“Britain is reportedly planning to blackout Russia if the latter tends to execute its plan of launching a missile attack at the UK’s military base which is said to be ill-equipped to respond to such attacks as of now.”
https://www.cybersecurity-insiders.com/uk-plans-to-blackout-russia-via-cyber-attack/
TLP1 : Green
“Radware released findings from its second annual web application security report, Radware 2018 State of Web Application Security. The report shares an in-depth view of the challenges organizations face in protecting web applications and how recent security breaches have affected them in the past year. In fact, it revealed that 67% of organizations believe hackers can still penetrate their network.”
“When Facebook last weekend disclosed a massive data breach—that compromised access tokens for more than 50 million accounts—many feared that the stolen tokens could have been used to access other third-party services, including Instagram and Tinder, through Facebook login.”
https://thehackernews.com/2018/10/facebook-token-hacking.html
“Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. Think you’re too smart to fall for one? Think again: Even technology experts are getting taken in by some of the more recent schemes (or very nearly).”
“Facebook hacked, this is news that is rapidly spreading across the Internet. A few hours ago, Facebook announced that an attack on its computer network exposed the personal information of roughly 50 million users. The giant of social networks has discovered the security breach this week, the attackers have exploited a bug in the “View as” features to steal access tokens of the users and take over their accounts.”
“Add “a phone number I never gave Facebook for targeted advertising” to the list of deceptive and invasive ways Facebook makes money off your personal information. Contrary to user expectations and Facebook representatives’ own previous statements, the company has been using contact information that users explicitly provided for security purposes—or that users never provided at all—for targeted advertising.”
“Cunning malware VPNFilter remains under active development, and is acquiring ever more dangerous features.”
https://www.theregister.co.uk/2018/09/27/fancy_bear_modules/
TLP1 : Green
“It is always Patrick Wardle, this time the popular expert and former NSA hacker has found a zero-day flaw in macOS on Mojave ‘s release day.
According to the expert, the implementation bug can be exploited to access sensitive user data, including information in the address book.”
“GandCrab v5 has been released with a few noticeable changes. The first change is that the ransomware now uses a random 5 character extension for encrypted files and a new HTML ransom note.
It is not currently known how GandCrab v5 is being distributed.”
