Daily Cyber Threats for Businesses and You
Safe Harbor on Cyber Daily News: A Must Read on Cybersecurity to meet your needs.
Welcome to the and enjoy reading our amazing and comprehensive Safe Harbor on the
Cyber news alert RSS feeds for your reading and gain the latest insight
Collection of Cyber News Alert Feeds
Click title link below for rendering original Articles on:
OSX/Linker, a new piece of Mac malware that exploits Gatekeeper bypass Mac security software firm Intego has spotted a new Mac malware dubbed OSX/Linker that exploits a recently disclosed macOS Gatekeeper vulnerability. Experts at Mac security software firm Intego discovered a new piece of Mac malware dubbed OSX/Linker that exploits a recently disclosed macOS Gatekeeper bypass vulnerability. The Apple Gatekeeper is designed to protect OS X users by…
Anonymous Belgium hacker identified after dropping USB drive while throwing Molotov cocktail Belgium police have identified a member of the Anonymous Belgium collective while investigating an arson case at a local bank. The Anonymous member is a 35-year-old man from Roeselare, Belgium, was arrested after throwing a Molotov cocktail at the Crelan Bank office in Rumbeke, back in 2014. According to ZDnet, the hacker has been exposed…
Iran denies attack against its infrastructure has ever succeeded After media reported a cyber offensive launched by the US against Iran, Teheran announced that alleged cyber attack against its infrastructure has ever succeeded. Last week, media reported that the United States has launched a series of cyber attacks on Iran after the Iranian military has downed an American surveillance drone. US President Donald Trump…
SocialEngineered forum hacked and data leaked online SocialEngineered.net is a forum dedicated to social engineering discussions, it has been compromised data of its users was leaked on a hacker forum. SocialEngineered.net, the forum dedicated to social engineering topics, announced it has suffered a data breach two weeks ago. Hackers accessed data from tens of thousands of members and leaked them online on…
Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory Researchers at Microsoft uncovered a malicious campaign that delivers the infamous FlawedAmmyy RAT directly in memory. Experts at Microsoft uncovered a malicious campaign that delivers the FlawedAmmyy RAT directly in memory. The FlawedAMMYY backdoor borrows the code of the Ammyy Admin remote access Trojan, it allows attackers to get full access to a victim’s machine.…
Free proxy service runs on top of Linux Ngioweb Botnet Researchers from Netlab, discovered a website offering free and commercial proxy servers leveraging a huge botnet (Ngioweb) of hacked WordPress sites. Researchers from Netlab, discovered that Free-Socks.in proxy service is leveraging a huge botnet of hacked WordPress sites. According to the experts, traffic managed by the proxy service is routed through a network of hacked…
CVE-2019-10149: “Return of the WiZard” Vulnerability: Crooks Start Hitting Malware researchers at Cybaze-Yoroi ZLAB observed many attack attempts trying to spread malware abusing the CVE-2019-10149 issue. Introduction In the past days, a really important issue has been disclosed to the public: “Return of the WiZard” vulnerability (ref. EW N030619, CVE-2019-10149). Such vulnerability affected a wide range of Exim servers, one of the main email server…
WeTransfer incident: file transfer emails were sent to unintended email addresses Problems for the popular file transfer service WeTransfer, its staff discovered that some file transfer emails were sent to the wrong people. WeTransfer, the popular file transfer service, issued a security notice to inform users that file transfer emails were sent to unintended email addresses on June 16 and 17. In response to the incident,…
OpenSSH introduces a security feature to prevent Side-Channel Attacks OpenSSH introduces a new feature to prevent Side-Channel attacks, latest release encrypts secret keys in memory as temporary solution. Memory side-channel vulnerabilities continue to threaten modern processors, Spectre, and Meltdown, Rowhammer, and RAMBleed are just some samples, Now OpenSSH encrypts secret keys in memory against Side-Channel attacks. Many experts demonstrated variants of side-channel attacks against OpenSSH application…
US DHS CISA warns of Iran-linked hackers using data wipers in cyberattacks The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a significant increase in cyberattacks from Iranian hackers spreading data wipers. US DHS CISA agency warns of increased cyber-activity from Iran aimed at spreading data-wiping malware through password spraying, credential stuffing, and spear-phishing. The attacks are targeting U.S. industries and government agencies, the statement was also…
Hundreds of million computers potentially exposed to hack due to a flaw in PC-Doctor component Hundreds of million computers from many vendors may have been exposed to hack due to a serious flaw in PC-Doctor software. Experts at SafeBreach discovered that the Dell SupportAssist software, that comes preinstalled on most Dell PCs, was affected by a DLL hijacking vulnerability tracked as CVE-2019-12280. The flaw could have been exploited by an…
Trump secretly ordered cyber attacks against Iran missile systems The United States launched a series of cyber attacks on Iran after the Iranian military has downed an American surveillance drone. The military response to Iran, after the Iranian army has downed an American surveillance drone, started from the cyberspace. US President Donald Trump first approved military strikes against Iran in retaliation for downing a…
Security Affairs newsletter Round 219 – News of the week A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Bella Thorne published her private nude photos before a hacker that was threatening her Linux worm spreading via Exim servers hit Azure customers New Echobot Botnet targets Oracle, VMware…
NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point NASA Office of Inspector General revealed that the Agency’s network was hacked in April 2018, intruders exfiltrated roughly 500 MB of data related to Mars missions. According to a report published by the NASA Office of Inspector General, hackers breached the Agency’s network in April 2018 and remained undetected for nearly a year. The report…
Expert released PoC for Outlook for Android flaw addressed by Microsoft Security researcher from F5 Networks that released more details and proof-of-concept for the recently addressed flaw in Outlook for Android. Microsoft has recently addressed an important vulnerability, tracked as CVE-2019-1105, in Outlook for Android, that potentially affected over 100 million users. The vulnerability is a stored cross-site scripting issue that is related to the way…
How to Avoid Becoming the Next Riviera Beach Be prepared by following these five steps so you don't have to pay a ransom to get your data back.
Companies on Watch After US, Iran Claim Cyberattacks With the cyber conflict between the United States and Iran ramping up, companies traditionally targeted by the countries - such as those in the oil and gas and financial industries - need to bolster their security efforts, experts say.
The Essential Role of Payment Gateways in Detecting Credit Card Fraud Cybercrimes such as credit card fraud are kept on raising in this digital Era since selling and buying process over online dramatically increasing. Selling goods exclusively over the internet is not as easy as it sounds. E-commerce merchants always need to be prepared for certain unexpected situations, such as losing their products and having to…
Microsoft Warns about the new Campaign that Delivers FlawedAmmyy RAT via Weaponized MS Excel Documents Microsoft uncovered a new campaign with a sophisticated infection chain delivering notorious FlawedAmmyy RAT as a final payload. The attack starts with an email that contains .XLS attachments and the contents of the email in the Korean language. Previous campaigns that involve FlawedAmmyy RAT are carried out by TA505 threat actors, upon successful execution of…
Most Important Steps to Keep Your Mobile Safe From Sophisticated Cyber Threats Mobile phones have become a part of everyday life, and their functionality continues to develop at a rapid pace. You can switch from monitoring work emails to playing the latest games, to live streaming sports events simultaneously. Improved high-speed internet and enhanced connectivity indicate that we’re also connected more than ever before and continuously online,…
Top 8 Best Web Security and Hacking Software for Security Professionals in 2019 Hacking software is not only used by hackers for criminal activities but it’s equally used by white hat hackers and security professionals to identify a vulnerability in a network or an endpoint. There is several hacking software available on the internet, including commercial and non-commercial offerings. It’s always good to test your network security from…
A Socio-Technical Approach to Cybersecurity's Problems Researchers explore how modern security problems can be solved with an examination of society, technology, and security.
scanless – A Pentesting Tool to Perform Anonymous open Port Scan on Target Websites Network Penetration Testing determines vulnerabilities on the network posture by discovering Open ports, Troubleshooting live systems, services, port scans and grabbing system banners. Port Scanner is an application used to perform an open port scan with server or hosts. Open ports are the gateway for attackers to enter in and to install malicious backdoor applications. Also…
Critical DLL Hijacking Vulnerability in PC-Doctor For Windows Let Hackers Attack Hundreds of Million DELL Computers A critical DLL hijacking vulnerability resides in PC-Doctor Dell Hardware Support Service software allows attackers to escalate the vulnerable systems privilege and gain persistence access. Dell SupportAssist is pre-installed software on hundreds of million Dell PCs that helps to check both software and hardware system health which requires higher level permission to provide effective health…
Hackers Take Complete Control of Your Android Device by Launching MobOk Malware via Fake Photo Editing Apps in Google Play Researchers discovered a fake photo editing apps which are used by cybercriminals to launch MobOk Malware that takes complete control of the infected Android device. Threat actors are targeting Android users through legitimate Google play store app and hiding this malware to steal money by letting users subscribe to premium services. Two photo editor apps…
NASA Hacked Through an Unauthorized Raspberry Pi Computer Connected to the NASA Servers NASA confirmed that hackers gained access to the Jet Propulsion Laboratory (JPL) last year and they able to steal 500MB of data that related to Mars missions. The hackers breached into NASA network in April 2018 and intrusion remains undetected nearly for a year. According to the OIG report, an Unauthorized Raspberry Pi Computer Connected…
Tor Browser 8.5.3 Released With Fixes for Critical Zero-day Security Update in Firefox Tor Browser 8.5.3 released with the fixes for critical Sandbox Escape zero-day vulnerability in Firefox, and it results in executing arbitrary code on the user’s computer. Mozilla recently released Firefox 67.0.3 with a security update for a type of confusion zero-day vulnerability. Tor Browser 8.5.2 released soon after the Mozilla a patch for first zero-day, a…
Nmap – A Detailed of Explanation Penetration Testing Tool to Perform Information Gathering Nmap is an open source network monitoring and port scanning tool to find the hosts and services in the computer by sending the packets to the target host for network discovery and security auditing. Numerous frameworks and system admins additionally think that its helpful for assignments, for example, network inventory, overseeing administration overhaul timetables, and…
U.S Launched Cyber Attack on Iranian Military Computers After U.S Military Drone Shot Down by Iran United States Military launched a cyber attack on the Iranian Military computers that used to control the Iran missiles after the $240 million Worth U.S drone shootdown by Iran. The attack was mainly targeting the Iran military computer systems with the approval of U.S president Trump and the cyber-attack disabled computer systems controlling rocket and…
New Google Dorks List Collection for SQL Injection – SQL Dorks 2019 Google helps you with Google Dorks to find Vulnerable Websites that Indexed in Google Search Results. Here is the latest collection of Google SQL dorks. More than a million of people searching for google dorks for various purposes for database queries, SEO and for SQL injection. SQL injection is a technique which attacker takes non-validated…
- OSX/Linker, a new piece of Mac malware that exploits Gatekeeper bypass Mac security software firm Intego has spotted a new Mac malware dubbed OSX/Linker that exploits a recently disclosed macOS Gatekeeper vulnerability. Experts at Mac security software firm Intego discovered a new piece of Mac malware dubbed OSX/Linker that exploits a recently disclosed macOS Gatekeeper bypass vulnerability. The Apple Gatekeeper is designed to protect OS X users by…
- Anonymous Belgium hacker identified after dropping USB drive while throwing Molotov cocktail Belgium police have identified a member of the Anonymous Belgium collective while investigating an arson case at a local bank. The Anonymous member is a 35-year-old man from Roeselare, Belgium, was arrested after throwing a Molotov cocktail at the Crelan Bank office in Rumbeke, back in 2014. According to ZDnet, the hacker has been exposed…
- Iran denies attack against its infrastructure has ever succeeded After media reported a cyber offensive launched by the US against Iran, Teheran announced that alleged cyber attack against its infrastructure has ever succeeded. Last week, media reported that the United States has launched a series of cyber attacks on Iran after the Iranian military has downed an American surveillance drone. US President Donald Trump…
- SocialEngineered forum hacked and data leaked online SocialEngineered.net is a forum dedicated to social engineering discussions, it has been compromised data of its users was leaked on a hacker forum. SocialEngineered.net, the forum dedicated to social engineering topics, announced it has suffered a data breach two weeks ago. Hackers accessed data from tens of thousands of members and leaked them online on…
- Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory Researchers at Microsoft uncovered a malicious campaign that delivers the infamous FlawedAmmyy RAT directly in memory. Experts at Microsoft uncovered a malicious campaign that delivers the FlawedAmmyy RAT directly in memory. The FlawedAMMYY backdoor borrows the code of the Ammyy Admin remote access Trojan, it allows attackers to get full access to a victim’s machine.…
- Free proxy service runs on top of Linux Ngioweb Botnet Researchers from Netlab, discovered a website offering free and commercial proxy servers leveraging a huge botnet (Ngioweb) of hacked WordPress sites. Researchers from Netlab, discovered that Free-Socks.in proxy service is leveraging a huge botnet of hacked WordPress sites. According to the experts, traffic managed by the proxy service is routed through a network of hacked…
- CVE-2019-10149: “Return of the WiZard” Vulnerability: Crooks Start Hitting Malware researchers at Cybaze-Yoroi ZLAB observed many attack attempts trying to spread malware abusing the CVE-2019-10149 issue. Introduction In the past days, a really important issue has been disclosed to the public: “Return of the WiZard” vulnerability (ref. EW N030619, CVE-2019-10149). Such vulnerability affected a wide range of Exim servers, one of the main email server…
- WeTransfer incident: file transfer emails were sent to unintended email addresses Problems for the popular file transfer service WeTransfer, its staff discovered that some file transfer emails were sent to the wrong people. WeTransfer, the popular file transfer service, issued a security notice to inform users that file transfer emails were sent to unintended email addresses on June 16 and 17. In response to the incident,…
- OpenSSH introduces a security feature to prevent Side-Channel Attacks OpenSSH introduces a new feature to prevent Side-Channel attacks, latest release encrypts secret keys in memory as temporary solution. Memory side-channel vulnerabilities continue to threaten modern processors, Spectre, and Meltdown, Rowhammer, and RAMBleed are just some samples, Now OpenSSH encrypts secret keys in memory against Side-Channel attacks. Many experts demonstrated variants of side-channel attacks against OpenSSH application…
- US DHS CISA warns of Iran-linked hackers using data wipers in cyberattacks The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a significant increase in cyberattacks from Iranian hackers spreading data wipers. US DHS CISA agency warns of increased cyber-activity from Iran aimed at spreading data-wiping malware through password spraying, credential stuffing, and spear-phishing. The attacks are targeting U.S. industries and government agencies, the statement was also…
- Hundreds of million computers potentially exposed to hack due to a flaw in PC-Doctor component Hundreds of million computers from many vendors may have been exposed to hack due to a serious flaw in PC-Doctor software. Experts at SafeBreach discovered that the Dell SupportAssist software, that comes preinstalled on most Dell PCs, was affected by a DLL hijacking vulnerability tracked as CVE-2019-12280. The flaw could have been exploited by an…
- Trump secretly ordered cyber attacks against Iran missile systems The United States launched a series of cyber attacks on Iran after the Iranian military has downed an American surveillance drone. The military response to Iran, after the Iranian army has downed an American surveillance drone, started from the cyberspace. US President Donald Trump first approved military strikes against Iran in retaliation for downing a…
- Security Affairs newsletter Round 219 – News of the week A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Bella Thorne published her private nude photos before a hacker that was threatening her Linux worm spreading via Exim servers hit Azure customers New Echobot Botnet targets Oracle, VMware…
- NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point NASA Office of Inspector General revealed that the Agency’s network was hacked in April 2018, intruders exfiltrated roughly 500 MB of data related to Mars missions. According to a report published by the NASA Office of Inspector General, hackers breached the Agency’s network in April 2018 and remained undetected for nearly a year. The report…
- Expert released PoC for Outlook for Android flaw addressed by Microsoft Security researcher from F5 Networks that released more details and proof-of-concept for the recently addressed flaw in Outlook for Android. Microsoft has recently addressed an important vulnerability, tracked as CVE-2019-1105, in Outlook for Android, that potentially affected over 100 million users. The vulnerability is a stored cross-site scripting issue that is related to the way…
Safe Harbor on Cyber is a ‘safe harbor’ blog site on cyber security for families and small businesses with news on cyber threats, risk, data breach, identity thefts, ransomware, cryptocurrency, and vulnerabilities items.
This website offers valuable information and cyber threat incident alerts to protect, prevent, mitigate, respond, recover, and learn about Cybersecurity threats to your business and family. We provide
- Curated Cyber Security Information and News Feeds and Articles on Targeted Alerting
- Hints and Best Practices
- How To’s and DIYs
- Secure, Trusted Collaboration
- Cyber Threat and Defense News
- Cyber Resource Links for further learning experiences.
So that we the greater community to be better protected for you, your family, and business.
Under CyberWisdom, we deliver value curated new commentaties for your awareness in prevention and protection in cybersecurity, identity thefts, and cyber threats
:
- A consolidated, edited view of the latest cyber developments in order to help you perform your professional responsibilities (in the form of personalized dashboards and alerts).
- Valuable, unique physical + logical security advice, trends, and incidents.
- A rich library of personal cybersecurity best practices. Open source data feeds top cyber blogs and news.
- Relevant information feeds from US Federal agencies, leading security vendors and authentic cybersecurity experts.
- The ability to automatically report critical cyber incidents to the right corporate groups or government agency.
- Ability to integrate with corporate compliance and governance initiatives to help ensure incidents are appropriately managed and documented.
- Provide news feed commentaries to our sister sites cyberexpertize and wetalkeng.
- And much, much more…
Like this:
Like Loading...
