No problem

Bitbucket is excessively used as a host for crypto miners, ransomware and Trojans are deployed in a single chain of attack. Malicious software was hosted on the Bitbucket version control repository web service. While legitimate hosting services like: Google Drive, GitHub and Dropbox are usually reported by users to quickly remove malicious files. However, the cybersecurity company has stated that a range of user profiles are regularly updated every hour to avoid disruption of forensic operations. More than 500,000 computers have been infected so far in this campaign and so far there are no signs of stopping malicious attacks.

https://www.zdnet.com/article/malware-stew-cooked-up-on-bitbucket-deployed-in-attacks-worldwide/

According to an Accenture report, less than one-fifth of organizations successfully protect themselves against cyberattacks over the past three years. A higher level of investment in advanced security technologies is the result of proper detection and prompt repair of violations.

https://www.helpnetsecurity.com/2020/02/04/cyber-resilient/

Most criminals try very hard to destroy all data, photos and information on the phone. They make all sorts of opportunities from smashing, shooting, to cooking the phone. However, forensic experts manage to recover most of the information they need to investigate. Researchers at the National Institute of Standards and Technology (NIST) are testing options to extract data from a phone using hacking tools that can be legally used in criminal investigations.

https://www.helpnetsecurity.com/2020/02/04/data-damaged-mobile-phones/

Be aware !!!

The spread of the virus is a phenomenal hiatus for cybercriminals. While the virus (Wuhan Coronavirus) is spreading, causing panic in the world, malicious individuals and groups are already taking advantage of the fit situation. Fake messages, malware and phishing messages are starting to appear. IBM X-Force has reported that information about the spread of the virus is provided incorrectly. Be especially careful when opening email related to coronavirus – emails, attachments, posts on social media, text messages.

https://www.helpnetsecurity.com/2020/02/03/wuhan-coronavirus-exploited-to-deliver-malware-phishing-hoaxes/

The hacking group Evil Corp or TA505 has been noticed by Microsoft, which reports that the group provides malware software using malicious Excel documents.

https://www.techradar.com/news/microsoft-detects-new-evil-corp-malware-attacks

Malicious software of TrickBot was not entirely perceived as the most dangerous threat, however its functions allowed attacking Active Directory databases. Domain administrators must be very careful when accessing Active Directory, especially for hackers who have access to directories where password hashes, computer names, groups and many other confidential data are stored.

https://www.xccelero.com/2020/01/30/active-directorybeing-targeted-by-malware-called-trickbot/?

It is very important for companies to organize trainings that will make it easier for employees to pay attention to errors that most often get through by email. A priority issue is to direct employees’ attention to detecting spelling errors, bad links or inconsistent email addresses.

https://www.helpnetsecurity.com/2020/02/03/stopping-email-attacks/

Avast will liquidate its subsidiary from Jumpshot, which sold data to external clients including technology giants such as Microsoft and Google, as well as large brands such as Pepsi and Home Depot. Although Jumpshot days are numbered, unfortunately Avast will need time to regain customer confidence. A security company may probably face an investigation into the collection of user data. In my opinion, if there is anything for free, it does not have enough qualifications to operate our devices especially protect our data.

https://www.techradar.com/news/avast-shuts-down-jumpshot-after-data-selling-controversy

Researchers found a vulnerability in Azure Stack Spoofing, while some request has not been verified. Checkpoint researchers noticed the SSRF gap when they were deeply diving in the Azure cloud. Attackers who manage to get through can exploit the vulnerability to take a screenshot and extract confidential information from a cloud-based computer.

https://gbhackers.com/microsoft-azure-cloud-bugs/

One of the largest dark internet markets where cybercriminals buy and sell fraudulent payment card data has put up for sale over 30 million victims of Wawa violations for sale at Joker’s Stash.

https://thehackernews.com/2020/01/wawa-credit-card-breach.html