Daily Cyber Threats for Businesses and You
Safe Harbor on Cyber Daily News: A Must Read on Cybersecurity to meet your needs.
Welcome to the and enjoy reading our amazing and comprehensive Safe Harbor on the
Cyber news alert RSS feeds for your reading and gain the latest insight
Collection of Cyber News Alert Feeds
Click title link below for rendering original Articles on:
Security Affairs newsletter Round 325 A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Crooks target Kubernetes installs via Argo Workflows to deploy miners XCSSET MacOS malware targets Telegram, Google Chrome…
Threat actors leaked data stolen from EA, including FIFA code Threat actors that hacked Electronic Arts in June have leaked full data dump stolen from the company after the failure of the negotiation with the victim. In June, hackers have compromised the network of the gaming giant Electronic Arts (EA) and claimed to have stolen approximately 780 GB of data. The stolen data include the source…
SolarWinds hackers breached 27 state attorneys’ offices Microsoft Office 365 email accounts of employees at 27 US Attorneys’ offices were breached by the Russia-linked SVR group as part of the SolarWinds hack, DoJ warns. The US Department of Justice revealed that the Microsoft Office 365 email accounts of employees at 27 US Attorneys’ offices were hacked by the Russia-linked SVR (aka APT29, Cozy Bear, and The Dukes) during the SolarWinds attack. The…
Android Banking Trojan Vultur uses screen recording for credentials stealing Experts spotted a new strain of Android banking Trojan dubbed Vultur that uses screen recording and keylogging for the capturing of login credentials. ThreatFabric researchers discovered a new Android banking Trojan, tracked as Vultur, that uses screen recording and keylogging to capture login credentials. Vultur was first spotted in late March 2021, it gains full…
CVE-2021-3490 – Pwning Linux kernel eBPF on Ubuntu machines Researcher published an exploit code for a high-severity privilege escalation flaw (CVE-2021-3490) in Linux kernel eBPF on Ubuntu machines. The security researcher Manfred Paul of the RedRocket CTF team released the exploit code for a high-severity privilege escalation bug, tracked as CVE-2021-3490, in Linux kernel eBPF (Extended Berkeley Packet Filter). A local attacker could exploit the flaw to…
Estonia ‘s police arrested a Tallin resident who stole 286K ID scans from a government DB Estonia ‘s police arrested a man from Tallinn that is suspected to be the hacker who stole 286K ID scans from the government systems. Estonian police arrested a man from Tallinn that is suspected to have stolen 286,438 belonging to Estonians citizens from the government systems. The hacker exploited a vulnerability in a photo transfer…
Meteor was the wiper used against Iran’s national railway system The recent attack against Iran’s national railway system was caused by a wiper malware dubbed Meteor and not by a ransomware as initially thought. According to research from Amnpardaz and SentinelOne, the recent attack against Iran’s national railway system was caused by a wiper malware dubbed Meteor and not by ransomware as initially thought. Meteor was a previously undetected strain of malware, but experts…
BlackMatter and Haron, two new ransomware gangs in the threat landscape The cyber threat landscape change continuously, recently two new ransomware-as-service (RaaS) operations named BlackMatter and Haron made the headlines. Recently, two new ransomware gangs, named BlackMatter and Haron, announced the beginning of the operations. The Haron malware was first described by the South Korean security firm S2W Lab, three day after a first sample of…
LockBit 2.0, the first ransomware that uses group policies to encrypt Windows domains A new variant of the LockBit 2.0 ransomware is now able to encrypt Windows domains by using Active Directory group policies. Researchers from MalwareHunterTeam and BleepingComputer, along with the malware expert Vitali Kremez reported spotted a new version of the LockBit 2.0 ransomware that encrypts Windows domains by using Active Directory group policies. Kramez explained that this is the…
Critical flaw in Microsoft Hyper-V could allow RCE and DoSExperts disclose details about a critical flaw in Microsoft Hyper-V, tracked as CVE-2021-28476, that can allow executing arbitrary code on it. Researchers Peleg Hadar of SafeBreach and Ophir Harpaz of Guardicore disclose details about a critical flaw in Microsoft Hyper-V, tracked as CVE-2021-28476, that can allow triggering a DoS condition ot executing arbitrary code on it. The flaw resides in…
US, UK, and Australian agencies warn of top routinely exploited issuesA joint report published by US, UK, and Australian cyber security agencies warns of the top routinely exploited vulnerabilities in 2020. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI) published a Joint Cybersecurity…
Chinese cyberspies used a new PlugX variant, dubbed THOR, in attacks against MS Exchange ServersA China-linked cyberespionage group, tracked as PKPLUG, employed a previously undocumented strain of a RAT dubbed THOR in recent attacks. A China-linked cyberespionage group tracked as PKPLUG (aka Mustang Panda and HoneyMyte), which is known for targeting Southeast Asia, exploited vulnerabilities in the Microsoft Exchange Server to deploy a previously undocumented variant of PlugX on compromised systems. Researchers…
IBM Cost of a Data Breach study: average Cost of Data Breach exceeds $4.2MThe ‘Cost of a Data Breach’ report commissioned by IBM Security states that the cost of a data breach exceeded $4.2 million during the COVID19 pandemic. IBM Security presented today the annual study “Cost of Data Breach,” conducted by Ponemon Institute and sponsored and analyzed by IBM, which is based on data related to data…
BlackMatter ransomware group claims to be Darkside and REvil succesorBlackMatter ransomware gang, a new threat actor appears in the threat landscape and claims to combine TTPs of Darkside and REvil. BlackMatter is a new ransomware gang that started its activity this week, the cybercriminals group claims to be the successor of Darkside and REvil groups. Lile other ransomware operations, BlackMatter also set up its…
Flaws in Zimbra could allow to takeover webmail server of a targeted organizationResearchers discovered flaws in Zimbra email collaboration software that could allow attackers to compromise email accounts by sending a malicious email. Cybersecurity researchers have discovered multiple security vulnerabilities, tracked as CVE-2021-35208 and CVE-2021-35208, in Zimbra email collaboration software. An unauthenticated attacker could chain these vulnerabilities to fully takeover a Zimbra webmail server of a targeted organization. An…
Top 10 Best Free Antivirus Download For PC 2021 Basically, a Best Free Antivirus software is the most essential part of Windows and significant for every Windows PC nowadays since the cyber threat is continuously evolving day by day. As without an Antivirus, you have a risk of losing your personal information, like your files, the cash from your bank account, ransom, and much…
Russian APT29 Used 30+ C&C Servers Uncovered Linked to “WellMess” Malware Researchers from RISKIQ uncovered more than 30 commands & control server infrastructure actively serving malware known as “WellMess/WellMail”. These C2 servers belong to Russian APT29 group hackers, and the gang was identified nearly a year back by the UK, US, and Canadian governments issued a joint advisory. APT29(YTTRIUM, THE DUKES, COZY BEAR) group explicitly believed to…
New Android Banking Malware Recording Screen, Keylogging & Spy Android Users Via VNC Oscorp, a new Android malware stealing funds from the victims’ home banking service, by combining the usage of phishing kits and vishing calls. This new version of Oscorp malware was detected by Cleafy systems. According to the report, the geographical distribution of banks and other apps targeted by Oscorp includes Spain, Poland, Germany, Turkey, the…
TA456 – Iranian Hackers Attack Defense Contractors with Malware To Exfiltrate Sensitive DataThe security researchers at Proofpoint have uncovered that the Iranian Hacking group, TA456 which is also known as “Tortoiseshell” and “Imperial Kitten” has recently executed several targeted attacks on defense contractors with malware. On Facebook, the hackers of this group mimicked themselves as aerobics instructors simply to fool the defense contractors and then compromise their…
8 Security Tools to be Unveiled at Black Hat USASecurity researchers and practitioners share a host of new cyber tools for penetration testing, reverse engineering, malware defense, and more.
10 Best Free Password Manager to Secure Your Password For 2021Free Password Manager always helps to make Strong passwords to protect your devices, online banking accounts and other data sources from unauthorized access. In this article, we highlight the Best open source Password Manager for Android, Mac and iPhone. Do I really need a password manager? Manage different password for so many accounts in online…
EvilModel – New Method to Secretly Deliver Malware Via Neural Networks To Evading Antivirus EnginesRecently, three well-known security analysts, Zhi Wang, Chaoge Liu, and Xiang Cui have published a research report known as EvilModel, a model through which attacker will send a malware covertly and evade the detection. In this security report, these three cybersecurity researchers have demonstrated a new method for hiding malware into AI models and evading…
New LemonDuck Malware Attack Windows & Linux Systems for Mining & Stealing ActivitiesA new version of LemonDuck has been found by the security experts Microsoft and this new version can now steal data, put backdoors, and implement different malicious activities on vulnerable computers. However, the Microsoft 365 Defender Threat Intelligence team has ensured that this new version of LemonDuck is quite dangerous as compared to the old…
Hackers Attack Kubernetes Cluster to Deploy Crypto-MinersThe cybersecurity experts at Intezer have recently detected a cyberattack, and soon after detecting they have warned that the threat actors of this attack are using the Argo Workflows engine to start attacks on Kubernetes clusters to easily deploy crypto miners. After detecting the cyberattack, the researchers started their deep investigation, and they found a…
Ransomware Attack Response and Mitigation ChecklistRansomware is one of the fast-growing threat in the worldwide and its considered as a leader of Global cyberattack in recent days which cause some dangerous issues and loss in many organizations and individuals. Here is the Ransomware response Checklist for Attack Response and Mitigation. The ransomware is a turnkey business for some criminals, and victims still…
Beware!! Fake Windows 11 Installer Drop Malware on Your ComputerEarlier this year Microsoft announced Windows 11, and Microsoft hasn’t published this new operating system publicly. But, a few weeks ago Windows 11 was unofficially leaked before Microsoft released it to Windows Insiders. In short, the announcement of the new OS of Microsoft, Windows 11 has created a big hype on the internet world. And…
macOS Malware Added New Weapons to Its Arsenal To Attack Google Chrome & TelegramThe security researchers of Trend Micro have recently detected that the XCSSET malware that has been outlined to attack the macOS operating system got updated. The analysts noted that the new updated version consists of a new feature, that enables the stealing of private data from different applications, which also includes the Google Chrome browser…
How to Protect Your Files From Ransomware Attacks?Ransomware today is among the greatest threats to your data privacy and security. As per cybersecurity ventures, this damage has been increasing considerably over time. The global ransomware damage in 2017 was recorded to be worth $5 billion, and these numbers have never stopped growing since then. The worst part is it can enter into…
Security Information and Event Management (SIEM) – A Detailed ExplanationSIEM software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by network hardware and applications. Vendors sell SIEM as software, as appliances or as managed services; these products are also used to log security data and generate reports for compliance purposes. …
Top 5 Best Dark Web Browser for Anonymous Web Browsing With Ultimate Privacy – 2021Dark web browser are a most important concern for anonymous browsing and the most used applications in any device in current times is browsers, but not all your browsing histories are kept private and this is why deep or dark web makes a difference for complete privacy. Unlike Dark web browsers, other browsers With cookies,…
- Threat actors leaked data stolen from EA, including FIFA code Threat actors that hacked Electronic Arts in June have leaked full data dump stolen from the company after the failure of the negotiation with the victim. In June, hackers have compromised the network of the gaming giant Electronic Arts (EA) and claimed to have stolen approximately 780 GB of data. The stolen data include the source…
- SolarWinds hackers breached 27 state attorneys’ offices Microsoft Office 365 email accounts of employees at 27 US Attorneys’ offices were breached by the Russia-linked SVR group as part of the SolarWinds hack, DoJ warns. The US Department of Justice revealed that the Microsoft Office 365 email accounts of employees at 27 US Attorneys’ offices were hacked by the Russia-linked SVR (aka APT29, Cozy Bear, and The Dukes) during the SolarWinds attack. The…
- Android Banking Trojan Vultur uses screen recording for credentials stealing Experts spotted a new strain of Android banking Trojan dubbed Vultur that uses screen recording and keylogging for the capturing of login credentials. ThreatFabric researchers discovered a new Android banking Trojan, tracked as Vultur, that uses screen recording and keylogging to capture login credentials. Vultur was first spotted in late March 2021, it gains full…
- CVE-2021-3490 – Pwning Linux kernel eBPF on Ubuntu machines Researcher published an exploit code for a high-severity privilege escalation flaw (CVE-2021-3490) in Linux kernel eBPF on Ubuntu machines. The security researcher Manfred Paul of the RedRocket CTF team released the exploit code for a high-severity privilege escalation bug, tracked as CVE-2021-3490, in Linux kernel eBPF (Extended Berkeley Packet Filter). A local attacker could exploit the flaw to…
- Estonia ‘s police arrested a Tallin resident who stole 286K ID scans from a government DB Estonia ‘s police arrested a man from Tallinn that is suspected to be the hacker who stole 286K ID scans from the government systems. Estonian police arrested a man from Tallinn that is suspected to have stolen 286,438 belonging to Estonians citizens from the government systems. The hacker exploited a vulnerability in a photo transfer…
- Meteor was the wiper used against Iran’s national railway system The recent attack against Iran’s national railway system was caused by a wiper malware dubbed Meteor and not by a ransomware as initially thought. According to research from Amnpardaz and SentinelOne, the recent attack against Iran’s national railway system was caused by a wiper malware dubbed Meteor and not by ransomware as initially thought. Meteor was a previously undetected strain of malware, but experts…
- BlackMatter and Haron, two new ransomware gangs in the threat landscape The cyber threat landscape change continuously, recently two new ransomware-as-service (RaaS) operations named BlackMatter and Haron made the headlines. Recently, two new ransomware gangs, named BlackMatter and Haron, announced the beginning of the operations. The Haron malware was first described by the South Korean security firm S2W Lab, three day after a first sample of…
- LockBit 2.0, the first ransomware that uses group policies to encrypt Windows domains A new variant of the LockBit 2.0 ransomware is now able to encrypt Windows domains by using Active Directory group policies. Researchers from MalwareHunterTeam and BleepingComputer, along with the malware expert Vitali Kremez reported spotted a new version of the LockBit 2.0 ransomware that encrypts Windows domains by using Active Directory group policies. Kramez explained that this is the…
- Critical flaw in Microsoft Hyper-V could allow RCE and DoSExperts disclose details about a critical flaw in Microsoft Hyper-V, tracked as CVE-2021-28476, that can allow executing arbitrary code on it. Researchers Peleg Hadar of SafeBreach and Ophir Harpaz of Guardicore disclose details about a critical flaw in Microsoft Hyper-V, tracked as CVE-2021-28476, that can allow triggering a DoS condition ot executing arbitrary code on it. The flaw resides in…
- US, UK, and Australian agencies warn of top routinely exploited issuesA joint report published by US, UK, and Australian cyber security agencies warns of the top routinely exploited vulnerabilities in 2020. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI) published a Joint Cybersecurity…
- Chinese cyberspies used a new PlugX variant, dubbed THOR, in attacks against MS Exchange ServersA China-linked cyberespionage group, tracked as PKPLUG, employed a previously undocumented strain of a RAT dubbed THOR in recent attacks. A China-linked cyberespionage group tracked as PKPLUG (aka Mustang Panda and HoneyMyte), which is known for targeting Southeast Asia, exploited vulnerabilities in the Microsoft Exchange Server to deploy a previously undocumented variant of PlugX on compromised systems. Researchers…
- IBM Cost of a Data Breach study: average Cost of Data Breach exceeds $4.2MThe ‘Cost of a Data Breach’ report commissioned by IBM Security states that the cost of a data breach exceeded $4.2 million during the COVID19 pandemic. IBM Security presented today the annual study “Cost of Data Breach,” conducted by Ponemon Institute and sponsored and analyzed by IBM, which is based on data related to data…
- BlackMatter ransomware group claims to be Darkside and REvil succesorBlackMatter ransomware gang, a new threat actor appears in the threat landscape and claims to combine TTPs of Darkside and REvil. BlackMatter is a new ransomware gang that started its activity this week, the cybercriminals group claims to be the successor of Darkside and REvil groups. Lile other ransomware operations, BlackMatter also set up its…
- Flaws in Zimbra could allow to takeover webmail server of a targeted organizationResearchers discovered flaws in Zimbra email collaboration software that could allow attackers to compromise email accounts by sending a malicious email. Cybersecurity researchers have discovered multiple security vulnerabilities, tracked as CVE-2021-35208 and CVE-2021-35208, in Zimbra email collaboration software. An unauthenticated attacker could chain these vulnerabilities to fully takeover a Zimbra webmail server of a targeted organization. An…
South Africa’s logistics company Transnet SOC hit by a ransomware attackTransnet SOC Ltd, a large South African rail, port and pipeline company, announced it was hit by a disruptive cyber attack. South Africa’s logistics company Transnet SOC was hit last week by a disruptive cyberattack that halted its operations at all the port’s terminals. The attack took place on Thursday, 22 July. “Port terminals are operational across the system, with…
Safe Harbor on Cyber is a ‘safe harbor’ blog site on cyber security for families and small businesses with news on cyber threats, risk, data breach, identity thefts, ransomware, cryptocurrency, and vulnerabilities items.
This website offers valuable information and cyber threat incident alerts to protect, prevent, mitigate, respond, recover, and learn about Cybersecurity threats to your business and family. We provide
- Curated Cyber Security Information and News Feeds and Articles on Targeted Alerting
- Hints and Best Practices
- How To’s and DIYs
- Secure, Trusted Collaboration
- Cyber Threat and Defense News
- Cyber Resource Links for further learning experiences.
So that we the greater community to be better protected for you, your family, and business.
Under CyberWisdom, we deliver value curated new commentaties for your awareness in prevention and protection in cybersecurity, identity thefts, and cyber threats
:
- A consolidated, edited view of the latest cyber developments in order to help you perform your professional responsibilities (in the form of personalized dashboards and alerts).
- Valuable, unique physical + logical security advice, trends, and incidents.
- A rich library of personal cybersecurity best practices. Open source data feeds top cyber blogs and news.
- Relevant information feeds from US Federal agencies, leading security vendors and authentic cybersecurity experts.
- The ability to automatically report critical cyber incidents to the right corporate groups or government agency.
- Ability to integrate with corporate compliance and governance initiatives to help ensure incidents are appropriately managed and documented.
- Provide news feed commentaries to our sister sites cyberexpertize and wetalkeng.
- And much, much more…
Like this:
Like Loading...
