Insider Threats
Reports and Statistics
Internal Theft
Dark Web
Working Without Thinking
Cloud Misconfiguration and Related Errors
- Elasticsearch Server Leaks
- Password data for ~2.2 million users of currency and gaming sites dumped online
- Breach affecting 1 million was caught only after hacker maxed out target’s storage
- Data-Enriched Profiles on 1.2B People Exposed in Gigantic Leak
- 7M Adobe Creative Cloud Users Exposed to Hackers
- Securing the Cloud: A Story of Research, Discovery, and Disclosure
- Imperva: Data Breach Caused by Amazon Cloud Misconfiguration
- All Data Breaches in 2019 – An Alarming Timeline
- Scotiabank slammed for 'muppet-grade security' after internal source code and credentials spill onto open internet: Blueprints for mobile apps, databases exposed in public GitHub repos
- Scotiabank source code and login credentials were hacked. Users should contact the bank to secure their money
- Tesco parking app hauled offline after exposing 10s of millions of Automatic Number Plate Recognition images
Ranger Services goes to ground over unsecured Azure blob
- Capital One data breach: A look at the biggest confirmed breaches ever
- How the FBI caught Paige A. Thompson in Capital One hack ...
- 198 Million Car-Buyer Records Exposed Online for All to See
- Data Leak Impacts Millions of Yves Rocher Cosmetics Company Customers
- Adult Content Site Exposed Personal Data of 1M Users
- Chris Vickery on the Marriott Breach and a Rash of Recent High-Profile Hacks
- Another Day, Another Company Leaving Sensitive User Data Exposed Publicly On The Amazon Cloud
- 7 Most Infamous Cloud Security Breaches
- Cloud Leak: How A Verizon Partner Exposed Millions of Customer Accounts
- iCloud Nude Leaks: 26 Celebrities Affected In The Nude Photo Scandal
- iCloud leaks of celebrity photos
- Why do cloud leaks keep happening? Because no one has a clue how their instances are configured
- Hundreds of exposed Amazon cloud backups found leaking sensitive data
- Cloud Misconfiguration: The Biggest Cloud Security Risk
- Misconfigured Cloud Services Pose High Security Risks for Organizations
- A Technical Analysis of the Capital One Cloud Misconfiguration Breach
- Monetising mistakes: how to tackle cloud misconfiguration
- Cloud misconfiguration breach Archives
- Misconfiguration Leads to Major Health Data Breach
- 99% of misconfiguration incidents in the cloud go unnoticed
- Hunting the Public Cloud for Exposed Hosts and Misconfigurations
- Cloud Security Concerns Loom for 93% of Businesses Adopting Apps and BYOD
- Capital One Breach Casts Shadow Over Cloud Security
- Capital One data breach 2019: Millions affected in new breach
- McAfee says cloud security not as bad as we feared… it's much worse
- Massive Data Leak Could Affect 300 Million Americans
- FedEx Customer Data Exposed on Unsecured S3 Server
- 1.5 BEEELLION sensitive files found exposed online dwarf Panama Papers leak
- Oklahoma gov data leak exposes FBI investigation records, millions of department files
- Millions Of Secret Bank Docs Leak Online After Mishap
- 800+ Million Emails Leaked Online by Email Verification Service
- NSA breach spills over 100GB of top secret data
- Equifax reveals full horror of that monstrous cyber-heist of its servers
- Amazon hit with major data breach days before Black Friday
- 42 Million Dating App Records Exposed Online, Leaking User IP Addresses and Location Data
- First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records
- 540 Mllion Facebook Records Leaked by Public Amazon S3 Buckets
- Salesforce? Salesfarce: Cloud giant in multi-hour meltdown after
database blunder grants users access to all data
- Top 10 Cloud Risks That Will Keep You Awake at Night (PDF)
- ThreatList: 4.1B Records Exposed in Breaches in First Half of 2019
- Hostinger Data Breach: 14M Customer Passwords, Personal Data at Risk
- USPS, Amazon Data Leaks Showcase API Weaknesses
- Toyota Security Breach Exposes Personal Info of 3.1 Million Clients
- Pyramid Hotel Group Exposed 85GB Of Hotel Security Logs
- Major breach found in biometrics system used by banks, UK police and defence firms
- Data breach of blood testing provider exposes 12 million people's information
- LabCorp: 7.7 Million Consumers Hit in Collections Firm Breach
- Fortune 500 company leaked 264GB in client, payment data
- Data breach of blood testing provider exposes 12 million people's information
- Millions of "private" Theta photos were available online, easily accessible
- First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records
- Almost the Entire Population of Ecuador Had Its Data Leaked
- Quest Diagnostics says nearly 12 million patients may have had data breached
- Hackers breach HealthCare.gov system, get data on 75,000
- Euro bank regulator: Don't follow the crowd. Stay off the cloud
- Nissan Canada Finance informs customers of possible data breach
- Hackers stole income, immigration and tax data in Healthcare.gov breach, government confirms
- Quora reports data breach affecting 100 million users
State Actors
- New Cybersecurity Rules Give Regime Control of Data Outside China
- TikTok Riddled With Security Flaws
- TikTok Banned By U.S. Army Over China Security Concerns
- The Hidden Military Use Of 5G Technology
- Wikileaks Drops 'Vault 8': CIA Wrote Code Impersonating Russian Anti-Virus Giant
- Foreign-Born Researchers at US Agencies Were Secretly Working for China, Senate Report Finds
- Former CIA Officer Sentenced to 19 Years in Prison Over Chinese Espionage Contacts
- SPY: Chinese National Pleads Guilty to Stealing Trade Secrets From US Petroleum Company
- Chinese Government Hacks US Navy
- How much has the US lost from China's intellectual property theft?
- US Charges 2 Chinese Intel Officers with Stealing Aviation Secrets, Tech Data
- DOJ charges Chinese, Taiwanese companies, individuals with alleged scheme to steal trade secrets from American company
- Taiwan Charges 5 BASF Employees for Selling Trade Secrets to China
- Chinese American scientist admits plot to steal GlaxoSmithKline’s secrets for firm in China
- Airbus hit by series of cyber attacks on suppliers
- UPSynergy: Chinese-American Spy vs. Spy Story
- Chinese Hackers May Have Attempted to Steal Airbus Secrets via Contractors: AFP
- China-Linked Hackers Target Tibetan Activists' Smartphones By Spoofing Amnesty International Officials
- Stunning Exposé Offers New Details About China's Infiltration Of 8 Tech Giants
- Chinese-Founded US Tech Firm Found Guilty of IP Theft
- Chinese Security Cameras Banned For Spying Are Nearly Impossible To Identify And Remove
- Chinese Tech Giants Baidu, Alibaba, and Tencent Are De Facto Tools of Chinese Regime: US Official
- China Involved in a Quarter of Significant Cyber Incidents in Past Year, Report Says
- Is Huawei Now Spying in the Cloud?
- For two hours, a large chunk of European mobile traffic was rerouted through China
- China behind massive Australian National University hack, intelligence officials say
- Huawei "Spent All Their Resources Stealing", Stunning New Exposé Shows
- Chinese Hackers Copy NSA Hacking Software, Use It To Attack US Allies
- NSA-style backdoor in Huawei laptops found by Microsoft
- China’s ‘Huawei Strategy’ is to Bypass US Intelligence
- China Hacked IBM And HP, Then Went After Their Clients
- All your pictures, your conversations, everything—could be going to China’s Communist Party
- Chinese company charged with stealing trade secrets from U.S. computer firm
- Ten Chinese Agents Charged with Hacking Aviation Companies
- Companies, Universities Hire Chinese Researchers, Ignore National Security Worries
- China Expands Its Cybersecurity Rulebook, Heightening Foreign Corporate Concerns
- Facebook And Apple Confirm Their Servers Were Hit By Chinese Malware
- The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
- China Spy Chips Report Adds Pressure on Pentagon Cloud Security
- How Communist China Steals American Secrets and Endangers U.S. Security
- China Is Guilty Of Way More Culture Theft Than A Kid In A Prom Dress
- Bombshell WSJ Story Confirms "Systematic And Methodical" Chinese Theft Of US Trade Secrets
- China ‘has taken the gloves off’ in its thefts of U.S. technology secrets
- Time to Fight Back Against China's Massive Intellectual Property Theft
- Huawei cloning Apple parts, rewarding employees for tech theft
- Chinese Telecommunications Device Manufacturer and its U.S. Affiliate Arraigned on Charges of Theft of Trade Secrets, Wire Fraud, and Obstruction of Justice
Phishing
Malware and Viruses
- New JhoneRAT Malware Targets Middle East
- Oski Data-Stealing Malware Emerges to Target North America, China
- Liverpool Voyeur Used IM-RAT to Video Women at Home
- DeathRansom Campaign Linked to Malware Cornucopia
- Magecart Hits Parents and Students via Blue Bear Attack
- Ransomware Attack Topples Telemarketing Firm, Leaving Hundreds Jobless
- Travelex Knocked Offline by System-Wide Malware Attack
- Biggest Malware Threats of 2019
- Smart Krampus-3PC Malware Targets iPhone Users Online
- Elegant sLoad Carries Out Spying, Payload Delivery in BITS
- Smart Krampus-3PC Malware Targets iPhone Users Online
- Snatch Team Steals Data and Hammers Orgs with Ransomware
- Authorities Break Up Imminent Monitor Spyware Organization
- Don't Get Kicked Out! A Tale of Rootkits and Other Backdoors
- Gnip Banking Trojan Shows Ongoing, Aggressive Development
- Ransomware attack at Mexico's Pemex halts work, threatens to cripple computers
- Raccoon Stealer Malware Scurries Past Microsoft Messaging Gateways
- Threat Actor Impersonates USPS to Deliver Backdoor Malware
- Ransomware Attack Downs Hosting Service SmarterASP.NET
- Double Vision: Stealthy Malware Dropper Delivers Dual RATs
- China-Linked Hackers Spy on Texts With MessageTap Malware
- New Adwind Variant Targets Windows, Chromium Credentials
- 15 Years Later, Metasploit Still Manages to be a Menace
- Raccoon Malware Scavenges 100,000+ Devices to Steal Data
- Phorpiex Botnet Shifts Gears From Ransomware to Sextortion
- Pitney Bowes Hit with Ransomware Attack
- Major Airport Malware Attack Shines a Light on OT Security
- Docker Containers Riddled with Graboid Crypto-Worm
- 10 Steps for Ransomware Protection
- .WAVs Hide Malware in Their Depths in Innovative Campaign
- Fake iOS Jailbreak Site Lures in Apple Users
- The City Of Baltimore Blew Off A $76,000 Ransomware Demand Only To Find Out A Bunch Of Its Data Had Never Been Backed Up
- U.S. charges North Korean hacker in Sony, WannaCry cyberattacks
- LookBack Removal Report
- New Reductor Malware Hijacks HTTPS Traffic
- Virus Bulletin 2019: VoIP Espionage Campaign Hits U.S. Utilities Supplier
- Virus Bulletin 2019: Magecart Infestations Saturate the Web
- Ransomware Attacks Leave U.S. Hospitals Turning Away Patients
- Hackers Turn to OpenDocument Format to Avoid AV Detection
- US Govt. plant USB sticks in security study, 60% of subjects take the bait
- Most malspam contains a malicious URL these days, not file attachment
- Hit by ransomware? Victims of these four types of file-encrypting malware can now retrieve their files for free
- Android ransomware is back
- GermanWiper isn't ransomware. It's worse than that
- GonnaCry/ at master · tarcisio-marinho/GonnaCry · GitHub
- 2.1M Android Devices Infected by Malicious Beauty and Photo Apps
- Fake DeepNude Downloads Gives You Malware Instead of Nudes
- New SIM card attack disclosed, similar to Simjacker
- New SIM attacks de-mystified, protection tools now available
- Malware infection disrupts production at defence contractor plants in three countries
- Microsoft: New Nodersok malware has infected thousands of PCs
- Malware operators abuse Windows Narrator software in Asian attack wave
- Hackers looking into injecting card stealing code on routers, rather than websites
- POS Malware Found at 102 Checkers Restaurant Locations
- Forbes Becomes Latest Victim of Magecart Payment Card Skimmer
- Kasper-Spy: Kaspersky Anti-Virus puts users at risk
- Say Cheese: Ransomware-ing a DSLR Camera
- 2019 State of Malware report: Trojans and cryptominers dominate threat landscape - Malwarebytes Labs
- Florida City Pays $462,000 In Ransom After Second Cyberattack Cripples City's Infrastructure
Mobile Devices
- Grindr, Tinder and OkCupid 'are sharing user's personal data including information about sexuality'
- It Seemed Like a Popular Chat App. It’s Secretly a Spy Tool
- App Analysis: Airbnb
- App Analysis: Air Canada
- Twelve Million Phones, One Dataset, Zero Privacy
- Breaking The Encryption on Your Mobile Phone — Without Touching It
- U.N., UNICEF, Red Cross Under Ongoing Mobile Attack
- ThreatList: Sharp Increase in Fake Mobile Apps Impersonating Legit Ones
- Samsung warning: Galaxy S10 and Note 10 owners should remove their screen protectors now
- Samsung Rolls Out Fix For Galaxy S10 Fingerprint Sensor Glitch
- After Jack Hack, Government Starts Taking Wireless 'SIM Hijacking' Seriously
- #SecTorCa: Millions of Phones Leaking Information Via Tor
- Galaxy S10 Fingerprint Sensor Thwarted With Screen Protector: Report
- Stuck In The Machine Zone: Your Sweet Tooth For 'Candy Crush'
- Google Warns of Android Zero-Day Bug Under Active Attack
- WhatsApp Flaw Opens Android Devices to Remote Code Execution
- Zynga data breach affects +200M 'Words With Friends' users
- Snapchat Employees Abused Data Access to Spy on Users
- The /e/ Google-free, pro-privacy Android clone is now available
- Agent Smith Android malware has infected 25 million devices so far
- "Agent Smith”: The New Virus to Hit Mobile Devices
- Heyyo dating app leaked users' personal data, photos, location, more
- 4.9 Million People Affected By DoorDash Data Breach
- Personal info on nearly 5 million DoorDash users, drivers, and merchants exposed
- Chrome's default-on ad blocker - which doesn't block adverts ...
- Malicious Apps Infect 25 Million Android Devices With 'Agent Smith" malware
- Researchers Find Google Play Store Apps Were Actually Government Malware
- Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side Channel Information (PDF)
- Cellular networks flaws expose 4G & 5G devices to IMSI capturing attacks
- Major vulnerability in 5G means that anyone with $500 worth of gear can spy on a wide area's mobile activity
- Four major dating apps expose precise locations of 10 million users
- 42 Million Dating App Records Exposed Online, Leaking User IP Addresses and Location Data
- Hacker Finds He Can Remotely Kill Car Engines After Breaking Into GPS Tracking Apps
- More than two thirds of all Android antivirus apps are ineffective and many don't even do anything at all
- Triton is the world’s most murderous malware, and it’s spreading
- 'Smart' Car Alarm App Could Allow 3 Million Cars To Be Unlocked Remotely
- Thousands of Android apps permanently record your online activity for ad targeting
- Many popular iPhone apps secretly record your screen without asking
- Your phone indeed has ears that you may not know about
- My devices are sending and receiving data every two seconds, sometimes even when I sleep
- New study claims data harvesting among Android apps is "out of control"
- Samsung Phone "Bug" Secretly Sent Photos To Random Contacts
Amazon
Apple
Cisco
Facebook
Google
- No More Google
- How to stop Google Maps from tracking and saving your location
- ‘Fleeceware’ Apps Downloaded 600M Times from Google Play
- Why Amazon and Google's Smart Speakers Are So Cheap
- Google collects face data now. Here's what it means and how to opt out
- Google really is listening and recording on apps
- Ex-Google exec Ross LaJeunesse claims company shrugged off human rights in search of profits
- Google Boots Security Camera Maker From Nest Hub After Private Images Go Public
- I Was Google’s Head of International Relations. Here’s Why I Left.
- Google veterans: The company has become 'unrecognizable'
- Google Chrome Affected By Magellan 2.0 Flaws
- Alexa, Google Home Eavesdropping Hack Not Yet Fixed
- Google Chrome update is 'catastrophe' as bug wipes data from Android apps
- Amnesty International: Google & Facebook's "Surveillance-Based" Model Threatens Human Rights
- Popular Apps on Google Play Store Remain Unpatched
- Google Running Orwellian Project to Secretly Hoover Up Health Records of Millions of Americans Across 21 States
- Android Malware Plaguing 45K Devices Remains a Mystery
- Android Keyboard App Could Swindle 40M Users Out of Millions
- Google Discloses Chrome Flaw Exploited in the Wild
- Google Analytics Emerges as a Phishing Tool
- Consumer data privacy breach spells lawsuit for Alphabet's Google in Australia
- ThreatList: Google's Advertising Network Dominates Global Data Collection
- Sinister prankster hacks Nest camera, threatens to kidnap baby
- Dangerous Kubernetes Bugs Allow Authentication Bypass, DoS
- Smart Spies: Alexa and Google Home expose users to vishing and eavesdropping – Security Research Labs
- Google Executive: You Should Warn Guests About Smart Speakers in Your Home
- How to bypass Android certificate pinning and intercept SSL traffic
- Android Security Monthly Recap #9
- Google Play Malicious Apps Racked Up 335M+ Installs In September
Harmful apps on Google Play in September 2019
- Google quietly removed at least 46 apps from the Play store belonging to iHandy, a major Chinese mobile developer
(I could backtrack only 11, rest of them (35 apps) are not included)
- Two adware apps with 600,000+ installs found on Google Play
- Subscription Scam apps found on Google Play – 15 apps with 20,000,000+ installs
- 29 Hidden Ads trojans with 10,900,000+ installs found on Google Play
- 25 hidden adware found on Google Play with over 2,100,000 installs
- Two hidden ads Trojans found on Google Play with 1,500,000+ installs
- HiddenAd adware with 50,000+ installs found on Google Play
- Android Spy that signs you for SMS premium subscription (€6,71 per week) found in 24 apps on Google Play with 472,000+ installs
- Seven HiddenApp Trojans found on Google Play with 310,000+ installs
- Android banking Trojan – Hydra – found on Google Play with 10,000+ installs
- Stalkerware app with 10,000+ installs found on Google Play
- Fake Antivirus app found on Google Play with 10,000+ installs
Two fake apps with all together 200+ installs requests credit card credentials
- Fake cryptocurrency exchange app found on Google Play that bypasses SMS 2FA by stealing SMS notifications
- Fake apps spread on iOS App Store and Google Play
- Google Rolls Out "Orwellian Nightmare" Technology To Spy On You In YOUR HOME
- Google's new smart homes device is always listening...and WATCHING: Firm launches $299 Nest Hub Max
- Joker Spyware Found in 24 Google Play Apps
- FunkyBot Malware Intercepts Android Texts, 2FA Codes
- Google and Amazon use smart speakers for 'surveillance,' top tech investor says
- Google Play App With 100 Million Downloads Was A Trojan
- Google confirms that advanced backdoor came preinstalled on Android devices
- Some People Couldn’t Turn On Their A/C When Google Went Down Over the Weekend
- That major Google outage meant some Nest users couldn’t unlock doors or use the AC
- Amazon and Google don't like you calling their smart speakers "surveillance devices"
- Google Home is sending your private recordings to Google workers
- Google responds to eavesdropping reports, admits humans listen to some audio recordings from Google Assistant
- Report: Google's Nest Security Cameras Allowed Previous Owners to Spy on New Users
- Google Parses Your Gmail For Financial Transactions
- Google Has a Creepy Secret Page That Tracks Your Shopping History
- Google tracks EVERY online purchase you've ever made by scanning your emails – how to find the secret list
- Google Tracks Your Location And Shares It With Police, Even When Your Phone Is Off
- How to stop Google from storing your location history
- Google stored some passwords in plain text for fourteen years
- Kids are taking to Google Docs to message each other undetected
- Google Has Quietly Dropped Ban on Personally Identifiable
- Google under fire for using 'research' app similar to Facebook's to snoop on user's phones
- Google Exposed User Data, Then Covered Up the Breach Fearing Repercussions of Disclosing to Public
- 10 years later, Google still has the creepy ability to remotely control a phone
- Tech’s ‘Dirty Secret’: The App Developers Sifting Through Your Gmail
- Every Android Device Since 2012 Impacted by RAMpage Vulnerability
- Google finds bug in Google+ - 52.5 million users affected
Intel
Microsoft
Smart?
Twitter
Instructional
External Risks
Cloud Outages and Underperformance
External Attacks and Breaches
- Critical Remote Code-Execution Bugs Threaten Global Power Plants
- TP-Link Routers Give Cyberattackers an Open Door to Business Networks
- Critical Citrix Bug Puts 80,000 Corporate LANs at Risk
- IoT vendor Wyze confirms server leak
- Data Breach Affects 63 Landry's Restaurants
- Cloud Hopper cyberattack hit IBM, HPE - WSJ - International Business Machines Corporation (NYSE:IBM)
- Birth Certificate Data Laid Bare on the Web in Multiple States
- Wawa CEO Announces Massive Data Breach Affecting 'Potentially All' Locations
- Honda Leaks Data of 26K North American Customers
- LifeLabs Pays Hackers Who Accessed 15M Customers’ Lab Test Results
- Cyberattack Downs Pensacola's City Systems
- GE, Dunkin’, Forever 21 Caught Up in Broad Internal Document Leak
- AT&T, Verizon Subscribers Exposed as Mobile Bills Turn Up on the Open Web
- Ultimate' MiTM Attack Steals $1M from Israeli Startup
- Insecure Database Exposes Millions of Private SMS Messages
- ID Thieves Turn to Snail Mail as Juicy Target for Financial Crimes
- Linux Webmin Servers Under Attack by Roboto P2P Botnet
- ThreatList: Data Breaches Batter Stock Prices at Public Companies, For Months
- A misconfigured website development tool exposed hundreds of email servers to takeover, including President Donald Trump’s official campaign website
- Equifax used 'admin' as username and password for sensitive data: lawsuit
- 27 Countries Sign Cybersecurity Pledge
- Rash of Exploits Targets Critical vBulletin RCE Bug
- vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach
- Important Security Notice About Comodo Forums Accounts (vBulletin)
- One Misconfig (JIRA) to Leak Them All- Including NASA and Hundreds of Fortune 500 Companies!
- CafePress data breach impacts 23 million users
- Livejournal.com data breach impacts 33 million users with plaintext passwords
- Fortune 500 company leaked 264GB in client, payment data
- LabCorp: 7.7 Million Consumers Hit in Collections Firm Breach
- Quest Diagnostics says nearly 12 million patients may have had data breached
- 2.3 billion files exposed across online file storage technologies
- First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records
- Australian tech unicorn Canva suffers security breach
- Exposed JIRA server leaks NASA staff and project data!
- Troy Hunt: The 773 Million Record "Collection #1" Data Breach
- Quora data breach affects 100 million accounts
- City of London bombarded with one million cyber-attacks every month
- 68% of Overwhelmed IT Managers Say They Can't Keep Up with Cyberattacks
- Hackers Breach Dunkin’ Donuts Accounts in Credential Stuffing Attack
- Dell Warns of Attempted Breach on Network
- Imperva Firewall Breach Exposes Customer API Keys, SSL Certificates'
- Black Hat 2019: Microsoft Protocol Flaw Leaves Azure Users Open to Attack
- Millions Of Biometric Records Collected By Companies And Governments Left Exposed On The Web
- "The Most Destructive Breach In History": Hackers Use NSA Code To Grind Baltimore To A Halt
- Bulgaria's Revenue Agency Falls Victim To Biggest Cyber Heist In History
- Russia's Secret Intelligence Agency Hacked: 'Largest Data Breach In Its History'
- Hackers Steal Thousands Of Files From M&A Giant Evercore
- Hackers Claim Breach Of 120 Million Facebook Accounts; Put Private Messages Up For Sale
- BGP Route Leak Causes Cloudflare and Amazon AWS Problems
- Serious SSH bug lets crooks log in just by asking nicely
- The Unusual Case of Open Redirection to AWS Security Credentials Compromise
- PGP Ecosystem Targeted in ‘Poisoning’ Attacks
- Telnet Backdoor Opens More Than 1M IoT Radios to Hijack
- Thousands of IoT Devices Bricked By Silex Malware
- RCMP link Ontario man to LeakedSource.com, home of 3 billion hacked accounts
- Chegg to reset passwords for 40 million users after April 2018 hack
- 'Largest-Ever' Security Breach Hits Aussie Government As Media Dumps Top-Secret Files
- World’s Biggest Breaches
- Expedia's Orbitz says 880,000 payment cards hit in breach
- Fin7: The Billion-Dollar Hacking Group Behind a String of Big Breaches
- Over 770 million email addresses shared online in largest data breach in history
- Hackers Steal Thousands Of Files From M&A Giant Evercore
- Password Cracking Crew Cracks 11M Ashley Madison Passwords (Sept-2015)
Miscellaneous Security Risks
- Exploit Fully Breaks SHA-1, Lowers the Attack Bar
- I Got Access to My Secret Consumer Score. Now You Can Get Yours, Too.
- Decrypting config.bin files for TP-Link WR841N, WA855RE, and probably more…
- Alert Alarm SMS exploit
- Cybercriminals Fill Up on Gas Pump Transaction Scams Ahead of Oct. Deadline
- The Scammer Force is Strong with Star Wars: The Rise of Skywalker
- Critical Bug in WordPress Plugins Open Sites to Hacker Takeovers
- FIN8 Targets Card Data at Fuel Pumps
- DHS Rolls Back Facial-Recognition Expansion Plan
- Linux Bug Opens Most VPNs to Hijacking
- California DMV Rakes In $50 Million Per Year Selling Personal Information
- Cable Haunt' Bug Plagues Millions of Home Modems
- Critical WordPress Bug Leaves 320,000 Sites Open to Attack
- PGP: 'Serious' flaw found in secure email tech
- News Wrap: Amazon Ring Risks, Stalkerware, and D-Link Router Flaws
- Critical Flaws in VNC Threaten Industrial Environments
- DDoS Attacks Target Amazon, SoftLayer and Telecom Infrastructure
- Health Websites Share Sensitive Personal Data with Advertisers Without Required Consent: Report
- As auto technology advances, so does risk for hacking
- Holiday Shoppers Beware: 100K Malicious Sites Found Posing as Well-Known Retailers
- Design flaw could open Bluetooth devices to hacking
- Don't use public USB charging ports
- The Unhappiest Subscribers on Earth? Disney+ Accounts Hacked & Hijacked
- Pipka Card Skimmer Removes Itself After Infecting eCommerce Sites
- Tianfu Cup Round-Up: Safari, Chrome, D-Link Routers and Office 365 Successfully Hacked
- ICS Attackers Set To Inflict More Damage With Evolving Tactics
- Joker's Stash Drops Largest-Ever Credit Card Cache on Dark Web
- Cybercriminals Impersonate Russian APT ‘Fancy Bear’ to Launch DDoS Attacks
- Magecart Gang Targets Skin Care Site Visitors For 5+ Months
- Fujitsu Wireless Keyboard Plagued By Unpatched Flaws
- Bedside Hotel Robot Hacked to Stream In-Room Video
- Critical Firefox Bugs Allow Arbitrary Code-Execution
- A Tale of Exploitation in Spreadsheet File Conversions
- Four-Year-Old Critical Linux Wi-Fi Bug Allows System Compromise
- Hobbyists can plant hidden spy chips on motherboards for $200
- Your Computer Printer Has Been Silently Tracking You For Ages
- Software, Supply-Chain Dangers Top List of 5G Cyber Risks
- HP Touchpoint Analytics Opens PCs to Code Execution Attack
- D-Link Home Routers Open to Remote Takeover Will Remain Unpatched
- APT Groups Exploiting Flaws in Unpatched VPNs, Officials Warn
- Foxit PDF Reader Vulnerable to 8 High-Severity Flaws
- SQL injection to RCE - InfoSec Write-ups
- Huge Survey of Firmware Finds No Security Gains in 15 Years
- AT&T Employees Took Bribes To Plant Malware On Company's Network
- AWS issues are causing erratic cryptocurrency market data in Asia
- New Method Simplifies Cracking WPA/WPA2 Passwords on 802.11 Networks
- 'Plane Hacker' Roberts: I put a network sniffer on my truck to see what it was sharing. Holy crap
- Asus, Lenovo and Other Routers Riddled with Remotely Exploitable Bugs
- D-Link Cloud Camera Flaw Gives Hackers Access to Video Stream
- Fern Wifi cracker – Password Cracking Tool to Enoy Free Internet
- Reading/Writing Disk Sectors (Absolute Disk Read/Write)
- Retrieving Digital Evidence - Methods, Techniques and Issues (PDF)
- Mass router hack exposes millions of devices to potent NSA exploit
- The CPU catastrophe will hit hardest in the cloud
- Visualizing Meltdown on AWS
- NSA ‘Systematically Moving’ All Its Data to The Cloud
- The Cloud exposes your private IP cameras – Security Research Labs
- ‘Unhackable’ Blockchains Increasingly Vulnerable to Theft - Report