Global Cyber News Digest

Events

Cyber Insider Podcast

Press Room

Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • Murfreesboro City Water Department's Bill Payment Website Hacked by Iranian Hackers

    Source: CyWare
    By: Ryan Stewart
    Published: August 5, 2019

    * Murfreesboro City's payment website for the water and sewage department has been hacked.
    * The compromised webpage displayed an image of the Iranian flag and the Guy Fawkes mask. A message below the image says "Hacked by Iranian Hackers" and "Hacked by Mamad Warning."

    cyware.comAugust 5, 2019

  • We've, um, changed our password policy, says CafePress amid reports of 23m pwned accounts

    Source: The Register
    By: Gareth Corfield
    Published: August 5, 2019

    * Twee T-shirts 'n' merch purveyor CafePress had 23 million user records swiped · reportedly back in February · and this morning triggered a mass password reset, calling it a change in internal policy. * Details of the security breach emerged when infosec researcher Troy Hunt's Have I Been Pwned service · which lists websites known to have been hacked, allowing people to check if their information has been stolen · began firing out emails to affected people in the small hours of this morning. * According to HIBP, a grand total of 23,205,290 CafePress customers' data was swiped by miscreants, including email addresses, names, phone numbers, and physical addresses.

    theregister.co.ukAugust 5, 2019

  • 1 · 8chan, a nexus of radicalization, explained

    Source: VOX
    By: Emily Stewart
    Published: August 5, 2019

    * The platform is a dark, toxic corner of the internet. * On August 4, a 21-year-old man opened fire at an El Paso, Texas, Walmart, killing 22 people and injuring at least two dozen others. * The incident appears to have an eerie similarity with shootings at a San Diego synagogue in April and two mosques in Christchurch, New Zealand, in March: The shooters were spending time in the same dark corner of the internet, specifically, a site called 8chan =97 a notoriously difficult-to-police forum. But the El Paso shooting may finally change that.

    vox.comAugust 5, 2019

  • Ransomware criminals now setting their sights on data backups

    Source: CSO
    By: Theo Hourmouzis
    Published: August 5, 2019

    * Ransomware gained widespread attention in 2017 when criminals used the WannaCry variant to infect more than 200,000 computers across some 150 countries. The impact on victims was disastrous.
    * Rather than being content to infest and disable production environments, actors have shifted their sights to data backups. The logic is that most established businesses will have a data backup strategy in place and, if the criminals can also lockup these backups, the chances that a ransom will have to be paid is significantly higher.

    cso.com.auAugust 5, 2019

  • Online sneaker marketplace failed to come clean about 6.8M record data breach

    Source: The Next Web
    By: Ravie Lakshmanan
    Published: August 5, 2019

    * StockX - a popular online marketplace for sneakerheads and streetwear aficionados to trade apparel - is the latest company to fall victim to a massive data breach affecting millions of its users.
    * As if that wasn't bad enough, TechCrunch reported over the weekend that the incident happened almost three months ago, in May.

    thenextweb.comAugust 5, 2019

  • US utilities targeted with spear-phishing emails impersonating engineering licensing board

    Source: HelpNetSecurity
    By: Zelijka Zorz
    Published: August 2, 2019

    * If you worked in a US company in the utilities sector and received an email notification telling you that you've failed your =93Fundamentals of Engineering=94 NCEES exam, would you download the attached Word file to check what's up? Would you do it even if you know that you took no such exam? * The emails were made to look like they were sent by the US National Council of Examiners for Engineering and Surveying (NCEES), an engineering licensing board, and from a domain that looks like it could belong to the organization (nceess[.]com). * But it doesn't, and the attacked Word file uses macros to install and run malware a remote access Trojan (RAT) module and a proxy mechanism used for C&C communication.

    helpnetsecurity.comAugust 2, 2019

  • Breach alert in South Korea after 1m card details were put up for sale online

    Source: ZD Net
    By: Catalin Cimpanu
    Published: August 1, 2019

    * Authorities and companies in South Korea should be scrambling by now to track down a major card breach after the details of more than one million payment cards have been put up for sale online over the past two months.
    * Details for 890,000 and 230,000 payment cards were put up for sale on a hacking forum in July and June, respectively, cyber-security researchers from Gemini Advisory have told ZDNet.

    zdnet.comAugust 1, 2019

  • Pearson data breach: details of hundreds of thousands of U.S. students hacked

    Source: Fast Company
    By: Michael Grothaus
    Published: August 1, 2019

    * Pearson, one of the largest publishers of print and digital textbooks, has revealed it has suffered a major data breach, reports the Wall Street Journal. * The breach affected more than 13,000 school and university accounts with some accounts containing information on hundreds of thousands of students at those institutions.

    fastcompany.comAugust 1, 2019

  • Update to iOS 12.4 Right Now to Block New Vulnerabilities

    Source: Life Hacker
    By: David Murphy
    Published: July 31, 2019

    * Most iPhone and iPad owners are running iOS 12. And that's a good thing, because you're getting a speedier experience with as many patched bugs and vulnerabilities as possible.
    * One of these "interactionless" bugs, as identified by the Google researchers, was not even fully fixed in iOS 12.4. They're described as such, as all they require an attacker to do is send you a message-and that can be a text message, multimedia message, iMessage, email, or a Visual Voicemail, as Google security engineer Natalie Silvanovich notes.

    lifehacker.comJuly 31, 2019

  • Beware phony gift card email scams: Here's why attackers love using them

    Source: ZDNet
    By: Danny Palmer
    Published: July 31, 2019

    * Two thirds of email attacks targeting the enterprise are fake gift card requests from the boss. Individual attacks don't pocket attackers much, but widespread campaigns can be highly lucrative - and difficult to trace. * Gift card requests aren't a new tactic, but despite having a low success rate, criminals are successfully squeezing cash out of victims by targeting large numbers of people.

    zdnet.comJuly 31, 2019

451 A Street, Suite 500
San Diego, CA 92101

info@sdccoe.org

CONNECT WITH US

Linkedin Twitter

Cyber Center of Excellence is a San Diego-based nonprofit dedicated to growing the regional cyber economy and creating a more secure digital community for all.

JOIN US
Linkedin Twitter
© 2025 Cyber Center of Excellence | Privacy Policy  |  Terms & Conditions
Linkedin Twitter
Privacy Policy  |  Terms & Conditions
© 2024 Cyber Center of Excellence