Daily Cyber Threats for Businesses and You
Safe Harbor on Cyber Daily News: A Must Read on Cybersecurity to meet your needs.
Welcome to the and enjoy reading our amazing and comprehensive Safe Harbor on the
Cyber news alert RSS feeds for your reading and gain the latest insight
Collection of Cyber News Alert Feeds
Click title link below for rendering original Articles on:
Meet Bluetana, the Scourge of Pump Skimmers"Bluetana," a new mobile app that looks for Bluetooth-based payment card skimmers hidden inside gas pumps, is helping police and state employees more rapidly and accurately locate compromised fuel stations across the nation, a study released this week suggests. Data collected in the course of the investigation also reveals some fascinating details that may help…
Patch Tuesday, August 2019 EditionMost Microsoft Windows (ab)users probably welcome the monthly ritual of applying security updates about as much as they look forward to going to the dentist: It always seems like you were there just yesterday, and you never quite know how it's all going to turn out. Fortunately, this month's patch batch from Redmond is mercifully…
SEC Investigating Data Leak at First American Financial Corp.The U.S. Securities and Exchange Commission (SEC) is investigating a security failure on the Web site of real estate title insurance giant First American Financial Corp. that exposed more than 885 million personal and financial records tied to mortgage deals going back to 2003, KrebsOnSecurity has learned.
iNSYNQ Ransom Attack Began With Phishing EmailA ransomware outbreak that hit QuickBooks cloud hosting firm iNSYNQ in mid-July appears to have started with an email phishing attack that snared an employee working in sales for the company, KrebsOnSecurity has learned. It also looks like the intruders spent roughly ten days rooting around iNSYNQ's internal network to properly stage things before unleashing the ransomware.…
Who Owns Your Wireless Service? Crooks Do.Incessantly annoying and fraudulent robocalls. Corrupt wireless company employees taking hundreds of thousands of dollars in bribes to unlock and hijack mobile phone service. Wireless providers selling real-time customer location data, despite repeated promises to the contrary. A noticeable uptick in SIM-swapping attacks that lead to multi-million dollar cyberheists. If you are somehow under the…
The Risk of Weak Online Banking PasswordsIf you bank online and choose weak or re-used passwords, there's a decent chance your account could be pilfered by cyberthieves -- even if your bank offers multi-factor authentication as part of its login process. This story is about how crooks increasingly are abusing third-party financial aggregation services like Mint, Plaid, Yodlee, YNAB and others to…
Expert shows how to bypass a fix for a recently discovered Steam flaw A security researcher demonstrated how to bypass a fix released by Valve for a recently discovered Steam vulnerability re-enabling the attack. A few days ago, the security experts Matt Nelson and Vasily Kravets separately disclosed a privilege escalation vulnerability in the Stream client for Windows that can be exploited by an attacker with limited permissions to run code administrative…
USBSamurai — A Remotely Controlled Malicious USB HID Injecting Cable for less than 10$ USBSamurai — A Remotely Controlled Malicious USB HID Injecting Cable for less than 10$. than 10$. The Video is self-explanatory. (Wanna know how to make it? Read the article below.) All started with this Tweet last April, when I wanted a damn cheap USB implant capable of injecting keystrokes. It had to be: Remotely Controllable…
700,000 records belonging to Choice Hotels customer leaked online. Crooks demanded ransom Security experts have discovered that hackers have stolen 700,000 records from Choice Hotels franchise and are demanding payment for their return. Experts at Comparitech with the help of the popular researcher Bob Diachenko discovered an unsecured database containing 700,000 records from the hotel franchise Chain Hotel. The experts discovered the unsecured MongoDB archive containing 5.6 million records…
Hurry Up! Update your LibreOffice because 2 patches have been bypassed The latest version of LibreOffice (6.2.6/6.3.0) addresses three vulnerabilities that could be exploited by attackers to bypass patches for two previously addressed issues. LibreOffice has released a new version of the popular open-source office software that addressed three vulnerabilities that could be exploited by attackers to bypass patches for two previously addressed issues. LibreOffice attempted to fix one of…
European Central Bank (ECB) discloses data breach in BIRD Newsletter The European Central Bank (ECB) announced that threat actors had access for months to the contact information of hundreds of financial industry subscribers to its newsletter The ECB was the victim of a data breach, the bank announced that hackers had access for several months to the contact information of hundreds of financial industry subscribers…
Mozilla addresses “master password” security bypass flaw in Firefox The latest update released by Mozilla for Firefox patches a flaw in Firefox Password Manager that can be exploited to access stored passwords. The latest release for Mozilla Firefox (Firefox 68.0.2) fixes a vulnerability that can be exploited to bypass the master password in Firefox Password Manager and access stored passwords. “When a master password…
Biometric data of 1M leaked via an unsecured Suprema owned database Researchers discovered an unsecured database online owned by Suprema that contained the fingerprints and facial recognition information of one million people. Researchers from vpnMentor discovered the personal and biometric data (i.e. facial recognition and fingerprint information) of more than a million people exposed online on an unsecured database owned by the Suprema biometric security company.…
A flaw in Kaspersky Antivirus allowed tracking its users online A vulnerability in Kaspersky Antivirus had exposed a unique identifier associated with users to every website they have visited in the past 4 years. A vulnerability in the Kaspersky Antivirus software, tracked as CVE-2019-8286, had exposed a unique identifier associated with its users to every website they have visited in the past 4 years. The…
Threat actors use a Backdoor and RAT combo to target the Balkans Apparently financially-motivated threat actors carried out a long-term campaign against the Balkans involving a backdoor and a RAT to compromise the targets. Security experts from ESET uncovered a long-running campaign carried out by a financially-motivated threat actor. The attackers combined a backdoor dubbed BalkanDoor and a remote access Trojan tracked as BalkanRAT to take control…
KNOB attack threatens over a billion Bluetooth-enabled devices A vulnerability tracked as CVE-2019-9506 and referred as Key Negotiation of Bluetooth (KNOB) attack could allow attackers to spy on encrypted connections. Researchers at the Center for IT-Security, Privacy and Accountability (CISPA) found a new Bluetooth vulnerability, referred as Key Negotiation of Bluetooth (KNOB) attack, that could allow attackers to spy on encrypted connections. The…
Security Patch Day for August includes the most critical Note released by SAP in 2019 SAP Patches Highest Number of Critical Flaws Since 2014 SAP released Security Patch Day updates for August 2019 that address three critical vulnerabilities in the company’s products. SAP has released the Security Patch Day for August, this month the company addresses several flaws, including three critical vulnerabilities (Hot News), the highest number of critical flaws…
Flaws in HTTP/2 implementations expose servers to DoS attacks Experts at Netflix and Google discovered eight denial-of-service (DoS) vulnerabilities affecting various HTTP/2 implementations. Researchers from Netflix and Google discovered eight denial-of-service (DoS) flaws affecting various HTTP/2 implementations. Some of the flawed implementations belong to tech giants such as Amazon, Apple, Facebook, and Microsoft. The security flaws affect the most popular web server software, including…
Czech Republic ‘s committee blames foreign state for Foreign Ministry CyberattackA parliamentary committee in the Czech Republic blames a foreign country state for a cyberattack that hit the Czech Foreign Ministry A parliamentary committee in the Czech Republic revealed that the National Cyber and Information Security Agency blamed a foreign state for a cyber attack that targeted the Czech Foreign Ministry. The committee did not…
Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issuesMicrosoft Patches Over 90 Vulnerabilities With August 2019 Updates Microsoft Patch Tuesday security updates for August 2019 address more than 90 flaws, including two new ‘wormable‘ issues in Windows Remote Desktop Services. Microsoft Patch Tuesday security updates for August 2019 fix 93 vulnerabilities, including two new ‘wormable‘ issues in Windows Remote Desktop Services. The list…
Google hacker discloses 20-year-old Windows flaw still unpatchedTavis Ormandy, white hat hacker at Google’s Project Zero Team, disclosed technical details of a 20-year-old Windows vulnerability that is still unpatched. The popular cyber security expert Tavis Ormandy, white hat hacker at Google’s Project Zero Team disclosed technical details of 20-year-old vulnerability that is still unpatched. The vulnerability, rated as high-severity, affects all versions…
Severe Bugs in U.S.Military Fighter Jet Let Hackers Takes Sensitive Controls while Jet Flying A group of seven Ethical hackers who were exclusively allowed to test the flight system for a U.S. military fighter jet, in result, they found severe vulnerabilities in critical F-15 fighter jet systems. The flaws allowed them to take control of video cameras and sensors while the fighter jet on flying and completely shut down the Trusted Aircraft…
10 Best Free Password Manager to Secure Your Password For 2019 Free Password Manager always helps to make Strong passwords to protect your devices, online banking accounts and other data sources from unauthorized access. In this article, we highlight the Best open source Password Manager for Android, Mac and iPhone. Do I really need a password manager? Manage different password for so many accounts in online…
Project Zero Turns 5: How Google's Zero-Day Hunt Has Grown At Black Hat USA, Project Zero's team lead shared details of projects it has accomplished and its influence on the security community.
Behind the Scenes at ICS Village ICS Village co-founder Bryson Bort reveals plans for research-dedicated events that team independent researchers, critical infrastructure owners, and government specialists.
Newly Discovered Hacking Tools Remotely control the Hacked Computers via a GUI & Command-Line Interface Researchers discovered two new malicious hacking tools (BalkanRAT, BalkanDoor) from the ongoing campaign Balkans that act as a remote access trojan and backdoor. Malware authors developed these Tools with two different features. BalkanRAT, a remote access trojan that controls the compromised computer remotely via a graphical interface and the BalkanDoor performing the same operation using…
Most Important Endpoint Security & Threat Intelligence Tools List for Hackers and Security Professionals Threat Intelligence & Endpoint Security Tools are more often used by security industries to test the vulnerabilities in network and applications. Here you can find the Comprehensive Endpoint Security list that covers Performing Penetration testing Operation in all the Corporate Environments. Also Read: Take Best Cyber security and Ethical Hacking Online courses Endpoint Security Tools…
NSA Researchers Talk Development, Release of Ghidra SRE Tool NSA researchers took the Black Hat stage to share details of how they developed and released the software reverse-engineering framework.
Adware, Trojans Hit Education Sector Hard Students continue to be weak links for schools and universities, according to data from security firm Malwarebytes.
The Threat Hacking Poses To Your Business’s Reputation Cyber-criminals are increasingly aggressive about targeting businesses of every size. Even if your own company is a small one, hacking can cause serious reputation damage if you don’t take steps to protect it. The real cost of hacking was made clear in a 2015 BBC report. Using data assembled by antivirus software company McAfee and…
Hackers use Backdoor and Trojan to Attack Financial Departments of Organizations Hackers use backdoor and remote access trojan that let attackers gain complete remote control over the compromised computer. The campaign particularly targets the financial departments of the organization in the Balkans region. The campaign is financially motivated, it includes two tools dubbed BalkanDoor and BalkanRAT and distributed through tax themed malicious emails. Active for a…
7 Biggest Cloud Security Blind Spots Cloud computing boon is for innovation, yet security organizations find themselves running into obstacles.
5 Things to Know About Cyber Insurance More businesses are recognizing the need for cyber insurance as part of an overall security strategy. Here are some key points to consider when evaluating, purchasing, and relying on a policy.
Biometric Security Platform Data Breach Leaked Millions of Users Facial Recognition & Fingerprinting Data Security researchers discovered the biggest data breach in Biometric Security Platform BioStar 2 that leaks millions of users facial recognition records, fingerprints, log data, and other personal information. BioStar 2, a web-based biometric security smart lock platform by world’s biggest bio-access B2B company Suprema, and the platform used by UK Metropolitan police, defense contractors and…
New Bluetooth Vulnerability Allow Hackers to Intercept The Encrypted Traffic & Spy on the Devices Researchers discovered a severe privilege escalation vulnerability in Bluetooth let unauthenticated attackers intercept and monitor the encryption traffic between two paired devices. The bug discovered in Bluetooth BR/EDR encryption connection, in which an attacker reduces the encryption key length and perform a brute-force attack to decrypt communications between the devices. Bluetooth BR/EDR ( Basic Rate/Enhanced…
Financial Phishing Grows in Volume and Sophistication in First Half of 2019 Criminals are using the tools intended to protect consumers to attack them through techniques that are becoming more successful with each passing month.
- Expert shows how to bypass a fix for a recently discovered Steam flaw A security researcher demonstrated how to bypass a fix released by Valve for a recently discovered Steam vulnerability re-enabling the attack. A few days ago, the security experts Matt Nelson and Vasily Kravets separately disclosed a privilege escalation vulnerability in the Stream client for Windows that can be exploited by an attacker with limited permissions to run code administrative…
- USBSamurai — A Remotely Controlled Malicious USB HID Injecting Cable for less than 10$ USBSamurai — A Remotely Controlled Malicious USB HID Injecting Cable for less than 10$. than 10$. The Video is self-explanatory. (Wanna know how to make it? Read the article below.) All started with this Tweet last April, when I wanted a damn cheap USB implant capable of injecting keystrokes. It had to be: Remotely Controllable…
- 700,000 records belonging to Choice Hotels customer leaked online. Crooks demanded ransom Security experts have discovered that hackers have stolen 700,000 records from Choice Hotels franchise and are demanding payment for their return. Experts at Comparitech with the help of the popular researcher Bob Diachenko discovered an unsecured database containing 700,000 records from the hotel franchise Chain Hotel. The experts discovered the unsecured MongoDB archive containing 5.6 million records…
- Hurry Up! Update your LibreOffice because 2 patches have been bypassed The latest version of LibreOffice (6.2.6/6.3.0) addresses three vulnerabilities that could be exploited by attackers to bypass patches for two previously addressed issues. LibreOffice has released a new version of the popular open-source office software that addressed three vulnerabilities that could be exploited by attackers to bypass patches for two previously addressed issues. LibreOffice attempted to fix one of…
- European Central Bank (ECB) discloses data breach in BIRD Newsletter The European Central Bank (ECB) announced that threat actors had access for months to the contact information of hundreds of financial industry subscribers to its newsletter The ECB was the victim of a data breach, the bank announced that hackers had access for several months to the contact information of hundreds of financial industry subscribers…
- Mozilla addresses “master password” security bypass flaw in Firefox The latest update released by Mozilla for Firefox patches a flaw in Firefox Password Manager that can be exploited to access stored passwords. The latest release for Mozilla Firefox (Firefox 68.0.2) fixes a vulnerability that can be exploited to bypass the master password in Firefox Password Manager and access stored passwords. “When a master password…
- Biometric data of 1M leaked via an unsecured Suprema owned database Researchers discovered an unsecured database online owned by Suprema that contained the fingerprints and facial recognition information of one million people. Researchers from vpnMentor discovered the personal and biometric data (i.e. facial recognition and fingerprint information) of more than a million people exposed online on an unsecured database owned by the Suprema biometric security company.…
- A flaw in Kaspersky Antivirus allowed tracking its users online A vulnerability in Kaspersky Antivirus had exposed a unique identifier associated with users to every website they have visited in the past 4 years. A vulnerability in the Kaspersky Antivirus software, tracked as CVE-2019-8286, had exposed a unique identifier associated with its users to every website they have visited in the past 4 years. The…
- Threat actors use a Backdoor and RAT combo to target the Balkans Apparently financially-motivated threat actors carried out a long-term campaign against the Balkans involving a backdoor and a RAT to compromise the targets. Security experts from ESET uncovered a long-running campaign carried out by a financially-motivated threat actor. The attackers combined a backdoor dubbed BalkanDoor and a remote access Trojan tracked as BalkanRAT to take control…
- KNOB attack threatens over a billion Bluetooth-enabled devices A vulnerability tracked as CVE-2019-9506 and referred as Key Negotiation of Bluetooth (KNOB) attack could allow attackers to spy on encrypted connections. Researchers at the Center for IT-Security, Privacy and Accountability (CISPA) found a new Bluetooth vulnerability, referred as Key Negotiation of Bluetooth (KNOB) attack, that could allow attackers to spy on encrypted connections. The…
- Security Patch Day for August includes the most critical Note released by SAP in 2019 SAP Patches Highest Number of Critical Flaws Since 2014 SAP released Security Patch Day updates for August 2019 that address three critical vulnerabilities in the company’s products. SAP has released the Security Patch Day for August, this month the company addresses several flaws, including three critical vulnerabilities (Hot News), the highest number of critical flaws…
- Flaws in HTTP/2 implementations expose servers to DoS attacks Experts at Netflix and Google discovered eight denial-of-service (DoS) vulnerabilities affecting various HTTP/2 implementations. Researchers from Netflix and Google discovered eight denial-of-service (DoS) flaws affecting various HTTP/2 implementations. Some of the flawed implementations belong to tech giants such as Amazon, Apple, Facebook, and Microsoft. The security flaws affect the most popular web server software, including…
- Czech Republic ‘s committee blames foreign state for Foreign Ministry CyberattackA parliamentary committee in the Czech Republic blames a foreign country state for a cyberattack that hit the Czech Foreign Ministry A parliamentary committee in the Czech Republic revealed that the National Cyber and Information Security Agency blamed a foreign state for a cyber attack that targeted the Czech Foreign Ministry. The committee did not…
- Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issuesMicrosoft Patches Over 90 Vulnerabilities With August 2019 Updates Microsoft Patch Tuesday security updates for August 2019 address more than 90 flaws, including two new ‘wormable‘ issues in Windows Remote Desktop Services. Microsoft Patch Tuesday security updates for August 2019 fix 93 vulnerabilities, including two new ‘wormable‘ issues in Windows Remote Desktop Services. The list…
- Google hacker discloses 20-year-old Windows flaw still unpatchedTavis Ormandy, white hat hacker at Google’s Project Zero Team, disclosed technical details of a 20-year-old Windows vulnerability that is still unpatched. The popular cyber security expert Tavis Ormandy, white hat hacker at Google’s Project Zero Team disclosed technical details of 20-year-old vulnerability that is still unpatched. The vulnerability, rated as high-severity, affects all versions…
Safe Harbor on Cyber is a ‘safe harbor’ blog site on cyber security for families and small businesses with news on cyber threats, risk, data breach, identity thefts, ransomware, cryptocurrency, and vulnerabilities items.
This website offers valuable information and cyber threat incident alerts to protect, prevent, mitigate, respond, recover, and learn about Cybersecurity threats to your business and family. We provide
- Curated Cyber Security Information and News Feeds and Articles on Targeted Alerting
- Hints and Best Practices
- How To’s and DIYs
- Secure, Trusted Collaboration
- Cyber Threat and Defense News
- Cyber Resource Links for further learning experiences.
So that we the greater community to be better protected for you, your family, and business.
Under CyberWisdom, we deliver value curated new commentaties for your awareness in prevention and protection in cybersecurity, identity thefts, and cyber threats
:
- A consolidated, edited view of the latest cyber developments in order to help you perform your professional responsibilities (in the form of personalized dashboards and alerts).
- Valuable, unique physical + logical security advice, trends, and incidents.
- A rich library of personal cybersecurity best practices. Open source data feeds top cyber blogs and news.
- Relevant information feeds from US Federal agencies, leading security vendors and authentic cybersecurity experts.
- The ability to automatically report critical cyber incidents to the right corporate groups or government agency.
- Ability to integrate with corporate compliance and governance initiatives to help ensure incidents are appropriately managed and documented.
- Provide news feed commentaries to our sister sites cyberexpertize and wetalkeng.
- And much, much more…
Like this:
Like Loading...