Important: BreachAware does not operate under any other brand name and will never provide unauthorised access to compromised credentials. We ask our users to beware of illegitimate websites imitating BreachAware.

Infosec News Feed

An aggregated list of cybersecurity publications
2021-10-22 15:17:00 UTC
HackRead
HackRead
WinRAR vulnerability allowed attackers to remotely hijack systems

By Deeba Ahmed

The vulnerability in WinRAR trialware could be abused by a remote attacker for executing arbitrary code on any system thus, getting an opportunity to launch a range of attacks.

This is a post from HackRead.com Read the original post: WinRAR vulnerability allowed attackers to remotely hijack systems

Security Hacking Security Vulnerability WinRAR
2021-10-22 14:58:00 UTC
The Daily Swig
The Daily Swig
Node.js sandboxes are open to prototype pollution

Sandbox breakout can lead to remote code execution, researchers warn

2021-10-22 14:48:00 UTC
ThreatPost
ThreatPost
Cisco SD-WAN Security Bug Allows Root Code Execution

The high-severity bug, tracked as CVE-2021-1529, is an OS command-injection flaw.

Cloud Security Vulnerabilities
2021-10-22 14:03:00 UTC
Naked Security | Sophos
Naked Security | Sophos
REvil ransomware gang allegedly forced offline by law enforcement counterattacks

One down. Lots more to go. Here's what to do...

Law & Order Ransomware Darkside FBI Law Enforcement Ransomware Revil
2021-10-22 14:00:00 UTC
Dark Reading
Dark Reading
What Squid Game Teaches Us About Cybersecurity

When life inside the security operations center feels treacherous, here are some suggestions for getting out alive.

2021-10-22 12:46:00 UTC
The Daily Swig
The Daily Swig
Swiss exhibitions organizer MCH Group hit by cyber-attack

Investigations yet to confirm if any data was exfiltrated

2021-10-22 11:44:00 UTC
ThreatPost
ThreatPost
Threat Actors Abuse Discord to Push Malware

The platform’s Content Delivery Network and core features are being used to send malicious files—including RATs--across its network of 150 million users, putting corporate workplaces at risk.

Malware
2021-10-22 11:31:00 UTC
The Daily Swig
The Daily Swig
Japanese punctuation exacerbates privacy flaw that leaks one-word search terms in Google, Firefox browsers

Researcher questions efficacy of proposed remedies as debate rumbles on 18 months after disclosure

2021-10-22 10:31:00 UTC
The Daily Swig
The Daily Swig
EU ban on anonymous domain registration welcomed by threat intel firm

‘This raises the bar and makes it expensive for easy cyber criminality,’ argues DomainTools

2021-10-21 21:42:00 UTC
Dark Reading
Dark Reading
Google Buckles Down on Android Enterprise Security

The launch of Android 12 brings several new default security features, along with new security efforts for Android Enterprise.

Realtime Feed

Realtime data discovered by the BreachAware platform in the last 5 minutes

Autodiscovered Credentials

Data discovered by the BreachAware platform in the last week

Scan Activity

Scan audit log

Login to view activity

Account Activity

Account Audit Log

Login to view activity