Top Weekly Cyber News: July 14-20, 2019

Hi folks! You may find below the latest news about global incidents, threats and attacks handpicked by our super XM Cyber team of experts.
BleepingComputer – Russian FSB Intel Agency Contractor Hacked, Secret Projects Exposed
July 20
A contractor for the Russian Federal Security Service (FSB) has been hacked and secret projects that were being developed for the intelligence agency were leaked to Russian Media. These projects detail Russia’s attempt to de-anonymize users on the Tor network, collect data from social networks, and how to isolate the Russian portion of the Internet from the rest of the world. [More]

Infosecurity Magazine – Microsoft Alerts 10,000 Customers of Nation State Attacks
July 19
Microsoft has warned 10,000 customers that they’ve been targeted by nation state attacks over the past year, including hundreds of US political organizations, the firm revealed this week. [More]

Infosecurity Magazine – APT Targets Diplomats in Europe, Latin America
July 18
Evidence suggests that new versions of malware families are linked to the elusive Ke3chang group, along with a previously unreported backdoor, according to researchers at ESET. The researchers have long been tracking the advanced persistent threat (APT) group and suspect that it operates out of China, according to today’s press release. [More]

The Hacker News – Slack Resets Passwords For Users Who Hadn’t Changed It Since 2015 Breach
July 18
If you use Slack, a popular cloud-based team collaboration server, and recently received an email from the company about a security incident, don’t panic and read this article before taking any action. Slack has been sending a “password reset” notification email to all those users who had not yet changed passwords for their Slack accounts since 2015 when the company suffered a massive data breach. [More]

Data Breach Today – Phishing Scheme Targets Amex Cardholders
July 18
Researchers have uncovered a new type of phishing campaign that is targeting American Express card users. In these incidents, attackers are sending a hyperlink as part of a phony account update to access the victim’s credentials and other account details, according to researchers at the security firm Cofense. [More]

The Hacker News – Hacker Stole Data of Over 70% Bulgarian Citizens from Tax Agency Servers
July 17
Eastern European country Bulgaria has suffered the biggest data breach in its history that compromised personal and financial information of 5 million adult citizens out of its total population of 7 million people. [More]

The Hacker News – Hackers Can Manipulate Media Files You Receive Via WhatsApp and Telegram
July 16
If you think that the media files you receive on your end-to-end encrypted secure messaging apps can not be tampered with, you need to think again. Security researchers at Symantec yesterday demonstrated multiple interesting attack scenarios against WhatsApp and Telegram Android apps, which could allow malicious actors to spread fake news or scam users into sending payments to wrong accounts. [More]

The Hacker News – This Flaw Could Have Allowed Hackers to Hack Any Instagram Account Within 10 Minutes
July 15
Watch out! Facebook-owned photo-sharing service has recently patched a critical vulnerability that could have allowed hackers to compromise any Instagram account without requiring any interaction from the targeted users. [More]


Purple is the New Black


Find and fix the exposures that put your critical assets at risk with ultra-efficient remediation.

See what attackers see, so you can stop them from doing what attackers do.