Daily Cyber Threats for Businesses and You
Safe Harbor on Cyber Daily News: A Must Read on Cybersecurity to meet your needs.
Welcome to the and enjoy reading our amazing and comprehensive Safe Harbor on the
Cyber news alert RSS feeds for your reading and gain the latest insight
Collection of Cyber News Alert Feeds
Click title link below for rendering original Articles on:
Orcus RAT Author Charged in Malware Scheme In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT, a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.
Patch Tuesday, November 2019 EditionMicrosoft today released updates to plug security holes in its software, including patches to fix at least 74 weaknesses in various flavors of Windows and in software that runs on top of it. The November updates include patches for a zero-day flaw in Internet Explorer that is currently being exploited in the wild, as well…
Retailer Orvis.com Leaked Hundreds of Internal Passwords on PastebinOrvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers, KrebsOnSecurity has learned. Orvis says the exposure was inadvertent, and…
Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart AttacksHospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits. Health industry experts say the findings should prompt a larger review of how security --…
NCR Barred Mint, QuickBooks from Banking Platform During Account Takeover StormBanking industry giant NCR Corp. [NYSE: NCR] late last month took the unusual step of temporarily blocking third-party financial data aggregators Mint and QuicBooks Online from accessing Digital Insight, an online banking platform used by hundreds of financial institutions. That ban, which came in response to a series of bank account takeovers in which cybercriminals used…
DDoS-for-Hire Services operator sentenced to 13 months in prison Sergiy P. , the administrator of DDoS-for-hire services was sentenced to 13 months in prison, and additional three years of supervised release. Sergiy P. Usatyuk, a man that was operating several DDoS-for-hire services was sentenced to 13 months in prison, and additional three years of supervised release. DDoS-for-hire services, aka stressers or booters, allows crooks…
Two men arrested for stealing $550,000 in cryptocurrency with Sim Swapping On Thursday, US authorities arrested two crooks charging them with stealing $550,000 in cryptocurrency from at least 10 victims using SIM swapping. American law enforcement has declared war to sim swapping scammers and announced the arrest of two individuals for stealing $550,000 in Cryptocurrency. The suspects stole the funds from at least 10 victims using…
The Australian Parliament was hacked earlier this year The computer network of Australian Parliament was hacked earlier this year, and hackers exfiltrated data from the computers of several elected officials. According to the Australian Broadcasting Corp (ABC), earlier this year hackers penetrated the computer network of Australian Parliament and stole data from the computers of several elected officials. The attack took place on…
New TA2101 threat actor poses as government agencies to distribute malware A new threat actor tracked as TA2101 is conducting malware campaigns using email to impersonate government agencies in the United States, Germany, and Italy. A new threat actor, tracked as TA2101, is using email to impersonate government agencies in the United States, Germany, and Italy to multiple families of malware, deliver ransomware, and banking Trojans. The…
A new sophisticated JavaScript Skimmer dubbed Pipka used in the wild Visa Payment Fraud Disruption warns of a new JavaScript skimmer dubbed Pipka used to siphon payment data from e-commerce merchant websites. Visa Payment Fraud Disruption warns of a new JavaScript skimmer dubbed Pipka that was used by crooks to steal payment data from e-commerce merchant websites. Experts discovered the Pipka while investigating an e-commerce website…
Experts found privilege escalation issue in Symantec Endpoint Protection Symantec addressed a local privilege escalation flaw that affects all Symantec Endpoint Protection client versions prior to 14.2 RU2. Symantec addressed a local privilege escalation flaw, tracked as CVE-2019-12758, that affects all Symantec Endpoint Protection client versions prior to 14.2 RU2. The vulnerability could be exploited by attackers to escalate privileges on target devices and carry out malicious actions, including the…
Flaws in Qualcomm chips allows stealing private from devices Security vulnerabilities in Qualcomm allow attackers to steal private data from hundreds of million millions of devices, especially Android smartphones. Security experts from Check Point have discovered security flaws in Qualcomm that could be exploited attackers to steal private data from the so-called TrustZone. The TrustZone is a security extension integrated by ARM into the…
Tracking Iran-linked APT33 group via its own VPN networks APT33, the Iran-linked APT group, has been using multiple layers of obfuscation to run a dozen live C2 servers for extremely targeted attacks. APT33, the Iran-linked APT group, has been using multiple layers of obfuscation to run a dozen live C2 servers involved in extremely targeted malware attacks. The targeted malware campaigns aimed at organizations…
Canadian intelligence agencies CSE and CSIS are divided on Huawei 5G ban The Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment (CSE) are divided over the ban of Huawei 5G technology. The Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment (CSE) agencies are divided over the ban of Huawei 5G technology. Canada, along with the US, the UK, New Zealand, and Australia formed…
CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking McAfee a vulnerability in its antivirus software that could allow an attacker to escalate privileges and execute code with SYSTEM privileges. Security experts at SafeBreach have discovered a vulnerability in McAfee antivirus software tracked as CVE-2019-3648 that could allow an attacker with Administrator privileges to escalate privileges and execute code with SYSTEM privileges. The flaw…
A flaw in PMx Driver can give hackers full access to a device Eclypsium experts found a vulnerability affecting the popular PMx Driver Intel driver that can give malicious actors deep access to a device. In August, Eclypsium researchers found multiple serious vulnerabilities in more than 40 device drivers from tens of vendors, including AMI, ASRock, ASUS, ATI, Biostar, EVGA, Getac, Gigabyte, Huawei, Insyde, Intel, MSI, NVIDIA, Phoenix Technologies, Realtek,…
New TSX Speculative Attack allows stealing sensitive data from latest Intel CPUs ZombieLoad 2, aka TSX Asynchronous Abort, is a new flaw that affects the latest Intel CPUs that could be exploited to launch TSX Speculative attack. ZombieLoad 2, aka TSX Asynchronous Abort, is a new vulnerability tracked as CVE-2019-11135 that affects the latest Intel CPUs that could be exploited to launch TSX Speculative attack. The flaw…
Adobe patch Tuesday updates addressed critical flaws in Media Encoder and Illustrator products Adobe patch Tuesday updates addressed a total of 11 vulnerabilities affecting its Animate, Illustrator, Media Encoder and Bridge products. Adobe patch Tuesday updates addressed a total of 11 flaws affecting its Animate, Illustrator, Media Encoder and Bridge products. “Adobe has published security bulletins for Adobe Animate CC (APSB19-34), Adobe Illustrator CC (APSB19-36), Adobe Media Encoder…
Russian man Aleksei Burkov extradited for running online criminal marketplace Aleksei Burkov is a Russian accused of being involved in more than $20 million in credit-card frauds, has been extradited to the US to face criminal charges. Aleksei Burkov (29) is a Russian man accused of running an online criminal marketplace, called Cardplanet, that helped crooks to organize more than $20 million in credit card…
Microsoft Patch Tuesday updates fix CVE-2019-1429 flaw exploited in the wild Microsoft’s Patch Tuesday updates for November 2019 address over 70 flaws, including an Internet Explorer issue (CVE-2019-1429) that has been exploited in attacks in the wild. Microsoft’s Patch Tuesday updates for November 2019 address 74 flaws, including an Internet Explorer vulnerability, tracked as CVE-2019-1429, that has been exploited in the wild. Microsoft doesn’t provide any…
New Hacking Group Using Metasploit To Install Backdoor Malware On Windows By Exploiting MS Office Researchers detect a wave of malware campaigns from a new hacking group named TA2101 that targeting various organizations in German and Italy to deploy the backdoor malware in their network. Threat actors from this new hacking group using legitimate and licensed penetration testing tools and backdoor framework such as Cobalt Strike and Metasploit to perform…
Vulnerability in Qualcomm Chip Let Hackers Steal Sensitive Data From Android Devices A vulnerability in Qualcomm’s Secure Execution Environment(QSEE) implementation of the Trusted Execution Environment(TEE) used in a number of devices especially in Android devices lets attackers to steal sensitive data from the isolated secure area of the processor. Qualcomm implementation used in number of devices such as Pixel, LG, Xiaomi, Sony, HTC, OnePlus, Samsung. The trusted…
APT33 Hackers Launching Malware via Obfuscated C2 Server to Hack Organizations in the Middle East, the U.S., and Asia Researchers uncovered a new wave of a targeted cyberattack against the organizations in the Middle East, the U.S., and Asia using an obfuscated Malware with dozen live Command and Control (C&C) botnet servers. A Well-known threat group is known as APT33 behind the attack, and the group has a record of aggressively attack the oil aviation, governments,…
Privacy Guide to Choosing The Best VPN Free Trial To Maintain Your Anonymity – 2019 Which VPN Free Trial Is the Best? Every time you access the internet, whether through your home computer or while you’re sitting at a coffee shop with your phone or another device in hand, there’s a possibility that an outsider might be peeking into your online activity. It doesn’t matter if it’s a hacker, a…
Capture the Flag Planned to Find Missing Persons Information The competition, launched by SANS and Trace Labs, will put to use open source information in search of new clues.
Attacks on Healthcare Jump 60% in 2019 - So Far Well-known Trojans Emotet and Trickbot are cybercriminals' favorite weapons in their campaigns.
5 Cybersecurity CISO Priorities for the Future Seven chief information security officers share their pain points and two-year spending plans.
US-CERT Warns of Remotely Exploitable Bugs in Medical Devices Vulnerabilities in key surgical equipment could be remotely exploited by a low-skill attacker.
Multiple Vulnerabilities Discovered in WordPress Email Subscribers & Newsletters Plugin that has 100,000+ Installs The Email Subscribers & Newsletters is a WordPress newsletter plugin used to send post notifications, send broadcasts. It can be integrated with Mailchimp and the plugin has more than 100,000+ active installs. Wordfence Threat Intelligence team has discovered multiple vulnerabilities in the plugin that allows attackers to launch various attacks targeting vulnerable installations. Vulnerabilities Detected…
PureLocker Ransomware Attack Enterprise Production Servers and Encrypt Files in Windows, Linux, & macOS Researchers discovered a new PureLocker Ransomware that capable of encrypting files in Windows, Linux, and macOS. The ransomware used by threat actors to perform a targeted attack against production servers of the enterprise networks. Code reuse analysis against Purelocker reveals that the ransomware related to the “more_eggs”, a backdoor malware often used by Cobalt Gang, FIN6…
The Ripple Effect of Data Breaches: How Damage Spreads The financial loss from so-called 'ripple events' is thirteen times greater than the cost of single-party security incidents.
Cardplanet Operator Extradited for Facilitating Credit Card Fraud Russian national Aleksei Burkov is charged with wire fraud, access device fraud, and conspiracy to commit identity theft, among other crimes.
Telegram MTProxy Used to Launch DDoS Attack Against Cloud Service Provider Arvan – Peaks Up to 5,000 Requests Per Second An Iranian based Cloud Infrastructure provider Arvan experienced a DDoS attack that peaks up to 5,000 Requests Per Second via Telegram MTProxy. The attack started on November 6 and lasts for 3 days. The MTProxy was used by Telegram to bypass the Iranian filtering system as the Telegram banned in Iran. Several users started using…
Vulnerability in McAfee Antivirus Software Let Hackers Execute an Arbitrary Code & Escalates System Privilege McAfee patched a Privilege Escalation vulnerability in Microsoft Windows client versions of all McAfee Antivirus versions that allow administrators to execute arbitrary code and escalate to SYSTEM privileges. The system account is the internal account used by the Windows operating system to manage the services that run under Windows. The vulnerability affects Microsoft Windows client…
Microsoft Fixed 74 Bugs Including IE Zero-day That Allow Hackers to Execute Arbitrary Code Remotely in Windows PCMicrosoft released a security update for November 2019 under patch Tuesday and fixed 74 security vulnerabilities that affected various Microsoft products. Out of 74 vulnerabilities, 13 are marked as “Critical” severity, 61 vulnerabilities categorized as “Important” severity. The November security release consists of security updates for the following software: Microsoft Windows Internet Explorer Microsoft Edge (EdgeHTML-based)…
- DDoS-for-Hire Services operator sentenced to 13 months in prison Sergiy P. , the administrator of DDoS-for-hire services was sentenced to 13 months in prison, and additional three years of supervised release. Sergiy P. Usatyuk, a man that was operating several DDoS-for-hire services was sentenced to 13 months in prison, and additional three years of supervised release. DDoS-for-hire services, aka stressers or booters, allows crooks…
- Two men arrested for stealing $550,000 in cryptocurrency with Sim Swapping On Thursday, US authorities arrested two crooks charging them with stealing $550,000 in cryptocurrency from at least 10 victims using SIM swapping. American law enforcement has declared war to sim swapping scammers and announced the arrest of two individuals for stealing $550,000 in Cryptocurrency. The suspects stole the funds from at least 10 victims using…
- The Australian Parliament was hacked earlier this year The computer network of Australian Parliament was hacked earlier this year, and hackers exfiltrated data from the computers of several elected officials. According to the Australian Broadcasting Corp (ABC), earlier this year hackers penetrated the computer network of Australian Parliament and stole data from the computers of several elected officials. The attack took place on…
- New TA2101 threat actor poses as government agencies to distribute malware A new threat actor tracked as TA2101 is conducting malware campaigns using email to impersonate government agencies in the United States, Germany, and Italy. A new threat actor, tracked as TA2101, is using email to impersonate government agencies in the United States, Germany, and Italy to multiple families of malware, deliver ransomware, and banking Trojans. The…
- A new sophisticated JavaScript Skimmer dubbed Pipka used in the wild Visa Payment Fraud Disruption warns of a new JavaScript skimmer dubbed Pipka used to siphon payment data from e-commerce merchant websites. Visa Payment Fraud Disruption warns of a new JavaScript skimmer dubbed Pipka that was used by crooks to steal payment data from e-commerce merchant websites. Experts discovered the Pipka while investigating an e-commerce website…
- Experts found privilege escalation issue in Symantec Endpoint Protection Symantec addressed a local privilege escalation flaw that affects all Symantec Endpoint Protection client versions prior to 14.2 RU2. Symantec addressed a local privilege escalation flaw, tracked as CVE-2019-12758, that affects all Symantec Endpoint Protection client versions prior to 14.2 RU2. The vulnerability could be exploited by attackers to escalate privileges on target devices and carry out malicious actions, including the…
- Flaws in Qualcomm chips allows stealing private from devices Security vulnerabilities in Qualcomm allow attackers to steal private data from hundreds of million millions of devices, especially Android smartphones. Security experts from Check Point have discovered security flaws in Qualcomm that could be exploited attackers to steal private data from the so-called TrustZone. The TrustZone is a security extension integrated by ARM into the…
- Tracking Iran-linked APT33 group via its own VPN networks APT33, the Iran-linked APT group, has been using multiple layers of obfuscation to run a dozen live C2 servers for extremely targeted attacks. APT33, the Iran-linked APT group, has been using multiple layers of obfuscation to run a dozen live C2 servers involved in extremely targeted malware attacks. The targeted malware campaigns aimed at organizations…
- Canadian intelligence agencies CSE and CSIS are divided on Huawei 5G ban The Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment (CSE) are divided over the ban of Huawei 5G technology. The Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment (CSE) agencies are divided over the ban of Huawei 5G technology. Canada, along with the US, the UK, New Zealand, and Australia formed…
- CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking McAfee a vulnerability in its antivirus software that could allow an attacker to escalate privileges and execute code with SYSTEM privileges. Security experts at SafeBreach have discovered a vulnerability in McAfee antivirus software tracked as CVE-2019-3648 that could allow an attacker with Administrator privileges to escalate privileges and execute code with SYSTEM privileges. The flaw…
- A flaw in PMx Driver can give hackers full access to a device Eclypsium experts found a vulnerability affecting the popular PMx Driver Intel driver that can give malicious actors deep access to a device. In August, Eclypsium researchers found multiple serious vulnerabilities in more than 40 device drivers from tens of vendors, including AMI, ASRock, ASUS, ATI, Biostar, EVGA, Getac, Gigabyte, Huawei, Insyde, Intel, MSI, NVIDIA, Phoenix Technologies, Realtek,…
- New TSX Speculative Attack allows stealing sensitive data from latest Intel CPUs ZombieLoad 2, aka TSX Asynchronous Abort, is a new flaw that affects the latest Intel CPUs that could be exploited to launch TSX Speculative attack. ZombieLoad 2, aka TSX Asynchronous Abort, is a new vulnerability tracked as CVE-2019-11135 that affects the latest Intel CPUs that could be exploited to launch TSX Speculative attack. The flaw…
- Adobe patch Tuesday updates addressed critical flaws in Media Encoder and Illustrator products Adobe patch Tuesday updates addressed a total of 11 vulnerabilities affecting its Animate, Illustrator, Media Encoder and Bridge products. Adobe patch Tuesday updates addressed a total of 11 flaws affecting its Animate, Illustrator, Media Encoder and Bridge products. “Adobe has published security bulletins for Adobe Animate CC (APSB19-34), Adobe Illustrator CC (APSB19-36), Adobe Media Encoder…
- Russian man Aleksei Burkov extradited for running online criminal marketplace Aleksei Burkov is a Russian accused of being involved in more than $20 million in credit-card frauds, has been extradited to the US to face criminal charges. Aleksei Burkov (29) is a Russian man accused of running an online criminal marketplace, called Cardplanet, that helped crooks to organize more than $20 million in credit card…
- Microsoft Patch Tuesday updates fix CVE-2019-1429 flaw exploited in the wild Microsoft’s Patch Tuesday updates for November 2019 address over 70 flaws, including an Internet Explorer issue (CVE-2019-1429) that has been exploited in attacks in the wild. Microsoft’s Patch Tuesday updates for November 2019 address 74 flaws, including an Internet Explorer vulnerability, tracked as CVE-2019-1429, that has been exploited in the wild. Microsoft doesn’t provide any…
Safe Harbor on Cyber is a ‘safe harbor’ blog site on cyber security for families and small businesses with news on cyber threats, risk, data breach, identity thefts, ransomware, cryptocurrency, and vulnerabilities items.
This website offers valuable information and cyber threat incident alerts to protect, prevent, mitigate, respond, recover, and learn about Cybersecurity threats to your business and family. We provide
- Curated Cyber Security Information and News Feeds and Articles on Targeted Alerting
- Hints and Best Practices
- How To’s and DIYs
- Secure, Trusted Collaboration
- Cyber Threat and Defense News
- Cyber Resource Links for further learning experiences.
So that we the greater community to be better protected for you, your family, and business.
Under CyberWisdom, we deliver value curated new commentaties for your awareness in prevention and protection in cybersecurity, identity thefts, and cyber threats
:
- A consolidated, edited view of the latest cyber developments in order to help you perform your professional responsibilities (in the form of personalized dashboards and alerts).
- Valuable, unique physical + logical security advice, trends, and incidents.
- A rich library of personal cybersecurity best practices. Open source data feeds top cyber blogs and news.
- Relevant information feeds from US Federal agencies, leading security vendors and authentic cybersecurity experts.
- The ability to automatically report critical cyber incidents to the right corporate groups or government agency.
- Ability to integrate with corporate compliance and governance initiatives to help ensure incidents are appropriately managed and documented.
- Provide news feed commentaries to our sister sites cyberexpertize and wetalkeng.
- And much, much more…
Like this:
Like Loading...