Important: BreachAware does not operate under any other brand name and will never provide unauthorised access to compromised credentials. We ask our users to beware of illegitimate websites imitating BreachAware.

Infosec News Feed

An aggregated list of cybersecurity publications
2018-11-07 16:33:00 UTC
ThreatPost
ThreatPost
WordPress Flaw Opens Millions of WooCommerce Shops to Takeover

A file delete vulnerability in WordPress can be elevated into a remote code execution vulnerability for plugins like WooCommerce.

Vulnerabilities Web Security Denial Of Service File Deletion Vulnerability Fix Patch Plugin Remote Code Execution Vulnerability WooCommerce Wordpress
2018-11-07 16:30:00 UTC
Dark Reading
Dark Reading
Utah Hacker Pleads Guilty to DoS Attacks: DoJ

Online gaming companies, including Sony Online Entertainment, and servers were main targets.

2018-11-07 16:23:00 UTC
ThreatPost
ThreatPost
Rapidly Growing Router Botnet Takes Advantage of 5-Year-Old Flaw

A sophisticated proxy code has infected hundreds of thousands of devices already.

Malware Vulnerabilities Web Security Bcmupnp_hunter Botnet Broadcom Router Spam Universal Plug And Play UPnP Vulnerability
2018-11-07 15:59:00 UTC
The Daily Swig
The Daily Swig
Hacker education, inclusivity, and shifting perceptions of bug bounties

HackerOne CEO Mårten Mickos takes stock of another landmark year for bug bounty platforms

2018-11-07 15:30:00 UTC
Dark Reading
Dark Reading
5 Reasons Why Threat Intelligence Doesn't Work

Cybersecurity folks often struggle to get threat intelligence's benefits. Fortunately, there are ways to overcome these problems.

2018-11-07 15:11:00 UTC
The Daily Swig
The Daily Swig
Amex India accounts exposed by misconfigured MongoDB installation

Thousands of sensitive records were made publicly available

2018-11-07 12:38:00 UTC
The Daily Swig
The Daily Swig
Self-encrypting SSDs can easily be cracked

‘They put the keys to the safe under the safe’

2018-11-07 12:26:00 UTC
HackRead
HackRead
Data from “almost every Pakistani Bank” stolen & sold on the dark web

By Waqas

Pakistani banks have debuted on the Dark Web with almost all of the country’s banks becoming victims of a devastating data hack. It is undoubtedly the biggest ever hacking campaign launched against banks in Pakistan. It is estimated that hackers have stolen financial data of more than 8,000 account holders from at least 10 different […]

This is a post from HackRead.com Read the original post: Data from “almost every Pakistani Bank” stolen & sold on the dark web

Hacking News Banking Cyber Crime Dark Web Hacking Pakistan Security
2018-11-07 05:49:00 UTC
Krebs on Security
Krebs on Security
Busting SIM Swappers and SIM Swap Myths

KrebsOnSecurity recently had a chance to interview members of the REACT Task Force, a team of law enforcement officers and prosecutors based in Santa Clara, Calif. that has been tracking down individuals engaged in unauthorized "SIM swaps" -- a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. Snippets from that fascinating conversation are recounted below, and punctuated by accounts from a recent victim who lost more than $100,000 after his mobile phone number was hijacked.

A Little Sunshine Latest Warnings The Coming Storm Web Fraud 2.0 Caleb Tuttle Christian Ferri Erin West John Rose REACT Task Force Samy Tarazi SIM Swap T-Mobile
2018-11-06 22:53:00 UTC
ThreatPost
ThreatPost
HSBC Data Breach Hits Online Banking Customers

The data breach includes names, addresses, transaction histories, account information and more.

Hacks Web Security Brute Force Credential Stuffing Data Breach HSBC Online Banking Password Reuse