Daily Cyber Threats for Businesses and You
Safe Harbor on Cyber Daily News: A Must Read on Cybersecurity to meet your needs.
Welcome to the and enjoy reading our amazing and comprehensive Safe Harbor on the
Cyber news alert RSS feeds for your reading and gain the latest insight
Collection of Cyber News Alert Feeds
Click title link below for rendering original Articles on:
P2P Weakness Exposes Millions of IoT Devices A peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to eavesdropping, credential theft and remote compromise, new research has found.
Who’s Behind the RevCode WebMonitor RAT?The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT, a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.
Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking MalwareMarcus Hutchins, a 24-year-old blogger and malware researcher arrested in 2017 for allegedly authoring and selling malware designed to steal online banking credentials, has pleaded guilty to criminal charges of conspiracy and to making, selling or advertising illegal wiretapping devices.
Wipro Intruders Targeted Other Major IT FirmsThe criminals responsible for launching phishing campaigns that netted dozens of employees and more than 100 computer systems last month at Wipro, India's third-largest IT outsourcing firm, also appear to have targeted a number of other competing providers, including Infosys and Cognizant -- two other large technology consulting companies, new evidence suggests.
How Not to Acknowledge a Data BreachI'm not a huge fan of stories about stories, or those that explore the ins and outs of reporting a breach. But occasionally it seems necessary to publish such accounts when companies respond to a breach report in such a way that it's crystal clear that they wouldn't know what to do with a breach…
Experts: Breach at IT Outsourcing Giant WiproIndian information technology (IT) outsourcing and consulting giant Wipro [NYSE:WIT] is investigating reports from multiple security experts that Wipro's systems have been hacked and are being used to launch attacks against the company's customers, multiple sources tell KrebsOnSecurity. The company has refused to respond to questions about the alleged incident.
‘Land Lordz’ Service Powers Airbnb ScamsScammers who make a living swindling Airbnb.com customers have a powerful new tool at their disposal: A software-as-a-service offering called "Land Lordz," which helps automate the creation and management of fake Airbnb Web sites and the sending of messages to advertise the fraudulent listings.
Beapy Cryptojacking campaign leverages EternalBlue exploit to spread Security experts uncovered a new cryptojacking campaign tracked as Beapy that leverages the NSA’s DoublePulsar backdoor and the EternalBlue exploit. Security experts at Symantec have uncovered a new cryptojacking campaign tracked as Beapy that leverages the NSA’s DoublePulsar backdoor and the EternalBlue exploit to spread a cryptocurrency malware on enterprise networks in Asia. “Beapy is…
The strengths and weaknesses of different VPN protocols One in four internet users use a VPN regularly, but how much does the average user know about what goes on behind the software? Pulling back the curtain, a VPN runs on various VPN protocols that govern the way a VPN client communicates with a VPN server. Different protocols create different ways that connect your…
Special-Purpose Vehicle Maker Aebi Schmidt Hit by Malware The special-purpose vehicle maker Aebi Schmidt was hit by a malware attack that disrupted some of its operations. The Aebi Schmidt Group is a manufacturer of product systems and services for the management, cleaning and clearance of traffic areas as well as for the maintenance of green areas in demanding terrain. Aebi Schmidt focuses on…
Crooks abuse GitHub platform to host phishing kits Experts at Proofpoint discovered that free code repositories on GitHub have been abused since at least 2017 to host phishing websites. Researchers at Proofpoint reported that crooks are abusing free code repositories on GitHub to host phishing websites and bypass security defenses. Experts discovered that cybercriminals are abusing the GitHub service since at least mid-2017.…
Flaws in Social Warfare plugin actively exploited in the wild Experts uncovered hacking campaigns exploiting two critical security vulnerabilities in the popular WordPress plugin Social Warfare. Social Warfare is a popular ùWordPress plugin with more than 900,000 downloads, it allows to add social share buttons to a WordPress website. Experts uncovered hacking campaigns exploiting two critical security vulnerabilities in the Social Warfare plugin to take…
Britain ‘Approves’ Huawei role in building ‘non-core’ parts for 5G Network British Government has approved a limited role for Huawei in the building of a national 5G network in the country, ignoring security concerns from senior ministers According to The Daily Telegraph newspaper, British Prime Minister Theresa May decided to assign a limited role to Chinese telco giant Huawei in the building of a 5G network…
A flaw in Rockwell Controller allows attackers to redirect users to malicious Sites A serious flaw in some of Rockwell Automation’s MicroLogix and CompactLogix PLCs can be exploited by a remote attacker to redirect users to malicious websites. Some of Rockwell Automation’s MicroLogix and CompactLogix PLCs are affected by a serious vulnerability can be exploited by a remote attacker to redirect users to malicious websites. The vulnerabilyt was…
Zero-day vulnerability in Oracle WebLogic Security experts are warning of a dangerous zero-day remote code vulnerability that affects the Oracle WebLogic service platform. Oracle WebLogic wls9_async and wls-wsat components are affected by a deserialization remote command execution zero-day vulnerability. This zero-day flaw affects all Weblogic versions, including the latest one, that have the wls9_async_response.war and wls-wsat.war components enabled. Oracle WebLogic Server is a Java EE application…
Stuart City is the new victim of the Ryuk Ransomware Another city fell victim of a malware attack, systems at the city of Stuart, Fla., were infected by the Ryuk ransomware on April 13, 2018. Law enforcement is investigating a ransomware attack that hit the City of Stuart on April 13, 2018. The Ryuk malware infected several servers and forced them offline. “City officials on…
The Russian Shadow in Eastern Europe: Gamaredon ‘s Ukrainian MOD Campaign Security researchers at Yoroi-Cybaze ZLab uncovered a new campaign carried out by the Russian state-actor dubbed Gamaredon. Introduction Few days after the publication of our technical article related to the evidence of possible APT28 interference in the Ukrainian elections, we spotted another signal of a sneakier on-going operation. This campaign, instead, seems to be linked…
OilRig APT uses Karkoff malware along with DNSpionage in recent attacks Iran-linked OilRig cyberespionage group is using the reconnaissance malware Karkoff along with DNSpionage in recent campaigns.Iran-linked OilRig cyberespione group is using the reconnaissance malware Karkoff along with DNSpionage in recent campaigns. The OilRig APT group, the threat actor behind the DNSpionage malware campaign, is carrying out a new sophisticated and targeted operation that infects victims…
Kaspersky speculates the involvement of ShadowPad attackers in Operation ShadowHammer Experts at Kaspersky Lab linked the recent supply-chain attack targeted ASUS users to the “ShadowPad” threat actor and the CCleaner incident. Security researchers at Kaspersky Lab linked the recent supply-chain attack that hit ASUS users (tracked as Operation ShadowHammer) to the “ShadowPad” threat actor. Experts also linked the incident to the supply chain attack that…
Bodybuilding.com forces password reset after a security breach Bad news for fitness and bodybuilding passionates, the popular online retailer Bodybuilding.com announced that hackers have broken into its systems. The popular online retailer website Bodybuilding.com announced last week that hackers have broken into its systems. The website offers any kind of fitness articles, exercises, workouts, and supplements. The company confirmed it has no evidence…
FireEye experts found source code for CARBANAK malware on VirusTotalCybersecurity researchers from FireEye revealed that the Carbanak source code has been available on VirusTotal for two years, and none noticed it before. Researchers at FireEye discovered that the Carbanak source code has been available on VirusTotal for two years, but it was not noticed before. The Carbanak gang (aka FIN7, Anunak or Cobalt) stole over…
Targeted Attacks hit multiple embassies with Trojanized TeamViewerCheckPoint firm uncovered a cyber espionage campaign leveraging a weaponized version of TeamViewer to target officials in several embassies in Europe. Security experts at CheckPoint uncovered a cyber espionage campaign leveraging a weaponized version of TeamViewer and malware disguised as a top-secret US government document to target officials in several embassies in Europe. The targeted…
Emotet Malware’s New Evasion Technique Lets Hacked Device Used as Proxy command and control (C&C) servers A new wave of Emotet malware using a special type of evasion technique to fool the security software and hide the POST-infection traffic and evade the detection. Also it initially uses the hacked devices as proxy command and control (C&C) servers and redirects the traffic to the original C&C server that operating by threat actors.…
Accenture Facing Lawsuit to Repay $32M+ for Failing to Deliver the Project On Time – Poorly Written Code For Security Car rental Firm Hertz Corporation is suing to repay $32M and filed a Lawsuit against Accenture that failed to deliver the website redesign project on time. Hertz is one of the most familiar vehicle rental company that requires to redesign their website and begins the project in order to improve the customer experience on Hertz’s…
Hackers Abuse GitHub Service to Host Variety of Phishing Kits to Steal Login Credentials Hackers abuse popular code repositories service such as GitHub to host a variety of phishing domains to make their targets to believe it is through github.io domains. By using well-known services like Dropbox, Google Drive, Paypal, eBay, and Facebook, attackers able to bypass whitelists and network defenses. Proofpoint identified a range of malicious activities that…
Cyberattackers Focus on More Subtle Techniques Spam has given way to spear phishing, cryptojacking remains popular, and credential spraying is on the rise.
55% of SMBs Would Pay Up Post-Ransomware Attack The number gets even higher among larger SMBs.
Enterprise Trojan Detections Spike 200% in Q1 2019 Cybercriminals see greater ROI targeting businesses, which have been slammed with ransomware attacks and Trojans.
Microsoft Decided to Shut Down The Password Expiration Policy for Windows – It’s a Useless Policy Microsoft released a new announcement that they are preparing to stop the Password expiration policies for Windows which required users to periodically change their password. Password expiration policies are one of the windows Password security future that only prevent against the probability that a password (or hash) will be stolen. If the password is never…
Sensitive Data Lingers on Used Storage Drives Sold Online Four in 10 used hard drives sold on eBay found to contain sensitive information.
Regulations, Insider Threat Handicap Healthcare IT Security Healthcare IoT is expanding opportunities for hackers as the sector struggles to keep up security-wise.
Ramblings of a Recovering Academic on the So-Called Lack of Security Talent Hiring for security is difficult, as many surveys show. But what the research doesn't explain is the "why" - and a lack of talent may not be the sole reason.
Unpatched Oracle Web Logic Server Zero-day Let Hackers Executes Arbitrary Code Remotely & Gain Network Access New Zero-day flaw discovered in Oracle Web logic server let attackers exploit this vulnerability to remotely execute commands without authorization. An Oracle web Logic component wls9_async and wls-wsat trigger this deserialization remote command execution vulnerability and it affects all the Weblogic component wls9_async_response.war and wls-wsat.war enabled versions (including the current version). WebLogic Server is a Java EE application server…
Hackers Abuse Windows Installer MSI to Execute Malicious JavaScript, VBScript, PowerShell Scripts to Drop Malware Hackers use malicious MSI files that download and execute malicious files that could bypass traditional security solutions. The dropped malware is capable of initiating a system shutdown or targeting financial systems located in certain locations. Security researchers from TrendMicro discovered JScript/VBScript codes in several malicious *.msi files distributed through spam emails. The malicious JS code…
Hackers Behind DNSpionage Created a New Remote Admin Tool for C2 Server Communication Over HTTP and DNS Threat actors behind the new malware campaign DNSpionage created a new remote administrative tool that supports HTTP and DNS communication with C&C Server that operates by attackers. Based on a recent incident, the DNSpionage campaign which is developed and operates by APT 34 hacking group to perform MITM Attack to steal the authentication details through…
Chrome 74 Released with the Fix for 39 Security Vulnerabilities Chrome 74 released with a fix for numerous security Vulnerabilities and new features, the update available for Windows, Mac, and Linux desktop users. This update includes 39 security fixes, out of the 12 vulnerabilities discovered by external security researchers. The vulnerability reported by external security researchers includes 5 are high-risk vulnerabilities, 12 medium security severity…
Attackers Aren't Invincible & We Must Use That to Our Advantage The bad guys only seem infallible. Use their weaknesses to beat them.
Liam Watts admits hacking Cheshire Police and GMP websites Liam Watts after being jailed in 2017 following a bomb hoax at the Verve on Mersey Street. A TEENAGER has admitted hacking Cheshire Police and Greater Manchester Police’s websites in a revenge attack after he was jailed for a bomb hoax. Liam Watts, previously of Grange Avenue in Latchford, was handed eight months behind bars…
Xi pledges Belt and Road reboot amid rising 'debt trap' concerns 'We need to ensure the fiscal and commercial suitability of all projects' BEIJING -- Standing before 37 world leaders and thousands of delegates in a cavernous Beijing hall, Chinese President Xi Jinping pledged to reboot his country's flagship Belt and Road initiative. In a bid to assuage concerns that the massive infrastructure plan was sinking…
Samoan church implicated in cryptocurrency scam At least one Samoan church has been implicated in a global multi-billion dollar cryptocurrency scheme authorities say is a fraudulent scam. The Central Bank of Samoa in the capital Apia. Photo: RNZI/ Koroi Hawkins Samoa's Central Bank on Thursday named the Samoa Worship Centre as one of two churches which may have been used as…
How social media is helping white supremacist movements 
Nike’s Surprise Crypto Play Could Steal Facebook’s Thunder 
Britain’s Huawei gamble is sure to anger Donald Trump Just hours after Donald Trump’s long-delayed state visit to Britain was finally confirmed, reports surfaced that Theresa May and her National Security Council have decided to let Chinese telecommunications company Huawei participate in building Britain’s 5G network. The decision is a direct slap in the face to Washington’s attempts to isolate Huawei, which itself is part…
Over 500% Increase in Ransomware Attacks Against Businesses Apple Updates XProtect to Block 'Windows' Malware on Macs Windows 10 May 2019 Update to Be Blocked If Using USB Drives Windows 10 Version 1903 Drops Password Expiration Policies Qbot Malware Dropped via Context-Aware Phishing Campaign EternalBlue Exploit Serves Beapy Cryptojacking Campaign TA505 Spear Phishing Campaign Uses LOLBins to Avoid Detection French Users of Microsoft…
Barclays Bank employees on DCI's radar after Ksh.14M... 
Yelp’s “Accepts Cryptocurrency” tag could be a win for mass adoption 
- Hackers Behind DNSpionage Created a New Remote Admin Tool for C2 Server Communication Over HTTP and DNS Threat actors behind the new malware campaign DNSpionage created a new remote administrative tool that supports HTTP and DNS communication with C&C Server that operates by attackers.
Binance Singapore Launches But Offers Just One Trading Pair, Report Users of Binance’s new Singapore platform are reportedly only able to purchase bitcoin using Singapore dollars during the “soft launch.
Brazilian Police Arrest Suspect for Money Laundering With Bitcoin Brazilian police have arrested a man for operating a clandestine drug laboratory and money laundering using the leading cryptocurrency bitcoin.
Bitcoin Accounts for 95% of Cryptocurrency Crime, Says Analyst Beginning of dialog window. Escape will cancel and close the window. Despite the proliferation of more than 2000 cryptocurrencies, including harder-to-track privacy coins, the overwhelming majority of criminals still prefer Bitcoin for illicit activity. “Bitcoin is by far the favorite,” Jonathan Levin, co-founder and COO of Chainalysis, tells Fortune on the latest episode of “Balancing…
NSA Recommends Dropping Phone-Surveillance Program The National Security Agency has recommended that the White House abandon a surveillance program that collects information about U.S. phone calls and text messages, saying the logistical and legal burdens of keeping it outweigh its intelligence benefits, according to people familiar with the matter.
Tron CEO Justin Sun Hints at Partnership With Liverpool FC, Liverpool Denies 
- Beapy Cryptojacking campaign leverages EternalBlue exploit to spread Security experts uncovered a new cryptojacking campaign tracked as Beapy that leverages the NSA’s DoublePulsar backdoor and the EternalBlue exploit. Security experts at Symantec have uncovered a new cryptojacking campaign tracked as Beapy that leverages the NSA’s DoublePulsar backdoor and the EternalBlue exploit to spread a cryptocurrency malware on enterprise networks in Asia. “Beapy is…
- The strengths and weaknesses of different VPN protocols One in four internet users use a VPN regularly, but how much does the average user know about what goes on behind the software? Pulling back the curtain, a VPN runs on various VPN protocols that govern the way a VPN client communicates with a VPN server. Different protocols create different ways that connect your…
- Special-Purpose Vehicle Maker Aebi Schmidt Hit by Malware The special-purpose vehicle maker Aebi Schmidt was hit by a malware attack that disrupted some of its operations. The Aebi Schmidt Group is a manufacturer of product systems and services for the management, cleaning and clearance of traffic areas as well as for the maintenance of green areas in demanding terrain. Aebi Schmidt focuses on…
- Crooks abuse GitHub platform to host phishing kits Experts at Proofpoint discovered that free code repositories on GitHub have been abused since at least 2017 to host phishing websites. Researchers at Proofpoint reported that crooks are abusing free code repositories on GitHub to host phishing websites and bypass security defenses. Experts discovered that cybercriminals are abusing the GitHub service since at least mid-2017.…
- Flaws in Social Warfare plugin actively exploited in the wild Experts uncovered hacking campaigns exploiting two critical security vulnerabilities in the popular WordPress plugin Social Warfare. Social Warfare is a popular ùWordPress plugin with more than 900,000 downloads, it allows to add social share buttons to a WordPress website. Experts uncovered hacking campaigns exploiting two critical security vulnerabilities in the Social Warfare plugin to take…
- Britain ‘Approves’ Huawei role in building ‘non-core’ parts for 5G Network British Government has approved a limited role for Huawei in the building of a national 5G network in the country, ignoring security concerns from senior ministers According to The Daily Telegraph newspaper, British Prime Minister Theresa May decided to assign a limited role to Chinese telco giant Huawei in the building of a 5G network…
- A flaw in Rockwell Controller allows attackers to redirect users to malicious Sites A serious flaw in some of Rockwell Automation’s MicroLogix and CompactLogix PLCs can be exploited by a remote attacker to redirect users to malicious websites. Some of Rockwell Automation’s MicroLogix and CompactLogix PLCs are affected by a serious vulnerability can be exploited by a remote attacker to redirect users to malicious websites. The vulnerabilyt was…
- Zero-day vulnerability in Oracle WebLogic Security experts are warning of a dangerous zero-day remote code vulnerability that affects the Oracle WebLogic service platform. Oracle WebLogic wls9_async and wls-wsat components are affected by a deserialization remote command execution zero-day vulnerability. This zero-day flaw affects all Weblogic versions, including the latest one, that have the wls9_async_response.war and wls-wsat.war components enabled. Oracle WebLogic Server is a Java EE application…
- Stuart City is the new victim of the Ryuk Ransomware Another city fell victim of a malware attack, systems at the city of Stuart, Fla., were infected by the Ryuk ransomware on April 13, 2018. Law enforcement is investigating a ransomware attack that hit the City of Stuart on April 13, 2018. The Ryuk malware infected several servers and forced them offline. “City officials on…
- The Russian Shadow in Eastern Europe: Gamaredon ‘s Ukrainian MOD Campaign Security researchers at Yoroi-Cybaze ZLab uncovered a new campaign carried out by the Russian state-actor dubbed Gamaredon. Introduction Few days after the publication of our technical article related to the evidence of possible APT28 interference in the Ukrainian elections, we spotted another signal of a sneakier on-going operation. This campaign, instead, seems to be linked…
- OilRig APT uses Karkoff malware along with DNSpionage in recent attacks Iran-linked OilRig cyberespionage group is using the reconnaissance malware Karkoff along with DNSpionage in recent campaigns.Iran-linked OilRig cyberespione group is using the reconnaissance malware Karkoff along with DNSpionage in recent campaigns. The OilRig APT group, the threat actor behind the DNSpionage malware campaign, is carrying out a new sophisticated and targeted operation that infects victims…
- Kaspersky speculates the involvement of ShadowPad attackers in Operation ShadowHammer Experts at Kaspersky Lab linked the recent supply-chain attack targeted ASUS users to the “ShadowPad” threat actor and the CCleaner incident. Security researchers at Kaspersky Lab linked the recent supply-chain attack that hit ASUS users (tracked as Operation ShadowHammer) to the “ShadowPad” threat actor. Experts also linked the incident to the supply chain attack that…
- Bodybuilding.com forces password reset after a security breach Bad news for fitness and bodybuilding passionates, the popular online retailer Bodybuilding.com announced that hackers have broken into its systems. The popular online retailer website Bodybuilding.com announced last week that hackers have broken into its systems. The website offers any kind of fitness articles, exercises, workouts, and supplements. The company confirmed it has no evidence…
- FireEye experts found source code for CARBANAK malware on VirusTotalCybersecurity researchers from FireEye revealed that the Carbanak source code has been available on VirusTotal for two years, and none noticed it before. Researchers at FireEye discovered that the Carbanak source code has been available on VirusTotal for two years, but it was not noticed before. The Carbanak gang (aka FIN7, Anunak or Cobalt) stole over…
- Targeted Attacks hit multiple embassies with Trojanized TeamViewerCheckPoint firm uncovered a cyber espionage campaign leveraging a weaponized version of TeamViewer to target officials in several embassies in Europe. Security experts at CheckPoint uncovered a cyber espionage campaign leveraging a weaponized version of TeamViewer and malware disguised as a top-secret US government document to target officials in several embassies in Europe. The targeted…
Safe Harbor on Cyber is a ‘safe harbor’ blog site on cyber security for families and small businesses with news on cyber threats, risk, data breach, identity thefts, ransomware, cryptocurrency, and vulnerabilities items.
This website offers valuable information and cyber threat incident alerts to protect, prevent, mitigate, respond, recover, and learn about Cybersecurity threats to your business and family. We provide
- Curated Cyber Security Information and News Feeds and Articles on Targeted Alerting
- Hints and Best Practices
- How To’s and DIYs
- Secure, Trusted Collaboration
- Cyber Threat and Defense News
- Cyber Resource Links for further learning experiences.
So that we the greater community to be better protected for you, your family, and business.
Under CyberWisdom, we deliver value curated new commentaties for your awareness in prevention and protection in cybersecurity, identity thefts, and cyber threats
:
- A consolidated, edited view of the latest cyber developments in order to help you perform your professional responsibilities (in the form of personalized dashboards and alerts).
- Valuable, unique physical + logical security advice, trends, and incidents.
- A rich library of personal cybersecurity best practices. Open source data feeds top cyber blogs and news.
- Relevant information feeds from US Federal agencies, leading security vendors and authentic cybersecurity experts.
- The ability to automatically report critical cyber incidents to the right corporate groups or government agency.
- Ability to integrate with corporate compliance and governance initiatives to help ensure incidents are appropriately managed and documented.
- Provide news feed commentaries to our sister sites cyberexpertize and wetalkeng.
- And much, much more…
Like this:
Like Loading...