11/27-29/2020 November 30, 2020November 30, 2020 ~ The Cyber Beat ~ Leave a comment South Korea Says It Foiled North Korea Attempt to Hack Its COVID-19 Vaccine MakersChristopher Krebs: I’m ‘Most Upset’ I Didn’t Get to Say Goodbye to My Team…’Not How I Wanted to Go Out.’Cyber Monday Looms – But Shoppers Oblivious to Top Retail Threats…One in Seven #BlackFriday Emails Are Malicious…Phishing Lures Employees With Fake ‘Back to Work’ Internal Memos…Office 365 Phishing Abuses Oracle and Amazon Cloud ServicesUK NCSC Helping Manchester United Recover from Cyber-Attack2021 Healthcare Cybersecurity Priorities: Experts Weigh InIIoT Chip Maker Advantech Hit by Ransomware, $12.5 Million RansomMasterChef, Big Brother Producer Banijay Group SAS Hit by DoppelPaymer RansomwareDelaware County, PA Pays 500k Ransom to DoppelPaymer RansomwareCBS Last.FM Fixes Admin Password Leakage via Symfony ProfilerDigitally Signed Bandook Malware Once Again Targets Multiple SectorsDrupal Issues Emergency Fix for Critical Bug With Known ExploitsThe Top 20 Cybersecurity Startups To Watch In 2021 Based On Crunchbase
11/26/2020 November 27, 2020November 27, 2020 ~ The Cyber Beat ~ Leave a comment Personal Data of 16 Million Brazilian COVID-19 Patients Exposed OnlineDDoS Attacks Against Online Retailers Increase Four-Fold During PandemicMassive Zoom Phishing Targets Thanksgiving MeetingsPrivacy Campaigner Flags Concerns About Microsoft’s Creepy Productivity ScoreChanging Employee Security Behavior Takes More Than Simple AwarenessA Therapeutic for what Ails Digital HealthCanon Publicly Confirms August Ransomware Attack, Data TheftUS Fertility Patient Data Was Stolen in Ransomware AttackIsraeli Army Exposed the PII of Tens of Thousands of SoldiersSophos Alerts Customers of Info Exposure After Security BreachNew Egregor Ransomware Steps into Maze Group’s ShoescPanel 2FA Bypassed in Minutes via Brute-Force Attacks
11/25/2020 November 26, 2020November 26, 2020 ~ The Cyber Beat ~ Leave a comment At China’s Premier Internet Conference, Few Address the Regulatory Elephant in the RoomTrump Administration Extends TikTok Sale DeadlineGovernment Watchdog Urges Policymakers to Boost Cybersecurity for 5G NetworksCanada’s Proposed Privacy Overhaul Leans Toward European-Style RulesParler Hack Claims Are Fake, CEO Says: ‘They Are Just Obsessed With Us’Laser-Based Hacking from Afar Goes Beyond Amazon AlexaPhishing Most Frequently Reported Cybercrime in U.S.Major BEC Phishing Ring Cracked Open with 3 ArrestsTicketmaster: We’re Not Liable for Credit Card Badness Because the Hack Straddled GDPR DaySopra Steria Expects €50 Million Loss After Ryuk Ransomware AttackBlack Friday: The Best Gifts for HackersRansomware Attack Cripples Baltimore County Public Schools: No Timeline for Return to ClassCyber Attack Takes Rand McNally ELDs OfflineUS Fertility Provides Notice of Data Security IncidentPremier Health (OH) Investigates Data BreachDanish News Agency Ritzau Refuses to Pay After Ransomware AttackFBI Joins Investigation Into Computer System Hack in Delaware County (PA)Belden Networking Giant’s Company Data Stolen in CyberattackPasswords Exposed for Almost 50,000 Vulnerable Fortinet VPNsCritical MobileIron RCE Flaw Under Active AttackWindows 7 and Server 2008 Zero-Day Bug Gets a Free PatchWhy Data Protection And Cybersecurity Can’t Be Separate Functions
11/24/2020 November 25, 2020November 25, 2020 ~ The Cyber Beat ~ Leave a comment FCC Affirms ZTE Poses U.S. National Security ThreatIndia Bans 43 More Chinese Apps Over Cybersecurity ConcernsDemocrats Urge YouTube to Remove Election Misinformation, Step up Efforts Ahead of Georgia Runoff…Press Facebook, Twitter TooYouTube Temporarily Suspends, Demonetizes OANNFederal Authorities Warn of Increased Cyber Targeting During Upcoming Holiday SeasonCrooks Impersonate U.S. Gov’t Agencies Offering Financial AidU.S. Proposes Funding to Clear Risk Assessment BacklogPrinters’ Cybersecurity Threats Too Often IgnoredHome Depot Reaches $17.5 Million Settlement Over 2014 Data BreachCyber-attacks Reported on Three US Healthcare Providers in FL, GA & NYAustralian Legal Services Provider Law in Order Hit With Cyber AttackPost-Breach, Peatix Data Reportedly Found on Instagram, TelegramPayday Loans Exposed Records in the OpenBaidu Apps in Google Play Leak Sensitive DataNew WAPDropper Malware Stealthily Subscribes You to Premium ServicesStantinko Botnet Now Targeting Linux Servers to Hide Behind ProxiesTrickBot Malware Uses Obfuscated Windows Batch Script to Evade DetectionBlackrota Golang Backdoor Packs Heavy Obfuscation PunchUK Urges Orgs to Patch Critical Mobileiron Cve-2020-15505 Rce Bug
11/23/2020 November 24, 2020November 24, 2020 ~ The Cyber Beat ~ Leave a comment Alibaba CEO Says China’s Draft Anti-Monopoly Rules ‘Timely and Necessary’Democrats Accuse GSA of Undermining National Security by Not Certifying Biden Win…President-Elect Biden to Begin Formal Transition Process After Agency OkLawmakers Urge FCC to Assist in Effort to Rip Out, Replace Suspect Network EquipmentEuropean Cloud-Computing Initiative Limits U.S. Companies’ RoleFBI Warns of Recently Registered Domains Spoofing Its SitesTesla Model X Key Fobs Could Be Hacked to Steal Cars, Fix ReleasedSmart Doorbells ‘Easy Target for Hackers’ Study FindsApple’s Global Security Boss Accused of Bribing Cops With 200 Free iPads in Exchange for Concealed Gun PermitsSpotify Users Hit with Rash of Account TakeoversAnonymous Hacks Uganda Police WebsiteFake Minecraft Mods Swamp Over 1m Android Devices With AdsBristol City Council Data Breach Sends Names of Children to ‘Livid and Upset’ ParentsTA416 APT Rebounds With New PlugX Malware VariantIsrael Cyber Directorate Warns of Remotely Exploitable Drupal FlawVMware Discloses Critical Zero-Day Vulnerability in Workspace OneTikTok Fixes Bugs Allowing Account Takeover With One ClickSeven Debunked Myths of Cybersecurity
11/20-22/2020 November 23, 2020November 23, 2020 ~ The Cyber Beat ~ Leave a comment Trump Twitter ‘Hack’: Dutch Police Question ResearcherJoe Biden’s ‘Vote Joe’ Website Defaced by Turkish HackersPeters Criticizes Trump for Not Taking Action After Cyberattacks on Hospitals, COVID-19 ResearchersAfter Trump Fires CISA’s Director, the Agency Is Poised to Become Even More PowerfulDutch Journalist Gatecrashes EU Defence Video ConferenceThink Tank Urges Financial Sector Action on Cyber ThreatsFBI Warns of Increasing Ragnar Locker Ransomware ActivityGoogle Services Weaponized to Bypass Security in Phishing, BEC CampaignsHacker Posts Exploits for Over 49,000 Vulnerable Fortinet VPNs…Why Even the Best Free VPNs Are Not a Risk Worth TakingGreen Beret Passed Secrets to RussiaKrebs: Convicted SIM Swapper Gets 3 Years in JailFireEye Acquires Respond Software10M Impacted in Pray.com Data ExposureCyber Breach Exposed Thousands of Patients’ Info at Several LSU Medical CentersKrebs: GoDaddy Employees Used in Attacks on Multiple Cryptocurrency ServicesManchester United Working to ‘Minimize Disruption’ Caused by ‘Cyber Attack’Korean Retail Giant E-Land Closes Nearly Half of Stores Due to Ransomware AttackIrish Start-up Glofox Investigates Possible Data BreachSugarloaf, Sunday River (ME) Parent Company Investigating Online AttackArchdiocese of St. Louis Websites Down After Ransomware AttackLightBot: TrickBot’s New Reconnaissance Malware for High-Value TargetsQBot Partners With Egregor Ransomware in Bot-Fueled AttacksNew Grelos Skimmer Variants Siphon Credit Card DataVMware Fixes Critical Flaw in ESXi Hypervisor
11/19/2020 November 20, 2020November 20, 2020 ~ The Cyber Beat ~ Leave a comment Canadian Accusations on China Being Cyber-Crime Threat Are Groundless, Says ChinaMassive, China-State-Funded Hack Hits Companies Around the World, Report SaysRaytheon Employee Jailed for Exporting Missile Data to ChinaCyber Official Krebs’s Ouster Tests Government Relations With Private SectorIoT Cybersecurity Improvement Act Passed, Heads to President’s DeskHard Rock Stadium Ups CybersecurityCybercriminals Batter Automakers With Ransomware, IP Theft Tech Firms Fall Short on Misinformation Targeting Latino Voters, Advocates SayUK GCHQ Put ‘Image Before Cost’ With New Cyber BuildingFlorida Man Sentenced 36 Months for Stealing $9m From Adoption, Automotive Firms via Business Account TakeoverBest VPNs in 2020Ransomware Attack Hits Arizona Judicial Branch’s Website and Limits Some ServicesStudents, Staff Experience Slowdowns After Mansfield Schools (MA) Fall Victim to CyberattackRussian Hacker Group REvil Claims Massive Attack on Televangelist Kenneth CopelandRobot Vacuums Suck Up Sensitive Audio in ‘LidarPhone’ HackGO SMS Pro Android App Exposes Private Photos, Videos and MessagesFacebook Messenger Bug Allowed Android Users to Spy on Each OtherMount Locker Ransomware Now Targets Your TurboTax Tax ReturnsKali Linux 2020.4 Switches the Default Shell From Bash to ZSHGoogle’s free services are now phishing campaign’s best friendsMicrosoft Rolls Out Protection for Critical Accounts in Office 365
11/18/2020 November 19, 2020November 19, 2020 ~ The Cyber Beat ~ Leave a comment Canada Names China, Russia as Main Cyber-Crime Threats; Sees Risk to Power SupplyChinese APT10 Hackers Use Zerologon Exploits Against Japanese OrgsKrebs: Trump Fires Security Chief Christopher KrebsStarting Next Year, Chrome Extensions Will Show What Data They Collect From UsersThe Ones Who Brought You Let’s Encrypt, Bring You: Tools for Gathering Anonymized App Usage Metrics From NetizensLos Angeles Police Department Bars Use of Third-Party Facial Recognition Systems, Launches ReviewApple to Pay $113m to Resolve Fight Over BatteriesCryptocurrency Exchange Liquid Confirms HackFlower Firm New Zealand Bloom Victim of Recent Targeted Ransomware MalwareKeene (NH) Officials Urge Vigilance After Data BreachRansomware Attack Shuts Jackson County (OR) WebsiteEgregor Ransomware Shoots Ransom Notes Out of Victims’ PrintersCisco Webex ‘Ghost’ Flaw Opens Meetings to SnoopingGoogle Brings New Adaptive Protection Technology to Its Cloud Armor Network Security Service
11/17/2020 November 18, 2020November 18, 2020 ~ The Cyber Beat ~ Leave a comment Top Cybersecurity Official Christopher Krebs Ousted by TrumpMark Zuckerberg and Jack Dorsey Face Senate Grilling Over Moderation Practices…‘You’re the Ultimate Editor,’ Twitter’s Jack Dorsey and Facebook’s Mark Zuckerberg Accused of Censoring ConservativesApple Lets Some Big Sur Network Traffic Bypass FirewallsChinese APT Hackers Target Southeast Asian Government InstitutionsVerizon Releases First Cyber-Espionage ReportEU Restrictions Could Force Companies to Change Data Transfer PracticesKrebs: Be Very Sparing in Allowing Site NotificationsStop Saying You Don’t Need to Worry About Privacy and Cybersecurity Because You Don’t Have Anything to HideVulnerability Prioritization Tops Security Pros’ ChallengesMajority of APAC Firms Pay up in Ransomware AttacksUK Firms Least Likely to Pay Ransom GloballyNew Acquisition Provides Security From Hackers’ View, Palo Alto Networks CEO SaysEquifax $30.5 Million Data Breach Settlement Gets Final ApprovalOver 80,000 ID Cards and Fingerprint Scans Exposed in TronicsXchange AWS Cloud LeakMercy Iowa City Reports Data Breach, Over 60,000 Iowans AffectedRansomware Attack Forces Web Hosting Provider managed.com to Take Servers OfflineCity of Saint John, New Brunswick Hit by CyberattackPort of Kennewick (WA) Victim of Cyber AttackMontreal’s West End Health Agency Just Beginning to Come Back Online, Weeks After Cyber-AttackCoil Payments Platform Leaks User Emails in ‘Privacy Policy’ UpdateOffice 365 Phishing Campaign Detects Sandboxes to Evade DetectionHackers Are Actively Probing Millions of WordPress SitesCisco Patches Critical Flaw After PoC Exploit Code ReleaseChrome 87 Released With Performance Boost and Security FixesFirefox 83 Boosts Security With HTTPS-Only Mode, Zero-Day FixMicrosoft Brings Trusted Platform Module Functionality Directly to CPUs Under Securo-Silicon Architecture Pluton
11/16/2020 November 17, 2020November 17, 2020 ~ The Cyber Beat ~ Leave a comment Huawei Threat ‘No. 1 Concern’ Moving Forward, Trump National Security Adviser SaysTwitter Hires Famous Hacker Peiter Zatko ‘Mudge’ to Head Security OperationsExposed Database Reveals 100K+ Compromised Facebook AccountsZoom Rolls Out Security Enhancements to Stop Zoombombing TrollsMicrosoft President Calls for Global Crackdown on CyberattacksCybercrime Moves to the Cloud to Accelerate Attacks Amid Data GlutCybersecurity Is Top Business Worry in ‘Age of Risk’: Marsh & McLennan CEOCrypto Firm Offers $200,000 Bug Bounty to Hacker Who Stole $2mMeet the Hackers Who Earn Millions for Saving the Web: Bug BountiesDating Site Bumble Leaves Swipes Unsecured for 100M UsersCold Storage Giant Americold Services Impacted by CyberattackTrojanized Security Software Hits South Korea Users in Supply-Chain AttackCapcom Confirms Data Breach After Gamers’ Data Stolen in CyberattackDozens of Ransomware Gangs Partner With Hackers to Extort VictimsAttackers Target Porn Site Goers in ‘Malsmoke’ Zloader AttackCitrix SD-WAN Bugs Allow Remote Code ExecutionVulnerability in Firefox for Android Allowed Attackers to Steal Cookies, Local Files
11/13-15/2020 November 16, 2020November 16, 2020 ~ The Cyber Beat ~ Leave a comment No Voting System Deleted or Lost Votes in U.S. Election: Security GroupsCoronavirus: North Korea and Russia Hackers ‘Targeting Vaccine’DarkSide Ransomware’s Iranian Hosting Raises U.S. Sanction ConcernsTrump Administration Grants 15-Day Extension on TikTok Divesture DeadlineApple iOS Safari Feature Can Be Used to Share “Fake News” HeadlinesScams Ramp Up Ahead of Black Friday Cybercriminal CrazeIRS Announces Move to Protect Businesses From Identity TheftSchools Struggling to Stay Open Get Hit by Ransomware AttacksICE Operation Arrests 113 Child PredatorsAmazon Sues Instagram, TikTok Influencers Over Knockoff ScamTicketmaster Fined £1.25m Over Data BreachVertafore Data Breach Hits 28 Million Texan DriversHacker Shares 3.2 Million Pluto TV Accounts for Free on ForumHacker Steals $2 Million From Cryptocurrency Service AkropolisDelaware Division of Public Health Announces Data Breach IncidentBiotech Research Firm Miltenyi Biotec Hit by Ransomware, Data LeakedRetail Giant Cencosud Hit by Egregor Ransomware Attack, Stores ImpactedIndia’s Biggest Online Grocer Bigbasket Alerted to Breach, Sale of 20m Users’ DataSaint John (NB) Suffers ‘Significant Cyber Attack’District 211 (Chicago) Investigating Possible HackNew TroubleGrabber Discord Malware Steals Passwords, System Info
11/12/2020 November 13, 2020November 13, 2020 ~ The Cyber Beat ~ Leave a comment Top Official on U.S. Election Cybersecurity Christopher Krebs Tells Associates He Expects to Be FiredSenior DHS Cybersecurity Official Bryan Ware to Step DownCoalition of Election Officials, Stakeholders Says There Is ‘No Evidence’ Votes Were CompromisedTwitter Says It Labeled 300,000 Posts Around the ElectionWashington State Could Be the 2021 Battleground for Internet PrivacyICO Demands Urgent Data Protection Changes from UK PartiesSwiss Spies Knew About Crypto AG Compromise – and Kept It From Gov’t Overseers for Nearly 30 YearsMost Americans Reuse Passwords for Work DevicesNew Tool Lets Attackers Easily Create Reply-Chain Phishing EmailsRansomware Did Not Kill a German Hospital Patient… but It’s Still a Matter of TimeGwinnett County (GA) Judge Re-Indicted in Computer Hacking CasePopular Stock Photo Service 123RF Hit by Data Breach, 8.3M Records for SaleThe North Face Resets Passwords After Credential Stuffing AttackData Breach Index Site Leaks Over 23,000 Hacked Databases Exposing Over 13 Billion User RecordsSt. Albert Optometry Centre (AB) Involved in Data BreachAPT ‘Hackers For Hire’ “CostaRicto” Target Financial, Entertainment FBI Investigating Racist, Anti-Gay Hack of Black Student Union’s Zoom Meeting at GonzagaDNS Cache Poisoning Attacks Return Due to Linux WeaknessModPipe Cyberattackers Serve Up Custom Backdoor for Oracle Restaurant Point-of-Sale SoftwareGoogle Fixes More Chrome Zero-Days Exploited in the WildBugs in Critical Infrastructure Gear n Schneider Electric Programmable Logic Controllers Allow Sophisticated Cyberattacks
11/11/2020 November 12, 2020November 12, 2020 ~ The Cyber Beat ~ Leave a comment Pressure Grows to Reinstall White House Cyber CzarFacebook, Google to Extend Political Advertising Bans‘Don’t Weaponise the Net’ Warns Former UK NCSC Cyber-Chief Ciaran MartinMicrosoft Warns Against SMS, Voice Calls for Multi-Factor AuthenticationPhilippines COVID-19 Data-Sharing App Leaked Healthcare Worker InfoRecent Ransomware Wave Targeting Israel Linked to Iranian Threat ActorsWaves of Attacks on U.S. Hospitals Show a Change in Tactics for CybercriminalsVatican Brings in Bots to Protect World’s Oldest BibleThis Risk Threatens Retirees’ Nest Eggs: Here’s How Advisors Are Protecting ThemEurope Tries to Boost Its Cybersecurity IndustryCybersecurity Skills Shortage Falls for First TimeAnimal Jam Kids’ Virtual World Hit by Data Breach, Impacts 46M AccountsConway Regional Medical Center (AR) Email Hack Exposes Info of 2,945 PatientsNewcastle Grammar School Targeted in Cyber AttackMinecraft Apps on Google Play Fleece Players Out of Big MoneyOver 2800 e-Shops Running Outdated Magento Software Hit by Credit Card HackersChinese-Linked Muhstik Botnet Targets Oracle WebLogic, DrupalCriminal Gangs Using Fake Microsoft Teams Updates to Infect Networks With Cobalt StrikeAlleged Source Code of Cobalt Strike Toolkit Shared OnlineNvidia Warns Windows Gamers of GeForce NOW FlawSilver Peak SD-WAN Bugs Allow for Network TakeoverKrebs: Patch Tuesday, November 2020 Edition
11/10/2020 November 11, 2020November 11, 2020 ~ The Cyber Beat ~ Leave a comment Biden’s Hard Stand on Foreign Election Interference Signals Funding FightSecurity Researchers Warn of Uptick in Election SpamScammers Impersonating the IRS Threaten Victims With Legal ActionKrebs: Ransomware Group Turns to Facebook AdsApple to Deliver ‘Privacy Labels’ for Apps, Revealing Data-Sharing DetailsEU Levels New Antitrust Charges Against AmazonEx-Microsoft Engineer Gets Nine Years for $10m Digital TheftMicrosoft Patch Tuesday Update Fixes 17 Critical BugsColossal Intel Update Anchored by Critical Privilege-Escalation BugsWindows 10 Intel Microcode Released to Fix New CPU Security BugsScalper-Bots Shake Down Desperate PS5, Xbox Series X ShoppersCadbury Social Media Scammers Take Chocoholics for a RideGhimob Android Banking Trojan Targets 153 Mobile Apps5.8 Million RedDoorz User Records for Sale on Hacking ForumHacker Sells Access to Pakistani Airlines’ NetworkNew Platypus Attack Can Steal Data From Intel CPUsUbuntu’s Gnome Desktop Could Be Tricked Into Giving Root AccessEA Games’ Origin Client Contained Privilege Escalation VulnerabilityAdobe Releases Security Update for Adobe Reader for Android
11/9/2020 November 10, 2020 ~ The Cyber Beat ~ Leave a comment Zoom Lied to Users About End-to-End Encryption for Years, FTC Says…To Implement Heightened Security Program in SettlementWhatsApp Wants to Host Your Intimate Chats: They’ll Be Deleted in a WeekFirst Passengers Travel in Virgin’s Levitating Hyperloop Pod SystemUber, Lyft Eager to Take California Labor Win NationwideCyberattack on UVM Health Network Impedes Chemotherapy AppointmentsPreventing and Mitigating DDoS Attacks: It’s ElementaryDeepfake Phishing: Is That Actually Your Boss Calling?Man Admits to Being Part of Anonymous Cyber-Attacks Related to Dakota Access PipelineParalegal Admits Role in Outing Iowa WitnessesKrebs: Body Found in Canada Identified as Neo-Nazi Spam KingOlder Android Phones Will Start Failing on Some Secure Websites in 2021Hacked In 300 Seconds: iOS 14, Samsung Galaxy S20, Windows 10Millions of Hotel Guests Worldwide Caught Up in Mass Data LeakMashable Customer Data Leaked OnlineLong-Term Care Patient Info Mistakenly Released by Lake County Health Dept (IL)Laptop Manufacturer Compal Hit by DoppelPaymer RansomwareRansomware Hits E-Commerce Platform X-CartKlamath Falls Hospital (OR) Still Struggling Through Ransomware AttackOnline Classes Resume After Cyber Attack at Saskatoon CollegeMalicious NPM Project Steals Discord Accounts, Browser InfoMicrosoft Exchange Attack Exposes New xHunt BackdoorsFake Microsoft Teams Updates Lead to Cobalt Strike DeploymentUltimate Member Plugin for WordPress Allows Site TakeoverNew Slipstream NAT Bypass Attacks to Be Blocked by BrowsersGoogle Chrome to Block Javascript Redirects on Web Page URL Clicks
11/6-8/2020 November 9, 2020November 9, 2020 ~ The Cyber Beat ~ Leave a comment Unmarked Texts Linked to GOP Firm Urged Vote Protests in PennsylvaniaFacebook Removed Iranian Network of Fake Accounts Targeting Protests in IsraelTwitter Removes Fake AP Account That Called Election Early for Biden…Suspends BannonTrump Lawsuit Site to Report Rejected Votes Leaked Voter DataAlibaba Cloud Growth Outpaces Amazon and Microsoft as Chinese Tech Giant Pushes for ProfitabilityBritain’s GCHQ to Wage Cyber War on Anti-Vaccine PropagandaKids Are Secretly Spending Thousands of Their Parents’ Money Betting on Special Video Game Wagering SitesHow Ryuk Ransomware Operators Made $34 Million From One VictimBrazil Seizes Sites Pirating U.S. TV ShowsU.S. Seizes $24m in Crypto-Fraud CrackdownEuropean Consumer Groups Begin Suing Over Data BreachesBigBasket Faces Potential Data Breach; Details of 2 Crore Users Put on Sale on Dark WebIndian Drug Maker Lupin Suffers Cyber AttackLuxottica Data Breach Exposes LensCrafters, EyeMed Patient InfoCapcom Ransomware Attackers Demanding $11 MillionGitpaste-12 Worm Targets Linux Servers, IoT DevicesNew Pay2Key Ransomware Encrypts Networks Within One HourRansomExx Ransomware Also Encrypts Linux SystemsWordPress Sites Open to Code Injection Attacks via Welcart e-Commerce BugApple Patches Bugs Tied to Previously Identified Zero-DaysYahoo Mail Discontinues Automatic Email Forwarding for Free UsersOffice 365 Will Let Admins Review Microsoft Forms Phishing Attempts
11/5/2020 November 6, 2020November 6, 2020 ~ The Cyber Beat ~ Leave a comment Officials on Alert for Potential Cyber Threats After a Quiet Election Day…Warn Delayed Vote Count Could Lead to Flood of DisinformationMalspam Campaign Milks Election UncertaintyGeorgia Democrats Sue Governor Kemp Over Unfounded 2018 Hacking ClaimsHuawei Challenges FCC Security Risk Label at Fifth CircuitNorth Korean Hackers Used ‘Torisma’ Spyware in Job Offers-based AttacksGEO Group, Company That Runs U.S. Illegal Immigration Detention Centers. Discloses Ransomware AttackU.S. Seizes More IRGC DomainsU.S. Gov’t Behind $1 Billion Bitcoin Transfer of Silk Road FundsRansom Payment No Guarantee Against DoxxingZoom Snooping: How Body Language Can Spill Your PasswordCampari Hit by Ragnar Locker Ransomware, $15 Million DemandedCyber Attack Targets Norwich-Based Flagship GroupBrazil’s Court System Under Massive RansomExx Ransomware AttackIndonesian Fintech Cermati Suffers Data Breach, Legislators Rush to Regulate IndustryPremium-Rate Phone Fraudsters Hack VoIP Servers of 1200 CompaniesDeloitte Hacker IQ Game Forced Offline After HackGitHub Denies Getting HackedCritical Bug Actively Used to Deploy Cobalt Strike on Oracle ServersCisco Zero-Day in AnyConnect Secure Mobility Client Remains UnpatchedApple Patches Three Actively Exploited iOS Zero-Days
11/4/2020 November 5, 2020November 5, 2020 ~ The Cyber Beat ~ Leave a comment DHS Says No Evidence Foreign Power Could Have Tampered With U.S. Vote…But Cybersecurity Officials Are Still Bracing for Attacks…QBot Phishing Lures Victims Using U.S. Election Interference EmailsBitcoin: $1bn Address With Silk Road Links ‘Being Transferred’Ransomware Gangs Don’t Always Delete Stolen Data When PaidKrebs: Why Paying to Delete Stolen Data is BonkersAmericans Confident in IoT Device SecurityCalifornia Voters Support New Internet Privacy Rules, Strengthening State LawPolice to Livestream Ring Camera Footage of Mississippi ResidentsRussian Authorities Make Rare Arrest of Malware AuthorJapanese Game Dev Capcom Hit by Cyberattack, Business ImpactedJapanese Nuclear Regulator Suffers Cyber AttackLegion Has Been Hacked, Source Code Leaked OnlineAlamance Skin Center (NC) Reports Cyber Attack BreachMysterious APT Leaves Curious ‘KilllSomeOne’ ClueSneaky Office 365 Phishing Inverts Images to Evade DetectionGoogle Forms Abused to Phish AT&T CredentialsApple Search Bot Leaked Internal IPs via Proxy ConfigurationVMware Issues Updated Fix For Critical ESXi Flaw
11/3/2020 November 4, 2020November 4, 2020 ~ The Cyber Beat ~ Leave a comment Cybersecurity Specialist Robert Herjavec Says He’s Confident U.S. Can Safeguard Voting From Hackers…Voting Security Has Come a Long Way Since 2016 — but Vulnerabilities Remain…Officials Express Confidence in Voting Security Amid Early Technical GlitchesFBI Investigating Robocalls Urging People to ‘Stay Home’ on Election DayOfficials on Watch for Disinformation If 2020 Election Results Are DelayedNew Kimsuky Module Makes North Korean Spyware More PowerfulOne in Three Attacks Are Coronavirus-RelatedWarning After 75,000 ‘Deleted’ Files Found on Used USB DrivesKrebs: Two Charged in SIM Swapping, Vishing ScamsBlackbaud Sued in 23 Class Action Lawsuits After Ransomware AttackLeading Toy Maker Mattel Hit by RansomwareFolksam Data Breach Leaks Info of 1M Swedes to Google, Facebook, MoreConfiguration Snafu Exposes Passwords for Two Million Marijuana GrowersNew RegretLocker Ransomware Targets Windows Virtual MachinesThese Software Bugs Are Years Old, but Businesses Still Aren’t Patching ThemAdobe Warns Windows, MacOS Users of Critical Acrobat and Reader FlawsSaltStack Reveals New Critical Vulnerabilities, Patch NowOracle Solaris Zero-Day Attack Revealed
11/2/2020 November 3, 2020November 3, 2020 ~ The Cyber Beat ~ Leave a comment Trump Administration to ‘Vigorously Defend’ TikTok Order After New Legal Setback…Teens Turn to TikTok to Boost Biden…Twitter Unlocks New York Post Account After Two-Week Standoff Over Hunter Biden LaptopUK Cyber-Threat Agency Confronts COVID-19 AttacksCyber-Criminals Target Naked Zoom UsersTruata and Mastercard Launch Privacy-Enhanced Portal for Financial InstitutionsCybersecurity Threats to Corporate America Are Present Now ‘More Than Ever,’ SEC Chair SaysSurvey: Cybersecurity Skills Shortage is ‘Bad,’ But There’s HopeA ‘Virtual’ Normal Has Reshaped Our Lives — but Does It Having Staying Power?Singapore Updates Data Protection Law to Exclude User Consent for ‘Legitimate’ Business Purposes$100M Botnet Scheme Lands Cybercriminal 8 Years in JailScammers Abuse Google Drive to Send Malicious LinksHacker Group Uses Solaris Zero-Day to Breach Corporate NetworksMalicious npm Package Opens Backdoors on Programmers’ ComputersGitHub Breaks Site Layout After Forgetting to Renew CertificateConnecticut Department of Social Services Clients’ Data ExposedCivmix Website (TX) Is Back Online After Cyber AttackMaze Ransomware Shuts Down Operations, Denies Creating CartelWordPress Pushes Out Multiple Flawed Security UpdatesGoogle Patches One More Actively Exploited Chrome Zero-DayOracle Issues Emergency Patch for Critical WebLogic Server Flaw
10/30-11/1/2020 November 2, 2020November 2, 2020 ~ The Cyber Beat ~ Leave a comment Russian, Iranian and Other Hackers Target 2020 U.S. Election…Crippling Cyberattacks, Disinformation Top Concerns for Election Day…Russian Hackers Targeted California, Indiana Democratic Parties…U.S. Says Iranian Hackers Behind Threatening Emails Accessed Voter Data…Most Important 2020 Election Misinformation Threat Is Not Coming From Overseas: Facebook Former Security Chief Alex Stamos…Biden Campaign Slams Facebook After Thousands of Ads Blocked by Platform’s Pre-election Blackout…Trump and Biden Official Election Apps Vulnerable to HackersFacing Surge in Virus, European Countries Try to Fix Their Covid AppsChrome Will Soon Have Its Own Dedicated Certificate Root StoreIs Cybersecurity Awareness Month Worth It?What Are The Fastest Growing Cybersecurity Skills In 2021?Marriott Fined £0.05 for Each of the 339 Million Hotel Guests Whose Data Was StolenGold Seller JM Bullion Hacked to Steal Customers’ Credit CardsOver 1M Lazada Redmart Accounts Sold Online After Data BreachSonoma Valley Hospital (CA) Hit With Cyber AttackChatham County (NC) Systems ‘Inoperable’ After CyberattackTioga Downs Casino Resort Warns of Social Media HackMontreal Metro Hacker Demands $2.8m RansomHacker Is Selling 34 Million User Records Stolen From 17 CompaniesWroba Mobile Banking Trojan Spreads to the U.S. via TextsFirestarter Android Malware Abuses Google Firebase Cloud MessagingBrowser Bugs Exploited to Install 2 New Backdoors–dneSpy & agfSpy–on Targeted ComputersWindows Kernel Zero-Day Vulnerability Used in Targeted AttacksWordPress Patches 3-Year-Old High-Severity RCE Bug