Justin Robinson

Cybersecurity Daily News for Aug 26, 2021

Data leak in MS Power Apps exposes 38M records from entities that include Indiana Department of Health, NYC public school system, American Airlines, and Microsoft; and FIN8 APT group introduces ability to modify its existing toolset while already deployed.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

New SideWalk Backdoor Targets U.S.-based Computer Retail Business – thehackernews.com

Coinbase customers up in arms after hackers drain crypto wallets – techradar.com

US Media, Retailers Targeted by New SparklingGoblin APT – threatpost.com

FIN8 Threat Group Resurfaces With Dangerous New Backdoor – darkreading.com

Hackers exploit WhatsApp modification tool to snoop on texts, force paid subscriptions – cyberscoop.com

Data Leak in Microsoft Power Apps Exposes 38 Million People’s Records – lifewire.com

Realtek SDK vulnerability exploitation attempts detected (CVE-2021-35395) – helpnetsecurity.com
CVE-2021-35395 – Realtek Jungle SDK version v2.x up to v3.4.14B

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for Aug 25, 2021

Following Razers lead, SteelSeries bug gives Win10 admin rights by plugging in device; data leak exposes millions of private government records; and IceID banking trojan being used by OnePercent ransomware group.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

A new NSO zero-click attack evades Apple’s iPhone security protections, says Citizen Lab – techcrunch.com

Data leak exposes tens of millions of private records from corporations and government agencies – cnn.com

Researchers Warn of 4 Emerging Ransomware Groups That Can Cause Havoc – thehackernews.com

‘Some’ data leaked in attempted ransomware attack, Eskenazi says – msn.com

OnePercent ransomware group hits companies via IceID banking Trojan – csoonline.com

Tardy Breach Notification Raises Eyebrows – databreachtoday.com

Personal data of more than 73,000 patients affected in cyberattack on eye clinic – channelnewsasia.com

SteelSeries bug gives Windows 10 admin rights by plugging in a device – bleepingcomputer.com

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for Aug 24, 2021

Joker virus returns to Android and empties your bank account; attackers actively exploiting Realtek SDK flaws; and Apache Struts continues to dominate vulnerabilities on Linux systems.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

Poly Network Hacker Releases Private Key for Remaining Looted $141M – coindesk.com

The ‘Joker’ virus has returned to Android: empty your bank accounts without you noticing it and it is hidden in these apps on the Google Play Store – entrepreneur.com

Attackers Actively Exploiting Realtek SDK Flaws – threatpost.com

Nokia subsidiary discloses data breach after Conti ransomware attack – bleepingcomputer.com

Top 15 Vulnerabilities Attackers Exploited Millions of Times to Hack Linux Systems – thehackernews.com

CHICO STATE DATA BREACH LEAKS NAMES OF STUDENTS REQUESTING EXEMPTIONS FROM VACCINE – actionnewsnow.com

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for Aug 23, 2021

ProxyShell vulnerabilities continue to be targeted by threat actors; LockFile ransomware targeting Microsoft Exchange servers; and Mirai Botnet launches record-breaking DDoS attack using more than 20,000 bots.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

Multiple threat actors, including a ransomware gang, exploiting Exchange ProxyShell vulnerabilities – doublepulsar.com

Kerberos Explained in a Little Too Much Detail – syfuhs.net

Razer bug lets you become a Windows 10 admin by plugging in a mouse – bleepingcomputer.com

LockFile Ransomware Targets Microsoft Exchange Servers – pcmag.com

Tokio Marine Insurance Singapore hit by ransomware attack – techwireasia.com

DOC’s Aoraki/Mount Cook hit by ransomware attack – rnz.co.nz

Cloudflare: Mirai Botnet Launched Record-Breaking DDoS Attack – esecurityplanet.com

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for Aug 22, 2021

ShadowPad malware now a favourite of Chinese espionage groups; AT&T denies data breach as hacker auctions 70 million records online; PrintNightmare CVE’s keep adding up.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

U.S. State Department Hit by Recent Cyber Attack, Fox Says – bloomberg.com

Australians hit by ‘Flubot’ malware that arrives by text message – theguardian.com

ShadowPad Malware is Becoming a Favorite Choice of Chinese Espionage Groups – bleepingcomputer.com
ShadowPad – mitre.org

AT&T responds to report that 70M customer records were breached in massive hack – bgr.com

The PrintNightmare Continues: Another Zero-Day in Print Spooler Awaits Patch (CVE-2021-36958) – tenable.com
CVE-2021-1675
CVE-2021-34527
CVE-2021-34481
CVE-2021-36936
CVE-2021-36947
CVE-2021-34483
CVE-2021-36958

New unofficial Windows patch fixes more PetitPotam attack vectors – bleepingcomputer.com

JPMorgan Chase Notifies Customers of Data Breach – infosecurity-magazine.com

Pegasus iPhone hacks used as lure in extortion scheme – bleepingcomputer.com

You can post LinkedIn jobs as almost ANY employer — so can attackers – bleepingcomputer.com

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for Aug 21, 2021

Emisoft makes SynAck decryptor available for free; JPMorgan Chase notifies customers of data breach; and PrintNightmare continues as Windows print spooler racks up more CVEs.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

JPMorgan Chase Notifies Customers of Data Breach – infosecurity-magazine.com

New unofficial Windows patch fixes more PetitPotam attack vectors – bleepingcomputer.com

The PrintNightmare Continues: Another Zero-Day in Print Spooler Awaits Patch (CVE-2021-36958) – tenable.com
CVE-2021-36958 – Windows Print Spooler Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-36936, CVE-2021-36947

Personal data breached at Rockwood School District in criminal ransomware attack – msn.com

Ransomware: LockBit 2.0 Borrows Ryuk and Egregor’s Tricks – bankinfosecurity.in

Brazilian government discloses treasury ransomware attack – digitaljournal.com

SynAck ransomware decryptor lets victims recover files for free – bleepingcomputer.com

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for Aug 20, 2021

Cybercrime group recruiting insiders to plant ransomware; Cisco not fixing zero-day vulnerability; and IE bugs continue to be exploited by state actors.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

Cybercrime Group Asking Insiders for Help in Planting Ransomware – thehackernews.com

US healthcare org sends data breach warning to 1.4m patients following ransomware attack – portswigger.net

Cisco won’t fix zero-day RCE vulnerability in end-of-life VPN routers – bleepingcomputer.com

Kerberos Authentication Spoofing: Don’t Bypass the Spec – threatpost.com

HolesWarm Malware Exploits Unpatched Windows, Linux Servers – threatpost.com

InkySquid State Actor Exploiting Known IE Bugs – threatpost.com

Mozi IoT Botnet Now Also Targets Netgear, Huawei, and ZTE Network Gateways – thehackernews.com

DOC field office hit by ransomware attack – miragenews.com

Data Stolen as Social Housing Group Suffers Ransomware Attack – infosecurity-magazine.com

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for Aug 19, 2021

Accenture continues to downplay LockBit ransomware attack; Japanese marine insurer discloses ransomware attack; and a pair of wastewater plants in Maine, United States hit by ransomware.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

2 Maine wastewater plants hit by ransomware attacks – plantservices.com

IPO-bound Pine Labs to probe source of ransomware attack – livemint.com

Accenture Downplays the LockBit Ransomware Attack That Reportedly Encrypted 2,500 Computers, Leaking 6 Terabytes of Data – cpomagazine.com

Japanese insurer Tokio Marine discloses ransomware attack – bleepingcomputer.com

Threat actors hacked US Census Bureau in 2020 by exploiting a Citrix flaw – securityaffairs.co

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for Aug 18, 2021

North Korean hackers deploying browser exploits to spread malware; Mandiant discloses critical IoT vulnerability; and Misconfigured server leaks US Terror Watchlist.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

XSS Bug in SEOPress WordPress Plugin Allows Site Takeover – threatpost.com
CVE-2021-34641 – SEOPress WordPress plugin versions 5.0.0 – 5.0.3

Analysis of Diavol Ransomware Reveals Possible Link to TrickBot Gang – securityintelligence.com

NK Hackers Deploy Browser Exploits on South Korean Sites to Spread Malware – thehackernews.com
CVE-2020-1380 – A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer.
CVE-2021-26411 – Internet Explorer Memory Corruption Vulnerability

Mandiant Discloses Critical Vulnerability Affecting Millions of IoT Devices – fireeye.com
CVE-2021-28372 – ThroughTek’s Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek (TUTK) device given a valid 20-byte uniquely assigned identifier (UID).

Malicious Ads Target Cryptocurrency Users With Cinobi Banking Trojan – thehackernews.com

Healthcare provider expected to lose $106.8 million following ransomware attack – therecord.media

Misconfigured Server Leaks US Terror Watchlist – infosecurity-magazine.com

Malware dev infects own PC and data ends up on intel platform – bleepingcomputer.com

Delivery Scams Most Prominent Form of Smishing – infosecurity-magazine.com

LockBit 2.0 Ransomware Proliferates Globally – threatpost.com

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for Aug 17, 2021

A new study shows that around 50% of U.S. hospitals shut down networks in the past 6-months due to ransomware; Brazilian National Treasury hit with ransomware attack; and PrintNightmare vulnerability being fully weaponized.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines

Pearson to pay $1M fine for misleading investors about 2018 data breach – techcrunch.com

Brazilian National Treasury hit with ransomware attack – zdnet.com

Hive ransomware attacks Memorial Health System, steals patient data – bleepingcomputer.com

Colonial Pipeline sends breach letters to more than 5,000 after ransomware group accessed SSNs, more – zdnet.com

T-Mobile confirms it was hit by data breach – cnn.com

Half of US Hospitals Shut Down Networks Due to Ransomware – infosecurity-magazine.com

Company size is a nonissue with automated cyberattack tools – techrepublic.com

Here’s how hackers are cracking two-factor authentication security – thenextweb.com

WordPress Sites Abused in Aggah Spear-Phishing Campaign – threatpost.com

PrintNightmare vulnerability weaponized by Magniber ransomware gang – therecord.media
CVE-2021-34527 – Windows Print Spooler Remote Code Execution Vulnerability

Japanese manufacturer Murata apologizes for data breach – zdnet.com

Ransomware attackers claim to have stolen data from three NZ firms – stuff.co.nz

Cybersecurity firm Bkav source codes leaked, put on sale for $250,000 – vnexpress.net

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up