News

Cybersecurity & Infosec

News Aggregator Blog

Google: North Korea Hackers Use Social Media to Target Security Researchers

…I Was Targeted by North Korean 0-Day Hackers Using a Visual Studio Project

The Massive SolarWinds Hack and the Future of Cyber Espionage

…Mimecast Links Security Breach to SolarWinds Hackers

…Three Others Too

Biden Presses Putin on Navalny Arrest and Massive Cyber Hack in First Phone Call

Biden Administration Appoints Chris Derusha as Federal CISO

Governors Hear About the Dangers of a Lackluster CyberResponse, Need for FBI Coordination

South African Government Releases Its Own Browser Just to Re-Enable Flash Support

U.S. Cyber Intel Officer Gets 11 Years for Kidnapping Her Kid, Trying to Defect to Russia

Hacker Admits Targeting Major U.S. Websites

Targeted Phishing Attacks Strike High-Ranking Company Executives

23M Gamer Records Exposed in VIPGames Leak

TikTok Flaw Lay Bare Phone Numbers, User IDs For Phishing Attacks

Pan-Asian Retail Giant Dairy Farm Suffers REvil Ransomware Attack

Scottish Prison Service Hit by Cyber Attack as Hackers ‘From Morocco’ Target Website

Cybercriminals Use Deceased Staff Accounts to Spread Nemty Ransomware

Nefilim Ransomware Gang Hits Jackpot with Ghost Account

DanaBot Malware Roars Back into Relevancy

New Linux SUDO Flaw Lets Local Users Gain Root Privileges

Google Fixes Severe Golang Windows RCE Vulnerability

Nvidia Squashes High-Severity Jetson DoS Flaw

Biden Admin Vows to Hold China ‘Accountable’ While Weighing Approach to Huawei, TikTok

…Assembling Government Cyber Team

…Outgoing FCC Chair Issues Final Security Salvo Against China

High-Profile Hacks Spark Calls for Global Cyber Response

EMA Says Some Leaked COVID-19 Documents ‘Taken Out of Context’

Beware of Active UK NHS COVID-19 Vaccination Phishing Campaign

Ransomware Gangs Are Using These Techniques to Make Victims More Likely to Pay Up

Australia’s Securities Regulator Says Server Hit by Cyber Security Breach

Facebook to Grant Researchers Access to Targeting Information About Political Ads

Twitter Launches User Forum to Combat Misinformation

Google Unions Around the World Form Alpha Global Alliance

That Cute Robot Cop Can Instantly Work Out Who You Are

Hacker Leaks Data of 2.28 Million MeetMindful Dating Site Users

Leading Crane Maker Palfinger Hit in Global Cyberattack

Ransomware Gang Taunts IObit With Repeated Forum Hacks

Tata Sky, Croma Site Vulns Exposed Sensitive Customer Data of Millions

323,277 Cook County, Illinois Records Exposed

Ohio Job and Family Services Security Vulnerability May Have Exposed Personal Data

Florida Breast Cancer Practice Takes EHR Offline Following Cyber Attack

WestRock Company Hit With Cyber Attack

Georgetown County (SC) Falls Victim to Cyber Attack

A New Wormable Android Malware Spreading Through WhatsApp

Cisco DNA Center Bug Opens Enterprises to Remote Attack

Former LulzSec Hacker Releases VPN Zero-Day Used to Hack Hacking Team

After Big Hack of U.S. Government, Biden Enlists ‘World Class’ Cybersecurity Team

…The Next Pandemic May Be Cyber — How Biden Administration Can Stop It

Democrats Seek Answers on Impact of Russian Cyberattack on Justice Department, Courts

…Russian Government Warns of U.S. Retaliatory Cyberattacks

Intelligence Agency Gathers U.S. Smartphone Location Data Without Warrants, Memo Says

SEPA Shrugs off 4,000 Files Dumped Online, Saying It’s Nothing Big

Avaddon Now Uses DDoS Attacks to Force Ransomware Victims to Pay, Joining SunCrypt & RagnarLocker

ADT Tech Hacks Home-Security Cameras to Spy on Women

Tesla Sues Former Employee for Allegedly Stealing Software

Facebook Users Were Mass-Logged Out Friday by Configuration Change

How Cybersecurity Newbs Can Start Out on the Right Foot

SonicWall Hacked Using 0-Day Bugs In Its Own VPN Product

Intel: Hackers Stole Unpublished Earnings Info From Corporate Site

Data Breach at Buyucoin Crypto Exchange Leaks User Info, Trades

Bonobos Clothing Store Suffers a Data Breach, Hacker Leaks 70GB

Clop Ransomware Gang Dumps Sensitive Files From Atlantic Records’ London Ad Agency The7stars Online

MyFreeCams Site Hacked to Steal Info of 2 Million Paying Users, Offering to Sell for Bitcoin

Amazon Kindle RCE Attack Starts with an Email

Discord-Stealing CursedGrabber Malware Invades npm Packages

Experts Detail A Recent Remotely Exploitable Windows Vulnerability

SAP SolMan Exploit Released for Max Severity Pre-Auth Flaw

Drupal Releases Fix for Critical Vulnerability With Known Exploits

Biden Names Acting Chairs to Lead FCC, FTC

Biden’s COVID-19 Strategy Includes Intel Review of Cyber Risks to Vaccine Rollout

…Altered Vaccine Data Exposes Critical Cyber Risks

Federal Cyber Agency Announces New Campaign to Fight Ransomware Attacks

Cyber Criminals Publish More Than 4,000 Stolen SEPA Files

Laptops Given to British Schoolkids Came Preloaded With Malware and Talked to Russia When Booted

Google Searches Expose Stolen Corporate Credentials

Google Forms Set Baseline For Widespread BEC Attacks

Singapore Widens Security Labelling to Include All Consumer IoT Devices

Krebs: DDoS-Guard To Forfeit Internet Space Occupied by Parler

…Judge Denies Request for Amazon to Immediately Restore Parler

…House Oversight Committee Chair Requests FBI Probe of Parler for Alleged Ties to Russia and Its Role in Capitol Siege

France Arrests 14 Over Online Child Sexual Abuse

Intel’s Financially Sensitive Information Stolen by Hacker

Hacker Leaks Data of Millions of Teespring Users

Einstein Healthcare (PA) Network Announces August Breach

Chwapi Hospital (Belgium) Hit by Windows BitLocker Encryption Cyberattack

Ransomware Attack on Mailing Service Exposes Info of 20,000+ Salem Clinic / Oregon Heart Center Patients

French Car Renting Service ‘UCAR’ Victimized by Ransomware Actors

Personal Info May Have Been Compromised in Cyber Attack on Haywood School District (NC)

Ransomware Is Now the Biggest Cybersecurity Concern for CISOs

SQL Server Malware Tied to Iranian Software Firm, Researchers Allege: MrbMiner Campaign

Windows Remote Desktop Servers Now Used to Amplify DDoS Attacks

QNAP Warns Users to Secure NAS Devices Against Dovecat Malware

Microsoft Edge Gets a Password Generator, Leaked Credentials Monitor

Trump Seeks to Curb Foreign Cyber Meddling on Last Day in Office

…Pardons Ex-Google, Uber Engineer Who Plead Guilty to Stealing Trade Secrets

Is Joe Biden’s Peloton Bike Really a Cybersecurity Risk?

Rob Joyce to Take Over as NSA Cybersecurity Director

Chinese Hacking Group Chimera Is Stealing Airline Passenger Details

Cyberattack Fears Raise the Alarm in Eastern European Countries

Microsoft Shares How SolarWinds Hackers Evaded Detection

Quarter of Orgs Don’t Offer Cybersecurity Training Due to Lack of Budget

World Economic Forum Launches How-to Guide on Using Technology Ethically

Monitoring of Employees Faces Scrutiny in Europe

Hacker Leaks Full Database of 77 Million Nitro PDF User Records

Hacker Posts 1.9 Million Pixlr User Records for Free on Forum

NVIDIA Gamers Face DoS, Data Loss from Shield TV Bugs

Butler County (OH) Reinforces Cybersecurity After Holiday Attack

Indonesia’s Diponegoro University Responds to Student Data Breach Allegation

Retail and Hospitality Facing Deluge of Critical Web App Flaws

Critical Cisco SD-WAN Bugs Allow RCE Attacks

List of DNSpooq Vulnerability Advisories, Patches, and Updates

VLC Media Player 3.0.12 Fixes Multiple Remote Code Execution Flaws

Google Chrome Now Checks for Weak Passwords, Helps Fix Them

Biden DHS, Intel Picks Stress Need to Prioritize Cybersecurity After SolarWinds Hack

Malwarebytes Says Some of Its Emails Were Breached by SolarWinds Hackers

SolarWinds Malware Arsenal Widens with Raindrop

FireEye Publishes Details of SolarWinds Hacking Techniques, Gives Free Tool to Detect Signs of Intrusion

SolarWinds Attack Underscores ‘New Dimension’ in Cyber-Espionage Tactics

Police Arrest Woman FBI Says May Have Tried to Sell Pelosi Computer Device

Krebs: New Charges Derail COVID Release for Hacker Who Aided ISIS

Suspicious Vaccine-Related Domains Triple

Interpol: Trading Scammers Lure Love-Struck Victims via Dating Apps

Awareness Isn’t Enough: It’s Time for Security Leaders to Change Behaviors

Atlanta Synagogue Reports Cyber-Attack

Okanogan County (BC) Hit by Cyber Attack, Affecting Phone and Email

Hendrick Health System (TX) Cyber Attack Exposes Patients’ Personal Info

Livecoin Slams Its Doors Shut After Failing to Recover From Hack

Cloud Config Error at Defunct App Fleek Exposes X-Rated College Pics

Bugs in Signal, Facebook, Google Chat Apps Let Attackers Spy on Users

Fake Collaboration Apps Are Stealing Data as Staff Struggle With Home Working Security

Linux Devices Under Attack by New FreakOut Malware

MAZE Exfiltration Tactic Widely Adopted

DNSpooq Flaws Allow DNS Hijacking of Millions of Devices

Woman May Have Tried to Sell Pelosi Computer Device to Russians, FBI Says

FBI Warns of Vishing Attacks Stealing Corporate Accounts

UK Police Warn of Sextortion Attempts in Intimate Online Dating Chats

Scottish Environment Protection Agency Refuses to Pay Ransomware Crooks Over 1.2GB of Stolen Data

Google Cloud: We Do Use Some SolarWinds, but We Weren’t Affected by Mega Hack

SolarWinds Hack Is Quickly Reshaping Congress’s Cybersecurity Agenda

No U.S. Trial for Irish Hacker

OpenWRT Reports Data Breach After Hacker Gained Access to Forum Admin Account

IObit Forums Hacked in Widespread DeroHE Ransomware Attack

Hackers Are Selling Depop App Account Details on the Dark Web for Cheap

Stolen Employee Credentials Put Leading Gaming Companies at Risk of Severe Cyber Attacks

Microsoft Defender to Enable Full Auto-Remediation by Default

More on Joker’s Stash’s End (Krebs)

China A.I. Firms and Huawei Filed to Patent Technology That Could Identify Uighur Muslims

Xiaomi Denies Any Ties With Chinese Military

How Law Enforcement Gets Around Your Smartphone’s Encryption

UK Accidentally Deletes 150k Arrest Records

New Coalition Aims to Combat Growing Wave of Ransomware Attacks

Iconic BugTraq Security Mailing List Shuts Down After 27 Years

Joker’s Stash, The Largest Carding Marketplace, Announces Shutdown

WhatsApp Delays Controversial Privacy Update

Google Boots 164 Apps From Play Marketplace for Shady Ad Practices

Teens Have Never Known a World Without Data Sharing, and It’s Creating a False Sense of Security

Privacy-Focused Search Engine DuckDuckGo Grew by 62% in 2020

Hackers Leaked Altered Pfizer Data to Sabotage Trust in Vaccines

Hackers Leak Trucker, Rail Worker Medical Records From UPS, Norfolk Southern

Scotland Environmental Regulator Hit by ‘Ongoing’ Ransomware Attack

Exclusive Wentworth Golf Club Hacked

India Seizes Bitcoins Worth $1.2 Million From Hacker of Gov’t Website and Crypto Exchanges

Undisclosed Apache Velocity XSS Vulnerability Impacts GOV Sites

Windows Finger Command Abused by Phishing to Download Malware

Windows 10 Bug Causes a BSOD Crash When Opening a Certain Path

Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’

Apple Kills MacOS Feature Allowing Apps to Bypass Firewalls

Biden Includes Over $10 Billion in Cyber, IT Funds as Part of COVID-19 Relief Proposal

…Christopher Krebs: Infrastructure Operators ‘Need to Be Assembling Their Crisis Management Teams Yesterday’

UK Ministry of Defence’s Cyber Warfare Drive Is Burn a Hole Through Its Budget, Warns National Audit Office

NSA Warns Against Using DoH Inside Enterprise Networks

Phishing Warning: These Are the Brands Most Likely to Be Impersonated by Crooks

SolarWinds Defense: How to Stop Similar Attacks

Silicon Valley’s Share of Venture Capital Expected to Drop Below 20% for the First Time This Year

Nintendo Uses Copyright Claims to Take Down Game & Watch Hacking Videos

Facebook: Malicious Chrome Extension Developers Scraped Profile Data

Verified Twitter Accounts Hacked in $580k ‘Elon Musk’ Crypto Scam

Amazon’s Ring Neighbors App Exposed Users’ Precise Locations and Home Addresses

Ring Adds End-to-End Encryption to Quell Security Uproar

Telegram Bots at Heart of Classiscam Scam-as-a-Service

Windows 10 Bug Corrupts Your Hard Drive on Seeing This File’s Icon

Cisco Says It Won’t Patch 74 Security Bugs in Older RV Routers That Reached EOL

Airbnb, HotelTonight Cancel All Washington, DC, Metro Reservations Ahead of Inauguration

…Google Pausing All Political Ads Through Jan. 21

Americans Won’t Be Banned From Investing in Alibaba, Tencent and Baidu

Biden Formally Appoints NSA’s Anne Neuberger to Key National Security Position

Scammers Are Claiming to Sell COVID-19 Vaccines on the Dark Web for up to $1,000 Worth of Bitcoin

Bitcoin Exchange Owner Jailed for Money Laundering

Epik Says It Has Not Discussed Hosting Parler Despite Domain Registration

Parler Hack Yields GPS Data That Tracks Users at U.S. Capitol Riots

Post-Backlash, WhatsApp Spells Out Privacy Policy Updates

TikTok Takes Teen Accounts Private

Iranian Cyberspies Behind Major Christmas Sms Spear-Phishing Campaign

CISA: Hackers Bypassed MFA to Access Cloud Service Accounts

High-Severity Cisco Flaw Found in CMX Software For Retailers

Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover

Poland’s CD Projekt Working With Sony to Bring Back Cyberpunk 2077 – PAP

Microsoft Fixes Secure Boot Bug Allowing Windows Rootkit Installation

Krebs: Microsoft Patch Tuesday, January 2021 Edition

It’s Finally Over! Time to Uninstall Adobe Flash Player

SolarWinds: What Hit Us Could Hit Others (Krebs)

…New Sunspot Malware Found While Investigating SolarWinds Hack

…SolarLeaks Site Claims to Sell Data Stolen in SolarWinds Attacks

…SolarWinds Discloses Earlier Evidence of Hack

Senior Intelligence Official Says China, Russia Targeting COVID-19 Vaccine Supply Chain

Some Data From Last Month’s Cyber Attack Leaked Online, Says EU Drugs Regulator

White House Establishes National Artificial Intelligence Office

Social-Media Watchdogs Detect Signs of Ongoing Extremist Threat

Twitter Cites Capitol Protests in Suspension of 70,000 User Accounts

WhatsApp Users Flock to Rival Message Platforms

Location Data from Muslim Prayer App Sold to Data Broker

Europol Reveals Dismantling of ‘Largest’ Underground Marketplace DarkMarket

Email Security Firm Mimecast Says Hackers Hijacked Its Products to Spy on Customers

Brazil Fuel Distributor Ultrapar Interrupts Operations After Cyber Attack

Data Breach at ‘Resident Evil’ Gaming Company Capcom Widens

New Zealand Central Bank Breach Hit Other Companies

Jefferson Healthcare Hit by ‘Phishing’ Cyber Attack

Clearfield County (PA) Cyber Attack

Colombian Energy, Metal Firms Under Fire in New Trojan Attack Wave

Experts Sound Alarm On New Android Malware Sold On Hacking Forums

Google Reveals Sophisticated Windows and Android Hacking Operation

BumbleBee Opens Exchange Servers in xHunt Spy Campaign

Adobe Fixes 7 Critical Flaws, Blocks Flash Player Content

Critical Microsoft Defender Bug Actively Exploited; Patch Tuesday Offers 83 Fixes

Intel Adds Hardware-Based Ransomware Detection to 11th Gen CPUs

China’s Move to Regulate Its Tech Giants Is Part of Its Bigger Push to Become a Tech ‘Superpower’

SolarWinds Hackers Linked to Known Russian Spying Tools Used by Turla APT, Investigators Say

…FBI Probes Russian-Linked Postcard Sent to FireEye CEO After Cybersecurity Firm Uncovered Hack

U.S. Announces Controversial State Department Cyber-Bureau

Researcher Builds Parler Archive Amid Amazon Suspension

Over 100,000 UN Employee Records Accessed by Researchers

DarkSide Ransomware Decryptor Recovers Victims’ Files for Free

Aliens and UFOs: A Final Frontier for Social Engineers

Thou Shalt Not Hack Indiscriminately, High Court of England Tells Britain’s Spy Agencies

Cybersecurity Insurance Has a Big Problem

Millions of Social Profiles Leaked by Chinese Data-Scrapers

Ubiquiti: Change Your Password, Enable 2FA (Krebs)

Finland Staffing Firm Eilakaisla Hit by Cyber-Attack, Jobseeker and Employee Data Possibly Compromised

Aquaculture Equipment Company Akva Hit by Cyber-Attack

University Medical Center- New Orleans: Patient Info May Have Been Leaked in LSU HCSD Data Breach

Mac Malware Uses ‘Run-Only’ AppleScripts to Evade Analysis

Typeform Fixes Zendesk Sell Form Data Hijacking Vulnerability

Microsoft Releases Linux Endpoint Detection and Response Features

Microsoft Sysmon Now Detects Malware Process Tampering Attempts

Windows 10 Hardware Security Enabled by Default on New Surface PC

Permanent Suspension of @realDonaldTrump

…Why Parler Is About to Disappear From the Internet

Laptop Also Stolen From Pelosi’s Office During Storming of U.S. Capitol, Says Aide

SolarWinds Hires Ex-Homeland Security Official Krebs as Consultant

Cyber Czar to Draw on New Powers From Defense Bill

Space Force Joins Us Intelligence Community to Secure Outer Space

A Look Ahead at 2021: SolarWinds Fallout and Shifting CISO Budgets

Malicious Software Infrastructure Easier to Get and Deploy Than Ever

Ransomware Gangs Are Going After Top Execs to Pressure Companies Into Paying

JPMorgan Chase Hacker Gets 12 Years

New Zealand Reserve Bank Suffers Data Breach via Hacked Storage Partner

Ransomware Forces Three-Week Shutdown of Australia’s Northern Territory Gov’t IT

Dassault Falcon Jet Reports Data Breach After Ransomware Attack

Prestera Center for Mental Health Services (WV) Breach Exposes 3,700+ Patients’ Info

Montreal-Based Car-Sharing Service Communauto Hit by Cyber Attack

Hacker Used Ransomware to Lock Victims in Their IoT Chastity Belt

North Korean Hackers Targeting South Korea with RokRat Trojan

New Attack Could Let Hackers Clone Your Google Titan 2FA Security Keys

Bugs in Firefox, Chrome, Edge Allow Remote System Hijacking

U.S. Judiciary Probes ‘Apparent Compromise’ of Case Management System

…Krebs: Sealed U.S. Court Records Exposed in SolarWinds Breach

…Adds Safeguards

U.S. Senator Says Capitol Building Rioters Made off With Laptop

…How Bad Was the U.S. Capitol Breach for Cybersecurity?

Facebook Extends Trump’s Suspension Until at Least Biden Inauguration

Krebs: QAnon… Who is Q?

State Department Sets up New Bureau for Cybersecurity and Emerging Technologies

Intel Wheels Out New Face Authentication Product That Works a Lot Like Apple’s FaceID

Fired Healthcare Exec Stalls Critical PPE Shipment for Months

SEO Scammer Extorts Site Owners Using Porn Backlinks Threat

JetBrains denies being involved in SolarWinds hack

Minnesota’s Lake Region Healthcare Recovering From Ransomware Attack

Hacker Sells Aurora Cannabis Files Stolen in Christmas Cyberattack

Hackers Post Hackney Council’s ‘Stolen Documents’

FBI Warns of Egregor Ransomware Extorting Businesses Worldwide

Ryuk Gang Estimated to Have Made More Than $150 Million From Ransomware Attacks

The Five Early Warning Signs Of An Imminent Ransomware Attack

Linux Malware Authors Use Ezuri Golang Crypter for Zero Detection

Nvidia Warns Windows Gamers of High-Severity Graphics Driver Flaws

Windows PsExec Zero-Day Vulnerability Gets a Free Micropatch

U.S. Weighs Adding Alibaba, Tencent to China Stock Ban

Treasury Secretary Mnuchin Intervened in NYSE’s Chinese Delisting Saga

…After Pressure, New York Stock Exchange Will Delist 3 Chinese Firms

SolarWinds Hackers Accessed DOJ Emails, but There’s No Indication They Reached Classified Systems

FBI Probe of Major Hack Includes Project-Management Software From JetBrains

Biden Taps Intelligence Veteran Anne Neuberger for New White House Cybersecurity Role

Krebs: Hamas May Be Threat to 8chan, QAnon Online

WhatsApp Will Delete Your Account If You Don’t Agree Sharing Data With Facebook

Don’t Dox Yourself by Tweeting About Data Breaches

It’s Not a Trump Sex Tape, It’s a RAT

Chinese State-Backed Hackers Target Gambling Companies in $100m Ransomware Attack

Two-Year Data Breach Hits Employees’ Email at WTTW, WFMT (IL)

Covid-19: UK Police Warning Over Vaccine Scam Messages

Hackers Start Exploiting the New Backdoor in Zyxel Devices

Nissan Source Code Leaked Online After Git Repo Misconfiguration

Data Exposure Flaw on Walmart.ca Revealed Personal Customer Information

Poor Software Quality Costs US $2.08tn

British Airways Plans £3bn Breach Settlement

Where Is Jack Ma, China’s E-Commerce Pioneer?

…Chinese Regulators Try to Get Jack Ma’s Ant Group to Share Consumer Data

Trump Signs Executive Order Blocking Transactions With Alipay, WeChat Pay, and Six Other Chinese Apps

NYSE Does a U-Turn on Chinese Telecoms Delistings

Trump Administration Rolls Out Plan to Secure Maritime Sector Against Cyber Threats

NSA Shares Guidance, Tools to Mitigate Weak Encryption Protocols

U.S. Intelligence Task Force Accuses Russia of SolarWinds Cyber-Hack

Officials See Few Security Issues as Voters Go to the Polls in Georgia

Website Crashes Mar Early Coronavirus Vaccine Rollouts

Australian Researchers Identify Facebook Mobile Data Can Be Used for COVID-19 Tracing

Indian Government Sites Leaking Patient COVID-19 Test Results

Data from August Breach of Amazon Partner Juspay Dumped Online

Hacker Posts Data of 10,000 American Express Accounts for Free

Major Gaming Companies Hit with Ransomware Linked to APT27

UK Construction Firm Amey Hit by Cyber Attack

Italian Mobile Operator Ho Mobile Offers to Replace Sim Cards After Massive Data Breach

Australian Cybersecurity Agency Used as Cover in Malware Campaign

North Korean Software Supply Chain Attack Targets Stock Investors

ElectroRAT Drains Cryptocurrency Wallet Funds of Thousands

Babuk Locker Is the First New Enterprise Ransomware of 2021

Telegram Triangulation Pinpoints Users’ Exact Locations

Google Warns of Critical Android Remote Code Execution Bug

WikiLeaks Founder Julian Assange Cannot Be Extradited to U.S., Judge Rules

…Mexico Prepared to Offer Assange Asylum, President Says

NYSE to Delist Chinese Telcos on National Security Grounds

China’s APT Hackers Move to Ransomware Attacks

SolarWinds: The More We Learn, the Worse It Looks

Researcher Breaks reCAPTCHA With Google’s Speech-to-Text API

Google Employees Announce Creation of Union

Cyber Startups Face Broader Funding Challenge in 2021

Singapore Police Can Access COVID-19 Contact Tracing Data for Criminal Investigations

Leading Game Publishers Hit Hard by Leaked-Credential Epidemic

TransLink Confirms Ransomware Data Theft, Still Restoring Systems

GenRx Pharmacy Ransomware Attack Resulted In Data Breach

Minnesota Health System Hit by Ransomware Attack

Aurora Cannabis Breach Exposes Personal Data of Former, Current Workers

Cyber-Attack on Apex Laboratory

FBI Warns of Cyberattacks to Distance Learning

Zend Framework Remote Code Execution Vulnerability Revealed

Microsoft Defender for Office 365 to Allow Testing Without Setup

Citrix Adds NetScaler ADC Setting to Block Recent DDoS Attacks

12/31/2020 – 1/3/2021

Microsoft Hacked, Source Code Viewed in Russia-Linked SolarWinds Cyberattack

Cyber Attack on U.S. Government May Have Started Earlier Than Initially Thought – U.S. Senator

The Coolest Hacks of 2020

2021 Cybersecurity Trends: Bigger Budgets, Endpoint Emphasis and Cloud

Adobe Flash Player Is Finally Laid to Rest

Ticketmaster To Pay $10 Million Fine For Hacking A Rival Company

Data Breach Broker Selling User Records Stolen From 26 Companies

Mednax Email Hack Exposes Info of 1.2 Million Patients: 5 Details

Phishing Texts State Your PayPal Account Is ‘Limited’

Secret Backdoor Account Found in Several Zyxel Firewall, VPN Products

Google Chrome Fixes Antivirus ‘File Locking’ Bug on Windows 10

‘Bullet Has Left the Chamber’: Biden Will Not Likely Roll Back Trump Campaign Against China Tech

CISA Updates SolarWinds Guidance, Tells U.S. Gov’t Agencies to Update Right Away

Local Governments Needn’t Face Ransomware Streak Alone, Experts Say

Taking a Neighborhood Watch Approach to Retail Cybersecurity

The Curse of Knowing a Bit About IT: ‘Could You Just…?’ and ‘No I Haven’t Changed Anything’

54 Predictions About The State Of Data In 2021

KrebsOnSecurity Turns 11

T-Mobile Data Breach Exposed Phone Numbers, Call Records

Germany: ‘Colossal’ Cyberattack Knocks Out Funke News Group

Emotet Malware Hits Lithuania’s National Public Health Center

Pune-Based Engineering Company Loses 56,000 Euros in Cyber Attack

New Worm Turns Windows, Linux Servers Into Monero Miners

Adobe Now Shows Alerts in Windows 10 to Uninstall Flash Player

Microsoft: SolarWinds Hackers’ Goal Was the Victims’ Cloud Data

Op-Ed: What Nobody Else Will Say About the New Cybersecurity Crisis

U.S. Treasury Warns of Ransomware Targeting COVID-19 Vaccine Research

FBI: Swatters Hijack Smart Home Devices to Watch Emergency Responders

2020 Work-for-Home Shift: What We Learned

2020 Was the Worst Year Ever for Ransomware: 2021 Will Be More of the Same

Lawsuit Claims Flawed Facial Recognition Led to Man’s Wrongful Arrest

China Eyes Shrinking Jack Ma’s Business Empire

Japanese Aerospace Firm Kawasaki Warns of Data Breach

Voyager Cryptocurrency Broker Halted Trading Due to Cyberattack

Antwerp General Medical Laboratory Becomes Latest Victim of Cyber-Attack

City of Cornelia (GA) Hit by Ransomware Attack

A Google Docs Bug Could Have Allowed Hackers See Your Private Documents

Wasabi Cloud Storage Service Knocked Offline for Hosting Malware

AutoHotkey-Based Password Stealer Targeting US, Canadian Banking Users

Cryptojacking: Has Your Computer Been Hijacked Yet?

India: A Growing Cybersecurity Threat

Biden Calls for Modernizing U.S. Defenses Following Massive Hack

Finnish Parliament Says Some Lawmakers’ Emails Hacked

Hackers Amp Up COVID-19 IP Theft Attacks

CISA Releases Azure, Microsoft 365 Malicious Activity Detection Tool

Ransomware in 2020: A Banner Year for Extortion

…Health to Be on Cyber-Security’s Front Line in 2021

After Ledger Hack , Who Can You Trust For Bitcoin Storage?

UK NCA Visits WeLeakInfo Users to Warn of Using Stolen Data

Home Appliance Giant Whirlpool Hit in Nefilim Ransomware Attack

Cyber Attack on Budget Department in the Dominican Republic

Athens (GA) Optometrist Five Points Eye Care Reports Data Breach

Aida Cruises Cancels Trips Due to Mysterious “IT Restrictions”

Multi-Platform Card Skimmer Found on Shopify, BigCommerce Stores

GitHub-Hosted Malware Calculates Cobalt Strike Payload From Imgur Pic

10 Benefits of Running Cybersecurity Exercises

Hackers Also ‘Impacting’ State, Local Governments, U.S. Cybersecurity Agency Says

Suspected Russian Hackers Used Microsoft Vendors to Breach Customers

SolarWinds: Hacked Firm Issues Urgent Security Fix

SolarWinds Releases Updated Advisory for New SUPERNOVA Malware

…Cleanup Could Take Months or Longer

Suspected Russian Hackers Tried to Access CrowdStrike’s Email

…CrowdStrike Releases Free Azure Security Tool After Failed Hack

Nashville Explosion Uncover Weakness in Communication Infrastructure: Security Expert

GoDaddy Employees Were Told They Were Getting a Holiday Bonus: It Was Actually a Phishing Test

How 2020 Supercharged Cloud Security Companies

Quarterbacking Vulnerability Remediation

Hacker Earns $2m in Bug Bounties on HackerOne

Alibaba, Ant Face Crackdowns From Chinese Regulators

Police Arrest 21 WeLeakInfo Customers Who Bought Breached Personal Data

Koei Tecmo Discloses Data Breach After Hacker Leaks Stolen Data

NetGalley Discloses Data Breach After Website Was Hacked

Russian Crypto-Exchange Livecoin Hacked After It Lost Control of Its Servers

REvil Threaten to Leak Plastic Surgery Pictures From The/Transform Hospital Group

FreePBX Developer Sangoma Hit With Conti Ransomware Attack

Sangoma Technologies Disclose Ransomware Attack: Conti Ransomware Gang Involved

Misconfigured AWS Bucket Exposes Hundreds of Social Influencers

EyeMed Email Hack Exposes Data of 485k+ Aetna, Blue Cross Members

Sky Lakes Finds Ransomware Attack Didn’t Compromise Patient Information

Fake Amazon Gift Card Emails Deliver the Dridex Malware

Attackers Abusing Citrix NetScaler Devices to Launch Amplified DDoS Attacks

Windows Zero-Day Still Circulating After Faulty Fix

SolarWinds Sunburst: UK Data Watchdog Issues Hack Alert

U.S. Homeland Security Warns American Business Not to Use Chinese Tech or Let Data Behind the Great Firewall

FBI: Iran Behind Pro-Trump ‘Enemies of the People’ Doxing Site

No Emails Have Leaked From the 2020 Election Campaigns Yet — Tiny USB Sticks May Be One Reason Why

Lazarus Group Hits COVID-19 Vaccine-Maker in Espionage Attack

Hey Alexa, Who Am I Messaging? Microphones Sensitive Enough to Record PINs and Other Sensitive Info

Web Page Layout Can Trick Users into Divulging More Info

Companies Face Privacy, Data-Flow Risks in Post-Brexit UK

Coalition of Human Rights Groups Joins Suit Against Israeli Firm NSO

Leaky Server Exposes 12 Million Medical Records to Meow Attacker

Data Breach Hits Members of BlueCross BlueShield of Tennessee’s Vision Care Vendor EyeMed

Data Breach Hits 30,000 Signed up to Workplace Pensions Provider Now:Pensions

Cyber-Attack on European Court of Human Rights

PSA: Active Chase Phishing Scam Pretends to Be Fraud Alerts

QNAP Fixes High Severity QTS, QES, and QuTS Hero Vulnerabilities

Windows Zero-Day With Bad Patch Gets New Public Exploit Code

Microsoft 365 Admins Can Now Get Security Incident Email Alerts

Fact vs. Fiction: Film Industry’s Portrayal of Cybersecurity

Biden Says Huge Data Breach Poses ‘Grave Risk’ to U.S., Promises Response

…Campaign Says Twitter Will Wipe POTUS Account’s Followers

European Medicines Regulator Says Cyberattack Limited to One It Application

FBI Warns of Ongoing COVID-19 Vaccine Related Fraud Schemes

Phishers Spoof New York Department of Labor

How U.K. Racing Team McLaren Almost Got Phished

Police Seize Safe-Inet VPN Service Beloved by Cyber-criminals

Signal: Cellebrite Claimed to Have Cracked Chat App’s Encryption

Joker’s Stash Carding Site Taken Down

Roanoke College (VA) Delays Spring Semester After Cyberattack

Nintendo Has Reportedly Suffered Another Major Data Leak, Now Related to Switch

Tennessee Medicaid Plan’s Vendor Mails PHI to Wrong Members, Exposes 3,300

University of Vermont Medical Center Finally Admits It Was Victim of Ransomware

Holiday German Shepherd Puppy Swindle Has Consumers Howling

Robinhood User Says $300,000 Restored From Hack, Then Taken Back

Emotet Campaign Restarts After Seven-Week Hiatus

Al Jazeera Journalists ‘Hacked via NSO Group Spyware’

…Microsoft, Google, Cisco, Dell Join Legal Battle Against Hacking Company NSO

Barr Says Russia Appears to Be Behind Massive Hack

…Russia Officially Denies Large-scale U.S. Hack

…Dummy Run Last Year?

‘Dozens of Email Accounts’ Were Hacked at U.S. Treasury -Senator Wyden

New SUPERNOVA Backdoor Found in SolarWinds Cyberattack Analysis

Security Vendors: It’s Time to Come Clean About Intrusions

Trump Breakup Plan for Cyber Command and NSA

U.S. Seizes Domains Used for COVID-19 Vaccine Phishing Attacks

Dutch Program Aims to Deter Young Hackers Before They Commit Crimes

Dark Web Pricing Skyrockets for Microsoft RDP Servers, Payment-Card Data

EXMO Cryptocurrency Exchange Hacked, Loses 5% of Total Assets

Physical Addresses of 270k Ledger Owners Leaked on Hacker Forum

…Why Ledger Kept All That Customer Data in the First Place

Auction Software Provider Freedman Hit with Foreign Ransomware Attack

City of Ellensburg (Wa) Hit With Ransomware, All Data Inaccessible

TSYS Staff in Belfast and Derry Told PII at Risk After Ransomware Attack

Smart Doorbell Disaster: Many Brands Vulnerable to Attack

Nosy Ex-Partners Armed with Instagram Passwords Pose a Serious Threat

Critical Bugs in Dell Wyse Thin Clients Allow Code Execution, Client Takeovers

Zero-Click Apple Zero-Day Uncovered in Pegasus Spy Attack

U.S. Cyber-Attack: Around 50 Firms ‘Genuinely Impacted’ by Massive Breach

…Russia ‘Clearly’ Behind SolarWinds Operation, Says Pompeo

…Romney Calls for Response ‘of Like Magnitude or Greater’ to Russia Hack

…Christopher Krebs Says U.S. Should Be ‘Cautious’ About Escalating Cyber War With Russia

…‘Powerful Tradecraft’: How Foreign Cyber-Spies Compromised America

…Krebs: VMware Flaw a Vector in SolarWinds Breach?

…Second Hacking Team Was Targeting SolarWinds at Time of Big Breach

…Hackers’ Broad Attack Sets Cyber Experts Worldwide Scrambling to Defend Networks

…Cloudflare CEO Says ‘Zero-Trust Architecture’ Is an Answer to U.S. Government Breach

Alibaba Facial Recognition Tech Picks Out Uyghur Minorities

Cloud is King: 9 Software Security Trends to Watch in 2021

Europol Launches New Decryption Platform for Law Enforcement

Unsecured Azure Blob Exposed 500k+ Highly Confidential Docs From UK Firm’s CRM Customers

A Facebook Bug Exposed Instagram Users’ Personal Email Addresses and Birthdays

Google Blames Gmail, YouTube Outage on Error in User ID System

Bouncy Castle Bug Puts Bcrypt Passwords at Risk

Flavors Designer Symrise Halts Production After Clop Ransomware Attack

Greater Baltimore Medical Center Systems Nurse: Hospital ‘Crippled’ by December Ransomware Cyberattack

Stealthy Magecart Malware Mistakenly Leaks List of Hacked Stores

Firefox to Ship ‘Network Partitioning’ as a New Anti-Tracking Defense

Apple, Google, Microsoft, and Mozilla Ban Kazakhstan’s MitM HTTPS Certificate

Cloud is King: 9 Software Security Trends to Watch in 2021

Port of Los Angeles Plans Cyber Intelligence Facility as Maritime Threats Grow

U.S. Cyber-Attack: Hack of Government Agencies and Companies Poses ‘Grave Risk’

…‘Will Take Years to Overcome,’ Former National Intelligence Official Says

…Microsoft Says It Found Malicious Software in Its Systems

…Nuclear Weapons Agency Breached Amid Massive Cyber Onslaught

…U.S. Energy Department Probes Hack, Says No Threat to National Security

…Hack Suggests New Scope, Sophistication for Cyberattacks

…Biden Calls Cybersecurity a ‘Top Priority’

Experts Urge Users to Ignore Facebook Christmas Bonus Scam

How to Use Password Length to Set Best Password Expiration Policy

50% of U.S. Tech Execs Say State-Sponsored Cyber Warfare Their Biggest Threat: CNBC Survey

Google Hit With Another Antitrust Lawsuit by States

EU Regulators Seek to Extend Cybersecurity Rules to More Industries

People’s Energy Data Breach Affects All 270,000 Customers

Forward Air Corporation Likely Hit in Cyberattack

Nation-State Hackers Breached U.S. Think Tank Thrice in a Row

Software Supply-Chain Attack Hits Vietnam Government Certification Authority

Iranian Nation-State Hackers Linked to Pay2Key Ransomware

‘Off the Shelf’ Tor Backdoor Malware SystemBC Is a Firm Favorite With Ransomware Operators

Ransomware Masquerades as Mobile Version of Cyberpunk 2077

Air-Gap Attack Turns Memory Modules into Wi-Fi Radios

Bouncy Castle Crypto Authentication Bypass Vulnerability Revealed

5M WordPress Sites Running ‘Contact Form 7’ Plugin Open to Attack

Ad-Blocker AdGuard Deploys World’s First DNS-over-QUIC Resolver

Krebs: Malicious Domain in SolarWinds Hack Turned into Sunburst ‘Killswitch’

…The SolarWinds Perfect Storm: Default Password, Access Sales and More

…Billions Spent on U.S. Defenses Failed to Detect Giant Russian Hack

…A Wake-up for the World on Cyber Security

…Durbin Says Alleged Russian Hack ‘Virtually a Declaration of War’

…Trump Aide O’Brien Cuts Europe Trip Short to Deal With Cyber Hack

Trump Twitter ‘Hack’: Police Accept Attacker’s Claim

Christopher Krebs Emphasizes Security of Election as Senators Butt Heads

Suspected Chinese Hackers Stole Camera Footage From African Union – Memo

Ohio Couple Sold Secrets to China

EU Unveils Revamp of Cybersecurity Rules Days After EMA Hack

Biden Faces Early Test on Digital Trade With EU Privacy Talks

Ransomware Attacks on the Rise Even as Cyber Insurers Scale Back

Texas, Other States Bring Antitrust Lawsuit Against Google

Emulated Mobile Devices Used to Steal Millions From U.S., EU Banks

Lithuania Suffers “Most Complex” Cyber-attack in Years

Sonoma Valley Hospital (CA) Notifies 67k Patients of Data Breach

FBI Says DoppelPaymer Ransomware Gang Is Harassing Victims Who Refuse to Pay

Sextortionist Campaign Targets iOS, Android Users with New Spyware

Ryuk, Egregor Ransomware Attacks Leverage SystemBC Backdoor

Ransomware Attackers Using SystemBC Malware With RAT and Tor Proxy

Malicious RubyGems Packages Used in Cryptocurrency Supply Chain Attack

Malicious Chrome, Edge Extensions With 3M Installs Still in Stores

HPE Discloses Critical Zero-Day in Server Management Software

New 5G Network Flaws Let Attackers Track Users’ Locations and Steal Data

Merchant Ships’ Dualog Connection Suite Riddled With Security Vulnerabilities

US-CERT Reports 17,447 Vulnerabilities Recorded in 2020

Krebs: SolarWinds Hack Could Affect 18K Customers

…Including Pentagon, State Department

…Hackers Turned SolarWinds’ Dominance Against It

…Shows Cyber Dangers to Supply Chains

…White House: U.S. Taking Any Necessary Steps in Wake of Cyber Attack

…Microsoft to Quarantine Compromised SolarWinds Binaries Tomorrow

Moderna COVID-19 Vaccine Documents Accessed in EMA Cyberattack

Facebook Lifts Political Ad Ban for Georgia Runoffs

Gmail Hit by a Second Outage Within a Single Day

Twitter Fined ~$550k Over a Data Breach in Ireland’s First Major GDPR Decision

The Private Sector Needs a Cybersecurity Transformation

The Best Cybersecurity Predictions For 2021 Roundup

Millions of Unpatched IoT, OT Devices Threaten Critical Infrastructure

Beware Christmas Parcel Delivery Scams, Banks Warn

How Hackers Are Trying to Use QR Codes as an Entry Point for Cyber Attacks

Ransomware Masterminds Claim to Have 53GB of Data From Intel’s Habana Labs

Banking Vendor American Bank Systems (ABS) Targeted in Cyber Attack

New Windows Trojan PyMICROPSIA May Soon Target Linux, MacOS Devices

Gitpaste-12 Worm Widens Set of Exploits in New Attacks

Agent Tesla Keylogger Gets Data Theft and Targeting Update

45 Million Medical Images Left Exposed Online

Easy WP SMTP Security Bug Can Reveal Admin Credentials

Firefox Patches Critical Mystery Bug, Also Impacting Google Chrome

Krebs: U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

…U.S. Homeland Security, Thousands of Businesses Also Scramble After Suspected Russian Hack

…FireEye

…U.S. Cybersecurity Agency Issues Emergency Directive Following Government Hacks

…Undetected for Months

…Kremlin Denies

…No One Knows How Deep Russia’s Hacking Rampage Goes

Apple Adds Privacy Labels Showing What Information Apps Collect About Users

Microsoft, Nintendo, and Sony Pledge to Make Gaming ‘Safer’ Together

Pornhub Removes All Unverified Content to Combat Child Sexual Abuse

U.S. Jails Journalists’ Cyber-Stalker

Gmail, Youtube, Google Docs, and Other Google Services Hit by Massive Outage

Data Leak Exposes Details of Two Million Chinese Communist Party Members

Norway’s Cruise Line Hurtigruten Hit by Major It Hack

Two Indian Banks Affected by Windows Ransomware Attacks

FBI Investigating Ransomware Attack on Weslaco School District (TX)

Text Messages Promising $1,200 Stimulus Checks Are Actually Scams, IRS Warns

Hacking Group’s New Malware Abuses Google and Facebook Services

New Python-based Windows Trojan Steals Browser Credentials, Outlook Files

Microsoft Office 365 Credentials Under Attack By Fax ‘Alert’ Emails

Suspected Russian Hackers Spied on U.S. Treasury Emails – Sources

…Broad Hacking Campaign

Facebook Shutters Accounts Used in APT32 Cyberattacks

When a Top Cybersecurity Firm Like FireEye Gets Hacked, What Is the Takeaway for the Average Netizen?

Was Anna Kendrick’s Twitter Hacked? Offensive Posts on Her Timeline Has Fans Wondering

East London Hackney Cyber-Attack Causes Collapse of Property Purchases

Privacy Groups Alarmed at Supermarket’s Facial Recognition Trial

Ex-Cisco Employee Who Crippled Webex and Cost Cisco Millions Gets 2 Years in U.S. Prison

U.S. Frees ISIL Cyber-Operative

Google Hires Goldman Sachs Veteran Phil Venables to Lead Cloud Security

Microsoft Office Security Updates Fix Critical SharePoint RCE Bugs

Samsung Fixes Critical Android Bugs in December 2020 Updates

Adobe Releases Final Flash Player Update, Warns of 2021 Kill Switch

IT Company SolarWinds Says It May Have Been Hit in ‘Highly Sophisticated’ Hack

Intel’s Habana Labs Hacked by Pay2Key Ransomware, Data Stolen

Dassault Falcon Jet Hit by Windows Ragnar Locker Ransomware

Tax Relief Biz Marriage Tax Refund Exposed Personal Info on 100,000 Clients

Subway UK Customers Receive ‘Malware’ Emails

…Subway Marketing System Hacked to Send TrickBot Malware Emails

Jersey City Utilities Agency Investigating Ransomware Attack That Blocked Access to ‘Vital’ Data

Laurentian University Fends off Cyber Attack

PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers

MountLocker Ransomware Offering Double Extortion Scheme to Other Hackers

Security Issues in Verifone and Ingenico PoS Terminals Open Consumers to Fraud

FCC Rejects Huawei Appeal of National Security Threat Designation

Chinese APT Suspected of Supply Chain Attack on Mongolian Government Agencies

Chinese Embassy Blames Hackers for Retweet of Trump’s Claim That Democrats Cheated in Election

Matthew Masterson to Leave Federal Cybersecurity Agency

U.S. Warns of Increased Cyberattacks Against K-12 Distance Learning

Online Ludlow (MA) Council Meeting Hijacked With Racist Abuse and Beheading Videos

Misery of Ransomware Hits Hospitals the Hardest

Senior Managers Set Terrible Example for Secure Remote Working

The Line Between Physical Security & Cybersecurity Blurs as World Gets More Digital

Nesos Raises Funding for Medical Device to ‘Hack’ the Brain

AI Could Replace Humans in Cybersecurity by 2030

Achieving The Golden Ratio In The Art Of Cybersecurity

New Model Shows Why Countries That Retaliate Too Much Against Online Attacks Make Things Worse for Themselves

Teen Who Shook the Internet in 2016 Pleads Guilty to DDoS Attacks

Krebs: Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company

One Million U.S. Patients Impacted by Dental Care Alliance Breach

Tech Unicorn UiPath Discloses Data Breach

Tourism Agency in Little Rock Target of Hack

Cedar Springs Hospital (CO) Reports Data Breach After Surveyor Loses Storage Device

Spotify Resets Passwords After a Bug Exposed Users’ Private Account Info

PLEASE_READ_ME Ransomware Attacks 85K MySQL Servers

Fake Data Breach Alerts Used to Steal Ledger Cryptocurrency Wallets

Microsoft Exposes Adrozek, Malware That Hijacks Chrome, Edge, and Firefox

Hackers Can Use WinZip Insecure Server Connection to Drop Malware

Critical Steam Flaws Could Let Gamers Crash Opponents’ Computers

Remote Code Execution Vuln Uncovered in Starbucks Mobile Platform

Sophos Fixes SQL Injection Vulnerability in Their Cyberoam OS

Zero-Click Wormable RCE Vulnerability in Cisco Jabber Gets Fixed, Again

Huawei Worked on Facial Recognition System to Surveil Uighurs

China Bans TripAdvisor, Other Apps in Crackdown on Pornography, Improper Content

European Medicines Agency (EMA) Hit by Cyberattack

…Hackers Steal Pfizer/BioNTech COVID-19 Vaccine Data in Europe, Companies Say

COVID Data Manager Investigated, Raided for Using Publicly Available Password

Russian APT28 Hackers Using COVID-19 as Bait to Deliver Zebrocy Malware

Ransomware Gangs Are Getting Faster at Encrypting Networks

Scammers Create Instagram Click Farm, Leave Their Operation Exposed Online

How to Protect Yourself From Cybercrime When Holiday Shopping Online

How Big Data Turned Into Big Business for Cyber and Privacy Lawyers

Federal Government and 46 States File Antitrust Suit Seeking to Split up Facebook

Al Jazeera Journalist Files Hack and Leak Suit Against Saudi and UAE Crown Princes

SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign

Molerats APT Cyber-Espionage Campaign Targeting Middle Eastern Politicians

Monroe Surgical Hospital (LA) Reports Possible Data Breach, Notifying Patients

Hackers Redirect Church Website to Satanic Portal Promoting ‘Sex Spells’

Credit Card Stealer Hides in CSS Files of Hacked Online Stores

Qbot Malware Switched to Stealthy New Windows Autostart Method

DHS-CISA Urges Admins to Patch OpenSSL DoS Vulnerability

Adobe Fixes Critical Security Vulnerabilities in Lightroom, Prelude

Microsoft Fixes New Windows Kerberos Security Bug in Staged Rollout

Krebs: Patch Tuesday, Good Riddance 2020 Edition

China Regulator Puts Country’s Fintech Giants on Notice Hinting at More Rules

Senate Confirms Trump FCC Nominee Amid Democratic Pushback

Norway: Russian APT28 State Hackers Likely Behind Parliament Attack

Beware of COVID Vaccine Scams: Here’s How to Make Sure You Get a Real One

One in Five Online Marketplace Listings Show Signs of Fraud

Credit Card Stealing Malware Bundles Backdoor for Easy Reinstall

Scammers Spoof Target’s Gift Card Balance Checking Page

Why Companies Should Stop Scaring Employees About Cybersecurity

If You Get Hacked Once, You’ll Probably Be Attacked Again Within a Year

Formula 1 Driver Romain Grosjean’s Instagram Account Hacked

What Happens When Someone Uses Your Email Address to Sign up for Paypal, Car Hire, Doctors, Security Systems and More

GitHub Rolls Out Dependency Review, Vulnerability Alerts for Pull Requests

UK Judge Blocks Extradition of Alleged Webcam Hacker to U.S.

German Court Orders Encrypted Email Biz Tutanota to Build a Backdoor in User’s Mailbox

U.S. Cyber Firm FireEye Says It Was Breached by Nation-State Hackers

Ransomware Forces Hosting Provider Netgain to Take Down Data Centers

Foxconn Says Internet Connection Back to Normal After Ransomware Attacks

Spearphishing Attack Spoofs Microsoft.com to Target 200M Office 365 Users

‘Amnesia:33’ TCP/IP Flaws Affect Millions of IoT Devices

Critical, Unpatched Bugs Open GE Radiological Devices to Remote Code Execution

Critical Remote Hacking Flaws Affect D-Link VPN Routers

All Kubernetes Versions Affected by Unpatched MiTM Vulnerability

Microsoft Issues Guidance for DNS Cache Poisoning Vulnerability

Adobe Warns Windows, macOS Users of Critical-Severity Flaws

Google Patches Critical Wi-Fi and Audio Bugs in Android Handsets

Microsoft Wraps Up a Lighter Patch Tuesday for the Holidays

Chinese Breakthrough in Quantum Computing a Warning for Security Teams

Kremlin Hackers Exploiting Security Hole in VMware Software to Hijack Systems, NSA Warns

Hacker Opens 2,732 PickPoint Package Lockers Across Moscow

Ransomware Attacks Pose 2021 Challenges for Congress

Half of U.S. Schools Skipped Remote Security Training

Cybercrime Costs World Economy over 1% of Global GDP

Europol Warns COVID-19 Vaccine Rollout Vulnerable to Fraud, Theft

Healthcare in Crisis: Diagnosing Cybersecurity Shortcomings in Unprecedented Times

BTC-e Founder Sentenced to Five Years in Prison for Laundering Ransomware Funds

NortonLifeLock to Acquire Avira

Microsoft Announces Azure Cloud for Top Secret Government Data

Foxconn Electronics Giant Hit by Ransomware, $34 Million Ransom

Hackers Leak Data From Embraer, World’s Third-Largest Airplane Maker

Ransomware Incident Impacts Greater Baltimore Medical Center Systems

Snyder City Hall (TX) Temporarily Closed After Ransomware Attack

Ransomware Cripples Municipal Computers in Texarkana

Independence (MO) Dealing With Ransomware Attack on City Technology

‘Free’ Cyberpunk 2077 Downloads Lead to Data Harvesting

Iranian Rana Android Malware Updates Allow WhatsApp, Telegram IM Snooping

PlayStation Now Bugs Let Sites Run Malicious Code on Windows PCs

QNAP High-Severity Flaws Plague NAS Systems

Cisco Fixes Security Manager Vulnerabilities With Public Exploits

Biden Says China Must Play by ‘International Norms’

U.S. and Australia to Develop Shared Cyberattack Training Platform

Middle East Facing ‘Cyber Pandemic’ as COVID Exposes Security Vulnerabilities, Cyber Chief Says

UAE Target of Cyber-Attacks After Israel Deal

Krebs: IRS to Make ID Protection PIN Open to All

FBI: You May Be a Money Mule and Not Even Know It

ACLU Sues Government Over Secret Purchasing of GPS Data

AI Collaborative Research Institute Launched

Smart Sex Toy Sales Surge Poses Security Risk

Tech CEO Danny Boice Pleads Guilty to Investment Fraud

Italian Police Arrest Two in Data Theft Cyberattack on Leonardo Defense Corp

Largest Global Staffing Agency Randstad Hit by Egregor Ransomware

Ransomware Hits Helicopter Maker Kopter

BlackShadow Hackers Extort Israeli Insurance Company Shirbit for $1 Million

…Ransomware Gangs Are Now Cold-Calling Victims if They Restore From Backups Without Paying

…The No. 1 Rule For Anyone Infected With Ransomware

Walsall Construction Firm RMD Kwikform Targeted in Cyber Attack

River City Bank (Sacramento, CA) Warns Customers of Data Breach

Hackers Use Monero Cryptojacking as Decoy for More Invasive Attacks

MetaMask Phishing Steals Cryptocurrency Wallets via Google Ads

High-Severity Chrome Bugs Allow Browser Hacks

VMware Rolls a Fix for Formerly Critical Zero-Day Bug

Coronavirus: Hackers Targeted COVID Vaccine Supply ‘Cold Chain’ According to IBM

U.S. in Talks With Huawei Finance Chief Meng Wanzhou About Resolving Criminal Charges

Bill to Crack Down on Fraudulent Foreign Firms Listed in U.S. Heads to Trump’s Desk

Edward Snowden Asks Trump to Pardon Wikileaks Founder Julian Assange

Trump Signs Another Executive Order on Governmental AI Development

Op-Ed: Why President-Elect Biden Needs to Appoint a Cybersecurity Czar

Universities Attacked by Phishing Campaign

Credit Card Stealing Malware Hides in Social Media Sharing Icons

Data of 243 Million Brazilians Exposed Online via Website Source Code

As Many as 113,000 Alaskans Impacted by Hack on Voter Registration System

Kmart, Latest Victim of Egregor Ransomware

Metro Vancouver’s Transit System Hit by Ransomware Attack

Clop Gang Gallops Off with 2M Credit Cards from E-Land

DeathStalker APT Spices Things Up with PowerPepper Malware

TrickBot Returns with a Vengeance, Sporting Rare Bootkit Functions

Google Play Apps Remain Vulnerable to High-Severity Flaw

Top Intelligence Official Says China Targeting Foreign Influence at Incoming Biden Administration

North Korea-Linked Hackers Targeted Johnson & Johnson, Novavax in Hunt for COVID Research

APT Turla’s ‘Crutch’ Backdoor Leverages Dropbox in Espionage Attacks

Phishing Targets U.S. Brokerage Firms Using FINRA Lookalike Domain

HMRC Phishing Scam Abuses Mail Service to Bypass Spam Filters

Spotify Wrapped 2020 Rollout Marred by Pop Star Hacks

Krebs: Account Hijacking Site OGUsers Hacked, Again

Microsoft Revamps ‘Invasive’ M365 Feature After Privacy Backlash

Hacker Given Three Years for Stealing Secret Nintendo Switch Blueprints, Collecting Child Sex Abuse Videos

Brazilian Aerospace Firm Embraer Hit by Cyberattack

South Africa Absa Bank Embroiled in Data Leak, Rogue Employee Accused of Theft

Cyber Attack Robs Philabundance of Nearly $1M

Online Schooling Giant K12 Inc. Pays Ryuk Ransomware to Stop Data Leak

Electronic Health Records Provider NTreatment Caught Out in Data Breach

Housing Authority of Mcdonough County (IL) Experiences Ransomware Data Breach

Half of Docker Hub Images Feature Critical Flaws

Xerox DocuShare Bugs Allows Data Leaks

Flaw Allowed iPhone Hacking Remotely Through WI-Fi

China Drafts Rules on Mobile Apps’ Collection of Personal Data

Federal Agencies Warn That Hackers Are Targeting U.S. Think Tanks

FBI Warns of BEC Scammers Using Email Auto-Forwarding in Attacks

Vietnamese State Hackers APT32 (aka Ocean Lotus, BISMUTH) Deploy Coin Miners to Victims

Zoom Impersonation Attacks Aim to Steal Credentials

Amazon Says Sellers Racked up More Than $4.8 Billion in Sales Over Weekend

Facebook-Backed Libra Association Changes Its Name to Diem

Supreme Court Weighs Breadth of Computer Hacking Law

Krebs: Bomb Threat, DDoS Purveyor Gets Eight Years

Personal Information Leaked in Suspected Cyberattack on Israeli Company Shirbit Insurance

Stuller Headquarters (LA) Hit by Cyber Attack

Electronic Medical Records Cracked Open by OpenClinic Bugs

Cayman Islands Bank Records Exposed in Open Azure Blob

Critical Oracle WebLogic Flaw Actively Exploited by DarkIRC Malware

Android Messenger App Still Leaking Photos, Videos

Salesforce to Acquire Slack for $28 Billion

…Uber Completes $2.65 Billion Postmates Acquisition

UK Bans Installation of Huawei 5G Equipment From September

Pandemic, A Driving Force in 2021 Financial Crime

Baltimore Students Told to Ditch Windows PCs After Ransomware Attack

…Multiple Red Flags

Vermont Hospitals Still Recovering From October Ransomware Attack

Manchester United Cyberattack Highlights Controversy in Paying Ransomware Attackers

Company Director Disqualified After AMS Marketing Limited Made 75,000 Nuisance Calls

Ajit Pai Formally Announces Plans to Leave FCC

Cybersecurity In The New Normal: Good Enough Is No Longer Enough

Companies Urged to Adjust Hiring Requirements for Cyber Jobs

Healthcare Provider AspenPointe Data Breach Affects 295k Patients

Huntsville City Schools (AL) Close Early for Cybersecurity Threat

Someone Just Moved $5m in BTC From the 2016 Bitfinex Hack

WhatsApp Hack Could Let People Steal Messages, Users Urged to Take Precautions

MacOS Users Targeted By OceanLotus Backdoor

Docker Malware Is Now Common, So Devs Need to Take Docker Security Seriously

Gootkit Malware Returns to Life Alongside REvil Ransomware

Credit card skimmer fills fake PayPal forms with stolen order info

Microsoft Defender for Identity Now Detects Zerologon Attacks

South Korea Says It Foiled North Korea Attempt to Hack Its COVID-19 Vaccine Makers

Christopher Krebs: I’m ‘Most Upset’ I Didn’t Get to Say Goodbye to My Team…’Not How I Wanted to Go Out.’

Cyber Monday Looms – But Shoppers Oblivious to Top Retail Threats

…One in Seven #BlackFriday Emails Are Malicious

…Phishing Lures Employees With Fake ‘Back to Work’ Internal Memos

…Office 365 Phishing Abuses Oracle and Amazon Cloud Services

UK NCSC Helping Manchester United Recover from Cyber-Attack

2021 Healthcare Cybersecurity Priorities: Experts Weigh In

IIoT Chip Maker Advantech Hit by Ransomware, $12.5 Million Ransom

MasterChef, Big Brother Producer Banijay Group SAS Hit by DoppelPaymer Ransomware

Delaware County, PA Pays 500k Ransom to DoppelPaymer Ransomware

CBS Last.FM Fixes Admin Password Leakage via Symfony Profiler

Digitally Signed Bandook Malware Once Again Targets Multiple Sectors

Drupal Issues Emergency Fix for Critical Bug With Known Exploits

The Top 20 Cybersecurity Startups To Watch In 2021 Based On Crunchbase

Personal Data of 16 Million Brazilian COVID-19 Patients Exposed Online

DDoS Attacks Against Online Retailers Increase Four-Fold During Pandemic

Massive Zoom Phishing Targets Thanksgiving Meetings

Privacy Campaigner Flags Concerns About Microsoft’s Creepy Productivity Score

Changing Employee Security Behavior Takes More Than Simple Awareness

A Therapeutic for what Ails Digital Health

Canon Publicly Confirms August Ransomware Attack, Data Theft

US Fertility Patient Data Was Stolen in Ransomware Attack

Israeli Army Exposed the PII of Tens of Thousands of Soldiers

Sophos Alerts Customers of Info Exposure After Security Breach

New Egregor Ransomware Steps into Maze Group’s Shoes

cPanel 2FA Bypassed in Minutes via Brute-Force Attacks

At China’s Premier Internet Conference, Few Address the Regulatory Elephant in the Room

Trump Administration Extends TikTok Sale Deadline

Government Watchdog Urges Policymakers to Boost Cybersecurity for 5G Networks

Canada’s Proposed Privacy Overhaul Leans Toward European-Style Rules

Parler Hack Claims Are Fake, CEO Says: ‘They Are Just Obsessed With Us’

Laser-Based Hacking from Afar Goes Beyond Amazon Alexa

Phishing Most Frequently Reported Cybercrime in U.S.

Major BEC Phishing Ring Cracked Open with 3 Arrests

Ticketmaster: We’re Not Liable for Credit Card Badness Because the Hack Straddled GDPR Day

Sopra Steria Expects €50 Million Loss After Ryuk Ransomware Attack

Black Friday: The Best Gifts for Hackers

Ransomware Attack Cripples Baltimore County Public Schools: No Timeline for Return to Class

Cyber Attack Takes Rand McNally ELDs Offline

US Fertility Provides Notice of Data Security Incident

Premier Health (OH) Investigates Data Breach

Danish News Agency Ritzau Refuses to Pay After Ransomware Attack

FBI Joins Investigation Into Computer System Hack in Delaware County (PA)

Belden Networking Giant’s Company Data Stolen in Cyberattack

Passwords Exposed for Almost 50,000 Vulnerable Fortinet VPNs

Critical MobileIron RCE Flaw Under Active Attack

Windows 7 and Server 2008 Zero-Day Bug Gets a Free Patch

Why Data Protection And Cybersecurity Can’t Be Separate Functions

FCC Affirms ZTE Poses U.S. National Security Threat

India Bans 43 More Chinese Apps Over Cybersecurity Concerns

Democrats Urge YouTube to Remove Election Misinformation, Step up Efforts Ahead of Georgia Runoff

…Press Facebook, Twitter Too

YouTube Temporarily Suspends, Demonetizes OANN

Federal Authorities Warn of Increased Cyber Targeting During Upcoming Holiday Season

Crooks Impersonate U.S. Gov’t Agencies Offering Financial Aid

U.S. Proposes Funding to Clear Risk Assessment Backlog

Printers’ Cybersecurity Threats Too Often Ignored

Home Depot Reaches $17.5 Million Settlement Over 2014 Data Breach

Cyber-attacks Reported on Three US Healthcare Providers in FL, GA & NY

Australian Legal Services Provider Law in Order Hit With Cyber Attack

Post-Breach, Peatix Data Reportedly Found on Instagram, Telegram

Payday Loans Exposed Records in the Open

Baidu Apps in Google Play Leak Sensitive Data

New WAPDropper Malware Stealthily Subscribes You to Premium Services

Stantinko Botnet Now Targeting Linux Servers to Hide Behind Proxies

TrickBot Malware Uses Obfuscated Windows Batch Script to Evade Detection

Blackrota Golang Backdoor Packs Heavy Obfuscation Punch

UK Urges Orgs to Patch Critical Mobileiron Cve-2020-15505 Rce Bug

Alibaba CEO Says China’s Draft Anti-Monopoly Rules ‘Timely and Necessary’

Democrats Accuse GSA of Undermining National Security by Not Certifying Biden Win

…President-Elect Biden to Begin Formal Transition Process After Agency Ok

Lawmakers Urge FCC to Assist in Effort to Rip Out, Replace Suspect Network Equipment

European Cloud-Computing Initiative Limits U.S. Companies’ Role

FBI Warns of Recently Registered Domains Spoofing Its Sites

Tesla Model X Key Fobs Could Be Hacked to Steal Cars, Fix Released

Smart Doorbells ‘Easy Target for Hackers’ Study Finds

Apple’s Global Security Boss Accused of Bribing Cops With 200 Free iPads in Exchange for Concealed Gun Permits

Spotify Users Hit with Rash of Account Takeovers

Anonymous Hacks Uganda Police Website

Fake Minecraft Mods Swamp Over 1m Android Devices With Ads

Bristol City Council Data Breach Sends Names of Children to ‘Livid and Upset’ Parents

TA416 APT Rebounds With New PlugX Malware Variant

Israel Cyber Directorate Warns of Remotely Exploitable Drupal Flaw

VMware Discloses Critical Zero-Day Vulnerability in Workspace One

TikTok Fixes Bugs Allowing Account Takeover With One Click

Seven Debunked Myths of Cybersecurity

Follow The Cyber Beat

Get news delivered directly to your inbox.