Important: BreachAware does not operate under any other brand name and will never provide unauthorised access to compromised credentials. We ask our users to beware of illegitimate websites imitating BreachAware.

Global News Feed

POPULAR CYBERSECURITY PUBLICATIONS
2019-09-09 17:59:00 UTC
The Daily Swig
The Daily Swig
Firefox DNS-over-HTTPS rollout starts later this month

Mozilla says move won’t impinge on network-level parental controls

2019-09-09 17:43:00 UTC
ThreatPost
ThreatPost
Telnet Backdoor Opens More Than 1M IoT Radios to Hijack

Attackers can drop malware, add the device to a botnet or send their own audio streams to compromised devices.

IoT Vulnerabilities 1 Million Devices Cyberattacks Imperial Dabman Iot Radio Telnet Backdoor Vulnerability Vulnerability Lab Weak Password
2019-09-09 17:37:00 UTC
ThreatPost
ThreatPost
Wikipedia, World of Warcraft Downed By Weekend DDoS Attacks

Wikipedia and World of Warcraft Classic users reported global outages over the weekend in targeted - and connected - DDoS attacks.

Hacks Web Security Blizzard Entertainment Cyberattack DDoS Attack Denial Of Service Distributed Denial Of Service Wikipedia Ddos World Of Warcraft
2019-09-09 17:30:00 UTC
Dark Reading
Dark Reading
Public Exposure Does Little to Slow China-Based Thrip APT

Over the past year, the cyber-espionage group has attacked at least 12 other companies in the military, telecom, and satellite sectors, Symantec says.

2019-09-09 17:20:00 UTC
Dark Reading
Dark Reading
Texas Refuses to Pay $2.5M in Massive Ransomware Attack

The ransomware campaign affected 22 local governments, none of which have paid the attackers' $2.5 million ransom demand.

2019-09-09 16:47:00 UTC
Krebs on Security
Krebs on Security
Secret Service Investigates Breach at U.S. Govt IT Contractor

The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. The contractor claims the access being auctioned off was to old test systems that do not have direct connections to its government partner networks.

In mid-August, a member of a popular Russian-language cybercrime forum offered to sell access to the internal network of a U.S. government IT contractor that does business with more than 20 federal agencies, including several branches of the military. The seller bragged that he had access to email correspondence and credentials needed to view databases of the client agencies, and set the opening price at six bitcoins (~USD $60,000).

Data Breaches Dana Deasy Hold Security Julius Patterson Miracle Systems LLC National Institutes Of Health Perceptics Sandesh Sharda Trickbot U.S. Citizenship And Immigration Services U.S. Department Of Homeland Security U.S. Department Of Transportation U.S. Secret Service
2019-09-09 14:01:00 UTC
ThreatPost
ThreatPost
Critical Exim Flaw Opens Millions of Servers to Takeover

A critical vulnerability found in Exim servers could enable a remote, unauthenticated attacker to execute arbitrary code with root privileges.

Cloud Security Vulnerabilities Active Exploit Azure Exim Linux Flaw Microsoft Unix Virtual Machine Vulnerable Server Worm
2019-09-09 14:00:00 UTC
Dark Reading
Dark Reading
From Spyware to Ninja Cable

Attackers don't need sophisticated James Bondian hardware to break into your company. Sometimes a $99 device will do.

2019-09-09 11:49:00 UTC
The Daily Swig
The Daily Swig
Open source tool helps test security of cloud containers

CCAT is on the prowl for backdoors in container environments

2019-09-09 11:35:00 UTC
ThreatPost
ThreatPost
Apple Claims Google is Spreading FUD Over Patched iPhone Bugs

Apple said Google’s recent analysis of vulnerabilities found January in iOS painted a misleading picture of the scope of the attacks and the risk involved

Mobile Security Apple Google IOS 12.1.4 Iphone Project Zero Zero-day

BreachAware Insight

THE LATEST CURATED INTEL FROM OUR RESEARCH CENTRE

Listen to our podcast, where Andrew, the visionary CEO of BreachAware, sits down with unsung heroes of the cyber security industry. Get ready to uncover the stories and insights of industry trailblazers you might not have heard of before, as they share their experiences, opinions, and insider intel. But beware, it's not all serious talk—expect a healthy dose of humour (and the odd cussing) sprinkled throughout the conversation.

Point of View

OUR TAKE ON TRENDING STORIES
February 2024
By SUE DENIM
The Truth Behind "The Xun" Repository Bombshell.
Well, well, well, it seems the digital waters are getting murkier by the day. A mysterious GitHub user by the name of I-SOON recently made their grand entrance onto the coding scene, dropping a repository bombshell titled "The Truth Behind an Xun." Inside? Oh, just a casual 200 megabytes of top-secret intel about a Chinese cybersecurity company. Talk about spilling the digital tea!

This treasur...

Weekly Summary

SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES
25 March 2024
BREACHAWARE HQ

A total of 24 breaches were found and analysed resulting in 87,916,303 leaked accounts containing a total of 21 different data types. The breaches found publicly and freely available included AT&T Division, US Consumer Opt In Records, Gosuslugi [2], Kava CasinoLife Poker and Stealer Log 0438