Month: August 2021

Cybersecurity Daily News for Aug 31, 2021

Sault Ste. Marie Police Service in the midst of ransomware attack; Indiana medical center, CarePointe ENT, hit with ransomware; and Microsoft suggests you to patch ProxyToken bug to avoid having email snooped on.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

Sault police dealing with a ransomware attack; emphasize public safety not affected – ctvnews.ca

Ransomware attack in Indiana affects 49K patients – healthcareitnews.com

Fujitsu customer data is reportedly being sold on the dark web – techradar.com

Microsoft Exchange ‘ProxyToken’ Bug Allows Email Snooping – threatpost.com
CVE-2021-33766 – Microsoft Exchange Information Disclosure Vulnerability

DuPage Medical Group notifying 600,000 patients about a data breach – chicago.suntimes.com

Indonesia probes suspected data breach on COVID-19 app – msn.com

Canada accepted 7,300 more immigration applications due to technical bug – bleepingcomputer.com

Scammers Impersonate OpenSea Customer Support – databreachtoday.com

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world.

Cybersecurity Daily News for Aug 30, 2021

A defenders guide to Cobalt Strike; China’s hack on Microsoft might have been for a bigger purpose than just spying; and Bahraini government hacks activists with NSO Group zero-click iPhone exploit.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

Cobalt Strike, a Defender’s Guide – thedfirreport.com

Bangkok Airways reports cyberattack – bangkokpost.com

China’s Microsoft Hack May Have Had A Bigger Purpose Than Just Spying – npr.org

Bahraini Government Hacks Activists with NSO Group Zero-Click iPhone Exploits – citizenlab.ca

Remotely Hijacking Zoom Clients – medium.com
CVE-2018-15715 – Zoom clients on Windows (before version 4.1.34814.1119), Mac OS (before version 4.1.34801.1116), and Linux (2.4.129780.0915 and below)

T-Mobile CEO: Hacker brute-forced his way through our network – bleepingcomputer.com

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world.

Cybersecurity Daily News for Aug 29, 2021

Microsoft warning of phishing attacks using http redirects; fake DMCA complaints leading to BazaLoader infection; and LockFile using intermittent file encryption to evade protection.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

Parallels Offers ‘Inconvenient’ Fix for High-Severity Bug – threatpost.com
CVE-2021-34864** Reserved **

Microsoft Azure Cosmos DB Guidance – us-cert.cisa.gov

Microsoft warns of widespread open redirection phishing attack – which Defender can block, coincidentally – theregister.com

LockFile Ransomware Bypasses Protection Using Intermittent File Encryption – thehackernews.com

Fake DMCA complaints, DDoS threats lead to BazaLoader malware – bleepingcomputer.com

Annke network video recorder vulnerability could see attackers seize control of security cameras – portswigger.net
CVE-2021-32941**Reserved**

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world.

Cybersecurity Daily News for Aug 28, 2021

FIN8 returns with new version of BadHatch backdoor, dubbed Sardonic. Data exposed belonging to Android gamers due to insecure database; and “Sophisticated” cyber attack compromises over 70k patient records at Singapore private eye clinic.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

FIN8 Targets US Bank With New ‘Sardonic’ Backdoor – threatpost.com
FIN8 BadHatch IOC’s

Critical Azure Cosmos DB Bug Allows Full Cloud Account Takeover – threatpost.com

Chinese developers expose data belonging to Android gamers – zdnet.com

“Sophisticated” Cyber-Attack Compromises Patient Data at Private Health Clinic – infosecurity-magazine.com

EPCOR USA Telephone Service Vendor Impacted by Ransomware – finance.yahoo.com

San Andreas Regional Center Notifies Current and Former Consumers of Data Breach Incident – ca.finance.yahoo.com

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for Aug 27, 2021

Talk to your kids about the dangers of cyberbullying with back to school season here; 70% of security pros believe cyber insurance is making ransomware attacks worse; and Ragnarok ransomware gang abruptly shuts down, leaks master decryption key.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

Cyberbullying ‘very prevalent’ with Island youth, say Charlottetown police – cbc.ca

70% of Cyber Pros Believe Cyber Insurance is Exacerbating Ransomware – infosecurity-magazine.com

FBI shares technical details for Hive ransomware – bleepingcomputer.com

Win10 Admin Rights Tossed Off by Yet Another Plug-In – threatpost.com

Ragnarok ransomware releases master decryptor after shutdown – bleepingcomputer.com

Cybersecurity Experts Worried by Chinese Firm’s Control of Smart Devices  – voanews.com

Microsoft Breaks Silence on Barrage of ProxyShell Attacks – threatpost.com
CVE-2021-34473
CVE-2021-34523
CVE-2021-31207

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for Aug 26, 2021

Data leak in MS Power Apps exposes 38M records from entities that include Indiana Department of Health, NYC public school system, American Airlines, and Microsoft; and FIN8 APT group introduces ability to modify its existing toolset while already deployed.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

New SideWalk Backdoor Targets U.S.-based Computer Retail Business – thehackernews.com

Coinbase customers up in arms after hackers drain crypto wallets – techradar.com

US Media, Retailers Targeted by New SparklingGoblin APT – threatpost.com

FIN8 Threat Group Resurfaces With Dangerous New Backdoor – darkreading.com

Hackers exploit WhatsApp modification tool to snoop on texts, force paid subscriptions – cyberscoop.com

Data Leak in Microsoft Power Apps Exposes 38 Million People’s Records – lifewire.com

Realtek SDK vulnerability exploitation attempts detected (CVE-2021-35395) – helpnetsecurity.com
CVE-2021-35395 – Realtek Jungle SDK version v2.x up to v3.4.14B

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for Aug 25, 2021

Following Razers lead, SteelSeries bug gives Win10 admin rights by plugging in device; data leak exposes millions of private government records; and IceID banking trojan being used by OnePercent ransomware group.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

A new NSO zero-click attack evades Apple’s iPhone security protections, says Citizen Lab – techcrunch.com

Data leak exposes tens of millions of private records from corporations and government agencies – cnn.com

Researchers Warn of 4 Emerging Ransomware Groups That Can Cause Havoc – thehackernews.com

‘Some’ data leaked in attempted ransomware attack, Eskenazi says – msn.com

OnePercent ransomware group hits companies via IceID banking Trojan – csoonline.com

Tardy Breach Notification Raises Eyebrows – databreachtoday.com

Personal data of more than 73,000 patients affected in cyberattack on eye clinic – channelnewsasia.com

SteelSeries bug gives Windows 10 admin rights by plugging in a device – bleepingcomputer.com

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for Aug 24, 2021

Joker virus returns to Android and empties your bank account; attackers actively exploiting Realtek SDK flaws; and Apache Struts continues to dominate vulnerabilities on Linux systems.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

Poly Network Hacker Releases Private Key for Remaining Looted $141M – coindesk.com

The ‘Joker’ virus has returned to Android: empty your bank accounts without you noticing it and it is hidden in these apps on the Google Play Store – entrepreneur.com

Attackers Actively Exploiting Realtek SDK Flaws – threatpost.com

Nokia subsidiary discloses data breach after Conti ransomware attack – bleepingcomputer.com

Top 15 Vulnerabilities Attackers Exploited Millions of Times to Hack Linux Systems – thehackernews.com

CHICO STATE DATA BREACH LEAKS NAMES OF STUDENTS REQUESTING EXEMPTIONS FROM VACCINE – actionnewsnow.com

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for Aug 23, 2021

ProxyShell vulnerabilities continue to be targeted by threat actors; LockFile ransomware targeting Microsoft Exchange servers; and Mirai Botnet launches record-breaking DDoS attack using more than 20,000 bots.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

Multiple threat actors, including a ransomware gang, exploiting Exchange ProxyShell vulnerabilities – doublepulsar.com

Kerberos Explained in a Little Too Much Detail – syfuhs.net

Razer bug lets you become a Windows 10 admin by plugging in a mouse – bleepingcomputer.com

LockFile Ransomware Targets Microsoft Exchange Servers – pcmag.com

Tokio Marine Insurance Singapore hit by ransomware attack – techwireasia.com

DOC’s Aoraki/Mount Cook hit by ransomware attack – rnz.co.nz

Cloudflare: Mirai Botnet Launched Record-Breaking DDoS Attack – esecurityplanet.com

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for Aug 22, 2021

ShadowPad malware now a favourite of Chinese espionage groups; AT&T denies data breach as hacker auctions 70 million records online; PrintNightmare CVE’s keep adding up.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

U.S. State Department Hit by Recent Cyber Attack, Fox Says – bloomberg.com

Australians hit by ‘Flubot’ malware that arrives by text message – theguardian.com

ShadowPad Malware is Becoming a Favorite Choice of Chinese Espionage Groups – bleepingcomputer.com
ShadowPad – mitre.org

AT&T responds to report that 70M customer records were breached in massive hack – bgr.com

The PrintNightmare Continues: Another Zero-Day in Print Spooler Awaits Patch (CVE-2021-36958) – tenable.com
CVE-2021-1675
CVE-2021-34527
CVE-2021-34481
CVE-2021-36936
CVE-2021-36947
CVE-2021-34483
CVE-2021-36958

New unofficial Windows patch fixes more PetitPotam attack vectors – bleepingcomputer.com

JPMorgan Chase Notifies Customers of Data Breach – infosecurity-magazine.com

Pegasus iPhone hacks used as lure in extortion scheme – bleepingcomputer.com

You can post LinkedIn jobs as almost ANY employer — so can attackers – bleepingcomputer.com

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up