Daily Cyber Threats for Businesses and You
Safe Harbor on Cyber Daily News: A Must Read on Cybersecurity to meet your needs.
Welcome to the and enjoy reading our amazing and comprehensive Safe Harbor on the
Cyber news alert RSS feeds for your reading and gain the latest insight
Collection of Cyber News Alert Feeds
Click title link below for rendering original Articles on:
Russians Shut Down Huge Card Fraud RingFederal investigators in Russia have charged at least 25 people accused of operating a sprawling international credit card theft ring. Cybersecurity experts say the raid included the charging of a major carding kingpin thought to be tied to dozens of carding shops and to some of the bigger data breaches targeting western retailers over the…
US Government Sites Give Bad Security AdviceMany U.S. government Web sites now carry a message prominently at the top of their home pages meant to help visitors better distinguish between official U.S. government properties and phishing pages. Unfortunately, part of that message is misleading and may help perpetuate a popular misunderstanding about Web site security and trust that phishers have been…
Who’s Behind the ‘Web Listings’ Mail Scam?In December 2018, KrebsOnSecurity looked at how dozens of U.S. political campaigns, cities and towns had paid a shady company called Web Listings Inc. after receiving what looked like a bill for search engine optimization (SEO) services rendered on behalf of their domain names. The story concluded that this dubious service had been scamming people…
Security Breach Disrupts Fintech Firm FinastraFinastra, a company that provides a range of technology solutions to banks worldwide, said it was shutting down key systems in response to a security breach discovered Friday morning. The company's public statement and notice to customers does not mention the cause of the outage, but their response so far is straight out of the…
Zyxel Flaw Powers New Mirai IoT Botnet StrainIn February, hardware maker Zyxel fixed a zero-day vulnerability in its routers and VPN firewall products after KrebsOnSecurity told the company the flaw was being abused by attackers to break into devices. This week, security researchers said they spotted that same vulnerability being exploited by a new variant of Mirai, a malware strain that targets…
Coronavirus Widens the Money Mule PoolWith many people being laid off or working from home thanks to the Coronavirus pandemic, cybercrooks are almost certain to have more than their usual share of recruitable "money mules" -- people who get roped into money laundering schemes under the pretense of a work-at-home job offer. Here's the story of one upstart mule factory…
The Web’s Bot Containment Unit Needs Your HelpAnyone who's seen the 1984 hit movie Ghostbusters likely recalls the pivotal scene where a government bureaucrat orders the shutdown of the ghost containment unit, effectively unleashing a pent-up phantom menace on New York City. Now, something similar is in danger of happening in cyberspace: Shadowserver.org, an all-volunteer nonprofit organization that works to help Internet…
Coronavirus-themed attacks March 22 – March 28, 2020 In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 22 to March 28, 2020. Threat actors exploit the interest in the COVID19 outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. March 23 – COVID19-themed…
Security Affairs newsletter Round 257 A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Coronavirus-themed attacks March 15 – March 21, 2020 Google addresses high severity bugs in Chrome Keepnet Labs accidentally exposed an unprotected database with 5 Billion previously leaked records Security firm accidentally exposed an unprotected database with 5 Billion…
FIN7 hackers target enterprises with weaponized USB drives via USPS The FIN7 APT group has been targeting businesses with malicious USB drives and Teddy Bears sent to the victims, the FBI warns. The FBI is warning of a new wave of attacks carried out by the FIN7 APT group that is sending to the victims devices acting as a keyboard (HID Emulator USB) when plugged…
Critical buffer overflow in CODESYS allows remote code execution Experts discovered an easily exploitable heap-based buffer overflow flaw, tracked as CVE-2020-10245, that exists in the CODESYS web server. A critical heap-based buffer overflow flaw in a web server for the CODESYS automation software for engineering control systems could be exploited by a remote, unauthenticated attacker to crash a server or execute arbitrary code. CODESYS…
Hackers target zero-day flaws in enterprise Draytek network devices Experts from Qihoo 360’s NetLab recently spotted two zero-day campaigns targeting DrayTek enterprise-grade networking devices. Since December 2019, researchers from Qihoo 360 observed two different attack groups that are employing two zero-days exploits to take over DrayTek enterprise routers to eavesdrop on FTP and email traffic inside corporate networks. While Netlab360 has found about ~100,000 devices…
AMD admits hacker stole source code files related to its GPUs AMD admitted that a hacker has stolen files related to some of its graphics products, but it downplayed the potential impact of the hack. AMD admitted that a hacker that goes online with the moniker “Palesa” has stolen source code files related to some of its graphics products, but it downplayed the potential impact of…
0patch releases free unofficial patches for Windows 0days exploited in the wild ACROS Security’s 0patch service released unofficial patches for two Windows flaws actively exploited by attackers in the wild. ACROS Security’s 0patch service released unofficial patches for two Windows vulnerabilities actively exploited by attackers in the wild, both issues have yet to be fixed by Microsoft. A few days ago, Microsoft warned of hackers actively exploiting…
Google issued 40,000 alerts of State-Sponsored attacks in 2019 Google announced to have warned users of almost 40,000 alerts of state-sponsored phishing or malware attacks during 2019. Google shared data on alerts related to state-sponsored attacks, the tech giant revealed that it issued almost 40,000 alerts of state-sponsored phishing or malware attacks to its users during 2019. The number of alerts decreased by 25%…
A missing authorization check in WordPre WPvivid plugin that can lead to the exposure of the database and all files Researchers warn of a security flaw recently addressed in the WPvivid Backup Plugin that could be exploited to obtain all files of a WordPress website. WebARX experts warn of a missing authorization check recently addressed in the WPvivid Backup Plugin that could be exploited to obtain all files of a WordPress website. “There is a missing…
New financially motivated attacks in Western Europe traced to Russian-speaking threat actors Researchers at Group-IB observed new financially motivated attacks in Western Europe traced to Russian-speaking threat actors. Group-IB, a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has detected successful attacks in Western Europe carried out in late January 2020 traced to Russian-speaking threat actors. At least two companies operating in pharmaceutical and manufacturing sectors have…
Ryuk Ransomware operators continue to target hospitals during COVID19 outbreak Operators behind the Ryuk Ransomware continue to target hospitals even as these organizations are involved in the fight against the Coronavirus pandemic. The threat actors behind the infamous Ryuk Ransomware continue to target hospitals, even as they are involved in containing the Coronavirus outbreak. The decision of the operators is not aligned with principal ransomware…
Operation Poisoned News: Hong Kong iOS users targeted with watering hole attacks Operation Poisoned News – Experts observed a campaign aimed at infecting the iPhones of users in Hong Kong with an iOS backdoor that allows attackers to spy on them. Security experts at Trend Micro have observed a campaign aimed at infecting the iPhones of users in Hong Kong with an iOS backdoor tracked as lightSpy.…
Stealing videos from VLCAn unauthenticated insecure direct object reference (IDOR) issue in VLC for iOS could allow a local attacker to steal media from the storage. VLC for iOS was vulnerable to an unauthenticated insecure direct object reference (IDOR) which could allow a local attacker to steal media from the storage by just navigating to the source URL/IP.…
Hackers hijack D-Link and Linksys routers to point users to coronavirus-themed sites serving malwareThe number of Coronavirus-themed attacks continues to increase, crooks hijack D-Link and Linksys routers to redirect users to sites spreading COVID19-themed malware. Crooks continue to launch Coronavirus-themed attacks, experts observed hackers hijacking D-Link and Linksys routers to redirect users to COVID19-themed sites spreading malware. Hackers compromiseD-Link and Linksys routers and change DNS settings to redirect…
FBI shuts down the Russian-based hacker platform DEER.IOThe FBI shuts down Deer.io, a Russian-based online platform that has been hosting hundreds of online shops where illegal products and services were being sold, The Department of Justice announced on Tuesday, that the Federal Bureau of Investigation has recently taken down the Russian-based online platform DEER.IO that is hosting various cybercrime products and services…
Operation Poisoned News – Hackers Deliver Malware Targeting iOS Users Using Local News Links A new campaign dubbed Operation Poisoned News that uses news local news sites links to deploy malware called lightSpy on the user’s iOS devices. Attackers posted the news articles in various forums, by clicking on the link it takes users to the news sites, but they also have hidden iframe that loads malicious code. The…
Hackers Hijack Home Routers & Change The DNS Settings to Implant Infostealer Malware Researchers discovered a new form of attack that targeting the home routers and altering the DNS settings to redirect the victims to a malicious website that delivers the infostealer malware called “Osk” that seems to have emerged in late 2019. Landing websites are posing with the information of Coronavirus pandemic and force victims to download…
Virgin Media Could Pay GB pound 4.5B for Leak Affecting 900,000 Customers A misconfigured database holding personal data was left available online between April 2019 and February 2020.
Purported Brute-Force Attack Aims at Linksys Routers as More People Work Remotely The attack takes control of poorly secured network devices, redirecting Web addresses to a COVID-themed landing page that attempts to fool victims into downloading malware.
Vulnerability with VLC for iOS Allows Attackers to Steal Data from Storage A vulnerability with VLC for iOS allows local attackers to steal the data from the storage by just having the source URL/IP. The vulnerability was discovered by the security researcher Dhiraj and the flaw resides in the functionality of the application for iOS. Vulnerability with VLC for iOS According to the researcher, the “VLC for…
Tekya Clicker Malware Hides in 56 Apps that Downloaded 1 Million Times Worldwide From Google Play Google implements a number of ways to filter the malicious apps getting into the play store, but still, attackers continue to find ways to infiltrate the app store and infect user devices. Security researchers from Check Point identified 56 malicious apps in play store that aimed to commit mobile fraud with new malware families dubbed…
Unpatched “VPN Bypass” Vulnerability in Apple iOS Let Blocks VPN to Pass The Encrypted Traffic A new unpatched “VPN Bypass” vulnerability uncovered in Apple iOS block VPNs to encrypt all the traffic that passes through the device. The bug affected Apple’s iOS version 13.4, and it can be taking advantage of the cybercriminals to surveillance the user’s online activities also it leaks IP address and exposes the user’s data. Luis,…
Most Important Cyber Threat Intelligence Tools List For Hackers and Security Professionals 2020 Threat Intelligence Tools are more often used by security industries to test the vulnerabilities in network and applications. It helps with the collection and analysis of information about current and potential attacks that threaten the safety of an organization or its assets. Here you can find the Comprehensive Threat Intelligence Tools list that covers Performing…
Chinese APT Hackers Launching Mass Cyber Attack Using Cisco, Citrix, Zoho Exploits to Hack Gov & Private NetworksAPT 41, Chinese hackers groups launched a massive cyberattack on dozens of countries around the globe using exploits that trigger the vulnerabilities in Cisco, Citrix, Zoho products. Several countries are being targeted including Australia, Canada, Denmark, Finland, France, India, Italy, Japan, Malaysia, Mexico, Philippines, Poland, Qatar, Saudi Arabia, Singapore, Sweden, Switzerland, UAE, UK, and USA.…
Why You Do Not Trust Free VPNs? Top Reasons & ConsequencesA Virtual Private Network is known as VPN effectively encrypts all the internet traffic sent over the internet connection and sends it to a far-off VPN server. In this entire process, everything went through the VPN server. Like for instance, let’s say that you’re residing in the UK and want to connect to a VPN…
Missing Patches, Misconfiguration Top Technical Breach CausesLess than half of businesses surveyed can patch critical vulnerabilities within 72 hours. Why does the process take so long?
FBI Shutters Russian-Based Hacker Platform, Makes ArrestThe Deer.io platform let cybercriminals buy access to virtual storefronts where they could sell illicit products and services.
Don’t Become a COVID-19 Identity Exploit StatisticHackers love chaos because it presents new opportunities for exploit and COVID-19 is no exception. Companies everywhere have rushed to provide work from home remote access to practice sheltering in place. This confusion gives criminals the perfect set of ingredients needed for a successful hacking recipe. Krebs On Security published a scheme based on a…
Operation WildPressure – APT Hackers Launching new C++ RAT called Milum To Gain Remote AccessWildPressure, a new APT(Advanced persistent threat) group targets organizations in the Middle East to distribute Milum RAT and to take control of the infected device. The Milum RAT was first spotted in a campaign by Kaspersky researchers in August 2019, the RAT was written in C++. The new campaign doesn’t share any similarities with the…
Critical Remote Code Execution Bug in Linux Based OpenWrt OS Affects Millions of Network DevicesSecurity researcher uncovered a critical remote code execution vulnerability in OpenWrt operating system that allows attackers to inject the malicious payload on the vulnerable systems. OpenWrt is a Linux based operating system that is mainly used in embedded devices and network routers to route the network traffic and is installed on millions of devices around…
- Coronavirus-themed attacks March 22 – March 28, 2020 In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 22 to March 28, 2020. Threat actors exploit the interest in the COVID19 outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. March 23 – COVID19-themed…
- Security Affairs newsletter Round 257 A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Coronavirus-themed attacks March 15 – March 21, 2020 Google addresses high severity bugs in Chrome Keepnet Labs accidentally exposed an unprotected database with 5 Billion previously leaked records Security firm accidentally exposed an unprotected database with 5 Billion…
- FIN7 hackers target enterprises with weaponized USB drives via USPS The FIN7 APT group has been targeting businesses with malicious USB drives and Teddy Bears sent to the victims, the FBI warns. The FBI is warning of a new wave of attacks carried out by the FIN7 APT group that is sending to the victims devices acting as a keyboard (HID Emulator USB) when plugged…
- Critical buffer overflow in CODESYS allows remote code execution Experts discovered an easily exploitable heap-based buffer overflow flaw, tracked as CVE-2020-10245, that exists in the CODESYS web server. A critical heap-based buffer overflow flaw in a web server for the CODESYS automation software for engineering control systems could be exploited by a remote, unauthenticated attacker to crash a server or execute arbitrary code. CODESYS…
- Hackers target zero-day flaws in enterprise Draytek network devices Experts from Qihoo 360’s NetLab recently spotted two zero-day campaigns targeting DrayTek enterprise-grade networking devices. Since December 2019, researchers from Qihoo 360 observed two different attack groups that are employing two zero-days exploits to take over DrayTek enterprise routers to eavesdrop on FTP and email traffic inside corporate networks. While Netlab360 has found about ~100,000 devices…
- AMD admits hacker stole source code files related to its GPUs AMD admitted that a hacker has stolen files related to some of its graphics products, but it downplayed the potential impact of the hack. AMD admitted that a hacker that goes online with the moniker “Palesa” has stolen source code files related to some of its graphics products, but it downplayed the potential impact of…
- 0patch releases free unofficial patches for Windows 0days exploited in the wild ACROS Security’s 0patch service released unofficial patches for two Windows flaws actively exploited by attackers in the wild. ACROS Security’s 0patch service released unofficial patches for two Windows vulnerabilities actively exploited by attackers in the wild, both issues have yet to be fixed by Microsoft. A few days ago, Microsoft warned of hackers actively exploiting…
- Google issued 40,000 alerts of State-Sponsored attacks in 2019 Google announced to have warned users of almost 40,000 alerts of state-sponsored phishing or malware attacks during 2019. Google shared data on alerts related to state-sponsored attacks, the tech giant revealed that it issued almost 40,000 alerts of state-sponsored phishing or malware attacks to its users during 2019. The number of alerts decreased by 25%…
- A missing authorization check in WordPre WPvivid plugin that can lead to the exposure of the database and all files Researchers warn of a security flaw recently addressed in the WPvivid Backup Plugin that could be exploited to obtain all files of a WordPress website. WebARX experts warn of a missing authorization check recently addressed in the WPvivid Backup Plugin that could be exploited to obtain all files of a WordPress website. “There is a missing…
- New financially motivated attacks in Western Europe traced to Russian-speaking threat actors Researchers at Group-IB observed new financially motivated attacks in Western Europe traced to Russian-speaking threat actors. Group-IB, a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has detected successful attacks in Western Europe carried out in late January 2020 traced to Russian-speaking threat actors. At least two companies operating in pharmaceutical and manufacturing sectors have…
- Ryuk Ransomware operators continue to target hospitals during COVID19 outbreak Operators behind the Ryuk Ransomware continue to target hospitals even as these organizations are involved in the fight against the Coronavirus pandemic. The threat actors behind the infamous Ryuk Ransomware continue to target hospitals, even as they are involved in containing the Coronavirus outbreak. The decision of the operators is not aligned with principal ransomware…
- Operation Poisoned News: Hong Kong iOS users targeted with watering hole attacks Operation Poisoned News – Experts observed a campaign aimed at infecting the iPhones of users in Hong Kong with an iOS backdoor that allows attackers to spy on them. Security experts at Trend Micro have observed a campaign aimed at infecting the iPhones of users in Hong Kong with an iOS backdoor tracked as lightSpy.…
- Stealing videos from VLCAn unauthenticated insecure direct object reference (IDOR) issue in VLC for iOS could allow a local attacker to steal media from the storage. VLC for iOS was vulnerable to an unauthenticated insecure direct object reference (IDOR) which could allow a local attacker to steal media from the storage by just navigating to the source URL/IP.…
- Hackers hijack D-Link and Linksys routers to point users to coronavirus-themed sites serving malwareThe number of Coronavirus-themed attacks continues to increase, crooks hijack D-Link and Linksys routers to redirect users to sites spreading COVID19-themed malware. Crooks continue to launch Coronavirus-themed attacks, experts observed hackers hijacking D-Link and Linksys routers to redirect users to COVID19-themed sites spreading malware. Hackers compromiseD-Link and Linksys routers and change DNS settings to redirect…
- FBI shuts down the Russian-based hacker platform DEER.IOThe FBI shuts down Deer.io, a Russian-based online platform that has been hosting hundreds of online shops where illegal products and services were being sold, The Department of Justice announced on Tuesday, that the Federal Bureau of Investigation has recently taken down the Russian-based online platform DEER.IO that is hosting various cybercrime products and services…
Safe Harbor on Cyber is a ‘safe harbor’ blog site on cyber security for families and small businesses with news on cyber threats, risk, data breach, identity thefts, ransomware, cryptocurrency, and vulnerabilities items.
This website offers valuable information and cyber threat incident alerts to protect, prevent, mitigate, respond, recover, and learn about Cybersecurity threats to your business and family. We provide
- Curated Cyber Security Information and News Feeds and Articles on Targeted Alerting
- Hints and Best Practices
- How To’s and DIYs
- Secure, Trusted Collaboration
- Cyber Threat and Defense News
- Cyber Resource Links for further learning experiences.
So that we the greater community to be better protected for you, your family, and business.
Under CyberWisdom, we deliver value curated new commentaties for your awareness in prevention and protection in cybersecurity, identity thefts, and cyber threats
:
- A consolidated, edited view of the latest cyber developments in order to help you perform your professional responsibilities (in the form of personalized dashboards and alerts).
- Valuable, unique physical + logical security advice, trends, and incidents.
- A rich library of personal cybersecurity best practices. Open source data feeds top cyber blogs and news.
- Relevant information feeds from US Federal agencies, leading security vendors and authentic cybersecurity experts.
- The ability to automatically report critical cyber incidents to the right corporate groups or government agency.
- Ability to integrate with corporate compliance and governance initiatives to help ensure incidents are appropriately managed and documented.
- Provide news feed commentaries to our sister sites cyberexpertize and wetalkeng.
- And much, much more…
Like this:
Like Loading...