Daily Cyber Threats for Businesses and You
Safe Harbor on Cyber Daily News: A Must Read on Cybersecurity to meet your needs.
Welcome to the and enjoy reading our amazing and comprehensive Safe Harbor on the
Cyber news alert RSS feeds for your reading and gain the latest insight
Collection of Cyber News Alert Feeds
Click title link below for rendering original Articles on:
Trend Micro Anti-Threat Toolkit could be used to run malware on Win PCs A vulnerability in the Trend Micro Anti-Threat Toolkit (ATTK) can be exploited by attackers to run malware on targets’ Windows systems. The security expert and bug-hunter John “hyp3rlinx” Page discovered an arbitrary code execution vulnerability, tracked as CVE-2019-9491, in the Trend Micro Anti-Threat Toolkit. Trend Micro ATTK allows analyzing malware issues and clean infections. It can…
NordVPN, TorGuard, and VikingVPN VPN providers disclose security breaches NordVPN and TorGuard VPN firms were hacked, threat actors leaked the private keys used to secure their web servers and VPN configuration files. Hackers have breached the systems used by NordVPN and TorGuard VPN companies and leaked the private keys used to secure their web servers and VPN configuration files. The information belonging to the NordVPN company…
Czech Police and Intelligence agency dismantled Russian Spy ring on its soil Czech police and intelligence services have identified a Russian espionage network operating having a nerve center in its Prague embassy. Czech police and intelligence services have dismantled a Russian espionage network operating that was operating via its Prague embassy. The officials were helped by peers at the National Organised Crime Centre (NCOZ). According to the…
Winnti APT group uses skip-2.0 malware to control Microsoft SQL Servers Security experts have a new malware, dubbed skip-2.0 used by the China-linked APT group to establish a backdoor in Microsoft SQL Server systems. Security experts at ESET have discovered a new malware, dubbed skip-2.0, used by the Chinese Winnti cyberespionage group to gain persistence on Microsoft SQL Server systems. The Winnti group was first spotted by…
Avast internal network breached for the second time by sophisticated hackers The popular security firm Avast disclosed today a security breach that impacted its internal network accessed via a compromised VPN profile. The security firm Avast disclosed today a security breach that impacted its internal network, according to a statement published by the company, the intent of the hackers was to carry out a supply chain…
UK/US investigation revealed that Russian Turla APT masqueraded as Iranian hackers A joint UK and US investigation has revealed that the Russian cyber espionage group Turla carried out cyber attacks masqueraded as Iranian hackers. According to the Financial Times, a joint UK and US investigation revealed that Russia-linked cyberespionage group Turla conducted several cyber attacks in more than 35 countries masqueraded as Iranian hackers. The use…
Hackers stole card details from BriansClub carding site BriansClub, one of the biggest a dark web “carding store,” which specializes in the sale of stolen payment card data, has been hacked. Hackers have breached BriansClub (BriansClub[.]at), one of the biggest black market sites, that specializes in the sale of stolen credit card data. According to the security experts Brian Krebs, who first reported…
TA505 cybercrime group use SDBbot RAT in recent campaigns TA505 cybercrime group that operated the Dridex Trojan and Locky ransomware, has been using a new RAT dubbed SDBbot in recent attacks. Security experts at Proofpoint observed the notorious TA505 cybercrime group that has been using a new RAT dubbed SDBbot in recent attacks. The TA505 group, that is known to have operated both the Dridex and Locky malware families, continues…
Security Affairs newsletter Round 236 A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. A new Mac malware dubbed Tarmac has been distributed via…
US Army stopped using floppy disks as storage for SACCS system that manages nuclear weapons arsenal The news is quite curious, the US military will no longer use 8-inch floppy disks in an antiquated computer (SACCS) to manage nuclear weapons arsenal. It’s official, the US strategic command has announced that it has replaced the 8-inch floppy disks in an ancient computer to receive nuclear launch orders from the President with a…
Fake UpdraftPlus WordPress Plugins used to backdoor sites Threat actors leverage malicious plugins that hide in plain sight to backdoor WordPress websites and to use them for brute-forcing other sites. The use of fake WordPress plugins installed by hackers is not a novelty, recently at Sucuri observed multiple infections aimed at installing fake plugins with backdoor capabilities. Attackers use automated tools to create malicious WordPress…
A critical Linux Wi-Fi bug could be exploited to fully compromise systemsA researcher discovered a critical Linux vulnerability, tracked as CVE-2019-17666, that could be exploited to fully compromise vulnerable machines. Nico Waisman, principal security engineer at Github, discovered a critical Linux flaw, tracked as CVE-2019-17666, that could be exploited by attackers to fully compromise vulnerable machines. The vulnerability affects Linux versions through 5.3.6, according to the…
Hundreds of millions of UC Browser Android Users Exposed to MiTM Attacks. Again.Over 600 million UC Browser and UC Browser Mini Android users have been exposed to man-in-the-middle (MiTM) attacks. More than 600 million users of the popular UC Browser and UC Browser Mini Android apps have been exposed to man-in-the-middle (MiTM) attacks by downloading an Android Package Kit (APK) from a third party server over unprotected channels.…
Emsisoft released a free decryption tool for the STOP (Djvu) ransomwareEmsisoft firm has released a new free decryption tool the STOP (Djvu) ransomware, in the last months the research team helped victims of many other threats. STOP (Djvu) ransomware has 160 variants that infected more hundreds of thousands of victims worldwide. Experts estimated a total number of 460,000 victims, that makes this threat the most…
Systems at Ingredients provider Ingredion infected with a MalwareThe US ingredient provider Ingredion Incorporated announced that it has recently detected suspicious activity associated with a malware attack. The US ingredient provider Ingredion Incorporated revealed to have detected an ongoing malware attack after its experts noticed a suspicious activity this week. Ingredion has hired third-party experts to help its staff in investigating the incident…
How Much Security Is Enough? Practitioners Weigh In Most IT and security pros surveyed say they could afford some, but not all, of the minimum security needed to protect themselves.
Avast Hacked – Hackers Gained Network Access Via Avast Own VPN With Compromised Credentials Leading Anti-Virus software maker Avast hacked by unknown cyber-espionage groups using compromised credentials and gained the internal network access over their own VPN in earlier March 2019. Avast is one of the well-known cybersecurity company that making various internet security software including Anti-virus, VPN, Endpoint Security, content filtering software for Microsoft Windows, macOS, Android, and iOS. Experts from Avast…
Winnti Hacker Group Uses New Malware to Hack Microsoft SQL Servers Winnti hacker group uses a new malware dubbed skip-2.0 to attack Microsoft SQL Servers and to gain persistence access. Winnti group believed to be operating from China and the group active at least from 2012 and responsible for high-profile supply-chain against Gaming studios and Software companies. ESET Security researchers discovered a new malware strain skip.2-0…
The Student’s Guide to Cyber Security – 9 Top Tips to Prevent Yourself From Hackers The rise of the Internet has brought tremendous benefits to people’s education. But, it also makes people targets to hackers and theft of sensitive information, which is why every student must learn about online cyber security at some point. These days, almost every student owns a smart device or a laptop. This immense use of…
Avast Foils Another CCleaner Attack 'Abiss' attackers used an older VPN profile to get into Avast's network and targeted its CCleaner utility.
Trend Micro Buys Cloud Conformity to Fight Cloud Competition The cloud security posture management startup was acquired for a reported $70 million.
Network Intruders Teamup With Ransomware Developers to Hack Corporate Networks Cyberattacks rapidly growing every day, it emerges as one of the biggest challenges for businesses. Network intruders and ransomware developer groups develop an alliance with each other to maximize the revenue with the ransomware market. They partnership together to attack the most secure and lucrative targets. AdvIntel report shows how the underground community developing multidimensional…
Critical Wi-Fi Bug In Linux Let Hackers Take Complete Control and Crash The System Remotely A newly discovered critical Wi-Fi vulnerability in Linux lets attackers compromise the system with the help of nearby Wi-Fi devices and crush the vulnerable machine. The vulnerability resides in the “rtlwifi” driver that mainly supports the Realtek Wi-Fi chips model used in Linux devices. By exploiting the vulnerability, the attacker will trigger the buffer overflow…
Authentication Bypass Vulnerability in Cisco REST API Let Hackers Take Control of Cisco Routers RemotelyCisco released a security update for critical Authentication Bypass vulnerability that resides in the Cisco REST API virtual service container for Cisco IOS XE Software allows a remote attacker to bypass the authentication in managed Cisco devices. Cisco IOS XE is an internetworking OS that mainly deployed in Cisco ARS 1000 series routers and Catalyst switches such…
Tor Weaponized to Steal BitcoinA years-long campaign targets users of Russian darknet markets with a modified install of a privacy-oriented browser.
In A Crowded Endpoint Security Market, Consolidation Is UnderwayExperts examine the drivers pushing today's endpoint security market to consolidate as its many players compete to meet organizations' changing demands and transition to the cloud.
500 Million UC Browser Android Users are Vulnerable to Man-in-the-Middle AttacksResearchers discovered various unusual activities in UC Browser for Android and it abusing the Google play policies and exposing more than 500 users to Man-in-the-Middle attacks. UC browser is the most popular browser in the Android platform with more than 500 million users and UC Browser Mini has 100 million downloads from the Google Play store…
Wi-Fi Bug in Millions of Amazon Echo and Kindle Devices Let Attackers Steal Sensitive DetailsThe KRACK attack was published by two Belgian researchers in October 2017. The attacks are based on the weaknesses in the WPA2 protocol used in modern Wi-Fi devices. The weakness can be exploited by the attackers using key reinstallation attacks if the victim resides within the network. Successful exploitation of the attack allows attackers to…
Phishing Campaign Targets Stripe Credentials, Financial DataAttackers make use of an old trick and evade detection by blocking users from viewing an embedded link when hovering over the URL.
State of SMB Insecurity by the NumbersSMBs still perceive themselves at low risk from cyberthreats - in spite of attack statistics that paint a different picture.
- Trend Micro Anti-Threat Toolkit could be used to run malware on Win PCs A vulnerability in the Trend Micro Anti-Threat Toolkit (ATTK) can be exploited by attackers to run malware on targets’ Windows systems. The security expert and bug-hunter John “hyp3rlinx” Page discovered an arbitrary code execution vulnerability, tracked as CVE-2019-9491, in the Trend Micro Anti-Threat Toolkit. Trend Micro ATTK allows analyzing malware issues and clean infections. It can…
- NordVPN, TorGuard, and VikingVPN VPN providers disclose security breaches NordVPN and TorGuard VPN firms were hacked, threat actors leaked the private keys used to secure their web servers and VPN configuration files. Hackers have breached the systems used by NordVPN and TorGuard VPN companies and leaked the private keys used to secure their web servers and VPN configuration files. The information belonging to the NordVPN company…
- Czech Police and Intelligence agency dismantled Russian Spy ring on its soil Czech police and intelligence services have identified a Russian espionage network operating having a nerve center in its Prague embassy. Czech police and intelligence services have dismantled a Russian espionage network operating that was operating via its Prague embassy. The officials were helped by peers at the National Organised Crime Centre (NCOZ). According to the…
- Winnti APT group uses skip-2.0 malware to control Microsoft SQL Servers Security experts have a new malware, dubbed skip-2.0 used by the China-linked APT group to establish a backdoor in Microsoft SQL Server systems. Security experts at ESET have discovered a new malware, dubbed skip-2.0, used by the Chinese Winnti cyberespionage group to gain persistence on Microsoft SQL Server systems. The Winnti group was first spotted by…
- Avast internal network breached for the second time by sophisticated hackers The popular security firm Avast disclosed today a security breach that impacted its internal network accessed via a compromised VPN profile. The security firm Avast disclosed today a security breach that impacted its internal network, according to a statement published by the company, the intent of the hackers was to carry out a supply chain…
- UK/US investigation revealed that Russian Turla APT masqueraded as Iranian hackers A joint UK and US investigation has revealed that the Russian cyber espionage group Turla carried out cyber attacks masqueraded as Iranian hackers. According to the Financial Times, a joint UK and US investigation revealed that Russia-linked cyberespionage group Turla conducted several cyber attacks in more than 35 countries masqueraded as Iranian hackers. The use…
- Hackers stole card details from BriansClub carding site BriansClub, one of the biggest a dark web “carding store,” which specializes in the sale of stolen payment card data, has been hacked. Hackers have breached BriansClub (BriansClub[.]at), one of the biggest black market sites, that specializes in the sale of stolen credit card data. According to the security experts Brian Krebs, who first reported…
- TA505 cybercrime group use SDBbot RAT in recent campaigns TA505 cybercrime group that operated the Dridex Trojan and Locky ransomware, has been using a new RAT dubbed SDBbot in recent attacks. Security experts at Proofpoint observed the notorious TA505 cybercrime group that has been using a new RAT dubbed SDBbot in recent attacks. The TA505 group, that is known to have operated both the Dridex and Locky malware families, continues…
- Security Affairs newsletter Round 236 A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. A new Mac malware dubbed Tarmac has been distributed via…
- US Army stopped using floppy disks as storage for SACCS system that manages nuclear weapons arsenal The news is quite curious, the US military will no longer use 8-inch floppy disks in an antiquated computer (SACCS) to manage nuclear weapons arsenal. It’s official, the US strategic command has announced that it has replaced the 8-inch floppy disks in an ancient computer to receive nuclear launch orders from the President with a…
- Fake UpdraftPlus WordPress Plugins used to backdoor sites Threat actors leverage malicious plugins that hide in plain sight to backdoor WordPress websites and to use them for brute-forcing other sites. The use of fake WordPress plugins installed by hackers is not a novelty, recently at Sucuri observed multiple infections aimed at installing fake plugins with backdoor capabilities. Attackers use automated tools to create malicious WordPress…
- A critical Linux Wi-Fi bug could be exploited to fully compromise systemsA researcher discovered a critical Linux vulnerability, tracked as CVE-2019-17666, that could be exploited to fully compromise vulnerable machines. Nico Waisman, principal security engineer at Github, discovered a critical Linux flaw, tracked as CVE-2019-17666, that could be exploited by attackers to fully compromise vulnerable machines. The vulnerability affects Linux versions through 5.3.6, according to the…
- Hundreds of millions of UC Browser Android Users Exposed to MiTM Attacks. Again.Over 600 million UC Browser and UC Browser Mini Android users have been exposed to man-in-the-middle (MiTM) attacks. More than 600 million users of the popular UC Browser and UC Browser Mini Android apps have been exposed to man-in-the-middle (MiTM) attacks by downloading an Android Package Kit (APK) from a third party server over unprotected channels.…
- Emsisoft released a free decryption tool for the STOP (Djvu) ransomwareEmsisoft firm has released a new free decryption tool the STOP (Djvu) ransomware, in the last months the research team helped victims of many other threats. STOP (Djvu) ransomware has 160 variants that infected more hundreds of thousands of victims worldwide. Experts estimated a total number of 460,000 victims, that makes this threat the most…
- Systems at Ingredients provider Ingredion infected with a MalwareThe US ingredient provider Ingredion Incorporated announced that it has recently detected suspicious activity associated with a malware attack. The US ingredient provider Ingredion Incorporated revealed to have detected an ongoing malware attack after its experts noticed a suspicious activity this week. Ingredion has hired third-party experts to help its staff in investigating the incident…
Safe Harbor on Cyber is a ‘safe harbor’ blog site on cyber security for families and small businesses with news on cyber threats, risk, data breach, identity thefts, ransomware, cryptocurrency, and vulnerabilities items.
This website offers valuable information and cyber threat incident alerts to protect, prevent, mitigate, respond, recover, and learn about Cybersecurity threats to your business and family. We provide
- Curated Cyber Security Information and News Feeds and Articles on Targeted Alerting
- Hints and Best Practices
- How To’s and DIYs
- Secure, Trusted Collaboration
- Cyber Threat and Defense News
- Cyber Resource Links for further learning experiences.
So that we the greater community to be better protected for you, your family, and business.
Under CyberWisdom, we deliver value curated new commentaties for your awareness in prevention and protection in cybersecurity, identity thefts, and cyber threats
:
- A consolidated, edited view of the latest cyber developments in order to help you perform your professional responsibilities (in the form of personalized dashboards and alerts).
- Valuable, unique physical + logical security advice, trends, and incidents.
- A rich library of personal cybersecurity best practices. Open source data feeds top cyber blogs and news.
- Relevant information feeds from US Federal agencies, leading security vendors and authentic cybersecurity experts.
- The ability to automatically report critical cyber incidents to the right corporate groups or government agency.
- Ability to integrate with corporate compliance and governance initiatives to help ensure incidents are appropriately managed and documented.
- Provide news feed commentaries to our sister sites cyberexpertize and wetalkeng.
- And much, much more…
Like this:
Like Loading...
