7/30/2020

Chinese-Backed Hackers Targeted COVID-19 Vaccine Firm Moderna

EU Sanctions Russian Intelligence, North Korean, Chinese Firms Over Alleged Cyberattacks

North Korean Hackers Sniffing for US Defense Secrets

Senators Urge Justice Department to Open Investigation Into TikTok, Zoom

Kaspersky Uncovers New APT Mercenary Group ‘Deceptikons’

India Found Cybersecurity Lapses at National Payments Corp in 2019 – Government Document

Mississippi Radio Host Charged with Cyber-Stalking

Volunteer Hacker Army Boosts U.S. Election Cybersecurity

Krebs: Is Your Chip Card Secure? Much Depends on Where You Bank

Morgan Stanley Leads Bank Group on Cloud Data Standards

Cybersecurity Skills Crisis Worsens for Fourth Year in a Row, Impacting 70% of Organizations

Think You’re Too Boring to Hack? That’s a Problem, Says Kaspersky
Labour Party in Humiliating Data Breach as Huge Batch of Confidential Information Stolen

University of Lethbridge Health Data Breach Affects More Than 1,200 Patients

BC Cancer Foundation Warns Donors About Data Breach

Iowa State Foundation Confirms Ransomware Attack Through Third-Party Source

Sheffield Hallam University Confirms Data Breach Following Cyber Attack

More Than 250 Email Addresses Exposed in Shropshire Council Data Breach

Startups Disclose Data Breaches After Massive 386M Records Leak

Office 365 Phishing Abuses Google Ads to Bypass Email Filters

KDE Archive Tool Flaw Let Hackers Take Over Linux Accounts

TrickBot’s New Linux Malware Covertly Infects Windows Devices

Netgear Won’t Patch Vulnerable Devices Despite Live Proof-Of-Concept Code

7/29/2020

Congress Grills Tech Ceos in Wide-Ranging Hearing on Monopoly, Political Bias, China and More

Chinese Ambassador to UK Threatens to Withdraw Huawei, £3B Investment If Comms Giant Banned From Building 5G

TikTok CEO Says Platform Code Will Be Made Public in Pushback Against ‘Rumors and Misinformation’

Nation State Attackers Shift to Credential Theft

FBI Warns of Netwalker Ransomware Targeting U.S. Government and Orgs

Global Firms Delayed Key Security Projects as Pandemic Struck

Facial-Recognition Flop: Face Masks Thwart Virus, Stump Security Systems

Rite Aid Drops Facial Recognition Tech

Technical Challenges of IoT Cybersecurity in a Post-COVID-19 World

Critical Bugs in Utilities VPNs Could Cause Physical Damage

Cybercrime Ramps up Amid Coronavirus Chaos, Costing Companies Billions

Krebs: Here’s Why Credit Card Fraud is Still a Thing

The IRS Asks Tax Professionals to Enable Multi-Factor Authentication

New Tool Detects Shadow Admin Accounts in AWS and Azure Environments
Vermont Tax Department Exposed 3 Years Worth of Tax Return Info

Second Data Breach in Kentucky Unemployment System

Amoeba Music Website Hacked; Customer Emails, Billing And Addresses Exposed

Data Breach at Crypto Wallet Firm Ledger Exposes User’s Personal Info

10,000 Patients Affected by Data Breach at University of Utah Health

Athlete Recruiting Software Company Rush Discloses Data Breach 7 Months After Student-Athlete Data Is Exposed

Cyber Attack Hit Auburn University Foundation Vendor

Auckland University Alumni and Donor Information Stolen by Hackers

Ransomware Stole Donor Data of San Diego Charities, Francis Parker School

OkCupid Security Flaw Threatens Intimate Dater Details

Microsoft Now Detects CCleaner as a Potentially Unwanted Application

Microsoft to Remove All Windows Downloads Signed With SHA-1

Critical GRUB2 & Secure Boot Bootloader ‘BootHole’ Bug Affects Billions of Linux and Windows Systems

Zoom Bug Allowed Attackers to Crack Private Meeting Passwords

Cisco Fixes Severe Flaws in Data Center Management Solution

7/28/2020

U.S. Officials: Russia Behind Spread of Virus Disinformation

Republicans Raise Concerns TikTok Could Be Used by Chinese Gov’t to Interfere in Elections

The Vatican Is Said to Be Hacked From China Before Talks With Beijing

GOP Stimulus Bill Includes $53 Million for DHS Cyber Agency to Protect Vaccine Research

Pandemic Forcing Pentagon to Learn Tough Cybersecurity Lessons

Operators of VHD Ransomware Unveiled: North Korea’s Lazarus Group

As Businesses Move to the Cloud, Cybercriminals Follow Close Behind

Accountability Concerns Main Reason Security Pros Want to Quit

Autonomous IT: Less Reacting, More Securing

Making Infosec Jobs Easier: Keeping Systems Patched

Study Links Cybersecurity Directly to Employee Stress and Exhaustion

How Finance Institutions Can Defend Themselves

Twitter Hack of High-Profile Accounts Raises a Lot of Questions, But Most Have Yet to Be Answered

The Garmin Ransomware Hack Is Horrifying

Risks Repeat Attack If It Paid $10 Million Ransom

The Ole’ cc / bcc Mix Up: Oneplus Exposes Information From Its Users

Hacker Leaks 386 Million User Records From 18 Companies for Free
Michigan Online Bar Exam Temporarily Taken Down by ‘Sophisticated’ Cyberattack

Data of About 6,000 Beaumont Health (MI) Patients at Risk After Email Breach

University of Sussex Reveals It Was Victim of Large-Scale Cyber Attack

Cosmetics Giant Avon Leaks 19 Million Records

SEI Investments: Vendor Hit by Ransomware, Data Leaked

Business Giant Dussmann Group’s Data Leaked After Ransomware Attack

Alcohol Delivery Service Drizly Confirms Data Breach

Ransomware Attack Hits RIC Foundation, Providence Children’s Museum (RI)

Netflix Credential Phishing Hides Behind Working CAPTCHA

Undetectable Linux Malware Targeting Docker Servers With Exposed APIs

Emotet Malware Now Steals Your Email Attachments to Attack Contacts

Feature-Rich Ensiko Malware Can Encrypt, Targets Windows, macOS, Linux

Researchers Warn of High-Severity Dell PowerEdge Server Flaw

Critical WordPress Plugin Bug Lets Hackers Take Over Hosting Account

Magento Gets Security Updates for Severe Code Execution Bugs

7/27/2020

Years Before Big Hack, Twitter Contractors Reportedly Spied on Celebs, Including Beyoncé

Google Employees Can Work From Home Until July 2021

Krebs: Business ID Theft Soars Amid COVID Closures

Police Requests for Google Users’ Location Histories Face New Scrutiny

How to Survive a Ransomware Attack Without Paying the Ransom

Common Internet of Things Security Pitfalls

Cybersecurity Is Not Best Left To The Experts: A Business Leader’s Guide

Six Former NFL Players Charged with $4m Fraud Scheme
Promo.com Discloses Data Breach After 22M User Records Leaked Online

CVS Pharmacy Data Breach Affects 21,289 Patients

National Cardiovascular Partners Email Hack Impacts 78K Patients

Pepperstone Warns Clients of Data Breach as Fraudsters Impersonate Broker

Garmin Confirms Ransomware Attack, Services Coming Back Online

Source Code From Dozens of Companies Leaked Online

Data/Password-Stealing, Backdoor-Opening QNAP NAS Malware Qsnatch Reaches 62,000 Infections

Microsoft Revamps Windows Insider Preview Bug Bounty Program

7/24-26/2020

EU Countries Must Urgently Diversify 5G Suppliers, Commission Says

How a Chinese Agent Used LinkedIn to Hunt for Targets

Chinese-Made DJI Drone App in Google Play Spooks Security Researchers

Senior Intelligence Official Warns Russia, Iran, China Targeting U.S. Elections

Democrats Say Intel Assessment on Foreign Election Inference Doesn’t Go ‘Far Enough’

McConnell, Rubio Defend Senior Intel Official Over Remarks on Election Interference

Election Officials Are Vulnerable to Email Attacks, Report Shows

Brussels Report: Privacy Regulators Worry About Volume of New Work From EU Data Ruling

U.S. Plans Quantum Internet

Krebs: Thinking of a Cybersecurity Career? Read This
Tech Unicorn Dave Admits to Security Breach Impacting 7.5 Million Users

New ‘Meow’ Attack Has Deleted Almost 4,000 Unsecured Databases

Third Round of Nintendo Leaks Involve Super Mario 64 and Pokemon Beta Data

Garmin WastedLocker Ransomware Demand: $10 Million

U.S. Gov’t Confirms Active Exploitation of F5 BIG-IP RCE Flaw

Emotet Malware Operation Hacked to Show Memes to Victims

Linux-Based Malware Analysis Toolkit REMnux 7 Released

That Used or Refurbished Android Phone Might Be Unsafe

Cisco Patches ASA/FTD Firewall Flaw Actively Exploited by Hackers

5 Severe D-Link Router Vulnerabilities Disclosed, Patch Now

7/23/2020

Pompeo: U.S. Engagement With China Has Failed

More Than 1,000 People at Twitter Had Ability to Aid Hack of Accounts

Dutch Lawmaker Wilders Says Twitter Hack Could Expose Dissidents

Twitter Considering Subscriptions Amid an Advertising Slump

Sharp Spike in Ransomware in U.S. as Pandemic Inspires Attackers

Senate-Passed Defense Spending Bill Includes Clause Giving DHS Cyber Agency Subpoena Power

Federal Agencies Warn Foreign Hackers Are Targeting Critical Infrastructure

UK Gov’t Warns of Ransomware, BEC Attacks Against Sports Sector

Cisco, Zoom and Others Must Bolster Security, Say Privacy Chiefs

CISOs: Cyber Insurance Fails to Cover Modern Threats and Remote Workforces

Intelligence Community Rolls Out Guidelines for Ethical Use of AI

US Banks Can Now Offer Crypto Custody Services
Garmin Suffers Reported Ransomware Attack

Polk County (FL) Tax Office Blames Data Breach on Virus

Patient Data Exposed After Walmart Pharmacy Break-Ins

CouchSurfing Investigates Data Breach After 17M User Records Appear on Hacking Forum

Blackbaud Hack: Universities Lose Data to Ransomware Attack

Instacart Denies Widespread Data Breach Affecting Hundreds of Thousands of Customers

Hackers Steal Transfer Fees, Cripple Football (Soccer) Stadiums

Windows REvil Ransomware Used to Attack Spanish Gov’t Firm Adif

Fraudulent Photo App Operation Detected on Google Store

ASUS Home Router Bugs Open Consumers to Snooping Attacks

Cisco Network Security Flaw Leaks Sensitive Data

Password Reuse to Blame for Fifth of Account Takeovers

7/22/2020

China Asks U.S. to Stop Accusing Beijing Over Cyber Crimes

UK Concerned by Latest Evidence of Chinese Hacking: Raab

Bipartisan Support Grows for Inclusion of Election Funding in Senate Stimulus Package

Krebs: Twitter Hacking for Profit and the LoLs

Twitter: Hackers Accessed Direct Messages of 36 Victims, Including One Elected Official

Apple Offers Modified Phones to Security Researchers Looking for iOS Weaknesses

Google’s Project Zero Team Won’t Be Applying for Apple’s SRD Program

U.S. Offers $2 Million for Info on Ukrainians Charged for SEC Hack

New York Regulator Charges First American Unit Over 2019 Data Breach

Slack Credentials Abundant on Cybercrime Markets, but Little Interest From Hackers

With Cyberattacks Surging Due to COVID-19, ‘Digital Distancing’ Could Limit Exposure

Cybersecurity Lessons from the Pandemic

Remote Cybersecurity: The Risks When Working From Home
Disabled Delawareans’ Personal Data Ends Up in Student Project

University of York Investigating Data Theft Incident

Erie Community College Target of Ransomware Cyber Attack

Twilio Exposes SDK, Attackers Inject It With Malvertising Code

Hundreds Of Thousands Of Instacart Customers’ Personal Data Is Being Sold Online

OilRig APT Drills into Malware Innovation with Unique Backdoor

MATA Malware Framework Latest Move for North Korean Hackers

Lazarus Group Surfaces with Advanced Malware Framework

Cryptojacking Botnet ‘Prometei’ Steals Data From Its Victims

New ‘Meow’ Attack Has Wiped Dozens of Unsecured Databases

Going Down the Spyware Rabbit Hole with SilkBean Mobile Malware

D-Link Blunder: Firmware Encryption Key Exposed in Unencrypted Image

Critical SharePoint Flaw Dissected, RCE Details Now Available

7/21/2020

U.S. Accuses Two Hackers of Stealing Secrets From American Firms for China

McCarthy Introduces Legislation to Sanction Foreign Hackers Targeting COVID-19 Research

Russia Report: UK Failed to Investigate Interference in Elections

Russia Is a ‘Capable Cyber Actor’ and Its Influence Is the ‘New Normal’

Chinese Hackers Escalate Attacks Against India and Hong Kong Amid Tensions

Chris Vickery: AI Will Drive Tomorrow’s Data Breaches

Why The Future of Cybersecurity Needs Both Humans and AI Working Together

The Data Privacy Loophole Federal Agencies Are Still Missing

Is Security Awareness Becoming the Latest Cybersecurity Snake Oil?
Statement Regarding Reported Health Data Breach in Western Australia

Australian TV Ratings Are Hit by a Cyber Attack One Day Before the Big Brother Finale

DeepSource Resets Logins After Employee Falls for Sawfish Phishing

Phishing Campaign Uses Google Cloud Services to Steal Office 365 Logins

Freddie Mac Caught in Fallout From Ransomware at Business Partner

Vodafone Partners with Accenture to Offer Cybersecurity Services

Critical Adobe Photoshop Flaws Patched in Emergency Update

Microsoft Double Key Encryption Enters Public Preview

7/20/2020

House Republicans Urge Trump to Take Action Against Chinese Hackers Targeting Coronavirus Research

Top Democrats Send Letter on Possible Foreign Meddling in November Election

Russian Cyberattacks an ‘Urgent Threat’ to National Security

UK ISC Attributes Cyber-Attacks and Election Interference to Russia

Russia and China’s Vaccine Hacks Don’t Violate Rules of the Road for Cyberspace

Australian Government Urged to Name and Shame Countries Launching Cyber Attacks

Coinbase Blocked Twitter Hackers From Stealing an Extra $280k

Cybersecurity Spending to Grow This Year but May Be Hit by Budget Constraints

21-Year-Old Cypriot Hacker Extradited to U.S. Over Fraud and Extortion Charges

Office 365 Adds New Security Configuration Analysis Feature
Genealogy Software Maker Software MacKiev Exposes Data on 60,000 Users

Lorien Health Services Discloses Ransomware Attack Affecting Nearly 50,000

Toronto-Based Writing Platform Wattpad Investigating Breach Following a Report That 271m User Records for Sale

One Million Online Student Records Exposed by E-Learning Sites

Bridgeport, Waterbury (CT) Grocery Stores Targeted by Payment Card Thieves

Mac Cryptocurrency Traders Targeted by Trojanized Apps

Telecom Argentina Has Tuesday Deadline to Pay $7.5m Ransom

UK Consumers Targeted by Tesco 4K TV Phishing Scam

Analysts Detect New Banking Malware

Windows 10 Store ‘wsreset’ Tool Lets Attackers Bypass Antivirus

7/17-19/2020

Russian Attempts to Steal Vaccine Data Unacceptable but Have Not Done Damage: UK Security Minister

Despite Theft Allegations, Russia Hails Deal to Make UK-Developed COVID-19 Vaccine

Russia’s Fancy Bear and Cozy Bear Hacking Groups Are Under the Spotlight

Some VPN Firms Shut Down Hong Kong Servers Over Security Law Concerns

Three Trump Officials Have Now Hinted at a TikTok Ban This Month

Senior DHS Official Says Agency Not Seeing ‘Coordinated’ Foreign Election Interference

Russia Operatives Accused of 2019 UK Election Interference

Court Rules German Police Receive Too Much Data

Judge Green-Lights Facebook, WhatsApp Hacking Lawsuit Against Spyware Biz NSO
Krebs: Who’s Behind Wednesday’s Epic Twitter Hack?

Twitter Says 130 People Were Targeted in Hack

Twitter Says Attackers Downloaded Data From up to Eight Non-Verified Accounts

Twitter Says Hackers Tricked Several Employees Into Giving Them Credentials

Stolen Bitcoin From Twitter Hack Is Already Being Laundered

Cloud Biz Blackbaud Paid Ransomware Demands, Took 2 Months to Tell Customers

New Phishing Campaign Abuses a Trio of Enterprise Cloud Services: Microsoft Azure & Dynamics, and IBM Cloud

There’s a Reason Your Inbox Has More Malicious Spam—Emotet Is Back

Magento Adds 2FA to Protect Against Card Skimming Attacks

Critical SIGred Windows DNS Bug Gets Micropatch After PoCs Released

7/16/2020

Russian Hackers APT 29 (aka Cozy Bear) Blamed for Attacks on Coronavirus Vaccine-Related Targets

Kremlin Rejects Western Allegations Russia Tried to Steal COVID-19 Vaccine Data

Twitter Was Ill-Equipped to Handle an Unprecedented Hack

Senate Republican Asks Twitter for Urgent Briefing on Hacking Incident

Senate Democrat Asks for Probes

Trump Will Remain on Twitter, His Account Secure: White House

Focus Falls on Bitcoin Trail in Race to Identify Twitter Hackers

……….Hidden Messages Found in Transactions to Twitter Hack Bitcoin Address

……….Twitter Hackers Caught Using BitPay and Coinbase on Hack-Related Wallet

Before Hack Tore Through Twitter, Online Forum Offered Accounts for Sale

Twitter Delays Launch of New API Software Following Hack

EU’s Top Court Restricts Personal-Data Transfers to U.S., Citing Surveillance Concerns

Tech Giants Sued Over Biometric Privacy

FBI Issues Cybersecurity Warning to Air Travelers on Airport WiFis
U.S. Actor Casting Company MyCastingFile.com Leaked Private Data of Over 260,000 Individuals

Private Data Exposed in Insecure Lambton Property Management (Lpm) Site Over Misunderstanding of Cloud

French Telecom Orange Confirms Ransomware Attack Exposing Business Customers’ Data

Cyber Attacks Again Hit Israel’s Water System, Shutting Agricultural Pumps

Iranian Cyberspies Leave Training Videos Exposed Online

Clarke County (MS) Dispatch Servers Hacked, Money Demanded

Diebold Nixdorf Warns of a New Class of ATM ‘Black Box’ Attacks Across Europe

Amazon-Themed Phishing Campaigns Swim Past Security Checks

LokiBot Redux Attacks Massive List of Common Android Apps

New Android Malware ‘BlackRock’ Now Steals Passwords For Non-Banking Apps Too

Zoom Addresses Vanity URL Zero-Day

Threat Actors Introduce Unique ‘Newbie’ Hacker Forum at CryptBB

T-Mobile Announces Free Scam Shield Robocall and Scam Protection

DHS Gives Federal Agencies 24 Hours to Patch Critical Microsoft Windows Vulnerability

7/15/2020

Widespread Twitter Hack Reaches Bill Gates, Kanye West, Elon Musk, Joe Biden and Barack Obama

Twitter Silences Some Verified Accounts After Wave of Hacks

Chinese Media Calls for UK to Face ‘Public and Painful’ Retaliation Over Huawei Ban as Trump Claims Credit

UK Denies Trump Influenced Decision to Ban China’s Huawei From 5G Networks

Pompeo Imposes Visa Restrictions on Huawei, Other Chinese Tech Companies, Citing Human Rights Abuses

Pompeo ‘Confident’ Other Countries Will Meddle in 2020 Elections

Deepfake Used to Attack Activist Couple Shows New Disinformation Frontier

Jewish Service Zoom-bombed with Swastikas

Law School Graduates Worried About Security, Privacy of Online Bar Exam

How Nanotechnology Will Disrupt Cybersecurity
Data Breach at Houston-Based Billing and Collection Company Benefit Recovery Specialists, Inc.

Ransomware Attack Halts X-FAB Production in Lubbock, Worldwide

Dover’s Mid-Delaware Imaging Hit By Ransomware Attack, Warns Of Possible Data Breach

New Zealand Police & Research Firm Caught up in Data Breach

Citrix: No Breach, Hacker Stole Business Info From Third Party

Cisco Fixes Critical Pre-Auth Flaws Allowing Router Takeover

Firefox on Android: Camera Remains Active When Phone Is Locked or the User Switches Apps

Brazil’s Banking Trojans Guildma, Javali, Melcoz and Grandoreiro (Collectively Known as Tetrade) Go Global

PoC Exploits Released for SAP Recon Vulnerabilities, Patch Now!

7/14/2020

UK Mobile Carriers Must Remove Huawei 5G Kit by 2027

Malware Stashed in China-Mandated Software Is More Extensive Than Thought…GoldenHelper

House Democrat Presses Google, Apple to Increase Transparency Around Foreign-Owned Apps

Trump Signs Hong Kong Sanctions Bill

Senior Catalonian Politician’s Phone Allegedly Targeted By Government Spyware

US Army Seeks Cryptocurrency Tracing Tools

Researchers Unmask Video Conferencing Users from Images

DMARC Adoption Spikes, Higher Ed Remains Behind

Critical Security Concerns for the Education Industry

Just 21% of Security Pros Haven’t Considered Quitting Their Current Job

Herjavec Group Acquires Securience
Leaked Details of 142M MGM Hotel Guests Found for Sale on Dark Web

Wattpad Data Breach Exposes Account Info for Millions of Users

Millions of Logins from UK Ticket Site for Sale on Dark Web

IT Services Major Collabera Suffers Maze Ransomware Attack

‘Secure’ Chat App Welcome Chat Spies on Users

New AgeLocker Ransomware Uses Googler’s Utility to Encrypt Files

Krebs: ‘Wormable’ Windows Flaw Leads July Microsoft Patches

Adobe Issues July 2020 Critical Security Patches for Multiple Software

Critical SAP Bug Allows Full Enterprise System Takeover

Rogue Javascript Integrations Permit Attacking Opportunities

7/13/2020

House Republican Introduces Legislation to Strengthen Federal Cybersecurity

Israeli Court Dismisses Amnesty International’s Petition Against Spyware Firm NSO

Wells Fargo Tells Employees to Delete TikTok From Their Company Devices

A ‘New Age’ of Sophisticated Business Email Compromise is Coming

How Insider Threats Are Changing

Remote Working: This Free Tool Tests How Good Your Security Really Is

Is It Ok to Use Your Browser’s Built-In Password Management Tools?

A Paramedic’s Lessons for Cybersecurity Pros
Krebs: Breached Data Indexer ‘Data Viper’ Hacked

Hacker ‘NightLion’ Leaks Database After Researcher Threatens to Reveal Identities

LiveAuctioneers Reports Data Breach After User Records Sold Online

Belgium Bank Argenta Suffers Jackpotting Attack

Health Insurer Religare (India) Hit by Data Breach

Barrow County (GA) Government Hit With Cyber Attack

Baton Rouge Clinic Investigating Cyber Attack

Microsoft Extends Security for Azure Storage File Shares, Data Lakes

7/10-12/2020

UK ‘on Alert for China Cyber Attack’ in Retaliation for Hong Kong

The Threat of Chines Cyber-Attack Is Looming Over India

Trump Confirms 2018 U.S. Cyberattack on Russian Troll Farm

Biden Campaign Hires Top Cybersecurity Officials to Defend Against Threats

U.S. Secret Service Creates New Cyber Fraud Task Force

Amazon Backtracks From Demand That Employees Delete TikTok

Over 1,300 Phishing Kits for Sale on Hacker Forum

Californian Jailed Over Identity Theft Scheme Targeting Military

Russian Hacker Found Guilty for Dropbox, Linkedin, and Formspring Breaches

Mozilla Reduces TLS Certificate Lifespan to 1 Year in September
India’s Delivery App Dunzo Says Partner Database Breached, User Data Exposed

eToro Accounts Peddled by the Thousands on Cybercrime Forums

Over $3 Million in Bitcoin (BTC) Stolen from Crypto Exchange Cashaa Following Recent Hack

Premier League Soccer Club Targeted in £100 Million BEC Scam

Any Chingari App (Indian TikTok Clone) Account Can Be Hacked Easily

Popular TP-Link Family of Kasa Security Cams Vulnerable to Attack

How to Protect Your Verizon Number From Sim Swapping Attacks

Malware Developers Add Any.Run Sandbox Detection to Evade Analysis

Zoom Fixes Zero-Day Rce Bug Affecting Windows 7, More Updates Soon

TrickBot Malware Mistakenly Warns Victims That They Are Infected

7/9/2020

British Mobile Carriers Warn Removing Huawei Will Cause ‘Blackouts’ and Cost Billions

Germany Seizes Server Hosting ‘BlueLeaks’ Data Dump on US Police Practices

UK, Australia Investigate Clearview Facial Recognition Firm Clearview AI

U.N. Rules Require Cybersecurity Guarantees for Connected Cars

Pressure Mounts on Facebook to Rein in Hate Speech

Google Will Ban Ads for Stalkerware Starting August 11

Op-Ed: Strong Cybersecurity Strategy Is No Longer a Luxury for Small Businesses

Op-Ed: Cybersecurity Safeguards Should Extend to Supply-Chain Partners

Is there really a cybersecurity skills shortage?

Kids Are Curious About Cybersecurity — Let’s Teach Them

95% of Brits Unable to Consistently Identify Phishing Messages

Teen Murdered After Confronting Cyber-Bullies
Cyber Attackers Hit Bond Giant TCW, MetWest Funds

Kingston’s Royal Military College Is 1 of 4 Military Schools in Canada Targeted

Cyber Attack Targets Surry County (NC) Schools

Fraudsters Conducting Malvertising Campaign Via Inactive Domains

Fake TikTok App Targets Indian Users

HSBC SMS Phishing Scam Targets UK Victims

SurveyMonkey Phishers Go Hunting for Office 365 Credentials

Microsoft Warns on OAuth Attacks Against Cloud App Users

Conti Ransomware Shows Signs of Being Ryuk’s Successor

Evilnum Hackers Use the Same Malware Supplier as FIN6, Cobalt

Joker Malware Apps Once Again Bypass Google’s Security to Spread via Play Store

‘Undeletable’ Malware Shows Up in Yet Another Android Device

Zoom Zero-Day Allows RCE, Patch on the Way

7/8/2020

Hong Kong Downloads of Signal Surge as Residents Fear Crackdown

Attack On Iran’s Natanz Nuclear Facility Not A Cyber Attack, But A Bomb Blast – Reports

State and Local Officials Beg Congress to Send More Election Funds Ahead of November

House Democrats Press Twitter, Facebook, Google for Reports on Coronavirus Disinformation

Smartwatch Hack Could Send Fake Pill Reminders to Patients

Microsoft Sues Coronavirus Phishing Spammers to Seize Their Domains Amid Web App Attacks Against Office

Notorious Hacker ‘Fxmsp’ Outed After Widespread Access-Dealing

15 Billion Credentials Currently Up for Grabs on Hacker Forums

Risky blogspot.in Domain for Sale After Google Fails to Renew It

Law Enforcement Agencies Are Using a Legal Loophole to Buy up Personal Data Exposed by Hackers

How to Prevent Burnout in a Cybersecurity Career
Casino App Clubillion Leaks PII on “Millions” of Users

Chilton County (AL) Is Latest Victim of Ransomware Attack

Potandon Produce (Idaho Falls, ID) Notifies Customers of Data Security Incident

Gang Uses Ako Ransomware to Hit Hamilton Brown Creative Design Firm

Vancouver Coastal Health Warns Employees of Cyber Attack, No Evidence Data Removed, Misused

Keeper Threat Group Rakes in $7M from Hundreds of Compromised E-Commerce Sites

Russian Fraudsters Test Stolen Credit Cards Using Ecommerce Sites

Cerberus Banking Trojan Unleashed on Google Play

Credit-Card Skimmer Has Unlikely Target: Microsoft ASP.NET Sites

Advertising Plugin for WordPress Threatens Full Site Takeovers

Palo Alto Networks Fixes Another Severe Flaw in PAN-OS Devices

7/7/2020

In Hong Kong National Security Law, Echoes of China’s Own Cyber Crackdown

Social Media Giants Move to Defy Hong Kong’s New National Security Law

U.S. Is ‘Looking at’ Banning TikTok and Chinese Social Media Apps, Pompeo Says

FBI Director Wray Warns of Chinese Hacking, Espionage Threats Against American Companies

House Democrats Include $500M for Election Security in Annual Appropriations Bill

NHS Lanarkshire Apologise Over Hundreds of COVID-19 Data Breaches

U.S. Treasury Shares Tips on Spotting Money Mule and Imposter Scams

U.S. Secret Service Issues Ransomware Warning

Applying the 80-20 Rule to Cybersecurity
First Reported Russian BEC Scam Gang ‘Cosmic Lynx’ Targets Fortune 500 Firms

Middle East Bus-Sharing App Swvl Hit With Security Breach; Names, Numbers of Users Compromised

Check This List to See Which 570 Online Stores Were Infected With Card-Skimming Magecart

Microsoft Takes Down Domains Used in COVID-19-Related Cybercrime

Mozilla Suspends Firefox Send Service While It Addresses Malware Abuse

Mitigating Critical F5 BIG-IP RCE Flaw Not Enough, Bypass Found

ThiefQuest Info-Stealing Mac Wiper Gets Free Decryptor

Microsoft Launches Free Linux Forensics and Rootkit Malware Detection Service

Citrix Fixes 11 Flaws in ADC, Gateway, and SD-WAN WANOP Appliances

7/6/2020

UK to Phase Out Huawei Gear From 5G Networks in a Major Policy U-Turn After U.S. Sanctions: Reports

China envoy warns of ‘consequences’ if Britain rejects Huawei

France to Encourage Telecom Groups to Avoid Huawei Products, but Not Ban Company: Report

Nokia, Hurt by Costly 5G Chip Mistake, Struggles to Catch Huawei

North Korean APT Lazarus Group Adds Magecart to the Mix

Volume and Size of Fines for Data Breaches Expected to Rise

VaultAge Solutions CEO Goes Into Hiding to Avoid Cryptocurrency Investors Allegedly Scammed Out of $13 Million

Home Routers Are All Broken, Finds Security Study

Watch Out for This Nasty New Trend in Robocall Scams

4 Evolving Technology Areas Of Smart Cybersecurity

Microsoft Defender ATP Web Content Filtering Is Now Free

How to Assess More Sophisticated IoT Threats
EDP Renewables North America (EDPR NA) Confirms Ragnar Locker Ransomware Attack

Independence Blue Cross Alerts Members of Data Breach

5 Dating Apps Leak More than 1 Million User Profiles and Sensitive Information

Brazil’s Hapvida Discloses Cyber Breach, Potential Client Data Leak

Ransomware Attack on Insurance MSP Xchanging Affects Clients

X-FAB Affected by Cyber Attack

Cooke County (TX) Sheriff’s Office Suffers Ransomware Attack

Multiple DXC Technology Customers Down After Insurance Arm Hit By Ransomware

Flaw Fixed in Hotels.com Generator as Tesco Clubcard Users Impacted

Tokopedia Files Police Report over Alleged Data Breach

Android Users Hit with ‘Undeletable’ Adware

Purple Fox EK Adds Microsoft Exploits to Arsenal

7/3-5/2020

Iran Hints a Cyber Attack Caused Fire at Nuclear Facility

Foreign Cyber Criminals Take Aim at Americans Working From Home

NSA Issues VPN Security Guidance

Companies Start Reporting Ransomware Attacks as Data Breaches

Prince Edward Island Ransomware Attack Costs Taxpayers More Than $900k

Virtual Reality Is Booming in the Workplace Amid the Pandemic

Ring Doorbell’s Police Partnerships Questioned Over Racial Bias

Infosec Community Disagrees With Changing ‘Black Hat’ Term Due to Racial Stereotyping

Krebs: E-Verify’s “SSN Lock” is Nothing of the Sort

Windows 10’s Microsoft Store Codecs Patches Are Confusing Users
Moose Remain Unaware of Lottery Privacy Breach

Washington County Sheriff’s Office (OR) Hack

500,000 BMW, Mercedes and Hyundai Owners Hit by Massive Data Breach

University of Michigan: Leaked Emails, Passwords Were From ‘3rd-Party Data Breaches’

Barclays Bank Appeared to Be Using the Wayback Machine as a ‘CDN’ for Some Javascript

Critical RCE Flaw (CVSS 10) Affects F5 BIG-IP Application Security Servers

Try2Cry Ransomware Tries to Worm Its Way to Other Windows Systems

Avaddon Ransomware Still Using Excel 4.0 Macros

New Behave! Extension Warns of Website Port Scans, Local Attacks

.NET Core Vulnerability Lets Attackers Evade Malware Detection

7/2/2020

Facebook to Launch Fourth of July Voter Registration Drive

Facebook Privacy Glitch Gave 5K Developers Access to ‘Expired’ Data

Vulnerable Voting Infrastructure and the Future of Election Security

Researchers Link APT15 Hackers to Chinese Military Company

Krebs: Ransomware Gangs Don’t Need PR Help

Surge of MongoDB Ransom Attacks Use GDPR as Extortion Leverage

133m Records for Sale as Fruits of Data Breach Spree Keep Raining Down

U.S. Schools and Colleges Have Leaked 24.5 Million Records Since 2005

4 Barriers to Teaching Employees Good Cybersecurity Habits

Hundreds Arrested After Cops Dismantle Encrypted Phone Network

Leaders Need to Prioritize Cybersecurity
V Shred Data Leak Exposes PII, Sensitive Photos of Fitness Customers and Trainers

Data Breach at CNY Works Career Center May Have Exposed Personal Information of 56,000 Clients

Fort Worth Bike Share Hacked, Users’ Credit Card Info and Names Possibly Compromised

NetWalker Ransomware Group Claims Attack on Fort Worth Transportation Agency

Ransomware Attackers Pressure Knoxville by Posting City Data Online

Ohio Department of Health Website Not Hacked, Technical Difficulties Shut It Down

New Mac Ransomware OSX.ThiefQuest Hidden in Pirated Software

Apache Guacamole Opens Door for Total Control of Remote Footprint

Chingari App Maker Globussoft’s Website Contains Malware, Says Researcher

Cisco SMB Kit Harbors Cross-Site Scripting Bug

Malwarebytes AdwCleaner Now Removes Malware From the Command Line

Microsoft Defender ATP Now Helps Secure Network Devices

7/1/2020

Details of Beijing’s New Hong Kong Security Law: Signals End to More Than 2 Decades of Autonomy

China: Us ‘Oppressing Chinese Companies’ in New Huawei Move

Research Finds Uighurs Targeted by Chinese Spyware as Part of Surveillance Campaign

California’s CCPA Gets Teeth Today

Companies Rush to Implement Identity Systems for Remote Working

Remote Workers Becoming More Security Conscious Although Bad Habits Persist

Federal Reserve Shares Tips on Mitigating Synthetic Identity Fraud

U.S. Gov’t Shares Tips on Defending Against Cyberattacks via Tor

Schools Already Struggled With Cybersecurity. Then Came Covid-19

The World’s Biggest Stolen Data Archive Is About to Reach 10 Billion Personal Records

Dozens of U.S. News Sites Hacked in WastedLocker Ransomware Attacks

Mac Users Beware New EvilQuest Ransomware Targets Apple Computers

Malware Uses Postal App Lure to Send SMS Messages and Steal Data

TrickBot Malware Now Checks Screen Resolution to Evade Analysis

Windows POS Malware Uses DNS to Smuggle Stolen Credit Cards

Cisco Warns of High-Severity Bug in Small Business Switch Lineup

Woolies Hit With AU$1 Million Spamming Fine

Did a Chinese Hack Kill Canada’s Greatest Tech Company?

One out of every 142 passwords is ‘123456’

6/30/2020

Hong Kong Security Law: China Passes Controversial Legislation

U.S. Suspends Sensitive Tech Exports to Hong Kong

After Pompeo Says ‘Tide Is Turning Against Huawei,’ India Reportedly Weighs 5G Ban on Chinese Firm

FCC Formally Designates Huawei and ZTE as National Security Threats

Australia to Spend Nearly $1 Billion to Boost Cyber Security

CISA: Nation-State Attackers Likely to Exploit Palo Alto Networks Bug

How Public Safety Systems Can Be Abused by Nation State Actors

Krebs: COVID-19 ‘Breach Bubble’ Waiting to Pop?

Businesses Lack a Workable Ransomware Recovery Strategy

Unauthorized Data Sharing Puts Companies at Risk

The More Cybersecurity Tools an Enterprise Deploys, the Less Effective Their Defense Is

ID Theft: Fake Google Alerts Are Now Delivering Malware

Democrats, Voting Rights Groups Pressure Senate to Approve Mail-In Voting Resources

California Enters Privacy Law Limbo as November Vote Looms

New Cybersecurity Standard for IoT Devices Established By ETSI

The Celebrities at Risk of Having Their Personal Data Stolen by REvil Ransomware Gang Revealed
Education Dept. Left Exposed Social Security Numbers of Thousands of Borrowers

Business Giant Xerox Allegedly Suffers Maze Ransomware Attack

DeFi Protocol Balancer Loses $500k in Hack

American Medical Tech Reports 2019 Email Hack Impacting 47K Patients

Data Breach Reported for Merced County’s Medi-Cal Managed Healthcare Plan

Florida Orthopaedic Institute Warns Patients of Potential Data Breach

Senior Living Provider Choice Health Management Services’s Email Breach Affects Residents, Employees, Third Parties (NC & SC)

Waterloo Insurance Firm Heartland Farm Mutual Reveals Data Breach

Seller Floods Hacker Forum With Data Stolen From 14 Companies

StrongPity APT Back with Kurdish-Aimed Watering Hole Attacks

Clever Phishing Scam Targets Websites With Free DNSSEC Offer

Devious Bitcoin Scam Uses Targeted Texts and Celeb Endorsements

EvilQuest Mac Ransomware Has Keylogger, Crypto Wallet-Stealing Abilities

Faulty Drivers Fuel ATM Hacking Problem, Say Researchers

Microsoft Releases OOB Security Updates for Windows 10 RCE Bugs

Netgear Not Quite Halfway There With Patches for 28 Out of 79 Vulnerable Router Models