19 Security breaches Worldwide – Week 10, 2019
Be informed about the latest 19 Security breaches Worldwide, identified and reported publicly during Week 10, 2019. As these security-related breaches have a severe negative impact on your business, consider a security AUDIT to prevent any similar cases.
- This firm has developed the Pwn Index, a score for the price of leaked data from breaches.
- The average price is more than $15,000, and it is increasing. RunSafe Pwn Index
- The Lime RAT malware has been involved in some new phishing campaigns.
- It combines ransomware, cryptominer, info stealer, a worm and a keylogger. That is a lot of trouble bundled together. This post dissects its operation and how it uses multiple IP ports for its communication channels. Lime RAT: Why It Caught Our Eye and How this Versatile Malware Works
- Every day Zimperium detects 600M wireless threats using its software tools.
- This post describes the open WiFi access spots in and around the Moscone Center this past week, about four thousand each day with more than 600 unique SSIDs launching attacks.. The actual show network was secure, though. Malicious WiFi Connections: Welcome to RSA Conference 2019
- This is one of the best explainers on Mimikatz that I have seen.
- It is a popular hacking tool that is also used by defenders. For example, it was part of the NotPetya and BadRabbit attacks. It leverages the Windows SSO to harvest credentials. It also has several tips on how you can defend against its misuse, such as hardening the Local Security Authority to stop code injections and turning off debugging privileges. What is Mimikatz? And how to defend against this password stealing tool
- 12 Ways to Hack 2FA
- Passwords are finally being left behind in favor of two-factor (2FA) and multifactor (MFA) authentication. Some vendors are promoting “unhackable” 5FA solutions. It’s all a lie. All authentication solutions can be hacked. Come learn at least 12 ways 2FA can be hacked, how 2FA really works behind the scenes, what the holes are, how to hack it and how you can defend against those attacks. 12 Ways to Hack 2FA
- Report by academic researchers examines the role played by criminal use of SSL certificates that are sold across the dark web.
- It shows how the ecosystem works and how they are used by attackers. TLS/SSL certificates are now a valuable component of cybercriminal toolkits. TLS Certificates and Their Prevalence on the Darknet
- A new report from 4iQ looks at the past year’s top 12 breaches.
- The six “Collections” was in the top spot. For the first time, underground data brokers are actively including in their offerings citizen data, such as voter data. There is some good news: the number of leaky devices is slowly on the decline. IDENTITIES IN THE WILD: THE LONG TAIL OF SMALL BREACHES
- This is an interesting study about what kinds of authentication security is required when a user in distress calls 35 different support centers.
- The short answer: not as much as we’d all like. Netflix and Amex call centers were solid, others could be easily phished for your identity details. Note, this differs from the tech support scammers that call and try to trick you. Shifting Strategies: Using Social Media, SEO in Tech Support Scams
- Symantec has a new report on the Whitefly malware that is targeting Singaporean users.
- This is the same group that hit their national health service last summer. It begins its attack with a malicious executable attachment using spear-phished emails. Whitefly: Espionage Group has Singapore in Its Sights
Discover trending and viral stories about Security breaches Worldwide. The remaining Security breaches made news headlines. All these happened just in the last 7 days.