Coubic also told The Hacker News that it is currently investigating the report and will update users with further info soon.

In a statement LifeBear shared with @Swati_THN says, "We currently have been investigating the situation. We apologize for the inconvenience this may cause."

"We already have made contact with police department in Japan and a lawyer to consult this situation."

Stay tuned.

[Story] Round 4 — Hacker Puts 26 Million New Accounts Up For Sale On the Dark Web

If you have an account with any of the above-listed sites, you should change your passwords immediately and also on other services if you re-use the same password.

[ROUND 4] List of breached sites:

1) Youthmanual — Indonesian college and career platform
2) GameSalad — Online learning platform
3) Bukalapak — Online Shopping Site
4) Lifebear — Japanese Online Notebook
5) EstanteVirtual — Online Bookstore
6) Coubic — Appointment Scheduling

EXCLUSIVE — A hacker who previously claimed to have hacked massive databases [millions of records] from multiple websites and then put them online for sale in 3 rounds has now come back with a new set of databases breached from 6 other websites

(story coming shortly, stay tuned)

Critical bug is still under attack even after a patched version was released last month — thanks to NO Auto-Update feature in the popular file compression software with over 500 million users worldwide.

—by @Swati_THN

A default account with static password disclosed in Common Services Platform Collector (CSPC) that could allow an unauthenticated remote attacker to access an affected devices

Cisco has released software updates that address this vulnerability.

Google has released version 73.0.3683.75 for Windows, Mac and Linux desktops that patches fix 60 new security vulnerabilities, 6 of which are high in severity -- update now

Businesses need to upgrade from traditional device management to a modern management approach called , says @giridhararaam in his article on UEM.

Read this article to understand why UEM will become the game changer in management

New WordPress Vulnerability Lets Unauthenticated Remote Attackers Hack Sites

If for some reason your sites have not yet been automatically updated to the latest version 5.1.1 released yesterday, it's highly recommended to upgrade immediately.

Multiple critical 0-day RCE flaws discovered in Counter-Strike 1.6 Game client

Almost 39% of all gaming servers available online were found exploiting these unpatched flaws to remotely hack gamers’ computers and install Trojan.

pacman (before version 5.1.3-1) do not sanitize filename received from a Content-Disposition header while installing a remote package via specified URL "pacman -U," potentially leading to arbitrary root code execution.

Say it loud everyone →→→ "APT doesn't need HTTPS"

A high-severity flaw [CVE-2019-9686] in pacman utility—package manager for Arch —could allow malicious remote servers (or attackers, if downloading over HTTP) to execute arbitrary code as root

Notably, this bypasses package signature checking

Incident Response Toolkit --> Learn about a few specific use cases where an Unified Security Management (USM) platform can help you Observe, Orient, Decide, and Act for effective incident response.


via @ATTCyber AT&T Cybersecurity

The second zero-day flaw (CVE-2019-0797) that patched yesterday has actively been exploited by several threat actors, including FruityArmor and SandCat, researchers from Labs revealed today

Firefox Send — Free, Encrypted File Transfer Service Now Available For All

Mozilla’s new online service allows users to safely and simply share files as large as 2.5GB in size from any browser

by @Swati_THN

Both zero-day flaws that attackers are actively exploiting in the wild reside in win32k.sys, allowing attackers to escalate privileges.

One of these flaws is the same that warned of last week after patching a 0-day flaw (CVE-2019-5786) in

Microsoft Releases March Updates to Fix 64 Security Vulnerabilities — Two Under Active Attack


→ 17 Critical Flaws
→ 45 Important (4 Publicly Disclosed and 2 Zero-Days)
→ 1 Moderate
→ 1 Low

by @unix_root

➡️ Arbitrary Code Execution (CVE-2019-7094) affects Photoshop CC (Versions 19.1.7 and earlier / 20.0.2 and earlier) for Windows and ,

➡️Arbitrary Code Execution (CVE-2019-7095) affects Adobe Digital Editions (Versions and below) for .

Show more

A Mastodon instance for bots and bot allies.