocker leak site
โ ๐ฐ๐ต North Korean Hackers Exploiting Recent #TeamCity Vulnerability
โ ๐จ๐ณ ๐ท๐บ #China replaces #Russia as top #cyberthreat
โ ๐บ๐ฆ ๐ก CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks
โ ๐ซ๐ท ๐ช๐ธ #France frees the two biggest Spanish hackers
โ ๐บ๐ธ โ๏ธ Ex-Navy IT head gets 5 years for selling peopleโs data on #darkweb
โ ๐จ๐ญ ๐ณ๏ธ #Switzerlandโs e-voting system has predictable implementation blunder
โ ๐ ๐ญ Critical Vulnerabilities Expose โโ#Weintek HMIs to Attacks
โ ๐ ๐ญ #Milesight Industrial Router #Vulnerability Possibly Exploited in Attacks
โ ๐ฆ ๐ป๐ณ Fake #Corsair job offers on #LinkedIn push #DarkGate malware
โ ๐ฆ Google-hosted #malvertising leads to fake #Keepass site that looks genuine
โ ๐ฆ ๐ฌ #Discord still a hotbed of #malware activity โ Now APTs join the fun
โ ๐ฆ ๐ต๐ปโโ๏ธ SpyNote: Beware of This Android #Trojan that Records Audio and Phone Calls
โ ๐๏ธ ๐ฆ #Android will now scan sideloaded apps for malware at install time
โ ๐ฌ ๐ #WhatsApp#passkeys on the way, but as usual, for Android first
โ ๐ท๐บ ๐๏ธ Pro-Russian Hackers Exploiting Recent #WinRAR Vulnerability in New Campaign
โ ๐๏ธ โ Signal Pours Cold Water on Zero-Day Exploit Rumors
โ ๐ ๐ฅ #Cisco warns of new #IOS XE #zeroday actively exploited in attacks
๐ This week's recommended reading is: "RTFM: Red Team Field Manual v2" by Ben Clark and Nicholas Downer
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #43/2023 is out! It includes the following and much more:
โ ๐บ๐ธ ๐ฐ Hackers that breached Las Vegas casinos rely on violent threats, research shows
โ ๐ ๐บ๐ธ University of Michigan employee, student data stolen in #cyberattack
โ ๐ #1Password discloses security incident linked to #Okta breach
โ ๐บ๐ธ Cyber attacks hit NY state #casino operation, two Hudson Valley hospitals
โ ๐บ๐ธ ๐ณ๏ธ D.C. Board of Elections: Hackers may have breached entire voter roll
โ ๐ ๐ฎ๐ช Thousands of drivers have sensitive data exposed to hackers in major IT #breach
โ ๐ท๐บ ๐จ Pro-Russia hackers target inboxes with #0day in webmail app used by millions
โ ๐ซ๐ท ๐ท๐บ #France says Russian state hackers breached numerous critical networks
โ ๐ณ๐ฌ Nigerian Police dismantle #cybercrime recruitment, mentoring hub
โ ๐ต๐ธ ๐ธ #Palestine#crypto donation scams emerge amid Israel-Hamas war
โ ๐ช๐ธ ๐ฎ๐ปโโ๏ธ #Spain arrests 34 #cybercriminals who stole data of 4 million people
โ ๐จ๐ฆ ๐จ๐ณ #Canada: Lawmakers Targeted by China-Linked โ#Spamouflageโ Disinformation
โ ๐บ๐ธ ๐ท๐บ Ex-NSA Employee Pleads Guilty to Leaking Classified Data to #Russia
โ ๐ฆ ๐ฐ๐ต N. Korean #Lazarus Group Targets Software Vendor Using Known Flaws
โ ๐ฆ ๐ฎ๐ท Iranian Group #Tortoiseshell Launches New Wave of IMAPLoader #Malware Attacks
โ ๐ฆ ๐ชฐ #StripedFly malware framework infects 1 million #Windows, #Linux hosts
โ ๐ฆ ๐ฑ #iOS Zero-Day Attacks: Experts Uncover Deeper Insights into Operation Triangulation
โ ๐ ๐ฑ #Samsung Galaxy S23 hacked two more times at #Pwn2Own Toronto
โ ๐ Critical #OAuth Flaws Uncovered in #Grammarly, #Vidio, and #Bukalapak Platforms
โ ๐ ๐ฉบ Critical Flaw in NextGen's Mirth Connect Could Expose #Healthcare Data
โ ๐ #F5 Warns of Critical Remote Code Execution Vulnerability in BIG-IP
โ ๐ ๐ Hackers can force iOS and #macOS browsers to divulge #passwords and much more
โ ๐ฉน #Citrix warns admins to patch #NetScaler CVE-2023-4966 bug immediately
โ ๐ โ๐ป #Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops
โ ๐ Critical RCE flaws found in #SolarWinds access audit solution
๐ This week's recommended reading is: "Click Here to Kill Everybody: Security and Survival in a Hyper-connected World" by Bruce Schneier
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #02/2024 is out! It includes the following and much more:
โ ๐ ๐ฝ Halara probes breach after hacker leaks data for 950,000 people
โ ๐ ๐ฅ #Mandiant's X Account Was Hacked Using Brute-Force Attack
โ ๐ ๐ต๐พ #Paraguay warns of Black Hunt #ransomware attacks after Tigo Business #breach
โ ๐บ๐ธ ๐ธ US SECโs X account hacked to announce fake #Bitcoin ETF approval
โ ๐ ๐จ๐ฆ Toronto Zoo: Ransomware attack had no impact on animal #wellbeing
โ ๐ Mortgage firm loanDepot #cyberattack impacts IT systems, payment portal
โ ๐ซ๐ฎ ๐ธ #Finland warns of Akira ransomware wiping NAS and tape #backup devices
โ ๐ฉ๐ฐ ๐ท๐บ #Sandworm probably wasnโt behind Danish critical infrastructure cyberattack, report says
โ ๐บ๐ฆ ๐ท๐บ Pro-Ukraine hackers breach Russian ISP in revenge for #KyivStar attack
โ ๐ซ๐ท ๐บ๐ธ French Computer Hacker Jailed in US
โ ๐ณ๐ฌ โ๏ธ Nigerian gets 10 years for laundering millions stolen from elderly
โ ๐น๐ท Turkish Hackers Exploiting Poorly Secured #MSSQL Servers Across the Globe
โ ๐น๐ท ๐ณ๐ฑ Turkish #Cyberspies Targeting Netherlands
โ โ๏ธ ๐ช๐บ #Microsoft Lets Cloud Users Keep Personal Data Within #Europe to Ease #Privacy Fears
โ ๐บ๐ธ ๐จ๐ณ #AI is helping US spies catch stealthy Chinese hacking ops, #NSA official says
โ ๐ฑ๐ง โ๏ธ Beirut Airport Screens Hacked with Anti-Hezbollah Message
โ ๐ธ๐ฆ Saudi Ministry exposed sensitive data for 15 months
โ ๐ฌ๐ท #Greece to Establish New Authority to Counter Cyber-Attacks
โ ๐ฉน #Siemens, #SchneiderElectric Release First #ICS Patch Tuesday Advisories of 2024
โ ๐ โ๏ธ New #Python-based FBot Hacking Toolkit Aims at #Cloud and #SaaS Platforms
โ ๐ฆ ๐บ #YouTube Videos Promoting Cracked Software Distribute Lumma Stealer
โ ๐ฆ ๐ง #Linux devices are under attack by a never-before-seen worm
โ ๐ฆ ๐ณ๐ฑ Dutch Engineer Used Water Pump to Get Billion-Dollar #Stuxnet#Malware Into Iranian Nuclear Facility
โ ๐ก ๐ DSA removal from #OpenSSH
โ ๐ฉน #PatchTuesday
โ ๐ ๐ Actively exploited 0-days in #Ivanti VPN are letting hackers #backdoor networks
โ ๐ ๐ง Hackers can infect network-connected wrenches to install ransomware
โ ๐จ๐ณ ๐ #AirDrop cracked by #China, revealing phone number and email address of sender
โ ๐ฉน #QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products
โ ๐ ๐ KyberSlash attacks put #quantum#encryption projects at risk
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #06/2024 is out! It includes the following and much more:
โ ๐ #Juniper Support Portal Exposed Customer Device Info
โ ๐ ๐น๐ญ Major #DataBreach in #Thailand Exposes Personal Data of 20 Million Elderly Citizens
โ ๐ ๐ซ๐ท Millions at risk of fraud after massive health data hack in #France
โ ๐ ๐บ๐ธ #Verizon employee inadvertently leaks data of 63 thousand colleagues
โ ๐ ๐ฅ๏ธ #AnyDesk Hacked: Revokes Passwords, Certificates in Response
โ ๐ ๐บ๐ธ #Clorox says #cyberattack caused $49 million in expenses
โ ๐ธ ๐ #Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline
โ ๐บ๐ธ ๐ฐ US offers $10 million for tips on #Hive ransomware leadership
โ ๐จ๐ณ ๐บ๐ธ #China-backed Volt Typhoon hackers have lurked inside US #criticalinfrastructure for โat least five yearsโ
โ ๐จ๐ณ ๐ณ๐ฑ Chinese Hackers Exploited #FortiGate Flaw to Breach Dutch #Military Network
โ ๐ฎ๐ท ๐ฎ๐ฑ #Iran accelerates cyber ops against #Israel from chaotic start
โ ๐ง๐พ ๐บ๐ธ Belarusian National Linked to BTC-e Faces 25 Years for $4 Billion #Crypto Money Laundering
โ ๐ญ๐ฐ ๐ธ #Finance worker pays out $25 million after video call with #deepfake โchief financial officerโ
โ ๐บ๐ฆ #ukraine is Creating a โCyber Diplomatโ Post
โ ๐ฉ๐ฐ #Denmark orders schools to stop sending student data to #Google
โ ๐ช๐บ โ๏ธ #EU proposes criminalizing AI-generated child sexual abuse and deepfakes
โ ๐ณ๐ฑ ๐ฐ #Uber Fined 10 Million Euros by Dutch Data Regulator
โ ๐บ๐ธ ๐ US to Roll Out Visa Restrictions on People Who Misuse #Spyware to Target Journalists, Activists
โ ๐ฆ ๐ฌ Raspberry Robin #Malware Upgrades with #Discord Spread and New Exploits
โ ๐ฆ ๐ New #macOS Backdoor Linked to Prominent Ransomware Groups
๐ฆ ๐ชฅ Surprising 3 Million Hacked #Toothbrushes Story Goes ViralโIs It True?
โ ๐จ๐ฆ ๐ฌ #Canada declares #FlipperZero public enemy No. 1 in car-theft crackdown
โ ๐ฉน #Ivanti: Patch new Connect Secure auth bypass bug immediately
โ ๐ ๐ Security flaw in a popular smart helmet allowed silent location tracking
โ ๐ฉน Critical Patches Released for New Flaws in #Cisco, #Fortinet, #VMware Products
โ ๐ ๐ง Critical Boot Loader #Vulnerability in Shim Impacts Nearly All #Linux Distros
โ ๐ โ๏ธ #Airbus App Vulnerability Introduced Aircraft Safety Risk
โ ๐ฉน #QNAP Patches High-Severity Bugs in QTS, Qsync Central
--
๐ This week's recommended reading is: "x86 Software Reverse-Engineering, Cracking, and Counter-Measure" by Stephanie Domas & Christopher Domas
--
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐ If you're (still) looking for ideas for the holidays season, and the recipient of your lovely attention is into #infosec and #cybersecurity, here's the compiled list of #books that I've recommended YTD in my weekly #InfosecMASHUP newsletter ๐
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #39/2023 is out! It includes the following and much more:
โ ๐ #GitHub repos bombarded by info-stealing commits masked as #Dependabot
โ ๐ฏ๐ต ๐ธ #Sony Investigating After Hackers Offer to Sell Stolen Data
โ ๐ #BORN Ontario child registry #databreach affects 3.4 million people
โ ๐ญ๐ฐ ๐ Personal data of 25,000 Hongkongers at risk after #cyberattack against consumer watchdog, up from earlier estimate of 8,000
โ ๐บ๐ธ ๐ National Student Clearinghouse data breach impacts 890 #schools
โ ๐จ๐ฆ โ๏ธ #AirCanada discloses data breach of employee and 'certain records'
โ ๐ฐ๐ต ๐ช๐ธ North Korean hackers posed as #Meta recruiter on #LinkedIn
โ ๐ฅ ShadowSyndicate: A New #Cybercrime Group Linked to 7 #Ransomware Families
โ ๐ท๐บ โ๏ธ Russian flight booking system suffers โmassiveโ cyberattack
โ ๐จ๐ณ ๐บ๐ธ Chinese hackers stole emails from US State Dept in #Microsoft breach, Senate staffer says
โ ๐จ๐ณ Chinese Hackers TAG-74 Targets South Korean Organizations in a Multi-Year Campaign
โ ๐บ๐ฆ ๐ Ukrainian Military Targeted in Phishing Campaign Leveraging #Drone Manuals
โ ๐ฅท๐ป ๐ฐ Hackers steal $200M from #crypto company #Mixin
โ ๐ณ๐ฌ โ๏ธ Nigerian man pleads guilty to attempted $6 million BEC email heist
โ ๐บ๐ธ โ๏ธ ShinyHunters member pleads guilty to $6 million in data theft damages
โ ๐จ๐ณ #China-Linked Budworm Targeting Middle Eastern #Telco and Asian Government Agencies
โ ๐จ๐ณ ๐ช Backdoored firmware lets China state hackers control #routers with โmagic packetsโ
โ ๐บ๐ธ ๐ฎ๐ปโโ๏ธSecurity researcher warns of chilling effect after feds search phone at #airport
โ ๐ฆ โ๏ธFBI Warns Organizations of Dual Ransomware, Wiper Attacks
โ ๐ค ๐ฆ #Bing Chat responses infiltrated by ads pushing #malware
โ ๐ฅ ๐ฃ Red Cross-Themed #Phishing Attacks Distributing DangerAds and AtlasAgent Backdoors
โ ๐ฅท๐ป ๐ #SSH keys stolen by stream of malicious #PyPI and #npm packages
โ ๐ฆ ๐ New Variant of #Banking#Trojan BBTok Targets Over 40 Latin American Banks
โ ๐ฆ ๐ช #Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics
โ ๐ #Sysdig Launches Realtime Attack Graph for Cloud Environments
โ ๐ ๐จ Critical vulnerabilities in #Exim threaten over 250k #email servers worldwide
โ ๐ Progress warns of maximum severity WS_FTP Server vulnerability
โ ๐ฉน ๐ฅ #Google fixes fifth actively exploited Chrome zero-day of 2023
โ ๐ฉน ๐ #macOS 14 #Sonoma Patches 60 #Vulnerabilities
โ ๐ฉน ๐ฆ #Firefox 118 Patches High-Severity Vulnerabilities
โ ๐คซ โ Google quietly corrects previously submitted disclosure for critical #webp 0-day
โ ๐ ๐ช๐ฌ 0-days exploited by commercial surveillance vendor in #Egypt
๐ This week's recommended reading is: "Philosophy of Cybersecurity" by @LukaszOlejnik and Artur Kurasinski
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #45/2023 is out! It includes the following and much more:
โ ๐ โ๏ธ #Boeing breach: LockBit leaks 50 GB of data
โ ๐จ๐ณ Worldโs largest commercial bank #ICBC confirms #ransomware attack
โ ๐ โ๏ธ Sumo Logic alerts customers about #securityincident; advises rotate Sumo Logic API access keys
โ ๐ ๐ฎ๐ช Electric Ireland admits data breach that could see customer financial data compromised
โ ๐ ๐จ๐ฆ #TransForm says ransomware data breach affects 267,000 patients
โ ๐ ๐ธ๐ฌ #Singapore Marina Bay Sands reward members data breached, over 650k people exposed
โ ๐ฎ๐ฑ ๐ต๐ธ ๐ฎ๐ท Cyber ops linked to #Israel-#Hamas conflict largely improvised, researchers say
โ ๐งจ ๐ค #OpenAI confirms #DDoS attacks behind ongoing #ChatGPT outages
โ ๐๏ธ ๐ธ Fake Ledger Live app in #Microsoft Store steals $768,000 in #crypto
โ ๐ ๐ฐ โLooney Tunablesโ #Glibc Vulnerability Exploited in #Cloud Attacks
โ ๐บ๐ธ ๐ท๐บ US Sanctions Russian National for Helping Ransomware Groups Launder Money
โ ๐ฎ๐ท ๐ฎ๐ฑ Iranian Hackers Launch Destructive Cyber Attacks on Israeli #Tech and #Education Sectors
โ ๐ซ๐ท ๐ฌ๐ง #France, #UK Seek Greater Regulation of Commercial #Spyware
โ ๐ช๐บ ๐ค #Europe is trading security for digital #sovereignty
โ ๐ท๐บ ๐บ๐ฆ Russian Hackers Used #OT Attack to Disrupt Power in #Ukraine Amid Mass Missile Strikes
โ ๐ฆ ๐ช Highly invasive #backdoor snuck into #opensource packages targets developers
โ ๐ฆ ๐ฐ๐ต N. Korea's #BlueNoroff Blamed for Hacking #macOS Machines with ObjCShellz #Malware
โ ๐ซฃ #Signal tests usernames that keep your phone number private
โ ๐ Microsoft Authenticator now blocks suspicious #MFA alerts by default
โ โ๏ธ ๐ฐ Researchers Uncover Undetectable #CryptoMining Technique on #Azure Automation
โ ๐ฅ ๐ฐ Data Brokers Expose Sensitive US Military Member Info to Foreign Threat Actors: Study
โ ๐ฉน Microsoft Says Exchange โZero Daysโ Disclosed by #ZDI Already Patched or Not Urgent
โ ๐ Veeam warns of critical bugs in #Veeam ONE monitoring platform
๐ This week's recommended reading is: "How the F*ck Did This Happen?: A guide for executives who need to understand Cyber Security in plain, actionable language" by Dr Darryl Carlton
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #50/2023 is out! It includes the following and much more:
โ ๐ ๐บ๐ธ U.S. nuclear research lab #databreach impacts 45,000 people
โ ๐ฉ๐ช #Toyota Germany Says Customer Data Stolen in #Ransomware Attack
โ ๐ ๐ง #Bitcoin ATM company Coin Cloud got hacked. Even its new owners donโt know how
โ ๐ ๐บ๐ธ Norton #Healthcare discloses data breach after May ransomware attack
โ ๐ท๐บ Russian SVR-Linked #APT29 Targets #JetBrains TeamCity Servers in Ongoing Attacks
โ ๐ฅ #LockBit ransomware now poaching #BlackCat, NoEscape affiliates
โ ๐ป๐ณ ๐ป #Microsoft seizes domains used to sell fraudulent #Outlook accounts
โ ๐ซ๐ท ๐ธ French police arrests Russian suspect linked to #Hive ransomware
โ ๐จ๐ณ Chinese APT Volt Typhoon Linked to Unkillable SOHO Router #Botnet
โ ๐บ๐ฆ ๐ท๐บ Ukrainian military says it hacked #Russia's federal tax agency
โ ๐จ๐ณ ๐ช Researchers Unmask Sandman APT's Hidden Link to China-Based #KEYPLUG Backdoor
โ ๐บ๐ฆ ๐ก #Ukraineโs largest mobile communications provider down after apparent #cyberattack
โ ๐ช๐ธ Kelvin Security hacking group leader arrested in #Spain
โ ๐ป ๐ฎ๐ปโโ๏ธ #ALPHV ransomware site outage rumored to be caused by law enforcement
โ ๐น ๐ต๐ปโโ๏ธ #UniFi devices broadcasted private video to other usersโ accounts
โ ๐ท๐บ ๐ช๐บ Russian Diplomat Expelled Amid EU Spy Purge Is Now An OSCE Election Observer In Serbia
โ ๐บ๐ธ Harry Coker confirmed to be the next National Cyber Director
โ ๐ช๐ธ ๐บ๐ธ Spain expels two US spies for infiltrating secret service
โ ๐ #MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure
โ ๐ฉน #ICS Patch Tuesday: Electromagnetic Fault Injection, Critical Redis Vulnerability
โ ๐ฆ ๐ต๐ธ New Pierogi++ #Malware by #Gaza Cyber Gang Targeting Palestinian Entities
โ ๐ฆ ๐ฎ๐ท Iranian State-Sponsored #OilRig Group Deploys 3 New Malware Downloaders
โ ๐ฆ ๐ฉ๐ช New MrAnon Stealer Malware Targeting German Users via Booking-Themed #Scam
โ ๐ช #Google's New Tracking Protection in Chrome Blocks Third-Party #Cookies
โ ๐ ๐จ๐ปโ๐ป #Zoom Unveils Open Source Vulnerability Impact Scoring System
โ ๐ฉน ๐งฑ #Sophos backports RCE fix after attacks on unsupported #firewalls
โ ๐ ๐งฑ Over 1,450 #pfSense servers exposed to RCE attacks via bug chain
โ ๐ฉน ๐ #Apple Ships iOS 17.2 With Urgent Security #Patches
โ ๐ Over 30% of #Log4J apps use a vulnerable version of the library
๐ This week's recommended reading is: "Black Hat Python, 2nd Edition: Python Programming for Hackers and Pentesters (2nd Edition)" by Justin Seitz and Tim Arnold
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #47/2023 is out! It includes the following and much more:
โ ๐ ๐ฌ๐ง University of Manchester #CISO Speaks Out on Summer Cyber-Attack
โ ๐ ๐บ๐ธ Hacktivists breach U.S. nuclear research lab, steal employee data
โ ๐ ๐ Sumo Logic Completes Investigation Into Recent Security #Breach
โ ๐ ๐บ๐ธ Auto parts giant AutoZone warns of #MOVEit data breach
โ ๐ ๐จ๐ฆ Canadian government discloses data breach after contractor hacks
โ ๐ฆ๐ซ New 'HrServ.dll' Web Shell Detected in #APT Attack Targeting Afghan Government
โ ๐ฌ๐ง ๐ฐ๐ท UK and South Korea: Hackers use zero-day in supply-chain attack
โ ๐ต๐ธ ๐ฎ๐ฑ #Hamas-Linked #Cyberattacks Using Rust-Powered SysJoker #Backdoor Against #Israel
โ ๐ท๐บ ๐ฑ โThey are tired of him, but they are afraidโ: what is known about the leader of the hacker group Killnet
โ ๐ฐ๐ต N. Korean Hackers Distribute Trojanized #CyberLink Software in Supply Chain Attack
โ โถ๏ธ ๐ Play #Ransomware Goes Commercial - Now Offered as a Service to Cybercriminals
โ ๐ฎ๐ณ Indian Hack-for-Hire Group Targeted U.S., #China, and More for Over 10 Years
โ ๐ท๐บ Russian hackers use #Ngrok feature and #WinRAR exploit to attack embassies
โ ๐บ๐ธ ๐ฉบ #CISA Releases Cybersecurity Guidance for #Healthcare, Public Health Organizations
โ ๐ฌ๐ง ๐๐ป Thanking the vulnerability research community with #NCSC Challenge Coins
โ ๐ง #Tor Network Removes Risky Relays Associated With #Cryptocurrency Scheme
โ ๐บ๐ฆ ๐๐ป #Ukraine fires top cybersecurity officials
โ ๐ฉน Johnson Controls Patches Critical #Vulnerability in Industrial Refrigeration Products
โ ๐ฆ ๐ฆ New WailingCrab #Malware Loader Spreading via Shipping-Themed Emails
โ ๐ฆ ๐จ New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
โ ๐ฆ ๐ NetSupport #RAT Infections on the Rise - Targeting Government and Business Sectors
โ ๐ซ Google #Chrome will limit ad blockers starting June 2024
โ ๐ โ๏ธ 3 Critical Vulnerabilities Expose #ownCloud Users to Data Breaches
โ ๐ โ๏ธ Researchers Discover Dangerous Exposure of Sensitive #Kubernetes Secrets
โ ๐ โ๐ป New Flaws in Fingerprint Sensors Let Attackers Bypass #Windows Hello Login
โ ๐ ๐ฉธ โ#CitrixBleedโ vulnerability targeted by nation-state and criminal hackers: CISA
โ ๐ก Researchers extract RSA keys from #SSH server signing errors
๐ This week's recommended reading is: "How I Rob Banks: And Other Such Places" by FC a.k.a. Freakyclown
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ