Important: BreachAware does not operate under any other brand name and will never provide unauthorised access to compromised credentials. We ask our users to beware of illegitimate websites imitating BreachAware.

Global News Feed

POPULAR CYBERSECURITY PUBLICATIONS
2020-01-08 12:39:00 UTC
Naked Security | Sophos
Naked Security | Sophos
REvil ransomware exploiting VPN flaws made public last April

Researchers report flaws, vendors issue patches, organisations apply them - and everyone lives happily ever after. Right? Wrong!

Malware Ransomware Security Threats Vulnerability Bad Packets Report Pulse Secure Ransomware Revil Sodinokibi Vpn
2020-01-08 12:29:00 UTC
Naked Security | Sophos
Naked Security | Sophos
YouTube to treat all kid-aimed videos like they’re COPPA-liable

The FTC can fine content creators up to $42,530 per violation - even though they don't collect, receive, nor have access to kids' data.

Google Law & Order Privacy Children Online Children's Online Privacy Protection Act Coppa Federal Trade Commission Ftc Kids YouTube
2020-01-08 11:40:00 UTC
Naked Security | Sophos
Naked Security | Sophos
US warns of Iranian cyber threat

The DHS has issued three warnings in the last few days encouraging people to be on alert for physical and cyber attacks from Iran.

Government Security Security Threats Cyberattackers Department Of Homeland Security Iran Nation State Hacking Qasem Soleimani US US-Iran Tensions
2020-01-08 11:20:00 UTC
Naked Security | Sophos
Naked Security | Sophos
Facebook bans deepfakes, but not cheapfakes or shallowfakes

Quick-n-sleazy edits are still OK, such as the 75% slowdown that made Nancy Pelosi slur or the edit that turned Joe Biden into a racist.

Facebook Fake News Machine Learning Social Networks Cheapfakes Deepfakes Fake News Mark Zuckerberg Shallowfakes
2020-01-07 22:45:00 UTC
Dark Reading
Dark Reading
DHS Warns of Potential Iranian Cyberattacks

Recent US military action in Baghdad could prompt retaliatory attacks against US organizations, it says.

2020-01-07 21:35:00 UTC
Krebs on Security
Krebs on Security
Tricky Phish Angles for Persistence, Not Passwords

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user's data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file storage service. Anyone who takes the bait will inadvertently forward a digital token to the attackers that gives them indefinite access to the victim's email, files and contacts -- even after the victim has changed their password.

Latest Warnings The Coming Storm Web Fraud 2.0 Jeff Jones Login.microsoftonline.com Michael Tyler Microsoft Office 365 Microsoftonline.com PhishLabs
2020-01-07 20:50:00 UTC
ThreatPost
ThreatPost
Google Fixes Critical Android RCE Flaw

Google's first security update of 2020 addressed seven high and critical severity Android flaws.

Mobile Security Web Security Android Critical Flaw Elevation Of Privilege Google Patch Qualcomm Remote Code Execution Security Update
2020-01-07 17:04:00 UTC
ThreatPost
ThreatPost
Sodinokibi Ransomware Behind Travelex Fiasco: Report

Researchers suspect the cybercriminals attacked using an unpatched critical vulnerability in the company's seven Pulse Secure VPN servers.

Malware Vulnerabilities CVE-2019-11510 CVE-2019-11539 Cyberattack Foreign Currency Exchange Pulse Secure Ransomware Sodinokibi Travelex Unpatched Servers VPN
2020-01-07 16:44:00 UTC
HackRead
HackRead
Hackers steal sensitive data from Japanese search engine for sex hotels

By Waqas

A Japanese search engine designed primarily for the purpose of helping people find Love Hotels and book rooms suffered a data breach.

This is a post from HackRead.com Read the original post: Hackers steal sensitive data from Japanese search engine for sex hotels

Hacking News Breach Hacking Japan Privacy Security
2020-01-07 15:51:00 UTC
The Daily Swig
The Daily Swig
‘Privacy and security are two sides of the same coin’

Synopsys’ Tim Mackey on GDPR, IoT security, and cloud-based DevOps

BreachAware Insight

THE LATEST CURATED INTEL FROM OUR RESEARCH CENTRE

Listen to our podcast, where Andrew, the visionary CEO of BreachAware, sits down with unsung heroes of the cyber security industry. Get ready to uncover the stories and insights of industry trailblazers you might not have heard of before, as they share their experiences, opinions, and insider intel. But beware, it's not all serious talk—expect a healthy dose of humour (and the odd cussing) sprinkled throughout the conversation.

Point of View

OUR TAKE ON TRENDING STORIES
February 2024
By SUE DENIM
The Truth Behind "The Xun" Repository Bombshell.
Well, well, well, it seems the digital waters are getting murkier by the day. A mysterious GitHub user by the name of I-SOON recently made their grand entrance onto the coding scene, dropping a repository bombshell titled "The Truth Behind an Xun." Inside? Oh, just a casual 200 megabytes of top-secret intel about a Chinese cybersecurity company. Talk about spilling the digital tea!

This treasur...

Weekly Summary

SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES
25 March 2024
BREACHAWARE HQ

A total of 24 breaches were found and analysed resulting in 87,916,303 leaked accounts containing a total of 21 different data types. The breaches found publicly and freely available included AT&T Division, US Consumer Opt In Records, Gosuslugi [2], Kava CasinoLife Poker and Stealer Log 0438