Post

Visualizzazione dei post da 2017

Braking news: Nissan Canada hacked, up to 1.1m Canucks exposed • The Register

https://www.theregister.co.uk/2017/12/22/nissan_canada_hacked/

WordPress captcha plugin on 300,000 sites had a sneaky backdoor • The Register

https://www.theregister.co.uk/2017/12/20/backdoor_wordpress_captcha/

T-Mobile Alerted ‘A Few Hundred Customers’ Targeted By Hackers

https://motherboard.vice.com/en_us/article/a37epb/t-mobile-alert-victims-sim-card-hack

Maritime comms flaws exposed: It's OK cuz we canned it, says vendor

https://www.theregister.co.uk/2017/10/26/inmarsat_maritime_sat_comms_security/

Bluetooth vulnerability - BLEAH

https://www.evilsocket.net/2017/09/23/This-is-not-a-post-about-BLE-introducing-BLEAH/index.html

Università: studentessa a processo per i voti truccati

http://www.trentotoday.it/cronaca/voti-truccati-studentessa-universita-trennto.html

How A Coffee Machine Infected Factory Computers with Ransomware

https://www.hackread.com/how-a-coffee-machine-infected-factory-computers-with-ransomware/

Android Bug Lets Attackers Record Audio & Screen Activity on 3 of 4 Smartphones

https://www.bleepingcomputer.com/news/security/android-bug-lets-attackers-record-audio-and-screen-activity-on-3-of-4-smartphones/

Boeing 757 Testing Shows Airplanes Vulnerable to Hacking, DHS Says

http://www.aviationtoday.com/2017/11/08/boeing-757-testing-shows-airplanes-vulnerable-hacking-dhs-says/

Motherboard Hacking Livestream: Hacking Routers And Monitoring Traffic

https://www.youtube.com/watch?v=MfeC30eZKI8

McAfee's own anti-hacking service exposed users to banking malware

http://www.zdnet.com/article/mcafees-own-anti-hacking-service-exposed-users-to-banking-malware/

Fake news ‘as a service’ booming among cybercrooks

https://www.theregister.co.uk/2017/11/17/fake_news_as_a_service/

Drone maker DJI left its private SSL, firmware keys open to world+dog on GitHub FOR YEARS

https://www.theregister.co.uk/2017/11/16/dji_private_keys_left_github/

ID card security: Spain is facing chaos over chip crypto flaws

http://www.zdnet.com/article/id-card-security-spain-is-facing-chaos-over-chip-crypto-flaws/

Hacker Breaches Sacramento Public Transportation System, Asks for 1 BTC Ransom

https://www.bleepingcomputer.com/news/security/hacker-breaches-sacramento-public-transportation-system-asks-for-1-btc-ransom/

Kerberos vulnerability -Orpheus' Lyre

https://www.orpheus-lyre.info/

More than a Million Pro-Repeal Net Neutrality Comments were Likely Faked

https://hackernoon.com/more-than-a-million-pro-repeal-net-neutrality-comments-were-likely-faked-e9f0e3ed36a6

Imgur confirms email addresses, passwords stolen in 2014 hack

http://www.zdnet.com/article/imgur-reveals-hackers-stole-login-data/

Shipping giant refuses to pay hackers ransom after data stolen

https://www.welivesecurity.com/2017/11/30/shipping-giant-hackers-ransom-data/

Thousands of Serial-To-Ethernet Devices Leak Telnet Passwords

https://www.bleepingcomputer.com/news/security/thousands-of-serial-to-ethernet-devices-leak-telnet-passwords/

Russian hacker group stole 40 million rubles from the Automobile Carriers

http://www.ehackingnews.com/2017/12/russian-hacker-group-stole-40-million.html

Halloware Ransomware on Sale on the Dark Web for Only $40

https://www.bleepingcomputer.com/news/security/halloware-ransomware-on-sale-on-the-dark-web-for-only-40/

App Android promette di aggiornare il tuo telefono 3, ma è uno spyware che ti ruba i dati

http://www.repubblica.it/tecnologia/sicurezza/2017/12/04/news/app_android_promette_di_aggiornare_il_tuo_telefono_3_ma_e_uno_spyware_che_ti_ruba_i_dati-183007905/

Keybase Bug Might Have Backed up Your Private Encryption Key on Google's Servers

https://www.bleepingcomputer.com/news/security/keybase-bug-might-have-backed-up-your-private-encryption-key-on-googles-servers/

Andromeda botnet taken down, Belarusian involved arrested

http://www.ehackingnews.com/2017/12/andromeda-botnet-taken-down-belarusian.html

Ethiopia Allegedly Spied on Security Researcher With Israel-Made Spyware

https://motherboard.vice.com/en_us/article/j5d8ng/ethiopia-allegedly-spied-on-security-researcher-with-israel-made-spyware

Virtual Keyboard Developer Leaked 31 Million of Client Records

https://mackeepersecurity.com/post/virtual-keyboard-developer-leaked-31-million-of-client-records

Mecklenburg government paralyzed as hacked computer files are held for ransom

http://www.charlotteobserver.com/news/local/article188227084.html

100,000-strong botnet built on router 0-day could strike at any time

https://arstechnica.com/information-technology/2017/12/100000-strong-botnet-built-on-router-0-day-could-strike-at-any-time/

International team takes down virus-spewing Andromeda botnet

https://www.theregister.co.uk/2017/12/05/international_team_takes_down_virusspewing_andromeda_botnet/

74% of All Bitcoin-Related Sites Suffered a DDoS Attack

https://www.bleepingcomputer.com/news/security/74-percent-of-all-bitcoin-related-sites-suffered-a-ddos-attack/

Banking Apps Found Vulnerable to MITM Attacks

https://threatpost.com/banking-apps-found-vulnerable-to-mitm-attacks/129105/

Largest Crypto-Mining Exchange Hacked; Over $70 Million in Bitcoin Stolen

https://thehackernews.com/2017/12/bitcoin-mining-hacked.html

Leftover Synaptics debugger puts a keylogger on laptops

https://www.theregister.co.uk/2017/12/11/hp_synaptics_keylogger/

Australian airport hack was “a near miss” says government’s cybersecurity expert

https://hotforsecurity.bitdefender.com/blog/australian-airport-hack-was-a-near-miss-says-governments-cybersecurity-expert-19326.html

New Ruski hacker clan exposed: They're called MoneyTaker, and they're gonna take your money

https://www.theregister.co.uk/2017/12/11/russian_bank_hackers_moneytaker/

Google's Project Zero reveals Apple jailbreak exploit

https://www.theregister.co.uk/2017/12/12/apple_jailbreak_exploit/

1.4 Billion Clear Text Credentials Discovered in a Single Database

https://medium.com/4iqdelvedeep/1-4-billion-clear-text-credentials-discovered-in-a-single-database-3131d0a1ae14

Archive of 1.4 BEEELION credentials in clear text found in dark web archive

https://www.theregister.co.uk/2017/12/12/archive_of_14_beeelion_credentials_in_clear_text_found_in_dark_web_archive/

Someone hacked this traffic sign with anti-Trump messages

https://www.hackread.com/someone-hacked-traffic-sign-anti-trump-message/

Satori botnet rears its head, exploiting IoT vulnerabilities

https://www.bitdefender.com/box/blog/iot-news/satori-botnet-rears-head-exploiting-iot-vulnerabilities/

Up to 'ONE BEEELLION' vid-stream gawpers toil in crypto-coin mines

https://www.theregister.co.uk/2017/12/13/adguard_video_streaming_mining/

Unprecedented Malware Targets Industrial Safety Systems in the Middle East

https://www.wired.com/story/triton-malware-targets-industrial-safety-systems-in-the-middle-east/

VPN credentials disclosure in Fortinet FortiClient

https://www.sec-consult.com/en/blog/advisories/vpn-credentials-disclosure-in-fortinet-forticlient/index.html

Starbucks Wi-Fi hijacked customers’ laptops to mine cryptocurrency

https://nakedsecurity.sophos.com/2017/12/14/starbucks-wi-fi-hijacked-customers-laptops-to-mine-cryptocurrency/

Triton: hackers take out safety systems in 'watershed' attack on energy plant

https://www.theguardian.com/technology/2017/dec/15/triton-hackers-malware-attack-safety-systems-energy-plant

New PRILEX ATM Malware used in targeted attacks against a Brazilian bank

https://securityaffairs.co/wordpress/66819/malware/prilex-atm-malware.html

Hackers shut down plant by targeting its safety system

https://www.engadget.com/2017/12/17/hackers-shut-down-plant-by-targeting-safety-system/

Bitcoin exchange shuts down after being hacked twice in one year

https://hotforsecurity.bitdefender.com/blog/bitcoin-exchange-shuts-down-after-being-hacked-twice-in-one-year-19350.html

Windows 10 bundles a briefly-vulnerable password manager • The Register

https://www.theregister.co.uk/2017/12/18/windows_10_bundles_vuln/

Brrr! It's a snow day and someone has pwned the chuffin' school heating • The Register

https://www.theregister.co.uk/2017/12/12/building_heating_systems_still_hackable/

Dynamics 365 sandbox leaked TLS certificates • The Register

https://www.theregister.co.uk/2017/12/11/dynamics_365_sandbox_leaked_tls_certificates/

Android flaw lets attack code slip into signed apps • The Register

https://www.theregister.co.uk/2017/12/08/android_flaw_lets_attack_code_slip_into_signed_apps/

UK.gov law resources now untrustworthy, according to browsers • The Register

https://www.theregister.co.uk/2017/12/08/moj_website_ssl_certificate_expires/

Next-gen telco protocol Diameter has last-gen security – researchers • The Register

https://www.theregister.co.uk/2017/12/08/diameter_protocol_security_shortcomings/

RSA coughs to critical-rated bug in its authentication SDK

https://www.theregister.co.uk/2017/12/03/rsa_auhentication_bugs/

PayPal paid $US233m for company that leaked 1.6 million records

https://www.theregister.co.uk/2017/12/04/paypal_tio_data_breach/

Uber says 2.7 MEEELLION(ish) UK users affected by hack • The Register

https://www.theregister.co.uk/2017/11/29/uber_says_27_meeellionish_uk_users_affected_by_hack/

Pro tip: You can log into macOS High Sierra as root with no password • The Register

https://www.theregister.co.uk/2017/11/28/root_access_bypass_macos_high_sierra/

Open source nameserver used by millions needs patching • The Register

https://www.theregister.co.uk/2017/11/28/powerdns_dnssec_bugs/

Uber: Hackers stole 57m passengers, drivers' info. We also bribed the thieves $100k to STFU • The Register

https://www.theregister.co.uk/2017/11/22/uber_2016_data_breach/

Uber, rubati i dati di milioni di clienti: la multinazionale ha taciuto e pagato un riscatto

http://www.repubblica.it/tecnologia/2017/11/21/news/uber_dati_piratati-181761785/

La Germania bandisce gli smartwatch per bambini

http://www.repubblica.it/tecnologia/sicurezza/2017/11/20/news/la_germania_bandisce_gli_smartwatch_per_bambini-181601287/

Container ship loading plans are 'easily hackable' • The Register

https://www.theregister.co.uk/2017/11/20/container_ship_loading_software_mischief/

Drone maker DJI left its private SSL, firmware keys open to world+dog on GitHub FOR YEARS • The Register

https://www.theregister.co.uk/2017/11/16/dji_private_keys_left_github/

Milano, trucca bancomat in piazza del Duomo: arrestato 23enne

http://milano.corriere.it/notizie/cronaca/17_novembre_16/milano-sorpreso-truccare-bancomat-piazza-duomo-arrestato-23enne-f69ee99a-cac3-11e7-bd3e-51a6bf213dd1.shtml

Hackers deface 800 US school websites with pro-Islamic State messages

http://www.ehackingnews.com/2017/11/hackers-deface-800-us-school-websites.html

Intel Skylake processors can be hacked via USB ports

http://www.ehackingnews.com/2017/11/intel-skylake-processors-can-be-hacked.html

Simple exploit can be used to brick Brother printers remotely

https://nakedsecurity.sophos.com/2017/11/11/simple-exploit-can-be-used-to-brick-brother-printers-remotely/

Anonymous Italy hacked Italian Home Office, Prime Minister, Army, Navy, EU emails

https://www.cyberguerrilla.org/blog/anonymous-italy-hacked-italian-home-office-prime-minister-army-navy-eu-emails/

Anonymous ruba dati a Palazzo Chigi Hacker attaccano sito Scuola magistrati

http://www.corriere.it/politica/17_novembre_14/anonymous-ruba-dati-palazzo-chigi-hacker-attaccano-sito-scuola-magistrati-18771944-c94c-11e7-8a54-e86623f761be.shtml

It's 2017 – and your Windows PC can be forced to run malware-stuffed Excel macros • The Register

https://www.theregister.co.uk/2017/11/15/november_patch_tuesday/

Alina, the Latest POS Malware - Panda Security Mediacenter

https://www.pandasecurity.com/mediacenter/pandalabs/alina-pos-malware/

Ride-share upstart 'Fasten' revealed as Hive of insecurity • The Register

https://www.theregister.co.uk/2017/11/13/rideshare_upstart_fasten_data_breach/

This Windows Defender bug was so gaping its PoC exploit had to be encrypted

https://arstechnica.com/information-technology/2017/06/latest-high-severity-flaw-in-windows-defender-highlights-the-dark-side-of-av/

Intel's management engine - in most CPUs since 2008 - can be p0wned over USB • The Register

https://www.theregister.co.uk/2017/11/09/chipzilla_come_closer_closer_listen_dump_ime/

Uni staffer's health info blabbed in email list snafu • The Register

https://www.theregister.co.uk/2017/11/09/university_leaks_personal_data_for_second_time_in_five_months/

Not even ordering pizza is safe from the browser crypto-mining scourge • The Register

https://www.theregister.co.uk/2017/11/09/crypto_mining_sitrep/

Don't worry about those 40 Linux USB security holes. That's not a typo • The Register

https://www.theregister.co.uk/2017/11/07/linux_usb_security_bugs/

Oh Brother: Hackers can crash your unpatched printers – researchers • The Register

https://www.theregister.co.uk/2017/11/07/brother_printers_crash_vuln/

It's 2017 and you can still pwn Android gear with Wi-Fi packets – so get patching now • The Register

https://www.theregister.co.uk/2017/11/07/android_wifi_pwnage_emerges/

Apache OpenOffice: We're OK with not being super cool... PS: Watch out for that Mac bug • The Register

https://www.theregister.co.uk/2017/11/07/apache_openoffice/

FBI: Student wrestler grappled grades after choking passwords from PCs using a key logger • The Register

https://www.theregister.co.uk/2017/11/01/iowa_wrestling_student_charged_with_hacking_grades_stealing_exams/

Estonia government locks down ID smartcards: Refresh or else • The Register

https://www.theregister.co.uk/2017/11/03/estonian_e_id_lockdown/

Hackers tiptoe out, launch Silence trojan, quietly raid banks of meeelllions • The Register

https://www.theregister.co.uk/2017/11/02/silence_trojan_bank_hacking_crew/

Virtually everyone in Malaysia pwned in telco, govt data hack spree • The Register

https://www.theregister.co.uk/2017/11/01/malaysia_telco_government_hack/

Hackers abusing digital certs smuggle malware past security scanners • The Register

https://www.theregister.co.uk/2017/11/01/digital_cert_abuse/

Hackers Take Over Funeral Home's Email Account and Run Online Scams

https://www.bleepingcomputer.com/news/security/hackers-take-over-funeral-homes-email-account-and-run-online-scams/

New Ransomware ‘Bad Rabbit’ Spreading Quickly Through Russia and Ukraine

https://motherboard.vice.com/en_us/article/59yb4q/bad-rabbit-petya-ransomware-russia-ukraine

Threat Spotlight: Follow the Bad Rabbit

http://blog.talosintelligence.com/2017/10/bad-rabbit.html

New wave of data-encrypting malware hits Russia and Ukraine

https://arstechnica.com/information-technology/2017/10/new-wave-of-data-encrypting-malware-crashes-through-russia-and-ukraine/

Hilton data breaches lead to $700,000 penalty

https://www.engadget.com/2017/10/31/hilton-data-breaches-700-000-penalty/

NotPetya Infection Left Merck Short of Key HPV Vaccine

https://securityledger.com/2017/10/notpetya-infection-left-merck-short-key-vaccine-gardasil/

Heathrow investiga el extravío de información de seguridad confidencial

http://www.elmundo.es/internacional/2017/10/29/59f5a048ca47413c268b460a.html

Equifax Was Warned

https://motherboard.vice.com/en_us/article/ne3bv7/equifax-breach-social-security-numbers-researcher-warning

All websites running WordPress urged to update NOW

https://www.welivesecurity.com/2017/11/01/wordpress-update-now/

Another Hollywood studio is hacked by The Dark Overlord

https://hotforsecurity.bitdefender.com/blog/another-hollywood-studio-is-hacked-by-the-dark-overlord-19175.html

10/10 would patch again: Big Red plasters 'easily exploitable' backdoor in Oracle Identity Manager • The Register

https://www.theregister.co.uk/2017/10/30/oracle_releases_patch_for_remotely_exploitable_backdoor_in_identity_management_system/

Researchers Find Flaw That Could Turn LG Robot Vacuums Into Perfect Spying Machines

https://motherboard.vice.com/en_us/article/ne3zwz/lg-vacuums-hacked-homehack

Panic of Panama Papers-style revelations follows Bermuda law firm hack • The Register

https://www.theregister.co.uk/2017/10/25/bermuda_law_firm_hack/

Watership downtime: BadRabbit encrypts Russian media, Ukraine transport hub PCs • The Register

https://www.theregister.co.uk/2017/10/24/badrabbit_ransomware/

Hackers nip into celeb plastic surgery clinic, tuck away 'terabytes' • The Register

https://www.theregister.co.uk/2017/10/24/london_plastic_surgery_clinic_data_breach/

ROCA 'round the lock: Gemalto says IDPrime .NET access cards bitten by TPM RSA key gremlin • The Register

https://www.theregister.co.uk/2017/10/23/roca_crypto_flaw_gemalto/

A Suspected Network Of 13, 000 Twitter Bots Pumped Out Pro-Brexit Messages In The Run-Up To The EU Vote

https://www.buzzfeed.com/jamesball/a-suspected-network-of-13000-twitter-bots-pumped-out-pro

Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors

https://www.us-cert.gov/ncas/alerts/TA17-293A

Whole Foods Discloses Data Breach

https://www.wsj.com/articles/whole-foods-discloses-data-breach-1506636659

Unpatched Microsoft Word DDE Exploit Being Used In Widespread Malware Attacks

https://thehackernews.com/2017/10/ms-office-dde-malware-exploit.html

Teen hacker sentenced for serious disruption of Phoenix 911 system

https://nakedsecurity.sophos.com/2017/10/20/teen-hacker-sentenced-for-serious-disruption-of-phoenix-911-system/

Online stock broker COL Financial warns clients of potential system breach

http://www.gmanetwork.com/news/money/companies/630280/online-stock-brokerage-firm-col-financial-warns-clients-of-potential-system-breach/story/

The Reaper Botnet Has Already Infected a Million Networks

https://www.wired.com/story/reaper-iot-botnet-infected-million-networks/

Cryptocurrency mining affects over 500 million people. And they have no idea it is happening.

https://blog.adguard.com/en/crypto-mining-fever/

Australian defense firm was hacked and F-35 data stolen, DOD confirms

https://arstechnica.com/information-technology/2017/10/australian-defense-firm-was-hacked-and-f-35-data-stolen-dod-confirms/

Vulnerability Spotlight: Google PDFium Tiff Code Execution

http://blog.talosintelligence.com/2017/10/GooglePDFium-Vulnerabilitiy.html

Hackers Distribute Malware-Infected Media Player to Hundreds of Mac Users

https://motherboard.vice.com/en_us/article/bj789w/elmedia-player-malware-hack-mac-trojan

Milano, è allarme per i ricatti hacker: studi legali, notai e alberghi nel mirino

http://milano.corriere.it/notizie/cronaca/17_ottobre_21/milano-allarme-ricatti-hacker-e4399988-b5c6-11e7-8b79-fd2501a89a96.shtml

Malware hidden in vid app is so nasty, victims should wipe their Macs • The Register

https://www.theregister.co.uk/2017/10/20/a_total_system_os_reinstall_is_the_only_guaranteed_way_to_totally_rid_your_system_of_this_malware_this_is_a_standard_procedure_for_any_system_compromise_with_the_affection_of_administrator_account/

Australian defense firm was hacked and F-35 data stolen, DOD confirms

https://arstechnica.com/information-technology/2017/10/australian-defense-firm-was-hacked-and-f-35-data-stolen-dod-confirms/

Equifax website borked again, this time to redirect to fake Flash update

https://arstechnica.com/information-technology/2017/10/equifax-website-hacked-again-this-time-to-redirect-to-fake-flash-update/

Internal Accenture Data, Customer Information Exposed in Public Amazon S3 Bucket

https://threatpost.com/internal-accenture-data-customer-information-exposed-in-public-amazon-s3-bucket/128364/

Hyatt Hotels Suffers 2nd Card Breach in 2 Years — Krebs on Security

https://krebsonsecurity.com/2017/10/hyatt-hotels-suffers-2nd-card-breach-in-2-years/

Data Breach Exposed Medical Records, Including Blood Test Results, of Over 100 Thousand Patients

https://gizmodo.com/data-breach-exposed-medical-records-including-blood-te-1819322884

Questions about the Massive South African "Master Deeds" Data Breach Answered

https://www.troyhunt.com/questions-about-the-massive-south-african-master-deeds-data-breach-answered/

Hackers steal $60 million from Taiwanese bank using bespoke malware

https://www.tripwire.com/state-of-security/security-data-protection/hackers-steal-60-million-from-taiwanese-bank-using-bespoke-malware/

Iran hacked 9, 000 UK emails in 'brute force' cyber attack that was blamed on Russia

http://www.express.co.uk/news/uk/866305/uk-iran-cyber-attack-hacking-nuclear-deal-donald-trump-war-westminster

Europol warns ransomware has taken cybercrime ‘to another level’

https://www.tripwire.com/state-of-security/security-data-protection/europol-ransomware-warning/

Ransomware attack on Toshiba forces it to halt production of NAND Flash

http://www.ehackingnews.com/2017/10/ransomware-attack-on-toshiba-forces-it.html

Malware hits 41 Hyatt Hotel properties

http://www.ehackingnews.com/2017/10/malware-hits-41-hyatt-hotel-properties.html

Mobile Stock Trading App Providers Unresponsive to Glaring Vulnerabilities

https://threatpost.com/mobile-stock-trading-app-providers-unresponsive-to-glaring-vulnerabilities/128144/

La Corea del Nord sta già attaccando mezzo mondo, e da anni

http://www.ilpost.it/2017/10/17/corea-del-nord-attacchi-informatici-hacker/

Oracle Hospitality apps rolled out the Big Red carpet to crims

https://www.theregister.co.uk/2017/10/18/oracle_october_2017_quarterly_patches/

Millions of high-security crypto keys crippled by newly discovered flaw

https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/

Report: Malware-Wielding Hackers Hit Taiwanese Bank

https://www.bankinfosecurity.com/report-malware-wielding-hackers-hit-taiwanese-bank-a-10368

Equifax website borked again, this time to redirect to fake Flash update

https://arstechnica.com/information-technology/2017/10/equifax-website-hacked-again-this-time-to-redirect-to-fake-flash-update/

DoubleLocker, il ransomware per Android che ruba i dati bancari

http://www.repubblica.it/tecnologia/sicurezza/2017/10/14/news/doublelocker_un_nuovo_ransomware_minaccia_android-178263965/

Dildon'ts of Bluetooth: Pen test boffins sniff out Berlin's smart butt plugs

https://www.theregister.co.uk/2017/09/29/ble_exploits_screwdriving/

Exclusive: Microsoft responded quietly after detecting secret database hack in 2013

https://www.reuters.com/article/us-microsoft-cyber-insight/microsoft-responded-quietly-after-detecting-secret-database-hack-in-2013-idUSKBN1CM0D0

Facebook-hijacking Faceliker malware is on the rise

https://www.grahamcluley.com/facebook-hijacking-faceliker-malware-is-on-the-rise/

Leak of >1,700 valid passwords could make the IoT mess much worse

https://arstechnica.com/information-technology/2017/08/leak-of-1700-valid-passwords-could-make-the-iot-mess-much-worse/

Security Flaw in Infineon Smart Cards and TPMs

https://www.schneier.com/blog/archives/2017/10/security_flaw_i_1.html

Australia jet and navy data stolen in 'extensive' hack

http://www.bbc.co.uk/news/world-australia-41590614

T-Mobile Website Allowed Hackers to Access Your Account Data With Just Your Phone Number

https://motherboard.vice.com/en_us/article/wjx3e4/t-mobile-website-allowed-hackers-to-access-your-account-data-with-just-your-phone-number

Apache Tomcat HTTP PUT Arbitrary File Upload Vulnerability

https://tools.cisco.com/security/center/viewAlert.x?alertId=55508&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Apache%20Tomcat%20HTTP%20PUT%20Arbitrary%20File%20Upload%20Vulnerability&vs_k=1

ATM malware is being sold on Darknet market

https://securelist.com/atm-malware-is-being-sold-on-darknet-market/81871/

‘Ridiculous Mistake’ Let North Korea Steal Secret U.S. War Plans

https://www.wsj.com/articles/north-korea-allegedly-used-antivirus-software-to-steal-defense-secrets-1507736060

Security Researchers Hacked a Bluetooth-Enabled Butt Plug

https://motherboard.vice.com/en_us/article/ne788b/hackable-bluetooth-buttplug-hush-lovense

Security News This Week: Go Update Your Mac ASAP To Fix Some Serious Vulnerabilities

https://www.wired.com/story/update-macos-high-sierra-security-patch/

Un hacker ha trovato online dati e codici del Referendum in Lombardia

http://www.corriere.it/tecnologia/cyber-cultura/17_ottobre_19/referendum-autonomia-lombardia-hacker-trova-dati-codici-online-smartmatic-067bafc2-b4e1-11e7-aa01-fc391f169342.shtml

Attacco informatico contro UniCredit, violati i dati di 400 mila clienti italiani. Indaga la Procura

http://www.lastampa.it/2017/07/26/italia/cronache/attacco-informatico-contro-unicredit-violati-i-dati-di-mila-clienti-italiani-oOEHPoqlxNrg3xBWmdVl0L/pagina.html

Watch out for Microsoft Word DDE nasties: Now Freddie Mac menaced • The Register

https://www.theregister.co.uk/2017/10/17/microsoft_dde_attacks/

Oracle Hospitality apps rolled out the Big Red carpet to crims • The Register

https://www.theregister.co.uk/2017/10/18/oracle_october_2017_quarterly_patches/

'Open sesame'... Subaru key fobs vulnerable, says engineer • The Register

https://www.theregister.co.uk/2017/10/16/subaru_key_fobs_vulnerable_says_engineer/

Sounds painful: Audio code bug lets users, apps get root on Linux • The Register

https://www.theregister.co.uk/2017/10/15/advanced_linux_sound_architecture_vulnerable_to_privilege_escalation/

Pulitzer-winning website Politifact hacked to mine crypto-coins in browsers • The Register

https://www.theregister.co.uk/2017/10/13/politifact_mining_cryptocurrency/

Android ransomware DoubleLocker encrypts data and changes PINs • The Register

https://www.theregister.co.uk/2017/10/13/doublelocker_android_ransomware/

Overdraft-fiddling hackers cost banks in Eastern Europe $100m • The Register

https://www.theregister.co.uk/2017/10/10/hybrid_bank_cyber_robbery/

It's 2017... And Windows PCs can be pwned via DNS, webpages, Office docs, fonts – and some TPM keys are fscked too • The Register

https://www.theregister.co.uk/2017/10/10/october_2017_microsoft_windows_patch_tuesday/

Hackers nick $60m from Taiwanese bank in tailored SWIFT attack • The Register

https://www.theregister.co.uk/2017/10/11/hackers_swift_taiwan/

Smut-watchers suckered by evil advertising • The Register

https://www.theregister.co.uk/2017/10/10/smut_watchers_suckered_by_evil_advertising/

Russian Hackers Stole NSA Data on U.S. Cyber Defense

https://www.wsj.com/articles/russian-hackers-stole-nsa-data-on-u-s-cyber-defense-1507222108

Maersk Says June Cyberattack Will Cost It up to $300 Million

https://www.bloomberg.com/news/articles/2017-08-16/maersk-misses-estimates-as-cyberattack-set-to-hurt-third-quarter

Seven More Chrome Extensions Compromised

https://threatpost.com/seven-more-chrome-extensions-compromised/127458/

WannaCry ransomware attack at LG Electronics takes systems offline

http://www.zdnet.com/article/wannacry-ransomware-attack-at-lg-electronics-takes-systems-offline/

Identity Thieves Hijack Cellphone Accounts to Go After Virtual Currency

https://www.nytimes.com/2017/08/21/business/dealbook/phone-hack-bitcoin-virtual-currency.html

Firmware Update Bricks Samsung Smart TVs in the UK

https://www.bleepingcomputer.com/news/hardware/firmware-update-bricks-samsung-smart-tvs-in-the-uk/

Pwning the Dlink 850L routers and abusing the MyDlink Cloud protocol

https://pierrekim.github.io/blog/2017-09-08-dlink-850l-mydlink-cloud-0days-vulnerabilities.html

Billions of devices imperiled by new clickless Bluetooth attack

https://arstechnica.com/information-technology/2017/09/bluetooth-bugs-open-billions-of-devices-to-attacks-no-clicking-required/

XSS Attacks: The Next Wave

https://snyk.io/blog/xss-attacks-the-next-wave/?utm_content=buffereb0e0&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

Mr. Confindustria a Bruxelles truffato da un hacker: persi 500mila euro. Licenziato

http://www.repubblica.it/cronaca/2017/09/30/news/beffa_a_bruxelles_mister_confindustria_truffato_e_licenziato-176906111/

Millions of Macs open to EFI Firmware Hacks even if they are up-to-date

http://securityaffairs.co/wordpress/63598/hacking/efi-firmware-hacks.html

Critical Code in Millions of Macs Isn't Getting Apple's Updates

https://www.wired.com/story/critical-efi-code-in-millions-of-macs-is-not-getting-apple-updates/

[Infographic] More Mac malware than ever before

https://business.f-secure.com/more-mac-malware-than-ever-before

Additional information regarding the recent CCleaner APT security incident

https://blog.avast.com/additional-information-regarding-the-recent-ccleaner-apt-security-incident

'Phish for the Future' spearphishing campaign set digital civil liberty activists in its sights

https://www.grahamcluley.com/civil-liberty-spearphishing/

UK National Lottery knocked offline by DDoS attack

https://www.welivesecurity.com/2017/10/02/uk-national-lottery-ddos-attack/

Cyber-security: More than 1,000 attacks reported in UK

http://www.bbc.com/news/uk-41478608

Netgear Fixes 50 Vulnerabilities in Routers, Switches, NAS Devices

https://threatpost.com/netgear-fixes-50-vulnerabilities-in-routers-switches-nas-devices/128230/

The biggest hack in history is actually three times bigger than we feared

https://www.grahamcluley.com/biggest-hack-history-actually-three-times-bigger-feared/

Dumb bug of the week: Apple's macOS reveals your encrypted drive's password in the hint box • The Register

https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/

India's national internet registry breached, but says heist was trivial • The Register

https://www.theregister.co.uk/2017/10/05/ndian_registry_for_internet_names_and_numbers_attack_allegation_by_seqrite/

Dnsmasq and the seven flaws: Patch these nasty remote-control holes • The Register

https://www.theregister.co.uk/2017/10/02/dnsmasq_flaws/

Oath-my-God: THREE! BILLION! Yahoo! accounts! hacked! in! 2013! – not! 'just!' 1bn! • The Register

https://www.theregister.co.uk/2017/10/03/yahoo_says_one_beeelion_user_hack_figure_wrong_its_three/

Patch your WordPress plugins: Scum are right now hijacking blogs • The Register

https://www.theregister.co.uk/2017/10/03/three_wordpress_plugins_critical_flaws/

UK lotto players quids in: Website knocked offline by DDoS attack • The Register

https://www.theregister.co.uk/2017/10/02/lottery_ddos/

Patch your Android, peeps, it has up to 14 nasty flaws to flog • The Register

https://www.theregister.co.uk/2017/10/03/october_android_patches/

Dildon'ts of Bluetooth: Pen test boffins sniff out Berlin's smart butt plugs • The Register

https://www.theregister.co.uk/2017/09/29/ble_exploits_screwdriving/

Mac High Sierra hijinks continue: Nasty apps can pull your passwords • The Register

https://www.theregister.co.uk/2017/09/28/high_sierra_hijinks_continue_nasty_apps_can_pull_your_passwords/

Oracle corrals and patches Struts 2 vulnerabilities • The Register

https://www.theregister.co.uk/2017/09/27/oracle_emergency_apache_struts_2_patches/

Patch alert! Easy-to-exploit flaw in Linux kernel rated 'high risk' • The Register

https://www.theregister.co.uk/2017/09/28/linux_kernel_vuln/

Project Zero: Over The Air - Vol. 2, Pt. 1: Exploiting The Wi-Fi Stack on Apple Devices

http://googleprojectzero.blogspot.com/2017/09/over-air-vol-2-pt-1-exploiting-wi-fi.html

S.E.C. Says It Was a Victim of Computer Hacking Last Year

https://www.nytimes.com/2017/09/20/business/sec-hacking-attack.html

Breach at Sonic Drive-In May Have Impacted Millions of Credit, Debit Cards

https://krebsonsecurity.com/2017/09/breach-at-sonic-drive-in-may-have-impacted-millions-of-credit-debit-cards/

CCleaner backdoor infecting millions delivered mystery payload to 40 PCs

https://arstechnica.com/information-technology/2017/09/ccleaner-backdoor-infecting-millions-delivered-mystery-payload-to-40-pcs/

Have MAC, will hack: iThings have trivial-to-exploit Wi-Fi bug • The Register

https://www.theregister.co.uk/2017/09/27/ios_11_plugs_wifi_vulnerability/

The Petya Plague Exposes the Threat of Evil Software Updates

https://www.wired.com/story/petya-plague-automatic-software-updates/

Inside the New York hospital hackers took down for 6 weeks

https://www.cbsnews.com/news/cbsn-on-assignment-hackers-targeting-medical-industry-hospitals/

NotPetya cyber-attack cost TNT at least $300m

http://www.bbc.com/news/technology-41336086

Dial S for SQLi: Mobe app lets skiddies order web attacks via texts

https://www.theregister.co.uk/2017/07/12/katyusha_scanner/

I Bought a Russian Bot Army for Under $100

http://www.thedailybeast.com/i-bought-a-russian-bot-army-for-under-dollar100

Malicious apps with >1 million downloads slip past Google defenses twice

https://arstechnica.com/information-technology/2017/09/malicious-apps-with-1-million-downloads-slip-past-google-defenses-twice/

Red Alert 2.0: New Android banking trojan can block and log incoming calls from banks

https://www.tripwire.com/state-of-security/featured/red-alert-android-banking-trojan/

All That's Needed To Hack Gmail And Rob Bitcoin: A Name And A Phone Number

https://m.forbes.com/sites/thomasbrewster/2017/09/18/ss7-google-coinbase-bitcoin-hack/#28ed7d2d1362

Hackers backdoored CCleaner, likely affecting tens of millions of users

https://www.helpnetsecurity.com/2017/09/18/hackers-backdoored-ccleaner/

SEC Says Hackers Breached Its System, Might Have Used Stolen Data for Insider Trading

https://www.bleepingcomputer.com/news/security/sec-says-hackers-breached-its-system-might-have-used-stolen-data-for-insider-trading/

SEC reveals hackers might have used stolen data for insider trading

https://www.grahamcluley.com/sec-reveals-hackers-might-have-used-stolen-data-for-insider-trading/

Man held website hostage for $10, 000, failed, redirected it to porn, got busted

https://arstechnica.com/tech-policy/2017/09/worker-who-redirected-company-website-to-gay-porn-site-spared-prison-time/

CCleanup: A Vast Number of Machines at Risk

http://blog.talosintelligence.com/2017/09/avast-distributes-malware.html

How I hacked hundreds of companies through their helpdesk

https://medium.com/@intideceukelaire/how-i-hacked-hundreds-of-companies-through-their-helpdesk-b7680ddc2d4c

The CCleaner Malware Fiasco Targeted at Least 18 Specific Tech Firms

https://www.wired.com/story/ccleaner-malware-targeted-tech-firms/

Hacking Team's Spyware Targeted Porn Sites' Visitors

https://motherboard.vice.com/en_us/article/gvye9m/hacking-teams-spyware-targeted-porn-sites-visitors

CCleaner Command and Control Causes Concern

http://blog.talosintelligence.com/2017/09/ccleaner-c2-concern.html

Hackers Entered Equifax Systems in March

https://www.wsj.com/articles/hackers-entered-equifax-systems-in-march-1505943617

More than three dozen schools call off classes after 'cyber terrorist' threat

https://www.grahamcluley.com/school-class-cyber-terrorist/

This Ransomware Demands Nudes Instead of Bitcoin

https://motherboard.vice.com/en_us/article/yw3w47/this-ransomware-demands-nudes-instead-of-bitcoin

Critical VMware vulnerability, patch and update now

https://nakedsecurity.sophos.com/2017/09/21/critical-vmware-vulnerability-patch-and-update-now/

EternalBlue Exploit Used in Retefe Banking Trojan Campaign

https://threatpost.com/eternalblue-exploit-used-in-retefe-banking-trojan-campaign/128103/

Imprese tedesche sotto attacco dagli hacker cinesi (Wsj)

http://www.ilsole24ore.com/art/finanza-e-mercati/2017-09-23/imprese-tedesche-sotto-attacco-hacker-cinesi-wsj-171015.shtml

Want to get around app whitelists by pretending to be Microsoft? Of course you can...

https://www.theregister.co.uk/2017/09/22/bypassing_app_whitelists_microsoft_windows/

Deloitte hit by cyber-attack revealing clients’ secret emails

https://www.theguardian.com/business/2017/sep/25/deloitte-hit-by-cyber-attack-revealing-clients-secret-emails

Ex-NSA hacker drops macOS High Sierra zero-day hours before launch

http://www.zdnet.com/article/apple-macos-high-sierra-password-vulnerable-to-password-stealing-hack/

Deloitte is a sitting duck: Key systems with RDP open, VPN and proxy 'login details leaked'

https://www.theregister.co.uk/2017/09/26/deloitte_leak_github_and_google/

Retefe banking malware now using leaked NSA EternalBlue exploit that helped spread WannaCry

http://www.ibtimes.co.uk/retefe-banking-malware-now-using-leaked-nsa-eternalblue-exploit-that-helped-spread-wannacry-1640820

Internet Explorer Bug Leaks What Users Type in the URL Address Bar

https://www.bleepingcomputer.com/news/security/internet-explorer-bug-leaks-what-users-type-in-the-url-address-bar/

Source: Deloitte Breach Affected All Company Email, Admin Accounts — Krebs on Security

https://krebsonsecurity.com/2017/09/source-deloitte-breach-affected-all-company-email-admin-accounts/

Docs ran a simulation of what would happen if really nasty malware hit a city's hospitals. RIP :(

https://www.theregister.co.uk/2017/09/26/malware_hospital_simulation/

CBS's Showtime caught mining crypto-coins in viewers' web browsers • The Register

https://www.theregister.co.uk/2017/09/25/showtime_hit_with_coinmining_script/

Spesometro 2017, è caos digitale: i professionisti chiedono una proroga

http://www.corrierecomunicazioni.it/pa-digitale/48987_spesometro-2017-e-caos-digitale-i-professionisti-chiedono-una-proroga.htm

Sensitive client emails, usernames, passwords exposed in Deloitte hack • The Register

https://www.theregister.co.uk/2017/09/25/deloitte_email_breach/

Insteon and Wink home hubs appear to have a problem with encryption • The Register

https://www.theregister.co.uk/2017/09/25/home_hub_insecurity/

Guess – go on, guess – where a vehicle tracking company left half a million records • The Register

https://www.theregister.co.uk/2017/09/25/svr_tracking_records_leak_from_insecure_s3_bucket/

IoT botnet Linux.ProxyM turns its grubby claws to spam rather than DDoS • The Register

https://www.theregister.co.uk/2017/09/22/iot_botnet_slinging_spam/

Someone checked and, yup, you can still hijack Gmail, Bitcoin wallets etc via dirty SS7 tricks • The Register

https://www.theregister.co.uk/2017/09/18/ss7_vuln_bitcoin_wallet_hack_risk/

Apache “Optionsbleed” vulnerability – what you need to know

https://nakedsecurity.sophos.com/2017/09/19/apache-optionsbleed-vulnerability-what-you-need-to-know/

Downloaded CCleaner lately? Oo, awks... it was stuffed with malware • The Register

https://www.theregister.co.uk/2017/09/18/tainted_ccleaner_downloads/

Security Flaw in Estonian National ID Card - Schneier on Security

https://www.schneier.com/blog/archives/2017/09/security_flaw_i.html

SPUZ : Equifax Breached

http://spuz.me/blog/zine/3Qu1F4x.html

Another month, another malware outbreak in Google's Play Store • The Register

https://www.theregister.co.uk/2017/09/15/malware_outbreak_googles_play_store/

Everybody without Android Oreo vulnerable to overlay attack • The Register

https://www.theregister.co.uk/2017/09/11/everybody_without_android_oreo_vulnerable_to_overlay_attack/

It's September 2017, and .NET lets PDFs hijack your Windows PC • The Register

https://www.theregister.co.uk/2017/09/12/september_2017_patch_tuesday/

Missed patch caused Equifax data breach • The Register

https://www.theregister.co.uk/2017/09/14/missed_patch_caused_equifax_data_breach/

Defrosted starter for 10: Iceland home delivery site spills customer details • The Register

https://www.theregister.co.uk/2017/09/14/iceland_breach/

Shoddily-set-up Elastisearch hosting point-of-sale malware • The Register

https://www.theregister.co.uk/2017/09/14/elastisearch_pos_botnet/

D-Link router riddled with 0-day flaws • The Register

https://www.theregister.co.uk/2017/09/12/dlink_router_security_fail/

When strangers can control our lights › FAU.EU

https://www.fau.eu/2017/08/30/news/research/when-strangers-can-control-our-lights/

Hackers Could Silently Hack Your Cellphone And Computers Over Bluetooth

https://motherboard.vice.com/en_us/article/nee8gz/hackers-could-silently-hack-your-cellphone-and-computers-over-bluetooth

Siemens patches one security vuln, leaves folks to block second

https://www.theregister.co.uk/2017/08/31/siemens_patches_one_vuln_leaves_customers_to_block_second/

Hacking Coinbase: The Great Bitcoin Bank Robbery

http://fortune.com/2017/08/22/bitcoin-coinbase-hack/

ARM’s embedded TLS library fixes man-in-the-middle fiddle

https://www.theregister.co.uk/2017/08/31/arms_embedded_tls_library_patched_to_fix_mitm_bug/

List Of High Profile Cryptocurrency Hacks So Far (August 24th 2017)

https://storeofvalue.github.io/posts/cryptocurrency-hacks-so-far-august-24th/

Siemens patches one security vuln, leaves folks to block second

https://www.theregister.co.uk/2017/08/31/siemens_patches_one_vuln_leaves_customers_to_block_second/

Hacker Claims To Push Malicious Firmware Update to 3.2 Million Home Routers

https://motherboard.vice.com/en_us/article/jpgkvg/hacker-claims-to-push-malicious-firmware-update-to-32-million-home-routers

465, 000 Patients Need Software Updates for Their Hackable Pacemakers, FDA Says

https://motherboard.vice.com/en_us/article/nee5bw/465000-patients-need-software-updates-for-their-hackable-pacemakers-fda-says

Inside an Epic Hotel Room Hacking Spree

https://www.wired.com/2017/08/the-hotel-hacker/

Apache Struts you're stuffed: Vuln allows hackers to inject evil code into biz servers

https://www.theregister.co.uk/2017/09/05/apache_struts_vuln/

Inside an Epic Hotel Room Hacking Spree

https://www.wired.com/2017/08/the-hotel-hacker/

Inside an Epic Hotel Room Hacking Spree

https://www.wired.com/2017/08/the-hotel-hacker/

School's contest website hacked; police report made

http://www.straitstimes.com/singapore/education/schools-contest-website-hacked-police-report-made

Firm Hired to Monitor Data Breaches Is Hacked, 143 Million Social Security Numbers Stolen

https://motherboard.vice.com/en_us/article/a33xgk/firm-hired-to-monitor-data-breaches-is-hacked-143-million-social-security-numbers-stolen

Stand up who HASN'T been hit in the Equifax mega-hack – whoa, whoa, sit down everyone • The Register

https://www.theregister.co.uk/2017/09/07/143m_american_equifax_customers_exposed/

Equifax Announces Cybersecurity Incident Involving Consumer Information

https://investor.equifax.com/news-and-events/news/2017/09-07-2017-213000628

Yet another AWS config fumble: Time Warner Cable exposes 4 million subscriber records • The Register

https://www.theregister.co.uk/2017/09/05/twc_loses_4m_customer_records/

Apache Struts you're stuffed: Vuln allows hackers to inject evil code into biz servers • The Register

https://www.theregister.co.uk/2017/09/05/apache_struts_vuln/

Kurat võtku! Estonia identifies security risk in almost 750,000 ID cards • The Register

https://www.theregister.co.uk/2017/09/05/estonia_identifies_security_risk_in_750000_id_cards/

Despite appearances, WikiLeaks wasn't hacked

https://www.grahamcluley.com/despite-appearances-wikileaks-wasnt-hacked/

Data breach hits four million Time Warner app users - BBC News

https://www.bbc.co.uk/news/amp/technology-41147513

Thousands of sensitive mercenary resumes exposed after security lapse | ZDNet

http://www.zdnet.com/google-amp/article/thousands-of-sensitive-mercenary-resumes-exposed-after-server-security-lapse/

MacEwan University loses $11.8 million to scammers in phishing attack | National Post

http://nationalpost.com/news/local-news/11-8-million-transferred-from-macewan-university-accounts-in-phishing-attack/wcm/4dbbc693-2ce1-4a9f-a305-66b5479c9667

UK infrastructure failing to meet the most basic cybersecurity standards • The Register

https://www.theregister.co.uk/2017/08/29/critical_national_infrastructure_cybersecurity/

SAP point-of-sale systems were totally hackable with $25 kit • The Register

https://www.theregister.co.uk/2017/08/29/sap_pos_vulnerability/

Tech Firms Team Up to Take Down ‘WireX’ Android DDoS Botnet

https://krebsonsecurity.com/2017/08/tech-firms-team-up-to-take-down-wirex-android-ddos-botnet/

WannaCrypt NHS victim Lanarkshire infected by malware again • The Register

https://www.theregister.co.uk/2017/08/28/wannacrypt_nhs_victim_lanarkshire_infected_by_malware_again/

Foxit PDF Reader is well and truly foxed up, but vendor won't patch • The Register

https://www.theregister.co.uk/2017/08/21/foxit_reader_vulnerabilities/

NotPetya ransomware attack cost us $300m – shipping giant Maersk • The Register

https://www.theregister.co.uk/2017/08/16/notpetya_ransomware_attack_cost_us_300m_says_shipping_giant_maersk/

Ships fooled in GPS spoofing attack suggest Russian cyberweapon

https://www.newscientist.com/article/2143499-ships-fooled-in-gps-spoofing-attack-suggest-russian-cyberweapon/

APT28 Targets Hospitality Sector, Presents Threat to Travelers « Threat Research Blog

https://www.fireeye.com/blog/threat-research/2017/08/apt28-targets-hospitality-sector.html

APT-style attack against over 4,000 infrastructure firms blamed on lone Nigerian 20-something • The Register

https://www.theregister.co.uk/2017/08/15/nigerian_fraud_kingpin/

Attackers Using Automated Scans to Takeover WordPress Installs

https://threatpost.com/attackers-using-automated-scans-to-takeover-wordpress-installs/126815/

Attack on Ireland’s state-owned power provider blamed on...

https://hotforsecurity.bitdefender.com/blog/attack-on-irelands-state-owned-power-provider-blamed-on-state-sponsored-hackers-18675.html

Scanner Shows EternalBlue Vulnerability Unpatched on Thousands of Machines

https://threatpost.com/scanner-shows-eternalblue-vulnerability-unpatched-on-thousands-of-machines/126818/

Canadian firm pays $425,000 to recover from ransomware attack

http://www.itworldcanada.com/article/canadian-firm-pays-425000-to-recover-from-ransomware-attack/394844?amp=1

Adobe Flash Player users should update their software NOW

https://www.welivesecurity.com/2017/07/11/adobe-flash-player-users-update-software-now/

Largest advertising company in the world still wincing after NotPetya punch

https://www.theregister.co.uk/2017/07/07/ad_giant_recovering_from_notpetya/

Major cryptocurrency exchange hacked – customers’ Bitcoin and Ethereum accounts plundered

https://hotforsecurity.bitdefender.com/blog/major-cryptocurrency-exchange-hacked-customers-bitcoin-and-ethereum-accounts-plundered-18340.html

It’s 2017 and Hayes AT modem commands can hack luxury cars

https://www.theregister.co.uk/2017/08/01/telematics_vulnerabilities_in_bmw_infiniti_ford_nissan/

Woman sues casino that offered her steak dinner instead of $43 million jackpot

http://money.cnn.com/2017/06/15/news/jackpot-steak-dinner-katrina-bookman-lawsuit/index.html

Samsung Left Millions Vulnerable to Hackers Because It Forgot to Renew a Domain

https://motherboard.vice.com/en_us/article/samsung-left-millions-vulnerable-to-hackers-because-it-forgot-to-renew-a-domain

GameStop Customers' Credit Cards May Have Been Stolen, Company Says

http://kotaku.com/gamestop-customers-credit-cards-may-have-been-stolen-c-1795958515

How a Single Email Stole $1.9 Million from Southern Oregon University

https://www.tripwire.com/state-of-security/security-data-protection/single-email-stole-1-9-million-southern-oregon-university/

'Crash Override': The Malware That Took Down a Power Grid

https://www.wired.com/story/crash-override-malware/

Dalle carte della Nato ai report su Siria e Libia: i segreti della Farnesina rubati da russi e cinesi

http://www.repubblica.it/tecnologia/sicurezza/2017/08/14/news/dalle_carte_della_nato_ai_report_su_siria_e_libia_i_segreti_della_farnesina_rubati_da_russi_e_cinesi-173004383/

$32 million worth of digital currency ether stolen by hackers

http://www.cnbc.com/2017/07/20/32-million-worth-of-digital-currency-ether-stolen-by-hackers.html

A smart fish tank left a casino vulnerable to hackers

http://money.cnn.com/2017/07/19/technology/fish-tank-hack-darktrace/index.html

Ransomware attack puts KQED in low-tech mode

http://www.sfchronicle.com/business/article/Ransomware-attack-puts-KQED-in-low-tech-mode-11295175.php

Bad Code Library Triggers Devil’s Ivy Vulnerability in Millions of IoT Devices

https://threatpost.com/bad-code-library-triggers-devils-ivy-vulnerability-in-millions-of-iot-devices/126913/

It's a trap! Marcher banking trojan masquerades as Adobe Flash Player for Android

https://www.grahamcluley.com/marcher-malware-adobe-flash-player/

Merck IT systems still crippled in Petya's aftermath

https://www.cyberscoop.com/merck-petya-ransomware-ukraine/

GCHQ Says Hackers Have Likely Compromised UK Energy Sector Targets

https://motherboard.vice.com/en_us/article/9kwg4a/gchq-says-hackers-have-likely-compromised-uk-energy-sector-targets

Hacker Allegedly Steals $7.4 Million in Ethereum with Incredibly Simple Trick

https://motherboard.vice.com/en_us/article/zmvg58/hacker-allegedly-steals-dollar74-million-in-ethereum-with-incredibly-simple-trick

FedEx says cyber attack to hurt its 2018 results

http://www.reuters.com/article/us-cyber-attack-fedex-idUSKBN1A21D7

Burglary in mind? Easy, just pwn the home alarm

https://www.theregister.co.uk/2017/07/17/burglary_in_mind_easy_just_pwn_the_home_alarm/

Global Cyberattack Could Cause $53B Losses, Lloyd's Warns

https://www.law360.com/articles/944611/global-cyberattack-could-cause-53b-losses-lloyd-s-warns

A .NET malware abusing legitimate ffmpeg

https://blog.malwarebytes.com/threat-analysis/2017/07/malware-abusing-ffmpeg/

Ukrainian postal service hit by 48-hour cyber-attack

https://flipboard.com/@flipboard/-ukrainian-postal-service-hit-by-48-hour/f-a25fcd853d%2Fco.uk

Violato anche il blog di Beppe Grillo: l’hacker è lo stesso della piattaforma Rousseau

http://www.corriere.it/cronache/17_agosto_06/violato-anche-blog-beppe-grillo-l-hacker-stesso-piattaforma-rousseau-3342ddda-7ac3-11e7-8803-6174d9288686.shtml

Attackers could shut down power grids by abusing solar panel flaws

https://www.grahamcluley.com/attackers-shut-power-grids-abusing-solar-panel-flaws/

Car makers told to do more to stop hackers taking over internet-connected vehicles

http://www.telegraph.co.uk/news/2017/08/05/car-makers-told-do-stop-hackers-taking-internet-connected-vehicles/

Un 'hacker' accede a un servidor de Justicia

http://www.elmundo.es/espana/2017/08/04/59837d6046163fff2f8b4598.html

HBO got hacked and some Game of Thrones materials are bubbling up online

https://techcrunch.com/2017/07/31/hbo-hack-got/

Introducing 306 Million Freely Downloadable Pwned Passwords

https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/

Merck profit soars 61.5 percent as Keytruda sales surge

http://www.reuters.com/article/us-merck-co-results-idUSKBN1AD1AO

TNT parcels 'backed up to ceiling' in wake of massive cyberattack

https://www.theguardian.com/money/2017/jul/25/tnt-parcels-cyber-attack-courier-fedex-notpetya

Government under fire after Transport Agency data breach

http://sverigesradio.se/sida/artikel.aspx?programid=2054&artikel=6740394

18-year-old arrested after reporting dumb bug in public transport e-ticket system

https://www.grahamcluley.com/18-year-old-arrested-reporting-dumb-bug-public-transport-e-ticket-system/

IoT Thermostat Bug Allows Hackers to Turn Up the Heat

https://blog.newskysecurity.com/iot-thermostat-bug-allows-hackers-to-turn-up-the-heat-948e554e5e8b

I segreti a rischio dell’ Italia. La grande falla nei computer dell’esercito: "Da lì gli hacker possono arrivare ovunque"

http://www.repubblica.it/tecnologia/sicurezza/2017/08/13/news/i_segreti_a_rischio_dell_italia_la_grande_falla_nei_computer_dell_esercito_da_li_gli_hacker_possono_arrivare_ovunque_-172937257/

'Adversarial DNA' breeds buffer overflow bugs in PCs • The Register

https://www.theregister.co.uk/2017/08/11/malware_in_dna/

Schoolboy bags $10,000 reward from Google with easy HTTP Host bypass • The Register

https://www.theregister.co.uk/2017/08/10/schoolboy_google_bug_bounty_http_host/

It's August 2017 and your Android gear can be pwned by, oh look, just patch the things • The Register

https://www.theregister.co.uk/2017/08/09/android_gear_needs_updating/

SAP cleans up more than a dozen troubling CRM security blunders • The Register

https://www.theregister.co.uk/2017/08/09/sap_crm_vuln/

Siemens, DHS warn of “low skill” exploits against medical scanners

https://arstechnica.com/gadgets/2017/08/siemens-dhs-warn-of-low-skill-exploits-against-ct-and-pet-scanners/

It's 2017 and Hyper-V can be pwned by a guest app, Windows by a search query, Office by... • The Register

https://www.theregister.co.uk/2017/08/08/august_patch_tuesday/

Forget sexy zero-days. Siemens medical scanners can be pwned by two-year-old-days • The Register

https://www.theregister.co.uk/2017/08/04/win7_brain_scanners_hacked/

Flaws in web-connected, radiation-monitoring kit? What could go wrong? • The Register

https://www.theregister.co.uk/2017/07/28/radiation_monitoring_infosec/

Wallet-snatch hack: ApplePay 'vulnerable to attack', claim researchers • The Register

https://www.theregister.co.uk/2017/07/28/applepay_vuln/

Hackers can turn web-connected car washes into horrible death traps • The Register

https://www.theregister.co.uk/2017/07/27/killer_car_wash/

Details of 400,000 loan applicants spilled in UniCredit bank breach • The Register

https://www.theregister.co.uk/2017/07/26/unicredit_bank_breach/

Sweden leaked every car owners' details last year, then tried to hush it up • The Register

https://www.theregister.co.uk/2017/07/23/sweden_leaked_every_car_owners_details_last_year_then_tried_to_hush_it_up/

Hackers Hijack Chrome Extension to Inject Code into Web Devs' Browsers

https://www.tripwire.com/state-of-security/featured/hackers-hijack-popular-chrome-extension-inject-code-web-developers-browsers/

Hacker online dimostra la vulnerabilità di Rousseau: "Ho bucato il sito, dati a rischio"

http://www.repubblica.it/politica/2017/08/02/news/hacker_online_dimostra_la_vulnerabilita_di_rousseau_ho_bucato_il_sito_dati_a_rischio_-172221493/

iCloud security flaw put iPhone, Mac passwords at risk

http://www.zdnet.com/article/icloud-security-flaw-icloud-keychain-iphone-mac-passwords-vulnerable/

UK uni warns students of phishers trying to nick their tuition fees

https://www.theregister.co.uk/2017/07/20/newcastle_uni_website_phishing/

No one still thinks iOS is invulnerable to malware, right? Well, knock it off • The Register

https://www.theregister.co.uk/2017/07/20/ios_security_skycure/

Crazy bug of the week: Gnome Files' .MSI parser runs evil VBScripts • The Register

https://www.theregister.co.uk/2017/07/20/bug_of_the_week_gnome_files_msi/

Dahua cameras stung by Web interface bug • The Register

https://www.theregister.co.uk/2017/07/20/dahua_cameras_stung_by_web_interface_bug/

School of card knocks: Russophone criminals offered online courses in credit card fraud • The Register

https://www.theregister.co.uk/2017/07/19/russian_carding_courses/

Solaris, Java have vulns that let users run riot • The Register

https://www.theregister.co.uk/2017/07/19/oracle_critical_patch_update_advisory_july_2017/

Torino: truffa da 30 mila euro allo chef Barbieri, giudice di Masterchef

http://torino.repubblica.it/cronaca/2017/07/19/news/torino_truffa_da_30_mila_euro_allo_chef_barbieri_giudice_di_masterchef-171146258/

FreeRADIUS fragged by fuzzer – by invitation – and fifteen fails found • The Register

https://www.theregister.co.uk/2017/07/18/freeradius_bugs/

Another day, another mass domain hijacking • The Register

https://www.theregister.co.uk/2017/07/13/swiss_domain_name_hijack/

Kerberos bypass, login theft bug slain by Microsoft, Linux slingers • The Register

https://www.theregister.co.uk/2017/07/13/kerberos_bug_dead_after_two_decades/

No big deal. You can defeat Kaspersky's ATM antivirus with a really fat executable • The Register

https://www.theregister.co.uk/2017/07/13/kaspersky_lab_atm_security_vuln/

AGFEO smart home controllers need patching • The Register

https://www.theregister.co.uk/2017/07/13/agfeo_smart_home_controllers_need_patch/

14 MEEELLION Verizon subscribers' details leak from crappily configured AWS S3 data store • The Register

https://www.theregister.co.uk/2017/07/12/14m_verizon_customers_details_out/

Avanti Markets kiosks hit by malware attack

http://www.ehackingnews.com/2017/07/avanti-markets-kiosks-hit-by-malware.html

ATO staffer leaks phone hacking how-to online, reveals fraud investigation tactics - ABC News (Australian Broadcasting Corporation)

http://www.abc.net.au/news/2017-07-12/tax-office-slip-up-reveals-new-phone-hacking-capabilities/8698800

Cloud Foundry had a privilege escalation bug • The Register

https://www.theregister.co.uk/2017/07/11/cloud_foundry_had_a_privilege_escalation_bug/

Samba slip-up smackdown: HPE stops NonStop Server bugs • The Register

https://www.theregister.co.uk/2017/07/11/hpe_stops_nonstop_server_samba_bugs/

Two-factor FAIL: Chap gets pwned after 'AT&T falls for hacker tricks' • The Register

https://www.theregister.co.uk/2017/07/10/att_falls_for_hacker_tricks/

Bloke takes over every .io domain by snapping up crucial name servers • The Register

https://www.theregister.co.uk/2017/07/10/io_hijacking_in_transition_cockup/

Broadpwn Bug Affects Millions of Android and iOS Devices

https://www.bleepingcomputer.com/news/security/broadpwn-bug-affects-millions-of-android-and-ios-devices/

CopyCat Malware Infected 14M Android Devices, Rooted 8M, in 2016

https://threatpost.com/copycat-malware-infected-14m-android-devices-rooted-8m-in-2016/126691/

Massive cyber-attack could cost Nurofen and Durex maker £100m

https://www.theguardian.com/business/2017/jul/06/cyber-attack-nurofen-durex-reckitt-benckiser-petya-ransomware

The AA Exposed Emails, Credit Card Data, and Didn’t Inform Customers

https://motherboard.vice.com/en_us/article/ywgdny/the-aa-exposed-emails-credit-card-data-and-didnt-inform-customers

Hard Rock hotels burgered up by Sabre breach • The Register

https://www.theregister.co.uk/2017/07/09/hard_luck_hotels_warn_of_possible_data_breach/

Biometric data stolen from corporate lunch rooms system • The Register

https://www.theregister.co.uk/2017/07/10/malware_scum_snack_on_lunchroom_kiosks/

TNT e le altre: cos un attacco hacker mette in ginocchio un’azienda per giorni - Il Sole 24 ORE

http://www.ilsole24ore.com/art/tecnologie/2017-07-07/tnt-e-altre-cosi-attacco-hacker-mette-ginocchio-azienda-giorni-160415.shtml?uuid=AEeCSttB

Google ships WannaCrypt for Android, disguised as Samba app • The Register

https://www.theregister.co.uk/2017/07/07/google_ships_wannacrypt_for_android_disguised_as_samba_app/

Google patches pwnable 'droids for Wi-Fi vuln • The Register

https://www.theregister.co.uk/2017/07/07/google_patches_pwnable_droids_against_wifi_vuln/

Perl devs solve ancient Riddle: 'What's a vuln we caught from Oracle?' • The Register

https://www.theregister.co.uk/2017/07/06/perl_devs_solve_ancient_riddle_whats_a_vuln_we_caught_from_oracle/

Cisco automation code needs manual patch • The Register

https://www.theregister.co.uk/2017/07/06/cisco_automation_code_needs_manual_patch/

Create a user called '0day', get bonus root privs – thanks, Systemd! • The Register

https://www.theregister.co.uk/2017/07/05/linux_systemd_grants_root_to_invalid_user_accounts/

GnuPG crypto library cracked, look for patches • The Register

https://www.theregister.co.uk/2017/07/04/gnupg_crypto_library_cracked_look_for_patches/

Medicare data leaks, but who was breached? • The Register

https://www.theregister.co.uk/2017/07/04/medicare_data_leaks_but_who_was_breached/

Android 'forensic' app pulled from Google Play after vulnerability report • The Register

https://www.theregister.co.uk/2017/07/03/android_forensic_app_pulled_from_google_play_after_vulnerability_report/

DaFont has been hacked – accounts and passwords stolen

http://www.digitalartsonline.co.uk/news/typography/dafont-hacked-accounts-passwords-stolen/

Don't panic, but Linux's Systemd can be pwned via an evil DNS query

https://www.theregister.co.uk/2017/06/29/systemd_pwned_by_dns_query/

Intel AMT bug bit Siemens industrial PCs

https://www.theregister.co.uk/2017/07/03/intel_amt_bug_bit_siemens_industrial_pcs/

German e-gov protocol carries ancient vulns

https://www.theregister.co.uk/2017/07/03/german_egov_protocol_carries_ancient_vulns/

Management bug can crash Cisco IOS, IOS XE • The Register

https://www.theregister.co.uk/2017/06/30/management_bug_can_crash_cisco_ios_ios_xe/

Azure blues: Active Directory Connect has password reset vuln

https://www.theregister.co.uk/2017/06/29/azure_blues_active_directory_connect_has_password_reset_vuln/

Attacco hacker alla Maschio Gaspardo a casa per tre giorni 650 dipendenti

http://corrieredelveneto.corriere.it/veneto/notizie/cronaca/2017/29-giugno-2017/attacco-hacker-maschio-gaspardo-casa-tre-giorni-650-dipendenti-2401738822969.shtml

Don't panic, but Linux's Systemd can be pwned via an evil DNS query • The Register

https://www.theregister.co.uk/2017/06/29/systemd_pwned_by_dns_query/

Hackers Cut a Corvette's Brakes Via a Common Car Gadget | WIRED

https://www.wired.com/2015/08/hackers-cut-corvettes-brakes-via-common-car-gadget/

Petya.2017 is a wiper not a ransomware – Comae Technologies

https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b

India's largest container port disrupted after Petya ransomware cyber attack

http://www.ehackingnews.com/2017/06/indias-largest-container-port-disrupted.html

Ransomware halts production at Cadbury's Tasmanian chocolate factory | ZDNet

http://www.zdnet.com/article/ransomware-halts-production-at-cadburys-tasmanian-chocolate-factory/

Internet cameras have hard-coded password that can’t be changed

https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/

Gordon Ramsay's father-in-law jailed for hacking celebrity chef's computer

http://news.sky.com/story/gordon-ramsays-father-in-law-jailed-for-hacking-celebrity-chefs-computer-10907576

Judy, il malware acchiappaclic: colpiti quasi 40 milioni di utenti Android

http://www.repubblica.it/tecnologia/sicurezza/2017/05/29/news/judy_il_malware_acchiappaclic_colpiti_quasi_40_milioni_di_utenti_android-166717548/

Al Jazeera Says It’s Under a Massive 'Cyber Attack'

https://motherboard.vice.com/en_us/article/al-jazeera-massive-cyber-attack

Hackers publish private photos from cosmetic surgery clinic

https://www.theguardian.com/technology/2017/may/31/hackers-publish-private-photos-cosmetic-surgery-clinic-bitcoin-ransom-payments

The Hack that Caused a Crisis in the Middle East Was Easy

https://motherboard.vice.com/en_us/article/the-hack-that-caused-a-crisis-in-the-middle-east-was-easy

QakBot trojan triggers Active Directory lockouts while seeking to drain bank accounts

https://www.grahamcluley.com/qakbot-trojan-triggers-active-directory-lockouts-while-seeking-to-drain-bank-accounts/

Following the Money Hobbled vDOS Attack-for-Hire Service

https://krebsonsecurity.com/2017/06/following-the-money-hobbled-vdos-attack-for-hire-service/

Massive Leak of 10 Million VIN Numbers Could Help Crooks Make Stolen Cars Look Legit

http://gizmodo.com/massive-leak-of-10-million-vin-numbers-could-help-crook-1795814490

Hackers hold Sydney start-up's customer database for ransom

http://www.smh.com.au/technology/technology-news/hackers-hold-sydney-startups-customer-database-for-ransom-20170601-gwi78t.html

Credit Card Breach at Kmart Stores. Again.

https://krebsonsecurity.com/2017/05/credit-card-breach-at-kmart-stores-again/

Stanford Uni site infested with hacking tools and phish for months!

https://news.netcraft.com/archives/2017/05/31/stanford-uni-site-infested-with-hacking-tools-and-phish-for-months.html

Microsoft Quietly Patches Another Critical Malware Protection Engine Flaw

https://threatpost.com/microsoft-quietly-patches-another-critical-malware-protection-engine-flaw/125951/

WikiLeaks says CIA’s “Pandemic” implant turns servers into malware carriers

https://arstechnica.com/security/2017/06/wikileaks-says-cias-pandemic-implant-turns-servers-into-malware-carriers/

Milioni di email e password rubate (anche in Italia) sono in un gigantesco archivio nel deep web

http://www.repubblica.it/tecnologia/sicurezza/2017/05/26/news/milioni_di_email_e_password_rubate_anche_in_italia_la_nuova_minaccia_si_chiama_anti_public_-166464714/

Hackers Hide Cyberattacks in Social Media Posts

https://www.nytimes.com/2017/05/28/technology/hackers-hide-cyberattacks-in-social-media-posts.html

Russian Hackers Are Using Google's Own Infrastructure to Hack Gmail Users

https://motherboard.vice.com/en_us/article/mbqzq8/russian-hackers-are-using-googles-own-infrastructure-to-hack-gmail-users

Anti Public: ecco come i cybercriminali hanno raccolto 450 milioni di email e password, anche di Mattarella, Alfano e Gentiloni

http://cybersecurity.startupitalia.eu/54764-20170528-antipublic-leak-450-milioni-email-password-rubate

Hacking the NHS for Fun and No Profit

https://medium.com/@nmalcolm/hacking-the-nhs-for-fun-and-no-profit-90931029dcb4

How we hacked more than 10,000 user accounts at the University of Amsterdam – Auke Zwaan

https://aukezwaan.nl/disclosures/how-we-hacked-more-than-10000-user-accounts-at-the-university-of-amsterdam/

actual ransom

https://twitter.com/actual_ransom

Wannacry Ransomware Animated Map

https://www.youtube.com/watch?v=kG8E15WFM6E

Animated Map of How Tens of Thousands of Computers Were Infected With Ransomware

https://www.nytimes.com/interactive/2017/05/12/world/europe/wannacry-ransomware-map.html

The WannaCry Ransomware Hackers Made Some Major Mistakes

https://www.wired.com/2017/05/wannacry-ransomware-hackers-made-real-amateur-mistakes/

Timeline: How the WannaCry cyber attack spread

https://www.ft.com/content/82b01aca-38b7-11e7-821a-6027b8a20f23

Ztorg Trojan: Infect yourself for 5 cents

https://blog.kaspersky.com/ztorg-botnet/16914/

Understanding Pacemaker Systems Cybersecurity

http://blog.whitescope.io/2017/05/understanding-pacemaker-systems.html

EHealth’s massive computer failure

http://www.cairnspost.com.au/news/cairns-hospital-suffers-software-catastrophe-with-possible-loss-of-patient-data/news-story/c828de3f4a0f73132ec3d19284cbae88

RoughTed: the anti ad-blocker malvertiser - Malwarebytes Labs

https://blog.malwarebytes.com/cybercrime/2017/05/roughted-the-anti-ad-blocker-malvertiser/

CIA - SOHO hacking

https://qz.com/1008273/complete-list-of-wifi-routers-included-in-wikileaks-cherryblossom-release-possibly-vulnerable-to-cia-hacking-tools/

Pwned UK SME fined £60K for leaving itself vulnerable to hack attack • The Register

https://www.theregister.co.uk/2017/06/27/boomerang_video_hack_ico_fine/

Make sure your Skype is up to date because FYI there's a nasty hole in it • The Register

https://www.theregister.co.uk/2017/06/27/skype_vuln/

Un potente ciberataque afecta a grandes empresas de todo el mundo

http://internacional.elpais.com/internacional/2017/06/27/actualidad/1498568187_011218.html

A new ransomware attack is hitting airlines, banks and utilities across Europe

https://www.theverge.com/2017/6/27/15879480/petrwrap-virus-ukraine-ransomware-attack-europe-wannacry

Tavis Ormandy to Microsoft: Have another Windows Defender vuln • The Register

https://www.theregister.co.uk/2017/06/26/new_windows_defender_vulernability_found_patched/

Virgin Media router security flap follows weak password expose • The Register

https://www.theregister.co.uk/2017/06/23/virgin_media_router_security_flap/

Russian hackers selling login credentials of UK politicians, diplomats – report • The Register

https://www.theregister.co.uk/2017/06/23/russian_hackers_trade_login_credentials/

Microsoft PatchGuard flaw could let hackers plant rootkits on x64 Windows 10 boxen • The Register

https://www.theregister.co.uk/2017/06/22/ms_patchguard_flaw_rootkit_risk/

In India, Personal Data of Millions Exposed by Gov’t Mistake

http://www.pandasecurity.com/mediacenter/news/personal-data-millions-indians-exposed-govt-mistake/

Cinco alumnos detenidos por ‘hackear’ el correo de decenas de profesores para robar exámenes en Pontevedra

http://politica.elpais.com/politica/2017/06/22/actualidad/1498125964_194643.html

UCL ransomware attack traced to malvertising campaign • The Register

https://www.theregister.co.uk/2017/06/22/ucl_ransomware_malvertising/

Researcher calls the fuzz on OpenVPN, uncovers crashy vulns • The Register

https://www.theregister.co.uk/2017/06/22/researcher_calls_the_fuzz_on_openvpn_turns_up_new_vulns/

Wikileaks rivela Brutal Kangaroo: il malware Cia per compromettere le reti più protette al mondo

http://www.repubblica.it/esteri/2017/06/22/news/wikileaks_rivela_brutal_kangaroo_il_malware_per_compromettere_le_reti_piu_protette_al_mondo-168791257/

Hacker exposed bank loophole to buy luxury cars and a face tattoo • The Register

https://www.theregister.co.uk/2017/06/20/face_tattoo_bank_hacker/

US voter info stored on wide-open cloud box, thanks to bungling Republican contractor • The Register

https://www.theregister.co.uk/2017/06/19/rnc_contractor_stored_voter_data_in_cloud/

Stack Clash flaws blow local root holes in loads of top Linux programs • The Register

https://www.theregister.co.uk/2017/06/20/stack_clash_linux_local_root_holes/

Web-hosting firm agrees to pay over $1 million to ransomware extortionists

https://www.welivesecurity.com/2017/06/20/web-hosting-firm-agrees-pay-1-million-ransomware-extortionists/

Erebus Resurfaces as Linux Ransomware - TrendLabs Security Intelligence Blog

https://blog.trendmicro.com/trendlabs-security-intelligence/erebus-resurfaces-as-linux-ransomware/

Hackerato il ministero degli Esteri. Anonymous: "Vi divertite, gli italiani pagano"

http://www.repubblica.it/tecnologia/sicurezza/2017/06/20/news/hackerato_il_ministero_degli_esteri_anonymous_vi_divertite_gli_italiani_pagano_-168602575/

Ministero Degli Affari Esteri You Have Been Hacked

https://www.cyberguerrilla.org/blog/ministero-degli-affari-esteri-you-have-been-hacked/

Using Texts as Lures, Government Spyware Targets Mexican Activists and Their Families

https://www.nytimes.com/2017/06/19/world/americas/mexico-spyware-anticrime.html

WikiLeaks emits CIA's Wi-Fi pwnage tool docs

https://www.theregister.co.uk/2017/06/15/wikileaks_dumps_cia_wifi_pwnage_tool_docs_online/

Brit hacker admits he siphoned info from US military satellite network • The Register

https://www.theregister.co.uk/2017/06/16/us_mil_sat_hack_plea/

It's 2017 and someone's probably still using WINS naming. If so, stop • The Register

https://www.theregister.co.uk/2017/06/15/its_2017_and_someones_probably_still_using_wins_naming_if_so_stop/

Researcher says fixes to Windows Defender's engine incomplete • The Register

https://www.theregister.co.uk/2017/06/15/microsoft_how_about_sandboxing_windows_defenders_engine/

Don't touch that email! London uni fears 0-day used to cram its network with ransomware

https://www.theregister.co.uk/2017/06/14/university_college_london_ransomware_attack/

OpenSSL patches critical certificate forgery bug

http://catless.ncl.ac.uk/Risks/28.77.html#subj6

Say hello to Dvmap: The first Android malware with code injection • The Register

https://www.theregister.co.uk/2017/06/09/dvmap_code_injection_android_trojan/

Phiendish phisher gets phive years in phederal for $2m phlights phraud • The Register

https://www.theregister.co.uk/2017/06/06/airline_phishing_scam_jailed/

L’Università della Campania sotto l’attacco degli hacker

http://corrieredelmezzogiorno.corriere.it/napoli/cronaca/17_giugno_02/universita-campania-sotto-l-attacco-hacker-08d48174-476b-11e7-8467-bf8d26986708.shtml

Goodness gracious, great Chinese 'Fireball' malware infects 250m systems worldwide • The Register

https://www.theregister.co.uk/2017/06/02/fireball_adware_menace/

Sons of IoT: Bikers hack Jeeps in auto theft spree

https://www.theregister.co.uk/2017/05/31/bikers_hack_jeeps_in_auto_theft_spree/

Identity Manager OneLogin Has Suffered a Nasty Looking Data Breach

https://motherboard.vice.com/en_us/article/identity-manager-onelogin-has-suffered-a-nasty-looking-data-breach

Microsoft patched more Malware Protection Engine bugs last week • The Register

https://www.theregister.co.uk/2017/05/29/microsoft_out_of_band_patches/

Popular RADIUS server exploitable with TLS session caching • The Register

https://www.theregister.co.uk/2017/05/29/freeradius_exploitable_via_tls_session_caching/

Aruba bugs squashed in seven-vuln splatfest

https://www.theregister.co.uk/2017/05/29/aruba_security_update/

Microsoft Master File Table bug exploited to BSOD Windows 7, 8.1 • The Register

https://www.theregister.co.uk/2017/05/29/microsoft_master_file_table_bug_exploited_to_bsod_windows_7_81/

Chipotle says ‘most’ of its restaurants were infected with credit card stealing malware

https://www.theverge.com/2017/5/26/15701776/chipotle-restaurants-hacked-credit-card-malware

Pirates hack was a hoax, says Disney boss • The Register

https://www.theregister.co.uk/2017/05/26/pirates_hack_hoax/

Hackers Make the First-Ever Ransomware for Smart Thermostats

https://motherboard.vice.com/en_us/article/internet-of-things-ransomware-smart-thermostat

'Cloak and dagger' vuln rolls critical hit against latest Android versions

https://www.theregister.co.uk/2017/05/25/cloak_dagger_android_vuln/

Fat-thumbed dev slashes Samba security • The Register

https://www.theregister.co.uk/2017/05/25/fatthumbed_dev_slashes_samba_security/

Investigados alumnos de bachillerato por hackear el correo de profesores

http://ccaa.elpais.com/ccaa/2017/05/25/galicia/1495737302_094648.html

Ransomware hits Australian hospitals after botched patch • The Register

https://www.theregister.co.uk/2017/05/25/ransomware_hits_australian_hospitals/

Rogues reset 'passwords', steal W-2 info from Equifax subsidiary customer employees

https://www.grahamcluley.com/rogues-reset-passwords-steal-w-2-info-from-equifax-subsidiary-customer-employees/

WannaCry Ransomware picture collection from infected countries around the world

http://b0n1.blogspot.com/2017/05/wannacry-ransomware-picture-collection_17.html

An Analysis of the WannaCry Ransomware Outbreak

https://securingtomorrow.mcafee.com/executive-perspectives/analysis-wannacry-ransomware-outbreak/

Patches Pending for Medical Devices Hit By WannaCry

https://threatpost.com/patches-pending-for-medical-devices-hit-by-wannacry/125758/

UN experts hacked while investigating violations of sanctions on North Korea

https://www.theguardian.com/world/2017/may/22/un-experts-hacked-sanctions-north-korea-cyber-attack

Cron has fallen arrest gang for infecting 1 million smartphones

http://blog.group-ib.com/cron

Twitter flaw allowed you to tweet from any account | ZDNet

http://www.zdnet.com/article/twitter-flaw-allowed-you-to-tweet-from-any-account/

Subtitle Hack Leaves 200 Million Vulnerable to Remote Code Execution

https://threatpost.com/subtitle-hack-leaves-200-million-vulnerable-to-remote-code-execution/125868/

Last week: 'OpenVPN client is secure!'This week: 'Unpatched bug in OpenVPN server' • The Register

https://www.theregister.co.uk/2017/05/24/last_week_openvpn_client_is_secure_brthis_week_unpatched_bug_in_openvpn_server/

Yahoo! retires! bleeding! ImageMagick! to! kill! 0-day! vulnerability! • The Register

https://www.theregister.co.uk/2017/05/21/yahoo_retires_imagemagick_library/

consorzio basso valdarno 2017

https://pagamenti.poste.it/mdp-be/archive/receipt/5098218

Three home security systems found to be vulnerable – if hackers were hiding in bushes • The Register

https://www.theregister.co.uk/2017/05/18/home_system_insecurity/

Adylkuzz Cryptocurrency Mining Malware Spreading for Weeks Via EternalBlue/DoublePulsar

https://www.proofpoint.com/us/threat-insight/post/adylkuzz-cryptocurrency-mining-malware-spreading-for-weeks-via-eternalblue-doublepulsar

Il malware Adylkuzz diffuso sfruttando gli stessi exploit di WannaCry

https://www.certnazionale.it/news/2017/05/17/il-malware-adylkuzz-diffuso-sfruttando-gli-stessi-exploit-di-wannacry/

HP Inc wireless mouse can be spoofed • The Register

https://www.theregister.co.uk/2017/05/18/hps_wireless_mouse_can_be_spoofed/

Thieves hide in servers to hoover up victims' bank card numbers mid-order • The Register

https://www.theregister.co.uk/2017/05/17/tatcha_payment_card_data_stolen_midorder/

La truffa al videogame da 18 milioni di dollari

http://www.repubblica.it/tecnologia/sicurezza/2017/05/17/news/la_truffa_al_videogame_da_18_milioni_di_dollari-165695205/

Edmodo confirms hackers breached its education platform, stole user data and hashed passwords

https://www.grahamcluley.com/edmodo-hackers-breached-education-platform-stole-user-data-hashed-passwords/

Breach at DocuSign Led to Targeted Email Malware Campaign

https://krebsonsecurity.com/2017/05/breach-at-docusign-led-to-targeted-email-malware-campaign/

Edmodo confirms hackers breached its education platform, stole user data and hashed passwords

https://www.grahamcluley.com/edmodo-hackers-breached-education-platform-stole-user-data-hashed-passwords/

Apple Patches Pwn2Own Vulnerabilities in Safari, macOS, iOS

https://threatpost.com/apple-patches-pwn2own-vulnerabilities-in-safari-macos-ios/125725/

Chrome on Windows has credential theft bug

https://www.theregister.co.uk/2017/05/17/chrome_on_windows_has_credential_theft_bug/

Bell Canada hacked: 2m account details swiped by mystery miscreants • The Register

https://www.theregister.co.uk/2017/05/16/bell_canada_quieting_fears_post_data_heist/

Cisco warns: Some products might have WannaCrypt vuln • The Register

https://www.theregister.co.uk/2017/05/17/cisco_warns_some_products_might_have_wannacrypt/

Gizmodo security test proves everyone (even Donald Trump's team) can get phished

https://www.grahamcluley.com/gizmodo-security-test-proves-everyone-even-trump-team-can-get-phished/

Porn Aired on Video Ad Screen at Union Station

http://www.nbcwashington.com/news/local/Porn-Aired-on-Video-Ad-Screen-at-Union-Station-422592524.html

Il ricatto degli hacker, rubato 'Pirati dei Caraibi', e ora chiedono un riscatto milionario

http://www.repubblica.it/spettacoli/cinema/2017/05/16/news/_pirati_dei_caraibi_5_-165564670/

It's 2017 – and your Mac, iPad, iPhone can all be pwned by an e-book

https://www.theregister.co.uk/2017/05/16/apple_security_updates/

Sophos waters down 'NHS is totally protected' by us boast

https://www.theregister.co.uk/2017/05/15/sophos_nhs/

WannaCry: Detailed Technical Analysis • reddit

https://www.reddit.com/r/netsec/comments/6b2o5z/wannacry_detailed_technical_analysis/

Global ‘Wana’ Ransomware Outbreak Earned Perpetrators $26,000 So Far — Krebs on Security

https://krebsonsecurity.com/2017/05/global-wana-ransomware-outbreak-earned-perpetrators-26000-so-far/

WCry/WanaCry Ransomware Technical Analysis | Endgame

https://www.endgame.com/blog/wcrywanacry-ransomware-technical-analysis

The worm that spreads WanaCrypt0r - Malwarebytes Labs

https://blog.malwarebytes.com/threat-analysis/2017/05/the-worm-that-spreads-wanacrypt0r/

Arranca la segunda oleada del ciberataque: Más de 30.000 organismos infectados en China

http://www.elmundo.es/economia/empresas/2017/05/15/59197aa0268e3e01388b463f.html

Romanian 'ransomware victim' hangs self and 4-year-old son – report

https://www.theregister.co.uk/2014/03/18/romania_ransomware_murder_suicide/

All OnePlus Devices Vulnerable to Remote Attacks Due to 4 Unpatched Flaws

http://thehackernews.com/2017/05/oneplus-mobile-vulnerabilities.html

Cybercrime on the high seas: the new threat facing billionaire superyacht owners

http://www.theguardian.com/world/2017/may/05/cybercrime-billionaires-superyacht-owners-hacking

Ransomware scum have already unleashed kill-switch-free WannaCry‬pt‪ variant • The Register

https://www.theregister.co.uk/2017/05/15/wannacrypt_variant/

More UPNP woes: Crashable library bites routers and software • The Register

https://www.theregister.co.uk/2017/05/15/more_upnp_woes_crashable_library_bites_routers_and_software/

Wannacrypt0r-FACTSHEET.md

https://gist.github.com/rain-1/989428fa5504f378b993ee6efbc0b168

Un dominio de 10 euros, el freno inesperado al ciberataque en EE UU

http://internacional.elpais.com/internacional/2017/05/13/estados_unidos/1494660056_269061.html

Everything you need to know about the WannaCry / Wcry / WannaCrypt ransomware

https://www.troyhunt.com/everything-you-need-to-know-about-the-wannacrypt-ransomware/

WannaCry ransomware used in widespread attacks all over the world

https://securelist.com/blog/incidents/78351/wannacry-ransomware-used-in-widespread-attacks-all-over-the-world/

Nissan confirm Sunderland car plant brought to a halt by cyber attack which swept NHS

http://www.chroniclelive.co.uk/news/north-east-news/nissan-confirm-sunderland-car-plant-13030041

El ciberataque que se propagó por medio mundo por la desidia de las empresas

http://tecnologia.elpais.com/tecnologia/2017/05/13/actualidad/1494661227_809039.html

74 countries hit by NSA-powered WannaCrypt ransomware backdoor

https://www.theregister.co.uk/2017/05/13/wannacrypt_ransomware_worm/

>10,000 Windows computers may be infected by advanced NSA backdoor

https://arstechnica.com/security/2017/04/10000-windows-computers-may-be-infected-by-advanced-nsa-backdoor/

Multiple vulnerabilities discovered in popular printer models

https://isc.sans.edu/diary.html

Full Disclosure: Vulnerabilities in Samsung SyncThru Web Service

http://seclists.org/fulldisclosure/2014/Dec/105

Identificado ataque de ransomware que afecta a sistemas Windows

https://www.ccn-cert.cni.es/seguridad-al-dia/comunicados-ccn-cert/4464-ataque-masivo-de-ransomware-que-afecta-a-un-elevado-numero-de-organizaciones-espanolas.html

WanaCrypt ransomware snatches NSA exploit, fscks over Telefónica, other orgs in Spain • The Register

https://www.theregister.co.uk/2017/05/12/spain_ransomware_outbreak/