Important: BreachAware does not operate under any other brand name and will never provide unauthorised access to compromised credentials. We ask our users to beware of illegitimate websites imitating BreachAware.

Global News Feed

2019-10-22 14:24:00 UTC
Naked Security | Sophos
Naked Security | Sophos
Storing your stuff securely in the cloud

How much of our stuff is going to the cloud? Probably a lot more than you realize. Let's look at the risks and how to mitigate them.

Data Loss Security Threats Backups Cloud Security Cloud Storage Data Access Data Security Rogue Insider
2019-10-22 13:58:00 UTC
The Daily Swig
The Daily Swig
Russian cybercrooks co-opted Iranian hacking tools to attack dozens of countries

False flags and masquerades

2019-10-22 13:40:00 UTC
Naked Security | Sophos
Naked Security | Sophos
Vatican launches smart rosary – complete with brute-force flaw

Now fixed, the Vatican's new fitness-and-prayer eRosary and its accompanying app, Click to Pray, were found to have a serious privacy bug.

Government Security Security Threats Vulnerability Brute Force Click To Pray ERosary Fidus Information Security Vatican Wearables Worldwide Prayer Network
2019-10-22 13:00:00 UTC
Three Service Account Secrets Straight from Hackers and Security Pros

A survey of nearly 300 Black Hat conference attendees this year showed strong agreement that service accounts are an attractive target.

Black Hat Critical Infrastructure Hacks Vulnerabilities Web Security Account Security Password Security Passwords Service Account Survey
2019-10-22 13:00:00 UTC
Cynet’s free vulnerability assessment offering helps organizations significantly increase their security

By monitoring their environment, companies can be ready to take action if any weakness – usually a software vulnerability – is found.

Cloud Security Critical Infrastructure Malware Vulnerabilities Web Security Patch Monitoring Software Monitoring Software Patch Vulnerability Assessment
2019-10-22 12:27:00 UTC
Survey Finds People are Privacy Hypocrites

A report by HP found that most people admit to looking at others’ computer screens and documents in the workplace while still keeping their own privacy top of mind.

Privacy Web Security Consumer Privacy Data Privacy Devices Hackers HP HPE Human Nature National Cybersecurity Awareness Month Online Privacy PCs Printers Security Workplace Security
2019-10-22 11:41:00 UTC
Naked Security | Sophos
Naked Security | Sophos
Woman ordered to type in iPhone passcode so police can search device

It's not a violation of her Fifth Amendment rights, the court said, because it's a “foregone conclusion" that she knows her phone passcode.

Apple IOS Law & Order Privacy 5th Amendment Appeals Court Compelled Unlock Constitution Fifth Amendment Forced Unlock Foregone Conclusion IPhone Passcodes Passwords Unlock
2019-10-22 10:36:00 UTC
The Daily Swig
The Daily Swig
Project fear? Expanded Thai data collection law raises privacy hackles

New traffic logging rules will likely impact low-income citizens, privacy advocate warns

2019-10-22 09:37:00 UTC
Naked Security | Sophos
Naked Security | Sophos
Google chief warns visitors about smart speakers in his home

Rick Osterloh says he discloses smart speaker use when someone enters his home, and the products should probably do so themselves.

Amazon Google IoT Privacy Alexa Amazon Echo Eavesdropping Google Nest Recordings Smart Speakers Surveillance
2019-10-22 00:32:00 UTC
Krebs on Security
Krebs on Security
Avast, NordVPN Breaches Tied to Phantom User Accounts

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that -- while otherwise unrelated -- shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.

Data Breaches Avast Breach FileHippo Jaya Baloo Kenneth White NordVPN Breach Open Crypto Audit Project Secunia Personal Software Inspector Supply Chain Attack Techcrunch Zack Whittaker

BreachAware Insight

BreachAware Podcast

Listen to our podcast, where Andrew, the visionary CEO of BreachAware, sits down with unsung heroes of the cyber security industry. Get ready to uncover the stories and insights of industry trailblazers you might not have heard of before, as they share their experiences, opinions, and insider intel. But beware, it's not all serious talk—expect a healthy dose of humour (and the odd cussing) sprinkled throughout the conversation.

Amazon Music Apple Podcasts Spotify Podcast BreachAware YouTube Channel

Point of View

June 2024
Dark-Web Forum Collapse, Lockbit’s Misdirection, and Europol’s Botnet Crackdown.
In the ever-dramatic world of cybercrime, a small dark-web forum has found itself in a downward spiral, now up for sale. As covered in our weekly insight, the forum was breached by an unknown threat actor, prompting the admin to panic and shut it down. This came just days after the admin had taken to Telegram to badmouth the threat actor community and insult Shiny Hunters, the admin of Breach Foru...

Weekly Summary

15 July 2024

A total of 18 breaches were found and analysed resulting in 5,935,927 leaked accounts containing a total of 28 different data types. The breaches found publicly and freely available included Giant Tiger, Telegram Base 2019-2023, Stealer Log 0475, Stealer Log 0474 and Tattletale