Birth Certificate Data Laid Bare on the Web in Multiple States A platform that allows online applications for copies of birth certificates did not store its data properly. threatpost.com/birth-certifica

Romanian Duo Receives Jailtime For Infecting 400,000 With Malware Since 2007, the two allegedly operated a cybercrime ring called "Bayrob Group." threatpost.com/romanian-duo-ja

Elder Scrolls Online Targeted by Cybercrooks Hunting In-Game Loot A phishing attack is masquerading as messages from the game's developers. threatpost.com/elder-scrolls-o

GE, Dunkin’, Forever 21 Caught Up in Broad Internal Document Leak A PR and marketing provider exposed sensitive data for a raft of big-name companies. threatpost.com/ge-dunkin-forev

Reddit Says Influence Campaign is Behind Leaked U.S.-U.K. Trade Documents The platform has linked documents posted on its site to a vote-manipulation campaign already observed on Facebook earlier this year. threatpost.com/reddit-says-inf

Email Voted a Weak Link for Election Security, with DMARC Lagging Most counties are not protected from impersonation-based spearphishing attacks. threatpost.com/email-voted-a-w

Feds Crack Down on Money Mules, Warn of BEC Scams Authorities say they have halted over 600 domestic money mules – exceeding the 400 money mules stopped last year. threatpost.com/feds-crack-down

News Wrap: Authorities Target Evil Corp., Imminent Monitor, Money Mules In this past week, the authorities have cracked down on various BEC scams and cybercrime gangs. threatpost.com/authorities-tar

Linux Bug Opens Most VPNs to Hijacking In a coffee-shop scenario, attackers can hijack "secure" VPN sessions of those working remotely, injecting data into their TCP streams. threatpost.com/linux-bug-vpns-

Facebook Alleges Company Infiltrated Thousands for Ad Fraud Facebook has paid over $4 million to victims to reimburse them for the unauthorized ads purchased using their ad accounts. threatpost.com/facebook-allege

Stealthy MacOS Malware Tied to Lazarus APT Researcher discovered a MacOS trojan hiding behind a fake crypto trading platform believed to be the work of the state-sponsored North Korean hackers behind WannaCry. threatpost.com/stealthy-macos-

Ransomware Attack Hits Data Center Provider CyrusOne: Report Security experts say the incident shows that cybercriminals are using ransomware to hit companies where it hurts. threatpost.com/ransomware-data

AT&T, Verizon Subscribers Exposed as Mobile Bills Turn Up on the Open Web Names, addresses, phone numbers, call and text message records and account PINs were all caught up in a cloud misconfiguration. threatpost.com/att-verizon-sub

Feds Offer $5M Reward to Nab ‘Evil Corp’ Dridex Hacker Authorities cracked down on cybercrime group Evil Corp. with sanctions and charges against its leader, known for his lavish lifestyle. threatpost.com/feds-5m-reward-

HackerOne Breach Leads to $20,000 Bounty Reward HackerOne has paid out $20,000 to a bounty hunter who discovered a session cookie issue, due to "human error," on the bug bounty platform. threatpost.com/hackerone-breac

OpenBSD Hit with Authentication, LPE Bugs The authentication bypass (CVE-2019-19521) is remotely exploitable. threatpost.com/openbsd-authent

‘Ultimate’ MiTM Attack Steals $1M from Israeli Startup Researchers uncovers “ultimate man-in-the-middle attack” that used an elaborate spoofing campaign to fool a Chinese VC firm and rip off an emerging business. threatpost.com/ultimate-mitm-a

ThreatList: 1 in 9 SMBs Believe Nation-State Actors Are Targeting Them Larger SMBs are more likely to feel targeted by APTs. threatpost.com/smbs-nation-sta

Nebraska Medicine Breached By Rogue Employee Nebraska Medicine is warning that a rogue, former employee accessed patients' medical records, Social Security numbers and more. threatpost.com/nebraska-medici

‘Highly Competitive’ Buer Loader Emerges in Underground Markets A previously undocumented loader has been discovered in several recent malware campaigns and being sold on underground markets. threatpost.com/buer-loader-und

Show more
mhc.social

Lokale Instanz der MHC SoftWare GmbH