The US-CERT has released information for users about a dangerous 17-year vulnerability that affects the PPP daemon software. Data software is installed on most Linux operating systems, supplying power to internal software on other network devices.
https://thehackernews.com/2020/03/ppp-daemon-vulnerability.html?&web_view=true
In the era of the spread of coronavirus, hackers use human fear, especially now in Italy, where they steal information using TrickBot malware. Particularly noteworthy is the new spam campaign, which they impersonate by email from the World Health Organization (WHO).
VirginMedia announced that hackers had access to a wealth of customer information, including names, email, addresses, phone numbers and customer contact details, while the database has been exposed to hackers for 10 months.
https://www.cybersecurity-insiders.com/virgin-media-database-holding-900000-customer-info-exposed-to-hackers/
A groundbreaking change that informs that for the first time in cybercrime it turns out that mobile devices are more attacked than desktop computers, this strategy has been noticed by scientists from LexisNexis Risk Solutions.
https://www.infosecurity-magazine.com/news/mobile-attacks-outpace-desktop/
WARNING !!!
The Windows giant has consented to hundreds of subdomains named microsoft.com, skype.com, visualstudio.com, and windows.com to fall into the hands of villains through which they can extort information and spread malware. Be careful, don’t do anything quickly, think about it, and, above all, read. Don’t trust the link mybrowser.microsoft.com. Don’t download an Edged. If identityhelp.microsoft.com informs you to change your password, do not change. Microsoft has loose security that will expose you to considerable damage.
https://www.theregister.co.uk/2020/03/04/microsoft_subdomain_takeover/?&web_view=true
Netgear eliminates critical flaws, warns against executing code that it can make available to an attacker taking control of the 3Wireless AC Router Nighthawk (R7800) equipment.
https://threatpost.com/critical-netgear-bug-impacts-nighthawk-router/153445/?web_view=true
Data breaches are growing at an alarming rate. The biggest problem is still weak passwords through which a lot of valuable information leaks. Companies should put a strong emphasis on their employees’ passwords so that they do not have to be found on the DarkWeb where they are sold.
https://www.helpnetsecurity.com/2020/03/04/identity-verification-gap/
Vulnerability zero allowed potential operators to register a domain called homographic .com and .net, thanks to which they can be used in internal, phishing, and social engineering attacks against relevant entities such as Google, Amazon, or DigitalOcean.
Backups are one of the most critical defense against programming ransomware. However, the copies must be properly configured, so the attackers do not use it against us.
In the United Kingdom, personal data leaked that used free internet at Harlow Mill, Chelmsford, Colchester, Waltham Cross, Burnham, Norwich, and London Bridge railway stations. The database was on an unprotected Amazon Web Services server.
https://www.itproportal.com/news/thousands-of-uk-rail-passengers-have-user-data-leaked/