Recent Cyber News Feed Spot

Welcome to our Recent Cyber News Feed:

• All
• Threats
• Hacks
  • Hacker's Den
• ID Theft
• Cyber Attacks
• Cyber News
• Cyber Attack and Hacks
• Cyber Defense

Threats

• Hackers Were Inside Citrix for Five MonthsNetworking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employee…Krebs on SecurityFeb 19 2020
• Encoding Stolen Credit Card Data on BarcodesCrooks are constantly dreaming up new ways to use and conceal stolen credit card data. According to the U.S. Secret Service, the latest scheme involves stolen card information embedded in barcodes affixed to phony money network rewards cards. The scammers then pay for merchandise by instructing a cashier to scan the barcode and enter the…Krebs on SecurityFeb 18 2020
• Pay Up, Or We’ll Make Google Ban Your AdsA new email-based extortion scheme apparently is making the rounds, targeting Web site owners serving banner ads through Google's AdSense program. In this scam, the fraudsters demand bitcoin in exchange for a promise not to flood the publisher's ads with so much bot and junk traffic that Google's automated anti-fraud systems suspend the user's AdSense…Krebs on SecurityFeb 17 2020
• A Light at the End of Liberty Reserve’s Demise?In May 2013, the U.S. Justice Department seized Liberty Reserve, alleging the virtual currency service acted as a $6 billion financial hub for the cybercrime world. Prompted by assurances that the government would one day afford Liberty Reserve users a chance to reclaim any funds seized as part of the takedown, KrebsOnSecurity filed a claim…Krebs on SecurityFeb 14 2020
• Microsoft Patch Tuesday, February 2020 EditionMicrosoft today released updates to plug nearly 100 security holes in various versions of its Windows operating system and related software, including a zero-day vulnerability in Internet Explorer (IE) that is actively being exploited. Also, Adobe has issued a bevy of security updates for its various products, including Flash Player and Adobe Reader/Acrobat.Krebs on SecurityFeb 11 2020
• U.S. Charges 4 Chinese Military Officers in 2017 Equifax HackThe U.S. Justice Department today unsealed indictments against four Chinese officers of the People's Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. DOJ officials said the four men were responsible for carrying out the largest theft…Krebs on SecurityFeb 11 2020

Hacks

• ISS reveals malware attack impacted parts of the IT environment ISS, the multinational Denmark-based facility services company, was hit with a malware that shuts down shared IT services worldwide. ISS, the Danish multinational services company announced it was hit with malware, in response to the incident the firm disabled access to shared IT services worldwide. ISS services include cleaning services, support services, property services, catering…Security Affairs by Pierluigi PaganiniFeb 23 2020
• Security Affairs newsletter Round 252 A new round of the weekly newsletter arrived! The best news of the week with Security Affairs IOTA cryptocurrency shuts down entire network after a coordinated attack on its Trinity wallet Organizers of major hacking conferences in Asia put them on hold due to Coronavirus outbreak US administration requests $9.8B for cyber 2021 budget for…Security Affairs by Pierluigi PaganiniFeb 23 2020
• Google sued by New Mexico attorney general for collecting student data through its Education Platform New Mexico sues Google for allegedly using the Google for Education platform to gather personal and private data from children. Google is facing a new lawsuit for allegedly using the Google for Education platform to gather personal and private data from students with an age of less than 13 years. The lawsuit was filed by the…Security Affairs by Pierluigi PaganiniFeb 23 2020
• ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia Cisco Talos researchers discovered a new malware, tracked as ObliqueRAT, that was employed targeted attacks against organizations in Southeast Asia. Experts from Cisco Talos discovered a new malware, tracked as ObliqueRAT, that appears a custom malware developed by a threat actor focused on government and diplomatic targets.  The malware was employed in targeted attacks against…Security Affairs by Pierluigi PaganiniFeb 23 2020
• Joker malware still able to bypass Google Play Store checks The infamous Joker malware has found a way to bypass the security checks to be published in the official Play Store, new clicker was found by experts. The fight to the Joker malware (aka Bread) begun in September 2019 when security experts at Google removed from the official Play Store 24 apps because they were…Security Affairs by Pierluigi PaganiniFeb 22 2020
• Google removed nearly 600 apps from the Play Store for ad policy violation Google announced to have removed nearly 600 Android apps in the official Play Store that were violating two ad-related policies. Google removed from the official Play Store nearly 600 Android apps that were violating two ad-related policies, it also banned the same apps from Google AdMob and Google Ad Manager. “As part of our ongoing…Security Affairs by Pierluigi PaganiniFeb 22 2020
• VMware addresses serious flaws in vRealize Operations for Horizon Adapter VMware has addressed serious vulnerabilities in vRealize Operations for Horizon Adapter, including remote code execution and authentication bypass flaws. VMware vRealize Operations is a software product that provides operations management across physical, virtual and cloud environments, it supports environments based on vSphere, Hyper-V or Amazon Web Services. Horizon Adapter instances created on VMware vRealize Operations Manager…Security Affairs by Pierluigi PaganiniFeb 21 2020
• Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later Exclusive: Pakistan and India to armaments. Researchers from Cybaze-Yoroi ZLab gathered intelligence on the return of Operation Transparent Tribe is back 4 years later Introduction The Operation Transparent Tribe was first spotted by Proofpoint Researchers in Feb 2016, in a series of espionages operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan.…Security Affairs by Pierluigi PaganiniFeb 21 2020
• DOD DISA US agency discloses a security breach The Defense Information Systems Agency (DISA) US agency in charge of secure IT and communication for the White House has disclosed a data breach. The Defense Information Systems Agency (DISA), the DoD agency that is in charge of the security of IT and telecommunications for the White House and military troops has suffered a cyber…Security Affairs by Pierluigi PaganiniFeb 21 2020
• Dragos Report: Analysis of ICS flaws disclosed in 2019 More than 400 flaws affecting industrial control systems (ICS) were disclosed in 2019, more than 100 were zero-day vulnerabilities. According to a report published by Dragos, the experts analyzed 438 ICS vulnerabilities that were reported in 212 security advisories, 26% of advisories is related to zero-day flaws. The experts determined 116 unique types of flaws,…Security Affairs by Pierluigi PaganiniFeb 21 2020
• Croatia’s largest petrol station chain INA group hit by ransomware attackSome operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain were disrupted by a cyber attack. A ransomware attack has disrupted operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain. INA, d.d. is a stock company with the Hungarian MOL Group and the Croatian Government as its biggest shareholders,…Security Affairs by Pierluigi PaganiniFeb 20 2020
• UK, US and its allies blame Russia’s GRU for 2019 cyber-attacks on GeorgiaBritain and the United governments blame Russia for being behind a destructive cyber attack that hit Georgia during 2019. The governments of Britain and the US declared that Russia’s military intelligence service GRU is behind the massive cyber attack that hit Georgia during 2019. In October 2019, a wave of cyber attacks hit 2,000 websites…Security Affairs by Pierluigi PaganiniFeb 20 2020
• Adobe released out-of-band updates for After Effects and Media Encoder appsAdobe released out-of-band security updates for After Effects and Media Encoder applications that address two new critical vulnerabilities. Adobe released out-of-band security updates for After Effects and Media Encoder applications that fix two new critical vulnerabilities (CVE-2020-3765, CVE-2020-3764). Adobe After Effects is a digital visual effects, motion graphics, and compositing application developed and used in…Security Affairs by Pierluigi PaganiniFeb 20 2020
• Cisco fixes a static default credential issue in Smart Software Manager toolCisco has released security updates to address 17 vulnerabilities affecting its networking and unified communications product lines. Cisco has released security patches to fix 17 vulnerabilities affecting its networking and unified communications product lines. The types of fixed vulnerabilities include remote access and code execution, elevation of privilege, denial of service, and cross-site request forgeries. One of…Security Affairs by Pierluigi PaganiniFeb 20 2020
• Personal details of 10.6M MGM Resorts guests leaked onlineThe personal information of 10.6 million guests who stayed at MGM Resorts hotels was stolen by hackers this summer and posted a hacking forum this week. ZDNet revealed in exclusive that the personal details of more than 10.6 million users who stayed at MGM Resorts hotels have been published on a hacking forum this week.…Security Affairs by Pierluigi PaganiniFeb 20 2020

Hacker's Den

• Top Interview Tips for Cybersecurity Professionals 2020 When you interview for the profile of a cybersecurity professional the interviewer will get into the technical bits to establish your level of expertise once they finish asking you about your professional experience, educational details, and more such obligatory questions. Now, how technical they can get depends on the position of the job profile you…Hacker's DenFeb 23 2020
• 8 Malicious Applications in Google Play Store Infects 50,000 Android Users to Steal Data and Generate Illegitimate Revenue A new clicker malware found in Google play dubbed Haken aims to gain control over the affected devices and to generate illegitimate profit. Checkpoint researchers observed the new malware family while looking for another clicker malware BearClod. The Haken malware is capable of exfiltrating sensitive user data from the infected device and also subscribes to…Hacker's DenFeb 22 2020
• Olympics Could Face Disruption from Regional Powers Destructive attacks and disinformation will likely target the Summer Olympics in Tokyo, two groups of threat experts say.Hacker's DenFeb 21 2020
• How to Get CISOs & Boards on the Same Page These two groups have talked past each other for years, each hobbled by their own tunnel vision and misperceptions.Hacker's DenFeb 21 2020
• Security Now Merges With Dark Reading Readers of Security Now will join the Dark Reading community, gaining access to a wide range of cybersecurity content.Hacker's DenFeb 21 2020
• Millions of Windows & Linux Systems are Vulnerable to Remote Hack that Manufactured by Lenovo, Dell, HP and Others Researchers discovered multiple unsigned firmware in various system components such as WiFi adapters, USB hubs, trackpads, and cameras used in Lenovo, Dell, HP and other major manufacturers. The flaws existing in these components allowed the attackers to compromise millions of Windows and Linux systems, and exfiltrate the data, disrupt the operation also implant the malware.…Hacker's DenFeb 21 2020
• LokiBot Mimics as Game Launcher To Trick the Users into Executing Malware Lokibot trojan malware emerges first in the year 2015, it is known for stealing sensitive details such as usernames, passwords, bank details, and cryptocurrency wallets. The threat actors behind the malware continue to add various capabilities over the years and it is distributed through spam emails, SMS, Skype, etc. A new campaign of LokiBot spotted…Hacker's DenFeb 21 2020
• Microsoft Announces General Availability of Threat Protection, Insider Risk ManagementMicrosoft made several security announcements ahead of RSA Conference, including its decision to bring Microsoft Defender to iOS and Android.Hacker's DenFeb 20 2020
• Ransomware Damage Hit $11.5B in 2019A new report shows the scale of ransomware's harm and the growth of that damage year-over-year -- an average of $141,000 per incident.Hacker's DenFeb 20 2020
• ATM Penetration Testing – Advanced Testing Methods to Find The VulnerabilitiesATM Penetration testing, Hackers have found different approaches to hack into the ATM machines. Programmers are not restricting themselves to physical assaults, for example, money/card catching, skimming, and so forth they are investigating better approaches to hack ATM programming. An ATM is a machine that empowers the clients to perform keeping money exchange without setting…Hacker's DenFeb 20 2020
• Linux Foundation Releases List of Most commonly used open-source Software & Security ProblemsLinux Foundation and Harvard’s Lab identifies the most commonly used free and open-source software and the potential vulnerabilities associated. The Census II report determines the “important steps towards understanding and addressing structural and security complexities in the modern-day supply chain where open source is pervasive, but not always understood.” The report also identifies the commonly…Hacker's DenFeb 20 2020
• DHS's CISA Warns of New Critical Infrastructure Ransomware AttackAn attack on a natural gas compression facility sent the operations offline for two days.Hacker's DenFeb 19 2020
• Hackers Spreading AZORult Malware As a Fake ProtonVPN Installer To Attack the Windows ComputersResearchers discovered a new wave of Azorult malware campaign that abusing the protonVPN and dropper the malware payload as a fake ProtonVPN installer to infect the Windows System. GBHackers reported several incidents involved by the Azorult malware campaign and is one of the well-known malware that often sold in Russian forums for the higher price…Hacker's DenFeb 19 2020
• Top 5 Best Dark Web Browser for Anonymous Web Browsing With Ultimate Privacy – 2020Dark web browser are a most important concern for anonymous browsing and the most used applications in any device in current times is browsers, but not all your browsing histories are kept private and this is why deep or dark web makes a difference for complete privacy. Unlike Dark web browser, other browsers With cookies,…Hacker's DenFeb 19 2020
• Lumu to Emerge from Stealth at RSACThe new company will focus on giving customers earlier indications of network and server compromise.Hacker's DenFeb 18 2020

ID Theft

Cyber Attacks

Cyber News

Cyber Attack and Hacks

Cyber Defense

• ISS reveals malware attack impacted parts of the IT environment ISS, the multinational Denmark-based facility services company, was hit with a malware that shuts down shared IT services worldwide. ISS, the Danish multinational services company announced it was hit with malware, in response to the incident the firm disabled access to shared IT services worldwide. ISS services include cleaning services, support services, property services, catering…Security DefenseFeb 23 2020
• Security Affairs newsletter Round 252 A new round of the weekly newsletter arrived! The best news of the week with Security Affairs IOTA cryptocurrency shuts down entire network after a coordinated attack on its Trinity wallet Organizers of major hacking conferences in Asia put them on hold due to Coronavirus outbreak US administration requests $9.8B for cyber 2021 budget for…Security DefenseFeb 23 2020
• Google sued by New Mexico attorney general for collecting student data through its Education Platform New Mexico sues Google for allegedly using the Google for Education platform to gather personal and private data from children. Google is facing a new lawsuit for allegedly using the Google for Education platform to gather personal and private data from students with an age of less than 13 years. The lawsuit was filed by the…Security DefenseFeb 23 2020
• ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia Cisco Talos researchers discovered a new malware, tracked as ObliqueRAT, that was employed targeted attacks against organizations in Southeast Asia. Experts from Cisco Talos discovered a new malware, tracked as ObliqueRAT, that appears a custom malware developed by a threat actor focused on government and diplomatic targets.  The malware was employed in targeted attacks against…Security DefenseFeb 23 2020
• Joker malware still able to bypass Google Play Store checks The infamous Joker malware has found a way to bypass the security checks to be published in the official Play Store, new clicker was found by experts. The fight to the Joker malware (aka Bread) begun in September 2019 when security experts at Google removed from the official Play Store 24 apps because they were…Security DefenseFeb 22 2020
• Google removed nearly 600 apps from the Play Store for ad policy violation Google announced to have removed nearly 600 Android apps in the official Play Store that were violating two ad-related policies. Google removed from the official Play Store nearly 600 Android apps that were violating two ad-related policies, it also banned the same apps from Google AdMob and Google Ad Manager. “As part of our ongoing…Security DefenseFeb 22 2020
• VMware addresses serious flaws in vRealize Operations for Horizon Adapter VMware has addressed serious vulnerabilities in vRealize Operations for Horizon Adapter, including remote code execution and authentication bypass flaws. VMware vRealize Operations is a software product that provides operations management across physical, virtual and cloud environments, it supports environments based on vSphere, Hyper-V or Amazon Web Services. Horizon Adapter instances created on VMware vRealize Operations Manager…Security DefenseFeb 21 2020
• Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later Exclusive: Pakistan and India to armaments. Researchers from Cybaze-Yoroi ZLab gathered intelligence on the return of Operation Transparent Tribe is back 4 years later Introduction The Operation Transparent Tribe was first spotted by Proofpoint Researchers in Feb 2016, in a series of espionages operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan.…Security DefenseFeb 21 2020
• DOD DISA US agency discloses a security breach The Defense Information Systems Agency (DISA) US agency in charge of secure IT and communication for the White House has disclosed a data breach. The Defense Information Systems Agency (DISA), the DoD agency that is in charge of the security of IT and telecommunications for the White House and military troops has suffered a cyber…Security DefenseFeb 21 2020
• Dragos Report: Analysis of ICS flaws disclosed in 2019 More than 400 flaws affecting industrial control systems (ICS) were disclosed in 2019, more than 100 were zero-day vulnerabilities. According to a report published by Dragos, the experts analyzed 438 ICS vulnerabilities that were reported in 212 security advisories, 26% of advisories is related to zero-day flaws. The experts determined 116 unique types of flaws,…Security DefenseFeb 21 2020
• Croatia’s largest petrol station chain INA group hit by ransomware attackSome operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain were disrupted by a cyber attack. A ransomware attack has disrupted operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain. INA, d.d. is a stock company with the Hungarian MOL Group and the Croatian Government as its biggest shareholders,…Security DefenseFeb 20 2020
• UK, US and its allies blame Russia’s GRU for 2019 cyber-attacks on GeorgiaBritain and the United governments blame Russia for being behind a destructive cyber attack that hit Georgia during 2019. The governments of Britain and the US declared that Russia’s military intelligence service GRU is behind the massive cyber attack that hit Georgia during 2019. In October 2019, a wave of cyber attacks hit 2,000 websites…Security DefenseFeb 20 2020
• Adobe released out-of-band updates for After Effects and Media Encoder appsAdobe released out-of-band security updates for After Effects and Media Encoder applications that address two new critical vulnerabilities. Adobe released out-of-band security updates for After Effects and Media Encoder applications that fix two new critical vulnerabilities (CVE-2020-3765, CVE-2020-3764). Adobe After Effects is a digital visual effects, motion graphics, and compositing application developed and used in…Security DefenseFeb 20 2020
• Cisco fixes a static default credential issue in Smart Software Manager toolCisco has released security updates to address 17 vulnerabilities affecting its networking and unified communications product lines. Cisco has released security patches to fix 17 vulnerabilities affecting its networking and unified communications product lines. The types of fixed vulnerabilities include remote access and code execution, elevation of privilege, denial of service, and cross-site request forgeries. One of…Security DefenseFeb 20 2020
• Personal details of 10.6M MGM Resorts guests leaked onlineThe personal information of 10.6 million guests who stayed at MGM Resorts hotels was stolen by hackers this summer and posted a hacking forum this week. ZDNet revealed in exclusive that the personal details of more than 10.6 million users who stayed at MGM Resorts hotels have been published on a hacking forum this week.…Security DefenseFeb 20 2020