• 7/22/2021

  NSO Group: Blame Our Customers, Not Us, For Hacking Macron Changing Phone Chinese Hackers Stole Mekong Data From Cambodian Foreign Ministry Widespread Outage Disrupts Major Retail, Financial, Travel, Olympic Websites Worldwide …FedEx, UPS, Airbnb, and Delta Airlines Websites All Reporting Outages as ‘911 Lines Down’ Along East Coast …The Internet Outage That Took Down Several Major Websites Seems to Be Fixed …Akamai DNS Global Outage Kaseya Obtains Key to Decrypt Systems Weeks After Ransomware Attack Democrats Introduce Bill to Hold Platforms Accountable for Misinformation During Health Crises

  APT Hackers ‘StrongPity’ aka ‘Promethium’ Distributed Android Trojan via Syrian e-Government Portal South Africa’s Transnet Hit by Cyber Attack Guntrader.uk Data Breach 1,000 GB of Local Government Data Exposed by Software Company PeopleGIS Ransomware Gang Breached CNA’s Network via Fake Browser Update Phish Swims Past Email Security With Milanote Pages Critical Jira Flaw in Atlassian Could Lead to RCE Apple Issues Urgent iPhone Updates; None for Pegasus Zero-Day MITRE Updates List of Top 25 Most Dangerous Software Bugs

• 7/21/2021

  French Cybersecurity Agency Warns Of China-Linked APT 31 Attacks On French Organizations Biden to Convene Private Sector Leaders for Cybersecurity Talks in August Officials Warn Of Cybersecurity Vulnerabilities in Water Systems Pegasus Scandal: Are We All Becoming Unknowing Spies? Israel Appoints Task Force to Assess NSO Spyware Allegations Saudi Official Denies the Kingdom Used Spyware to Track Communications Elon Musk Says Tesla Will Likely Start Accepting Bitcoin Again Call for Online Abusers to Be Reported to Employers Microsoft Acquires Security Start-up CloudKnox Massachusetts Couple Sues eBay Over ‘Unrelenting’ Harassment Campaign Spanish Cops Nab Brit Accused of Playing Role in 2020 Celeb Twitter Hijacking Krebs: Serial Swatter Who Caused Death Gets Five Years in Prison

  CISA Warns Of Stealthy Malware Found On Hacked Pulse Secure Devices U.S. House Terminates Deal With iConstituent After Company Waited to Raise Ransomware Alarm Brockton Police Department (MA) Under Cyberattack, Police and Fire Forced to Go Old School Clearfield (UT) Target of Ransomware Attack; Official Says City Now ‘up and Running’ Ransomware Hackers Attack Sunset Beach (NC) For More Than a Month MacOS Being Picked Apart by $49 XLoader Data Stealer NPM Package Steals Passwords via Chrome’s Account-Recovery Tool Kubernetes Cloud Clusters Face Cyberattacks via Argo Workflows Several New Critical Flaws Affect CODESYS Industrial Automation Software Microsoft Shares Workaround for Windows 10 SeriousSAM Vulnerability Google Chrome Now Comes With up to 50x Faster Phishing Detection

• 7/20/2021

  China Says Microsoft Hacking Accusations Fabricated by U.S. and Allies …Accuses U.S. of Hacking Federal Agencies Say Dozens of Pipeline Companies Breached By Chinese Hackers in 2011 On the Pegasus List: Ten Prime Ministers, Three Presidents and a King FBI: Threat Actors May Be Targeting the 2020 Tokyo Summer Olympics Bitcoin Mining Isn’t Nearly as Bad for the Environment as It Used to Be, New Data Shows Krebs: Spam Kingpin Peter Levashov Gets Time Served Robinhood Expects $30 Million Fine in Cyber, Money-Laundering Probe of Crypto Arm

  Northern Train’s Ticketing System Out to Lunch as Ransomware Attack Shuts Down Servers Geneva (OH) Hit by New Strain Of Ransomware ‘AvosLocker’ Aruba Notified Customers Regarding a Data Breach After Two Months MosaicLoader Malware Delivers Facebook Stealers, RATs Nasty Linux Systemd Security Bug Revealed Fortinet’s Security Appliances Hit By Remote Code Execution Vulnerability 16-Year-Old HP Printer-Driver Bug Impacts Millions of Windows Machines DuckDuckGo’s New Email Privacy Service Forwards Tracker-Free Messages

• 7/16-19/2021

  U.S., Others Accuse China of Abetting Ransomware Attack …U.S. Charges Four Chinese Nationals Charged in Global Hacking Campaign …Biden Opens New Cyber Battle with China …Norway Says Cyber Attack on Parliament Carried Out From China China Sends State Security, Police Officials to Didi for Cybersecurity Probe Pegasus: Who Are the Alleged Victims of Spyware Targeting? …Protecting Phones From Pegasus-Like Spyware Attacks …Israel Says NSO Group Spyware Exports Are For Lawful Use Only When Ransomware Comes to (Your) Town Krebs: Don’t Wanna Pay Ransom Gangs? Test Your Backups. Hacker Is Stealing the Identities of Victims, Surfside Mayor Says How Criminals Siphoned Off Unemployment Payments Directly From Recipients’ Accounts Microsoft Takes Down Domains Used to Scam Office 365 Users Amazon Asked Apple to Remove an App That Spots Fake Reviews, and Apple Agreed Global Data Restrictions on the Rise Amid Privacy and Security Fears

  Law Firm for Ford, Boeing, Exxon, Marriott, Walgreens and More Hacked In Ransomware Attack Ecuador’s State-Run CNT Telco Hit By RansomEXX Ransomware Hackers Hit Florida Blue With Cyber-Spoofing Attack, Expose 30,000+ Members’ Info Comparis Customers Targeted by Scammers After Ransomware Attack Cyberattack on Moldova’s Court of Accounts Destroyed Public Audits Saudi Aramco Data Breach Sees 1 TB Stolen Data for Sale Insurtech Startup BackNine Exposed Thousands of Sensitive Insurance Applications Artwork Archive Cloud Storage Misconfiguration Exposed User Data HelloKitty Ransomware Is Targeting Vulnerable SonicWall Devices Unpatched iPhone Bug Allows Remote Device Takeover CloudFlare CDNJS Bug Could Have Led to Widespread Supply-Chain Attacks New Windows Print Spooler Zero Day Exploitable via Remote Print Servers Critical Juniper Bug Allows DoS, RCE Against Carrier Networks Google Patches 8th Chrome Zero-Day Exploited in the Wild This Year D-Link Issues Hotfix for Hard-Coded Password Router Vulnerabilities

• 7/15/2021

  U.S. Launches Online Hub to Help Ransomware Victims …Offers $10 Million for Tips on Foreign Hackers …Cybersecurity Bills Gain New Urgency After Rash of Attacks …Companies May Be Flagging Themselves For Hackers By Buying Cybersecurity Insurance …Phishing Continues to Be One of the Easiest Paths for Ransomware Facebook Disrupts Iranian Hackers Using Platform to Target U.S. Military Personnel Microsoft Says Israeli Company Candiru Is Behind Malware That Affected Windows PCs The U.S. Surgeon General Is Calling COVID-19 Misinformation An ‘Urgent Threat’

  Nottingham City Transport: Bus Operator Hit By Cyber-Attack Linux Version of HelloKitty Ransomware Targets VMware ESXi Servers Safari Zero-Day Used in Malicious LinkedIn Campaign Attackers Exploited 4 Zero-Day Flaws in Chrome, Safari & IE Zero-Day Attacks on Critical WooCommerce Bug Threaten Databases Windows Print Nightmare Continues With Malicious Driver Packages For Years, A Backdoor in Popular KiwiSDR Product Gave Root to Project Developer

• 7/14/2021

  Southeast Asia Seeks Greater Tech Cooperation as U.S.-China Rivalry Grows Chinese Cyberspies’ Wide-Scale APT Campaign Hits Asian Gov’t Entities Chinese Hackers Use New SolarWinds Zero-Day in Targeted Attacks Hong Kong Working to Share Its Digital IDs With Mainland China COVID Scams Cost Americans Nearly $500 Million — and Criminals Are Now Eyeing the Child Tax Credit 10 Mistakes Companies Make In Their Ransomware Responses Does Cybercrime Impact Cryptocurrency Prices? Facebook Seeks FTC Chair Lina Khan’s Recusal in Antitrust Case 16 Cybercriminals Behind Mekotio and Grandoreiro Banking Trojan Arrested in Spain

  Russian SVR Hackers Targeted LinkedIn Users With Safari Zero-Day Linux-Focused Cryptojacking Gang ‘Diicot brute’ Tracked to Romania Updated Joker Malware Floods into Android Apps Trickbot Malware Rebounds with Virtual-Desktop Espionage Module ‘vncDll’ BazarBackdoor Sneaks In Through Nested RAR and ZIP Archives SonicWall Warns Of ‘Critical’ Ransomware Risk to EOL SMA 100 VPN Appliances Windows Hello Bypass Fools Biometrics Safeguards in PCs Google Chrome Will Add HTTPS-First Mode to Keep Your Data Safe How a Small Dutch IT Company Caught Up in the Kaseya Attack Stepped Up for Customers

• 7/13/2021

  Hackers Used SolarWinds Zero-Day Bug to Target U.S. Defense Orgs FCC Finalizes Program to Rip and Replace Huawei, ZTE Telecom Equipment in the U.S. China Issues Notice on Cyber Security Loophole Management ‘Charming Kitten’ APT Siphons Intel From Mid-East Scholars REvil Ransomware Gang Websites Disappear From Internet Cyberattacks and Ransomware: How Can We Protect Our Energy Infrastructure? Ransomware: Only Half of Organisations Can Effectively Defend Against Attacks Amazon Rolls Out Encryption for Ring Doorbells U.S. Indicts Dark Web User ‘the Bull’ for Insider Trading

  Oklahoma Heart Hospital Employee Donates Notes With Patient Info to Charity Patient Information Potentially Accessed in Florida Heart Associates Hack Unpatched Critical ‘ModiPwn’ RCE Bug Allows Industrial, Utility Takeovers Critical Flaws Reported in Etherpad — a Popular Google Docs Alternative Krebs: Microsoft Patch Tuesday, July 2021 Edition Adobe Patches 11 Critical Bugs in Popular Acrobat PDF Reader Firefox 90 Adds Enhanced Tracker Blocking to Private Browsing Facebook Announces Time Bonus Payouts for Bug Hunters

• 7/12/2021

  Interpol Urges Police to Unite Against ‘Potential Ransomware Pandemic Chris Inglis Formally Sworn in as National Cyber Director …Senate Unanimously Approves Jen Easterly to Lead DHS Cyber Agency Voice Cloning Of Growing Interest to Actors and Cybercriminals ByteDance Shelved IPO Intentions After Chinese Regulators Warned About Data Security …China Drafts New Cyber-Security Industry Plan …Tech’s Next Wave of Development Will Happen in Asia, Singapore’s IMDA Chief Predicts WhatsApp Privacy Update Sparks Complaint From EU Consumer Groups Microsoft to Acquire Cybersecurity Firm RiskIQ as Cyber Threats Mount

  SolarWinds Says Unknown Hackers Exploited Newly Discovered Software Flaw SolarWinds Patches Critical Serv-U Vulnerability Exploited in the Wild Fashion Retailer Guess Discloses Data Breach After Ransomware Attack 200K Patients Exposed After Hackers Tried to Wire Money From ClearBalance Funds Famous Smoke Shop (PA) Website, Store & Lounge Shut Down Due to Ransomware BIOPASS RAT Uses Live Streaming Steal Victims’ Data Critical RCE Vulnerability in ForgeRock OpenAM Under Active Attack WordPress File Management Plugin Riddled with Critical Bugs

• 7/9-11/2021

  Biden Presses Putin to Disrupt Cybercriminals in Russia as U.S. Grapples With Latest Ransomware Attacks …Biden ‘Optimistic’ After Call Ukraine Says Russian Hackers Hit Its Navy Website Iran Transport Ministry Hit By Second Apparent Cyberattack in Days Kaseya Delays SAAS Restore to Sunday …Kaseya Patches VSA Vulnerabilities Used in REvil Ransomware Attack CISA Analysis Reveals Successful Attack Techniques of FY 2020 North Korean APT Lazarus Targets Job-Seeking Engineers with Malicious Documents FBI Warns Cryptocurrency Owners, Exchanges of Ongoing Attacks Krebs: Spike in “Chain Gang” Destructive Attacks on ATMs Faces Are the Next Target for Fraudsters Company Sells Passports to Americans Looking For a Tax Break On Their Bitcoin Profits Biden Signs Sweeping Order to Bolster U.S. Competition, Target Big Business U.S. Offers Julian Assange Australian Prison Time Instead of American Supermax if He Loses Extradition Fight Authorities Seize Thousands Of PS4s Used In Crypto Mining

  Ransomware Attack Hits Swiss Consumer Outlet Comparis Mint Mobile Hit By a Data Breach After Numbers Ported, Data Accessed Insurance Giant CNA Reports Data Breach After Earlier Ransomware Attack More From Elekta Breach: Northwestern Urges Cancer Patients to Check Statements After Data Breach Rural German District Anhalt-Bitterfeld Declares Disaster After Cyberattack Massena School (NY) Servers Back to Normal After Cyber Attack Cyberattack at Bank of Oak Ridge (NC), Customer Data Exposed March Data Breach Exposed Peoples Community Health Clinic (IA) Patient Information Classic Football Shirts Warns Customers of Scam Magecart Hackers Hide Stolen Credit Card Data Into Images for Evasive Exfiltration Critical Flaws Reported in Philips Vue PACS Medical Imaging Systems Cisco BPA, WSA Bugs Allow Remote Cyberattacks Microsoft Office Users Warned on New Malware-Protection Bypass Microsoft: PrintNightmare Security Updates Work, Start Patching!

• 7/8/2021

  Krebs: Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software REvil Victims Are Refusing to Pay After Flawed Kaseya Ransomware Attack Cyber Command Lawyer Calls for Military Operations Against Hackers Letting Businesses ‘Hack Back’ Against Hackers Is a Terrible Idea, Cyber Veterans Say Oil & Gas Targeted in Year-Long Cyber-Espionage Campaign Experts Uncover ‘Bandidos’ Malware Attacks Targeting Corporate Networks in Latin America China’s Cyber Watchdog to Police Chinese Overseas Listings

  New South Wales Department of Education Struck by Cyber Attack Whitehouse Independent School District (TX) Employee, Info Compromised by Ransomware Morgan Stanley Faces Data Breach, Corporate Client Info Stolen in Vendor Hack Accellion Data Breach Continues to Get Messier Marvel Movie ‘Black Widow’ Malware Detected Coursera Flunks API Security Test in Researchers’ Exam Windows Security Update KB5004945 Breaks Printing On Zebra Printers Mozilla Firefox to Roll Out DNS Over HTTPS for Canadian Users

• 7/7/2021

  New Cyberattacks Ramp up Tensions With Russia …Biden Says He Will Know More on Thursday About Attempted RNC Hack …Kremlin Says Russian State Had Nothing to Do With U.S. RNC Hack Code in Huge Ransomware Attack Written to Avoid Computers That Use Russian …Cybersecurity Researchers Say They Warned Kaseya of Flaw in April …Fake Kaseya VSA Security Update Drops Cobalt Strike White House Urges Mayors to Review Local Govts’ Cybersecurity Posture Huawei Hires Three New Lobbying Firms Dozens of States Sue Google Over App Store Fees Trump Sues Facebook, Twitter, Google to Restore Social-Media Accounts Robinhood Crypto Unit Expects $10 Million Fine in Cyber, Anti-Money Laundering Inquiry Suspected ‘Dr HeX’ Hacker Busted for 9 Years of Phishing

  Hackers Attack Websites of Ukraine’s President and Security Service Coastal Family Health Center (MS) Falls Victim to Hacker, Phi Exposed Cyber Attack Shuts Down City of Joplin’s Online Services MacOS Targeted in WildPressure APT Malware Campaign Tens of Thousands Scammed Using Fake Android Cryptomining Apps Critical Sage X3 RCE Bug Allows Full System Takeovers Dozens of Vulnerable NuGet Packages Allow Attackers to Target .NET Platform Krebs: Microsoft Issues Emergency Patch for Windows Flaw …Fails to Fix? Tor Browser Adds New Anti-Censorship Feature, V2 Onion Warnings

• 7/6/2021

  Cybersecurity CEO: Hackers Demanding $70 Million in Global Ransomware Attack Won’t Get That Much …Hackers Reportedly Lower Ransom Demand to Restore Data to $50M …U.S. Warns of Action Against Ransomware Gangs if Russia Refuses …Biden Says Ransomware Attack Caused ‘Minimal Damage’ to U.S. Companies Cybersecurity in Focus for Companies as Online Threats Surge Pentagon Scraps JEDI in Win for Amazon at Microsoft’s Expense

  RNC Says Contractor Breached in Hack, GOP Data Secure …Russian APT 29 aka ‘Cozy Bear’ Hacker Dumps Private Info of Pro-Trump Gettr Social Network Members Microsoft Pushes Emergency Update for Windows PrintNightmare Zero-Day Microsoft 365 to Let SecOps Lock Hacked Active Directory Accounts Kaspersky Password Manager’s Random Password Generator Was About as Random as Your Wall Clock

• 7/5/2021

  Chinese Regulators Suggested Didi Delay Its U.S. IPO …After Crackdown on Didi, China Opens Cybersecurity Probes Into 3 More Tech Firms …China’s Tech Crackdown Has a New Battleground — Data Facebook, Twitter, Google Threaten to Quit Hong Kong Over Proposed Data Laws The Food Industry May Be Finally Paying Attention To Its Weakness To Cyberattacks How to Get a Lucrative Job in Cybersecurity 5 Mistakes That Impact a Security Team’s Success

  Hackers Behind Holiday Crime Spree Demand $70 Million, Say They Locked 1 Million Devices …Up to 1,500 Businesses Affected by Ransomware Attack, U.S. Firm’s CEO Says …CISA, FBI Share Guidance for Victims of Kaseya Ransomware Attack …No Contact From Washington Over Latest Ransomware Attack, Kremlin Says Pro-Trump Social Media Site Gettr Hacked QNAP Fixes Critical Bug in NAS Backup, Disaster Recovery App

• 7/2-4/2021

  Ransomware Attack on Software Manager Kaseya Hits 200 Companies …REvil Ransomware Attack Affecting Likely Thousands of Targets Drags On …Kaseya Urges Customers to Immediately Shut Down VSA Servers After Ransomware Attack …Biden Orders Probe …Kaseya Was Fixing Zero-Day Just as REvil Ransomware Sprung Their Attack …Biden: ‘Initial Thinking’ Recent Ransomware Attack Not by Russian Government …White House Reaching Out With Assistance to Latest Ransomware Victims …REvil Is Increasing Ransoms for Kaseya Ransomware Attack Victims Russia Denies Recent U.S., UK Hacking Allegations Hackers Zero in on Tokyo Olympics China Orders Ride-Hailing Firm Didi’s App Removed From App Stores FTC Vote Could Pave Way for New Privacy Rules

  Swedish Coop Supermarkets Shut Due to U.S. Ransomware Cyber-Attack U.S. Insurance Giant AJG Reports Data Breach After Ransomware Attack F1 Confirms ‘Targeted Attack’ LED to App Hack Mongolian Certificate Authority Hacked to Distribute Backdoored CA Software Wiregrass Electric Cooperative (AL): No Data Compromised in Ransomware Attack U.S. Chemical Distributor Brenntag Shares Info on DarkSide Ransomware Data Theft Android Apps with 5.8 million Installs Caught Stealing Users’ Facebook Passwords Microsoft Warns of Critical PowerShell 7 Code Execution Vulnerability Krebs: Another 0-Day Looms for Many Western Digital Users Blackbaud Must Face Data Breach Claims Over 2020 Ransomware Attack

• 7/1/2021

  U.S. and UK Agencies Accuse Russia of Political Cyber-Campaign …Russian Hackers Are Abusing VPNs to Hijack Accounts Researchers Uncover Effort by Chinese-Speaking IndigoZebra APT to Target Afghan Gov’t Krebs: Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax VirusTotal Ordered by Irish Court to Reveal Private Info of Stolen HSE Data Downloaders FTC Votes to Expand Antitrust Enforcement Powers Trump Allies Launch New Social Media Platform Gettr Putin Orders Twitter to Open Russian Office Twitter Now Lets You Use Security Keys as the Only 2FA Method Barracuda Acquires Skout Cybersecurity to Enter the XDR Market

  LinkedIn’s 1.2B Data-Scrape Victims Already Being Targeted by Attackers Hacked Data for 69K LimeVPN Users Up for Sale on Dark Web Hundreds of One Medical Patients’ Emails Exposed Trickbot Cybercrime Group Linked to New Diavol Ransomware Babuk Ransomware Is Back, Uses New Version on Corporate Networks Microsoft Adds Second CVE for PrintNightmare Remote Code Execution CISA: Disable Windows Print Spooler on Servers Not Used for Printing Google Chrome Will Get an HTTPS-Only Mode for Secure Browsing Infosec Community Posts Solidarity Bikini Pics After Twitter Troll Outburst

• 6/30/2021

  White House Sees Electric Grid as Blueprint for Post-Colonial Pipeline Cyber Push New Bipartisan Cybersecurity Bill Aims to Attract Top Talent Into Government, Co-Authors Say Feds Told to Better Manage Facial Recognition, Amid Privacy Concerns Amazon Requests FTC Chair Recuse Herself From Antitrust Investigations Facebook Sues Hackers Who Hijacked Advertising Agencies’ Accounts Krebs: We Infiltrated a Counterfeit Check Ring! Now What? CISA Releases New Ransomware Self-Assessment Security Audit Tool What Do Most Companies Think When Hackers Demand Ransom? Time to Pay Lorenz Ransomware Decryptor Recovers Victims’ Files for Free Israeli Charged in Global Hacker-for-Hire Scheme Wants Plea Deal Police Bust $15 Million European Fraud Ring Analyst Steals Millions by Spoofing Director SentinelOne Closes up 21% In NYSE Debut as Highest-Valued Cybersecurity IPO Ever

  UK Arm of International Charity the Salvation Army Hit by Ransomware Attack University Medical Center (NV) Hit in Cyberattack, Data Stolen Indian Tech Startup Exposed Byju’s Student Data Germany Thwarts Cyberattack, Denies Impact on Banking System LinkedIn Denies Exposure of 700 Million User Records Is a Data Breach Penn Foundation Says Ransom Not Paid in Cyber Attack; No Indication PII Misused Indexsinas SMB Worm Campaign Infests Whole Enterprises Leaked Babuk Locker Ransomware Builder Used in New Attacks PoC Exploit Circulating for Critical Windows Print Spooler Bug Microsoft Finds Netgear Router Bugs Enabling Corporate Breaches Major Linux RPM Problem Uncovered Windows 11 Makes TPM Diagnostics Tool Its First Optional Feature Four in Ten Americans Use Embarrassing Passwords

• 6/29/2021

  Denmark’s Central Bank Exposed in SolarWinds Hack …Russian Hackers Had Months-Long Access Administration to Release Attribution for Microsoft Vulnerabilities in ‘Coming Weeks’ Cobalt Strike Usage Explodes Among Cybercrooks CrowdStrike Co-Founder Says Rise in Ransomware Attacks Can Be Addressed Without Banning Crypto Watchdog Bans Crypto Super-Exchange Binance From ‘Regulated Activities’ in the UK Sensitive UK Defence Documents Found at Southern England Bus Stop DoubleVPN Servers, Logs, and Account Info Seized by Law Enforcement

  Data for 700M LinkedIn Users Posted for Sale in Cyber-Underground UofL Health (KY) Exposes Patients’ PHI Microsoft’s Halo Dev Site Breached Using Dependency Hijacking Hackers Use Zero-Day to Mass-Wipe My Book Live Devices Details of RCE Bug in Adobe Experience Manager Revealed Windows 11 Includes the DNS-Over-HTTPS Privacy Feature – How to Use Google Now Requires App Developers to Verify Their Address and Use 2FA Users Clueless About Cybersecurity Risks: Study

• 6/28/2021

  Report Estimates Major Cyberattack Could Cost More Than Recovering From Natural Disasters 5G Security Vulnerabilities Fluster Mobile Operators Ransomware Gangs Now Creating Websites to Recruit Affiliates Is Cyber Insurance Making Ransomware Worse? Government Antitrust Lawsuits Against Facebook Thrown Out by Federal Judge YouTube ‘Mistakenly’ Suspends Right Wing Watch, Reinstates Channel The United States Is Still Number One in Cyber Capabilities

  Grocer Daylesford Organic Hit by Ransomware REvil Ransomware’s New Linux Encryptor Targets ESXi Virtual Machines Attackers Breach Microsoft Customer Service Accounts Microsoft Edge Bug Could’ve Let Hackers Steal Your Secrets for Any Site Windows 11: Microsoft Apologizes for Compatibility Confusion, Hints at Changes NVIDIA Patches High-Severity GeForce Spoof-Attack Bug

• 6/25-27/2021

  App Taps Unwitting Users Abroad to Gather Open-Source Intelligence Microsoft Says New Breach Discovered in Probe of Suspected SolarWinds Hackers NFC Flaws Let Researchers Hack an ATM by Waving a Phone Ransomware: Now Gangs Are Using Virtual Machines to Disguise Their Attacks Political Campaigns Worry They’re Next For Ransomware Hits Crackonosh: How Hackers Are Using Gamers to Become Crypto-Rich PS3 Players Ban: Latest Victims of Surging Attacks on Gaming Industry UK Watchdog to Investigate Google, Amazon Over Fake Reviews

  Cloud Database Exposes 800M+ WordPress Users’ Records Details of Over 200,000 Students Leaked in AcadeME Cyberattack Anglesey Schools (Wales) Offline After Cyber Attack WSSC Water (MD) Investigating Ransomware Attack Krebs: MyBook Users Urged to Unplug Devices from Internet Zyxel Firewalls and VPNs Under Active Cyberattack Cisco ASA Bug Now Actively Exploited as PoC Drops Microsoft Admits to Signing Rootkit Malware in Supply-Chain Fiasco Now Microsoft’s App Will Say Why Your PC Isn’t Ready For Windows 11

• 6/24/2021

  Department of Energy Asks Congress for $201 Million to Bolster Cybersecurity in Wake of Attacks House Advances Five Bills Targeting Big Tech After Overnight Slugfest Google to Delay Cookie Phase Out Until 2023 Internet Explorer Will Be Disabled In Windows 11 Musk-Themed ‘$SpaceX’ Cryptoscam Invades YouTube Advertising U.S. Brokerage Firms Warned of ‘FINRA Support’ Phishing Attacks Phishing Attack’s Unusual File Attachment Is a Double-Edged Sword Binance Exchange Helped Track Down Clop Ransomware Money Launderers Ukrainian Member of FIN7 Cybercrime Gang Sentenced in United States John McAfee Was Once the Face of Cybersecurity: Then His Life Spiraled

  FCUK Fashion Label, Medical Diagnostics Firm Latest REvil Victims Ouachita Parish Library (LA) Recovering From Cyber Attack Mercedes-Benz USA Accidentally Puts Out Data From Nearly 1,000 Customers An Internal Code Repo Used by New York State’s IT Office Was Exposed Online WD My Book NAS Devices Are Being Remotely Wiped Clean Worldwide 30M Dell Devices at Risk for Remote BIOS Attacks, RCE Atlassian Bugs Could Have Led to 1-Click Takeover A Google Drive Security Update Will Break Some of Your Shared Links Microsoft’s Security Tool Can Now Spot Rogue Devices on Your Network

• 6/23/2021

  Spanish Court Approves Extradition of John McAfee to U.S. …Found Dead in Cell …Claimed U.S. Government Wanted to Kill Him Iran Media Websites Seized by U.S. in Disinformation Campaign Russian Security Chief Says Moscow Will Work with U.S. To Find Hackers FBI Asks Congress for $40M to Help Combat Wave of Ransomware Attacks EU Wants Emergency Team for ‘Nightmare’ Cyber-Attacks Sepa Cyber Attack Recovery Could Take Years Krebs: How Cyber Sleuths Cracked an ATM Shimmer Gang Gaming Industry Experiences 340% Spike in Web App Attacks Scammer Arrested for Phishing Operation, Sent 25,000 Texts in a Day Founders of South African Bitcoin Exchange Disappear After $3.6 Billion ‘Hack’

  Brazil Medical Firm Fleury Hit by Cyberattack Tulsa Warns of Data Breach After Conti Ransomware Leaks Police Citations Mississippi Center for Advanced Medicine Reports Data Breach Pakistan-Linked Hackers Targeted Indian Power Company With ReverseRat ChaChi: A New GoLang Trojan Used in Attacks Against U.S. Schools Clop Ransomware Is Back in Business After Recent Arrests REvil Ransomware Code Ripped Off by Rivals Critical Palo Alto Cyber-Defense Bug Allows Remote ‘War Room’ Access Unpatched Linux Marketplace Bugs Allow Wormable Attacks, Drive-By RCE VMware Fixes Authentication Bypass in Carbon Black App Control

• 6/22/2021

  Biden Is Worried About Cybersecurity. Japan Says Watch Cartoons. Amid Big Hacks, U.S. Spy Agency Touts Collaboration Center with Private Industry Average Time to Fix Critical Cybersecurity Vulnerabilities Is 205 Days SEC Still Digging Into SolarWinds Fallout, Nudges Undeclared Victims A Week After Arrests, Cl0p Ransomware Group Dumps New Tranche of Stolen Data Like ‘Terminator,’ High-Tech Cyber Crime to ‘Keep Coming’ BEC Losses Top $1.8B as Tactics Evolve Bitcoin Drop Below $30,000 Sparks Fears of Another Crypto Winter — Here’s Why Bulls Aren’t Worried Google Faces EU Antitrust Probe of Alleged Ad-Tech Abuses Six Flags to Pay $36M Over Collection of Fingerprints French Teens on Trial for Cyber-bullying Kids’ Apps on Google Play Rife with Privacy Violations Brave Launches Its Privacy-Focused No-Tracking Search Engine

  Ransomware Attack Hits a Summit County Water District (UT) Eastern Wyoming College Systems Down Due to Cyber Attack Six Oklahoma Casinos Hit by Ransomware WorkForce West Virginia Notifies Clients of Potential Data Breach Wolfe Eye Clinic (IA) Reveals Cyber Attack Cryptominers Slither into Python Projects in Supply-Chain Campaign Wormable DarkRadiation Ransomware Targets Linux and Docker Instances Mysterious Ransomware Payment Traced to a Sensual Massage Site Email Bug Allows Message Snooping, Credential Theft Zephyr RTOS Fixes Bluetooth Bugs That May Lead to Code Execution Lexmark Printers Open to Arbitrary Code-Execution Zero-Day SonicWall Bug That Affected 800k Firewalls Was Only Partially Fixed

• 6/21/2021

  FBI Launches New Mission to ‘Disrupt’ Cybercrime SolarWinds Hackers Could Have Been Waylaid by Simple Countermeasure -U.S. Officials Krebs: How Cyber Safe is Your Drinking Water Supply? Amazon Prime Day – Beware of Phishing Deluge, Experts Warn Data Leak Marketplace Pressures Victims by Emailing Competitors OnlyFans, Twitter Ban Users for Leaking Politician’s BDSM Video Hit by a Cyberattack? Your Ransom Payment to Hackers May Be Tax Deductible.

  Ohio Medicaid Provider Maximus Suffers Data Breach ADATA Suffers 700 GB Data Leak in Ragnar Locker Ransomware Attack Data Breach Discovered at Shuttered OSU Program Helping Veterans Deal With PTSD Agent Tesla RAT Returns in COVID-19 Vax Phish DroidMorph Shows Popular Android Antivirus Fail to Detect Cloned Malicious Apps Bugs in NVIDIA’s Jetson Chipset Opens Door to DoS Attacks, Data Theft Tor Browser Fixes Vulnerability That Tracks You Using Installed Apps

• 6/18-20/2021

  Lawmakers Rally Around Cyber Legislation Following String of Attacks 50,000 Security Disasters Waiting to Happen: The Problem of America’s Water Supplies What’s Making Your Company a Ransomware Sitting Duck Irish Healthcare System Struggles With Tech Disruptions After May Ransomware Attack The Lazarus Heist: How North Korea Almost Pulled off a Billion-Dollar Hack The World Relies on One Chip Maker in Taiwan, Leaving Everyone Vulnerable Miami’s Mayor Looks to Woo Chinese Bitcoin Miners With Low Energy Prices and Clean Nuclear Power Krebs: First American Financial Pays Farcical $500K Fine Texas Man Admits Data Center Bomb Plot Russia Bans VyprVPN, Opera VPN Services for Not Complying With Blacklist Request Google Force Installs Massachusetts MassNotify Android COVID App

  North Korea Exploited VPN Flaw to Hack South’s Nuclear Research Institute Poland Blames Russia for Breach, Theft of Polish Officials’ Emails GA Fertility Clinic Reproductive Biology Associates Discloses Data Breach Exposing Patient Info Personal Info of More Than 500 Patients Taken During San Juan Regional Medical Center (NM) Breach Judson ISD (TX) Hit by Suspected Ransomware Attack Faux ‘DarkSide’ Gang Takes Aim at Global Energy, Food Sectors Tinder Spam Campaign Hides “Handwritten” Links in Profile Images Google Dishes Out Homemade SLSA, a Recipe to Thwart Software Supply-Chain Attacks iPhone Bug Breaks WiFi When You Join Hotspot With Unusual Name Microsoft Linux Repos Suffer Day-Long Outage, Still Recovering

• 6/17/2021

  Senate Confirms Chris Inglis as First White House Cyber Czar FCC Votes to Advance Proposed Ban on Huawei, ZTE Gear Scrutiny Mounts on Microsoft’s Surveillance Technology Google Backs Linux Project to Make Android, Chrome OS Harder to Hack Hiccup in Akamai’s DDoS Mitigation Service Triggers Massive String of Outages NSA Shares Guidance on Securing Voice, Video Communications Geek Squad Vishing Attack Bypasses Email Security to Hit 25K Mailboxes Ransomware: Too Many Firms Are Still Willing to Pay up if Attacked How to Cut Down on Ransomware Attacks Without Banning Bitcoin This Strange Malware Stops You From Visiting Pirate Websites Alston, Latham Tap D.C.-Based Partners with Cyber and Privacy Chops

  Cruise Operator Carnival Discloses Personal Data Breach Egg Free Cake Box Suffer Data Breach Exposing Credit Card Numbers UK Legal Firm Gateley Warns of Data Breach Following Cyber-Attack St. Joseph’s/Candler Hospital System (GA) Experiences Outage After Ransomware Attack Sault College (ON) Responding to Attempted Cyber-Attack Audi, Volkswagen Customer Data Being Sold on a Hacking Forum Molerats Hackers Return With New Attacks Targeting Middle Eastern Governments A New Spyware is Targeting Telegram and Psiphon VPN Users in Iran Researchers Uncover ‘Process Ghosting’ — A New Malware Evasion Technique Cisco Smart Switches Riddled with Severe Security Holes Google Fixes Seventh Chrome Zero-Day Exploited in the Wild This Year

• 6/16/2021

  Biden and Putin Agree to Resume Nuclear Talks, Return Ambassadors to Posts …Cyber Concerns Dominate Biden-Putin Summit …Political Summits Signal International Focus on Ransomware …Biden Tells Putin Certain Cyberattacks Should Be ‘off-Limits’ …Without Specifics …Don’t Expect Russians to Stop State-Sponsored Cyberattacks, Obama Defense Official Says Senate Panel Unanimously Advances Key Biden Cyber Nominees Krebs: Ukrainian Police Nab Six Tied to CLOP Ransomware U.S. Convicts Russian Malware-masker

  Over a Billion Records Belonging to CVS Health Exposed Online Wegmans: Database Issues May Have Exposed Some Personal Info to Outside Access Peloton Bike+ Bug Gives Hackers Complete Control UMass Lowell Says It Wasn’t Hit by Ransomware, Will Resume Some Operations Thursday Scammers Mail Fake Ledger Devices to Steal Your Cryptocurrency Euros-Driven Football Fever Nets Dumb Passwords Malware Attack on South Korean Entities Was Work of Andariel Group GPRS-Era Mobile Data Encryption Algorithm GEA/1 ‘Weak by Design’, Lingers in Today’s Phones Microsoft Paint 3D Vulnerability

• 6/15/2021

  Lawmakers Urge Biden to Be Tough On Cybersecurity During Summit With Putin U.S. Senator Rubio Plans Legislation to Address Russia Cyberattacks Verizon, Water Agency Targeted in Chinese Cyber Espionage Campaign U.S., EU Establish Trade and Technology Council to Compete With China Biden Names Lina Khan, a Big-Tech Critic, as F.T.C. Chair Krebs: How Does One Get Hired by a Top Cybercrime Gang? Experts Shed Light On Distinctive Tactics Used by Hades Ransomware Paradise Ransomware Source Code Released on a Hacking Forum Hackers Target Videogame Publishers for Ransom, Source Code Ransomware Gang Turns to Revenge Porn Akamai CEO Says Security Is Becoming a Major Growth Driver for the Content Business Ruling Gives Microsoft Second Shot at Banning hiQ from Scraping LinkedIn User Data IKEA Fined $1.2m for Spying on Employees “Homeless Hacker” Arrested

  Microsoft Disrupts Large-Scale, Cloud-Based BEC Campaign Largest U.S. Propane Distributor AmeriGas Discloses ‘8-Second’ Data Breach Toronto’s Humber River Hospital Working to Restore Systems After Being Struck by Cyber Attack UMass Lowell Closed Tuesday Due to ‘Possible Cybersecurity Incident’ Hackers Attack George County (MS) School District Cyber Attack Targeted DeKalb (GA) Rental Assistance Program, Delaying Relief for Tenants, Landlords Keshena Casino (WI) Shut Down by Cyber Attack Malicious PDFs Flood the Web, Lead to Password-Snarfing Instagram‌ ‌Bug Allowed Anyone to View Private Accounts Without Following Them Millions of Connected Cameras Open to Eavesdropping Zoll Defibrillator Dashboard Would Execute Contents of Excel Files Ordinary Users Could Import Critical Remote Code Execution Flaw in Thousands of VMWare vCenter Servers Remains Unpatched Apple Hurries Patches for Safari Bugs Under Active Attack Microsoft Defender ATP Now Warns of Jailbroken iPhones, iPads

• 6/14/2021

  NATO Members Agree to New Cyber Defense Policy NATO: Cyber Attacks ‘as Serious As Any Other Attacks’ to Allies G7 Leaders Ask Russia to Hunt Down Ransomware Gangs Within Its Borders Murkiness of Russia’s Ransomware Role Complicates Biden Summit Mission Biden Opposes Conditional Handover of Cyber-criminals 50 Groups Urge Biden to Fill FCC Opening to Reinstate Net Neutrality Rules European Privacy Ruling Could Mean More Scrutiny of Companies Utilities ‘Concerningly’ at Risk from Active Exploits Bank of America Spends Over $1 Billion per Year on Cybersecurity, CEO Brian Moynihan Says Ex-NSA Contractor Reality Winner, Jailed for Leaking Secrets About Russian Hacking, Released Early From Prison

  Cognyte’s Cyber Analytics Database Exposed 5 Billion Records Online Chinese Hackers Believed to be Behind Second Cyberattack on Air India REvil Claims Responsibility for Invenergy Hack Cancer Centers of Southwest Oklahoma Servers Breached, Exposes 8,000 Patients’ Data Vicksburg Warren School District (MS) Targeted With Ransomware Moobot Milks Tenda Router Bugs for Propagation Microsoft: SEO Poisoning Used to Backdoor Targets With Malware Microsoft Teams: Very Bad Tabs Could Have Led to BEC Google Workspace Now Offers Client-side Encryption For Drive and Docs

• 6/11-13/2021

  China’s New Power Play: More Control of Tech Companies’ Troves of Data Putin Says Russia Would Accept Conditional Handover of Cyber Criminals to U.S. NATO Won’t ‘Mirror What Russia Does,’ Secretary General Stoltenberg Says G-7 Agrees to Fight Forced Labor, Ransomware, Corruption The Ruthless Hackers Behind Ransomware Attacks on U.S. Hospitals: ‘They Do Not Care’ How the FBI Got Colonial Pipeline’s Ransom Money Back Why Some Cyber Criminals Are Ditching Bitcoin for a Cryptocurrency Called Monero Avaddon Ransomware Shuts Down and Releases Decryption Keys IoT Security Company COO Charged in 2018 Georgia Hospital Cyber-attack New Antitrust Legislation Targets Amazon, Apple, Facebook, Google

  REvil Went After One of Apple’s Suppliers, Found a New Victim in Weapons Contractor Sol Oriens McDonald’s Hit by Data Breach VW Says Data Breach at Vendor Impacted 3.3 Million People in North America Baby Clothes Giant Carter’s Leaks 410K Customer Records Teamsters Refused to Pay a Ransomware Attack in 2019 Intuit Notifies Customers of Hacked Turbotax Accounts Cyberpunk 2077 Hacked Data Circulating Online Interpol Shuts Down Thousands of Fake Online Pharmacies 7-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access Codecov Ditches Bash Uploader for a NodeJS Executable Mozilla Says Google’s New Ad Tech—FLoC—Doesn’t Protect User Privacy

• 6/10/2021

  U.S. Launches Task Force to Open Government Data for AI Research Bipartisan Senators Introduce Bill to Protect Small Businesses From Cyberattacks State Department Urges Nigeria to Reverse Twitter Ban When Ransomware Strikes, DigitalMint Helps Victims Make Bitcoin Payments Hacking Bitcoin Wallets With Quantum Computers Could Happen – Cryptographers Hope to Stop Slilpp, the Largest Stolen Logins Market, Seized by Law Enforcement The Workforce Shortage in Cybersecurity Is a Myth Texas to Publish Data Breach Notifications Amazon Faces Possible $425 Million EU Privacy Fine

  Hackers Breach Electronic Arts (EA), Stealing Game Source Code and Tools Foodservice Supplier Edward Don Hit by a Ransomware Attack Skinners’ Kent Academy and Skinners’ Kent Primary School Hit With Ransomware Internal Data From Breach Circulating Online -CD Projekt Steam Gaming Platform Hosting Malware New APT ‘BackdoorDiplomacy’ Targets African, Middle East Diplomats ‘Fancy Lazarus’ Cyberattackers Ramp up Ransom DDoS Efforts Hackers Can Exploit Bugs in Samsung Pre-Installed Apps to Spy on Users

• 6/9/2021

  JBS Paid $11 Million to Resolve Ransomware Attack DarkSide Pwned Colonial With Old VPN Password Crowdstrike CEO on the Evolution of Ransomware: ‘It’s Become Big Game Hunting’ Ransomware Is Now A National Security Risk Biden Revokes and Replaces Trump Executive Orders That Banned TikTok & WeChat Huawei Flings Open the Doors of Its Third Privacy and Security Transparency Centre Italy to Set Up Cybersecurity Agency Ahead of National Cloud Plan – Draft FBI Warns of BEC Scammers Impersonating Construction Companies What Hackers Can Learn About You From Your Social-Media Profile

  Spain’s Ministry of Labor and Social Economy Hit by Cyberattack Russian Spear Phishing Campaign Hits Ukraine Union Community Schooks (IA) Investigating Cyber Attack, Unauthorized Access to Data Stealthy Gelsemium Cyberspies Linked to NoxPlayer Supply-Chain Attack New TLS Attack ‘ALPACA’ Lets Attackers Launch Cross-Protocol Attacks Against Secure Sites Crypto-Mining Attacks Targeting Kubernetes Clusters via Kubeflow Instances Google Fixes Sixth Chrome Zero-Day Exploited in the Wild This Year GitHub Now Scans for Accidentally-Exposed PyPI, RubyGems Secrets

• 6/8/2021

  Social Media, News Sites Including CNN, New York Times Hit by Outage …What Is Fastly and Why Did It Just Take a Bunch of Major Websites Offline? The FBI Secretly Ran the Anom Messaging Platform, Yielding Hundreds of Arrests in Global Sting …Trojan Shield: How the FBI Secretly Ran a Phone Network for Criminals …FBI Sold Phones to Organized Crime and Read 27 Million “Encrypted” Messages Colonial Pipeline Boss ‘Deeply Sorry’ for Cyber Attack European Energy Sector Prepares for New Cybersecurity Rules Krebs: Justice Dept. Claws Back $2.3M Paid by Colonial Pipeline to Ransomware Gang …The FBI Likely Exploited Sloppy Password Storage to Seize Colonial Pipeline Bitcoin Ransom IRS Is Investigating Release of Tax Information of Wealthy Americans Five Key Parts of the Senate’s Sweeping China Competitiveness Bill Apple’s New Privacy Feature, Designed to Mask Users’ Internet Browsing, Won’t Be Available In China

  Computer Memory Maker ADATA Hit by Ragnar Locker Ransomware Capitol Hill Vendor Hit by Ransomware Attack County of Lambton (ON) Restoring It Systems Following Cyber Attack Lewd Phishing Lures Aimed at Business Explode U.S. Brokerage Firms Warned of Ongoing Phishing With Penalty Threats Why the Hybrid Workplace Is a Cybersecurity Nightmare Windows 10 Targeted by PuzzleMaker Hackers Using Chrome Zero-Days Microsoft Office MSGraph Vulnerability Could Lead to Code Execution Google Patches Critical Android RCE Bug Intel Fixes 73 Vulnerabilities in June 2021 Platform Update Adobe Issues Security Updates for 41 Vulnerabilities in 10 Products Krebs: Microsoft Patches Six Zero-Day Security Holes

• 6/7/2021

  Krebs: Adventures in Contacting the Russian FSB Biden to Discuss Crypto’s Role in Ransomware Attacks at G-7, Says National Security Adviser U.S. Recovers Millions in Cryptocurrency Paid to Colonial Pipeline Ransomware Hackers Colonial Pipeline Contacted Local FBI Offices, Prosecutors After Attack -Company Hackers Stole $650,000 From Nonprofit and Got Away, Showing Limits to Law Enforcement’s Reach With Cyberattacks on the Rise, Organizations Are Already Bracing for Devastating Quantum Hacks Facebook Starts End-to-End Encrypted Audio, Video Calling Trials in Secret Conversations

  U.S. Truck Maker Navistar Says Aware Of IT Breach NYC Law Dept. Hacked, Raising Problems With Legal Docs, Personal Info for Thousands Hacker Group Gunning for Musk Novel ‘Victory’ Backdoor Spotted in Chinese APT Campaign Windows Container Malware ‘Siloscape’ Targets Kubernetes Clusters Bad Apple: App Store Rife with Fraud, Fleeceware Hands on With Norton Antivirus Ethereum Mining: The Good and the Bad Google to Pay $270 Million to Settle Antitrust Charges in France

• 6/4-6/2021

  U.S. Officials up Pressure on Firms, Foreign Adversaries over Cyberattacks …Ex-CIA Chief Panetta: Russian Hackers Behind Cyberattacks Are ‘Terrorists’ …Senate Sergeant at Arms Says Cyberattack More Worrisome Than Repeat of Jan. 6 Insurrection …Warner: Debate on Making It Illegal to Pay Ransoms ‘Worth Having’ …U.S. Looks Into Cryptocurrency’s Role in Ransomware Hacks Book Looks at the History of Money and Explains Our Obsession With Cryptocurrency REvil Ransomware Gang Spill Details on US Attacks How to Protect Your Files From Ransomware Phishing Uses Colonial Pipeline Ransomware Lures to Infect Victims These Online Casino Emails Never Pay What They Promise The Rise of Cybersecurity Debt Biden Expands Trump’s Investment Ban on Chinese Firms Facebook Suspends Donald Trump for at Least Two Years Facebook Hit With New Antitrust Probes in the UK and EU Amazon to Share Your Internet With Neighbors on Tuesday – How to Opt Out More U.S. Kids Warned About Internet Than Unsafe Sex U.S. Charges Latvian For Helping Develop the Trickbot Malware

  Cox Media Group TV News Stations Become Apparent Target in Next Cyberattack Tokyo Olympic Games Organizers Latest to Be Hit by Data Breach, Info Leak Cybersecurity Issues Close Des Moines Area Community College Most Of Sierra College (CA) Systems Back Online After Ransomware Attack Apache Pizza Warns Customers It Has Suffered Data Breach Fujifilm Confirms Ransomware Attack Disrupted Business Operations New Evil Corp Ransomware Mimics PayloadBin Gang to Evade U.S. Sanctions FreakOut Malware Worms Its Way Into Vulnerable VMware Servers Attackers Are Scanning for Vulnerable VMware Servers TikTok Quietly Updated Its Privacy Policy to Collect Users’ Biometric Data Signal App Safety Numbers Do Not Always Change — Here’s Why GitHub Updates Policy to Remove Exploit Code When Used in Active Attacks Google to Let Android Users Opt-Out to Stop Ads From Tracking Them Google, Microsoft, and Mozilla Work Together on Better Browser Extensions

• 6/3/2021

  Meatpacker JBS Says All Facilities Operating After Weekend Cyberattack White House Pushes for Companies to Take Ransomware More Seriously After High-Profile Cyberattacks U.S. To Give Ransomware Hacks Similar Priority as Terrorism, Official Says Hackers Are Making Americans’ Lives Worse, at an Awkward Time for Biden Ex-SEC Internet Enforcement Chief Says Crypto Investors Are ‘Enabling’ Ransomware Attacks Online Fraud Attempts Are up 25% In the U.S.—Here’s Why Biden Steps up Pressure on Russia to Go After Cyber Criminals New SkinnyBoy Malware Used by Russian Hackers to Breach Sensitive Orgs Chinese Threat Actors Hacked NYC MTA Using Pulse Secure Zero-Day Biden Needs to Stick With Huawei Maximum Pressure Campaign Supreme Court Narrows Computer Fraud and Abuse Act: Misusing Access Not the Same As Breaking In

  UF Health Florida Hospitals Back to Pen and Paper After Cyberattack Scottish Tourism Website Vandalized with X-Rated Ads Websites Offline After Ransomware Group Claims to Have Hacked St. Clair County (IL) Google PPC Ads Used to Deliver Infostealers Necro Python Malware Upgrades With New Exploits and Crypto Mining Capabilities Researchers Warn of Critical Bugs Affecting Realtek Wi-Fi Module ARIN Will Take Down Its RPKI for 30 Minutes to Test Your BGP Routes WordPress Force Installs Jetpack Security Update on 5 Million Sites Google Chrome Now Warns You of Extensions From Untrusted Devs Microsoft Teams Calls Are Getting End-to-End Encryption in July

• 6/2/2021

  White House Reviewing Ransomware Threat, Biden to Discuss With Putin …Hacks Force Biden Into More Aggressive Stance on Russia …REvil Ransomware Ground Down JBS: Sources Ransomware Scourge Continues as Essential Services Are Hit …Hacker Group DarkSide Operates in a Similar Way to a Franchise …Rise in Ransomware Requires Strong Government Response, Executives Say …Top Cybersecurity Official Warns of More Ransomware Attacks Breached Companies Facing Higher Interest Rates and Steeper Collateral Requirements FireEye Selling Its Products Business and Name for $1.2 Billion

  Ransomware Attack Will Impact Massachusetts Steamship Authority Into Thursday NY’s M.T.A. Is Breached by Hackers as Cyberattacks Surge FujiFilm Shuts Down Network After Suspected Ransomware Attack Battle for the Galaxy: 6 Million Gamers Hit by Data Leak Mobile County (AL) Hit by Cyber Attack Scripps Health Begins Notifying More Than 147,000 People of Ransomware Records Breach Huawei Finally Patches USB LTE Stick Flaw Kali Linux 2021.2 Released With New Tools, Improvements, and Themes Norton 360 Antivirus Now Lets You Mine Ethereum Cryptocurrency Cybercriminals Hold $115,000-Prize Contest to Find New Cryptocurrency Hacks

• 6/1/2021

  White House Says Cyberattack on Meat Producer JBS Likely From Russia …Five Facts About Ransomware Attacks …Cyber-Insurance Fuels Ransomware Payment Surge DOJ Seizes Domains Used by to Launch Malicious Emails Posing as USAID …APT 29 Rhode Islander Charged with Phishing Political Candidates U.S. Convicts “King of Fraud” Aleksandr Zhukov Cybersecurity Startup Exabeam Raises $200M, Valued at $2.4B

  Report: Danish Secret Service Helped NSA Spy On European Politicians Ransomware Hack Puts Sensitive Azusa (CA) Police Department Documents Online Malware Can Use This Trick to Bypass Ransomware Defense in Antivirus Solutions Critical WordPress Plugin Zero-Day Under Active Exploitation Windows 10’s Package Manager Flooded With Duplicate, Malformed Apps Microsoft Adds Automatic HTTPS in Edge for Secure Browsing Firefox Now Blocks Cross-Site Tracking by Default in Private Browsing

• 5/31/2021

  Microsoft Wants to Unite APAC Governments With Cybersecurity Council How to Negotiate With Ransomware Hackers A New Bug in Siemens PLCs Could Let Hackers Run Malicious Code Remotely

  Food Giant JBS Foods Shuts Down Production After Cyberattack Swedish Health Agency Shuts Down SmiNet After Hacking Attempts Whistler Resort Municipality (BC) Hit by New Ransomware Operation

• 5/28-30/2021

  Russian Hackers Launch Major Cyberattack through U.S. Aid Agency’s Email System, Microsoft Says New Russian Hacks Spark Calls for Tougher Biden Actions White House Says No Changes to U.S.-Russia Summit after Latest Cyber Attack Chinese Cyberspies Are Targeting U.S., EU Orgs With New Malware Krebs: Using Fake Reviews to Find Dangerous Extensions Amazon Devices Will Soon Automatically Share Your Internet With Neighbors Hackers Exploit Post-COVID Return to Offices After Colonial Attack, Energy Companies Rush to Secure Cyber Insurance Krebs: Boss of ATM Skimming Syndicate Arrested in Mexico Interpol Intercepts $83 Million Fighting Financial Cyber Crime FBI to Share Compromised Passwords With Have I Been Pwned

  Ireland’s Health Service Warns Staff Not to Use Work Devices Mexico Walls off National Lottery Sites After Ransomware DDoS Threat U.S. Nuclear Weapon Bunker Security Secrets Spill From Online Flashcards Since 2013 St. Petersburg High Student’s Hack Crashed Internet for All 145 Pinellas Schools Walmart Phishing Attack Says Your Package Was Not Delivered These Unsubscribe Emails Only Lead to Further Spam New Epsilon Red Ransomware Hunts Unpatched Microsoft Exchange Servers Researchers Warn of Facefish Backdoor Spreading Linux Rootkits SonicWall Urges Customers to ‘Immediately’ Patch NSM On-Prem Bug

• 5/27/2021

  Biden-Putin Summit Tensions: Feds Say Russia a Hacker ‘Safe Haven’ U.S. Announces New Security Directives for Pipelines after Hack …To Require Energy Pipelines Report Computer Hacks or Face Fines How Biden’s Executive Order Impacts Cybersecurity Players …Biden’s Cybersecurity Executive Order Puts Emphasis on the Wrong Issues Uyghurs Targeted by Fake Human Rights Emails 3 GOP Senators Come Out Against Biden Intelligence Nominee Over Huawei Ties Tech Trade Groups Sue Florida Over New Social Media Law Cybereason CEO Told the World About DarkSide’s Hacking Techniques From a Bomb Shelter in Israel Have I Been Pwned Goes Open Source Let’s Stop Blaming Employees for Our Data Breaches

  Fujitsu SaaS Hack Sends Gov’t of Japan Scrambling FBI: APT Hackers Breached U.S. Local Gov’t by Exploiting Fortinet Bugs Data Breach at Canada Post Philly Data Breach That Impacted Health Employee Emails Also Hit Other Departments Clover Park School District (WA) Investigating Possible Ransomware Attack Oklahoma City Dental Practice Announces Data Breach Targeted AnyDesk Ads on Google Served Up Weaponized App Klarna Mobile App Bug Let Users Log Into Other Customers’ Accounts Unfixable Apple M1 Chip Bug Enables Cross-Process Chatter, Breaking OS Security Model HPE Fixes Critical Zero-Day Vulnerability Disclosed in December

• 5/26/2021

  Colonial Pipeline Missed Requested Security Review Before Hack DarkSide Will Be Back, as Russia, China, Iran Create ‘Safe Havens’ for Hackers: Feds A Peek Inside the Underground Ransomware Economy ‘Privateer’ Threat Actors Emerge from Cybercrime Swamp Russia’s FSB Reports ‘Unprecedented’ Hacking Campaign Aimed at Government Agencies EU Pushes for Stronger Disinformation Rules Influencers Offered Money to Vilify Vaccine Google Strikes Deal With Hospital Chain to Develop Healthcare Algorithms WhatsApp Sues Indian Government Over New Internet Regulations How Are Cyber Insurance Companies Assessing Ransomware Risk?

  New Zealand Health Systems Hackers Release Patient Details to the Media Belgium Interior Ministry Targeted in Cyber Attack Cyber-criminal Gang Targets Texas Unemployment System Eastern Hancock Community Schools (IN) Hit With Ransomware Attack Peloton and Echelon Profile Photo Metadata Exposed Riders’ Real-World Locations Google Researchers Discover A New Variant of Rowhammer Attack BazaLoader Masquerades as Movie-Streaming Service PDF Feature ‘Certified’ Widely Vulnerable to Attack Google Chrome 91 Released With New Features, Security Improvements

• 5/25/2021

  U.S. To Boost Pipeline Cyber Protections in Wake of Colonial Hack High-Profile Hacks Leave Ransomware Gangs With Unwanted Publicity Could Less Publicizing of Ransomware Fixes Have Prevented the Colonial Pipeline Attack? Threat Actor ‘Agrius’ Emerges to Launch Wiper Attacks Against Israeli Targets Snowden Was Right, Rules Human Rights Court as It Declares UK Spy Laws Broke ECHR Lawmakers Request Investigation Into Postal Service’s Covert Operations Program Activists Join Call for Facebook to Drop ‘Tone-Deaf’ Instagram for Kids Plan

  Bose Admits Ransomware Hit: Employee Data Accessed Domino’s India Discloses Data Breach After Hackers Sell Data Online Harper County Community Hospital (OK) Targeted With Ransomware Marietta City Schools (OH) Email Hack Rockland Public Schools (MA) Hit With Ransomware Attack Trend Micro Bugs Threaten Home Network Security New High-Severity Vulnerability Advisory Released for Pulse Connect Secure VPN VMware Warns of Critical Bug Affecting All vCenter Server Installs

• 5/24/2021

  Huawei to Move Toward Software Development in Wake of U.S. Restrictions Researchers Link CryptoCore Attacks On Cryptocurrency Exchanges to North Korea Indonesian Gov’t Blocks Access to RaidForums Hacking Forum After Data Leak Florida Gov DeSantis Signs Bill to Fine Tech Companies for Banning Politicians An NTSB for Cyber Attacks? Critics Grapple With Biden’s Cybersecurity Safety Review Board Plan Crime App Citizen Exposed Users’ COVID Data Michigan Man ‘TheDearthStar’ aka ‘Dearthy Star’ Admits Selling University of Pittsburgh Medical Center Employee Data Police Make Arrests in Crackdown on Scam Text Messages

  Japan’s Biggest Dating App Omiai Hack Exposes Two Million Accounts Zeppelin Ransomware Comes Back to Life With Updated Versions Details Disclosed On Critical Flaws Affecting Nagios IT Monitoring Software Zocdoc Says ‘Programming Errors’ Exposed Access to Patients’ Data Bluetooth Flaws Allow Attackers to Impersonate Legitimate Devices Mozilla Thunderbird Was Saving OpenPGP Keys in Plaintext After Encryption Snafu But Is Now Patched WordPress Restaurant Reservation Plugin ReDi Patches Easy-to-Exploit XSS Bug Apple Patches macOS Flaw Exploited by Malware to Secretly Snap Screenshots

• 5/21-23/2021

  When Will the Irish Health Service Get a Resolution? FBI Says Conti Ransomware Gang Has Hit 16 U.S. Health and Emergency Networks German Cyber Security Chief Fears Hackers Could Target Hospitals Cybersecurity Pros Are Split on Banning Ransomware Payments Krebs: How to Tell a Job Offer from an ID Theft Trap China Internet Watchdog Cites 105 Apps for Improper Data Collection Defying U.S. Sanctions, Russian Cybersecurity Firm Aims for 2022 IPO Indonesia Summons State Health Insurer Over Alleged Data Leak DarkSide Getting Taken to ‘Hackers’ Court’ For Not Paying Affiliates AMEX Fined £90,000 for Sending 4 Million Spam Emails in a Year FBI Analyst Charged With Stealing Counterterrorism and Cyber Threat Info

  Air India Hack Exposes Credit Card and Passport Info of 4.5 Million Passengers E-Commerce Giant Mercari Suffers Major Data Breach in Codecov Incident Bizarro Banking Malware Targets 70 Banks in Europe and South America LittleBigPlanet Servers Taken Down Again Thanks To Cyber Attack QNAP Confirms Qlocker Ransomware Used HBS Backdoor Account Email Campaign Spreads StrRAT Fake-Ransomware RAT Ransomware-Spreading Phorpiex Malware Botnet Just Won’t Go Away WP Statistics Bug Allows Attackers to Lift Data from WordPress Sites Wormable Windows HTTP Vulnerability Also Affects WinRM Servers Microsoft Exchange Admin Portal Blocked by Expired SSL Certificate

• 5/20/2021

  Colonial Pipeline CEO to Testify on Capitol Hill in June Following Cyberattack U.S. Government Denies Disrupting Russian Ransomware Ring That Hacked Colonial Pipeline Conti Ransomware Gives HSE Ireland Free Decryptor, Still Selling Data …Irish High Court Issues Injunction to Prevent HSE Data Leak U.S. Insurer CNA Paid $40 Million Ransom After March Cyber Attack Ransomware Boom Forces More Companies to Cut Deals With Criminals U.S. Has Almost 500,000 Job Openings in Cybersecurity The Gig Economy Creates Novel Data-Security Risks USPS Reportedly Uses Clearview AI to Spy on Americans Twitter Rolls Out New Verification Process to Get Your “Blue Check”

  100M Android Users Hit By Rampant Cloud Leaks Fraudsters Employ Amazon ‘Vishing’ Attacks in Fake Order Scams Apple Exec Calls Level of Mac Malware ‘Unacceptable’ Spammers Flood PYPI With Pirated Movie Links and Bogus Packages Insurance Firm One Call Finally Admits Cyber Attack as Investigation Deepens Slack Is Down, Massive Outage Blocks User Logins and Messages Watering Hole Attack Was Used to Target Florida Water Utilities Comcast Now Blocks BGP Hijacking Attacks and Route Leaks With RPKI Microsoft Releases SimuLand, a Test Lab for Simulated Cyberattacks

---

Follow The Cyber Beat

Get news delivered directly to your inbox.