News

Cybersecurity & Infosec

News Aggregator Blog

China Drafts Rules on Mobile Apps’ Collection of Personal Data

Federal Agencies Warn That Hackers Are Targeting U.S. Think Tanks

FBI Warns of BEC Scammers Using Email Auto-Forwarding in Attacks

Vietnamese State Hackers APT32 (aka Ocean Lotus, BISMUTH) Deploy Coin Miners to Victims

Zoom Impersonation Attacks Aim to Steal Credentials

Amazon Says Sellers Racked up More Than $4.8 Billion in Sales Over Weekend

Facebook-Backed Libra Association Changes Its Name to Diem

Supreme Court Weighs Breadth of Computer Hacking Law

Krebs: Bomb Threat, DDoS Purveyor Gets Eight Years

Personal Information Leaked in Suspected Cyberattack on Israeli Company Shirbit Insurance

Stuller Headquarters (LA) Hit by Cyber Attack

Electronic Medical Records Cracked Open by OpenClinic Bugs

Cayman Islands Bank Records Exposed in Open Azure Blob

Critical Oracle WebLogic Flaw Actively Exploited by DarkIRC Malware

Android Messenger App Still Leaking Photos, Videos

Salesforce to Acquire Slack for $28 Billion

…Uber Completes $2.65 Billion Postmates Acquisition

UK Bans Installation of Huawei 5G Equipment From September

Pandemic, A Driving Force in 2021 Financial Crime

Baltimore Students Told to Ditch Windows PCs After Ransomware Attack

…Multiple Red Flags

Vermont Hospitals Still Recovering From October Ransomware Attack

Manchester United Cyberattack Highlights Controversy in Paying Ransomware Attackers

Company Director Disqualified After AMS Marketing Limited Made 75,000 Nuisance Calls

Ajit Pai Formally Announces Plans to Leave FCC

Cybersecurity In The New Normal: Good Enough Is No Longer Enough

Companies Urged to Adjust Hiring Requirements for Cyber Jobs

Healthcare Provider AspenPointe Data Breach Affects 295k Patients

Huntsville City Schools (AL) Close Early for Cybersecurity Threat

Someone Just Moved $5m in BTC From the 2016 Bitfinex Hack

WhatsApp Hack Could Let People Steal Messages, Users Urged to Take Precautions

MacOS Users Targeted By OceanLotus Backdoor

Docker Malware Is Now Common, So Devs Need to Take Docker Security Seriously

Gootkit Malware Returns to Life Alongside REvil Ransomware

Credit card skimmer fills fake PayPal forms with stolen order info

Microsoft Defender for Identity Now Detects Zerologon Attacks

South Korea Says It Foiled North Korea Attempt to Hack Its COVID-19 Vaccine Makers

Christopher Krebs: I’m ‘Most Upset’ I Didn’t Get to Say Goodbye to My Team…’Not How I Wanted to Go Out.’

Cyber Monday Looms – But Shoppers Oblivious to Top Retail Threats

…One in Seven #BlackFriday Emails Are Malicious

…Phishing Lures Employees With Fake ‘Back to Work’ Internal Memos

…Office 365 Phishing Abuses Oracle and Amazon Cloud Services

UK NCSC Helping Manchester United Recover from Cyber-Attack

2021 Healthcare Cybersecurity Priorities: Experts Weigh In

IIoT Chip Maker Advantech Hit by Ransomware, $12.5 Million Ransom

MasterChef, Big Brother Producer Banijay Group SAS Hit by DoppelPaymer Ransomware

Delaware County, PA Pays 500k Ransom to DoppelPaymer Ransomware

CBS Last.FM Fixes Admin Password Leakage via Symfony Profiler

Digitally Signed Bandook Malware Once Again Targets Multiple Sectors

Drupal Issues Emergency Fix for Critical Bug With Known Exploits

The Top 20 Cybersecurity Startups To Watch In 2021 Based On Crunchbase

Personal Data of 16 Million Brazilian COVID-19 Patients Exposed Online

DDoS Attacks Against Online Retailers Increase Four-Fold During Pandemic

Massive Zoom Phishing Targets Thanksgiving Meetings

Privacy Campaigner Flags Concerns About Microsoft’s Creepy Productivity Score

Changing Employee Security Behavior Takes More Than Simple Awareness

A Therapeutic for what Ails Digital Health

Canon Publicly Confirms August Ransomware Attack, Data Theft

US Fertility Patient Data Was Stolen in Ransomware Attack

Israeli Army Exposed the PII of Tens of Thousands of Soldiers

Sophos Alerts Customers of Info Exposure After Security Breach

New Egregor Ransomware Steps into Maze Group’s Shoes

cPanel 2FA Bypassed in Minutes via Brute-Force Attacks

At China’s Premier Internet Conference, Few Address the Regulatory Elephant in the Room

Trump Administration Extends TikTok Sale Deadline

Government Watchdog Urges Policymakers to Boost Cybersecurity for 5G Networks

Canada’s Proposed Privacy Overhaul Leans Toward European-Style Rules

Parler Hack Claims Are Fake, CEO Says: ‘They Are Just Obsessed With Us’

Laser-Based Hacking from Afar Goes Beyond Amazon Alexa

Phishing Most Frequently Reported Cybercrime in U.S.

Major BEC Phishing Ring Cracked Open with 3 Arrests

Ticketmaster: We’re Not Liable for Credit Card Badness Because the Hack Straddled GDPR Day

Sopra Steria Expects €50 Million Loss After Ryuk Ransomware Attack

Black Friday: The Best Gifts for Hackers

Ransomware Attack Cripples Baltimore County Public Schools: No Timeline for Return to Class

Cyber Attack Takes Rand McNally ELDs Offline

US Fertility Provides Notice of Data Security Incident

Premier Health (OH) Investigates Data Breach

Danish News Agency Ritzau Refuses to Pay After Ransomware Attack

FBI Joins Investigation Into Computer System Hack in Delaware County (PA)

Belden Networking Giant’s Company Data Stolen in Cyberattack

Passwords Exposed for Almost 50,000 Vulnerable Fortinet VPNs

Critical MobileIron RCE Flaw Under Active Attack

Windows 7 and Server 2008 Zero-Day Bug Gets a Free Patch

Why Data Protection And Cybersecurity Can’t Be Separate Functions

FCC Affirms ZTE Poses U.S. National Security Threat

India Bans 43 More Chinese Apps Over Cybersecurity Concerns

Democrats Urge YouTube to Remove Election Misinformation, Step up Efforts Ahead of Georgia Runoff

…Press Facebook, Twitter Too

YouTube Temporarily Suspends, Demonetizes OANN

Federal Authorities Warn of Increased Cyber Targeting During Upcoming Holiday Season

Crooks Impersonate U.S. Gov’t Agencies Offering Financial Aid

U.S. Proposes Funding to Clear Risk Assessment Backlog

Printers’ Cybersecurity Threats Too Often Ignored

Home Depot Reaches $17.5 Million Settlement Over 2014 Data Breach

Cyber-attacks Reported on Three US Healthcare Providers in FL, GA & NY

Australian Legal Services Provider Law in Order Hit With Cyber Attack

Post-Breach, Peatix Data Reportedly Found on Instagram, Telegram

Payday Loans Exposed Records in the Open

Baidu Apps in Google Play Leak Sensitive Data

New WAPDropper Malware Stealthily Subscribes You to Premium Services

Stantinko Botnet Now Targeting Linux Servers to Hide Behind Proxies

TrickBot Malware Uses Obfuscated Windows Batch Script to Evade Detection

Blackrota Golang Backdoor Packs Heavy Obfuscation Punch

UK Urges Orgs to Patch Critical Mobileiron Cve-2020-15505 Rce Bug

Alibaba CEO Says China’s Draft Anti-Monopoly Rules ‘Timely and Necessary’

Democrats Accuse GSA of Undermining National Security by Not Certifying Biden Win

…President-Elect Biden to Begin Formal Transition Process After Agency Ok

Lawmakers Urge FCC to Assist in Effort to Rip Out, Replace Suspect Network Equipment

European Cloud-Computing Initiative Limits U.S. Companies’ Role

FBI Warns of Recently Registered Domains Spoofing Its Sites

Tesla Model X Key Fobs Could Be Hacked to Steal Cars, Fix Released

Smart Doorbells ‘Easy Target for Hackers’ Study Finds

Apple’s Global Security Boss Accused of Bribing Cops With 200 Free iPads in Exchange for Concealed Gun Permits

Spotify Users Hit with Rash of Account Takeovers

Anonymous Hacks Uganda Police Website

Fake Minecraft Mods Swamp Over 1m Android Devices With Ads

Bristol City Council Data Breach Sends Names of Children to ‘Livid and Upset’ Parents

TA416 APT Rebounds With New PlugX Malware Variant

Israel Cyber Directorate Warns of Remotely Exploitable Drupal Flaw

VMware Discloses Critical Zero-Day Vulnerability in Workspace One

TikTok Fixes Bugs Allowing Account Takeover With One Click

Seven Debunked Myths of Cybersecurity

Trump Twitter ‘Hack’: Dutch Police Question Researcher

Joe Biden’s ‘Vote Joe’ Website Defaced by Turkish Hackers

Peters Criticizes Trump for Not Taking Action After Cyberattacks on Hospitals, COVID-19 Researchers

After Trump Fires CISA’s Director, the Agency Is Poised to Become Even More Powerful

Dutch Journalist Gatecrashes EU Defence Video Conference

Think Tank Urges Financial Sector Action on Cyber Threats

FBI Warns of Increasing Ragnar Locker Ransomware Activity

Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns

Hacker Posts Exploits for Over 49,000 Vulnerable Fortinet VPNs

…Why Even the Best Free VPNs Are Not a Risk Worth Taking

Green Beret Passed Secrets to Russia

Krebs: Convicted SIM Swapper Gets 3 Years in Jail

FireEye Acquires Respond Software

10M Impacted in Pray.com Data Exposure

Cyber Breach Exposed Thousands of Patients’ Info at Several LSU Medical Centers

Krebs: GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Manchester United Working to ‘Minimize Disruption’ Caused by ‘Cyber Attack’

Korean Retail Giant E-Land Closes Nearly Half of Stores Due to Ransomware Attack

Irish Start-up Glofox Investigates Possible Data Breach

Sugarloaf, Sunday River (ME) Parent Company Investigating Online Attack

Archdiocese of St. Louis Websites Down After Ransomware Attack

LightBot: TrickBot’s New Reconnaissance Malware for High-Value Targets

QBot Partners With Egregor Ransomware in Bot-Fueled Attacks

New Grelos Skimmer Variants Siphon Credit Card Data

VMware Fixes Critical Flaw in ESXi Hypervisor

Canadian Accusations on China Being Cyber-Crime Threat Are Groundless, Says China

Massive, China-State-Funded Hack Hits Companies Around the World, Report Says

Raytheon Employee Jailed for Exporting Missile Data to China

Cyber Official Krebs’s Ouster Tests Government Relations With Private Sector

IoT Cybersecurity Improvement Act Passed, Heads to President’s Desk

Hard Rock Stadium Ups Cybersecurity

Cybercriminals Batter Automakers With Ransomware, IP Theft

Tech Firms Fall Short on Misinformation Targeting Latino Voters, Advocates Say

UK GCHQ Put ‘Image Before Cost’ With New Cyber Building

Florida Man Sentenced 36 Months for Stealing $9m From Adoption, Automotive Firms via Business Account Takeover

Best VPNs in 2020

Ransomware Attack Hits Arizona Judicial Branch’s Website and Limits Some Services

Students, Staff Experience Slowdowns After Mansfield Schools (MA) Fall Victim to Cyberattack

Russian Hacker Group REvil Claims Massive Attack on Televangelist Kenneth Copeland

Robot Vacuums Suck Up Sensitive Audio in ‘LidarPhone’ Hack

GO SMS Pro Android App Exposes Private Photos, Videos and Messages

Facebook Messenger Bug Allowed Android Users to Spy on Each Other

Mount Locker Ransomware Now Targets Your TurboTax Tax Returns

Kali Linux 2020.4 Switches the Default Shell From Bash to ZSH

Google’s free services are now phishing campaign’s best friends

Microsoft Rolls Out Protection for Critical Accounts in Office 365

Canada Names China, Russia as Main Cyber-Crime Threats; Sees Risk to Power Supply

Chinese APT10 Hackers Use Zerologon Exploits Against Japanese Orgs

Krebs: Trump Fires Security Chief Christopher Krebs

Starting Next Year, Chrome Extensions Will Show What Data They Collect From Users

The Ones Who Brought You Let’s Encrypt, Bring You: Tools for Gathering Anonymized App Usage Metrics From Netizens

Los Angeles Police Department Bars Use of Third-Party Facial Recognition Systems, Launches Review

Apple to Pay $113m to Resolve Fight Over Batteries

Cryptocurrency Exchange Liquid Confirms Hack

Flower Firm New Zealand Bloom Victim of Recent Targeted Ransomware Malware

Keene (NH) Officials Urge Vigilance After Data Breach

Ransomware Attack Shuts Jackson County (OR) Website

Egregor Ransomware Shoots Ransom Notes Out of Victims’ Printers

Cisco Webex ‘Ghost’ Flaw Opens Meetings to Snooping

Google Brings New Adaptive Protection Technology to Its Cloud Armor Network Security Service

Top Cybersecurity Official Christopher Krebs Ousted by Trump

Mark Zuckerberg and Jack Dorsey Face Senate Grilling Over Moderation Practices

…‘You’re the Ultimate Editor,’ Twitter’s Jack Dorsey and Facebook’s Mark Zuckerberg Accused of Censoring Conservatives

Apple Lets Some Big Sur Network Traffic Bypass Firewalls

Chinese APT Hackers Target Southeast Asian Government Institutions

Verizon Releases First Cyber-Espionage Report

EU Restrictions Could Force Companies to Change Data Transfer Practices

Krebs: Be Very Sparing in Allowing Site Notifications

Stop Saying You Don’t Need to Worry About Privacy and Cybersecurity Because You Don’t Have Anything to Hide

Vulnerability Prioritization Tops Security Pros’ Challenges

Majority of APAC Firms Pay up in Ransomware Attacks

UK Firms Least Likely to Pay Ransom Globally

New Acquisition Provides Security From Hackers’ View, Palo Alto Networks CEO Says

Equifax $30.5 Million Data Breach Settlement Gets Final Approval

Over 80,000 ID Cards and Fingerprint Scans Exposed in TronicsXchange AWS Cloud Leak

Mercy Iowa City Reports Data Breach, Over 60,000 Iowans Affected

Ransomware Attack Forces Web Hosting Provider managed.com to Take Servers Offline

City of Saint John, New Brunswick Hit by Cyberattack

Port of Kennewick (WA) Victim of Cyber Attack

Montreal’s West End Health Agency Just Beginning to Come Back Online, Weeks After Cyber-Attack

Coil Payments Platform Leaks User Emails in ‘Privacy Policy’ Update

Office 365 Phishing Campaign Detects Sandboxes to Evade Detection

Hackers Are Actively Probing Millions of WordPress Sites

Cisco Patches Critical Flaw After PoC Exploit Code Release

Chrome 87 Released With Performance Boost and Security Fixes

Firefox 83 Boosts Security With HTTPS-Only Mode, Zero-Day Fix

Microsoft Brings Trusted Platform Module Functionality Directly to CPUs Under Securo-Silicon Architecture Pluton

Huawei Threat ‘No. 1 Concern’ Moving Forward, Trump National Security Adviser Says

Twitter Hires Famous Hacker Peiter Zatko ‘Mudge’ to Head Security Operations

Exposed Database Reveals 100K+ Compromised Facebook Accounts

Zoom Rolls Out Security Enhancements to Stop Zoombombing Trolls

Microsoft President Calls for Global Crackdown on Cyberattacks

Cybercrime Moves to the Cloud to Accelerate Attacks Amid Data Glut

Cybersecurity Is Top Business Worry in ‘Age of Risk’: Marsh & McLennan CEO

Crypto Firm Offers $200,000 Bug Bounty to Hacker Who Stole $2m

Meet the Hackers Who Earn Millions for Saving the Web: Bug Bounties

Dating Site Bumble Leaves Swipes Unsecured for 100M Users

Cold Storage Giant Americold Services Impacted by Cyberattack

Trojanized Security Software Hits South Korea Users in Supply-Chain Attack

Capcom Confirms Data Breach After Gamers’ Data Stolen in Cyberattack

Dozens of Ransomware Gangs Partner With Hackers to Extort Victims

Attackers Target Porn Site Goers in ‘Malsmoke’ Zloader Attack

Citrix SD-WAN Bugs Allow Remote Code Execution

Vulnerability in Firefox for Android Allowed Attackers to Steal Cookies, Local Files

No Voting System Deleted or Lost Votes in U.S. Election: Security Groups

Coronavirus: North Korea and Russia Hackers ‘Targeting Vaccine’

DarkSide Ransomware’s Iranian Hosting Raises U.S. Sanction Concerns

Trump Administration Grants 15-Day Extension on TikTok Divesture Deadline

Apple iOS Safari Feature Can Be Used to Share “Fake News” Headlines

Scams Ramp Up Ahead of Black Friday Cybercriminal Craze

IRS Announces Move to Protect Businesses From Identity Theft

Schools Struggling to Stay Open Get Hit by Ransomware Attacks

ICE Operation Arrests 113 Child Predators

Amazon Sues Instagram, TikTok Influencers Over Knockoff Scam

Ticketmaster Fined £1.25m Over Data Breach

Vertafore Data Breach Hits 28 Million Texan Drivers

Hacker Shares 3.2 Million Pluto TV Accounts for Free on Forum

Hacker Steals $2 Million From Cryptocurrency Service Akropolis

Delaware Division of Public Health Announces Data Breach Incident

Biotech Research Firm Miltenyi Biotec Hit by Ransomware, Data Leaked

Retail Giant Cencosud Hit by Egregor Ransomware Attack, Stores Impacted

India’s Biggest Online Grocer Bigbasket Alerted to Breach, Sale of 20m Users’ Data

Saint John (NB) Suffers ‘Significant Cyber Attack’

District 211 (Chicago) Investigating Possible Hack

New TroubleGrabber Discord Malware Steals Passwords, System Info

Top Official on U.S. Election Cybersecurity Christopher Krebs Tells Associates He Expects to Be Fired

Senior DHS Cybersecurity Official Bryan Ware to Step Down

Coalition of Election Officials, Stakeholders Says There Is ‘No Evidence’ Votes Were Compromised

Twitter Says It Labeled 300,000 Posts Around the Election

Washington State Could Be the 2021 Battleground for Internet Privacy

ICO Demands Urgent Data Protection Changes from UK Parties

Swiss Spies Knew About Crypto AG Compromise – and Kept It From Gov’t Overseers for Nearly 30 Years

Most Americans Reuse Passwords for Work Devices

New Tool Lets Attackers Easily Create Reply-Chain Phishing Emails

Ransomware Did Not Kill a German Hospital Patient… but It’s Still a Matter of Time

Gwinnett County (GA) Judge Re-Indicted in Computer Hacking Case

Popular Stock Photo Service 123RF Hit by Data Breach, 8.3M Records for Sale

The North Face Resets Passwords After Credential Stuffing Attack

Data Breach Index Site Leaks Over 23,000 Hacked Databases Exposing Over 13 Billion User Records

St. Albert Optometry Centre (AB) Involved in Data Breach

APT ‘Hackers For Hire’ “CostaRicto” Target Financial, Entertainment

FBI Investigating Racist, Anti-Gay Hack of Black Student Union’s Zoom Meeting at Gonzaga

DNS Cache Poisoning Attacks Return Due to Linux Weakness

ModPipe Cyberattackers Serve Up Custom Backdoor for Oracle Restaurant Point-of-Sale Software

Google Fixes More Chrome Zero-Days Exploited in the Wild

Bugs in Critical Infrastructure Gear n Schneider Electric Programmable Logic Controllers Allow Sophisticated Cyberattacks

Pressure Grows to Reinstall White House Cyber Czar

Facebook, Google to Extend Political Advertising Bans

‘Don’t Weaponise the Net’ Warns Former UK NCSC Cyber-Chief Ciaran Martin

Microsoft Warns Against SMS, Voice Calls for Multi-Factor Authentication

Philippines COVID-19 Data-Sharing App Leaked Healthcare Worker Info

Recent Ransomware Wave Targeting Israel Linked to Iranian Threat Actors

Waves of Attacks on U.S. Hospitals Show a Change in Tactics for Cybercriminals

Vatican Brings in Bots to Protect World’s Oldest Bible

This Risk Threatens Retirees’ Nest Eggs: Here’s How Advisors Are Protecting Them

Europe Tries to Boost Its Cybersecurity Industry

Cybersecurity Skills Shortage Falls for First Time

Animal Jam Kids’ Virtual World Hit by Data Breach, Impacts 46M Accounts

Conway Regional Medical Center (AR) Email Hack Exposes Info of 2,945 Patients

Newcastle Grammar School Targeted in Cyber Attack

Minecraft Apps on Google Play Fleece Players Out of Big Money

Over 2800 e-Shops Running Outdated Magento Software Hit by Credit Card Hackers

Chinese-Linked Muhstik Botnet Targets Oracle WebLogic, Drupal

Criminal Gangs Using Fake Microsoft Teams Updates to Infect Networks With Cobalt Strike

Alleged Source Code of Cobalt Strike Toolkit Shared Online

Nvidia Warns Windows Gamers of GeForce NOW Flaw

Silver Peak SD-WAN Bugs Allow for Network Takeover

Krebs: Patch Tuesday, November 2020 Edition

Biden’s Hard Stand on Foreign Election Interference Signals Funding Fight

Security Researchers Warn of Uptick in Election Spam

Scammers Impersonating the IRS Threaten Victims With Legal Action

Krebs: Ransomware Group Turns to Facebook Ads

Apple to Deliver ‘Privacy Labels’ for Apps, Revealing Data-Sharing Details

EU Levels New Antitrust Charges Against Amazon

Ex-Microsoft Engineer Gets Nine Years for $10m Digital Theft

Microsoft Patch Tuesday Update Fixes 17 Critical Bugs

Colossal Intel Update Anchored by Critical Privilege-Escalation Bugs

Windows 10 Intel Microcode Released to Fix New CPU Security Bugs

Scalper-Bots Shake Down Desperate PS5, Xbox Series X Shoppers

Cadbury Social Media Scammers Take Chocoholics for a Ride

Ghimob Android Banking Trojan Targets 153 Mobile Apps

5.8 Million RedDoorz User Records for Sale on Hacking Forum

Hacker Sells Access to Pakistani Airlines’ Network

New Platypus Attack Can Steal Data From Intel CPUs

Ubuntu’s Gnome Desktop Could Be Tricked Into Giving Root Access

EA Games’ Origin Client Contained Privilege Escalation Vulnerability

Adobe Releases Security Update for Adobe Reader for Android

Zoom Lied to Users About End-to-End Encryption for Years, FTC Says

…To Implement Heightened Security Program in Settlement

WhatsApp Wants to Host Your Intimate Chats: They’ll Be Deleted in a Week

First Passengers Travel in Virgin’s Levitating Hyperloop Pod System

Uber, Lyft Eager to Take California Labor Win Nationwide

Cyberattack on UVM Health Network Impedes Chemotherapy Appointments

Preventing and Mitigating DDoS Attacks: It’s Elementary

Deepfake Phishing: Is That Actually Your Boss Calling?

Man Admits to Being Part of Anonymous Cyber-Attacks Related to Dakota Access Pipeline

Paralegal Admits Role in Outing Iowa Witnesses

Krebs: Body Found in Canada Identified as Neo-Nazi Spam King

Older Android Phones Will Start Failing on Some Secure Websites in 2021

Hacked In 300 Seconds: iOS 14, Samsung Galaxy S20, Windows 10

Millions of Hotel Guests Worldwide Caught Up in Mass Data Leak

Mashable Customer Data Leaked Online

Long-Term Care Patient Info Mistakenly Released by Lake County Health Dept (IL)

Laptop Manufacturer Compal Hit by DoppelPaymer Ransomware

Ransomware Hits E-Commerce Platform X-Cart

Klamath Falls Hospital (OR) Still Struggling Through Ransomware Attack

Online Classes Resume After Cyber Attack at Saskatoon College

Malicious NPM Project Steals Discord Accounts, Browser Info

Microsoft Exchange Attack Exposes New xHunt Backdoors

Fake Microsoft Teams Updates Lead to Cobalt Strike Deployment

Ultimate Member Plugin for WordPress Allows Site Takeover

New Slipstream NAT Bypass Attacks to Be Blocked by Browsers

Google Chrome to Block Javascript Redirects on Web Page URL Clicks

Unmarked Texts Linked to GOP Firm Urged Vote Protests in Pennsylvania

Facebook Removed Iranian Network of Fake Accounts Targeting Protests in Israel

Twitter Removes Fake AP Account That Called Election Early for Biden

…Suspends Bannon

Trump Lawsuit Site to Report Rejected Votes Leaked Voter Data

Alibaba Cloud Growth Outpaces Amazon and Microsoft as Chinese Tech Giant Pushes for Profitability

Britain’s GCHQ to Wage Cyber War on Anti-Vaccine Propaganda

Kids Are Secretly Spending Thousands of Their Parents’ Money Betting on Special Video Game Wagering Sites

How Ryuk Ransomware Operators Made $34 Million From One Victim

Brazil Seizes Sites Pirating U.S. TV Shows

U.S. Seizes $24m in Crypto-Fraud Crackdown

European Consumer Groups Begin Suing Over Data Breaches

BigBasket Faces Potential Data Breach; Details of 2 Crore Users Put on Sale on Dark Web

Indian Drug Maker Lupin Suffers Cyber Attack

Luxottica Data Breach Exposes LensCrafters, EyeMed Patient Info

Capcom Ransomware Attackers Demanding $11 Million

Gitpaste-12 Worm Targets Linux Servers, IoT Devices

New Pay2Key Ransomware Encrypts Networks Within One Hour

RansomExx Ransomware Also Encrypts Linux Systems

WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug

Apple Patches Bugs Tied to Previously Identified Zero-Days

Yahoo Mail Discontinues Automatic Email Forwarding for Free Users

Office 365 Will Let Admins Review Microsoft Forms Phishing Attempts

Officials on Alert for Potential Cyber Threats After a Quiet Election Day

…Warn Delayed Vote Count Could Lead to Flood of Disinformation

Malspam Campaign Milks Election Uncertainty

Georgia Democrats Sue Governor Kemp Over Unfounded 2018 Hacking Claims

Huawei Challenges FCC Security Risk Label at Fifth Circuit

North Korean Hackers Used ‘Torisma’ Spyware in Job Offers-based Attacks

GEO Group, Company That Runs U.S. Illegal Immigration Detention Centers. Discloses Ransomware Attack

U.S. Seizes More IRGC Domains

U.S. Gov’t Behind $1 Billion Bitcoin Transfer of Silk Road Funds

Ransom Payment No Guarantee Against Doxxing

Zoom Snooping: How Body Language Can Spill Your Password

Campari Hit by Ragnar Locker Ransomware, $15 Million Demanded

Cyber Attack Targets Norwich-Based Flagship Group

Brazil’s Court System Under Massive RansomExx Ransomware Attack

Indonesian Fintech Cermati Suffers Data Breach, Legislators Rush to Regulate Industry

Premium-Rate Phone Fraudsters Hack VoIP Servers of 1200 Companies

Deloitte Hacker IQ Game Forced Offline After Hack

GitHub Denies Getting Hacked

Critical Bug Actively Used to Deploy Cobalt Strike on Oracle Servers

Cisco Zero-Day in AnyConnect Secure Mobility Client Remains Unpatched

Apple Patches Three Actively Exploited iOS Zero-Days

DHS Says No Evidence Foreign Power Could Have Tampered With U.S. Vote

…But Cybersecurity Officials Are Still Bracing for Attacks

…QBot Phishing Lures Victims Using U.S. Election Interference Emails

Bitcoin: $1bn Address With Silk Road Links ‘Being Transferred’

Ransomware Gangs Don’t Always Delete Stolen Data When Paid

Krebs: Why Paying to Delete Stolen Data is Bonkers

Americans Confident in IoT Device Security

California Voters Support New Internet Privacy Rules, Strengthening State Law

Police to Livestream Ring Camera Footage of Mississippi Residents

Russian Authorities Make Rare Arrest of Malware Author

Japanese Game Dev Capcom Hit by Cyberattack, Business Impacted

Japanese Nuclear Regulator Suffers Cyber Attack

Legion Has Been Hacked, Source Code Leaked Online

Alamance Skin Center (NC) Reports Cyber Attack Breach

Mysterious APT Leaves Curious ‘KilllSomeOne’ Clue

Sneaky Office 365 Phishing Inverts Images to Evade Detection

Google Forms Abused to Phish AT&T Credentials

Apple Search Bot Leaked Internal IPs via Proxy Configuration

VMware Issues Updated Fix For Critical ESXi Flaw

Cybersecurity Specialist Robert Herjavec Says He’s Confident U.S. Can Safeguard Voting From Hackers

…Voting Security Has Come a Long Way Since 2016 — but Vulnerabilities Remain

…Officials Express Confidence in Voting Security Amid Early Technical Glitches

FBI Investigating Robocalls Urging People to ‘Stay Home’ on Election Day

Officials on Watch for Disinformation If 2020 Election Results Are Delayed

New Kimsuky Module Makes North Korean Spyware More Powerful

One in Three Attacks Are Coronavirus-Related

Warning After 75,000 ‘Deleted’ Files Found on Used USB Drives

Krebs: Two Charged in SIM Swapping, Vishing Scams

Blackbaud Sued in 23 Class Action Lawsuits After Ransomware Attack

Leading Toy Maker Mattel Hit by Ransomware

Folksam Data Breach Leaks Info of 1M Swedes to Google, Facebook, More

Configuration Snafu Exposes Passwords for Two Million Marijuana Growers

New RegretLocker Ransomware Targets Windows Virtual Machines

These Software Bugs Are Years Old, but Businesses Still Aren’t Patching Them

Adobe Warns Windows, MacOS Users of Critical Acrobat and Reader Flaws

SaltStack Reveals New Critical Vulnerabilities, Patch Now

Oracle Solaris Zero-Day Attack Revealed

Trump Administration to ‘Vigorously Defend’ TikTok Order After New Legal Setback

…Teens Turn to TikTok to Boost Biden

…Twitter Unlocks New York Post Account After Two-Week Standoff Over Hunter Biden Laptop

UK Cyber-Threat Agency Confronts COVID-19 Attacks

Cyber-Criminals Target Naked Zoom Users

Truata and Mastercard Launch Privacy-Enhanced Portal for Financial Institutions

Cybersecurity Threats to Corporate America Are Present Now ‘More Than Ever,’ SEC Chair Says

Survey: Cybersecurity Skills Shortage is ‘Bad,’ But There’s Hope

A ‘Virtual’ Normal Has Reshaped Our Lives — but Does It Having Staying Power?

Singapore Updates Data Protection Law to Exclude User Consent for ‘Legitimate’ Business Purposes

$100M Botnet Scheme Lands Cybercriminal 8 Years in Jail

Scammers Abuse Google Drive to Send Malicious Links

Hacker Group Uses Solaris Zero-Day to Breach Corporate Networks

Malicious npm Package Opens Backdoors on Programmers’ Computers

GitHub Breaks Site Layout After Forgetting to Renew Certificate

Connecticut Department of Social Services Clients’ Data Exposed

Civmix Website (TX) Is Back Online After Cyber Attack

Maze Ransomware Shuts Down Operations, Denies Creating Cartel

WordPress Pushes Out Multiple Flawed Security Updates

Google Patches One More Actively Exploited Chrome Zero-Day

Oracle Issues Emergency Patch for Critical WebLogic Server Flaw

10/30-11/1/2020

Russian, Iranian and Other Hackers Target 2020 U.S. Election

…Crippling Cyberattacks, Disinformation Top Concerns for Election Day

…Russian Hackers Targeted California, Indiana Democratic Parties

…U.S. Says Iranian Hackers Behind Threatening Emails Accessed Voter Data

…Most Important 2020 Election Misinformation Threat Is Not Coming From Overseas: Facebook Former Security Chief Alex Stamos

…Biden Campaign Slams Facebook After Thousands of Ads Blocked by Platform’s Pre-election Blackout

…Trump and Biden Official Election Apps Vulnerable to Hackers

Facing Surge in Virus, European Countries Try to Fix Their Covid Apps

Chrome Will Soon Have Its Own Dedicated Certificate Root Store

Is Cybersecurity Awareness Month Worth It?

What Are The Fastest Growing Cybersecurity Skills In 2021?

Marriott Fined £0.05 for Each of the 339 Million Hotel Guests Whose Data Was Stolen

Gold Seller JM Bullion Hacked to Steal Customers’ Credit Cards

Over 1M Lazada Redmart Accounts Sold Online After Data Breach

Sonoma Valley Hospital (CA) Hit With Cyber Attack

Chatham County (NC) Systems ‘Inoperable’ After Cyberattack

Tioga Downs Casino Resort Warns of Social Media Hack

Montreal Metro Hacker Demands $2.8m Ransom

Hacker Is Selling 34 Million User Records Stolen From 17 Companies

Wroba Mobile Banking Trojan Spreads to the U.S. via Texts

Firestarter Android Malware Abuses Google Firebase Cloud Messaging

Browser Bugs Exploited to Install 2 New Backdoors–dneSpy & agfSpy–on Targeted Computers

Windows Kernel Zero-Day Vulnerability Used in Targeted Attacks

WordPress Patches 3-Year-Old High-Severity RCE Bug

Wisconsin Republicans Say Hackers Stole $2.3M

Hacker Releases Hall County’s (GA) Election-Related Files

U.S. Shares Info on Russian ComRAT and Zebrocy Malware (From State-Sponsored Turla and APT 28) Used to Target Parliaments, Embassies

Akamai Sees Doubling in Malicious Internet Traffic as Remote World’s Bad Actors Boom

U.S.: Collaboration Needed to Combat Online Child Exploitation

Krebs: FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

…Cyberattack Targets Networks of Vermont, New York, Oregon Hospitals

…Kegtap, Singlemalt, Winekey Malware Serve Up Ransomware to Hospitals

Pandemic Forces Companies to Confront Technology Ethics Questions

Taiwanese Company Admits Stealing US Trade Secrets

Xfinity, McAfee Brands Abused by Parked Domains in Active Campaigns

KashmirBlack Botnet Hijacks Thousands of Sites Running On Popular CMS Platforms

Salem’s (NH) Town Computers Offline After Ransomware Attack

University Email Hijacking Attacks Push Phishing, Malware

REvil Gang Promises a Big Video-Game Hit; Claims Massive Revenue

Maze Ransomware Is Shutting Down Its Cybercrime Operation

Oracle WebLogic Server RCE Flaw Under Active Attack

Microsoft Warns of Ongoing Attacks Using Windows Zerologon Flaw

McAfee Debuts Remote Browser Isolation Solution, XDR Platform

Trump Campaign Website Hacked with Cryptocurrency Scam

Man Arrested for Altering Voter Registration Data of Florida Governor: Police

Microsoft: Iranian Hacking Group Targeting Attendees of Major International Security Conferences

Russian Espionage Group Turla Updates Custom Malware Suite

Germany’s Robert Koch Institute for Infectious Disease Control Hit by Hackers Days Before Arson Attack: Spiegel

FBI Probes String of Recent Ransomware Attacks on U.S. Hospitals

Experts Weigh in on E-Commerce Security Amid Snowballing Threats

How the Pandemic is Reshaping the Bug-Bounty Landscape

Home Depot Blunder Emails Customer Order Info to Strangers

Cedar County Memorial Hospital (MO) Hit With Ransomware Attack

TrickBot Linux Variants Active in the Wild Despite Recent Takedown

QNAP Warns of New QTS Bugs That Allow Take Over of Devices

Microsoft’s SMBGhost Flaw Still Haunts 108K Windows Systems

Microsoft Defender ATP Adds Vulnerable Windows Device Tracking

Microsoft Shares List of URLs Required by Microsoft Defender ATP

Krebs: Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Election Officials Warn of Widespread Suspicious Email Campaign

Facebook Removes Accounts Linked to Foreign Influence Efforts Ahead of Election

China Clamping Down on Mobile Web Browsers Over Dissemination of ‘Chaos’

How the 2020 Election War on Bots and Trolls Differs From 2016

Some Ballot Requests May Be Affected by Cyber Attack in Chenango County (NY)

U.S. Homeland Security Agency Faulted for Election Planning Around Potential Violence

Zoom Finally Adds End-to-End Encryption for All, for Free – With Caveats

Remote Workers Ignore Training to Open Suspicious Emails

Amazon Fires Employee Who Leaked Customer Names, Emails

Former California Police Captain Pleads Guilty in eBay Cyberstalking Case

Florida Woman Arrested for Hacking Home Camera System

Student Teacher Jailed for Sexting Children

Enel Group Hit by Ransomware Again, Netwalker Demands $14 Million

Steelcase Furniture Giant Hit by Ryuk Ransomware Attack

Lax Security Exposes Smart-Irrigation Systems to Attack Across the Globe

Data Breach at Swedish Security Company Gunnebo Leaks 38,000 Sensitive Documents

Aussie Media Monitoring Provider Isentia Hit by Cyber Attack

Sky Lakes Medical Center (OR) Targeted in Ransomware Attack

Medical Supplies Manufacturer DeRoyal Industries Suffers Ransomware Attack

Wall Township School District (NJ) Hit With Cyber-Attack

Car Theft in Chicago May Have Involved a Hack; ‘We’ve Never Had This Kind of Electronic Break Into the Vehicle’

FBI: Hackers Stole Government Source Code via SonarQube Instances

Majority of Microsoft 365 Admins Don’t Enable MFA

Mac Users Unable to Print After Apple Revoked Hp Certificate

National Guard Called in to Thwart Cyberattack in Louisiana Weeks Before Election

Georgia Election Data Hit in Ransomware Attack

Russians Who Pose Election Threat Have Hacked Nuclear Plants and Power Grid

Facebook Says It’s Helped 4.4M People Register to Vote This Year

China Says Honours Its Obligations Over North Korea Sanctions

Treasury Sanctions Russian Group Accused of Targeting U.S. Critical Facilities With Destructive Malware

French Court Asks Microsoft for Safeguards Against U.S. Surveillance of Health Data

Hospitals Brace for More Cyberattacks as Coronavirus Cases Rise

Study Shows Which Messengers Leak Your Data, Drain Your Battery, and More

Experts Warn of Privacy Risks Caused by Link Previews in Messaging Apps

Why Cybersecurity Awareness Month Still Matters

Harvest Finance Places Bounty on Hacker

Microsoft IE Browser Death March Hastens

Therapy Patients Blackmailed for Cash After Finland Clinic Vastaamo Data Breach

Nando’s Hackers Feast on Customer Accounts

‘Among Us’ Mobile Game Under Siege by Attackers

WastedLocker Ransomware Hits Boyne Resorts Ski Resort Operator

Stelco Announces Cybersecurity Attack

News Agency Press Trust of India’s (PTI) Hit With Ransomware Attack, News Publishing Disrupted for Several Hours

New ‘Abaddon’ RAT Malware Gets Commands via Discord, Has Ransomware Feature

Containerd Bug Exposes Cloud Account Credentials

Massive Nitro Data Breach Impacts Microsoft, Google, Apple, More

Adware Found in 21 Android Apps With More Than 7 Million Downloads

Google Employees Personal Info Exposed in Law Firm Data Breach

Krebs: Google Mending Another Crack in Widevine

Microsoft Upgrades Password Spray Attack Detection Capabilities

HPE Fixes Maximum Severity Remote Auth Bypass Bug in SSMC Console

Iran Seeking to Intimidate U.S. Voters With Spoofed Emails, Intelligence Official Says

…‘Dumb Mistake’ Exposed Iranian Hand Behind Fake Proud Boys U.S. Election Emails

…Five Takeaways on Iran, Russia Election Interference

Russian State Hackers Stole Data From U.S. Government Networks

…EU Sanctions Russian Hackers Over 2015 German Parliament Attack

Voter Websites In California And Florida Could Be Vulnerable To Hacks, Report Finds

Cybersecurity Company Finds Hacker Selling Info on 186 Million U.S. Voters

Researcher: I Hacked Trump’s Twitter by Guessing Password

…Twitter Says ‘No Evidence’ Trump’s Account Was Hacked With Laughably Bad Password

Krebs: The Now-Defunct Firms Behind 8chan, QAnon

Dr Reddy’s: COVID Vaccine-Maker Suffers Cyber-Attack

Japanese Drug Firm Shionogi & Co. Hit by Cyberattack, Data Breach

French IT Giant Sopra Steria Hit by Ryuk Ransomware

Lewd Tweets on Fort Bragg Account Were From Administrator, Not a Hack as Army First Said

Microsoft Teams Phishing Attack Targets Office 365 Users

Facebook, News and XSS Underpin Complex Browser Locker Attack

NVIDIA Patches High Severity GeForce Experience Vulnerabilities

Snyk to Automatically Check Docker Official Images for Security Problems

Security Experts Alarmed by ‘Broken’ Cyber Market

Fraud Analysts Miss Dark Web Data

U.S. Tries to Get Huawei Blocked From Brazil’s 5G Networks With $1 Billion Financing Pledge

Trump Signs Legislation Making Hacking Voting Systems a Federal Crime

Cybercriminals Step Up Their Game Ahead of U.S. Elections

Threatening Emails Escalate Voter Intimidation Concerns

Biden Campaign App ‘Hack’ Shows Him Wearing MAGA Hat, Telling People to Vote Trump

Disjointed Covid-19 Apps Across U.S. Raise Questions About Tech’s Role

Fort Bragg Deletes Twitter Account, Blames Hack for Explicit Tweets

Mastercard, Idemia, and MatchMove to Pilot Contactless Card With Biometric Reader in Asia

…U.S. PayPal Users Can Soon Use Crypto in Lieu of Fiat Currency

CoinDesk: Ban All Ransomware Payments, in Bitcoin or Otherwise

Thought the FBI Were the Only Ones Able to Unlock Encrypted Phones? Pretty Much Every U.S. Cop Can Get the Job Done

Google Chrome Now Blocks Site Notifications With Abusive Content

Montreal’s STM Public Transport System Hit by Ransomware Attack

City of Shafter (CA) Hit by Ransomware Attack

Jekyll Island (GA) Authority Still Addressing Ransomware Attack

Egregor Claims Responsibility for Barnes & Noble Attack, Leaks Data

M&S Boss Spoofed in Gift Voucher Scam

LockBit Ransomware Moves Quietly on the Network, Strikes Fast

QNAP Warns of Windows Zerologon Flaw Affecting Some NAS Devices

Lightning Network Discloses “Concerning” Crypto Vulnerabilities

Oracle Kills 402 Bugs in Massive October Patch Update

WordPress Deploys Forced Security Update for Dangerous Bug in Popular Plugin

Windows 10 20H2 Adds Faster Malware Detection to Security Baseline

U.S.-China Tensions Could Split the Internet — and Data Will Play a Key Role in How Far That Goes

..Sweden Bans Use of Huawei, ZTE Equipment in New 5G Networks

…U.S. Spy Agency Warns That Chinese Hackers Target Military, Defense Industry

…Chinese Hackers Are Hitting These 25 Vulnerabilities, Says NSA

Japan Will Take Steps to Guard Against Olympics Cyberattacks

…Kremlin Denies Olympics Hacking Allegations

Microsoft Disables Most of Cybercriminals’ Control Over Massive Computer Network

TrickBot Malware Under Siege From All Sides, and It’s Working

IoT Security Foundation Launches Vulnerability Disclosure Platform

Cybersecurity And The Remote Classroom

Justice Department Hits Google With Antitrust Lawsuit

House Republicans Urge Democrats to Call Hearing With Tech CEOs

Pharma Giant Pfizer Leaks Customer Prescription Info, Call Transcripts

Made in Oregon Notifies 7,800 Customers of Possible Data Breach

Medicaid Billing Company Timberline Billing Service LLC’s Data Accessed by ‘Unknown Actor’; Firm Works With Many Iowa School Districts

Toledo Public Schools (OH) Vows Support for Staff Affected by Breach After 9GB of Data Posted Online

Facebook: A Top Launching Pad For Phishing Attacks

Mobile Browser Bugs Open Safari, Opera Users to Malware

Orgs Struggling to Secure SaaS Applications Following Shift to the Cloud

Cisco Warns of Attacks Targeting High Severity Router Vulnerability

Adobe Fixes 16 Critical Code-Execution Bugs Across Portfolio

VMware Patches ESXi Flaw That Can Be Abused on the Network to Hijack Hosts, Other Vulns

New Google Chrome Version Fixes Actively Exploited Zero-Day Bug

Iranian Millionaire Jailed for Violating US Sanctions

Krebs: QAnon/8Chan Sites Briefly Knocked Offline

Biden Campaign Staffers Targeted in Cyberattack Leveraging Antivirus Lure, Dropbox Ploy

Federal Commission Issues Recommendations for Securing Critical Tech Against Chinese Threats

Tokyo Olympics: Russian Hackers Targeted Games, UK Says

Russian Hackers in the NotPetya, Ukraine Power Grid, 2018 Olympics, 2017 French Election Attacks: U.S. Indictment

U.S. Blocked Chinese Purchase of San Diego Fertility Clinic Over Medical Data Security Concerns

Microsoft Exchange, Outlook Under Siege By APTs

China Revises Laws to Strengthen Protection of Minors Online

Instagram’s Handling of Children’s Data Under EU Investigation

Nation-State Actor Hit Google With the Largest DDoS Attack

Microsoft Issues Out-of-Band Windows Security Updates for RCE Bugs

Mysterious ‘Robin Hood’ Hackers Donating Stolen Money

Rapper Scams $1.2M in COVID-19 Relief, Gloats with ‘EDD’ Video

Phishers Capitalize on Headlines with Breakneck Speed

FBI Warns of Newly Registered Domains Spoofing U.S. Census Bureau

Hackers Smell Blood as Schools Grapple With Virtual Instruction

Microsoft is the Most-Imitated Brand for Phishing Emails

Toshiba Targets $3 Billion Revenue in Quantum Cryptography by 2030

Lawsuit Accuses Indian Hackers of Leaking Businessman’s Emails

Verificient Technologies’ Anti-Cheating Software Suffers Data Breach

Fanduel, Draftkings Data Provider Stats Perform Hit by Ransomware Attack

Albion Online Game Maker Discloses Data Breach

Haldiram’s (India) Hit by Ransomware Attack, Hackers Asked for $7.5 Lakh

Hackers Hijack Telegram, Email Accounts in SS7 Mobile Attack

Hackers Now Abuse BaseCamp for Free Malware Hosting

Cyber-attack on Yazoo County School District (MS) Costs $300k

Michigan Medicine Notifies Patients of Email Information Breach

Waze Vulnerability Lets Attackers Track and Identify Users

Coinbase Phishing Hijacks Microsoft 365 Accounts via OAuth App

Ryuk Ransomware Gang Uses Zerologon Bug for Lightning-Fast Attack

Overlay Malware Targets Windows Users with a DLL Hijack Twist

Watch Out for Emotet Malware’s New ‘Windows Update’ Attachment

GravityRAT Comes Back to Earth with Android, macOS Spyware

ThunderX Ransomware Rebrands as Ranzy Locker, Adds Data Leak Site

Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices

Study: Half of Battleground States Facing Cybersecurity Challenges Ahead of Election

Twitter Locks Trump Campaign Account

…Twitter Suffers Massive Outage; ‘No Evidence’ of Hack or Security Breach

Iran Says Hackers Attacked Two of Its Key Institutions

Trump Administration Rolls Out Strategy to Secure, Promote Critical Technologies

Data Breaches Hit Thousands of K-12 Students, Federal Watchdog Reports

Federal Watchdog Finds Escalating Cyberattacks on Schools Pose Potential Harm to Students

How One Family’s Nightmare Illustrates the Growing Threat of Real Estate Wire Fraud

Microsoft Now Lets You Disable Insecure JScript in Internet Explorer

US Indicts Money Launderers From Criminal Organization QQAAZZ

Krebs: Breach at Dickey’s BBQ Smokes 3M Cards

Broadvoice Leak Exposes 350M Records, Personal Voicemail Transcripts

Crytek Hit by Egregor Ransomware, Ubisoft Data Leaked

Robinhood Internal Probe Finds Hackers Hit Almost 2,000 Accounts

Barnes & Noble Hack: A Reading List for Phishers and Crooks

Online Proctor Service ProctorTrack Disables Service After Hack

Yorktown, Croton-Harmon Schools (NY) Suffer Cybersecurity Attacks

Possible Data Breach Exposes 2,219 Patient Files at McLaren Oakland Hospital (MI)

FIFA 21 Blockbuster Release Gives Fraudsters an Open Field for Theft

Critical Magento Holes Open Online Shops to Code Execution

Facebook and Twitter Reducing Distribution of New York Post Hunter Biden Story

Twitter’s Security Fell Short Before Hack Targeting Celebrities, Regulator Says

YouTube Bans COVID-19 Vaccine Misinformation

New York Regulator Urges Oversight for Social-Media Giants

Iranian Hackers Restart Attacks on Universities as the New School Year Begins

Zoom Rolls Out End-to-End Encryption (E2EE) Next Week

Police Raided German Spyware Company FinFisher Offices

Brit Webcam Criminal Snared in FBI Luminositylink Creepware Sting Spared Prison

The Important Difference Between Cybersecurity And Cyber Resilience (And Why You Need Both)

Carnival Confirms Passenger Data Compromised

Cyber Attack Disrupts Remote Learning in Sandwich Public Schools (MA)

FIN11 Cybercrime Gang Shifts Tactics to Double-Extortion Ransomware

Travelex, Other Orgs Face DDoS Threats as Extortion Campaign Rages On

Canva Design Platform Actively Abused in Credentials Phishing

Google, Intel Warn on ‘Zero-Click’ Kernel Bug in Linux-Based IoT Devices

Critical SonicWall VPN Portal Bug Allows DoS, Worming RCE

U.S. Cyber Command: Patch Windows ‘Bad Neighbor’ TCP/IP Bug Now

Microsoft Rolls Out New Edge Extensions API but Promises to Leave Ad Blockers Alone

State Officials Warn of Delayed Election Results From Influx of Mail-in Ballots

…Election Systems Under Attack via Microsoft Zerologon Exploits

…As Voters Cast Their Ballots, Courts Nationwide Issue Election Security Edicts

…Cut Cable Shuts Down Virginia’s Online Voter Registration

Russia Blamed for Cyber-attack on Norwegian Parliament

US GAO Calls for Greater Cybersecurity for Commercial Airplanes

Security Experts Warn of Amazon Prime Day Scams

Executive Overconfidence a Security Risk

How to Improve the Cybersecurity of Your Remote Workers

London’s Hackney Borough Council Hit by Hack Attack

International Law Firm Seyfarth Discloses Ransomware Attack

Miami Tech Company Intcomex Suffers Major Data Breach

Facility Services Provider Spotless Suffers Ransomware Attack

Lemon Duck Cryptocurrency-Mining Botnet Activity Spikes

Authentication Bug Opens Android Smart-TV Box to Data Theft

Windows and Mac Users Alike Urged to Patch PhantomPDF Over Use-After-Free Vulns

Critical Flash Player Flaw Opens Adobe Users to RCE

Krebs: Microsoft Patch Tuesday, October 2020 Edition

Court Orders Seizure of Ransomware Botnet Controls as U.S. Election Nears

Hackers Used VPN Flaws to Access Us Gov’t Elections Support Systems

Georgia Marred by Technical Problems, Long Lines on First Day of Early Voting

DHS: Unknown Hackers Targeted the U.S. Census Bureau Network

Cyber-attacks on Angolan Journalists Who Reported Government Corruption

Thai Army Denies Twitter Disinformation Campaign After Takedowns

Cambridge University Releases Fake News Game

Krebs: Microsoft Uses Trademark Law to Disrupt Trickbot Botnet

…Krebs: U.S. Cyber Command Behind Trickbot Tricks (WashPo Report)

Gov-Linked “Fatima” Cybersecurity Career Advert Removed After Backlash

Facebook Debuts Bug-Bounty ‘Loyalty Program’

Budget and Hiring Practices Hinder Cities’ Cybersecurity Efforts

Ransomware Attackers Buy Network Access in Cyberattack Shortcut

Here’s How Many Americans Still Secretly Use Their Ex’s Passwords

Cybercriminals Are Impersonating Parents for Ransomware Attacks on Teachers

55 New Security Flaws Reported in Apple Software and Services

Software AG Hit by Data-Stealing Ransomware Attack

Cyber Attack Targets Georgia Department of Human Services

City of Mt. Pleasant (MI) Falls Victim to Remote Ransomware Attack

Franklin, MA Loses $522K to ‘Spear Phishing’ Cyberattack

Investigation Underway After Tyngsboro (MA) Schools Hit by Cyberattack

Police Investigating Cyber Attack on Walled Lake (MI) School District

Fairfax County Public Schools (AV) Announces Student, Teacher PII Leaked to the Dark Web

Robinhood Says Some Customer Accounts May Have Become Target of Hackers

India Lab Testing Company Dr Lal PathLabs Exposed Sensitive Patient Data

Lake George Conservancy Hit by Ransomware Attack

Ransomware Gang Exposes Truckers’ PII After Attack on Daseke Carrier E.W. Wylie

Fitbit Spyware Steals Personal Data via Watch Face

Undocumented Backdoor That Covertly Takes Snapshots Found in Xplora’s X4 Kids’ Smartwatch

Wormable Apple iCloud Bug Allows Automatic Photo Theft

QBot Uses Windows Defender Antivirus Phishing Bait to Infect PCs

BazarLoader Used to Deploy Ryuk Ransomware on High-Value Targets

Sophisticated Android Ransomware Executes with the Home Button

Windows Update Can Be Abused to Execute Malicious Files

Facebook, Twitter Dismantle Global Array of Disinformation Networks

U.S. Seizes 92 Domains Used by Iran for ‘Global Disinformation Campaign’

Judge Orders Twitter To Unmask FBI Impersonator Who Set Off Seth Rich Conspiracy

Trojan Malware Targets Trump Supporters

Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks

New EU ‘Gateway’ Will Link Coronavirus Apps Across Borders

Justice Department Rolls Out Report Detailing Cryptocurrency Security Threats

Waterbear Malware Used in Attack Wave Against Government Agencies

Krebs: Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Former eBay Workers Plead Guilty to Cyberstalking Campaign Against Couple

Wisepay: School Payments Service Hit by Cyber-Attack

Springfield Public Schools District (MA) Shut Down by Ransomware Attack

Hall County (GA) Phone Services Available After Wednesday Ransomware Attack, Recovery Ongoing

Data Breach at AAA Ambulance Service (MS) Exposes Sensitive Information of Patients

RAINBOWMIX Apps in Google Play Serve Up Millions of Ad Fraud Victims

Sam’s Club Customer Accounts Hacked in Credential Stuffing Attacks

MontysThree APT Takes Unusual Aim at Industrial Targets

HEH P2P Botnet Sports Dangerous Wiper Function

Microsoft Azure Flaws Open Admin Servers to Takeover

Cisco Fixes High-Severity Webex, Security Camera Flaws

Huawei: ‘Clear Evidence of Collusion’ With Chinese Communist Party

Facebook to Slap Labels on Posts if Candidates Prematurely Declare Victory

Phishing Emails Lure Victims With Inside Info on Trump’s Health

IRS COVID-19 Relief Payment Deadlines Anchor Convincing Phish

U.S. Brokerage Firms Warned of Widespread Survey Phishing Attacks

Remote Workers Keep IT Issues to Themselves

‘Mercenary’ Hacker Group ‘Bahamut’ Runs Rampant in Middle East, Cybersecurity Research Shows

Krebs: Promising Infusions of Cash, Fake Investor John Bernard Walked Away With $30M

UK Regulator Bans Cryptocurrency Derivatives

Ukraine Plan to Tackle Hackers Sparks Privacy Fears

Supreme Court Hears Landmark $9B Copyright Fight Between Oracle, Google

More Than 1,600 Mayo Clinic Patients Impacted by Privacy Breach

Heartland Community College (IL) Addressing Cybersecurity Breach

Ransomware Hackers Claim Attack on Texas Customs Broker Daniel B. Hastings

Former Congress Member Katie Hill’s Twitter Account Hacked After Movie Deal Announcement

Mumbai University Distance Education Exams Hit By Cyber Attack

Eight Exchange Operators Also Attacked During New Zealand Hack, Says Cyber Intelligence Group Chairman

PoetRAT Resurfaces in Attacks in Azerbaijan Amid Escalating Conflict

Comcast TV Remote Hack Opens Homes to Snooping

QNAP Fixes Critical Flaws That Could Lead to Device Takeover

Google’s Chrome 86: Critical Payments Bug, Password Checker Among Security Notables

Microsoft Adds Consent Phishing Protection to Office 365

DHS Points to Russia as Key Disinformation Threat Ahead of Election

Officials Urge Social Media Groups to Weed Out Election Disinformation Targeting Minority Voters

APT Attack Injects Malware into Windows Error Reporting

CISA: Emotet Increasing Attacks on U.S. State, Local Governments

Israeli Government Reportedly Investigating Unsuccessful Hack Targeting Crypto CEOs

More Than 100 Charities Report Being Caught up in Blackbaud Ransomware Attack

EU Seeks Authority to Cut Off Banks’ Tech Suppliers if Found Wanting on Cybersecurity

Anti-Virus Creator John McAfee Arrested Over Tax Evasion Charges

Cisco Ordered to Pay $1.9 Billion for Security Patent Infringement

Boom! Mobile Customer Data Lost to Fullz House/Magecart Attack

Chowbus Delivery Service Breached, Hacker Emails Data to Users

Qiui’s Cellmate Male Cage Chastity Gadget Hack Could Lock Users In

REvil Ransomware Gang Offers $1 Million As Part Of Recruitment Drive

Malware Campaigns Deliver Payloads via Obscure Paste Service

Unpatched Apple T2 Chip Flaw Plagues Macs

Chrome 86 Rolls Out With Massive User Security Enhancements

Cloudflare Can Now Send DDoS Alerts for Sites Are Under Attack

Majority of Americans Concerned About Potential Foreign Election Interference: Poll

Voter Registration ‘Error’ Phish Hits During U.S. Election Frenzy

Ransomware Disrupts COVID-19 Medical Trials

Her Majesty’s Revenue and Customs (HMRC) Hit by Multiple Phishing and Spam Emails

CEOs of Google, Facebook and Twitter to Testify Before Senate

Years-Long ‘SilentFade’ Attack Drained Facebook Victims of $4M

LatAm Banking Trojans Collaborate in Never-Before-Seen Effort

Rare Bootkit Malware Targets North Korea-Linked Diplomats

Microsoft: Iranian Hackers Actively Exploiting Windows Zerologon Flaw

Krebs: Attacks Aimed at Disrupting the Trickbot Botnet

A Millionaire Hacker’s Lessons for Corporate America

Video-Game Piracy Group ‘Team Xecuter’ Leaders in Custody

Researchers Mixed on Sanctions for Ransomware Negotiators

Ransomware Victims Aren’t Reporting Attacks to Police. That’s Causing a Big Problem

Malware Families Turn to Legit Pastebin-Like Service

Egregor Ransomware Threatens ‘Mass-Media’ Release of Corporate Data

Hacker Group Compromises Mobile Provider to Steal Credit Cards

Grindr Fixed a Bug Allowing Full Takeover of Any User Account

Students and Employees Notified of Gulf Coast State College Data Breach

Horry County (SC) Police Investigating After Virtual Classroom Hacked, According to District

Black-T Malware Emerges From Cryptojacker Group TeamTNT

Tenda Router Zero-Days Emerge in Spyware Botnet Campaign

Crypto-Mining Malware Adds Linux Password Stealing Capability

Mosaicregressor: Second-Ever UEFI Rootkit Found in the Wild

Post Grid WordPress Plugin Flaws Allow Site Takeovers

HP Device Manager Backdoor Lets Attackers Take Over Windows Systems

New Flaws in Top Antivirus Software Could Make Computers More Vulnerable

New Ransomware Vaccine Kills Programs Wiping Windows Shadow Volumes

Hacker Uploads Own Fingerprints To Crime Scene In Dumbest Cyber Attack Ever

Huawei ‘Failed to Improve UK Security Standards’

Lawmakers Introduce Bill Targeting Foreign Disinformation on Social Media

Privacy, Civil Rights Groups Demand Transparency From Amazon on Election Data Breaches

Emotet Emails Strike Thousands of DNC Volunteers

New Service Checks if Your Email Was Used in Emotet Attacks

Twitter Shutters 130 Iranian Accounts Trying to Disrupt Presidential Debate

Online Journals Flagged as Election Disinformation Threat

U.S. Treasury Warns Cyber Insurers Payments to Hackers May Violate Sanctions

Krebs: Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam

Universal Health Services Says Its Network Is Being Restored After Malware Incident

Cloud Biz Blackbaud Admits Ransomware Criminals May Have Captured Folks’ Bank Info

H&M Fined €35.2m for GDPR Violations

Global Regulator International Maritime Organization Hit by Cyberattack

Hackers Leak Files Stolen in Pakistan’s K-Electric Ransomware Attack

Nebraska Medicine Provides Update on ‘Cyber Attack’ Causing Network Issues

InterPlanetary Storm Botnet Infects 13K Mac, Android Devices

Experts Warn of $15m Global BEC Campaign

Ransomware Gangs Add DDoS Attacks to Their Extortion Arsenal

Cryptojacking: The Unseen Threat

Microsoft Office 365 Phishing Attack Uses Multiple CAPTCHAs

Spammers Smuggle LokiBot Via URL Obfuscation Tactic

Critical Flaws Discovered in Popular Industrial Remote Access Systems

NVIDIA Fixes High Severity Flaws in Windows Display Driver

House Panel Says U.S. Intelligence Community Not Equipped to Address Evolving Chinese Threats

Chinese APT Group Palmerworm (aka BlackTech) Targets Media, Finance, and Electronics Sectors

Android Spyware Variant From APT-C-23 (aka Two-Tailed Scorpion and Desert Scorpion) Snoops on WhatsApp, Telegram Messages

North Korea Has Tried to Hack 11 Officials of the UN Security Council

DFAT Reveals Email Addresses of Vulnerable Australians Stranded Overseas

Facebook Small Business Grants Spark Identity-Theft Scam

Federal Internet of Things Security Rules Could Provide Blueprint for Private Sector

Anthem to Pay Nearly $40 Million to Settle Data Breach Probe by U.S. States

Two Charged for Hacking NBA, NFL Players’ Social Media Accounts

Russian Hacker, Described as ‘Brilliant’ by Judge, Gets Seven Years in U.S. Prison for Raiding LinkedIn, Dropbox

Kylie Jenner’s Makeup Company Warns of Data Breach

Applicants Say a DC Bar Website Bug Exposed Their Personal Data and Background Checks

Northern California Casino Cache Creek Casino Resort Shut Down by External Computer Attack, May Be Ransomware

Cyber Attack Interrupts Online Learning at Greece Central School District (NY)

Patient Data Compromised in Oaklawn (MI) Email Security Incident

Some Pell City (AL) Utility Customers May Have Suffered Data Breach

QNAP Warns Customers of Recent Wave of Ransomware Attacks

Blackbaud: Ransomware Gang Had Access to Banking Info and Passwords

OAuth Consent Phishing Ramps Up with Microsoft Office 365 Attacks

Microsoft Exchange Servers Still Open to Actively Exploited Flaw

Nokia Clinches 5G Deal With BT to Phase Out Huawei’s Kit in EE Network

Biden Campaign Urges Facebook to Remove Trump Posts Spreading ‘Falsehoods’

Krebs: Who’s Behind Monday’s 14-State 911 Outage?

Microsoft Outage Was Not Part of ‘Coordinated Campaign,’ Says Cybersecurity Agency

Microsoft Reports Spike in Foreign Targeting of COVID-19 Researchers, Think Tanks

Universal Health Says Corporate Network Remains Offline

Shipping Firm CMA CGM Says No Communications Breach in Cyber Attack

Amazon One: Palm Scanner Launched for ‘Secure’ Payments

Swatch Shuts Down Some Technology Systems After Cyberattack

Ransomware Hits Us-Based Arthur J. Gallagher Insurance Giant

Health-Care Provider Medisys Reports Data Breach Affecting 60,000 Clients

Plane-Tracking Site Flight Radar 24 DDoS’d… Just as Drones Spotted Buzzing Over Azerbaijan and Armenia

Hacker Releases Information on Clark County (NV) Students After Officials Don’t Pay Ransom

Fake Software Crack Sites Used to Push Exorcist 2.0 Ransomware

Over 247k Exchange Servers Unpatched for Actively Exploited Flaw

Cisco Fixes Actively Exploited Bugs in Carrier-Grade Routers

Microsoft Clarifies Patch Confusion for Windows Zerologon Flaw

Federal Agencies Warn of Disinformation Around Cyberattacks on Election Infrastructure

Hacking Voting Systems to Be a Federal Crime in US

Twitter Appoints Rinki Sethi as New Information Security Head

Researchers Uncover Cyber Espionage Operation Aimed At Indian Army

20% of Remote Staff Have Downloaded Company Data on Personal Devices

Awareness Is Everything in Cybersecurity — Until It Wears Off

Tennessee Bureau Urges Parents to Supervise Children Online

OCR Imposes $6.85M Penalty, 2nd Largest HIPAA Violation Fine Ever, on Premera Blue Cross Over Data Breach

Universal Health Services (UHS) Hit With Cyberattack, Potentially Largest Hospital Attack in U.S. History

Shipping Group CMA CGM Says Dealing With Cyber Attack

Scouts Victoria Reports Data Breach After Employee Duped by Phishing Campaign

Data Breach within Elite Comms Group

Montgomery County (TN) Computer Network Back up After Weekend Outage Due to Data Security Breach

Fashion Retailer BrandBQ Exposes Seven Million Customer Records

Windows 7 ‘Upgrade’ Emails Steal Outlook Credentials

REvil Ransomware Deposits $1 Million in Hacker Recruitment Drive

Judge Blocks Trump Administration’s Ban on New TikTok Downloads From U.S. App Stores

White House Chief of Staff Knocks FBI Director Over Testimony on Election Fraud

Tyler Technologies Says Clients Reported Suspicious Logins After Hack

Microsoft Kills 18 Azure Accounts Tied to Nation-State Attacks

Facebook Takes Down More Beijing-Backed Fake Accounts

Google to Temporarily Bar Election-Related Ads After Polls Close on Nov. 3

Facebook Critics Launch Alternative Oversight Board

Could Estonia Be the Model for Secure Online Voting?

Brussels Report: Governments’ Concerns Rise About Pandemic Cyberattacks on Health Care

Industrial Cyberattacks Get Rarer but More Complex

Ring’s Flying In-Home Camera Drone Escalates Privacy Worries

Trump Administration Signs AI Research and Development Agreement With the UK

Student Arrested Over Cyber-attacks on Indiana Schools

Krebs: Who is Tech Investor John Bernard?

Cyber-Partisans Hack Websites of State Channels in Belarus

Hackers Have Infiltrated Many of Washington State’s Agencies

Millcreek Township (PA) Confirms Computer System Hacked

Hungarian Banks, Telecoms Services Briefly Hit by Cyber Attack: Magyar Telekom

FinSpy Spyware for Mac and Linux OS Targets Egyptian Organisations

KuCoin Cryptocurrency Exchange Hacked for $150 Million

Twitter Is Warning Devs That API Keys and Tokens May Have Leaked

Techies Scramble to Fix Airbnb Website Bug That Let Strangers Read Each Others’ Account Messages

Louis Vuitton Fixes Data Leak and Account Takeover Vulnerability

Coffee Machine Hit By Ransomware Attack—Yes, You Read That Right

Most Local Banks Ignore Cyber Security

FortiGate VPN Default Config Allows MitM Attacks

ThunderX Ransomware Silenced With Release of a Free Decryptor

Pastebin Adds ‘Burn After Read’ and ‘Password Protected Pastes’ to the Dismay of the Infosec Community

Microsoft Windows XP Source Code Reportedly Leaked Online

ByteDance Applies for Export License From China as TikTok Deal Waits for Approval

Fears Mount Over Russian and Chinese Hackers Targeting the 2020 U.S. Presidential Election

…Facebook Removes Hundreds of Accounts Linked to Russian Agencies Ahead of Election

…Despite Ransomware Attack, Tyler Technologies Says Election Programs Safe

…FBI, DHS Say They Have ‘Not Identified’ Hacking Schemes to Change Vote Tallies Ahead of U.S. Election

…FBI Director Casts Doubt on Concerns Over Mail-in Voting Fraud

…But Warns That Chinese Hackers Are Still Targeting U.S. COVID-19 Research

Undisclosed Federal Agency Hit With Successful Cyberattack, Data Stolen

U.S. Customs and Border Protection Failed to Safeguard Data

Microsoft Supports Commission Calling for Re-Establishment of U.S. Cyber Czar

UAE, Israeli Cyber Chiefs Discuss Joining Forces to Combat Common Threats

Polish Police Shut Down Hacker Super-Group Involved in Bomb Threats, Ransomware, Sim Swapping

French Based GEFCO Hit by Cyber Attack

Free Apple iPhone 12? Chatbot Scam Spreads Via Texts

Phishing Attacks Are Targeting Your Social Network Accounts

Scammers Drain Bank Accounts Using AnyDesk and Sim-Swapping

Krebs: Microsoft Says Attackers Exploiting ‘ZeroLogon’ Windows Flaw

Mount Locker Ransomware Joins the Multi-Million Dollar Ransom Game

Alien Android Banking Trojan Sidesteps 2FA

Major Instagram App Bug Could’ve Given Hackers Remote Access to Your Phone

Instagram Bug Allowed Crashing the App via Image Sent to Device

Cisco Patch-Palooza Tackles 29 High-Severity Bugs

Cybersecurity: Your Supply Chain Is Now Your Weakest Link

Cyberattacks Are Fast Becoming a Physical Threat

Follow The Cyber Beat

Get news delivered directly to your inbox.