Important: BreachAware does not operate under any other brand name and will never provide unauthorised access to compromised credentials. We ask our users to beware of illegitimate websites imitating BreachAware.

Global News Feed

POPULAR CYBERSECURITY PUBLICATIONS
2018-09-10 14:24:00 UTC
The Daily Swig
The Daily Swig
Apple requires privacy policies across all apps – but is anyone reading them?

New app requirements put the onus on developers, but long and legalese-filled privacy policies often leave users none the wiser.

2018-09-07 15:34:00 UTC
The Daily Swig
The Daily Swig
OAuth standard exploited for account takeover

Innovative host header attack bags $7,560 bounty.

2018-09-07 13:38:00 UTC
The Daily Swig
The Daily Swig
‘If it goes rogue, that’s it’

Top infosec trends in the media spotlight this week.

2018-09-07 11:26:00 UTC
The Daily Swig
The Daily Swig
Connecting the cybercrime dots: Windows zero-day being exploited in the wild

Privilege escalation bug becomes a case study in exploit integration and threat detection.

2018-09-06 15:55:00 UTC
Ars Technica
Ars Technica
Windows 10 support extended again: September releases now get 30 months

And Microsoft is offering enterprises dedicated app compatibility support.

Tech Microsoft Office Office 365 Patches Security Support Windows Windows 10
2018-09-06 15:51:00 UTC
Krebs on Security
Krebs on Security
Leader of DDoS-for-Hire Gang Pleads Guilty to Bomb Threats

A 19-year-old man from the United Kingdom who headed a cybercriminal group whose motto was "Feds Can't Touch Us" pleaded guilty this week to making bomb threats against thousands of schools.

On Aug. 31, officers with the U.K.'s National Crime Agency (NCA) arrested Hertfordshire resident George Duke-Cohan, who admitted making bomb threats to thousands of schools and a United Airlines flight traveling from the U.K. to San Francisco last month.

Ne'er-Do-Well News George Duke-Cohan Lizard Squad National Crime Agency NCA Protonmail
2018-09-06 12:43:00 UTC
The Daily Swig
The Daily Swig
Russian-linked Silence hackers ‘are cybersecurity professionals’

New report claims pen testers carried out banking attacks.

2018-09-05 22:55:00 UTC
Krebs on Security
Krebs on Security
Browser Extensions: Are They Worth the Risk?

Popular file-sharing site Mega.nz is warning users that cybercriminals hacked its browser extension for Google Chrome so that any usernames and passwords submitted through the browser were copied and forwarded to a rogue server in Ukraine. This attack serves as a fresh reminder that legitimate browser extensions can and periodically do fall into the wrong hands, and that it makes good security sense to limit your exposure to such attacks by getting rid of extensions that are no longer useful or actively maintained by developers.

A Little Sunshine Latest Warnings Add-ons Browser Extensions Chrome Firefox Google Mega.nz Three Rules Of Online Security
2018-09-05 16:18:00 UTC
The Daily Swig
The Daily Swig
Reflected response: Dangerous ACME implementations result in XSS

Request encryption, get script injection.

2018-09-05 14:38:00 UTC
The Daily Swig
The Daily Swig
No cracking required: Browser flaw permits unauthorized WiFi access

Saved credentials and HTTP are a deadly combination, researchers warn.

BreachAware Insight

THE LATEST CURATED INTEL FROM OUR RESEARCH CENTRE
BreachAware Podcast

Listen to our podcast, where Andrew, the visionary CEO of BreachAware, sits down with unsung heroes of the cyber security industry. Get ready to uncover the stories and insights of industry trailblazers you might not have heard of before, as they share their experiences, opinions, and insider intel. But beware, it's not all serious talk—expect a healthy dose of humour (and the odd cussing) sprinkled throughout the conversation.

Amazon Music Apple Podcasts Spotify Podcast BreachAware YouTube Channel

Weekly Summary

SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES
18 November 2024
BREACHAWARE HQ
Spider Breach Exposure Monitoring