From Security Weekly WikiJump to navigationJump to search
- Spy Group Used 5 Zero-Days to Hack North Koreans phishing attacked used to exploit IE, Chrome and Windows zero-day vulnerabilities to conduct watering hole attacks.
- Dharma Ransomware source for sale on Hacking Forums Dharma is based on Crysis, and a tool was released in February to allow decryption without paying the ransom.
- Hackers taking advantage of Zoom's popularity to push Malware Hackers impersonate Zoom related sites to entice users to install unwanted/malicious add-ons and software.
- Marriott Data Breach exposes data of 52 million guests Contact, stay preference, affiliations and personal data ripe for phishing exposed.
- 'Zoom-bombing': FBI warns some teleconferencesconferences, online classrooms vulnerable to hackers Remember to secure your VTC, Zoom or otherwise, make them private, require a password and check attendees.
- PoC Exploits for CVE-2020-0796 (SMBGhost) Privilege Escalation flaw published SMBGhost is high risk wormable attack. Neither PoC code enable wormable behavior.
- 'Secure' Backup company leaks 135 million records online Los Angeles based SOS Oneline Backup customer information database misconfigured. Exposed data includes user names. email, phone, business details, along with backup system structure. May run afoul of CCPA and GDPR regulations.
- Your Social Security Number Costs $4 on The Dark Web Report by Atlas VPN finds that for $4 you can get SSN, full name, drivers's license, passport number and email address. Pricing depends on victim's credit score.