Important: BreachAware does not operate under any other brand name and will never provide unauthorised access to compromised credentials. We ask our users to beware of illegitimate websites imitating BreachAware.

Infosec News Feed

An aggregated list of cybersecurity publications
2018-11-21 20:05:00 UTC
ThreatPost
ThreatPost
Podcast: Why ‘Throwing Money’ at Threats Won’t Work

How can businesses create an effective cyber defense strategy? It starts with defining success, an expert tells us.

Podcasts Vulnerabilities Bug Bounty Cyber-defense Defense Strategy Threatpost Podcast
2018-11-21 19:15:00 UTC
ThreatPost
ThreatPost
FCC Addresses Robocalling – But Questions Remain

The FCC will consider a proposal to combat robocalls and text spam in December.

Critical Infrastructure Government Hacks Malware Cybersecurity Fcc Proposal Number Spoofing Privacy Researcher Feedback Robocalls Text Spam
2018-11-21 18:00:00 UTC
Dark Reading
Dark Reading
Mirai Evolves From IoT Devices to Linux Servers

Netscout says it has observed at least one dozen Mirai variants attempting to exploit a recently disclosed flaw in Hadoop YARN on Intel servers.

2018-11-21 17:26:00 UTC
HackRead
HackRead
13 malware gaming apps on Play Store installed by half a million users

By Waqas

Android is one of the most used mobile operating systems in the world and that makes it a lucrative target for malicious hackers. Recently, ESET’s IT security researcher Lukas Stefanko identified the presence of a malware in 13 driving gaming apps on none other than Google Play Store. What’s worse is that these apps were installed by more […]

This is a post from HackRead.com Read the original post: 13 malware gaming apps on Play Store installed by half a million users

Malware Security Android Gaming Google Play Store Security TROJAN
2018-11-21 17:10:00 UTC
Krebs on Security
Krebs on Security
USPS Site Exposed Data on 60 Million Users

U.S. Postal Service just fixed a security weakness that allowed anyone who has an account at usps.com to view account details for some 60 million other users, and in some cases to modify account details on their behalf.

KrebsOnSecurity was contacted last week by a researcher who discovered the problem, but who asked to remain anonymous. The researcher said he informed the USPS about his finding more than a year ago yet never received a response. After confirming his findings, this author contacted the USPS, which promptly addressed the issue.

A Little Sunshine Data Breaches Bit Discovery Informed Visibility Nicholas Weaver Robert Hansen U.S. Secret Service UC Berkeley's International Computer Science Institute USPS Informed Delivery USPS Office Of Inspector General
2018-11-21 16:32:00 UTC
The Daily Swig
The Daily Swig
Singapore strengthens security ties with Canada through new MoU

Trans-Pacific partnership will cover cybersecurity cooperation in key areas

2018-11-21 16:19:00 UTC
ThreatPost
ThreatPost
Emotet’s Thanksgiving Campaign Delivers New Recipes for Compromise

The crafty malware has departed from its usual cornucopia of tactics and tricks.

Malware Analysis Emotet Macro Obfuscation Malware Mass Email New Modules New Tactics Spam Campaign Thanksgiving Theme
2018-11-21 15:30:00 UTC
Dark Reading
Dark Reading
To Stockpile or Not to Stockpile Zero-Days?

As the debate rages on, there is still no simple answer to the question of whether the government should stockpile or publicly disclose zero-day vulnerabilities.

2018-11-21 15:18:00 UTC
The Daily Swig
The Daily Swig
Russian Cozy Bear cyberspies awake from hibernation to sling spyware

They’re baaack

2018-11-21 01:00:00 UTC
Dark Reading
Dark Reading
Russia Linked Group Resurfaces With Large-Scale Phishing Campaign

APT29/Cozy Bear is targeting individuals in military, government, and other sectors via email purporting to be from US State Department.