Important: BreachAware does not operate under any other brand name and will never provide unauthorised access to compromised credentials. We ask our users to beware of illegitimate websites imitating BreachAware.
Global News Feed
POPULAR CYBERSECURITY PUBLICATIONSCyberespionage attackers have ditched their PowerShell backdoor in favor of the Windows BITS ‘notification’ feature.
All organizations with Windows infrastructures should make sure their systems are patched to current versions, Rapid7 suggests.
Mozilla says move won’t impinge on network-level parental controls
Attackers can drop malware, add the device to a botnet or send their own audio streams to compromised devices.
Wikipedia and World of Warcraft Classic users reported global outages over the weekend in targeted - and connected - DDoS attacks.
Over the past year, the cyber-espionage group has attacked at least 12 other companies in the military, telecom, and satellite sectors, Symantec says.
The ransomware campaign affected 22 local governments, none of which have paid the attackers' $2.5 million ransom demand.
The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. The contractor claims the access being auctioned off was to old test systems that do not have direct connections to its government partner networks.
In mid-August, a member of a popular Russian-language cybercrime forum offered to sell access to the internal network of a U.S. government IT contractor that does business with more than 20 federal agencies, including several branches of the military. The seller bragged that he had access to email correspondence and credentials needed to view databases of the client agencies, and set the opening price at six bitcoins (~USD $60,000).
A critical vulnerability found in Exim servers could enable a remote, unauthenticated attacker to execute arbitrary code with root privileges.
Attackers don't need sophisticated James Bondian hardware to break into your company. Sometimes a $99 device will do.
BreachAware Insight
THE LATEST CURATED INTEL FROM OUR RESEARCH CENTREListen to our podcast, where Andrew, the visionary CEO of BreachAware, sits down with unsung heroes of the cyber security industry. Get ready to uncover the stories and insights of industry trailblazers you might not have heard of before, as they share their experiences, opinions, and insider intel. But beware, it's not all serious talk—expect a healthy dose of humour (and the odd cussing) sprinkled throughout the conversation.
Point of View
OUR TAKE ON TRENDING STORIESWeekly Summary
SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINESA total of 15 breaches were found and analysed resulting in 10,110,194 leaked accounts containing a total of 23 different data types. The breaches found publicly and freely available included US Environmental Protection Agency (EPA), Stealer Log 0448, Stealer Log 0449, Believe and Carding Team