Daily Cyber Threats for Businesses and You
Safe Harbor on Cyber Daily News: A Must Read on Cybersecurity to meet your needs.
Welcome to the and enjoy reading our amazing and comprehensive Safe Harbor on the
Cyber news alert RSS feeds for your reading and gain the latest insight
Collection of Cyber News Alert Feeds
Click title link below for rendering original Articles on:
Ransomware at Colorado IT Provider Affects 100+ Dental Offices A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices, KrebsOnSecurity has learned. Multiple sources affected say their IT provider, Englewood, Colo. based Complete Technology Solutions (CTS), was hacked, allowing a potent strain of ransomware known as…
Apple Explains Mysterious iPhone 11 Location Requests KrebsOnSecurity ran a story this week that puzzled over Apple's response to inquiries about a potential privacy leak in its new iPhone 11 line, in which the devices appear to intermittently seek the user's location even when all applications and system services are individually set never to request this data. Today, Apple disclosed that this…
The iPhone 11 Pro’s Location Data PuzzlerOne of the more curious behaviors of Apple's new iPhone 11 Pro is that it intermittently seeks the user's location information even when all applications and system services on the phone are individually set to never request this data. Apple says this is by design, but that response seems at odds with the company's own…
It’s Way Too Easy to Get a .gov Domain NameMany readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a .gov domain versus a commercial one ending in .com or .org. But a recent experience suggests this trust may be severely misplaced, and…
Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant ChainsOn Nov. 23, one of the cybercrime underground's largest bazaars for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards. KrebsOnSecurity has learned this latest batch of cards was siphoned from four different compromised restaurant chains that are most prevalent across the midwest and…
Hidden Cam Above Bluetooth Pump SkimmerTiny hidden spy cameras are a common sight at ATMs that have been tampered with by crooks who specialize in retrofitting the machines with card skimmers. But until this past week I'd never heard of hidden cameras being used at gas pumps in tandem with Bluetooth-based card skimming devices. Apparently, I'm not alone. "I believe…
Security Affairs newsletter Round 243 A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Data of 21 million Mixcloud users available for sale on the dark web Google warned 12K+ users targeted by state-sponsored hackers Twitter account of Huawei Mobile Brazil hacked Clop Ransomware attempts to disable Windows Defender and Malwarebytes Europol…
US authorities charged Dridex gang members for stealing over $100 Million US DoJ charged two Russian citizens for deploying the Dridex malware and for their involvement in international bank fraud and computer hacking schemes. The U.S. Department of Justice (DoJ) has charged Russian citizens Maksim V. (32) and Igor Turashev (38) for distributing the infamous Dridex banking Trojan, and for their involvement in international bank fraud…
Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks Alleged Vietnamese Ocean Lotus (APT32) hackers breached the networks of the car manufacturers BMW and Hyundai to steal automotive trade secrets. According to German media, hackers suspected to be members of the Vietnam-linked APT Ocean Lotus (APT32) group breached the networks of the car manufacturers BMW and Hyundai. The intrusion aimed at stealing automotive trade…
Russia-linked Gamaredon group targets Ukraine officials Russia-linked Gamaredon cyberespionage group has been targeting Ukrainian targets, including diplomats, government and military officials. Russia linked APT group tracked as Gamaredon has been targeting several Ukrainian diplomats, government and military officials, and law enforcement. The Gamaredon attacks against Ukraine don’t seem to have stopped. In June malware researchers from Cybaze-Yoroi spotted a new suspicious…
VMware addresses ESXi issue disclosed at the Tianfu Cup hacking competition VMware has addressed a critical remote code execution vulnerability in ESXi that was disclosed recently at the Tianfu Cup hacking competition. This week VMware has released security updates that fix a critical remote code execution vulnerability in ESXi that was recently disclosed by white hat hackers at the Tianfu Cup hacking competition in China. The Tianfu…
CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems Researchers discovered a vulnerability tracked as CVE-2019-14899 that can be exploited to hijack active TCP connections in a VPN tunnel Researchers from the University of New Mexico have discovered a vulnerability, tracked as CVE-2019-14899, that can be exploited by an attacker to determine if a user is connected to a VPN and hijack active TCP…
OpenBSD addresses authentication bypass, privilege escalation issues Experts from Qualys Research Labs discovered four high-severity security flaws in OpenBSD, one of which is a type authentication bypass issue. Researchers from Qualys Research Labs discovered four high-severity security vulnerabilities in OpenBSD, a type authentication bypass issue and three privilege escalation bugs. The three issued could be exploited by local users or malware to…
China used the Great Cannon DDoS Tool against forum used by Hong Kong protestorsChina is accused to have used the “Great Cannon” DDoS tool to launch attacks against LIHKG, a forum used by Hong Kong residents to organize protests. The Great Cannon Distributed Denial of Service (DDoS) tool was used again by the Chinese government, this time it was used to target the LIHKG forum used by Hong Kong protesters to…
CyrusOne, one of the major US data center provider, hit by ransomware attackRansomware attacks continue to threaten organizations worldwide, CyrusOne, one of the biggest data center providers in the US, is facing with an infection. A new ransomware attack made the headlines, systems at CyrusOne, one of the biggest data center providers in the US, were infected by the malware. The company reported the incident to law…
The evolutions of APT28 attacksAnalyzing how tactics, techniques and procedures of the Russia-linked APT28 cyberespionage group evolve over the time. APT28 is a well known Russian cyber espionage group attributed, with a medium level of confidence, to Russian military intelligence agency GRU (by CrowdStrike). It is also known as Sofacy Group (by Kaspersky) or STRONTIUM (by Microsoft) and it’s used to target Aereospace, Defence, Governmente Agencies, International…
Iran-Linked APT groups target energy, industrial sectors with ZeroCleare WiperExperts spotted a piece of malware dubbed ZeroCleare that has been used in highly targeted attacks aimed at energy and industrial organizations in the Middle East. Security experts at IBM X-Force found a piece of malware dubbed ZeroCleare (the name ZeroCleare comes from the path in the binary file) that has been used in highly targeted…
Two malicious Python libraries were stealing SSH and GPG keysThe Python security team removed two trojanized Python libraries from PyPI (Python Package Index) that were stealing SSH and GPG keys from the projects of infected developers. The Python security team removed two tainted Python libraries from PyPI (Python Package Index) that were found stealing SSH and GPG keys from the projects of infected developers.…
Mozilla removed 4 Avast and AVG extensions for spying on Firefox usersMozilla has removed four extensions from Avast and AVG from the Firefox site that are suspected to track user activity online. Four Avast and AVG Firefox extensions have been removed from Mozilla Addons Site over concerns of spying of users. “This add-on violates Mozilla’s add-on policy by collecting data without user disclosure or consent,” explained…
Talos experts found a critical RCE in GoAhead Web ServerExperts at Cisco Talos found two vulnerabilities in the GoAhead embedded web server, including a critical remote code execution flaw. GoAhead is the world’s most popular, tiny embedded web server. It is developed by EmbedThis that defines it as compact, secure and simple to use. GoAhead is deployed in hundreds of millions of devices and…
A flaw in Microsoft OAuth authentication could lead Azure account takeoverA vulnerability in the Microsoft OAuth implementation exposes Azure cloud accounts to takeover. The vulnerability affects the way Microsoft applications use OAuth for authentication, these applications trust certain third-party domains and sub-domains that are not registered by Microsoft. Experts from Cyberark discovered the following three vulnerable Microsoft applications that trust these unregistered domains Portfolios, O365…
Russian APT Hackers Group Attack Government & Military Network Using Weaponized Word Documents Researchers discovered a new malicious activity that involved by Russian APT hackers to attack Government and Military officials in Ukrainian entities. The attacker’s targets are not limited but they also infect various individuals who is part of the government and Law enforcement, Journalists, Diplomats, NGO and the Ministry of Foreign Affairs. Researchers believe that the…
Top 3 Categories That Mostly Impact by Cyber Threats & Protection Against Cyber Attack Cybersecurity can be termed as the process of recovering programs, networks, and devices from different types of cyber threats. Over the past few years, cyber threats have evolved drastically and have put different enterprises and organizations into trouble across industries. These cyber-attacks are mainly carried out to extort money from various small and large businesses.…
Infamous Lazarus APT Hackers Group Attack Mac Computers With Fileless Malware A Researcher from K7 Labs observed a new wave of fileless malware distributed by Lazarus APT Hackers Group to infects the MacOS users and delivers the fake cryptocurrency trading application. Infamous Lazarus group involved various cyber-attack that GBHackers reported in the past, and its already targeted several financial organizations around the world using various advanced…
BMW Hacked – OceanLotus APT Hackers Group Penetrate The BMW Networks A well-known APT Hackers group “OceanLotus” breach the automobile giant BMW network, and successfully installed a hacking tool called “Cobalt Strike” which help them to spy and remotely control the system. Security experts from BMW spotted that hackers penetrate the company network system and remain stayed active since March 2019. The OceanLotus APT group believed…
How Attackers Used Look-Alike Domains to Steal $1 Million From a Chinese VC Money meant to fund an Israeli startup wound up directly deposited to the scammers.
Data Center Provider CyrusOne Confirms Ransomware Attack The attack struck CyrusOne's managed services division and compromised six customers primarily serviced by a New York data center.
Senators Call for End to Controversial NSA Program The program for collecting telephone call metadata has faced increased scrutiny and restrictions since Edward Snowden revealed its existence in 2013.
Facebook Sued Hong Kong Company For Hacking Facebook Users Account Using Malware & Run Malicious Ads Facebook Filed a Lawsuit against the 2 Chinese Nations and Hong kong ad company allegedly hack Facebook user’s accounts to install the malware and use their account for running deceptive ads. ILikeAd, a Hong Kong company, and two Chinese software developers are involved in this malicious practice and creating the malware to compromise the Facebook…
Major U.S. Data Center Provider Hit by Ransomware Attack – CyrusOne Major U.S. data center provider CyrusOne, hit by Sodinokibi ransomware, impacts six of their managed service customers. The Sodinokibi ransomware was first identified on April 17, 2019. The ransomware used to encrypt all the files in the disk except the one listed as the configuration file. REvil (Sodinokibi) ransomware previously hit several service providers, local…
Critical Linux Vulnerability Let Hackers Hijack VPN-Tunneled TCP Connections Researchers from the University of New Mexico uncovered a critical Linux vulnerability that affects most of the Linux distros, allows attack Inferring and hijacking VPN-tunneled TCP connections. The vulnerability also allowed to inject the data into the TCP stream and hijack connections through determining the exact seq and ack numbers by counting encrypted packets and analyse…
Microsoft Defender ATP Brings EDR Capabilities to macOS Mac computers will now have the option to use Microsoft Defender Advanced Threat Protection's endpoint and detection response.
Two Malicious Python Packages Steal SSH and GPG Keys Exists in the Python Package Index for a YearThe python security team has removed two malicious python packages that introduced with the Python Package Index (PyPI) aimed to steal SSH and GPG keys from the infected developer projects. PyPI is a python repository that helps to locate and install the software developed and shared by the Python community. It includes Over 113,000 Python…
Wireshark 3.0.7 Released – Fixes for Security Vulnerabilities & Update for BGP, IEEE 802.11, TLS ProtocolsWireshark 3.0.7 released with a number of security updates and fixed several other bugs that reside in the Wireshark components. Wireshark also updated Protocol Support for various protocols such as BGP, HomePlug AV, IEEE 802.11, and TLS. Wireshark is known as the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development,…
Iranian Hackers Launching New Disk-wiping Malware “ZeroCleare” To Bypass The Windows Controls & Crash Network DisksResearchers discovered a new wave of destructive attack by the Iranian hacker group using disk-wiping malware “ZeroCleare” to wipe the MBR and damage disk partitions on a large number of networked devices. ZeroCleare malware attacks various industries such as energy and industrial sectors mainly in the Middle East, and malware believed to be developed and…
What's in a Botnet? Researchers Spy on Geost OperatorsThe investigation of a major Android banking botnet yields insights about how cybercriminals structure and run an illicit business.
- Security Affairs newsletter Round 243 A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Data of 21 million Mixcloud users available for sale on the dark web Google warned 12K+ users targeted by state-sponsored hackers Twitter account of Huawei Mobile Brazil hacked Clop Ransomware attempts to disable Windows Defender and Malwarebytes Europol…
- US authorities charged Dridex gang members for stealing over $100 Million US DoJ charged two Russian citizens for deploying the Dridex malware and for their involvement in international bank fraud and computer hacking schemes. The U.S. Department of Justice (DoJ) has charged Russian citizens Maksim V. (32) and Igor Turashev (38) for distributing the infamous Dridex banking Trojan, and for their involvement in international bank fraud…
- Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks Alleged Vietnamese Ocean Lotus (APT32) hackers breached the networks of the car manufacturers BMW and Hyundai to steal automotive trade secrets. According to German media, hackers suspected to be members of the Vietnam-linked APT Ocean Lotus (APT32) group breached the networks of the car manufacturers BMW and Hyundai. The intrusion aimed at stealing automotive trade…
- Russia-linked Gamaredon group targets Ukraine officials Russia-linked Gamaredon cyberespionage group has been targeting Ukrainian targets, including diplomats, government and military officials. Russia linked APT group tracked as Gamaredon has been targeting several Ukrainian diplomats, government and military officials, and law enforcement. The Gamaredon attacks against Ukraine don’t seem to have stopped. In June malware researchers from Cybaze-Yoroi spotted a new suspicious…
- VMware addresses ESXi issue disclosed at the Tianfu Cup hacking competition VMware has addressed a critical remote code execution vulnerability in ESXi that was disclosed recently at the Tianfu Cup hacking competition. This week VMware has released security updates that fix a critical remote code execution vulnerability in ESXi that was recently disclosed by white hat hackers at the Tianfu Cup hacking competition in China. The Tianfu…
- CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems Researchers discovered a vulnerability tracked as CVE-2019-14899 that can be exploited to hijack active TCP connections in a VPN tunnel Researchers from the University of New Mexico have discovered a vulnerability, tracked as CVE-2019-14899, that can be exploited by an attacker to determine if a user is connected to a VPN and hijack active TCP…
- OpenBSD addresses authentication bypass, privilege escalation issues Experts from Qualys Research Labs discovered four high-severity security flaws in OpenBSD, one of which is a type authentication bypass issue. Researchers from Qualys Research Labs discovered four high-severity security vulnerabilities in OpenBSD, a type authentication bypass issue and three privilege escalation bugs. The three issued could be exploited by local users or malware to…
- China used the Great Cannon DDoS Tool against forum used by Hong Kong protestorsChina is accused to have used the “Great Cannon” DDoS tool to launch attacks against LIHKG, a forum used by Hong Kong residents to organize protests. The Great Cannon Distributed Denial of Service (DDoS) tool was used again by the Chinese government, this time it was used to target the LIHKG forum used by Hong Kong protesters to…
- CyrusOne, one of the major US data center provider, hit by ransomware attackRansomware attacks continue to threaten organizations worldwide, CyrusOne, one of the biggest data center providers in the US, is facing with an infection. A new ransomware attack made the headlines, systems at CyrusOne, one of the biggest data center providers in the US, were infected by the malware. The company reported the incident to law…
- The evolutions of APT28 attacksAnalyzing how tactics, techniques and procedures of the Russia-linked APT28 cyberespionage group evolve over the time. APT28 is a well known Russian cyber espionage group attributed, with a medium level of confidence, to Russian military intelligence agency GRU (by CrowdStrike). It is also known as Sofacy Group (by Kaspersky) or STRONTIUM (by Microsoft) and it’s used to target Aereospace, Defence, Governmente Agencies, International…
- Iran-Linked APT groups target energy, industrial sectors with ZeroCleare WiperExperts spotted a piece of malware dubbed ZeroCleare that has been used in highly targeted attacks aimed at energy and industrial organizations in the Middle East. Security experts at IBM X-Force found a piece of malware dubbed ZeroCleare (the name ZeroCleare comes from the path in the binary file) that has been used in highly targeted…
- Two malicious Python libraries were stealing SSH and GPG keysThe Python security team removed two trojanized Python libraries from PyPI (Python Package Index) that were stealing SSH and GPG keys from the projects of infected developers. The Python security team removed two tainted Python libraries from PyPI (Python Package Index) that were found stealing SSH and GPG keys from the projects of infected developers.…
- Mozilla removed 4 Avast and AVG extensions for spying on Firefox usersMozilla has removed four extensions from Avast and AVG from the Firefox site that are suspected to track user activity online. Four Avast and AVG Firefox extensions have been removed from Mozilla Addons Site over concerns of spying of users. “This add-on violates Mozilla’s add-on policy by collecting data without user disclosure or consent,” explained…
- Talos experts found a critical RCE in GoAhead Web ServerExperts at Cisco Talos found two vulnerabilities in the GoAhead embedded web server, including a critical remote code execution flaw. GoAhead is the world’s most popular, tiny embedded web server. It is developed by EmbedThis that defines it as compact, secure and simple to use. GoAhead is deployed in hundreds of millions of devices and…
- A flaw in Microsoft OAuth authentication could lead Azure account takeoverA vulnerability in the Microsoft OAuth implementation exposes Azure cloud accounts to takeover. The vulnerability affects the way Microsoft applications use OAuth for authentication, these applications trust certain third-party domains and sub-domains that are not registered by Microsoft. Experts from Cyberark discovered the following three vulnerable Microsoft applications that trust these unregistered domains Portfolios, O365…
Safe Harbor on Cyber is a ‘safe harbor’ blog site on cyber security for families and small businesses with news on cyber threats, risk, data breach, identity thefts, ransomware, cryptocurrency, and vulnerabilities items.
This website offers valuable information and cyber threat incident alerts to protect, prevent, mitigate, respond, recover, and learn about Cybersecurity threats to your business and family. We provide
- Curated Cyber Security Information and News Feeds and Articles on Targeted Alerting
- Hints and Best Practices
- How To’s and DIYs
- Secure, Trusted Collaboration
- Cyber Threat and Defense News
- Cyber Resource Links for further learning experiences.
So that we the greater community to be better protected for you, your family, and business.
Under CyberWisdom, we deliver value curated new commentaties for your awareness in prevention and protection in cybersecurity, identity thefts, and cyber threats
:
- A consolidated, edited view of the latest cyber developments in order to help you perform your professional responsibilities (in the form of personalized dashboards and alerts).
- Valuable, unique physical + logical security advice, trends, and incidents.
- A rich library of personal cybersecurity best practices. Open source data feeds top cyber blogs and news.
- Relevant information feeds from US Federal agencies, leading security vendors and authentic cybersecurity experts.
- The ability to automatically report critical cyber incidents to the right corporate groups or government agency.
- Ability to integrate with corporate compliance and governance initiatives to help ensure incidents are appropriately managed and documented.
- Provide news feed commentaries to our sister sites cyberexpertize and wetalkeng.
- And much, much more…
Like this:
Like Loading...