News

7/6/2020

UK to Phase Out Huawei Gear From 5G Networks in a Major Policy U-Turn After U.S. Sanctions: Reports

China envoy warns of ‘consequences’ if Britain rejects Huawei

France to Encourage Telecom Groups to Avoid Huawei Products, but Not Ban Company: Report

Nokia, Hurt by Costly 5G Chip Mistake, Struggles to Catch Huawei

North Korean APT Lazarus Group Adds Magecart to the Mix

Volume and Size of Fines for Data Breaches Expected to Rise

VaultAge Solutions CEO Goes Into Hiding to Avoid Cryptocurrency Investors Allegedly Scammed Out of $13 Million

Home Routers Are All Broken, Finds Security Study

Watch Out for This Nasty New Trend in Robocall Scams

4 Evolving Technology Areas Of Smart Cybersecurity

Microsoft Defender ATP Web Content Filtering Is Now Free

How to Assess More Sophisticated IoT Threats
EDP Renewables North America (EDPR NA) Confirms Ragnar Locker Ransomware Attack

Independence Blue Cross Alerts Members of Data Breach

5 Dating Apps Leak More than 1 Million User Profiles and Sensitive Information

Brazil’s Hapvida Discloses Cyber Breach, Potential Client Data Leak

Ransomware Attack on Insurance MSP Xchanging Affects Clients

X-FAB Affected by Cyber Attack

Cooke County (TX) Sheriff’s Office Suffers Ransomware Attack

Multiple DXC Technology Customers Down After Insurance Arm Hit By Ransomware

Flaw Fixed in Hotels.com Generator as Tesco Clubcard Users Impacted

Tokopedia Files Police Report over Alleged Data Breach

Android Users Hit with ‘Undeletable’ Adware

Purple Fox EK Adds Microsoft Exploits to Arsenal

7/3-5/2020

Iran Hints a Cyber Attack Caused Fire at Nuclear Facility

Foreign Cyber Criminals Take Aim at Americans Working From Home

NSA Issues VPN Security Guidance

Companies Start Reporting Ransomware Attacks as Data Breaches

Prince Edward Island Ransomware Attack Costs Taxpayers More Than $900k

Virtual Reality Is Booming in the Workplace Amid the Pandemic

Ring Doorbell’s Police Partnerships Questioned Over Racial Bias

Infosec Community Disagrees With Changing ‘Black Hat’ Term Due to Racial Stereotyping

Krebs: E-Verify’s “SSN Lock” is Nothing of the Sort

Windows 10’s Microsoft Store Codecs Patches Are Confusing Users
Moose Remain Unaware of Lottery Privacy Breach

Washington County Sheriff’s Office (OR) Hack

500,000 BMW, Mercedes and Hyundai Owners Hit by Massive Data Breach

University of Michigan: Leaked Emails, Passwords Were From ‘3rd-Party Data Breaches’

Barclays Bank Appeared to Be Using the Wayback Machine as a ‘CDN’ for Some Javascript

Critical RCE Flaw (CVSS 10) Affects F5 BIG-IP Application Security Servers

Try2Cry Ransomware Tries to Worm Its Way to Other Windows Systems

Avaddon Ransomware Still Using Excel 4.0 Macros

New Behave! Extension Warns of Website Port Scans, Local Attacks

.NET Core Vulnerability Lets Attackers Evade Malware Detection

7/2/2020

Facebook to Launch Fourth of July Voter Registration Drive

Facebook Privacy Glitch Gave 5K Developers Access to ‘Expired’ Data

Vulnerable Voting Infrastructure and the Future of Election Security

Researchers Link APT15 Hackers to Chinese Military Company

Krebs: Ransomware Gangs Don’t Need PR Help

Surge of MongoDB Ransom Attacks Use GDPR as Extortion Leverage

133m Records for Sale as Fruits of Data Breach Spree Keep Raining Down

U.S. Schools and Colleges Have Leaked 24.5 Million Records Since 2005

4 Barriers to Teaching Employees Good Cybersecurity Habits

Hundreds Arrested After Cops Dismantle Encrypted Phone Network

Leaders Need to Prioritize Cybersecurity
V Shred Data Leak Exposes PII, Sensitive Photos of Fitness Customers and Trainers

Data Breach at CNY Works Career Center May Have Exposed Personal Information of 56,000 Clients

Fort Worth Bike Share Hacked, Users’ Credit Card Info and Names Possibly Compromised

NetWalker Ransomware Group Claims Attack on Fort Worth Transportation Agency

Ransomware Attackers Pressure Knoxville by Posting City Data Online

Ohio Department of Health Website Not Hacked, Technical Difficulties Shut It Down

New Mac Ransomware OSX.ThiefQuest Hidden in Pirated Software

Apache Guacamole Opens Door for Total Control of Remote Footprint

Chingari App Maker Globussoft’s Website Contains Malware, Says Researcher

Cisco SMB Kit Harbors Cross-Site Scripting Bug

Malwarebytes AdwCleaner Now Removes Malware From the Command Line

Microsoft Defender ATP Now Helps Secure Network Devices

7/1/2020

Details of Beijing’s New Hong Kong Security Law: Signals End to More Than 2 Decades of Autonomy

China: Us ‘Oppressing Chinese Companies’ in New Huawei Move

Research Finds Uighurs Targeted by Chinese Spyware as Part of Surveillance Campaign

California’s CCPA Gets Teeth Today

Companies Rush to Implement Identity Systems for Remote Working

Remote Workers Becoming More Security Conscious Although Bad Habits Persist

Federal Reserve Shares Tips on Mitigating Synthetic Identity Fraud

U.S. Gov’t Shares Tips on Defending Against Cyberattacks via Tor

Schools Already Struggled With Cybersecurity. Then Came Covid-19

The World’s Biggest Stolen Data Archive Is About to Reach 10 Billion Personal Records

Dozens of U.S. News Sites Hacked in WastedLocker Ransomware Attacks

Mac Users Beware New EvilQuest Ransomware Targets Apple Computers

Malware Uses Postal App Lure to Send SMS Messages and Steal Data

TrickBot Malware Now Checks Screen Resolution to Evade Analysis

Windows POS Malware Uses DNS to Smuggle Stolen Credit Cards

Cisco Warns of High-Severity Bug in Small Business Switch Lineup

Woolies Hit With AU$1 Million Spamming Fine

Did a Chinese Hack Kill Canada’s Greatest Tech Company?

One out of every 142 passwords is ‘123456’

6/30/2020

Hong Kong Security Law: China Passes Controversial Legislation

U.S. Suspends Sensitive Tech Exports to Hong Kong

After Pompeo Says ‘Tide Is Turning Against Huawei,’ India Reportedly Weighs 5G Ban on Chinese Firm

FCC Formally Designates Huawei and ZTE as National Security Threats

Australia to Spend Nearly $1 Billion to Boost Cyber Security

CISA: Nation-State Attackers Likely to Exploit Palo Alto Networks Bug

How Public Safety Systems Can Be Abused by Nation State Actors

Krebs: COVID-19 ‘Breach Bubble’ Waiting to Pop?

Businesses Lack a Workable Ransomware Recovery Strategy

Unauthorized Data Sharing Puts Companies at Risk

The More Cybersecurity Tools an Enterprise Deploys, the Less Effective Their Defense Is

ID Theft: Fake Google Alerts Are Now Delivering Malware

Democrats, Voting Rights Groups Pressure Senate to Approve Mail-In Voting Resources

California Enters Privacy Law Limbo as November Vote Looms

New Cybersecurity Standard for IoT Devices Established By ETSI

The Celebrities at Risk of Having Their Personal Data Stolen by REvil Ransomware Gang Revealed
Education Dept. Left Exposed Social Security Numbers of Thousands of Borrowers

Business Giant Xerox Allegedly Suffers Maze Ransomware Attack

DeFi Protocol Balancer Loses $500k in Hack

American Medical Tech Reports 2019 Email Hack Impacting 47K Patients

Data Breach Reported for Merced County’s Medi-Cal Managed Healthcare Plan

Florida Orthopaedic Institute Warns Patients of Potential Data Breach

Senior Living Provider Choice Health Management Services’s Email Breach Affects Residents, Employees, Third Parties (NC & SC)

Waterloo Insurance Firm Heartland Farm Mutual Reveals Data Breach

Seller Floods Hacker Forum With Data Stolen From 14 Companies

StrongPity APT Back with Kurdish-Aimed Watering Hole Attacks

Clever Phishing Scam Targets Websites With Free DNSSEC Offer

Devious Bitcoin Scam Uses Targeted Texts and Celeb Endorsements

EvilQuest Mac Ransomware Has Keylogger, Crypto Wallet-Stealing Abilities

Faulty Drivers Fuel ATM Hacking Problem, Say Researchers

Microsoft Releases OOB Security Updates for Windows 10 RCE Bugs

Netgear Not Quite Halfway There With Patches for 28 Out of 79 Vulnerable Router Models

6/29/2020

India Bans TikTok, Dozens of Other Chinese Apps After Border Clash

China’s Influence via Wechat Is ‘Flying Under the Radar’ of Most Western Democracies

Cyber Attack on National Highways Authority of India (NHAI)

Senators Move to Boost State and Local Cybersecurity as Part of Annual Defense Bill

AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals

Hackers Turning Roblox Gaming Accounts Into Trump Supporters

Campaigners Call for UK Computer Misuse Act Revision on 30th Anniversary

Over 100k Daily Brute-Force Attacks on RDP in Pandemic Lockdown

Half of Internet Users Fall Victim to Cyber Attacks
Twitter Admits Business Data Breach For Some Users and Conveys Apologies

Online Learning Platform OneClass Exposes Data on One Million Students

Cyber Attack Reported at New Mexico State University (NMSU) Foundation

Researchers Find New Calendar-Based Phishing Campaign

A Hacker Gang ‘Cl0ud SecuritY’ Is Wiping Lenovo NAS Devices and Asking for Ransoms

e-Commerce Site Hackers Now Hiding Credit Card Stealer Inside Image Metadata

SEC Warns Investors From Dealing With iBSmartify Nigeria Cryptocurrency

Unpatched Wi-Fi Extender Opens Home Networks to Remote Control

Palo Alto Networks Patches Critical Vulnerability in Firewall OS

6/26-28/2020

Chinese Malware Used in Attacks Against Australian Orgs

Hackers With Chinese, North Korean, Pakistani Links Attack Indian Websites

8 U.S. City Websites Targeted in Magecart Attacks

FEC Commissioner Resigns, Leaving Agency Without a Quorum Again

Bill Proposes National Cyber-Security Czar

Hospitals Scramble to Adapt Security Measures Amid Cyberattacks

Ransomware Is Now Your Biggest Online Security Nightmare. It’s About to Get Worse

Russian Hackers May Be Trying to Target You With Ransomware. Here’s How

Explicit, Racist Hack During Online Public Meeting Leads Baton Rouge to Involve FBI

Krebs: Russian Cybercrime Boss Burkov Gets 9 Years

Developer of Mirai, Qbot-Based DDoS Botnets Jailed for 13 Months

Fraudster Gareth David Long Jailed for Stealing Millions from US Seniors

Admin of Carding Portal Behind $568m in Losses Pleads Guilty

Capital One Loses Bid to Block Release of Post-Hack Report
Security Breach Impacts Maine State Police Database

Hack Included Documents From Secretive Maine Police Unit

Hackers Breach E27, Want “Donation” to Reveal Vulnerabilities

TikTok To Stop Clipboard Snooping After Apple Privacy Feature Exposes Behavior

GeoVision Access Control Devices Let Hackers Steal Fingerprints

DarkCrewFriends Returns with Botnet Strategy

Evil Corp Blocked From Deploying WastedLocker Ransomware on 30 Major U.S. Firms

UCSF Medical School Officials Pay Hackers $1.14 Million Ransom To Recover Stolen Data

Attackers Target Exposed API Endpoints to Facilitate DDoS Attacks and Mine Cryptocurrencies

Adobe, Mastercard, Visa Warn Online Store Owners of Magento 1.x EOL

New Ransom X Ransomware Used in Texas TxDOT Cyberattack

Microsoft: Patch IIS Bug Now to Protect Exchange Servers

Almost 300 Windows 10 Executables Vulnerable to DLL Hijacking

Why Certain Characters “Glitch” Gmail, YouTube, and Twitter

6/25/2020

‘GoldenSpy’ Spyware Hidden in Chinese Tax Software Was Probably Planted by a Nation-State, Say Experts

Russian Criminal Group Finds New Target: Americans Working at Home

FBI Warns K12 Schools of Ransomware Attacks via RDP

WikiLeaks Founder Julian Assange Charged With Conspiring With LulzSec & Anonymous Hackers

eBay Security Employees Allegedly Orchestrated Deliveries of Live Cockroaches, Pornographic Videos and a Mask of a Bloody Pig’s Head

Krebs: New Charges, Sentencing in Satori IoT Botnet Conspiracy

Jack Abramoff Charged With Conspiracy in Cryptocurrency Case

Nationwide Facial Recognition Ban Proposed By Lawmakers

Zoom Hires Former Salesforce SVP as New CISO

Why Cybersecurity Is Really A Business Problem

B.C., Ontario Privacy Commissioners Order LifeLabs to Improve Security After Data Breach

Your Smartphone Could Be Using Your Information to Determine Your COVID-19 Risk
350,000 Social Media Influencers and Users at Risk Following Data Breach

European Bank Suffers Biggest PPS DDoS Attack, New Botnet Suspected

LG Electronics Allegedly Hit by Maze Ransomware Attack

IndiaMart Data Breach: 40,000 Company Records Discovered on Cybercrime Forums

A Domestic Violence Prevention App Backed by Dr. Phil Exposed Victims’ Distress Recordings

Docker Images Containing Cryptojacking Malware Distributed via Docker Hub

Golang Worm Widens Scope to Windows, Adds Payload Capacity

List of Ripple20 Vulnerability Advisories, Patches, and Updates

Critical Bugs and Backdoor Found in GeoVision’s Fingerprint and Card Scanners

Microsoft Removed the Defer Feature Update Setting in Windows 10

PlayStation Announces Bug Bounty Program

6/24/2020

FBI: Major Spike in Coronavirus-Related Cyber Threats

U.S. Soldier Indicted Over Mass Murder Plot

New Bill Targeting ‘Warrant-Proof’ Encryption Draws Ire

European Authorities Aim to Make National Coronavirus Apps Work Across Borders

Laws on Police Facial Recognition Aren’t Tough Enough, UK Data Watchdog Tells Court

Africa Is Under Cyber Attack — Here’s Why We Need More Awareness and Training

Cybersecurity Market Grows but Faces Pressure Amid Shrinking IT Budgets

There’s No Vaccine For Data Leaks: Why One Cyber Attack Leads To Another

Average Cost of a Data Breach: $116M

Over Two-Thirds of Q1 Malware Hidden by HTTPS

Yahoo Users Have Until July 20 to File Data Breach Claims
Telegram: Breach Exposed Millions Of Users’ Data

Exposed Frost & Sullivan Databases for Sale on Hacking Forum

Two-Year Data Breach at Florida Senior Care Provider Cano Health

AMT Healthcare Data Breach Impacts Nearly 50,000 Patients

CryptoCore Hackers Made Over $200m Breaching Crypto Exchanges

Microsoft: Attackers Increasingly Exploit Exchange Servers

Emerging Ransomware CryCryptor Targets Photos, Videos on Android Devices

Self-Propagating Lucifer Malware Targets Windows Systems

Critical Vulnerability Found In Russian Payment Service QIWI

NVIDIA Patches High Severity Flaws in Windows, Linux Drivers

VMware Fixes Critical Vulnerability in Workstation and Fusion

6/23/2020

FBI Probing Racist Emails Sent to Thousands Affiliated With Major Universities: Reports

Two-Fifths of Firms May Replace Email After #COVID19

How COVID-19 Has Changed Cybersecurity

Work From Home Opens New Remote Insider Threats

Number of Breached Records Continues to Soar

Facebook Accused of Trying to Bypass GDPR, Slurp Domain Owners’ Personal Whois Info via an Obscure Process

Google Is on a Mission to Stop You From Reusing Passwords

Cyber-Extortionist Threatens Australian Swimming Pro

Cop Comedy Riskiest Show to Watch Online

Microsoft Is Adding Linux, Android, and Firmware Protections to Windows

VirusTotal Adds Cynet’s Artificial Intelligence-Based Malware Detection
Twitter Discloses Billing Info Leak After ‘Data Security Incident’

Keizer, Oregon Pays $48,000 Cyber-Ransom

Richmond Hill (GA) Computers Restored After Alleged Hack

European Victims Refuse to Bow to Thanos Ransomware

Fxmsp Hackers Made $1.5m Selling Access to Corporate Networks

Sodinokibi (REvil) Ransomware Now Scans Networks For PoS Systems

Hakbit Ransomware Attack Uses GuLoader, Malicious Microsoft Excel Attachments

Ryuk Ransomware Deployed Two Weeks After Trickbot Infection

New WastedLocker Ransomware Distributed via Fake Program Updates

80,000 Printers Are Exposing Their IPP Port Online

6/22/2020

China Has a 15-Year Plan to Shape the Future of Tech. but Some Call It Hype

Top European Official Warns China Against Targeting Hospitals With Cyberattacks

North Korean #COVID19 Phishing Campaign Targets Six Countries

Morocco Used NSO’s Spyware to Snoop on Journalist, Amnesty Says

Hackers Use Google Analytics to Steal Credit Cards, Bypass CSP

New Zealand Seizes $90 Million in Assets of Russian Cybercrime Suspect

Egypt Based Hackers Attempted Cyber Attacks on Ethiopian Gov’t Sites

U.S. Gov’t to Enforce HTTPS on New .Gov Sites Starting September 1

Companies Name One of the Biggest Cybersecurity Threats: Their Employees
Krebs: ‘BlueLeaks’ Exposes Files from Hundreds of Police Departments

Stalker Online Breach: 1.3 Million User Records Stolen

Attackers Hit Thai Power Authority Using Maze Ransomware

Indiabulls Group Hit by Clop Ransomware, Gets 24h Leak Deadline

Kroger Network Server (OH) Breach Exposes Nearly 11,000 Patients’ Info

Ransomware Group Auctions Crozer-Keystone Health System Data on Darknet

DHS CISA: Serious Vulnerabilities Found in 6 Medical Device Systems

Encrypted Phone Network Encrochat Shutting Down After Police Hack: Has Hitmen and Drug Gangs as Customers

BitDefender Fixes Bug Allowing Attackers to Run Commands Remotely

Malwarebytes Causing Performance Issues in Windows 10 2004

6/19-21/2020

Australia Sees China as Main Suspect in State-Based Cyberattacks, Sources Say

The Huawei Hostages

Krebs: Turn on Multi-Factor Authentication Before Crooks Do It For You

If You Get a Call Saying You’ve Been Exposed to COVID-19, It Could Be a Scam

Indonesia Probes Alleged Hacking of COVID-19 Test Data

Austrian Telecoms Operator Played Six-Month Game of Cat-and-Mouse With Hacker

Developer Who Successfully Hacked Bitcoin Wallet Ensures Bitcoin Is Still Safe

French Court Upholds Ruling Fining Google $56 Million for Data Protection Violations

Facebook’s FTC-Mandated Privacy Committee Now in Effect

U.S. Deports NeverQuest Cyber-Thief

Former DIA Analyst Sentenced to Prison Over Data Leak

Hacker Arrested for Stealing, Selling PII of 65K Hospital Employees
Oracle’s BlueKai Spilled ‘Billions Of Records’ Of Web-Tracking Data

ConnectWise Partners Hit By Ransomware Via Automate Flaw

Hong Kong Based Apparel Retailer Bossini Reveals Customer Data Hack

Tallapoosa County (AL) Recovers From Ransomware Attack

Ransomware Attack Confirmed by Australia-Based Beverage Manufacturer Lion

Care New England Confirms It Was Victim of a Cyber-Attack

Philadelphia-Area Crozer-Keystone Health System Says It ‘Isolated’ a Malware Attack

Discord Modified to Steal Accounts by New Nitrohack Malware

Hackers Use Fake Windows Error Logs to Hide Malicious Payload

Ransomware Operators Lurk on Your Network After Their Attack

Adobe Wants Users to Uninstall Flash Player by the End of the Year

AMD Says It Will Fix New CPU Bugs by the End of June 2020

6/18/2020

Former Google CEO Eric Schmidt: There’s ‘No Question’ Huawei Routed Data to Beijing

ITI Advises on 5G Cybersecurity

UK U-Turns on Contact Tracing App Privacy

‘Massive’ Cyber Attack on Australian Government

Krebs: FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

Phishing Campaign Targeting Office 365, Exploits Brand Names

U.S. Indicts Six Nigerians Over $6m Email Scam

Commissioners Urge Hiring Changes to Fill Government Jobs in Cyber, AI

Pandemic Popularity Forces Dark Web Forums to Recruit

Maze Ransomware Gang Demand Payoff From Wrong Company

I Know All the Cybersecurity Rules. Yet I Still Break Them.
Delivery Hero Confirms Data Breach After Customer Data is Posted On a Dark Web Forum

Statement by CasualX in Response to the Report of a Massive Data Breach

InvisiMole Hackers Target High-Profile Military and Diplomatic Entities, Partners with Gamaredon

As Checks Turn up in the Mail, People Who Didn’t Apply for Unemployment Realize They Are Fraud Victims

BofA Phish Gets Around DMARC, Other Email Protections

Wells Fargo Phishing Baits Customers With Calendar Invites

IcedID Banker is Back, Adding Steganography, COVID-19 Theme

Cisco Webex, Router Bugs Allow Code Execution

79 Netgear Router Models Risk Full Takeover Due to Unpatched Bug

26 Flaws in Open-Source Zephyr and MCUboot Stacks

Chrome Extensions Are ‘the New Rootkit’ Say Researchers Linking Surveillance Campaign to Israeli Registrar Galcomm

6/17/2020

Cyber Spies Use LinkedIn to Hack European Defence Firms

North Korea’s Lazarus Group at It Again: Watch Out for .rar Files Coming and Going From Your Networks

Agencies Say FCC Should Deny Request for Underwater Cable Between Hong Kong and U.S.

Krebs: When Security Takes a Backseat to Productivity (in the CIA)

Israel And Greece Sign an Agreement on Cybersecurity Info-Sharing

Widespread Security Vulnerabilities in Mobile Banking Apps

Zoom Reverses Course, Will Give End-To-End Encryption Option to All Users

Premier League’s Return: A Hat Trick of Cyberthreats?

BEC Attackers Ditch C-Suite in Favor of Fresh Target

Sharp Rise in Web Attacks on Gamers
IT Giant Cognizant Confirms Data Breach After Ransomware Attack

DraftKings Discloses SBTech Ransomware Attack in SEC Filing

REvil Ransomware Group Begins Leaking Sensitive Data From Goodman Mintz LLP, Strategic Sites LLC, and ZEGG Hotels & Store

Unemployment Fraud in Washington Linked to Health Care Ransomware

Care New England Website Remains Down; No Evidence Found of Data Breach

Cyber Security Expert Says Care New England Hack ‘Is Indicative of Ransomware’

Shlayer Mac Malware Returns with Extra Sneakiness

AcidBox Malware Uncovered Using Repurposed VirtualBox Exploit

Bug in ‘USB for Remote Desktop’ Lets Hackers Add Fake Devices

Cisco Fixes Severe Flaws in Webex Meetings for Windows, MacOS

6/16/2020

Report Finds Russian Disinformation Group Tied to 2016 Elections Still Active

U.S. Firms Can Work With Huawei on 5G and Other Standards. Here’s What It Means

U.S. Says Former eBay Workers Sent Live Roaches, Bloody Pig Mask to Intimidate Critics

The Coronavirus-Fueled Tech Trends That Will Continue to Dominate Daily Life

46% of SMEs Sharing Confidential Files by Email During Lockdown

Financial Firms Facing Serious Hacking Threat in COVID-19 Era

Unpack the Use of AI in Cybersecurity, Plus Pros and Cons

90’s Social Engineering: How I Conned My Way Into an Interview With Michael Jordan

Newly Unclassified Report Finds CIA Security Failures Led to Massive 2017 Breach

Global DDoS Attack Dismissed as T-Mobile Misconfiguration

Anonymous: ‘the U.S. Is Currently Under a Major DDoS Attack’
Chipmaker MaxLinear Hit by ‘Maze’ Ransomware Attack

Avon Forced to Shut Down Its UK Website After Cyber Attack

Toronto Accounting Firm Hit by Ransomware

Wiggle Investigates Cyber-Attack

Hackers Target Redcar Children’s Charity in Attempted Cyber Attack

‘Ripple20’ Bugs Impact Hundreds of Millions of Connected Devices

CoinMiner Exploits Apple APSDaemon Vulnerability to Evade Detection

Google Alerts Catches Fake Data Breach Notes Pushing Malware

Adobe Patches 18 Critical Flaws in Out-Of-Band Update

Plex Fixes Media Server Bugs Allowing Full System Takeover

VLC Media Player 3.0.11 Fixes Severe Remote Code Execution Flaw

Half of Firms Likely Running Vulnerable Oracle E-Business Suite

6/15/2020

Lawmakers Warn of ‘Electoral Chernobyl’ in November Following Georgia Election Chaos

Twitter Disrupts Wide-Ranging Political Disinformation Campaigns

Philippine Journalist and Rappler Co-Founder Maria Ressa Found Guilty of Violating Cyber Libel Law

Six Former eBay Employees Charged With Cyberstalking Massachusetts Couple

Poor Password Practices and Growing Acceptance of Biometrics in Financial Accounts

WebAuthn Passwordless Authentication Now Available for Atlassian Products

Intel Will Soon Bake Anti-Malware Defenses Directly Into Its Tiger Lake CPUs

ESET Rushes to Defend Rival Malwarebytes in Legal War Sparked by Vendor Upset at ‘Unwanted Program’ Label

Greece Recruits Hackers Against Turkish Cyber Attacks
Foodora Data Breach Impacts Customers in 14 Countries

Data Breach Reported at Presbyterian Healthcare (NM)

9 Dating Apps Exposed 845 GB of Explicit Photos, Chats, and More

Claire’s Customers Targeted with Magecart Payment-Card Skimmer

Penn Township Ups Cybersecurity After Incident

U.S. Bank Customers Targeted in Ongoing Qbot Campaign

Mobile Threats Delivered by Adult Content Double

New Mobile Internet Protocol Vulnerabilities Let Hackers Target 4G/5G Users

20 Months Behind Bars for IT Support Worker Who Nicked £30k Worth of Crypto-Cash

6/12-14/2020

Microsoft Joins Ban on Sale of Facial Recognition Tech to Police

Spies Can Listen to Your Conversations by Watching a Light Bulb in the Room

WhatsApp Blamed Own Users for Failure to Keep Phone Number Repo off Google Searches

This App Will Tell You If Your iPhone Has Been Hacked

Windows 10 Privacy Settings Bug Lets Users Change Admin Options

Why Securing Endpoints Is The Future Of Cybersecurity

Mitigating Health Care’s Cybersecurity Risks in the Era of Hyperconnectivity

Honeypot Reveals Tactics Used by Cybercriminals to Deploy Ransomware

Honda Resumes Production at Plants Hit by Suspected Cyber Attack

D-Link Leaves Severe Security Bugs in Home Router Unpatched
Earth Empusa Threat Group Targeting Victims Across Tibet, Turkey and Taiwan via Watering-Hole Websites

Krebs: Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com

Robotics Company Symbotic Falls Prey to REvil Ransomware Attack

Rangely District Hospital (CO) Suffers Ransomware Attack

Report: Sapiens Pays $250,000 in Bitcoin for Ransomware Attack

Black Kingdom Ransomware Hacks Networks With Pulse VPN Flaws

“Tor2Mine” Has Returned to Infecting Systems With Cryptominers

Extortionists Threaten to Destroy Sites in Fake Ransom Attacks

Personal Information Exposed in Prior Data Breach at Magellan Health Inc

Hackers Are Quick to Notice Exposed Elasticsearch Servers

6/11/2020

Democrats Press Intel Chief for Answers on Foreign Efforts to Exploit U.S. Racial Tensions

Zoom Suspends U.S.-Based Activist’s Account After Tiananmen Square Commemoration Event

Twitter Deletes Over 170,000 Accounts Tied to Chinese Propaganda Efforts

U.S. Cops’ Personal Info Leaked Online

Drones Fly Over Protest-Packed Cities

Phishing and BEC Surge as #COVID19 Attackers Prioritize Email

Turn the Table on Phishers and Scammers to Protect Your Brand

Working From Home Is the New Normal, but Cybersecurity Isn’t Keeping Up

Google, Facebook and Microsoft Back Global Plan to ‘Eradicate’ Online Child Sexual Abuse

Germany Seeks EU Sanctions for 2015 Cyberattack on Its Parliament

UK Government Awards £10m Fund to Develop Cybersecurity Tech Solutions

Tesla Hacker Unlocks Performance Upgrade and Acceleration Boost at a Discount

IBM Cloud Global Outage Caused by “Incorrect” BGP Routing
Fortune 500 Insurance Firm Genworth Discloses Data Breach

Live Event Solutions Leader Tait Discloses Data Breach

Fisher and Paykel Hit With Cyberattack

MU Health Care Experienced Data Breach, Some Social Security Numbers Compromised

Yale New Haven Health Staff Unnecessarily Accessed COVID-19 Data in Medical Records

MAZE Attacks Threadstone Advisors

City of Knoxville Shuts Down Network After Ransomware Attack

Knoxville: No Personal Info Accessed in Ransomware Attack on City Offices

Microsoft Outlook Users Targeted By Gamaredon’s New VBA Macro

Kubernetes Falls to Cryptomining via Machine-Learning Framework

Encent Floats Bug Bounties for Its Cloudy Linux and IoT OSes

A Bug in Facebook Messenger for Windows Could’ve Helped Malware Gain Persistence

Android 11 Brings Numerous Security and Privacy Improvements

6/10/2020

Researchers Say Online Voting Tech Used in 5 States Is Fatally Flawed

Fake Black Lives Matter Voting Campaign Spreads Trickbot Malware

FBI Warns Hackers Are Targeting Mobile Banking Apps

Scammers Pretend to Be COVID-19 Contact Tracers to Get Personal Information From Victims

Office 365 Phishing Baits Business Owners With Relief Payments

Environmentalists Targeted Exxon Mobil. Then Hackers Targeted Them.

What Is Gaia-X? A Guide to Europe’s Cloud Computing Fight-Back Plan

Amazon Puts One-Year Moratorium on Rekognition Facial Recognition Technology for Police Use

Facebook Paid for a Tool to Hack Its Own User, Then Handed It to the FBI

Cost of US Cyber Command Program Quintuples

Slovak Police Seize Wiretapping Devices Connected to Government Network

Minimal Techno DJ Denis Kaznacheev Arrested in Berlin on Cyber-Crime Charges at Request of the U.S. Government

Helping Remote Workers Overcome Remote Attacks
Italian Encryption Utility Firm CloudEyE Accused of Bundling GuLoader Malware Functions in Product

Norwegian Shipbuilder Vard Hit by Ransomware Cyberattack

Self-Destructing Skimmer Steals Credit Cards of Greenworks Hardware Tools Customers

Coinsquare CEO Says Company Was Contacted About Potential Data Breach Affecting Thousands of Users Last Year

Mt. Diablo Unified School District (CA) Notifies Parents

Employed People Getting Hit With Unemployment Payment Scam in Illinois To Divulge Bank Information

Snake Ransomware Delivers Double-Strike on Honda and Enel Argentina

Thanos Ransomware First to Weaponize RIPlace Tactic

GnuTLS Patches Security Hole That Hung Around for Two Years – Worse Than Heartbleed, Says Google Cryptoboffin

Kingminer Patches Vulnerable Servers to Lock out Competitors

Expiring SSL Certs Expected to Break Smart TVs, Fridges, and IoTs

Equifax’s Latest Breach Settlement Is Skimpy to Plaintiffs, Critics Say

6/9/2020

Senate Report: Chinese Telecom Firms Operated in U.S. Without Proper Oversight for Decades

Booz Allen Hamilton: No Evidence of Unauthorized Data Transfers by Top Chinese Drone Manufacturer

Georgia Officials Launch Investigation Into Election Day Chaos Amid Voter Suppression Concerns

Opinion: The ‘Silver Lining’ of the Pandemic Is the Way It Is Catalyzing Changes in Cybersecurity

Senior Official Estimates $30 Billion in Stimulus Funds Will Be Stolen Through Coronavirus Scams

Fake SpaceX YouTube Channels Scam Viewers out of $150k in Bitcoin

Hack-for-Hire Firm Dark Basin Connected to Attacks on Nonprofits, Journalists

New Cybersecurity Recommendations for U.S. Government Target IoT, Social Media

Ransomware Gangs Are Teaming Up to Form Cartel-Style Structures

Nefilim Hackers Publish Oil Firm Data Online and Continue Disruptive Campaign

WhatsApp Resolves Issue That Exposed Some Users’ Phone Numbers in Google Search Results

Microsoft June 2020 Patch Tuesday: Largest Ever With 129 Fixes

Intel Patched 22 Vulnerabilities in the June 2020 Platform Update

Adobe Fixes Critical Remote Code Execution Bug in Flash Player

Patches for Spectre Holes on Linux Aren’t Perfect
Obscure Indian Cyber Firm BellTroX InfoTech Services Spied on Politicians, Investors Worldwide

South Africa’s Life Healthcare Hit by Cyber Attack

Australian Beverage Maker Lion Hit by Cyber Attack

Nintendo Said a Total of 300,000 Accounts Have Been Hacked

Computer Hack Affects Ste. Genevieve County (MO)

Babylon Health Admits GP App Suffered a Data Breach

Natura: Cyber Incident’ Partially Hit Avon Operations

Keepnet Labs Confirms Contractor Exposed ‘Data Breach Database’ of 5 Billion Records

Update: Florence (AL) Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity

Magecart Targets Emergency Services-related Sites via Insecure S3 Buckets

KingMiner Botnet Brute-Forces MSSQL Databases to Install Cryptocurrency Miner

Maze Ransomware Adds Ragnar Locker to Its Extortion Cartel

Valak Malware Gets New Plugin to Steal Outlook Login Credentials

New SGAxe Attack Steals Protected Data From Intel SGX Enclaves

SMBleed: A New Critical Vulnerability Affects Windows SMB Protocol

Windows Group Policy Flaw Lets Attackers Gain Admin Privileges

6/8/2020

Study Finds Vulnerabilities in Online Voting Tool Used by Several States

U.S. Energy Providers Hit With New Malware in Targeted Attacks

Huawei Takes out Several Full-Page Ads in UK Newspapers as Government Reviews Its 5G Role

Singapore’s Contact Tracing Wearable Causes Privacy Backlash

Phishing Attack Hits German Coronavirus Task Force

Hackers Are Attacking the German PPE Supply Chain

Phishers Hide #COVID19 Malware in CVs and Medical Leave Forms

Facebook Sues Companies for Registering Impostor Domains

Privacy Browser Brave Busted for Autocompleting URLs to Versions It Profits From

The 20 Best Cybersecurity Startups To Watch In 2020
Any Indian DigiLocker Account Could’ve Been Accessed Without Password

University of the Philippines Cebu (UP Cebu) Confirms Data Breach on Its Student Evaluation on Teaching System

Privacy Breach at Manitoba Agricultural Services Corporation (MASC)

Florence (AL) City Computer Systems Hit by Cyber Attack

Animal Rights Group Hacked Over Exploded Elephant Comments

Honda Investigates Possible Ransomware Attack, Networks Impacted

ZEE5 Refutes Report of Data Breach After Hackers Threaten to Leak Customers’ Info Online

REvil Ransomware Gang Strikes Again with More Auctions Listing Stolen Data

New Avaddon Ransomware Launches in Massive Smiley Spam Campaign

CallStranger UPnP Bug Allows Data Theft, DDoS Attacks, LAN Scans

6/5-7/2020

Report Details New Cyber Threats to Elections From COVID-19

Facebook Labels State-Controlled Media Ahead of U.S. Elections

Chinese Tech Giants Caught up in Rising U.S.-China Tensions

Israel and Iran Just Showed Us the Future of Cyberwar With Their Unusual Attacks

Greek Hackers Take Down Turkish Foreign Ministry Website in Revenge

UK Gov’t Publishes Contracts Granting Amazon, Microsoft, Google, and AI Firms Access to COVID-19 Health Data

North Dakota Contact Tracing App Ends Data Share with Foursquare

Bogus COVID-19 Contact Tracers May Be Coming for Your Personal Information

Nationwide Unemployment Scam

Signal Deploys Blur Tool in Its Messaging and Calling App to Allow Users to Obscure Faces in App-Captured Snapshots

Cyber Concerns Haunt Financial Sector During Pandemic Recovery

Approximately 117 Million IT Jobs Lost Since March

Sophos Confirms Restructuring Plans, Denies Blog Closure

U.S. Aerospace Services Provider VT San Antonio Aerospace (VT SAA) Breached by Maze Ransomware

Cyberattack Attempts on Anti-Racism Websites See Massive Spike

Northern Maine Community College (NMCC) Offers Cybersecurity Program

FTC Slams Children’s App Developer HyperBeard for COPPA Violations

Krebs: Owners of DDoS-for-Hire Service vDOS Get 6 Months Community Service
Fitness Depot Hit by Data Breach After ISP Fails to ‘Activate the Antivirus’

Some University of Utah Health Patients Notified of Data Security Breach

Ransomware Attack on Singapore-based ST Engineering’s U.S. Unit Contained

Singapore Network Not Affected by U.S. Cyber Attack

Electrolux, Others Conned Out of Big Money by BEC Scammer; Kenenty Hwan Kim (aka Myung Kim) Pleads Guilty

Amherst (MA) Police Report ‘Substantial Amount’ of Fraudulent Unemployment Claims Being Filed With Stolen Identities of Residents

Post Falls (ID) Police Department Says ‘No Sensitive Data’ Compromised in Cyberattack

Hackers Target Fincantieri’s Norwegian Unit With Ransomware

San Beda University (Philippines) Student Portal Hacked, Personal Data of Thousands Stolen

100,000 Private Box eXchange (PBX) Telephone Boxes Hit With Voice Message Phishing

Ongoing eCH0raix Ransomware Campaign Targets QNAP NAS Devices

Kupidon Is the Latest Ransomware Targeting Your Data

Fake Ransomware Decryptor for STOP Djvu Double-Encrypts Desperate Victims’ Files

Florida Institute of Technology Student Discovers Flaws in Leading Doorbell Security Cameras

Windows 10 SMBGhost Bug Gets Public Proof-Of-Concept RCE Exploit

WhatsApp Phone Numbers Pop Up in Google Search Results — But is it a Bug?

uBlock Origin Ad Blocker Now Blocks Port Scans on Most Sites

Microsoft Dev Fixes Major Annoyance in Chromium Browser

6/4/2020

Presidential Campaigns Targeted by Suspected Chinese, Iranian Hackers

Phishing: China APT 31 (aka Zirconium) Attacks Biden Campaign; Iran APT 35 (aka Charming Kitten) Attacks Trump Campaign

New Report Claims Huawei Hushed Up Iran Business Links

Europe Nears Tipping Point on Russian Hacking

Black Lives Matter Activists Targeted by Cyber Attacks

London Queer Pub Forced to Abort HIV Fundraiser Amid ‘Operation Pridefall’ Anti-LGBT+ Cyber Attack

Crowdstrike CEO: How the Future of Remote Work and Security Will Look

Shift Your Cybersecurity Mindset to Maintain Cyber Resilience

Zoom Restricts End-to-End Encryption to Paid Users

Netizens Urged Not to Use Name as Password

Google Adds YubiKey Support for Apple Devices

Mozilla Firefox to Let You Export Saved Passwords in Plain Text
Chartered Professional Accountants (CPA) of Canada Discloses Data Breach Affecting 329,000 Individuals

Business Services Giant Conduent Hit by Maze Ransomware

NetWalker Ransomware Strikes Three U.S. Universities (UCSF, Michigan State & Columbia College Chicago)

Michigan State Refuses to Pay Ransom to Hackers

Hackers Begin Publishing Stolen Documents

ZEE5 Allegedly Hacked by ‘Korean Hackers’, Customer Info at Risk

Duluth School District (MN) Addresses Cyber Security Breach

Fraudulent iOS VPN Apps Attempt to Scam Users

ZLoader-Laced Emails Masquerade As CVs From Job-Seekers

Bruteforce Malware Probes Login for Popular Web Platforms

Tycoon Ransomware Banks on Unusual Image File Tactic

Japan to Review Cyber-Bullying Laws Following Wrestler’s Suicide

Google Faces Privacy Lawsuit Over Tracking Users in Incognito Mode

6/3/2020

Top DHS Official Says to Expect ‘Every Intelligence Service’ to Target COVID-19 Research

Hackers Steal Secrets From U.S. Nuclear Missile Contractor Westech International

DopplePaymer Ransomware Gang Says It Breached NASA Contractor DMI

Sophisticated Info-Stealer APT ‘Cycldek’ Targets Air-Gapped Devices via USB

Here’s How Far Hackers Are Willing to Go to Steal Your Stimulus Check

Enterprise Mobile Phishing Attacks Skyrocket Amidst Pandemic

Most Victims Choose a Similar or Weaker Password after a Data Breach, Study Finds

Zoom CEO Explains Stance on Encryption, Says He Wants to ‘Work Together’ With Law Enforcement

Is Zoom Critical Infrastructure?

Two Critical Flaws in Zoom Could’ve Let Attackers Hack Systems via Chat

Hackers Force Minnesota Senate Website Offline

Chicago Police Scanner Jammed by Hackers Amid Riots

Romanian Skimmer Gang in Mexico Outed by KrebsOnSecurity Stole $1.2 Billion

Aussie Fined for Tweeting Apple Employees’ Data

AUCloud Brings Object Lock-Based Ransomware Protection to Australia
San Francisco Retirement Program SFERS Suffers Data Breach

Netwalker Ransomware Continues Assault on U.S. Colleges, Hits UCSF

Ransomware Gangs Team up to Form Extortion Cartel

Unnamed University Fights off Cyber Attack From Another School

Nearly 1,000 Members of Kentucky Employees’ Health Plan Hit by Data Breach

Cyber Attack Strikes Person County (NC) Computer Systems

Hackers Hijack One of Coincheck’s Domains for Spear-Phishing Attacks

Recent Coinsquare Data Hack Could Put Millions of Dollars in Bitcoin at Risk

Attackers Target 1M+ WordPress Sites To Harvest Database Credentials

Office 365 Phishing Baits Remote Workers With Fake VPN Configs

TrickBot Adds BazarBackdoor to Malware Arsenal

Dark Web Demand Surges for YouTube Accounts

Firefox 77.0.1 Released to Prevent DDoSing DoH DNS Providers

Critical SAP ASE Flaws Allow Complete Control of Databases

This Wallpaper Will Crash Your Android Phone

6/2/2020

Zuckerberg Defends Hands-Off Approach to Trump’s Posts

Krebs: REvil Ransomware Gang Starts Auctioning Victim Data

Iran ‘Opened a Pandora’s Box’ in Cyber Attack on Israeli Water System

EU to Impose Sanctions on Russia Hackers for Cyber Attack on German Bundestag – Journalist

Cyber Incidents, Possibly by Anonymous, Accompany U.S. Unrest

COVID-19 & 5 Data Breaches Combine Into a Cyberstorm for Consumers

Cybersecurity Spending Hits ‘Temporary Pause’ Amid Pandemic

Cybersecurity Startups Feel a Pinch on Funding and Sales

Police Efforts Help to Erode Trust on Dark Web

European Cybersecurity Blogger Award Winners Announced

NYC Cybersecurity Bootcamp Offers Free Training Nationwide

Office 365 to Make One-Time Passcode Emails Look Less Spammy
Islamic Hackers Group Claims Responsibility for Cyber-Attack That Exposed PII of Hundreds of Israelis

Bahamas Police Probe Registry Hack

Researchers Find Exposed Data on Millions of Users of Quiz App, TVSmiles

Saint Joseph Health & 6 More Indiana Providers Report Improper Disposal of Patient Records

Commercial Services Group (CSG) Hit With Ransomware

Octopus Scanner Sinks Tentacles into GitHub Repositories

Google Fixes Android Flaws That Allow Code Execution With High System Rights

Apple Jailbreak Zero-Day Gets a Patch

Critical Exim bugs being patched but many servers still at risk

Linus Torvalds Trashes 5.8 Linux Kernel Patch Over Opt-In Intel CPU Bug Mitigation

Severe Cisco DoS Flaw Can Cripple Nexus Switches

VMware Cloud Director Flaw Lets Hackers Take Over Virtual Datacenters

6/1/2020

Trump Plans to Ban Chinese Students with Military Ties

Human-Rights Groups Ask Police to Hunt Hackers Attacking Hospitals

Minneapolis City and Police Websites Attacked

Minneapolis Police Department Hack Likely Fake, Says Researcher

After a Breach, Users Rarely Change Their Passwords, Study Finds

The Cybersecurity Implications of 5G Technology
Bharat Interface for Money (BHIM) Payment App Data Breach Exposes Millions of Indians’ Data

Joomla Resources Directory (JRD) Portal Suffers Data Breach

Kelles Campaign (NY State Assembly) Says They’re Under Cyber-Attack

Meadow Vale Primary School (Bracknell Forest, UK) Suffers Cyber Attack From Hackers Wiping Personal Data

Web Browsers Still Allow Drive-By-Downloads in 2020

Apple Pays $100K Bounty for Critical ‘Sign in With Apple’ Flaw