Daily Cyber Threats for Businesses and You
Safe Harbor on Cyber Daily News: A Must Read on Cybersecurity to meet your needs.
Welcome to the and enjoy reading our amazing and comprehensive Safe Harbor on the
Cyber news alert RSS feeds for your reading and gain the latest insight
Collection of Cyber News Alert Feeds
Click title link below for rendering original Articles on:
Who’s Behind the RevCode WebMonitor RAT? The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT, a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.
Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking MalwareMarcus Hutchins, a 24-year-old blogger and malware researcher arrested in 2017 for allegedly authoring and selling malware designed to steal online banking credentials, has pleaded guilty to criminal charges of conspiracy and to making, selling or advertising illegal wiretapping devices.
Wipro Intruders Targeted Other Major IT FirmsThe criminals responsible for launching phishing campaigns that netted dozens of employees and more than 100 computer systems last month at Wipro, India's third-largest IT outsourcing firm, also appear to have targeted a number of other competing providers, including Infosys and Cognizant -- two other large technology consulting companies, new evidence suggests.
How Not to Acknowledge a Data BreachI'm not a huge fan of stories about stories, or those that explore the ins and outs of reporting a breach. But occasionally it seems necessary to publish such accounts when companies respond to a breach report in such a way that it's crystal clear that they wouldn't know what to do with a breach…
Experts: Breach at IT Outsourcing Giant WiproIndian information technology (IT) outsourcing and consulting giant Wipro [NYSE:WIT] is investigating reports from multiple security experts that Wipro's systems have been hacked and are being used to launch attacks against the company's customers, multiple sources tell KrebsOnSecurity. The company has refused to respond to questions about the alleged incident.
‘Land Lordz’ Service Powers Airbnb ScamsScammers who make a living swindling Airbnb.com customers have a powerful new tool at their disposal: A software-as-a-service offering called "Land Lordz," which helps automate the creation and management of fake Airbnb Web sites and the sending of messages to advertise the fraudulent listings.
Android 7.0+ Phones Can Now Double as Google Security KeysGoogle this week made it easier for Android users to enable strong 2-factor authentication (2FA) when logging into Google's various services. The company announced that all phones running Android 7.0 and higher can now be used as Security Keys, an additional authentication layer that helps thwart phishing sites and password theft.
Zero-day vulnerability in Oracle WebLogic Security experts are warning of a dangerous zero-day remote code vulnerability that affects the Oracle WebLogic service platform. Oracle WebLogic wls9_async and wls-wsat components are affected by a deserialization remote command execution zero-day vulnerability. This zero-day flaw affects all Weblogic versions, including the latest one, that have the wls9_async_response.war and wls-wsat.war components enabled. Oracle WebLogic Server is a Java EE application…
Stuart City is the new victim of the Ryuk Ransomware Another city fell victim of a malware attack, systems at the city of Stuart, Fla., were infected by the Ryuk ransomware on April 13, 2018. Law enforcement is investigating a ransomware attack that hit the City of Stuart on April 13, 2018. The Ryuk malware infected several servers and forced them offline. “City officials on…
The Russian Shadow in Eastern Europe: Gamaredon ‘s Ukrainian MOD Campaign Security researchers at Yoroi-Cybaze ZLab uncovered a new campaign carried out by the Russian state-actor dubbed Gamaredon. Introduction Few days after the publication of our technical article related to the evidence of possible APT28 interference in the Ukrainian elections, we spotted another signal of a sneakier on-going operation. This campaign, instead, seems to be linked…
OilRig APT uses Karkoff malware along with DNSpionage in recent attacks Iran-linked OilRig cyberespionage group is using the reconnaissance malware Karkoff along with DNSpionage in recent campaigns.Iran-linked OilRig cyberespione group is using the reconnaissance malware Karkoff along with DNSpionage in recent campaigns. The OilRig APT group, the threat actor behind the DNSpionage malware campaign, is carrying out a new sophisticated and targeted operation that infects victims…
Kaspersky speculates the involvement of ShadowPad attackers in Operation ShadowHammer Experts at Kaspersky Lab linked the recent supply-chain attack targeted ASUS users to the “ShadowPad” threat actor and the CCleaner incident. Security researchers at Kaspersky Lab linked the recent supply-chain attack that hit ASUS users (tracked as Operation ShadowHammer) to the “ShadowPad” threat actor. Experts also linked the incident to the supply chain attack that…
Bodybuilding.com forces password reset after a security breach Bad news for fitness and bodybuilding passionates, the popular online retailer Bodybuilding.com announced that hackers have broken into its systems. The popular online retailer website Bodybuilding.com announced last week that hackers have broken into its systems. The website offers any kind of fitness articles, exercises, workouts, and supplements. The company confirmed it has no evidence…
FireEye experts found source code for CARBANAK malware on VirusTotal Cybersecurity researchers from FireEye revealed that the Carbanak source code has been available on VirusTotal for two years, and none noticed it before. Researchers at FireEye discovered that the Carbanak source code has been available on VirusTotal for two years, but it was not noticed before. The Carbanak gang (aka FIN7, Anunak or Cobalt) stole over…
Targeted Attacks hit multiple embassies with Trojanized TeamViewer CheckPoint firm uncovered a cyber espionage campaign leveraging a weaponized version of TeamViewer to target officials in several embassies in Europe. Security experts at CheckPoint uncovered a cyber espionage campaign leveraging a weaponized version of TeamViewer and malware disguised as a top-secret US government document to target officials in several embassies in Europe. The targeted…
Iran-linked APT34: Analyzing the webmask project Security expert Marco Ramilli published the findings of a quick analysis of the webmask project standing behind the DNS attacks implemented by APT34 (aka OilRig and HelixKitten). Thanks to the leaked source code it is now possible to check APT34 implementations and techniques. Contest: Since at least 2014, an Iranian threat group tracked by FireEye as APT34 has…
EmCare reveals patient and employee data were hacked EmCare disclosed that a number of employees’ email accounts had been hacked, potentially exposing personal information of patients and employees.EmCare disclosed that a number of employees’ email accounts had been hacked, potentially exposing personal information of patients and employees. US healthcare firm EmCare Inc disclosed that a number of employees’ email accounts had been accessed,…
jQuery JavaScript library flaw opens the doors for attacks on hundreds of millions of websites The popular jQuery JavaScript library is affected by a rare prototype pollution vulnerability that could allow attackers to modify a JavaScript object’s prototype. The impact of the issue could be severe considering that the jQuery JavaScript library is currently used on 74 percent of websites online, most sites still use the 1.x and 2.x versions…
Russian Twitter bot activity increased in the wake Mueller report release Experts at security firm SafeGuard reported that Russian Twitter bot activity raised up by 286 percent in the wake of the release of the Mueller Report. Experts at security firm SafeGuard reported that Russian Twitter bot activity raised up by 286 percent in the wake of the release of the Mueller Report. Social media platforms…
Campaign leverages Bit.ly, BlogSpot, and Pastebin to distribute RevengeRAT Palo Alto Networks Unit 42 researchers uncovered a malicious campaign targeting entities in North America, Europe, Asia, and the Middle East with RevengeRAT. The campaign was carried out during March, threat actors tracked as Aggah” used pages hosted on Bit.ly, BlogSpot, and Pastebin as a command-and-control (C2) infrastructure to distribute the RevengeRAT. Attackers hit organizations…
A flaw in Shopify API flaw exposed revenue and traffic data of thousands of stores Researcher discovered a high-severity flaw in Shopify e-commerce platform that could have been abused to expose the traffic and revenue data for the stores. Bug bounty hunter Ayoub Fathi. discovered a vulnerability in a Shopify API endpoint that could be exploited to leak the revenue and traffic data of thousands of stores. The Shopify platform…
Ride-Hailing Company operating in Iran exposes data of Iranian DriversSecurity researcher discovered a database belonging to a ride-hailing company operating in Iran that was left exposed online containing over 6.7M records. Security researcher Bob Diachenko discovered a database belonging to a ride-hailing company operating in Iran that was left exposed online without protection. The MongoDB instance named ‘doroshke-invoice-production‘ contained over 6.7 million records of…
Chrome 74 Released with the Fix for 39 Security Vulnerabilities Chrome 74 released with a fix for numerous security Vulnerabilities and new features, the update available for Windows, Mac, and Linux desktop users. This update includes 39 security fixes, out of the 12 vulnerabilities discovered by external security researchers. The vulnerability reported by external security researchers includes 5 are high-risk vulnerabilities, 12 medium security severity…
Attackers Aren't Invincible & We Must Use That to Our Advantage The bad guys only seem infallible. Use their weaknesses to beat them.
Hackers Hosting Malware On Google Sites To Steal Data and Share It to the Remote Server Cybercriminals abusing Google sites via drive-by download attack to host dubbed “LoadPCBanker” banking malware to steal various sensitive data from compromised victims. Threat actors abusing Google sites file cabinets template and use it as a delivery medium and SQL as an exfiltration channel to share the stolen data to the remote server. Google Sites is…
Hackers using weaponized TeamViewer to Attack & Gain Full Control of the Government Networks Researchers spotted a new wave of cyber attack from Russian speaking hacker who uses the weaponized TeamViewer to compromise and gain the full control of the Government network systems. Teamviewer is the most popular tool used for remote Desktop control, desktop sharing, online meetings, web conferencing and file transfer between computers. Based on the entire…
50 Malicious Android Apps Bypassed Google Play Protection and Infected 30 Million Android Users More than 50 malicious apps with more than 30 Million installations found on Google play, that display annoying ads and in some cases, it convinces the user to install other apps. According to Avast, all the malicious apps are linked together using the third party Android libraries to bypasses background restrictions with the newer versions…
New Twist in the Stuxnet Story What a newly discovered missing link to Stuxnet and the now-revived Flame cyber espionage malware add to the narrative of the epic cyber-physical attack.
New Twist in the Stuxnet Story What a newly discovered missing link to Stuxnet and the now-revived Flame cyber espionage malware add to the narrative of the epic cyber-physical attack.
Google File Cabinet Plays Host to Malware Payloads Researchers detect a new drive-by download attack in which Google Sites' file cabinet template is a delivery vehicle for malware.
Microsoft Windows, Antivirus Software at Odds After Latest Update This month's Windows update has caused incompatibilities with software from at least five antivirus companies, resulting in slow boot times and frozen systems.
When Every Attack Is a Zero Day Stopping malware the first time is an ideal that has remained tantalizingly out of reach. But automation, artificial intelligence, and deep learning are poised to change that.
1 in 4 Workers Are Aware Of Security Guidelines - but Ignore Them 1 in 4 Workers Are Aware Of Company IT Security Guidelines but Don't Follow Them
Bodybuilding.com Data Breach, Resulting from Phishing Attack Via Email Bodybuilding.com, the internet’s biggest online store and an online forum for fitness and bodybuilding enthusiasts, recently became aware of the Data Security Incident that impacted its IT systems and announced that some of their customer related information may have been accessed cause of this. It is one of the internet’s most visited sites, which has…
2 Million Wi-Fi Passwords Leaked Through Wi-Fi Hotspot Finder App A Wi-Fi hotspot app exposed more than two million Wi-Fi network passwords from its unprotected database. The app named WiFi Finder, downloaded by thousands of users to locate and connect with Wi-Fi hotspots, the app also stores Wi-Fi password and credentials. “It allows users to gain unauthorized access to public and private Wi-Fi networks, allowing…
Hackers Drop RevengeRAT Malware On Windows System Via Weaponized Word Document New Malware attack campaign dubbed “Aggah” targeting various countries via weaponized Word documents and infect the victims by dropping the available RevengeRAT from Pastebin. Researchers from Palo Alto recently observed the largest malware campaign via telemetry and they named as Aggah based on the actor’s alias “hagga”. Threat actors behind this campaign also make use…
Nokia 9 PureView Fingerprint Scanner Bypassed using Chewing Gum Packet Nokia released updates to fix Nokia 9 PureView’s unreliable in-display fingerprint sensor, but the update turns buggy. After the update, multiple users complained that the phone can be bypassed now with an unregistered fingerprint or with a Chewing Gum Packet. The Nokia 9 Fingerprint Scanner wasn’t reliable and the update was provided to address the…
Bitcoin Accounts for 95% of Cryptocurrency Crime, Says Analyst Beginning of dialog window. Escape will cancel and close the window. Despite the proliferation of more than 2000 cryptocurrencies, including harder-to-track privacy coins, the overwhelming majority of criminals still prefer Bitcoin for illicit activity. “Bitcoin is by far the favorite,” Jonathan Levin, co-founder and COO of Chainalysis, tells Fortune on the latest episode of “Balancing…
NSA Recommends Dropping Phone-Surveillance Program The National Security Agency has recommended that the White House abandon a surveillance program that collects information about U.S. phone calls and text messages, saying the logistical and legal burdens of keeping it outweigh its intelligence benefits, according to people familiar with the matter.
How You Make Money From Building A Startup Off the Cuff with MahbodLast month, I resigned from the 2nd huge company I founded. I started both of these companies when they were nothing — neither had even launched when I got involved. Over time, I worked with my cofounders to build a full product, get traction, and raise substantial venture capital funding.Although I am not an engineer…
Hopkins gives no new answers as 'technical issues' stretch into fourth day CLEVELAND — As “isolated technical issues” at Cleveland Hopkins International Airport stretch into a fourth day, very little about these issues has been disclosed by airport or city officials. What is known is that the technical issues impacted several systems at the airport beginning Sunday, including the airport’s email systems, as well as the screens…
The 5 Reasons Why Bitcoin Will Reach $20,000 Again, And Soon-ish 
Cryptocurrencies Won’t Die in 10 Years but Bitcoin Will Be Overtaken: Euro Poll By CCN.com: A majority of Europeans believe cryptocurrencies will still be around in ten years time, according to new data. A survey by bitFlyer Europe, a regulated crypto exchange, which polled 10,000 individuals in ten European countries, revealed that 63 percent believe in the staying power of digital currencies. However, Europeans are less confident about…
'Hack accounts of Nigerian Politicians’ - Ruggedman hits Naira Marley over Yahoo boys video Popular Nigerian rapper, Michael Ugochukwu Stephens popularly known as Ruggedman has attacked Naira Marley over his glorification of cyber fraudsters “Yahoo boys”. Marley had during an Instagram live session urged Nigerians to pray for Yahoo boys, adding that because of them money is in circulation in Nigeria. This video which has since stirred reactions on…
Terrorism 3.0 is here Until the other day, few Americans could likely find Sri Lanka on a map, nor even dimly remember its British colonial name, Ceylon. But the Indian Ocean nation flashed across news screens over the Easter weekend with a highly sophisticated and lethal series of bombings across the island nation of some 20 million. The attacks…
Yelp’s new filter allows users to sort by “Accepts Cryptocurrency”. Yelp, the Californian based popular directory provider offering local search service powered by crowdsource review just added a new filter that will allow its users to sort merchants by those who accept cryptocurrency. The filter which goes by “accepts cryptocurrency” is another milestone for cryptocurrency adoption Yelp, a platform which boasts of over 69 unique…
Manufacturing giant Aebi Schmidt hit by ransomware Aebi Schmidt, a European manufacturing giant with operations in the U.S., has been hit by a ransomware attack, TechCrunch has learned. The Switzerland-based maker of airport maintenance and road cleaning vehicles had operations disrupted Tuesday following the malware infection, according to a source with knowledge of the incident. Systems went down across the company’s international…
How Russia exploited Trump's messy presidential transition | TheHill The aftermath of the Mueller Report has rightly been dominated by questions specific to the actions taken by President TrumpDonald John TrumpRussia's election interference is a problem for the GOP Pence to pitch trade deal during trip to Michigan: report Iran oil minister: US made 'bad mistake' in ending sanctions waivers MORE and whether they…
Kirsten Gillibrand Blasts Jared Kushner's Criticism of Mueller Investigation, Says It's 'An Outrage' and 'Untenable' Senator Kirsten Gillibrand slammed Jared Kushner’s criticism of special counsel Robert Mueller’s investigation and downplaying of Russian interference, saying President Donald Trump’s son-in-law’s comments were “an outrage” and “untenable.” Gillibrand, who represents New York and is running for the Democratic party’s nomination to take on Trump in 2020, was interviewed on Tuesday by MSNBC’s Andrea…
City of Stuart Still Recovering from Ryuk ... A ransomware attack targeting the city of Stuart, Fla., is believed to have started with a phishing email, officials say. The incident struck on April 13 and affected city servers and computers. An investigation revealed it was the Ryuk strain of ransomware that targeted city machines and forced them offline. City manager David Dyess did…
Sri Lanka bombings: Is banning social media after a terrorist attack for the best? WATCH: Governments have been slow to regulate social media companies, many of which have become entrenched in our daily lives. Facebook, WhatsApp and Instagram went dark on Easter Sunday shortly after terrorist attacks killed hundreds in Sri Lanka. It was a deliberate albeit controversial decision on the part of Sri Lanka’s government in an effort…
Most Undervalued Cryptocurrency in 2019 Disclaimer: The opinion expressed here is not investment advice – it is provided for informational purposes only. It does not necessarily reflect the opinion of U.Today. Every investment and all trading involves risk, so you should always perform your own research prior to making decisions. We do not recommend investing money you cannot afford to…
- Zero-day vulnerability in Oracle WebLogic Security experts are warning of a dangerous zero-day remote code vulnerability that affects the Oracle WebLogic service platform. Oracle WebLogic wls9_async and wls-wsat components are affected by a deserialization remote command execution zero-day vulnerability. This zero-day flaw affects all Weblogic versions, including the latest one, that have the wls9_async_response.war and wls-wsat.war components enabled. Oracle WebLogic Server is a Java EE application…
- Stuart City is the new victim of the Ryuk Ransomware Another city fell victim of a malware attack, systems at the city of Stuart, Fla., were infected by the Ryuk ransomware on April 13, 2018. Law enforcement is investigating a ransomware attack that hit the City of Stuart on April 13, 2018. The Ryuk malware infected several servers and forced them offline. “City officials on…
- The Russian Shadow in Eastern Europe: Gamaredon ‘s Ukrainian MOD Campaign Security researchers at Yoroi-Cybaze ZLab uncovered a new campaign carried out by the Russian state-actor dubbed Gamaredon. Introduction Few days after the publication of our technical article related to the evidence of possible APT28 interference in the Ukrainian elections, we spotted another signal of a sneakier on-going operation. This campaign, instead, seems to be linked…
- OilRig APT uses Karkoff malware along with DNSpionage in recent attacks Iran-linked OilRig cyberespionage group is using the reconnaissance malware Karkoff along with DNSpionage in recent campaigns.Iran-linked OilRig cyberespione group is using the reconnaissance malware Karkoff along with DNSpionage in recent campaigns. The OilRig APT group, the threat actor behind the DNSpionage malware campaign, is carrying out a new sophisticated and targeted operation that infects victims…
- Kaspersky speculates the involvement of ShadowPad attackers in Operation ShadowHammer Experts at Kaspersky Lab linked the recent supply-chain attack targeted ASUS users to the “ShadowPad” threat actor and the CCleaner incident. Security researchers at Kaspersky Lab linked the recent supply-chain attack that hit ASUS users (tracked as Operation ShadowHammer) to the “ShadowPad” threat actor. Experts also linked the incident to the supply chain attack that…
- Bodybuilding.com forces password reset after a security breach Bad news for fitness and bodybuilding passionates, the popular online retailer Bodybuilding.com announced that hackers have broken into its systems. The popular online retailer website Bodybuilding.com announced last week that hackers have broken into its systems. The website offers any kind of fitness articles, exercises, workouts, and supplements. The company confirmed it has no evidence…
- FireEye experts found source code for CARBANAK malware on VirusTotal Cybersecurity researchers from FireEye revealed that the Carbanak source code has been available on VirusTotal for two years, and none noticed it before. Researchers at FireEye discovered that the Carbanak source code has been available on VirusTotal for two years, but it was not noticed before. The Carbanak gang (aka FIN7, Anunak or Cobalt) stole over…
- Targeted Attacks hit multiple embassies with Trojanized TeamViewer CheckPoint firm uncovered a cyber espionage campaign leveraging a weaponized version of TeamViewer to target officials in several embassies in Europe. Security experts at CheckPoint uncovered a cyber espionage campaign leveraging a weaponized version of TeamViewer and malware disguised as a top-secret US government document to target officials in several embassies in Europe. The targeted…
- Iran-linked APT34: Analyzing the webmask project Security expert Marco Ramilli published the findings of a quick analysis of the webmask project standing behind the DNS attacks implemented by APT34 (aka OilRig and HelixKitten). Thanks to the leaked source code it is now possible to check APT34 implementations and techniques. Contest: Since at least 2014, an Iranian threat group tracked by FireEye as APT34 has…
- EmCare reveals patient and employee data were hacked EmCare disclosed that a number of employees’ email accounts had been hacked, potentially exposing personal information of patients and employees.EmCare disclosed that a number of employees’ email accounts had been hacked, potentially exposing personal information of patients and employees. US healthcare firm EmCare Inc disclosed that a number of employees’ email accounts had been accessed,…
- jQuery JavaScript library flaw opens the doors for attacks on hundreds of millions of websites The popular jQuery JavaScript library is affected by a rare prototype pollution vulnerability that could allow attackers to modify a JavaScript object’s prototype. The impact of the issue could be severe considering that the jQuery JavaScript library is currently used on 74 percent of websites online, most sites still use the 1.x and 2.x versions…
- Russian Twitter bot activity increased in the wake Mueller report release Experts at security firm SafeGuard reported that Russian Twitter bot activity raised up by 286 percent in the wake of the release of the Mueller Report. Experts at security firm SafeGuard reported that Russian Twitter bot activity raised up by 286 percent in the wake of the release of the Mueller Report. Social media platforms…
- Campaign leverages Bit.ly, BlogSpot, and Pastebin to distribute RevengeRAT Palo Alto Networks Unit 42 researchers uncovered a malicious campaign targeting entities in North America, Europe, Asia, and the Middle East with RevengeRAT. The campaign was carried out during March, threat actors tracked as Aggah” used pages hosted on Bit.ly, BlogSpot, and Pastebin as a command-and-control (C2) infrastructure to distribute the RevengeRAT. Attackers hit organizations…
- A flaw in Shopify API flaw exposed revenue and traffic data of thousands of stores Researcher discovered a high-severity flaw in Shopify e-commerce platform that could have been abused to expose the traffic and revenue data for the stores. Bug bounty hunter Ayoub Fathi. discovered a vulnerability in a Shopify API endpoint that could be exploited to leak the revenue and traffic data of thousands of stores. The Shopify platform…
- Ride-Hailing Company operating in Iran exposes data of Iranian DriversSecurity researcher discovered a database belonging to a ride-hailing company operating in Iran that was left exposed online containing over 6.7M records. Security researcher Bob Diachenko discovered a database belonging to a ride-hailing company operating in Iran that was left exposed online without protection. The MongoDB instance named ‘doroshke-invoice-production‘ contained over 6.7 million records of…
Safe Harbor on Cyber is a ‘safe harbor’ blog site on cyber security for families and small businesses with news on cyber threats, risk, data breach, identity thefts, ransomware, cryptocurrency, and vulnerabilities items.
This website offers valuable information and cyber threat incident alerts to protect, prevent, mitigate, respond, recover, and learn about Cybersecurity threats to your business and family. We provide
- Curated Cyber Security Information and News Feeds and Articles on Targeted Alerting
- Hints and Best Practices
- How To’s and DIYs
- Secure, Trusted Collaboration
- Cyber Threat and Defense News
- Cyber Resource Links for further learning experiences.
So that we the greater community to be better protected for you, your family, and business.
Under CyberWisdom, we deliver value curated new commentaties for your awareness in prevention and protection in cybersecurity, identity thefts, and cyber threats
:
- A consolidated, edited view of the latest cyber developments in order to help you perform your professional responsibilities (in the form of personalized dashboards and alerts).
- Valuable, unique physical + logical security advice, trends, and incidents.
- A rich library of personal cybersecurity best practices. Open source data feeds top cyber blogs and news.
- Relevant information feeds from US Federal agencies, leading security vendors and authentic cybersecurity experts.
- The ability to automatically report critical cyber incidents to the right corporate groups or government agency.
- Ability to integrate with corporate compliance and governance initiatives to help ensure incidents are appropriately managed and documented.
- Provide news feed commentaries to our sister sites cyberexpertize and wetalkeng.
- And much, much more…
Like this:
Like Loading...