Daily Cyber Threats for Businesses and You
Safe Harbor on Cyber Daily News: A Must Read on Cybersecurity to meet your needs.
Welcome to the and enjoy reading our amazing and comprehensive Safe Harbor on the
Cyber news alert RSS feeds for your reading and gain the latest insight
Collection of Cyber News Alert Feeds
Click title link below for rendering original Articles on:
Bomb Threat Hoaxer Exposed by Hacked Gaming SiteFederal authorities this week arrested a North Carolina man who allegedly ran with a group of online hooligans that attacked Web sites (including this one), took requests on Twitter to call in bomb threats to thousands of schools, and tried to frame various online gaming sites as the culprits. In an ironic twist, the accused…
Patch Tuesday, February 2019 EditionMicrosoft on Tuesday issued a bevy of patches to correct at least 70 distinct security vulnerabilities in Windows and software designed to interact with various flavors of the operating system. This month's patch batch tackles some notable threats to enterprises -- including multiple flaws that were publicly disclosed prior to Patch Tuesday. It also bundles…
Email Provider VFEmail Suffers ‘Catastrophic’ HackEmail provider VFEmail has suffered what the company is calling "catastrophic destruction" at the hands of an as-yet unknown intruder who trashed all of the company's primary and backup data in the United States. The firm's founder says he now fears some 18 years' worth of customer email may be gone forever.
Phishers Target Anti-Money Laundering Officers at U.S. Credit UnionsA highly targeted, malware-laced phishing campaign landed in the inboxes of multiple credit unions last week. The missives are raising eyebrows because they were sent only to specific anti-money laundering contacts at the credit unions, and many credit union sources say they suspect the non-public data may have been somehow obtained from the National Credit…
More Alleged SIM Swappers Face JusticeProsecutors in Northern California have charged two men with using unauthorized SIM swaps to steal and extort money from victims. One of the individuals charged allegedly used a hacker nickname belonging to a key figure in the underground who's built a solid reputation hijacking mobile phone numbers for profit. According to indictments unsealed this week, Tucson,…
Crooks Continue to Exploit GoDaddy HoleGodaddy.com, the world's largest domain name registrar, recently addressed an authentication weakness that cybercriminals were using to blast out spam through legitimate, dormant domains. But several more recent malware spam campaigns suggest GoDaddy's fix hasn't gone far enough, and that scammers likely still have a sizable arsenal of hijacked GoDaddy domains at their disposal.
Facebook login phishing campaign can deceive tech-savvy users Security experts at Myki have recently discovered a new phishing campaign that could deceive even most tech-savvy users. The technique relies upon the concept of being able to reproduce a social login prompt in a very realistic format inside an HTML block. Crooks are distributing links to blogs and services that display users “login using…
Security Affairs newsletter Round 201 – News of the week A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Adiantum will bring encryption on Android devices without…
Facebook paid $25,000 for CSRF exploit that leads to Account Takeover Facebook paid a $25,000 bounty for a critical cross-site request forgery (CSRF) vulnerability that could have been exploited to hijack accounts simply by tricking users into clicki on a link. The white hat hacker who goes online with the moniker “Samm0uda” discovered a critical CSRF vulnerability in Facebook and the social network giant paid a…
Russia is going to disconnect from the internet as part of a planned test Russia plans to disconnect the country from the internet as part of an experiment aimed at testing the response to cyber attacks that should isolate it. Russia plans to conduct the country from the Internet for a limited period of time to conduct a test aimed at assessing the security of its infrastructure. Russian citizens…
A new batch of 127 million records appears in the dark web A new batch of 127 million records appears in the dark web, this time the huge trove of data appears to be originated from eight companies. A hacker that goes online with the moniker ‘gnosticplayers‘ is offering for sale the data on the Dream Market marketplace asking $14,500 worth of Bitcoin. Early this week, the…
Astaroth Trojan relies on legitimate os and antivirus processes to steal data A new Astaroth Trojan campaign was spotted by the Cybereason’s Nocturnus team, hackers are targeting Brazil and European countries. Researchers at Cybereason’s Nocturnus team have uncovered a new Astaroth Trojan campaign that is currently exploiting the Avast antivirus and security software developed by GAS Tecnologia to steal information and drop malicious modules. “The campaign exploits legitimate operating system processes…
Cryptojacking Coinhive Miners for the first time found on the Microsoft Store Symantec discovered eight potentially unwanted applications (PUAs) into the Microsoft Store that were dropping cryptojacking Coinhive miners. Security experts at Symantec have discovered eight potentially unwanted applications (PUAs) into the Microsoft Store that were dropping cryptojacking Coinhive miners. The removed apps are Fast-search Lite, Battery Optimizer (Tutorials), VPN Browsers+, Downloader for YouTube Videos, Clean Master+…
Group-IB helped to arrest phone scammers profiting off the backs of the Russian elderly Moscow police department operatives, with the participation of Group-IB experts, took down a group of phone scammers who for several years have been extorting money from the elderly. Phone scammers typically managed to steal between 450 and 4500 USD per victim, promising substantial compensation for their purchases of medicines, medical devices or dietary supplements. According…
Coffee Meets Bagel dating app confirms data breach The week closes with the news of another embarrassing data breach, the Coffee Meets Bagel confirmed a hack on Valentine’s Day. The dating app Coffee Meets Bagel confirmed that hackers breached its systems on Valentine’s Day and may have obtained access to users’ account data. The company notified the incident to account holders, the intrusion…
Germany makes its cyber capabilities available for NATO alliance Germany announced it is going to make its cyber capabilities available for the NATO alliance to help fight hacking and electronic warfare. Germany is going to share its cyber warfare capabilities with the NATO alliance to protect members of the alliance against hacking and electronic warfare. During the 2016 Warsaw Summit, NATO officially recognised cyberspace…
Experts spotted a new strain of Shlayer macOS Malware Security experts at Carbon Black have recently discovered a new strain of the Shlayer malware that targets macOS versions. Security experts at Carbon Black have recently spotted a new strain of the Shlayer malware that targets MacOS versions from 10.10.5 up to 10.14.3. The malware poses as an Adobe Flash update it was distributed through…
SAP security fixes address Critical flaw in SAP HANA XSASAP released a collection of security fixes for February 2019 that address 13 vulnerabilities in its products, including a Hot News flaw in SAP HANA XSA. This week SAP addressed 13 vulnerabilities in its products with the released of the February 2019 set of security fixes, including a Hot News flaw in SAP HANA Extended…
Bank of Valletta shut down its operations after a cyber attackBank of Valletta, the largest bank of Malta was hit by a cyber attack, attackers attempted to steal 13 million euros ($14.7 million). Bank of Valletta the largest bank in Malta that accounts for almost half of banking transactions in the country, had to shut down its operations on Wednesday after hackers attempted to withdraw 13…
0patch released micropatch for code execution flaw in OpenOfficeExperts at ACROS Security’s 0patch released an unofficial patch for a recently disclosed remote code execution vulnerability in the Apache OpenOffice suite. ACROS Security’s 0patch released an unofficial patch for a path traversal flaw recently disclosed in the Apache OpenOffice suite. The security researcher Alex Inführ discovered a severe remote code execution vulnerability in LibreOffice…
Ubuntu snapd flaw allows getting root access to the system.Expert discovered a privilege escalation vulnerability in default installations of Ubuntu Linux that resides in the snapd API. Security researcher Chris Moberly discovered a vulnerability in the REST API for Canonical’s snapd daemon that could allow attackers to gain root access on Linux machines. Canonical, the makers of Ubuntu Linux, promotes their “Snap” packages to roll all…
For the First Time, Cryptojacking Apps is Found on Microsoft Store Eight crypto jacking apps found on the Microsoft Store tha abuses victim’s CPU cycle to mine Monero without user knowledge. Symantec detected the malicious apps on Microsoft Store disguised as the apps for computer and battery optimization tutorial, internet search, web browsers, and video viewing and download. These malicious apps got listed for top free…
SN1PER – A Detailed Explanation of Most Advanced Automated Information Gathering & Penetration Testing Tool Sn1per is an automated scanner that can automate the process of collecting data for the exploration and penetration testing. In their work sn1per involves such well-known tools like: amap, arachni, amap, cisco-torch, dnsenum, enum4linux, golismero, hydra, metasploit-framework, nbtscan, nmap smtp-user-enum, sqlmap, sslscan, theharvester, w3af, wapiti, whatweb, whois, nikto, wpscan.d during a penetration test to enumerate…
How to Keep Your Mobile Safe from Cyber Threats Before smartphones were popular, people didn’t take mobile security much seriously. After all, we used to have a few contacts, some classic games, and some blurred wallpapers, what was actually stored on our old mobile phones? However, now that everything has changed, a lot of people are using Smartphone’s to perform a lot of tasks…
Hacker Who Stole 620 Million Records has Stolen Another 127 Million Records from Another 8 Websites A new report reveals that the hacker who stoles 620 million user data from 16 popular websites have stolen another 127 million data from another 8 websites. The hacker listed the data on the dark web market place, according to analysts the data appears to be purchased from infamous Dream Market. According to the TechCrunch…
Staffing Shortage Makes Vulnerabilities Worse Businesses don't have sufficient staff to find vulnerabilities or protect against their exploit, according to a new report by Ponemon Institute.
Hackers Found Phishing for Facebook Credentials A "very realistic-looking" login prompt is designed to capture users' Facebook credentials, researchers report.
ICS/SCADA Attackers Up Their Game With attackers operating more aggressively and stealthily, some industrial network operators are working to get a jump on the threats.
Post-Quantum Crypto Standards Aren't All About the Math The industry needs to keep in mind the realities of hardware limits and transitional growing pains, according to Microsoft, Utimaco researchers.
500px Hacked – Attackers Stolen 14.8 Million Users Personal Data 500px , an online photography community suffering a massive data breach that leaked 14.8 million users personal information by cybercriminals. 500px global network for photographers and the platform managing around 16 million users who get paid for their work and skills. Security experts learned this security incident in July 2018 when an unauthorized party breaking…
Data Manipulation Attacks – Steps to Protect and Mitigate Your Network Programmers don’t generally take data. Now and again the objective is to control the data to trigger outside occasions that can be exploited purposefully. The standard way of thinking says that once an assailant is in the framework, moving along the side from system to arrange, the harm is now done. The foe has discovered…
620 Million Online Accounts Data Stolen from 16 Hacked websites – Available in Dark Web for Sale A new shocking report revealed that almost 620 million online account data from 20 famous websites currently hackers selling it in dark web for less than $20,000 in Bitcoin. Selling data contains account holder names, email addresses, and passwords. These passwords are hashed and some of the other information such as location, personal details, and…
From 'O.MG' to NSA, What Hardware Implants Mean for Security A wireless device resembling an Apple USB-Lightning cable that can exploit any system via keyboard interface highlights risks associated with hardware Trojans and insecure supply chains.
Valentine's Emails Laced with Gandcrab Ransomware In the weeks leading up to Valentine's Day 2019, researchers notice a new form of Gandcrab appearing in romance-themed emails.
Coffee Meets Bagel Confirms Hack on Valentine's Day The dating app says users' account data may have been obtained by an unauthorized party.
New Professional Development Institute Aims to Combat Cybersecurity Skills Shortage The (ISC)2 announces a new institute for working cybersecurity professionals to continue their education.
Kashmiri student writes ‘Allah shahadat kabool kare’ as WhatsApp status for Pulwama terrorist, gets arrested Following the complaint filed by retd. Col. AK Chauhan, dean of Chitkara University and Gul was booked under IPC section 153B (imputing, making assertions prejudicial to national integration). At the time when the entire nation is fuming in rage over the heinous Pulwama attack, a Kashmiri student of a Himachal Pradesh university was arrested for allegedly…
A Cybersecurity Powerhouse Is Wide Open to Election Manipulation 
How to become an ethical hacker with CEH certification The International Council of E-Commerce Consultants (EC–Council) is a leading organization that provides certifications for a thousands of specialists whose main domain is cyber security. This term relates to such spheres as software security, disaster recovery, digital forensics, etc. EC-Council has already accredited more than 220,000 professionals, among which are the members of such companies…
Pakistan foreign ministry's website hacked Pay your tributes to Pulwama attack martyrs here
Cyber warfare: Did Russia hack the Army's Stryker Dragoon armored vehicles? 
Someone Please Let Jamie Dimon Know That His New Cryptocurrency is a Fraud 
Russia dubs Gavin Williamson 'minister for war' in latest controversy surrounding gaffe-prone defence secretary 
Here's a list of the 31 national emergencies that have been in effect for years By: Kendall Heath , ABC News WASHINGTON, D.C. - According to the Federal Register, 58 national emergencies have been declared since the National Emergency Act of 1976 was signed into law by President Gerald Ford. And 31 have been annually renewed and are currently still in effect, as listed in the Federal Register. Here's a list of…
Ordinary Stablecoin or XRP Killer? What We Know About JPMorgan Chase’s New Cryptocurrency Cointelegraph has reached out to Ripple for an additional comment on the matter. In response, the Ripple team sent the link to the tweet of their CEO Brad Garlinghouse, who, in turn, criticized the concept of bank-issued digital coins (which he calls “bank coins”) and JPM Coin specifically, citing its centralized structure: As predicted, banks…
Porter Health Care System patients could get up to $5K from cyberattack settlement 
In the Daily: Cryptocurrency Payments, Nvidia Losses, Suspended CFD Bitcoin.
Mobile Gifting Platform Swych Announces Cryptocurrency Support Bitcoin.
National Emergencies Act: Which presidents have declared a national emergency and which are still in effect? Updated on: February 15, 2019 / 4:24 PM / CBS News President Trump declared a national emergency to free up funds to build a wall without congressional approval on Friday, adding that other presidents have called national emergencies on other topics "many times before." The National Emergencies Act of 1975 allows the president to declare…
Ripple’s Brad Garlinghouse Explains Why He’s Not Scared of JP Morgan’s ‘Bank Cryptocurrency’ Three MIT students in their early 20s created a technology that could draft predictive responses to emails. In May 2018, they proceeded to raise funds for their startup – EasyEmail. Around the same time, Google held its annual conference in which it announced a feature similar to that of EasyEmail. The startup’s founder, Filip Twarowski, expressed…
Trump's border wall joins 31 other national emergencies currently in effect This material may not be published, broadcast, rewritten, or redistributed. ©2019 FOX News Network, LLC. All rights reserved. All market data delayed 20 minutes. President Trump's "national emergency" declaration to complete construction of his multibillion-dollar wall along the U.S.
Windows App runs on Mac to download MacOS malware Experts at Trend Micro have detected a new strain of MacOS malware that hides inside a Windows executable to avoid detection. Security experts at Trend Micro have spotted a new strain of MacOS malware disguises itself as a Windows executable file to evade detection. The malware is carried via .EXE file that will not execute…
- Facebook login phishing campaign can deceive tech-savvy users Security experts at Myki have recently discovered a new phishing campaign that could deceive even most tech-savvy users. The technique relies upon the concept of being able to reproduce a social login prompt in a very realistic format inside an HTML block. Crooks are distributing links to blogs and services that display users “login using…
- Security Affairs newsletter Round 201 – News of the week A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Adiantum will bring encryption on Android devices without…
- Facebook paid $25,000 for CSRF exploit that leads to Account Takeover Facebook paid a $25,000 bounty for a critical cross-site request forgery (CSRF) vulnerability that could have been exploited to hijack accounts simply by tricking users into clicki on a link. The white hat hacker who goes online with the moniker “Samm0uda” discovered a critical CSRF vulnerability in Facebook and the social network giant paid a…
- Russia is going to disconnect from the internet as part of a planned test Russia plans to disconnect the country from the internet as part of an experiment aimed at testing the response to cyber attacks that should isolate it. Russia plans to conduct the country from the Internet for a limited period of time to conduct a test aimed at assessing the security of its infrastructure. Russian citizens…
- A new batch of 127 million records appears in the dark web A new batch of 127 million records appears in the dark web, this time the huge trove of data appears to be originated from eight companies. A hacker that goes online with the moniker ‘gnosticplayers‘ is offering for sale the data on the Dream Market marketplace asking $14,500 worth of Bitcoin. Early this week, the…
- Astaroth Trojan relies on legitimate os and antivirus processes to steal data A new Astaroth Trojan campaign was spotted by the Cybereason’s Nocturnus team, hackers are targeting Brazil and European countries. Researchers at Cybereason’s Nocturnus team have uncovered a new Astaroth Trojan campaign that is currently exploiting the Avast antivirus and security software developed by GAS Tecnologia to steal information and drop malicious modules. “The campaign exploits legitimate operating system processes…
- Cryptojacking Coinhive Miners for the first time found on the Microsoft Store Symantec discovered eight potentially unwanted applications (PUAs) into the Microsoft Store that were dropping cryptojacking Coinhive miners. Security experts at Symantec have discovered eight potentially unwanted applications (PUAs) into the Microsoft Store that were dropping cryptojacking Coinhive miners. The removed apps are Fast-search Lite, Battery Optimizer (Tutorials), VPN Browsers+, Downloader for YouTube Videos, Clean Master+…
- Group-IB helped to arrest phone scammers profiting off the backs of the Russian elderly Moscow police department operatives, with the participation of Group-IB experts, took down a group of phone scammers who for several years have been extorting money from the elderly. Phone scammers typically managed to steal between 450 and 4500 USD per victim, promising substantial compensation for their purchases of medicines, medical devices or dietary supplements. According…
- Coffee Meets Bagel dating app confirms data breach The week closes with the news of another embarrassing data breach, the Coffee Meets Bagel confirmed a hack on Valentine’s Day. The dating app Coffee Meets Bagel confirmed that hackers breached its systems on Valentine’s Day and may have obtained access to users’ account data. The company notified the incident to account holders, the intrusion…
- Germany makes its cyber capabilities available for NATO alliance Germany announced it is going to make its cyber capabilities available for the NATO alliance to help fight hacking and electronic warfare. Germany is going to share its cyber warfare capabilities with the NATO alliance to protect members of the alliance against hacking and electronic warfare. During the 2016 Warsaw Summit, NATO officially recognised cyberspace…
- Experts spotted a new strain of Shlayer macOS Malware Security experts at Carbon Black have recently discovered a new strain of the Shlayer malware that targets macOS versions. Security experts at Carbon Black have recently spotted a new strain of the Shlayer malware that targets MacOS versions from 10.10.5 up to 10.14.3. The malware poses as an Adobe Flash update it was distributed through…
- SAP security fixes address Critical flaw in SAP HANA XSASAP released a collection of security fixes for February 2019 that address 13 vulnerabilities in its products, including a Hot News flaw in SAP HANA XSA. This week SAP addressed 13 vulnerabilities in its products with the released of the February 2019 set of security fixes, including a Hot News flaw in SAP HANA Extended…
- Bank of Valletta shut down its operations after a cyber attackBank of Valletta, the largest bank of Malta was hit by a cyber attack, attackers attempted to steal 13 million euros ($14.7 million). Bank of Valletta the largest bank in Malta that accounts for almost half of banking transactions in the country, had to shut down its operations on Wednesday after hackers attempted to withdraw 13…
- 0patch released micropatch for code execution flaw in OpenOfficeExperts at ACROS Security’s 0patch released an unofficial patch for a recently disclosed remote code execution vulnerability in the Apache OpenOffice suite. ACROS Security’s 0patch released an unofficial patch for a path traversal flaw recently disclosed in the Apache OpenOffice suite. The security researcher Alex Inführ discovered a severe remote code execution vulnerability in LibreOffice…
Safe Harbor on Cyber is a ‘safe harbor’ blog site on cyber security for families and small businesses with news on cyber threats, risk, data breach, identity thefts, ransomware, cryptocurrency, and vulnerabilities items.
This website offers valuable information and cyber threat incident alerts to protect, prevent, mitigate, respond, recover, and learn about Cybersecurity threats to your business and family. We provide
- Curated Cyber Security Information and News Feeds and Articles on Targeted Alerting
- Hints and Best Practices
- How To’s and DIYs
- Secure, Trusted Collaboration
- Cyber Threat and Defense News
- Cyber Resource Links for further learning experiences.
So that we the greater community to be better protected for you, your family, and business.
Under CyberWisdom, we deliver value curated new commentaties for your awareness in prevention and protection in cybersecurity, identity thefts, and cyber threats
:
- A consolidated, edited view of the latest cyber developments in order to help you perform your professional responsibilities (in the form of personalized dashboards and alerts).
- Valuable, unique physical + logical security advice, trends, and incidents.
- A rich library of personal cybersecurity best practices. Open source data feeds top cyber blogs and news.
- Relevant information feeds from US Federal agencies, leading security vendors and authentic cybersecurity experts.
- The ability to automatically report critical cyber incidents to the right corporate groups or government agency.
- Ability to integrate with corporate compliance and governance initiatives to help ensure incidents are appropriately managed and documented.
- Provide news feed commentaries to our sister sites cyberexpertize and wetalkeng.
- And much, much more…
Like this:
Like Loading...