Important: BreachAware does not operate under any other brand name and will never provide unauthorised access to compromised credentials. We ask our users to beware of illegitimate websites imitating BreachAware.

Global News Feed

2019-10-31 13:11:00 UTC
Fake Voicemail/Office 365 Attack Targets Enterprise Execs

Executives at high-profile companies are being targeted by a fake voicemail campaign hunting for Office 365 credentials.

Web Security Email Enterprise Attack Fake Voicemail Office 365 Credentials Phishing Whaling Campaign
2019-10-31 13:00:00 UTC
Valve Source Engine, Fortnite Servers Crippled By Gafgyt Variant

Servers hosting Valve Source Engine and popular games like Fortnite are targeted by a new variant of the Gafgyt botnet.

IoT Malware Botnet Fortnite Gafgyt Gaming IoT Security Malware Remote Code Execution Flaws Servers Valve Source Engine Vulnerable Iot
2019-10-31 12:53:00 UTC
Naked Security | Sophos
Naked Security | Sophos
Judge lambasts porn company for spewing copyright lawsuits

A US court shielded ISP account holders from a request for expedited discovery to see whose IP addresses were used to share pirated videos.

Law & Order Privacy BitTorrent Copyright Infringement Copyright Troll Court Decision DMCA DMCA Notice Piracy Pirates Porn Strike 3 Holdings
2019-10-31 12:47:00 UTC
Naked Security | Sophos
Naked Security | Sophos
Researchers find hole in EU-wide identity system

The EU has fixed a flaw in the powerful yet complex eIDAS digital identification system that let people authenticate as someone else.

Government Security Security Threats Vulnerability Authentication And Trust Services EIDAS Electronic Identification EU European Union SEC Consult
2019-10-31 12:32:00 UTC
Naked Security | Sophos
Naked Security | Sophos
WhatsApp sues spyware maker for allegedly hacking phones worldwide

WhatsApp has publicly attributed the attack on its users in May 2019 to the Israeli spyware makers, NSO Group.

Cryptography Law & Order Malware Mobile Privacy Security Threats Social Networks WhatsApp Activists Cyberweapons Encrypted Messaging End-to-end Encryption Espionage Hacking Israel Lawsuit NSO NSO Group Pegasus Q Cyber Technologies RAT Spies Spyware Zero-click
2019-10-30 21:25:00 UTC
Dark Reading
Dark Reading
As Phishing Kits Evolve, Their Lifespans Shorten

Most phishing kits last less than 20 days, a sign defenders are keeping up in the race against cybercrime.

2019-10-30 20:47:00 UTC
Krebs on Security
Krebs on Security
Breaches at NetworkSolutions,, and

Top domain name registrars, and are asking customers to reset their passwords after discovering an intrusion in August 2019 in which customer account information was accessed.

Data Breaches NetworkSolutions Breach Breach Breach
2019-10-30 19:47:00 UTC
Insurance Pays Out a Sliver of Norsk Hydro’s Cyberattack Damages

The company received $3.6 million in cyber insurance - out of $71 million incurred in damages after a massive March cyberattack.

Hacks Cyber Insurance Cyberattack Industrial Cyberattack LockerGoga Malware Norsk Hydro Ransomware
2019-10-30 19:40:00 UTC
Dark Reading
Dark Reading
Ransomware Attack Hits Las Cruces, New Mexico Public Schools

The attack early in the morning of October 29 has taken all of the school district's systems offline.

2019-10-30 18:33:00 UTC
WhatsApp Spyware Attack: Uncovering NSO Group Activity

John Scott-Railton with Citizen Lab, who helped WhatsApp investigate the NSO Group over the alleged WhatsApp hack, said the subsequent lawsuit is a "certified big deal."

Hacks Malware Podcasts Android Bug Citizen Lab Civil Society Cyberattack Facebook Flaw Github John Scott Railton Lawsuit Messaging Mobile NSO Group Pegasus Privilege Elevation Remote Code Execution Security Spyware Vulnerability WhatsApp

BreachAware Insight


Listen to our podcast, where Andrew, the visionary CEO of BreachAware, sits down with unsung heroes of the cyber security industry. Get ready to uncover the stories and insights of industry trailblazers you might not have heard of before, as they share their experiences, opinions, and insider intel. But beware, it's not all serious talk—expect a healthy dose of humour (and the odd cussing) sprinkled throughout the conversation.

Point of View

February 2024
The Truth Behind "The Xun" Repository Bombshell
Well, well, well, it seems the digital waters are getting murkier by the day. A mysterious GitHub user by the name of I-SOON recently made their grand entrance onto the coding scene, dropping a repository bombshell titled "The Truth Behind an Xun." Inside? Oh, just a casual 200 megabytes of top-secret intel about a Chinese cybersecurity company. Talk about spilling the digital tea!

This treasur...

Weekly Summary

26 February 2024

A total of 38 breaches were found and analysed resulting in 3,984,206 leaked accounts containing a total of 27 different data types. The breaches found publicly and freely available included Stealer Log 0248, Leonardo, Stealer Log 0249, Tangerine Telecom and Stealer Log 0250