News

Cybersecurity & Infosec

News Aggregator Blog

Justice Department Convenes Task Force to Tackle Wave Of Ransomware Attacks

Lawmakers Reintroduce Bill to Invest Billions to Compete With China in Tech

Hackers Reportedly Stole Apple Product Plans From Supplier Quanta

…Hackers Threaten to Leak Stolen Apple Blueprints If $50 Million Ransom Isn’t Paid

…Facebook Says Palestinian Spies Behind Hacking Campaign

Facebook Leaks Strategy to Numb Reaction to Data Scraping Incidents

TikTok Loophole Sees Users Post Pornographic and Violent Videos

TikTok Sued Over Use of Minors’ Data

Artificial Intelligence, Facial Recognition Face Curbs in New EU Proposal

In Epic Hack, Signal Developer Turns the Tables on Forensics Firm Cellebrite

‘Rocky’ a Password Favorite

Logins for 1.3 Million Windows RDP Servers Collected From Hacker Market

Phone House Spain Hit By Major Ransomware Attack

Business Email Compromise Costs Businesses More Than Ransomware

Novel Email-Based Campaign Targets Bloomberg Clients with RATs

Massive Qlocker Ransomware Attack Uses 7zip to Encrypt QNAP Devices

WhatsApp Pink Malware Can Now Auto-Reply to Your Signal, Telegram Texts

QR Codes Offer Easy Cyberattack Avenues as Usage Spikes

Linux Bans University of Minnesota for Committing Malicious Code

Google Fixes Exploited Chrome Zero-Day Dropped On Twitter Last Week

CISA Orders Federal Orgs to Mitigate Pulse Secure VPN Bug by Friday

Rapid7 Acquires Open-Source Project Velociraptor

Biden Administration Kicks Off 100-Day Effort to Strengthen Cybersecurity of Power Grid

China-Linked Hackers Used VPN Flaw to Target U.S. Defense Industry

…Multiple Agencies Breached By Hackers Using Pulse Secure Vulnerabilities

MI5 Warns Of Spies Using LinkedIn to Trick Staff Into Spilling Secrets

Hundreds of Networks Reportedly Hacked In Codecov Supply-Chain Attack

Hackers Use Previously Unknown Vulnerability to Target SonicWall Customers

…SonicWall Warns Customers to Patch 3 Zero-Days Exploited in the Wild

North Korean Hackers Adapt Web Skimming For Stealing Bitcoin

REvil Gang Tries to Extort Apple, Threatens to Sell Stolen Blueprints

Note to Self: Create Non-Exhaustive List of Competitors (Krebs)

Threat Actor Claims to Have Hacked Domino’s Indian Branch

DeFi Protocol EasyFi Reports Hack, Loss of Over $80M in Funds

Broward County School District’s Files Leaked in $40m Ransomware Attack

Eversource Energy Data Breach Caused by Unsecured Cloud Storage

Lazarus Hacking Group Now Hides Payloads in BMP Image Files

Over 750,000 Users Downloaded New Billing Fraud Apps From Google Play Store

Fake Microsoft Store, Spotify Sites Spread Info-Stealing Malware

Microsoft Partially Fixes Windows 7, Server 2008 Vulnerability

Mozilla Fixes Firefox Flaw That Allowed Spoofing of HTTPS Browser Padlock

White House ‘Standing Down’ Emergency Response Groups to SolarWinds, Microsoft Hacks

UK Digital Secretary Oliver Dowden Starts National Security Probe Into Proposed Arm-Nvidia Merger

Social-Media Data Leaks Draw Scrutiny From European Regulators

Mastercard to Acquire Digital Identity Verification Company Ekata

Apple to Reinstate Parler, the App at Center of Online-Speech Debate

Flying On Mars Fueled With Open-Source Software

Hackers Used to Be Humans. Soon, AIs Will Hack Humanity

Geico Data Breach Exposed Customers’ Driver’s License Numbers for More Than a Month

Vermont State Health Insurance Website Exposed Other Users’ Info When Logging In

Matthew Clark Bibendum Hit By Cyber Attack

The Dixie Group Has Ransomware Attack

Malta Nationalist Party Says It Suffered Cyber-Attack; Info Could Have Been Leaked

Google Alerts Continues to Be a Hotbed of Scams and Malware

Malware That Spreads Via Xcode Projects Now Targeting Apple’s M1-based Macs

Russia to Expel 10 Diplomats from Embassy in Moscow in Response to U.S. Measures

U.S. Sanctions Cryptocurrency Addresses Linked to Russian Cyberactivities

How the Kremlin Provides a Safe Harbor for Ransomware

Krebs: Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

U.S. Investigators Probing Breach at Code Testing Company Codecov

NSA: 5 Security Bugs Under Active Nation-State Cyberattack

‘Simple Photoshop’: How a Pakistani Counterfeiter May Have Aided Russian Trolls

Facebook Oversight Board to Rule On Trump Ban in ‘Coming Weeks’

Facebook Faces ‘Mass Action’ Lawsuit in Europe Over 2019 Breach

U.S. Indicts SecondEye Operators

SysAdmin of Billion-Dollar Hacking Group FIN7 Gets 10-Year Sentence

Major BGP Leak Disrupts Thousands of Networks Globally

Philadelphia’s MeterUp Parking App Hacked, Personal Information Accessed

Swinburne University Sorry Over Personal Data Breach

iOS Kids Game ‘Jungle Run’ Morphs into Underground Crypto Casino

HackBoss Malware Poses As Hacker Tools on Telegram to Steal Digital Coins

Discord Nitro Gift Codes Now Demanded As Ransomware Payments

BazarLoader Malware Abuses Slack, BaseCamp Clouds

Ryuk Ransomware Operation Updates Hacking Techniques

WordPress to Automatically Disable Google FLoC on Websites

Microsoft Fixes Windows 10 Bug That Can Corrupt NTFS Drives

Medtronic Partners With Cybersecurity Startup Sternum to Protect Its Pacemakers From Hackers

Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period

U.S. Puts Fresh Sanctions on Russia Over Hacking, Election Interference

White House Blames Russian Spy Agency SVR for SolarWinds Hack

…Russia’s SVR Spy Agency Calls Allegations ‘Nonsense’

US. Says Russian Cyber Firm Pozitiv Teknolodzhiz AO and 5 Others Provided Venue for Recruiting Spies

Intelligence Leaders Face Sharp Questions During House Worldwide Threats Hearing

Biden Races to Shore Up Power Grid Against Hack

Arrest Made Over Huntington Park (CA) Data Breach

Florida Man Gets 10 Years for Multimillion-Dollar Medicare Fraud Scheme

University of Hertfordshire Suffers Cyber-Attack That Takes Down its Entire IT Network

Gay Dating App Manhunt Hacked, Users’ Data Exposed

Australian Casinos Wrest Point and Country Club In Tasmania Suffers Ransomware Attack

Celsius Email System Breach Leads to Phishing Attack On Customers

Popular NFT Marketplace Rarible Targeted by Scammers and Malware

Gafgyt Botnet Lifts DDoS Tricks from Mirai

Mozilla Drops Firefox Support On Amazon Fire TV

IBM Flags More Cyber Attacks On COVID Vaccine Infrastructure

House Republicans Raise Concerns About New Chinese Tech Companies

Wray: FBI Opens Investigation Into China Every 10 Hours

FBI Launches Operation to Remove ProxyLogon Web Shells Malware From Computers in U.S.

Aussie Biz Azimuth Cracked San Bernardino Shooter’s iPhone, Ending Apple-FBI Privacy Standoff?

Intelligence Leaders Push For Mandatory Breach Notification Law

Cash-Strapped Local Governments Turn to Students for Cybersecurity Help

Vivaldi, Brave, DuckDuckGo Reject Google’s Floc Ad Tracking Tech

Coinbase’s Public Listing Is a Cryptocurrency Coming-Out Party

184 Years In: Ag Giant John Deere Awaits Its First Software Vulnerability

100 Million More IoT Devices Are Exposed—and They Won’t Be the Last

Nigerian Email Scammer Sent Down for 40 Months in the U.S., Ordered to Pay Back $2.7m to Victims

Grocery Startup Mercato Spilled Years of Data, but Didn’t Tell Its Customers

NBA’s Houston Rockets Face Cyber-Attack by Ransomware Group

Berkeley Hack – City Hall, Police Department Computer Systems Down

Chattanooga Public Library Warns Patrons About Potential Data Exposure Through Website

Somerset County School Districts (NJ) Investigate Cyber-Attacks

Cyber Criminals Are Installing Cryptojacking Malware on Unpatched Microsoft Exchange Servers

100,000 Google Sites Used to Install SolarMarket RAT

Second Google Chrome Zero-Day Exploit Dropped On Twitter This Week

Security Bug Allows Attackers to Brick Kubernetes Clusters

New WhatsApp Bugs Could’ve Let Attackers Hack Your Phone Remotely

SAP Fixes Critical Bugs in Business Client, Commerce, and NetWeaver

Krebs: Microsoft Patch Tuesday, April 2021 Edition

China’s Message to America: We’re an Equal Now

Intel Assessment Warns Of Increasing Threats From China, Russia

Government Agencies Must Update Microsoft Exchange as Feds Warn Of ‘Unacceptable’ Cybersecurity Risk

Gmail ‘Safer Than Parliament’s Email System’ Says Tory MP

SolarWinds Says Dealing With Hack Fallout Cost at Least $18 Million

Experts See ‘Unprecedented’ Increase In Hackers Targeting Electric Grid

Tax Phish Swims Past Google Workspace Email Security

Cybersecurity: Victims Are Spotting Cyber Attacks Much More Quickly, but There’s a Catch

Samsung’s New Galaxy Quantum 2 Uses Quantum Cryptography to Secure Apps

Adobe Patches Slew of Critical Security Bugs in Bridge, Photoshop

Microsoft April 2021 Patch Tuesday Fixes 108 Flaws, 5 Zero-Days

Cyber-Attack Shutters Half of Tasmania’s Casinos

Risk Startup LogicGate Confirms Data Breach

Illinois Attorney General Investigates Hack of Office’s Computer System

University of Portsmouth Closes Campus Due to ‘Ransomware Attack’ on It Services Causing ‘Ongoing Disruption’

Ransomware Attacks Hit IT System at Tallaght Campus

QBot Malware Is Back Replacing IcedID in Malspam Campaigns

New Linux, macOS Malware Hidden In Fake Browserify NPM Package

How the NAME:WRECK Bugs Impact Consumers, Businesses

Capcom: Ransomware Gang Used Old VPN Device to Breach the Network

Chrome Zero-Day Exploit Posted on Twitter

…Microsoft Edge Too

Biden Makes Nominations for Top Cyber Posts

…Lawmakers, Industry Call On Biden to Fund Semiconductor Production Amid Shortage

Federal Reserve Chairman Says Cyber-Risk a Top Threat to National Economy

Jack Ma’s Ant Group Bows to Beijing With Company Overhaul

Trans-Atlantic Data Talks May Move at a Quicker Clip

Microsoft Bulks Up With $16 Billion Deal for Nuance Communications

Cybersecurity Start-up Darktrace Plans to Go Public in London Despite Deliveroo’s IPO Flop

Cybersecurity Training Startup Hack the Box Raises $10.6m Series a LED By Paladin Capital

Pulse Secure VPN Users Can’t Login Due to Expired Certificate

Krebs: ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users

Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users’ Data

1.3M Clubhouse Users’ Data Dumped in Hacker Forum for Free

Dutch Supermarkets Run Out of Cheese After Ransomware Attack

Accellion Breach Exposed 300,000 Records, University of Colorado Says

TriHealth (OH) Reports Patient and Employee Data Breach Through Law Firm

Criminals Spread IcedID Malware Using Website Contact Forms With Google URLs

Counter Strike: Global Offensive (CS:GO), Valve Source Games Vulnerable to Hacking Using Steam Invites

Iran Says Key Natanz Nuclear Facility Hit By ‘Sabotage’ / Israeli Media: Israeli Cyber Attack

Biden Budget Request Calls for Major Investments in Cybersecurity, Emerging Technologies

CISA Launches New Threat Detection Dashboard

China Launches Hotline for Netizens to Report ‘Illegal’ History Comments

Alibaba Hit With Record $2.8 Billion Antitrust Fine in China

Amazon Wins Union Election — Says ‘Our Employees Made the Choice’

Facebook Removes 16k Groups for Trading Fake Reviews

Mozilla Flooded With Requests After Apple Privacy Changes Hit Facebook

Critical Zoom Vulnerability Triggers Remote Code Execution Without User Input

U.K., EU Face Privacy Criticism for Covid-19 Passport Plans

DOJ: Creep Coach Finagles Nude Athlete Photos

U.S. Jails Florida Man Stalker Who Targeted Attack Survivor

FBI Arrests Texas Man for Plan to Kill “70% Of Internet” in AWS Bomb Attack

Pets’ Names Used As Passwords by Millions, Study Finds

8 Security & Privacy Apps to Share With Family and Friends

Data from 500M LinkedIn Users Posted for Sale Online

…LinkedIn Denies Data Breach

Leading Cosmetics Group Pierre Fabre Hit With $25 Million Ransomware Attack

American Society for Clinical Pathology (ASCP) Discloses Credit Card Incident

Washington State Educational Organizations Targeted In Cryptojacking Spree

Ontario Regional Government Victim of Third-Party Cyberattack

Trinity Health (MA) Notifying Patients of Possible Data Breach

Tipp City (OH) Student Records Exposed During Law Firm Data Breach

Evidence Suggests REvil Behind Harris Federation Ransomware Attack

Hackers Tampered With APKPure Store to Distribute Malware Apps

Joker Malware Infects Over 500,000 Huawei Android Devices

New ‘Saint Bot’ Malware Out There Snatching Users’ Passwords

Cisco Will Not Patch Critical RCE Flaw Affecting End-of-Life Business Routers

Zerodium Triples WordPress Remote Code Execution Exploit Payout

P&G Worked With China Trade Group on Tech to Sidestep Apple Privacy Rules

Commerce Blacklists Seven Chinese Supercomputing Groups

Indian Defense Chief Admits China’s Cyber-Weapons Would ‘Disrupt Large Number of Systems’ Whenever Beijing Presses the Button

Researchers Uncover a New Iranian Malware Used In Recent Cyberattacks

North Korean Hackers Use New Vyveva Malware to Attack Freighters

Federal Watchdog Investigating State Department Cybersecurity Practices

Should Firms Be More Worried About Firmware Cyber-Attacks?

Facebook Does Not Plan to Notify Half-Billion Users Affected By Data Leak

Redcar Cyber-Attack: UK Government to Help Cover Costs

U.S. Stimulus Stimulates Unemployment Scams

Tech Support Scammers Lure Victims With Fake Antivirus Billing Emails

Belgian Police Seize 28 Tons of Cocaine After ‘Cracking’ Sky ECC’s Chat App Encryption

Americans Avoid Sites After Forgetting Passwords

CareFirst BlueCross BlueShield’s Community Health Plan District Of Columbia (CHPDC) Hacked By ‘Foreign Cybercriminals’

Indian Steel Giant Tata Steel Hit By Windows REvil Ransomware

Belden Says Health Benefits Data Stolen In 2020 Cyberattack

Over 600,000 Stolen Credit Cards Leaked After Swarmshop Hack

Education Nonprofit Edraak Ignored a Student Data Leak for Two Months

Ransomware Attack Shuts Down Entire Haverhill School District (MA)

IcedID Banking Trojan Surges: The New Emotet?

Microsoft Office 365 Phishing Evades Detection With HTML Lego Pieces

Azure Functions Weakness Allows Privilege Escalation

Google Chrome Blocks a New Port to Stop NAT Slipstreaming Attacks

CISA Releases Tool to Review Microsoft 365 Post-Compromise Activity

Microsoft Releases a Cyberattack Simulator – Shall We Play a Game?

Windows 10 Hacked Again at Pwn2Own, Chrome and Zoom Also Fall

Suspected China Hack of Microsoft Shows Signs of Prior Reconnaissance

Commerce Dept. Still Weighing Approach to Huawei, TikTok

Key House Leader to Press For Inclusion of Cybersecurity in Infrastructure Bill

Facebook Attributes 533 Million Users’ Data Leak to “Scraping” Not Hacking

How a VPN Vulnerability Allowed Ransomware to Disrupt Two Manufacturing Plants

Did 4 Major Ransomware Groups Truly Form a Cartel?

Phishing Emails Most Commonly Originate from Eastern Europe

Google Forms and Telegram Abused to Collect Phished Credentials

Visa: Hackers Increasingly Using Web Shells to Steal Credit Cards

IT Pros Share Work Devices with Household

Microsoft’s Windows 10, Exchange, and Teams Hacked At Pwn2Own

Office Depot Configuration Error Exposes One Million Records

Consulting Firm Data Breach Included Case Information Affecting 300+ at Michigan State University

Clearfield County (PA) Cyber Attack Update

Update On PHP Source Code Compromise: User Database Leak Suspected

Fake Netflix App on Google Play Spreads Malware Via WhatsApp

Attackers Blowing Up Discord, Slack with Malware

REvil Ransomware Now Changes Password to Auto-Login in Safe Mode

New Cring Ransomware Hits Unpatched Fortinet VPN Devices

Pre-Installed Malware Dropper Found On German Gigaset Android Phones

Android to Support Rust Programming Language to Prevent Memory Flaws

Cisco Fixes Bug Allowing Remote Code Execution With Root Privileges

Intel Heads to Resume Worldwide Threats Hearing Scrapped Under Trump

Senators Call for Update on Investigations Into SolarWinds, Microsoft Hacks

EU Institutions Experienced Hack Attempt in March: Spokesman

Krebs: Are You One of the 533M People Who Got Facebooked?

…Facebook Removes Over 1,100 Accounts Spreading Deceptive Content

The Extortion Economy: Inside the Shadowy World of Ransomware Payouts

TikTok Privacy Settlement Standoff Puts Focus on Value of Personal Data

Australia Considers Social Media ID Requirement

Chinese Hackers Selling Intimate Stolen Camera Footage

Ransomware Hits TU Dublin and National College of Ireland

Hacker Sells $38m Worth of Gift Cards From Thousands of Shops

Adult Content From Hundreds of OnlyFans Creators Leaked Online

Cyber Attack Targeting Connecticut’s DMV Disrupted Emissions Testing

‘Anomalous Surge in DNS Queries’ Knocked Microsoft’s Cloud off the Web Last Week

EtterSilent Maldoc Builder Used by Top Cybercriminal Gangs

SAP Bugs Under Active Cyberattack, Causing Widespread Compromise

Critical Cloud Bug in VMWare Carbon Black Allows Takeover

Windows XP Makes Ransomware Gangs Work Harder for Their Money

Spy Operations Target Vietnam with Sophisticated RAT

The U.S. Already Has a Cybersecurity Warning System

Krebs: Ransom Gangs Emailing Victim Customers for Leverage

…Paid Millions to Get Their Data Back, but Forgot to Do One Thing. The Hackers Came Back Again

LinkedIn Spear-Phishing Campaign Targets Job Hunters

15 Cybersecurity Pitfalls and Fixes for SMBs

How To Train Remote-Working Employees On Cybersecurity

Active Learning: Adding a Human Element to Artificial Intelligence, Machine Learning & Cybersecurity

Facebook Leak: Irish Regulator Probes ‘Old’ Data Dump

Ransomware Attack Affects 750,000 Personal Touch Patients, Employees across U.S.

BioTel Heart Vendor Breach Left Patients’ Information Public for Nearly a Year

Wieden+Kennedy (OR) Employees Exposed to a Data Breach

Additional Personal Information Part of Data Breach at Atascadero State Hospital (CA)

CNA Website Finally Back Online After ‘Sophisticated Cybersecurity Attack’

Apple Mail Zero-Click Security Vulnerability Allows Email Snooping

Microsoft Defender for Endpoint Now Supports Windows 10 Arm Devices

Lack of Cyber Funds in Biden Infrastructure Plan Raises Eyebrows

FBI: APTs Actively Exploiting Fortinet VPN Security Holes

Robinhood Warns Customers of Tax-Season Phishing Scams

Most Loved Programming Language Rust Sparks Privacy Concerns

Leaker Says They Are Offering Private Details of 500 Million Facebook Users

…How to Check if Your Info Was Exposed in the Facebook Data Leak

…Mark Zuckerberg’s Cellphone Number Goes Online

Popular Twitch Adblock Shuts Down After Twitch Breaks Extension

Russia Fines Twitter for Not Removing Posts

Intelligence Analyst Fed Secrets to Reporter

Capital One Notifies More Clients of SSNs Exposed in 2019 Data Breach

Ransomware Gang Wanted $40 Million in Broward County Schools Cyberattack

MacKenzie Scott Grant Scam More Widespread Than Initially Thought

Clop Ransomware Gang Leaks Also Data From Stanford Medicine

Brown University Experiencing IT Security Threat, Temporary System Outage

Malware Attack on Applus Technologies Is Preventing Car Inspections in Eight U.S. States

Asteelflash Electronics Maker Hit by REvil Ransomware Attack

Qualys Says Accellion Hackers Did Not Breach Production Systems

Sierra Wireless Resumes Production After Ransomware Recovery

CNA Website Still Down Nearly Two Weeks After ‘Sophisticated Ransomware Attack’

Krebs: Ubiquiti All But Confirms Breach Response Iniquity

GitHub Arctic Vault Likely Contains Leaked MedData Patient Records

GitHub Actions Being Actively Abused to Mine Cryptocurrency on GitHub Servers

Call of Duty Cheats Expose Gamers to Malware, Takeover

Google Limits Which Apps Can Access the List of Installed Apps on Your Device

U.S. DOJ: Phishing Attacks Use Vaccine Surveys to Steal Personal Info

ACLU Files AI FOIA Request

22-Year-Old Charged With Hacking Water System and Endangering Lives

DeepDotWeb Admin Pleads Guilty to Money Laundering Charges

Dutch Watchdog Fines Booking.com €475k after It Kept Customer Data Thefts Quiet for More Than 3 Weeks

7 Security Strategies as Employees Return to the Office

Bring CISOs Into the C-Suite to Bake Cybersecurity Into Company Culture

Coinhive Domain Repurposed to Warn Visitors of Hacked Sites, Routers

New KrebsOnSecurity Mobile-Friendly Site

Microsoft Cloud Services Are Down for Some Users

Florida Keys Gov’t Data Breach Exposes County and City Private Emails & Search Histories

Broward County Public Schools (FL) Hit by Ransomware Attack

Memorial Hermann (TX) Patients’ Personal Information May Have Been Compromised in Data Breach

J&B Importers Falls Victim to a Ransomware Attack

University of Maryland, Baltimore Says Private Data Was Published Online Following Ransomware Attack

University of California Targeted in Accellion Cyber Attack; People Urged to Beware of Threatening Emails

Legacy QNAP NAS Devices Vulnerable to Zero-Day Attack

VMware Fixes Authentication Bypass in Data Center Security Software

Iranian APT ‘Charming Kitten’ Hackers Targeting U.S., Israeli Medical Researchers: Analysis

NKorea Hackers Target Security Researchers Again With Fake Twitter and LinkedIn Accounts

Ransomware Tops U.S. Cyber Priorities, Homeland Secretary Says

U.S. Launches Cyber ‘Sprints’ in the Wake of Nation-State Hacks

CISA Gives Federal Agencies 5 Days to Find Hacked Exchange Servers

Child Tweets Gibberish from U.S. Nuke Account

Facebook Removed Donald Trump Interview Video With Lara Trump, Cites Indefinite Ban

Apple, Google Both Track Mobile Telemetry Data, Despite Users Opting Out

Court Rulings Spur Debate on How European Privacy Law Regulates AI Decisions

Battle Rages Over Vaccine Passports

APT Hackers Are Implanting Multiple Backdoors at Industrial Targets in Japan

Scammers Steal New Yorkers’ Private Info for Benefits Fraud

Hackers Hit Italian Menswear Brand Boggi Milano With Ransomware

800Gbps DDoS Extortion Attack Hits Gambling Company

Student, Staff Data Exposed In Heartland Community College (IL) Cyberattack

‘Cart Crasher’ Fraud Ring Launders Money Via Fake Charity Donations

Malware Hidden in Game Cheats and Mods Used to Target Gamers

BazarCall Malware Uses Malicious Call Centers to Infect Victims

Fake jQuery Files Infect WordPress Sites With Malware

Google Chrome for Linux Is Getting DNS-Over-HTTPS, but There’s a Catch

Officials Say Executive Order With ‘a Dozen’ Actions Forthcoming After SolarWinds, Microsoft Breaches

Younger Ransomware Victims More Likely to Pay Up

‘We Have Your Porn Collection’: The Rise of Extortionware

Browser Tracking Protections Won’t Stop Tracking, Warns DuckDuckGo

Intel Sued Under Wiretapping Laws for Tracking User Activity on its Website

Epic Games Submits Apple Complaint to UK Watchdog

U.S. Gov’t Warns That Buying Fake COVID-19 Vaccine Cards Is a Crime

MobiKwik Suffers Major Breach — KYC Data of 3.5 Million Users Exposed

…100 Million Records

…MobiKwik Denies

Whistleblower: Ubiquiti Breach “Catastrophic” (Krebs)

Scammers Target Universities in Ongoing IRS Phishing Attacks

Microsoft Exchange Attacks Increase While WannaCry Gets a Restart

VMware Fixes Bug Allowing Attackers to Steal Admin Credentials

SolarWinds Hack Got Emails of Top DHS Officials

White House Weighs ‘Seen and Unseen’ Responses to Major Hack

Cybersecurity Needs a New Alert System

Former Google Executive Launches Left-Leaning Tech Coalition

Flaws in Ovarro TBox RTUs Could Open Industrial Systems to Remote Attacks

Manufacturing Firms Learn Cybersecurity the Hard Way

Staff Unable to Access Patient Files After Eastern Health Cyber Attack

Ziggy Ransomware Admin Is Refunding Victims Their Ransom Payments

Pair of Apex Legends Players Banned for DDoS Server Attacks

U.S. Imprisons BEC Scammer

Harris Federation School Cyber-Attack Affects 40,000 Pupils’ Email

Oil Giant Shell Workers’ Visas Dumped Online in Clop Ransomware Extortion Attempt

FatFace Pays $2 Million Ransom to Conti Gang

Wake Forest Baptist Hospital Patients’ Records Exposed in Healthgrades Data Breach

DeKalb Schools (GA) Address Data Breach From Vendor PCS Revenue Control Systems

…Austin, TX …Polk County, FL

PHP Infiltrated with Backdoor Malware

Docker Hub Images Downloaded 20M Times Come With Cryptominers

Hades Ransomware Gang Exhibits Connections to Hafnium

New Bugs Could Let Hackers Bypass Spectre Attack Mitigations On Linux Systems

Poland’s CD Projekt Releases Patch for Cyberpunk 2077

Russian Hackers Target German Parliament Again

UK ‘Must Be Clear-Eyed’ on China Tech Ambitions

NSA Chief Says Recent Hacks Expose Limits of U.S. Cyber Protections

‘Time Is Not on Our Side’ — Biden Navigates Cyber Attacks Without a Cyber Czar

Krebs: No, I Did Not Hack Your MS Exchange Server

Burned Out Employees Put Corporate Security at Risk

Ransomware Gang Urges Victims’ Customers to Demand a Ransom Payment

Warner Presses Zuckerberg to Tackle Vaccine Misinformation on Facebook, Instagram

…Parler Says It Alerted FBI to Threats Before Capitol Riot

…Trump in Talks With Upstart Apps About New Social Network

Phished Healthcare Provider Takes Legal Action Against Amazon

Channel Nine Cyber-Attack Disrupts Live Broadcasts in Australia

Possible Cyber Attack Targets U.S. Virgin Islands Government

Calviva Health Warns Members of Data Breach

Town of Didsbury Victimized by Ransomware Attack

Bedfordshire: Cyber-Attack Destroys School Pupils’ Coursework

CompuCom MSP Expects Over $20m in Losses After Ransomware Attack

FBI Issues Mamba Alert

Watch Out! That Android System Update May Contain A Powerful Spyware

Critical Netmask Networking Bug Impacts Thousands of Applications

Apple Releases Emergency Update for iPhones, iPads, and Apple Watch

SolarWinds Patches Critical Code Execution Bug in Orion Platform

Cyber Command Chief Says Dozens of Cyber Operations Carried Out to Defend 2020 Elections

Software Vendors Would Have to Disclose Breaches to U.S. Government Users under New Order Draft

Trust No One Becomes Mantra After Massive Cyber-Attacks

In Secure Silicon We Trust

Manufacturing’s Cloud Migration Opens Door to Major Cyber-Risk

Fleeceware Apps Bank $400M in Revenue

Engineer Reports Data Leak to Nonprofit, Hears From the Police

BackBlaze Mistakenly Shared Backup Metadata With Facebook

Microsoft Offers Up To $30K For Teams Bugs

Day Before Election: Hacked Details of Millions of Israeli Voters Exposed Online

Insurance Giant CNA Hit by New Phoenix CryptoLocker Ransomware

Mobile Anesthesiologists (IL) Tech Misstep Exposes 65,000 Patient Files

QNAP Warns of Ongoing Brute-Force Attacks Against NAS Devices

Evil Corp Switches to Hades Ransomware to Evade Sanctions

Severe Vulnerabilities Patched in Facebook for WordPress Plugin

OpenSSL Shuts Down Two High-Severity Bugs: Flaws Enable Cert Shenanigans, Denial-of-Service Attacks

Cloudflare Launches Page Shield to Thwart Magecart Card Skimming Attacks

Chinese Hackers Used Facebook to Target Uighurs Abroad, Company Says

ProtonVPN CEO Blasts Apple for ‘Aiding Tyrants’ in Myanmar

Facebook’s Zuckerberg Proposes Conditional Section 230 Reforms

Popular Privacy Extension ClearURLs Removed From Chrome Web Store

Google Chrome Will Use HTTPS as Default Navigation Protocol

COVID-Related Fraud Has Cost Americans $382 Million

Ransomware Incidents Continue to Dominate Threat Landscape

Resentful Employee Deletes 1,200 Microsoft Office 365 Accounts, Gets Prison

Forex Broker Leaks Billions of Customer Records Online

FatFace: We’ve Been Hacked. Please Don’t Tell Anyone

City of Frankfort (KY) Has IT Network Hacked

Student Data May Be Part of Polk County (FL) Cyber Hack

SalusCare (FL) Experiences Cyber Attack on Patient, Employee Data

Active Exploits Hit WordPress Sites Vulnerable to Thrive Themes Flaws

SaltStack Revises Partial Patch for Command Injection, Privilege Escalation Vulnerability

Microsoft Fixes Windows PSExec Privilege Elevation Vulnerability

Cisco Addresses Critical Bug in Windows, macOS Jabber Clients

DHS Cyber Chief Says Hacks Slowed Progress on Public-Private Collaboration

Dark Web Bursting With COVID-19 Vaccines, Vaccine Passports

Microsoft Warns of Phishing Attacks Bypassing Email Gateways

Microsoft: 92% of Exchange Servers Safe From ProxyLogon Attacks

Ransomware Operators Are Piling on Already Hacked Exchange Servers

Prince Harry Is Taking on a New Job Title: Chief Impact Officer at BetterUp

Security Analysis Clears TikTok of Censorship, Privacy Accusations

Parler Co-Founder Sues Company Over His Firing

Office 365 Cyberattack Lands Disgruntled IT Contractor in Jail

CNA Insurance Firm Hit by a Cyberattack, Operations Impacted

High-Availability Server Maker Stratus Hit by Ransomware

Ransomware Attack Shuts Down Sierra Wireless IoT Maker

Krebs: Phish Leads to Breach at Calif. State Controller

Hackers Claim Attack on Oklahoma Company, State Agency

Two Large Government Conference Organizers Suffer Data Breach

University of Northampton Hit by Cyber-Attack

Ransomware Gang Leaks Data Stolen From University of Colorado, University of Miami

Purple Fox Malware Worms Its Way Into Exposed Windows Systems

Cyberterrorism Tops List of 11 Potential Threats to U.S.

CISA Warns of Security Flaws in GE Power Management Devices

UK Gov’t Department Loses 306 Mobiles and Laptops in Two Years

New Coalition Launches Against ‘Surveillance Advertising’

Top 3 Cybersecurity Lessons Learned From the Pandemic

The Cybersecurity Problem We Should Really Worry About

Krebs: RedTorch Formed from Ashes of Norse Corp.

Delhi Police Bust Call Center Scammers Duping Americans, Canadians, and Brits

Fraudsters Impersonating Tesco In New Phone Scam

Russia’s Darknet Criminals Have Novel Crypto Cash-Out System: ‘Buried Treasure’

Hobby Lobby Exposed 138GB of Data

28,000+ Mendelson Kornblum Orthopedic and Spine (MI) Patients’ Info Exposed

Ransomware’d Flagstar Bank (MI) Tells Customers It Lost Their SSNs

MangaDex Manga Site Temporarily Shut Down After Cyberattack

Classes Canceled Monday for All Park Hill (MO) Students Due to Malware Attack

Microsoft Exchange Servers Now Targeted by Black Kingdom Ransomware

Critical RCE Vulnerability Found in Apache OFBiz ERP Software

Critical Security Bugs Fixed in Netop Vision Pro Virtual Learning Software

Adobe Fixes Critical ColdFusion Flaw in Emergency Update

Biden Under Growing Pressure to Nominate Cyber Czar

Putin Challenges Biden to Debate After President Calls Him a ‘Killer’

Chinese Military Reportedly Restricts Use of Tesla Cars Among Personnel

…Elon Musk Denies Cars Were Used to Spy in China: Tesla Would Be ‘Shut Down

…Elon Musk Says Tesla Won’t Share Data From Its Cars With China or U.S.

NHS Boss Helen Bevan’s Twitter Accounts Hacked by PS5 Scammers

…Twitter Says Marjorie Taylor Greene’s Account Suspended in Error

Office 365 Phishing Attack Targets Financial Execs

FBI Warns of BEC Attacks Increasingly Targeting U.S. Gov’t Orgs

UK Police Warn Students to Avoid ‘Science Website’

Russian Pleads Guilty to Tesla Ransomware Plot

Justice Department Indicts Hacker Connected to Massive Surveillance Camera Breach

Computer Giant Acer Hit by $50 Million Ransomware Attack

Maricopa Community Colleges (AZ) Investigating Possible Cyber Attack After Network Outage

23 South Gloucestershire Schools Hit by Ransomware Attack

Ottawa Warns of Possible Ransomware Attack on Firm That Provides Services Nationally and Worldwide

Bogus Android Clubhouse App Drops Credential-Swiping BlackRock Malware

DDoS Booters Now Abuse DTLS Servers to Amplify Attacks

REvil Ransomware Has a New ‘Windows Safe Mode’ Encryption Mode

Hacking Group Used 11 Zero-Days to Attack Windows, iOS, Android Users

Critical F5 BIG-IP Flaw Now Under Active Attack

Microsoft Defender Adds Automatic Exchange ProxyLogon Mitigation

China Regulators Held Talks With Alibaba, Tencent, Nine Others on ‘Deepfake’ Tech

Chinese Nation State Hackers Linked to Finnish Parliament Hack

CISA Releases New SolarWinds Malicious Activity Detection Tool

U.S. Grid at Rising Risk to Cyberattack, Says GAO

New Alert Warns of Tax Season Cyberscam

Facebook Rolls Out Physical Keys to Guard Against Hacking Mobile Accounts

Google Reveals What Personal Data Chrome and Its Apps Collect On You

Italy’s Leonardo Eyes More Cyber Security Deals With EU Institutions After Parliament Contract

Pindrop Security Buys Device-Verification Firm

Mom Charged in Deepfake Cheerleading Plot

Zoom Screen-Sharing Glitch ‘Briefly’ Leaks Sensitive Data

Data Breach Reported at Atascadero State Hospital (CA)

PII of a ‘Handful’ Compromised in Millersville University (PA) Cyber Attack

Trojanized Xcode Project Slips MacOS Malware to Apple Developers

New CopperStealer Malware Steals Google, Apple, Facebook Accounts

Tutor LMS for WordPress Open to Info-Stealing Security Holes

Critical RCE Flaw Reported in MyBB Forum Software—Patch Your Sites

China Plans to Ask U.S. to Roll Back Trump Policies in Alaska Meeting

…U.S. Subpoenas Multiple Chinese Communications Providers in Security Review

Microsoft Breach Ramps up Pressure on Biden to Tackle Cyber Vulnerabilities

…White House Forms Public-Private Task Force to Tackle Microsoft Exchange Hack

Biden Vows Russia’s Putin Will ‘Pay a Price’ for Election Meddling

…Kremlin: ”Baseless”

$4,000 COVID-19 ‘Relief Checks’ Cloak Dridex Malware

Scammers Are Promising to Get Your Student Loans Forgiven

Krebs: Fintech Giant Fiserv Used Unclaimed Domain

Dropbox to Make Password Manager Feature Free for All Users

Florida Mom & Daughter Duo Hack Homecoming Crown

South and City College Birmingham (UK) to Shift Teaching Online After Ransomware Attack

Elective Surgeries Postponed at Melbourne’s Eastern Health After Suspected Cyber Attack

Tri County Sheriff Dispatch (NY) Hit With Ransomware Attack

Japan Line Users’ Data Exposed to China Affiliate

Cyber-Attack Hits Shell’s Data Transfer System

Cybercriminals Say Georgetown County (SC) Employees’ Info Stolen in Ransomware Attack

Chile’s Bank Regulator Shares IOCs After Microsoft Exchange Hack

Twitter Images Can Be Abused to Hide ZIP, MP3 Files

Microsoft’s Azure SDK Site Tricked Into Listing Fake Package

Cisco Plugs Security Hole in Small Business Routers

Apple May Start Delivering Security Patches Separately From Other OS Updates

Russia’s Putin Likely Directed 2020 Election Meddling, U.S. Finds

…U.S. Expected to Sanction Russia Over Alleged Election Meddling

Microsoft Could Reap More Than $150 Million in New U.S. Cyber Spending, Upsetting Some Lawmakers

…Exchange Cyberattacks Escalate as Microsoft Rolls One-Click Fix

Advocates Press Facebook to Combat Spanish-Language Disinformation

Encrypted Messaging App Signal Appears to Be Blocked in China

FBI Warns of Escalating Pysa Ransomware Attacks on Education Orgs

Hackers Are Targeting Telecoms Companies to Steal 5G Secrets

401(k) Investors Vulnerable to Cyber Hacks, Watchdog Warns

Krebs: Can We Stop Pretending SMS Is Secure Now?

Companies Turn to Fusion Centers to Deal With Cyber Intelligence Overload

Teen Responsible for Major Twitter Hack to Serve Three Years in Prison

China Suspected of Cyber Attack on Western Australia’s Parliament During State Election

Ukraine Accuses Russian Hackers of New Cyber Attack

Mimecast: SolarWinds Hackers Stole Some of Our Source Code

UK Ministry of Defence Information Exposed Through Personal Email Accounts

$5.7M Stolen in Roll Crypto Heist After Hot Wallet Hacked

Colorado Retina Associates Phishing Incident Exposes Personal Info of 26,000

Ransomware Attack Knocks Newberry County Memorial Hospital (SC) Computer Systems Offline

Leon County Schools (FL) Confirm Website Hack

Magecart Attackers Save Stolen Credit-Card Data in .JPG File

Latest Mirai Variant Targets SonicWall, D-Link and IoT Devices

New Botnet Targets Network Security Devices With Critical Exploits

DuckDuckGo Browser Extension Vulnerability Leaves Edge Users Open to Potential Cyber-Snooping

Biden Admin Reveals Probe Into Gov’t Security Has Found Holes: Need More Private Sector Collaboration

Cyberattacks See Fundamental Changes, A Year into COVID-19

Facebook to Label All Posts That Discuss Coronavirus Vaccines

Twitter Now Supports Multiple 2FA Security Keys on Mobile and Web

Cybersecurity Bug-Hunting Sparks Enterprise Confidence

Wave of Legal Appeals Challenges How European Regulators Enforce Privacy Rules

I’m Planning to Retire Early — and Rich — Thanks to NFTs

Krebs: WeLeakInfo Leaked Customer Payment Info

Blender Website in Maintenance Mode After Hacking Attempt

Vulnerable Australian Kids Impacted by Data Breach

Hackers Steal Health Data of 50,000 Patients From PeakTPA

Wisconsin Health Department Accidentally Exposes Email Addresses of 907 COVID-19 Vaccine Registrants

Phishing Sites Now Detect Virtual Machines to Bypass Detection

Florida International Claims Breakthrough in ‘Cryptojacking’ Detection

Microsoft Probes Whether Leak Played Role in Suspected Chinese Hack

…Warns of New ‘DearCry’ Ransomware Threat to ‘Unpatched’ Networks

…Cryptomining Malware

…New PoC for Microsoft Exchange Bugs Puts Attacks in Reach of Anyone

…UK Urges Organisations to Install Microsoft Updates Urgently

China Blasts Biden Administration Over New Restrictions on Huawei

U.S. Federal Judge Issues Injunction to Temporarily Remove Xiaomi Ban

Ant Group CEO Simon Hu Resigns Amid Heightened Scrutiny Over the Chinese Financial-Technology Behemoth

FBI Alert Warns of Russian, Chinese Use of Deepfake Content

Australia, India, Japan, and USA Create Joint Critical Tech Working Group

Google Slams Microsoft for ‘Naked Corporate Opportunism’

Apple Sues Employee for Stealing Trade Secrets

Europol Credits Sweeping Arrests to Cracked Sky ECC Comms

…Encrypted Comms Firm Denies Police Cracked User Messages

CEO of Sky Global Encrypted Chat Platform Indicted by U.S.

A Hacker Who Exposed Verkada’s Surveillance Camera Snafu Has Been Raided

Netflix Introduces Measures to Prevent Password Sharing

Utah Company Premier Diagnostics Stored Passport Scans on Unsecured Server

Broward School District (FL) Conducting Cybersecurity Investigation Into What Caused Online Learning Outage

Buffalo Public Schools (NY) Hit With Ransomware Attack on Friday

Total Life Healthcare (AR) Data Breached in ‘Ransomware Attack’

REvil Group Claims Slew of Ransomware Attacks

Scammers Promote Fake Cryptocurrency Giveaways via Twitter Ads

OVH Data Center Fire Likely Caused by Faulty UPS Power Supply

Researchers Hacked Indian Gov’t Sites via Exposed Git and Env Files

Metamorfo Banking Trojan Abuses AutoHotKey to Avoid Detection

New ZHtrap Botnet Malware Deploys Honeypots to Find More Targets

Critical Security Hole Can Knock Smart Meters Offline

Another Google Chrome 0-Day Bug Found Actively Exploited In-the-Wild

Google Fixes Second Actively Exploited Chrome Zero-Day This Month

Google Emits Data-Leaking Proof-of-Concept Spectre Exploit for Intel CPUs

15-Year-Old Linux Kernel Bugs Let Attackers Gain Root Privileges

A New Critical Vulnerability Has Been Discovered in Apple M1

Microsoft Exchange Servers Face APT Attack Tsunami

Microsoft Exchange Email Hack: Hundreds of UK Firms Compromised

CISA: No Federal Civilian Agency Hacked in Exchange Attacks, So Far

ProxyLogon PoC Exploit Released; Likely to Fuel More Disruptive Cyber Attacks

Lawmakers Roll Out Bill to Protect Critical Infrastructure After Florida Water Hack

China Lays Plans to Tame Tech Giant Alibaba

TrickBot Takes Over, After Cops Kneecap Emotet

Schools Have Become the Leading Targets of Ransomware Attacks

Cyberattack Takes Down Systems at Molson Coors

Thousands of Irish Shoppers Personal Data Stolen in Fastway Couriers Breach

Covington (LA) Police, Fire and City Employees Locked Out of Computer Systems After Hack

34,000 Affected in New London Hospital (NH) Data Breach

Two-Hundred Affected by Petersburg Medical Center (AK) Data Breach

Linux Systems Under Attack By New Chinese RedXOR Malware

NimzaLoader Was Written in an Unusual Programming Language to Stop It From Being Detected

NanoCore RAT Scurries Past Email Defenses with .ZIPX Tactic

Smart Sex Toys Come With Bluetooth and Remote Access Weaknesses

Norway’s Parliament Hit by New Hack Attack

…Federal Agencies Warn Microsoft Vulnerabilities Pose ‘Serious Risk’ to Government, Private Sector

…At Least 10 Hacking Groups Using Microsoft Software Flaw: Researchers

…Up to 60,000 Computer Systems Exposed in Germany to Microsoft Flaw

Researchers Unveil New Linux Malware Linked to Chinese Hackers

Top U.S., China Officials to Meet Next Week in Alaska on Range of Issues

Solving Data-Transfer Impasse May Require Diplomatic Agreements on Espionage

Superstar K-Pop Band’s TikTok Hacked

OVH Data Center Burns Down Knocking Major Sites Offline

COVID: White Hat Bounty Hackers Become Millionaires

Linux Foundation Unveils Sigstore — a Let’s Encrypt for Code Signing

Europol ‘Unlocks’ Encrypted Sky ECC Chat Service to Make Arrests

Facebook Files to Dismiss Antitrust Lawsuits

Cyberattack Impacts 200,000 People Connected to Multicare Health Systems

University of Central Lancashire Among Three Hit by Cyber-Attacks

Hospital in Southwest France Hit by Cyber-Attack Demanding $50,000 Ransom

Apple’s Device Location-Tracking System Could Expose User Identities

iPhone Call Recorder Bug Gave Access to Other People’s Conversations

FIN8 Hackers Return With More Powerful Version of BADHATCH PoS Malware

Nim-Based Malware Loader Spreads Via Spear-Phishing Emails

Fake Ad Blocker Delivers Hybrid Cryptominer/Ransomware Infection

Cyberattackers Exploiting Critical WordPress Plugin Bug

F5 Urges Customers to Patch Critical BIG-IP Pre-Auth RCE Bug

SAP Stomps Out Critical RCE Flaw in Manufacturing Software

Krebs: Microsoft Patch Tuesday, March 2021 Edition

Krebs: Warning the World of a Ticking Time Bomb

Microsoft Releases ProxyLogon Updates for Unsupported Exchange Servers

Kremlin Calls NYT Report on Planned U.S. Cyberstrikes on Russia ‘Alarming’

Biden Appoints Clare Martorana as Federal CIO

U.S. Seizes More Domains Used in COVID-19 Vaccine Phishing Attacks

Security Bug Hunters Focus on Misconfigured Services, Earn Big Rewards

Dark Web Markets for Stolen Data See Banner Sales

GandCrab Ransomware Affiliate Arrested for Phishing Attacks

Surveillance Concerns Could Hold Up European-U.S. Data Agreement for Years

Gab, a Haven for Pro-Trump Conspiracy Theories, Has Been Hacked Again

Arkansas Bill Addresses “Unfair” Social Media Censorship

Twitter Sues Texas AG, Alleging Retaliation for Banning Trump

West Ham Supporters’ Personal Details Leaked on Club Website

Hackers Access Surveillance Cameras at Tesla, Cloudflare, Banks, More

Spanish Labor Agency Suffers Ransomware Attack, Union Says

Google Play Harbors Malware-Laced Apps Delivering Spy Trojans

zoMiner Botnet Hunts for Unpatched ElasticSearch, Jenkins Servers

Adobe Critical Code-Execution Flaws Plague Windows Users

Adobe Fixes Critical Creative Cloud, Adobe Connect Vulnerabilities

GitHub Fixes Bug Causing Users to Log Into Other Accounts

Microsoft Shares Detection, Mitigation Advice for Azure LoLBins

Apple Plugs Severe WebKit Remote Code-Execution Hole

Microsoft Patch Tuesday Updates Fix 14 Critical Bugs

Krebs: A Basic Timeline of the Exchange Mass-Hack

…Microsoft Email Server Hacks Put Biden in a Bind

…European Banking Authority Hit by Microsoft Exchange Hack

U.S. Reportedly Prepares Action against Russia after Major Cyberattack

…Hackers Hiding Supernova Malware in SolarWinds Orion Linked to China

Iranian Hackers Using Remote Utilities Software to Spy On Its Targets

New Sarbloh Ransomware Supports Indian Farmers’ Protest

CISA Takes Over .GOV Top-Level Domain (TLD) Administration

PayPal Is Acquiring Crypto Security Company Curv, for Less Than $200 Million

McAfee to Offload Enterprise Business for $4bn, Focus on Consumer Security

Virginia Passes New Data Protection Law

Flagstar Bank Hit by Data Breach Exposing Customer, Employee Data

Data Breach at Healthcare Provider Elara Caring Exposes 100,000 Patients’ Information

Cosco Shipping Hacked Again

Hackers Target University of Texas at El Paso (UTEP)

University of the Highlands and Islands Shuts Down During ‘Ongoing Cyber Incident’

Melton School Responds to Serious Cyber Attack

Fake Google reCAPTCHA Phishing Attack Swipes Office 365 Passwords

Crypto-Miner Campaign Targets Unpatched QNAP NAS Devices

Newest Intel Side-Channel Attack Sniffs Out Sensitive Data

Google Chrome to Block Port 554 to Stop NAT Slipstreaming Attacks

Krebs: At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

…FireEye Finds Evidence Chinese Hackers Exploited Microsoft Email App Flaw Since January

…White House Cites ‘Active Threat,’ Urges Action Despite Microsoft Patch

…New Microsoft Tool Checks Exchange Servers for ProxyLogon Hacks

…Microsoft’s MSERT Tool Now Finds Web Shells From Exchange Server Attacks

…Microsoft: Exchange Updates Can Install Without Fixing Vulnerabilities

In Battle with U.S., China to Focus on 7 ‘Frontier’ Technologies from Chips to Brain-Computer Fusion

…Spending on Research and Development to Rise 7% per Year in Push for Major Tech Breakthroughs

U.S. DoD Weapons Programs Lack ‘Key’ Cybersecurity Measures

Russian, Chinese Hackers Targeted Europe Drug Regulator

Russian Disinformation Campaign Aims to Undermine Confidence in Pfizer, Other Covid-19 Vaccines, U.S. Officials Say

Virus Tech Draws Scrutiny From European Privacy Advocates

New iPhone Feature Reveals if Someone Is Stalking Your Exact Movements

Bug in Apple’s Find My Feature Could’ve Exposed Users’ Location Histories

Critics Blast Google’s Aim to Replace Browser Cookie with ‘FLoC’

‘Impossible to Trace’ Tech Savvy Dad May Be Holding Daughter Captive in WA, Cops Say

U.S. Indicts John McAfee for Cryptocurrency Fraud, Money Laundering

Effective Cybersecurity Needs Quantum Communication

Companies Are Doing a Terrible Job of Reporting Cybersecurity Risks to Investors

Queen’s University in Belfast Takes ‘Precautions’ After Cyber-Attack Attempt

Czech Capital Prague, Labour Ministry Face Cyber Attacks

Saint Agnes Medical Center (CA) Data Breach Exposed Personal Info

Sandhills Medical (SC) Foundation Patient Info Accessed in Cyber Attack

Humana Notifying 65,000 Health Plan Members Information Was Exposed

Two Medical Practices in the Richmond Region Report Cybersecurity Incidents

SITA: Airline IT Provider Confirms Passenger Data Leaked After Major ‘Cyber-Attack’

Docker Hub and Bitbucket Resources Hijacked for Crypto-Mining

Ongoing Phishing Attacks Target U.S. Brokers With Fake FINRA Audits

Nottinghamshire Schools Suspend Online Learning Following Cyber Attack

D-Link, IoT Devices Under Attack By Tor-Based Gafgyt Variant

WordPress Injection Anchors Widespread Malware Campaign

REvil Ransomware Gang Plans to Call Victim’s Business Partners About Attacks

New ‘Hog’ Ransomware Only Decrypts Victims Who Join Their Discord Server

…Two Unusual Versions of Ransomware Tell Us a Lot About How Attacks Are Evolving

Supermicro, Pulse Secure Release Fixes for ‘TrickBoot’ Attacks

Samsung Fixes Critical Android Bugs in March 2021 Updates

Microsoft Office 365 Gets Protection Against Malicious XLM Macros

Krebs: Three Top Russian Cybercrime Forums Hacked

Microsoft, FireEye Unmask More Malware Linked to SolarWinds Attackers

CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws

Senate Includes Nearly $2 Billion in Cyber, Tech Funds to COVID-19 Bill

Researcher Bitsquats Microsoft’s windows.com to Steal Traffic

Thousands of Android and iOS Apps Leak Data From the Cloud

National Surveillance Camera Rollout Roils Privacy Activists

Samsung and Mastercard to Pilot Biometric Payments Card in South Korea

Cryptocurrency Fraudster Steals $16m

Singapore Airlines Frequent Flyer Members Hit in Third-Party SITA Data Security Breach

Indian State Government Website Exposed COVID-19 Lab Test Results

Ransomware Attack on Cochise Eye and Laser (AZ)

8-Day Cyber Attack: Hackers Demanded Millions From Allergy Partners (NC)

34,000 Affected in AllyAlign Health (VA) Data Breach

Hacked SendGrid Accounts Used in Phishing Attacks to Steal Logins

CompuCom MSP Hit by DarkSide Ransomware Cyberattack

Windows DNS SIGRed Bug Gets First Public RCE PoC Exploit

VMware Releases Fix for Severe View Planner RCE Vulnerability

Workers at Canadian Spy and Cyber Agency Threaten to Strike

State-Sponsored Hackers Rush to Exploit Unpatched Microsoft Exchange Servers

Why Some Governments Are Getting Cyber Crime Gangs to Do Their Hacking for Them

High Alert as New QAnon Date Approaches Thursday

Google to Stop Selling Ads Based on Your Specific Web Browsing

Parler Drops Federal Lawsuit Against Amazon, Files in State Court

BEC Scammers Are Targeting Investors for Massive Payouts

U.S. Government Warns of Social Security Scams Using Fake Federal IDs

Home-Office Photos: A Ripe Cyberattack Vector

Hackers Share Methods to Bypass 3D Secure for Payment Cards

Qualys Hit With Ransomware: Customer Invoices Leaked on Extortionists’ Tor Blog

Navajo Nation Hospital Targeted by Large-Scale Ransomware Hack

University of Memphis Hit with Second Cyber Attack In Six Months

Hollywood’s Elite Private Schools Hacked

CompuCom MSP Confirms Ongoing Outage Following Malware Incident

Cyber Attack Affecting Hanover Area School District and Others (PA)

Telemarketing Biz CallX Exposes 114,000 in Cloud Config Error

Cash App Phishing Kit Deployed in the Wild, Courtesy of 16Shop

GRUB2 Boot Loader Reveals Multiple High Severity Vulnerabilities

Unpatched Bug in WiFi Mouse App Opens PCs to Attack

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails (Krebs)

Chinese Cyber Attack: U.S. Congressman Urges Biden to Stand by India

SolarWinds Reports $3.5 Million in Expenses From Supply-Chain Attack

Wray Hints at Federal Response to SolarWinds Hack

Microsoft Warns of Chinese Hackers ‘Hafnium’ Targeting Email Product

Microsoft Shares More on What’s Coming in Windows Server 2022

Microsoft Teams Adds End-to-End Encryption (E2EE) to One-on-One Calls

Microsoft 365 Defender Threat Analytics Enters Public Preview

Gamer Sues Microsoft Over Cyberbullying

Google Teams up With Allianz, Munich Re to Insure Its Cloud Users

Jailbreak Tool Works on iPhones Up to iOS 14.3

Medal of Honor Holders’ Identities Stolen

‘Fake Accounts Used My Pictures to Sell Sex’

Satanic Temple Loses Cyber-squatting Lawsuit

Alarming Cybersecurity Stats: What You Need To Know For 2021

Krebs: Payroll/HR Giant PrismHR Hit by Ransomware?

Malaysia Airlines Discloses a Nine-Year-Long Data Breach

Asian Food Distribution Giant JFC International Hit by Ransomware

Zee5 Once Again Caught In Data Breach; Info Of 9 Mn Users Exposed

CSX Probes ‘Security Incident’ as Hackers Leak Data

Oxfam Australia Confirms Data Breach After Stolen Info Sold Online

Millersville University (PA) Says Network Outage Was the Result of an ‘External Attack’

Ransomware Attack Shuts Down Altona Clinic (MB)

Rookie Coding Mistake Prior to Gab Hack Came From Site’s CTO

Researchers Unearth Links Between SunCrypt and QNAPCrypt Ransomware

Malicious NPM Packages Target Amazon, Slack With New Dependency Attacks

Compromised Website Images Camouflage ObliqueRAT Malware

Microsoft Fixes Actively Exploited Exchange Zero-Day Bugs, Patch Now

Google Fixes Second Actively Exploited Chrome Zero-Day Bug This Year

Chinese Hackers Targeted India’s Power Grid Amid Geopolitical Tensions

…Chinese Businessman Plotted With GE Insider to Steal Transistor Secrets, Say Feds

U.S. ‘Unprepared’ to Defend against New AI Threats, Report Finds

New York Group Urges Action on Cyber Coordination

Free Cybersecurity Tool Aims to Help Smaller Businesses Stay Safer Online

Scientists Have Built This Ultrafast Laser-Powered Random Number Generator

Krebs: Is Your Browser Extension a Botnet Backdoor?

Cybercrime ‘Help Wanted’: Job Hunting on the Dark Web

Universal Health Services Lost $67 Million Due to Ryuk Ransomware Attack

Tether Cryptocurrency Firm Says Docs in $24 Million Ransom Are ‘Forged’

…We Are ‘Not Paying’

Facebook Photo-tagging Lawsuit Settled for $650m

Florida Police Arrest 12 Alleged Online Predators

Passwords, Private Posts Exposed in Hack of Gab Social Network

Hurtigruten Reports Passenger Data Exposed in Cyberattack

European E-Ticketing Platform Ticketcounter Extorted in Data Breach

World’s Leading Dairy Group Lactalis Hit by Cyberattack

Kaman Hit by Ransomware Attack, Biden Foreign Policy Change

New South Wales Transport Agency Extorted by Ransomware Gang After Accellion Attack

Cyber Attack on the Ministry of Finance of Kosovo

City of Kingman (AZ) Government Computer System Hit by Cyberattack

Malware Loader Abuses Google SEO to Expand Payload Delivery

Working Windows and Linux Spectre Exploits Found on VirusTotal

Critical Vulnerability Found in Snow Software’s Inventory Agent

Firewall Vendor Genua Patches Critical Auth Bypass Flaw

Congress Has New Appetite for Breach Law Following SolarWinds Hack: Lawmaker

SolarWinds Officials Throw Intern Under the Bus for ‘solarwinds123’ Password Fail

Lawmakers Blame SolarWinds Hack on ‘Collective Failure’ to Prioritize Cybersecurity

Huawei Backs Supply Chain Security Standards in Wake of SolarWinds Breach

NSA, Microsoft Promote a Zero Trust Approach to Cybersecurity

Pits Microsoft Against Dell, IBM Over How Companies Store Data

U.S. Energy Department Floats Solution to Illicit Crypto Mining Malware

Foreign Perpetrators Among Fraudsters Shamming State’s Unemployment Systems

Cyberattacks Cost Hospitals Millions During Covid-19

Amazon Dismisses Claims Alexa ‘Skills’ Can Bypass Security Vetting Process

What Are These Suspicious Google GVT1.Com URLs?

T-Mobile Discloses Data Breach After Sim Swapping Attacks

Ransomware Gang Hits Ecuador’s Largest Private Bank Banco Pichincha, Ministry of Finance

UK’s Npower Shuts Down Mobile App Following Data Breach

Some San Diegans’ Personal Information Provided to Jewish Family Service Exposed Online

Beware: AOL Phishing Email States Your Account Will Be Closed

Stalkerware Volumes Remain Concerningly High, Despite Bans

Yeezy Fans Face Sneaker-Bot Armies for Boost ‘Sun’ Release

Ryuk Ransomware Now Self-Spreads to Other Windows LAN Devices

Google Shares PoC Exploit for Critical Windows 10 Graphics RCE Bug

Microsoft Fixes Windows 10 Drive Corruption Bug — What You Need to Know

German Prosecutors Are Building AI In-House

Cybersecurity Firm Axonius Raises $100 Million at $1.2 Billion Valuation

Microsoft Failed to Shore up Defenses That Could Have Limited SolarWinds Hack: U.S. Senator

Microsoft Shares CodeQL Queries to Scan Code for SolarWinds-Like Implants

Amazon’s Lack of Public Disclosure on SolarWinds Hack Angers Lawmakers

North Korean Hackers Target Defense Industry With Custom Malware

Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations

DHS Secretary Mayorkas Announces New Initiative to Fight ‘Epidemic’ of Cyberattacks

French Minister: Mafia-Type Gangs Likely Behind Cyber Attacks on Hospitals

Insider Cloud Data Theft Plagues Healthcare Sector

Iraqi MP Suffers Online Extortion

Facebook Takes Out Myanmar Military After Bloody Coup

Krebs: How $100M in Jobless Claims Went to Inmates

ByteDance Agrees to $92 Million Privacy Settlement With U.S. TikTok Teens

Steris Touted as Latest Accellion Hack Victim

Dutch Research Council (NWO) Confirms Ransomware Attack, Data Leak

Gore Medical Management (GA) Has 79,100 Patients’ Data on Unauthorized Computer

FBI, State Police Probing Cyber Hack on Saginaw (MI) Township Schools

Ransomware Attack: Network Outage Forces Affton School District (MO) to Virtual

Students’ Information Compromised by Data Breach at Harvard Business School

RMIT University (Australia) Races to Recover From Cyber Attack Before Students Return

Florida Studio Theatre Endures Ransomware Attack

Bengal Health Website Leaks 8 Million COVID-19 Test Results

Oxford University Says Research Not Affected After Expert Flags COVID Lab Hack

Malicious Mozilla Firefox Extension Allows Gmail Takeover

Ukraine Says Russian Hackers Attack Web-Based State Document System

CrowdStrike Slams Microsoft Over SolarWinds Hack

…NASA and the FAA Were Also Breached by the SolarWinds Hackers

…More SolarWinds Hack Victims Yet to Be Publicly Identified, Tech Executives Say

Congress Looks Towards New Data Breach Laws as Russian Hack Scope Remains Unknown

Biden Signs Supply Chain Order After ‘Positive’ Meeting With Lawmakers

Biden CIA Pick Pledges to Confront China if Confirmed, Speak ‘Truth to Power’

Tax Season Ushers in Quickbooks Data-Theft Spike

Microsoft Lures Populate Half of Credential-Swiping Phishing Emails

Poor Remote Working Behaviors and Procedures Putting Orgs at Risk

Kroger Data Breach Highlights Urgent Need to Replace Legacy, End-of-Life Tools

Universities Face Double Threat of Ransomware, Data Breaches

Google Funds Linux Maintainers to Boost Linux Kernel Security

IT Security Firm Kaseya Acquires SOC Platform RocketCyber

Medical Data of 500,000 French Residents Leaked Online

Five Eyes Members Warn of Accellion FTA Extortion Attacks

Clop Ransomware Gang Extorts Jet Maker Bombardier After Accellion Breach

Cyberpunk 2077 Patch 1.2 Delayed by CD Projekt Ransomware Attack

LazyScripter Hackers Target Airlines With Remote Access Trojans

Around 45k Patients Impacted in Covenant Healthcare Data Breach (MI)

Kentucky Unemployment Office Warns of Potential Cyber-Attack

Cobb Schools (GA) Code Red Alert Investigated as Cyber Attack

Nvidia’s Anti-Cryptomining GPU Chip May Not Discourage Attacks

Heavily Used Node.js Package Has a Code Injection Vulnerability

Mozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie Tracking

VMWare Patches Critical RCE Flaw in vCenter Server

Cisco Fixes Maximum Severity MSO Auth Bypass Vulnerability

Microsoft President: The Only Reason We Know About SolarWinds Hack Is Because FireEye Told Us

…SolarWinds, Microsoft, FireEye, CrowdStrike Defend Actions in Major Hack – U.S. Senate Hearing

…Tech Executives Call for Improved Public-Private Coordination After SolarWinds Hack

…Biden Administration to Respond to Russian Hacking, Poisoning in ‘Weeks Not Months’

Vietnam APT32 State Hackers Target Human Rights Defenders With Spyware

Krebs: Checkout Skimmers Powered by Chip Cards

Shadow Attacks Let Attackers Replace Content in Digitally Signed PDFs

Experts Find a Way to Learn What You’re Typing During Video Calls

Twitter Removes Accounts of Russian Government-Backed Actors

Facebook to Restore Australia News, Pay Media Companies in Compromise With Lawmakers

Louisiana College Cyber-Thief Sentenced

Finnish IT Giant TietoEVRY Hit with Ransomware Attack

Filipino Credit App Cashalo Suffers Data Breach

Clubhouse Confirms Data Spillage of Its Audio Streams

10K Microsoft Email Users Hit in FedEx Phishing Attack

Clop Ransomware Gang Leaks Possible Stolen Bombardier Blueprints of GlobalEye Radar Snoop Jet

Florida Man Discovers Personal Information on the Side of Road

Jamaica’s Amber Group Fixes Second JamCOVID Security Lapse

Flash Version Distributed in China After EOL Is Installing Adware

VMware Warns of Critical Remote Code Execution Flaw in vSphere HTML5 Client

IBM Squashes Critical Remote Code-Execution Flaw

Keybase Patches Bug That Kept Pictures in Cleartext Storage on Mac, Windows Clients

Google Adds Password Checkup Support to Android Autofill

Chinese Spyware Code Was Copied From America’s NSA: Researchers

Ukraine Accuses Russian Networks of New Massive Cyber Attacks

DHS Announces New Measures to Boost Nation’s Cybersecurity

U.S. House Committees to Hold Feb 26 Hearing on ‘SolarWinds’ Hack

Texas Electric Company Warns of Scammers Threatening to Cut Power

Toledo Public School Students Seeing Effects of Last Year’s Massive Data Breach

Google Lifting Ban on Political Ads Instituted After Capitol Riots

Watchdog Questions Legality of Using Cellphone Data Without Warrants

Former Employee Behind Earthquakes Stadium Hack

French Boat Maker Beneteau to Suspend Some Production After Cyberattack

Silicon Valley VC Firm Sequoia Capital Phished

BBC Reports Theft of 105 Electrical Devices

ServiceNow Admin Credentials Exposed in Cloud Security Blunder

Assume Clubhouse Conversations Are Being Recorded, Researchers Warn

Powerhouse VPN Products Can Be Abused for Large-Scale DDoS Attacks

Accellion FTA Zero-Day Attacks Show Ties to Clop Ransomware, FIN11

Stored XSS Bug in Apple iCloud Domain Disclosed by Bug Bounty Hunter

SHAREit Fixes Security Bugs in App With 1 Billion Downloads

Biden Calls for Creating ‘Rules’ on Cyber, Tech to Combat China and Russia Threats

Krebs: Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer Gang

Northern Ireland Customers Warned Over ‘Royal Mail’ Scam Messages

Google Alerts Abused to Push Fake Adobe Flash Updater

CIS Now Offers Free Ransomware Protection to All U.S. Hospitals

Microsoft Edge Is Crowdsourcing Whether to Show Notification Prompts

SonicWall Releases Additional Update for SMA 100 Vulnerability

Tim Berners-Lee Says Australian Law Would Make Internet ‘Unworkable’

EU Decision Frees U.K. to Handle Europeans’ Personal Data

Kaspersky: Decline in DDoS Attacks Linked to Surge in Cryptocurrency Value

…Crypto Price Surge Invites a Torrent of Crypto Crime

Tech Industry Is Looking to Replace the Smartphone — What Will Apple Come up With?

Hungary Says Vaccine Registration Website Under Cyber Attack

Kroger Data Breach Exposes Pharmacy and Employee Data (Accellion Vuln)

Underwriters Laboratories (UL) Certification Giant Hit by Ransomware

More U.S. Cities Disclose Data Breaches after AFTS’s Ransomware Attack

Yuba County (CA) Focuses on Recovery After Ransomware Attack

Kia Denies Ransomware Attack

Parents Alerted to NurseryCam Security Breach

New Hack Lets Attackers Bypass MasterCard PIN by Using Them As Visa Card

New Silver Sparrow Malware Found on 30,000 Macs Has Security Pros Stumped

Privacy Bug in Brave Browser Exposes Dark-Web Browsing History of Its Users

Recently Fixed Windows Zero-Day Actively Exploited Since Mid-2020

Chrome for iOS Will Let You Lock Incognito Mode With Face ID

SolarWinds Hackers Studied Microsoft Source Code for Authentication and Email

…White House Now Says 100 Companies Hit by SolarWinds Hack, but More May Be Impacted

…Senate Intelligence Panel to Hold Hearing on SolarWinds Breach Next Week

Congress Faces News Showdown With Facebook, Google

States Push Internet Privacy Rules in Lieu of Federal Standards

Op-Ed: Hackers Are Targeting COVID-19 Vaccinations. Here’s How to Stop Them

FBI: Telephony Denial-of-Service Attacks Can Lead to Loss of Lives

Apple Adds ‘BlastDoor’ Security Feature to Fight iMessage Hacks

…Apple Outlines 2021 Security, Privacy Roadmap

IBM Explores Sale of IBM Watson Health

Software Firm Owner Admits Fraud and CSAM Possession

U.S. Jails Celebrated Nigerian Entrepreneur for Cyber-Fraud

RIPE NCC Internet Registry Discloses SSO Credential Stuffing Attack

34,000 Patients Potentially Impacted by Grand River Medical Group (IA) Data Breach

California DMV Halts Data Transfers After Vendor Breach (AFTS)

Cryptopia Got Hacked While in Liquidation Due to a Hack

‘Secure’ Daycare Video Monitoring Product Beamed DVR Admin Creds to All Users

Hackers Abuse Google Apps Script to Steal Credit Cards, Bypass CSP

Half of Apps Contain at Least One Serious Exploitable Vulnerability

Mac Malware Targets Apple’s In-House M1 Processor

U.S. Shares Info on North Korean Malware Used to Steal Cryptocurrency

SDK Bug Lets Attackers Spy on User’s Video Calls Across Dating, Healthcare Apps

Exploit Details Emerge for Unpatched Microsoft Bug

Follow The Cyber Beat

Get news delivered directly to your inbox.