Daily Cyber Threats for Businesses and You
Safe Harbor on Cyber Daily News: A Must Read on Cybersecurity to meet your needs.
Welcome to the and enjoy reading our amazing and comprehensive Safe Harbor on the
Cyber news alert RSS feeds for your reading and gain the latest insight
Collection of Cyber News Alert Feeds
Click title link below for rendering original Articles on:
Account Hijacking Forum OGusers HackedOgusers[.]com -- a forum popular among people involved in hijacking online accounts and conducting SIM swapping attacks to seize control over victims' phone numbers -- has itself been hacked, exposing the email addresses, hashed passwords, IP addresses and private messages for nearly 113,000 forum users.
Feds Target $100M ‘GozNym’ Cybercrime NetworkLaw enforcement agencies in the United States and Europe today unsealed charges against 11 alleged members of the GozNym malware network, an international cybercriminal syndicate suspected of stealing $100 million from more than 41,000 victims with the help of a stealthy banking trojan by the same name.
A Tough Week for IP Address ScammersIn the early days of the Internet, there was a period when Internet Protocol 4 (IPv4) addresses (e.g. 4.4.4.4) were given out like cotton candy to anyone who asked. But these days companies are queuing up to obtain new IP space from the various regional registries that periodically dole out the prized digits. With the…
Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003, citing the discovery of a "wormable" flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017. The vulnerability (CVE-2019-0709) resides…
Nine Charged in Alleged SIM Swapping RingEight Americans and an Irishman have been charged with wire fraud this week for allegedly hijacking mobile phones through SIM-swapping, a form of fraud in which scammers bribe or trick employees at mobile phone stores into seizing control of the target's phone number and diverting all texts and phone calls to the attacker's mobile device.…
G Suite users’ passwords stored in plain-text for more than 14 years Google accidentally stored the passwords of its G Suite users in plain-text for 14 years allowing its employees to access them. The news is disconcerting, Google has accidentally stored the passwords of the G Suite users in plain-text for 14 years, this means that every employee in the company was able to access them. According…
SandboxEscaper is back with a new Windows Zero-Day in Task Scheduler SandboxEscaper is back with a new Windows Zero-Day in Win 10 Task Scheduler The developer SandboxEscaper makes the line again, this time he publicly released the exploit code for a Windows zero-day that affect the Windows 10 Task Scheduler. Since August 2018, the expert already revealed other four Windows zero-day vulnerabilities without reporting them to…
The Satan Ransomware adds new exploits to its arsenal A variant of the Satan ransomware recently observed includes exploits to its arsenal and targets machines leveraging additional flaws. Experts at FortiGuard Labs have discovered a new variant of the Satan ransomware that includes new exploits to its portfolio and leverages additional vulnerabilities to infect as many machines as possible. The Satan ransomware first appeared…
Emsisoft released a free Decrypter for JSWorm 2.0 Good news for the victims of the JSWorm 2.0 ransomware, thanks to experts at Emsisoft they can decrypt their file for free. Experts at Emsisoft malware research team released a decrypter for a recently discovered ransomware tracked as JSWorm 2.0. JSWorm 2.0 is written in C++ and implements Blowfish encryption. The first version of the…
Group-IB blocked more than 180,000 links to pirated copies of Game of Thrones Since April 2019, Group-IB has successfully blocked more than 43,000 links to pirated copies of the Game of Thrones Season 8 on pirate websites, forums, and social media As the Game of Thrones saga came to a close (no spoilers here), Group-IB has summed up the results of its anti-piracy campaign during Season 8 of…
After latest Microsoft Windows updates some PCs running Sophos AV not boot Sophos is warning users of potential problems with the recent Microsoft’s Patch Tuesday updates and is saying to roll back it if they want the PC to boot. The security firm has informed its customers of potential problems with the latest Microsoft’s Patch Tuesday updates and is asking them to uninstall the patch if they…
MuddyWater BlackWater campaign used new anti-detection techniques A recent MuddyWater campaign tracked as BlackWater shows that the APT group added new anti-detection techniques to its arsenal. Security experts at Cisco Talos attributed the recently spotted campaign tracked as “BlackWater” to the MuddyWater APT group (aka SeedWorm and TEMP.Zagros). The researchers also pointed out that the cyber espionage group has been updating its tactics, techniques,…
US Commerce Department delays Huawei ban for 90 Days US Commerce Department will delay 90 days before to apply the announced Huawei ban to avoid huge disruption of the operations. During the weekend, the Reuters agency revealed in exclusive that Alphabet Inc’s Google has suspended some business with Huawei after Trump’s ban on the telco giant. On Thursday, President Trump added Huawei Technologies to…
Data belonging to Instagram influencers and celebrities exposed online A new data leak made the headlines, a database containing the contact information of millions of Instagram influencers, celebrities and brand accounts has been found online. The news was first reported by the TechCrunch website, a database was left unprotected on an AWS bucket, anyone was able to access it without authentication. The unprotected database was discovered…
Linux kernel privilege escalation flaw CVE-2019-11815 affects RDS Experts discovered a privilege escalation vulnerability in the Linux Kernel, tracked as CVE-2019-11815, that affects the implementation of RDS over TCP. Experts discovered a memory corruption vulnerability in Linux Kernel that resides in the implementation of the Reliable Datagram Sockets (RDS) over TCP. The vulnerability tracked as CVE-2019-11815 could lead to privilege escalation, it received a…
Defiant Tech firm who operated LeakedSource pleads guilty The Royal Canadian Mounted Police (RCMP), announced that the company behind LeakedSource, Defiant Tech Inc., pleads guilty in Canada. Defiant Tech Inc., the company behind the LeakedSource.com website, pleaded guilty in Canada. The LeakedSource website was launched in late 2015, in January 2017 the popular data breach notification website has been raided by feds. It reported some of…
Chronicle experts spotted a Linux variant of the Winnti backdoor Security researchers from Chronicle, Alphabet’s cyber-security division, have spotted a Linux variant of the Winnti backdoor. Security experts from Chronicle, the Alphabet’s cyber-security division, have discovered a Linux variant of the Winnti backdoor. It is the first time that researchers found a Linux version of the backdoor user by China-linked APT groups tacked as Winnti.…
Google will block Huawei from using Android and its services The Reuters agency revealed in exclusive that Alphabet Inc’s Google has suspended some business with Huawei after Trump’s ban on the telco giant. The news a bomb, Google has suspended some business with Huawei after Trump’s ban on the Chinese telco giant. In November, The Wall Street Journal reported that the US Government is urging its allies…
Amnesty International filed a lawsuit against Israeli surveillance firm NSO Amnesty International filed a lawsuit against Israeli surveillance firm NSO and fears its staff may be targeted by the company with its Pegasus spyware. The name NSO Group made the headlines last week after the disclosure of the WhatsApp flaw exploited by the company to remotely install its surveillance software. The Israeli firm is now…
Unpatched Ethereum Clients expose the ecosystem to 51% Attack riskSecurity researchers from SRLabs have published a report that analyzed the risks for Ethereum network caused by unpatched Ethereum clients. Researchers at SRLabs published a report based on ethernodes.org data, that revealed that a large number of nodes using the popular clients Parity and Geth is still unpatched. The expert discovered that the Ethereum clients and…
Consumer IoT Devices Are Compromising Enterprise Networks While IoT devices continue to multiply, the latest studies show a dangerous lack of visibility into those connected to enterprise networks.
Dark Web Secrets: What Should You Know About Your Information Being on the Dark Web? Just hearing “dark web” sounds sinister, and it can be. There’s a lot of information passed around on the dark web, and much of it involves criminal activity. A lot of security firms have expanded their offerings to included cybersecurity protection for schools, businesses, and individuals because of the threats that can stem from your…
Google Stored G Suite Customer Password in Plain Text Since 2005 Google revealed a shocking statement that they stored enterprise G Suite customers login password in plain text over a decade. According to Google’s privacy and security policy, all the customers and users login credentials must be stored in an encrypted format to ensure maximum security. The encrypted format means to store your passwords with cryptographic…
Australian Government Employee Charged For Using Government Computers to Mine Cryptocurrency A 33-year-old Australian Government employee was charged for abusing computer systems at his workplace to mine cryptocurrency for personal gain. According to the AFP report, he earned more than $9000 in the illegal mining operation, before AFP officers seized his laptop, personal phone, employee ID cards, and data files. It’s unclear on how he injected…
How Selfie Authentication Process Improve the Security Along With Other Authentication Methods Digital identity has two different domains – one is identity proofing and the other is authentication, where both have been unique to each other for many years. Businesses have now utilized several identity proofing methods to distinguish users’ identities by having them visit their local branch office or provide proof of their identity and address.…
49 Million Instagram Influencers, Celebrities Personal Data Leaked Online A new massive database uncovered that contains nearly 49 million of Instagram Influencer’s, celebrities and brand account contact information leaked online. Security researcher Anurag Sen discovered this unprotected database and reported to Tech Crunch, in result, owners have been notified and secured the database. Further investigation reveals that the database owned by Mumbai-based social media…
4 Most Important Reason to Keep Update Your Computer Operating Systems Regularly and Protect it from Cyber Attack The operating system of your computer is the most important part of your network that needs an update from the time. This is essential to make sure that you can keep track of whatever updates is happening within the cyber world. At the same time, it also helps your computer and other software installed get…
MuddyWater APT’s BlackWater Malware Campaign Install Backdoor on Victims PC to Gain Remote Access & Evade Detection Researchers discovered a “Blackwater” malware campaign that suspected to associated with well known MuddyWater APT bypass the security control and install a backdoor on Victims PC using MuddyWater’s tactics, techniques, and procedures (TTPs). MuddyWater involved with a various cyber attack in recent past and its spotted to targeting organizations in Pakistan, Turkey, and Tajikistan using…
Most Important Methods to Detect and Prevent Identity Theft From Hackers An identity thief can steal your sensitive information to commit fraudulent activities, such as file tax, apply for medical services or credit. Identity theft can damage your reputation, credit status, and cost your money and time. If you receive mysterious bills or credit card charges without shopping for anything, investigate this matter carefully because you…
TeamViewer Admits Breach from 2016 The company says it stopped the attack launched by a Chinese hacking group.
DHS Warns of Data Theft via Chinese-Made Drones The drones are reportedly built with parts that can compromise organizations' data and share it on a server accessible to the Chinese government.
97% of Americans Can't Ace a Basic Security Test Still, a new Google study uncovers a bit of good news, too.
Chinese Video App VidMate Stealing Personal Data, Drain Battery, Fake Ad Click to Generate Revenue From 500 Million Android Users Most popular video app VidMate caught up for various malicious activities in their customers Android mobiles including drain users battery, collecting personal information, Create fake ad click-through invisible ads to generate revenue from 500 million users who have installed VidMate. Vidmate is one of the world most popular Android Video app for download and streaming…
Patch Manager Plus – A Complete Automated Patch Management Tool For Windows, Linux, Mac Managing the organization’s critical patches to keep computers up to date is very hard since there are hundreds of products and software deployed within the organization network. In this case, an enterprise with multiple servers and computers, ensuring that all of them are updated is really time-consuming and manually processing these patches is very hard.…
Israel Firm Linked With WhatsApp Spyware Hack Faces Lawsuit The Israel firm linked with WhatsApp Spyware Hack to face a lawsuit filed by human rights NGO Amnesty International. The vulnerability was patched by WhatsApp last week, but still, it is not clear how many users affected by the attack. Whatsapp said that the spyware attack was specifically targeting human rights groups, a simple Whatsapp…
- G Suite users’ passwords stored in plain-text for more than 14 years Google accidentally stored the passwords of its G Suite users in plain-text for 14 years allowing its employees to access them. The news is disconcerting, Google has accidentally stored the passwords of the G Suite users in plain-text for 14 years, this means that every employee in the company was able to access them. According…
- SandboxEscaper is back with a new Windows Zero-Day in Task Scheduler SandboxEscaper is back with a new Windows Zero-Day in Win 10 Task Scheduler The developer SandboxEscaper makes the line again, this time he publicly released the exploit code for a Windows zero-day that affect the Windows 10 Task Scheduler. Since August 2018, the expert already revealed other four Windows zero-day vulnerabilities without reporting them to…
- The Satan Ransomware adds new exploits to its arsenal A variant of the Satan ransomware recently observed includes exploits to its arsenal and targets machines leveraging additional flaws. Experts at FortiGuard Labs have discovered a new variant of the Satan ransomware that includes new exploits to its portfolio and leverages additional vulnerabilities to infect as many machines as possible. The Satan ransomware first appeared…
- Emsisoft released a free Decrypter for JSWorm 2.0 Good news for the victims of the JSWorm 2.0 ransomware, thanks to experts at Emsisoft they can decrypt their file for free. Experts at Emsisoft malware research team released a decrypter for a recently discovered ransomware tracked as JSWorm 2.0. JSWorm 2.0 is written in C++ and implements Blowfish encryption. The first version of the…
- Group-IB blocked more than 180,000 links to pirated copies of Game of Thrones Since April 2019, Group-IB has successfully blocked more than 43,000 links to pirated copies of the Game of Thrones Season 8 on pirate websites, forums, and social media As the Game of Thrones saga came to a close (no spoilers here), Group-IB has summed up the results of its anti-piracy campaign during Season 8 of…
- After latest Microsoft Windows updates some PCs running Sophos AV not boot Sophos is warning users of potential problems with the recent Microsoft’s Patch Tuesday updates and is saying to roll back it if they want the PC to boot. The security firm has informed its customers of potential problems with the latest Microsoft’s Patch Tuesday updates and is asking them to uninstall the patch if they…
- MuddyWater BlackWater campaign used new anti-detection techniques A recent MuddyWater campaign tracked as BlackWater shows that the APT group added new anti-detection techniques to its arsenal. Security experts at Cisco Talos attributed the recently spotted campaign tracked as “BlackWater” to the MuddyWater APT group (aka SeedWorm and TEMP.Zagros). The researchers also pointed out that the cyber espionage group has been updating its tactics, techniques,…
- US Commerce Department delays Huawei ban for 90 Days US Commerce Department will delay 90 days before to apply the announced Huawei ban to avoid huge disruption of the operations. During the weekend, the Reuters agency revealed in exclusive that Alphabet Inc’s Google has suspended some business with Huawei after Trump’s ban on the telco giant. On Thursday, President Trump added Huawei Technologies to…
- Data belonging to Instagram influencers and celebrities exposed online A new data leak made the headlines, a database containing the contact information of millions of Instagram influencers, celebrities and brand accounts has been found online. The news was first reported by the TechCrunch website, a database was left unprotected on an AWS bucket, anyone was able to access it without authentication. The unprotected database was discovered…
- Linux kernel privilege escalation flaw CVE-2019-11815 affects RDS Experts discovered a privilege escalation vulnerability in the Linux Kernel, tracked as CVE-2019-11815, that affects the implementation of RDS over TCP. Experts discovered a memory corruption vulnerability in Linux Kernel that resides in the implementation of the Reliable Datagram Sockets (RDS) over TCP. The vulnerability tracked as CVE-2019-11815 could lead to privilege escalation, it received a…
- Defiant Tech firm who operated LeakedSource pleads guilty The Royal Canadian Mounted Police (RCMP), announced that the company behind LeakedSource, Defiant Tech Inc., pleads guilty in Canada. Defiant Tech Inc., the company behind the LeakedSource.com website, pleaded guilty in Canada. The LeakedSource website was launched in late 2015, in January 2017 the popular data breach notification website has been raided by feds. It reported some of…
- Chronicle experts spotted a Linux variant of the Winnti backdoor Security researchers from Chronicle, Alphabet’s cyber-security division, have spotted a Linux variant of the Winnti backdoor. Security experts from Chronicle, the Alphabet’s cyber-security division, have discovered a Linux variant of the Winnti backdoor. It is the first time that researchers found a Linux version of the backdoor user by China-linked APT groups tacked as Winnti.…
- Google will block Huawei from using Android and its services The Reuters agency revealed in exclusive that Alphabet Inc’s Google has suspended some business with Huawei after Trump’s ban on the telco giant. The news a bomb, Google has suspended some business with Huawei after Trump’s ban on the Chinese telco giant. In November, The Wall Street Journal reported that the US Government is urging its allies…
- Amnesty International filed a lawsuit against Israeli surveillance firm NSO Amnesty International filed a lawsuit against Israeli surveillance firm NSO and fears its staff may be targeted by the company with its Pegasus spyware. The name NSO Group made the headlines last week after the disclosure of the WhatsApp flaw exploited by the company to remotely install its surveillance software. The Israeli firm is now…
- Unpatched Ethereum Clients expose the ecosystem to 51% Attack riskSecurity researchers from SRLabs have published a report that analyzed the risks for Ethereum network caused by unpatched Ethereum clients. Researchers at SRLabs published a report based on ethernodes.org data, that revealed that a large number of nodes using the popular clients Parity and Geth is still unpatched. The expert discovered that the Ethereum clients and…
Safe Harbor on Cyber is a ‘safe harbor’ blog site on cyber security for families and small businesses with news on cyber threats, risk, data breach, identity thefts, ransomware, cryptocurrency, and vulnerabilities items.
This website offers valuable information and cyber threat incident alerts to protect, prevent, mitigate, respond, recover, and learn about Cybersecurity threats to your business and family. We provide
- Curated Cyber Security Information and News Feeds and Articles on Targeted Alerting
- Hints and Best Practices
- How To’s and DIYs
- Secure, Trusted Collaboration
- Cyber Threat and Defense News
- Cyber Resource Links for further learning experiences.
So that we the greater community to be better protected for you, your family, and business.
Under CyberWisdom, we deliver value curated new commentaties for your awareness in prevention and protection in cybersecurity, identity thefts, and cyber threats
:
- A consolidated, edited view of the latest cyber developments in order to help you perform your professional responsibilities (in the form of personalized dashboards and alerts).
- Valuable, unique physical + logical security advice, trends, and incidents.
- A rich library of personal cybersecurity best practices. Open source data feeds top cyber blogs and news.
- Relevant information feeds from US Federal agencies, leading security vendors and authentic cybersecurity experts.
- The ability to automatically report critical cyber incidents to the right corporate groups or government agency.
- Ability to integrate with corporate compliance and governance initiatives to help ensure incidents are appropriately managed and documented.
- Provide news feed commentaries to our sister sites cyberexpertize and wetalkeng.
- And much, much more…
Like this:
Like Loading...
