Daily Cyber Threats for Businesses and You
Safe Harbor on Cyber Daily News: A Must Read on Cybersecurity to meet your needs.
Welcome to the and enjoy reading our amazing and comprehensive Safe Harbor on the
Cyber news alert RSS feeds for your reading and gain the latest insight
Collection of Cyber News Alert Feeds
Click title link below for rendering original Articles on:
Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S. consumer data broker, KrebsOnSecurity has learned.
Porn Clip Disrupts Virtual Court Hearing for Alleged Twitter Hacker Perhaps fittingly, a Web-streamed court hearing for the 17-year-old alleged mastermind of the July 15 mass hack against Twitter was cut short this morning after mischief makers injected a pornographic video clip into the proceeding.
Robocall Legal Advocate Leaks Customer DataA California company that helps telemarketing firms avoid getting sued for violating a federal law that seeks to curb robocalls has leaked the phone numbers, email addresses and passwords of all its customers, as well as the mobile phone numbers and other data on people who have hired lawyers to go after telemarketers.
Three Charged in July 15 Twitter CompromiseThree individuals have been charged for their alleged roles in the July 15 hack on Twitter, an incident that resulted in Twitter profiles for some of the world's most recognizable celebrities, executives and public figures sending out tweets advertising a bitcoin scam. 
Is Your Chip Card Secure? Much Depends on Where You BankChip-based credit and debit cards are designed to make it infeasible for skimming devices or malware to clone your card when you pay for something by dipping the chip instead of swiping the stripe. But a recent series of malware attacks on U.S.-based merchants suggest thieves are exploiting weaknesses in how certain financial institutions have…
Here’s Why Credit Card Fraud is Still a ThingMost of the civilized world years ago shifted to requiring computer chips in payment cards that make it far more expensive and difficult for thieves to clone and use them for fraud. One notable exception is the United States, which is still lurching toward this goal. Here's a look at the havoc that lag has…
Business ID Theft Soars Amid COVID ClosuresIdentity thieves who specialize in running up unauthorized lines of credit in the names of small businesses are having a field day with all of the closures and economic uncertainty wrought by the COVID-19 pandemic, KrebsOnSecurity has learned. This story is about the victims of a particularly aggressive business ID theft ring that's spent years…
Thinking of a Cybersecurity Career? Read ThisThousand of people graduate from colleges and universities each year with cybersecurity or computer science degrees only to find employers are less than thrilled about their hands-on, foundational skills. Here's a look at a recent survey that identified some of the bigger skills gaps, and some thoughts about how those seeking a career in these…
Intel investigates security breach after the leak of 20GB of internal documents Intel is investigating reports of an alleged hack that resulted in the theft and leak of 20GB of data coming from the chip giant. Intel is investigating reports that an alleged hacker has leaked 20GB of exfiltrated from its systems. The stolen data includes source code and developer documents and tools, some documents are labeled…
Google Threat Analysis Group took down ten influence operations in Q2 2020 Google published its second Threat Analysis Group (TAG) report which reveals the company has taken down ten coordinated operations in Q2 2020. Google has published its second Threat Analysis Group (TAG) report, a bulletin that includes coordinated influence operation campaigns tracked in Q2 of 2020. Google revealed to have taken down ten coordinated operations in…
Netwalker ransomware operators claim to have stolen data from Forsee Power Netwalker ransomware operators breached the networks of Forsee Power, a well-known player in the electromobility market. A new company has been added to the list of the victims of the Netwalker ransomware operators, it is Forsee Power, which provides advanced lithium-ion battery systems for any mobility application. The industrial group is based in France and…
FBI is warning of cyber attacks against Windows 7 systems that reached end-of-life The FBI warned private industry partners of risks impacting companies running Windows 7 after the Microsoft OS reached the end of life on January 14. The Federal Bureau of Investigation is warning companies running Windows 7 systems of the greater risk of getting hacked because the Microsoft OS has reached the end of life on January 14.…
Hackers can abuse Microsoft Teams updater to deliver malicious payloads Threat actors can abuse Microsoft Teams updater to retrieve and execute malicious code from a remote location. Security experts from Trustwave detailed the Living Off the Land technique that could allow a threat actor to abuse the MS Teams Updater to download any binary or malicious payload from a remote server. The bad news is…
Cyber Defense Magazine – August 2020 has arrived. Enjoy it! Cyber Defense Magazine august 2020 Edition has arrived. We hope you enjoy this month’s edition…packed with over 147 pages of excellent content. OVER 145 PAGESALWAYS FREE – LOADED WITH EXCELLENT CONTENTLearn from the experts, cybersecurity best practicesFind out about upcoming information security related conferences, expos and trade shows. Always free, no strings attached. CLICK THIS FIRST LINK…
NSA releases a guide to reduce location tracking risks The United States National Security Agency (NSA) is warning of risks posed by location services for staff who work in defence or national security. The United States National Security Agency (NSA) published a new guide to warn of the risks posed by location services for staff who work in defence or national security. The guide, titled…
Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum. ZDNet…
Exclusive: TIM’s Red Team Research finds 4 zero-days in WOWZA Streaming Engine product Researchers from TIM’s Red Team Research (RTR) have discovered another 4 new zero-day vulnerabilities in the WOWZA Streaming Engine product. Last month, the TIM’s Red Team Research (RTR) disclosed 2 new vulnerabilities affecting the Oracle Business Intelligence product with High severity. Today, the TIM’s Red Team Research led by Massimiliano Brolli, discovered 4 new vulnerabilities…
Flaw in popular NodeJS ‘express-fileupload’ module allows DoS attacks and code injection Expert found a flaw in a popular NodeJS module that can allow attackers to perform a denial-of-service (DoS) attack on a server or get arbitrary code execution. The NodeJS module “express-fileupload,” which has more that 7.3 million times downloads from the npm repository. The NodeJS module is affected by a ‘Prototype Pollution’ CVE-2020-7699 vulnerability that can allow attackers to perform a denial-of-service (DoS) attack on a…
UberEats data leaked on the dark web Security researchers from threat intelligence firm Cyble have discovered user records of American online food ordering and delivery platform UberEats on DarkWeb. Another day, another data breach made the headlines, this time the alleged victim is UberEATS. UberEats is an American online food ordering and delivery platform launched by Uber in 2014. During the process…
US govt agencies share details of the China-linked espionage malware Taidoor China-linked hackers carried out cyber espionage campaigns targeting governments, corporations, and think tanks with TAIDOOR malware The FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense (DoD) released information on a RAT variant, dubbed TAIDOOR, used by China-linked hackers in cyber espionage campaigns targeting governments, corporations, and think tanks. “The Cybersecurity and Infrastructure Security…
Maze Ransomware operators published data from LG and Xerox Maze ransomware operators published internal data from LG and Xerox after the company did not pay the ransom. Ransomware crews are very active during these months, Maze ransomware operators have published tens of GB of internal data allegedly stolen from IT giants LG and Xerox following failed extortion attempts. Maze ransomware operators published 50.2 GB…
NetWalker ransomware operators have made $25 million since March 2020NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020. The malware has been active…
Hackers stole €1.2m worth of cryptocurrency from 2gether2gether has disclosed a security breach, hackers have stolen roughly €1.2 million worth of cryptocurrency from cryptocurrency investment accounts. Hackers stole roughly €1.183 million worth of cryptocurrency from investment accounts of 2gether, 26.79% of overall funds stored by the accounts. The attack took place on July 31 at 6.00 pm CEST, when hackers compromised the…
Dark Reading Video News Desk Returns to Black Hat UPDATED: Coming to you prerecorded from in front of carefully arranged bookcases around the world ...!
Information Operations Spotlighted at Black Hat as Election Worries Rise From Russia's "best-in-class" efforts at widening social divides in Western democracies to China's blunt attacks on dissidents, information operations are becoming a greater threat, says a Stanford researcher.
Ripple20: More Vulnerable Devices Identified Security researchers find 34 additional vendors, and 47 devices, affected by the widespread Ripple20 vulnerabilities.
Lesser-Known Ways to Improve Your Website Security From Cyber Attacks In many cases, the simplest solutions are the best ones as well. However, when it comes to protecting your website from unauthorized access, you may want to go several steps further. Apart from tier-1 precautions like keeping your software up to date and strengthening your password, here are the four solutions that most webmasters might…
US GOV Exposes Chinese Espionage Malware “TAIDOOR” Secretly Used To For a Decade Recently, the U.S. government exposed Chinese surveillance malware “TAIDOOR” that are secretly used by the Chinese government for a decade. There has been a joint notice on TAIDOOR that has been revealed by the cybersecurity department of Homeland security (DHS) and Infrastructure Security Agency (CISA), the Federal Bureau of Investigations (FBI) and the Department of…
Hackers Abuse Windows Feature To Launch WastedLocker Ransomware to Evade Detection Recently one of the most dangerous ransomware, WastedLocker, owes its success to a unique bypass mechanism for security solutions and tools that block ransomware. Initially, WastedLocker appeared this year in May, and it’s a part of the arsenal of the famous cybercriminal group Evil Corp, which is also known as Dridex. It was used in…
Russian Election Interference: What's Next? Nate Beach-Westmoreland gives a look back at the past 10 years of Russian election interference and disinformation campaigns. What can we learn from the past and what should we expect as the 2020 US presidential election approaches?
Microsoft Teams Vulnerable to Patch Workaround, Researchers Report Attackers could work around an earlier patch and use Microsoft Teams Updater to download binaries and payloads.
Microsoft Paid $13.7M in Bug Bounty Rewards in 2019-2020 The 2019-2020 program year awarded 327 security researchers through 15 bounty programs, with a largest reward of $200,000.
Macro Pack – Automatize Obfuscation and Generation of Malicious Office Documents Malware delivery trends change every day. For the last few years, we have observed various hacker groups like ( APT12 to Turla ) uses various techniques to deliver malware on the system or network. One of the best technique hackers groups used is to write malicious code and obfuscate it and embed with Office documents…
How Ransomware Threats Are Evolving & How to Spot Them A series of new reports explains how ransomware attackers are changing techniques and how organizations can spot stealthy criminals.
New Spin on a Longtime DNS Intel Tool Domain Name Service database service Farsight Security, the brainchild of DNS expert Paul Vixie, celebrates 10 years with new modern features.
6 Dangerous Defaults Attackers Love (and You Should Know) Default configurations can be massive vulnerabilities. Here are a half dozen to check on for your network.
Google & Amazon Replace Apple as Phishers' Favorite Brands Google and Amazon were the most imitated brands in the second quarter, knocking out Apple.
What is DNS Attack and How Does it Works?DNS Attack is a type of cyber attack that exploits the weakness or vulnerability in Domain name system. Today, the internet has turned into an integral part of our life. From communicating to banking to shopping to traveling, every aspect of our life is around the internet. Since the internet has been widely used, cybersecurity…
- Intel investigates security breach after the leak of 20GB of internal documents Intel is investigating reports of an alleged hack that resulted in the theft and leak of 20GB of data coming from the chip giant. Intel is investigating reports that an alleged hacker has leaked 20GB of exfiltrated from its systems. The stolen data includes source code and developer documents and tools, some documents are labeled…
- Google Threat Analysis Group took down ten influence operations in Q2 2020 Google published its second Threat Analysis Group (TAG) report which reveals the company has taken down ten coordinated operations in Q2 2020. Google has published its second Threat Analysis Group (TAG) report, a bulletin that includes coordinated influence operation campaigns tracked in Q2 of 2020. Google revealed to have taken down ten coordinated operations in…
- Netwalker ransomware operators claim to have stolen data from Forsee Power Netwalker ransomware operators breached the networks of Forsee Power, a well-known player in the electromobility market. A new company has been added to the list of the victims of the Netwalker ransomware operators, it is Forsee Power, which provides advanced lithium-ion battery systems for any mobility application. The industrial group is based in France and…
- FBI is warning of cyber attacks against Windows 7 systems that reached end-of-life The FBI warned private industry partners of risks impacting companies running Windows 7 after the Microsoft OS reached the end of life on January 14. The Federal Bureau of Investigation is warning companies running Windows 7 systems of the greater risk of getting hacked because the Microsoft OS has reached the end of life on January 14.…
- Hackers can abuse Microsoft Teams updater to deliver malicious payloads Threat actors can abuse Microsoft Teams updater to retrieve and execute malicious code from a remote location. Security experts from Trustwave detailed the Living Off the Land technique that could allow a threat actor to abuse the MS Teams Updater to download any binary or malicious payload from a remote server. The bad news is…
- Cyber Defense Magazine – August 2020 has arrived. Enjoy it! Cyber Defense Magazine august 2020 Edition has arrived. We hope you enjoy this month’s edition…packed with over 147 pages of excellent content. OVER 145 PAGESALWAYS FREE – LOADED WITH EXCELLENT CONTENTLearn from the experts, cybersecurity best practicesFind out about upcoming information security related conferences, expos and trade shows. Always free, no strings attached. CLICK THIS FIRST LINK…
- NSA releases a guide to reduce location tracking risks The United States National Security Agency (NSA) is warning of risks posed by location services for staff who work in defence or national security. The United States National Security Agency (NSA) published a new guide to warn of the risks posed by location services for staff who work in defence or national security. The guide, titled…
- Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum. ZDNet…
- Exclusive: TIM’s Red Team Research finds 4 zero-days in WOWZA Streaming Engine product Researchers from TIM’s Red Team Research (RTR) have discovered another 4 new zero-day vulnerabilities in the WOWZA Streaming Engine product. Last month, the TIM’s Red Team Research (RTR) disclosed 2 new vulnerabilities affecting the Oracle Business Intelligence product with High severity. Today, the TIM’s Red Team Research led by Massimiliano Brolli, discovered 4 new vulnerabilities…
- Flaw in popular NodeJS ‘express-fileupload’ module allows DoS attacks and code injection Expert found a flaw in a popular NodeJS module that can allow attackers to perform a denial-of-service (DoS) attack on a server or get arbitrary code execution. The NodeJS module “express-fileupload,” which has more that 7.3 million times downloads from the npm repository. The NodeJS module is affected by a ‘Prototype Pollution’ CVE-2020-7699 vulnerability that can allow attackers to perform a denial-of-service (DoS) attack on a…
- UberEats data leaked on the dark web Security researchers from threat intelligence firm Cyble have discovered user records of American online food ordering and delivery platform UberEats on DarkWeb. Another day, another data breach made the headlines, this time the alleged victim is UberEATS. UberEats is an American online food ordering and delivery platform launched by Uber in 2014. During the process…
- US govt agencies share details of the China-linked espionage malware Taidoor China-linked hackers carried out cyber espionage campaigns targeting governments, corporations, and think tanks with TAIDOOR malware The FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense (DoD) released information on a RAT variant, dubbed TAIDOOR, used by China-linked hackers in cyber espionage campaigns targeting governments, corporations, and think tanks. “The Cybersecurity and Infrastructure Security…
- Maze Ransomware operators published data from LG and Xerox Maze ransomware operators published internal data from LG and Xerox after the company did not pay the ransom. Ransomware crews are very active during these months, Maze ransomware operators have published tens of GB of internal data allegedly stolen from IT giants LG and Xerox following failed extortion attempts. Maze ransomware operators published 50.2 GB…
- NetWalker ransomware operators have made $25 million since March 2020NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020. The malware has been active…
- Hackers stole €1.2m worth of cryptocurrency from 2gether2gether has disclosed a security breach, hackers have stolen roughly €1.2 million worth of cryptocurrency from cryptocurrency investment accounts. Hackers stole roughly €1.183 million worth of cryptocurrency from investment accounts of 2gether, 26.79% of overall funds stored by the accounts. The attack took place on July 31 at 6.00 pm CEST, when hackers compromised the…
Safe Harbor on Cyber is a ‘safe harbor’ blog site on cyber security for families and small businesses with news on cyber threats, risk, data breach, identity thefts, ransomware, cryptocurrency, and vulnerabilities items.
This website offers valuable information and cyber threat incident alerts to protect, prevent, mitigate, respond, recover, and learn about Cybersecurity threats to your business and family. We provide
- Curated Cyber Security Information and News Feeds and Articles on Targeted Alerting
- Hints and Best Practices
- How To’s and DIYs
- Secure, Trusted Collaboration
- Cyber Threat and Defense News
- Cyber Resource Links for further learning experiences.
So that we the greater community to be better protected for you, your family, and business.
Under CyberWisdom, we deliver value curated new commentaties for your awareness in prevention and protection in cybersecurity, identity thefts, and cyber threats
:
- A consolidated, edited view of the latest cyber developments in order to help you perform your professional responsibilities (in the form of personalized dashboards and alerts).
- Valuable, unique physical + logical security advice, trends, and incidents.
- A rich library of personal cybersecurity best practices. Open source data feeds top cyber blogs and news.
- Relevant information feeds from US Federal agencies, leading security vendors and authentic cybersecurity experts.
- The ability to automatically report critical cyber incidents to the right corporate groups or government agency.
- Ability to integrate with corporate compliance and governance initiatives to help ensure incidents are appropriately managed and documented.
- Provide news feed commentaries to our sister sites cyberexpertize and wetalkeng.
- And much, much more…
Like this:
Like Loading...