Important: BreachAware does not operate under any other brand name and will never provide unauthorised access to compromised credentials. We ask our users to beware of illegitimate websites imitating BreachAware.

Global News Feed

2019-12-06 13:18:00 UTC
Naked Security | Sophos
Naked Security | Sophos
Mac users targetted by Lazarus ‘fileless’ Trojan

The Lazarus hacking group are trying to sneak a ‘fileless’ Trojan on to Apple computers, disguised as a fake cryptocurrency trading program.

Malware Apple Cryptocurrency Fileless Malware Lazarus Group MacOS Nukesped
2019-12-06 12:10:00 UTC
Naked Security | Sophos
Naked Security | Sophos
US parents file class action against TikTok over children’s privacy

Collecting children's data without their guardians' consent is illegal under COPPA and already earned TikTok a huge fine.

Law & Order Mobile Privacy Social Networks ByteDance Child Predators Children Children Online Children's Privacy China Coppa Laura Lopez Pii Sherri LeShore TikTok
2019-12-06 11:48:00 UTC
Naked Security | Sophos
Naked Security | Sophos
Instagram trying to protect kids by getting dates of birth from new users

It's about showing age-appropriate content, it said. Though staying safe from child-privacy lawsuits doesn't hurt, either.

Facebook Instagram Privacy Social Networks Age-appropriate Birthday Children Date Of Birth Minors NSPCC Policies Policy Underage Children
2019-12-06 11:31:00 UTC
Naked Security | Sophos
Naked Security | Sophos
OpenBSD devs patch authentication bypass bug

One of the internet's most popular free operating systems allowed attackers to bypass its authentication controls.

Operating Systems Security Threats Vulnerability -schallenge CVEs OpenBSD Operating Systems Vulnerability
2019-12-06 11:27:00 UTC
5 things you should never do when using anonymous operating systems

By David Balaban

Some people overestimate the capabilities of anonymous operating systems, thinking that after they launch OS like Tails, they are completely protected from any enemy.

This is a post from Read the original post: 5 things you should never do when using anonymous operating systems

Security Anonymity Anonymous Police Privacy Security VPN
2019-12-06 10:21:00 UTC
The Daily Swig
The Daily Swig
HackerOne awards $20,000 bug bounty after leaking session cookie to hacker

Account takeover issue flagged through bug bounty platform’s own bug bounty program

2019-12-05 21:08:00 UTC
Ransomware Attack Hits Data Center Provider CyrusOne: Report

Security experts say the incident shows that cybercriminals are using ransomware to hit companies where it hurts.

Hacks Malware CyrusOne Data Center Ransomware Hack Malware Ransomware Ransomware Attack REvil Ransomware Sodinokibi
2019-12-05 21:00:00 UTC
Dark Reading
Dark Reading
VPN Flaw Allows Criminal Access to Everything on Victims' Computers

Vulnerability in the Aviatrix VPN client, since patched, gives an attacker unlimited access to a breached system.

2019-12-05 20:45:00 UTC
Dark Reading
Dark Reading
US Sets $5 Million Bounty For Russian Hacker Behind Zeus Banking Thefts

Maksim Yakubets and his crew stole tens of millions using Zeus and Dridex, with victims including Bank of America, Key Bank, GenLabs, and United Dairy, DoJ says.

2019-12-05 19:52:00 UTC
Israeli firm buys Private Internet Access (PIA) VPN raising privacy concerns

By Sudais

Private Internet Access VPN users don't look happy with the development...

This is a post from Read the original post: Israeli firm buys Private Internet Access (PIA) VPN raising privacy concerns

Privacy Surveillance Israel PIA Security VPN

BreachAware Insight

BreachAware Podcast

Listen to our podcast, where Andrew, the visionary CEO of BreachAware, sits down with unsung heroes of the cyber security industry. Get ready to uncover the stories and insights of industry trailblazers you might not have heard of before, as they share their experiences, opinions, and insider intel. But beware, it's not all serious talk—expect a healthy dose of humour (and the odd cussing) sprinkled throughout the conversation.

Amazon Music Apple Podcasts Spotify Podcast BreachAware YouTube Channel

Point of View

May 2024
Breach Forums Resurrection, Government Breaches, and Shifting Motives
The saga of Breach Forums continues with twists and turns. Just when the FBI thought they'd scored another victory by seizing the infamous Breach Forums and arresting its co-administrator Baphomet, the remaining admin pulled a digital rabbit out of the hat. Despite the initial seizure of both the clear-net and Tor domains, as well as the Telegram channel, the FBI's victory was short-lived. Mere ho...

Weekly Summary

24 June 2024

A total of 25 breaches were found and analysed resulting in 3,151,505 leaked accounts containing a total of 29 different data types. The breaches found publicly and freely available included mSpy, Stealer Log 0468, Kladzdor, Facebook [3] and Fit5