8/28-30/2020

TikTok Talks Could Face Hurdle as China Tightens Tech Export Rules

State Elections Officials Push Back Against Concerns Around Mail-In Voting, Drop Boxes

Jakarta Cyber-attacks Touted as Political Plot

Hackers Claim Data Breach at Paytm Mall, Firm Denies

Manitoba Government Privacy Breach Leaks Info on 9,000 Children’s Disability Services Clients

Single & Penniless: FBI Warns of $475m Lost to Romance Scams

Slack Pays Stingy $1,750 Reward for a Desktop Hijack Vulnerability

Starbucks Calls Bug Disclosure ‘Fraudulent Activity’

HIV Clinic Fined £250 for Data Breach
Krebs: Sendgrid Under Siege from Hacked Accounts

Instagram ‘Help Center’ Phishing Scam Pilfers Credentials

Utah Pathology Services Reports Data Breach

Greenville Tech (SC) Thwarts Data Breach From Hackers Who Sought Ransom

Rocky Mount (NC) Encounters Cyber Attack, Restoration Underway

Malicious NPM Package Caught Trying to Steal Sensitive Discord and Browser Files

Emotet Malware’s New ‘Red Dawn’ Attachment Is Just as Dangerous

Adobe Tackles New Flash Threat After Hacking Team Leak

Microsoft to Remove Insecure TLS Support on Its Linux Software Repository

8/27/2020

Walmart Is Teaming up With Microsoft on TikTok Bid

TikTok Asking $30 Billion for Its U.S. Operations

TikTok Chief Executive Kevin Mayer Resigns

Democratic Campaign Staffers Warned of Possible ‘Sting’ on Dating Apps

Justice Dept. Moves to Seize 280 Cryptocurrency Accounts Tied to North Korean Hacks

Dracula Network Pushes Out Pro-China Twitter Spam

UK NCSC Departing Boss Reflects on China, Russia and Trust in Tech

Elon Musk’s Brain-Implant Firm Neuralink to Show off ‘Working’ Device Friday

European Regulators List Detailed Privacy Violations to Justify Fines

Ex-Cisco Employee Pleads Guilty to Deleting 16K Webex Teams Accounts

Krebs: Confessions of an ID Theft Kingpin, Part II
New Zealand’s Stock Exchange Down for Fourth Day in a Row After Cyber Attacks

Tesla Dodged a Major Russian Cyber Attack Thanks to a Brave Employee (and the FBI)

UltraRank Digital Skimming Group Hit Hundreds of Sites

Iranian Hackers Impersonate Journalists to Set up WhatsApp Calls and Gain Victims’ Trust

Blackbaud Faces Class Action Lawsuit After Data Breach

QakBot Banking Trojan Returned With New Sneaky Tricks to Steal Your Money

Lemon_Duck Cryptominer Malware Now Targets Linux Devices

Magecart’s Success Paves Way For Cybercriminal Credit Card ‘Sniffer’ Market

Local Government Organizations Most Frequently Targeted by Ransomware

Malicious Attachments Remain a Cybercriminal Threat Vector Favorite

8/26/2020

Chinese Diplomats Helped Military Scholars Visiting the U.S. Evade FBI Scrutiny, U.S. Says

Top Election Officials Warn Election Systems Being ‘Scanned’ for Vulnerabilities by Adversaries

Disinformation Spurs a Thriving Industry as U.S. Election Looms

North Korean Hackers Ramp up Bank Heists: U.S. Government Cyber Alert

FBI/CISA Warn U.S. Firms of State-Mandated Tax Malware

Facebook Says Apple’s New Privacy Rules Will Hamper Its Ad Service

International Authorities Dismantle Online Piracy Ring

U.S. Arrests Tourist Over Malware Conspiracy

Krebs: Confessions of an ID Theft Kingpin
Hackers for Hire Attack Architecture Firm via 3ds Max Exploit

Leeds-Based College Group Hit by Cyber Attack

Gosnell Schools (AR) Hit With Ransomware Attack

Giveaway Scam Infects 65,000 Devices with Malware

Red Cross Chief: Cyber Attacks Increasing on Hospitals

Browser-Based Cryptojacking Attacks Spike 163%

SunCrypt Ransomware Sheds Light on the Maze Ransomware Cartel

Security Flaws in Two Popular TV Set-Top Boxes Expose Customers to Attack

Hackers Exploit Autodesk Flaw in Recent Cyberespionage Attack

8/25/2020

U.S. Cyber Command Leader Vows to ‘Defend Forward’ in Protecting Nation From Cyberattacks

Shoring Up the 2020 Election: Secure Vote Tallies Aren’t the Problem

House Democrats Request Briefing on Seizure of Terrorist Cryptocurrency Assets

Lazarus Group Targets Cryptocurrency Firms Via LinkedIn Messages

Colleges Weigh Transparency Versus Privacy When It Comes to Covid-19 Data

The Fatal Flaw in Data Security

National Cyber League Registration Opens
NZX Down Again After Another Cyber Attack

Darkside Ransomware Hits North American Real Estate Developer Brookfield Residential

Cyber Attack Threatens Security, Finances of Torrington (CT) City Hall

Lafayette Says Criminals Might Have Had Access to Some Personal Information During Ransomware Attack

Ryuk Successor Conti Ransomware Releases Data Leak Site

Popular iOS SDK Caught Spying on Billions of Users and Committing Ad Fraud

Four More Bugs Patched in Microsoft’s Azure Sphere IoT Platform

8/24/2020

Alexei Navalny: Putin Critic ‘Probably Poisoned’ – Doctors

TikTok Files Suit Challenging U.S. Ban

General Atlantic, Sequoia Capital Pushing Oracle’s Bid for TikTok

Federal Cyber Agency Releases Strategy to Secure 5G Networks

Iran-Linked ‘Newbie’ Hackers Spread Dharma Ransomware Via RDP Ports

Temporary Zoom Outage Upends Remote Learning, Court Proceedings and More

Hacker Disrupts North Carolina School Lesson

U.S. Makes Second Espionage Arrest in a Week

Average Cost of a Data Breach in 2020: $3.86M
Indian Travel Site RailYatri Exposed 37 Million Records Before Meow Attack

Haywood County Schools (NC) Closed After Ransomware Attack

Cyber Attack Prompts Cancellation of Online Classes in Rialto (CA)

FBI Investigates COVID-19 Patient Data Breach in South Dakota

Dark Web Market Empire Down for Days From DDoS Attack

TeamViewer Flaw Risks Password Exposure

Security Researcher Discloses Safari Bug After Apple’s Delays Patch

Google Fixes High-Severity Chrome Browser Code Execution Bug

Office 365 Now Opens Attachments in a Sandbox to Prevent Infections

8/21-23/2020

Facebook CEO Mark Zuckerberg Stoked Washington’s Fears About TikTok

Top Senate Intel Democrat Worried Americans May ‘Unwittingly’ Promote Russian Disinformation Campaign

Postmaster General Testifies That Ballots Will Be Prioritized for Delivery

FBI, CISA Echo Warnings on ‘Vishing’ Threat

U.S. Financial Regulator Warns of Phishing Sites Impersonating Brokers

Reports of Cybercrimes Against Children Double During Pandemic

Hackers Eye Students Returning to Virtual Classes as Easy Targets
Freepik Data Breach: Hackers Stole 8.3M Records via SQL Injection

Instacart Reveals Third Party Employees Accessed Customer Data

University of Kentucky COVID-19 Data Left Some Students’ Information Exposed, School Says

Customers Complain of Delays After Ransomware Attack on Canadian Delivery Company Canpar Express

WordPress WooCommerce Stores Under Attack, Patch Now

Researchers Sound Alarm Over Malicious AWS Community AMIs

A Google Drive ‘Feature’ Could Let Attackers Trick You Into Installing Malware

8/20/2020

China Says Taiwan Hacking Allegations Are ‘Malicious Slander’

Susan Rice Says She Is ‘100 Percent’ Sure Russia Will Interfere in Elections

Transparent Tribe APT Mounts Ongoing Spy Campaign on Military, Government

Senate Bill Would Expand Facial-Recognition Restrictions Nationwide

Facebook Expands Policy to Take Down QAnon and US Militias

Phone Hack Traumatizes Neighbours Actress

What To Do When Your Computer Is Attacked

Ransomware Negotiations Revealed: Flattery and Empathy Works

Former Uber Security Chief Charged Over Covering Up 2016 Data Breach

IBM Settles Lawsuit Over Weather Channel App Data Privacy
University of Utah Pays $450K Ransom to Stop Leak of Stolen Data

Baugo Community Schools (IN) Dealing With Cyber Attack

Myerscough College Falls Victim to Massive Cyber Attack on GCSE Results Day

Imperial Valley College (CA) Online Classes Delayed a Week Due to Ransomware

Colleges Face Education Challenge on Cybersecurity

IBM AI-Powered Data Management Software Subject to Simple Exploit

Malware Can No Longer Disable Microsoft Defender via the Registry

Cisco Critical Flaw Patched in WAN Software Solution

Google Fixes Gmail Bug Allowing Attackers to Send Spoofed Emails

Why the Cybersecurity Skills Gap Continues to Widen

8/19/2020

Taiwan Says China Behind Cyberattacks on Government Agencies, Emails

Oracle Joins Microsoft, Twitter in the Battle for TikTok. Two Traders Place Their Bets.

Trump Gives Nod to Oracle Buyout of TikTok

Just What Would an Enterprise Company Like Microsoft or Oracle Do With TikTok?

U.S. Gov’t Exposes New North Korean BLINDINGCAN Backdoor Malware

Fake News on COVID-19 Government Initatives Boost Phishing in Brazil

The Sounds a Key Make Can Produce 3D-Printed Replica

Krebs: Voice Phishers Targeting Corporate VPNs

NYPD Used Facial Recognition Software During Probe of BLM Leader

Massachusetts Attorney General Creates Unit to Police Data Privacy and Security Abuses

Police and Industry Take Down $42m “Bulletproof Exchange”
‘Millions’ of South Africans’ Personal Info Exposed in Experian Credit Bureau Data Breach

Data Firm Exposes 235 Million Social Media Profiles

Childrens’ Personal Details Hacked in Sutton Park Donkey Sanctuary Cyber-Attack (Birmingham, UK)

Museum of the Cherokee Indian Hit With Cyberattack; All Data Still Intact

FritzFrog Botnet Attacks Millions of SSH Servers

More & More Blackbaud: Cleveland Museum of Natural History

Lucifer Cryptomining DDoS Malware Now Targets Linux Systems

Researchers Warn of Flaw Affecting Millions of IoT Devices

Microsoft Issues Out of Band KB4578013 Windows Security Update

Chrome to Warn Users Completing Suspicious Forms

Tor Project Shares Proposals to Limit DDoS Impact on Onion Sites

WannaRen Ransomware Author Contacts Security Firm to Share Decryption Key

8/18/2020

China: U.S. Undermining Global Trade With Sanctions Against Huawei

Huawei Phones Unlikely to Receive Security Updates as Trade Ban Begins

TikTok’s U.S. Employees Plan to Sue Trump Administration Over Executive Order

Putin Ordered 2016 Democratic Hack, Republican-Led Senate Panel Says

Large Orgs Plagued with Bugs, Face Giant Patch Backlogs

61% of Airlines Have No Published DMARC Record, Customers Susceptible to Email Fraud

Microsoft Is Killing off Insecure Cloud App Security Cipher Suites

Former CIA Officer Charged with Espionage

U.S. Jails Sextortionist for 35 Years

Six Suspects Face 275 Felony Complaints Related to Data Breach at Santa Barbara Property Management Firm
Gym App Management Platform Fizikal Exposed Info of Thousands of Users

Jefferson Parish Schools Data Breach Exposes 86 Students’ Information

Student Information, Financial Info Published in Suspected Royal Military College (RMC) of Canada Data Leak After Cyber Attack

Saratoga Cardiology Associates (NY) Reports 1,789 Patients’ Info Missing From Bank Deposit Bags

GitHub Leaks Exposed up to 200,000 Medical Records

Some Knoxville City Data on Dark Web, Most Computers Back Online Two Months Later

Researchers Warn of Active Malware Campaign ‘Duri’ Using HTML Smuggling

IcedID Trojan Rebooted with New Evasive Tactics

Critical Jenkins Server Vulnerability Could Leak Sensitive Information

8/17/2020

U.S. Tightens Restrictions on Huawei’s Access to Chips

How Twitter’s Big Hack Became a Wake-Up Call Before the 2020 Elections

Major Security Vulnerability Discovered in CMS System Used by US Army

Crest Cancels UK Infosec Accreditation Exams After Fresh Round of ‘Cheat Sheets’ Are Leaked Online

Governments Collected Large Amounts of Data to Fight the Coronavirus, Raising Privacy Concerns

Please Stop Hard-Wiring AWS Credentials in Your Code University COVID-19 Track-And-Test App Makers

There’s a Growing Blind Spot for Your Security Team During the Pandemic: IoT Devices

Oracle and Salesforce to Face GDPR Lawsuit

American Charged with Attempting to Hire Hitman on Dark Net
Carnival Hit by Ransomware Attack, Guest and Employee Data Accessed

Ponca City Public Schools (OK) Delays Start of School Due to Ransomware Attack

Cyberattack Shuts Down Canadian Government Accounts

Cyberattack on India’s NHAI Traced to Taiwan and Hong Kong IP Addresses

‘EmoCrash’ Exploit Stoppered Emotet For 6 Months

Crypto-Mining Worm Steals AWS Credentials

Israeli Cyber Startup Discovers Blockchain Weakness That Could Potentially Leak Millions

Krebs: Microsoft Put Off Fixing Zero Day for 2 Years

Windows Control Flow Guard Support Added to Rust, Clang Compilers

Google Chrome Will Warn Users When Submitting Insecure Forms

8/14-16/2020

Lawmakers Introduce Bill to Help Election Officials Address Cyber Vulnerabilities

U.S. Agency Takes Part in Simulated Cyberattack on Critical Systems

Emotet Malware Strikes U.S. Businesses With COVID-19 Spam

Canada Suffers Cyberattack Used to Steal COVID-19 Relief Payments

Over 43,000 Phishing Emails Slip Through NHS Security Filters

SANS Shares Details on Attack That Led to Their Data Breach

Instagram Retained Deleted User Data Despite GDPR Rules

Blackmailers Stole Our Instagram Account

A Cyberattack Doesn’t Have to Sink Your Stock Price

Windows Defender Deletes Citrix Components Mislabeled as Malware
Canada Revenue Agency (CRA) Shuts Down Online Services After Thousands of Accounts Breached

Krebs: Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Business Technology Giant Konica Minolta Hit by New Ransomware

U.S. Spirits and Wine Giant Brown-Forman Hit by Cyberattack, 1TB of Data Stolen

Tea at the Ritz (London) Soured by Credit Card Scammers

Phishing Scam Targets Asda Shoppers

Mac Users Targeted by Spyware Spreading via Xcode Projects

PoC Exploit Targeting Apache Struts Surfaces on GitHub

Critical Flaws in WordPress Quiz Plugin Allow Site Takeover

8/13/2020

NSA, FBI Expose Russian Intelligence Linux Hacking Tool “Drovorub”

Federal Agencies Seize, Dismantle Cryptocurrency Campaigns of Major Terrorist Organizations

Two Republican Senators Ask U.S. FTC to Investigate TikTok’s Data Collection Practices

Lawmakers Introduce Bill Designating $28 Billion to Secure State and Local It Systems

China-Based CactusPete APT Hones Toolset, Resurfaces with New Espionage Targets

CactusPete APT Targets Eastern European Military

Zoom Faces More Legal Challenges Over End-to-End Encryption

U.S. Court Orders Defendant to Unlock Phones

Expired Certificate Led to an Undercount of COVID-19 Results

Cybersecurity Firms Post Strong Quarter Despite Gloomy Economy

You Weren’t Hacked Because You Lacked Space-Age Network Defenses or Because Cyber-Gurus Picked on You. It’s Far Simpler Than That.
Hacker Leaks Data for Utah-Based Gun Exchange Site on Cybercrime Forum

Stealthy RedCurl Hackers Steal Corporate Documents

The Metropolitan Community College of Kansas City Victim of Ransomware

U.S. Stock Broker Regulator FINRA Warns of Copycat Phishing Site

Phishing Tactic Targets Verizon Users’ Credentials

Mekotio Banking Trojan Imitates Update Alerts to Steal Bitcoin

Amazon Alexa Security Bug Allowed Access to Voice History

ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls

High-Severity TinyMCE Cross-Site Scripting Flaw Fixed

8/12/2020

Israel Says It Thwarted Foreign Cyber Attack on Defence Industry

Pakistani Intelligence Agencies Identify Major Cyber Attack by India

Federal Agency Warns ‘Malicious Cyber Actor’ Targeting Coronavirus Small Business Loan Program

NHS Hit With Wave of Scam Emails at Height of COVID-19 Pandemic

Twitter Launches Much-Awaited Developer Software After Hack Delay

Incident Response Exercises Not Taken Seriously by Business Leaders

Krebs: Why & Where You Should You Plant Your Flag

These Two Basic Flaws Make It Easy for Hackers to Break Into You Systems
Arnot Health Employees (NY) Potentially Affected by Magellan Health Ransomware Attack

Flintshire Council (UK) Notifies Information Commissioner’s Office Following Data Breach

Rite Aid Pharmacy Thefts Expose Information of 9,200 Patients

Blackbaud Breach Bonanza Continues: May Have Compromised Harvard Affiliates’ Demographic Data

Dharma Ransomware Created a Hacking Toolkit to Make Cybercrime Easy

Windows, IE11 Zero-Day Vulnerabilities Chained in Targeted Attack

Is It Finally The End Of Adobe Flash Player?

8/11/2020

TikTok Tracked User Data Using Tactic Banned by Google

China Now Blocking ESNI-Enabled TLS 1.3 Connections, Say Great-Firewall-Watchers

Republicans Introduce Bill to Defend Universities Conducting Coronavirus Research Against Hackers

FBI Warns Schools of a Possible Cyber Attack as Students Begin Virtual Learning

Network Intruders Selling Access to High-Value Companies

How This Chrome, Edge And Opera Security Bug Left Users At Risk—For A Whole Year

Zoom Sued by Consumer Group for Misrepresenting Its Encryption Protections

Police Face-Recog Tech Use in Welsh Capital of Cardiff Was Unlawful – Court of Appeal

Australian Jailed for Stealing XRP Crypto
Data Breach at Illinois Healthcare System

Walgreens Reports Data Breach Affecting 72k Individuals

SANS Infosec Training Org Suffers Data Breach After Phishing Attack

NCC Group Admits Its Training Data Was Leaked After Folders Full of Crest Pentest Certification Exam Notes Posted to GitHub

High-Speed Trader Virtu Financial Discloses $6.9 Million Hacking Loss

Cornerstone Building Brands (CNR) Says It Detected Ransomware Attack

Critical Intel Flaw Afflicts Several Motherboards, Server Systems, Compute Modules

SAP Updates Security Note for Critical RECON Vulnerability

Critical Flaws Affect Citrix Endpoint Management (XenMobile Servers)

Krebs: Microsoft Patch Tuesday, August 2020 Edition

Critical Adobe Acrobat and Reader Bugs Allow RCE

8/10/2020

Outspoken Hong Kong Publisher and China Critic Jimmy Lai Is Arrested Under National Security Law

China Imposes Sanctions on 11 Americans Over Hong Kong

Avoids Top Trump Aides in Retaliatory Sanctions

Microsoft Faces Complex Technical Challenges in TikTok Carveout

Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28

Facebook Internal Investigation Uncovers Millions of QAnon Conspiracy Members in Thousands of Groups

Avaddon Ransomware Launches Data Leak Site to Extort Victims

Utah Family Tormented in “Stalking on Steroids” Case

Alleged Soccer Leaks Source Released from Custody

Office 365 Will Let You Manage Phishing Simulation Emails
Michigan State University Discloses Credit Card Theft Incident

Google Chrome Browser Bug Exposes Billions of Users to Data Theft

A Mysterious Group Has Hijacked Tor Exit Nodes to Perform SSL Stripping Attacks

Hacked Government, College Sites Push Malware via Fake Hacking Tools

Upgraded Agent Tesla Malware Steals Passwords From Browsers, VPNs

Google Fixes Mysterious Audio Recording Blip in Smart Speakers

vBulletin Fixes Ridiculously Easy to Exploit Zero-Day RCE Bug

Boeing 747s Receive Critical Software Updates Over 3.5″ Floppy Disks

8/7-9/2020

Trump Issues Executive Order Barring U.S. Firms From Doing Business With Tiktok’s Parent Company in 45 Days

Twitter and TikTok Reportedly Have Had Talks About a Deal

TikTok Exploring ‘all Remedies’ to Safeguard ‘Rule of Law’ in U.S. Ban

U.S. Sanctions Chinese Officials Over Hong Kong Policy—Including Carrie Lam

State Department: We’re Responsible for Russian, Iranian Text Message Campaign

U.S. Officials Now Worry About Election Logistics More Than Hacking

Democratic Senators Voice ‘Growing Concerns’ Over Electoral Interference

Trump’s National Security Adviser Says U.S. Countering Russian, Chinese Efforts to Tamper With Election Infrastructure

Reddit Hit by Coordinated Hack Promoting Trump’s Reelection

FBI: Iranian Hackers Trying to Exploit Critical F5 BIG-IP Flaw

Have I Been Pwned Set to Go Open-Source

Pirate Subscription Services Now a Billion-Dollar Industry in US
Hackensack Meridian Health Group (NJ) Alerts Donors of Data Breach

Two Weeks After Attack, Samaritan (NY) Restores Some Computer Systems

Fake Security Advisory Used in Clever cPanel Phishing Attack

TeamViewer Fixes Bug That Lets Attackers Access Your PC

Qualcomm Bugs Open 40 Percent of Android Handsets to Attack

Major Retailer Monsoon Accessorize at Risk of Attack Due to VPN Vulnerabilities

Bugs in HDL Automation Expose IoT Devices to Remote Hijacking

Evasive Credit Card Skimmers Using Homograph Domains and Infected Favicon

Attackers Horn in on MFA Bypass Options for Account Takeovers

Samsung Rolls Out Android Updates Fixing Critical Vulnerabilities

8/6/2020

Iranians, Russians Receive Text Messages Seeking U.S. Election Hacking Info

Krebs: Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

Australia to Spend $1.2 Billion on Cyber Security for Private Sector After Rise in Attacks

Facebook Bans Ads From Pro-Trump PAC

Privacy ‘at Core’ of New Coronavirus Exposure App Launched by Virginia Health Department

Pandemic Elevates Security Chiefs to Corporate Leadership Roles

Capital One Fined $80 Million for Data Breach Involving 100 Million Americans

Hackers Abuse Lookalike Domains and Favicons for Credit Card Theft

Louisiana Judicial Candidate Charged With Hacking

Cybersecurity And Public Wi-Fi
Online Exam Tool ProctorU Suffers Data Breach

Muskingum Valley Health Center’s EHR (OH) Hit by Ransomware Attack, Exposes 7,000+ Patients’ Info

Intel NDA Blueprints – 20GB of Source Code, Schematics, Specs, Docs Leaked

NY Ventilator Innovator Hit by Windows DoppelPaymer Ransomware

Satellite Comms Globally Open to $300 Eavesdropping Hack

KrØØk Attack Variants Impact Qualcomm, Mediatek Wi-Fi Chips

Nearly 50% of All Smartphones Affected by Qualcomm Snapdragon Bugs

Unpatched Bug in Windows Print Spooler Lets Malware Run as Admin

Mercedes-Benz E-Series Rife with 19 Bugs

High-Severity Cisco DoS Flaw Plagues Small-Business Switches

8/5/2020

Pompeo Urges Cutting Ties With Chinese Tech Companies, Apps

Google Pulls 2,500 China-linked YouTube Channels over Disinformation

Top Federal Official Says More Details Coming on Foreign Election Interference

U.S. Offers $10 Million Reward for Hackers Meddling in Elections

First EU Sanctions for Cyberattacks Point to Alignment With U.S. on Foreign Hacking

Twitter Says Security Flaw May Have Exposed Android Users’ Direct Messages

Krebs: Porn Clip Disrupts Virtual Court Hearing for Alleged Twitter Hacker

Silk Road Vendor Indicted on Narcotics Charges
Canon Hit by Maze Ransomware Attack, 10TB Data Allegedly Stolen

Hacker Leaks Passwords for 900+ Enterprise VPN Servers

As Disclosures Continue, Blackbaud Breach Remains a ‘Conundrum’ for Some Nonprofits

High-Severity Android RCE Flaw Fixed in August Security Update

Microsoft Teams Patch Bypass Allows RCE

Microsoft Adds Windows 10 DNS Over HTTPS Settings Section

Researcher Demonstrates 4 New Variants of HTTP Request Smuggling Attack

Ex-NSA Hacker Finds a Way to Hack Mac Users via Microsoft Office

8/4/2020

Experts Warn Mail-In Voting Misinformation Could Threaten Elections

Google Bans Ads Linking to Hacked Political Content

Iranian Hacker Group ‘Oilrig’ Becomes First Known APT to Weaponize DNS-Over-HTTPS (DoH)

NSA Warns Cellphone Location Data Could Pose National-Security Threat

Florida Teen Pleads Not Guilty to Masterminding Twitter Hack

Cyber Chiefs Watch Their People for Burnout as Pandemic Rolls On

Microsoft Goes Big in Security Bug Bounties: Its $13.7m Is Double Google’s 2019 Payouts

Firefox Adds Protections Against Redirect Tracking
British Dental Association Members Targeted by Hackers

Regis Healthcare Targeted in Cyber Attack

Summit Medical Associates Provides Notice of a Data Breach

Lafayette, Colorado Pays $45,000 Ransom After Cyber-Attack

Bug on Facebook Plugin Lets Hackers Hijack WordPress Sites’ Chat

Vulnerable Perimeter Devices: A Huge Attack Surface

Networks Exposed to Attacks Due to Windows 7 End of Life

8/3/2020

Trump Says U.S. Should Get Slice of TikTok Sale Price

Twitter Warns About Possible $250 Million FTC Fine

House Republicans Introduce Legislation to Give States $400 Million for Elections

Google Updates Ad Policies to Counter Influence Campaigns, Extortion

UK Defence Committee Chair Muses Treating TikTok Like Huawei

UK Says ‘Inappropriate’ to Comment on Hacking of Former Trade Minister’s Email

U.S. Gov’t Exposes Chinese Espionage Malware ‘Taidoor’ Secretly Used Since 2008

FBI Sees Surge in Online Shopping Scams, FTC Says Most Reports Ever

Malware Author Admits Role in $568m Cyber-Fraud

From Minecraft Tricks to Twitter Hack: A Florida Teen’s Troubled Online Path
Krebs: Robocall Legal Advocate The Blacklist Alliance Leaks Customer Data

Zello Resets All User Passwords After Data Breach

Delivery Startup, iVoy, Experiences Data Breach, Over 127,000 Accounts Exposed

Telstra Outage Was Not a Cyber Attack?

Meetup Critical Flaws Allow ‘Group’ Takeover, Payment Theft

Hundreds Targeted By Free TV License Scam

Newsletter WordPress Plugin Bugs Let Hackers Inject Backdoors on 300k Sites

Windows 10: HOSTS File Blocking Telemetry Is Now Flagged as a Risk

Leaky S3 Buckets Have Gotten So Common That They’re Being Found by the Thousands

BlackBerry Launches Free Tool for Reverse Engineering to Fight Cybersecurity Attacks

7/31-8/2/2020

Krebs: Three Charged in July 15 Twitter Compromise

Used “Phone Spear Phishing” in Mass Account Takeover

Russia Pledges Reciprocal Steps After EU Sanctions for Alleged Cyberattacks

Microsoft Is in Talks to Acquire TikTok, as U.S. Considers Banning the App

Microsoft and Bytedance Put TikTok Talks on Hold After Trump Signals Opposition

Microsoft Says It Remains Committed to Reaching TikTok Deal

Microsoft Aims for a Deal

Trump Threat to TikTok Generates Storm of Criticism From Users

Ohio Researcher Admits Selling Secrets to China

Anti-NATO Disinformation Campaign Leveraged CMS Compromises

U.S. Government Sites Abused to Redirect Users to Porn Sites

Ransomware Feared as Possible Saboteur for November Election

GandCrab Ransomware Operator Arrested in Belarus
‘Payment Sent’ – Travel Giant CWT Pays $4.5 Million Ransom to Cyber Criminals

Confirmed: Garmin Received Decryptor for Wastedlocker Ransomware

Athens ISD (TX) Will Not Pay Ransom After Cyber Attack, Recovers Data

Havenly Discloses Data Breach After 1.3M Accounts Leaked Online

Canadian MSP Pivot Technology Discloses Data Breach, Failed Ransomware Attack

Telstra DNS Falls Over After Denial of Service Attack

Bypassing Windows 10 UAC With Mock Folders and Dll Hijacking

New Attack Leverages HTTP/2 for Effective Remote Timing Side-Channel Leaks

4 Unpatched Bugs Plague Grandstream ATAs for VoIP Users

QNAP Urges Users to Update Malware Remover After QSnatch Alert

Many Second Hand Phones Are Sold with Security Vulnerabilities

Infosec Researchers Turn 3D Printers Into Self-Immolating Suicide Machines